[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] branch master updated (a94d1993d -> 20f7f9014)
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] branch master updated (a94d1993d -> 20f7f9014) |
|
Date: |
Tue, 22 Aug 2017 18:09:56 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a change to branch master
in repository gnurl.
from a94d1993d * Patches to rename libcurl to libgnurl by Christian *
Updated for latest curl using git cherry-pick by Jeff, Florian, ng0 * Patches
to fix the testsuite (deleted tests/data/test1139, renamed reference from
libcurl.* to libgnurl.*) by ng0
new fcc70f24b RELEASE-NOTES: reset and go toward 7.51.0 (again)
new 970fcd8ed openssl: fix per-thread memory leak usiong 1.0.1 or 1.0.2
new 28a4861d7 http: accept "Transfer-Encoding: chunked" for HTTP/2 as well
new d4eefde1f http2: debug ouput sent HTTP/2 request headers
new 5060e6df9 KNOWN_BUGS: chunked-encoded requests with HTTP/2 is fixed
new 67960dc2c LICENSE-MIXING.md: update with mbedTLS dual licensing
new efb39995d examples/imap-append: Set size of data to be uploaded
new 661d065c8 test2048: fix url
new 25a276cf7 configure: change "iOS/Mac OS X native" to "Apple OS native"
new 62470f110 darwinssl: disable RC4 cipher-suite support
new d00b18d31 CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting
new f0f4ed2a7 TODO: Support SSLKEYLOGFILE
new 09e218100 openssl: don’t call CRYTPO_cleanup_all_ex_data
new bdeeb51ae openssl: don't call ERR_remote_thread_state on >= 1.1.0
new 1c812d202 TODO: Add PINNEDPUBLICKEY - HPKP compatibility, HSTS & HPKP
new e361cb76f libressl: fix version output
new 6965ed798 darwinssl: Fix typo in comment
new dc4953c8f RELEASE-NOTES: synced with 79607eec51055
new bbf1d9fa6 easy: Reset all statistical session info in curl_easy_reset
new be738a4e3 MAIL-ETIQUETTE: language
new 7bf12fe68 curl_global_cleanup.3: don't unload the lib with sub threads
running
new 217bc02a0 dist: add CurlSymbolHiding.cmake to the tarball
new c66062ea6 docs: Remove that --proto is just used for initial retrieval
new 51f2b4a56 nss: fix typo in ecdhe_rsa_null cipher suite string
new 8bd1dd77b nss: add cipher suites using SHA384 if supported by NSS
new 303315898 nss: add chacha20-poly1305 cipher suites if supported by NSS
new 10da18b2c New libcurl option to keep sending on error
new f19d88d6f SECURITY: remove the top ascii logo
new 47db0f3da configure: Fixed builds with libssh2 in a custom location
new 91e11bdb0 KNOWN_BUGS: 5.8 configure finding libs in wrong directory
new de6ef1f0c curl.1: --trace supports % for sending to stderr!
new 6e48d7965 CONTRIBUTE.md: Fix typo in 'About pull requests' section.
(#1045)
new eec5d01b3 KNOWN_BUGS: Fix typos in section 5.8.
new b5ff16873 FAQ: Fix typos in section 5.14 (#1047)
new a0304fbb0 cookies: same domain handling changed to match browser
behavior
new 91840e53f formpost: trying to attach a directory no longer crashes
new c0bde975b TODO: Add easy argument to formpost functions
new 35e1152d8 memdup: use 'void *' as return and source type
new 90e4cfadb CURLOPT_KEEP_SENDING_ON_ERROR.3: mention when it is added
new 0e2c64104 RELEASE-NOTES: synced with 8fd2a754f0de
new db0d112d4 TODO: TCP Fast Open for windows
new 6e41e4467 CURLOPT_DEBUGFUNCTION.3: unused argument warning (#1056)
new d3e6e41ac TODO: Leave secure cookies alone
new fbe274f37 TODO: Introduce --fail-fast to exit on first transfer fail
new 73b553043 tests: Fix a small typo in the tests README (#1060)
new 7dca17196 TODO: Support better than MD5 hostkey hash (for ssh)
new 0e7102b7b TODO: build: Enable PIE and RELRO by default
new b1bf48f88 formpost: avoid silent snprintf() truncation
new 3c2aa766c ftp: fix Curl_ftpsendf()
new 00d37b128 mprintf: return error on too many arguments
new d9ef12c99 test557: verify printf() with 128 and 129 arguments
new 449acfba3 smb: properly check incoming packet boundaries
new 7dad11da1 RELEASE-NOTES: synced with 82720490628cb53a
new 9cff4bec5 RELEASE-NOTES: spellfix
new 6a41bab05 GIT-INFO: remove the Mac 10.1-specific details
new 6867ceab8 resolve: add error message when resolving using SIGALRM
new 319d53811 cmake: add nghttp2 support
new c32a6d727 dist: remove PDF and HTML converted docs from the releases
new adf64a4f6 configure: detect the broken poll() in macOS 10.12
new b6a4eec3d dist: add missing cmake modules to the tarball
new 26f3f6021 vtls: only re-use session-ids using the same scheme
new df5187c77 url: skip to-be-closed connections when pipelining
new 0dbcc46dd KNOWN_BUGS: minor formatting edit
new 5986e0caf win: fix Universal Windows Platform build
new 7b7377018 KNOWN_BUGS: two more existing problems
new b55265e8a curl: do not set CURLOPT_SSLENGINEDEFAULT automatically
new ceaceefed RELEASE-NOTES: synced with a1a5cd04877fd6fd
new b26812db8 HTTP2: mention the tool's limited support
new c0e1c2dde url: skip to-be-closed connections when pipelining
(follow-up)
new 17a7d4bb2 maketgz: make it support "only" generating version info
new 41836b216 Curl_socket_check: add extra check to avoid integer overflow
new 589483ead select: use more proper macro-looking names
new 38a25a8df select: switch to macros in uppercase
new 57d2710e0 gopher: properly return error for poll failures
new f3a6c9017 curl: set INTERLEAVEDATA too
new 7a47963d2 Curl_polarsslthreadlock_thread_setup: clear array at init
new 4c8c591f4 polarssl: fix unaligned SSL session-id lock
new f6d6d6be9 polarssl: reduce #ifdef madness with a macro
new 62bb8f707 polarssl: indented code, removed unused variables
new c2df73da9 s/cURL/curl
new 65c771c7a test14xx: fixed --libcurl output tests again after
8e8afa82cbb
new 3267cbd99 RELEASE-NOTES: synced with f36f8c14551efc6772
new 4592406c7 configure/CURL_CHECK_FUNC_POLL: disable poll completely on
mac
new b57c707b7 curl_multi_add_handle: set timeouts in closure handles
new 44a2cc40b configure: set min version flags for builds on mac
new a07578d3d configure: Check for other variants of the
-m*os*-version-min flags
new 80fa70c2b INSTALL: converted to markdown => INSTALL.md
new 5d85112ab testcurl.1: update URLs
new 7cccfe823 testcurl.1: fix the URL to the autobuild summary
new f94da0cac curl_multi_remove_handle: fix a double-free
new 37d458c38 multi: force connections to get closed in
close_all_connections
new f5f4fed3e INSTALL.md: Updated minimum file sizes for 7.50.3
new ac404a80d RELEASE-NOTES: synced with 50ee3aaf1a9b22d
new be1b8ff58 mk-ca-bundle: Change URL retrieval to HTTPS-only by default
new db87fe1c0 mk-ca-bundle.1: document -k
new 0752757af TODO: add "--retry should resume"
new 697cefe0c TODO: Remove the generated include file
new fd93899bd TODO: indent code to make it render properly
new 3fbe306da mk-ca-bundle: Update the vbscript version
new 92f08a1a4 nss: fix tight loop in non-blocking TLS handhsake over proxy
new 46d024812 mbedtls: stop using deprecated include file
new 25fdc9d35 docs: fix req->data in multi-uv example
new 809b12e8a SECURITY: minor updates
new e3e455d2a configure.in: Fix test syntax
new 9083bff31 KNOWN_BUGS: c-ares deviates from stock resolver on
http://1346569778
new 9a5bb3ace KNOWN_BUGS: HTTP/2 server push enabled when no pushes can be
accepted
new e0c7dba29 CURLMOPT_MAX_PIPELINE_LENGTH.3: Clarify it's not for HTTP/2
new 3877dfa51 BINDINGS: converted to markdown
new 72e15b65b mk-ca-bundle.vbs: Fix UTF-8 output
new 65b1601aa INTERNALS: better markdown
new 2b80f38e6 INTERNALS: better markdown (follow-up)
new e4e8354a0 urlparse: accept '#' as end of host name
new dca8989dc test1246: verify URL parsing with host name ending with '#'
new 2ac7651e0 idn: switch to libidn2 use and IDNA2008 support
new 394bc6ce7 TODO: remove IDNA2008
new 34918a1b2 cookies: getlist() now holds deep copies of all cookies
new 60059a638 unescape: avoid integer overflow
new 1f5ed17c4 escape: avoid using curl_easy_unescape() internally
new c29bdd99c parsedate: handle cut off numbers better
new f6def5d30 range: prevent negative end number in a glob range
new 168160d2b glob_next_url: make sure to stay within the given output
buffer
new c0e30bb16 range: reject char globs with missing end like '[L-]'
new 4ec967955 aprintf: detect wrap-around when growing allocation
new a0c06899b krb5: avoid realloc(0)
new 428093e58 base64: check for integer overflow on large input
new 5a0cc9f39 connectionexists: use case sensitive user/password
comparisons
new 24eaaef94 SSH: check md5 fingerprint case sensitively
new aa2ad087d ftp: check for previous patch must be case sensitive!
new 28cf3ea50 strcasecompare: is the new name for strequal()
new 19f257ff0 strcasecompare: all case insensitive string compares ignore
locale now
new 5101c5d4b cookie: replace use of fgets() with custom version
new 5146f5f9a test165: adapted to the libidn2 use and IDNA2008 fix
new 9fe911206 ldap: fix strcase use
new 09917b780 strcase: s/strequal/strcasecompare
new 72e52fd41 curl_strequal: part of public API/ABI, needs to be kept
new e50cc794e url: remove unconditional idn2.h include
new 93bb26a06 ldap: fix include
new 49215483c unit1301: keep testing curl_strequal
new 54063a898 configure: raise the default minimum version for macos to
10.8
new 9eaaea843 RELEASE-NOTES: synced with d14538d2501ef0da
new ea51f808a libauthretry: use the external function curl_strequal
new 09a3c4d87 digest_sspi: fix include
new 6ca874ef9 strcasecompare: replaced remaining rawstr.h with strcase.h
new af351a082 msvc builds: s/rawstr/strcase
new 143e3cb78 strcase: fix the remaining rawstr users
new 4ea61d8da strcasecompare: include curl.h in strcase.c
new 2bdd72026 gskit, nss: do not include strequal.h
new 9cabed73e strcase: make the tool use curl_str[n]equal instead
new 6f36b776d tests/util: get a private strncasecompare clone
new 4fdb9cfa0 curl.1: expand on how multiple uses of -o looks
new 9046f3679 curl.1: typo
new 54b7bfb4d strcase: fixed Metalink builds by redefining checkprefix()
new 0f8974381 file: fix compiler warning
new 8caab2db2 metalink: simplify the hex parsing function
new 5c64c9b00 generate.bat: Remove strcase.[ch] from curl tool VS projects
new 90684aef8 generate.bat: Include include/curl in libcurl VS projects
new eb9fd442e ftp: remove dead code in ftp_done
new 4d1734793 ftp_done: don't clobber the passed in error code
new eb0af5158 RELEASE-NOTES: 7.51.0
new 95944b0e0 THANKS: synced with 7.51.0
new d7e55bff3 msvc: removed a straggling reference to strequal.c
new ee52e307c winbuild: remove strcase.obj from curl build
new 3ef5a9b30 bump: start working on 7.51.1
new e325412a0 docs: remove unused variables in multi-uv example
new 10dc93d30 docs: multi-uv: don't use CURLMsg after cleanup
new 43fe051a5 docs: handle CURL_POLL_INOUT in multi-uv example
new f4feddb8c docs: shorten and simplify the top comment in multi-uv.c
new fd863524e configure: verify that compiler groks
-Werror=partial-availability
new 6e9df7ff0 mbedtls: fix build with mbedtls versions < 2.4.0
new 307f86009 dist: add CMakeLists.txt to the tarball
new 46d06360f curl -w: added more decimal digits to timing counters
new a955db651 easy: Initialize info variables on easy init and duphandle
new 23481ae50 cmake: disable poll for macOS
new a1fecb8a6 curl.1: explain the SMTP data expected for -T
new bd441c51c http2: Don't send header fields prohibited by HTTP/2 spec
new e600543db s/cURL/curl
new 9dcfc9ae2 nss: map CURL_SSLVERSION_DEFAULT to NSS default
new bf86eb8ab vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3
new 0b4656478 curl: introduce the --tlsv1.3 option to force TLS 1.3
new c8983bbb4 ssh: check md5 fingerprints case insensitively (regression)
new c5479a96f openssl: initial TLS 1.3 adaptions
new fbb80c951 nss: silence warning 'SSL_NEXT_PROTO_EARLY_VALUE not handled
in switch'
new cf737baed curl_formadd.3: *_FILECONTENT and *_FILE need the file to be
kept
new 7aba479f3 printf: fix ".*f" handling
new ee720ec25 examples/fileupload.c: fclose the file as well
new fcc66c9bd RELEASE-NOTES: synced with dfcdaaba371e9a3
new d0de0963e bump: next version will be 7.52.0
new 655332628 CODE_STYLE.md: link to INTERNALS.md correctly
new 78e2e2f7c SPNEGO: Fix memory leak when authentication fails
new cdf718d7d vtls: Fail on unrecognized param for CURLOPT_SSLVERSION
new a5e8f7197 openssl: raise the max_version to 1.3 if asked for
new 5eb6a1782 curl: Add --retry-connrefused
new c24469460 realloc: use Curl_saferealloc to avoid common mistakes
new 832fea492 Curl_pgrsUpdate: use dedicated function for time passed
new 2fda87863 openssl: RAND_status always exists in OpenSSL >= 0.9.7
new 97c3d784a openssl: avoid unnecessary seeding if already done
new d5fe76be9 openssl: make sure to fail in the unlikely event that PRNG
seeding fails
new e51d58bdd test558: adapt to 0649433da
new 330e94aa6 URL-parser: for file://[host]/ URLs, the [host] must be
localhost
new 3eabf9902 RELEASE-NOTES: synced with 346340808c
new fba4084ab tests: fixed variable might be clobbered warning
new ffb885997 timeval: prefer time_t to hold seconds instead of long
new be9e6368c time_t fix: follow-up to de4de4e3c7c
new 46c7596ee cmdline-opts: first test version of a new man page generator
kit
new adb574ccc Curl_rand: fixed and moved to rand.c
new 5fdb3f7ec curl: add --fail-early
new 2da9fe06f glob: fix [a-c] globbing regression
new a0f04dfe6 curl: add --fail-early to help output
new 3846745e8 darwinssl: fix SSL client certificate not found on MacOS
Sierra
new 55eb7edd0 cmdline-opts: support generating the --help output
new 46b7a9c66 docs: the next release will be 7.52.0
new 986949139 docs: Spelling fixes
new c3130bc83 curl.1: Clarify --dump-header only writes received headers
new 8a19c990d tool_help: Clarify --dump-header only writes received headers
new e5fba9dee http2: Fix address sanitizer memcpy warning
new 160977a2b cmdline/gen: replace options in texts better
new d9ff2e829 gen: support 'redirect'
new b8fa6ffc6 cmdline-docs: more options converted over
new 8249a41bb gen: support 'single' to make an individual page man page
new 07727a966 gen: support 'protos'
new 6f4c80085 cmdline-docs: more conversion
new 4862c52f1 http2: Use huge HTTP/2 windows
new 84c2e4be4 tests: Fix HTTP2-Settings header for huge window size
new 15b75c3c6 Don't mix unix domain sockets with regular ones
new 8a5d90a3a lib: fix compiler warnings after de4de4e3c7c
new ddf69408d vtls: fix build warnings
new c9806487a rand: Fix potentially uninitialized result warning
new 1303fa8ba rand: pass in number of randoms as an unsigned argument
new b9e4ea3d2 url: Fix conn reuse for local ports and interfaces
new 27f68600a Limit ASN.1 structure sizes to 256K. Prevent some allocation
size overflows. See CRL-01-006.
new d1399cb9e Declare endian read functions argument as a const pointer.
This is done for all functions of the form Curl_read[136][624]_[lb]e.
new 267c659f7 proxy: Support HTTPS proxy and SOCKS+HTTP(s)
new d3125a499 mbedtls: Fix compile errors
new 77266d019 gtls: fix indent to silence compiler warning
new 73f47b341 darwinssl: adopted to the HTTPS proxy changes
new 4ffcadb25 HTTPS-proxy: fixed mbedtls and polishing
new 1476105ee openssl: remove dead code
new 8de43bf3e checksrc: add ASTERISKSPACE
new 269fe6d6a checksrc: code style: use 'char *name' style
new 28821ebc6 checksrc: verify ASTERISKNOSPACE
new f27092ff8 checksrc: white space edits to comply to stricter checksrc
new 4287b9dba checksrc: detect wrongly placed open braces in func
declarations
new d23781df0 checksrc: move open braces to comply with function
declaration style
new a82caf811 curl.1: the new --proxy options ship in 7.52.0
new 48cca90e8 RELEASE-NOTES: synced with 63198a4750aeb
new a9bdcdf64 add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}
new 442cba681 RELEASE-NOTES: update option counters
new 028d42725 x509asn1: Restore the parameter check in Curl_getASN1Element
new dfe849675 test1135: Fix curl_easy_duphandle prototype for code style
new e0ba479ee os400: sync ILE/RPG binding
new 3dfe03728 tool_help: Change description for --retry-connrefused
new cd0b454a4 tool_urlglob: Improve sanity check in glob_range
new 8eb717932 winbuild: add config option ENABLE_NGHTTP2
new 92b2f5ff6 TODO: removed "HTTPS proxy"
new eeb6c6158 url: proxy: Use 443 as default port for https proxies
new 0801d3c3f HTTPS Proxy: Implement CURLOPT_PROXY_PINNEDPUBLICKEY
new eea523d75 docs: include all opts man pages in dist
new 18ddb875e curl_easy_setopt.3: add CURLOPT_PROXY_PINNEDPUBLICKEY
new 8e86b3cd2 CURLOPT_PROXY_CRLFILE.3: clarify https proxy and availability
new 1545ab066 CURLOPT_PROXY_CAINFO.3: clarify proxy use
new 9e57b824f curl_easy_reset: clear info for CULRINFO_PROTOCOL and
CURLINFO_SCHEME
new eab8bbb03 tests: Add some testcases for recent new features.
new c469de85c curl_version_info: add CURL_VERSION_HTTPS_PROXY
new ced292a96 os400: support CURLOPT_PROXY_PINNEDPUBLICKEY
new 89d58d943 CURLOPT_PROXY_*.3: polished some proxy option man pages
new b22b0b208 curl: remove --proxy-ssl* options
new 9710253c3 cmdline-opts: more command line options documented
new c7daa0404 lib1536: checksrc compliance
new 84ebc7aa0 gen: include footer in mainpage output
new 3adf9d19a cmdline-docs: more options converted and fixed
new 01640af95 http2: Fix crashes when parent stream gets aborted
new 2c8bcb1df http2: check nghttp2_session_set_local_window_size exists
new fbd190653 RELEASE-NOTES: synced with 19613fb3
new d89ed667d BUGS: describe bug handling process
new b48f0b6a1 CURLOPT_CONNECT_TO: Skip non-matching "connect-to" entries
properly
new f9d69428d cyassl: fixed typo introduced in 4f8b1774
new 6cb52ab11 runtests: made Servers: output be more consistent by
removing OFF
new 779b7f9d5 URL parser: reject non-numerical port numbers
new dcc06bbce CONNECT: reject TE or CL in 2xx responses
new a05ab1028 CONNECT: read responses one byte at a time
new 1bafc8288 tests: fix CONNECT test cases to be more strict
new dffcb65e0 http_proxy: simplify CONNECT response reading
new 78ddcc46b curl: support zero-length argument strings in config files
new 3ccdab84b test1281: added http as a required feature
new e3e76431a libcurl-multi.3: typo
new e8f9ef5db test2032: Mark test as flaky
new 25ae657d1 openssl: don't use OpenSSL's ERR_PACK.
new 18195d1f1 RELEASE-NOTES: synced with 71a55534fa6
new 30445b214 ISSUE_TEMPLATE: try mentioning known bugs/todo in new issue
template
new b224d5c53 checksrc: stricter no-space-before-paren enforcement
new 1aded807a checksrc: warn for assignments within if() expressions
new f0690be65 curl_multi_socket.3: fix typo
new 3baadd64f CURLOPT_SOCKS_PROXYTYPE: removed
new 8885f7e98 curl: normal socks proxies still use CURLOPT_PROXY
new 0bcdffb03 preproxy: renamed what was added as SOCKS_PROXY
new f19b95f44 cmdline-opts/page-header: mention it is generated
new 770f31911 HTTPS-PROXY docs: update/polish
new ac7bf4b77 CURLINFO_SSL_VERIFYRESULT.3: language
new 94d449c0f cmdline-opts: added some missing info
new 8a194fa33 curl.1: generated with gen.pl
new 14a0b5d6f cmdline-opts: include the man page split up files in the dist
new 7e74a5ffd symbols: removed two, added one
new 1cfe337af curl_easy_setopt.3: CURLOPT_PRE_PROXY instead of
CURLOPT_SOCKS_PROXY
new b951cf994 cmdline-opts/proxy-tlsuser.d: remove trailing .d
new a7d71389b cmdline-opts/gen.pl: trim off trailing spaces
new 320da84e0 manpage-scan.pl: allow deprecated options to get removed
from curl.1
new d0d0c3328 tool_getparam.c: make comments use the up-to-date option
names
new 6ced44f27 curl_easy_setopt.3: removed CURLOPT_SOCKS_PROXYTYPE
new dd2527a73 cmdline-opts: formatting fixes
new 55bbcca44 curl.1: regenerated
new 1c40a13d2 cmdline-opts/post30X.d: fix the RFC references
new 7ac7ac9ac curl.1: generated after 6cce4dbf830
new 425497b05 CIPHERS.md: attempt to document TLS cipher names
new 5f4dc0bfc Curl_getconnectinfo: avoid checking if the connection is
closed
new f4d75fb89 curl_easy_recv: Improve documentation and example program
new d3a2aa1a5 openssl: simplify expression in Curl_ossl_version
new 883d3703b form-string.d: fix format mistake
new 44957e8a6 CIPHERS.md: backtick the names to show underscores fine
new 77287015d RELEASE-NOTES: synced with 4517158abfeba
new 94fd3a97c config-amigaos.h: fix bug report email reference
new fd2eebcb7 config-amigaos.h: (embarrassed) made the line shorter
new 8347a727b printf: fix floating point buffer overflow issues
new 2d6f769d9 schannel: fix wildcard cert name validation on Win CE
new f29c62aec cmdline-opts/tlsv1.d: rephrased
new be7cae8f3 http_proxy: Fix proxy CONNECT hang on pending data
new d88e0446e tests: checksrc compliance
new 0ff6b6c73 Curl_recv_has_postponed_data: silence compiler warnings
new cf2c2e6d6 ssh: inhibit coverity warning with (void)
new 120b89e83 RELEASE-NOTES: 7.52.0
new b92aa3f59 THANKS: 13 new contributors from 7.52.0
new aa6ab71d0 lib: fix MSVC compiler warnings
new c03eaa449 bump: toward next release
new 4f5f45ab4 lib557: move the "enable LONGLINE" to allow more long lines
new 3fe3c80da tests/Makefile: run checksrc on debug builds
new 261bb5dbc randit: store the value in the buffer
new e8f7c366e runtests: remove the valgrind parser
new da92eef16 lib557.c: use a shorter MAXIMIZE representation
new d98650910 RELEASE-NOTES: curl 7.52.1
new 5b367578a gnutls-random: check return code for failed random
new 1230f4f27 openssl-random: check return code when asking for random
new ece8d444f http: remove "Curl_http_done: called premature" message
new 51a33c886 bump: toward next release
new 0ae6490eb cyassl: use time_t instead of long for timeout
new e1c6b8ef5 build-wolfssl: Sync config with wolfSSL 3.10
new 4337f4f06 ftp-gss: check for init before use
new 2e99800b1 test1282: verify the ftp-gss check
new a5bed32ad configure: accept --with-libidn2 instead
new 7ddc51322 ftp: failure to resolve proxy should return that error code
new 5d51142ca formdata: use NULL, not 0, when returning pointers
new 0a0276d61 cmdline-opts/page-footer: add three more exit codes
new 5c7d449ba docs/ciphers: link to our own new page about ciphers
new e6f598706 vtls: s/SSLEAY/OPENSSL
new 2bf5e905b RELEASE-NOTES: synced with a7b38c9dc98481e
new 6fec4298d curl: remove superfluous include file
new 2f46f2ff8 darwinssl: fix iOS build
new 40da3c9c9 darwinssl: fix CFArrayRef leak
new a1c186cb0 cmake: use crypt32.lib when building with OpenSSL on windows
new 824f58ba9 curl_formadd.3: CURLFORM_CONTENTSLENGTH not needed when
chunked
new b7706f2d2 digest_sspi: copy terminating NUL as well
new 52b474a14 tool_operate: Fix --remote-time incorrect times on Windows
new be23e1a84 page-footer: error 36 is protocol agnostic!
new 498c9c61e content_encoding: change return code on a failure
new fbfb951ac curl.h: CURLE_FUNCTION_NOT_FOUND is no longer in use
new 3508e0ac4 docs/libcurl: TCP_KEEPALIVE start and interval default to 60
new ab61620b8 darwinssl: --insecure overrides --cacert if both settings
are in use
new 75aca9df1 TheArtOfHttpScripting: grammar
new e1fd753aa CIPHERS.md: document GSKit ciphers
new 91a8576ca wolfssl: support setting cipher list
new 813e16cc2 wolfssl: display negotiated SSL version and cipher
new 7eac0f082 docs/page-header: mention how to disable the progress meter
new b35605197 docs/silent: mention --show-error in --silent description
new 5acc9a596 COPYING: update the generic copyright year range
new 5ae072396 ROADMAP: 2017 cleanup
new 3fa390d22 lib506: fix build for Open Watcom
new 923f5d2d3 asiohiper: improved socket handling
new 6444d7e28 examples: make the C++ examples follow our code style too
new ea00f5e08 RELEASE-NOTES: synced with a41e8592d6b3e58
new db35ae132 sws: retry send() on EWOULDBLOCK
new a0de187ca cmake: Fix passing _WINSOCKAPI_ macro to compiler
new 682e27247 http2_send: avoid unsigned integer wrap around
new 97695fadb smtp: Fix STARTTLS denied error message
new bb4507e41 STARTTLS: Don't print response character in denied messages
new b25f1083a rand: make it work without TLS backing
new 5039b5281 url: Fix parsing for when 'file' is the default protocol
new ecfe626d2 gnutls: check for alpn and ocsp in configure
new 3a0331a2e docs: FAQ MAIL-ETIQUETTE language fixes
new 6f2d88326 IDN: Use TR46 'transitional' for toASCII translations
new f8b0ffa89 url: Fix NO_PROXY env var to work properly with --proxy
option.
new e1dcaecf9 url: Refactor detect_proxy()
new 2c0564075 url: --noproxy option overrides NO_PROXY environment variable
new b4c4a151a IDN: Fix compile time detection of linidn2 TR46
new cbd9e51b4 IDN: revert use of the transitional option
new 5c8dadd7a IDN: Use TR46 non-transitional
new 4a4608725 CURLOPT_PREQUOTE.3: takes a struct curl_slist*, not a char*
new b302acff6 docs: Add note about libcurl copying strings to CURLOPT_*
manpages
new 161aa9c0a curl: reset the easy handle at --next
new 3b48ccf27 next.d: --trace and --trace-ascii are also global
new 4cb01ec7f write-out.d: 'time_total' is not always shown with ms
precision
new 54c0dda4f unix_socket: add support for abstract unix domain socket
new b8dd766d4 RELEASE-NOTES: synced with a7c73ae309c
new cd227531e THANKS-filter: Jiri Malak
new c7b67ff2b addrinfo: fix compiler warning on offsetof() use
new 10e8ba655 TODO: Improve formpost API, not just add an easy argument
new c48fe720d TODO: Chunked transfer multipart formpost
new cda527e89 TODO: implemened "--fail-fast to exit on first transfer fail"
new 7daa83ece TODO: send only part of --data
new 65724e27f http: print correct HTTP string in verbose output when using
HTTP/2
new 318853045 docs: improved language in README.md HISTORY.md CONTRIBUTE.md
new ab06fb031 http2: disable server push if not requested
new 690ae5b5d nss: use the correct lock in nss_find_slot_by_name()
new 2d8a689e3 bump: next release will be 7.53.0
new 350b9fa97 TODO: share OpenSSL contexts
new 85c4227ad openssl: Fix random generation
new ea97ad09e parseurl: move back buffer to function scope
new 9ce574167 usercertinmem.c: improve the short description
new 7f12a6086 CURLOPT_CONNECT_TO: Fix compile warnings
new d4c720564 docs: non-blocking SSL handshake is now supported with NSS
new 1de24cd6b *.rc: escape non-ASCII/non-UTF-8 character for clarity
new 7d47878f5 KNOWN_BUGS: HTTP/2 server push enabled when no pushes can be
accepted
new 9295c268c sws: use SOCKERRNO, not errno
new 6dc2351c2 CURLOPT_BUFFERSIZE: support enlarging receive buffer
new ff60519cf vtls: fix mbedtls multi non blocking handshake.
new e0d41ac2f vtls: fix PolarSSL non-blocking handling
new 2282fa2a0 RELEASE-NOTES: synced with 01ab7c30bba6f
new b5ecb99ff contri*.sh: cut off parentheses from names too
new 4c887c92a vtls: source indentation fix
new fe210f27d docs/curl.1: generate from the cmdline-opts script
new 97566bd0e cmdline-opts/gen.pl: Open input files in CRLF mode
new 966bf50f7 VC: remove the makefile.vc6 build infra
new 36827c186 telnet: fix windows compiler warnings
new 6168ace2c INTERNALS.md: language improvements
new ad2aa1412 TODO: remove "Support TLS v1.3"
new fae66741b cookies: do not assume a valid domain has a dot
new 02e4ac878 polarssl: fix hangs
new 69309d94f gnutls: disable TLS session tickets
new f54aee7dd mbedtls: disable TLS session tickets
new de7e43a52 RELEASE-NOTES; synced with ab08d82648
new 167f03e68 docs: proofread README.netware README.win32
new 7bd8f2650 docs: we no longer ship HTML versions of man pages
new 31a4c3b6e mbedtls: implement CTR-DRBG and HAVEGE random generators
new 0120afd14 openssl: Don't use certificate after transferring ownership
new f3fa2e50c cmake: Support curl --xattr when built with cmake
new b5439f89a OS400: Fix symbols
new 8f1b0b334 docs: Add more HTTPS proxy documentation
new 5f8a346a1 use *.sourceforge.io and misc URL updates
new e78329886 cmdline-opts: Fixed build and test in out of source tree
builds
new b377e33ee CHANGES.0: removed
new 8e86e8ce6 CHANGES: spell fix, use correct path to script
new 1bac9f8a2 schannel: Remove incorrect SNI disabled message
new 268c5cd2e darwinssl: Avoid parsing certificates when not in verbose
mode
new 11a76c457 test552: Fix typos
new 435a4cc7d telnet: Fix typos
new 363d65386 transfer: only retry nobody-requests for HTTP
new 40a3ddc43 http2: reset push header counter fixes crash
new cde2604a6 THANKS-filter: polish some recent contributors
new 2e827ce5d RELEASE-NOTES: synced with 102454459dd688c
new 86db97323 polarssl, mbedtls: Fix detection of pending data
new c8a377d97 http_proxy: Fix tiny memory leak upon edge case connecting
to proxy
new a6253df03 http_proxy: avoid freeing static memory
new 81798d69d examples/multithread.c: link to our multi-thread docs
new 1427f8813 nss: make FTPS work with --proxytunnel
new 448e62d7e CURLOPT_SSL_VERIFYPEER.3: also the https proxy version
new 9feac3c34 cmdline-opts/socks*: Mention --preproxy in --socks* opts
new c89ccaa4d URL: only accept ";options" in SMTP/POP3/IMAP URL schemes
new 7ec684bf5 cmdline-opts/page-footer: ftp.sunet.se is no longer an FTP
mirror
new f163d24d8 tool_operate: Show HTTPS-Proxy options on CURLE_SSL_CACERT
new ed71c6911 http2: fix memory-leak when denying push streams
new 6a3b1da69 configure: Allow disabling pthreads, fall back on Win32
threads
new f34d167f4 smb: code indent
new 4a5cf5955 curl: fix typo in time condition warning message
new 61c28497a RELEASE-NOTES: synced with 690935390c29c
new e0ba4d5e8 axtls: adapt to API changes
new 815851460 tool_urlglob: Allow a glob range with the same start and stop
new fcca9d596 TODO: consider file name from the redirected URL with -O ?
new a5a4fe339 RELEASE-PROCEDURE: update the upcoming release calendar
new 73ac601a7 winbuild: add note on auto-detection of MACHINE in
Makefile.vc
new 130c03fc3 http: fix missing 'Content-Length: 0' while negotiating auth
new ed1cfa96c proxy: fix hostname resolution and IDN conversion
new a27d0dfeb docs: fix timeout handling in multi-uv example
new c97579847 speed caps: update the timeouts if the speed is too low/high
new c6ec19028 tests: removed the obsolete name parameter
new 9fd90630e string formatting: fix 4 printf-style format strings
new 8095192fb examples/multi-uv: checksrc compliance
new cfa389ccf digest_sspi: Fix nonce-count generation in HTTP digest
new 012482fba sftp: improved checks for create dir failures
new 259695897 RELEASE-NOTES: synced with af30f1152d43dcdb
new 1c41088b5 TODO: CURLOPT_RESOLVE for any port number
new 246234e7f smb: use getpid replacement for windows UWP builds
new 5c89ac3a2 digest_sspi: Handle 'stale=TRUE' directive in HTTP digest
new 9cbdd8eae TLS: make SSL_VERIFYSTATUS work again
new 19e4ef9cf cookie: fix declaration of 'dup' shadows a global declaration
new 7eafbedb0 release: 7.53.0
new 5b13817cf cyassl: fix typo
new 6752168a5 url: Improve CURLOPT_PROXY_CAPATH error handling
new 4ac6ba61f urldata: include curl_sspi.h when Windows SSPI is enabled
new 240ae7d2e TODO: brotli is deployed widely now
new 5a714f435 TODO: HTTP Digest using SHA-256
new d543e3251 docs: gitignore curl.1
new 943680dac formdata: check for EOF when reading from stdin
new 94640e050 bump: 7.53.1 coming up
new b2a6ec2b2 tests: Set CHARSET & LANG to UTF-8 in 1035, 2046 and 2047
new cbb0860de THANKS-filter: shachaf
new 5e98d7f94 RELEASE-NOTES: synced with 443e5b03a7d441
new c70af4ba1 TODO: "OPTIONS *"
new 5aeb6b890 rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header
new 076ffa3da url: Default the CA proxy bundle location to CURL_CA_BUNDLE
new 83b0a755a tests: use consistent environment variables for setting
charset
new d287bd1a6 Revert "tests: use consistent environment variables for
setting charset"
new 54a193a14 release: 7.53.1
new 039b5d863 bump: work on the next release
new cd7cea4d6 cmake: Replace invalid UTF-8 byte sequence
new 2754399c3 test557: explicitly use the C locale so the numeric output
is as expected
new 5a0090d04 tests: use consistent environment variables for setting
charset
new 4684bab5f proxy: fixed a memory leak on OOM
new 9500aad0f ftp: removed an erroneous free in an OOM path
new ec868294b docs: de-duplicate file lists in the Makefiles
new 4a6e4b214 ftp: fixed a NULL pointer dereference on OOM
new 2de7acce1 gopher: fixed detection of an error condition from
Curl_urldecode
new 1e58b4038 url: fix unix-socket support for proxy-disabled builds
new aea3e36df test1139: allow for the possibility that the man page is not
rebuilt
new 248bcfba5 cyassl: get library version string at runtime
new 8b9e44084 digest_sspi: fix compilation warning
new 4f5ec111b tests: enable HTTP/2 tests to run with non-default port
numbers
new 476069e64 warnless: suppress compiler warning
new c07563454 darwinssl: Warn that disabling host verify also disables SNI
new 47b5f28a6 configure: fix for --enable-pthreads
new 51b860231 checksrc.bat: Ignore curl_config.h.in, curl_config.h
new 8512b367b no-keepalive.d: fix typo
new 3503dbbbe configure: fix --with-zlib when a path is specified
new 114dfa581 build: fix gcc7 implicit fallthrough warnings
new 9473172b0 url: split off proxy init and parsing from create_conn
new 427489477 tests: fixed a typo in some comments
new 74f4b9df7 fix some typos in the doc (#1306)
new 753d79758 fix potential use of uninitialized variables
new 1552cbe8d CURLOPT_SSL_CTX_FUNCTION.3: Fix EXAMPLE formatting errors
new 3afa8a789 CMake: Reorganize SSL support, separate WinSSL and SSPI
new 80e3238f8 CMake: Add DarwinSSL support
new 36d3df678 CMake: Add mbedTLS support
new aa0c6bffc CMake: Set at most one SSL library
new a08318484 ares: return error at once if timed out before name resolve
starts
new ff9c6d41e BINDINGS: add misssing C++ bindings
new 2eadf2f8d BINDINGS: add go-curl and perl6-net-curl
new cdcffc3be BINDINGS: add Scilab binding
new 3e9988357 BINDINGS: update the Lua-cURL URL
new 4ad1d68b9 URL: return error on malformed URLs with junk after port
number
new 0a89dcf3e test1260: removed errant XML tag
new 729f60884 KNOWN_BUGS: Add DarwinSSL won't import PKCS#12 without a
password
new a315aa5ef ares: better error return on timeouts
new e90d43765 ares: Curl_resolver_wait_resolv: clear *entry first in
function
new 068382592 http2: Fix assertion error on redirect with CL=0
new 593eab4ef updatemanpages.pl: Update man pages to use current date and
versions
new 6b12271fd Makefile.am: Remove distribution man pages when running
'make clean'
new 3e2d11007 gitignore: Ignore man page dist files
new 83ad1d270 maketgz: Run updatemanpages.pl to update man pages
new c838a06a8 test1260: added http as a required feature
new d993ee384 insecure.d: clarify that this is for server connections
new 910829459 MANPAGE: clarify the dash situation in meta data
new f8cba56ce RELEASE-NOTES: synced with 6888a670aa01
new dfd5764f2 vtls: add options to specify range of enabled TLS versions
new 94ffcd40e openssl: unbreak the build after 6448f98c1857de
new 70fa838fd bump: next release will be known as 7.54.0
new 8af5fdc56 polarssl: fixed compile errors introduced in 6448f98c
new 6a2073e95 mkhelp: simplified the gzip code
new a9c1139ad build: fixed making man page in out-of-tree tarball builds
new 781ede6e6 tls-max.d: added to the makefile
new cf16d8137 tests: disabled 1903 now
new d12270dfc openssl: add two /* FALLTHROUGH */ to satisfy coverity
new f4db4c137 ISSUE_TEMPLATE: for bugs, ask questions on the mailing list
new 0387e0394 README.md: add coverity and travis badges
new bcf4656e4 cmdline-opts: fixed a few typos
new cba8645a4 url: don't compile detect_proxy if HTTP support is disabled
new 6e55d8a41 authneg: clear auth.multi flag at http_done
new 16a5e3a57 curl_easy_reset: Also reset the authentication state
new 58276c92c proxy: skip SSL initialization for closed connections
new 7491e219f tests: fix the authretry tests
new 85358cc16 mbedtls: fix typo in variable name
new 7dbf604aa http_proxy: Ignore TE and CL in CONNECT 2xx responses
new baec476f5 url: add option CURLOPT_SUPPRESS_CONNECT_HEADERS
new a721d40ba tool_writeout: fixed a buffer read overrun on --write-out
new f1246668a test1287: added verbose logs keyword
new 9e8e5c20b tests: clear the SSL_CERT_FILE variable on --libcurl tests
new 5376b067d test1440/1: depend on well-defined file: behaviour
new 61b4cf74a make: regenerate docs/curl.1 by runinng make in docs
new 8427ac478 RELEASE-NOTES: synced with c25e0761d0fc49c4
new 1a95371f1 winbuild: add basic support for OpenSSL 1.1.x
new a5d2c8957 Improve code readbility
new 4e6686610 build: removed redundant DEPENDENCIES from makefiles
new c619fb586 KNOWN_BUGS: remove libidn related issue
new 873961d7e BINDINGS: a Delphi binding
new e1230c592 SSLCERTS.md: mention HTTPS proxies and their separate options
new eece04721 CURLINFO_LOCAL_PORT.3: added example
new afe657d1f CURLINFO_LOCAL_PORT.3: fix typo
new 7aac3ab18 tool_operate: Fix showing HTTPS-Proxy options on
CURLE_SSL_CACERT
new 8a083ed0b darwinssl: fix typo in variable name
new 7e4cf0ad2 tests: strip more options from non-HTTP --libcurl tests
new c9990debb test714/5: added HTTP as a required feature
new 693cf302b tests: fixed the documented test server port numbers
new 4e4510e1e runtests.pl: fixed display of the Gopher IPv6 port number
new 282184807 CONTRIBUTE: mention referring to github issues in commit msgs
new 8d12c98bb multi: fix streamclose() crash in debug mode
new 11d336320 RELEASE-NOTES: synced with 6e0f26c8a8c28df
new 824a75381 RELEASE-NOTES: typo
new 57681850e examples: comment typos in http2 examples
new 7a22cc145 docs: split file lists into Makefile.inc
new b66b581f2 cmake: build manual pages (including curl.1)
new 975698b0f cmake: add support for building HTML and PDF docs
new fcfa9c8a8 mbedtls: add support for CURLOPT_SSL_CTX_FUNCTION
new 956ae6696 test2033: flaky
new 9d4fb1c83 make: introduce 'test-nonflaky' target
new 41b7fd857 travis: run tests-nonflaky instead of tests-full
new 1fd92fdf2 CURLINFO_PRIMARY_IP.3: add example
new e1b668867 tests/README: mention nroff for --manual tests
new 733ae37b7 mkhelp: disable compression if the perl gzip module is
unavailable
new 715506b5e openssl: fall back on SSL_ERROR_* string when no error detail
new 04411048d openssl: made the error table static const
new 530f5d79d asiohiper: make sure socket is open in event_cb
new 2e4a8dd5c openssl: fix comparison between signed and unsigned integer
expressions
new 6b83376bb tests/README: make "Run" section foolproof
new 094d382a8 curl: check for end of input in writeout backslash handling
new 73ea3b61b spelling fixes
new c2ff0d93e .gitattributes: turn off CRLF for *.am
new f3811ee9f multi: fix MinGW-w64 compiler warnings
new c23126c91 schannel: fix variable shadowing warning
new 6f5d7aae2 examples/fopen: checksrc compliance
new c6b1ee278 openssl: exclude DSA code when OPENSSL_NO_DSA is defined
new a199be935 http: Fix proxy connection reuse with basic-auth
new 06f718f2b pause: handle mixed types of data when paused
new 88c253671 http: do not treat FTPS over CONNECT as HTTPS
new 0e3f3ab81 conncache: make hashkey avoid malloc
new 21dfcbad1 make: use the variable MAKE for recursive calls
new 480dde5a8 KNOWN_BUGS: typo
new 5313bf5f9 RELEASE-NOTES: synced with 556c51a2df
new 895150476 curl: fix callback argument inconsistency
new 29ab03b19 NTLM: check for features with #ifdef instead of #if
new da579592d docs/Makefile.am: include CMakeLists.txt in the dist tarball
new 3a96e4be7 cmake: add more missing files to the dist
new 3f62cd485 cmake: add cmake file in docs/libcurl/opts/ to dist
new 86d102300 select: use correct SIZEOF_ constant
new f608f3d0f connect: fix unreferenced parameter warning
new 250299277 schannel: fix unused variable warning
new a9c6cbd0f gcc7: fix ‘*’ in boolean context, suggest ‘&&’ instead
[-Wint-in-bool-context]
new 171daf4e6 curl: fix callback functions to match prototype
new e655cff06 http2: silence unused parameter warnings
new a1844fc01 ssh: fix narrowing conversion warning
new c17b90b9c cmake: fix build with cmake 2.8.12.2
new 86bd52d63 dist: add missing files to the tarball
new db99d18b9 docs/index.html: removed, was not shipped anyway
new 72f4a8890 libcurl.def: removed, unused
new b5ea4b317 CTestConfig.cmake: removed, unused
new cdd02388f telnet: (win32) fix read callback return variable
new 7fdff7196 docs: Explain --fail-early does not imply --fail
new fbd96fca9 fail-early.d: fix typos
new 67c877f33 docs: added examples for CURLINFO_FILETIME.3 and
CURLOPT_FILETIME.3
new 5d2c450a8 tests/server/util: remove in6addr_any for recent MinGW
new e382c4f26 multi: make curl_multi_wait avoid malloc in the typical case
new 1941ac3b1 include: curl/system.h is a run-time version of curlbuild.h
new dc85e553b docs: minor typo in write-out.d
new 27c724021 easy: silence compiler warning
new 79f11a8fb llist: replace Curl_llist_alloc with Curl_llist_init
new 36b2c7eed hash: move key into hash struct to reduce mallocs
new 61d61e090 RELEASE-NOTES: synced with 4f2e348f9b42c69c480
new 68c9e5f6a url: don't free postponed data on connection reuse
new b494e0ae1 curl_sasl: declare mechtable static
new e02eafc48 tool: fix Windows Unicode build
new 19ceeb6de multi: fix queueing of pending easy handles
new b5c8b31c1 tests: added test for Curl_splaygetbest to unit1309
new f30f46980 configure: prefer 'long long' to int64_t for curl_off_t
new 8360f7329 tool_operate: move filetime code to its own function
new fbaf76c49 tool_operate: fix MinGW compiler warning
new 5e43f963e Revert "configure: prefer 'long long' to int64_t for
curl_off_t"
new 69c6ad034 test1541: ignore the curl_off_t variable type name comparison
new d18760048 INSTALL.cmake: more problems
new 33ce563ed nss: fix build after e60fe20fdf94e829ba5fce33f7a9d6c281149f7d
new efb3db246 system.h: set sizeof long to 4 on "default 32 bit" systems
new fbe68072f low_speed_limit: improved function for longer time periods
new 3817fd8b3 test1606: verify speedcheck
new e76cca7b5 gtls: fix compiler warning
new e016bbb57 sspi: print out InitializeSecurityContext() error message
new 6ccc86829 schannel: fix compiler warnings
new 0efed92ea system.h: add section for tcc
new 220a58a92 BUGS: "Bugs in old versions"
new a50afbdd3 vtls: fix unreferenced variable warnings
new 0f3a0a822 INSTALL.md: fix secure transport configure arguments
new d1ec14e0e CURLINFO_SCHEME.3: fix variable type
new de8c7f769 .github/stale.yml: enable the stale bot
new c16e48ae1 libcurl-thread.3: also mention threaded-resolver
new ed9e25a2f libcurl-thread.3: fixed a bad macro that caused test 1140 to
fail
new f35106c2a RELEASE-NOTES: synced with f9d1e9a27f7e1
new 56d78715f nss: load CA certificates even with --insecure
new 61c691cf1 openssl: fix this statement may fall through
[-Wimplicit-fallthrough=]
new 51b05a2d4 poll: prefer <poll.h> over <sys/poll.h>
new d3eb7e5e2 polarssl: unbreak build with versions < 1.3.8
new 493ebc4cd system.h: fix mingw section
new 812f8306e Curl_expire_latest: ignore already expired timers
new d92c55402 tests/server/util: prefer <poll.h> over <sys/poll.h>
new 4a0969017 test1541: also test for CURL_PULL_WS2TCPIP_H
new c3033a97f curl-compilers.m4: turn implicit function declarations into
errors
new 21f1d073c mbedtls: fix memory leak in error path
new d7b60cffd http2: fix handle leak in error path
new 6009eb541 RELEASE-NOTES: synced with 1451271e0
new 3f10b9634 unit1303: fix compiler warning
new 57a625203 .gitattributes: force shell scripts to LF
new 692f65afd configure.ac: ignore CR after version numbers
new 125214fba extern-scan.pl: strip trailing CR
new 8aeccf6bb code: fix typos and style in comments
new 4fd456c1c openssl: make SSL_ERROR_to_str more future-proof
new 55c6bf0b0 openssl: fix thread-safety bugs in error-handling
new aab851417 openssl: don't try to print nonexistant peer private keys
new 961e5b7a9 TLS: Fix switching off SSL session id when client cert is
used
new 767a3e477 nss: fix MinGW compiler warnings
new 1c31cf8e8 RELEASE-NOTES: curl 7.54.0
new c74e73d75 THANKS: add contributors from 7.54.0 release notes
new 56f515608 src/Makefile.am: avoid explicit $<
new adaac6c9a bump: start working on next release
new e347571d0 Revert "src/Makefile.am: avoid explicit $<"
new 4e58c9284 openssl: fix memory leak in servercert
new 1ed62017a tests: remove the html and PDF versions from the tarball
new c3e1a059e mbedtls: enable NTLM (& SMB) even if MD4 support is
unavailable
new dfdb7e1d4 typecheck-gcc: handle function pointers properly
new b060ebb3e llist: no longer uses malloc
new e84cd0c2a gnutls: removed some code when --disable-verbose is
configured
new 11d042a6c lib: fix maybe-uninitialized warnings
new 6debdab50 multi: clarify condition in curl_multi_wait
new 00e67b15b schannel: Don't treat encrypted partial record as pending
data
new ede70d057 llist: fix a comment after cbae73e1dd9
new 409979cc6 configure: fix the -ldl check for openssl, add -lpthread
check
new 5bd5f9172 RELEASE-NOTES: synced with c68fed875
new fa381ff48 curl-compilers.m4: accept -Og and -Ofast GCC flags
new 110626fd8 nss: adapt to the new Curl_llist API
new 0ea1731f8 Makefile: avoid use of GNU-specific form of $<
new 7dfeeaa2e if2ip: fix -Wcast-align warning
new 5a3f0f8e8 configure: stop prepending to LDFLAGS, CPPFLAGS
new 143570691 transfer: remove 'uploadbuf' pointer and cleanup
readwrite_upload()
new 32d3a3a3c curl: set a 100K buffer size by default
new 2a9a6ebd2 typecheck-gcc: fix _curl_is_slist_info
new 6d4333bf4 nss: do not leak PKCS #11 slot while loading a key
new ff2bbe9c7 nss: factorize out nss_{un,}load_module to separate fncs
new b57bfc9c2 nss: load libnssckbi.so if no other trust is specified
new 0b8d141ae examples: ftpuploadfrommem.c
new 44d7c0621 url: declare get_protocol_family() static
new 3b84be3fb http-proxy: remove unused argument from Curl_proxyCONNECT()
new 2ea09c5c6 lib: remove unused code
new 2ebdb432a Makefile: fix make dist
new 59549f85b cookie_interface.c: fix cookie domain so the example works
new 53f08dd27 cookie_interface.c: changed the other domain to example.com
too
new 3407324cd http-proxy: removed unused argument in CURL_DISABLE_PROXY
case
new 24a71e4b0 test1443: test --remote-time
new 541eae60c tool_operate: use utimes instead of obsolescent utime when
available
new 2629030e7 runtests.pl: support multiline <postcheck> commands
new 299b1feba tests: added --remote-time tests for remaining protocols
that support it
new 3e3ede3f9 url: fixed a memory leak on OOM while setting
CURLOPT_BUFFERSIZE
new 728306f93 curl_rtmp: fix missing-variable-declarations warnings
new bd560be17 tests: fixed OOM handling of unit tests to abort test
new 494f9d409 unit1604: fixed compilation under Windows, broken in the
previous commit
new 0bfe63350 unit1604: fixed indentation
new 66650ddf2 http2: declare TU-local variables static
new ed88283c6 examples: declare TU-local variables static
new eb8df2b74 examples: fixed too long line and too long string warnings
new d1c9b36eb tool_cb_prg: fix double-promotion warning
new e854bcc37 tests: declare TU-local variables static
new 39a4c21d6 getpart: use correct variable type
new af9bb7e77 curl_setup: Ensure no more than one IDN lib is enabled
new 5f88e8617 tool: Fix missing prototype warnings for
CURL_DOES_CONVERSIONS
new 7a3bcb492 anyauthput: remove unused code
new d7fcc0e5f http: use private user:password output buffer
new 47fda22d6 ftp: use private buffer for temp storage, not receive buffer
new 997cad053 CURLOPT_BUFFERSIZE: 1024 bytes is now the minimum size
new ff786edc0 file: use private buffer for C-L output
new c15747448 buffer_size: make sure it always has the correct size
new 52d949968 http: don't clobber the receive buffer for timecond
new e3652d369 http2: use the correct set buffer size
new ba419c7e8 pingpong: use the set buffer size
new c702bfabd failf: use private buffer, don't clobber receive buffer
new 75c2498be transfer: fix minor buffer_size mistake
new be463a87a http-proxy: use a dedicated CONNECT response buffer
new 178d6a8bc unit1606: do not print/access buffer
new 8a14d9460 upload: UPLOAD_BUFSIZE is now for the upload buffer
new fda1338ca krb5: use private buffer for temp string, not receive buffer
new fc7484f0e buffer: use data->set.buffer_size instead of BUFSIZE
new becd78837 sendf: remove use of BUFSIZE from debug data conversions
new 8de8afbb8 openssl: use local stack for temp storage
new 7dcde1985 BUFSIZE: rename to READBUFFER_*, make separate MASTERBUF_SIZE
new f8dad6dbc url: let CURLOPT_BUFFERSIZE realloc to smaller sizes too
new 1fce89563 ssh: fix compiler warning from e40e9d7f0de
new 190a25a4e gtls: fixed a lingering BUFSIZE reference
new 90e71485b testpart: remove _MPRINTF_REPLACE
new 725ae5fa5 curl: non-boolean command line args reject --no- prefixes
new 37e722546 Telnet: Write full buffer instead of byte-by-byte
new b9833e3ad RELEASE-NOTES: synced with 862b02f89
new 1b206e3e5 abstract-unix-socket.d: shorten the help text to fit within
79 cols
new 5045a01de typecheck-gcc: add missing string options
new 1dbfd0ae8 typecheck-gcc: add support for CURLINFO_SOCKET
new 3a0f8cf87 lib: fix compiler warnings
new cf1d300f4 CURLINFO_EFFECTIVE_URL.3: add example
new f043b3e9f CURLINFO_REDIRECT_URL.3: add example
new d8610584b curl_setup_once: use SEND_QUAL_ARG2 for swrite
new ce2be58b3 test559: verify use of minimum CURLOPT_BUFFERSIZE
new 0095ee3f1 curl: fix warning "comma at end of enumerator list"
new 3e0de382d test557: set a known good numeric locale
new 8f7b9af28 schannel: return a more specific error code for
SEC_E_UNTRUSTED_ROOT
new 4d5a323b1 tests/server: make string literals const
new cab175523 sockfilt.c: shortened too long line
new 9e6effa9e runtests: add -o to run test cases in scrambled order
new a3735a040 runtests: use -R for random order
new 6d9db2e2a unit1305: fix compiler warning
new 28dac74d3 curl_slist_append.3: clarify a NULL input creates a new list
new 9f0dc6175 tests/server: run checksrc by default in debug-builds
new c1f85bc35 docs/opts: 23 more man pages now have examples
new b296d13f6 docs/opts: 24 more man pages now have examples
new cb8e777f8 tests: fix -Wcast-qual warnings
new 48edf70dd runtests.pl: simplify the datacheck read section
new 8184fb065 curl: remove tool_writeenv.[ch]
new 668b36462 opts: examples added to 8 more libcurl option man pages
new 1d3bce533 opts: fix bad example formatting \n => \\n
new 5d3bbf1d7 buildconf: fix hang on IRIX
new 6ecef5e0d tftp: silence bad-function-cast warning
new 3f7e6e960 asyn-thread: fix unused macro warnings
new d0a52c7d2 tool_parsecfg: fix -Wcast-qual warning
new 2036c7e09 sendrecv: fix MinGW-w64 warning
new 5d747346c test537: use correct variable type
new 36514f5a1 runtests: fix "use of undefined value" warning in -R handling
new f10a57b68 RELEASE-NOTES: synced with e3f84efc32d6b01a
new bf80a3a15 curl.1: depend the build on the Makefile.inc too
new afe76b808 libtest: fix MinGW-w64 warnings
new 3bf14c8dc tftpd: fix signed/unsigned mismatch warnings
new e0e26dab4 tool_msgs: remove wrong cast
new 8bb7ea7f3 tests: give each stunnel.conf file a unique name
new 5821b69da rand: treat fake entropy the same regardless of endianness
new ae6eaafde tests: updated for modified fake random
new e06c3dff8 curl: generate the --help output
new caa928bdc tests: list the primary server first in the server section
new b2240af2b formboundary: convert assert into run-time check
new 7103aa309 tool: fix remaining -Wcast-qual warnings
new d57e1b8af tests: removed redundant --trace-ascii arguments
new 0108b4487 tests: make test file names more unique
new 5fc98d2fa tests: remove superfluous test 1399
new 87fe0a8f8 multi: assign IDs to all timers and make each timer singleton
new 06816bd8b multi: use a fixed array of timers instead of malloc
new 1d58387f1 formdata: fix -Wcomma warning
new aeb4253eb cookie_interface: fix -Wcomma warning
new 209813b56 mbedtls: Support server renegotiation request
new 7b01a32ed pipeline: fix mistakenly trying to pipeline POSTs
new 90d68027f multi: remove leftover debug infof() calls from e9fd794a6
new e7ea5ab0e FAQ: add 7.4 to toc
new 0c04f9e8b tests: made a couple of prechecks consistent with others
new e80f94ebc THANKS: add a few missing names
new 622f26799 tests: added missing keywords "chunked Transfer-Encoding"
new 4ab735808 lib510: don't write past the end of the buffer if it's too
small
new 7f5dd797c url.c: add a compile-time check that CURL_MAX_WRITE_SIZE is
large enough
new 00bbdfe8c curl: show the libcurl release date in --version output
new 422e3d474 CURLOPT_HTTPPROXYTUNNEL: clarify, add example
new e669c63fd docs/libcurl/opts: added more examples in man pages
new 183a33373 man pages: fix example syntax errors
new 3d6b8e766 SecureTransport/DarwinSSL: Implement public key pinning
new 2c780ba1b RELEASE-NOTES: synced with eb16305e6
new 1435c14e2 docs/cmdline-opts/config.d: edit for language
new 76c033075 curl_sasl: fix build error with CURL_DISABLE_CRYPTO_AUTH +
USE_NTLM
new 73fdb51ad darwinssl: Fix exception when processing a client-side
certificate file if no error was raised by the API but the SecIdentityRef was
null
new 8ee1603db oauth2-bearer.d: mention the <token> argument
new 9c2daf895 mkhelp.pl: do not add current time into curl binary
new 4b812e85a cmdline-opts/write-out.d: s/-L/--location
new 25e447ca3 asiohiper.cpp / evhiperfifo.c: deal with negative
timerfunction input
new 5f5e21bc0 ghiper.c/hiperfifo.c: add comment about missing timer
functionality
new 5e4b4c105 ssh: ignore timeouts during disconnect
new 8f1baca86 tests: stabilize test 1034
new f2a7d33d0 RELEASE-NOTES: synced with 052a14e3c
new 2a7206820 cmake: Add CURL_CA_FALLBACK to curl_config.h.cmake
new 8519c7ac0 cmake: add CURL_CA_BUNDLE/CURL_CA_FALLBACK/CURL_CA_PATH
options
new 86a6f37d3 cmake: auto detection of CURL_CA_BUNDLE/CURL_CA_PATH
new 9629d8191 cmake: remove CURL_CA_BUNDLE from cmake TODO
new 3228d3028 cmake: remove unused variables: GNUTLS_ENABLED, NSS_ENABLED
new 45689159b assert: avoid, use DEBUGASSERT instead!
new 360370c1b memdebug: fix compilation failure
new bfc611546 url: fix declaration of 'pipe' shadows a global declaration
new e74cf7d65 cmake: fix build on Ubuntu 14.04
new 4bd816be7 LDAP: using ldap_bind_s on Windows with methods (#878)
new 1333c6ec0 LDAP: fixed checksrc issue
new fc85d2580 redirect: store the "would redirect to" URL when max redirs
is reached
new 916ab9852 LDAP: documentation update per #878 changes (#1506)
new 31eb094ed winbuild: fix the nghttp2 build
new a7e3835b1 examples: fix Wimplicit-fallthrough warnings
new 13910162f time: fix type conversions and compiler warnings
new 370d44a38 ssh: fix 'left' may be used uninitialized
new 3b5b33fee docs/CURLOPT_SSLVERSION.3: Correct define name in example
new b8c6eca0f TODO: 6.4 is done, send telnet data in chunks
new 5799752a9 runtests.pl: removed unused arguments to valgrindparse
new 1edf4ce2f opts: more examples added in option man pages
new 4f9e02b66 runtests.pl: removed <precommand> feature
new 0f4d1d234 tests: removed some redundant empty <stdout> sections
new f808311c4 RELEASE-NOTES: synced with 3aaac8c2f
new 1c2bed1fa mbedtls: fix variable shadow warning
new de516d7ba test557: fix ubsan runtime error due to int left shift
new f6a44dbbc transfer: init the infilesize from the postfields...
new 13b0d64ca CURLOPT_PROXY.3: describe the environment variables more
new f6c2aeeb9 docs: clarify NO_PROXY further
new 4401272f9 opts: more examples added to man pages
new e395769d9 build-wolfssl: Sync config with wolfSSL 3.11
new ff71c7ee0 CURLOPT_PROXY.3: fix test 1140 breakage
new 4c23dd82f curl-compilers.m4: enable -Wshift-sign-overflow for clang
new a2f5d2393 example/externalsocket.c: make it use CLOSESOCKETFUNCTION too
new 612c6e53c examples/sampleconv.c: indent changes, made callbacks static
new 91038c7cc libtest/lib574.c: use correct callback proto
new dc28b19d0 opts: more than 100 more examples for man pages...
new 0b4eadd2f CURLOPT_FNMATCH_DATA.3: modified example to avoid fcpp issues
new d3dcb917e CURLOPT_FNMATCH_FUNCTION.3: also modified example to avoid
fcpp issues
new 37e591d2a CURLOPT_STREAM_DEPENDS.3: typo
new 9b22c7964 CURLOPT_SSH_KEY*.3: typos
new 077f19cfb lib583: fix compiler warning
new 70db0db84 examples/externalsocket.c: s/closesocket/closecb
new 1fefba358 curl-compilers.m4: fix compiler_num for clang
new b49a39fd2 curl-compilers.m4: escape square brackets in regex
new 22a9e0497 typecheck-gcc.h: separate getinfo slist checks from other
pointers
new d7f0a03d6 typecheck-gcc.h: check CURLINFO_TLS_SSL_PTR and
CURLINFO_TLS_SESSION
new c3fbd34ea typecheck-gcc.h: check CURLINFO_CERTINFO
new 92f4262ee build: provide easy code coverage measuring
new bb8af6e83 coverage: run event tests too
new 7e5f35349 test1537: dedicated tests of the URL (un)escape API calls
new e3c5ef3b8 curl_endian: remove unused functions
new e8e3e55b1 test1538: verify the libcurl strerror API calls
new 72b97bfeb test1538: fix typo
new 121816c07 MD(4|5): silence cast-align clang warning
new 76d4aace6 mbedtls: make TU-local variable static
new 84a7515ac dedotdot: fixed output for ".." and "." only input
new e03d8e197 tool_util: remove unused tvdiff_secs and remove tool_ prefix
new 000672eba cyassl: define build macros before including ssl.h
new 43355fa80 updatemanpages.pl: error out on too old git version
new ba832663d curl_sasl: fix unused-variable warning
new 0e70f7200 x509asn1: fix implicit-fallthrough warning with GCC 7
new a6cc3f8eb libtest: fix implicit-fallthrough warnings with GCC 7
new 9d0961972 libtest: fix int-in-bool-context warnings
new d482c71a9 travis: add coverage, distcheck and cmake builds
new 9cec9833a CONTRIBUTE.md: mention tests done on pull requests
new 12fd74406 BINDINGS: add Ring binding
new 1399e3fcb curl_ntlm_core: pass unsigned char to toupper
new f9e6ea01a RELEASE-NOTES: synced with 65ba92650
new d54afcd20 curl_ntlm_core: use Curl_raw_toupper instead of toupper
new bd1d19509 test1262: verify ftp download with -z for "if older than
this"
new 235b09f0b test1538: added "verbose logs" keyword
new 12500be6b test1521: test *all* curl_easy_setopt options
new 8d1a1e982 typecheck-gcc: allow CURLOPT_STDERR to be NULL too
new b93476fb0 test1121: use stricter types to work with typcheck-gcc
new 383edb653 test1521: make the code < 80 columns wide
new b5e0cecd5 lib1521: fix compiler warnings
new f0c8e7cf1 README.md: show the coverall coverage on github
new 5e8c27012 travis: let some builds *not* use --enable-debug
new a640c395a metalink: remove unused printf() argument
new 85ad01acc file: make speedcheck use current time for checks
new 193b806c2 configure: fix link with librtmp when specifying path
new ef641245d expire: remove Curl_expire_latest()
new 4e5895c88 asyn-ares: s/Curl_expire_latest/Curl_expire
new 594e36102 examples/multi-uv.c: fix deprecated symbol
new 745c8b095 cmake: Fix inconsistency regarding mbed TLS include directory
new d507304ea setopt: check CURLOPT_ADDRESS_SCOPE option range
new 485f9aeef lib1521: fix compiler warnings on the use of bad 'long'
values
new 9d4f69921 gitignore: ignore all vim swap files
new ffe408a42 RELEASE-PROCEDURE: updated future release dates
new 773db93fa test1521: fixed OOM handling
new 2fddb37e6 FindWin32CACert: Use a temporary buffer on the stack
new 472eea376 BINDINGS: update SP-Forth and OCaml urls
new d5ea777b4 configure: update the copyright year in the output
new db005906e urlglob: fix division by zero
new d37dfb53a url: fix buffer overwrite with file protocol (CVE-2017-9502)
new e8e8d9721 libressl: OCSP and intermediate certs workaround no longer
needed
new cd3a805b2 mk-lib1521.pl: updated to match the test changes in 916ec30a
new fe0a98ede release: 7.54.1
new b7016c74c includes: remove curl/curlbuild.h and curl/curlrules.h
new 7e61a6ef2 dist: make the hugehelp.c not get regenerated unnecessarily
new 103fecdcc timers: store internal time stamps as time_t instead of
doubles
new 4cbd46aef system.h: fix MinGW build
new 8bd17b21e progress: let "current speed" be UL + DL speeds combined
new acb65807e http-proxy: do the HTTP CONNECT process entirely non-blocking
new fccb93cbe curl/curlver.h: start working on 7.55.0
new 324f52346 RELEASE-NOTES: synced with 2ad80eec5
new a63173979 curl: allow --header and --proxy-header read from file
new d869300d6 test1147: verify -H on a file
new 78a3dda0f lib/curl_setup.h: remove CURL_WANTS_CA_BUNDLE_ENV
new 14bb54f87 curl_setup.h: error out on CURL_WANTS_CA_BUNDLE_ENV use
new d12f50625 TODO: the generated include file is gone
new 7fb89cc50 http-proxy: only attempt FTP over HTTP proxy
new 4a97521ab fuzz: bring oss-fuzz initial code converted to C89
new 7235de292 fuzz: corpora file structure, initial commit
new 7ad4fb1e6 fuzz/README: document how to build
new 22320ee76 http-proxy: fix build with --disable-proxy or --disable-http
new 5d3efb689 configure: disable nghttp2 too if HTTP has been disabled
new 7e863f8d5 dist: add the fuzz dir to the tarball
new 284e34961 mk-ca-bundle.pl: Check curl's exit code after certdata
download
new 26780a478 url: refactor the check for Windows drive letter in path
new f169fa4b9 test1061: mark as flaky
new 67b2f51cc test1148: verify the -# progressbar
new d45e99439 tests: stabilize test 2032 and 2033
new 90bd3e33f HTTPS-Proxy: don't offer h2 for https proxy connections
new 428899f71 libtest/libntlmconnect: fix compiler warnings from f94fcdb
new c6aedbc9c http-proxy: deal with EAGAIN
new 533ab5d5a http-proxy: fix chunked-encoded CONNECT responses
new f4f130b59 curl-compilers.m4: enable vla warning for clang
new bd81e177b curl-compilers.m4: enable double-promotion warning
new ffe7b613c curl-compilers.m4: enable missing-variable-declarations
clang warning
new 7760e4982 curl-compilers.m4: enable comma clang warning
new f0a7e7e85 Makefile.m32: enable -W for MinGW32 build
new dd3b97afb curl: prevent binary output spewed to terminal
new 9810bf43b tool_wrte_cb: remove check for config == NULL
new fec0800be TODO: implement support for CURLOPT_PREQUOTE with SFTP
new c3a68b5b7 TODO: update the TOC too
new e56a9157f http_proxy: fix compiler warning
new c3f307228 http_proxy: fix build with http and proxy
new cc7f4d5a6 CURLOPT_PREQUOTE.3: spellfix man page reference
new 9364b7a7b http2: fix OOM crash
new 7faff7057 PIPELINING_SERVER_BL: cleanup the internal list use
new 2d4b3e28f getinfo: return sizes as curl_off_t
new 42ac54ef3 RELEASE-NOTES: synced with 3b80d3ca4
new 74cca43e5 mkhelp.pl: fix script name in usage text
new bcdcb832a automake: use $(MKHELP) variable instead if constant
mkhelp.pl
new 766193e19 lib1521: add curl_easy_getinfo calls to the test set
new 45d8dffc8 test1521: test getinfo's OFF_T types too
new df18cdaf9 http: add --strip-path-slash and CURLOPT_STRIP_PATH_SLASH
new 1eecf69a3 travis: do the distcheck test build out-of-tree as well
new 6ba65598d if2ip: fix compiler warning in ISO C90 mode
new d27b8e6e6 lib: fix the djgpp build
new 95a581bf2 ci: whitelist branches to avoid testing feature branches
twice
new 497d8c550 typecheck-gcc: add support for CURLINFO_OFF_T
new cdc0b8b07 travis: enable typecheck-gcc warnings
new 6eeda0a91 lib1521: fix missing-variable-declarations clang warnings
new 4ccaaa9c1 --request-target: instead of --strip-path-slash
new 4d50b1176 maketgz: switch to xz instead of lzma
new 6a203d087 CONTRIBUTE.md: mention the out-of-tree build test too
new 87c0a7ead libtest/Makefile: remove unused lib1541 variables
new 62f6f3332 maketgz: switch to -6e for xz
new d345cab75 CURLINFO_REDIRECT_URL.3: mention the CURLOPT_MAXREDIRS case
new 6f1a9dcce progress: fix "time spent", broke in adef394ac
new c93d396b7 curl-compilers.m4: fix unknown-warning-option on Apple clang
new 31c339267 progress: progress.timespent needs to be us
new e18f7eae9 winbuild: fix boringssl build
new 025709021 curl/system.h: add check for XTENSA for 32bit gcc
new d86978348 test1521: fix compiler warnings
new 5b2148696 test1537: fixed memory leak on OOM
new 443be8cff tool_getparam: fix memory leak on test 1147 OOM (torture
tests)
new 4591f77c7 libtest/make: generate lib1521.c
new aee796d13 socks: use proxy_user instead of proxy_name
new 462da465f socks: deduplicate the code for auth request
new 070220e5f CURLOPT_SOCKS5_AUTH: allowed methods for SOCKS5 proxy auth
new 39c8fb45f curl --socks5-{basic,gssapi}: control socks5 auth
new da6896b34 RELEASE-NOTES: synced with ce2c3ebda
new 8e7e7ed32 curl_strequal.3: fix typo in SYNOPSIS
new d4b974e48 progress: prevent resetting t_starttransfer
new a85268978 openssl: improve fallback seed of PRNG with a time based hash
new 7456fc0f2 handler: refactor connection checking
new 4c4cd0ddd http2: handle PING frames
new 7b2a6a83c test1521: fix out-of-tree builds, broken with 467da3af
new 1e68bbf9e test1450: add simple testing for DICT
new fbcc8f36c test1450: fix up DICT server in torture mode
new fac8cccd8 make: build the docs subdir only from within src
new 06151da4e unit1399: add logging to time comparison
new 36ed47b89 cmake: Added compatibility options for older Windows versions
new c161fa804 unit1399: fix integer overflow
new 1a458c6a5 gtls: fix build when sizeof(long) < sizeof(void *)
new 606f8cac7 url: make the original string get used on subsequent
transfers
new bdddcbad6 timeval.c: Use long long constant type for timeval assignment
new 6c08ccbd4 tool_sleep: typecast to avoid macos compiler warning
new bb4addd4b travis.yml: use --enable-werror on debug builds
new 71411ab92 test: add impacket for SMB testing
new b4c330459 test1451: add SMB support to the testbed
new a6d19a168 dist: add SMB python deps into the tarball
new b90882c36 configure: remove checks for 5 functions never used
new 7441ae696 configure: try ldap/lber in reversed order first
new 0fc118156 smb: fix build for djgpp/MSDOS
new b55814b87 travis: install nghttp2 on linux builds
new c102a2af2 smb: add support for CURLOPT_FILETIME
new 23529ba30 RELEASE-NOTES: synced with 596cfb6c0
new a92728c6f cmake: fix send/recv argument scanner for windows
new 11aa75aa8 TODO: HTTP proxy CONNECT is non-blocking now
new 605ef6328 TODO: 1.10 auto-detect proxy
new 6966311c0 inet_pton: fix include on windows to get prototype
new 5374f8376 select.h: avoid macro redefinition harder
new 032f4e2fa cmake: if inet_pton is used, bump _WIN32_WINNT
new a384f8662 http: s/TINY_INITIAL_POST_SIZE/EXPECT_100_THRESHOLD
new 385dc1d55 asyn-thread.c: fix unused variable warnings on macOS
new 1f30499f6 runtests: support "threaded-resolver" as a feature
new 18422ab7e test506: skip if threaded-resolver
new 305f325c4 cmake: remove spurious "-l" from linker flags
new 8d3e83f9a cmake: add CURL_WERROR for enabling "warning as errors"
new 94f94271f appveyor: enable CURL_WERROR on all builds
new c6a523f74 memdebug: don't setbuf() if the file open failed
new 08e817d01 curl_easy_escape.3: mention the (lack of) encoding
new f428bbf5b travis: do more tests in the coverage run
new 36fad8012 test1452: add telnet negotiation
new d543cd0e9 CURLOPT_POSTFIELDS.3: explain the 100-continue magic better
new 9d0b03091 cmake: offer CMAKE_DEBUG_POSTFIX when building with MSVC
new 61b42ffc8 travis: add SMB, DICT, TELNET torture to coverage test
new ae31dd14a travis: detect and use valgrind for normal builds
new b9d4bf76a valgrind.supp: supress OpenSSL false positive seen on travis
new c5054c01c travis: install stunnel
new 1b2442b88 RELEASE-NOTES: synced with be2c999b8
new bd61e6e1f tool_cb_wrt: fix variable shadowing warning
new e101c162c smb: rename variable to fix shadowing warning
new 72f773898 tool_getparam: fix potentially uninitialized err
new 68664dc52 curl_setup_once: Remove ERRNO/SET_ERRNO macros
new 833122166 curl-compilers.m4: disable warning spam with Cygwin's clang
new 80b1f79bd ldap: fix MinGW compiler warning
new bfbb92604 make: fix docs build on OpenBSD
new 2ead37f68 errno: fix non-windows builds after af0216251b94e7
new 56aefd2c3 tests: Fix up issues with errno in test files
new e01832963 strerror: Preserve Windows error code in some functions
new 12ab1e424 curl_setup: always define WIN32_LEAN_AND_MEAN on Windows
new 52be4eabf ISSUE_TEMPLATE: Add a comment not to file security issues on
github
new 5724306b2 build: remove WIN32_LEAN_AND_MEAN from individual build
systems
new f38eac100 system.h: include winsock2.h before windows.h
new be7b00203 travis: install libssh2
new d502f54f2 travis: enable warnings also in release mode
new 7f1bbf5f4 travis: install libidn2
new 9b5c22808 winbuild: build with warning level 4
new 133d98955 winbuild: re-enable warning C4127 for curl tool
new c6a494bf1 rtspd: fix MSVC level 4 warning
new d4a5e3637 sockfilt: suppress conversion warning with explicit cast
new 18691e0b6 libtest: fix MSVC warning C4706
new 653c2ce50 rtspd: fix GCC warning after MSVC warning fix
new 5d4236e0a darwinssl: fix pinnedpubkey build error
new 0fc202724 tests/server/resolve.c: fix deprecation warning
new b61462c34 nss: unify the coding style of nss_send() and nss_recv()
new b6e0383fe nss: fix a possible use-after-free in SelectClientCert()
new f9564d5da checksrc: escape open brace in regex
new a5e798b17 multi: mention integer overflow risk if using > 500 million
sockets
new 4f5c72597 darwinssl: fix variable type mistake (regression)
new 449f6d6a2 timeval: struct curltime is a struct timeval replacement
new f8e3f0692 test1323: verify curlx_tvdiff
new 165639524 curl_rtmp: fix a compiler warning
new ec6a082c1 include.d: clarify that it concerns the response headers
new 87c5541fe splay: fix signed/unsigned mismatch warning
new df795d64a tool_help: clarify --include is only for response headers
new 870b4e985 AppVeyor: now really use CURL_WERROR
new 9259a731b RELEASE-NOTES: synced with 001701c47
new 111d7eda7 cmake: support make uninstall
new 21a0bcb29 include.d: clarify --include is only for response headers
new 0d2d86317 libcurl: Stop using error codes defined under CURL_NO_OLDIES
new 6d23f13ea http: fix response code parser to avoid integer overflow
new f1dfdea51 configure: fix the check for IdnToUnicode
new 0c042758d curl_setup: Define CURL_NO_OLDIES for building libcurl
new dca6e6ea7 multi: fix request timer management
new 29b48648e BUGS: clarify how to report security related bugs
new 594dfad8c BUGS: improved phrasing about security bugs
new 1bd2c3469 curl_threads: fix MSVC compiler warning
new 74436dc2f tests/server/util: fix curltime mistake from 4dee50b9c80f9
new f547eb583 travis: build osx with openssl too
new 2b690d97a travis: build osx with libressl too
new 4b1073cbd CURLOPT_NETRC.3: mention the file name on windows
new 374863181 CURLOPT_NETRC.3: fix typo in 7e48aa386156f9c2
new 84cf2c782 CMake: set MSVC warning level to 4
new 4b509a76f netrc: skip lines starting with '#'
new 7086cafb0 test130: verify comments in .netrc
new b14ce625a darwinssl: fix curlssl_sha256sum() compiler warnings on
first argument
new 6c0fcee12 BUILD.WINDOWS: mention buildconf.bat for builds off git
new 60fa852a4 darwin: silence compiler warnings
new 4b7fc15c1 travis: add osx build with darwinssl
new 110521f74 travis: BUILD_TYPE => T
new bac8fbe5c travis: explicitly specify dist
new 2c324887d FTP: skip unnecessary CWD when in nocwd mode
new 521eb87ab test1010: verify that #1718 is fixed
new 82251eeb6 RELEASE-NOTES: synced with 561e9217c
new 77dab2ec7 CMake: fix CURL_WERROR for MSVC
new d26ec97bd darwinssl: fix compiler warning
new 031cc3158 gssapi: fix memory leak of output token in multi round
context
new ce0e8a1de getparameter: avoid returning uninitialized 'usedarg'
new f31f52de4 easy_events: make event data static
new ba48fd53a file: output the correct buffer to the user
new 96ac91c24 tftp: reject file name lengths that don't fit
new 97556f26b glob: do not continue parsing after a strtoul() overflow
range
new deddc52b2 curl: detect and bail out early on parameter integer
overflows
new ed258201d test1427: verify command line parser integer overflow
detection
new 9ebef3e2a ax_code_coverage.m4: update to latest version
new 0865f7508 configure: fix recv/send/select detection on Android
new ca13529a6 docs/comments: Update to secure URL versions
new 311c83ee6 THANKS: 20 new contributors in 7.55.0
new 991c0dbf0 RELEASE-NOTES: curl 7.55.0
new 0605c3dd0 build: fix 'make install' with configure, install
docs/libcurl/* too
new 0a0f77614 make install: add 8 missing man pages to the installation
new 4ca5087d3 curl: do bounds check using a double comparison
new 2d9d5a09b dist: Add dictserver.py/negtelnetserver.py to EXTRA_DIST
new c758d26ea digest_sspi: Don't reuse context if the user/passwd has
changed
new b08d0feb5 gitignore: ignore top-level .vs folder
new efcb53422 build: check out *.sln files with Windows line endings
new dfc318b2a travis: verify "make install"
new 79ebfc920 dist: fix the cmake build by shipping
cmake_uninstall.cmake.in too
new 54762db07 metalink: fix error: ‘*’ in boolean context, suggest ‘&&’
instead
new 33e4e1f75 cmake: move cmake_uninstall.cmake to CMake/
new 981b44418 configure: use the threaded resolver backend by default if
possible
new bbed66fb4 mkhelp.pl: allow executing this script directly
new 653c0debc maketgz: remove old *.dist files before making the tarball
new 3a80494e8 openssl: remove CONST_ASN1_BIT_STRING.
new 86eeb0245 openssl: fix "error: this statement may fall through"
new 971c7f1e6 curlver: bump to 7.55.1
new 632acb138 RELEASE-NOTES: synced with 37f2195a9
new e24680582 parse_proxy(): fix memory leak in case of invalid proxy
server name
new 2e152b680 test1447: verifies the parse proxy fix in 6e0e152ce5c
new 608ef3be2 test2033: this went flaky again
new c1035204a curl/system.h: support more architectures
new 4263494e8 test1447: require a curl with http support
new 5fcc93d58 docs: fix typo stuct -> struct
new e7a92d928 docs: fix grammar in CURL_SSLVERSION_MAX_DEFAULT description
new 69a8d30f2 docs: fix typo funtion -> function
new af77407f1 curl/system.h: add Oracle Solaris Studio
new 663c6662e bagder/Curl_tvdiff_us: fix the math
new 39ffa4c4b connect-to.d: clarified
new 68d926169 connect-to.d: better language
new d415d2b24 cmake: allow user to override CMAKE_DEBUG_POSTFIX
new e6415ad1b travis: test cmake build on tarball too
new c4be5bcd8 test2032: mark as flaky (again)
new 964b252d6 redirect: skip URL encoding for host names
new b5d5160bb test1448: verify redirect to IDN using URL
new 88267e463 curl/system.h: GCC doesn't define __ppc__ on PowerPC, uses
__powerpc__
new 028871796 ipv6_scope: support unique local addresses
new 4131e33d0 cmake: Threads detection update. ref: #1702
new 87c2eb29a gitignore: ignore .xz now instead of .lzma
new 6046dfb16 RELEASE-NOTES/THANKS: curl 7.55.1 release time
new 20f7f9014 Patchset for gnURL microfork: * Patches to rename libcurl to
libgnurl by Christian * Updated for latest curl using git cherry-pick by Jeff,
Florian, ng0 * Patches to fix the testsuite (deleted tests/data/test1139,
renamed reference from libcurl.* to libgnurl.*) by ng0 * Added guix-gnurl.scm
which can be used to build this with guix prior to installing it. (author: ng0)
* Further adjustments by ng0 * 7.55.0: Manual addition of
a7bbbb7c368c6096802007f61f19a02e9d75285b and [...]
The 1213 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.gitattributes | 2 +
.github/CONTRIBUTING.md | 2 +-
.github/ISSUE_TEMPLATE | 9 +-
.github/stale.yml | 17 +
.gitignore | 7 +-
.travis.yml | 145 +-
CHANGES | 4 +-
CHANGES.0 | 18002 -------------------
CMake/CurlTests.c | 16 +
CMake/FindGSS.cmake | 2 +-
CMake/FindMbedTLS.cmake | 13 +
CMake/FindNGHTTP2.cmake | 18 +
CMake/OtherTests.cmake | 37 +-
CMake/Utilities.cmake | 13 +
CMake/cmake_uninstall.cmake.in | 26 +
CMakeLists.txt | 378 +-
COPYING | 2 +-
CTestConfig.cmake | 13 -
GIT-INFO | 23 -
MacOSX-Framework | 9 -
Makefile.am | 47 +-
Makefile.dist | 449 +-
README.md | 3 +
RELEASE-NOTES | 88 +-
acinclude.m4 | 94 +-
appveyor.yml | 7 +-
buildconf | 9 +-
buildconf.bat | 35 +-
configure.ac | 332 +-
docs/.gitignore | 2 +
docs/BINDINGS | 260 -
docs/BINDINGS.md | 118 +
docs/BUGS | 181 +-
docs/CHECKSRC.md | 4 +-
docs/CIPHERS.md | 426 +
docs/CMakeLists.txt | 3 +
docs/CODE_STYLE.md | 9 +-
docs/CONTRIBUTE.md | 68 +-
docs/FAQ | 163 +-
docs/FEATURES | 2 +-
docs/HISTORY.md | 87 +-
docs/HTTP2.md | 29 +-
docs/INSTALL | 1108 +-
docs/INSTALL.cmake | 17 +-
docs/INSTALL.devcpp | 302 -
docs/INSTALL.md | 513 +
docs/INTERNALS.md | 223 +-
docs/KNOWN_BUGS | 105 +-
docs/LICENSE-MIXING.md | 9 +-
docs/MAIL-ETIQUETTE | 65 +-
docs/MANUAL | 25 +-
docs/Makefile.am | 47 +-
docs/README.md | 4 +-
docs/README.netware | 9 +-
docs/README.win32 | 7 +-
docs/RELEASE-PROCEDURE | 12 +-
docs/ROADMAP.md | 42 +-
docs/SECURITY.md | 28 +-
docs/SSLCERTS.md | 10 +
docs/THANKS | 159 +-
docs/THANKS-filter | 7 +
docs/TODO | 248 +-
docs/TheArtOfHttpScripting | 36 +-
docs/cmdline-opts/CMakeLists.txt | 12 +
docs/cmdline-opts/MANPAGE.md | 52 +
docs/cmdline-opts/Makefile.am | 34 +
docs/cmdline-opts/Makefile.inc | 48 +
docs/cmdline-opts/abstract-unix-socket.d | 9 +
docs/cmdline-opts/anyauth.d | 17 +
docs/cmdline-opts/append.d | 8 +
docs/cmdline-opts/basic.d | 11 +
docs/cmdline-opts/cacert.d | 28 +
docs/cmdline-opts/capath.d | 15 +
docs/cmdline-opts/cert-status.d | 13 +
docs/cmdline-opts/cert-type.d | 10 +
docs/cmdline-opts/cert.d | 32 +
docs/cmdline-opts/ciphers.d | 11 +
docs/cmdline-opts/compressed.d | 7 +
docs/cmdline-opts/config.d | 61 +
docs/cmdline-opts/connect-timeout.d | 11 +
docs/cmdline-opts/connect-to.d | 21 +
docs/cmdline-opts/continue-at.d | 15 +
docs/cmdline-opts/cookie-jar.d | 24 +
docs/cmdline-opts/cookie.d | 36 +
docs/cmdline-opts/create-dirs.d | 9 +
docs/cmdline-opts/crlf.d | 7 +
docs/cmdline-opts/crlfile.d | 10 +
docs/cmdline-opts/data-ascii.d | 6 +
docs/cmdline-opts/data-binary.d | 13 +
docs/cmdline-opts/data-raw.d | 9 +
docs/cmdline-opts/data-urlencode.d | 33 +
docs/cmdline-opts/data.d | 30 +
docs/cmdline-opts/delegation.d | 16 +
docs/cmdline-opts/digest.d | 11 +
docs/cmdline-opts/disable-eprt.d | 19 +
docs/cmdline-opts/disable-epsv.d | 16 +
docs/cmdline-opts/disable.d | 7 +
docs/cmdline-opts/dns-interface.d | 11 +
docs/cmdline-opts/dns-ipv4-addr.d | 11 +
docs/cmdline-opts/dns-ipv6-addr.d | 11 +
docs/cmdline-opts/dns-servers.d | 10 +
docs/cmdline-opts/dump-header.d | 18 +
docs/cmdline-opts/egd-file.d | 8 +
docs/cmdline-opts/engine.d | 8 +
docs/cmdline-opts/expect100-timeout.d | 11 +
docs/cmdline-opts/fail-early.d | 21 +
docs/cmdline-opts/fail.d | 14 +
docs/cmdline-opts/false-start.d | 12 +
docs/cmdline-opts/form-string.d | 11 +
docs/cmdline-opts/form.d | 54 +
docs/cmdline-opts/ftp-account.d | 10 +
docs/cmdline-opts/ftp-alternative-to-user.d | 10 +
docs/cmdline-opts/ftp-create-dirs.d | 8 +
docs/cmdline-opts/ftp-method.d | 21 +
docs/cmdline-opts/ftp-pasv.d | 16 +
docs/cmdline-opts/ftp-port.d | 32 +
docs/cmdline-opts/ftp-pret.d | 8 +
docs/cmdline-opts/ftp-skip-pasv-ip.d | 12 +
docs/cmdline-opts/ftp-ssl-ccc-mode.d | 11 +
docs/cmdline-opts/ftp-ssl-ccc.d | 10 +
docs/cmdline-opts/ftp-ssl-control.d | 8 +
docs/cmdline-opts/gen.pl | 385 +
docs/cmdline-opts/get.d | 15 +
docs/cmdline-opts/globoff.d | 8 +
docs/cmdline-opts/head.d | 8 +
docs/cmdline-opts/header.d | 41 +
docs/cmdline-opts/help.d | 6 +
docs/cmdline-opts/hostpubmd5.d | 9 +
docs/cmdline-opts/http1.0.d | 10 +
docs/cmdline-opts/http1.1.d | 8 +
docs/cmdline-opts/http2-prior-knowledge.d | 12 +
docs/cmdline-opts/http2.d | 10 +
docs/cmdline-opts/ignore-content-length.d | 10 +
docs/cmdline-opts/include.d | 10 +
docs/cmdline-opts/insecure.d | 16 +
docs/cmdline-opts/interface.d | 12 +
docs/cmdline-opts/ipv4.d | 12 +
docs/cmdline-opts/ipv6.d | 12 +
docs/cmdline-opts/junk-session-cookies.d | 10 +
docs/cmdline-opts/keepalive-time.d | 13 +
docs/cmdline-opts/key-type.d | 9 +
docs/cmdline-opts/key.d | 10 +
docs/cmdline-opts/krb.d | 11 +
docs/cmdline-opts/libcurl.d | 11 +
docs/cmdline-opts/limit-rate.d | 18 +
docs/cmdline-opts/list-only.d | 24 +
docs/cmdline-opts/local-port.d | 9 +
docs/cmdline-opts/location-trusted.d | 9 +
docs/cmdline-opts/location.d | 23 +
docs/cmdline-opts/login-options.d | 14 +
docs/cmdline-opts/mail-auth.d | 10 +
docs/cmdline-opts/mail-from.d | 8 +
docs/cmdline-opts/mail-rcpt.d | 19 +
docs/cmdline-opts/manual.d | 5 +
docs/cmdline-opts/max-filesize.d | 12 +
docs/cmdline-opts/max-redirs.d | 11 +
docs/cmdline-opts/max-time.d | 13 +
docs/cmdline-opts/metalink.d | 27 +
docs/cmdline-opts/negotiate.d | 15 +
docs/cmdline-opts/netrc-file.d | 12 +
docs/cmdline-opts/netrc-optional.d | 7 +
docs/cmdline-opts/netrc.d | 17 +
docs/cmdline-opts/next.d | 20 +
docs/cmdline-opts/no-alpn.d | 11 +
docs/cmdline-opts/no-buffer.d | 11 +
docs/cmdline-opts/no-keepalive.d | 8 +
docs/cmdline-opts/no-npn.d | 12 +
docs/cmdline-opts/no-sessionid.d | 13 +
docs/cmdline-opts/noproxy.d | 15 +
docs/cmdline-opts/ntlm-wb.d | 7 +
docs/cmdline-opts/ntlm.d | 18 +
docs/cmdline-opts/oauth2-bearer.d | 12 +
docs/cmdline-opts/output.d | 32 +
docs/cmdline-opts/page-footer | 244 +
docs/cmdline-opts/page-header | 141 +
docs/cmdline-opts/pass.d | 8 +
docs/cmdline-opts/path-as-is.d | 7 +
docs/cmdline-opts/pinnedpubkey.d | 27 +
docs/cmdline-opts/post301.d | 11 +
docs/cmdline-opts/post302.d | 11 +
docs/cmdline-opts/post303.d | 11 +
docs/cmdline-opts/preproxy.d | 22 +
docs/cmdline-opts/progress-bar.d | 11 +
docs/cmdline-opts/proto-default.d | 18 +
docs/cmdline-opts/proto-redir.d | 17 +
docs/cmdline-opts/proto.d | 43 +
docs/cmdline-opts/proxy-anyauth.d | 7 +
docs/cmdline-opts/proxy-basic.d | 7 +
docs/cmdline-opts/proxy-cacert.d | 7 +
docs/cmdline-opts/proxy-capath.d | 7 +
docs/cmdline-opts/proxy-cert-type.d | 6 +
docs/cmdline-opts/proxy-cert.d | 6 +
docs/cmdline-opts/proxy-ciphers.d | 6 +
docs/cmdline-opts/proxy-crlfile.d | 6 +
docs/cmdline-opts/proxy-digest.d | 6 +
docs/cmdline-opts/proxy-header.d | 24 +
docs/cmdline-opts/proxy-insecure.d | 5 +
docs/cmdline-opts/proxy-key-type.d | 6 +
docs/cmdline-opts/proxy-key.d | 5 +
docs/cmdline-opts/proxy-negotiate.d | 8 +
docs/cmdline-opts/proxy-ntlm.d | 6 +
docs/cmdline-opts/proxy-pass.d | 6 +
docs/cmdline-opts/proxy-service-name.d | 6 +
docs/cmdline-opts/proxy-ssl-allow-beast.d | 5 +
docs/cmdline-opts/proxy-tlsauthtype.d | 6 +
docs/cmdline-opts/proxy-tlspassword.d | 6 +
docs/cmdline-opts/proxy-tlsuser.d | 6 +
docs/cmdline-opts/proxy-tlsv1.d | 5 +
docs/cmdline-opts/proxy-user.d | 12 +
docs/cmdline-opts/proxy.d | 39 +
docs/cmdline-opts/proxy1.0.d | 10 +
docs/cmdline-opts/proxytunnel.d | 13 +
docs/cmdline-opts/pubkey.d | 14 +
docs/cmdline-opts/quote.d | 56 +
docs/cmdline-opts/random-file.d | 7 +
docs/cmdline-opts/range.d | 46 +
docs/cmdline-opts/raw.d | 7 +
docs/cmdline-opts/referer.d | 14 +
docs/cmdline-opts/remote-header-name.d | 19 +
docs/cmdline-opts/remote-name-all.d | 8 +
docs/cmdline-opts/remote-name.d | 21 +
docs/cmdline-opts/remote-time.d | 7 +
docs/cmdline-opts/request-target.d | 8 +
docs/cmdline-opts/request.d | 39 +
docs/cmdline-opts/resolve.d | 17 +
docs/cmdline-opts/retry-connrefused.d | 6 +
docs/cmdline-opts/retry-delay.d | 11 +
docs/cmdline-opts/retry-max-time.d | 13 +
docs/cmdline-opts/retry.d | 17 +
docs/cmdline-opts/sasl-ir.d | 5 +
docs/cmdline-opts/service-name.d | 8 +
docs/cmdline-opts/show-error.d | 5 +
docs/cmdline-opts/silent.d | 11 +
docs/cmdline-opts/socks4.d | 19 +
docs/cmdline-opts/socks4a.d | 19 +
docs/cmdline-opts/socks5-basic.d | 7 +
docs/cmdline-opts/socks5-gssapi-nec.d | 8 +
docs/cmdline-opts/socks5-gssapi-service.d | 12 +
docs/cmdline-opts/socks5-gssapi.d | 8 +
docs/cmdline-opts/socks5-hostname.d | 19 +
docs/cmdline-opts/socks5.d | 21 +
docs/cmdline-opts/speed-limit.d | 10 +
docs/cmdline-opts/speed-time.d | 13 +
docs/cmdline-opts/ssl-allow-beast.d | 9 +
docs/cmdline-opts/ssl-no-revoke.d | 7 +
docs/cmdline-opts/ssl-reqd.d | 9 +
docs/cmdline-opts/ssl.d | 12 +
docs/cmdline-opts/sslv2.d | 13 +
docs/cmdline-opts/sslv3.d | 13 +
docs/cmdline-opts/stderr.d | 8 +
docs/cmdline-opts/suppress-connect-headers.d | 8 +
docs/cmdline-opts/tcp-fastopen.d | 5 +
docs/cmdline-opts/tcp-nodelay.d | 9 +
docs/cmdline-opts/telnet-option.d | 12 +
docs/cmdline-opts/tftp-blksize.d | 11 +
docs/cmdline-opts/tftp-no-options.d | 10 +
docs/cmdline-opts/time-cond.d | 17 +
docs/cmdline-opts/tls-max.d | 24 +
docs/cmdline-opts/tlsauthtype.d | 8 +
docs/cmdline-opts/tlspassword.d | 6 +
docs/cmdline-opts/tlsuser.d | 7 +
docs/cmdline-opts/tlsv1.0.d | 6 +
docs/cmdline-opts/tlsv1.1.d | 6 +
docs/cmdline-opts/tlsv1.2.d | 6 +
docs/cmdline-opts/tlsv1.3.d | 9 +
docs/cmdline-opts/tlsv1.d | 12 +
docs/cmdline-opts/tr-encoding.d | 7 +
docs/cmdline-opts/trace-ascii.d | 14 +
docs/cmdline-opts/trace-time.d | 5 +
docs/cmdline-opts/trace.d | 11 +
docs/cmdline-opts/unix-socket.d | 7 +
docs/cmdline-opts/upload-file.d | 33 +
docs/cmdline-opts/url.d | 15 +
docs/cmdline-opts/use-ascii.d | 8 +
docs/cmdline-opts/user-agent.d | 12 +
docs/cmdline-opts/user.d | 33 +
docs/cmdline-opts/verbose.d | 19 +
docs/cmdline-opts/version.d | 58 +
docs/cmdline-opts/write-out.d | 142 +
docs/cmdline-opts/xattr.d | 8 +
docs/examples/10-at-a-time.c | 4 +-
docs/examples/Makefile.am | 8 +-
docs/examples/Makefile.inc | 4 +-
docs/examples/Makefile.m32 | 2 +-
docs/examples/Makefile.netware | 8 +-
docs/examples/anyauthput.c | 28 +-
docs/examples/asiohiper.cpp | 181 +-
docs/examples/cacertinmem.c | 16 +-
docs/examples/certinfo.c | 19 +-
docs/examples/cookie_interface.c | 11 +-
docs/examples/curlx.c | 78 +-
docs/examples/debug.c | 3 +-
docs/examples/evhiperfifo.c | 23 +-
docs/examples/externalsocket.c | 26 +-
docs/examples/fileupload.c | 11 +-
docs/examples/fopen.c | 16 +-
docs/examples/ftpupload.c | 2 +-
docs/examples/ftpuploadfrommem.c | 124 +
docs/examples/ftpuploadresume.c | 6 +-
docs/examples/ghiper.c | 35 +-
docs/examples/hiperfifo.c | 33 +-
docs/examples/htmltitle.cpp | 63 +-
docs/examples/http2-download.c | 11 +-
docs/examples/http2-serverpush.c | 7 +-
docs/examples/http2-upload.c | 13 +-
docs/examples/imap-append.c | 8 +
docs/examples/imap-copy.c | 4 +-
docs/examples/imap-create.c | 4 +-
docs/examples/imap-delete.c | 4 +-
docs/examples/imap-examine.c | 4 +-
docs/examples/imap-search.c | 4 +-
docs/examples/multi-app.c | 2 +-
docs/examples/multi-debugcallback.c | 3 +-
docs/examples/multi-post.c | 2 +-
docs/examples/multi-uv.c | 95 +-
docs/examples/multithread.c | 8 +-
docs/examples/opensslthreadlock.c | 2 +-
docs/examples/pop3-top.c | 4 +-
docs/examples/post-callback.c | 2 +-
docs/examples/postit2.c | 2 +-
docs/examples/rtsp.c | 14 +-
docs/examples/sampleconv.c | 74 +-
docs/examples/sendrecv.c | 93 +-
docs/examples/sessioninfo.c | 2 +-
docs/examples/smooth-gtk-thread.c | 12 +-
docs/examples/synctime.c | 6 +-
docs/examples/usercertinmem.c | 5 +-
docs/gnurl.1 | 2799 +--
docs/index.html | 20 -
docs/libcurl/.gitignore | 1 +
docs/libcurl/CMakeLists.txt | 55 +
docs/libcurl/Makefile.am | 80 +-
docs/libcurl/Makefile.inc | 20 +
docs/libcurl/curl_easy_escape.3 | 11 +-
docs/libcurl/curl_easy_getinfo.3 | 41 +-
docs/libcurl/curl_easy_recv.3 | 29 +-
docs/libcurl/curl_easy_send.3 | 23 +-
docs/libcurl/curl_easy_setopt.3 | 51 +-
docs/libcurl/curl_easy_unescape.3 | 7 +-
docs/libcurl/curl_formadd.3 | 8 +-
docs/libcurl/curl_global_cleanup.3 | 10 +-
docs/libcurl/curl_mprintf.3 | 2 +-
docs/libcurl/curl_multi_socket.3 | 2 +-
docs/libcurl/curl_slist_append.3 | 28 +-
docs/libcurl/curl_slist_free_all.3 | 18 +-
docs/libcurl/curl_strequal.3 | 4 +-
docs/libcurl/curl_version_info.3 | 3 +
docs/libcurl/libcurl-multi.3 | 6 +-
docs/libcurl/libcurl-thread.3 | 11 +-
docs/libcurl/libcurl-tutorial.3 | 2 +-
docs/libcurl/opts/CMakeLists.txt | 12 +
docs/libcurl/opts/CURLINFO_ACTIVESOCKET.3 | 22 +-
docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.3 | 19 +-
docs/libcurl/opts/CURLINFO_CERTINFO.3 | 34 +-
docs/libcurl/opts/CURLINFO_CONDITION_UNMET.3 | 27 +-
docs/libcurl/opts/CURLINFO_CONNECT_TIME.3 | 19 +-
.../opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3 | 24 +-
.../opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3 | 62 +
docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.3 | 25 +-
.../opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3 | 61 +
docs/libcurl/opts/CURLINFO_CONTENT_TYPE.3 | 21 +-
docs/libcurl/opts/CURLINFO_COOKIELIST.3 | 32 +-
docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.3 | 19 +-
docs/libcurl/opts/CURLINFO_FILETIME.3 | 21 +-
docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.3 | 21 +-
docs/libcurl/opts/CURLINFO_HEADER_SIZE.3 | 21 +-
docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3 | 29 +-
docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.3 | 21 +-
docs/libcurl/opts/CURLINFO_LASTSOCKET.3 | 22 +-
docs/libcurl/opts/CURLINFO_LOCAL_IP.3 | 21 +-
docs/libcurl/opts/CURLINFO_LOCAL_PORT.3 | 26 +-
docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.3 | 19 +-
docs/libcurl/opts/CURLINFO_NUM_CONNECTS.3 | 19 +-
docs/libcurl/opts/CURLINFO_OS_ERRNO.3 | 19 +-
docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.3 | 19 +-
docs/libcurl/opts/CURLINFO_PRIMARY_IP.3 | 22 +-
docs/libcurl/opts/CURLINFO_PRIMARY_PORT.3 | 18 +-
docs/libcurl/opts/CURLINFO_PRIVATE.3 | 19 +-
docs/libcurl/opts/CURLINFO_PROTOCOL.3 | 55 +
docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3 | 30 +-
.../libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.3 | 57 +
docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.3 | 17 +-
docs/libcurl/opts/CURLINFO_REDIRECT_TIME.3 | 19 +-
docs/libcurl/opts/CURLINFO_REDIRECT_URL.3 | 21 +-
docs/libcurl/opts/CURLINFO_REQUEST_SIZE.3 | 18 +-
docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.3 | 16 +-
docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.3 | 16 +-
docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.3 | 16 +-
docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.3 | 16 +-
docs/libcurl/opts/CURLINFO_SCHEME.3 | 62 +
docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.3 | 26 +-
docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.3 | 64 +
docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.3 | 24 +-
docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.3 | 59 +
docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.3 | 24 +-
docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.3 | 59 +
docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.3 | 23 +-
docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.3 | 58 +
docs/libcurl/opts/CURLINFO_SSL_ENGINES.3 | 17 +-
docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.3 | 20 +-
docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.3 | 19 +-
docs/libcurl/opts/CURLINFO_TLS_SESSION.3 | 14 +-
docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3 | 14 +-
docs/libcurl/opts/CURLINFO_TOTAL_TIME.3 | 19 +-
.../opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 | 8 +-
.../opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 | 8 +-
docs/libcurl/opts/CURLMOPT_MAXCONNECTS.3 | 8 +-
docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.3 | 8 +-
docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.3 | 12 +-
docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 | 8 +-
docs/libcurl/opts/CURLMOPT_PIPELINING.3 | 9 +-
docs/libcurl/opts/CURLMOPT_PUSHDATA.3 | 34 +-
docs/libcurl/opts/CURLMOPT_SOCKETDATA.3 | 31 +-
docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3 | 31 +-
docs/libcurl/opts/CURLMOPT_TIMERDATA.3 | 38 +-
docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3 | 51 +-
docs/libcurl/opts/CURLOPT_ABSTRACT_UNIX_SOCKET.3 | 58 +
docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3 | 3 +
docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.3 | 17 +-
docs/libcurl/opts/CURLOPT_AUTOREFERER.3 | 19 +-
docs/libcurl/opts/CURLOPT_BUFFERSIZE.3 | 33 +-
docs/libcurl/opts/CURLOPT_CAINFO.3 | 20 +-
docs/libcurl/opts/CURLOPT_CAPATH.3 | 24 +-
docs/libcurl/opts/CURLOPT_CERTINFO.3 | 34 +-
docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.3 | 49 +-
docs/libcurl/opts/CURLOPT_CHUNK_DATA.3 | 49 +-
docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.3 | 21 +-
docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.3 | 14 +-
docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.3 | 14 +-
docs/libcurl/opts/CURLOPT_CONNECT_ONLY.3 | 16 +-
.../opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3 | 23 +-
.../libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.3 | 22 +-
.../opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3 | 22 +-
docs/libcurl/opts/CURLOPT_COOKIE.3 | 3 +
docs/libcurl/opts/CURLOPT_COOKIEFILE.3 | 19 +-
docs/libcurl/opts/CURLOPT_COOKIEJAR.3 | 20 +-
docs/libcurl/opts/CURLOPT_COOKIESESSION.3 | 19 +-
docs/libcurl/opts/CURLOPT_CRLF.3 | 13 +-
docs/libcurl/opts/CURLOPT_CRLFILE.3 | 16 +-
docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3 | 20 +-
docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.3 | 1 +
docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.3 | 3 +
docs/libcurl/opts/CURLOPT_DIRLISTONLY.3 | 16 +-
docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.3 | 20 +-
docs/libcurl/opts/CURLOPT_DNS_INTERFACE.3 | 15 +-
docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.3 | 15 +-
docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.3 | 15 +-
docs/libcurl/opts/CURLOPT_DNS_SERVERS.3 | 15 +-
docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.3 | 14 +-
docs/libcurl/opts/CURLOPT_EGDSOCKET.3 | 15 +-
docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.3 | 14 +-
docs/libcurl/opts/CURLOPT_FAILONERROR.3 | 21 +-
docs/libcurl/opts/CURLOPT_FILETIME.3 | 21 +-
docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3 | 22 +-
docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.3 | 22 +-
docs/libcurl/opts/CURLOPT_FORBID_REUSE.3 | 13 +-
docs/libcurl/opts/CURLOPT_FRESH_CONNECT.3 | 11 +-
docs/libcurl/opts/CURLOPT_FTPPORT.3 | 15 +-
docs/libcurl/opts/CURLOPT_FTPSSLAUTH.3 | 14 +-
docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.3 | 18 +-
.../libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.3 | 18 +-
.../libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.3 | 15 +-
docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.3 | 15 +-
docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.3 | 14 +-
docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3 | 15 +-
docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.3 | 14 +-
docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.3 | 16 +-
docs/libcurl/opts/CURLOPT_FTP_USE_PRET.3 | 16 +-
docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.3 | 28 +-
docs/libcurl/opts/CURLOPT_HEADERDATA.3 | 32 +-
docs/libcurl/opts/CURLOPT_HEADEROPT.3 | 21 +-
docs/libcurl/opts/CURLOPT_HTTP200ALIASES.3 | 17 +-
docs/libcurl/opts/CURLOPT_HTTPAUTH.3 | 14 +-
docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.3 | 36 +-
docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.3 | 12 +-
docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.3 | 12 +-
docs/libcurl/opts/CURLOPT_HTTP_VERSION.3 | 15 +-
docs/libcurl/opts/CURLOPT_INTERFACE.3 | 18 +-
docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.3 | 16 +-
docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.3 | 16 +-
docs/libcurl/opts/CURLOPT_IOCTLDATA.3 | 20 +-
docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.3 | 20 +-
docs/libcurl/opts/CURLOPT_IPRESOLVE.3 | 17 +-
docs/libcurl/opts/CURLOPT_ISSUERCERT.3 | 15 +-
docs/libcurl/opts/CURLOPT_KEEP_SENDING_ON_ERROR.3 | 61 +
docs/libcurl/opts/CURLOPT_KEYPASSWD.3 | 17 +-
docs/libcurl/opts/CURLOPT_KRBLEVEL.3 | 15 +-
docs/libcurl/opts/CURLOPT_LOCALPORT.3 | 14 +-
docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.3 | 14 +-
docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3 | 15 +-
docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.3 | 18 +-
docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.3 | 18 +-
docs/libcurl/opts/CURLOPT_MAIL_AUTH.3 | 15 +-
docs/libcurl/opts/CURLOPT_MAIL_FROM.3 | 15 +-
docs/libcurl/opts/CURLOPT_MAIL_RCPT.3 | 16 +-
docs/libcurl/opts/CURLOPT_MAXCONNECTS.3 | 13 +-
docs/libcurl/opts/CURLOPT_MAXFILESIZE.3 | 13 +-
docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.3 | 14 +-
docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3 | 12 +-
docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3 | 14 +-
docs/libcurl/opts/CURLOPT_NETRC.3 | 18 +-
docs/libcurl/opts/CURLOPT_NETRC_FILE.3 | 16 +-
docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.3 | 13 +-
docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.3 | 12 +-
docs/libcurl/opts/CURLOPT_NOBODY.3 | 7 +-
docs/libcurl/opts/CURLOPT_NOPROXY.3 | 22 +-
docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.3 | 41 +-
docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.3 | 40 +-
docs/libcurl/opts/CURLOPT_PASSWORD.3 | 18 +-
docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3 | 20 +-
docs/libcurl/opts/CURLOPT_PORT.3 | 12 +-
docs/libcurl/opts/CURLOPT_POST.3 | 16 +-
docs/libcurl/opts/CURLOPT_POSTFIELDS.3 | 8 +-
docs/libcurl/opts/CURLOPT_POSTQUOTE.3 | 20 +-
docs/libcurl/opts/CURLOPT_PREQUOTE.3 | 35 +-
docs/libcurl/opts/CURLOPT_PRE_PROXY.3 | 80 +
docs/libcurl/opts/CURLOPT_PROXY.3 | 50 +-
docs/libcurl/opts/CURLOPT_PROXYAUTH.3 | 18 +-
docs/libcurl/opts/CURLOPT_PROXYHEADER.3 | 22 +-
docs/libcurl/opts/CURLOPT_PROXYPASSWORD.3 | 17 +-
docs/libcurl/opts/CURLOPT_PROXYPORT.3 | 16 +-
docs/libcurl/opts/CURLOPT_PROXYTYPE.3 | 42 +-
docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3 | 17 +-
docs/libcurl/opts/CURLOPT_PROXYUSERPWD.3 | 16 +-
docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3 | 83 +
docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3 | 71 +
docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.3 | 75 +
docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.3 | 62 +
docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.3 | 111 +
docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 | 15 +-
docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.3 | 72 +
docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.3 | 67 +
docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.3 | 68 +
docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.3 | 61 +
docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3 | 92 +
docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.3 | 80 +
docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3 | 72 +
docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.3 | 82 +
docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.3 | 89 +
docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.3 | 62 +
docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.3 | 70 +
docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.3 | 62 +
docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.3 | 14 +-
docs/libcurl/opts/CURLOPT_PUT.3 | 4 +-
docs/libcurl/opts/CURLOPT_QUOTE.3 | 20 +-
docs/libcurl/opts/CURLOPT_RANDOM_FILE.3 | 17 +-
docs/libcurl/opts/CURLOPT_RANGE.3 | 3 +
docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.3 | 3 +
docs/libcurl/opts/CURLOPT_REFERER.3 | 3 +
docs/libcurl/opts/CURLOPT_REQUEST_TARGET.3 | 56 +
docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.3 | 12 +-
docs/libcurl/opts/CURLOPT_RTSP_REQUEST.3 | 14 +-
docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.3 | 12 +-
docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.3 | 16 +-
docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3 | 17 +-
docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.3 | 17 +-
docs/libcurl/opts/CURLOPT_SASL_IR.3 | 12 +-
docs/libcurl/opts/CURLOPT_SEEKDATA.3 | 16 +-
docs/libcurl/opts/CURLOPT_SEEKFUNCTION.3 | 17 +-
docs/libcurl/opts/CURLOPT_SERVICE_NAME.3 | 15 +-
docs/libcurl/opts/CURLOPT_SHARE.3 | 26 +-
docs/libcurl/opts/CURLOPT_SOCKOPTDATA.3 | 27 +-
docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.3 | 40 +-
docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.3 | 63 +
docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.3 | 13 +-
docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 | 16 +-
docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.3 | 13 +-
.../libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3 | 16 +-
docs/libcurl/opts/CURLOPT_SSH_KEYDATA.3 | 23 +-
docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.3 | 23 +-
docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.3 | 16 +-
docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.3 | 17 +-
docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3 | 16 +-
docs/libcurl/opts/CURLOPT_SSLCERT.3 | 17 +-
docs/libcurl/opts/CURLOPT_SSLCERTTYPE.3 | 18 +-
docs/libcurl/opts/CURLOPT_SSLENGINE.3 | 15 +-
docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 | 13 +-
docs/libcurl/opts/CURLOPT_SSLKEY.3 | 17 +-
docs/libcurl/opts/CURLOPT_SSLKEYTYPE.3 | 18 +-
docs/libcurl/opts/CURLOPT_SSLVERSION.3 | 24 +-
docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3 | 20 +-
docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.3 | 84 +-
docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3 | 63 +-
docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.3 | 12 +-
docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.3 | 12 +-
docs/libcurl/opts/CURLOPT_SSL_FALSESTART.3 | 13 +-
docs/libcurl/opts/CURLOPT_SSL_OPTIONS.3 | 16 +-
docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.3 | 13 +-
docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 | 13 +-
docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3 | 4 +-
docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.3 | 13 +-
docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.3 | 18 +-
docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.3 | 16 +-
docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.3 | 17 +-
.../opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.3 | 95 +
docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3 | 13 +-
docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.3 | 2 +-
docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.3 | 4 +-
docs/libcurl/opts/CURLOPT_TCP_NODELAY.3 | 22 +-
docs/libcurl/opts/CURLOPT_TELNETOPTIONS.3 | 16 +-
docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.3 | 13 +-
docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.3 | 17 +-
docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.3 | 17 +-
docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.3 | 17 +-
docs/libcurl/opts/CURLOPT_TRANSFERTEXT.3 | 12 +-
docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3 | 13 +-
docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.3 | 9 +-
docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.3 | 22 +-
docs/libcurl/opts/CURLOPT_URL.3 | 3 +
docs/libcurl/opts/CURLOPT_USERAGENT.3 | 3 +
docs/libcurl/opts/CURLOPT_USERNAME.3 | 18 +-
docs/libcurl/opts/CURLOPT_USERPWD.3 | 18 +-
docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.3 | 15 +-
docs/libcurl/opts/Makefile.am | 876 +-
docs/libcurl/opts/Makefile.inc | 321 +
docs/libcurl/symbols-in-versions | 51 +-
docs/mk-ca-bundle.1 | 18 +-
guix-gnurl.scm | 46 +
include/Makefile.am | 2 +-
include/README | 28 +-
include/curl/.gitignore | 4 -
include/curl/Makefile.am | 53 -
include/curl/curl.h | 2450 ---
include/curl/curlbuild.h.cmake | 197 -
include/curl/curlbuild.h.dist | 586 -
include/curl/curlbuild.h.in | 197 -
include/curl/curlrules.h | 262 -
include/curl/curlver.h | 77 -
include/curl/easy.h | 102 -
include/curl/multi.h | 439 -
include/curl/stdcheaders.h | 33 -
include/curl/typecheck-gcc.h | 622 -
include/gnurl/.gitignore | 3 +
include/gnurl/Makefile.am | 53 +
include/gnurl/curl.h | 2566 +++
include/gnurl/curlver.h | 77 +
include/gnurl/easy.h | 102 +
include/{curl => gnurl}/mprintf.h | 0
include/gnurl/multi.h | 439 +
include/gnurl/stdcheaders.h | 33 +
include/gnurl/system.h | 547 +
include/gnurl/typecheck-gcc.h | 677 +
lib/.gitattributes | 1 +
lib/.gitignore | 1 -
lib/CMakeLists.txt | 11 +-
lib/Makefile.Watcom | 10 +-
lib/Makefile.am | 14 +-
lib/Makefile.b32 | 2 +-
lib/Makefile.inc | 12 +-
lib/Makefile.m32 | 16 +-
lib/Makefile.netware | 52 +-
lib/Makefile.vc6 | 691 -
lib/amigaos.c | 2 +-
lib/asyn-ares.c | 51 +-
lib/asyn-thread.c | 72 +-
lib/base64.c | 5 +
lib/checksrc.pl | 60 +-
lib/config-amigaos.h | 4 +-
lib/config-symbian.h | 6 +-
lib/config-win32.h | 8 +-
lib/config-win32ce.h | 4 +-
lib/conncache.c | 70 +-
lib/conncache.h | 6 +-
lib/connect.c | 153 +-
lib/connect.h | 21 +-
lib/content_encoding.c | 30 +-
lib/cookie.c | 160 +-
lib/cookie.h | 6 +-
lib/curl_addrinfo.c | 64 +-
lib/curl_addrinfo.h | 2 +-
lib/curl_config.h.cmake | 25 +-
lib/curl_des.c | 2 +-
lib/curl_endian.c | 120 +-
lib/curl_endian.h | 32 +-
lib/curl_fnmatch.c | 10 +-
lib/curl_gethostname.c | 8 +-
lib/curl_gssapi.c | 2 +-
lib/curl_hmac.h | 26 +-
lib/curl_md4.h | 8 +-
lib/curl_memory.h | 8 +-
lib/curl_memrchr.c | 2 +-
lib/curl_multibyte.c | 2 +-
lib/curl_ntlm_core.c | 26 +-
lib/curl_ntlm_core.h | 27 +-
lib/curl_ntlm_wb.c | 34 +-
lib/curl_printf.h | 2 +-
lib/curl_rtmp.c | 11 +-
lib/curl_sasl.c | 35 +-
lib/curl_sasl.h | 2 +-
lib/curl_sec.h | 16 +-
lib/curl_setup.h | 63 +-
lib/curl_setup_once.h | 16 +-
lib/curl_sspi.c | 2 +-
lib/curl_sspi.h | 2 +-
lib/curl_threads.c | 22 +-
lib/curl_threads.h | 5 +-
lib/curlx.h | 15 +-
lib/dict.c | 30 +-
lib/dotdot.c | 5 +-
lib/easy.c | 128 +-
lib/escape.c | 25 +-
lib/file.c | 48 +-
lib/fileinfo.c | 14 +-
lib/fileinfo.h | 14 +-
lib/formdata.c | 265 +-
lib/formdata.h | 3 +-
lib/ftp.c | 535 +-
lib/ftp.h | 7 +-
lib/ftplistparser.c | 70 +-
lib/getenv.c | 2 +-
lib/getinfo.c | 99 +-
lib/gopher.c | 46 +-
lib/hash.c | 90 +-
lib/hash.h | 20 +-
lib/hmac.c | 12 +-
lib/hostcheck.c | 25 +-
lib/hostcheck.h | 2 +-
lib/hostip.c | 25 +-
lib/hostip.h | 10 +-
lib/hostip4.c | 2 +-
lib/http.c | 416 +-
lib/http.h | 17 +-
lib/http2.c | 382 +-
lib/http2.h | 11 +-
lib/http_chunks.c | 14 +-
lib/http_digest.c | 22 +-
lib/http_negotiate.c | 17 +-
lib/http_ntlm.c | 8 +-
lib/http_proxy.c | 699 +-
lib/http_proxy.h | 21 +-
lib/if2ip.c | 22 +-
lib/if2ip.h | 5 +-
lib/imap.c | 113 +-
lib/inet_ntop.c | 18 +-
lib/inet_pton.c | 14 +-
lib/inet_pton.h | 5 +-
lib/krb5.c | 28 +-
lib/ldap.c | 205 +-
lib/libcurl.def | 53 -
lib/libcurl.rc | 10 +-
lib/llist.c | 59 +-
lib/llist.h | 19 +-
lib/makefile.dj | 9 +-
lib/md4.c | 15 +-
lib/md5.c | 11 +-
lib/memdebug.c | 35 +-
lib/mk-ca-bundle.pl | 129 +-
lib/mk-ca-bundle.vbs | 261 +-
lib/mprintf.c | 65 +-
lib/multi.c | 483 +-
lib/multihandle.h | 23 +-
lib/multiif.h | 7 +-
lib/netrc.c | 25 +-
lib/non-ascii.c | 27 +-
lib/nonblock.c | 3 +-
lib/nonblock.h | 2 +-
lib/nwlib.c | 10 +-
lib/nwos.c | 8 +-
lib/objnames.inc | 4 +-
lib/openldap.c | 4 +-
lib/parsedate.c | 32 +-
lib/pingpong.c | 38 +-
lib/pingpong.h | 10 +-
lib/pipeline.c | 152 +-
lib/pipeline.h | 6 +-
lib/pop3.c | 106 +-
lib/progress.c | 144 +-
lib/progress.h | 6 +-
lib/rand.c | 179 +
lib/rand.h | 47 +
lib/rawstr.c | 148 -
lib/rawstr.h | 47 -
lib/rtsp.c | 123 +-
lib/rtsp.h | 2 -
lib/security.c | 28 +-
lib/select.c | 53 +-
lib/select.h | 20 +-
lib/sendf.c | 197 +-
lib/sendf.h | 2 +
lib/setup-os400.h | 52 +-
lib/setup-vms.h | 139 +-
lib/share.c | 2 +-
lib/share.h | 10 +-
lib/slist.c | 2 +-
lib/smb.c | 88 +-
lib/smtp.c | 103 +-
lib/socks.c | 130 +-
lib/socks.h | 5 +-
lib/socks_gssapi.c | 24 +-
lib/socks_sspi.c | 11 +-
lib/speedcheck.c | 67 +-
lib/speedcheck.h | 4 +-
lib/splay.c | 124 +-
lib/splay.h | 16 +-
lib/ssh.c | 423 +-
lib/strcase.c | 176 +
lib/strcase.h | 51 +
lib/strdup.c | 29 +-
lib/strdup.h | 5 +-
lib/strequal.c | 79 -
lib/strequal.h | 31 -
lib/strerror.c | 176 +-
lib/strerror.h | 4 +-
lib/strtoofft.c | 8 +-
lib/system_win32.c | 40 +-
lib/telnet.c | 187 +-
lib/tftp.c | 47 +-
lib/timeval.c | 78 +-
lib/timeval.h | 21 +-
lib/transfer.c | 267 +-
lib/url.c | 1797 +-
lib/url.h | 13 +
lib/urldata.h | 348 +-
lib/vauth/cleartext.c | 28 +-
lib/vauth/cram.c | 2 +-
lib/vauth/digest.c | 72 +-
lib/vauth/digest.h | 2 +-
lib/vauth/digest_sspi.c | 335 +-
lib/vauth/krb5_gssapi.c | 6 +-
lib/vauth/krb5_sspi.c | 6 +-
lib/vauth/ntlm.c | 44 +-
lib/vauth/ntlm.h | 2 +-
lib/vauth/ntlm_sspi.c | 2 +-
lib/vauth/oauth2.c | 2 +-
lib/vauth/spnego_gssapi.c | 6 +-
lib/vauth/spnego_sspi.c | 7 +-
lib/vauth/vauth.c | 2 +-
lib/vauth/vauth.h | 2 +-
lib/version.c | 19 +-
lib/vtls/axtls.c | 108 +-
lib/vtls/axtls.h | 10 +-
lib/vtls/cyassl.c | 221 +-
lib/vtls/cyassl.h | 10 +-
lib/vtls/darwinssl.c | 753 +-
lib/vtls/darwinssl.h | 31 +-
lib/vtls/gskit.c | 410 +-
lib/vtls/gskit.h | 7 +-
lib/vtls/gtls.c | 496 +-
lib/vtls/gtls.h | 15 +-
lib/vtls/mbedtls.c | 267 +-
lib/vtls/mbedtls.h | 12 +-
lib/vtls/nss.c | 582 +-
lib/vtls/nssg.h | 11 +-
lib/vtls/openssl.c | 790 +-
lib/vtls/openssl.h | 9 +-
lib/vtls/polarssl.c | 253 +-
lib/vtls/polarssl.h | 3 +-
lib/vtls/polarssl_threadlock.c | 4 +-
lib/vtls/schannel.c | 232 +-
lib/vtls/schannel.h | 4 +-
lib/vtls/vtls.c | 325 +-
lib/vtls/vtls.h | 48 +-
lib/warnless.c | 5 +-
lib/warnless.h | 2 +-
lib/wildcard.c | 18 +-
lib/wildcard.h | 11 +-
lib/x509asn1.c | 209 +-
lib/x509asn1.h | 26 +-
m4/ax_code_coverage.m4 | 264 +
m4/curl-compilers.m4 | 60 +-
m4/curl-confopts.m4 | 18 +-
m4/curl-functions.m4 | 27 +-
m4/curl-override.m4 | 2 +-
m4/xc-lt-iface.m4 | 10 +-
m4/zz50-xc-ovr.m4 | 2 +-
maketgz | 85 +-
packages/AIX/RPM/README | 2 +-
packages/AIX/RPM/curl.spec.in | 2 +-
packages/Android/Android.mk | 3 +-
packages/DOS/common.dj | 2 +-
packages/EPM/curl.list.in | 12 +-
packages/OS400/README.OS400 | 24 +-
packages/OS400/ccsidcurl.c | 27 +-
packages/OS400/curl.inc.in | 64 +
packages/OS400/initscript.sh | 14 +-
packages/OS400/make-include.sh | 9 -
packages/OS400/os400sys.c | 4 +-
packages/Symbian/group/curl.mmp | 4 +-
packages/Symbian/group/libcurl.mmp | 4 +-
packages/Symbian/readme.txt | 2 +-
packages/Win32/README | 2 +-
packages/Win32/cygwin/README | 12 +-
packages/vms/clean_gnv_curl.com | 8 +-
packages/vms/curl_gnv_build_steps.txt | 2 +-
packages/vms/generate_vax_transfer.com | 2 +-
packages/vms/gnv_link_curl.com | 10 +-
packages/vms/pcsi_gnv_curl_file_list.txt | 3 +-
packages/vms/readme | 12 +-
packages/vms/stage_curl_install.com | 8 +-
packages/vms/vms_eco_level.h | 2 +-
projects/Windows/.gitattributes | 1 +
projects/checksrc.bat | 2 +-
projects/generate.bat | 3 +-
projects/wolfssl_options.h | 44 +-
scripts/contributors.sh | 3 +-
scripts/contrithanks.sh | 3 +-
scripts/coverage.sh | 16 +
scripts/installcheck.sh | 27 +
scripts/updatemanpages.pl | 355 +
src/.gitignore | 1 -
src/CMakeLists.txt | 22 +-
src/Makefile.Watcom | 4 +-
src/Makefile.am | 32 +-
src/Makefile.inc | 4 -
src/Makefile.m32 | 2 +-
src/Makefile.netware | 4 +-
src/Makefile.vc6 | 550 -
src/curl.rc | 10 +-
src/macos/MACINSTALL.TXT | 2 +-
src/makefile.amiga | 6 +-
src/makefile.dj | 4 +-
src/mkhelp.pl | 74 +-
src/tool_cb_dbg.c | 18 +-
src/tool_cb_dbg.h | 2 +-
src/tool_cb_hdr.c | 15 +-
src/tool_cb_hdr.h | 2 +-
src/tool_cb_prg.c | 2 +-
src/tool_cb_wrt.c | 38 +-
src/tool_cb_wrt.h | 2 +-
src/tool_cfgable.c | 18 +-
src/tool_cfgable.h | 43 +-
src/tool_dirhie.c | 2 +-
src/tool_doswin.c | 16 +-
src/tool_easysrc.c | 2 +-
src/tool_formparse.c | 7 +-
src/tool_getparam.c | 777 +-
src/tool_getparam.h | 6 +-
src/tool_getpass.c | 14 +-
src/tool_getpass.h | 4 +-
src/tool_help.c | 665 +-
src/tool_helpers.c | 8 +-
src/tool_homedir.c | 6 +-
src/tool_hugehelp.c.cvs | 2 +-
src/tool_libinfo.c | 6 +-
src/tool_main.c | 2 +-
src/tool_metalink.c | 40 +-
src/tool_msgs.c | 2 +-
src/tool_operate.c | 277 +-
src/tool_operhlp.c | 8 +-
src/tool_paramhlp.c | 111 +-
src/tool_paramhlp.h | 7 +-
src/tool_parsecfg.c | 22 +-
src/tool_setopt.c | 13 +
src/tool_setopt.h | 3 +
src/tool_setup.h | 2 +-
src/tool_sleep.c | 10 +-
src/tool_urlglob.c | 105 +-
src/tool_urlglob.h | 6 +-
src/tool_util.c | 37 +-
src/tool_util.h | 25 +-
src/tool_version.h | 2 +-
src/tool_writeenv.c | 113 -
src/tool_writeenv.h | 35 -
src/tool_writeout.c | 45 +-
src/tool_xattr.c | 2 +-
tests/.gitignore | 4 +-
tests/FILEFORMAT | 13 +-
tests/Makefile.am | 43 +-
tests/README | 39 +-
tests/certs/Server-localhost-sv.pem | 2 +-
tests/certs/Server-localhost-sv.prm | 2 +-
tests/certs/Server-localhost.nn-sv.pem | 2 +-
tests/certs/Server-localhost.nn-sv.prm | 2 +-
tests/certs/scripts/genserv.sh | 2 +-
tests/curl_test_data.py | 56 +
tests/data/DISABLED | 4 +-
tests/data/Makefile.inc | 38 +-
tests/data/test1 | 2 +-
tests/data/test1007 | 2 +-
tests/data/test1008 | 3 +-
tests/data/test1010 | 4 +-
tests/data/test1021 | 8 +-
tests/data/test1034 | 12 +-
tests/data/test1035 | 12 +-
tests/data/test1049 | 2 +-
tests/data/test1060 | 1 -
tests/data/test1061 | 1 -
tests/data/test1063 | 2 -
tests/data/test1068 | 1 +
tests/data/test1093 | 2 +-
tests/data/test1094 | 2 +-
tests/data/test1097 | 12 +-
tests/data/test1099 | 2 +-
tests/data/test1100 | 2 +-
tests/data/test1104 | 2 +-
tests/data/test1105 | 2 +-
tests/data/test1109 | 2 +-
tests/data/test1110 | 2 +-
tests/data/test1111 | 2 +-
tests/data/test1135 | 2 +-
tests/data/test1145 | 40 +
tests/data/test1146 | 45 +
tests/data/test1147 | 64 +
tests/data/test1148 | 57 +
tests/data/test1205 | 2 +-
tests/data/test1215 | 2 +-
tests/data/test1230 | 2 -
tests/data/test1231 | 2 +-
tests/data/test1232 | 2 +-
tests/data/test1238 | 2 +-
tests/data/test1242 | 2 +-
tests/data/test1243 | 2 +-
tests/data/test1245 | 63 +
tests/data/test1246 | 64 +
tests/data/test1247 | 38 +
tests/data/test1248 | 49 +
tests/data/test1249 | 52 +
tests/data/test1250 | 53 +
tests/data/test1251 | 54 +
tests/data/test1252 | 52 +
tests/data/test1253 | 53 +
tests/data/test1254 | 53 +
tests/data/test1255 | 53 +
tests/data/test1256 | 54 +
tests/data/test1257 | 54 +
tests/data/test1258 | 54 +
tests/data/test1259 | 47 +
tests/data/test1260 | 36 +
tests/data/test1261 | 61 +
tests/data/test1262 | 40 +
tests/data/test1280 | 58 +
tests/data/test1281 | 38 +
tests/data/test1282 | 45 +
tests/data/test1283 | 57 +
tests/data/test1284 | 89 +
tests/data/test1285 | 97 +
tests/data/test1286 | 110 +
tests/data/test1287 | 91 +
tests/data/test1288 | 96 +
tests/data/test1289 | 35 +
tests/data/test1298 | 56 +
tests/data/test1299 | 55 +
tests/data/test130 | 1 +
tests/data/test1301 | 4 +-
tests/data/test1309 | 111 +
tests/data/test1323 | 32 +
tests/data/test1333 | 1 +
tests/data/test1399 | 26 +
tests/data/test1400 | 7 +-
tests/data/test1401 | 9 +-
tests/data/test1402 | 9 +-
tests/data/test1403 | 9 +-
tests/data/test1404 | 7 +-
tests/data/test1405 | 7 +-
tests/data/test1406 | 16 +-
tests/data/test1407 | 18 +-
tests/data/test1420 | 18 +-
tests/data/test1425 | Bin 0 -> 1726 bytes
tests/data/test1426 | Bin 0 -> 1663 bytes
tests/data/test1427 | 29 +
tests/data/test1429 | 4 +-
tests/data/test1430 | 2 +-
tests/data/test1431 | 2 +-
tests/data/test1432 | 2 +-
tests/data/test1433 | 20 +-
tests/data/test1438 | 58 +
tests/data/test1439 | 58 +
tests/data/test1440 | 35 +
tests/data/test1441 | 35 +
tests/data/test1442 | 35 +
tests/data/test1443 | 68 +
tests/data/test1444 | 52 +
tests/data/test1445 | 35 +
tests/data/test1446 | 42 +
tests/data/test1447 | 38 +
tests/data/test1448 | 92 +
tests/data/test1450 | 34 +
tests/data/test1451 | 36 +
tests/data/test1452 | 41 +
tests/data/test150 | 2 +-
tests/data/test1521 | 30 +
tests/data/test1525 | 2 -
tests/data/test1532 | 49 +
tests/data/test1533 | 74 +
tests/data/test1534 | 50 +
tests/data/test1535 | 50 +
tests/data/test1536 | 50 +
tests/data/test1537 | 45 +
tests/data/test1538 | 149 +
tests/data/test1540 | 64 +
tests/data/test155 | 2 +-
tests/data/test1550 | 29 +
tests/data/test1551 | 72 +
tests/data/test1606 | 26 +
tests/data/test165 | 13 +-
tests/data/test169 | 2 +-
tests/data/test1800 | 2 +-
tests/data/test1801 | 2 +-
tests/data/test1900 | 4 +-
tests/data/test1901 | 4 +-
tests/data/test1902 | 4 +-
tests/data/test1903 | 4 +-
tests/data/test199 | 2 +-
tests/data/test2031 | 2 +-
tests/data/test2032 | 34 +-
tests/data/test2033 | 34 +-
tests/data/test2046 | 6 +-
tests/data/test2047 | 6 +-
tests/data/test2048 | 2 +-
tests/data/test2053 | 56 +
tests/data/test2054 | 64 +
tests/data/test2055 | 80 +
tests/data/test207 | 3 +-
tests/data/test209 | 4 +-
tests/data/test213 | 4 +-
tests/data/test216 | 4 +-
tests/data/test218 | 1 +
tests/data/test239 | 2 +-
tests/data/test243 | 2 +-
tests/data/test256 | 6 +-
tests/data/test265 | 4 +-
tests/data/test267 | 2 +-
tests/data/test271 | 2 +-
tests/data/test283 | 2 +-
tests/data/test284 | 2 +-
tests/data/test285 | 2 +-
tests/data/test286 | 2 +-
tests/data/test31 | 2 +-
tests/data/test38 | 6 +-
tests/data/test47 | 2 +-
tests/data/test500 | 2 +-
tests/data/test501 | 2 +-
tests/data/test506 | 59 +-
tests/data/test510 | 1 +
tests/data/test517 | 6 +
tests/data/test540 | 13 +
tests/data/test547 | 2 +-
tests/data/test548 | 2 +-
tests/data/test552 | Bin 142985 -> 142985
bytes
tests/data/test554 | 2 +-
tests/data/test555 | 4 +-
tests/data/test556 | 2 +-
tests/data/test557 | 1 +
tests/data/test558 | 4 +-
tests/data/test559 | 50 +
tests/data/test563 | 2 +-
tests/data/test565 | 1 +
tests/data/test569 | 4 +-
tests/data/test571 | 4 +-
tests/data/test578 | 2 +-
tests/data/test59 | 2 +-
tests/data/test590 | 2 +-
tests/data/test599 | 1 +
tests/data/test60 | 1 +
tests/data/test67 | 2 +-
tests/data/test68 | 2 +-
tests/data/test69 | 2 +-
tests/data/test700 | 2 +-
tests/data/test701 | 2 +-
tests/data/test708 | 2 +-
tests/data/test71 | 4 +-
tests/data/test712 | 1 -
tests/data/test713 | 49 +
tests/data/test714 | 67 +
tests/data/test715 | 69 +
tests/data/test81 | 2 +-
tests/data/test822 | 4 +-
tests/data/test823 | 4 +-
tests/data/test827 | 4 +-
tests/data/test842 | 2 +-
tests/data/test843 | 2 +-
tests/data/test844 | 2 +-
tests/data/test845 | 2 +-
tests/data/test864 | 2 +-
tests/data/test868 | 4 +-
tests/data/test869 | 4 +-
tests/data/test87 | 4 +-
tests/data/test873 | 4 +-
tests/data/test887 | 2 +-
tests/data/test888 | 2 +-
tests/data/test889 | 2 +-
tests/data/test89 | 4 +-
tests/data/test890 | 2 +-
tests/data/test90 | 4 +-
tests/data/test906 | 4 +-
tests/data/test907 | 4 +-
tests/data/test91 | 2 +-
tests/data/test921 | 4 +-
tests/data/test946 | 2 +-
tests/data/test947 | 2 +-
tests/data/test948 | 2 +-
tests/data/test949 | 2 +-
tests/dictserver.py | 159 +
tests/extern-scan.pl | 12 +-
tests/ftpserver.pl | 10 +-
tests/fuzz/CMakeLists.txt | 1 +
tests/fuzz/Makefile.am | 57 +
tests/fuzz/Makefile.inc | 19 +
tests/fuzz/README | 14 +
tests/fuzz/corpora/ftp/long1.txt | 8 +
tests/fuzz/corpora/http1_1/200_ok.txt | 13 +
tests/fuzz/corpora/http1_1/404_nf.txt | 9 +
tests/fuzz/curl_fuzzer.c | 128 +
tests/http2-server.pl | 10 +-
tests/httpserver.pl | 2 +-
tests/libtest/CMakeLists.txt | 13 +-
tests/libtest/Makefile.am | 23 +-
tests/libtest/Makefile.inc | 53 +-
tests/libtest/first.c | 2 +-
tests/libtest/lib1500.c | 4 +-
tests/libtest/lib1501.c | 25 +-
tests/libtest/lib1502.c | 4 +-
tests/libtest/lib1507.c | 23 +-
tests/libtest/lib1509.c | 2 +-
tests/libtest/lib1511.c | 4 +-
tests/libtest/lib1515.c | 12 +-
tests/libtest/lib1520.c | 3 +-
tests/libtest/lib1525.c | 5 +-
tests/libtest/lib1526.c | 5 +-
tests/libtest/lib1527.c | 5 +-
tests/libtest/lib1528.c | 3 +-
tests/libtest/lib1529.c | 5 +-
tests/libtest/lib1530.c | 5 +-
tests/libtest/lib1531.c | 11 +-
tests/libtest/lib1532.c | 80 +
tests/libtest/lib1533.c | 200 +
tests/libtest/lib1534.c | 129 +
tests/libtest/lib1535.c | 128 +
tests/libtest/lib1536.c | 129 +
tests/libtest/lib1537.c | 94 +
tests/libtest/lib1538.c | 51 +
tests/libtest/lib1540.c | 121 +
tests/libtest/lib1550.c | 39 +
tests/libtest/lib1551.c | 45 +
tests/libtest/lib1900.c | 30 +-
tests/libtest/lib500.c | 3 +-
tests/libtest/lib501.c | 3 +-
tests/libtest/lib505.c | 7 +-
tests/libtest/lib506.c | 32 +-
tests/libtest/lib507.c | 6 +-
tests/libtest/lib508.c | 3 +-
tests/libtest/lib509.c | 17 +-
tests/libtest/lib510.c | 7 +-
tests/libtest/lib511.c | 3 +-
tests/libtest/lib513.c | 3 +-
tests/libtest/lib514.c | 3 +-
tests/libtest/lib515.c | 3 +-
tests/libtest/lib516.c | 3 +-
tests/libtest/lib517.c | 8 +-
tests/libtest/lib518.c | 19 +-
tests/libtest/lib519.c | 3 +-
tests/libtest/lib520.c | 3 +-
tests/libtest/lib521.c | 3 +-
tests/libtest/lib523.c | 3 +-
tests/libtest/lib524.c | 3 +-
tests/libtest/lib525.c | 7 +-
tests/libtest/lib526.c | 4 +-
tests/libtest/lib537.c | 23 +-
tests/libtest/lib539.c | 9 +-
tests/libtest/lib540.c | 6 +-
tests/libtest/lib541.c | 10 +-
tests/libtest/lib542.c | 3 +-
tests/libtest/lib543.c | 5 +-
tests/libtest/lib544.c | 3 +-
tests/libtest/lib547.c | 3 +-
tests/libtest/lib549.c | 3 +-
tests/libtest/lib552.c | 10 +-
tests/libtest/lib553.c | 3 +-
tests/libtest/lib554.c | 3 +-
tests/libtest/lib555.c | 2 +-
tests/libtest/lib556.c | 12 +-
tests/libtest/lib557.c | 259 +-
tests/libtest/lib559.c | 56 +
tests/libtest/lib562.c | 3 +-
tests/libtest/lib566.c | 3 +-
tests/libtest/lib567.c | 3 +-
tests/libtest/lib568.c | 15 +-
tests/libtest/lib569.c | 9 +-
tests/libtest/lib570.c | 12 +-
tests/libtest/lib571.c | 20 +-
tests/libtest/lib572.c | 18 +-
tests/libtest/lib574.c | 9 +-
tests/libtest/lib578.c | 5 +-
tests/libtest/lib579.c | 3 +-
tests/libtest/lib582.c | 17 +-
tests/libtest/lib583.c | 14 +-
tests/libtest/lib586.c | 17 +-
tests/libtest/lib590.c | 3 +-
tests/libtest/lib591.c | 4 +-
tests/libtest/lib598.c | 3 +-
tests/libtest/lib599.c | 3 +-
tests/libtest/libauthretry.c | 21 +-
tests/libtest/libntlmconnect.c | 70 +-
tests/libtest/mk-lib1521.pl | 303 +
tests/libtest/test.h | 6 +-
tests/libtest/test613.pl | 4 +
tests/libtest/testtrace.c | 5 +-
tests/libtest/testutil.c | 17 +-
tests/libtest/testutil.h | 2 -
tests/manpage-scan.pl | 20 +-
tests/negtelnetserver.py | 349 +
tests/pathhelp.pm | 2 +-
tests/python_dependencies/impacket/__init__.py | 25 +
tests/python_dependencies/impacket/nmb.py | 980 +
tests/python_dependencies/impacket/nt_errors.py | 3586 ++++
tests/python_dependencies/impacket/ntlm.py | 971 +
tests/python_dependencies/impacket/smb.py | 4099 +++++
tests/python_dependencies/impacket/smb3.py | 1629 ++
tests/python_dependencies/impacket/smb3structs.py | 1363 ++
tests/python_dependencies/impacket/smbserver.py | 4168 +++++
tests/python_dependencies/impacket/spnego.py | 372 +
tests/python_dependencies/impacket/structure.py | 743 +
tests/python_dependencies/impacket/uuid.py | 68 +
tests/python_dependencies/impacket/version.py | 12 +
tests/rtspserver.pl | 4 +-
tests/runtests.1 | 4 +-
tests/runtests.pl | 523 +-
tests/secureserver.pl | 8 +-
tests/server/CMakeLists.txt | 6 +-
tests/server/Makefile.am | 17 +-
tests/server/Makefile.inc | 2 -
tests/server/fake_ntlm.c | 30 +-
tests/server/getpart.c | 13 +-
tests/server/resolve.c | 54 +-
tests/server/rtspd.c | 28 +-
tests/server/sockfilt.c | 27 +-
tests/server/sws.c | 76 +-
tests/server/testpart.c | 3 +-
tests/server/tftpd.c | 43 +-
tests/server/util.c | 108 +-
tests/server/util.h | 6 +-
tests/serverhelp.pm | 2 +-
tests/smbserver.py | 377 +
tests/sshserver.pl | 2 +-
tests/symbol-scan.pl | 4 +-
tests/testcurl.1 | 10 +-
tests/testcurl.pl | 21 +-
tests/tftpserver.pl | 4 +-
tests/unit/CMakeLists.txt | 2 +-
tests/unit/Makefile.am | 17 +-
tests/unit/Makefile.inc | 15 +-
tests/unit/curlcheck.h | 7 +-
tests/unit/unit1300.c | 214 +-
tests/unit/unit1301.c | 2 +-
tests/unit/unit1303.c | 45 +-
tests/unit/unit1304.c | 2 +-
tests/unit/unit1305.c | 14 +-
tests/unit/unit1308.c | 8 +-
tests/unit/unit1309.c | 47 +-
tests/unit/unit1323.c | 66 +
tests/unit/unit1395.c | 11 +-
tests/unit/unit1396.c | 2 +-
tests/unit/unit1398.c | 2 +-
tests/unit/unit1399.c | 100 +
tests/unit/unit1600.c | 4 +-
tests/unit/unit1602.c | 2 +-
tests/unit/unit1604.c | 41 +-
tests/unit/unit1605.c | 3 +-
tests/unit/unit1606.c | 90 +
tests/valgrind.pm | 89 +-
tests/valgrind.supp | 21 +
winbuild/BUILD.WINDOWS.txt | 13 +-
winbuild/Makefile.msvc.names | 81 -
winbuild/Makefile.vc | 32 +-
winbuild/MakefileBuild.vc | 36 +-
1355 files changed, 60101 insertions(+), 40498 deletions(-)
create mode 100644 .github/stale.yml
delete mode 100644 CHANGES.0
create mode 100644 CMake/FindMbedTLS.cmake
create mode 100644 CMake/FindNGHTTP2.cmake
create mode 100644 CMake/cmake_uninstall.cmake.in
delete mode 100644 CTestConfig.cmake
delete mode 100644 docs/BINDINGS
create mode 100644 docs/BINDINGS.md
create mode 100644 docs/CIPHERS.md
create mode 100644 docs/CMakeLists.txt
delete mode 100644 docs/INSTALL.devcpp
create mode 100644 docs/INSTALL.md
create mode 100644 docs/cmdline-opts/CMakeLists.txt
create mode 100644 docs/cmdline-opts/MANPAGE.md
create mode 100644 docs/cmdline-opts/Makefile.am
create mode 100644 docs/cmdline-opts/Makefile.inc
create mode 100644 docs/cmdline-opts/abstract-unix-socket.d
create mode 100644 docs/cmdline-opts/anyauth.d
create mode 100644 docs/cmdline-opts/append.d
create mode 100644 docs/cmdline-opts/basic.d
create mode 100644 docs/cmdline-opts/cacert.d
create mode 100644 docs/cmdline-opts/capath.d
create mode 100644 docs/cmdline-opts/cert-status.d
create mode 100644 docs/cmdline-opts/cert-type.d
create mode 100644 docs/cmdline-opts/cert.d
create mode 100644 docs/cmdline-opts/ciphers.d
create mode 100644 docs/cmdline-opts/compressed.d
create mode 100644 docs/cmdline-opts/config.d
create mode 100644 docs/cmdline-opts/connect-timeout.d
create mode 100644 docs/cmdline-opts/connect-to.d
create mode 100644 docs/cmdline-opts/continue-at.d
create mode 100644 docs/cmdline-opts/cookie-jar.d
create mode 100644 docs/cmdline-opts/cookie.d
create mode 100644 docs/cmdline-opts/create-dirs.d
create mode 100644 docs/cmdline-opts/crlf.d
create mode 100644 docs/cmdline-opts/crlfile.d
create mode 100644 docs/cmdline-opts/data-ascii.d
create mode 100644 docs/cmdline-opts/data-binary.d
create mode 100644 docs/cmdline-opts/data-raw.d
create mode 100644 docs/cmdline-opts/data-urlencode.d
create mode 100644 docs/cmdline-opts/data.d
create mode 100644 docs/cmdline-opts/delegation.d
create mode 100644 docs/cmdline-opts/digest.d
create mode 100644 docs/cmdline-opts/disable-eprt.d
create mode 100644 docs/cmdline-opts/disable-epsv.d
create mode 100644 docs/cmdline-opts/disable.d
create mode 100644 docs/cmdline-opts/dns-interface.d
create mode 100644 docs/cmdline-opts/dns-ipv4-addr.d
create mode 100644 docs/cmdline-opts/dns-ipv6-addr.d
create mode 100644 docs/cmdline-opts/dns-servers.d
create mode 100644 docs/cmdline-opts/dump-header.d
create mode 100644 docs/cmdline-opts/egd-file.d
create mode 100644 docs/cmdline-opts/engine.d
create mode 100644 docs/cmdline-opts/expect100-timeout.d
create mode 100644 docs/cmdline-opts/fail-early.d
create mode 100644 docs/cmdline-opts/fail.d
create mode 100644 docs/cmdline-opts/false-start.d
create mode 100644 docs/cmdline-opts/form-string.d
create mode 100644 docs/cmdline-opts/form.d
create mode 100644 docs/cmdline-opts/ftp-account.d
create mode 100644 docs/cmdline-opts/ftp-alternative-to-user.d
create mode 100644 docs/cmdline-opts/ftp-create-dirs.d
create mode 100644 docs/cmdline-opts/ftp-method.d
create mode 100644 docs/cmdline-opts/ftp-pasv.d
create mode 100644 docs/cmdline-opts/ftp-port.d
create mode 100644 docs/cmdline-opts/ftp-pret.d
create mode 100644 docs/cmdline-opts/ftp-skip-pasv-ip.d
create mode 100644 docs/cmdline-opts/ftp-ssl-ccc-mode.d
create mode 100644 docs/cmdline-opts/ftp-ssl-ccc.d
create mode 100644 docs/cmdline-opts/ftp-ssl-control.d
create mode 100755 docs/cmdline-opts/gen.pl
create mode 100644 docs/cmdline-opts/get.d
create mode 100644 docs/cmdline-opts/globoff.d
create mode 100644 docs/cmdline-opts/head.d
create mode 100644 docs/cmdline-opts/header.d
create mode 100644 docs/cmdline-opts/help.d
create mode 100644 docs/cmdline-opts/hostpubmd5.d
create mode 100644 docs/cmdline-opts/http1.0.d
create mode 100644 docs/cmdline-opts/http1.1.d
create mode 100644 docs/cmdline-opts/http2-prior-knowledge.d
create mode 100644 docs/cmdline-opts/http2.d
create mode 100644 docs/cmdline-opts/ignore-content-length.d
create mode 100644 docs/cmdline-opts/include.d
create mode 100644 docs/cmdline-opts/insecure.d
create mode 100644 docs/cmdline-opts/interface.d
create mode 100644 docs/cmdline-opts/ipv4.d
create mode 100644 docs/cmdline-opts/ipv6.d
create mode 100644 docs/cmdline-opts/junk-session-cookies.d
create mode 100644 docs/cmdline-opts/keepalive-time.d
create mode 100644 docs/cmdline-opts/key-type.d
create mode 100644 docs/cmdline-opts/key.d
create mode 100644 docs/cmdline-opts/krb.d
create mode 100644 docs/cmdline-opts/libcurl.d
create mode 100644 docs/cmdline-opts/limit-rate.d
create mode 100644 docs/cmdline-opts/list-only.d
create mode 100644 docs/cmdline-opts/local-port.d
create mode 100644 docs/cmdline-opts/location-trusted.d
create mode 100644 docs/cmdline-opts/location.d
create mode 100644 docs/cmdline-opts/login-options.d
create mode 100644 docs/cmdline-opts/mail-auth.d
create mode 100644 docs/cmdline-opts/mail-from.d
create mode 100644 docs/cmdline-opts/mail-rcpt.d
create mode 100644 docs/cmdline-opts/manual.d
create mode 100644 docs/cmdline-opts/max-filesize.d
create mode 100644 docs/cmdline-opts/max-redirs.d
create mode 100644 docs/cmdline-opts/max-time.d
create mode 100644 docs/cmdline-opts/metalink.d
create mode 100644 docs/cmdline-opts/negotiate.d
create mode 100644 docs/cmdline-opts/netrc-file.d
create mode 100644 docs/cmdline-opts/netrc-optional.d
create mode 100644 docs/cmdline-opts/netrc.d
create mode 100644 docs/cmdline-opts/next.d
create mode 100644 docs/cmdline-opts/no-alpn.d
create mode 100644 docs/cmdline-opts/no-buffer.d
create mode 100644 docs/cmdline-opts/no-keepalive.d
create mode 100644 docs/cmdline-opts/no-npn.d
create mode 100644 docs/cmdline-opts/no-sessionid.d
create mode 100644 docs/cmdline-opts/noproxy.d
create mode 100644 docs/cmdline-opts/ntlm-wb.d
create mode 100644 docs/cmdline-opts/ntlm.d
create mode 100644 docs/cmdline-opts/oauth2-bearer.d
create mode 100644 docs/cmdline-opts/output.d
create mode 100644 docs/cmdline-opts/page-footer
create mode 100644 docs/cmdline-opts/page-header
create mode 100644 docs/cmdline-opts/pass.d
create mode 100644 docs/cmdline-opts/path-as-is.d
create mode 100644 docs/cmdline-opts/pinnedpubkey.d
create mode 100644 docs/cmdline-opts/post301.d
create mode 100644 docs/cmdline-opts/post302.d
create mode 100644 docs/cmdline-opts/post303.d
create mode 100644 docs/cmdline-opts/preproxy.d
create mode 100644 docs/cmdline-opts/progress-bar.d
create mode 100644 docs/cmdline-opts/proto-default.d
create mode 100644 docs/cmdline-opts/proto-redir.d
create mode 100644 docs/cmdline-opts/proto.d
create mode 100644 docs/cmdline-opts/proxy-anyauth.d
create mode 100644 docs/cmdline-opts/proxy-basic.d
create mode 100644 docs/cmdline-opts/proxy-cacert.d
create mode 100644 docs/cmdline-opts/proxy-capath.d
create mode 100644 docs/cmdline-opts/proxy-cert-type.d
create mode 100644 docs/cmdline-opts/proxy-cert.d
create mode 100644 docs/cmdline-opts/proxy-ciphers.d
create mode 100644 docs/cmdline-opts/proxy-crlfile.d
create mode 100644 docs/cmdline-opts/proxy-digest.d
create mode 100644 docs/cmdline-opts/proxy-header.d
create mode 100644 docs/cmdline-opts/proxy-insecure.d
create mode 100644 docs/cmdline-opts/proxy-key-type.d
create mode 100644 docs/cmdline-opts/proxy-key.d
create mode 100644 docs/cmdline-opts/proxy-negotiate.d
create mode 100644 docs/cmdline-opts/proxy-ntlm.d
create mode 100644 docs/cmdline-opts/proxy-pass.d
create mode 100644 docs/cmdline-opts/proxy-service-name.d
create mode 100644 docs/cmdline-opts/proxy-ssl-allow-beast.d
create mode 100644 docs/cmdline-opts/proxy-tlsauthtype.d
create mode 100644 docs/cmdline-opts/proxy-tlspassword.d
create mode 100644 docs/cmdline-opts/proxy-tlsuser.d
create mode 100644 docs/cmdline-opts/proxy-tlsv1.d
create mode 100644 docs/cmdline-opts/proxy-user.d
create mode 100644 docs/cmdline-opts/proxy.d
create mode 100644 docs/cmdline-opts/proxy1.0.d
create mode 100644 docs/cmdline-opts/proxytunnel.d
create mode 100644 docs/cmdline-opts/pubkey.d
create mode 100644 docs/cmdline-opts/quote.d
create mode 100644 docs/cmdline-opts/random-file.d
create mode 100644 docs/cmdline-opts/range.d
create mode 100644 docs/cmdline-opts/raw.d
create mode 100644 docs/cmdline-opts/referer.d
create mode 100644 docs/cmdline-opts/remote-header-name.d
create mode 100644 docs/cmdline-opts/remote-name-all.d
create mode 100644 docs/cmdline-opts/remote-name.d
create mode 100644 docs/cmdline-opts/remote-time.d
create mode 100644 docs/cmdline-opts/request-target.d
create mode 100644 docs/cmdline-opts/request.d
create mode 100644 docs/cmdline-opts/resolve.d
create mode 100644 docs/cmdline-opts/retry-connrefused.d
create mode 100644 docs/cmdline-opts/retry-delay.d
create mode 100644 docs/cmdline-opts/retry-max-time.d
create mode 100644 docs/cmdline-opts/retry.d
create mode 100644 docs/cmdline-opts/sasl-ir.d
create mode 100644 docs/cmdline-opts/service-name.d
create mode 100644 docs/cmdline-opts/show-error.d
create mode 100644 docs/cmdline-opts/silent.d
create mode 100644 docs/cmdline-opts/socks4.d
create mode 100644 docs/cmdline-opts/socks4a.d
create mode 100644 docs/cmdline-opts/socks5-basic.d
create mode 100644 docs/cmdline-opts/socks5-gssapi-nec.d
create mode 100644 docs/cmdline-opts/socks5-gssapi-service.d
create mode 100644 docs/cmdline-opts/socks5-gssapi.d
create mode 100644 docs/cmdline-opts/socks5-hostname.d
create mode 100644 docs/cmdline-opts/socks5.d
create mode 100644 docs/cmdline-opts/speed-limit.d
create mode 100644 docs/cmdline-opts/speed-time.d
create mode 100644 docs/cmdline-opts/ssl-allow-beast.d
create mode 100644 docs/cmdline-opts/ssl-no-revoke.d
create mode 100644 docs/cmdline-opts/ssl-reqd.d
create mode 100644 docs/cmdline-opts/ssl.d
create mode 100644 docs/cmdline-opts/sslv2.d
create mode 100644 docs/cmdline-opts/sslv3.d
create mode 100644 docs/cmdline-opts/stderr.d
create mode 100644 docs/cmdline-opts/suppress-connect-headers.d
create mode 100644 docs/cmdline-opts/tcp-fastopen.d
create mode 100644 docs/cmdline-opts/tcp-nodelay.d
create mode 100644 docs/cmdline-opts/telnet-option.d
create mode 100644 docs/cmdline-opts/tftp-blksize.d
create mode 100644 docs/cmdline-opts/tftp-no-options.d
create mode 100644 docs/cmdline-opts/time-cond.d
create mode 100644 docs/cmdline-opts/tls-max.d
create mode 100644 docs/cmdline-opts/tlsauthtype.d
create mode 100644 docs/cmdline-opts/tlspassword.d
create mode 100644 docs/cmdline-opts/tlsuser.d
create mode 100644 docs/cmdline-opts/tlsv1.0.d
create mode 100644 docs/cmdline-opts/tlsv1.1.d
create mode 100644 docs/cmdline-opts/tlsv1.2.d
create mode 100644 docs/cmdline-opts/tlsv1.3.d
create mode 100644 docs/cmdline-opts/tlsv1.d
create mode 100644 docs/cmdline-opts/tr-encoding.d
create mode 100644 docs/cmdline-opts/trace-ascii.d
create mode 100644 docs/cmdline-opts/trace-time.d
create mode 100644 docs/cmdline-opts/trace.d
create mode 100644 docs/cmdline-opts/unix-socket.d
create mode 100644 docs/cmdline-opts/upload-file.d
create mode 100644 docs/cmdline-opts/url.d
create mode 100644 docs/cmdline-opts/use-ascii.d
create mode 100644 docs/cmdline-opts/user-agent.d
create mode 100644 docs/cmdline-opts/user.d
create mode 100644 docs/cmdline-opts/verbose.d
create mode 100644 docs/cmdline-opts/version.d
create mode 100644 docs/cmdline-opts/write-out.d
create mode 100644 docs/cmdline-opts/xattr.d
create mode 100644 docs/examples/ftpuploadfrommem.c
delete mode 100644 docs/index.html
create mode 100644 docs/libcurl/CMakeLists.txt
create mode 100644 docs/libcurl/Makefile.inc
create mode 100644 docs/libcurl/opts/CMakeLists.txt
create mode 100644 docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3
create mode 100644 docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3
create mode 100644 docs/libcurl/opts/CURLINFO_PROTOCOL.3
create mode 100644 docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.3
create mode 100644 docs/libcurl/opts/CURLINFO_SCHEME.3
create mode 100644 docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.3
create mode 100644 docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.3
create mode 100644 docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.3
create mode 100644 docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.3
create mode 100644 docs/libcurl/opts/CURLOPT_ABSTRACT_UNIX_SOCKET.3
create mode 100644 docs/libcurl/opts/CURLOPT_KEEP_SENDING_ON_ERROR.3
create mode 100644 docs/libcurl/opts/CURLOPT_PRE_PROXY.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.3
create mode 100644 docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.3
create mode 100644 docs/libcurl/opts/CURLOPT_REQUEST_TARGET.3
create mode 100644 docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.3
create mode 100644 docs/libcurl/opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.3
create mode 100644 docs/libcurl/opts/Makefile.inc
create mode 100644 guix-gnurl.scm
delete mode 100644 include/curl/.gitignore
delete mode 100644 include/curl/Makefile.am
delete mode 100644 include/curl/curl.h
delete mode 100644 include/curl/curlbuild.h.cmake
delete mode 100644 include/curl/curlbuild.h.dist
delete mode 100644 include/curl/curlbuild.h.in
delete mode 100644 include/curl/curlrules.h
delete mode 100644 include/curl/curlver.h
delete mode 100644 include/curl/easy.h
delete mode 100644 include/curl/multi.h
delete mode 100644 include/curl/stdcheaders.h
delete mode 100644 include/curl/typecheck-gcc.h
create mode 100644 include/gnurl/.gitignore
create mode 100644 include/gnurl/Makefile.am
create mode 100644 include/gnurl/curl.h
create mode 100644 include/gnurl/curlver.h
create mode 100644 include/gnurl/easy.h
rename include/{curl => gnurl}/mprintf.h (100%)
create mode 100644 include/gnurl/multi.h
create mode 100644 include/gnurl/stdcheaders.h
create mode 100644 include/gnurl/system.h
create mode 100644 include/gnurl/typecheck-gcc.h
create mode 100644 lib/.gitattributes
delete mode 100644 lib/Makefile.vc6
delete mode 100644 lib/libcurl.def
create mode 100644 lib/rand.c
create mode 100644 lib/rand.h
delete mode 100644 lib/rawstr.c
delete mode 100644 lib/rawstr.h
create mode 100644 lib/strcase.c
create mode 100644 lib/strcase.h
delete mode 100644 lib/strequal.c
delete mode 100644 lib/strequal.h
create mode 100644 m4/ax_code_coverage.m4
create mode 100644 projects/Windows/.gitattributes
create mode 100755 scripts/coverage.sh
create mode 100644 scripts/installcheck.sh
create mode 100755 scripts/updatemanpages.pl
delete mode 100644 src/Makefile.vc6
mode change 100644 => 100755 src/mkhelp.pl
delete mode 100644 src/tool_writeenv.c
delete mode 100644 src/tool_writeenv.h
create mode 100755 tests/curl_test_data.py
create mode 100644 tests/data/test1145
create mode 100644 tests/data/test1146
create mode 100644 tests/data/test1147
create mode 100644 tests/data/test1148
create mode 100644 tests/data/test1245
create mode 100644 tests/data/test1246
create mode 100644 tests/data/test1247
create mode 100644 tests/data/test1248
create mode 100644 tests/data/test1249
create mode 100644 tests/data/test1250
create mode 100644 tests/data/test1251
create mode 100644 tests/data/test1252
create mode 100644 tests/data/test1253
create mode 100644 tests/data/test1254
create mode 100644 tests/data/test1255
create mode 100644 tests/data/test1256
create mode 100644 tests/data/test1257
create mode 100644 tests/data/test1258
create mode 100644 tests/data/test1259
create mode 100644 tests/data/test1260
create mode 100644 tests/data/test1261
create mode 100644 tests/data/test1262
create mode 100644 tests/data/test1280
create mode 100644 tests/data/test1281
create mode 100644 tests/data/test1282
create mode 100644 tests/data/test1283
create mode 100644 tests/data/test1284
create mode 100644 tests/data/test1285
create mode 100644 tests/data/test1286
create mode 100644 tests/data/test1287
create mode 100644 tests/data/test1288
create mode 100644 tests/data/test1289
create mode 100644 tests/data/test1298
create mode 100644 tests/data/test1299
create mode 100644 tests/data/test1323
create mode 100644 tests/data/test1399
create mode 100644 tests/data/test1425
create mode 100644 tests/data/test1426
create mode 100644 tests/data/test1427
create mode 100644 tests/data/test1438
create mode 100644 tests/data/test1439
create mode 100644 tests/data/test1440
create mode 100644 tests/data/test1441
create mode 100644 tests/data/test1442
create mode 100644 tests/data/test1443
create mode 100644 tests/data/test1444
create mode 100644 tests/data/test1445
create mode 100644 tests/data/test1446
create mode 100644 tests/data/test1447
create mode 100644 tests/data/test1448
create mode 100644 tests/data/test1450
create mode 100644 tests/data/test1451
create mode 100755 tests/data/test1452
create mode 100644 tests/data/test1521
create mode 100644 tests/data/test1532
create mode 100644 tests/data/test1533
create mode 100644 tests/data/test1534
create mode 100644 tests/data/test1535
create mode 100644 tests/data/test1536
create mode 100644 tests/data/test1537
create mode 100644 tests/data/test1538
create mode 100644 tests/data/test1540
create mode 100644 tests/data/test1550
create mode 100644 tests/data/test1551
create mode 100644 tests/data/test1606
create mode 100644 tests/data/test2053
create mode 100644 tests/data/test2054
create mode 100755 tests/data/test2055
create mode 100644 tests/data/test559
create mode 100755 tests/data/test713
create mode 100755 tests/data/test714
create mode 100755 tests/data/test715
create mode 100755 tests/dictserver.py
create mode 100644 tests/fuzz/CMakeLists.txt
create mode 100644 tests/fuzz/Makefile.am
create mode 100644 tests/fuzz/Makefile.inc
create mode 100644 tests/fuzz/README
create mode 100644 tests/fuzz/corpora/ftp/long1.txt
create mode 100644 tests/fuzz/corpora/http1_1/200_ok.txt
create mode 100644 tests/fuzz/corpora/http1_1/404_nf.txt
create mode 100644 tests/fuzz/curl_fuzzer.c
create mode 100644 tests/libtest/lib1532.c
create mode 100644 tests/libtest/lib1533.c
create mode 100644 tests/libtest/lib1534.c
create mode 100644 tests/libtest/lib1535.c
create mode 100644 tests/libtest/lib1536.c
create mode 100644 tests/libtest/lib1537.c
create mode 100644 tests/libtest/lib1538.c
create mode 100644 tests/libtest/lib1540.c
create mode 100644 tests/libtest/lib1550.c
create mode 100644 tests/libtest/lib1551.c
create mode 100644 tests/libtest/lib559.c
create mode 100644 tests/libtest/mk-lib1521.pl
create mode 100755 tests/negtelnetserver.py
create mode 100644 tests/python_dependencies/impacket/__init__.py
create mode 100644 tests/python_dependencies/impacket/nmb.py
create mode 100644 tests/python_dependencies/impacket/nt_errors.py
create mode 100644 tests/python_dependencies/impacket/ntlm.py
create mode 100644 tests/python_dependencies/impacket/smb.py
create mode 100644 tests/python_dependencies/impacket/smb3.py
create mode 100644 tests/python_dependencies/impacket/smb3structs.py
create mode 100644 tests/python_dependencies/impacket/smbserver.py
create mode 100644 tests/python_dependencies/impacket/spnego.py
create mode 100644 tests/python_dependencies/impacket/structure.py
create mode 100644 tests/python_dependencies/impacket/uuid.py
create mode 100644 tests/python_dependencies/impacket/version.py
create mode 100755 tests/smbserver.py
create mode 100644 tests/unit/unit1323.c
create mode 100644 tests/unit/unit1399.c
create mode 100644 tests/unit/unit1606.c
delete mode 100644 winbuild/Makefile.msvc.names
diff --git a/.gitattributes b/.gitattributes
index a7b3f6a28..429f8cde0 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -3,3 +3,5 @@ buildconf eol=lf
configure.ac eol=lf
*.m4 eol=lf
*.in eol=lf
+*.am eol=lf
+*.sh eol=lf
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
index 186025b7d..bce89b444 100644
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -20,4 +20,4 @@ Send your suggestions using one of these methods:
3. as an [issue](https://github.com/curl/curl/issues)
-/ The cURL team!
+/ The curl team!
diff --git a/.github/ISSUE_TEMPLATE b/.github/ISSUE_TEMPLATE
index a7ef910fd..a705e79e5 100644
--- a/.github/ISSUE_TEMPLATE
+++ b/.github/ISSUE_TEMPLATE
@@ -1,9 +1,16 @@
+<!-- Only file bugs here! Ask questions on the mailing list
https://curl.haxx.se/mail/
+ Do not file security vulnerabilities here, e-mail curl-security at haxx.se
+
+ There are collections of known issues to be aware of:
+ https://curl.haxx.se/docs/knownbugs.html
+ https://curl.haxx.se/docs/todo.html -->
+
### I did this
### I expected the following
### curl/libcurl version
-[curl -V output perhaps?]
+[curl -V output]
### operating system
diff --git a/.github/stale.yml b/.github/stale.yml
new file mode 100644
index 000000000..9bcd4eb1d
--- /dev/null
+++ b/.github/stale.yml
@@ -0,0 +1,17 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 180
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 14
+# Issues with these labels will never be considered stale
+exemptLabels:
+ - pinned
+ - security
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+ This issue has been automatically marked as stale because it has not had
+ recent activity. It will be closed if no further activity occurs. Thank you
+ for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false
diff --git a/.gitignore b/.gitignore
index 183136a68..e3c2f3455 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,16 +8,19 @@
*.o
*.obj
*.pdb
+*.pyc
*~
-.*.swp
+.*.sw?
.cproject
.deps
.dirstamp
.libs
.project
.settings
+/.vs
/build/
/builds/
+__pycache__
CHANGES.dist
Debug
INSTALL
@@ -37,7 +40,7 @@ config.sub
configure
curl-*.tar.bz2
curl-*.tar.gz
-curl-*.tar.lzma
+curl-*.tar.xz
curl-*.zip
curl-config
depcomp
diff --git a/.travis.yml b/.travis.yml
index bdd21b094..64aecd890 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,24 +1,147 @@
-os:
- - linux
- - osx
-
-sudo: false
-
language: c
+sudo: required
+addons:
+ apt:
+ sources:
+ - ubuntu-toolchain-r-test
+ - llvm-toolchain-precise-3.7
+ packages:
+ - cmake
+ - gcc-4.8
+ - lcov
+ - clang-3.7
+ - valgrind
+ - libev-dev
+ - libc-ares-dev
+ - g++-4.8
+ - libstdc++-4.8-dev
+ - stunnel4
+ - libidn2-0-dev
+ - libssh2-1-dev
+
+matrix:
+ include:
+ - os: linux
+ compiler: gcc
+ dist: trusty
+ env: T=normal
+ - os: linux
+ compiler: clang
+ dist: trusty
+ env: T=debug
+ - os: osx
+ compiler: gcc
+ env: T=debug
+ - os: osx
+ compiler: gcc
+ env: T=debug C=--with-ssl=/usr/local/opt/openssl
+ - os: osx
+ compiler: gcc
+ env: T=debug C=--with-ssl=/usr/local/opt/libressl
+ - os: osx
+ compiler: clang
+ env: T=debug C="--without-ssl --with-darwinssl"
+ - os: osx
+ compiler: clang
+ env: T=normal
+ - os: linux
+ compiler: gcc
+ dist: trusty
+ env: T=cmake
+ - os: linux
+ compiler: clang
+ dist: trusty
+ env: T=cmake
+ - os: linux
+ compiler: gcc
+ dist: precise
+ env: T=coverage
+ - os: linux
+ compiler: gcc
+ dist: trusty
+ env: T=distcheck
install:
+ - pip install --user cpp-coveralls
- if [ "$TRAVIS_OS_NAME" == "osx" ]; then brew update > /dev/null; fi
- if [ "$TRAVIS_OS_NAME" == "osx" ]; then brew reinstall libtool >
/dev/null; fi
- if [ "$TRAVIS_OS_NAME" == "osx" ]; then brew install openssl libidn
rtmpdump libssh2 c-ares libmetalink libressl nghttp2; fi
+ - if [ $TRAVIS_OS_NAME = linux ]; then
+ curl -L
https://github.com/nghttp2/nghttp2/releases/download/v1.24.0/nghttp2-1.24.0.tar.gz
|
+ tar xzf - &&
+ (cd nghttp2-1.24.0 && CXX="g++-4.8" ./configure --prefix=/usr
--disable-threads --enable-app && make && sudo make install);
+ fi
before_script:
- - ./buildconf
+ - ./buildconf
-script: ./configure --enable-debug && make && make test-full
+script:
+ - |
+ if [ "$T" = "coverage" ]; then
+ export CC="gcc-4.8"
+ ./configure --enable-debug --disable-shared --enable-code-coverage
+ make
+ make TFLAGS=-n test-nonflaky
+ tests="1 2 3 4 5 6 7 8 9 10 200 201 202 300 301 302 500 501 502
503 504 506 507 508 509 510 511 512 513 514 515 516 517 518 519 600 601 800 801
802 803 900 901 902 903 1000 1001 1002 1004 1302 1303 1304 1305 1306 1308 1400
1401 1402 1404 1450 1451 1452 1502 1507 1508 1600 1602 1603 1605"
+ make "TFLAGS=-n -e $tests" test-nonflaky
+ make "TFLAGS=-n -t $tests" test-nonflaky
+ coveralls --gcov /usr/bin/gcov-4.8 --gcov-options '\-lp' -i src
-i lib -i lib/vtls -i lib/vauth -e tests -e docs
+ fi
+ - |
+ if [ "$T" = "debug" ]; then
+ ./configure --enable-debug --enable-werror $C
+ make
+ make TFLAGS=-n test-nonflaky
+ fi
+ - |
+ if [ "$T" = "normal" ]; then
+ ./configure --enable-warnings --enable-werror $C
+ make
+ make test-nonflaky
+ fi
+ - |
+ if [ "$T" = "cmake" ]; then
+ mkdir build
+ cd build
+ cmake ..
+ make
+ fi
+ - |
+ if [ "$T" = "distcheck" ]; then
+ ./configure
+ make
+ ./maketgz 99.98.97
+ # verify in-tree build - and install it
+ (tar xf curl-99.98.97.tar.gz && \
+ cd curl-99.98.97 && \
+ ./configure --prefix=$HOME/temp && \
+ make && \
+ make TFLAGS=1 test && \
+ make install)
+ # basic check of the installed files
+ bash scripts/installcheck.sh $HOME/temp
+ rm -rf curl-99.98.97
+ # verify out-of-tree build
+ (tar xf curl-99.98.97.tar.gz && \
+ mkdir build && \
+ cd build && \
+ ../curl-99.98.97/configure && \
+ make && \
+ make TFLAGS=1 test)
+ # verify cmake build
+ rm -rf curl-99.98.97
+ (tar xf curl-99.98.97.tar.gz && \
+ cd curl-99.98.97 && \
+ mkdir build && \
+ cd build && \
+ cmake .. && \
+ make)
+ fi
-compiler:
- - clang
- - gcc
+# whitelist branches to avoid testing feature branches twice (as branch and as
pull request)
+branches:
+ only:
+ - master
notifications:
email: false
diff --git a/CHANGES b/CHANGES
index b73986b5c..4d13ef696 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,7 +1,7 @@
See https://curl.haxx.se/changes.html for the edited and human readable online
version of what has changed over the years in different curl releases.
-Generate a CHANGES file like the one present in evey release like this:
+Generate a CHANGES file like the one present in every release like this:
$ git log --pretty=fuller --no-color --date=short --decorate=full | \
- ./log2changes.pl
+ ./scripts/log2changes.pl
diff --git a/CHANGES.0 b/CHANGES.0
deleted file mode 100644
index f03298118..000000000
--- a/CHANGES.0
+++ /dev/null
@@ -1,18002 +0,0 @@
- _ _ ____ _
- ___| | | | _ \| |
- / __| | | | |_) | |
- | (__| |_| | _ <| |___
- \___|\___/|_| \_\_____|
-
- Old Changelog
-
-Changes done to curl and libcurl from 1997 to 2010, edited manually. The most
-recent changes are always generated into the CHANGES file straight from git.
-
-Kamil Dudka (17 June 2010)
-- Improve test575 in order to not fail with threaded DNS resolver.
-
-Version 7.21.0 (16 June 2010)
-
-Daniel Stenberg (5 June 2010)
-- Constantine Sapuntzakis fixed a case of spurious SSL connection aborts using
- libcurl and OpenSSL. "I tracked it down to uncleared error state on the
- OpenSSL error stack - patch attached deals with that."
-
-Daniel Stenberg (5 June 2010)
-- Frank Meier added CURLINFO_PRIMARY_PORT, CURLINFO_LOCAL_IP and
- CURLINFO_LOCAL_PORT to curl_easy_getinfo().
-
-Yang Tse (4 June 2010)
-- Enabled OpenLDAP support for cygwin builds. This support was disabled back
- in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers.
- cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25
- allow building an OpenLDAP enabled libcurl supporting back to Windows 95.
-
- Removed the non-functional CURL_LDAP_HYBRID code and references.
-
-Daniel Stenberg (2 June 2010)
-- Jason McDonald posted bug report #3006786 when he found that the SFTP code
- didn't timeout properly in several places in the code even if a timeout was
- set properly.
-
- Based on his suggested patch, I wrote a different implementation that I
- think addressed the issue better and also uses the connect timeout for the
- initial part of the SSH/SFTP done during the "protocol connect" phase.
-
- (https://curl.haxx.se/bug/view.cgi?id=3006786)
-
-Yang Tse (2 June 2010)
-- Added missing new libcurl files to non-configure targets. Adjusted
- libcurl standard internal header inclusions in new files. Fixed an
- SPNEGO related memory leak. Fixed several LDAP related compilation
- issues, and fixed some compiler warnings.
-
-Daniel Stenberg (1 June 2010)
-- Igor Novoseltsev reported a problem with the multi socket API and using
- timeouts and timers. It boiled down to a problem with libcurl's use of
- GetTickCount() interally to figure out the current time, while Igor's own
- application code used another function call.
-
- It made his app call the socket API timeout function a bit _before_ libcurl
- would consider the timeout to trigger, and that could easily lead to
- timeouts or stalls in the app. It seems GetTickCount() in general often has
- no better resolution than 16ms and switching to the alternative function
- QueryPerformanceCounter has its share of problems:
- http://www.virtualdub.org/blog/pivot/entry.php?id=106
-
- We address this problem by simply having libcurl treat timers that already
- has occured or will occur within 40ms subject for treatment. I'm confident
- that there are other implementations and operating systems with similarly in
- accurate timer functions so it makes sense to have applied generically and I
- don't believe we sacrifice much by adding a 40ms inaccuracy on these
- timeouts.
-
-Kamil Dudka (27 May 2010)
-- added a new test for CRL support (test313)
-
-- Tor Arntsen changed the alternative definition of bool to use enum instead
- of unsigned char.
-
-Daniel Stenberg (25 May 2010)
-- Julien Chaffraix fixed the warning seen when compiling lib/rtmp.c: one
- unused variables, several unused arguments and some missing #include.
-
-- Julien Chaffraix fixed 2 OOM errors: a missing NULL-check in
- lib/http_negociate.c and a potential NULL dereferencing in lib/splay.c
-
-- Howard Chu brought a patch that makes the LDAP code much cleaner, nicer and
- in general being a better libcurl citizen. If a new enough OpenLDAP version
- is detect, the new and shiny lib/openldap.c code is then used instead of the
- old cruft.
-
-Daniel Stenberg (21 May 2010)
-- Eric Mertens posted bug #3003705: when we made TFTP use the correct timeout
- option when sent to the server (fixed May 18th 2010) it became obvious that
- libcurl used invalid timeout values (300 by default while the RFC allows
- nothing above 255). While of course it is obvious that as TFTP has worked
- thus far without being able to set timeout at all, just removing the setting
- wouldn't make any difference in behavior. I decided to still keep it (but
- fix the problem) as it now actually allows for easier (future) customization
- of the timeout.
-
- (https://curl.haxx.se/bug/view.cgi?id=3003705)
-
-- Douglas Kilpatrick filed bug report #3004787 and pointed out that the TFTP
- code didn't handle block id wraps correctly. His suggested fix inspired the
- fix I committed.
-
- (https://curl.haxx.se/bug/view.cgi?id=3004787)
-
-Daniel Stenberg (20 May 2010)
-- Tanguy Fautre brought a fix to allow curl to build with Microsoft VC10.
-
-Daniel Stenberg (18 May 2010)
-- Eric Mertens posted bug report #3003005 pointing out that the libcurl TFTP
- code was not sending the timeout option properly to the server, and
- suggested a fix.
-
- (https://curl.haxx.se/bug/view.cgi?id=3003005)
-
-Kamil Dudka (16 May 2010)
-- Pavel Raiskup introduced a new option CURLOPT_FNMATCH_DATA in order to pass
- a custom data pointer to the callback specified by CURLOPT_FNMATCH_FUNCTION.
-
-Daniel Stenberg (14 May 2010)
-- John-Mark Bell filed bug #3000052 that identified a problem (with an
- associated patch) with the OpenSSL handshake state machine when the multi
- interface is used:
-
- Performing an https request using a curl multi handle and using select or
- epoll to wait for events results in a hang. It appears that the cause is the
- fix for bug #2958179, which makes ossl_connect_common unconditionally return
- from the step 2 loop when fetching from a multi handle.
-
- When ossl_connect_step2 has completed, it updates connssl->connecting_state
- to ssl_connect_3. ossl_connect_common will then return to the caller, as a
- multi handle is in use. Eventually, the client code will call
- curl_multi_fdset to obtain an updated fdset to select or epoll on. For https
- requests, curl_multi_fdset will cause https_getsock to be called.
- https_getsock will only return a socket handle if the connecting_state is
- ssl_connect_2_reading or ssl_connect_2_writing. Therefore, the client will
- never obtain a valid fdset, and thus not drive the multi handle, resulting
- in a hang.
-
- (https://curl.haxx.se/bug/view.cgi?id=3000052)
-
-- Sebastian V reported bug #3000056 identifying a problem with redirect
- following. It showed that when curl followed redirects it didn't properly
- ignore the response body of the 30X response if that response was using
- compressed Content-Encoding!
-
- (https://curl.haxx.se/bug/view.cgi?id=3000056)
-
-Daniel Stenberg (12 May 2010)
-- Howard Chu brought support for RTMP. This is powered by the underlying
- librtmp library. It supports a range of variations and "sub-protocols"
- within the RTMP family.
-
-- Pavel Raiskup brought support for FTP directory wildcard matching to allow
- selective downloading. To provide that, a set of new options were added:
-
- CURLOPT_WILDCARDMATCH
- CURLOPT_CHUNK_BGN_FUNCTION
- CURLOPT_CHUNK_END_FUNCTION
- CURLOPT_CHUNK_DATA
- CURLOPT_FNMATCH_FUNCTION
-
- There were also a set of new tests added (574 - 577) to verify this.
-
-Kamil Dudka (11 May 2010)
-- CRL support in libcurl-NSS has been completely broken. Now it works. Original
- bug report: https://bugzilla.redhat.com/581926
-
-Daniel Stenberg (7 May 2010)
-- Dirk Manske reported a regression. When connecting with the multi interface,
- there were situations where libcurl wouldn't store connect time correctly as
- it used to (and is documented to) do.
-
- Using his fine sample program we could repeat it, and I wrote up test case
- 573 using that code. The problem does not easily show itself using the local
- test suite though.
-
- The fix, also as suggested by Dirk, is a bit on the ugly side as it adds yet
- another call to Curl_verboseconnect() and setting the TIMER_CONNECT time.
- That situation is subject for some closer inspection in the future.
-
-- Howard Chu split the I/O handling functions into private handlers.
-
- Howard Chu brought the bulk work of this patch that properly moves out the
- sending and recving of data to the parts of the code that are properly
- responsible for the various ways of doing so.
-
- Daniel Stenberg assisted with polishing a few bits and fixed some minor
- flaws in the original patch.
-
- Another upside of this patch is that we now abuse CURLcodes less with the
- "magic" -1 return codes and instead use CURLE_AGAIN more consistently.
-
-Daniel Stenberg (5 May 2010)
-- Hoi-Ho Chan introduced support for using the PolarSSL library. You control
- this with the new configure option --with-polarssl.
-
-Daniel Stenberg (29 Apr 2010)
-- Ben Greear made telnet a lot better/easier to use by an application:
-
- The main change is to allow input from user-specified methods, when they are
- specified with CURLOPT_READFUNCTION. All calls to fflush(stdout) in
- telnet.c were removed, which makes using 'curl telnet://foo.com' painful
- since prompts and other data are not always returned to the user promptly.
- Use 'curl --no-buffer telnet://foo.com' instead. In general, the user
- should have their CURLOPT_WRITEFUNCTION do a fflush for interactive use.
-
- Also fix assumption that reading from stdin never returns < 0.
- Old code could crash in that case.
-
- Call progress functions in telnet main loop.
-
-Daniel Stenberg (26 Apr 2010)
-- Make use of the libssh2_init/exit functions that libssh2 added in version
- 1.2.5. Using them will improve how libcurl works in threaded situations when
- SCP and SFTP are transfered.
-
-Daniel Stenberg (25 Apr 2010)
-- Based on work by Kamil Dudka, I've introduced the new configure option
- --enable-threaded-resolver. When used, the configure script will check for
- pthreads and if around, it will build libcurl to use pthreads to do name
- resolving in a threaded manner. Note that this is just a fix to offer an
- option that can enable the code that already included. The threader resolver
- code was mostly added on Jan 26 2010.
-
-Daniel Stenberg (24 Apr 2010)
-- Alex Bligh introduced the --proto and -proto-redir options that limit what
- protocols curl accepts for the requests and when following redirects.
-
-Kamil Dudka (24 Apr 2010)
-- Fixed test536 in order to not fail with threaded DNS resolver and tweaked
- comments in certain examples using curl_multi_fdset().
-
-- Fixed SSL handshake timeout underflow in libcurl-NSS, which caused test405
- to hang on a slow machine.
-
-Daniel Stenberg (21 Apr 2010)
-- The -O option caused curl to crash on windows and DOS due to the tool
- writing out of boundary memory.
-
-Yang Tse (20 Apr 2010)
-- Ruslan Gazizov detected that MSVC makefiles were using wsock32.lib instead
- of ws2_32.lib, this generated linking issues on MSVC IPv6 enabled builds
- that were done using those makefiles.
-
-Daniel Stenberg (19 Apr 2010)
-- -J/--remote-header-name didn't strip trailing carriage returns or linefeeds
- properly, so they could be used in the file name.
-
-Daniel Stenberg (16 Apr 2010)
-- Jerome Vouillon made the GnuTLS SSL handshake phase non-blocking.
-
-- The recent overhaul of the SSL recv function made the GnuTLS specific code
- treat a zero returned from gnutls_record_recv() as an error, and this caused
- our HTTPS test cases to fail. We leave it to upper layer code to detect if
- an EOF is a problem or not.
-
-- I reverted the resolver fix from yesterday and instead removed all uses of
- AI_CANONNAME all over libcurl and made the only user of that info (krb5.c)
- use the host name from the URL instead. No reverse resolving is a good
- thing.
-
-- Paul Howarth made configure properly detect GSS "on ancient Linux distros"
- by editing in which order we use headers to detect GSS.
-
-Daniel Stenberg (15 Apr 2010)
-- Rainer Canavan filed bug report #2987196 that identified libcurl doing
- unnecesary reverse name lookups in many cases when built to use IPv4 and
- getaddrinfo(). The logic for IPv6 is now used for IPv4 too.
-
- (https://curl.haxx.se/bug/view.cgi?id=2963679)
-
-Version 7.20.1 (14 April 2010)
-
-Daniel Stenberg (9 Apr 2010)
-- Prefixing the FTP quote commands with an asterisk really only worked for the
- postquote actions. This is now fixed and test case 227 has been extended to
- verify.
-
-Kamil Dudka (4 Apr 2010)
-- Eliminated a race condition in Curl_resolv_timeout().
-
-- Refactorized interface of Curl_ssl_recv()/Curl_ssl_send().
-
-- libcurl-NSS now provides more accurate messages and error codes in case of
- client certificate problem. Either during connection, or transfer phase.
-
-Daniel Stenberg (1 Apr 2010)
-- Matt Wixson found and fixed a bug in the SCP/SFTP area where the code
- treated a 0 return code from libssh2 to be the same as EAGAIN while in
- reality it isn't. The problem caused a hang in SFTP transfers from a
- MessageWay server.
-
-Daniel Stenberg (28 Mar 2010)
-- Ben Greear: If you pass a URL to pop3 that does not contain a message ID as
- part of the URL, it would previously ask for 'INBOX' which just causes the
- pop3 server to return an error.
-
- Now libcurl treats en empty message ID as a request for LIST (list of pop3
- message IDs). User's code could then parse this and download individual
- messages as desired.
-
-Daniel Stenberg (27 Mar 2010)
-- Ben Greear brought a patch that from now on allows all protocols to specify
- name and user within the URL, in the same manner HTTP and FTP have been
- allowed to in the past - although far from all of the libcurl supported
- protocls actually have that feature in their URL definition spec.
-
-Daniel Stenberg (26 Mar 2010)
-- Ben Greear brought code that makes the rate limiting code for the easy
- interface a bit smoother as it introduces sub-second sleeps during it and it
- also takes the buffer sizes into account.
-
-Daniel Stenberg (24 Mar 2010)
-- Bob Richmond: There's an annoying situation where libcurl will read new HTTP
- response data from a socket, then check if it's a timeout if one is set. If
- the last packet received constitutes the end of the response body, libcurl
- still treats it as a timeout condition and reports a message like:
-
- "Operation timed out after 3000 milliseconds with 876 out of 876 bytes
- received"
-
- It should only a timeout if the timer lapsed and we DIDN'T receive the end
- of the response body yet.
-
-- Christopher Conroy fixed a problem with RTSP and GET_PARAMETER reported
- to us by Massimo Callegari. There's a new test case 572 that verifies this
- now.
-
-- The 'ares' subtree has been removed from the source repository. It was
- always a separate project that sort of piggybacked on the curl project since
- the dawn of times and now the time has come for it to go stand on its own
- legs and continue living its own life. All details on c-ares and its new
- source code repository is found at http://c-ares.haxx.se/
-
-Daniel Stenberg (23 Mar 2010)
-- Kenny To filed the bug report #2963679 with patch to fix a problem he
- experienced with doing multi interface HTTP POST over a proxy using
- PROXYTUNNEL. He found a case where it would connect fine but bits.tcpconnect
- was not set correct so libcurl didn't work properly.
-
- (https://curl.haxx.se/bug/view.cgi?id=2963679)
-
-- Akos Pasztory filed debian bug report #572276
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276 mentioning a problem
- with a resource that returns chunked-encoded _and_ with a Content-Length
- and libcurl failed to properly ignore the latter information.
-
-- Hauke Duden provided an example program that made the multi interface crash.
- His example simply used the multi interface and did first one FTP transfer
- and after completion it used a second easy handle and did another FTP
- transfer on the same FTP server.
-
- This triggered a bug in the "delayed easy handle kill" system that curl
- uses: when an FTP connection is left alive it must keep an easy handle
- around internally - only for the purpose of having an easy handle when it
- later disconnects it. The code assumed that when the easy handle was removed
- and an internal reference was made, that version could be killed later on
- when a new easy handle came using the same connection. This was wrong as
- Hauke's example showed that the removed handle wasn't killed for real until
- later. This caused a double close attempt => segfault.
-
-Daniel Stenberg (22 Mar 2010)
-- Thomas Lopatic fixed the alarm()-based DNS timeout:
-
- Looking at the code of Curl_resolv_timeout() in hostip.c, I think that in
- case of a timeout, the signal handler for SIGALRM never gets removed. I
- think that in my case it gets executed at some point later on when execution
- has long left Curl_resolv_timeout() or even the cURL library.
-
- The code that is jumped to with siglongjmp() simply sets the error message
- to "name lookup timed out" and then returns with CURLRESOLV_ERROR. I guess
- that instead of simply returning without cleaning up, the code should have a
- goto that jumps to the spot right after the call to Curl_resolv().
-
-Kamil Dudka (22 Mar 2010)
-- Douglas Steinwand contributed a patch fixing insufficient initialization in
- Curl_clone_ssl_config()
-
-Daniel Stenberg (21 Mar 2010)
-- Ben Greear improved TFTP: the error code returning and the treatment
- of TSIZE == 0 when uploading.
-
-- We've switched from CVS to git. See https://curl.haxx.se/source.html
-
-Kamil Dudka (19 Mar 2010)
-- Improved Curl_read() to not ignore the error returned from Curl_ssl_recv().
-
-Daniel Stenberg (15 Mar 2010)
-- Constantine Sapuntzakis brought a patch:
-
- The problem mentioned on Dec 10 2009
- (https://curl.haxx.se/bug/view.cgi?id=2905220) was only partially fixed.
- Partially because an easy handle can be associated with many connections in
- the cache (e.g. if there is a redirect during the lifetime of the easy
- handle). The previous patch only cleaned up the first one. The new fix now
- removes the easy handle from all connections, not just the first one.
-
-Daniel Stenberg (6 Mar 2010)
-- Ben Greear brought a patch that fixed the rate limiting logic for TFTP when
- the easy interface was used.
-
-Daniel Stenberg (5 Mar 2010)
-- Daniel Johnson provided fixes for building curl with the clang compiler.
-
-Yang Tse (5 Mar 2010)
-- Constantine Sapuntzakis detected and fixed a double free in builds done
- with threaded resolver enabled (Windows default configuration) that would
- get triggered when a curl handle is closed while doing DNS resolution.
-
-Daniel Stenberg (2 Mar 2010)
-- [Daniel Johnson] I've been trying to build libcurl with clang on Darwin and
- ran into some issues with the GSSAPI tests in configure.ac. The tests first
- try to determine the include dirs and libs and set CPPFLAGS and LIBS
- accordingly. It then checks for the headers and finally sets LIBS a second
- time, causing the libs to be included twice. The first setting of LIBS seems
- redundant and should be left out, since the first part is otherwise just
- about finding headers.
-
- My second issue is that 'krb5-config --libs gssapi' on Darwin is less than
- useless and returns junk that, while it happens to work with gcc, causes
- clang to choke. For example, --libs returns $CFLAGS along with the libs,
- which is really retarded. Simply setting 'LIBS="$LIBS -lgssapi_krb5
- -lresolv"' on Darwin is sufficient.
-
-- Based on patch provided by Jacob Moshenko, the transfer logic now properly
- makes sure that when using sub-second timeouts, there's no final bad 1000ms
- wait. Previously, a sub-second timeout would often make the elapsed time end
- up the time rounded up to the nearest second (e.g. 1s for 200ms timeout)
-
-- Andrei Benea filed bug report #2956698 and pointed out that the
- CURLOPT_CERTINFO feature leaked memory due to a missing OpenSSL function
- call. He provided the patch to fix it too.
-
- https://curl.haxx.se/bug/view.cgi?id=2956698
-
-- Markus Duft pointed out in bug #2961796 that even though Interix has a
- poll() function it doesn't quite work the way we want it so we must disable
- it, and he also provided a patch for it.
-
- https://curl.haxx.se/bug/view.cgi?id=2961796
-
-- Made the pingpong timeout code properly deal with the response timeout AND
- the global timeout if set. Also, as was reported in the bug report #2956437
- by Ryan Chan, the time stamp to use as basis for the per command timeout was
- not set properly in the DONE phase for FTP (and not for SMTP) so I fixed
- that just now. This was a regression compared to 7.19.7 due to the
- conversion of FTP code over to the generic pingpong concepts.
-
- https://curl.haxx.se/bug/view.cgi?id=2956437
-
-Daniel Stenberg (1 Mar 2010)
-- Ben Greear provided an update for TFTP that fixes upload.
-
-- Wesley Miaw reported bug #2958179 which identified a case of looping during
- OpenSSL based SSL handshaking even though the multi interface was used and
- there was no good reason for it.
-
- https://curl.haxx.se/bug/view.cgi?id=2958179
-
-Daniel Stenberg (26 Feb 2010)
-- Pat Ray in bug #2958474 pointed out an off-by-one case when receiving a
- chunked-encoding trailer.
-
- https://curl.haxx.se/bug/view.cgi?id=2958474
-
-Daniel Fandrich (25 Feb 2010)
-- Fixed a couple of out of memory leaks and a segfault in the SMTP & IMAP code.
-
-Yang Tse (25 Feb 2010)
-- I fixed bug report #2958074 indicating
- (https://curl.haxx.se/bug/view.cgi?id=2958074) that curl on Windows with
- option --trace-time did not use local time when timestamping trace lines.
- This could also happen on other systems depending on time souurce.
-
-Patrick Monnerat (22 Feb 2010)
-- Proper handling of STARTTLS on SMTP, taking CURLUSESSL_TRY into account.
-- SMTP falls back to RFC821 HELO when EHLO fails (and SSL is not required).
-- Use of true local host name (i.e.: via gethostname()) when available, as
- default argument to SMTP HELO/EHLO.
-- Test case 804 for HELO fallback.
-
-Daniel Stenberg (20 Feb 2010)
-- Fixed the SMTP compliance by making sure RCPT TO addresses are specified
- properly in angle brackets. Recipients provided with CURLOPT_MAIL_RCPT now
- get angle bracket wrapping automatically by libcurl unless the recipient
- starts with an angle bracket as then the app is assumed to deal with that
- properly on its own.
-
-- I made the SMTP code expect a 250 response back from the server after the
- full DATA has been sent, and I modified the test SMTP server to also send
- that response. As usual, the DONE operation that is made after a completed
- transfer is still not doable in a non-blocking way so this waiting for 250
- is unfortunately made blockingly.
-
-Yang Tse (14 Feb 2010)
-- Overhauled test suite getpart() function. Fixing potential out of bounds
- stack and memory overwrites triggered with huge test case definitions.
-
-Daniel Stenberg (13 Feb 2010)
-- Martin Hager reported and fixed a problem with a missing quote in libcurl.m4
-
- (https://curl.haxx.se/bug/view.cgi?id=2951319)
-
-- Tom Donovan fixed the CURL_FORMAT_* defines when building with cmake.
-
- (https://curl.haxx.se/bug/view.cgi?id=2951269)
-
-Daniel Stenberg (12 Feb 2010)
-- Jack Zhang reported a problem with SMTP: we wrongly used multiple addresses
- in the same RCPT TO line, when they should be sent in separate single
- commands. I updated test case 802 to verify this.
-
-- I also fixed a bad use of my_setopt_str() of CURLOPT_MAIL_RCPT in the curl
- tool which made it try to output it as string for the --libcurl feature
- which could lead to crashes.
-
-Yang Tse (11 Feb 2010)
-- Steven M. Schweda fixed VMS builder bad behavior when used in a batch job,
- removed obsolete batch_compile.com and defines.com and updated VMS readme.
-
-Version 7.20.0 (9 February 2010)
-
-Daniel Stenberg (9 Feb 2010)
-- When downloading compressed content over HTTP and the app asked libcurl to
- automatically uncompress it with the CURLOPT_ENCODING option, libcurl could
- wrongly provide the callback with more data than the maximum documented
- amount. An application could thus get tricked into badness if the maximum
- limit was trusted to be enforced by libcurl itself (as it is documented).
-
- This is further detailed and explained in the libcurl security advisory
- 20100209 at
-
- https://curl.haxx.se/docs/adv_20100209.html
-
-Daniel Fandrich (3 Feb 2010)
-- Changed the Watcom makefiles to make them easier to keep in sync with
- Makefile.inc since that can't be included directly.
-
-Yang Tse (2 Feb 2010)
-- Symbol CURL_FORMAT_OFF_T now obsoleted, will be removed in a future release,
- symbol will not be available when building with CURL_NO_OLDIES defined. Use
- of CURL_FORMAT_CURL_OFF_T is preferred since 7.19.0
-
-Daniel Stenberg (1 Feb 2010)
-- Using the multi_socket API, it turns out at times it seemed to "forget"
- connections (which caused a hang). It turned out to be an existing (7.19.7)
- bug in libcurl (that's been around for a long time) and it happened like
- this:
-
- The app calls curl_multi_add_handle() to add a new easy handle, libcurl will
- then set it to timeout in 1 millisecond so libcurl will tell the app about
- it.
-
- The app's timeout fires off that there's a timeout, the app calls libcurl as
- we so often document it:
-
- do {
- res = curl_multi_socket_action(... TIMEOUT ...);
- } while(CURLM_CALL_MULTI_PERFORM == res);
-
- And this is the problem number one:
-
- When curl_multi_socket_action() is called with no specific handle, but only
- a timeout-action, it will *only* perform actions within libcurl that are
- marked to run at this time. In this case, the request would go from INIT to
- CONNECT and return CURLM_CALL_MULTI_PERFORM. When the app then calls libcurl
- again, there's no timer set for this handle so it remains in the CONNECT
- state. The CONNECT state is a transitional state in libcurl so it reports no
- sockets there, and thus libcurl never tells the app anything more about that
- easy handle/connection.
-
- libcurl _does_ set a 1ms timeout for the handle at the end of
- multi_runsingle() if it returns CURLM_CALL_MULTI_PERFORM, but since the loop
- is instant the new job is not ready to run at that point (and there's no
- code that makes libcurl call the app to update the timout for this new
- timeout). It will simply rely on that some other timeout will trigger later
- on or that something else will update the timeout callback. This makes the
- bug fairly hard to repeat.
-
- The fix made to adress this issue:
-
- We introduce a loop in lib/multi.c around all calls to multi_runsingle() and
- simply check for CURLM_CALL_MULTI_PERFORM internally. This has the added
- benefit that this goes in line with my long-term wishes to get rid of the
- CURLM_CALL_MULTI_PERFORM all together from the public API.
-
- The downside of this fix, is that the counter we return in 'running_handles'
- in several of our public functions then gets a slightly new and possibly
- confusing behavior during times:
-
- If an app adds a handle that fails to connect (very quickly) it may just
- as well never appear as a 'running_handle' with this fix. Previously it
- would first bump the counter only to get it decreased again at next call.
- Even I have used that change in handle counter to signal "end of a
- transfer". The only *good* way to find the end of a individual transfer
- is calling curl_multi_info_read() to see if it returns one.
-
- Of course, if the app previously did the looping before it checked the
- counter, it really shouldn't be any new effect.
-
-Yang Tse (26 Jan 2010)
-- Constantine Sapuntzakis' and Joshua Kwan's work done in the last four months
- relative to the asynchronous DNS lookups, along with with some integration
- adjustments I have done are finally committed to CVS.
-
- Currently these enhancements will benefit builds done using c-ares on any
- platform as well as Windows builds using the default threaded resolver.
-
- This release does not make generally available POSIX threaded DNS lookups
- yet. There is no configure option to enable this feature yet. It is possible
- to experimantally try this feature running configure with compiler flags that
- make simultaneous definition of preprocessor symbols USE_THREADS_POSIX and
- HAVE_PTHREAD_H, as well as whatever reentrancy compiler flags and linker ones
- are required to link and properly use pthread_* functions on each platform.
-
-Daniel Stenberg (26 Jan 2010)
-- Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
- proxy that cannot be resolved when using c-ares. This matches the behaviour
- when not using c-ares.
-
-Bj�rn Stenberg (23 Jan 2010)
-- Added a new flag: -J/--remote-header-name. This option tells the
- -O/--remote-name option to use the server-specified Content-Disposition
- filename instead of extracting a filename from the URL.
-
-Daniel Stenberg (21 Jan 2010)
-- Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
- libcurl options for controlling what to get and how to receive posssibly
- interleaved RTP data.
-
-Daniel Stenberg (20 Jan 2010)
-- As was pointed out on the http-state mailing list, the order of cookies in a
- HTTP Cookie: header _needs_ to be sorted on the path length in the cases
- where two cookies using the same name are set more than once using
- (overlapping) paths. Realizing this, identically named cookies must be
- sorted correctly. But detecting only identically named cookies and take care
- of them individually is harder than just to blindly and unconditionally sort
- all cookies based on their path lengths. All major browsers also already do
- this, so this makes our behavior one step closer to them in the cookie area.
-
- Test case 8 was the only one that broke due to this change and I updated it
- accordingly.
-
-Daniel Stenberg (19 Jan 2010)
-- David McCreedy brought a fix and a new test case (129) to make libcurl work
- again when downloading files over FTP using ASCII and it turns out that the
- final size of the file is not the same as the initial size the server
- reported. This is very common since servers don't take the newline
- conversions into account.
-
-Kamil Dudka (14 Jan 2010)
-- Suppressed side effect of OpenSSL configure checks, which prevented NSS from
- being properly detected under certain circumstances. It had been caused by
- strange behavior of pkg-config when handling PKG_CONFIG_LIBDIR. pkg-config
- distinguishes among empty and non-existent environment variable in that case.
-
-Daniel Stenberg (12 Jan 2010)
-- Gil Weber reported a peculiar flaw with the multi interface when doing SFTP
- transfers: curl_multi_fdset() would return -1 and not set and file
- descriptors several times during a transfer of a single file. It turned out
- to be due to two different flaws now fixed. Gil's excellent recipe helped me
- nail this.
-
-Daniel Stenberg (11 Jan 2010)
-- Made sure that the progress callback is repeatedly called at a regular
- interval even during very slow connects.
-
-- The tests/runtests.pl script now checks to see if the test case that runs is
- present in the tests/data/Makefile.am and outputs a notice message on the
- screen if not. Each test file has to be included in that Makefile.am to get
- included in release archives and forgetting to add files there is a common
- mistake. This is an attempt to make it harder to forget.
-
-Daniel Stenberg (9 Jan 2010)
-- Johan van Selst found and fixed a OpenSSL session ref count leak:
-
- ossl_connect_step3() increments an SSL session handle reference counter on
- each call. When sessions are re-used this reference counter may be
- incremented many times, but it will be decremented only once when done (by
- Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
- if this reference count remains positive. When a session is re-used the
- reference counter should be corrected by explicitly calling
- SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
- introducing a memory leak.
-
- (https://curl.haxx.se/bug/view.cgi?id=2926284)
-
-Daniel Stenberg (7 Jan 2010)
-- Make sure the progress callback is called repeatedly even during very slow
- name resolves when c-ares is used for resolving.
-
-Claes Jakobsson (6 Jan 2010)
-- Julien Chaffraix fixed so that the fragment part in an URL is not sent
- to the server anymore.
-
-Kamil Dudka (3 Jan 2010)
-- Julien Chaffraix eliminated a duplicated initialization in singlesocket().
-
-Daniel Stenberg (2 Jan 2010)
-- Make curl support --ssl and --ssl-reqd instead of the previous FTP-specific
- versions --ftp-ssl and --ftp-ssl-reqd as these options are now used to
- control SSL/TLS for IMAP, POP3 and SMTP as well in addition to FTP. The old
- option names are still working but the new ones are the ones listed and
- documented.
-
-Daniel Stenberg (1 Jan 2010)
-- Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
- command is a special "hack" used by the drftpd server, but even though it is
- a custom extension I've deemed it fine to add to libcurl since this server
- seems to survive and people keep using it and want libcurl to support
- it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
- usable from the curl tool with --ftp-pret. Using this option on a server
- that doesn't support this command will make libcurl fail.
-
- I added test cases 1107 and 1108 to verify the functionality.
-
- The PRET command is documented at
- http://www.drftpd.org/index.php/Distributed_PASV
-
-Yang Tse (30 Dec 2009)
-- Steven M. Schweda improved VMS build system, and Craig A. Berry helped
- with the patch and testing.
-
-Daniel Stenberg (26 Dec 2009)
-- Renato Botelho and Peter Pentchev brought a patch that makes the libcurl
- headers work correctly even on FreeBSD systems before v8.
-
- (https://curl.haxx.se/bug/view.cgi?id=2916915)
-
-Daniel Stenberg (17 Dec 2009)
-- David Byron fixed Curl_ossl_cleanup to actually call ENGINE_cleanup when
- available.
-
-- Follow-up fix for the proxy fix I did for Jon Nelson's bug. It turned out I
- was a bit too quick and broke test case 1101 with that change. The order of
- some of the setups is sensitive. I now changed it slightly again to make
- sure we do them in this order:
-
- 1 - parse URL and figure out what protocol is used in the URL
- 2 - prepend protocol:// to URL if missing
- 3 - parse name+password off URL, which needs to know what protocol is used
- (since only some allows for name+password in the URL)
- 4 - figure out if a proxy should be used set by an option
- 5 - if no proxy option, check proxy environment variables
- 6 - run the protocol-specific setup function, which needs to have the proxy
- already set
-
-Daniel Stenberg (15 Dec 2009)
-- Jon Nelson found a regression that turned out to be a flaw in how libcurl
- detects and uses proxies based on the environment variables. If the proxy
- was given as an explicit option it worked, but due to the setup order
- mistake proxies would not be used fine for a few protocols when picked up
- from '[protocol]_proxy'. Obviously this broke after 7.19.4. I now also added
- test case 1106 that verifies this functionality.
-
- (https://curl.haxx.se/bug/view.cgi?id=2913886)
-
-Daniel Stenberg (12 Dec 2009)
-- IMAP, POP3 and SMTP support and their TLS versions (including IMAPS, POP3S
- and SMTPS) are now supported. The current state may not yet be solid, but
- the foundation is in place and the test suite has some initial support for
- these protocols. Work will now persue to make them nice libcurl citizens
- until release.
-
- The work with supporting these new protocols was sponsored by
- networking4all.com - thanks!
-
-Daniel Stenberg (10 Dec 2009)
-- Siegfried Gyuricsko found out that the curl manual said --retry would retry
- on FTP errors in the transient 5xx range. Transient FTP errors are in the
- 4xx range. The code itself only tried on 5xx errors that occured _at login_.
- Now the retry code retries on all FTP transfer failures that ended with a
- 4xx response.
-
- (https://curl.haxx.se/bug/view.cgi?id=2911279)
-
-- Constantine Sapuntzakis figured out a case which would lead to libcurl
- accessing alredy freed memory and thus crash when using HTTPS (with
- OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
- of cleaning things up. I fixed it.
-
- (https://curl.haxx.se/bug/view.cgi?id=2905220)
-
-Daniel Stenberg (7 Dec 2009)
-- Martin Storsjo made libcurl use the Expect: 100-continue header for posts
- with unknown size. Previously it was only used for posts with a known size
- larger than 1024 bytes.
-
-Daniel Stenberg (1 Dec 2009)
-- If the Expect: 100-continue header has been set by the application through
- curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
- data->state.expect100header accordingly - the current code (in 7.19.7 at
- least) doesn't handle this properly. Martin Storsjo provided the fix!
-
-Yang Tse (28 Nov 2009)
-- Added Diffie-Hellman parameters to several test harness certificate files in
- PEM format. Required by several stunnel versions used by our test harness.
-
-Daniel Stenberg (28 Nov 2009)
-- Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
- rework patch that now integrates TFTP properly into libcurl so that it can
- be used non-blocking with the multi interface and more. BLKSIZE also works.
-
- The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
- the command line.
-
-Daniel Stenberg (26 Nov 2009)
-- Extended and fixed the change I did on Dec 11 for the the progress
- meter/callback during FTP command/response sequences. It turned out it was
- really lame before and now the progress meter SHOULD get called at least
- once per second.
-
-Daniel Stenberg (23 Nov 2009)
-- Bjorn Augustsson reported a bug which made curl not report any problems even
- though it failed to write a very small download to disk (done in a single
- fwrite call). It turned out to be because fwrite() returned success, but
- there was insufficient error-checking for the fclose() call which tricked
- curl to believe things were fine.
-
-Yang Tse (23 Nov 2009)
-- David Byron modified Makefile.dist vc8 and vc9 targets in order to allow
- finer granularity control when generating src and lib makefiles.
-
-Yang Tse (22 Nov 2009)
-- I modified configure to force removal of the curlbuild.h file included in
- distribution tarballs for use by non-configure systems. As intended, this
- would get overwriten when doing in-tree builds. But VPATH builds would end
- having two curlbuild.h files, one in the source tree and another in the
- build tree. With the modification I introduced 5 Nov 2009 this could become
- an issue when running libcurl's test suite.
-
-Daniel Stenberg (20 Nov 2009)
-- Constantine Sapuntzakis identified a write after close, as the sockets were
- closed by libcurl before the SSL lib were shutdown and they may write to its
- socket. Detected to at least happen with OpenSSL builds.
-
-- Jad Chamcham pointed out a bug with connection re-use. If a connection had
- CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
- same proxy with the tunnel option disabled would still wrongly re-use that
- previous connection and the outcome would only be badness.
-
-Yang Tse (18 Nov 2009)
-- I modified the memory tracking system to make it intolerant with zero sized
- malloc(), calloc() and realloc() function calls.
-
-Daniel Stenberg (17 Nov 2009)
-- Constantine Sapuntzakis provided another fix for the DNS cache that could
- end up with entries that wouldn't time-out:
-
- 1. Set up a first web server that redirects (307) to a http://server:port
- that's down
- 2. Have curl connect to the first web server using curl multi
-
- After the curl_easy_cleanup call, there will be curl dns entries hanging
- around with in_use != 0.
-
- (https://curl.haxx.se/bug/view.cgi?id=2891591)
-
-- Marc Kleine-Budde fixed: curl saved the LDFLAGS set during configure into
- its pkg-config file. So -Wl stuff ended up in the .pc file, which is really
- bad, and breaks if there are multiple -Wl in our LDFLAGS (which are in
- PTXdist). bug #2893592 (https://curl.haxx.se/bug/view.cgi?id=2893592)
-
-Kamil Dudka (15 Nov 2009)
-- David Byron improved the configure script to use pkg-config to find OpenSSL
- (and in particular the list of required libraries) even if a path is given
- as argument to --with-ssl
-
-Yang Tse (15 Nov 2009)
-- I removed enable-thread / disable-thread configure option. These were only
- placebo options. The library is always built as thread safe as possible on
- every system.
-
-Claes Jakobsson (14 Nov 2009)
-- curl-config now accepts '--configure' to see what arguments was
- passed to the configure script when building curl.
-
-Daniel Stenberg (14 Nov 2009)
-- Claes Jakobsson restored the configure functionality to detect NSS when
- --with-nss is set but not "yes".
-
- I think we can still improve that to check for pkg-config in that path etc,
- but at least this patch brings back the same functionality we had before.
-
-- Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
- the client certificate. It also disable the key name test as some engines
- can select a private key/cert automatically (When there is only one key
- and/or certificate on the hardware device used by the engine)
-
-Yang Tse (14 Nov 2009)
-- Constantine Sapuntzakis provided the fix that ensures that an SSL connection
- won't be reused unless protection level for peer and host verification match.
-
- I refactored how preprocessor symbol _THREAD_SAFE definition is done.
-
-Kamil Dudka (12 Nov 2009)
-- Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
- closed NSPR descriptor. The issue was hard to find, reported several times
- before and always closed unresolved. More info at the RH bug:
- https://bugzilla.redhat.com/534176
-
-- libcurl-NSS now tries to reconnect with TLS disabled in case it detects
- a broken TLS server. However it does not happen if SSL version is selected
- manually. The approach was originally taken from PSM. Kaspar Brand helped me
- to complete the patch. Original bug reports:
- https://bugzilla.redhat.com/525496
- https://bugzilla.redhat.com/527771
-
-Yang Tse (12 Nov 2009)
-- I modified configure script to make the getaddrinfo function check also
- verify if the function is thread safe.
-
-Yang Tse (11 Nov 2009)
-- Marco Maggi reported that compilation failed when configured --with-gssapi
- and GNU GSS installed due to a missing mutual exclusion of header files in
- the Kerberos 5 code path. He also verified that my patch worked for him.
-
-Daniel Stenberg (11 Nov 2009)
-- Constantine Sapuntzakis posted bug #2891595
- (https://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
- in the DNS cache would linger too long if the request that added it was in
- use that long. He also provided the patch that now makes libcurl capable of
- still doing a request while the DNS hash entry may get timed out.
-
-- Christian Schmitz noticed that the progress meter/callback was not properly
- used during the FTP connection phase (after the actual TCP connect), while
- it of course should be. I also made the speed check get called correctly so
- that really slow servers will trigger that properly too.
-
-Kamil Dudka (5 Nov 2009)
-- Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
- in non-blocking mode.
-
-Yang Tse (5 Nov 2009)
-- I removed leading 'curl' path on the 'curlbuild.h' include statement in
- curl.h, adjusting auto-makefiles include path, to enhance portability to
- OS's without an orthogonal directory tree structure such as OS/400.
-
-Daniel Stenberg (4 Nov 2009)
-- I fixed several problems with the transfer progress meter. It showed the
- wrong percentage for small files, most notable for <1000 bytes and could
- easily end up showing more than 100% at the end. It also didn't show any
- percentage, transfer size or estimated transfer times when transferring
- less than 100 bytes.
-
-Version 7.19.7 (4 November 2009)
-
-Daniel Stenberg (2 Nov 2009)
-- As reported independent by both Stan van de Burgt and Didier Brisebourg,
- CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when
- getting data from ldap!
-
-Daniel Stenberg (31 Oct 2009)
-- Gabriel Kuri reported a problem with CURLINFO_CONTENT_LENGTH_DOWNLOAD if the
- download was 0 bytes, as libcurl would then return the size as unknown (-1)
- and not 0. I wrote a fix and test case 566 to verify it.
-
-Daniel Stenberg (30 Oct 2009)
-- Liza Alenchery mentioned a problem with re-used SCP connection when a bad
- auth is used, as it caused a crash. I failed to repeat the issue, but still
- made a change that now forces the TCP connection used for a freed SCP
- session to get closed and not be re-used.
-
-- "Tom" posted a bug report that mentioned how libcurl did wrong when doing a
- POST using a read callback, with Digest authentication and
- "Transfer-Encoding: chunked" enforced. I would then cause the first request
- to be wrongly sent and then basically hang until the server closed the
- connection. I fixed the problem and added test case 565 to verify it.
-
-Daniel Stenberg (25 Oct 2009)
-- Dima Barsky made the curl cookie parser accept cookies even with blank or
- unparsable expiry dates and then treat them as session cookies - previously
- libcurl would reject cookies with a date format it couldn't parse. Research
- shows that the major browser treat such cookies as session cookies. I
- modified test 8 and 31 to verify this.
-
-Daniel Stenberg (21 Oct 2009)
-- Attempt to use pkg-config for finding out libssh2 installation details
- during configure.
-
-- A patch in bug report #2883177 (https://curl.haxx.se/bug/view.cgi?id=2883177)
- by Johan van Selst introduced the --crlfile option to curl, which makes curl
- tell libcurl about a file with CRL (certificate revocation list) data to
- read.
-
-Daniel Stenberg (18 Oct 2009)
-- Ray Dassen provided a patch in Debian's bug tracker (bug number #551461)
- that now makes curl_getdate(3) actually handles RFC 822 formatted dates that
- use the "single letter military timezones".
- http://www.rfc-ref.org/RFC-TEXTS/822/chapter5.html has the details.
-
-- Fixed memory leak in the SCP/SFTP code as it never freed the knownhosts
- data!
-
-- John Dennis filed bug report #2873666
- (https://curl.haxx.se/bug/view.cgi?id=2873666) which identified a problem
- which made libcurl loop infinitely when given incorrect credentials when
- using HTTP GSS negotiate authentication. He also provided a small and simple
- patch for it.
-
-- Kevin Baughman found a double close() problem with libcurl-NSS, as when
- libcurl called NSS to close the SSL "session" it also closed the actual
- socket.
-
-Yang Tse (17 Oct 2009)
-- Bug report #2866724 indicated
- (https://curl.haxx.se/bug/view.cgi?id=2866724) that curl on Windows failed
- when writing files whose file names originally contained characters which
- are not valid for file names on Windows. Dan Fandrich provided an initial
- patch and another revised one to fix this issue.
-
-Daniel Stenberg (1 Oct 2009)
-- Tom Mueller correctly reported in bug report #2870221
- (https://curl.haxx.se/bug/view.cgi?id=2870221) that libcurl returned an
- incorrect return code from the internal trynextip() function which caused
- him grief. This is a regression that was introduced in 7.19.1 and I find it
- strange it hasn't hit us harder, but I won't persue into figuring out
- exactly why.
-
-- Constantine Sapuntzakis: The current implementation will always set
- SO_SNDBUF to CURL_WRITE_SIZE even if the SO_SNDBUF starts out larger. The
- patch doesn't do a setsockopt if SO_SNDBUF is already greater than
- CURL_WRITE_SIZE. This should help folks who have set up their computer with
- large send buffers.
-
-Daniel Stenberg (27 Sep 2009)
-- I introduced a maximum limit for received HTTP headers. It is controlled by
- the define CURL_MAX_HTTP_HEADER which is even exposed in the public header
- file to allow for users to fairly easy rebuild libcurl with a modified
- limit. The rationale for a fixed limit is that libcurl is realloc()ing a
- buffer to be able to put a full header into it, so that it can call the
- header callback with the entire header, but that also risk getting it into
- trouble if a server by mistake or willingly sends a header that is more or
- less without an end. The limit is set to 100K.
-
-Daniel Stenberg (26 Sep 2009)
-- John P. McCaskey posted a bug report that showed how libcurl did wrong when
- saving received cookies with no given path, if the path in the request had a
- query part. That is means a question mark (?) and characters on the right
- side of that. I wrote test case 1105 and fixed this problem.
-
-Kamil Dudka (26 Sep 2009)
-- Implemented a protocol independent way to specify blocking direction, used by
- transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
- This enhancement resolves an issue with 100% CPU usage during SFTP upload,
- reported by Vourhey.
-
-Daniel Stenberg (25 Sep 2009)
-- Chris Mumford filed bug report #2861587
- (https://curl.haxx.se/bug/view.cgi?id=2861587) identifying that libcurl used
- the OpenSSL function X509_load_crl_file() wrongly and failed if it would
- load a CRL file with more than one certificate within. This is now fixed.
-
-Daniel Stenberg (16 Sep 2009)
-- Sven Anders reported that we introduced a cert verfication flaw for OpenSSL-
- powered libcurl in 7.19.6. If there was a X509v3 Subject Alternative Name
- field in the certficate it had to match and so even if non-DNS and non-IP
- entry was present it caused the verification to fail.
-
-Daniel Fandrich (15 Sep 2009)
-- Moved the libssh2 checks after the SSL library checks. This helps when
- statically linking since libssh2 needs the SSL library link flags to be
- set up already to satisfy its dependencies. This wouldn't be necessary if
- the libssh2 configure check was changed to use pkg-config since the
- --static flag would add the dependencies automatically.
-
-Yang Tse (14 Sep 2009)
-- Revert Joshua Kwan's patch committed 11 Sep 2009.
-
- Some systems poll function sets POLLHUP in revents without setting
- POLLIN, and sets POLLERR without setting POLLIN and POLLOUT. In some
- libcurl code execution paths this could trigger busy wait loops with
- high CPU usage until a timeout condition aborted the loop.
-
- The reverted patch addressed the above issue for a very specific case,
- when awaiting c-ares to resolve. A libcurl-wide fix for Curl_poll now
- superceeds this one.
-
-Guenter Knauf (11 Sep 2009)
-- Joshua Kwan provided a patch to pass POLLERR / POLLHUP back to c-ares.
- This fixes a loop problem with high CPU usage.
-
-Daniel Stenberg (10 Sep 2009)
-- Claes Jakobsson fixed a problem with cookie expiry dates at exctly the epoch
- start second "Thu Jan 1 00:00:00 GMT 1970" as the date parser then returns 0
- which internally then is treated as a session cookie. That particular date
- is now made to get the value of 1.
-
-Daniel Stenberg (2 Sep 2009)
-- Daniel Johnson found a flaw in the code converting sftp-errors to libcurl
- errors.
-
-Daniel Stenberg (1 Sep 2009)
-- Peter Sylvester made a debug feature for Curl_resolv() that now will force
- libcurl to resolve 'localhost' whatever name you use in the URL *if* you set
- the --interface option to (exactly) "LocalHost". This will enable us to
- write tests for custom hosts names but still use a local host server.
-
-- configure now tries to use pkg-config for a number of sub-dependencies even
- when cross-compiling. The key to success is then you properly setup
- PKG_CONFIG_PATH before invoking configure.
-
- I also improved how NSS is detected by trying nss-config if pkg-config isn't
- present, and as a last resort just use the lib name and force the user to
- setup the LIBS/LDFLAGS/CFLAGS etc properly. The previous last resort would
- add a range of various libs that would almost never be quite correct.
-
-Daniel Stenberg (31 Aug 2009)
-- When using the multi interface with FTP and you asked for NOBODY, you did no
- QUOTE commands and the request used the same path as the connection had
- already changed to, it would decide that no commands would be necessary for
- the "DO" action and that was not handled properly but libcurl would instead
- hang.
-
-Kamil Dudka (28 Aug 2009)
-- Improved error message for not matching certificate subject name in
- libcurl-NSS. Originally reported at:
- https://bugzilla.redhat.com/show_bug.cgi?id=516056#c9
-
-Patrick Monnerat (24 Aug 2009)
-- Introduced a SYST-based test to properly set-up name format when dealing
- with the OS/400 FTP server.
-
-- Fixed an ftp_readresp() bug preventing detection of failing control socket
- and causing FTP client to loop forever.
-
-Daniel Stenberg (24 Aug 2009)
-- Marc de Bruin pointed out that configure --with-gnutls=PATH didn't work
- properly and provided a fix. https://curl.haxx.se/bug/view.cgi?id=2843008
-
-- Eric Wong introduced support for the new option -T. (dot) that makes curl
- read stdin in a non-blocking fashion. This also brings back -T- (minus) to
- the previous blocking behavior since it could break stuff for people at
- times.
-
-Michal Marek (21 Aug 2009)
-- With CURLOPT_PROXY_TRANSFER_MODE, avoid sending invalid URLs like
- ftp://example.com;type=i if the user specified ftp://example.com without the
- slash.
-
-Daniel Stenberg (21 Aug 2009)
-- Andre Guibert de Bruet pointed out a missing return code check for a
- strdup() that could lead to segfault if it returned NULL. I extended his
- suggest patch to now have Curl_retry_request() return a regular return code
- and better check that.
-
-- Lots of good work by Krister Johansen, mostly related to pipelining:
-
- Fix SIGSEGV on free'd easy_conn when pipe unexpectedly breaks
- Fix data corruption issue with re-connected transfers
- Fix use after free if we're completed but easy_conn not NULL
-
-Kamil Dudka (13 Aug 2009)
-- Changed NSS code to not ignore the value of ssl.verifyhost and produce more
- verbose error messages. Originally reported at:
- https://bugzilla.redhat.com/show_bug.cgi?id=516056
-
-Daniel Stenberg (12 Aug 2009)
-- Karl Moerder fixed the Makefile.vc* makefiles to include the new file
- nonblock.c so that they work fine again
-
-- I expanded test 517 with a bunch of more dates that originate from the
- Chrome browser test suite. It turns out most of them get parsed the same
- way.
-
-Version 7.19.6 (12 August 2009)
-
-Daniel Stenberg (12 Aug 2009)
-- Carsten Lange reported a bug and provided a patch for TFTP upload and the
- sending of the TSIZE option. I don't like fixing bugs just hours before
- a release, but since it was broken and the patch fixes this for him I decided
- to get it in anyway.
-
-Daniel Stenberg (11 Aug 2009)
-- Peter Sylvester made the HTTPS test server use specific certificates for
- each test, so that the test suite can now be used to actually test the
- verification of cert names etc. This made an error show up in the OpenSSL-
- specific code where it would attempt to match the CN field even if a
- subjectAltName exists that doesn't match. This is now fixed and verified
- in test 311.
-
-- Benbuck Nason posted the bug report #2835196
- (https://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler
- warnings when mixing ints and bools.
-
-Daniel Fandrich (10 Aug 2009)
-- Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow.
-
-Daniel Fandrich (9 Aug 2009)
-- Fixed some memory leaks in the command-line tool that caused most of the
- torture tests to fail.
-
-Daniel Stenberg (2 Aug 2009)
-- Curt Bogmine reported a problem with SNI enabled on a particular server. We
- should introduce an option to disable SNI, but as we're in feature freeze
- now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
- shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
- Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
- option for SNI, or are we simply not using it?
-
-Daniel Stenberg (1 Aug 2009)
-- Scott Cantor posted the bug report #2829955
- (https://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
- verification flaw found and exploited by Moxie Marlinspike. The presentation
- he did at Black Hat is available here:
- https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike
-
- Apparently at least one CA allowed a subjectAltName or CN that contain a
- zero byte, and thus clients that assumed they would never have zero bytes
- were exploited to OK a certificate that didn't actually match the site. Like
- if the name in the cert was "example.com\0theatualsite.com", libcurl would
- happily verify that cert for example.com.
-
- libcurl now better uses the length of the extracted name, not using the zero
- termination for getting the string length.
-
- This fixing only made and needed in OpenSSL interfacing code.
-
-- Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
- only in some OpenSSL installs - like on Windows) isn't thread-safe and we
- agreed that moving it to the global_init() function is a decent way to deal
- with this situation.
-
-- Alexander Beedie provided the patch for a noproxy problem: If I have set
- CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
- could still end up using a proxy if a proxy environment variable was set.
-
-Daniel Stenberg (27 Jul 2009)
-- All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and
- CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to
- send when using FTP, as a sign that libcurl shall simply ignore the response
- from the server instead of treating it as an error. Not treating a 400+ FTP
- response code as an error means that failed commands will not abort the
- chain of commands, nor will they cause the connection to get disconnected.
-
-Daniel Stenberg (26 Jul 2009)
-- Johan van Selst posted bug report #2825989
- (https://curl.haxx.se/bug/view.cgi?id=2825989) pointing out that
- OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm, and
- provided the solution too: to use OpenSSL_add_all_algorithms() in addition
- to the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in
- OpenSSL 0.9.5
-
-Daniel Stenberg (23 Jul 2009)
-- Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
- They introduce known_host support for SSH keys to libcurl. See docs for
- details. Note that this feature depends on a new enough libssh2 version, to
- be supported in libssh2 1.2 and later (or current git repo at this time).
-
-Michal Marek (22 Jul 2009)
-- David Binderman found a memory and fd leak in lib/gtls.c:load_file()
- (https://bugzilla.novell.com/523919). When looking at the code, I found that
- also the ptr pointer can leak.
-
-Kamil Dudka (20 Jul 2009)
-- Claes Jakobsson improved the support for client certificates handling in
- NSS-powered libcurl. Now the client certificates can be selected
- automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
- slots is no more performed. It used to cause problems with HW tokens.
-
-- Fixed reference counting for NSS client certificates. Now the PEM reader
- module should be always properly unloaded on Curl_nss_cleanup(). If the
- unload fails though, libcurl will try to reuse the already loaded instance.
-
-Daniel Fandrich (15 Jul 2009)
-- Added nonblock.c to the non-automake makefiles (note that the dependencies
- in the Watcom makefiles aren't quite correct).
-
-Michal Marek (15 Jul 2009)
-- Changed the description of CURLINFO_OS_ERRNO to make it clear that the
- errno is not reset on success.
-
-Guenter Knauf (14 Jul 2009)
-- renamed generated config.h to curl_config.h to avoid any future clashes
- with config.h from other projects.
-
-Daniel Stenberg (9 Jul 2009)
-- Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses for
- setting a file descriptor non-blocking. Used by the functionality Eric
- himself brough on June 15th.
-
-Daniel Stenberg (8 Jul 2009)
-- Constantine Sapuntzakis posted bug report #2813123
- (https://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
- problem:
-
- Url A is accessed using auth. Url A redirects to Url B (on a different
- server0. Url B reuses a persistent connection. Url B has auth, even though
- it's on a different server.
-
- Note: if Url B does not reuse a persistent connection, auth is not sent.
-
- reason:
-
- data->state.first_host is not initialized becuase Curl_http_connect is not
- called when a connection is reused.
-
- Solution:
-
- move initialization of data->state.first_host to Curl_http. No code before
- Curl_http uses data->state.first_host anyway.
-
-Guenter Knauf (4 Jul 2009)
-- Markus Koetter provided a patch to avoid getnameinfo() usage which broke a
- couple of both IPv4 and IPv6 autobuilds.
-
-Daniel Stenberg (29 Jun 2009)
-- Markus Koetter made CURLOPT_FTPPORT (and curl's -P/--ftpport) support a port
- range if given colon-separated after the host name/address part. Like
- "192.168.0.1:2000-10000"
-
-- Modified the separators used for CURLOPT_CERTINFO in multi-part outputs. I
- don't know how they got wrong in the first place, but using this output
- format makes it possible to quite easily separate the string into an array
- of multiple items.
-
-Daniel Fandrich (16 June 2009)
-- Added a few more compiler warning options for gcc.
-
-Daniel Stenberg (16 Jun 2009)
-- Reuven Wachtfogel made curl -o - properly produce a binary output on windows
- (no newline translations). Use -B/--use-ascii if you rather get the ascii
- approach.
-
-Michal Marek (16 Jun 2009)
-- When doing non-anonymous ftp via http proxies and the password is not
- provided in the url, add it there (squid needs this).
-
-Daniel Stenberg (15 Jun 2009)
-- Eric Wong's patch:
-
- This allows curl(1) to be used as a client-side tunnel for arbitrary stream
- protocols by abusing chunked transfer encoding in both the HTTP request and
- HTTP response. This requires server support for sending a response while a
- request is still being read, of course.
-
- If attempting to read from stdin returns EAGAIN, then we pause our sender.
- This leaves curl to attempt to read from the socket while reading from stdin
- (and thus sending) is paused.
-
- This change was needed to allow successfully tunneling the git protocol over
- HTTP (--no-buffer is needed, as well).
-
-Patrick Monnerat (15 Jun 2009)
-- Replaced use of standard C library rand()/srand() by our own pseudo-random
- number generator.
-
-Yang Tse (11 Jun 2009)
-- I adapted testcurl script to allow building test harness programs when
- cross-compiling for a *-*-mingw* host.
-
-Daniel Stenberg (10 Jun 2009)
-- Fabian Keil ran clang on the (lib)curl code, found a bunch of warnings and
- contributed a range of patches to fix them.
-
-Yang Tse (10 Jun 2009)
-- I introduced configure script option --enable-curldebug which now allows
- the decoupled enabling or disabling of the curl debug memory tracking
- feature from the --enable-debug option which no longer controls this.
-
- curl --version will list 'Debug' feature for debug enabled builds, and
- will list 'TrackMemory' feature for curl debug memory tracking capable
- builds. These features are independent and can be controlled when running
- the configure script. When --enable-debug is given both features will be
- enabled, unless some restriction prevents memory tracking from being used.
-
- Internally, definition of preprocessor symbol DEBUGBUILD restricts code
- which is only compiled for debug enabled builds. And symbol CURLDEBUG is
- used to differentiate code which is _only_ used for memory tracking.
-
-Yang Tse (9 Jun 2009)
-- Daniel Steinberg pointed out that Curl_FormInit() in formdata.c was not
- initializing the fread callback pointer and this triggered a compiler
- warning, also provided a friendly suggestion on how to fix it.
-
-Daniel Stenberg (8 Jun 2009)
-- Claes Jakobsson provided a patch for libcurl-NSS that fixed a bad refcount
- issue with client certs that caused issues like segfaults.
- https://curl.haxx.se/mail/lib-2009-05/0316.html
-
-- Triggered by bug report #2798852 and the patch in there, I fixed configure
- to detect gnutls build options with pkg-config only and not libgnutls-config
- anymore since GnuTLS has stopped distributing that tool. If an explicit path
- is given to configure, we will instead guess on how to link and use that
- lib. I did not use the patch from the bug report.
-
-Yang Tse (8 Jun 2009)
-- Igor Novoseltsev adjusted Makefile.vxworks to get sources and headers
- included from Makefile.inc, and provided docs\INSTALL VxWorks section.
-
-- I removed buildconf.bat from release and daily snapshot archives. This
- file is only for CVS tree checkout builds.
-
-Daniel Stenberg (8 Jun 2009)
-- Eric Wong fixed --no-buffer to actually switch off output buffering. Been
- broken since 7.19.0
-
-Bill Hoffman (6 Jun 2009)
-- Added some cmake docs and fixed socklen_t in the build.
-
-Yang Tse (5 Jun 2009)
-- John E. Malmberg provided VMS specific patch: "This fixes an existing bug
- in urlglob.c where it was not converting the Curl Unix exit code to a VMS
- DCL compatible exit code. This fix required the enhancement described next.
- This also adds an enhancement to main.c so that when curl is run under a
- Unix shell like Bash on VMS, it will return the standard Unix exit codes
- and messages." And another patch for docs/examples.
-
- I introduced os-specific.c and os-specific.h for use in curl tool code
- and adjusted John E. Malmberg's patch placement to use these new files
- as an effort to prevent main.c from growing ad infinitum. Code already
- existing in main.c which is OS specific should be moved into these files.
-
-Daniel Stenberg (4 June 2009)
-- Setting the Content-Length: header from your app when you do a POST or PUT
- is almost always a VERY BAD IDEA. Yet there are still apps out there doing
- this, and now recently it triggered a bug/side-effect in libcurl as when
- libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
- knows it will just get a 401/407 back. If the app then replaced the
- Content-Length header, it caused the server to wait for input that libcurl
- wouldn't send. Aaron Oneal reported this problem in bug report #2799008
- (https://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.
-
-Yang Tse (4 Jun 2009)
-- Igor Novoseltsev provided patches and information, that after some
- adjustments to better fit curl's way of doing things, have resulted
- in the posibility of building libcurl for VxWorks.
-
-Daniel Fandrich (2 June 2009)
-- Checked in a Google Android make file. To use it, you must first
- create a config.h file by running configure in the Android environment,
- which doesn't seem to be easy to do. If no easy way can be found, a
- static config-android.h may need to be created and checked in to the
- libcurl source tree.
-
-Daniel Stenberg (1 June 2009)
-- Claes Jakobsson fixed the configure script to better find and use NSS
- without pkg-config.
-
-Yang Tse (1 Jun 2009)
-- John E. Malmberg provided a VMS specific clean-up for curl.h, and pointed
- out that the configure script was failing to detect the timeval struct on
- VMS when building with _XOPEN_SOURCE_EXTENDED undefined due to definition
- taking place in socket.h instead of time.h. I have adjusted configure
- script to also include this header when checking struct timeval.
-
-Daniel Stenberg (27 May 2009)
-- Frank McGeough provided a small OpenSSL #include fix to make libcurl compile
- fine with Nokia 5th edition 1.0 SDK for Symbian.
-
-- Andre Guibert de Bruet found a call to a OpenSSL function that didn't check
- for a failure properly.
-
-- Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear
- the auth credentials back in 7.19.0 and earlier while now you have to set ""
- to get the same effect. His patch brings back the ability to use NULL.
-
-- Claes Jakobsson fixed libcurl-NSS to build fine even without the
- PK11_CreateGenericObject() function.
-
-Daniel Stenberg (25 May 2009)
-- bug report #2796358 (https://curl.haxx.se/bug/view.cgi?id=2796358) pointed
- out that the cookie parser would leak memory when it parses cookies that are
- received with domain, path etc set multiple times in the same header. While
- such a cookie is questionable, they occur in the wild and libcurl no longer
- leaks memory for them. I added such a header to test case 8.
-
-Daniel Fandrich (22 May 2009)
-- Removed some obsolete digest code that caused a valgrind error in test 551.
-
-Daniel Fandrich (20 May 2009)
-- Added "non-existing host" test keywords to make it easy to skip those
- tests on machines that have broken DNS configurations (such as
- those configured to use OpenDNS).
-
-Daniel Stenberg (19 May 2009)
-- Kamil Dudka brought the patch from the Redhat bug entry
- https://bugzilla.redhat.com/show_bug.cgi?id=427966 which was libcurl closing
- a bad file descriptor when closing down the FTP data connection. Caolan
- McNamara seems to be the original author of it.
-
-Version 7.19.5 (18 May 2009)
-
-Daniel Stenberg (17 May 2009)
-- James Bursa posted a patch to the mailing list that fixed a problem with
- no_proxy which made it not skip the proxy if the URL entered contained a
- user name. I added test case 1101 to verify.
-
-Daniel Stenberg (11 May 2009)
-- Balint Szilakszi reported a memory leak when libcurl did gzip decompression
- of streams that had some parts (legitimately) missing. We now provide and use
- a proper cleanup function for the content encoding submodule.
- https://curl.haxx.se/mail/lib-2009-05/0092.html
-
-- Kamil Dudka provided a fix for libcurl-NSS reported by Michael Cronenworth
- at https://bugzilla.redhat.com/show_bug.cgi?id=453612#c12
-
- If an incorrect password is given while loading a private key, libcurl ends
- up in an infinite loop consuming memory. The bug is critical.
-
-- I fixed the problem with doing NTLM, POST and then following a 302 redirect,
- as reported by Ebenezer Ikonne (on curl-users) and Laurent Rabret (on
- curl-library). The transfer was mistakenly marked to get more data to send
- but since it didn't actually have that, it just hung there...
-
-Daniel Stenberg (10 May 2009)
-- Andre Guibert de Bruet correctly pointed out an over-alloc with one wasted
- byte in the digest code.
-
-Yang Tse (9 May 2009)
-- Removed DOS and TPF package's subdirectory Makefile.am, it was only used
- to include some files in the distribution tarball serving no other purpose.
- Files from the DOS and TPF subdirectories are now included in the EXTRA_DIST
- of the Makefile in the parent subdirectory.
-
-Yang Tse (8 May 2009)
-- Changed host name literal in several tests to one under the haxx.se domain.
-
-- Renamed vc6 workspace and project files to avoid filename clash when used
- for conversion to later VS versions.
-
-Daniel Stenberg (8 May 2009)
-- Constantine Sapuntzakis fixed bug report #2784055
- (https://curl.haxx.se/bug/view.cgi?id=2784055) identifying a problem to
- connect to SOCKS proxies when using the multi interface. It turned out to
- almost not work at all previously. We need to wait for the TCP connect to
- be properly verified before doing the SOCKS magic.
-
- There's still a flaw in the FTP code for this.
-
-Daniel Stenberg (7 May 2009)
-- Made the SO_SNDBUF setting for the data connection socket for ftp uploads as
- well. See change 28 Apr 2009.
-
-Yang Tse (7 May 2009)
-- Fixed an issue affecting FTP transfers, introduced with the transfer.c
- patch committed May 4.
-
-Daniel Stenberg (7 May 2009)
-- Man page *roff problems fixed thanks to input from Colin Watson. Problems
- reported in the Debian package.
-
-- Vijay G filed bug report #2723236
- (https://curl.haxx.se/bug/view.cgi?id=2723236) identifying a problem with
- libcurl's TFTP code and its lack of dealing with the OACK packet.
-
-Yang Tse (5 May 2009)
-- Fixed the --ftp-port address of test #251 to the CLIENTIP address, and
- reverted the change affecting test suite harness committed 4 May.
-
-Daniel Stenberg (5 May 2009)
-- Inspired by Michael Smith's session id fix for OpenSSL, I did the
- corresponding fix in the GnuTLS code: make sure to store the new session id
- in case the previous re-used one is rejected.
-
-Daniel Stenberg (4 May 2009)
-- Michael Smith posted bug report #2786255
- (https://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
- libcurl did not deal with SSL session ids properly if the server rejected a
- re-use of one. Starting now, it will forget the rejected one and remember
- the new. This change was for OpenSSL only, it is likely that other SSL lib
- code needs similar fixes.
-
-Yang Tse (4 May 2009)
-- Applied David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and
- non-ASCII platform HTTP requests" patch addressing two HTTP PUT problems:
- 1) On non-ASCII platforms not all of the protocol portions of the PUT are
- being translated to ASCII. 2) On all platforms the line endings of part of
- the protocol portions are mangled from CRLF to CRCRLF if data->set.crlf or
- data->set.prefer_ascii are set (depending on CURL_DO_LINEEND_CONV).
-
-- Applied David McCreedy's patch to fix test suite harness to allow test FTP
- server and client on different machines, providing FTP client address when
- running the FTP test server.
-
-Daniel Fandrich (3 May 2009)
-- Added and disabled test case 563 which shows KNOWN_BUGS #59. The bug
- report failed to mention that a proxy must be used to reproduce it.
-
-Yang Tse (2 May 2009)
-- Use a build-time configured curl_socklen_t data type instead of socklen_t.
-
-Yang Tse (1 May 2009)
-- Applied David McCreedy's patches "TPF-platform specific changes to various
- files" and "http.c fix to Curl_proxyCONNECT for non-ASCII platforms", the
- former with minor edits.
-
-Daniel Stenberg (30 Apr 2009)
-- I was going to fix issue #59 in KNOWN_BUGS
-
- If the CURLOPT_PORT option is used on an FTP URL like
- "ftp://example.com/file;type=A"; the ";type=A" is stripped off.
-
- I added test case 562 to verify, only to find out that I couldn't repeat
- this bug so I hereby consider it not a bug anymore!
-
-Daniel Stenberg (29 Apr 2009)
-- Based on bug report #2723219 (https://curl.haxx.se/bug/view.cgi?id=2723219)
- I've now made TFTP "connections" not being kept for re-use within libcurl.
- TFTP is UDP-based so the benefit was really low (if even existing) to begin
- with so instead of tracking down to fix this problem we instead removed the
- re-use. I also enabled test case 1099 that I wrote a few days ago to verify
- that this change fixes the reported problem.
-
-Daniel Stenberg (28 Apr 2009)
-- Constantine Sapuntzakis filed bug report #2783090
- (https://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
- we need to grow the SO_SNDBUF buffer somewhat to get really good upload
- speeds. https://support.microsoft.com/kb/823764 has the details. Friends
- confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.
-
-- Bug report #2709004 (https://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
- Chen pointed out how curl couldn't upload with resume when reading from a
- pipe.
-
- This ended up with the introduction of a new return code for the
- CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but
- that libcurl may try to resolve the situation anyway. In our case this means
- libcurl will attempt to instead read that much data from the stream instead
- of seeking and that way curl can now upload with resume when data is read
- from a stream!
-
-Daniel Stenberg (26 Apr 2009)
-- Bug report #2779733 (https://curl.haxx.se/bug/view.cgi?id=2779733) by Sven
- Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi
- interface and provided a patch that fixed the problem!
-
-Daniel Stenberg (24 Apr 2009)
-- Kamil Dudka fixed another NSS-related leak when client certs were used.
-
-- Bug report #2779245 (https://curl.haxx.se/bug/view.cgi?id=2779245) by Rainer
- Koenig pointed out that the man page didn't tell that the *_proxy
- environment variables can be specified lower case or UPPER CASE and the
- lower case takes precedence,
-
-Daniel Fandrich (21 Apr 2009)
-- Added new libcurl source files to Amiga, RiscOS and VC6 build files.
-
-Yang Tse (21 Apr 2009)
-- Moved potential inclusion of system's malloc.h and memory.h header files to
- setup_once.h. Inclusion of each header file is based on the definition of
- NEED_MALLOC_H and NEED_MEMORY_H respectively.
-
- Renamed libcurl's memory.h to curl_memory.h
-
-Daniel Stenberg (20 Apr 2009)
-- Leanic Lefever reported a crash and did some detailed research on why and
- how it occurs (https://curl.haxx.se/mail/lib-2009-04/0289.html). The
- conclusion was that if an error is detected and Curl_done() is called for
- the connection, ftp_done() could at times return another error code that
- then would take precedence and that new code confused existing logic that
- works for the first error code (CURLE_SEND_ERROR) only.
-
-- Gisle Vanem noticed that --libtool would produce bogus strings at times for
- OBJECTPOINT options. Now we've introduced a new function - my_setopt_str -
- within the app for setting plain string options to avoid the risk of this
- mistake happening.
-
-Daniel Stenberg (17 Apr 2009)
-- Pramod Sharma reported and tracked down a bug when doing FTP over a HTTP
- proxy. libcurl would then wrongly close the connection after each
- request. In his case it had the weird side-effect that it killed NTLM auth
- for the proxy causing an inifinite loop!
-
- I added test case 1098 to verify this fix. The test case does however not
- properly verify that the transfers are done persistently - as I couldn't
- think of a clever way to achieve it right now - but you need to read the
- stderr output after a test run to see that it truly did the right thing.
-
-Daniel Stenberg (13 Apr 2009)
-- bug report #2727981 (https://curl.haxx.se/bug/view.cgi?id=2727981) by Martin
- Storsj� pointed out how setting CURLOPT_NOBODY to 0 could be downright
- confusing as it set the method to either GET or HEAD. The example he showed
- looked like:
-
- curl_easy_setopt(curl, CURLOPT_PUT, 1);
- curl_easy_setopt(curl, CURLOPT_NOBODY, 0);
-
- The new way doesn't alter the method until the request is about to start. If
- CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is
- 0 and the request happens to have been set to HEAD, it will then instead be
- set to GET. I believe this will be less surprising to users, and hopefully
- not hit any existing users badly.
-
-- Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
- out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
- is found in Redhat's bug tracker:
- https://bugzilla.redhat.com/show_bug.cgi?id=453612
-
- There are still memory leaks present, but they seem to have other reasons.
-
-Daniel Fandrich (11 Apr 2009)
-- Added new libcurl source files to Symbian OS build files.
-- Improved Symbian support for SSL.
-
-Yang Tse (10 Apr 2009)
-- Daniel Johnson improved the MacOSX-Framework shell script to now perform all
- the steps required to build a Mac OS X four way fat ppc/i386/ppc64/x86_64
- libcurl.framework. Four way fat framework requires OS X 10.5 SDK or later.
-
-Yang Tse (8 Apr 2009)
-- Removed Sun compilers preprocessor block from curlbuild.h.dist, this also
- removes it from the curlbuild.h file originally distributed by the cURL
- project as this file is intended for systems not capable of running the
- configure script. For those who have been building curl out of the source
- code curl distribution tarball provided by curl.haxx.se the change implies
- nothing. Previous change in this area committed 2 Apr becomes irrelevant.
-
-Daniel Stenberg (6 Apr 2009)
-- I clarified in the docs that CURLOPT_SEEKFUNCTION should return 0 on success
- and 1 on fatal errors. Previously it only mentioned non-zero on fatal
- errors. This is a slight change in meaning, but it follows what we've done
- elsewhere before and it opens up for LOTS of more useful return codes
- whenever we can think of them...
-
-Yang Tse (2 Apr 2009)
-- Fix curl_off_t definition for builds done using Sun compilers and a
- non-configured libcurl. In this case curl_off_t data type was gated
- to the off_t data type which depends on the _FILE_OFFSET_BITS. This
- configuration is exactly the unwanted configuration for our curl_off_t
- data type which must not depend on such setting. This breaks ABI for
- libcurl libraries built with Sun compilers which were built without
- having run the configure script with _FILE_OFFSET_BITS different than
- 64 and using the ILP32 data model.
-
-Daniel Stenberg (1 Apr 2009)
-- Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a
- strdup() call failed.
-
-Daniel Fandrich (31 Mar 2009)
-- Properly return an error code in curl_easy_recv (reported by Jim Freeman).
-
-Daniel Stenberg (18 Mar 2009)
-- Kamil Dudka brought a patch that enables 6 additional crypto algorithms when
- NSS is used. These ciphers were added in NSS 3.4 and require to be enabled
- explicitly.
-
-Daniel Stenberg (13 Mar 2009)
-- Use libssh2_version() to present the libssh2 version in case the libssh2
- library is found to support it.
-
-Yang Tse (12 Mar 2009)
-- Added missing Curl_read() return code checking in TELNET transfers.
-
-- Pierre Brico found and fixed TELNET transfers not being aborted upon
- a write callback failure.
-
-Daniel Stenberg (11 Mar 2009)
-- Kamil Dudka made the curl tool properly call curl_global_init() before any
- other libcurl function.
-
-Yang Tse (11 Mar 2009)
-- Added missing TELNET timeout support for Windows builds. This issue was
- reported by Pierre Brico.
-
-Daniel Stenberg (9 Mar 2009)
-- Frank Hempel found out a bug and provided the fix:
-
- curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE
- option. It only enabled the cookie engine in the destination handle if
- data->cookies is not NULL (where data is the source handle). In case of a
- newly initialized handle which just had the cookie support enabled by a
- curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was
- still NULL because the setopt-call only appends the value to
- data->change.cookielist, hence duplicating this handle would not have the
- cookie engine switched on.
-
- We also concluded that the slist-functionality would be suitable for being
- put in its own module rather than simply hanging out in lib/sendf.c so I
- created lib/slist.[ch] for them.
-
-- Andreas Farber made the 'buildconf' script check for the presence of m4
- scripts to make it detect a bad checkout earlier. People with older
- checkouts who don't do cvs update with the -d option won't get the new dirs
- and then will get funny outputs that can be a bit hard to understand and
- fix.
-
-Daniel Stenberg (8 Mar 2009)
-- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
- allocation of the memory BIO was not being properly checked.
-
-- Andre Guibert de Bruet fixed the gnutls-using code: There are a few places
- in the gnutls code where we were checking for negative values for errors,
- when the man pages state that GNUTLS_E_SUCCESS is returned on success and
- other values indicate error conditions.
-
-- Bill Egert pointed out (https://curl.haxx.se/bug/view.cgi?id=2671602) that
- curl didn't use sprintf() in a way that is documented to work in POSIX but
- since we use our own printf() code (from libcurl) that shouldn't be a
- problem. Nonetheless I modified the code to not rely on such particular
- features and to not cause further raised eyebrowse with no good reason.
-
-Daniel Fandrich (5 Mar 2009)
-- Expanded the security section of the libcurl-tutorial man page to cover
- more issues for authors to consider when writing robust libcurl-using
- applications.
-
-Yang Tse (5 Mar 2009)
-- Fixed NTLM authentication memory leak on SSPI enabled Windows builds. This
- issue was noticed by Chris Deidun.
-
-Daniel Fandrich (4 Mar 2009)
-- Fixed a problem with m4 quoting in the OpenSSL configure check reported
- by Daniel Johnson.
-
-Daniel Stenberg (3 Mar 2009)
-- David James brought a patch that make libcurl close (all) dead connections
- whenever you attempt to open a new connection.
-
- 1. After cleaning up a dead connection, "continue" instead of
- returning FALSE. This ensures that we clean up all dead connections,
- rather than just cleaning up the first dead connection.
- 2. Move up the cleanup for dead connections so that it occurs for
- all connections, rather than just the connections which have the same
- preferences as our current new connection.
-
-Version 7.19.4 (3 March 2009)
-
-Daniel Stenberg (3 Mar 2009)
-- David Kierznowski notified us about a security flaw
- (https://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
- which previous libcurl versions (by design) can be tricked to access an
- arbitrary local/different file instead of a remote one when
- CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
- together this the addition of two new setopt options for controlling this
- new behavior:
-
- o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
- follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
- excludes the FILE and SCP protocols and thus you nee to explicitly allow
- them in your app if you really want that behavior.
-
- o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
- using the primary URL option. This is useful if you want to allow a user or
- other outsiders control what URL to pass to libcurl and yet not allow all
- protocols libcurl may have been built to support.
-
-Daniel Stenberg (27 Feb 2009)
-- Senthil Raja Velu reported a problem when CURLOPT_INTERFACE and
- CURLOPT_LOCALPORT were used together (the local port bind failed), and
- Markus Koetter provided the fix!
-
-Daniel Stenberg (25 Feb 2009)
-- As Daniel Fandrich figured out, we must do the GnuTLS initing in the
- curl_global_init() function to properly maintain the performing functions
- thread-safe. We've previously (28 April 2007) moved the init to a later time
- just to avoid it to fail very early when libgcrypt dislikes the situation,
- but that move was bad and the fix should rather be in libgcrypt or
- elsewhere.
-
-Daniel Stenberg (24 Feb 2009)
-- Brian J. Murrell found out that Negotiate proxy authentication didn't work.
- It happened because the code used the struct for server-based auth all the
- time for both proxy and server auth which of course was wrong.
-
-Daniel Stenberg (23 Feb 2009)
-- After a bug reported by James Cheng I've made curl_easy_getinfo() for
- CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD return
- -1 if the sizes aren't know. Previously these returned 0, make it impossible
- to detect the difference between actually zero and unknown.
-
-Yang Tse (23 Feb 2009)
-- Daniel Johnson provided a shell script that will perform all the steps needed
- to build a Mac OS X fat ppc/i386 or ppc64/x86_64 libcurl.framework
-
-Daniel Stenberg (23 Feb 2009)
-- I renamed everything in the windows builds files that used the name 'curllib'
- to the proper 'libcurl' as clearly this caused confusion.
-
-Yang Tse (20 Feb 2009)
-- Do not halt compilation when using VS2008 to build a Windows 2000 target.
-
-Daniel Stenberg (20 Feb 2009)
-- Linus Nielsen Feltzing reported and helped me repeat and fix a problem with
- FTP with the multi interface: when a transfer fails, like when aborted by a
- write callback, the control connection was wrongly closed and thus not
- re-used properly.
-
- This change is also an attempt to cleanup the code somewhat in this area, as
- now the FTP code attempts to keep (better) track on pending responses
- necessary to get read in ftp_done().
-
-Daniel Stenberg (19 Feb 2009)
-- Patrik Thunstrom reported a problem and helped me repeat it. It turned out
- libcurl did a superfluous 1000ms wait when doing SFTP downloads!
-
- We read data with libssh2 while doing the "DO" operation for SFTP and then
- when we were about to start getting data for the actual file part, the
- "TRANSFER" part, we waited for socket action (in 1000ms) before doing a
- libssh2-read. But in this case libssh2 had already read and buffered the
- data so we ended up always just waiting 1000ms before we get working on the
- data!
-
-Patrick Monnerat (18 Feb 2009)
-- FTP downloads (i.e.: RETR) ending with code 550 now return error
- CURLE_REMOTE_FILE_NOT_FOUND instead of CURLE_FTP_COULDNT_RETR_FILE.
-
-Daniel Stenberg (17 Feb 2009)
-- Kamil Dudka made NSS-powered builds compile and run again!
-
-- A second follow-up change by Andre Guibert de Bruet to fix a related memory
- leak like that fixed on the 14th. When zlib returns failure, we need to
- cleanup properly before returning error.
-
-- CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 in addition to 1 for
- plain FTP connections, and it will then allow MKD to fail once and retry the
- CWD afterwards. This is especially useful if you're doing many simultanoes
- connections against the same server and they all have this option enabled,
- as then CWD may first fail but then another connection does MKD before this
- connection and thus MKD fails but trying CWD works! The numbers can
- (should?) now be set with the convenience enums now called
- CURLFTP_CREATE_DIR and CURLFTP_CREATE_DIR_RETRY.
-
- Tests has proven that if you're making an application that uploads a set of
- files to an ftp server, you will get a noticable gain in speed if you're
- using multiple connections and this option will be then be very useful.
-
-Daniel Stenberg (14 Feb 2009)
-- Andre Guibert de Bruet found and fixed a memory leak in the content encoding
- code, which could happen on libz errors.
-
-Daniel Fandrich (12 Feb 2009)
-- Added support for Digest and NTLM authentication using GnuTLS.
-
-Daniel Stenberg (11 Feb 2009)
-- CURLINFO_CONDITION_UNMET was added to allow an application to get to know if
- the condition in the previous request was unmet. This is typically a time
- condition set with CURLOPT_TIMECONDITION and was previously not possible to
- reliably figure out. From bug report #2565128
- (https://curl.haxx.se/bug/view.cgi?id=2565128) filed by Jocelyn Jaubert.
-
-Daniel Fandrich (4 Feb 2009)
-- Don't add the standard /usr/lib or /usr/include paths to LDFLAGS and CPPFLAGS
- (respectively) when --with-ssl=/usr is used (patch based on FreeBSD).
-
-- Added an explicit buffer limit check in msdosify() (patch based on FreeBSD).
- This couldn't ever overflow in curl, but might if the code were used
- elsewhere or under different conditions.
-
-Daniel Stenberg (3 Feb 2009)
-- Hidemoto Nakada provided a small fix that makes it possible to get the
- CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with
- CURLOPT_NOBODY set true.
-
-Daniel Stenberg (2 Feb 2009)
-- Patrick Scott found a rather large memory leak when using the multi
- interface and setting CURLMOPT_MAXCONNECTS to something less than the number
- of handles you add to the multi handle. All the connections that didn't fit
- in the cache would not be properly disconnected nor freed!
-
-- Craig A West brought us: libcurl now defaults to do CONNECT with HTTP
- version 1.1 instead of 1.0 like before. This change also introduces the new
- proxy type for libcurl called 'CURLPROXY_HTTP_1_0' that then allows apps to
- switch (back) to CONNECT 1.0 requests. The curl tool also got a --proxy1.0
- option that works exactly like --proxy but sets CURLPROXY_HTTP_1_0.
-
- I updated all test cases cases that use CONNECT and I tried to do some using
- --proxy1.0 and some updated to do CONNECT 1.1 to get both versions run.
-
-Daniel Stenberg (31 Jan 2009)
-- When building with c-ares 1.6.1 (not yet released) or later and IPv6 support
- enabled, we can now take advantage of its brand new AF_UNSPEC support in
- ares_gethostbyname(). This makes test case 241 finally run fine for me with
- this setup since it now parses the "::1 ip6-localhost" line fine in my
- /etc/hosts file!
-
-Daniel Stenberg (30 Jan 2009)
-- Scott Cantor filed bug report #2550061
- (https://curl.haxx.se/bug/view.cgi?id=2550061) mentioning that I failed to
- properly make sure that the VC9 makefiles got included in the latest
- release. I've now fixed the release script and verified it so next release
- will hopefully include them properly!
-
-Daniel Fandrich (30 Jan 2009)
-- Fixed --disable-proxy for FTP and SOCKS. Thanks to Daniel Egger for
- reporting.
-
-Yang Tse (29 Jan 2009)
-- Introduced curl_sspi.c and curl_sspi.h for the implementation of functions
- Curl_sspi_global_init() and Curl_sspi_global_cleanup() which previously were
- named Curl_ntlm_global_init() and Curl_ntlm_global_cleanup() in http_ntlm.c
- Also adjusted socks_sspi.c to remove the link-time dependency on the Windows
- SSPI library using it now in the same way as it was done in http_ntlm.c.
-
-Daniel Stenberg (28 Jan 2009)
-- Markus Moeller introduced two new options to libcurl:
- CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl
- to do GSS-style authentication with SOCKS5 proxies. The curl tool got the
- options called --socks5-gssapi-service and --socks5-gssapi-nec to enable
- these.
-
-Daniel Stenberg (26 Jan 2009)
-- Chad Monroe provided the new CURLOPT_TFTP_BLKSIZE option that allows an app
- to set desired block size to use for TFTP transfers instead of the default
- 512 bytes.
-
-- The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag to
- disable "rfc4507bis session ticket support". rfc4507bis was later turned
- into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077
-
- The enabled extension concerns the session management. I wonder how often
- libcurl stops a connection and then resumes a TLS session. also, sending the
- session data is some overhead. .I suggest that you just use your proposed
- patch (which explicitly disables TICKET).
-
- If someone writes an application with libcurl and openssl who wants to
- enable the feature, one can do this in the SSL callback.
-
- Sharad Gupta brought this to my attention. Peter Sylvester helped me decide
- on the proper action.
-
-- Alexey Borzov filed bug report #2535504
- (https://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with
- quoted quotation marks in HTTP Digest headers didn't work. I've now added
- test case 1095 that verifies my fix.
-
-- Craig A West brought CURLOPT_NOPROXY and the corresponding --noproxy option.
- They basically offer the same thing the NO_PROXY environment variable only
- offered previously: list a set of host names that shall not use the proxy
- even if one is specified.
-
-Daniel Fandrich (20 Jan 2009)
-- Call setlocale() for libtest tests to test the effects of locale-induced
- libc changes on libcurl.
-
-- Fixed a couple more locale-dependent toupper conversions, mainly for
- clarity. This does fix one problem that causes ;type=i FTP URLs
- to fail in the Turkish locale when CURLOPT_PROXY_TRANSFER_MODE is
- used (test case 561)
-
-- Added tests 561 and 1091 through 1094 to test various combinations
- of ;type= and ;mode= URLs that could potentially fail in the Turkish
- locale.
-
-Daniel Stenberg (20 Jan 2009)
-- Lisa Xu pointed out that the ssh.obj file was missing from the
- lib/Makefile.vc6 file (and thus from the vc8 and vc9 ones too).
-
-Version 7.19.3 (19 January 2009)
-
-Daniel Stenberg (16 Jan 2009)
-- Andrew de los Reyes fixed curlbuild.h for "generic" gcc builds on PPC, both
- 32 bit and 64 bit.
-
-Daniel Stenberg (15 Jan 2009)
-- Tim Ansell fixed a compiler warning in lib/cookie.c
-
-Daniel Stenberg (14 Jan 2009)
-- Grant Erickson fixed timeouts for TFTP such that specifying a
- connect-timeout, a max-time or both options work correctly and as expected
- by passing the correct boolean value to Curl_timeleft via the
- 'duringconnect' parameter.
-
- With this small change, curl TFTP now behaves as expected (and likely as
- originally-designed):
-
- 1) For non-existent or unreachable dotted IP addresses:
-
- a) With no options, follows the default curl 300s timeout...
- b) With --connect-timeout only, follows that value...
- c) With --max-time only, follows that value...
- d) With both --connect-timeout and --max-time, follows the smaller value...
-
- and times out with a "curl: (7) Couldn't connect to server" error.
-
- 2) For transfers to/from a valid host:
-
- a) With no options, follows default curl 300s timeout for the
- first XRQ/DATA/ACK transaction and the default TFTP 3600s
- timeout for the remainder of the transfer...
-
- b) With --connect-time only, follows that value for the
- first XRQ/DATA/ACK transaction and the default TFTP 3600s
- timeout for the remainder of the transfer...
-
- c) With --max-time only, follows that value for the first
- XRQ/DATA/ACK transaction and for the remainder of the
- transfer...
-
- d) With both --connect-timeout and --max-time, follows the former
- for the first XRQ/DATA/ACK transaction and the latter for the
- remainder of the transfer...
-
- and times out with a "curl: (28) Timeout was reached" error as
- appropriate.
-
-Daniel Stenberg (13 Jan 2009)
-- Michael Wallner fixed a NULL pointer deref when calling
- curl_easy_setup(curl, CURLOPT_COOKIELIST, "SESS") on a CURL handle with no
- cookies data.
-
-- Stefan Teleman brought a patch to fix the default curlbuild.h file for the
- SunPro compilers.
-
-Daniel Stenberg (12 Jan 2009)
-- Based on bug report #2498665 (https://curl.haxx.se/bug/view.cgi?id=2498665)
- by Daniel Black, I've now added magic to the configure script that makes it
- use pkg-config to detect gnutls details as well if the existing method
- (using libgnutls-config) fails. While doing this, I cleaned up and unified
- the pkg-config usage when detecting openssl and nss as well.
-
-Daniel Stenberg (11 Jan 2009)
-- Karl Moerder brought the patch that creates vc9 Makefiles, and I made
- 'maketgz' now use the actual makefile targets to do the VC8 and VC9
- makefiles.
-
-Daniel Stenberg (10 Jan 2009)
-- Emil Romanus fixed:
-
- When using the multi interface over HTTP and the server returns a Location
- header, the running easy handle will get stuck in the CURLM_STATE_PERFORM
- state, leaving the external event loop stuck waiting for data from the
- ingoing socket (when using the curl_multi_socket_action stuff). While this
- bug was pretty hard to find, it seems to require only a one-line fix. The
- break statement on line 1374 in multi.c caused the function to skip the call
- to multistate().
-
- How to reproduce this bug? Well, that's another question. evhiperfifo.c in
- the examples directory chokes on this bug only _sometimes_, probably
- depending on how fast the URLs are added. One way of testing the bug out is
- writing to hiper.fifo from more than one source at the same time.
-
-Daniel Fandrich (7 Jan 2009)
-- Unified much of the SessionHandle initialization done in Curl_open() and
- curl_easy_reset() by creating Curl_init_userdefined(). This had the side
- effect of fixing curl_easy_reset() so it now also resets
- CURLOPT_FTP_FILEMETHOD and CURLOPT_SSL_SESSIONID_CACHE
-
-Daniel Stenberg (7 Jan 2009)
-- Rob Crittenden did once again provide an NSS update:
-
- I have to jump through a few hoops now with the NSS library initialization
- since another part of an application may have already initialized NSS by the
- time Curl gets invoked. This patch is more careful to only shutdown the NSS
- library if Curl did the initialization.
-
- It also adds in a bit of code to set the default ciphers if the app that
- call NSS_Init* did not call NSS_SetDomesticPolicy() or set specific
- ciphers. One might argue that this lets other application developers get
- lazy and/or they aren't using the NSS API correctly, and you'd be right.
- But still, this will avoid terribly difficult-to-trace crashes and is
- generally helpful.
-
-Daniel Stenberg (1 Jan 2009)
-- 'reconf' is removed since we rather have users use 'buildconf'
-
-Daniel Stenberg (31 Dec 2008)
-- Bas Mevissen reported https://curl.haxx.se/bug/view.cgi?id=2479030 pointing
- out that 'reconf' didn't properly point out the m4 subdirectory when running
- aclocal.
-
-Daniel Stenberg (29 Dec 2008)
- - Phil Lisiecki filed bug report #2413067
- (https://curl.haxx.se/bug/view.cgi?id=2413067) that identified a problem that
- would cause libcurl to mark a DNS cache entry "in use" eternally if the
- subsequence TCP connect failed. It would thus never get pruned and refreshed
- as it should've been.
-
- Phil provided his own patch to this problem that while it seemed to work
- wasn't complete and thus I wrote my own fix to the problem.
-
-Daniel Stenberg (28 Dec 2008)
-- Peter Korsgaard fixed building libcurl with "configure --with-ssl
- --disable-verbose".
-
-- Anthony Bryan fixed more language and spelling flaws in man pages.
-
-Daniel Stenberg (22 Dec 2008)
-- Given a recent enough libssh2, libcurl can now seek/resume with SFTP even
- on file indexes beyond 2 or 4GB.
-
-- Anthony Bryan provided a set of patches that cleaned up manual language,
- corrected spellings and more.
-
-Daniel Stenberg (20 Dec 2008)
-- Igor Novoseltsev fixed a bad situation for the multi_socket() API when doing
- pipelining, as libcurl could then easily get confused and A) work on the
- handle that was not "first in queue" on a pipeline, or even B) tell the app
- to REMOVE a socket while it was in use by a second handle in a pipeline. Both
- errors caused hanging or stalling applications.
-
-Daniel Stenberg (19 Dec 2008)
-- curl_multi_timeout() could return a timeout value of 0 even though nothing
- was actually ready to get done, as the internal time resolution is higher
- than the returned millisecond timer. Therefore it could cause applications
- running on fast processors to do short bursts of busy-loops.
- curl_multi_timeout() will now only return 0 if the timeout is actually
- alreay triggered.
-
-- Using the libssh2 0.19 function libssh2_session_block_directions(), libcurl
- now has an improved ability to do right when the multi interface (both
- "regular" and multi_socket) is used for SCP and SFTP transfers. This should
- result in (much) less busy-loop situations and thus less CPU usage with no
- speed loss.
-
-Daniel Stenberg (17 Dec 2008)
-- SCP and SFTP with the multi interface had the same flaw: the 'DONE'
- operation didn't complete properly if the EAGAIN equivalent was returned but
- libcurl would simply continue with a half-completed close operation
- performed. This ruined persistent connection re-use and cause some
- SSH-protocol errors in general. The correction is unfortunately adding a
- blocking function - doing it entirely non-blocking should be considered for
- a better fix.
-
-Gisle Vanem (16 Dec 2008)
-- Added the possibility to use the Watt-32 tcp/ip stack under Windows.
- The change simply involved adding a USE_WATT32 section in the
- config-win32.h files (under ./lib and ./src). This section disables
- the use of any Winsock headers.
-
-Daniel Stenberg (16 Dec 2008)
-- libssh2_sftp_last_error() was wrongly used at some places in libcurl which
- made libcurl sometimes not properly abort problematic SFTP transfers.
-
-Daniel Stenberg (12 Dec 2008)
-- More work with Igor Novoseltsev to first fix the remaining stuff for
- removing easy handles from multi handles when the easy handle is/was within
- a HTTP pipeline. His bug report #2351653
- (https://curl.haxx.se/bug/view.cgi?id=2351653) was also related and was
- eventually fixed by a patch by Igor himself.
-
-Yang Tse (12 Dec 2008)
-- Patrick Monnerat fixed a build regression, introduced in 7.19.2, affecting
- OS/400 compilations with IPv6 enabled.
-
-Daniel Stenberg (12 Dec 2008)
-- Mark Karpeles filed bug report #2416182 titled "crash in ConnectionExists
- when using duphandle+curl_mutli"
- (https://curl.haxx.se/bug/view.cgi?id=2416182) which showed that
- curl_easy_duphandle() wrongly also copied the pointer to the connection
- cache, which was plain wrong and caused a segfault if the handle would be
- used in a different multi handle than the handle it was duplicated from.
-
-Daniel Stenberg (11 Dec 2008)
-- Keshav Krity found out that libcurl failed to deal with dotted IPv6
- addresses if they were very long (>39 letters) due to a too strict address
- validity parser. It now accepts addresses up to 45 bytes long.
-
-Daniel Stenberg (11 Dec 2008)
-- Internet Explorer had a broken HTTP digest authentication before v7 and
- there are servers "out there" that relies on the client doing this broken
- Digest authentication. Apache even comes with an option to work with such
- broken clients.
-
- The difference is only for URLs that contain a query-part (a '?'-letter and
- text to the right of it).
-
- libcurl now supports this quirk, and you enable it by setting the
- CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or
- CURLOPT_PROXYAUTH options. They are thus individually controlled to server
- and proxy.
-
- (note that there's no way to activate this with the curl tool yet)
-
-Daniel Fandrich (9 Dec 2008)
-- Added test cases 1089 and 1090 to test --write-out after a redirect to
- test a report that the size didn't work, but these test cases pass.
-
-- Documented CURLOPT_CONNECT_ONLY as being useful only on HTTP URLs.
-
-Daniel Stenberg (9 Dec 2008)
-- Ken Hirsch simplified how libcurl does FTPS: now it doesn't assume any
- particular state for the control connection like it did before for implicit
- FTPS (libcurl assumed such control connections to be encrypted while some
- FTPS servers such as FileZilla assumes such connections to be clear
- mode). Use the CURLOPT_USE_SSL option to set your desired level.
-
-Daniel Stenberg (8 Dec 2008)
-- Fred Machado posted about a weird FTP problem on the curl-users list and when
- researching it, it turned out he got a 550 response back from a SIZE command
- and then I fell over the text in RFC3659 that says:
-
- The presence of the 550 error response to a SIZE command MUST NOT be taken
- by the client as an indication that the file cannot be transferred in the
- current MODE and TYPE.
-
- In other words: the change I did on September 30th 2008 and that has been
- included in the last two releases were a regression and a bad idea. We MUST
- NOT take a 550 response from SIZE as a hint that the file doesn't exist.
-
-- Christian Krause filed bug #2221237
- (https://curl.haxx.se/bug/view.cgi?id=2221237) that identified an infinite
- loop during GSS authentication given some specific conditions. With his
- patience and great feedback I managed to narrow down the problem and
- eventually fix it although I can't test any of this myself!
-
-Daniel Fandrich (3 Dec 2008)
-- Fixed the getifaddrs version of Curl_if2ip to work on systems without IPv6
- support (e.g. Minix)
-
-Daniel Stenberg (3 Dec 2008)
-- Igor Novoseltsev filed bug #2351645
- (https://curl.haxx.se/bug/view.cgi?id=2351645) that identified a problem with
- the multi interface that occured if you removed an easy handle while in
- progress and the handle was used in a HTTP pipeline.
-
-- Pawel Kierski pointed out a mistake in the cookie code that could lead to a
- bad fclose() after a fatal error had occured.
- (https://curl.haxx.se/bug/view.cgi?id=2382219)
-
-Daniel Fandrich (25 Nov 2008)
-- If a HTTP request is Basic and num is already >=1000, the HTTP test
- server adds 1 to num to get the data section to return. This allows
- testing authentication negotiations using the Basic authentication
- method.
-
-- Added tests 1087 and 1088 to test Basic authentication on a redirect
- with and without --location-trusted
-
-Daniel Stenberg (24 Nov 2008)
-- Based on a patch by Vlad Grachov, libcurl now uses a new libssh2 0.19
- function when built to support SCP and SFTP that helps the library to know
- in which direction a particular libssh2 operation would return EAGAIN so
- that libcurl knows what socket conditions to wait for before trying the
- function call again. Previously (and still when using libssh2 0.18 or
- earlier), libcurl will busy-loop in this situation when the easy interface
- is used!
-
-Daniel Fandrich (20 Nov 2008)
-- Automatically detect OpenBSD's CA cert bundle.
-
-Daniel Stenberg (19 Nov 2008)
-- I removed the default use of "Pragma: no-cache" from libcurl when a proxy is
- used. It has been used since forever but it was never a good idea to use
- unless explicitly asked for.
-
-- Josef Wolf's extension that allows a $TESTDIR/gdbinit$testnum file that when
- you use runtests.pl -g, will be sourced by gdb to allow additional fancy or
- whatever you see fit
-
-- Christian Krause reported and fixed a memory leak that would occur with HTTP
- GSS/kerberos authentication (https://curl.haxx.se/bug/view.cgi?id=2284386)
-
-- Andreas Wurf and Markus Koetter helped me analyze a problem that Andreas got
- when uploading files to a single FTP server using multiple easy handle
- handles with the multi interface. Occasionally a handle would stall in
- mysterious ways.
-
- The problem turned out to be a side-effect of the ConnectionExists()
- function's eagerness to re-use a handle for HTTP pipelining so it would
- select it even if already being in use, due to an inadequate check for its
- chances of being used for pipelnining.
-
-Daniel Fandrich (17 Nov 2008)
-- Added more compiler warning options for gcc 4.3
-
-Yang Tse (17 Nov 2008)
-- Fix a remaining problem in the inet_pton() runtime configure check. And
- fix internal Curl_inet_pton() failures to reject certain malformed literals.
-
-- Make configure script check if ioctl with the SIOCGIFADDR command can be
- used, and define HAVE_IOCTL_SIOCGIFADDR if appropriate.
-
-Daniel Stenberg (16 Nov 2008)
-- Christian Krause fixed a build failure when building with gss support
- enabled and FTP disabled.
-
-- Added check for NULL returns from strdup() in src/main.c and lib/formdata.c
- - reported by Jim Meyering also prevent buffer overflow on MSDOS when you do
- for example -O on a url with a file name part longer than PATH_MAX letters
-
-- lib/nss.c fixes based on the report by Jim Meyering: I went over and added
- checks for return codes for all calls to malloc and strdup that were
- missing. I also changed a few malloc(13) to use arrays on the stack and a
- few malloc(PATH_MAX) to instead use aprintf() to lower memory use.
-
-- I fixed a memory leak in Curl_nss_connect() when CURLOPT_ISSUERCERT is
- in use.
-
-Daniel Fandrich (14 Nov 2008)
-- Added .xml as one of the few common file extensions known by the multipart
- form generator.
-
-- Added some #ifdefs around header files and change the EAGAIN test to
- fix compilation on Cell (reported by Jeff Curley).
-
-Yang Tse (14 Nov 2008)
-- Fixed several configure script issues affecting checks for inet_ntoa_r(),
- inet_ntop(), inet_pton(), getifaddrs(), fcntl() and getaddrinfo().
-
-Yang Tse (13 Nov 2008)
-- Refactored configure script detection of functions used to set sockets into
- non-blocking mode, and decouple function detection from function capability.
-
-Version 7.19.2 (13 November 2008)
-
-Michal Marek (13 Nov 2008)
-- Fixed a potential data loss in Curl_client_write() when the transfer is
- paused.
-
-Daniel Stenberg (11 Nov 2008)
-- Rainer Canavan filed bug #2255627
- (https://curl.haxx.se/bug/view.cgi?id=2255627) which pointed out that a
- program using libcurl's multi interface to download a HTTPS page with a
- libcurl built powered by OpenSSL, would easily get silly and instead hand
- over SSL details as data instead of the actual HTTP headers and body. This
- happened because libcurl would consider the connection handshake done too
- early. This problem was introduced at September 22nd 2008 with my fix of the
- bug #2107377
-
- The correct fix is now instead done within the GnuTLS-handling code, as both
- the OpenSSL and the NSS code already deal with this situation in similar
- fashion. I added test case 560 in an attempt to verify this fix, but
- unfortunately it didn't trigger it even before this fix!
-
-Yang Tse (11 Nov 2008)
-- Related with bug #2230535 (https://curl.haxx.se/bug/view.cgi?id=2230535)
- Daniel Fandrich noticed that curl_addrinfo was also missing in the build
- process of other four non-configure platforms. Added now.
-
-Daniel Fandrich (7 Nov 2008)
-- The getifaddrs() version of Curl_if2ip() crashed when used on a Linux
- system with a TEQL load-balancing device configured, which doesn't
- have an address. Thanks to Adam Sampson for spotting this (bug #2234923).
-
-Yang Tse (6 Nov 2008)
-- Merged existing IPv4 and IPv6 Curl_ip2addr functions into a single one
- which now also takes a protocol address family argument.
-
-- Bug #2230535 (https://curl.haxx.se/bug/view.cgi?id=2230535) pointed out a
- problem with MSVC 6 makefile that caused a build failure. It was noted that
- the curl_addrinfo.obj reference was missing. I took the opportunity to sort
- the list in which this was missing. Issue submitted by John Wilkinson.
-
-Version 7.19.1 (5 November 2008)
-
-Daniel Stenberg (4 Nov 2008)
-- CURLINFO_FILETIME now works for file:// transfers as well
-
-Daniel Stenberg (3 Nov 2008)
-- Bug #2218480 (https://curl.haxx.se/bug/view.cgi?id=2218480) pointed out a
- problem with my CURLINFO_PRIMARY_IP fix from October 7th that caused a NULL
- pointer read. I also took the opportunity to clean up this logic (storing of
- the connection's IP address) somewhat as we had it stored in two different
- places and ways previously and they are now unified.
-
-Yang Tse (3 Nov 2008)
-- Fix undersized IPv6 address internal buffer. IPv6 address strings longer
- than 35 characters would be truncated.
-
-Daniel Stenberg (2 Nov 2008)
-- Daniel Johnson reported and fixed:
-
- When c-ares isn't enabled, libcurl by default calls getaddrinfo with family
- set to PF_UNSPEC which causes getaddrinfo to return all available addresses,
- both IPv4 and IPv6. Libcurl then tries each one until it can connect. If the
- net connection doesn't support IPv6, libcurl can still fall back to IPv4.
-
- However, since c-ares doesn't support PF_UNSPEC, when it's used it defaults
- to using family=PF_INET6 and therefore only returns IPv6 addresses when AAAA
- records are available, even if IPv4 addresses are also available. The effect
- is that since my ISP doesn't do IPv6, libcurl can't connect at all to a site
- that has AAAA records. It will work if I explicitly use CURL_IPRESOLVE_V4 or
- --ipv4 with the curl tool. I discovered this when curl would fail to connect
- to seemingly random sites. It turns out they weren't random, they were sites
- with AAAA records.
-
- So now libcurl defaults to PF_INET... until c-ares has been tought to offer
- both.
-
-Yang Tse (31 Oct 2008)
-- Tests 558 and 559 are stabilized. These two tests were initially introduced
- to aid in the location of a seg-fault which was only triggered on non-debug
- builds done with the icc 9.1 Intel compiler. Test 558 does not trigger the
- problem, but test 559 does trigger it. As of today, it isn't yet absolutely
- clear if it is a compiler optimizer issue or a memory corruption one.
-
-Yang Tse (30 Oct 2008)
-- Use our Curl_addrinfo structure definition to handle address info data even
- when a system addrinfo struct is available. Provide and use a wrapper around
- systems getaddrinfo function, Curl_getaddrinfo_ex which returns a pointer to
- a list of dynamically allocated Curl_addrinfo structs.
-
- Configure will check freeaddrinfo and getaddrinfo functions and define
- preprocessor symbols HAVE_FREEADDRINFO and HAVE_GETADDRINFO when appropriate.
-
-Daniel Fandrich (29 Oct 2008)
-- Fixed a bug that caused a few bytes of garbage to be sent after a
- curl_easy_pause() during a chunky upload. Reported by Steve Roskowski.
-
-Daniel Fandrich (28 Oct 2008)
-- Changed the "resolve" test precheck program to verify that an IPv6 socket
- can be created before resolving the IPv6 name. In the context of running
- a test, it doesn't make sense to run an IPv6 test when a host is resolvable
- but IPv6 isn't usable. This should fix failures of test 1085 on hosts with
- library and DNS support for IPv6 but where actual use of IPv6 has been
- administratively disabled.
-
-Daniel Fandrich (24 Oct 2008)
-- Added experimental support for zlib and OpenSSL on Symbian OS.
-
-Daniel Fandrich (21 Oct 2008)
-- Fixed some problems with SFTP range support to fix test cases 634 through
- 637.
-
-Daniel Fandrich (17 Oct 2008)
-- Fixed a compile error reported by Albert Chin on AIX and IRIX when using
- GTLS.
-
-Daniel Stenberg (16 Oct 2008)
-- Igor Novoseltsev added CURLOPT_PROXYUSER and CURLOPT_PROXYPASSWORD that then
- make CURLOPT_PROXYUSERPWD sort of deprecated. The primary motive for adding
- these new options is that they have no problems with the colon separator
- that the CURLOPT_PROXYUSERPWD option does.
-
-Daniel Stenberg (15 Oct 2008)
-- Pascal Terjan filed bug #2154627
- (https://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl
- uses strcasecmp() in multiple places where it causes failures when the
- Turkish locale is used. This is because 'i' and 'I' isn't the same letter so
- strcasecmp() on those letters are different in Turkish than in English (or
- just about all other languages). I thus introduced a totally new internal
- function in libcurl (called Curl_raw_equal) for doing case insentive
- comparisons for english-(ascii?) style strings that thus will make "file"
- and "FILE" match even if the Turkish locale is selected.
-
-Daniel Fandrich (15 Oct 2008)
-- A <precheck> command is considered to have failed if it returns a non-zero
- return code. This way, if the precheck command can't be run at all for
- whatever reason, it's treated as a precheck failure which causes the
- test to be skipped.
-
-Daniel Stenberg (15 Oct 2008)
-- John Wilkinson filed bug #2155496
- (https://curl.haxx.se/bug/view.cgi?id=2155496) pointing out an error case
- without a proper human-readable error message. When a read callback returns
- a too large value (like when trying to return a negative number) it would
- trigger and the generic error message then makes the proplem slightly
- different to track down. I've added an error message for this now.
-
-Daniel Fandrich (9 Oct 2008)
-- Fixed the --interface option to work with IPv6 connections on glibc
- systems supporting getifaddrs(). Also fixed a problem where an IPv6
- address could be chosen instead of an IPv4 one for --interface when it
- involved a name lookup.
-
-Daniel Fandrich (8 Oct 2008)
-- Added tests 1082 through 1085 to test symbolic --interface parameters
-
-- Added tests 633 through 637 to test the new file range support for SFTP.
- All but the first test cause an infinite loop or other failure and so
- are added to DISABLED.
-
-Daniel Stenberg (8 Oct 2008)
-- John Wilkinson filed bug #2152270
- (https://curl.haxx.se/bug/view.cgi?id=2152270) which identified and fixed a
- CURLINFO_REDIRECT_URL memory leak and an additional wrong-doing:
-
- Any subsequent transfer with a redirect leaks memory, eventually crashing
- the process potentially.
-
- Any subsequent transfer WITHOUT a redirect causes the most recent redirect
- that DID occur on some previous transfer to still be reported.
-
-- Igor Novoseltsev filed bug #2111613
- (https://curl.haxx.se/bug/view.cgi?id=2111613) that eventually identified a
- flaw in how the multi_socket interface in some cases missed to call the
- timeout callback when easy interfaces are removed and added within the same
- millisecond.
-
-- Igor Novoseltsev brought a patch that introduced two new options to
- curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of
- deprecates the good old CURLOPT_USERPWD since they allow applications to set
- the user name and password independently and perhaps more importantly allow
- both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.
-
-Daniel Fandrich (7 Oct 2008)
-- Changed the handling of read/write errors in Curl_perform() to allow a
- a fresh connection to be made in such cases and the request retransmitted.
- This should fix test case 160. Added test case 1079 in an attempt to
- test a similar connection dropping scenario, but as a race condition, it's
- hard to test reliably.
-
-- Created test cases 1080 and 1081 to reproduce a problem of
- CURLINFO_REDIRECT_URL leaking memory and returning incorrect results when
- two URLs are requested. Reported by vmpdemo in bug #2152270
-
-Daniel Stenberg (7 Oct 2008)
-- Fixed CURLINFO_PRIMARY_IP: When libcurl created a connection to host A then
- the app re-used the handle to do a connection to host B and then again
- re-used the handle to host A, it would not update the info with host A's IP
- address (due to the connection being re-used) but it would instead report
- the info from host B.
-
-Yang Tse (7 Oct 2008)
-- Added --enable-optimize configure option to enable and disable compiler
- optimizations to allow decoupled setting from --enable-debug.
-
-Yang Tse (2 Oct 2008)
-- Added --enable-warnings configure option to enable and disable strict
- compiler warnings to allow decoupled setting from --enable-debug.
-
- runtests.pl will now run with picky compiler warnings enabled unless
- explicitly disabled.
-
-Daniel Fandrich (1 Oct 2008)
-- "make clean" now cleans out the docs and tests directories, too.
-
-Daniel Stenberg (30 Sep 2008)
-- The libcurl FTP code now returns CURLE_REMOTE_FILE_NOT_FOUND error when SIZE
- gets a 550 response back for the cases where a download (or NOBODY) is
- wanted. It still allows a 550 as response if the SIZE is used as part of an
- upload process (like if resuming an upload is requested and the file isn't
- there before the upload). I also modified the FTP test server and a few test
- cases accordingly to match this modified behavior.
-
-Daniel Stenberg (29 Sep 2008)
-- Daniel Egger provided a patch that allows you to disable proxy support in
- libcurl to somewhat reduce the size of the binary. Run configure
- --disable-proxy.
-
-Daniel Fandrich (29 Sep 2008)
-- Moved all signal-based name resolution timeout handling into a single new
- Curl_resolv_timeout function to reduce coupling.
-
-Daniel Stenberg (29 Sep 2008)
-- Ian Lynagh provided a patch that now makes CURLOPT_RANGE work fine for SFTP
- downloads!
-
-- Maxim Ivanov filed bug report #2107803
- (https://curl.haxx.se/bug/view.cgi?id=2107803) "no CURLINFO_REDIRECT_URL in
- multi mode" together with a patch that fixed the problem.
-
-Daniel Stenberg (25 Sep 2008)
-- Emanuele Bovisio submitted bug report #2126435. We fixed the HTTP Digest
- auth code to not behave badly when getting a blank realm with
- realm="". https://curl.haxx.se/bug/view.cgi?id=2126435
-
-Daniel Fandrich (23 Sep 2008)
-- Make sure not to dereference the wrong UrlState proto union member when
- switching from one protocol to another in a single request (e.g.
- redirecting from HTTP to FTP as in test 1055) by resetting
- state.expect100header before every request.
-
-Daniel Stenberg (23 Sep 2008)
-- Introducing Jamie Lokier's function for date to epoch conversion used in the
- date parser function. This makes our function less dependent on system-
- provided functions and instead we do all the magic ourselves. We also no
- longer depend on the TZ environment variable. Switching to our own converter
- has some side-effect and they are noted here for future reference (taken
- from a mail by mr Lokier):
-
- time_t is not measured in seconds in the ANSI C standard - or even counted
- uniformly - weird platforms can use other numeric representations of dates
- in time_t - hence the difftime() function.
-
- On POSIX time_t is measured in UTC seconds, which means not including leap
- seconds. But it's mentioned in a few places that some old POSIX-ish
- environments include leap seconds in their time_t counts...
-
- I'm pretty sure [the new implementation is] correct on anything truly POSIX.
- And it's obviously a lot less dependent on platform quirks and corner cases
- in many ways than the mktime() version.
-
-- Rob Crittenden brought a patch to "add some locking for thread-safety to NSS
- implementation".
-
-Daniel Stenberg (22 Sep 2008)
-- Made the SOCKS code use the new Curl_read_plain() function to fix the bug
- Markus Moeller reported: https://curl.haxx.se/mail/archive-2008-09/0016.html
-
-- recv() errors other than those equal to EAGAIN now cause proper
- CURLE_RECV_ERROR to get returned. This made test case 160 fail so I've now
- disabled it until we can figure out another way to exercise that logic.
-
-- Michael Goffioul filed bug report #2107377 "Problem with multi + GnuTLS +
- proxy" (https://curl.haxx.se/bug/view.cgi?id=2107377) that showed how a multi
- interface using program didn't work when built with GnuTLS and a CONNECT
- request was done over a proxy (basically test 502 over a proxy to a HTTPS
- site). It turned out the ssl connect function would get called twice which
- caused the second call to fail.
-
-Daniel Fandrich (22 Sep 2008)
-- Fixed test 539 to handle an out of memory condition that shows up now
- that memdebug.h is included in the test programs.
-
-Yang Tse (20 Sep 2008)
-- Fix regression in configure script which affected OpenSSL builds on MSYS.
-
-Yang Tse (19 Sep 2008)
-- configure script now checks availability of the alarm() function.
-
-Daniel Fandrich (18 Sep 2008)
-- Don't bother to install a SIGALRM handler unless alarm() is available.
- Also, leave the existing SIGALRM handler alone if the timeout is too small
- to handle.
-
-Daniel Fandrich (17 Sep 2008)
-- Removed reference to curl-ca-bundle.crt in the host verification failure
- error message.
-
-Yang Tse (17 Sep 2008)
-- Improve configure detection of gethostname(), localtime_r(), strstr(),
- getservbyport_r(), gethostbyaddr_r() and gethostbyname_r().
-
-Yang Tse (14 Sep 2008)
-- Improve configure detection of strcasecmp(), strcasestr(), strcmpi(),
- stricmp(), strlcat(), strncasecmp(), strncmpi() and strnicmp().
-
-Yang Tse (13 Sep 2008)
-- Disable tracking of fdopen() calls in the low-level memory leak tracking
- code when fdopen() is not available, to avoid compiler error.
-
-Yang Tse (12 Sep 2008)
-- Further adjust detection of strerror_r() in the configure process, and
- ensure that errno is not modified inside Curl_strerror().
-
-Yang Tse (10 Sep 2008)
-- Improve detection of gmtime_r(), strtoll(), sigaction(), strtok_r(),
- strdup() and ftruncate() in the configure process.
-
-Daniel Fandrich (9 Sep 2008)
-- Mike Revi discovered some swapped speed switches documented in the curl man
- page.
-
-- Checked in some documentation and code improvements and fixes that I
- discovered in the FreeBSD ports system.
-
-Daniel Stenberg (8 Sep 2008)
-- Dmitry Kurochkin patched a problem: I have found bug in pipelining through
- proxy. I have a transparent proxy. When running with http_proxy environment
- variable not set my test completes fine (it goes through transparent
- proxy). When I set http_proxy variable my test hangs after the first
- downloaded is complete. Looks like the second handle never gets out from
- WAITDO state.
-
- The fix: It makes checkPendPipeline move 1 handler from pend pipe to send
- pipe if pipelining is not supported by server but there are no handles in
- send and recv pipes.
-
-- Stefan Krause pointed out that libcurl would wrongly send away cookies to
- sites in cases where the cookie clearly has a very old expiry date. The
- condition was simply that libcurl's date parser would fail to convert the
- date and it would then count as a (timed-based) match. Starting now, a
- missed date due to an unsupported date format or date range will now cause
- the cookie to not match.
-
-Daniel Fandrich (5 Sep 2008)
-- Improved the logic that decides whether to use HTTP 1.1 features or not in a
- request. Setting a specific version with CURLOPT_HTTP_VERSION overrides
- all other checks, but otherwise, a 1.0 request will be made if the server
- is known to support only 1.0 because it previously responded so and the
- connection was kept alive, or a response to a previous request on this handle
- came back as 1.0. The latter could take place in cases like redirection or
- authentication where several requests have to be made before the operation
- is complete. If any one of the servers in a redirection chain supports only
- 1.0, then remaining requests will be sent in 1.0 mode.
-
-- Detect cases where an upload must be sent chunked and the server supports
- only HTTP 1.0 and return CURLE_UPLOAD_FAILED.
-
-Daniel Stenberg (5 Sep 2008)
-- Martin Drasar provided the CURLOPT_POSTREDIR patch. It renames
- CURLOPT_POST301 (but adds a define for backwards compatibility for you who
- don't define CURL_NO_OLDIES). This option allows you to now also change the
- libcurl behavior for a HTTP response 302 after a POST to not use GET in the
- subsequent request (when CURLOPT_FOLLOWLOCATION is enabled). I edited the
- patch somewhat before commit. The curl tool got a matching --post302
- option. Test case 1076 was added to verify this.
-
-- Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. By
- enabling this feature with CURLOPT_CERTINFO for a request using SSL (HTTPS
- or FTPS), libcurl will gather lots of server certificate info and that info
- can then get extracted by a client after the request has completed with
- curl_easy_getinfo()'s CURLINFO_CERTINFO option. Linus Nielsen Feltzing
- helped me test and smoothen out this feature.
-
- Unfortunately, this feature currently only works with libcurl built to use
- OpenSSL.
-
- This feature was sponsored by networking4all.com - thanks!
-
-- Dmitriy Sergeyev pointed out that curl_easy_pause() didn't unpause properly
- during certain conditions. I also changed this code to use realloc() based
- on Daniel Fandrich's suggestion.
-
-Guenter Knauf (4 Sep 2008)
-- MingW32 non-configure builds are now largefile feature enabled by default.
- NetWare LIBC builds are also now largefile feature enabled by default.
-
-Yang Tse (4 Sep 2008)
-- Several fixes related with print formatting string directives.
-
-Daniel Fandrich (3 Sep 2008)
-- Search for the FreeBSD CA cert file /usr/local/share/certs/ca-root.crt
-
-Daniel Fandrich (2 Sep 2008)
-- Fixed an out of memory problem that caused torture test failures in tests
- 706 and 707.
-
-Daniel Stenberg (2 Sep 2008)
-- Keith Mok added supported_protocols and supported_features to the pkg-config
- file for libcurl, and while doing that fix he unified with curl-config.in
- how the supported protocols and features are extracted and used, so both
those
- tools should now always be synced.
-
-Version 7.19.0 (1 September 2008)
-
-Daniel Fandrich (29 Aug 2008)
-- Added tests 1071 through 1074 to test automatic downgrading from HTTP 1.1
- to HTTP 1.0 upon receiving a response from the HTTP server. Tests 1072
- and 1073 are similar to test 1069 in that they involve the impossible
- scenario of sending chunked data to a HTTP 1.0 server. All these fail
- and are added to DISABLED.
-
-- Added test 1075 to test --anyauth with Basic authentication.
-
-Daniel Stenberg (29 Aug 2008)
-- When libcurl was doing a HTTP POST and the server would respond with
- "Connection: close" and actually close the connection after the
- response-body, libcurl could still have outstanding data to send and it
- would not properly notice this and stop sending. This caused weirdness and
- sad faces. https://curl.haxx.se/bug/view.cgi?id=2080222
-
- Note that there are still reasons to consider libcurl's behavior when
- getting a >= 400 response code while sending data, as Craig Perras' note
- "http upload: how to stop on error" specifies:
- https://curl.haxx.se/mail/archive-2008-08/0138.html
-
-Daniel Stenberg (28 Aug 2008)
-- Dengminwen reported that libcurl would lock a (cookie) share twice (without
- an unlock in between) for a certain case and that in fact works when using
- regular windows mutexes but not with pthreads'! Locks should of course not
- get locked again so this is now fixed.
- https://curl.haxx.se/mail/lib-2008-08/0422.html
-
-- I'm abandoning the system with the web site mirrors (but keeping download
- files bing mirrored) and thus I've changed the URL in the cookiejar header
- to no longer use curlm.haxx.se but instead use the main site curl.haxx.se
-
-Daniel Fandrich (27 Aug 2008)
-- Fixed test case 1065 by changing the handling of CURLOPT_UPLOAD to set
- the HTTP method to GET (or HEAD) when given a value of 0.
-
-- Added test cases 1068 and 1069 to test a simple HTTP PUT from stdin. Test
- case 1069 fails in a similar manner to test 1065 so is added to DISABLED.
-
-Yang Tse (27 Aug 2008)
-- Fix generation of MS VC6 .dsp file to make it support compilation of either
- dynamic (DLL) or static (LIB) libcurl libraries in debug and release modes.
-
-Daniel Fandrich (26 Aug 2008)
-- Fixed out of memory problems that caused torture test failures in tests
- 1021 and 1067.
-
-Yang Tse (26 Aug 2008)
-- Added check and symbol definition for WIN32 file API usage in configure,
- supporting configure's --disable-largefile option for WIN32 targets also.
-
-- Non-configure systems which do not use config-win32.h configuration file,
- and want to use the WIN32 file API, must define USE_WIN32_LARGE_FILES or
- USE_WIN32_SMALL_FILES as appropriate in their own configuration files.
-
-Daniel Stenberg (23 Aug 2008)
-- Running 'make ca-firefox' in the root build dir will now run the new
- firefox-db2pem.sh conversion script that converts a local Firefox db of ca
- certs into PEM format, suitable for use with a OpenSSL or GnuTLS built
- libcurl.
-
-- Constantine Sapuntzakis fixed a bug when doing proxy CONNECT with the multi
- interface, and the proxy would send Connection: close during the
- authentication phase. https://curl.haxx.se/bug/view.cgi?id=2069047
-
-Daniel Fandrich (22 Aug 2008)
-- Fixed a problem when --dump-header - was given with more than one URL,
- which caused an error when the second header was dumped due to stdout
- being closed. Added test case 1066 to verify. Also fixed a potential
- problem where a closed file descriptor might be used for an upload
- when more than one URL is given.
-
-Yang Tse (22 Aug 2008)
-- Improved libcurl's internal curl_m*printf() functions integral data type
- size and signedness handling.
-
-- Internal adjustments to better select/differentiate when large/small file
- support is provided using WIN32 functions directly.
-
-Daniel Fandrich (20 Aug 2008)
-- Added an edited version of Vincent Le Normand's documentation of SFTP quote
- commands to the man pages.
-
-Daniel Stenberg (20 Aug 2008)
-- Phil Pellouchoud pointed out that the windows version of libcurl had a
- memory leak because it never called the OpenSSL function
- CRYPTO_cleanup_all_ex_data() as it was supposed to. This was because of a
- missing define in config-win32.h!
-
-Gisle Vanem (18 Aug 2008)
-- Updated lib/Makefile.Watcom with the option to use c-ares (USE_ARES=1).
-
-Yang Tse (18 Aug 2008)
-- Added test case 557 to verify libcurl's internal curl_m*printf() functions
- formatting functionality when handling signed and unsigned longs, as well as
- our curl_off_t data type.
-
-Yang Tse (17 Aug 2008)
-- OpenSSl enabled NetWare builds are changed to use the 'openssl' subdirectory
- when including the OpenSSL header files. This is the recommended setting,
this
- prevents the undesired inclusion of header files with the same name as those
- of OpenSSL but which do not belong to the OpenSSL package. The visible change
- from previously released libcurl versions is that now OpenSSl enabled NetWare
- builds also define USE_OPENSSL in config files, and that OpenSSL header files
- must be located in a subdirectory named 'openssl'.
-
-Yang Tse (16 Aug 2008)
-- Library internal only C preprocessor macros FORMAT_OFF_T and FORMAT_OFF_TU
- remain in use as internal curl_off_t print formatting strings for the
internal
- *printf functions which still cannot handle print formatting string
directives
- such as "I64d", "I64u", and others available on MSVC, MinGW, Intel's ICC, and
- other DOS/Windows compilers.
-
-Daniel Fandrich (15 Aug 2008)
-- Added test case 1063 to test invalid long file ranges with file: URLs and
- 1064 to test multiple http PUTs.
-
-- Added test case 1065 to test a PUT with a single file but two URLs. This
- was discovered to be problematic while investigating an incident reported by
- Von back in May. curl in this case doesn't include a Content-Length: or
- Transfer-Encoding: chunked header which is illegal. This test case is
- added to DISABLED until a solution is found.
-
-Yang Tse (15 Aug 2008)
-- C preprocessor macros used internally and equally available externally which
- aid in the use of the curl_off_t data type are named: CURL_FORMAT_CURL_OFF_T,
- CURL_FORMAT_CURL_OFF_TU, CURL_SIZEOF_CURL_OFF_T, CURL_SUFFIX_CURL_OFF_T,
- CURL_SUFFIX_CURL_OFF_TU, CURL_OFF_T_C and CURL_OFF_TU_C.
-
-Yang Tse (13 Aug 2008)
-- The size of long is a build time characteristic and as such it is now
recorded
- in curlbuild.h as CURL_SIZEOF_LONG. Definition now done from configure
process
- and in CVS curlbuild.h.dist for non-configure systems.
-
-Daniel Fandrich (12 Aug 2008)
-- Fixed a buffer overflow problem in Curl_proxyCONNECT that could occur
- when a server responded with long headers and data. Luckily, the buffer
- overflowed into another unused buffer, so no actual harm was done.
- Added test cases 1060 and 1061 to verify.
-
-Daniel Stenberg (12 Aug 2008)
-- Andy Tsouladze fixed runtests.pl to not attempt to execute the stunnel
- _directory_ if that happened to appear in the path!
-
-Yang Tse (12 Aug 2008)
-- Added macros for minimum-width signed and unsigned curl_off_t integer
- constants CURL_OFF_T_C and CURL_OFF_TU_C. The clever double helper macro
- used internally to provide its functionality is thanks to Lars Nilsson.
-
-Daniel Fandrich (11 Aug 2008)
-- Fixed a boundary condition error in ftp_readresp() whereby a non-terminal
- line of a multiline FTP response whose last byte landed exactly at the end
- of the BUFSIZE-length buffer would be treated as the terminal response
- line. The following response code read in would then actually be the
- end of the previous response line, and all responses from then on would
- correspond to the wrong command. Test case 1062 verifies this.
-
-- Stop closing a never-opened ftp socket.
-
-Daniel Stenberg (11 Aug 2008)
-- Constantine Sapuntzakis filed bug report #2042430
- (https://curl.haxx.se/bug/view.cgi?id=2042430) with a patch. "NTLM Windows
- SSPI code is not thread safe". This was due to libcurl using static
- variables to tell wether to load the necessary SSPI DLL, but now the loading
- has been moved to the more suitable curl_global_init() call.
-
-- Constantine Sapuntzakis filed bug report #2042440
- (https://curl.haxx.se/bug/view.cgi?id=2042440) with a patch. He identified a
- problem when using NTLM over a proxy but the end-point does Basic, and then
- libcurl would do wrong when the host sent "Connection: close" as the proxy's
- NTLM state was erroneously cleared.
-
-Yang Tse (11 Aug 2008)
-- Added missing signed and unsigned curl_off_t integer constant suffixes for
- internal and external use. CURL_SUFFIX_CURL_OFF_T, CURL_SUFFIX_CURL_OFF_TU.
-
-Daniel Fandrich (7 Aug 2008)
-- Fixed an uninitialized variable in multi_runsingle() that could cause a
- request to prematurely end.
-
-- Added test1059 to test the FTP proxy tunnel problem fixed July 11.
-
-Yang Tse (7 Aug 2008)
-- Added curlbuild.h and curlrules.h header files to libcurl's public headers.
- File curlbuild.h is a generated file on configure-capable systems. This is
- a first step towards configure-based info in public headers. Currently only
- used to provide support for a curl_off_t data type which is not gated to
- off_t. Further details are documented inside these mentioned header files.
-
-- Fix CURL_CHECK_DEF so that when the expansion of the preprocessor symbol
- results in a set of double-quoted strings, this macro will now return an
- expansion which consists of a single double-quoted string as the result of
- concatenating all of them.
-
-- Skip data type check in DO_CURL_OFF_T_CHECK macro when argument is empty.
-
-- Adjusted testcurl.pl to copy checked out curlbuild.h.dist as curlbuild.h
- for non-configure targets when the host system doesn't run buildconf.bat.
-
-- Prevent buildconf from removing 'Makefile' and 'missing' files. This would
- blow away our CVS checked files 'missing' and 'hiper/Makefile'.
-
-- Remove adjustment done to testcurl.pl to verify if change introduced by
- Guenter Knauf in lib/Makefile.netware is enough to get the netware autobuilds
- going again.
-
-Yang Tse (5 Aug 2008)
-- Changes done to buildconf script. Validate that autom4te and autoconf, as
- well as aclocal and automake, versions match. Improve removal of previous
- run generated files. Remove verbose debug logging of aclocal on Solaris.
-
-Daniel Stenberg (5 Aug 2008)
-- Yehoshua Hershberg found a problem that would make libcurl re-use a
- connection with the multi interface even if a previous use of it caused a
- CURLE_PEER_FAILED_VERIFICATION to get returned. I now make sure that failed
- SSL connections properly close the connections.
-
-Daniel Stenberg (4 Aug 2008)
-- Test cases 1051, 1052 and 1055 were added by Daniel Fandrich on July 30 and
- proved how PUT and POST with a redirect could lead to a "hang" due to the
- data stream not being rewound properly when it had to in order to get sent
- properly (again) to the subsequent URL. This is now fixed and these test
- cases are no longer disabled.
-
-Yang Tse (4 Aug 2008)
-- Autoconf 2.62 has changed the behaviour of the AC_AIX macro which we use.
- Prior versions of autoconf defined _ALL_SOURCE if _AIX was defined. 2.62
- version of AC_AIX defines _ALL_SOURCE and other four preprocessor symbols
- no matter if the system is AIX or not. To keep the traditional behaviour,
- and an uniform one across autoconf versions AC_AIX is replaced with our
- own internal macro CURL_CHECK_AIX_ALL_SOURCE.
-
-Daniel Stenberg (4 Aug 2008)
-- Test case 1041 (added by Daniel Fandrich July 14th) proved a bug where PUT
- with -C - sent garbage in the Content-Range: header. I fixed this problem by
- making sure libcurl always sets the size of the _entire_ upload if an app
- attemps to do resumed uploads since libcurl simply cannot know the size of
- what is currently at the server end. Test 1041 is no longer disabled.
-
-Yang Tse (2 Aug 2008)
-- No longer test availability of the gdi32 library, nor use it for linking,
even
- when we have been doing this since revision 1.47 of configure.ac 4 years and
- 5 months ago when cross-compiling a Windows target. We actually don't use any
- function from the Windows GDI (Graphics Device Interface) related with
drawing
- or graphics-related operations.
-
-Daniel Fandrich (1 Aug 2008)
-- Added support for --append on SFTP uploads. Unfortunately, OpenSSH doesn't
- support this so it goes untested.
-
-Yang Tse (1 Aug 2008)
-- Configure process now checks if the preprocessor _REENTRANT symbol is already
- defined. If it isn't currently defined a set of checks are performed to test
- if its definition is required to make visible to the compiler a set of *_r
- functions. Finally, if _REENTRANT is already defined or needed it takes care
- of making adjustments necessary to ensure that it is defined equally for the
- configure process tests and generated config file.
-
-- Removed definition of CURL_CHECK_WORKING_RESOLVER from acinclude.m4 it has
- not been in use since revision 1.81 of configure.in 6 years, 9 months ago.
-
-Daniel Fandrich (31 Jul 2008)
-- Fixed parsing of an IPv6 proxy address to support a scope identifier,
- as well as IPv4 addresses in IPv6 format. Also, better handle the case
- of a malformatted IPv6 address (avoid empty and NULL strings).
-
-- Fixed a problem with any FTP URL or any URLs containing an IPv6 address
- being mangled when passed to proxies when CURLOPT_PORT is also set
- (reported by Pramod Sharma).
-
-- User names embedded in proxy URLs without a password were parsed
- incorrectly--the host name is treated as part of the user name and the
- port number becomes the password. This can be observed in test 279
- (was KNOWN_ISSUE #54).
-
-Daniel Stenberg (30 Jul 2008)
-- Phil Blundell added the CURLOPT_ADDRESS_SCOPE option, as well as adjusted
- the URL parser to allow numerical IPv6-addresses to be specified with the
- scope given, as per RFC4007 - with a percent letter that itself needs to be
- URL escaped. For example, for an address of fe80::1234%1 the HTTP URL is:
- "http://[fe80::1234%251]/";
-
-- PHP's bug report #43158 (http://bugs.php.net/bug.php?id=43158) identifies a
- true bug in libcurl built with OpenSSL. It made curl_easy_getinfo() more or
- less always return 0 for CURLINFO_SSL_VERIFYRESULT because the function that
- would set it to something non-zero would return before the assign in almost
- all error cases. The internal variable is now set to non-zero from the start
- of the function only to get cleared later on if things work out fine.
-
-- Made the curl tool's -w option support the %{ssl_verify_result} variable
-
-Daniel Fandrich (30 Jul 2008)
-- Added test cases 1052 through 1055 to test uploading data from files
- during redirects. Test cases 1052 and 1055 show problems (maybe the same
- root cause as 1051) and are disabled.
-
-- Fixed a couple of buffer overflows in the MS-DOS port of the curl tool.
-
-Daniel Fandrich (29 Jul 2008)
-- Fixed --use-ascii to properly convert text files on Symbian OS, MS-DOS
- and OS/2.
-
-- Added test case 1051 to test Location: following with PUT, as reported
- by Ben Sutcliffe. The test when run manually shows a problem in curl
- so it's disabled.
-
-Daniel Fandrich (28 Jul 2008)
-- Fixed display of the interface bind address in the trace output when it's
- an IPv6 address.
-
-- Added test cases 1045 through 1049 as simple tests of --interface using the
- localhost interface.
-
-- Added test case 1050 to test --ftp-port with an IPv6 address
-
-Daniel Stenberg (26 Jul 2008)
-- David Bau filed bug report #2026240 "CURL_READFUNC_PAUSE leads to buffer
- overrun" (https://curl.haxx.se/bug/view.cgi?id=2026240) identifying two
- problems, and providing the fix for them:
-
- - CURL_READFUNC_PAUSE did in fact not pause the _sending_ of data that it is
- designed for but paused _receiving_ of data!
-
- - libcurl didn't internally set the read counter to zero when this return
- code was detected, which would potentially lead to junk getting sent to
- the server.
-
-Daniel Fandrich (26 Jul 2008)
-- Added test 1044 to test large file support in ftp with -I.
-
-- Eliminate a unnecessary socket creation in Curl_getaddrinfo for an IPv4
- address in an IPv6 capable libcurl.
-
-- Added feature in runtests.pl to select tests based on key word.
-
-Daniel Fandrich (23 Jul 2008)
-- Changed the long logfile elision code in runtests.pl to properly handle
- lines ending in \r.
-
-- Changed references to TRUE and FALSE in the curl_easy_setopt man page to
- 1 and zero, respectively, since TRUE and FALSE aren't part of the
- libcurl API.
-
-Daniel Stenberg (23 Jul 2008)
-- I went over the curl_easy_setopt man page and replaced most references to
- non-zero with the fixed value of 1. We should strive at making options
- support '1' for enabling them mentioned explicitly, as that then will allow
- us for to extend them in the future without breaking older programs.
-
- Possibly we should even introduce a fancy define to use instead of '1' all
- over...
-
-Yang Tse (21 Jul 2008)
-- Use the sreadfrom() wrapper to replace recvfrom() in our code.
-
-Yang Tse (20 Jul 2008)
-- when recvfrom prototype uses a void pointer for arguments 2, 5 or 6 this will
- now cause the definition, as appropriate, of RECVFROM_TYPE_ARG2_IS_VOID,
- RECVFROM_TYPE_ARG5_IS_VOID or RECVFROM_TYPE_ARG6_IS_VOID.
-
-Yang Tse (17 Jul 2008)
-- RECVFROM_TYPE_ARG2, RECVFROM_TYPE_ARG5 and RECVFROM_TYPE_ARG6 are now defined
- to the data type pointed by its respective argument and not the pointer type.
-
-Yang Tse (16 Jul 2008)
-- Configure process now checks availability of recvfrom() socket function and
- finds out its return type and the types of its arguments. Added definitions
- for non-configure systems config files, and introduced macro sreadfrom which
- will be used on udp sockets as a recvfrom() wrapper.
-
-Yang Tse (15 Jul 2008)
-- Added description/comment to include paths used in several Makefile.am files.
- Added automake option nostdinc to test servers makefile and modified libcurl
- external headers include path for libtest programs.
-
-Daniel Fandrich (14 Jul 2008)
-- Added test1040 through test1043 to test -C - on HTTP. Test 1041 failed so
- it's added to DISABLED.
-
-Yang Tse (14 Jul 2008)
-- HTTP_ONLY definition check in lib/setup.h is now done once that configuration
- file has been included. In this way if symbol is defined in the config file
- it will no longer be ignored. Removed inclusion of remaining system header
- files from configuration files. Moved _REENTRANT definition up/earlier in
- lib/setup.h
-
-Yang Tse (11 Jul 2008)
-- Added missing multiple header inclusion prevention definition for header
- file content_encoding.h
-
-Daniel Fandrich (11 Jul 2008)
-- Fixed test 553 to pass the torture test.
-
-Daniel Stenberg (11 Jul 2008)
-- Daniel Fandrich found out we didn't pass on the user-agent properly when
- doing "proxy-tunnels" with non-HTTP prototols and that was simply because
- the code assumed the user-agent was only needed for HTTP.
-
-Daniel Fandrich (10 Jul 2008)
-- Changed slightly the SFTP quote commands chmod, chown and chgrp to only
- set the attribute that has changed instead of all possible ones. Hopefully,
- this will solve the "Permission denied" problem that Nagarajan Sreenivasan
- reported when setting some modes, but regardless, it saves a protocol
- round trip in the chmod case.
-
-- Added test cases 1038 and 1039 to test Adrian Kreher's report that ftp
- uploads with -C - didn't resume properly, but the tests pass.
-
-Yang Tse (10 Jul 2008)
-- Peter Lamberg filed bug report #2015126: "poll gives WSAEINVAL when POLLPRI
- is set in fdset.events" (https://curl.haxx.se/bug/view.cgi?id=2015126) which
- exactly pinpointed the problem only triggered on Windows Vista, provided
- reference to docs and also a fix. There is much work behind Peter Lamberg's
- excellent bug report. Thank You!
-
-Daniel Fandrich (9 Jul 2008)
-- Added tests 1036 and 1037 to verify resumed ftp downloads with -C -
-
-Daniel Stenberg (9 Jul 2008)
-- Andreas Schuldei improved Phil Blundell's patch for IPv6 using c-ares, and I
- edited it slightly. Now you should be able to use IPv6 addresses fine even
- with libcurl built to use c-ares.
-
-Daniel Fandrich (9 Jul 2008)
-- Fixed an OOM handling problem that cause test 11 to fail the torture test.
-
-Daniel Fandrich (8 Jul 2008)
-- Fixed test 554 to pass the torture test.
-
-Daniel Fandrich (7 Jul 2008)
-- Added test cases 1034 & 1035 to test IDN name conversion failures.
-
-Daniel Stenberg (7 Jul 2008)
-- Scott Barrett provided a test case for a segfault in the FTP code and the
- fix for it. It occured when you did a FTP transfer using
- CURLFTPMETHOD_SINGLECWD and then did another one on the same easy handle but
- switched to CURLFTPMETHOD_NOCWD. Due to the "dir depth" variable not being
- cleared properly. Scott's test case is now known as test 539 and it
- verifies the fix.
-
-Daniel Stenberg (3 Jul 2008)
-- Phil Blundell provided a fix for libcurl's treatment of unexpected 1xx
- response codes. Previously libcurl would hang on such occurances. I added
- test case 1033 to verify.
-
-- Introcuding a new timestamp for curl_easy_getinfo():
- CURLINFO_APPCONNECT_TIME. This is set with the "application layer"
- handshake/connection is completed. Which typically is SSL, TLS or SSH and by
- using this you can figure out the application layer's own connect time. You
- can extract the time stamp using curl's -w option and the new variable named
- 'time_appconnect'. This feature was sponsored by Lenny Rachitsky at NeuStar.
-
-Daniel Fandrich (2 Jul 2008)
-- Support Open Watcom C on Linux (as well as Windows).
-
-Yang Tse (2 Jul 2008)
-- The previously committed fix for bug report #1999181 prevented using the
- monotonic clock on any system without an always supported POSIX compliant
- implementation. Now the POSIX compliant configuration check is removed and
- will fallback to gettimeofday when the monotonic clock is unavailable at
- run-time.
-
-- The configure process will now halt when sed, grep, egrep or ar programs
- can not be found among the directories in PATH variable.
-
-Daniel Stenberg (1 Jul 2008)
-- Rolland Dudemaine provided fixes to get libcurl to build for the INTEGRITY
- operating system.
-
-Daniel Stenberg (30 Jun 2008)
-- Made the internal printf() support %llu properly to print unsigned long
longs.
-
-- Stephen Collyer and Tor Arntsen helped identify a flaw in the range code
- which output the range using a signed variable where it should rather use
- unsigned.
-
-Yang Tse (29 Jun 2008)
-- John Lightsey filed bug report #1999181: "CLOCK_MONOTONIC always fails on
- some systems" (https://curl.haxx.se/bug/view.cgi?id=1999181). The problem was
- that the configure script did not use the _POSIX_MONOTONIC_CLOCK feature test
- macro when checking monotonic clock availability. This is now fixed and the
- monotonic clock will not be used unless the feature test macro is defined
- with a value greater than zero indicating always supported.
-
-Daniel Fandrich (25 Jun 2008)
-- Honour --stderr with the -v option.
-
-- Fixed a file handle leak in the command line client if more than one
- --stderr option was given.
-
-Daniel Stenberg (22 Jun 2008)
-- Eduard Bloch filed the debian bug report #487567
- (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487567) pointing out that
- libcurl used Content-Range: instead of Range when doing a range request with
- --head (CURLOPT_NOBODY). This is now fixed and test case 1032 was added to
- verify.
-
-Daniel Fandrich (21 Jun 2008)
-- Stopped using ranges in scanf character sequences (e.g. %[a-z]) since that
- is not ANSI C, just a common extension. This caused problems on
- at least Open Watcom C.
-
-Yang Tse (20 Jun 2008)
-- Modified configuration script to actually verify if the compiler is good
- enough at detecting compilation errors or at least it has been properly
- configured to do so. Configuration heavily depends on this capability, so
- if this compiler sanity check fails the configuration process will now fail.
-
-Daniel Stenberg (20 Jun 2008)
-- Phil Pellouchoud found a case where libcurl built with NSS failed to
- handshake with a SSLv2 server, and it turned out to be because it didn't
- recognize the cipher named "rc4-md5". In our list that cipher was named
- plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported
- that it made things work for him again.
-
-- Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy
- crashed libcurl. This is now addressed by making sure we use "plain send"
- internally when doing the socks handshake instead of the Curl_write()
- function which is designed to use the "target" protocol. That's then SCP or
- SFTP in this case. I also took the opportunity and cleaned up some ssh-
- related #ifdefs in the code for readability.
-
-Daniel Stenberg (19 Jun 2008)
-- Christopher Palow fixed a curl_multi_socket() issue which previously caused
- libcurl to not tell the app properly when a socket was closed (when the name
- resolve done by c-ares is completed) and then immediately re-created and put
- to use again (for the actual connection). Since the closure will make the
- "watch status" get lost in several event-based systems libcurl will need to
- tell the app about this close/re-create case.
-
-- Dengminwen found a bug in the connection re-use function when using the
- multi interface with pipelining enabled as it would wrongly check for,
- detect and close "dead connections" even though that connection was already
- in use!
-
-Daniel Fandrich (18 Jun 2008)
-- Added SSH failure test cases 628-632
-
-- Fixed a memory leak in the command-line tool that caused a valgrind error.
-
-Daniel Stenberg (18 Jun 2008)
-- Rob Crittenden brought a fix for the NSS layer that makes libcurl no longer
- always fire up a new connection rather than using the existing one when the
- multi interface is used. Original bug report:
- https://bugzilla.redhat.com/show_bug.cgi?id=450140
-
-Yang Tse (18 Jun 2008)
-- Internal configure script improvement. No longer break out of shell "for"
- statements from inside AC_FOO_IFELSE macros, otherwise temporary macro files
- are not properly removed.
-
-Daniel Fandrich (12 Jun 2008)
-- Fixed curl-config --ca which wasn't being exported by configure.
-
-Daniel Stenberg (11 Jun 2008)
-- I did a cleanup of the internal generic SSL layer and how the various SSL
- libraries are supported. Starting now, each underlying SSL library support
- code does a set of defines for the 16 functions the generic layer (sslgen.c)
- uses (all these new function defines use the prefix "curlssl_"). This
- greatly simplified the generic layer in readability by involving much less
- #ifdefs and other preprocessor stuff and should make it easier for people to
- make libcurl work with new SSL libraries.
-
- Hopefully I can later on document these 16 functions somewhat as well.
-
- I also made most of the internal SSL-dependent functions (using Curl_ssl_
- prefix) #defined to nothing when no SSL support is requested - previously
- they would unnecessarily call mostly empty functions.
-
- I've built libcurl with OpenSSL and GnuTLS and without SSL to test this and
- I've also tried building with NSS but the NSS support is a mystery to me and
- I failed to build libcurl with the NSS libraries I have installed. We really
- should A) improve our configure script to detect unsuitable NSS versions
- already at configure time and B) document our requirements better for the
- SSL libraries.
-
-Daniel Stenberg (10 Jun 2008)
-- I made the OpenSSL code build again with OpenSSL 0.9.6. The CRLFILE
- functionality killed it due to its unconditional use of
- X509_STORE_set_flags...
-
-Daniel Stenberg (8 Jun 2008)
-- Due to the three new libcurl changes and the massive command line option
- change I decided we'll mark it by bumping the next release number to 7.19.0!
-
-- curl the tool now deals with its command line options somewhat differently!
- All boolean options (such as -O, -I, -v etc), both short and long versions,
- now always switch on/enable the option named. Using the same option multiple
- times thus make no difference. To switch off one of those options, you need
- to use the long version of the option and type --no-OPTION. Like to disable
- verbose mode you use --no-verbose!
-
-- Added --remote-name-all to curl, which if used changes the default for all
- given URLs to be dealt with as if -O is used. So if you want to disable that
- for a specific URL after --remote-name-all has been used, you muse use -o -
- or --no-remote-name.
-
-Daniel Stenberg (6 Jun 2008)
-- Axel Tillequin and Arnaud Ebalard added support for CURLOPT_ISSUERCERT, for
- OpenSSL, NSS and GnuTLS-built libcurls.
-
-- Axel Tillequin and Arnaud Ebalard added support for CURLOPT_CRLFILE, for
- OpenSSL, NSS and GnuTLS-built libcurls.
-
-- Added CURLINFO_PRIMARY_IP as a new information retrievable with
- curl_easy_getinfo. It returns a pointer to a string with the most recently
- used IP address. Modified test case 500 to also verify this feature. The
- implementing of this feature was sponsored by Lenny Rachitsky at NeuStar.
-
-Version 7.18.2 (4 June 2008)
-
-Daniel Fandrich (3 Jun 2008)
-- Fixed a problem where telnet data would be lost if an EWOULDBLOCK
- condition were encountered.
-
-Marty Kuhrt (1 Jun 2008)
-- Updated main.c to return CURLE_OK if PARAM_HELP_REQUESTED was returned
- from getparameter instead of CURLE_FAILED_INIT. No point in returning
- an error if --help or --version were requested.
-
-Daniel Stenberg (28 May 2008)
-- Emil Romanus found a problem and helped me repeat it. It occured when using
- the curl_multi_socket() API with HTTP pipelining enabled and could lead to
- the pipeline basically stalling for a very long period of time until it took
- off again.
-
-- Jeff Weber reported memory leaks with aborted SCP and SFTP transfers and
- provided excellent repeat recipes. I fixed the cases I managed to reproduce
- but Jeff still got some (SCP) problems even after these fixes:
- https://curl.haxx.se/mail/lib-2008-05/0342.html
-
-Daniel Stenberg (26 May 2008)
-- Bug report #1973352 (https://curl.haxx.se/bug/view.cgi?id=1973352) identified
- how the HTTP redirect following code didn't properly follow to a new URL if
- the new url was but a query string such as "Location: ?moo=foo". Test case
- 1031 was added to verify this fix.
-
-- Andreas Faerber and Scott McCreary made (lib)curl build for the Haiku OS.
-
-Yang Tse (26 May 2008)
-- David Rosenstrauch reported that header files spnegohelp.h and
- openssl/objects.h were needed to compile SPNEGO support.
-
-Daniel Fandrich (22 May 2008)
-- Made sure to pass longs in to curl_easy_setopt where necessary in the
- example programs and libtest code.
-
-Daniel Stenberg (19 May 2008)
-- When trying to repeat a multi interface problem I fell over a few multi
- interface problems:
-
- o with pipelining disabled, the state should never be set to WAITDO but
- rather go straight to DO
-
- o we had multiple states for which the internal function returned no socket
- at all to wait for, with the effect that libcurl calls the socket callback
- (when curl_multi_socket() is used) with REMOVE prematurely (as it would be
- added again within very shortly)
-
- o when in DO and DOING states, the HTTP and HTTPS protocol handler functions
- didn't return that the socket should be waited for writing, but instead it
- was treated as if no socket was needing monitoring so again REMOVE was
- called prematurely.
-
-Daniel Stenberg (13 May 2008)
-- Added test case 556 that uses curl_easy_send() and curl_easy_recv()
-
-Daniel Stenberg (9 May 2008)
-- Introducing curl_easy_send() and curl_easy_recv(). They can be used to send
- and receive data over a connection previously setup with curl_easy_perform()
- and its CURLOPT_CONNECT_ONLY option. The sendrecv.c example was added to
- show how they can be used.
-
-Yang Tse (9 May 2008)
-- Internal time differences now use monotonic time source if available.
- This also implies the removal of the winmm.lib dependency for WIN32.
-
-Daniel Stenberg (9 May 2008)
-- Stefan Krause reported a busy-looping case when using the multi interface
- and doing CONNECT to a proxy. The app would then busy-loop until the proxy
- completed its response.
-
-Michal Marek (9 May 2008)
-- Make Curl_write and it's callees accept a const pointer, in preparation
- of tetetest's patch for curl_easy_send()
-
-Daniel Stenberg (7 May 2008)
-- Liam Healy filed the debian bug report #480044
- (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480044) identifying a
- segfault when using krb5 ftp, but the krb4 code had the same problem.
-
-Yang Tse (7 May 2008)
-- Christopher Palow provided the patch (edited by me) that introduces the
- use of microsecond resolution keys for internal splay trees.
-
-Daniel Stenberg (4 May 2008)
-- Yuriy Sosov pointed out a configure fix for detecting c-ares when that is
- built debug-enabled.
-
-Daniel Stenberg (3 May 2008)
-- Ben Van Hof filed bug report #1945240: "libcurl sometimes sends body twice
- when using CURL_AUTH_ANY" (https://curl.haxx.se/bug/view.cgi?id=1945240).
- The problem was that when libcurl rewound a stream meant for upload when it
- would prepare for a second request, it could accidentally continue the
- sending of the rewound data on the first request instead of on the second.
- Ben also provided test case 1030 that verifies this fix.
-
-Daniel Stenberg (3 May 2008)
-- Jean-Francois Bertrand reported a libcurl crash with CURLOPT_TCP_NODELAY
- since libcurl used getprotobyname() and that isn't thread-safe. We now
- switched to use IPPROTO_TCP unconditionally, but perhaps the proper fix is
- to detect the thread-safe version of the function and use that.
- https://curl.haxx.se/mail/lib-2008-05/0011.html
-
-Daniel Stenberg (1 May 2008)
-- Bart Whiteley provided a patch that made libcurl work properly when an app
- uses the CURLOPT_OPENSOCKETFUNCTION callback to create a unix domain socket
- to a http server.
-
-Daniel Stenberg (29 Apr 2008)
-- To make it easier for applications that want lots of magic stuff done on
- redirections and thus cannot use CURLOPT_FOLLOWLOCATION easily, we now
- introduce the new CURLINFO_REDIRECT_URL option that lets applications
- extract the URL libcurl would've redirected to if it had been told to. This
- then enables the application to continue to that URL as it thinks is
- suitable, without having to re-implement the magic of creating the new URL
- from the Location: header etc. Test 1029 verifies it.
-
-Yang Tse (29 Apr 2008)
-- Improved easy interface resolving timeout handling in c-ares enabled builds
-
-Daniel Fandrich (28 Apr 2008)
-- Added test 1028 to test an HTTP redirect to a FTP URL.
-
-Daniel Stenberg (28 Apr 2008)
-- Norbert Frese filed bug report #1951588: "Problem with curlftpfs and
- libcurl" (https://curl.haxx.se/bug/view.cgi?id=1951588) which seems to be an
- identical report to what Denis Golovan reported in
- https://curl.haxx.se/mail/lib-2008-02/0108.html The FTP code didn't reset the
- user/password pointers properly even though there might've been a new
- struct/cconnection getting used.
-
-Daniel Stenberg (26 Apr 2008)
-- Reverted back to use automake 1.9.6 in the next release (from automake
- 1.10.1) since it *still* suffers from Solaris-related bugs. Our previous
- automake 1.10 problem was reported in bug #1701360
- (https://curl.haxx.se/bug/view.cgi?id=1701360) and this recent problem was
- bug #1944825 (https://curl.haxx.se/bug/view.cgi?id=1944825). I have not
- personally approached the automake team about either one of these but I
- figure we need a Solaris 10 guy to do it!
-
-Yang Tse (25 Apr 2008)
-- Added 'timeout' and 'delay' attributes support for the test harness
- <command> subsection.
-
-Daniel Fandrich (24 Apr 2008)
-- Made --stderr able to redirect all stderr messages.
-
-Yang Tse (23 Apr 2008)
-- Improve synchronization between test harness runtests.pl script
- and test harness servers to minimize risk of false test failures.
-
-Daniel Fandrich (22 Apr 2008)
-- Added support for running on Symbian OS.
-
-Daniel Fandrich (18 Apr 2008)
-- Added test cases 1026 and 1027 to do some rudimentary tests on the --manual
- and --help options.
-
-Michal Marek (14 Apr 2008)
-- allow disabling the typechecker by defining CURL_DISABLE_TYPECHECK, as
- discussed in https://curl.haxx.se/mail/lib-2008-04/0291.html
-
-Daniel Stenberg (14 Apr 2008)
-- Stefan Krause reported a case where the OpenSSL handshake phase wasn't
- properly acknowledging the timeout values, like if you pulled the network
- plug in the midst of it.
-
-- Andre Guibert de Bruet fixed a second case of not checking the malloc()
- return code in the Negotiate code.
-
-- Sandor Feldi reported bug #1942022
- (https://curl.haxx.se/bug/view.cgi?id=1942022) pointing out a mistake in the
- lib/Makefile.vc[68] makefiles' release-ssl-dll target.
-
-- Brock Noland reported that curl behaved differently depending on which order
- you used -i and -I.
-
-Daniel Stenberg (12 Apr 2008)
-- Andre Guibert de Bruet found and fixed a case where malloc() was called but
- was not checked for a NULL return, in the Negotiate code.
-
-Daniel Fandrich (9 Apr 2008)
-- Added test cases 1024 & 1025 to test a scenario similar to the one reported
- by Ben Combee where libcurl would send the wrong cookie to a redirected
- server. libcurl was doing the right thing in these test cases.
-
-Michal Marek (7 Apr 2008)
-- Fix the MIT / Heimdal check for good:
- Define HAVE_GSSMIT if <gssapi/{gssapi.h,gssapi_generic.h,gssapi_krb5.h}> are
- available, otherwise define HAVE_GSSHEIMDAL if <gssapi.h> is available.
-
- Only define GSS_C_NT_HOSTBASED_SERVICE to gss_nt_service_name if
- GSS_C_NT_HOSTBASED_SERVICE isn't declared by the gssapi headers. This should
- avoid breakage in case we wrongly recognize Heimdal as MIT again.
-
-Daniel Stenberg (5 Apr 2008)
-- Alexey Simak fixed curl_easy_reset() to reset the max redirect limit properly
-
-- Based on the Debian bug report #474224 that complained about the FTP error
- message when libcurl doesn't get a 220 back immediately on connect, I now
- changed it to be more specific on what the problem is. Also worth noticing:
- while the bug report contains an example where the response is:
-
- 421 There are too many connected users, please try again later
-
- we cannot assume that the error message will always be this readable nor
- that it fits within a particular boundary etc.
-
-Daniel Fandrich (3 Apr 2008)
-- Added test627 to test SFTP with CURLOPT_NOBODY
-
-Daniel Stenberg (3 Apr 2008)
-- Setting CURLOPT_NOBODY to FALSE will now switch the HTTP request method to
- GET simply because previously when you set CURLOPT_NOBODY to TRUE first and
- then FALSE you'd end up in a broken state where a HTTP request would do a
- HEAD by still act a lot like for a GET and hang waiting for the content etc.
-
-- Scott Barrett added support for CURLOPT_NOBODY over SFTP
-
-Daniel Fandrich (3 Apr 2008)
-- Made sure that curl_global_init is called in all the multithreaded
- example programs.
-
-Michal Marek (31 Mar 2008)
-- Removed the generated ca-bundle.h file. The verbatim value of $ca and
- $capath is known to configure, so it can be defined in config.h instead.
-
-Daniel Stenberg (31 Mar 2008)
-- Added CURLFORM_STREAM as a supported option to curl_formadd() to allow an
- application to provide data for a multipart with the read callback. Note
- that the size needs to be provided with CURLFORM_CONTENTSLENGTH when the
- stream option is used. This feature is verified by the new test case
- 554. This feature was sponsored by Xponaut.
-
-Daniel Fandrich (30 Mar 2008)
-- Changed the makefile so the doc/examples/ programs are never built in a
- normal build/install (only with the 'make check' target), so that a
- build failure in the examples isn't fatal.
-
-Version 7.18.1 (30 March 2008)
-
-Daniel Stenberg (28 Mar 2008)
-- Stephen Collyer pointed out that configure --with-libssh2 without a given
- path didn't work properly.
-
-Daniel Stenberg (27 Mar 2008)
-- As found out and reported by Dan Petitt, libcurl didn't show progress/call
- the progress callback for the first (potentially huge) piece of body data
- sent together with the POST request headers in the initial send().
-
-Daniel Stenberg (25 Mar 2008)
-- Made setting the CURLOPT_SSL_CTX_FUNCTION option return a failure in case
- libcurl wasn't built to use OpenSSL as that is a prerequisite for this
- option to function!
-
-Daniel Stenberg (22 Mar 2008)
-- Fixed the problem with doing a zero byte SCP transfer, verified with test
- case 617 (which was added by Daniel Fandrich 5 Mar 2008).
-
-Daniel Fandrich (20 Mar 2008)
-- Fixed a problem where curl-config --protocols could erroneously show LDAPS
- support when curl didn't even have regular LDAP support. It looks like
- this could happen when the --enable-ldaps configure switch is given but
- configure couldn't find the LDAP headers or libraries.
-
-Michal Marek (20 Mar 2008)
-- Added --with-ca-path=DIRECTORY configure option to use an openSSL CApath by
- default instead of a ca bundle. The configure script will also look for a
- ca path if no ca bundle is found and no option given.
-
-- Fixed detection of previously installed curl-ca-bundle.crt
-
-Daniel Fandrich (18 Mar 2008)
-- Added test 626 to reproduce an infinite loop when given an invalid
- SFTP quote command reported by Vincent Le Normand, and fixed it.
-
-Michal Marek (18 Mar 2008)
-- Added curl_easy_getinfo typechecker.
-
-- Added macros for curl_share_setopt and curl_multi_setopt to check at least
- the correct number of arguments.
-
-Daniel Fandrich (13 Mar 2008)
-- Added tests 622-625 to test SFTP/SCP uploads. Test 625 was an attempt to
- reproduce the --ftp-create-dirs problem reported by Brian Ulm, but that
- seems to need a call curl_easy_reset() which this test case doesn't do.
-
-Daniel Stenberg (13 Mar 2008)
-- Brian Ulm figured out that if you did an SFTP upload with
- CURLOPT_FTP_CREATE_MISSING_DIRS to create a directory, and then re-used the
- handle and uploaded another file to another directory that needed to be
- created, the second upload would fail. Another case of a state variable that
- wasn't properly reset between requests.
-
-- I rewrote the 100-continue code to use a single state variable instead of
- the previous two ones. I think it made the logic somewhat clearer.
-
-Daniel Stenberg (11 Mar 2008)
-- Dmitry Popov filed bug report #1911069
- (https://curl.haxx.se/bug/view.cgi?id=1911069) that identified a race
- condition in the name resolver code when the DNS cache is shared between
- multiple easy handles, each running in simultaneous threads that could cause
- crashes.
-
-- Added a macro for curl_easy_setopt() that accepts three arguments and simply
- does nothing with them, just to make sure libcurl users always use three
- arguments to this function. Due to its use of ... for the third argument, it
- is otherwise hard to detect abuse.
-
-Michal Marek (11 Mar 2008)
-- Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only
- works in C mode atm (https://curl.haxx.se/mail/lib-2008-02/0267.html ,
- https://curl.haxx.se/mail/lib-2008-02/0292.html )
-
-Daniel Fandrich (10 Mar 2008)
-- Added tests 618-621 to test SFTP/SCP transfers of more than one file
- (test 620 tests the just-fixed problem reported by Brian Ulm).
-
-Daniel Stenberg (9 Mar 2008)
-- Brian Ulm reported a crash when doing a second SFTP transfer on a re-used
- easy handle if curl_easy_reset() was used between them. I fixed it and Brian
- verified that it cured his problem.
-
-- Brian Ulm reported that if you first tried to download a non-existing SFTP
- file and then fetched an existing one and re-used the handle, libcurl would
- still report the second one as non-existing as well! I fixed it and Brian
- verified that it cured his problem.
-
-Michal Marek (6 Mar 2008)
-- Fix the gssapi configure check to detect newer MIT Kerberos (patch by
- Michael Calmer)
-
-Yang Tse (6 Mar 2008)
-- Fix regression on Curl_socket_ready() and Curl_poll() so that these will
- again fail on select/poll errors different than EINTR.
-
-Daniel Fandrich (5 Mar 2008)
-- Fixed the test harness so it will write out zero-length data files.
-
-- Added tests 616 and 617 to see how SFTP and SCP cope with zero-length
- files, as questioned by Mike Protts. SFTP does for me but SCP doesn't
- so test 617 is disabled for now.
-
-Daniel S (4 Mar 2008)
-- Mike Protts brought a patch that makes resumed transfers work with SFTP.
-
-Daniel S (1 Mar 2008)
-- Anatoli Tubman found and fixed a crash with Negotiate authentication used on
- a re-used connection where both requests used Negotiate.
-
-Guenter Knauf (26 Feb 2008)
-- Kaspar Brand provided a patch to support server name indication (RFC 4366).
-
-Daniel S (25 Feb 2008)
-- Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
- forces it to prefer SSLv3.
-
-Daniel S (23 Feb 2008)
-- Sam Listopad provided a patch in feature-request #1900014
- https://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
- use OpenSSL) support a full chain of certificates in a given PKCS12
- certificate.
-
-Daniel S (22 Feb 2008)
-- Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model
- options as the lib/Makefile.vc6 already did.
-
-Daniel S (21 Feb 2008)
-- Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
- happened if you set the connection cache size to 1 and for example failed to
- login to an FTP site. Bug report #1896698
- (https://curl.haxx.se/bug/view.cgi?id=1896698)
-
-Daniel S (20 Feb 2008)
-- Fixed test case 405 to not fail when libcurl is built with GnuTLS
-
-- Based on initial work done by Gautam Kachroo to address a bug, we now keep
- better control at the exact state of the connection's SSL status so that we
- know exactly when it has completed the SSL negotiation or not so that there
- won't be accidental re-uses of connections that are wrongly believed to be
- in SSL-completed-negotiate state.
-
-- We no longer support setting the CURLOPT_URL option from inside a callback
- such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
- following. The patch that introduced this feature was done for 7.11.0, but
- this code and functionality has been broken since about 7.15.4 (March 2006)
- with the introduction of non-blocking OpenSSL "connects".
-
- It was a hack to begin with and since it doesn't work and hasn't worked
- correctly for a long time and nobody has even noticed, I consider it a very
- suitable subject for plain removal. And so it was done.
-
-Guenter Knauf (19 Feb 2008)
-- We do no longer support SSLv2 by default since it has known flaws.
- Kaspar Brand provided a patch for all supported SSL toolkits.
-
-Daniel Fandrich (19 Feb 2008)
-- Added test309 to test HTTP redirect to HTTPS URL
-
-Daniel S (18 Feb 2008)
-- We're no longer providing a very old ca-bundle in the curl tarball. You can
- get a fresh one downloaded and created with 'make ca-bundle' or you can get
- one from here => https://curl.haxx.se/docs/caextract.html if you want a fresh
- new one extracted from Mozilla's recent list of ca certs.
-
- The configure option --with-ca-bundle now lets you specify what file to use
- as default ca bundle for your build. If not specified, the configure script
- will check a few known standard places for a global ca cert to use.
-
-Daniel S (17 Feb 2008)
-- Jerome Muffat-Meridol helped me fix Curl_done() to close the current
- connection by force when it was called before the entire request is
- completed, simply because we can't know if the connection really can be
- re-used safely at that point.
-
-- Based on the same debugging logic, I've also made Curl_http_done() not
- return CURLE_GOT_NOTHING if called "prematurely". This should have no real
- effect to anything but the code makes more sense like this.
-
-Daniel S (15 Feb 2008)
-- Made the gnutls code path not even try to get the server cert if no peer
- verification is requested. Previously it would even return failure if gnutls
- failed to get the server cert even though no verification was asked for.
- Public server showing the problem: https://www.net222.caisse-epargne.fr
-
-- Fix my Curl_timeleft() leftover mistake in the gnutls code
-
-- Pooyan McSporran found and fixed a flaw where you first would do a normal
- http request and then you'd reuse the handle and replace the Accept: header,
- as then libcurl would send two Accept: headers!
-
-Daniel S (11 Feb 2008)
-- Yang Tse pointed out a few remaining quirks from my timeout refactoring from
- Feb 7 that didn't abort properly on timeouts. These are actually old
- problems but now they should be fixed.
-
-Yang Tse (10 Feb 2008)
-- Bug report #1888932 (https://curl.haxx.se/bug/view.cgi?id=1888932) points out
- and provides test program that demonstrates that libcurl might not set error
- description message for error CURLE_COULDNT_RESOLVE_HOST for Windows threaded
- name resolver builds. Fixed now.
-
-Daniel Fandrich (8 Feb 2008)
-- Added key words to all SSL-using tests so they can be skipped if necessary.
- Removed a few unnecessary requires SSL statements.
-
-Daniel S (8 Feb 2008)
-- Mike Hommey filed and fixed bug report #1889856
- (https://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl
- layer, cleaning-up and reinitializing curl ends up with https requests
- failing with "ASN1 parser: Element was not found" errors. Obviously a
- regression added in 7.16.3.
-
-Yang Tse (8 Feb 2008)
-- Improved test harness SCP/SFTP start up server verification, doing a real
- connection to the sftp server, authenticating and running a simple sftp
- pwd command using the test harness generated configuration and key files.
-
-Daniel S (8 Feb 2008)
-- G�nter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle and
- creates a suitable ca-bundle.crt file in PEM format for use with curl. The
- recommended way to run it is to use 'make ca-bundle' in the build tree root.
-
-Daniel Fandrich (7 Feb 2008)
-- Added tests 1022 and 1023 to validate output of curl-config --version and
- --vernum
-
-Daniel S (7 Feb 2008)
-- Refactored a lot of timeout code into a few functions in an attempt to make
- them all use the same (hopefully correct) logic to make it less error-prone
- and easier to introduce library-wide where it should be used.
-
-Yang Tse (6 Feb 2008)
-- Fix an issue in strdup replacement function when dealing with absolutely
- huge strings. Only systems without a standard strdup would be affected.
-
-Daniel S (3 Feb 2008)
-- Dmitry Kurochkin cleaned up the pipelining code and removed the need for and
- use of the "is_in_pipeline" struct field.
-
-- I wrote up and added the threaded-ssl.c example source code that shows how
- to do multi-threaded downloads of HTTPS files with a libcurl that is built
- with OpenSSL. It uses pthreads for the threading.
-
-Daniel S (31 Jan 2008)
-- Niklas Angebrand made the cookie support in libcurl properly deal with the
- "HttpOnly" feature introduced by Microsoft and apparently also supported by
- Firefox: https://msdn.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
- is now supported when received from servers in HTTP headers, when written to
- cookie jars and when read from existing cookie jars.
-
- I modified test case 31 and 46 to also do some basic HttpOnly testing.
-
-- Dmitry Kurochkin moved several struct fields from the connectdata struct to
- the SingleRequest one to make pipelining better. It is a bit tricky to keep
- them in the right place, to keep things related to the actual request or to
- the actual connection in the right place.
-
-Daniel S (29 Jan 2008)
-- Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previously
- crash!
-
-- Michal Marek fixed minor mistake in test case 553 that prevented it from
- working on other IP-addresses or port numbers.
-
-Version 7.18.0 (28 January 2008)
-
-Daniel S (27 Jan 2008)
-- Dmitry Kurochkin: In "real world" testing I found more bugs in
- pipelining. Broken connection is not restored and we get into infinite
- loop. It happens because of wrong is_in_pipeline values.
-
-Daniel S (26 Jan 2008)
-- Kevin Reed filed bug report #1879375
- (https://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl
- got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any
- proxy authentication and the proxy replies with an auth (like NTLM) and then
- closes the connection after that initial informational response.
-
- libcurl would not properly re-initialize the connection to the proxy and
- continue the auth negotiation like supposed. It does now however, as it will
- now detect if one or more authentication methods were available and asked
- for, and will thus retry the connection and continue from there.
-
-- I made the progress callback get called properly during proxy CONNECT.
-
-Daniel S (23 Jan 2008)
-- Igor Franchuk pointed out that CURLOPT_COOKIELIST set to "ALL" leaked
- memory, and so did "SESS". Fixed now.
-
-Yang Tse (22 Jan 2008)
-- Check poll.h at configuration time, and use it when sys/poll.h unavailable
-
-Daniel S (22 Jan 2008)
-- Dmitry Kurochkin removed the cancelled state for pipelining, as we agreed
- that it is bad anyway. Starting now, removing a handle that is in used in a
- pipeline will break the pipeline - it'll be set back up again but still...
-
-Yang Tse (21 Jan 2008)
-- Disable ldap support for cygwin builds, since it breaks whole build process.
- Fixing it will affect other platforms, so it is postponed for another
release.
-
-Daniel S (18 Jan 2008)
-- Lau Hang Kin found and fixed a problem with the multi interface when doing
- CONNECT over a proxy. curl_multi_fdset() didn't report back the socket
- properly during that state, due to a missing case in the switch in the
- multi_getsock() function.
-
-Yang Tse (17 Jan 2008)
-- Don't abort tests 518 and 537 when unable to raise the open-file soft limit.
-
-Daniel S (16 Jan 2008)
-- Nathan Coulter's patch that makes runtests.pl respect the PATH when figuring
- out what valgrind to run.
-
-Yang Tse (16 Jan 2008)
-- Improved handling of out of memory in the command line tool that afected
- data url encoded HTTP POSTs when reading it from a file.
-
-Daniel S (16 Jan 2008)
-- Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support that
- previously had a number of flaws, perhaps most notably when an application
- fired up N transfers at once as then they wouldn't pipeline at all that
- nicely as anyone would think... Test case 530 was also updated to take the
- improved functionality into account.
-
-- Calls to Curl_failf() are not supposed to provide a trailing newline as the
- function itself adds that. Fixed on 50 or something strings!
-
-Daniel S (15 Jan 2008)
-- I made the torture test on test 530 go through. This was actually due to
- silly code left from when we switched to let the multi handle "hold" the dns
- cache when using the multi interface... Of course this only triggered when a
- certain function call returned error at the correct moment.
-
-Daniel S (14 Jan 2008)
-- Joe Malicki filed bug report #1871269
- (https://curl.haxx.se/bug/view.cgi?id=1871269) and we could fix his hang-
- problem that occurred when doing a large HTTP POST request with the
- response-body read from a callback.
-
-Daniel S (12 Jan 2008)
-- I re-arranged the curl --help output. All the options are now sorted on
- their long option names and all descriptions are one-liners.
-
-- Eric Landes provided the patch (edited by me) that introduces the
- --keepalive-time to curl to set the keepalive probe interval. I also took
- the opportunity to rename the recently added no-keep-alive option to
- no-keepalive to keep a consistent naming and to avoid getting two dashes in
- these option names. Eric also provided an update to the man page for the new
- option.
-
-Daniel S (11 Jan 2008)
-- Daniel Egger made CURLOPT_RANGE work on file:// URLs the very same way it
- already worked for FTP:// URLs.
-
-- I made the curl tool switch from using CURLOPT_IOCTLFUNCTION to now use the
- spanking new CURLOPT_SEEKFUNCTION simply to take advantage of the improved
- performance for the upload resume cases where you want to upload the last
- few bytes of a very large file. To implement this decently, I had to switch
- the client code for uploading from fopen()/fread() to plain open()/read() so
- that we can use lseek() to do >32bit seeks (as fseek() doesn't allow that)
- on systems that offer support for that.
-
-Daniel S (10 Jan 2008)
-- Michal Marek made curl-config --libs not include /usr/lib64 in the output
- (it already before skipped /usr/lib). /usr/lib64 is the default library
- directory on many 64bit systems and it's unlikely that anyone would use the
- path privately on systems where it's not.
-
-- Georg Lippitsch brought CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA to allow
- libcurl to seek in a given input stream. This is particularly important when
- doing upload resumes when there's already a huge part of the file present
- remotely. Before, and still if this callback isn't used, libcurl will read
- and through away the entire file up to the point to where the resuming
- begins (which of course can be a slow opereration depending on file size,
- I/O bandwidth and more). This new function will also be preferred to get
- used instead of the CURLOPT_IOCTLFUNCTION for seeking back in a stream when
- doing multi-stage HTTP auth with POST/PUT.
-
-- Nikitinskit Dmitriy filed bug report #1868255
- (https://curl.haxx.se/bug/view.cgi?id=1868255) with a patch. It identifies
- and fixes a problem with parsing WWW-Authenticate: headers with additional
- spaces in the line that the parser wasn't written to deal with.
-
-Daniel S (8 Jan 2008)
-- Introducing curl_easy_pause() and new magic return codes for both the read
- and the write callbacks that now can make a connection's reading and/or
- writing get paused.
-
-Daniel S (6 Jan 2008)
-- Jeff Johnson filed bug report #1863171
- (https://curl.haxx.se/bug/view.cgi?id=1863171) where he pointed out that
- libcurl's date parser didn't accept a +1300 time zone which actually is used
- fairly often (like New Zealand's Dailight Savings Time), so I modified the
- parser to now accept up to and including -1400 to +1400.
-
-Daniel S (5 Jan 2008)
-- Based on further discussion on curl-library, I reverted yesterday's SOCKS5
- code to instead introduce support for a new proxy type called
- CURLPROXY_SOCKS5_HOSTNAME that is used to send the host name to the proxy
- instead of IP address and there's thus no longer any need for a new
- curl_easy_setopt() option.
-
- The default SOCKS5 proxy is again back to sending the IP address to the
- proxy. The new curl command line option for enabling sending host name to a
- SOCKS5 proxy is now --socks5-hostname.
-
-Daniel S (4 Jan 2008)
-- Based on Maxim Perenesenko's patch, we now do SOCKS5 operations and let the
- proxy do the host name resolving and only if --socks5ip (or
- CURLOPT_SOCKS5_RESOLVE_LOCAL) is used we resolve the host name locally and
- pass on the IP address only to the proxy.
-
-Yang Tse (3 Jan 2008)
-- Modified test harness to allow SCP, SFTP and SOCKS4 tests to run with
- OpenSSH 2.9.9, SunSSH 1.0 or later versions. SOCKS5 tests need OpenSSH
- 3.7, SunSSH 1.0 or later.
-
-Daniel S (2 Jan 2008)
-- I fixed two cases of missing return code checks when handling chunked
- decoding where a write error (or abort return from a callback) didn't stop
- libcurl's processing.
-
-- I removed the socklen_t use from the public curl/curl.h header and instead
- made it an unsigned int. The type was only used in the curl_sockaddr struct
- definition (only used by the curl_opensocket_callback). On all platforms I
- could find information about, socklen_t is 32 unsigned bits large so I don't
- think this will break the API or ABI. The main reason for this change is of
- course for all the platforms that don't have a socklen_t definition in their
- headers to build fine again. Providing our own configure magic and custom
- definition of socklen_t on those systems proved to work but was a lot of
- cruft, code and extra magic needed - when this very small change of type
- seems harmless and still solves the missing socklen_t problem.
-
-- Richard Atterer brought a patch that added support for SOCKS4a proxies,
- which is an inofficial PROXY4 variant that sends the hostname to the proxy
- instead of the resolved address (which is already supported by SOCKS5).
- --socks4a is the curl command line option for it and CURLOPT_PROXYTYPE can
- now be set to CURLPROXY_SOCKS4A as well.
-
-Daniel S (1 Jan 2008)
-- Mohun Biswas pointed out that --libcurl generated a source code with an int
- function but without a return statement. While fixing that, I also took care
- about adding some better comments for the generated code.
-
-Daniel S (27 Dec 2007)
-- Dmitry Kurochkin mentioned a flaw
- (https://curl.haxx.se/mail/lib-2007-12/0252.html) in detect_proxy() which
- failed to set the bits.proxy variable properly when an environment variable
- told libcurl to use a http proxy.
-
-Daniel S (26 Dec 2007)
-- In an attempt to repeat the problem in bug report #1850730
- (https://curl.haxx.se/bug/view.cgi?id=1850730) I wrote up test case 552. The
- test is doing a 70K POST with a read callback and an ioctl callback over a
- proxy requiring Digest auth. The test case code is more or less identical to
- the test recipe code provided by Spacen Jasset (who submitted the bug
- report).
-
-Daniel S (25 Dec 2007)
-- Gary Maxwell filed bug report #1856628
- (https://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the
- (small) memory leak in the SSL session ID caching code. It happened when a
- previous entry in the cache was re-used.
-
-Daniel Fandrich (19 Dec 2007)
-- Ensure that nroff doesn't put anything but ASCII characters into the
- --manual text.
-
-Yang Tse (18 Dec 2007)
-- MSVC 9.0 (VS2008) does not support Windows build targets prior to WinXP,
- and makes wrong asumptions of build target when it isn't specified. So,
- if no build target has been defined we will target WinXP when building
- curl/libcurl with MSVC 9.0 (VS2008).
-
-- (https://curl.haxx.se/mail/archive-2007-12/0039.html) reported and fixed
- a file truncation problem on Windows build targets triggered when retrying
- a download with curl.
-
-Daniel S (17 Dec 2007)
-- Mateusz Loskot pointed out that MSVC 9.0 (VS2008) has the pollfd struct and
- defines in winsock2.h somehow differently than previous versions and that
- curl 7.17.1 would fail to compile out of the box.
-
-Daniel S (13 Dec 2007)
-- David Wright filed bug report #1849764
- (https://curl.haxx.se/bug/view.cgi?id=1849764) with an included fix. He
- identified a problem for re-used connections that previously had sent
- Expect: 100-continue and in some situations the subsequent POST (that didn't
- use Expect:) still had the internal flag set for its use. David's fix (that
- makes the setting of the flag in every single request unconditionally) is
- fine and is now used!
-
-Daniel S (12 Dec 2007)
-- Gilles Blanc made the curl tool enable SO_KEEPALIVE for the connections and
- added the --no-keep-alive option that can disable that on demand.
-
-Daniel S (9 Dec 2007)
-- Andrew Moise filed bug report #1847501
- (https://curl.haxx.se/bug/view.cgi?id=1847501) and pointed out a memcpy()
- that should be memmove() in the convert_lineends() function.
-
-Daniel S (8 Dec 2007)
-- Renamed all internal static functions that had Curl_ prefixes to no longer
- have them. The Curl_ prefix is exclusively used for library internal global
- symbols. Static functions can be named anything, except for using Curl_ or
- curl_ prefixes. This is for consistency and for easier maintainance and
- overview.
-
-- Cleaned up and reformatted the TODO document to look like the FAQ and
- CONTRIBUTE, which makes nicer web pages
-
-- Added test cases 549 and 550 that test CURLOPT_PROXY_TRANSFER_MODE.
-
-- Added keywords on a bunch of test cases
-
-- Fixed an OOM problem in the curl code that would lead to fclose on a bad
- handle and crash
-
-Daniel S (5 Dec 2007)
-- Spacen Jasset reported a problem with doing POST (with data read with a
- callback) over a proxy when NTLM is used as auth with the proxy. The bug
- also concerned Digest and was limited to using callback only. Spacen worked
- with us to provide a useful patch. I added the test case 547 and 548 to
- verify two variations of POST over proxy with NTLM.
-
-Daniel S (3 Dec 2007)
-- Ray Pekowski filed bug report #1842029
- (https://curl.haxx.se/bug/view.cgi?id=1842029) in which he identified a
- problem with SSL session caching that prevent it from working, and provided
- the associated fix!
-
-- Now libcurl (built with OpenSSL) doesn't return error anymore if the remote
- SSL-based server doesn't present a certificate when the request is told to
- ignore certificate verification anyway.
-
-- Michal Marek introduced CURLOPT_PROXY_TRANSFER_MODE which is used to control
- the appending of the "type=" thing on FTP URLs when they are passed to a
- HTTP proxy. Some proxies just don't like that appending (which is done
- unconditionally in 7.17.1), and some proxies treat binary/ascii transfers
- better with the appending done!
-
-Daniel S (29 Nov 2007)
-- A bug report on the curl-library list showed a HTTP Digest session going on
- with a 700+ letter nonce. Previously libcurl only support 127 letter ones
- and now I bumped it to 1023.
-
-- Fixed the resumed FTP upload loop to not require that the read callback
- returns a full buffer on each invoke.
-
-Daniel S (25 Nov 2007)
-- Added test case 1015 that tests --data-urlencode in multiple ways
-
-- Fixed --data-urlencode for when no @ or = are used
-
-- Extended the user-agent buffer curl uses, since we can hit the 128 byte
- border with plenty development libraries used. Like my current set: "curl
- 7.17.2-CVS (i686-pc-linux-gnu) libcurl/7.17.2-CVS OpenSSL/0.9.8g
- zlib/1.2.3.3 c-ares/1.5.2-CVS libidn/1.1 libssh2/0.19.0-CVS"
-
-Daniel S (24 Nov 2007)
-- Internal rearrangements, so that the previous struct HandleData is no more.
- It is now known as SingleRequest and the Curl_transfer_keeper struct within
- that was remove entirely. This has the upside that there are less duplicate
- struct members that made it hard to see and remember what struct that was
- used to store what data. The transfer_keeper thing was once stored on a
- per-connection basis and then it made sense to have the duplicate info but
- since it was moved to the SessionHandle (in 7.16.0) it just added weirdness.
- The SingleRequest struct is used by data that only is valid for this single
- request.
-
-Yang Tse (22 Nov 2007)
-- Provide a socklen_t definition in curl.h for Win32 API build targets
- which don't have one.
-
-Daniel S (22 Nov 2007)
-- Alessandro Vesely helped me improve the --data-urlencode's syntax, parser
- and documentation.
-
-Daniel S (21 Nov 2007)
-- While inspecting the Negotiate code, I noticed how the proxy auth was using
- the same state struct as the host auth, so both could never be used at the
- same time! I fixed it (without being able to check) to use two separate
- structs to allow authentication using Negotiate on host and proxy
- simultaneously.
-
-Daniel S (20 Nov 2007)
-- Emil Romanus pointed out a bug that made an easy handle get the cookie
- engine activated when set to use a share (even if the share doesn't share
- cookies). I fixed it.
-
-- Fixed a very long-lasting mprintf() bug that occurred when we did "%.*s%s",
- since the second %s would then wrongly used the numerical precision argument
- instead and crash.
-
-- Introduced --data-urlencode to the curl tool for easier url encoding of the
- data sent in a post.
-
-Daniel S (18 Nov 2007)
-- Rob Crittenden fixed SSL connections with NSS done with the multi-interface
-
-Daniel S (17 Nov 2007)
-- Michal Marek made the test suite remember what test servers that fail to
- start so that subsequent tries are simply skipped.
-
-- Andres Garcia made the examples build fine on Windows (mingw + msys) when
- the lib was built staticly.
-
-Daniel S (16 Nov 2007)
-- Ates Goral identified a problem in http.c:add_buffer_send() when a debug
- callback was used, as it could wrongly pass on a bad size for the outgoing
- HTTP header. The bad size would be a very large value as it was a wrapped
- size_t content. This happened when the whole HTTP request failed to get sent
- in one single send. https://curl.haxx.se/mail/lib-2007-11/0165.html
-
-Daniel S (15 Nov 2007)
-- Fixed yet another remaining problem with doing SFTP directory listings on a
- re-used persistent connection. Mentioned by Immanuel Gregoire on the mailing
- list.
-
-- Michal Marek fixed the test suite to better deal with the case when the HTTP
- IPv6 server can't run.
-
-Yang Tse (14 Nov 2007)
-- Fix a variable potential wrapping in add_buffer() when using absolutely
- huge send buffer sizes.
-
-Daniel S (13 Nov 2007)
-- Fixed a remaining problem with doing SFTP directory listings on a re-used
- persistent connection. Mentioned by Immanuel Gregoire on the mailing list.
-
-Daniel S (12 Nov 2007)
-- Bug report #1830637 (https://curl.haxx.se/bug/view.cgi?id=1830637), which was
- forwarded from the Gentoo bug tracker by Daniel Black and was originally
- submitted by Robin Johnson, pointed out that libcurl would do bad memory
- references when it failed and bailed out before the handler thing was
- setup. My fix is not done like the provided patch does it, but instead I
- make sure that there's never any chance for a NULL pointer in that struct
- member.
-
-Yang Tse (10 Nov 2007)
-- Vikram Saxena (https://curl.haxx.se/mail/lib-2007-11/0096.html) pointed out
- that the pollfd struct was being multi defined when using VS2008. This is
- now fixed in /curl/lib/select.h
-
-Daniel S (8 Nov 2007)
-- Bug report #1823487 (https://curl.haxx.se/bug/view.cgi?id=1823487) pointed
- out that SFTP requests didn't use persistent connections. Neither did SCP
- ones. I gave the SSH code a good beating and now both SCP and SFTP should
- use persistent connections fine. I also did a bunch of indent changes as
- well as a bug fix for the "keyboard interactive" auth.
-
-Dan F (6 Nov 2007)
-- Improved telnet support by drastically reducing the number of write
- callbacks needed to pass a buffer to the user. Instead one per byte it
- is now as little as one per segment.
-
-Yang Tse (6 Nov 2007)
-- Bug report #1824894 (https://curl.haxx.se/bug/view.cgi?id=1824894) pointed
- out a problem in curl.h when building C++ apps with MSVC. To fix it, the
- inclusion of header files in curl.h is moved outside of the C++ extern "C"
- linkage block.
-
-Daniel S (1 Nov 2007)
-- Toby Peterson patched a memory problem in the command line tool that
- happened when a user had a home dir as an empty string. curl would then do
- free() on a wrong area.
-
-Dan F (1 Nov 2007)
-- Fixed curl-config --features to not display libz when it wasn't used
- due to a missing header file.
-
-Dan F (31 October 2007)
-- Fixed the output of curl-config --protocols which showed SCP and SFTP
- always, except when --without-libssh2 was given
-
-- Added test cases 1013 and 1014 to check that curl-config --protocols and
- curl-config --features matches the output of curl --version
-
-Dan F (30 October 2007)
-- Fixed an OOM problem with file: URLs
-
-- Moved Curl_file_connect into the protocol handler struct
-
-Dan F (29 October 2007)
-- Added test case 546 to check that subsequent FTP transfers work after a
- failed one using the multi interface
-
-Daniel S (29 October 2007)
-- Based on one of those bug reports that are intercepted by a distro's bug
- tracker (https://bugzilla.redhat.com/show_bug.cgi?id=316191), I now made
- curl-config --features and --protocols show the correct output when built
- with NSS.
-
-Version 7.17.1 (29 October 2007)
-
-Dan F (25 October 2007)
-- Added the --static-libs option to curl-config
-
-Daniel S (25 October 2007)
-- Made libcurl built with NSS possible to ignore the peer verification.
- Previously it would fail if the ca bundle wasn't present, even if the code
- ignored the verification results.
-
-Patrick M (25 October 2007)
-- Fixed test server to allow null bytes in binary posts.
-_ Added tests 35, 544 & 545 to check binary data posts, both static (in place)
- and dynamic (copied).
-
-Daniel S (25 October 2007)
-- Michal Marek fixed the test script to be able to use valgrind even when the
- lib is built shared with libtool.
-
-- Fixed a few memory leaks when the same easy handle is re-used to request
- URLs with different protocols. FTP and TFTP related leaks. Caught thanks to
- Dan F's new test cases.
-
-Dan F (24 October 2007)
-- Fixed the test FTP and TFTP servers to support the >10000 test number
- notation
-
-- Added test cases 2000 through 2003 which test multiple protocols using the
- same easy handle
-
-- Fixed the filecheck: make target to work outside the source tree
-
-Daniel S (24 October 2007)
-- Vladimir Lazarenko pointed out that we should do some 'mt' magic when
- building with VC8 to get the "manifest" embedded to make fine stand-alone
- binaries. The maketgz and the src/Makefile.vc6 files were adjusted
- accordingly.
-
-Daniel S (23 October 2007)
-- Bug report #1812190 (https://curl.haxx.se/bug/view.cgi?id=1812190) points out
- that libcurl tried to re-use connections a bit too much when using non-SSL
- protocols tunneled over a HTTP proxy.
-
-Daniel S (22 October 2007)
-- Michal Marek forwarded the bug report
- https://bugzilla.novell.com/show_bug.cgi?id=332917 about a HTTP redirect to
- FTP that caused memory havoc. His work together with my efforts created two
- fixes:
-
- #1 - FTP::file was moved to struct ftp_conn, because is has to be dealt with
- at connection cleanup, at which time the struct HandleData could be
- used by another connection.
- Also, the unused char *urlpath member is removed from struct FTP.
-
- #2 - provide a Curl_reset_reqproto() function that frees
- data->reqdata.proto.* on connection setup if needed (that is if the
- SessionHandle was used by a different connection).
-
- A long-term goal is of course to somehow get rid of how the reqdata struct
- is used, as it is too error-prone.
-
-- Bug report #1815530 (https://curl.haxx.se/bug/view.cgi?id=1815530) points out
- that specifying a proxy with a trailing slash didn't work (unless it also
- contained a port number).
-
-Patrick M (15 October 2007)
-- Fixed the dynamic CURLOPT_POSTFIELDS problem: this option is now static again
- and option CURLOPT_COPYPOSTFIELDS has been added to support dynamic mode.
-
-Patrick M (12 October 2007)
-- Added per-protocol callback static tables, replacing callback ptr storage
- in the connectdata structure by a single handler table ptr.
-
-Dan F (11 October 2007)
-- Fixed the -l option of runtests.pl
-
-- Added support for skipping tests based on key words.
-
-Daniel S (9 October 2007)
-- Michal Marek removed the no longer existing return codes from the curl.1
- man page.
-
-Daniel S (7 October 2007)
-- Known bug #47, which confused libcurl if doing NTLM auth over a proxy with
- a response that was larger than 16KB is now improved slightly so that now
- the restriction at 16KB is for the headers only and it should be a rare
- situation where the response-headers exceed 16KB. Thus, I consider #47 fixed
- and the header limitation is now known as known bug #48.
-
-Daniel S (5 October 2007)
-- Michael Wallner made the CULROPT_COOKIELIST option support a new magic
- string: "FLUSH". Using that will cause libcurl to flush its cookies to the
- CURLOPT_COOKIEJAR file.
-
-- The new file docs/libcurl/ABI describes how we view ABI breakages, soname
- bumps and what the version number's significance to all that is.
-
-Daniel S (4 October 2007)
-- I enabled test 1009 and made the --local-port use a wide range to reduce the
- risk of failures.
-
-- Kim Rinnewitz reported that --local-port didn't work with TFTP transfers.
- This happened because the tftp code always uncondionally did a bind()
- without caring if one already had been done and then it failed. I wrote a
- test case (1009) to verify this, but it is a bit error-prone since it will
- have to pick a fixed local port number and since the tests are run on so
- many different hosts in different situations I'll add it in disabled state.
-
-Yang Tse (3 October 2007)
-- Fixed issue related with the use of ares_timeout() result.
-
-Daniel S (3 October 2007)
-- Alexey Pesternikov introduced CURLOPT_OPENSOCKETFUNCTION and
- CURLOPT_OPENSOCKETDATA to set a callback that allows an application to
- replace the socket() call used by libcurl. It basically allows the app to
- change address, protocol or whatever of the socket.
-
-- I renamed the CURLE_SSL_PEER_CERTIFICATE error code to
- CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made
- this return code get used by the previous SSH MD5 fingerprint check in case
- it fails.
-
-- Based on a patch brought by Johnny Luong, libcurl now offers
- CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both
- make the SCP or SFTP connection verify the remote host's md5 checksum of the
- public key before doing a connect, to reduce the risk of a man-in-the-middle
- attack.
-
-Daniel S (2 October 2007)
-- libcurl now handles chunked-encoded CONNECT responses
-
-Daniel S (1 October 2007)
-- Alex Fishman reported a curl_easy_escape() problem that was made the
- function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a
- signed / unsigned mistake in the code. I fixed it and added test case 543 to
- verify.
-
-Daniel S (29 September 2007)
-- Immanuel Gregoire fixed a problem with persistent transfers over SFTP.
-
-Daniel S (28 September 2007)
-- Adapted the c-ares code to the API change c-ares 1.5.0 brings in the
- notifier callback(s).
-
-Dan F (26 September 2007)
-- Enabled a few more gcc warnings with --enable-debug. Renamed a few
- variables to avoid shadowing global declarations.
-
-Daniel S (26 September 2007)
-- Philip Langdale provided the new CURLOPT_POST301 option for
- curl_easy_setopt() that alters how libcurl functions when following
- redirects. It makes libcurl obey the RFC2616 when a 301 response is received
- after a non-GET request is made. Default libcurl behaviour is to change
- method to GET in the subsequent request (like it does for response code 302
- - because that's what many/most browsers do), but with this CURLOPT_POST301
- option enabled it will do what the spec says and do the next request using
- the same method again. I.e keep POST after 301.
-
- The curl tool got this option as --post301
-
- Test case 1011 and 1012 were added to verify.
-
-- Max Katsev reported that when doing a libcurl FTP request with
- CURLOPT_NOBODY enabled but not CURLOPT_HEADER, libcurl wouldn't do TYPE
- before it does SIZE which makes it less useful. I walked over the code and
- made it do this properly, and added test case 542 to verify it.
-
-Daniel S (24 September 2007)
-- Immanuel Gregoire fixed KNOWN_BUGS #44: --ftp-method nocwd did not handle
- URLs ending with a slash properly (it should list the contents of that
- directory). Test case 351 brought back and also test 1010 was added.
-
-Daniel S (21 September 2007)
-- Mark Davies fixed Negotiate authentication over proxy, and also introduced
- the --proxy-negotiate command line option to allow a user to explicitly
- select it.
-
-Daniel S (19 September 2007)
-- Rob Crittenden provided an NSS update with the following highlights:
-
- o It looks for the NSS database first in the environment variable SSL_DIR,
- then in /etc/pki/nssdb, then it initializes with no database if neither of
- those exist.
-
- o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be
- loaded, including the ca-bundle. If it is not available then only
- certificates already in the NSS database are used.
-
- o Tries to detect whether a file or nickname is being passed in so the right
- thing is done
-
- o Added a bit of code to make the output more like the OpenSSL module,
- including displaying the certificate information when connecting in
- verbose mode
-
- o Improved handling of certificate errors (expired, untrusted, etc)
-
- The libnsspem.so PKCS#11 module is currently only available in Fedora
- 8/rawhide. Work will be done soon to upstream it. The NSS module will work
- with or without it, all that changes is the source of the certificates and
- keys.
-
-Daniel S (18 September 2007)
-- Immanuel Gregoire pointed out that public key SSH auth failed if no
- public/private key was specified and there was no HOME environment variable,
- and then it didn't continue to try the other auth methods. Now it will
- instead try to get the files id_dsa.pub and id_dsa from the current
- directory if none of the two conditions were met.
-
-Dan F (17 September 2007)
-- Added hooks to the test suite to make it possible to test a curl running
- on a remote host.
-
-- Changed some FTP tests to validate the format of the PORT and EPRT commands
- sent by curl, if not the addresses themselves.
-
-Daniel S (15 September 2007)
-- Michal Marek made libcurl automatically append ";type=<a|i>" when using HTTP
- proxies for FTP urls.
-
-- G�nter Knauf fixed LDAP builds in the Windows makefiles and fixed LDAPv3
- support on Windows.
-
-Dan F (13 September 2007)
-- Added LDAPS, SCP and SFTP to curl-config --protocols. Removed and
- fixed some AC_SUBST configure entries.
-
-Version 7.17.0 (13 September 2007)
-
-Daniel S (12 September 2007)
-- Bug report #1792649 (https://curl.haxx.se/bug/view.cgi?id=1792649) pointed
- out a problem with doing an empty upload over FTP on a re-used connection.
- I added test case 541 to reproduce it and to verify the fix.
-
-- I noticed while writing test 541 that the FTP code wrongly did a CWD on the
- second transfer as it didn't store and remember the "" path from the
- previous transfer so it would instead CWD to the entry path as stored. This
- worked, but did a superfluous command. Thus, test case 541 now also verifies
- this fix.
-
-Dan F (5 September 2007)
-- Added test case 1007 to test permission problem when uploading with TFTP
- (to validate bug #1790403).
-
-- TFTP now reports the "not defined" TFTP error code 0 as an error,
- not success.
-
-Daniel S (5 September 2007)
-- Continued the work on a fix for #1779054
- (https://curl.haxx.se/bug/view.cgi?id=1779054). My previous fix from August
- 24 was not complete (either) but could accidentally "forget" parts of a
- server response which led to faulty server response time-out errors.
-
-Dan F (5 September 2007)
-- Minix doesn't support getsockopt on UDP sockets or send/recv on TCP
- sockets.
-
-Dan F (31 August 2007)
-- Made some of the error strings returned by the *strerror functions more
- generic, and more consistent with each other.
-
-- Renamed the curl_ftpssl enum to curl_usessl and its enumerated constants,
- creating macros for backward compatibility:
-
- CURLFTPSSL_NONE => CURLUSESSL_NONE
- CURLFTPSSL_TRY => CURLUSESSL_TRY
- CURLFTPSSL_CONTROL => CURLUSESSL_CONTROL
- CURLFTPSSL_ALL => CURLUSESSL_ALL
- CURLFTPSSL_LAST => CURLUSESSL_LAST
-
-Dan F (30 August 2007)
-- Renamed several libcurl error codes and options to make them more general
- and allow reuse by multiple protocols. Several unused error codes were
- removed. In all cases, macros were added to preserve source (and binary)
- compatibility with the old names. These macros are subject to removal at
- a future date, but probably not before 2009. An application can be
- tested to see if it is using any obsolete code by compiling it with the
- CURL_NO_OLDIES macro defined.
-
- The following unused error codes were removed:
-
- CURLE_BAD_CALLING_ORDER
- CURLE_BAD_PASSWORD_ENTERED
- CURLE_FTP_CANT_RECONNECT
- CURLE_FTP_COULDNT_GET_SIZE
- CURLE_FTP_COULDNT_SET_ASCII
- CURLE_FTP_USER_PASSWORD_INCORRECT
- CURLE_FTP_WEIRD_USER_REPLY
- CURLE_FTP_WRITE_ERROR
- CURLE_LIBRARY_NOT_FOUND
- CURLE_MALFORMAT_USER
- CURLE_OBSOLETE
- CURLE_SHARE_IN_USE
- CURLE_URL_MALFORMAT_USER
-
- The following error codes were renamed:
-
- CURLE_FTP_ACCESS_DENIED => CURLE_REMOTE_ACCESS_DENIED
- CURLE_FTP_COULDNT_SET_BINARY => CURLE_FTP_COULDNT_SET_TYPE
- CURLE_FTP_SSL_FAILED => CURLE_USE_SSL_FAILED
- CURLE_FTP_QUOTE_ERROR => CURLE_QUOTE_ERROR
- CURLE_TFTP_DISKFULL => CURLE_REMOTE_DISK_FULL
- CURLE_TFTP_EXISTS => CURLE_REMOTE_FILE_EXISTS
- CURLE_HTTP_RANGE_ERROR => CURLE_RANGE_ERROR
-
- The following options were renamed:
-
- CURLOPT_SSLKEYPASSWD => CURLOPT_KEYPASSWD
- CURLOPT_FTPAPPEND => CURLOPT_APPEND
- CURLOPT_FTPLISTONLY => CURLOPT_DIRLISTONLY
- CURLOPT_FTP_SSL => CURLOPT_USE_SSL
-
- A few more changes will take place with the next SONAME bump of the
- library. These are documented in docs/TODO
-
-- Documented some newer error codes in libcurl-error(3)
-
-- Added more accurate error code returns from SFTP operations. Added test
- case 615 to test an SFTP upload failure.
-
-Dan F (28 August 2007)
-- Some minor internal type and const changes based on a splint scan.
-
-Daniel S (24 August 2007)
-- Bug report #1779054 (https://curl.haxx.se/bug/view.cgi?id=1779054) pointed
- out that libcurl didn't deal with large responses from server commands, when
- the single response was consisting of multiple lines but of a total size of
- 16KB or more. Dan Fandrich improved the ftp test script and provided test
- case 1006 to repeat the problem, and I fixed the code to make sure this new
- test case runs fine.
-
-Patrick M (23 August 2007)
-- OS/400 port: new files lib/config-os400.h lib/setup-os400.h packages/OS400/*.
- See packages/OS400/README.OS400.
-
-Daniel S (23 August 2007)
-- Bug report #1779751 (https://curl.haxx.se/bug/view.cgi?id=1779751) pointed
- out that doing first a file:// upload and then an FTP upload crashed libcurl
- or at best caused furious valgrind complaints. Fixed now!
-
-Daniel S (22 August 2007)
-- Bug report #1779054 (https://curl.haxx.se/bug/view.cgi?id=1779054) pointed
- out that libcurl didn't deal with very long (>16K) FTP server response lines
- properly. Starting now, libcurl will chop them off (thus the client app will
- not get the full line) but survive and deal with them fine otherwise. Test
- case 1003 was added to verify this.
-
-Daniel S (20 August 2007)
-- Based on a patch by Christian Vogt, the FTP code now sets the upcoming
- download transfer size much earlier to be possible to get read with
- CURLINFO_CONTENT_LENGTH_DOWNLOAD as soon as possible. This is very much in a
- similar spirit to the HTTP size change from August 11 2007.
-
-Daniel S (18 August 2007)
-- Robson Braga Araujo filed bug report #1776232
- (https://curl.haxx.se/bug/view.cgi?id=1776232) about libcurl calling
- Curl_client_write(), passing on a const string that the caller may not
- modify and yet it does (on some platforms).
-
-- Robson Braga Araujo filed bug report #1776235
- (https://curl.haxx.se/bug/view.cgi?id=1776235) about ftp requests with NOBODY
- on a directory would do a "SIZE (null)" request. This is now fixed and test
- case 1000 was added to verify.
-
-Daniel S (17 August 2007)
-- Song Ma provided a patch that cures a problem libcurl has when doing resume
- HTTP PUT using Digest authentication. Test case 5320 and 5322 were also
- added to verify the functionality.
-
-Daniel S (14 August 2007)
-- Andrew Wansink provided an NTLM bugfix: in the case the server sets the flag
- NTLMFLAG_NEGOTIATE_UNICODE, we need to filter it off because libcurl doesn't
- UNICODE encode the strings it packs into the NTLM authenticate packet.
-
-Daniel S (11 August 2007)
-- Allen Pulsifer provided a patch that makes libcurl set the expected download
- size earlier when doing HTTP downloads, so that applications and the
- progress meter etc know get the info earlier in the flow than before.
-
-- Patrick Monnerat modified the LDAP code and approach in curl. Starting now,
- the configure script checks for openldap and friends and we link with those
- libs just like we link all other third party libraries, and we no longer
- dlopen() those libraries. Our private header file lib/ldap.h was renamed to
- lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix)
- just before this commit, just in case.
-
-Dan F (8 August 2007)
-- Song Ma noted a zlib memory leak in the illegal compressed header
- countermeasures code path.
-
-Daniel S (4 August 2007)
-- Patrick Monnerat fixed curl_easy_escape() and curlx_strtoll() to work on
- non-ASCII systems.
-
-Daniel S (3 August 2007)
-- I cut out support for libssh2 versions older than 0.16 to make our code a
- lot simpler, and to avoid getting trouble with the LIBSSH2_APINO define
- that 1) didn't work properly since it was >32 bits and 2) is removed in
- libssh2 0.16...
-
-Daniel S (2 August 2007)
-- Scott Cantor filed bug report #1766320
- (https://curl.haxx.se/bug/view.cgi?id=1766320) pointing out that the libcurl
- code accessed two curl_easy_setopt() options (CURLOPT_DNS_CACHE_TIMEOUT and
- CURLOPT_DNS_USE_GLOBAL_CACHE) as ints even though they're documented to be
- passed in as longs, and that makes a difference on 64 bit architectures.
-
-- Dmitriy Sergeyev reported a regression: resumed file:// transfers broke
- after 7.16.2. This is much due to the different treatment file:// gets
- internally, but now I added test 231 to make it less likely to happen again
- without us noticing!
-
-Daniel S (1 August 2007)
-- Patrick Monnerat and I modified libcurl so that now it *copies* all strings
- passed to it with curl_easy_setopt()! Previously it has always just refered
- to the data, forcing the user to keep the data around until libcurl is done
- with it. That is now history and libcurl will instead clone the given
- strings and keep private copies. This is also part of Patrick Monnerat's
- OS/400 port.
-
- Due to this being a somewhat interesting change API wise, I've decided to
- bump the version of the upcoming release to 7.17.0. Older applications will
- of course not notice this change nor do they have to care, but new
- applications can be written to take advantage of this.
-
-- Greg Morse reported a problem with POSTing using ANYAUTH to a server
- requiring NTLM, and he provided test code and a test server and we worked
- out a bug fix. We failed to count sent body data at times, which then caused
- internal confusions when libcurl tried to send the rest of the data in order
- to maintain the same connection alive.
-
-Daniel S (31 July 2007)
-- Peter O'Gorman pointed out (and fixed) that the non-blocking check in
- configure made libcurl use blocking sockets on AIX 4 and 5, while that
- wasn't the intention.
-
-Daniel S (29 July 2007)
-- Jayesh A Shah filed bug report #1759542
- (https://curl.haxx.se/bug/view.cgi?id=1759542) identifying a rather serious
- problem with FTPS: libcurl closed the data connection socket and then later
- in the flow it would call the SSL layer to do SSL shutdown which then would
- use a socket that had already been closed - so if the application had opened
- a new one in the mean time, libcurl could send gibberish that way! I worked
- with Greg Zavertnik to properly diagnose and fix this. The fix affects code
- for all SSL libraries we support, but it has only been truly verified to
- work fine for the OpenSSL version. The others have only been code reviewed.
-
-Daniel S (23 July 2007)
-- Implemented the parts of Patrick Monnerat's OS/400 patch that introduces
- support for the OS/400 Secure Sockets Layer library.
-
-Dan F (23 July 2007)
-- Implemented only the parts of Patrick Monnerat's OS/400 patch that renamed
- some few internal identifiers to avoid conflicts, which could be useful on
- other platforms.
-
-Daniel S (22 July 2007)
-- HTTP Digest bug fix by Chris Flerackers:
-
- Scenario
-
- - Perfoming a POST request with body
- - With authentication (only Digest)
- - Re-using a connection
-
- libcurl would send a HTTP POST with an Authorization header but without
- body. Our server would return 400 Bad Request in that case (because
- authentication passed, but the body was empty).
-
- Cause
-
- 1) http_digest.c -> Curl_output_digest
- - Updates allocptr.userpwd/allocptr.proxyuserpwd *only* if d->nonce is
- filled in (and no errors)
- - authp->done = TRUE if d->nonce is filled in
- 2) http.c -> Curl_http
- - *Always* uses allocptr.userpwd/allocptr.proxyuserpwd if not NULL
- 3) http.c -> Curl_http, Curl_http_output_auth
-
- So what happens is that Curl_output_digest cannot yet update the
- Authorization header (allocptr.userpwd) which results in authhost->done=0 ->
- authhost->multi=1 -> conn->bits.authneg = TRUE. The body is not
- added. *However*, allocptr.userpwd is still used when building the request
-
-- Added test case 354 that makes a simple FTP retrieval without password, which
- verifies the bug fix in #1757328.
-
-Daniel S (21 July 2007)
-- To allow more flexibility in FTP test cases, I've removed the enforced states
- from the test server code as they served no real purpose. The test server
- is here to serve for the test cases, not to attempt to function as a real
- server! While at it, I modified test case 141 to better test and verify
- curl -I on a single FTP file.
-
-Daniel S (20 July 2007)
-- James Housley fixed the SFTP PWD command to work.
-
-- Ralf S. Engelschall filed bug report #1757328
- (https://curl.haxx.se/bug/view.cgi?id=1757328) and submitted a patch. It
- turns out we broke login to FTP servers that don't require (nor understand)
- PASS after the USER command. The breakage was done as part of the krb5
- commit so a krb-using person needs to verify that the current version now
- works or if we need to fix it (in a different way of course).
-
-Dan F (17 July 2007)
-- Fixed test cases 613 and 614 by improving the log postprocessor to handle
- a new directory listing format that newer libssh2's can provide. This
- is probably NOT sufficient to handle all directory listing formats that
- server's can provide, and should be revisited.
-
-Daniel S (17 July 2007)
-- Daniel Johnson fixed a bug in how libssh2_session_last_error() was used, in
- two places.
-
-- Jofell Gallardo posted a libcurl log using FTP that exposed a bug which made
- a control connection that was deemed "dead" to yet be re-used in a following
- request.
-
-Daniel S (13 July 2007)
-- Colin Hogben filed bug report #1750274
- (https://curl.haxx.se/bug/view.cgi?id=1750274) and submitted a patch for the
- case where libcurl did a connect attempt to a non-listening port and didn't
- provide a human readable error string back.
-
-- Daniel Cater fixes:
- 1 - made 'make vc8' work on windows.
- 2 - made libcurl itself built with CURL_NO_OLDIES defined (which doesn't
- define the symbols for backwards source compatibility)
- 3 - updated libcurl-errors.3
- 4 - added CURL_DISABLE_TFTP to docs/INSTALL
-
-Daniel S (12 July 2007)
-- Made the krb5 code build with Heimdal's GSSAPI lib.
-
-Dan F (12 July 2007)
-- Compile most of the example apps in docs/examples when doing a 'make check'.
- Fixed some compile warnings and errors in those examples.
-
-- Removed the example program ftp3rdparty.c since libcurl doesn't support
- 3rd party FTP transfers any longer.
-
-Daniel S (12 July 2007)
-- Shmulik Regev found an (albeit rare) case where the proxy CONNECT operation
- could in fact get stuck in an endless loop.
-
-- Made CURLOPT_SSL_VERIFYHOST set to 1 acts as described in the documentation:
- fail to connect if there is no Common Name field found in the remote cert.
- We should deprecate the support for this set to 1 anyway soon, since the
- feature is pointless and most likely never really used by anyone.
-
-Daniel S (11 July 2007)
-- Shmulik Regev fixed a bug with transfer-encoding skipping during the 407
- error pages for proxy authentication.
-
-- Giancarlo Formicuccia reported and fixed a problem with a closed connection
- to a proxy during CONNECT auth negotiation.
-
-Dan F (10 July 2007)
-- Fixed a curl memory leak reported by Song Ma with a modified version
- of the patch he suggested. Added his test case as test289 to verify.
-
-- Force the time zone to GMT in the cookie tests in case the user is
- using one of the so-called 'right' time zones that take into account
- leap seconds, which causes the tests to fail (as reported by
- Daniel Black in bug report #1745964).
-
-Version 7.16.4 (10 July 2007)
-
-Daniel S (10 July 2007)
-- Kees Cook notified us about a security flaw
- (https://curl.haxx.se/docs/adv_20070710.html) in which libcurl failed to
- properly reject some outdated or not yet valid server certificates when
- built with GnuTLS. Kees also provided the patch.
-
-James H (5 July 2007)
-- Gavrie Philipson provided a patch that will use a more specific error
- message for an scp:// upload failure. If libssh2 has his matching
- patch, then the error message return by the server will be used instead
- of a more generic error.
-
-Daniel S (1 July 2007)
-- Thomas J. Moore provided a patch that introduces Kerberos5 support in
- libcurl. This also makes the options change name to --krb (from --krb4) and
- CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still
-
-- Song Ma helped me verify and extend a fix for doing FTP over a SOCKS4/5
- proxy.
-
-Daniel S (27 June 2007)
-- James Housley: Add two new options for the SFTP/SCP/FILE protocols:
- CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS. These control the
- premissions for files and directories created on the remote
- server. CURLOPT_NEW_FILE_PERMS defaults to 0644 and
- CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755
-
-- I corrected the 10-at-a-time.c example and applied a patch for it by James
- Bursa.
-
-Daniel S (26 June 2007)
-- Robert Iakobashvili re-arranged the internal hash code to work with a custom
- hash function for different hashes, and also expanded the default size for
- the socket hash table used in multi handles to greatly enhance speed when
- very many connections are added and the socket API is used.
-
-- James Housley made the CURLOPT_FTPLISTONLY mode work for SFTP directory
- listings as well
-
-Daniel S (25 June 2007)
-- Adjusted how libcurl treats HTTP 1.1 responses without content-lenth or
- chunked encoding (that also lacks "Connection: close"). It now simply
- assumes that the connection WILL be closed to signal the end, as that is how
- RFC2616 section 4.4 point #5 says we should behave.
-
-Version 7.16.3 (25 June 2007)
-
-Daniel S (23 June 2007)
-- As reported by "Tro" in https://curl.haxx.se/mail/lib-2007-06/0161.html and
- https://curl.haxx.se/mail/lib-2007-06/0238.html, libcurl didn't properly do
- no-body requests on FTP files on re-used connections properly, or at least
- it didn't provide the info back in the header callback properly in the
- subsequent requests.
-
-Daniel S (21 June 2007)
-- Gerrit Bruchh�user pointed out a warning that the Intel(R) Thread Checker
- tool reports and it was indeed a legitimate one and it is one fixed. It was
- a use of a share without doing the proper locking first.
-
-Daniel S (20 June 2007)
-- Adam Piggott filed bug report #1740263
- (https://curl.haxx.se/bug/view.cgi?id=1740263). Adam discovered that when
- getting a large amount of URLs with curl, they were fetched slower and
- slower... which turned out to be because the --libcurl data collecting which
- wrongly always was enabled, but no longer is...
-
-Daniel S (18 June 2007)
-- Robson Braga Araujo filed bug report #1739100
- (https://curl.haxx.se/bug/view.cgi?id=1739100) that mentioned that libcurl
- could not actually list the contents of the root directory of a given FTP
- server if the login directory isn't root. I fixed the problem and added
- three test cases (one is disabled for now since I identified KNOWN_BUGS #44,
- we cannot use --ftp-method nocwd and list ftp directories).
-
-Daniel S (14 June 2007)
-- Shmulik Regev:
-
- I've encountered (and hopefully fixed) a problem involving proxy CONNECT
- requests and easy handles state management. The problem isn't simple to
- reproduce since it depends on socket state. It only manifests itself when
- working with non-blocking sockets.
-
- Here is the scenario:
-
- 1. in multi_runsingle the easy handle is in the CURLM_STATE_WAITCONNECT and
- calls Curl_protocol_connect
-
- 2. in Curl_proxyCONNECT, line 1247, if the socket isn't ready the function
- returns and conn->bits.tunnel_connecting is TRUE
-
- 3. when the call to Curl_protocol_connect returns the protocol_connect flag
- is false and the easy state is changed to CURLM_STATE_PROTOCONNECT which
- isn't correct if a proxy is used. Rather CURLM_STATE_WAITPROXYCONNECT
- should be used.
-
- I discovered this while performing an HTTPS request through a proxy (squid)
- on my local network. The problem caused openssl to fail as it read the proxy
- response to the CONNECT call ('HTTP/1.0 Established') rather than the SSL
- handshake (the exact openssl error was 'wrong ssl version' but this isn't
- very important)
-
-- Dave Vasilevsky filed bug report #1736875
- (https://curl.haxx.se/bug/view.cgi?id=1736875) almost simultanouesly as Dan
- Fandrich mentioned a related build problem on the libcurl mailing list:
- https://curl.haxx.se/mail/lib-2007-06/0131.html. Both problems had the same
- reason: the definitions of the POLL* defines and the pollfd struct in the
- libcurl code was depending on HAVE_POLL instead of HAVE_SYS_POLL_H.
-
-Daniel S (13 June 2007)
-- Tom Regner provided a patch and worked together with James Housley, so now
- CURLOPT_FTP_CREATE_MISSING_DIRS works for SFTP connections as well as FTP
- ones.
-
-- Rich Rauenzahn filed bug report #1733119
- (https://curl.haxx.se/bug/view.cgi?id=1733119) and we collaborated on the
- fix. The problem is that for 64bit HPUX builds, several socket-related
- functions would still assume int (32 bit) arguments and not socklen_t (64
- bit) ones.
-
-Daniel S (12 June 2007)
-- James Housley brought his revamped SSH code that is state-machine driven to
- really take advantage of the now totally non-blocking libssh2 (in CVS).
-
-Dan F (8 June 2007)
-- Incorporated Daniel Black's test706 and test707 SOCKS test cases.
-
-- Fixed a few problems when starting the SOCKS server.
-
-- Reverted some recent changes to runtests.pl that weren't compatible with
- perl 5.0.
-
-- Fixed the test harness so that it actually kills the ssh being used as
- the SOCKS server.
-
-Daniel S (6 June 2007)
-- -s/--silent can now be used to toggle off the silence again if used a second
- time.
-
-Daniel S (5 June 2007)
-- Added Daniel Black's work that adds the first few SOCKS test cases. I also
- fixed two minor SOCKS problems to make the test cases run fine.
-
-Daniel S (31 May 2007)
-- Feng Tu made (lib)curl support "upload" resuming work for file:// URLs.
-
-Daniel S (30 May 2007)
-- I modified the 10-at-a-time.c example to transfer 500 downloads in parallel
- with a c-ares enabled build only to find that it crashed miserably, and this
- was due to some select()isms left in the code. This was due to API
- restrictions in c-ares 1.3.x, but with the upcoming c-ares 1.4.0 this is no
- longer the case so now libcurl runs much better with c-ares and the multi
- interface with > 1024 file descriptors in use.
-
- Extra note: starting now we require c-ares 1.4.0 for asynchronous name
- resolves.
-
-- Added CURLMOPT_MAXCONNECTS which is a curl_multi_setopt() option for setting
- the maximum size of the connection cache maximum size of the multi handle.
-
-Daniel S (27 May 2007)
-- When working with a problem Stefan Becker had, I found an off-by-one buffer
- overwrite in Curl_select(). While fixing it, I also improved its performance
- somewhat by changing calloc to malloc and breaking out of a loop earlier
- (when possible).
-
-Daniel S (25 May 2007)
-- Rob Crittenden fixed bug #1705802
- (https://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
- Black identifying several FTP-SSL test cases fail when we build libcurl with
- NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.
-
-Daniel S (24 May 2007)
-- Song Ma filed bug report #1724016
- (https://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading
- glob-ranges for TFTP was broken in CVS. Fixed now.
-
-- 'mytx' in bug report #1723194 (https://curl.haxx.se/bug/view.cgi?id=1723194)
- pointed out that the warnf() function in the curl tool didn't properly deal
- with the cases when excessively long words were used in the string to chop
- up.
-
-Daniel S (22 May 2007)
-- Andre Guibert de Bruet fixed a memory leak in the function that verifies the
- peer's name in the SSL certificate when built for OpenSSL. The leak happens
- for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
- name from UTF8. He also fixed a leak when PKCS #12 parsing failed.
-
-Daniel S (18 May 2007)
-- Feng Tu reported that curl -w did wrong on TFTP transfers in bug report
- #1715394 (https://curl.haxx.se/bug/view.cgi?id=1715394), and the
- transfer-related info "variables" were indeed overwritten with zeroes
- wrongly and have now been adjusted. The upload size still isn't accurate.
-
-Daniel S (17 May 2007)
-- Feng Tu pointed out a division by zero error in the TFTP connect timeout
- code for timeouts less than five seconds, and also provided a fix for it.
- Bug report #1715392 (https://curl.haxx.se/bug/view.cgi?id=1715392)
-
-Dan F (16 May 2007)
-- Added support for compiling under Minix 3.1.3 using ACK.
-
-Dan F (14 May 2007)
-- Added SFTP directory listing test case 613.
-
-- Added support for quote commands before a transfer using SFTP and test
- case 614.
-
-- Changed the post-quote commands to occur after the transferred file is
- closed.
-
-- Allow SFTP quote commands chmod, chown, chgrp to set a value of 0.
-
-Dan F (9 May 2007)
-- Kristian Gunstone fixed a problem where overwriting an uploaded file with
- sftp didn't truncate it first, which would corrupt the file if the new
- file was shorter than the old.
-
-Dan F (8 May 2007)
-- Added FTPS test cases 406 and 407
-
-Daniel S (8 May 2007)
-- CURLE_FTP_COULDNT_STOR_FILE is now known as CURLE_UPLOAD_FAILED. This is
- because I just made SCP uploads return this value if the file size of
- the upload file isn't given with CURLOPT_INFILESIZE*. Docs updated to
- reflect this news, and a define for the old name was added to the public
- header file.
-
-Daniel S (7 May 2007)
-- James Bursa fixed a bug in the multi handle code that made the connection
- cache grow a bit too much, beyond the normal 4 * easy_handles.
-
-Daniel S (2 May 2007)
-- Anders Gustafsson remarked that requiring CURLOPT_HTTP_VERSION set to 1.0
- when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is
- not very nice if the client wants to be able to use _either_ a HTTP 1.1
- server or one within the aliases list... so starting now, libcurl will
- simply consider 200-alias matches the to be HTTP 1.0 compliant.
-
-- Tobias Rundstr�m reported a problem they experienced with xmms2 and recent
- libcurls, which turned out to be the 25-nov-2006 change which treats HTTP
- responses without Content-Length or chunked encoding as without bodies. We
- now added the conditional that the above mentioned response is only without
- body if the response is HTTP 1.1.
-
-- Jeff Pohlmeyer improved the hiperfifo.c example to use the
- CURLMOPT_TIMERFUNCTION callback option.
-
-- Set the timeout for easy handles to expire really soon after addition or
- when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform,
- to make applications using only curl_multi_socket() to properly function
- when adding easy handles "on the fly". Bug report and test app provided by
- Michael Wallner.
-
-Dan F (30 April 2007)
-- Improved the test harness to allow running test servers on other than
- the default port numbers, allowing more than one test suite to run
- simultaneously on the same host.
-
-Daniel S (28 April 2007)
-- Peter O'Gorman fixed libcurl to not init GnuTLS as early as we did before,
- since it then inits libgcrypt and libgcrypt is being evil and EXITS the
- application if it fails to get a fine random seed. That's really not a nice
- thing to do by a library.
-
-- Frank Hempel fixed a curl_easy_duphandle() crash on a handle that had
- been removed from a multi handle, and then fixed another flaw that prevented
- curl_easy_duphandle() to work even after the first fix - the handle was
- still marked as using the multi interface.
-
-Daniel S (26 April 2007)
-- Peter O'Gorman found a problem with SCP downloads when the downloaded file
- was 16385 bytes (16K+1) and it turned out we didn't properly always "suck
- out" all data from libssh2. The effect being that libcurl would hang on the
- socket waiting for data when libssh2 had in fact already read it all...
-
-Dan F (25 April 2007)
-- Added support in runtests.pl for "!n" test numbers to disable individual
- tests. Changed -t to only keep log files around when -k is specified,
- to have the same behaviour as without -t.
-
-Daniel S (25 April 2007)
-- Sonia Subramanian brought our attention to a problem that happens if you set
- the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection
- in the connection cache is closed to make room for the new one when you call
- curl_easy_perform(). It would then wrongly free range-related data in the
- connection close funtion.
-
-Yang Tse (25 April 2007)
-- Steve Little fixed compilation on VMS 64-bit mode
-
-Daniel S (24 April 2007)
-- Robert Iakobashvili made the 'master_buffer' get allocated first once it is
- can/will be used as it then makes the common cases save 16KB of data for each
- easy handle that isn't used for pipelining.
-
-Dan F (23 April 2007)
-- Added <postcheck> support to the test harness.
-
-- Added tests 610-612 to test more SFTP post-quote commands.
-
-Daniel S (22 April 2007)
-- Song Ma's warning if -r/--range is given with a "bad" range, also noted in
- the man page now.
-
-- Daniel Black filed bug #1705177
- (https://curl.haxx.se/bug/view.cgi?id=1705177) where --without-ssl
- --with-gnutl outputs a warning about SSL not being enabled even though GnuTLS
- was found and used.
-
-Daniel S (21 April 2007)
-- Daniel Black filed bug #1704675
- (https://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free
- problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on
- closedown after a failure and a bad #ifdef for NSS when closing down SSL.
-
-Yang Tse (20 April 2007)
-- Save one call to curlx_tvnow(), which calls gettimeofday(), in each of
- Curl_socket_ready(), Curl_poll() and Curl_select() when these are called
- with a zero timeout or a timeout value indicating a blocking call should
- be performed.
-
-Daniel S (18 April 2007)
-- James Housley made SFTP uploads use libssh2's non-blocking API
-
-- Prevent the internal progress meter from updating more frequently than once
- per second.
-
-Dan F (17 April 2007)
-- Added test cases 296, 297 and 298 to test --ftp-method handling
-
-Daniel S (16 April 2007)
-- Robert Iakobashvil added curl_multi_socket_action() to libcurl, which is a
- function that deprecates the curl_multi_socket() function. Using the new
- function the application tell libcurl what action that was found in the
- socket that it passes in. This gives a significant performance boost as it
- allows libcurl to avoid a call to poll()/select() for every call to
- curl_multi_socket*().
-
- I added a define in the public curl/multi.h header file that will make your
- existing application automatically use curl_multi_socket_action() instead of
- curl_multi_socket() when you recompile. But of course you'll get better
- performance if you adjust your code manually and actually pass in the
- correct action bitmask to this function.
-
-Daniel S (14 April 2007)
-- Jay Austin added "DH PARAMETERS" to the stunnel.pem certificate for the test
- suite to make stunnel run better in some (most?) environments.
-
-Dan F (13 April 2007)
-- Added test cases 294 and 295 to test --ftp-account handling
-
-- Improved handling of out of memory in ftp.
-
-Yang Tse (13 April 2007)
-- Fix test case 534 which started to fail 2007-04-13 due to the existance
- of a new host on the net with the same silly domain the test was using
- for a host which was supposed not to exist.
-
-Daniel S (12 April 2007)
-- Song Ma found a memory leak in the if2ip code if you pass in an interface
- name longer than the name field of the ifreq struct (typically 6 bytes), as
- then it wouldn't close the used dummy socket. Bug #1698974
- (https://curl.haxx.se/bug/view.cgi?id=1698974)
-
-Version 7.16.2 (11 April 2007)
-
-Yang Tse (10 April 2007)
-- Ravi Pratap provided some fixes for HTTP pipelining
-
-- configure script will ignore --enable-sspi option for non-native Windows.
-
-Daniel S (9 April 2007)
-- Nick Zitzmann did ssh.c cleanups
-
-Daniel S (3 April 2007)
-- Rob Jones fixed better #ifdef'ing for a bunch of #include lines.
-
-Daniel S (2 April 2007)
-- Nick Zitzmann made the CURLOPT_POSTQUOTE option work for SFTP as well. The
- accepted commands are as follows:
-
- chgrp (gid) (path)
- Changes the group ID of the file or directory at (path) to (gid). (gid)
- must be a number.
-
- chmod (perms) (path)
- Changes the permissions of the file or directory at (path) to
- (perms). (perms) must be a number in the format used by the chmod Unix
- command.
-
- chown (uid) (path)
- Changes the user ID of the file or directory at (path) to (uid). (uid)
- must be a number.
-
- ln (source) (dest)
- Creates a symbolic link at (dest) that points to the file located at
- (source).
-
- mkdir (path)
- Creates a new directory at (path).
-
- rename (source) (dest)
- Moves the file or directory at (source) to (dest).
-
- rm (path)
- Deletes the file located at (path).
-
- rmdir (path)
- Deletes the directory located at (path). This command will raise an error
- if the directory is not empty.
-
- symlink (source) (dest)
- Same as ln.
-
-Daniel S (1 April 2007)
-- Robert Iakobashvili made curl_multi_remove_handle() a lot faster when many
- easy handles are added to a multi handle, by avoiding the looping over all
- the handles to find which one to remove.
-
-- Matt Kraai provided a patch that makes curl build on QNX 6 fine again.
-
-Daniel S (31 March 2007)
-- Fixed several minor issues detected by the coverity.com scanner.
-
-- "Pixel" fixed a problem that appeared when you used -f with user+password
- embedded in the URL.
-
-Dan F (29 March 2007)
-- Don't tear down the ftp connection if the maximum filesize was exceeded
- and added tests 290 and 291 to check.
-
-- Added ftps upload and SSL required tests 401 and 402.
-
-- Send an EOF message before closing an SCP channel, as recommended by
- RFC4254. Enable libssh2 tracing when ssh debugging is turned on.
-
-Yang Tse (27 March 2007)
-- Internal function Curl_select() renamed to Curl_socket_ready()
-
- New Internal wrapper function Curl_select() around select (2), it
- uses poll() when a fine poll() is available, so now libcurl can be
- built without select() support at all if a fine poll() is available.
-
-Daniel S (25 March 2007)
-- Daniel Johnson fixed multi code to traverse the easy handle list properly.
- A left-over bug from the February 21 fix.
-
-Dan F (23 March 2007)
-- Added --pubkey option to curl and made --key also work for SCP/SFTP,
- plus made --pass work on an SSH private key as well.
-
-- Changed the test harness to attempt to gracefully shut down servers
- before resorting to the kill -9 hammer.
-
-- Added test harness infrastructure to support scp/sftp tests, using
- OpenSSH as the server.
-
-- Fixed a memory leak when specifying a proxy with a file: URL.
-
-Yang Tse (20 March 2007)
-- Fixed: When a signal was caught awaiting for an event using Curl_select()
- or Curl_poll() with a non-zero timeout both functions would restart the
- specified timeout. This could even lead to the extreme case that if a
- signal arrived with a frecuency lower to the specified timeout neither
- function would ever exit.
-
- Added experimental symbol definition check CURL_ACKNOWLEDGE_EINTR in
- Curl_select() and Curl_poll(). When compiled with CURL_ACKNOWLEDGE_EINTR
- defined both functions will return as soon as a signal is caught. Use it
- at your own risk, all calls to these functions in the library should be
- revisited and checked before fully supporting this feature.
-
-Yang Tse (19 March 2007)
-- Bryan Henderson fixed the progress function so that it can get called more
- frequently allowing same calling frecuency for the client progress callback.
-
-Dan F (15 March 2007)
-- Various memory leaks plugged and NULL pointer fixes made in the ssh code.
-
-Daniel (15 March 2007)
-- Nick made the curl tool accept globbing ranges that only is one number, i.e
- you can now use [1-1] without curl complaining.
-
-Daniel (10 March 2007)
-- Eygene Ryabinkin:
-
- The problem is the following: when we're calling Curl_done and it decides to
- keep the connection opened ('left intact'), then the caller is not notified
- that the connection was done via the NULLifying of the pointer, so some easy
- handle is keeping the pointer to this connection.
-
- Later ConnectionExists can select such connection for reuse even if we're
- not pipelining: pipeLen is zero, so the (pipeLen > 0 && !canPipeline) is
- false and we can reuse this connection for another easy handle. But thus the
- connection will be shared between two easy handles if the handle that wants
- to take the ownership is not the same as was not notified of the connection
- was done in Curl_done. And when some of these easy handles will get their
- connection really freed the another one will still keep the pointer.
-
- My fix was rather trivial: I just added the NULLification to the 'else'
- branch in the Curl_done. My tests with Git and ElectricFence showed no
- problems both for HTTP pulling and cloning. Repository size is about 250 Mb,
- so it was a considerable amount of Curl's work.
-
-Dan F (9 March 2007)
-- Updated the test harness to add a new "crypto" feature check and updated the
- appropriate test case to use it. For now, this is treated the same as the
- "SSL" feature because curl doesn't list it separately.
-
-Daniel (9 March 2007)
-- Robert Iakobashvili fixed CURLOPT_INTERFACE for IPv6.
-
-- Robert A. Monat improved the maketgz and VC6/8 generating to set the correct
- machine type too.
-
-- Justin Fletcher fixed a file descriptor leak in the curl tool when trying to
- upload a file it couldn't open. Bug #1676581
- (https://curl.haxx.se/bug/view.cgi?id=1676581)
-
-Dan F (9 March 2007)
-- Updated the test harness to check for protocol support before running each
- test, fixing KNOWN_BUGS #11.
-
-Dan F (7 March 2007)
-- Reintroduced (after a 3 year hiatus) an FTPS test case (400) into the test
- harness. It is very limited as it supports only ftps:// URLs with
- --ftp-ssl-control specified, which implicitly encrypts the control
- channel but not the data channels. That allows stunnel to be used with
- an unmodified ftp server in exactly the same way that the test https
- server is set up.
-
-Dan F (7 March 2007)
-- Honour --ftp-ssl-control on ftps:// URLs to allow encrypted control and
- unencrypted data connections.
-
-Dan F (6 March 2007)
-- Fixed a couple of improper pointer uses detected by valgrind in test
- cases 181 & 216.
-
-Daniel (2 March 2007)
-- Robert A. Monat and Shmulik Regev helped out to fix the new */Makefile.vc8
- makefiles that are included in the source release archives, generated from
- the Makefile.vc6 files by the maketgz script. I also modified the root
- Makefile to have a VC variable that defaults to vc6 but can be overridden to
- allow it to be used for vc8 as well. Like this:
-
- nmake VC=vc8 vc
-
-Daniel (27 February 2007)
-- Hang Kin Lau found and fixed: When I use libcurl to connect to an https
- server through a proxy and have the remote https server port set using the
- CURLOPT_PORT option, protocol gets reset to http from https after the first
- request.
-
- User defined URL was modified internally by libcurl and subsequent reuse of
- the easy handle may lead to connection using a different protocol (if not
- originally http).
-
- I found that libcurl hardcoded the protocol to "http" when it tries to
- regenerate the URL if CURLOPT_PORT is set. I tried to fix the problem as
- follows and it's working fine so far
-
-Daniel (25 February 2007)
-- Adam D. Moss made the HTTP CONNECT procedure less blocking when used from
- the multi interface. Note that it still does a part of the connection in a
- blocking manner.
-
-Daniel (23 February 2007)
-- Added warning outputs if the command line uses more than one of the options
- -v, --trace and --trace-ascii, since it could really confuse the user.
- Clarified this fact in the man page.
-
-Daniel (21 February 2007)
-- Ravi Pratap provided work on libcurl making pipelining more robust and
- fixing some bugs:
- o Don't mix GET and POST requests in a pipeline
- o Fix the order in which requests are dispatched from the pipeline
- o Fixed several curl bugs with pipelining when the server is returning
- chunked encoding:
- * Added states to chunked parsing for final CRLF
- * Rewind buffer after parsing chunk with data remaining
- * Moved chunked header initializing to a spot just before receiving
- headers
-
-Daniel (20 February 2007)
-- Linus Nielsen Feltzing changed the CURLOPT_FTP_SSL_CCC option to handle
- active and passive CCC shutdown and added the --ftp-ssl-ccc-mode command
- line option.
-
-Daniel (19 February 2007)
-- Ian Turner fixed the libcurl.m4 macro's support for --with-libcurl.
-
-- Shmulik Regev found a memory leak in re-used HTTPS connections, at least
- when the multi interface was used.
-
-- Robson Braga Araujo made passive FTP transfers work with SOCKS (both 4 and
- 5).
-
-Daniel (18 February 2007)
-- Jeff Pohlmeyer identified two problems: first a rather obscure problem with
- the multi interface and connection re-use that could make a
- curl_multi_remove_handle() ruin a pointer in another handle.
-
- The second problem was less of an actual problem but more of minor quirk:
- the re-using of connections wasn't properly checking if the connection was
- marked for closure.
-
-Daniel (16 February 2007)
-- Duncan Mac-Vicar Prett and Michal Marek reported problems with resetting
- CURLOPT_RANGE back to no range on an easy handle when using FTP.
-
-Dan F (14 February 2007)
-- Fixed curl-config --libs so it doesn't list unnecessary libraries (and
- therefore introduce unnecessary dependencies) when it's not needed.
- Also, don't bother adding a library path of /usr/lib
-
-Daniel (13 February 2007)
-- The default password for anonymous FTP connections is now changed to be
- "address@hidden".
-
-- Robert A. Monat made libcurl build fine with VC2005 - it doesn't have
- gmtime_r() like the older VC versions. He also made use of some machine-
- specific defines to differentiate the "OS" define.
-
-Daniel (12 February 2007)
-- Rob Crittenden added support for NSS (Network Security Service) for the
- SSL/TLS layer. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
-
- This is the fourth supported library for TLS/SSL that libcurl supports!
-
-- Shmulik Regev fixed so that the final CRLF of HTTP response headers are sent
- to the debug callback.
-
-- Shmulik Regev added CURLOPT_HTTP_CONTENT_DECODING and
- CURLOPT_HTTP_TRANSFER_DECODING that if set to zero will disable libcurl's
- internal decoding of content or transfer encoded content. This may be
- preferable in cases where you use libcurl for proxy purposes or similar. The
- command line tool got a --raw option to disable both at once.
-
-- release tarballs made with maketgz will from now on have a LIBCURL_TIMESTAMP
- define set to hold the exact date and time of when the tarball was built, as
- a human readable string using the UTC time zone.
-
-- Jeff Pohlmeyer fixed a flaw in curl_multi_add_handle() when adding a handle
- that has an easy handle present in the "closure" list pending closure.
-
-Daniel (6 February 2007)
-- Regular file downloads wiht SFTP and SCP are now done using the non-blocking
- API of libssh2, if the libssh2 headers seem to support them. This will make
- SCP and SFTP much more responsive and better libcurl citizens when used with
- the multi interface etc.
-
-Daniel (5 February 2007)
-- Michael Wallner added support for CURLOPT_TIMEOUT_MS and
- CURLOPT_CONNECTTIMEOUT_MS that, as their names suggest, do the timeouts with
- millisecond resolution. The only restriction to that is the alarm()
- (sometimes) used to abort name resolves as that uses full seconds. I fixed
- the FTP response timeout part of the patch.
-
- Internally we now count and keep the timeouts in milliseconds but it also
- means we multiply set timeouts with 1000. The effect of this is that no
- timeout can be set to more than 2^31 milliseconds (on 32 bit systems), which
- equals 24.86 days. We probably couldn't before either since the code did
- *1000 on the timeout values on several places already.
-
-Daniel (3 February 2007)
-- Yang Tse fixed the cookie expiry date in several test cases that started to
- fail since they used "1 feb 2007"...
-
-- Manfred Schwarb reported that socks5 support was broken and help us pinpoint
- the problem. The code now tries harder to use httproxy and proxy where
- apppropriate, as not all proxies are HTTP...
-
-Version 7.16.1 (29 January 2007)
-
-Daniel (29 January 2007)
-- Michael Wallner reported that when doing a CONNECT with a custom User-Agent
- header, you got _two_ User-Agent headers in the CONNECT request...! Added
- test case 287 to verify the fix.
-
-Daniel (28 January 2007)
-- curl_easy_reset() now resets the CA bundle path correctly.
-
-- David McCreedy fixed the Curl command line tool for HTTP on non-ASCII
- platforms.
-
-Daniel (25 January 2007)
-- Added the --libcurl [file] option to curl. Append this option to any
- ordinary curl command line, and you will get a libcurl-using source code
- written to the file that does the equivalent operation of what your command
- line operation does!
-
-Dan F (24 January 2007)
-- Fixed a dangling pointer problem that prevented the http_proxy environment
- variable from being properly used in many cases (and caused test case 63
- to fail).
-
-Daniel (23 January 2007)
-- David McCreedy did NTLM changes mainly for non-ASCII platforms:
-
- #1
- There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT
- defined. I noticed this while testing various configurations. Line 867 of
- the current http_ntlm.c is a closing bracket for an if/else pair that only
- gets compiled in if USE_NTLM2SESSION is defined. But this closing bracket
- wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was
- defined. Lines 198 and 140 of my patch wraps that closing bracket in an
- #ifdef USE_NTLM2SESSION.
-
- #2
- I noticed several picky compiler warnings when DEBUG_ME is defined. I've
- fixed them with casting. By the way, DEBUG_ME was a huge help in
- understanding this code.
-
- #3
- Hopefully the last non-ASCII conversion patch for libcurl in a while. I
- changed the "NTLMSSP" literal to hex since this signature must always be in
- ASCII.
-
- Conversion code was strategically added where necessary. And the
- Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c
- creates are NOT translated on non-ASCII platforms.
-
-Dan F (22 January 2007)
-- Converted (most of) the test data files into genuine XML. A handful still
- are not, due mainly to the lack of support for XML character entities
- (e.g. & => & ). This will make it easier to validate test files using
- tools like xmllint, as well as to edit and view them using XML tools.
-
-Daniel (16 January 2007)
-- Armel Asselin improved libcurl to behave a lot better when an easy handle
- doing an FTP transfer is removed from a multi handle before completion. The
- fix also fixed the "alive counter" to be correct on "premature removal" for
- all protocols.
-
-Dan F (16 January 2007)
-- Fixed a small memory leak in tftp uploads discovered by curl's memory leak
- detector. Also changed tftp downloads to URL-unescape the downloaded
- file name.
-
-Daniel (14 January 2007)
-- David McCreedy provided libcurl changes for doing HTTP communication on
- non-ASCII platforms. It does add some complexity, most notably with more
- #ifdefs, but I want to see this supported added and I can't see how we can
- add it without the extra stuff added.
-
-- Setting CURLOPT_COOKIELIST to "ALL" when no cookies at all was present,
- libcurl would crash when trying to read a NULL pointer.
-
-Daniel (12 January 2007)
-- Toby Peterson found a nasty bug that prevented (lib)curl from properly
- downloading (most) things that were larger than 4GB on 32 bit systems. Matt
- Witherspoon helped as narrow down the problem.
-
-Daniel (5 January 2007)
-- Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
- curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
- will make libcurl shutdown SSL/TLS after the authentication is done on a
- FTP-SSL operation.
-
-Daniel (4 January 2007)
-- David McCreedy made changes to allow base64 encoding/decoding to work on
- non-ASCII platforms.
-
-Daniel (3 January 2007)
-- Matt Witherspoon fixed the flaw which made libcurl 7.16.0 always store
- downloaded data in two buffers, just to be able to deal with a special HTTP
- pipelining case. That is now only activated for pipelined transfers. In
- Matt's case, it showed as a considerable performance difference,
-
-Daniel (2 January 2007)
-- Victor Snezhko helped us fix bug report #1603712
- (https://curl.haxx.se/bug/view.cgi?id=1603712) (known bug #36) --limit-rate
- (CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE) are broken
- on Windows (since 7.16.0, but that's when they were introduced as previous
- to that the limiting logic was made in the application only and not in the
- library). It was actually also broken on select()-based systems (as apposed
- to poll()) but we haven't had any such reports. We now use select(), Sleep()
- or delay() properly to sleep a while without waiting for anything input or
- output when the rate limiting is activated with the easy interface.
-
-- Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
- to get built static. It has been mentioned before and was again brought to
- our attention by Nathanael Nerode who filed debian bug report #405226
- (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
-
-Daniel (29 December 2006)
-- Make curl_easy_duphandle() set the magic number in the new handle.
-
-Daniel (22 December 2006)
-- Robert Foreman provided a prime example snippet showing how libcurl would
- get confused and not acknowledge the 'no_proxy' variable properly once it
- had used the proxy and you re-used the same easy handle. I made sure the
- proxy name is properly stored in the connect struct rather than the
- sessionhandle/easy struct.
-
-- David McCreedy fixed a bad call to getsockname() that wrongly used a size_t
- variable to point to when it should be a socklen_t.
-
-- When setting a proxy with environment variables and (for example) running
- 'curl [URL]' with a URL without a protocol prefix, curl would not send a
- correct request as it failed to add the protocol prefix.
-
-Daniel (21 December 2006)
-- Robson Braga Araujo reported bug #1618359
- (https://curl.haxx.se/bug/view.cgi?id=1618359) and subsequently provided a
- patch for it: when downloading 2 zero byte files in a row, curl 7.16.0
- enters an infinite loop, while curl 7.16.1-20061218 does one additional
- unnecessary request.
-
- Fix: During the "Major overhaul introducing http pipelining support and
- shared connection cache within the multi handle." change, headerbytecount
- was moved to live in the Curl_transfer_keeper structure. But that structure
- is reset in the Transfer method, losing the information that we had about
- the header size. This patch moves it back to the connectdata struct.
-
-Daniel (16 December 2006)
-- Brendan Jurd provided a fix that now prevents libcurl from getting a SIGPIPE
- during certain conditions when GnuTLS is used.
-
-Daniel (11 December 2006)
-- Alexey Simak found out that when doing FTP with the multi interface and
- something went wrong like it got a bad response code back from the server,
- libcurl would leak memory. Added test case 538 to verify the fix.
-
- I also noted that the connection would get cached in that case, which
- doesn't make sense since it cannot be re-use when the authentication has
- failed. I fixed that issue too at the same time, and also that the path
- would be "remembered" in vain for cases where the connection was about to
- get closed.
-
-Daniel (6 December 2006)
-- Sebastien Willemijns reported bug #1603712
- (https://curl.haxx.se/bug/view.cgi?id=1603712) which is about connections
- getting cut off prematurely when --limit-rate is used. While I found no such
- problems in my tests nor in my reading of the code, I found that the
- --limit-rate code was severly flawed (since it was moved into the lib, since
- 7.15.5) when used with the easy interface and it didn't work as documented
- so I reworked it somewhat and now it works for my tests.
-
-Daniel (5 December 2006)
-- Stefan Krause pointed out a compiler warning with a picky MSCV compiler when
- passing a curl_off_t argument to the Curl_read_rewind() function which takes
- an size_t argument. Curl_read_rewind() also had debug code left in it and it
- was put in a different source file with no good reason when only used from
- one single spot.
-
-- Sh Diao reported that CURLOPT_CLOSEPOLICY doesn't work, and indeed, there is
- no code present in the library that receives the option. Since it was not
- possible to use, we know that no current users exist and thus we simply
- removed it from the docs and made the code always use the default path of
- the code.
-
-- Jared Lundell filed bug report #1604956
- (https://curl.haxx.se/bug/view.cgi?id=1604956) which identified setting
- CURLOPT_MAXCONNECTS to zero caused libcurl to SIGSEGV. Starting now, libcurl
- will always internally use no less than 1 entry in the connection cache.
-
-- Sh Diao reported that CURLOPT_FORBID_REUSE no works, and indeed it broke in
- the 7.16.0 release.
-
-- Martin Skinner brought back bug report #1230118 to haunt us once again.
- (https://curl.haxx.se/bug/view.cgi?id=1230118) curl_getdate() did not work
- properly for all input dates on Windows. It was mostly seen on some TZ time
- zones using DST. Luckily, Martin also provided a fix.
-
-- Alexey Simak filed bug report #1600447
- (https://curl.haxx.se/bug/view.cgi?id=1600447) in which he noted that active
- FTP connections don't work with the multi interface. The problem is here
- that the multi interface state machine has a state during which it can wait
- for the data connection to connect, but the active connection is not done in
- the same step in the sequence as the passive one is so it doesn't quite work
- for active. The active FTP code still use a blocking function to allow the
- remote server to connect.
-
- The fix (work-around is a better word) for this problem is to set the
- boolean prematurely that the data connection is completed, so that the "wait
- for connect" phase ends at once.
-
- The proper fix, left for the future, is of course to make the active FTP
- case to act in a non-blocking way too.
-
-- Matt Witherspoon fixed a problem case when the CPU load went to 100% when a
- HTTP upload was disconnected:
-
- "What appears to be happening is that my system (Linux 2.6.17 and 2.6.13) is
- setting *only* POLLHUP on poll() when the conditions in my previous mail
- occur. As you can see, select.c:Curl_select() does not check for POLLHUP. So
- basically what was happening, is poll() was returning immediately (with
- POLLHUP set), but when Curl_select() looked at the bits, neither POLLERR or
- POLLOUT was set. This still caused Curl_readwrite() to be called, which
- quickly returned. Then the transfer() loop kept continuing at full speed
- forever."
-
-Daniel (1 December 2006)
-- Toon Verwaest reported that there are servers that send the Content-Range:
- header in a third, not suppported by libcurl, format and we agreed that we
- could make the parser more forgiving to accept all the three found
- variations.
-
-Daniel (25 November 2006)
-- Venkat Akella found out that libcurl did not like HTTP responses that simply
- responded with a single status line and no headers nor body. Starting now, a
- HTTP response on a persistent connection (i.e not set to be closed after the
- response has been taken care of) must have Content-Length or chunked
- encoding set, or libcurl will simply assume that there is no body.
-
- To my horror I learned that we had no less than 57(!) test cases that did bad
- HTTP responses like this, and even the test http server (sws) responded badly
- when queried by the test system if it is the test system. So although the
- actual fix for the problem was tiny, going through all the newly failing test
- cases got really painful and boring.
-
-Daniel (24 November 2006)
-- James Housley did lots of work and introduced SFTP downloads.
-
-Daniel (13 November 2006)
-- Ron in bug #1595348 (https://curl.haxx.se/bug/view.cgi?id=1595348) pointed
- out a stack overwrite (and the corresponding fix) on 64bit Windows when
- dealing with HTTP chunked encoding.
-
-Daniel (9 November 2006)
-- Nir Soffer updated libcurl.framework.make:
- o fix symlinks, should link to Versions, not to ./Versions
- o indentation improvments
-
-- Dmitriy Sergeyev found a SIGSEGV with his test04.c example posted on 7 Nov
- 2006. It turned out we wrongly assumed that the connection cache was present
- when tearing down a connection.
-
-- Ciprian Badescu found a SIGSEGV when doing multiple TFTP transfers using the
- multi interface, but I could also repeat it doing multiple sequential ones
- with the easy interface. Using Ciprian's test case, I could fix it.
-
-Daniel (8 November 2006)
-- Bradford Bruce reported that when setting CURLOPT_DEBUGFUNCTION without
- CURLOPT_VERBOSE set to non-zero, you still got a few debug messages from the
- SSL handshake. This is now stopped.
-
-Daniel (7 November 2006)
-- Olaf fixed a leftover problem with the CONNECT fix of his that would leave a
- wrong error message in the error message buffer.
-
-Daniel (3 November 2006)
-- Olaf Stueben provided a patch that I edited slightly. It fixes the notorious
- KNOWN_BUGS #25, which happens when a proxy closes the connection when
- libcurl has sent CONNECT, as part of an authentication negotiation. Starting
- now, libcurl will re-connect accordingly and continue the authentication as
- it should.
-
-Daniel (2 November 2006)
-- James Housley brought support for SCP transfers, based on the libssh2 library
- for the actual network protocol stuff.
-
- Added these new curl_easy_setopt() options:
-
- CURLOPT_SSH_AUTH_TYPES
- CURLOPT_SSH_PUBLIC_KEYFILE
- CURLOPT_SSH_PRIVATE_KEYFILE
-
-Version 7.16.0 (30 October 2006)
-
-Daniel (25 October 2006)
-- Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the
- case when 401 or 407 are returned, *IF* no auth credentials have been given.
- The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401
- and 407 cases when auth credentials is given, but we've now covered this
- somewhat more.
-
- You might get some amounts of headers transferred before this situation is
- detected, like for when a "100-continue" is received as a response to a
- POST/PUT and a 401 or 407 is received immediately afterwards.
-
- Added test 281 to verify this change.
-
-Daniel (23 October 2006)
-- Ravi Pratap provided a major update with pipelining fixes. We also no longer
- re-use connections (for pipelining) before the name resolving is done.
-
-Daniel (21 October 2006)
-- Nir Soffer made the tests/libtest/Makefile.am use a proper variable for all
- the single test applications' link and dependences, so that you easier can
- override those from the command line when using make.
-
-- Armel Asselin separated CA cert verification problems from problems with
- reading the (local) CA cert file to let users easier pinpoint the actual
- problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code.
-
-Daniel (18 October 2006)
-- Removed the "protocol-guessing" for URLs with host names starting with FTPS
- or TELNET since they are practically non-existant. This leaves us with only
- three different prefixes that would assume the protocol is anything but
- HTTP, and they are host names starting with "ftp.", "dict." or "ldap.".
-
-Daniel (17 October 2006)
-- Bug report #1579171 pointed out code flaws detected with "prefast", and they
- were 1 - a too small memory clear with memset() in the threaded resolver and
- 2 - a range of potentially bad uses of the ctype family of is*() functions
- such as isdigit(), isalnum(), isprint() and more. The latter made me switch
- to using our own set of these functions/macros using uppercase letters, and
- with some extra set of crazy typecasts to avoid mistakingly passing in
- negative numbers to the underlying is*() functions.
-
-- With Jeff Pohlmeyer's help, I fixed the expire timer when using
- curl_multi_socket() during name resolves with c-ares and the LOW_SPEED
- options now work fine with curl_multi_socket() as well.
-
-Daniel (16 October 2006)
-- Added a check in configure that simply tries to run a program (not when
- cross-compiling) in order to detect problems with run-time libraries that
- otherwise would occur when the sizeof tests for curl_off_t would run and
- thus be much more confusing to users. The check of course should run after
- all lib-checks are done and before any other test is used that would run an
- executable built for testing-purposes.
-
-Dan F (13 October 2006)
-- The tagging of application/x-www-form-urlencoded POST body data sent
- to the CURLOPT_DEBUGFUNCTION callback has been fixed (it was erroneously
- included as part of the header). A message was also added to the
- command line tool to show when data is being sent, enabled when
- --verbose is used.
-
-Daniel (12 October 2006)
-- Starting now, adding an easy handle to a multi stack that was already added
- to a multi stack will cause CURLM_BAD_EASY_HANDLE to get returned.
-
-- Jeff Pohlmeyer has been working with the hiperfifo.c example source code,
- and while doing so it became apparent that the current timeout system for
- the socket API really was a bit awkward since it become quite some work to
- be sure we have the correct timeout set.
-
- Jeff then provided the new CURLMOPT_TIMERFUNCTION that is yet another
- callback the app can set to get to know when the general timeout time
- changes and thus for an application like hiperfifo.c it makes everything a
- lot easier and nicer. There's a CURLMOPT_TIMERDATA option too of course in
- good old libcurl tradition.
-
- Jeff has also updated the hiperfifo.c example code to use this news.
-
-Daniel (9 October 2006)
-- Bogdan Nicula's second test case (posted Sun, 08 Oct 2006) converted to test
- case 535 and it now runs fine. Again a problem with the pipelining code not
- taking all possible (error) conditions into account.
-
-Daniel (6 October 2006)
-- Bogdan Nicula's hanging test case (posted Wed, 04 Oct 2006) was converted to
- test case 533 and the test now runs fine.
-
-Daniel (4 October 2006)
-- Dmitriy Sergeyev provided an example source code that crashed CVS libcurl
- but that worked nicely in 7.15.5. I converted it into test case 532 and
- fixed the problem.
-
-Daniel (29 September 2006)
-- Removed a few other no-longer present options from the header file.
-
-- Support for FTP third party transfers was removed. Here's why:
-
- o The recent multi interface changes broke it and the design of the 3rd party
- transfers made it very hard to fix the problems
- o It was still blocking and thus nasty for the multi interface
- o It was a lot of extra code for a very rarely used feature
- o It didn't use the same code as for "plain" FTP transfers, so it didn't work
- fine for IPv6 and it didn't properly re-use connections and more
- o There's nobody around who's willing to work on and improve the existing
- code
-
- This does not mean that third party transfers are banned forever, only that
- they need to be done better if they are to be re-added in the future.
-
- The CURLOPT_SOURCE_* options are removed from the lib and so are the --3p*
- options from the command line tool. For this reason, I also bumped the
- version info for the lib.
-
-Daniel (28 September 2006)
-- Reported in #1561470 (https://curl.haxx.se/bug/view.cgi?id=1561470), libcurl
- would crash if a bad function sequence was used when shutting down after
- using the multi interface (i.e using easy_cleanup after multi_cleanup) so
- precautions have been added to make sure it doesn't any more - test case 529
- was added to verify.
-
-Daniel (27 September 2006)
-- The URL in the cookie jar file is now changed since it was giving a 404.
- Reported by Timothy Stone. The new URL will take the visitor to a curl web
- site mirror with the document.
-
-Daniel (24 September 2006)
-- Bernard Leak fixed configure --with-gssapi-libs.
-
-- Cory Nelson made libcurl use the WSAPoll() function if built for Windows
- Vista (_WIN32_WINNT >= 0x0600)
-
-Daniel (23 September 2006)
-- Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
- encrypt the control connection and use the data connection "plain".
-
-- Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better
- as it now will read the full data sent from servers. The SOCKS-related code
- was also moved to the new lib/socks.c source file.
-
-Daniel (21 September 2006)
-- Added test case 531 in an attempt to repeat bug report #1561470
- (https://curl.haxx.se/bug/view.cgi?id=1561470) that is said to crash when an
- FTP upload fails with the multi interface. It did not, but I made a failed
- upload still assume the control connection to be fine.
-
-Daniel (20 September 2006)
-- Armel Asselin fixed problems when you gave a proxy URL with user name and
- empty password or no password at all. Test case 278 and 279 were added to
- verify.
-
-Daniel (12 September 2006)
-- Added docs/examples/10-at-a-time.c by Michael Wallner
-
-- Added docs/examples/hiperfifo.c by Jeff Pohlmeyer
-
-Daniel (11 September 2006)
-- Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a
- handle that is part of a multi handle first removes the handle from the
- stack.
-
-- Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
- session-ID re-use on demand since there obviously are broken servers out
- there that misbehave with session-IDs used.
-
-- Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a
- problem with it (SIGSEGV-style). It clearly showed that the existing
- socket-state and state-difference function wasn't good enough so I rewrote
- it and could then re-run Jeff's program without any crash. The previous
- version clearly could miss to tell the application when a handle changed
- from using one socket to using another.
-
- While I was at it (as I could use this as a means to track this problem
- down), I've now added a 'magic' number to the easy handle struct that is
- inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that
- we can use internally to detect that an easy handle seems to be fine, or at
- least not closed or freed (freeing in debug builds fill the area with 0x13
- bytes but in normal builds we can of course not assume any particular data
- in the freed areas).
-
-Daniel (9 September 2006)
-- Michele Bini fixed how the hostname is put in NTLM packages. As servers
- don't expect fully qualified names we need to cut them off at the first dot.
-
-- Peter Sylvester cleaned up and fixed the getsockname() uses in ftp.c. Some
- of them can be completetly removed though...
-
-Daniel (6 September 2006)
-- Ravi Pratap and I have implemented HTTP Pipelining support. Enable it for a
- multi handle using CURLMOPT_PIPELINING and all HTTP connections done on that
- handle will be attempted to get pipelined instead of done in parallell as
- they are performed otherwise.
-
- As a side-effect from this work, connections are now shared between all easy
- handles within a multi handle, so if you use N easy handles for transfers,
- each of them can pick up and re-use a connection that was previously used by
- any of the handles, be it the same or one of the others.
-
- This separation of the tight relationship between connections and easy
- handles is most noticable when you close easy handles that have been used in
- a multi handle and check amount of used memory or watch the debug output, as
- there are times when libcurl will keep the easy handle around for a while
- longer to be able to close it properly. Like for sending QUIT to close down
- an FTP connection.
-
- This is a major change.
-
-Daniel (4 September 2006)
-- Dmitry Rechkin (https://curl.haxx.se/bug/view.cgi?id=1551412) provided a
- patch that while not fixing things very nicely, it does make the SOCKS5
- proxy connection slightly better as it now acknowledges the timeout for
- connection and it no longer segfaults in the case when SOCKS requires
- authentication and you did not specify username:password.
-
-Daniel (31 August 2006)
-- Dmitriy Sergeyev found and fixed a multi interface flaw when using asynch
- name resolves. It could get stuck in the wrong state.
-
-Gisle (29 August 2006)
-- Added support for other MS-DOS compilers (desides djgpp). All MS-DOS
- compiler now uses the same config.dos file (renamed to config.h by
- make). libcurl now builds fine using Watcom and Metaware's High-C
- using the Watt-32 tcp/ip-stack.
-
-Daniel (29 August 2006)
-- David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to
- allow applications to set their own socket options.
-
-Daniel (25 August 2006)
-- Armel Asselin reported that the 'running_handles' counter wasn't updated
- properly if you removed a "live" handle from a multi handle with
- curl_multi_remove_handle().
-
-Daniel (22 August 2006)
-- David McCreedy fixed a remaining mistake from the August 19 TYPE change.
-
-- Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP
- code when doing pure IPv6 EPRT connections.
-
-Daniel (19 August 2006)
-- Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
- command on subsequent requests on a re-used connection unless it has to.
-
-- Armel Asselin fixed a crash in the FTP code when using SINGLECWD mode and
- files in the root directory.
-
-- Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn't
- send the whole request at once, even though the Expect: header was disabled
- by the application. An effect of this change is also that small (< 1024
- bytes) POSTs are now always sent without Expect: header since we deem it
- more costly to bother about that than the risk that we send the data in
- vain.
-
-Daniel (9 August 2006)
-- Armel Asselin made the CURLOPT_PREQUOTE option work fine even when
- CURLOPT_NOBODY is set true. PREQUOTE is then run roughly at the same place
- in the command sequence as it would have run if there would've been a
- transfer.
-
-Daniel (8 August 2006)
-- Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs
- on a persistent connection and allowed the first to use that header, you
- could not disable it for the second request.
-
-Daniel (7 August 2006)
-- Domenico Andreolfound a quick build error which happened because
- src/config.h.in was not a proper duplcate of lib/config.h.in which it
- should've been and this was due to the maketgz script not doing the cp
- properly.
-
-Version 7.15.5 (7 August 2006)
-
-Daniel (2 August 2006)
-- Mark Lentczner fixed how libcurl was not properly doing chunked encoding
- if the header "Transfer-Encoding: chunked" was set by the application.
- https://curl.haxx.se/bug/view.cgi?id=1531838
-
-Daniel (1 August 2006)
-- Maciej Karpiuk fixed a crash that would occur if we passed Curl_strerror()
- an unknown error number on glibc systems.
- https://curl.haxx.se/bug/view.cgi?id=1532289
-
-Daniel (31 July 2006)
-- *ALERT* curl_multi_socket() and curl_multi_socket_all() got modified
- prototypes: they both now provide the number of running handles back to the
- calling function. It makes the functions resemble the good old
- curl_multi_perform() more and provides a nice way to know when the multi
- handle goes empty.
-
- ALERT2: don't use the curl_multi_socket*() functionality in anything
- production-like until I say it's somewhat settled, as I suspect there might
- be some further API changes before I'm done...
-
-Daniel (28 July 2006)
-- Yves Lejeune fixed so that replacing Content-Type: when doing multipart
- formposts work exactly the way you want it (and the way you'd assume it
- works).
-
-Daniel (27 July 2006)
-- David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both
- control and data connection, as the existing --ftp-ssl option only requests
- it.
-
-- [Hiper-related work] Added a function called curl_multi_assign() that will
- set a private pointer added to the internal libcurl hash table for the
- particular socket passed in to this function:
-
- CURLMcode curl_multi_assign(CURLM *multi_handle,
- curl_socket_t sockfd,
- void *sockp);
-
- 'sockp' being a custom pointer set by the application to be associated with
- this socket. The socket has to be already existing and in-use by libcurl,
- like having already called the callback telling about its existance.
-
- The set hashp pointer will then be passed on to the callback in upcoming
- calls when this same socket is used (in the brand new 'socketp' argument).
-
-Daniel (26 July 2006)
-- Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl
- tool option named --ftp-alternative-to-user. It provides a mean to send a
- particular command if the normal USER/PASS approach fails.
-
-- Michael Jerris added magic that builds lib/curllib.vcproj automatically for
- newer MSVC.
-
-Daniel (25 July 2006)
-- Georg Horn made the transfer timeout error message include more details.
-
-Daniel (20 July 2006)
-- David McCreedy fixed a build error when building libcurl with HTTP disabled,
- problem added with the curl_formget() patch.
-
-Daniel (17 July 2006)
-- Jari Sundell did some excellent research and bug tracking, figured out that
- we did wrong and patched it: When nodes were removed from the splay tree,
- and we didn't properly remove it from the splay tree when an easy handle was
- removed from a multi stack and thus we could wrongly leave a node in the
- splay tree pointing to (bad) memory.
-
-Daniel (14 July 2006)
-- David McCreedy fixed a flaw where the CRLF counter wasn't properly cleared
- for FTP ASCII transfers.
-
-Daniel (8 July 2006)
-- Ates Goral pointed out that libcurl's cookie parser did case insensitive
- string comparisons on the path which is incorrect and provided a patch that
- fixes this. I edited test case 8 to include details that test for this.
-
-- Ingmar Runge provided a source snippet that caused a crash. The reason for
- the crash was that libcurl internally was a bit confused about who owned the
- DNS cache at all times so if you created an easy handle that uses a shared
- DNS cache and added that to a multi handle it would crash. Now we keep more
- careful internal track of exactly what kind of DNS cache each easy handle
- uses: None, Private (allocated for and used only by this single handle),
- Shared (points to a cache held by a shared object), Global (points to the
- global cache) or Multi (points to the cache within the multi handle that is
- automatically shared between all easy handles that are added with private
- caches).
-
-Daniel (4 July 2006)
-- Toshiyuki Maezawa fixed a problem where you couldn't override the
- Proxy-Connection: header when using a proxy and not doing CONNECT.
-
-Daniel (24 June 2006)
-- Michael Wallner added curl_formget(), which allows an application to extract
- (serialise) a previously built formpost (as with curl_formadd()).
-
-Daniel (23 June 2006)
-- Arve Knudsen found a flaw in curl_multi_fdset() for systems where
- curl_socket_t is unsigned (like Windows) that could cause it to wrongly
- return a max fd of -1.
-
-Daniel (20 June 2006)
-- Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and
- CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed
- to send or receive data. This kind of adds the the command line tool's
- option --limit-rate to the library.
-
- The rate limiting logic in the curl app is now removed and is instead
- provided by libcurl itself. Transfer rate limiting will now also work for -d
- and -F, which it didn't before.
-
-Daniel (19 June 2006)
-- Made -K on a file that couldn't be read cause a warning to be displayed.
-
-Daniel (13 June 2006)
-- Dan Fandrich implemented --enable-hidden-symbols configure option to enable
- -fvisibility=hidden on gcc >= 4.0. This reduces the size of the libcurl
- binary and speeds up dynamic linking by hiding all the internal symbols from
- the symbol table.
-
-Version 7.15.4 (12 June 2006)
-
-Daniel (8 June 2006)
-- Brian Dessent fixed the code for cygwin in three distinct ways:
-
- The first modifies {lib,src}/setup.h to not include the winsock headers
- under Cygwin. This fixes the reported build problem. Cygwin attempts as
- much as possible to emulate a posix environment under Windows. This means
- that WIN32 is *not* #defined and (to the extent possible) everything is done
- as it would be on a *ix type system. Thus <sys/socket.h> is the proper
- include, and even though winsock2.h is present, including it just introduces
- a whole bunch of incompatible socket API stuff.
-
- The second is a patch I've included in the Cygwin binary packages for a
- while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The
- checks are innocuous and they do succeed, but they pollute LIBS with
- unnecessary stuff which gets recorded as such in the libcurl.la file, which
- brings them into the build of any libcurl-downstream. As far as I know
- these libs are really only necessary for mingw, so alternatively they could
- be designed to only run if $host matches *-*-mingw* but I took the safer
- route of skipping them for *-*-cygwin*.
-
- The third patch replaces all uses of the ancient and obsolete __CYGWIN32__
- with __CYGWIN__. Ref: <https://cygwin.com/ml/cygwin/2003-09/msg01520.html>.
-
-Daniel (7 June 2006)
-- Mikael Sennerholm provided a patch that added NTLM2 session response support
- to libcurl. The 21 NTLM test cases were again modified to comply...
-
-Daniel (27 May 2006)
-- �scar Morales Viv� updated the libcurl.framework.make file.
-
-Daniel (26 May 2006)
-- Olaf St�ben fixed a bug that caused Digest authentication with md5-sess to
- fail. When using the md5-sess, the result was not Md5 encoded and Base64
- transformed.
-
-Daniel (25 May 2006)
-- Michael Wallner provided a patch that allows "SESS" to be set with
- CURLOPT_COOKIELIST, which then makes all session cookies get cleared.
-
-Daniel (24 May 2006)
-- Tor Arntsen made test 271 run fine again since the TFTP path fix.
-
-Daniel (23 May 2006)
-- Martin Michlmayr filed debian bug report #367954, but the same error also
- showed up in the autobuilds. It seems a rather long-since introduced shell
- script flaw in the configure script suddenly was detected by the bash
- version in Debian Unstable. It had previously passed undetected by all
- shells used so far...
-
-- David McCreedy updated lib/config-tpf.h
-
-Daniel (11 May 2006)
-- Fixed the configure's check for old-style SSLeay headers since I fell over a
- case with a duplicate file name (a krb4 implementation with an err.h
- file). I converted the check to manually make sure three of the headers are
- present before considering them fine.
-
-- David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended
- checks on the to-be-returned socket to make sure it truly seems to be alive
- and well. For SSL connection it (only) uses OpenSSL functions.
-
-Daniel (10 May 2006)
-- Fixed DICT in two aspects:
-
- 1 - allow properly URL-escaped words, like using %20 for spaces
-
- 2 - properly escape certain letters within a word to comply to the RFC2229
-
-Daniel (9 May 2006)
-- Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU
- autotools project, which optionally (default=yes) uses libcurl on a system
- without a (usable) libcurl installation, but not specifying
- `--without-libcurl', configure determines correctly that no libcurl is
- available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl'
- in the resulting Makefiles.
-
- David Shaw fixed the flaw.
-
-- Robson Braga Araujo fixed two problems in the recently added non-blocking SSL
- connects. The state machine was not reset properly so that subsequent
- connects using the same handle would fail, and there were two memory leaks.
-
-- Robson Braga Araujo fixed a memory leak when you added an easy handle to a
- multi stack and that easy handle had already been used to do one or more
- easy interface transfers, as then the code threw away the previously used
- DNS cache without properly freeing it.
-
-Daniel (8 May 2006)
-- Dan Fandrich went over the TFTP code and he pointed out and fixed numerous
- problems:
-
- * The received file is corrupted when a packet is lost and retransmitted
- (this is a serious problem!)
-
- * Transmitting a file aborts if a block is lost and retransmitted
-
- * Data is stored in the wrong location in the buffer for uploads, so uploads
- always fail (I don't see how it could have ever worked, but it did on x86
- at least)
-
- * A number of calls are made to strerror instead of Curl_strerror, making
- the code not thread safe
-
- * There are references to errno instead of Curl_sockerrno(), causing
- incorrect error messages on Windows
-
- * The file name includes a leading / which violates RFC3617. Doing something
- similar to ftp, where two slashes after the host name means an absolute
- reference seems a reasonable extension to fix this.
-
- * Failures in EBCDIC conversion are not propagated up to the caller but are
- silently ignored
-
-- Fixed known bug #28. The TFTP code no longer assumes a packed struct and
- thus works reliably on more platforms.
-
-Daniel (5 May 2006)
-- Roland Blom filed bug report #1481217
- (https://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele
- Bini and David Byron. libcurl previously wrongly used GetLastError() on
- windows to get error details after socket-related function calls, when it
- really should use WSAGetLastError() instead.
-
- When changing to this, the former function Curl_ourerrno() is now instead
- called Curl_sockerrno() as it is necessary to only use it to get errno from
- socket-related functions as otherwise it won't work as intended on Windows.
-
-Daniel (4 May 2006)
-- Mark Eichin submitted bug report #1480821
- (https://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a
- problem with how libcurl dealt with GnuTLS and a case where gnutls returned
- GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected
- return code, making Curl_ssl_send() confuse the upper layer - causing random
- 28 bytes trash data to get inserted in the transfered stream.
-
- The proper fix was to make the Curl_gtls_send() function return the proper
- return codes that the callers would expect. The Curl_ossl_send() function
- already did this.
-
-Daniel (2 May 2006)
-- Added a --checkfor option to curl-config to allow users to easier
- write for example shell scripts that test for the presence of a
- new-enough libcurl version. If --checkfor is given a version string
- newer than what is currently installed, curl-config will return a
- non-zero exit code and output a string about the unfulfilled
- requirement.
-
-Daniel (26 April 2006)
-- David McCreedy brought initial line end conversions when doing FTP ASCII
- transfers. They are done on non-windows systems and translate CRLF to LF.
-
- I modified the 15 LIST-using test cases accordingly. The downside is that now
- we'll have even more trouble to get the tests to run on Windows since they
- should get CRLF newlines left intact which the *nix versions don't. I figure
- the only sane thing to do is to add some kind of [newline] macro for the test
- case files and have them expanded to the proper native line ending when the
- test cases are run. This is however left to implement.
-
-Daniel (25 April 2006)
-- Paul Querna fixed libcurl to better deal with deflate content encoding
- when the stream (wrongly) lacks a proper zlib header. This seems to be the
- case on too many actual server implementations.
-
-Daniel (21 April 2006)
-- Ale Vesely fixed CURLOPT_INTERFACE when using a hostname.
-
-Daniel (19 April 2006)
-- Based on previous info from Tor Arntsen, I made configure detect the Intel
- ICC compiler to add a compiler option for it, in order for configure to
- properly be able to detect function prototypes.
-
-- Robson Braga Araujo provided a patch that makes libcurl less eager to close
- the control connection when using FTP, for example when you remove an easy
- handle from a multi stack.
-
-- Applied a patch by Ates Goral and Katie Wang that corrected my bad fix
- attempt from April 10.
-
-Daniel (11 April 2006)
-- #1468330 (https://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad
- typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least)
- since the struct timeval field tv_sec is an int while time_t is 64bit.
-
-Daniel (10 April 2006)
-- Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and
- CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL
- connection time-out!
-
-- I merged my hiper patch (https://curl.haxx.se/libcurl/hiper/) into the main
- sources. See the lib/README.multi_socket for implementation story with
- details. Don't expect it to work fully yet. I don't intend to blow any
- whistles or ring any bells about it until I'm more convinced it works at
- least somewhat reliably.
-
-Daniel (7 April 2006)
-- David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt()
- options (callbacks) were added:
-
- CONV_FROM_NETWORK_FUNCTION
- CONV_TO_NETWORK_FUNCTION
- CONV_FROM_UTF8_FUNCTION
-
-Daniel (5 April 2006)
-- Michele Bini modified the NTLM code to work for his "weird IIS case"
- (https://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash
- function in addition to the LM one and making some other adjustments in the
- order the different parts of the data block are sent in the Type-2 reply.
- Inspiration for this work was taken from the Firefox NTLM implementation.
-
- I edited the existing 21(!) NTLM test cases to run fine with these news. Due
- to the fact that we now properly include the host name in the Type-2 message
- the test cases now only compare parts of that chunk.
-
-Daniel (28 March 2006)
-- #1451929 (https://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that
- occurred when asking libcurl to follow HTTP redirects and the original URL
- had more than one question mark (?). Added test case 276 to verify.
-
-Daniel (27 March 2006)
-- David Byron found a problem multiple -d options when libcurl was built with
- --enable-debug, as then curl used free() on memory allocated both with
- normal malloc() and with libcurl-provided functions, when the latter MUST be
- freed with curl_free() in debug builds.
-
-Daniel (26 March 2006)
-- Tor Arntsen figured out that TFTP was broken on a lot of systems since we
- called bind() with a too big argument in the 3rd parameter and at least
- Tru64, AIX and IRIX seem to be very picky about it.
-
-Daniel (21 March 2006)
-- David McCreedy added CURLINFO_FTP_ENTRY_PATH.
-
-- Xavier Bouchoux made the SSL connection non-blocking for the multi interface
- (when using OpenSSL).
-
-- Tor Arntsen fixed the AIX Toolbox RPM spec
-
-Daniel (20 March 2006)
-- David McCreedy fixed libcurl to no longer ignore AUTH failures and now it
- reacts properly according to the CURLOPT_FTP_SSL setting.
-
-- Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file
- whose length was a multiple of 512 bytes could have random garbage
- appended. Also, stop processing TFTP packets which are too short to be
- legal.
-
-- Ilja van Sprundel reported a possible crash in the curl tool when using
- "curl hostwithoutslash -d data -G"
-
-Version 7.15.3 (20 March 2006)
-
-Daniel (20 March 2006)
-- VULNERABILITY reported to us by Ulf Harnhammar.
-
- libcurl uses the given file part of a TFTP URL in a manner that allows a
- malicious user to overflow a heap-based memory buffer due to the lack of
- boundary check.
-
- This overflow happens if you pass in a URL with a TFTP protocol prefix
- ("tftp://";), using a valid host and a path part that is longer than 512
- bytes.
-
- The affected flaw can be triggered by a redirect, if curl/libcurl is told to
- follow redirects and an HTTP server points the client to a tftp URL with the
- characteristics described above.
-
- The Common Vulnerabilities and Exposures (CVE) project has assigned the name
- CVE-2006-1061 to this issue.
-
-Daniel (16 March 2006)
-- Tor Arntsen provided a RPM spec file for AIX Toolbox, that now is included
- in the release archive.
-
-Daniel (14 March 2006)
-- David McCreedy fixed:
-
- a bad SSL error message when OpenSSL certificates are verified fine.
-
- a missing return code assignment in the FTP code
-
-Daniel (7 March 2006)
-- Markus Koetter filed debian bug report #355715 which identified a problem
- with the multi interface and multi-part formposts. The fix from February
- 22nd could make the Curl_done() function get called twice on the same
- connection and it was not designed for that and thus tried to call free() on
- an already freed memory area!
-
-- Peter Heuchert made sure the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL
- is used properly.
-
-Daniel (6 March 2006)
-- Lots of users on Windows have reported getting the "SSL: couldn't set
- callback" error message so I've now made the setting of that callback not be
- as critical as before. The function is only used for additional loggging/
- trace anyway so a failure just means slightly less data. It should still be
- able to proceed and connect fine to the server.
-
-Daniel (4 March 2006)
-- Thomas Klausner provided a patch written by Todd Vierling in bug report
- #1442471 that fixes a build problem on Interix.
-
-Daniel (2 March 2006)
-- FTP upload without a file name part in the URL now causes
- curl_easy_perform() to return CURLE_URL_MALFORMAT. Previously it allowed the
- upload but named the file "(nil)" (without the quotes). Test case 524
- verifies.
-
-- Added a check for getprotobyname in configure so that it'll be used, thanks
- to Gisle Vanem's change the other day.
-
-Daniel (28 February 2006)
-- Dan Fandrich prevented curl from getting stuck in an endless loop in case we
- are out of file handles very early in curl's code where it makes sure that
- 0, 1 and 2 aren't gonna be used by the lib for transfers.
-
-Daniel (27 February 2006)
-- Marty Kuhrt pointed out that there were two VMS-specific files missing in
- the release archive.
-
-Version 7.15.2 (27 February 2006)
-
-Daniel (22 February 2006)
-- Lots of work and analysis by "xbx___" in bug #1431750
- (https://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two
- different but related bugs:
-
- 1) Removing an easy handle from a multi handle before the transfer is done
- could leave a connection in the connection cache for that handle that is
- in a state that isn't suitable for re-use. A subsequent re-use could then
- read from a NULL pointer and segfault.
-
- 2) When an easy handle was removed from the multi handle, there could be an
- outstanding c-ares DNS name resolve request. When the response arrived,
- it caused havoc since the connection struct it "belonged" to could've
- been freed already.
-
- Now Curl_done() is called when an easy handle is removed from a multi handle
- pre-maturely (that is, before the transfer was complteted). Curl_done() also
- makes sure to cancel all (if any) outstanding c-ares requests.
-
-Daniel (21 February 2006)
-- Peter Su added support for SOCKS4 proxies. Enable this by setting the proxy
- type to the already provided type CURLPROXY_SOCKS4.
-
- I added a --socks4 option that works like the current --socks5 option but
- instead use the socks4 protocol.
-
-Daniel (20 February 2006)
-- Shmulik Regev fixed an issue with multi-pass authentication and compressed
- content when libcurl didn't honor the internal ignorebody flag.
-
-Daniel (18 February 2006)
-- Ulf H�rnhammar fixed a format string (printf style) problem in the Negotiate
- code. It should however not be the cause of any troubles. He also fixed a
- few similar problems in the HTTP test server code.
-
-Daniel (17 February 2006)
-- Shmulik Regev provided a fix for the DNS cache when using short life times,
- as previously it could be holding on to old cached entries longer than
- requested.
-
-Daniel (11 February 2006)
-- Karl Moerder added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options
- that an app can use to let libcurl only connect to a remote host and then
- extract the socket from libcurl. libcurl will then not attempt to do any
- transfer at all after the connect is done.
-
-- Kent Boortz improved the configure check for GnuTLS to properly set LIBS
- instead of LDFLAGS.
-
-Daniel (8 February 2006)
-- Philippe Vaucher provided a brilliant piece of test code that show a problem
- with re-used FTP connections. If the second request on the same connection
- was set not to fetch a "body", libcurl could get confused and consider it an
- attempt to use a dead connection and would go acting mighty strange.
-
-Daniel (2 February 2006)
-- Make --limit-rate [num] mean bytes. It used to be that but it broke in my
- change done in November 2005.
-
-Daniel (30 January 2006)
-- Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with the
- curl tool with --local-port. Plain and simply set the range of ports to bind
- the local end of connections to. Implemented on to popular demand.
-
-- Based on an error report by Philippe Vaucher, we no longer count a retried
- connection setup as a follow-redirect. It turns out 1) this fails when a FTP
- connection is re-setup and 2) it does make the max-redirs counter behave
- wrong.
-
-Daniel (24 January 2006)
-- Michal Marek provided a patch for FTP that makes libcurl continue to try
- PASV even after EPSV returned a positive response code, if libcurl failed to
- connect to the port number the EPSV response said. Obviously some people are
- going through protocol-sensitive firewalls (or similar) that don't
- understand EPSV and then they don't allow the second connection unless PASV
- was used. This also called for a minor fix of test case 238.
-
-Daniel (20 January 2006)
-- Duane Cathey was one of our friends who reported that curl -P [IP]
- (CURLOPT_FTPPORT) didn't work for IPv6-enabed curls if the IP wasn't a
- "native" IP while it works fine for IPv6-disabled builds!
-
- In the process of fixing this, I removed the support for LPRT since I can't
- think of many reasons to keep doing it and asking on the mailing list didn't
- reveal anyone else that could either. The code that sends EPRT and PORT is
- now also a lot simpler than before (IMHO).
-
-Daniel (19 January 2006)
-- Jon Turner pointed out that doing -P [hostname] (CURLOPT_FTPPORT) with curl
- (built IPv4-only) didn't work.
-
-Daniel (18 January 2006)
-- As reported in bug #1408742 (https://curl.haxx.se/bug/view.cgi?id=1408742),
- the configure script complained about a missing "missing" script if you ran
- configure within a path whose name included one or more spaces. This is due
- to a flaw in automake (1.9.6 and earlier). I've now worked around it by
- including an "overloaded" version of the AM_MISSING_HAS_RUN script that'll
- be used instead of the one automake ships with. This kludge needs to be
- removed once we get an automake version with this problem corrected.
- Possibly we'll then need to convert this into a kludge depending on what
- automake version that is used and that is gonna be painful and I don't even
- want to think about that now...!
-
-Daniel (17 January 2006)
-- David Shaw: Here is the latest libcurl.m4 autoconf tests. It is updated with
- the latest features and protocols that libcurl supports and has a minor fix
- to better deal with the obscure case where someone has more than one libcurl
- installed at the same time.
-
-Daniel (16 January 2006)
-- David Shaw finally removed all traces of Gopher and we are now officially
- not supporting it. It hasn't been functioning for years anyway, so this is
- just finally stating what already was true. And a cleanup at the same time.
-
-- Bryan Henderson turned the 'initialized' variable for curl_global_init()
- into a counter, and thus you can now do multiple curl_global_init() and you
- are then supposed to do the same amount of calls to curl_global_cleanup().
- Bryan has also updated the docs accordingly.
-
-Daniel (13 January 2006)
-- Andrew Benham fixed a race condition in the test suite that could cause the
- test script to kill all processes in the current process group!
-
-Daniel (12 January 2006)
-- Michael Jahn:
-
- Fixed FTP_SKIP_PASV_IP and FTP_USE_EPSV to "do right" when used on FTP thru
- HTTP proxy.
-
- Fixed PROXYTUNNEL to work fine when you do ftp through a proxy. It would
- previously overwrite internal memory and cause unpredicted behaviour!
-
-Daniel (11 January 2006)
-- I decided to document the "secret option" here now, as I've received *NO*
- feedback at all on my mailing list requests from November 2005:
-
- I'm looking for feedback and comments. I added some experimental code the
- other day, that allows a libcurl user to select what method libcurl should
- use to reach a file on a FTP(S) server.
-
- This functionality is available in CVS code and in recent daily snapshots.
-
- Let me explain...
-
- The current name for the option is CURLOPT_FTP_FILEMETHOD (--ftp-method for
- the command line tool) and you set it to a long (there are currenly no
- defines for the argument values, just plain numericals). You can set three
- different "methods" that do this:
-
- 1 multicwd - like today, curl will do a single CWD operation for each path
- part in the given URL. For deep hierarchies this means very many
- commands. This is how RFC1738 says it should be done. This is the
- default.
-
- 2 nocwd - no CWD at all is done, curl will do SIZE, RETR, STOR etc and give
- a full path to the server.
-
- 3 singlecwd - make one CWD with the full target directory and then operate
- on the file "normally".
-
- (With the command line tool you do --ftp-method [METHOD], where [METHOD] is
- one of "multicwd", "nocwd" or "singlecwd".)
-
- What feedback I'm interested in:
-
- 1 - Do they work at all? Do you find servers where one of these don't work?
-
- 2 - What would proper names for the option and its arguments be, if we
- consider this feature good enough to get included and documented in
- upcoming releases?
-
- 3 - Should we make libcurl able to "walk through" these options in case of
- (path related) failures, or should it fail and let the user redo any
- possible retries?
-
- (This option is not documented in any man page just yet since I'm not sure
- these names will be used or if the functionality will end up exactly like
- this. And for the same reasons we have no test cases for these yet.)
-
-Daniel (10 January 2006)
-- When using a bad path over FTP, as in when libcurl couldn't CWD into all
- given subdirs, libcurl would still "remember" the full path as if it is the
- current directory libcurl is in so that the next curl_easy_perform() would
- get really confused if it tried the same path again - as it would not issue
- any CWD commands at all, assuming it is already in the "proper" dir.
-
- Starting now, a failed CWD command sets a flag that prevents the path to be
- "remembered" after returning.
-
-Daniel (7 January 2006)
-- Michael Jahn fixed so that the second CONNECT when doing FTP over a HTTP
- proxy actually used a new connection and not sent the second request on the
- first socket!
-
-Daniel (6 January 2006)
-- Alexander Lazic made the buildconf run the buildconf in the ares dir if that
- is present instead of trying to mimic that script in curl's buildconf
- script.
-
-Daniel (3 January 2006)
-- Andres Garcia made the TFTP test server build with mingw.
-Daniel (16 December 2005)
-- Jean Jacques Drouin pointed out that you could only have a user name or
- password of 127 bytes or less embedded in a URL, where actually the code
- uses a 255 byte buffer for it! Modified now to use the full buffer size.
-
-Daniel (12 December 2005)
-- Dov Murik corrected the HTTP_ONLY define to disable the TFTP support properly
-
-Version 7.15.1 (7 December 2005)
-
-Daniel (6 December 2005)
-- Full text here: https://curl.haxx.se/docs/adv_20051207.html Pointed out by
- Stefan Esser.
-
- VULNERABILITY
-
- libcurl's URL parser function can overflow a malloced buffer in two ways, if
- given a too long URL.
-
- These overflows happen if you
-
- 1 - pass in a URL with no protocol (like "http://";) prefix, using no slash
- and the string is 256 bytes or longer. This leads to a single zero byte
- overflow of the malloced buffer.
-
- 2 - pass in a URL with only a question mark as separator (no slash) between
- the host and the query part of the URL. This leads to a single zero byte
- overflow of the malloced buffer.
-
- Both overflows can be made with the same input string, leading to two single
- zero byte overwrites.
-
- The affected flaw cannot be triggered by a redirect, but the long URL must
- be passed in "directly" to libcurl. It makes this a "local" problem. Of
- course, lots of programs may still pass in user-provided URLs to libcurl
- without doing much syntax checking of their own, allowing a user to exploit
- this vulnerability.
-
- There is no known exploit at the time of this writing.
-
-
-Daniel (2 December 2005)
-- Jamie Newton pointed out that libcurl's file:// code would close() a zero
- file descriptor if given a non-existing file.
-
-Daniel (24 November 2005)
-- Doug Kaufman provided a set of patches to make curl build fine on DJGPP
- again using configure.
-
-- Yang Tse provided a whole series of patches to clear up compiler warnings on
- MSVC 6.
-
-Daniel (17 November 2005)
-- I extended a patch from David Shaw to make libcurl _always_ provide an error
- string in the given error buffer to address the flaw mention on 21 sep 2005.
-
-Daniel (16 November 2005)
-- Applied Albert Chin's patch that makes the libcurl.pc pkgconfig file get
- installed on 'make install' time.
-
-Daniel (14 November 2005)
-- Quagmire reported that he needed to raise a NTLM buffer for SSPI to work
- properly for a case, and so we did. We raised it even for non-SSPI builds
- but it should not do any harm. https://curl.haxx.se/bug/view.cgi?id=1356715
-
-- Jan Kunder's debian bug report
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird
- error message for when you try to upload a file and the requested directory
- doesn't exist on the target server.
-
-- Yang Tse fixed compiler warnings in lib/ssluse.c with OpenSSL 0.9.8 and in
- lib/memdebug.h that showed up in his msvc builds.
-
-Daniel (13 November 2005)
-- Debian bug report 338681 by Jan Kunder: make curl better detect and report
- bad limit-rate units:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now curl will return
- error if a bad unit is used.
-
-- Thanks to this nice summary of poll() implementations:
- http://www.greenend.org.uk/rjk/2001/06/poll.html and further tests by Eugene
- Kotlyarov, we now know that cygwin's poll returns only POLLHUP on remote
- connectin closure so we check for that case (too) and re-enable poll for
- cygwin builds.
-
-Daniel (12 November 2005)
-- Eugene Kotlyarov found out that cygwin's poll() function isn't doing things
- right: https://curl.haxx.se/mail/archive-2005-11/0045.html so we now disable
- poll() and use select() on cygwin too (we already do the same choice on Mac
- OS X)
-
-- Dima Barsky patched problem #1348930: the GnuTLS code completely ignored
- client certificates! (https://curl.haxx.se/bug/view.cgi?id=1348930).
-
-Daniel (10 November 2005)
-- David Lang fixed IPv6 support for TFTP!
-
-- Introducing range stepping to the curl globbing support. Now you can specify
- step counter by adding :[num] within the brackets when specifying a range:
-
- [1-100:10]
- [a-z:2]
-
- If no step counter is set, it defaults to 1 as before:
-
- [1-100]
- [d-h]
-
-Daniel (8 November 2005)
-- Removed the use of AI_CANONNAME in the IPv6-enabled resolver functions since
- we really have no use for reverse lookups of the address.
-
- I truly hope these are the last reverse lookups we had lingering in the
- code!
-
-- Dmitry Bartsevich discovered some issues in compatibilty of SSPI-enabled
- version of libcurl with different Windows versions. Current version of
- libcurl imports SSPI functions from secur32.dll. However, under Windows NT
- 4.0 these functions are located in security.dll, under Windows 9x - in
- secur32.dll and Windows 2000 and XP contains both these DLLs (security.dll
- just forwards calls to secur32.dll).
-
- Dmitry's patch loads proper library dynamically depending on Windows
- version. Function InitSecurityInterface() is used to obtain pointers to all
- of SSPI function in one structure.
-
-Daniel (31 October 2005)
-- Vilmos Nebehaj improved libcurl's LDAP abilities:
-
- The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary
- attributes in LDAP objects. So, I made a quick patch to address these
- problems.
-
- The solution is simple: if we connect to an LDAP server, first try LDAPv3
- (which is the preferred protocol as of now) and then fall back to LDAPv2.
- In case of binary attributes, we first convert them to base64, just like the
- openldap client does. It uses ldap_get_values_len() instead of
- ldap_get_values() to be able to retrieve binary attributes correctly. I
- defined the necessary LDAP macros in lib/ldap.c to be able to compile
- libcurl without the presence of libldap
-
-Daniel (27 October 2005)
-- Nis Jorgensen filed bug report #1338648
- (https://curl.haxx.se/bug/view.cgi?id=1338648) which really is more of a
- feature request, but anyway. It pointed out that --max-redirs did not allow
- it to be set to 0, which then would return an error code on the first
- Location: found. Based on Nis' patch, now libcurl supports CURLOPT_MAXREDIRS
- set to 0, or -1 for infinity. Added test case 274 to verify.
-
-- tommink[at]post.pl reported in bug report #1337723
- (https://curl.haxx.se/bug/view.cgi?id=1337723) that curl could not upload
- binary data from stdin on Windows if the data contained control-Z (hex 1a)
- since that is treated as end-of-file when read in text mode. Gisle Vanem
- pointed out the fix, and I made both -T and --data-binary take advantage of
- it.
-
-- Jaz Fresh pointed out that if you used "-r [number]" as was wrongly described
- in the man page, curl would send an invalid HTTP Range: header. The correct
- way would be to use "-r [number]-" or even "-r -[number]". Starting now,
- curl will warn if this is discovered, and automatically append a dash to the
- range before passing it to libcurl.
-
-Daniel (25 October 2005)
-- Amol Pattekar reported a bug with great detail and a fine example in bug
- #1326306 (https://curl.haxx.se/bug/view.cgi?id=1326306). When using the multi
- interface and connecting to a host with multiple IP addresses, and one of
- the addresses fails to connect (the server must exist and respond, just not
- accept connections) libcurl leaks a socket descriptor. Thanks to the fine
- report, I could find and fix this.
-
-Daniel (22 October 2005)
-- Dima Barsky reported a problem with GnuTLS-enabled libcurl in bug report
- #1334338 (https://curl.haxx.se/bug/view.cgi?id=1334338). When reading an SSL
- stream from a server and the server requests a "rehandshake", the current
- code simply returns this as an error. I have no good way to test this, but
- I've added a crude attempt of dealing with this situation slightly better -
- it makes a blocking handshake if this happens. Done like this because fixing
- this the "proper" way (that would handshake asynchronously) will require
- quite some work and I really need a good way to test this to do such a
- change.
-
-Daniel (21 October 2005)
-- "Ofer" reported a problem when libcurl re-used a connection and failed to do
- it, it could then accidentally actually crash. Presumably, this concerns FTP
- connections. https://curl.haxx.se/bug/view.cgi?id=1330310
-
-- Temprimus improved the MSVC makefile so that the static debug SSL libs are
- linked to the executable and not to the libcurld.lib
- https://curl.haxx.se/bug/view.cgi?id=1326676
-
-- Bradford Bruce made the windows resolver code properly return
- CURLE_COULDNT_RESOLVE_PROXY and CURLE_COULDNT_RESOLVE_HOST on resolving
- errors (as documented).
-
-Daniel (20 October 2005)
-- Dave Dribin made libcurl understand and handle cases when the server
- (wrongly) sends *two* WWW-Authenticate headers for Digest. While this should
- never happen in a sane world, libcurl previously got into an infinite loop
- when this occurred. Dave added test 273 to verify this.
-
-- Temprimus improved the MSVC makefile: "makes a build option available so if
- you set rtlibcfg=static for the make, then it would build with /MT. The
- default behaviour is /MD (the original)."
- https://curl.haxx.se/bug/view.cgi?id=1326665
-
-Daniel (14 October 2005)
-- Reverted the LIBCURL_VERSION_NUM change from October 6. As Dave Dribin
- reported, the define is used by the configure script and is assumed to use
- the 0xYYXXZZ format. This made "curl-config --vernum" fail in the 7.15.0
- release version.
-
-Version 7.15.0 (13 October 2005)
-
-Daniel (12 October 2005)
-- Michael Sutton of iDEFENSE reported and I fixed a securitfy flaw in the NTLM
- code that would overflow a buffer if given a too long user name or domain
- name. This would happen if you enable NTLM authentication and either
-
- A - pass in a user name and domain name to libcurl that together are longer
- than 192 bytes
-
- B - allow (lib)curl to follow HTTP "redirects" (Location: and the
- appropriate HTTP 30x response code) and the new URL contains a URL with
- a user name and domain name that together are longer than 192 bytes
-
- See https://curl.haxx.se/docs/security.html for further details and updates
-
-Daniel (5 October 2005)
-- Darryl House reported a problem with using -z to download files from FTP.
- It turned out that if the given time stamp was exact the same as the remote
- time stamp, the file would still wrongly be downloaded. Added test case 272
- to verify.
-
-Daniel (4 October 2005)
-- Domenico Andreoli fixed a man page malformat and removed odd (0xa0) bytes
- from the configure script.
-
-- Michael Wallner reported that the date parser had wrong offset stored for
- the MEST and CEST time zones.
-
-Daniel (27 September 2005)
-- David Yan filed bug #1299181 (https://curl.haxx.se/bug/view.cgi?id=1299181)
- that identified a silly problem with Content-Range: headers with the 'bytes'
- keyword written in a different case than all lowercase! It would cause a
- segfault!
-
-- TJ Saunders of the proftpd project identified and pointed out problems with
- the modified FTPS negotiation change of August 19 2005. Thus, we revert the
- change back to pre-7.14.1 status.
-
-Daniel (21 September 2005)
-- Fixed "cut off" sentence in the libcurl-tutorial man page:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329305
-
-- Clarified in the curl_easy_setopt man page what the default
- CURLOPT_WRITEFUNCTION and CURLOPT_WRITEDATA mean:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329311
-
-- Clarified in the curl_easy_setopt man page that CURLOPT_ERRORBUFFER
- sometimes doesn't fill in the buffer even though it is supposed to:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329313
-
-- When CURLE_URL_MALFORMAT is returned due to a missing URL, it now has an
- error string set.
-
-Daniel (19 September 2005)
-- Dmitry Bartsevich made the SSPI support work on Windows 9x as well.
-
-Daniel (15 September 2005)
-- Added a TFTP server to the test suite and made the test suite capable of
- using it.
-
-Daniel (7 September 2005)
-- Ben Madsen's detailed reports that funnily enough only occurred with certain
- glibc versions turned out to be curl using an already closed file handle
- during certain conditions (like when saving FTP server "headers").
-
-- Scott Davis helped me track down a problem in the test HTTP server that made
- test case 56 wrongly fail at times. It turned out it was due to the server
- finding the end of a chunked-encoded POST too early.
-
-Daniel (6 September 2005)
-- Now curl warns if an unknown variable is used in the -w/--writeout argument.
-
-Daniel (4 September 2005)
-- I applied Nicolas Fran�ois' man page patch he posted to the Debian bug
- tracker. It corrected two lines that started with apostrophes, which isn't
- legal nroff format. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326511
-
-- Added --ftp-skip-pasv-ip to the command line tool, that sets the new
- CURLOPT_FTP_SKIP_PASV_IP option. It makes libcurl re-use the control
- connection's IP address when setting up the data connection instead of
- extractting the IP address from the PASV response. It has turned out this
- feature is frequently needed by people to circumvent silly servers and silly
- firewalls, especially when FTPS is used and the PASV command-response is
- sent encrtyped.
-
- Sponsored by CU*Answers
-
-Daniel (1 September 2005)
-- John Kelly added TFTP support to libcurl. A bunch of new error codes was
- added. TODO: add them to docs. add TFTP server to test suite. add TFTP to
- list of protocols whereever those are mentioned.
-
-Version 7.14.1 (1 September 2005)
-
-Daniel (29 August 2005)
-- Kevin Lussier pointed out a problem with curllib.dsp and how to fix it.
-
-- Igor Polyakov fixed a rather nasty problem with the threaded name resolver
- for Windows, that could lead to an Access Violation when the multi interface
- was used due to an issue with how the resolver thread was and was not
- terminated.
-
-- Simon Josefsson brought a patch that allows curl to get built to use GNU GSS
- instead of MIT/Heimdal for GSS capabilities.
-
-Daniel (24 August 2005)
-- Toby Peterson added CURLOPT_IGNORE_CONTENT_LENGTH to the library, accessible
- from the command line tool with --ignore-content-length. This will make it
- easier to download files from Apache 1.x (and similar) servers that are
- still having problems serving files larger than 2 or 4 GB. When this option
- is enabled, curl will simply have to wait for the server to close the
- connection to signal end of transfer. I wrote test case 269 that runs a
- simple test to verify that this works.
-
-- (Trying hard to exclude emotions now.) valgrind version 3 suddenly renamed
- the --logfile command line option to --log-file, and thus the test script
- valgrind autodetection now has yet another version check to do and then it
- alters the valgrind command line accordingly.
-
-- Fixed CA cert verification using GnuTLS with the default bundle, which
- previously failed due to GnuTLS not allowing x509 v1 CA certs by default.
- Ralph Mitchell reported.
-
-Daniel (19 August 2005)
-- Norbert Novotny had problems with FTPS and he helped me work out a patch
- that made curl run fine in his end. The key was to make sure we do the
- SSL/TLS negotiation immediately after the TCP connect is done and not after
- a few other commands have been sent like we did previously. I don't consider
- this change necessary to obey the standards, I think this server is pickier
- than what the specs allow it to be, but I can't see how this modified
- libcurl code can add any problems to those who are interpreting the
- standards more liberally.
-
-Daniel (17 August 2005)
-- Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (with
- CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to
- write the result to a given cookie jar and then never actually call
- curl_easy_perform() - the given file(s) to read was never read but the
- output file was written and thus it caused a "funny" result.
-
-- While doing some tests for the bug above, I noticed that Firefox generates
- large numbers (for the expire time) in the cookies.txt file and libcurl
- didn't treat them properly. Now it does.
-
-Daniel (15 August 2005)
-- Added more verbose "warning" messages to the curl client for cases where it
- fails to open/read files etc to help users diagnose why it doesn't do what
- you'd expect it to. Converted lots of old messages to use the new generic
- function I wrote for this purpose.
-
-Daniel (13 August 2005)
-- James Bursa identified a libcurl HTTP bug and a good way to repeat it. If a
- site responds with bad HTTP response that doesn't contain any header at all,
- only a response body, and the write callback returns 0 to abort the
- transfer, it didn't have any real effect but the write callback would be
- called once more anyway.
-
-Daniel (12 August 2005)
-- Based on Richard Clayton's reports, I found out that using curl -d @filename
- when 'filename' was not possible to access made curl use a GET request
- instead.
-
-- The time condition illegal syntax warning is now inhibited if -s is used.
-
-Daniel (10 August 2005)
-- Mario Schroeder found out that one of the debug callbacks calls that regards
- SSL data with the CURLINFO_TEXT type claimed that the data was one byte
- larger than it actually is, thus falsely telling the application that the
- terminating zero was part of the data.
-
-Daniel (9 August 2005)
-- Christopher R. Palmer fixed the offsets used for date parsings when the time
- zone name of a daylight savings time was used. For example, PDT vs PDS. This
- flaw was introduced with the new date parser (11 sep 2004 - 7.12.2).
- Fortunately, no web server or cookie string etc should be using such time
- zone names thus limiting the effect of this bug.
-
-Daniel (8 August 2005)
-- Jon Grubbs filed bug report #1249962
- (https://curl.haxx.se/bug/view.cgi?id=1249962) which identified a problem
- with NTLM on a HTTP proxy if an FTP URL was given. libcurl now properly
- switches to pure HTTP internally when an HTTP proxy is used, even for FTP
- URLs. The problem would also occur with other multi-pass auth methods.
-
-Daniel (7 August 2005)
-- When curl is built with GnuTLS, curl-config didn't include "SSL" when
- --features was used.
-
-Daniel (28 July 2005)
-- If any of the options CURLOPT_HTTPGET, CURLOPT_POST and CURLOPT_HTTPPOST is
- set to 1, CURLOPT_NOBODY will now automatically be set to 0.
-
-Daniel (27 July 2005)
-- Dan Fandrich changes over the last week: fixed numerous minor configure
- option parsing flaws: --without-gnutls, --without-spnego --without-gssapi
- and --without-krb4. Spellfixed several error messages.
-
-- Peteris Krumins added CURLOPT_COOKIELIST and CURLINFO_COOKIELIST, which is a
- simple interface to extracting and setting cookies in libcurl's internal
- "cookie jar". See the new cookie_interface.c example code.
-
-Daniel (13 July 2005)
-- Diego Casorran provided patches to make curl build fine on Amiga again.
-
-Daniel (12 July 2005)
-- Adrian Schuur added trailer support in the chunked encoding stream. The
- trailer is then sent to the normal header callback/stream. I wrote up test
- case 266 to verify the basic functionality. Do note that test case 34
- contains a flawed chunked encoding stream that still works the same.
-
-Daniel (5 July 2005)
-- Gisle Vanem came up with a nice little work-around for bug #1230118
- (https://curl.haxx.se/bug/view.cgi?id=1230118). It seems the Windows (MSVC)
- libc time functions may return data one hour off if TZ is not set and
- automatic DST adjustment is enabled. This made curl_getdate() return wrong
- value, and it also concerned internal cookie expirations etc.
-
-Daniel (4 July 2005)
-- Andrew Bushnell provided enough info for me to tell that we badly needed to
- fix the CONNECT authentication code with multi-pass auth methods (such as
- NTLM) as it didn't previously properly ignore response-bodies - in fact it
- stopped reading after all response headers had been received. This could
- lead to libcurl sending the next request and reading the body from the first
- request as response to the second request. (I also renamed the function,
- which wasn't strictly necessary but...)
-
- The best fix would to once and for all make the CONNECT code use the
- ordinary request sending/receiving code, treating it as any ordinary request
- instead of the special-purpose function we have now. It should make it
- better for multi-interface too. And possibly lead to less code...
-
- Added test case 265 for this. It doesn't work as a _really_ good test case
- since the test proxy is too stupid, but the test case helps when running the
- debugger to verify.
-
-Daniel (30 June 2005)
-- Dan Fandrich improved the configure script's ability to figure out what kind
- of strerror_r() API that is used when cross-compiling. If __GLIB__ is
- defined, it assumes the glibc API. If not, it issues a notice as before that
- the user needs to manually edit lib/config.h for this.
-
-Daniel (23 June 2005)
-- David Shaw's fix that unifies proxy string treatment so that a proxy given
- with CURLOPT_PROXY can use a http:// prefix and user + password. The user
- and password fields are now also URL decoded properly. Test case 264 added
- to verify.
-
-Daniel (22 June 2005)
-- David Shaw updated libcurl.m4
-
-Daniel (14 June 2005)
-- Gisle Vanem fixed a potential thread handle leak. Bug report #1216500
- (https://curl.haxx.se/bug/view.cgi?id=1216500). Comment in
- https://curl.haxx.se/mail/lib-2005-06/0059.html
-
-Daniel (13 June 2005)
-- Made buildconf run libtoolize in the ares dir too (inspired by Tupone's
- reverted patch).
-
-Daniel (9 June 2005)
-- Incorporated Tupone's findtool fix in buildconf (slightly edited)
-
-- Incorporated Tupone's head -n fix in buildconf.
-
-Daniel (8 June 2005)
-- Reverted Tupone's patch again, it broke numerous autobuilds. Let's apply it
- in pieces, one by one and see what we need to adjust to work all over.
-
-Daniel (6 June 2005)
-- Tupone Alfredo fixed three problems in buildconf:
-
- 1) findtool does look per tool in PATH and think ./perl is the perl
- executable, while is just a local directory (I have . in the PATH)
-
- 2) I got several warning for head -1 deprecated in favour of head -n 1
-
- 3) ares directory is missing some file (missing is missing :-) ) because
- automake and friends is not run.
-
-Daniel (3 June 2005)
-- Added docs/libcurl/getinfo-times, based on feedback from 'Edi':
- https://curl.haxx.se/feedback/display.cgi?id=11178325798299&support=yes
-
-- Andres Garcia provided yet another text mode patch for several test cases so
- that they do text comparisions better on Windows (newline-wise).
-
-Daniel (1 June 2005)
-- The configure check for c-ares now adds the cares lib before the other libs,
- to make it build fine with mingw. Inspired by Tupone Alfredo's bug report
- and patch: https://curl.haxx.se/bug/view.cgi?id=1212940
-
-Daniel (31 May 2005)
-- Todd Kulesza reported a flaw in the proxy option, since a numerical IPv6
- address was not possible to use. It is now, but requires it written
- RFC2732-style, within brackets - which incidently is how you enter numerical
- IPv6 addresses in URLs. Test case 263 added to verify.
-
-Daniel (30 May 2005)
-- Eric Cooper reported about a problem with HTTP servers that responds with
- binary zeroes within the headers. They confused libcurl to do wrong so the
- downloaded headers become incomplete. The fix is now verified with test case
- 262. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=310948
-
-Daniel (25 May 2005)
-- Fixed problems with the test suite, and in particular the FTP test cases
- since it previously was failing every now and then in a nonsense manner.
-
-- --trace-time now outputs the full microsecond, all 6 digits.
-
-Daniel (24 May 2005)
-- Andres Garcia provided a text mode patch for several test cases so that they
- do text comparisions better on Windows (newline-wise).
-
-- Any 2xx response (and not just 200) is now considered a fine response to
- TYPE, as some servers obviously sends a 226 there. Added test case 261 to
- verify. Based on a question/report by Georg Wicherski.
-
-Daniel (20 May 2005)
-- Improved runtests.pl to allow stdout tests to be mode=text as well, just
- as file comparisons already supports. Added this info to the FILEFORMAT
- docs.
-
-Daniel (18 May 2005)
-- John McGowan identified a problem in bug report #1204435
- (https://curl.haxx.se/bug/view.cgi?id=1204435) with malformed URLs like
- "http://somehost?data"; as it added a slash too much in the request ("GET
- /?data/"...). Added test case 260 to verify.
-
-- The configure check for strerror_r() failed to detect the proper API at
- times, like on HP-UX 10.20. Then lib/strerror.c badly assumed the glibc
- version if the posix define wasn't set (since it _had_ found a strerror_r).
-
-Daniel (16 May 2005)
-- The gmtime_r() function in HP-UX 10.20 is broken. About 13 test cases fail
- due to this. There's now a configure check that attempts to detect the bad
- function and not use it on such systems.
-
-Version 7.14.0 (16 May 2005)
-
-Daniel (13 May 2005)
-- Grigory Entin reported that curl's configure detects a fine poll() for Mac
- OS X 10.4 (while 10.3 or later detected a "bad" one), but the executable
- doesn't work as good as if built without poll(). I've adjusted the configure
- to always skip the fine-poll() test on Mac OS X (darwin).
-
-Daniel (12 May 2005)
-- When doing a second request (after a disconnect) using the same easy handle,
- over a proxy that uses NTLM authentication, libcurl failed to use NTLM again
- properly (the auth method was accidentally reset to the same as had been set
- for host auth, which defaults to Basic). Bug report #1200661
- (https://curl.haxx.se/bug/view.cgi?id=1200661) identified the the problem and
- the fix.
-
-- If -z/--time-cond is used with an invalid date syntax, this is no longer
- silently discarded. Instead a proper warning message is diplayed that
- informs about it. But it still continues without the condition.
-
-Version 7.14.0-pre2 (11 May 2005)
-
-Daniel (11 May 2005)
-- Starting now, libcurl sends a little different set of headers in its default
- HTTP requests:
-
- A) Normal non-proxy HTTP:
- - no more "Pragma: no-cache" (this only makes sense to proxies)
-
- B) Non-CONNECT HTTP request over proxy:
- - "Pragma: no-cache" is used (like before)
- - "Proxy-Connection: Keep-alive" (for older style 1.0-proxies)
-
- C) CONNECT HTTP request over proxy:
- - "Host: [name]:[port]"
- - "Proxy-Connection: Keep-alive"
-
- The A) case is mostly to reduce the default header size and remove a
- pointless header.
-
- The B) is to address (rare) problems with HTTP 1.0 proxies
-
- The C) headers are both to address (rare) problems with some proxies. The
- code in libcurl that deals with CONNECT requests need a rewrite, but it
- feels like a too big a job for me to do now. Details are added in the code
- comments for now.
-
- Updated a large amount of test cases to reflect the news.
-
-Daniel (10 May 2005)
-- Half-baked attempt to bail out if select() returns _only_ errorfds when the
- transfer is in progress. An attempt to fix Allan's problem. See
- https://curl.haxx.se/mail/lib-2005-05/0073.html and the rest of that thread
- for details.
-
- I'm still not sure this is the right fix, but...
-
-Version 7.14.0-pre1 (9 May 2005)
-
-Daniel (2 May 2005)
-- Sort of "fixed" KNOWN_BUGS #4: curl now builds IPv6 enabled on AIX 4.3. At
- least it should no longer cause a compiler error. However, it does not have
- AI_NUMERICHOST so we cannot getaddrinfo() any numerical addresses with it
- (we use that for FTP PORT/EPRT)! So, I modified the configure check that
- checks if the getaddrinfo() is working, to use AI_NUMERICHOST since then
- it'll fail on AIX 4.3 and it will automatically build with IPv6 support
- disabled.
-
-- Added --trace-time that when used adds a time stamp to each trace line that
- --trace, --trace-ascii and --verbose output. I also made the '>' display
- separate each line on the linefeed so that HTTP requests etc look nicer in
- the -v output.
-
-- Made curl recognize the environment variables Lynx (and others?) support for
- pointing out the CA cert path/file: SSL_CERT_DIR and SSL_CERT_FILE. If
- CURL_CA_BUNDLE is not set, they are checked afterwards.
-
- Like before: on windows if none of these are set, it checks for the ca cert
- file like this:
-
- 1. application's directory
- 2. current working directory
- 3. Windows System directory (e.g. C:\windows\system32)
- 4. Windows Directory (e.g. C:\windows)
- 5. all directories along %PATH%
-
-Daniel (1 May 2005)
-- The runtests.pl script now starts test servers by doing fork() and exec()
- instead of the previous approach. This is less complicated and should
- hopefully lead to less "leaked" servers (servers that aren't stopped
- properly when the tests are stopped).
-
-- Alexander Zhuravlev found a case when you did "curl -I [URL]" and it
- complained on the chunked encoding, even though a HEAD should never return a
- body and thus it cannot be a chunked-encoding problem!
-
-Daniel (30 April 2005)
-- Alexander Zhuravlev found out that (lib)curl SIGSEGVed when using
- --interface on an address that can't be bound.
-
-Daniel (28 April 2005)
-- Working on fixing up test cases to mark sections as 'mode=text' for things
- that curl writes as text files, since then they can get different line
- endings depending on OS. Andr�s Garc�a helps me work this out.
-
- Did lots of other minor tweaks on the test scripts to work better and more
- reliably find test servers and also kill test servers.
-
-- Dan Fandrich pointed out how the runtests.pl script killed the HTTP server
- instead of the HTTPS server when closing it down.
-
-Daniel (27 April 2005)
-- Paul Moore made curl check for the .curlrc file (_curlrc on windows) on two
- more places. First, CURL_HOME is a new environment variable that is used
- instead of HOME if it is set, to point out where the default config file
- lives. If there's no config file in the dir pointed out by one of the
- environment variables, the Windows version will instead check the same
- directory the executable curl is located in.
-
-Daniel (26 April 2005)
-- Cory Nelson's work on nuking compiler warnings when building on x64 with
- VS2005.
-
-Daniel (25 April 2005)
-- Fred New reported a bug where we used Basic auth and user name and password
- in .netrc, and when following a Location: the subsequent requests didn't
- properly use the auth as found in the netrc file. Added test case 257 to
- verify my fix.
-
-- Based on feedback from Cory Nelson, I added some preprocessor magic in
- */setup.h and */config-win32.h to build fine with VS2005 on x64.
-
-Daniel (23 April 2005)
-- Alex Suykov made the curl tool now assume that uploads using HTTP:// or
- HTTPS:// are the only ones that show output and thus motivates a switched
- off progress meter if the output is sent to the terminal. This makes FTP
- uploads without '>', -o or -O show the progress meter.
-
-Daniel (22 April 2005)
-- Dave Dribin's MSVC makefile fix: set CURL_STATICLIB when it builds static
- library variants.
-
-- Andres Garcia fixed configure to set the proper define when building static
- libcurl on windows.
-
-- --retry-delay didn't work.
-
-Daniel (18 April 2005)
-- Olivier reported that even though he used CURLOPT_PORT, libcurl clearly
- still used the default port. He was right. I fixed the problem and added the
- test cases 521, 522 and 523 to verify the fix.
-
-- Toshiyuki Maezawa reported that when doing a POST with a read callback,
- libcurl didn't properly send an Expect: 100-continue header. It does now.
-
-- I committed by mig change in the test suite's FTP server that moves out all
- socket/TCP code to a separate C program named sockfilt. And added 4 new
- test cases for FTP over IPv6.
-
-Daniel (8 April 2005)
-- Cory Nelson reported a problem with a HTTP server that responded with a 304
- response containing an "illegal" Content-Length: header, which was not
- properly ignored by libcurl. Now it is. Test case 249 verifies.
-
-Daniel (7 April 2005)
-- Added ability to build and run with GnuTLS as an alternative to OpenSSL for
- the secure layer. configure --with-gnutls enables with. Note that the
- previous OpenSSL check still has preference and if it first detects OpenSSL,
- it will not check for GnuTLS. You may need to explictly diable OpenSSL with
- --without-ssl.
-
- This work has been sponsored by The Written Word.
-
-Daniel (5 April 2005)
-- Christophe Legry fixed the post-upload check for FTP to not complain if the
- upload was skipped due to a time-condition as set with
- CURLOPT_TIMECONDITION. I added test case 247 and 248 to verify.
-
-Version 7.13.2 (5 April 2005)
-
-Daniel (4 April 2005)
-- Marcelo Juchem fixed the MSVC makefile for libcurl
-
-- Gisle Vanem fixed a crash in libcurl, that could happen if the easy handle
- was killed before the threading resolver (windows only) still hadn't
- completed.
-
-- Hardeep Singh reported a problem doing HTTP POST with Digest. (It was
- actually also affecting NTLM and Negotiate.) It turned out that if the
- server responded with 100 Continue before the initial 401 response, libcurl
- didn't take care of the response properly. Test case 245 and 246 added to
- verify this.
-
-Daniel (30 March 2005)
-- Andres Garcia modified the configure script to check for libgdi32 before
- libcrypto, to make the SSL check work fine on msys/mingw.
-
-Daniel (29 March 2005)
-- Tom Moers identified a flaw when you sent a POST with Digest authentication,
- as in the first request when curl sends a POST with Content-Length: 0, it
- still forcibly closed the connection before doing the next step in the auth
- negotiation.
-
-- Jesper Jensen found out that FTP-SSL didn't work since my FTP
- rewrite. Fixing that was easy, but it also revealed a much worse problem:
- the FTP server response reader function didn't properly deal with reading
- responses in multiple tiny chunks properly! I modified the FTP server to
- allow it to produce such split-up responses to make sure curl deals with
- them as it should.
-
-- Based on Augustus Saunders' comments and findings, the HTTP output auth
- function was fixed to use the proper proxy authentication when multiple ones
- are accepted. test 239 and test 243 were added to repeat the problems and
- verify the fixes.
-
- --proxy-anyauth was added to the curl tool
-
-Daniel (16 March 2005)
-- Tru64 and some IRIX boxes seem to not like test 237 as it is. Their
- inet_addr() functions seems to use &255 on all numericals in a ipv4 dotted
- address which makes a different failure... Now I've modified the IPv4
- resolve code to use inet_pton() instead in an attempt to make these systems
- better detect this as a bad IP address rather than creating a toally bogus
- address that is then passed on and used.
-
-Daniel (15 March 2005)
-- Dan Fandrich made the code properly use the uClibc's version of
- inet_ntoa_r() when built with it.
-
-- Added test 237 and 238: test EPSV and PASV response handling when they get
- well- formated data back but using illegal values. In 237 PASV gets an IP
- address that is way bad. In 238 EPSV gets a port that is way out of range.
-
-Daniel (14 March 2005)
-- Added a few missing features to the curl-config --features list
-
-- Modified testcurl.pl to now offer
- 1 - command line options for all info it previously only read from
- file: --name, --email, --desc and --configure
- 2 - --nocvsup makes it not attempt to do cvs update
- 3 - --crosscompile informs it and makes it not attempt things it can't do
-
-- Fixed numerous win32 compiler warnings.
-
-- Removed the lib/security.h file since it shadowed the mingw/win32 header
- with the same name which is needed for SSPI builds. The contents of the
- former security.h is now i krb4.h
-
-- configure --enable-sspi now enables SSPI in the build. It only works for
- windows builds (including cross-compiles for windows).
-
-Daniel (12 March 2005)
-- David Houlder added --form-string that adds that string to a multipart
- formpost part, without special characters having special meanings etc like
- --form features.
-
-Daniel (11 March 2005)
-- curl_version_info() returns the feature bit CURL_VERSION_SSPI if it was
- built with SSPI support.
-
-- Christopher R. Palmer made it possible to build libcurl with the
- USE_WINDOWS_SSPI on Windows, and then libcurl will be built to use the
- native way to do NTLM. SSPI also allows libcurl to pass on the current user
- and its password in the request.
-
-Daniel (9 March 2005)
-- Dan F improved the SSL lib setup in configure.
-
-- Nodak Sodak reported a crash when using a SOCKS4 proxy.
-
-- Jean-Marc Ranger pointed out an embarassing debug printf() leftover in the
- multi interface code.
-
-- Adjusted the man page for the curl_getdate() return value for dates after
- year 2038. For 32 bit time_t it returns 0x7fffffff but for 64bit time_t it
- returns either the correct value or even -1 on some systems that still seem
- to not deal with this properly. Tor Arntsen found a 64bit AIX system for us
- that did the latter. Gwenole Beauchesne's Mandrake patch put the lights on
- this problem in the first place.
-
-Daniel (8 March 2005)
-- Dominick Meglio reported that using CURLOPT_FILETIME when transferring a FTP
- file got a Last-Modified: header written to the data stream, corrupting the
- actual data. This was because some conditions from the previous FTP code was
- not properly brought into the new FTP code. I fixed and I added test case
- 520 to verify. (This bug was introduced in 7.13.1)
-
-- Dan Fandrich fixed the configure --with-zlib option to always consider the
- given path before any standard paths.
-
-Daniel (6 March 2005)
-- Randy McMurchy was the first to report that valgrind.pm was missing from the
- release archive and thus 'make test' fails.
-
-Daniel (5 March 2005)
-- Dan Fandrich added HAVE_FTRUNCATE to several config-*.h files.
-
-- Added test case 235 that makes a resumed upload of a file that isn't present
- on the remote side. This then converts the operation to an ordinary STOR
- upload. This was requested/pointed out by Ignacio Vazquez-Abrams.
-
- It also proved (and I fixed) a bug in the newly rewritten ftp code (and
- present in the 7.13.1 release) when trying to resume an upload and the
- servers returns an error to the SIZE command. libcurl then loops and sends
- SIZE commands infinitely.
-
-- Dan Fandrich fixed a SSL problem introduced on February 9th that made
- libcurl attempt to load the whole random file to seed the PRNG. This is
- really bad since this turns out to be using /dev/urandom at times...
-
-Version 7.13.1 (4 March 2005)
-
-Daniel (4 March 2005)
-- Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activate
- the cookie "engine" without having to provide an empty or non-existing file.
-
-- Rene Rebe fixed a -# crash when more data than expected was retrieved.
-
-Daniel (22 February 2005)
-- NTLM and ftp-krb4 buffer overflow fixed, as reported here:
- http://www.securityfocus.com/archive/1/391042 and the CAN report here:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490
-
- If these security guys were serious, we'd been notified in advance and we
- could've saved a few of you a little surprise, but now we weren't.
-
-Daniel (19 February 2005)
-- Ralph Mitchell reported a flaw when you used a proxy with auth, and you
- requested data from a host and then followed a redirect to another
- host. libcurl then didn't use the proxy-auth properly in the second request,
- due to the host-only check for original host name wrongly being extended to
- the proxy auth as well. Added test case 233 to verify the flaw and that the
- fix removed the problem.
-
-Daniel (18 February 2005)
-- Mike Dobbs reported a mingw build failure due to the lack of
- BUILDING_LIBCURL being defined when libcurl is built. Now this is defined by
- configure when mingw is used.
-
-Daniel (17 February 2005)
-- David in bug report #1124588 found and fixed a socket leak when libcurl
- didn't close the socket properly when returning error due to failing
- localbind
-
-Daniel (16 February 2005)
-- Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"
- that picks NTLM. Thanks to David Byron letting me test NTLM against his
- servers, I could quickly repeat and fix the problem. It turned out to be:
-
- When libcurl POSTs without knowing/using an authentication and it gets back
- a list of types from which it picks NTLM, it needs to either continue
- sending its data if it keeps the connection alive, or not send the data but
- close the connection. Then do the first step in the NTLM auth. libcurl
- didn't send the data nor close the connection but simply read the
- response-body and then sent the first negotiation step. Which then failed
- miserably of course. The fixed version forces a connection if there is more
- than 2000 bytes left to send.
-
-Daniel (14 February 2005)
-- The configure script didn't check for ENGINE_load_builtin_engines() so it
- was never used.
-
-Daniel (11 February 2005)
-- Removed all uses of strftime() since it uses the localised version of the
- week day names and month names and servers don't like that.
-
-Daniel (10 February 2005)
-- Now the test script disables valgrind-testing when the test suite runs if
- libcurl is built shared. Otherwise valgrind only tests the shell that runs
- the wrapper-script named 'curl' that is a front-end to curl in this case.
- This should also fix the huge amount of reports of false positives when
- valgrind has identified leaks in (ba)sh and not in curl and people report
- that as curl bugs. Bug report #1116672 is one example.
-
- Also, the valgrind report parser has been adapted to check that at least one
- of the sources in a stack strace is one of (lib)curl's source files or
- otherwise it will not consider the problem to concern (lib)curl.
-
-- Marty Kuhrt streamlined the VMS build.
-
-Daniel (9 February 2005)
-- David Byron fixed his SSL problems, initially mentioned here:
- https://curl.haxx.se/mail/lib-2005-01/0240.html. It turned out we didn't use
- SSL_pending() as we should.
-
-- Converted lots of FTP code to a statemachine, so that the multi interface
- doesn't block while communicating commands-responses with an FTP server.
-
- I've added a comment like BLOCKING in the code on all spots I could find
- where we still have blocking operations. When we change curl_easy_perform()
- to use the multi interface, we'll also be able to simplify the code since
- there will only be one "internal interface".
-
- While doing this, I've now made CURLE_FTP_ACCESS_DENIED separate from the
- new CURLE_LOGIN_DENIED. The first one is now access denied to a function,
- like changing directory or retrieving a file, while the second means that we
- were denied login.
-
- The CVS tag 'before_ftp_statemachine' was set just before this went in, in
- case of future need.
-
-- Gisle made the DICT code send CRLF and not just LF as the spec says so.
-
-Daniel (8 February 2005)
-- Gisle fixed problems when libcurl runs out of memory, and worked on making
- sure the proper error code is returned for those occations.
-
-Daniel (7 February 2005)
-- Maruko pointed out a problem with inflate decompressing exactly 64K
- contents.
-
-Daniel (5 February 2005)
-- Eric Vergnaud found a use of an uninitialised variable in the ftp when doing
- PORT on IPv6-enabled hosts.
-
-- David Byron pointed out we could use BUFSIZE to read data (in
- lib/transfer.c) instead of using BUFSIZE -1.
-
-Version 7.13.0 (1 February 2005)
-
-Daniel (31 January 2005)
-- Added Lars Nilsson's htmltitle.cc example
-
-Daniel (30 January 2005)
-- Fixed a memory leak when using the multi interface and the DO operation
- failed (as in test case 205).
-
-- Fixed a valgrind warning for file:// operations.
-
-- Fixed a valgrind report in the url globbing code for the curl command line
- tool.
-
-- Bugfixed the parser that scans the valgrind report outputs (in runtests.pl).
- I noticed that it previously didn't detect and report the "Conditional jump
- or move depends on uninitialised value(s)" error. When I fixed this, I
- caught a few curl bugs with it. And then I had to spend time to make the
- test suite IGNORE these errors when OpenSSL is used since it produce massive
- amounts of valgrind warnings (but only of the "Conditional..." kind it
- seems). So, if a test that requires SSL is run, it ignores the
- "Conditional..." errors, and you'll get a "valgrind PARTIAL" output instead
- of "valgrind OK".
-
-Daniel (29 January 2005)
-- Using the multi interface, and doing a requsted a re-used connection that
- gets closed just after the request has been sent failed and did not re-issue
- a request on a fresh reconnect like the easy interface did. Now it does!
-
-- Define CURL_MULTIEASY when building libcurl (lib/easy.c to be exact), to use
- my new curl_easy_perform() that uses the multi interface to run the
- request. It is a great testbed for the multi interface and I believe we
- shall do it this way for real in the future when we have a successor to
- curl_multi_fdset(). I've used this approach to detect and fix several of the
- recent multi-interfaces issues.
-
-- Adjusted the KNOWN_BUGS #17 fix a bit more since the FTP code also did some
- bad assumptions.
-
-- multi interface: when a request is denied due to "Maximum redirects
- followed" libcurl leaked the last Location: URL.
-
-- Connect failures with the multi interface was often returned as "connect()
- timed out" even though the reason was different.
-
-Daniel (28 January 2005)
-- KNOWN_BUGS #17 fixed. A DNS cache entry may not remain locked between two
- curl_easy_perform() invokes. It was previously unlocked at disconnect, which
- could mean that it remained locked between multiple transfers. The DNS cache
- may not live as long as the connection cache does, as they are separate.
-
- To deal with the lack of DNS (host address) data availability in re-used
- connections, libcurl now keeps a copy of the IP adress as a string, to be
- able to show it even on subsequent requests on the same connection.
-
- The problem could be made to appear with this stunt:
-
- 1. create a multi handle
- 2. add an easy handle
- 3. fetch a URL that is persistent (leaves the connection alive)
- 4. remove the easy handle from the multi
- 5. kill the multi handle
- 6. create a multi handle
- 7. add the same easy handle to the new multi handle
- 8. fetch a URL from the same server as before (re-using the connection)
-
-- Stephen More pointed out that CURLOPT_FTPPORT and the -P option didn't work
- when built IPv6-enabled. I've now made a fix for it. Writing test cases for
- custom port hosts turned too tricky so unfortunately there's none.
-
-Daniel (25 January 2005)
-- Ian Ford asked about support for the FTP command ACCT, and I discovered it
- is present in RFC959... so now (lib)curl supports it as well. --ftp-account
- and CURLOPT_FTP_ACCOUNT set the account string. (The server may ask for an
- account string after PASS have been sent away. The client responds
- with "ACCT [account string]".) Added test case 228 and 229 to verify the
- functionality. Updated the test FTP server to support ACCT somewhat.
-
-- David Shaw contributed a fairly complete and detailed autoconf test you can
- use to detect libcurl and setup variables for the protocols the installed
- libcurl supports: docs/libcurl/libcurl.m4
-
-Daniel (21 January 2005)
-- Major FTP third party transfer overhaul.
-
- These four options are now obsolete: CURLOPT_SOURCE_HOST,
- CURLOPT_SOURCE_PATH, CURLOPT_SOURCE_PORT (this option didn't work before)
- and CURLOPT_PASV_HOST.
-
- These two options are added: CURLOPT_SOURCE_URL and CURLOPT_SOURCE_QUOTE.
-
- The target-side didn't use the proper path with RETR, and thus this only
- worked correctly in the login path (i.e without doing any CWD). The source-
- side still uses a wrong path, but the fix for this will need to wait. Verify
- the flaw by using a source URL with included %XX-codes.
-
- Made CURLOPT_FTPPORT control weather the target operation should use PORT
- (or not). The other side thus uses passive (PASV) mode.
-
- Updated the ftp3rdparty.c example source to use the updated options.
-
- Added support for a second FTP server in the test suite. Named... ftp2.
- Added test cases 230, 231 and 232 as a few first basic tests of very simple
- 3rd party transfers.
-
- Changed the debug output to include 'target' and 'source' when a 3rd party
- is being made, to make it clearer what commands/responses came on what
- connection.
-
- Added three new command line options: --3p-url, --3p-user and --3p-quote.
-
- Documented the command line options and the curl_easy_setopt options related
- to third party transfers.
-
- (Temporarily) disabled the ability to re-use an existing connection for the
- source connection. This is because it needs to force a new in case the
- source and target is the same host, and the host name check is trickier now
- when the source is identified with a full URL instead of a plain host name
- like before.
-
- TODO (short-term) for 3rd party transfers: quote support. The options are
- there, we need to add test cases to verify their functionality.
-
- TODO (long-term) for 3rd party transfers: IPv6 support (EPRT and EPSV etc)
- and SSL/TSL support.
-
-Daniel (20 January 2005)
-- Philippe Hameau found out that -Q "+[command]" didn't work, although some
- code was written for it. I fixed and added test case 227 to verify it.
- The curl.1 man page didn't mention the '+' so I added it.
-
-Daniel (19 January 2005)
-- Stephan Bergmann made libcurl return CURLE_URL_MALFORMAT if an FTP URL
- contains %0a or %0d in the user, password or CWD parts. (A future fix would
- include doing it for %00 as well - see KNOWN_BUGS for details.) Test case
- 225 and 226 were added to verify this
-
-- Stephan Bergmann pointed out two flaws in libcurl built with HTTP disabled:
-
- 1) the proxy environment variables are still read and used to set HTTP proxy
-
- 2) you couldn't disable http proxy with CURLOPT_PROXY (since the option was
- disabled). This is important since apps may want to disable HTTP proxy
- without actually knowing if libcurl was built to disable HTTP or not.
-
- Based on Stephan's patch, both these issues should now be fixed.
-
-Daniel (18 January 2005)
-- Cody Jones' enhanced version of Samuel D�az Garc�a's MSVC makefile patch was
- applied.
-
-Daniel (16 January 2005)
-- Alex aka WindEagle pointed out that when doing "curl -v dictionary.com", curl
- assumed this used the DICT protocol. While guessing protocols will remain
- fuzzy, I've now made sure that the host names must start with "[protocol]."
- for them to be a valid guessable name. I also removed "https" as a prefix
- that indicates HTTPS, since we hardly ever see any host names using that.
-
-Daniel (13 January 2005)
-- Inspired by Martijn Koster's patch and example source at
- http://www.greenhills.co.uk/mak/gentoo/curl-eintr-bug.c, I now made the
- select() and poll() calls properly loop if they return -1 and errno is
- EINTR. glibc docs for this is found here:
-
https://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html
-
- This last link says BSD doesn't have this "effect". Will there be a problem
- if we do this unconditionally?
-
-Daniel (11 January 2005)
-- Dan Torop cleaned up a few no longer used variables from David Phillips'
- select() overhaul fix.
-
-- Cyrill Osterwalder posted a detailed analysis about a bug that occurs when
- using a custom Host: header and curl fails to send a request on a re-used
- persistent connection and thus creates a new connection and resends it. It
- then sent two Host: headers. Cyrill's analysis was posted here:
- https://curl.haxx.se/mail/archive-2005-01/0022.html
-
-- Bruce Mitchener identified (bug report #1099640) the never-ending SOCKS5
- problem with the version byte and the check for bad versions. Bruce has lots
- of clues on this, and based on his suggestion I've now removed the check of
- that byte since it seems to be able to contain 1 or 5.
-
-Daniel (10 January 2005)
-- Pavel Orehov reported memory problems with the multi interface in bug report
- #1098843. In short, a shared DNS cache was setup for a multi handle and when
- the shared cache was deleted before the individual easy handles, the latter
- cleanups caused read/writes to already freed memory.
-
-- Hzhijun reported a memory leak in the SSL certificate code, that leaked the
- remote certificate name when it didn't match the used host name.
-
-Gisle (8 January 2005)
-- Added Makefile.Watcom files (src/lib). Updated Makefile.dist.
-
-Daniel (7 January 2005)
-- Improved the test script's valgrind log parser to actually work! Also added
- the ability to disable the log scanner for specific test cases. Test case
- 509 results in numerous problems and leaks in OpenSSL and has to get it
- disabled.
-
-Daniel (6 January 2005)
-- Fixed a single-byte read out of bounds in test case 39 in the curl tool code
- (i.e not in the library).
-
-- Bug report #1097019 identified a problem when doing -d "data" with -G and
- sending it to two URLs with {}. Added test 199 to verify the fix.
-
-Daniel (4 January 2005)
-- Marty Kuhrt adjusted a VMS build script slightly
-
-- Kai Sommerfeld and Gisle Vanem fixed libcurl to build with IPv6 support on
- Win2000.
-
-Daniel (2 January 2005)
-- Alex Neblett updated the MSVC makefiles slightly.
-Daniel (25 December 2004)
-- Removed src/config.h.in from CVS, it is now copied from the (generated)
- lib/config.h.in instead, as they can very well be the same. This removes a
- "manual hassle". You may want to re-run buildconf now.
-
-- Werner Koch filed Debian bug report #286794, mentioning that curl contained
- non-free (by Debian's view) source code. This was Angus Mackay's
- src/getpass.c source code. I tried to contact him about it to quickly solve
- this issue, but his email addresses bounce and I got some time "over" and
- reimplemented the functionality once brought by Angus. We no longer use any
- of Angus' original code and the new function is much simpler (IMO). Issue
- solved.
-
-Daniel (24 December 2004)
-- David Shaw added --protocols to curl-config, so that it now lists all
- protocols libcurl was built to support. --feature no longer lists disabled
- protocols.
-
-Daniel (23 December 2004)
-- David Shaw fixed the configure --disable-[protocol] variables so that
- curl-config --feature now works correctly!
-
-Daniel (22 December 2004)
-- Rune Kleveland fixed a minor memory leak for received cookies with the
- (rare) version attribute set.
-
-- Marcin Konicki provided two configure fixes and a source fix to make curl
- build out-of-the-box on BeOS.
-
-Daniel (21 December 2004)
-- Added test case 217 that verified CURLINFO_HTTP_CONNECTCODE, and I made the
- -w option support 'http_connect' to make it easier to verify!
-
-- Fixed lib/select.c include order to build fine on FreeBSD
-
-- Fixed failf()'s reuse of the va_list variable that crashed on FreeBSD.
- Pointed out by Peter Pentchev.
-
-Version 7.12.3 (20 December 2004)
-
-Daniel (19 December 2004)
-- I investigated our PKCS12 build problem on Solaris 2.7 with OpenSSL 0.9.7e,
- and it turned out to be the fault of the zlib 1.1.4 headers doing a typedef
- named 'free_func' and the OpenSSL headers have a prototype that uses
- 'free_func' in one of its arguments. This is why the compile errors out.
-
- In other words, we need to include the openssl/pkcs12.h header before the
- zlib.h header and it builds fine. The configure script now checks for this
- file and it then gets included early in lib/urldata.h.
-
-Daniel (18 December 2004)
-- Samuel Listopad added support for PKCS12 formatted certificates.
-
-- Samuel Listopad fixed -E to support "C:/path" (with forward slash) as well.
-
-Daniel (16 December 2004)
-- Gisle found and fixed a problem in the directory re-use for FTP.
-
- I added test case 215 and 216 to better verify the functionality.
-
-- Dinar in bug report #1086121, found a file handle leak when a multipart
- formpost (including a file upload part) was aborted before the whole file
- was sent.
-
-Daniel (15 December 2004)
-- Tom Lee found out that globbing of strings with backslashes didn't work as
- you'd expect. Backslashes are such a central part of windows file names that
- forcing backslashes to have to be escaped with backslashes is a bit too
- awkward to users. Starting now, you only need to escape globbing characters
- such as the five letters: "[]{},". Added test case 214 to verify this.
-
-Daniel (14 December 2004)
-- Harshal Pradhan patched a HTTP persistent connection flaw: if the user name
- and/or password were modified between two requests on a persistent
- connection, the second request were still made with the first setup!
-
- I added test case 519 to verify the fix.
-
-Daniel (13 December 2004)
-- Gisle added CURLINFO_SSL_ENGINES to curl_easy_getinfo() to allow an app
- to list all available crypto ENGINES.
-
-- Gisle fixed bug report #1083542, which pointed out a problem with resuming
- large file (>4GB) file:// transfers on windows.
-
-Daniel (11 December 2004)
-- Made the test suite HTTP server (sws) capable of using IPv6, and then
- extended the test environment to support that and also added three test
- cases (240, 241, 242) that run tests using IPv6. Test 242 uses a URL that
- didn't work before the 10 dec fix by Kai Sommerfeld.
-
-- Made a failed file:// resume output an error message
-
-- Corrected the CURLE_BAD_DOWNLOAD_RESUME error message in lib/strerror.c
-
-- Dan Fandrich:
-
- simplified and consolidated the SSL checks in configure and the usage of the
- defines in lib/setup.h
-
- provided a first libcurl.pc.in file for pkg-config (but the result is not
- installed anywhere at this point)
-
- extended the cross compile section in the docs/INSTALL file
-
-Daniel (10 December 2004)
-- When providing user name in the URL and a IPv6-style IP-address (like in
- "ftp://address@hidden::1]/tmp";), the URL parser didn't get the host extracted
- properly. Reported and fixed by Kai Sommerfeld.
-
-Daniel (9 December 2004)
-- Ton Voon provided a configure fix that should fix the notorious (mostly
- reported on Solaris) problem where the size_t check fails due to the SSL
- libs being found in a dir not searched through by the run-time linker.
- patch-tracker entry #1081707.
-
-- Bryan Henderson pointed out in bug report #1081788 that the curl-config
- --vernum output wasn't zero prefixed properly (as claimed in documentation).
- This is fixed in maketgz now.
-
-Daniel (8 December 2004)
-- Matt Veenstra updated the mach-O framework files for Mac OS X.
-
-- Rene Bernhardt found and fixed a buffer overrun in the NTLM code, where
- libcurl always and unconditionally overwrote a stack-based array with 3 zero
- bytes. This is not an exploitable buffer overflow. No need to get alarmed.
-
-Daniel (7 December 2004)
-- Fixed so that the final error message is sent to the verbose info "stream"
- even if no errorbuffer is set.
-
-Daniel (6 December 2004)
-- Dan Fandrich added the --disable-cookies option to configure to build
- libcurl without cookie support. This is mainly useful if you want to build a
- minimalistic libcurl with no cookies support at all. Like for embedded
- systems or similar.
-
-- Richard Atterer fixed libcurl's way of dealing with the EPSV
- response. Previously, libcurl would re-resolve the host name with the new
- port number and attempt to connect to that, while it should use the IP from
- the control channel. This bug made it hard to EPSV from an FTP server with
- multiple IP addresses!
-
-Daniel (3 December 2004)
-- Bug report #1078066: when a chunked transfer was pre-maturely closed exactly
- at a chunk boundary it was not considered an error and thus went unnoticed.
- Fixed by Maurice Barnum.
-
- Added test case 207 to verify.
-
-Daniel (2 December 2004)
-- Fixed the CONNECT loop to default timeout to 3600 seconds.
-
- Added test case 206 that makes CONNECT with Digest.
-
- Fixed a flaw that prepended "(nil)" to the initial CONNECT rqeuest's user-
- agent field.
-
-Daniel (30 November 2004)
-- Dan Fandrich's fix for libz 1.1 and "extra field" usage in a gzip stream
-
-- Dan also helped me with input data to create three more test cases for the
- --compressed option.
-
-Daniel (29 November 2004)
-- I improved the test suite to enable binary contents in the tests (by proving
- it base64 encoded), like for testing decompress etc. Added test 220 and 221
- for this purpose. Tests can now also depend on libz to run.
-
-- As reported by Reinout van Schouwen in Mandrake's bug tracker bug 12285
- (http://qa.mandrakesoft.com/show_bug.cgi?id=12285), when connecting to an
- IPv6 host with FTP, --disable-epsv (or --disable-eprt) effectively disables
- the ability to transfer a file. Now, when connected to an FTP server with
- IPv6, these FTP commands can't be disabled even if asked to with the
- available libcurl options.
-
-Daniel (26 November 2004)
-- As reported in Mandrake's bug tracker bug 12289
- (http://qa.mandrakesoft.com/show_bug.cgi?id=12289), curl would print a
- newline to "finish" the progress meter after each redirect and not only
- after a completed transfer.
-
-Daniel (25 November 2004)
-- FTP improvements:
-
- If EPSV, EPRT or LPRT is tried and doesn't work, it will not be retried on
- the same server again even if a following request is made using a persistent
- connection.
-
- If a second request is made to a server, requesting a file from the same
- directory as the previous request operated on, libcurl will no longer make
- that long series of CWD commands just to end up on the same spot. Note that
- this is only for *exactly* the same dir. There is still room for improvements
- to optimize the CWD-sending when the dirs are only slightly different.
-
- Added test 210, 211 and 212 to verify these changes. Had to improve the
- test script too and added a new primitive to the test file format.
-
-Daniel (24 November 2004)
-- Andr�s Garc�a fixed the configure script to detect select properly when run
- with Msys/Mingw on Windows.
-
-Daniel (22 November 2004)
-- Made HTTP PUT and POST requests no longer use HEAD when doing multi-pass
- auth negotiation (NTLM, Digest and Negotiate), but instead use the request
- keyword "properly". Details in lib/README.httpauth. This also introduces
- CURLOPT_IOCTLFUNCTION and CURLOPT_IOCTLDATA, to be used by apps that use the
- "any" auth alternative as then libcurl may need to send the PUT/POST data
- more than once and thus may need to ask the app to "rewind" the read data
- stream to start.
-
- See also the new example using this: docs/examples/anyauthput.c
-
-- David Phillips enhanced test 518. I made it depend on a "feature" so that
- systems without getrlimit() won't attempt to test 518. configure now checks
- for getrlimit() and setrlimit() for this test case.
-
-Daniel (18 November 2004)
-- David Phillips fixed libcurl to not crash anymore when more than FD_SETSIZE
- file descriptors are in use. Test case 518 added to verify.
-
-Daniel (15 November 2004)
-- To test my fix for the CURLINFO_REDIRECT_TIME bug, I added time_redirect and
- num_redirects support to the -w writeout option for the command line tool.
-
-- Wojciech Zwiefka found out that CURLINFO_REDIRECT_TIME didn't work as
- documented.
-
-Daniel (12 November 2004)
-- Gisle Vanem modigied the MSVC and Netware makefiles to build without
- libcurl.def
-
-- Dan Fandrich added the --disable-crypto-auth option to configure to allow
- libcurl to build without Digest support. (I figure it should also explicitly
- disable Negotiate and NTLM.)
-
-- *** Modified Behaviour Alert ***
-
- Setting CURLOPT_POSTFIELDS to NULL will no longer do a GET.
-
- Setting CURLOPT_POSTFIELDS to "" will send a zero byte POST and setting
- CURLOPT_POSTFIELDS to NULL and CURLOPT_POSTFIELDSIZE to zero will also make
- a zero byte POST. Added test case 515 to verify this.
-
- Setting CURLOPT_HTTPPOST to NULL makes a zero byte post. Added test case 516
- to verify this.
-
- CURLOPT_POSTFIELDSIZE must now be set to -1 to signal "we don't know".
- Setting it to zero simply says this is a zero byte POST.
-
- When providing POST data with a read callback, setting the size up front
- is now made with CURLOPT_POSTFIELDSIZE and not with CURLOPT_INFILESIZE.
-
-Daniel (11 November 2004)
-- Dan Fandrich added --disable-verbose to the configure script to allow builds
- without verbose strings in the code, to save some 12KB space. Makes sense
- only for systems with very little memory resources.
-
-- Jeff Phillips found out that a date string with a year beyond 2038 could
- crash the new date parser on systems with 32bit time_t. We now check for
- this case and deal with it.
-
-Daniel (10 November 2004)
-- I installed Heimdal on my Debian box (using the debian package) and noticed
- that configure --with-gssapi failed to create a nice build. Fixed now.
-
-Daniel (9 November 2004)
-- Gisle Vanem marked all external function calls with CURL_EXTERN so that now
- the Windows, Netware and other builds no longer need libcurl.def or similar
- files.
-
-Daniel (8 November 2004)
-- Made the configure script check for tld.h if libidn was detected, since
- libidn 0.3.X didn't have such a header and we don't work with anything
- before libidn 0.4.1 anyway! Suse 9.1 apparently ships with a 0.3.X version
- of libidn which makes the curl 7.12.2 build fail. Jean-Philippe
- Barrette-LaPierre helped pointing this out.
-
-- Ian Gulliver reported in debian bug report #278691: if curl is invoked in an
- environment where stderr is closed the -v output will still be sent to file
- descriptor 2 which then might be the network socket handle! Now we have a
- weird hack instead that attempts to make sure that file descriptor 2 is
- opened (with a call to pipe()) before libcurl is called to do the transfer.
- configure now checks for pipe() and systems without pipe don't get the weird
- hack done.
-
-Daniel (5 November 2004)
-- Tim Sneddon made libcurl send no more than 64K in a single first chunk when
- doing a huge POST on VMS, as this is a system limitation. Default on general
- systems is 100K.
-
-Daniel (4 November 2004)
-- Andres Garcia made it build on mingw againa, my --retry code broke the build.
-
-Daniel (2 November 2004)
-- Added --retry-max-time that allows a maximum time that may not have been
- reached for a retry to be made. If not set there is no maximum time, only
- the amount of retries set with --retry.
-
-- Paul Nolan provided a patch to make libcurl build nicely on Windows CE.
-
-Daniel (1 November 2004)
-- When cross-compiling, the configure script no longer attempts to use
- pkg-config on the build host in order to detect OpenSSL compiler options.
-
-Daniel (27 October 2004)
-- Dan Fandrich:
-
- An improvement to the gzip handling of libcurl. There were two problems with
- the old version: it was possible for a malicious gzip file to cause libcurl
- to leak memory, as a buffer was malloced to hold the header and never freed
- if the header ended with no file contents. The second problem is that the
- 64 KiB decompression buffer was allocated on the stack, which caused
- unexpectedly high stack usage and overflowed the stack on some systems
- (someone complained about that in the mailing list about a year ago).
-
- Both problems are fixed by this patch. The first one is fixed when a recent
- (1.2) version of zlib is used, as it takes care of gzip header parsing
- itself. A check for the version number is done at run-time and libcurl uses
- that feature if it's present. I've created a define OLD_ZLIB_SUPPORT that
- can be commented out to save some code space if libcurl is guaranteed to be
- using a 1.2 version of zlib.
-
- The second problem is solved by dynamically allocating the memory buffer
- instead of storing it on the stack. The allocation/free is done for every
- incoming packet, which is suboptimal, but should be dwarfed by the actual
- decompression computation.
-
- I've also factored out some common code between deflate and gzip to reduce
- the code footprint somewhat. I've tested the gzip code on a few test files
- and I tried deflate using the freshmeat.net server, and it all looks OK. I
- didn't try running it with valgrind, however.
-
-- Added a --retry option to curl that takes a numerical option for the number
- of times the operation should be retried. It is retried if a transient error
- is detected or if a timeout occurred. By default, it will first wait one
- second between the retries and then double the delay time between each retry
- until the delay time is ten minutes which then will be the delay time
- between all forthcoming retries. You can set a static delay time with
- "--retry-delay [num]" where [num] is the number of seconds to wait between
- each retry.
-
-Daniel (25 October 2004)
-- Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on a
- file that was already completely downloaded caused an error, while it
- doesn't if you don't use --fail! I added test case 194 to verify the fix.
- Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in
- libcurl v8 due to all the kludges needed to support it.
-
-- Mohun Biswas found out that formposting a zero-byte file didn't work very
- good. I fixed.
-
-Daniel (19 October 2004)
-- Alexander Krasnostavsky made it possible to make FTP 3rd party transfers
- with both source and destination being the same host. It can be useful if
- you want to move a file on a server or similar.
-
-- Guillaume Arluison added CURLINFO_NUM_CONNECTS to allow an app to figure
- out how many new connects a previous transfer required.
-
- I added %{num_connects} to the curl tool and added test case 192 and 193
- to verify the new code.
-
-Daniel (18 October 2004)
-- Peter Wullinger pointed out that curl should call setlocale() properly to
- initiate the specific language operations, to make the IDN stuff work
- better.
-
-Version 7.12.2 (18 October 2004)
-
-Daniel (16 October 2004)
-- Alexander Krasnostavsky made the CURLOPT_FTP_CREATE_MISSING_DIRS option work
- fine even for third party transfers.
-
-- runekl at opoint.com found out (and provided a fix) that libcurl leaked
- memory for cookies with the "max-age" field set.
-
-Gisle (16 October 2004)
-- Issue 50 in TODO-RELEASE; Added Traian Nicolescu's patches for threaded
- resolver on Windows. Plugged some potential handle and memory leaks.
-
-Daniel (14 October 2004)
-- Eric Vergnaud pointed out that libcurl didn't treat ?-letters in the user
- name and password fields properly in URLs, like
- ftp://us?er:address@hidden/. Added test 191 to verify the fix.
-
-Daniel (11 October 2004)
-- libcurl now uses SO_NOSIGPIPE for systems that support it (Mac OS X 10.2 or
- later is one) to inhibit the SIGPIPE signal when writing to a socket while
- the peer dies. The same effect is provide by the MSG_NOSIGNAL parameter to
- send() on other systems. Alan Pinstein verified the fix.
-
-Daniel (10 October 2004)
-- Systems with 64bit longs no longer use strtoll() or our strtoll- replacement
- to parse 64 bit numbers. strtol() works fine. Added a configure check to
- detect if [constant]LL works and if so, use that in the strtoll replacement
- code to work around compiler warnings reported by Andy Cedilnik.
-
-Gisle (6 October 2004)
-- For USE_LIBIDN builds: Added Top-Level-Domain (TLD) check of host-name
- used in fix_hostname(). Checks if characters in 'host->name' (indirectly
- via 'ace_hostname') are legal according to the TLD tables in libidn.
-
-Daniel (6 October 2004)
-- Chih-Chung Chang reported that if you use CURLOPT_RESUME_FROM and enabled
- CURLOPT_FOLLOWLOCATION, libcurl reported error if a redirect happened even
- if the new URL would provide the resumed file. Test case 188 added to verify
- the fix (together with existing test 99).
-
-- Dan Fandrich fixed a configure flaw for systems that need both nsl and socket
- libs to use gethostbyname().
-
-- Removed tabs and trailing whitespace from lots of source files.
-
-Daniel (5 October 2004)
-- Made configure --with-libidn=PATH try the given PATH before the default
- paths to make it possible to override.
-
-- If idna_strerror() is present in libidn, we can use that instead of our
- internal replacement. This function was added by Simon in libidn 0.5.6 and
- is detected by configure.
-
-- It seems basename() on IRIX is in the libgen library and since we don't use
- that, configure finds libgen.h but not basename and then we get a compiler
- error because our basename() replacement doesn't match the proto in
- libgen.h. Starting now, we don't include the file if basename wasn't found
- as well.
-
-Daniel (4 October 2004)
-- Chris found a race condition resulting in CURLE_COULDNT_RESOLVE_HOST and
- potential crash, in the windows threaded name resolver code.
-
-Daniel (3 October 2004)
-- Replaced the use of isspace() in cookie.c with our own version instead since
- we have most data as 'char *' and that makes us pass in negative values if
- there is 8bit data in the string. Changing to unsigned causes too much
- warnings or too many required typecasts to the normal string functions.
- Harshal Pradhan identified this problem.
-
-Daniel (2 October 2004)
-- Bertrand Demiddelaer found a case where libcurl could read already freed
- data when CURLOPT_VERBOSE is used and a (very) persistent connection. It
- happened when the dns cache entry for the connection was pruned while the
- connection was still alive and then again re-used. We worked together on
- this fix.
-
-- Gisle Vanem provided code that displays an error message when the (libidn
- based) IDN conversion fails. This is really due to a missing suitable
- function in the libidn API that I hope we can remove once libidn gets a
- function like this.
-
-Daniel (1 October 2004)
-- Aleksandar Milivojevic reported a problem in the Redhat bugzilla (see
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134133) and not to
- anyone involved in the curl project! This happens when you try to curl a
- file from a proftpd site using SSL. It seems proftpd sends a somewhat
- unorthodox response code (232 instead of 230). I relaxed the response code
- check to deal with this and similar cases.
-
-- Based on Fedor Karpelevitch's formpost path basename patch, file parts in
- formposts no longer include the path part. If you _really_ want them, you
- must provide your preferred full file name with CURLFORM_FILENAME.
-
- Added detection for libgen.h and basename() to configure. My custom
- basename() replacement function for systems without it, might be a bit too
- naive...
-
- Updated 6 test cases to make them work with the stripped paths.
-
-Daniel (30 September 2004)
-- Larry Campbell added CURLINFO_OS_ERRNO to curl_easy_getinfo() that allows an
- app to retrieve the errno variable after a (connect) failure. It will make
- sense to provide this for more failures in a more generic way, but let's
- start like this.
-
-- G�nter Knauf and Casey O'Donnell worked out an extra #if condition for the
- curl/multi.h header to work better in winsock-using apps.
-
-- Jean-Philippe Barrette-LaPierre made buildconf run better on Mac OS X by
- properly using glibtoolize instead of plain libtoolize. (This is made if
- glibtool was found and used instead of plain libtool.)
-
-Daniel (29 September 2004)
-- Bertrand Demiddelaer fixed curl_easy_reset() so that it doesn't mistakingly
- enable the progress meter.
-
-Daniel (28 September 2004)
-- "Mekonikum" found out that if you built curl without SSL support, although
- your current SSL installation supports Engine, the compile fails.
-
-Daniel (27 September 2004)
-- When --with-ssl=PATH is used to the configure script, it no longer uses
- pkg-config to figure out extra details. That is now only done if no PATH is
- included or if SSL is checked for by default without the --with-ssl option.
-
-Daniel (25 September 2004)
-- Peter Sylvester pointed out that CURLOPT_SSLENGINE couldn't even be set to
- NULL when no engine was supported. It can now.
-
-Daniel (22 September 2004)
-- Dan Fandrich fixed three test cases to no longer use "localhost" but instead
- use "127.0.0.1" to avoid requiring that localhost resolves nicely.
-
-- Jean-Claude Chauve fixed an LDAP crash when more than one record was
- retrieved.
-
-Daniel (19 September 2004)
-- Andreas Rieke pointed out that when attempting to connect to a host without
- a service on the specified port, curl_easy_perform() didn't properly provide
- an error message in the CURLOPT_ERRORBUFFER buffer.
-
-Daniel (16 September 2004)
-- Daniel at touchtunes uses the FTP+SSL server "BSDFTPD-SSL from
- http://bsdftpd-ssl.sc.ru/"; which accordingly doesn't properly work with curl
- when "AUTH SSL" is issued (although the server responds fine and everything)
- but requires that curl issues "AUTH TLS" instead. See
- https://curl.haxx.se/feedback/display.cgi?id=10951944937603&support=yes
-
- Introducing CURLOPT_FTPSSLAUTH that allows the application to select which
- of the AUTH strings to attempt first.
-
-- Anonymous filed bug report #1029478 which identified a bug when you 1) used
- a URL without properly seperating the host name and the parameters with a
- slash. 2) the URL had parameters to the right of a ? that contains a slash
- 3) curl was told to follow Location:s 4) the request got a response that
- contained a Location: to redirect to "/dir". curl then appended the new path
- on the wrong position of the original URL.
-
- Test case 187 was added to verify that this was fixed properly.
-
-Daniel (11 September 2004)
-- Added parsedate.c that contains a rewrite of the date parser currently
- provided by getdate.y. The new one is MUCH smaller and will allow us to run
- away from the yacc/bison jungle. It is also slightly lacking in features
- compared to the old one, but it supports parsing of all date formats HTTP
- involves (and a fair bunch of others).
-
-Daniel (10 September 2004)
-- As found out by Jonas Forsman, curl didn't allow -F to set Content-Type on
- text-parts. Starting now, we can do -F "name=daniel;type=text/extra". Added
- test case 186 to verify.
-
-- Bug report #1025986. When following a Location: with a custom Host: header
- replacement, curl only replaced the Host: header on the initial request
- and didn't replace it on the following ones. This resulted in requests with
- two Host: headers.
-
- Now, curl checks if the location is on the same host as the initial request
- and then continues to replace the Host: header. And when it moves to another
- host, it doesn't replace the Host: header but it also doesn't make the
- second Host: header get used in the request.
-
- This change is verified by the two new test cases 184 and 185.
-
-Daniel (8 September 2004)
-- Modified the test suite to be able to use and run with customized port
- numbers. This was always intended but never before possible. Now a simple
- change in the runtests.pl script can make all tests use different ports.
- The default ports in use from now on are 8990 to 8993.
-
-Daniel (2 September 2004)
-- Minor modification of an SSL-related error message.
-
-Daniel (31 August 2004)
-- David Tarendash found out that curl_multi_add_handle() returned
- CURLM_CALL_MULTI_PERFORM instead of CURLM_OK.
-
-Daniel (30 August 2004)
-- Make "Proxy-Connection: close" close the current proxy connection, as Roman
- Koifman found out.
-
-Daniel (24 August 2004)
-- Fixed a getdate problem by post-replacing the getdate.c file after the
- bison/yacc process to add the fix Harshal Pradhan suggested. The problem
- caused a crash on Windows when parsing some dates.
-
-Daniel (23 August 2004)
-- Roman Koifman pointed out that libcurl send Expect: 100-continue on POSTs
- even when told to use HTTP 1.0, which is not correct. Test case 180 and
- 181 verify this.
-
-- Added test case 182 to verify that zero byte transfers call the callback
- properly.
-
-Daniel (20 August 2004)
-- Alexander Krasnostavsky made the write callback get called even when a zero
- byte file is downloaded.
-
-Daniel (18 August 2004)
-- Ling Thio pointed out that when libcurl is built IPv6-enabled, it still did
- reverse DNS lookups when fed with a numerical IP-address (like
- http://127.0.0.1/), although it doesn't when built IPv6-disabled. libcurl
- should never do reverse lookups.
-
-Daniel (17 August 2004)
-- Kjetil Jacobsen noticed that when transferring a file:// URL pointing to an
- empty file, libcurl would return with the file still open.
-
-- Alexander Krasnostavsky pointed out that the configure script needs to define
- _THREAD_SAFE for AIX systems to make libcurl built really thread-safe.
-
- Also added a check for the xlc compiler on AIX, and if that is detect we use
- the -qthreaded compiler option
-
-Daniel (16 August 2004)
-- libcurl now allows a custom "Accept-Encoding:" header override the
- internally set one that gets set with CURLOPT_ENCODING. Pointed out by Alex.
-
-- Roland Krikava found and fixed a cookie problem when using a proxy (the
- path matching was wrong). I added test case 179 to verify that we now do
- right.
-
-Daniel (15 August 2004)
-- Casey O'Donnell fixed some MSVC makefile targets to link properly.
-
-Daniel (11 August 2004)
-- configure now defines _XOPEN_SOURCE to 500 on systems that need it to build
- warning-free (the only known one so far is non-gcc builds on 64bit SGI
- IRIX). (Reverted this change later as it caused compiler errors.)
-
-- the FTP code now includes the server response in the error message when the
- server gives back a 530 after the password is provided, as it isn't
- necessary because of a bad user name or password.
-
-Version 7.12.1 (10 August 2004)
-
-Daniel (10 August 2004)
-- In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input is
- already UTF-8 encoded. This made the certificate verification fail if the
- remote server used a certificate with the name UTF-8 encoded.
-
- Work-around brought by Alexis S. L. Carvalho.
-
-Daniel (9 August 2004)
-- I fixed the configure script for krb4 to use -lcom_err as well, as I started
- to get link problems with it unless I did that on my Solaris 2.7 box. I
- don't understand why I started to get problems with this now!
-
-Daniel (5 August 2004)
-- Enrico Scholz fixed the HTTP-Negotiate service name to be uppercase as
- reported in bug report #1004105
-
-Daniel (4 August 2004)
-- Gisle Vanem provided a fix for the multi interface and connecting to a host
- using multiple IP (bad) addresses.
-
-- Dylan Salisbury made libcurl no longer accept cookies set to a TLD only (it
- previously allowed that on the seven three-letter domains).
-
-Daniel (31 July 2004)
-- Joel Chen reported that the digest code assumed quotes around the contents a
- bit too much.
-
-Daniel (28 July 2004)
-- Bertrand Demiddelaer fixed the host name to get setup properly even when a
- connection is re-used, when a proxy is in use. Previously the wrong Host:
- header could get sent when re-using a proxy connection to a different target
- host.
-
-- Fixed Brian Akins' reported problems with duplicate Host: headers on re-used
- connections. If you attempted to replace the Host: header in the second
- request, you got two such headers!
-
-- src/Makefile.am now includes the Makefile.inc file to get info about files
-
-Daniel (26 July 2004)
-- Made "curl [URL] -o name#2" work as expected. If there's no globbing for the
- #-number, it will simply be used as #2 in the file name.
-
-- Bertrand Demiddelaer fixed testing with valgrind 2.1.x and added two missing
- newlines in the cookie informationals.
-
-Daniel (24 July 2004)
-- I fixed the autobuilds with ares, since they now need to have buildconf run
- in the ares dir before the configure script is run.
-
-- Added Casey O'Donnell's curl_easy_reset() function. It has a proto in
- curl/curl.h but we have no man page yet.
-
-Daniel (20 July 2004)
-- Added buildconf and buildconf.bat to the release archives, since they are
- handy for rebuilding curl when using a daily snapshot (and not a pure CVS
- checkout).
-
-Daniel (16 July 2004)
-- As suggested by Toby Peterson, libcurl now ignores Content-Length data if the
- given size is a negative number. Test case 178 verifies this.
-
-Daniel (14 July 2004)
-- G�nter Knauf has made the Netware builds do without the config-netware.h
- files, so they are now removed from the dist packages.
-
-- G�nter Knauf made curl and libcurl build with Borland again.
-
-- Andres Garcia fixed the common test 505 failures on windows.
-
-Daniel (6 July 2004)
-- Andr�s Garc�a found out why the windows tests failed on file:// "uploads".
-
-Daniel (2 July 2004)
-- Andr�s Garc�a reported a curl_share_cleanup() crash that occurs when no
- lock/unlock callbacks have been set and the share is cleaned up.
-
-Daniel (1 July 2004)
-- When using curl --trace or --trace-ascii, no trace messages that were sent
- by curl_easy_cleanup() were included in the trace file. This made the
- message "Closing connection #0" never appear in trace dumps.
-
-Daniel (30 June 2004)
-- Niels van Tongeren found that setting CURLOPT_NOBODY to TRUE doesn't disable
- a previously set POST request, making a very odd request get sent (unless
- you disabled the POST) a HEAD request with a POST request-body. I've now
- made CURLOPT_NOBODY enforce a proper HEAD. Added test case 514 for this.
-
-Daniel (29 June 2004)
-- G�nter Knauf made the testcurl.pl script capable of using a custom setup
- file to easier run multiple autobuilds on the same source tree.
-
-- Gisle fixed the djgpp build and fixed a memory problem in some of the
- reorged name resolved code.
-
-- Fixed code to allow connects done using the multi interface to attempt the
- next IP when connecting to a host that resolves to multiple IPs and a
- connect attempt fails.
-
-Daniel (27 June 2004)
-- Based on Rob Stanzel's bug report #979480, I wrote a configure check that
- checks if poll() can be used to wait on NULL as otherwise select() should be
- used to do it. The select() usage was also fixed according to his report.
-
- Mac OS X 10.3 says "poll() functionality for Mac OS X is implemented via an
- emulation layer on top of select(), not in the kernel directly. It is
- recommended that programs running under OS X 10.3 prefer select() over
- poll(). Configure scripts should look for the _POLL_EMUL_H_ define (instead
- of _POLL_H_ or _SYS_POLL_H_) and avoid implementations where poll is not
- implemented in the kernel."
-
- Yes, we can probably use select() on most platforms but today I prefered to
- leave the code unaltered.
-
-Daniel (24 June 2004)
-- The standard curl_version() string now only includes version info about
- involved libraries and not about particular features. Thus it will no longer
- include info about IPv6 nor GSS. That info is of course still available in
- the feature bitmask curl_version_info() offers.
-
-- Replaced all occurances of sprintf() with snprintf(). This is mostly because
- it is "A Good Thing" rather than actually fixing any known problem. This
- will help preventing future possible mistakes to cause buffer overflows.
-
-- Major reorganization in the host resolve code (again). This time, I've
- modified the code to now always use a linked list of Curl_addrinfo structs
- to return resolved info in, no matter what resolver method or support that
- is available on the platform. It makes it a lot easier to write code that
- uses or depends on resolved data.
-
- Internally, this means amongst other things that we can stop doing the weird
- "increase buffer size until it works" trick when resolving hosts on
- IPv4-only with gethostbyname_r(), we support socks even on libcurls built
- with IPv6 enabled (but only to socks servers that resolve to an IPv4
- address) and we no longer deep-copy or relocate hostent structs (we create
- Curl_addrinfo chains instead).
-
- The new "hostent to Curl_addrinfo" converter function is named Curl_he2ai()
- and is slightly naive and simple, yet I believe it is functional enough to
- work for libcurl.
-
-Daniel (22 June 2004)
-- David Cohen pointed out that RFC2109 says clients should allow cookies to
- contain least 4096 bytes while libcurl only allowed 2047. I raised the limit
- to 4999 now and made the used buffer get malloc()ed instead of simply
- allocated on stack as before. Extended test case 46 to include a cookie with
- very huge content to verify the fix.
-
-- G�nter Knauf fixed getdate.y to remove a few warnings. I removed the
- ifdef'ed test we never ever use anyway.
-
-- Gisle Vanem fixed the certificate wildcard checks to support a '*'-letter
- anywhere in the wildcard string, support multiple '*'-letters in the
- wildcard and to allow the '*'-letter to match a string that includes a dot.
-
-Daniel (21 June 2004)
-- testcurl.sh is now removed completely, tests/testcurl.pl is the script to
- use when autobuilding curl!
-
-- Kjetil Jacobsen brought my attention to the fact that you cannot properly
- abort an upload with the readfunction callback, since returning 0 or -1 only
- stops the upload and libcurl will continue waiting for downloaded data and
- the server often waits for the rest of the upload data to arrive.
-
- Thus, I've now added the ability for read callbacks to return
- CURL_READFUNC_ABORT to abort an upload from a read callback. This will stop
- the transfer immediately with a CURLE_ABORTED_BY_CALLBACK return code.
-
- Test case 513 was added to verify that it works. I had to improve the test
- HTTP server too to dump the request to a file even when the client
- disconnects prematurely.
-
-Daniel (19 June 2004)
-- Luca Alteas provided a test case with a failing curl operation: when we POST
- to a site with --digest (or similar) set, and the server responded with a 302
- Location: to the "authprobe" request, it was not treated correctly. We still
- will behave badly if FOLLOWLOCATION is enabled for this case, but I'm not
- in the mood to dive into this right now and will leave it as-is for now.
- Verified my fix with test case 177.
-
-Daniel (18 June 2004)
-- Gisle Vanem's patch that provides more details from the SSL layers (if you
- use an OpenSSL version that supports it). It also introduces two new types
- of data that can be sent to the debug callback: CURLINFO_SSL_DATA_IN and
- CURLINFO_SSL_DATA_OUT.
-
-- With David Byron's test server I could repeat his problem and make sure that
- POSTing over HTTPS:// with NTLM works fine now. There was a general problem
- with multi-pass authentication with non-GET operations with CONNECT.
-
-Daniel (16 June 2004)
-- Modified to keep the upload byte counter in an curl_off_t, not an int as
- before. 32bits is not enough. This is most likely the bug Jean-Louis Lemaire
- reported that makes 2GB FTP uploads to report error ("unaligned file sizes")
- when completed.
-
-Daniel (15 June 2004)
-- Luca Alteas reported a problem that I fixed: if you did a POST with
- CURLAUTH_DIGEST set but the server didn't require any authentication,
- libcurl would repeatedly send HEAD lots of times until it gives up. This was
- actually the case for all multi-pass authentications. Added test case 174,
- 175 and 176 to verify this.
-
-Daniel (14 June 2004)
-- Multipart formposts uploading files no longer inserts the files themselves
- into the huge prebuilt chunk. This enables libcurl to formpost files that is
- larger than the amount of system memory. When the file given is passed on
- stdin, libcurl still uses the old method of reading the full fill before the
- upload takes place. This approach was selected in order to not alter the
- behavior for existing applications, as when using stdin libcurl can't know
- the size of the upload and chunked transfer-encoding can only be used on
- HTTP 1.1 servers.
-
-Daniel (13 June 2004)
-- Gisle found out that we did wildcard cert name checks wrong, so that parts
- of the check wrongly was case sensitive.
-
-Daniel (11 June 2004)
-- Tim Sneddon brought a minor VMS fix to make curl build properly on his VMS
- machine. He also had some interesting libcurl patches... they might be able
- to do in a slightly nicer way. Discussions are in progress.
-
-Daniel (10 June 2004)
-- Gisle Vanem brought code cleanupsm better verbose output and better connect
- timeout handling when attempting to connect to a host that resolves to
- multiple IP addresses.
-
-- Steven Bazyl and Seshubabu Pasam pointed out a bug on win32 when freeing the
- path after a file:// transfer.
-
-Daniel (9 June 2004)
-- Alexander Krasnostavsky made 'configure --disable-http' work to build libcurl
- without HTTP support. I added a new return code for curl_formadd() in case
- libcurl is built with HTTP disable: CURL_FORMADD_DISABLED.
-
-- Alexander Krasnostavsky pointed out a missing file in the generated
- curllib.dsp file, and now people building with this should get a libcurl.lib
- file generated as it used to do before we generated this file.
-
-Daniel (8 June 2004)
-- Marty Kuhrt fixed a minor build problem for VMS.
-
-Daniel (7 June 2004)
-- Reverted the configure check from the 4th since it obviously didn't work.
- Remade it in a different manner that hopefully works better.
-
-Daniel (4 June 2004)
-- G�nter Knauf brought patches to make curl build fine on NetWare again.
-
-- Made the configure checks for strerror_r() not exit the configure script
- when built for cross-compiling.
-
-Daniel (3 June 2004)
-- Chris Gaukroger pointed out that 'make test' attempts to run the tests even
- if curl is built cross-compiled. I've now made it output a short message
- instead, saying it isn't possible to do.
-
-- Alexander Krasnostavsky brought FTP 3rd party transfer support to libcurl.
- You can now use libcurl to transfer files between two remote hosts using
- FTP. There are a bunch of new options to control this with:
- CURLOPT_SOURCE_HOST
- CURLOPT_SOURCE_USERPWD
- CURLOPT_SOURCE_PATH
- CURLOPT_SOURCE_PORT
- CURLOPT_PASV_HOST
- CURLOPT_SOURCE_PREQUOTE
- CURLOPT_SOURCE_POSTQUOTE
-
- (They still remain to be documented properly in the curl_easy_setopt man
- page.)
-
- When using this, the ordinary CURLOPT_URL specifies the target URL, and you
- specify the source data with these additional options. ftp3rdparty.c is a
- new example source code showing how to use this.
-
-- Vincent Bronner fixed the HTTP Digest code to use the proxy user name and
- password when doing proxy authentication, it previously always used the host
- user name and password!
-
-Daniel (2 June 2004)
-- CURLOPT_UPLOAD and CURLOPT_PUT now do the exact same thing internally, which
- fixes some old confusions on when which of these should be used and what the
- differences are.
-
-- Applied Gisle's fixes to make curl build fine with lcc-win32
-
-Version 7.12.0 (2 June 2004)
-
-Daniel (1 June 2004)
-- I clarified the --create-dirs option somewhat in the curl man page.
-
-- Renaud Duhaut corrected the curl_unescape man page.
-
-- David Byron modified one of Massimiliano Ziccardi's recent MSVC makefile
- changes to now again use the mm lib by default.
-
-Daniel (26 May 2004)
-- Mohun Biswas added release-zlib and debug-zlib targets to the MSVC libcurl
- Makefile
-
-- David Byron reported a problem with proxy authentication when doing CONNECT,
- like when accessing HTTPS sites wiht a proxy. This probably broke when I
- rewrote the auth stuff recently.
-
-- I added fileupload.c in the examples directory, showing how an upload to a
- file:// URL is made.
-
-Daniel (25 May 2004)
-- Massimiliano Ziccardi updated the MSVC makefiles.
-
-Daniel (24 May 2004)
-- libcurl now supports "uploading" to file:// URLs. Test 204 and 205 were
- added to verify.
-
-- Simon Josefsson added a idn_free() function in libidn 0.4.5 as a reaction to
- Gisle's previous mail. We now use this function, and thus we require libidn
- 0.4.5 or later. No earlier version will do.
-
-- Robert D. Young reported that CURLOPT_COOKIEFILE and CURLOPT_COOKIE could
- not be used both in one request. Fixed it and added test case 172 to verify.
-
-Daniel (21 May 2004)
-- While talking to host a.b.c, libcurl did wrongly not accept cookies that
- were set to the domain .a.b.c (that is with a dot prefix). This is now fixed
- and test case 171 verifies it.
-
-Daniel (20 May 2004)
-- Jesse Noller reported that the upload speed info reported by libcurl was
- wrong. The same was true for the download speed. Fixed now.
-
-Daniel (19 May 2004)
-- David Byron added test case 170 - this used to crash the previous version of
- curl.
-
-Daniel (17 May 2004)
-- Peter Sylvester's patch that addresses two flaws in the peer certificate
- name verification:
- o when multiple common names are used (as in the curl tests), the last name
- needs to be selected.
- o allow comparing with encoded values, at least with BMP and ISO latin1
- encoded T61strings.
-
-- All 191 test cases run through the torture test OK! 'make test-torture' is
- now available in the root makefile (on configure-based environments).
-
-Daniel (14 May 2004)
-- With a slightly modified ftpserver.pl I've now run almost all tests through
- with runtests.pl -t. This is goodness!
-
-- Since I have been unable to contact the CVS admins for several months, I've
- decided that the current CVS hosting was not good enough. I've now moved the
- CVS repo once again, see README for updated cvs checkout instructions.
-
-Daniel (13 May 2004)
-- runtests.pl -t now runs fine all the way to test 100. I believe test case
- 100 fails because of an FTP server problem.
-
-Daniel (12 May 2004)
-- General cleanups all over to make libcurl survive and do well when a memory
- function returns NULL. runtests.pl -t now works fine for the first 26 test
- cases.
-
-Daniel (11 May 2004)
-- Seshubabu Pasam provided a patch that introduces curl_global_init_mem() -
- like normal curl_global_init() but allows the app to replace all memory
- functions with its own set. I modified it slightly.
-
-- Based on Luca Alteas' comments, I modified the curllib.dsp generation code.
-
-Daniel (10 May 2004)
-- Gisle mailed Simon Josefsson (of libidn fame) about the benefits of a
- separate free()-function by that lib to make sure the memory is freed by the
- same memory subsystem that allocated it. He responded positively and this
- will likely cause us to require a newer version of libidn as soon as Simon
- releases one with such a libidn_free() function.
-
-- James Bursa made runtests.pl's -t option work for any given test case, and I
- edited to allow -g too. Not even test case 1 worked...
-
-- Luca Altea made the nc= field not use quotes in outgoing HTTP Digest headers.
-
-- Andr�s Garc�a fixed a problem in the test script that made it fail to
- recognize our own running HTTP server.
-
-Daniel (7 May 2004)
-- James Bursa fixed the memanalyze.pl script to conder malloc(0) areas OK to
- free() and he made two failed-resolve error messages use the new display-
- name instead of the internally-used name.
-
-- Gisle Vanem tried curl with
- www.etdomenenavnkanmaksimaltinneholdesekstitrebokstaversliksomdette.com
- which caused problems, and I fixed the single zero byte buffer overwrite
- that occurred (due to a stupid protocol buffer size and parser).
-
-- Made the lib/curllib.dsp file get generated automaticly when a distribution
- package is made, with the msvcproj.* files as templates and all
- win32-sources added. I think this can be made to work better than the always
- lagging-behind previous approach. I'm not sure this builds a working project
- file right now though!
-
-Daniel (6 May 2004)
-- Michael Benedict brought a fix that fills in the errorbuffer properly when
- ares fails to resolve a name for a case not previously dealt with like this.
-
-Daniel (5 May 2004)
-- Joe Halpin fixed the annoying typecast warning in lib/ldap.c
-
-- Gisle Vanem fixes:
- o memdebug to not access NULL on several places
- o libcurl.def; curl_formparse is gone.
- o progress.c; fixed the percent values being trunced to 0.
- o if2ip.*; constified the 'interface' argument.
-
-- Tor Arntsen reported that many of his autobuilds froze and I found and fixed
- a problem introduced with the HTTP auth overhaul that could lead to a
- never-ending internal request-loop due to un-initialized variables!
-
-- Removed several compiler warnings on various compilers/platforms.
-
-Daniel (4 May 2004)
-- curl_formparse() has been removed from the library. It has been marked and
- mentioned as deprecated for several years.
-
-Daniel (3 May 2004)
-- Rewritten HTTP authentication code. The previous code could not properly
- deal with the added test cases 167, 168 and 169. I've now rewritten the code
- to better separate host and proxy authentication and not re-use the same
- variables as much as before as it proved non working in the more involved
- cases. All the current tests run OK now, and so do the new ones. The curl
- tool got a new option named --proxy-digest to enable HTTP Digest
- authentication with the proxy. I also made the library support it.
-
-- Gisle Vanem made the LDAP code work with wldap32.dll as supplied with
- Win-98/ME/2000/XP, so no extra .dlls are required when curl/libcurl is used
- on these Windows versions.
-
-Daniel (30 April 2004)
-- runtests.pl now scans the valgrind log for valgrind-detected memory leaks
- after each test case if valgrind was found and used.
-
-- I modified the app-code in curl to include the new lib/curlx.h and only
- access those functions using the curlx_-prefix in preparation for the future
- removal of several curl_-functions from the public libcurl API.
-
-- Introduced lib/curlx.h as a single header to provide the curlx_-functions
- to apps.
-
-- Added notices in the man pages for curl_getenv, curl_mprintf, curl_strequal
- and curl_strnequal that they are subject for removal in a future release.
- STOP USING THESE FUNCTIONS.
-
-- Mihai Ionescu noticed he couldn't do formposts with whitespace in the file
- names and yes, I broke that on April 23. Sigh. I fixed it now and added
- test case 166 to verify it.
-
-- Luca Altea pointed out a mistake left from the Digest patch of yesterday.
-
-Daniel (29 April 2004)
-- Made IDN domains work when sending requsts over HTTP proxy as well. Added
- test case 165 to verify the functionality.
-
-- Fixed a bug in the new internal host name setup when re-using connections.
-
-- James Bursa found out that curl_easy_duphandle() with ares-built libcurl
- created a bad handle that would crash in the first name resolve attempt. This
- is now fixed and test case 512 was added to verify it.
-
-- Luca Altea provided a major HTTP Digest code fix and cleanup. We now follow
- the Digest RFC a lot better.
-
-- Gisle Vanem made the SSL code use ERR_error_string_n() where applicable.
-
-Daniel (27 April 2004)
-- I remodeled Gisle's IDN code slightly and now we convert both the host name
- and proxy name to the ACE encoded version to use internally for resolves and
- cookies etc. They are now using one 'struct hostname' each that keep both
- the original name and the possibly encoded name. IDN resolves work for me
- now using IPv6, IPv4 and ares resolving. Even cookies on IDN sites seem to
- do right. I got some failures at first when CHARSET wasn't set at all which
- confused libidn completely and it decided by encoding of choice was
- 'ANSI_X3.4-1968'...
-
-- made 'configure --without-libidn' work
-
-Daniel (25 April 2004)
-- Fixed the src/hugehelp.c file to include "setup.h" instead of "config.h" to
- make the problems with USE_MANUAL on windows go away.
-
-- configure --without-ssl could still wrongly include some OpenSSL info in the
- Makefiles if pkg-config had info about OpenSSL. Bug #941762 reported by
- Martin.
-
-- Since we can now build and use quite a large set of 3rd party libraries, I
- decided I would make configure produce a summary at the end showing what
- libraries it uses and if not, what option to use to make it use that. I also
- added some other random info that is nice in a "configure summary" output.
-
-- Applied TommyTam's patch that now make curl work with telnet and stdin
- properly on Windows.
-
-- The changes for today below were made by me and Gisle Vanem.
-
- The file previously known as hostip.c has now undergone a huge cleanup and
- split:
-
- hostip.c explained
- ==================
-
- The main COMPILE-TIME DEFINES to keep in mind when reading the host*.c
- source file are these:
-
- CURLRES_IPV6 - this host has getaddrinfo() and family, and thus we use
- that. The host may not be able to resolve IPv6, but we don't really have to
- take that into account. Hosts that aren't IPv6-enabled have CURLRES_IPV4
- defined.
-
- CURLRES_ARES - is defined if libcurl is built to use c-ares for asynchronous
- name resolves. It cannot have ENABLE_IPV6 defined at the same time, as
- c-ares has no IPv6 support. This can be Windows or *nix.
-
- CURLRES_THREADED - is defined if libcurl is built to run under (native)
- Windows, and then the name resolve will be done in a new thread, and the
- supported asynch API will be the same as for ares-builds.
-
- If any of the two previous are defined, CURLRES_ASYNCH is defined too. If
- libcurl is not built to use an asynchronous resolver, CURLRES_SYNCH is
- defined.
-
- The host*.c sources files are split up like this:
-
- hostip.c - method-independent resolver functions and utility functions
- hostasyn.c - functions for asynchronous name resolves
- hostsyn.c - functions for synchronous name resolves
- hostares.c - functions for ares-using name resolves
- hostthre.c - functions for threaded name resolves
- hostip4.c - IPv4 specific functions
- hostip6.c - IPv6 specific functions
-
- The hostip.h is the single united header file for all this. It defines the
- CURLRES_* defines based on the config*.h and setup.h defines.
-
-- Added function header comments to many functions in an attempt to better
- explain the purpose of them all.
-
-- configure --with-libidn is now supported. It makes the configure script
- check for libidn libs and include files in the prefix path given. If you
- say --with-libidn=/usr/local, it will check for the lib in /usr/local/lib
- and the includes in /usr/local/include etc.
-
-- curl_version_info() now returns a struct aged CURLVERSION_THIRD including
- libidn version info. The string curl_version() returns also includes libidn
- version info, if available.
-
-Version 7.11.2 (26 April 2004)
-
-Daniel (25 April 2004)
-- Erwin Authried pointed out that configure --disable-manual didn't do right
- if you already had a src/hugehelp.c source file present (which most people
- do I guess). It now uses the USE_MANUAL define properly.
-
-Daniel (23 April 2004)
-- Gisle Vanem found and fixed a memory leak when doing (failing) Windows
- threaded name resolves.
-
-- I also added test case 163 just to make sure -F "var=<file" works fine and
- can pass on characters such as newlines, carriage-return and tabs.
-
-- When we added test case 162 without adding the necessary requirement field
- in the test meta data we could see that curl didn't complain if you used
- --proxy-ntlm even if the underlying libcurl it uses has no NTLM support! I
- now made it check this first, and it now exists with a "the installed
- libcurl version doesn't support this" message if it happens again.
-
-Daniel (22 April 2004)
-- David Byron found and fixed a small bug with the --fail and authentication
- stuff added a few weeks ago. Turns out that if you specify --proxy-ntlm and
- communicate with a proxy that requires basic authentication, the proxy
- properly returns a 407, but the failure detection code doesn't realize it
- should give up, so curl returns with exit code 0. Test case 162 added to
- verify the functionality.
-
-- allow newlines in the contents when doing -F "var=[contents]"
- Robert Marlow reported.
-
-- If a transfer is found out to be only partial, libcurl will now treat that
- as a problem serious enough to skip the final QUIT command before closing
- the control connection. To avoid the risk that it will "hang" waiting for
- the QUIT response. Added test case 161 to verify this.
-
-Daniel (21 April 2004)
-- Modified the heuristics for dealing with the test 160 scenario. When a
- connection is re-used and nothing at all is received from it (because the
- server closes the connection), we will now retry the request on a fresh new
- connection. The previous ECONNRESET stuff from January 30 was removed again
- as it didn't detect the situation good enough.
-
-Daniel (20 April 2004)
-- Added test case 160 to verify that curl works correctly when it gets a
- connection reset when trying to re-use a connection. It should then simply
- create a new connection and resend the request.
-
-Daniel (19 April 2004)
-- No more 512 byte limit for host name (inclusing name + password) in libcurl.
- An added bonus is that we use less memory for the typical (shorter URL)
- case.
-
-- Cleaned up the sources to better use the terms 'hostname' and 'path'
- internally when referring to that data. The buffers used for keep that info
- is called 'namebuffer' and 'pathbuffer'. Much easier to read and understand
- than the previous mess.
-
-Daniel (15 April 2004)
-- Modified runtests.pl again to remove all log files in the log/ dir between
- each test, and then made -p display all non-zero byte files in the log dir.
- It should make that data more usable and contain less rubbish.
-
-- ftpserver.pl now produces log files more similar to how the sws ones look
- and they now also contains a bit more details to help debugging ftp
- problems.
-
-- Removed the fixed maximum amount of dir levels the FTP code supported.
- Previously we had a fixed array for 100 levels, now we save space in each
- handle by allocating only for a few level by default and then enlarging that
- in case of need (with no maximum depth). Adjusted test case 142 to verify
- that 150 dir levels work fine. An added bonus is that we use less memory
- for the typical (not very deep) case.
-
-Daniel (14 April 2004)
-- Asking for CURL_IPRESOLVE_V6 when IPv6 addresses can't be resolved will
- now cause the resolve function to return NULL immediately. This flaw was
- pointed out by Gisle Vanem.
-
-- Gisle Vanem made curl -4/-6 actually set the desired option to libcurl.
-
-- runtests.pl now has a new option (-p) that will display "interesting" log
- files to stdout in case of a test failure. This is primarily intended to be
- used in the 'full-test' make target that is used by the autobuild tests, as
- we then get a much better chance to understand (remote) test failures based
- on autobuild logs alone.
-
-Daniel (13 April 2004)
-- Gisle Vanem made the multi interface work again on Windows even when built
- without ares. Before this, select() would return -1 during the name resolve
- phase since curl_multi_fdset() didn't return any fd_set at all which wasn't
- appreciated!
-
-- curl_easy_duphandle() now duplicates the tcp_nodelay info as well.
-
-Daniel (11 April 2004)
-- Applied David Byron's patch for the MSVC libcurl makefile for builds with
- zlib.
-
-Daniel (9 April 2004)
-- Dirk Manske improved the timer resolution for CURLINFO_*_TIME, it can now
- be down to usec if the system sypports it.
-
-Daniel (7 April 2004)
-- A request that sends "Expect: 100-continue" and gets nothing but a single
- 100 response back will now return a CURLE_GOT_NOTHING. Test 158 verifies.
-
-- The strtoofft() macro is now named curlx_strtoofft() to use the curlx_*
- approach fully.
-
-Daniel (6 April 2004)
-- Gisle Vanem's fixed bug #927979 reported by Nathan O'Sullivan. The problem
- made libcurl on Windows leak a small amount of memory in each name resolve
- when not used as a DLL.
-
-- New authentication code added, particularly noticable when doing POST or PUT
- with Digest or NTLM. libcurl will now use HEAD to negotiate the
- authentication and when done perform the requested POST. Previously libcurl
- sent POST immediately and expected the server to reply a final status code
- with an error and then libcurl would not send the request-body but instead
- send then next request in the sequence.
-
- The reason for this change is due to IIS6 barfing on libcurl when we attempt
- to POST with NTLM authentication. The reason for the problems is found in
- RFC2616 section 8.2.3 regarding how servers should deal with the 100
- continue request-header:
-
- If it responds with a final status code, it MAY close the transport
- connection or it MAY continue to read and discard the rest of the
- request.
-
- Previous versions of IIS clearly did close the connection in this case,
- while this newer version decided it should "read and discard". That would've
- forced us to send the whole POST (or PUT) data only to have it discarded and
- then be forced to send it again. To avoid that huge penality, we switch to
- using HEAD until we are authenticated and then send the POST.
-
- The only actual drawback I can think of (except for the odd sites that might
- treat HEAD differently than they would treat POST/PUT when given the same
- URL) is that if you do POST with CURLAUTH_ANY set and the site requires NO
- authentication, libcurl will still use a HEAD in a first round and then do a
- POST.
-
- If you do a HEAD or a GET on a site using CURLAUTH_ANY, libcurl will send
- an un-authenticated request at once, which then is the only request if the
- site requires no auth.
-
- Alan Pinstein helped me work out the protocol details by figuring out why
- libcurl failed and what IIS6 expects.
-
-- The --limit-rate logic was corrected and now it works a lot better for
- higher speeds, such as '10m' or similar. Reported in bug report #930249.
-
-- Introducing curlx_tvnow() and curlx_tvdiff() using the new curlx_* fashion.
- #include "timeval.h" from the lib dir to get the protos etc. Note that
- these are NOT part of the libcurl API. The curl app simply uses the same
- source files as the library does and therefore the file needs to be compiled
- and linked with curl too, not just when creating libcurl.
-
-- lib/strerror.c no longer uses sys_nerr on non-windows platforms since it
- isn't portable enough
-
-Daniel (2 April 2004)
-- In the curl_strnqual.3 man page, we now prepend the man3 dir to the file
- name to work better. As pointed out by Robin Kay.
-
-- Andr�s Garc�a updated the mingw makefiles.
-
-- Dirk Manske fixed a problem I recently added in the progress meter code that
- broke subsecond resolution for CURLINFO_TOTAL_TIME. He also pointed out a
- mistake in the code that produces the final update of the progress meter
- that would often prevent it from actually being updated that final time.
-
-Daniel (1 April 2004)
-- Dirk Manske fixed a memory leak that happened when we use ares for name
- resolves and decides to time-out before ares does it. This fix uses the
- brand new ares_cancel() function which is not present in c-ares 1.1.0.
-
- When told to enable ares, the configure script now checks for presence of
- the ares_cancel function to alert users if they attempt to use a too old
- c-ares library.
-
-Daniel (31 March 2004)
-- Roy Shan fixed a flaw that prevented ares name resolve timeouts to occur!
-
-- Dirk Manske found out that libcurl timed out waiting for resolves far too
- easy when libcurl was built to use (c-)ares for name resolving.
-
-- Further Digest fixing and a successful test case 153 now makes me believe
- Mitz Wark's problems are fixed.
-
-- Andres Garcia figured out that test case 63, while working, only proved a
- flaw in libcurl's 'http_proxy' parser when a user name and password is
- provided. The user name was not extracted properly (and 'http' was always
- used as user name).
-
-- Andr�s Garc�a fixed compiler warnings in our ioctlsocket() usage.
-
-Daniel (30 March 2004)
-- Joe Halpin faced problems with the getnameinfo() argument ai_flags and the
- particular bit named 'NI_WITHSCOPEID' on Solaris 9 for Intel. I've now
- written a configure test that checks for a working NI_WITHSCOPEID
- implemenation. No code uses the result from this test yet, it is still
- experimental. James Carlson wrote in comp.unix.solaris: "It's a bug
- (5006623) -- it's not supported and shouldn't be in the header file."
-
-- I provided Mitz Wark with a first patch in order to fix libcurl's problems
- to re-negotiate Digest authentication (when 'stale=true' is included in the
- response header).
-
-- Roy Shan discovered that the multi interface didn't properly timeout name
- lookups which could make handles get stuck in that state and thus never get
- completed. I've produced a first test patch that attempts to correct this.
-
-- David Byron's patch was appplied to make CURLOPT_FAILONERROR work nicely
- even with authentcations such as NTLM or Digest enabled. Test cases 150, 151
- and 152 were added to verify the functionality.
-
-Daniel (29 March 2004)
-- Gisle Vanem updated files for the djgpp/MS-DOS build.
-
-- Andr�s Garc�a helped me work out a fix for the runtests.pl script to make
- the file:// tests run fine when tested with the mingw-built version of curl.
-
-- Fixed an include issue with netinet/tcp.h on AIX, based on input by Tor.
- This also required a minor fix of the configure script.
-
-- The postit2.c source example used the wrong struct name for the post data.
-
-Daniel (26 March 2004)
-- Gisle Vanem improved IPv6 support on Windows by making the curl build use
- the correct getaddrinfo() function.
-
-Daniel (25 March 2004)
-- It turned out that AIX, despite having a "thread-safe libc", doesn't offer
- all traditional functions thread-safe. This URL is informative on this
- subject:
-
- http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/aixprggd/ \
- genprogc/thread_quick_ref.htm
-
- As a result of this, we now check for three *_r() functions on recent AIX
- versions as well that the URL mentions aren't thread-safe in AIX 5.1.
-
-- renamed curl_strerror.[ch] to strerror.[ch]
-
-- Joe Halpin added CURLOPT_TCP_NODELAY and --tcp-nodelay to make it possible
- for users to disable the Nagle algorthim-usage.
-
-- Tor Arntsen provided some interesting strerror_r() knowledge. glibc has its
- own API which differs from the POSIX one. Daniel adjusted the configure
- script to detect the version in use, and the code now uses the new defines
- accordingly.
-
-- Fixed some build flaws with the new lib/curl_strerror.c source file.
-
-Daniel (24 March 2004)
-- Gisle Vanem's fix to replace the bad use of strerror(). This introduces
- Curl_strerror() that attempts to be thread-safe _and_ works on Windows too!
-
-- Tor Arntsen spell-fixed lots of libcurl man pages.
-
-- Tor Arntsen made testcurl.pl work with older perl 5 versions, and Daniel
- made it not use chdir .. to go back, as that isn't very good when you've
- setup a testdir containing symlinks.
-
-- Added a check for strerror_r() in the configure script.
-
-Daniel (23 March 2004)
-- Added Greg Hewgill's testcurl.pl script to CVS. We have not moved over to
- use this script for the real distributed testing just yet, but it is only
- a matter of time.
-
-- Gisle Vanem provided code that makes curl report a better error message
- if --interface fails on windows.
-
-- The regular progress meter is now fixed to never wrap due to long lines. All
- fields are now static sized. If the time in the time fields get a time value
- that would represent a time that is 100 hours or more (if not, it remains
- using a HH:MM:SS display), it switches first to a "NNNd NNh" display (for
- days and hours) and if that isn't enough it switches to a "NNNd" display if
- it is more than 999 days.
-
- Several of the calculations were also moved to fixed-point math instead of
- using doubles.
-
-Daniel (22 March 2004)
-- Glen Nakamura noticed CURLINFO_CONTENT_LENGTH_DOWNLOAD didn't work as it
- used to do if CURLOPT_NOBODY is set TRUE.
-
-- Kevin Roth patched the cygwin package makefile and README to adjust to
- new cygwin packaging guidelines.
-
-- Enabled "NT responses" in the NTLM authentication. Doing this simply means
- that we provide an extra chunk of data in each "type-3 message". The only
- reason for doing this is that it seems that using only the "Lanmanager hash"
- (as we've been doing until now) doesn't support passwords longer than 14
- characters and it turns out there are users out there who want to use
- libcurl and NTLM with such passwords! ;-) Seven NTLM-related test cases were
- updated accordingly. Mentioned as issue 29 in TODO-RELEASE, bug report
- #915609
-
-- Moved the generated libcurl version info to a new header file, named
- curl/curlver.h. Now interested parties can include ONLY version info, should
- anyone want that (and it seems at least some windows resource files would).
- Mentioned as issue 27 in TODO-RELEASE.
-
-Daniel (21 March 2004)
-- Fixed the root Makefile to use tabs for the netware target. G�nter Knauf
- pointed this out.
-
-- Marty Kuhrt's VMS cleanup
-
-- Thomas Schwinge made buildconf recognize ACLOCAL_FLAGS to invoke aclocal
- with particular pre-determined options.
-
-Version 7.11.1 (19 March 2004)
-
-Daniel (18 March 2004)
-- Tor Arntsen brought some info about SGI IRIX:
-
- IRIX supports 3 different executable/object formats, -32, -n32 and -64.
- -n32 is default 32-bit format, -32 is the "old" 32-bit format, and -64 is
- the 64-bit format. Libraries for the different formats are in lib, lib32
- and lib64 respectively.
-
- We've now adjusted the configure script to adapt to this when scanning for
- 3rd party libs, such as OpenSSL.
-
-Daniel (17 March 2004)
-- Watz pointed out a few missing files in the MSVC project description file.
-
-- G�nter Knauf brought patches, code and makefiles to build curl on Novell
- NetWare.
-
-Daniel (15 March 2004)
-- Lots of libcurl man pages were updated to contain references to other man
- pages the recognized way so that they appear as nice hyperlinks in the HTML
- versions.
-
-- buildconf now checks the m4 version too, since autoconf requires a GNU m4
- version to build proper configure scripts.
-
-Daniel (12 March 2004)
-- Added CURLOPT_POSTFIELDSIZE_LARGE, the large file version of
- CURLOPT_POSTFIELDSIZE to allow POSTs larger than 2GB.
-
-- David Byron fixed an uninitialized variable case/crash.
-
-Daniel (10 March 2004)
-- Jeff Lawson fixed the SSL connection to deal with received signals during the
- connect.
-
-- Changed the OS string for win32 to become "i386-pc-win32".
-
-Daniel (9 March 2004)
-- Changed the internals to use curl_socket_t for socket variable type. This
- should enable us to build with less warnings on Windows, where SOCKET is
- used which is an unsigned int, while most other platforms use a mere int.
-
-- Modified lib/config-win32.h to build fine on MSVC again.
-
-Version 7.11.1-pre1 (8 March 2004)
-
-Daniel (8 March 2004)
-- Minor fix to make curl CURL_VERSION_LARGEFILE is only set if curl_off_t is
- larger than 4 bytes.
-
-Daniel (4 March 2004)
-- Improved PUT/POST with NTLM/Digest authentication, the so called issue 12.
-
-- Modified the test HTTP server a lot to work with the upcoming changes for
- PUT/POST with NTLM/Digest authentication (like test case 88). Added Andr�s
- Garc�a's win32-changes. Improved the logging.
-
-- Fixed the file:-related progress/getinfo stuff a bit more.
-
-Daniel (4 March 2004)
-- I corrected a problem with the multi interface when following a Location:
- header or when doing multiple-request authentications. A subsequent request
- could erroneously re-use a previous connection that was sent with
- Connection: close. Christopher R. Palmer reported.
-
-- Andr�s Garc�a patched curl to prevent warnings while compiling with mingw,
- mainly because it is now possible to have both WIN32 and HAVE_CONFIG_H
- defined.
-
-- When transferring files from a file: URL, the progress meter and other
- transfer metrics were not updated properly.
-
-- David Byron provided a "version resource" file to the curl executable for
- the windows builds.
-
-Daniel (3 March 2004)
-- David Byron's work on making libcurl only require winsock 1.1 on Windows
- machines.
-
-- More variable cleanups based on compiler warnings generated by Tor Arntsen's
- autobuilds with MIPSPro.
-
-- Joe Halpin helped us fix some pedantic compiler warnings on FreeBSD.
-
-- Applied Tom Bates' patch to build on nsr-tandem-nsk.
-
-- Dan Fandrich corrected some flaws in the configure GSS detection.
-
-Daniel (2 March 2004)
-- Fixed the libcurl code to use FORMAT_OFF_T for printf() formatting
- curl_off_t types internally.
-
-Daniel (1 March 2004)
-- Added CURL_VERSION_LARGEFILE as a feature-bit in the curl_version_info()
- response, that signals if this libcurl supports >2GB files. curl -V now
- outputs 'Largefile' in the Features: field if this is the case. Most systems
- are likely to support this.
-
-- We offer a CURL_FORMAT_OFF_T define in the public header, which can be used
- to printf() curl_off_t variables. We also modified the libcurl sources to
- use this define instead of the previous %Od approach (although I've left the
- O-flag functional in the code). This should also prevent compilers to warn
- on the home-grown option.
-
-- Fixed the resume-check code to test for a working resume at the end of the
- headers and not at the first body-byte.
-
-- CURLOPT_DNS_USE_GLOBAL_CACHE is now considered obsolete. Stop using it. If
- you need a global DNS cache for whatever reason, use the share interface and
- you'll get a global cache that works the way it should work. You can even
- have any number of global caches, all at your command. This is now also
- mentioned in the docs.
-
-- Made the *printf code support the z-flag to enable size_t printf() in a
- manner similar to how glibc allows it. To make printfing of this work on
- platforms with 64bit size_t and 32bit ints. If there even are any! ;-)
-
-- Christopher R. Palmer discovered that if you CURLOPT_FRESH_CONNECT and
- CURLAUTH_NTLM (or CURLAUTH_ANY and libcurl then picked NTLM), libcurl would
- loop without succeeding to authenticate due to the new connection that was
- made for all round-trips in the authentication. Now, the FRESH_CONNECT is
- remade to only matter for the first connection made with curl_easy_perform()
- and all the rest that might follow due to FOLLOWLOCATION or HTTP
- authentication are now ignoring that option.
-
-- Adjusted the QUIT code slightly since it could core-dump.
-
-- Corrected the test suite's FTP server to provide a correct size to the
- 'verifiedserver' request.
-
-Daniel (27 February 2004)
-- Joe Halpin made the FTP code send QUIT on the control connection before
- disconnecting the TCP connection. This is what good-behaving ftp clients
- should do.
-
-Daniel (26 February 2004)
-- David Byron updated several files to make curl build fine on MSVC 6. He
- also added the 'buildconf.bat' that works like the 'buildconf + configure'
- combo does on unixes.
-
-- Gisle Vanem made the memdebug stuff support calloc() as well.
-
-- Tor Arntsen pointed out that testcurl.sh needed to remove the generated
- files in order to have them re-generated in each build.
-
-- Andy Serpa found out that the share interface did not enjoy life when not
- having the lock and unlock callbacks set, even though documented to be
- OK. It still is OK, and now the code won't segfault anymore!
-
-Daniel (25 February 2004)
-- Based on a patch by Greg Hewgill I modified how long long is used in the
- mprintf code, as we can use a 64bit type with MSVC that is a long long
- equivalent. This corrects some weird large file behaviors on windows.
-
-- Tor Arntsen helped me work out --enable-debug to work better with different
- versions of the gcc and icc compilers.
-
-- Added CURLOPT_SHARE to the curl_easy_setopt.3 man page.
-
-Daniel (22 February 2004)
-- Applied the final pieces of Gisle Vanem's patch that brings a working name
- resolve timeout to the windows versions of curl!
-
-Daniel (21 February 2004)
-- David Byron's fix to allow the speed-limit logic work even if you set
- limit-rate. It does work on the expense of the rate limiter.
-
-Daniel (20 February 2004)
-- configure --enable-debug with gcc now also tries to detect the icc compiler
- (which somehow gets treated as if it is a gcc) to stop using all the gcc
- options with it, and we also provide -isystem options for each extra -I
- option the configure script has figured out (for OpenSSL, kerberos, zlib,
- Heimdal etc). This of course to prevent warnings on headers we don't have
- control of.
-
-Daniel (19 February 2004)
-- Doug Porter made libcurl use the HOME environment variable before the
- getpwuid results when looking for .netrc files.
-
-- If 'configure --enable-debug' is used with gcc, it now checks which gcc
- version it is and uses as picky compiler options as possible for the
- particular version.
-
-- Code that can be used in both the lib and in the curl app is now made to use
- the curlx_ prefix. The first function to be available like this is the
- curlx_strtoll() function. This is made to allow the app to use existing code,
- but without polluting the libcurl API. Further explanations posted here:
-
- https://curl.haxx.se/mail/lib-2004-02/0215.html
-
-Daniel (18 February 2004)
-- Fixed buildconf to not use "which" as AIX and Tru64 have what have been
- referred to as "horribly broken 'which' programs".
-
-- Made sure dns cache timeout set to -1 really means caching forever.
-
-Daniel (17 February 2004)
-- Made it possibly to build c-ares with the libcurl memdebug system to better
- track memory.
-
-Daniel (16 February 2004)
-- When using ares, we now initialize the ares 'channel' in curl_easy_init()
- and re-use that same handle during the entire curl handle's life-time. It
- improves performance.
-
-- Fixed a problem when displaying verbose for IPv6-enabled libcurls and
- re-used connections. Problem reported and fix verified by Grigory Entin.
-
-- Jeff Lawson fixed the version-check in the SOCKS5 code.
-
-Daniel (15 February 2004)
-- Fixed a case where a host cache entry was not flagged in-use properly when a
- cached entry was used.
-
-- Andr�s Garc�a's patch that checks for winmm in the configure script was
- applied.
-
-Daniel (13 February 2004)
-- Ben Greear's SO_BINDTODEVICE patch for the binding of the local end to a
- specific network interface.
-
-- Greg Hewgill found out that the variable holding 'contentlength' wasn't big
- enough to hold a large file!
-
-- Tor Arntsen fixed a 64bit-related problem in date-related code in the ftp
- department, and there was another potential problem in the name resolve code
- too.
-
-Daniel (11 February 2004)
-- Removed a few variables that were only set but never used, as some compilers
- warn about that and we do not like compiler warnings!
-
-- Removed the need for symlinks in the tests/data directory if curl is built
- outside of the source directory and the 'make test' is used. This was done
- by providing a "source dir path" to the scripts/servers.
-
-- Now, if the configure script can't find an nroff tool or an option to nroff
- to use to convert man pages with, it will completely switch off the built-in
- manual.
-
-- 'configure --disable-manual' completely disables the built-in manual from
- the curl command tool.
-
-- Andr�s Garc�a fixed the configure script and a minor source edit, and now
- he has managed to get msys/mingw to run configure and then build!
-
-Daniel (9 February 2004)
-- The default HTTP Accept: header was modified to the much simpler
- "Accept: */*".
-
-- P R Schaffner updated the curl-ssl spec file for RPMs.
-
-- Dominick Meglio brought lots of documentation for the share interface's man
- pages that were previously missing.
-
-- Tor Arntsen provided a patch that makes libcurl work-around a bug in the
- AIX5 implementation of getaddrinfo(). This makes the FTP PORT stuff work on
- IPv6-enabled AIX builds.
-
-- Ken Rastatter provided portability fixes for the curlgtk.c example, and now
- it runs on windows with GTK as well!
-
-Daniel (6 February 2004)
-- Andr�s Garc�a made the configure script find gethostbyname() fine when run
- with mingw on windows.
-
-- Modified the ldap code to use proper function pointers all over (instead of
- mixed data and function pointers) to work-around the picky MIPSPro compiler
- warnings.
-
-- A custom Host: header is only considered if the request is not made by
- following a location. After discussions with Tim Baker.
-
-Daniel (5 February 2004)
-- The libz part of the configure script now only set the two libz-related
- define HAVE_ZLIB_H and HAVE_LIBZ if both the lib and the header is found.
- If one is missing, none of the defines is set.
-
-- Andr�s Garc�a fixed the Mingw makefiles.
-
-- Len Krause reported that curl 7.9.X could do uploading from stdin without
- doing chunked encoding, which current curl cannot do even if you disable
- the transfer-encoding chunked header. Now it can again, and test case 98
- verifies this functionality.
-
-- Tor Arntsen fixed a weird getaddrinfo() usage in the FTP code, preventing
- the IPv6-code for PORT work on AIX 5.2. We now also provide (better) error
- messages when bailing out in the that function.
-
-- Tor Arntsen now provides AIX and IRIX (using gcc, xlc and the MIPSPro
- compilers) automated build logs (https://curl.haxx.se/auto/) and we've fixed
- numerous minor quirks to make less warnings appear.
-
-Daniel (4 February 2004)
-- Based on a patch by Gilad, we now use the custom timeouts when waiting for a
- server to connect when using FTP PORT. Previously we always waited 10
- seconds, no more no less. We now also changed the default (if no timeout is
- set) to wait 60 seconds for the connect before we fail.
-
-Daniel (3 February 2004)
-- Modified to link with c-ares instead of ares.
-
-Daniel (2 February 2004)
-- Added a configure test to check for which option the (g)nroff tool wants
- to extract plain text from the man pages. Tor Arntsen told us the AIX
- version of GNU gnroff doesn't support -man!
-
-- Added an undef of accept in memdebug.h to make curl build with --enable-debug
- on AIX 5.2 which seems to have accept defined. Reported by Tor Arntsen.
-
-- curl_version() now includes c-ares version info, and curl_version_info() now
- returns a struct with version SECOND that also includes that info.
-
-- We are now officially using c-ares for asynch name resolves. c-ares is the
- new library, based on the existing ares but with an extended and slightly
- modified API.
-
-- Dirk improved the ares timeout code, and now we also include the ares error
- string when we fail to resolve a name.
-
-- Another tweak to make test case 91 run fine. Now we have another bit on a
- connection that is set true if the connection is marked for 'retry'. That
- makes the connection get closed and re-opened and the HTTP-done code must
- not complain on the fact that no data was received.
-
-- Based on Dirk Manske's patch, I modified the name resolving with ares to
- feature a timeout for really slow lookups. It now defaults to 300 seconds,
- but is now adjusted to the CONNECTTIMEOUT/TIMOUE timeouts if one of them
- is set.
-
-- Fixed the inclusion of ca-bundle.h to really use the one in the build dir
- before the one in the source dir. Domenico Andreoli found out and reported.
-
-- Added test case 97, a simple POST with a custom Content-Type header
- replacing the original application/x-www-form-urlencoded one.
-
-Daniel (30 January 2004)
-- Added code that attempts to fix the test 91 failure. As has been figured out
- by Patrick Smith, the error happens because we re-use a connection that the
- server is just about to close and we even manage to send away the request
- without seeing an error. On the first read attempt we get a ECONNRESET.
- Starting now, we attempt to detect this and if so, we retry the request on a
- fresh connection.
-
-- I added test case 510 which is a custom program that does a POST using a
- read callback, with chunked transfer-encoding.
-
-- Adjusted one of the MPE/iX changes as it made test case 504 fail all over.
-
-- Added --socks as a recognized option. It works just like --proxy but sets a
- SOCKS5 proxy to use. SOCKS5 support has been available in libcurl for a
- while, just not provided by the curl tool. This does not currently work for
- IPv6-enabled libcurls.
-
-Daniel (29 January 2004)
-- Stadler Stephan pointed out that src/hugehelp.c included config.h without
- checking the define if its present...
-
-- Ken Hirsch provided patches to make curl build fine on the MPE/iX operating
- system.
-
-- Dan Fandrich compiled curl with lots of aggressively pedantic compiler
- options and thus found a few minor errors and did some general cleanups to
- avoid them.
-
-- Dirk Manske fixed a flaw in ares that prevented it to use non-blocking
- sockets properly.
-
-Daniel (28 January 2004)
-- Richard Bramante fixed chunked transfer-encoded "uploads" to send a final
- CRLF combo properly.
-
-Daniel (27 January 2004)
-- Made the response-headers during a CONNECT request to a proxy get passed on
- as regular headers, so they appear with -i/-I options and similar.
-
-- Based on a patch by Gisle Vanem, I've made the progress meter display
- properly switch to a GB-display when more than 9999MB have been transfered.
-
-Daniel (23 January 2004)
-- Gisle Vanem pointed out a curlrc parser problem/crash when an option with a
- required didn't have one and was on the last line of a file.
-
-- More Windows fixes for large files. We now build and link with
- ../lib/strtoofft.c in the app code since Curl_strtoll() is not a provided
- libcurl function... Perhaps we should consider a 'common' dir or similar
- where we put source code used in both the lib and the client. Or perhaps
- we'll just make this function available in the library...
-
-- Vincent Bronner found out the socks5 code crashed when no username was
- set.
-
-- Vincent Bronner spotted a problem with proxy username/password when re-using
- a persistent connection.
-
-- Fixed the progress meter display for files larger than 2^31 bytes. Gisle
- Vanem reported.
-
-Daniel (22 January 2004)
-- Gisle Vanem made strtoll() get used when curl is built with the mingw
- compiler.
-
-- Gisle Vanem fixed the compressed help text code to display properly.
-
-- Removed the '#define HttpPost' from the public header file, as curl_httppost
- is the proper name and it has been for quite some time now. Fixes another
- name space pollution.
-
-- Added 'curl_off_t' typedef in the public header file, to be used to provide
- large file sizes to the *_LARGE options. Adjusted the code all over to use
- this variable type instead of 'off_t'. This is an attempt to make the large
- file support work on more platforms. The configure script now checks the
- size of the curl_off_t instead of the plain off_t.
-
-Version 7.11.0 (22 January 2004)
-
-Daniel (21 January 2004)
-- Removed the defines in the public header file with TIMECOND_ prefixes. They
- have been obsolete since April 22nd 2002, and if this causes anyone any
- problems now it is very easy to just add CURL_ to the names. This corrects
- this name space pollution.
-
-Daniel (19 January 2004)
-- David Byron cleaned up how --trace with no option was treated, and also
- arguments in a config file without a required parameter!
-
-Daniel (16 January 2004)
-- Gisle Vanem fixed a few issues where compilers warned about variables
- possibly being used unassigned.
-
-- Minor Interix build problem fixed.
-
-Daniel (15 January 2004)
-- Peter Sylvester pointed out some necessary escaping needed in the
- acinclude.m4 file when automake 1.8 or later is used.
-
-Daniel (14 January 2004)
-- Vincent Bronner fixed the Curl_resolv() return code. This extends the fix
- Steve Green provided on december 3...
-
-Daniel (13 January 2004)
-- Luke Call made the win32 version of the password prompting function support
- backspace.
-
-- Dan Fandrich fixed the hugehelp source file to contain both a compressed and
- an uncompressed version in the distribution, so that more people easier can
- build curl with the compressed version.
-
-- Diego Casorran brought another AmigaOS build patch for native Amiga builds.
-
-- Matt Veenstra updated the Mac OS X framework files.
-
-- Brian R Duffy brought a section to the INSTALL file on how to build a
- SSL-enabled curl using the free Borland C++ compiler. He also updated the
- Borland lib/Makefile.b32.
-
-- I fixed the test case 509 which I broke yesterday. Now the libtest are
- compiled with an include path that points to the library's source dir, so
- that the libtests can include files from the source tree. This was made to
- make it possible to use the USE_SSLEAY define in the library test files.
-
-Daniel (12 January 2004)
-- Peter Sylvester brought code that now allows a callback to modified the URL
- even when the multi interface is used, and then libcurl will simulate a
- "follow location" to that new URL. Test 509 was added to test this feature.
-
-- Extended the time we retry servers in the test script, and I also made it
- retry the https and ftps servers before they are considered bad. I believe
- the previous approach could turn problematic on really slow hosts.
-
-Version 7.11.0-pre1 (12 January 2004)
-
-Daniel (11 January 2004)
-- Dominick Meglio pointed out FTPS should use default port 990 according to
- IANA.
-
-Daniel (8 January 2004)
-- Fixed the SPNEGO configure check to not use -R or other non-portable options
- in the LDFLAGS. Reported by Pierre in bug report #872930.
-
-Daniel (5 January 2004)
-- Dan Fandrich provided a fix on our zlib usage.
-
-- David J Meyer's patch that introduce large file support to libcurl was
- applied. New curl_easy_setopt options that accept 'off_t' arguments are:
-
- INFILESIZE_LARGE
- RESUME_FROM_LARGE
- MAXFILESIZE_LARGE
-
-Daniel (4 January 2004)
-- Based on Dominick Meglio's comments, I made our private version of
- gettimeofday() declared static. This would otherwise collide with the same
- function in other libs (like ares for example).
-
-- Added Dominick Meglio's description on how to build libcurl with ares
- on win32.
-Daniel (19 December)
-- CURLOPT_IPRESOLVE was not possible to set.
-
-- Gisle Vanem updated the djgpp build files.
-
-Daniel (18 December)
-- John McGowan reported a redirect-problem that happened if a site used a URL
- like "url.com?var=content" (without a proper slash) and from that address
- redirected the user-agent to an absolute directory.
-
-- David Byron made libcurl build fine with both the .NET and VC6 versions of
- MSVC
-
-Daniel (16 December)
-- Updated test 506 since it started to fail after the cache prune change
- yesterday. I also changed it slightly to feature a counter in each debug
- output for easier tracing.
-
-Daniel (15 December)
-- Old DNS cache entries are now only pruned after curl is done with a request,
- and not in the actual name resolve call.
-
-- corrected the --enable-ares patch
-
-- Giuseppe Attardi found and fixed a problem within libcurl that re-used
- already freed memory.
-
-Daniel (10 December)
-- Gisle Vanem reported that the dict support was broken. I broke it during my
- ftps-changes overhaul. I've now added a 'curlassert' function that can be
- used to verify expressions, to prevent future errors of the same
- kind. They're only present in debug-builds.
-
-- Diego Casorran made curl and libcurl possible to build natively (no more
- need for the ixemul library) on AmigaOS.
-
-- Dominick Meglio made configure --enable-ares support a given path to the
- installed ares lib, instead of always using it in the curl source tree.
- This also fixed the curl-config --libs output.
-
-- Eric S. Raymond patched a very minor man page format error in
- libcurl-errors.3
-
-Daniel (8 December)
-- Fixed the flaw that made -lz appear twice on the link command line.
-
-- After correspondence with Gisle Vanem, I changed the 'connection aborted'
- error text when the FTP response reader failed to more specificly identify
- what the problem is.
-
-- Based on a patch from Dominick Meglio, curl-config --feature now outputs
- 'AsynchDNS' as a feature if libcurl was built with ares. The feature name
- is the same that 'curl -V' outputs, for simplicity.
-
-Daniel (3 December)
-- Marty Kuhrt made the build up-to-date on VMS, and moved most of the VMS-
- specific stuff in the client code to a separate header file.
-
-- Steve Green fixed a return code bug in Curl_resolv(), that made the socks5
- code fail.
-
-- swalkaus at yahoo.com patched libcurl to ignore Content-Length: headers
- when Transfer-Encoding: chunked is used, as mandated by RFC2616.
-
-Daniel (2 December)
-- --ftp-pasv was added, which serves the only purpose of overriding a
- previously set --ftpport option. Starting now, --ftp-port is a recognized
- alias for --ftpport for consistency.
-
-- Giuseppe Attardi pointed out that we should use MSG_NOSIGNAL when we use
- send() and recv(). I added checks for the define in the configure script and
- adjusted the code accordingly. If the symbol is present, we won't attempt
- to ignore the SIGPIPE signal.
-
-Daniel (1 December)
-- Mathias Axelsson set up a bsdftpd-ssl server for me and I could make curl
- run fine against its FTPS implementation. Now these FTPS-related things
- work:
- o explicit and implicit FTPS
- o active (PORT) and passive (PASV)
- o upload and download
- o verified against bsdftpd-ssl and RaidenFTPD
-
-Daniel (27 November)
-- James Clancy made the Borland Makefiles up to date.
-
-- Markus Moeller improved the SPNEGO detection in the configure script.
-
-Daniel (25 November)
-- Dave May filed bug report #848371, identifying that if you'd do POST over a
- proxy to a https server, libcurl didn't POST at all, it just made a GET! It
- turned out to be because libcurl wrongly didn't consider the authentication
- "negotiation phase" to be complete yet.
-
- I added test case 95 to verify my fix for this.
-
-Daniel (24 November)
-- Thanks to Mathias Axelsson, I've been able to work on FTPS for libcurl and it
- seems to work somewhat fine now.
-
- The FTPS stuff is based on RFC2228 and the murray-auth-ftp-ssl draft
- (version 12). There seems to exist quite a few servers that have implemented
- the server side of this.
-
- We can now use ftps:// URLs to explicitly switch on SSL/TSL for the control
- connection and the data connection (dealing with two SSL connections forced
- me to change a lot of stuff in libcurl).
-
- Alternatively, and what seems to be the recommended way, we can set the new
- option CURLOPT_FTP_SSL to one of these values:
-
- CURLFTPSSL_NOPE, - do not attempt to use SSL
- CURLFTPSSL_TRY - try using SSL, proceed anyway otherwise
- CURLFTPSSL_CONTROL - SSL for the control connection or fail
- CURLFTPSSL_ALL - SSL for all communication or fail
-
- Any failure to set the desired level will make libcurl fail with the error
- code CURLE_FTP_SSL_FAILED. This new option makes a "normal" ftp:// transfer
- attempt to be made securely.
-
- I've been able to login and get files (passively) from Mathias' server using
- both ftps:// and CURLOPT_FTP_SSL. (I've made 'curl' understand the --ftp-ssl
- option that sets CURLFTPSSL_TRY.)
-
-- Gaz Iqbal fixed a range string memory leak.
-
-- Gisle Vanem fixed the Windows builds.
-
-- Added the new FTPSSL defines in curl/curl.h
-
-Daniel (20 November)
-- Josh Kapell filed bug report #845247 as he found an endless loop when
- getting a 407 back from a proxy when no user+password was given. Added test
- case 94 to verify the fix.
-
-Daniel (19 November)
-- Kevin Roth fixed a progress-bar problem on Windows.
-
-- While working with Nicolas Croiset's bug report #843739, I noticed two minor
- problems related to ftp partial downloads: if a partial transfer is
- detected, we must close the connection as we cannot know in what state it is
- anymore. This looks like a ProFTPD bug:
- https://curl.haxx.se/mail/lib-2003-11/0079.html
-
-Daniel (17 November)
-- Maciej W. Rozycki made the configure script use a cache variable for the
- writable argv test. This way, the default can be overridden better (for
- cross-compiles etc)
-
-Daniel (15 November)
-- Mathias Axelsson found out libcurl sometimes freed the server certificate
- twice, leading to crashes!
-
-Daniel (14 November)
-- Siddhartha Prakash Jain found a case with a bad resolve that we didn't
- properly bail out from, when using ares.
-
-Daniel (13 November)
-- Default Content-Type for parts in multipart formposts has changed to
- "application/octet-stream". This seems more appropriate, and I believe
- mozilla and the likes do this. In the same area: .html files now get
- text/html as Content-Type. (Pointed out in bug report #839806)
-
-- Gisle Vanem corrected the --progress-bar output by doing a flush of the
- output, which apparently makes it look better on at least windows, but
- possibly other platforms too.
-
-- Peter Sylvester identified a problem in the connect code, which made the
- multi interface on a IPv6-enabled Solaris box do bad. Test case 504 to be
- specific. I've spent some time to clean-up the Curl_connecthost() function
- now to use less duplicated code for the two different sections: IPv6 and
- IPv4.
-
-Daniel (11 November)
-- Added CURLOPT_NETRC_FILE. Use this to tell libcurl which file to use instead
- of trying to find a .netrc in the current user's home directory. The
- existing .netrc file finder is somewhat naive and is far from perfect on
- several platforms that aren't unix-style. If this option isn't set when
- CURLOPT_NETRC is set, the previous approach will still be used.
-
- The current .netrc check code now also support longer than 256 bytes path
- names.
-
-Daniel (10 November)
-- Kang-Jin Lee pointed out that the generated ca-bundle.h file shouldn't be
- written in the source dir if a different build dir is used.
-
-- After S�bastien Willemijns' bug report, we now check the separators properly
- in the 229-reply servers respond on a EPSV command and bail out better if
- the reply string is not RFC2428-compliant.
-
-Daniel (7 November)
-- Based on Gisle Vanem's patch, I made curl try harder to get the home
- directory of the current user, in order to find the default .curlrc file.
- We're also considering moving out the HOME-dir code from libcurl, and
- instead have the app pass in the path to the .netrc file (which is the only
- logic left in libcurl that uses the HOME dir). Then curl can use the home
- dir for that purpose too.
-
-- Ralph Mitchell's updated testcurl.sh to the script to take an existing
- directory name and build/run/test curl in there instead of trying to update
- from CVS. Using this approach, the script can now be used to test daily
- tarballs etc.
-
-- Gisle Vanem added a "resource file" to the Windows DLL builds, to contain
- information such as version number, library name, copyright info etc.
-
-Daniel (6 November)
-- curl checks if the existing libcurl supports things like --ntlm, --negotiate
- and --krb4 and returns error if not.
-
-- I added three new global defines in the curl/curl.h header:
- LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH. They
- are the three numbers in the library's version number, separated for easier
- usage. 'maketgz' was updated accordingly to generate these numbers properly
- when building release-archives.
-
-- Uninitialized variable fix, reported by both Marty Kuhrt and Benjamin
- Gerard.
-
-- Matt Veenstra provided build files to build libcurl as a "framework" under
- Mac OS X. See the lib/libcurl.framework.make for details.
-
-- Removed the defines of TRUE and FALSE from the curl/curl.h header file.
- They're not in our name space so we should not fiddle with them.
-
-Daniel (5 November)
-- Replaced the man page to HTML converter program with a new one: roffit.
- Makes nicer web pages.
-
-Daniel (4 November)
-- Troels Walsted Hansen fixed the MSVC makefiles to let them build curl fine
- on Windows.
-
-- Kevin Roth corrected the cygwin package generator and spell-fixed the
- comment in the ca-bundle.h file.
-
-Version 7.10.8 (1 November 2003)
-
-Daniel (31 October)
-- Assume that MDTM on an FTP server returns the timestamp using the UTC time
- zone. This changes the time CURLINFO_FILETIME returns for a given file over
- FTP, and will change existing uses of CURLOPT_TIMECONDITION. It will make
- the functionality more similar to how the HTTP one is already working.
-
-- Command line options that take numerical parameters (such as -y, -Y, -C etc)
- now report error and exit if the parameter isn't truly a number greater than
- or equal to zero. This helps users to notice bad usage earlier. Before, when
- a user forgot or missed to add a numerical parameter to an option, the
- command line parser would simply "eat" the following option and it would
- cause great confusion.
-
-Daniel (30 October)
-- David Hull made libcurl deal with NOBODY and HEADER for file:// the same way
- it already does for FTP: it provides HTTP-looking headers that provide info
- only about the file, without doing the actual transfer. The curl tool then
- lets --head do this.
-
-Daniel (29 October)
-- runtests.pl now checks for and use valgrind if present. It will redirect the
- valgrind results in log/valgrind[num] but it currently doesn't scan that
- file for any errors or anything, that is still only made manually.
-
-- David Hull made the file: URL parser also accept the somewhat sloppy file
- syntax: file:/path. I added test case 203 to verify this.
-
-Daniel (28 October)
-- Dan C tracked down yet another weird behavior in the glibc gethostbyname_r()
- function for some specific versions (reported on 2.2.5 and 2.1.1), and
- provided a fix. On Linux machines with these glibc versions, non-IPv6
- builds of libcurl would often fail to resolve perfectly resolvable host
- names.
-
-Daniel (26 October)
-- James Bursa found out that curl_msnprintf() could write the trailing
- zero-byte outside its given buffer size. This could happen if you generated
- a very long error message as then libcurl would overwrite the ERRORBUFFER
- with one byte. Using a non-existing very long local file:// name is one case
- that could make this occur.
-
-Daniel (24 October)
-- David Hull filed bug report #829827. It identified a problem with -C - if
- the full file already was downloaded and thus the server responded with a
- 416. libcurl would then wrongly use the Content-Length: header and expect
- that size to get transfer, causing a "hang" until the server closed the
- connection and then an error 18 ("still N bytes data left of the transfer").
-
- Now we don't return any error at all, but I think libcurl should perhaps
- return some kind of info since the requested range was out of the size of
- the document.
-
-- Based on David Hull's fix in bug report #804599, we now check for solaris and
- gcc in configure and set the -mimpure-text link flag for linking the lib
- better.
-
-- I've introduced a -t option to the runtests.pl script. With that option set,
- the script runs special "memory torture" tests. For each test command line
- in that section, the script first runs the command line and counts the total
- amount of allocations made. It then runs the exact same command line again,
- forcing allocation number N to fail. It will try every N from 1 to the total
- number of amounts made. For every invoke, it checks that no memory was
- leaked as that would indicate a bad cleanup somewhere in the code.
-
- This is just beginning to work, and I've already made some corrections in
- libcurl code. When this code works somewhat fine, I'll make sure 'make test'
- in the root dir will run these tests as well.
-
-Daniel (23 October)
-- Georg Horn fixed how the CA verification is made. Verifications can now be
- made while at the same time the result of it can be ignored. This also
- affects the curl tool as -k can now be used together with --cacert or
- --capath.
-
-Daniel (22 October)
-- Gisle Vanem found out --disable-eprt didn't work and patched it.
-
-- Test case 91 was modified and could now repeat the problem Kevin Roth has
- reported, and the bug was fixed.
-
-- Dylan Ellicott added vc-libcurl-ssl-dll as a target to the root makefile
- to build a static libcurl that links with a shared OpenSSL using MSVC.
-
-Daniel (21 October)
-- Andr�s Garc�a updated the mingw32 makefiles.
-
-Version 7.10.8-pre5 (21 October 2003)
-
-Daniel (19 October)
-- Georg Horn made libcurl output more info on SSL failures when receiving
- data.
-
-Version 7.10.8-pre4 (18 October 2003)
-
-Daniel (17 October)
-- Dominick Meglio implemented CURLOPT_MAXFILESIZE and --max-filesize.
-
-- Made libcurl show verbose info about what auth type and user name that is
- being sent in its HTTP request-headers.
-
-Daniel (16 October)
-- Removed support for CURLOPT_PASSWDFUNCTION and CURLOPT_PASSWDDATA. libcurl
- no longer prompt for passwords under any circumstances. Password prompting
- was instead moved to curl, which now prompts for password if -u or -U lack
- it. This solves the problem Kevin Roth reported when curl prompted for
- password twice when doing NTLM authentication.
-
-- I rewrote the SSL subjectAltName check to avoid having to rely on OpenLDAP-
- licensed derivate code.
-
-Daniel (15 October)
-- Avoid doing getsockopt() on Windows to verify connects. It seems that this
- hogs Windows machines when libcurl is being used multi-threaded (with > ~50
- threads). Andrew Fuller helped us verify and test this.
-
-Daniel (14 October)
-- Kimmo Kinnunen fixed a crash with duphandle() when CURLDEBUG is set.
-
-- Gisle Vanem made libcurl build and work with IPv6 on Windows.
-
-Daniel (13 October)
-- Giuseppe Attardi reported yet another segfault with ares and the multi
- interface. Me fixed.
-
-- Domenico Andreoli removed the extra LDFLAGS assignment in lib/Makefile.am
- that was reported about in the debian bug report #212086.
-
- Domenico also fixed two makefiles where we used 'gnroff' instead of the more
- portable $(NROFF).
-
-Daniel (12 October)
-- Dirk Manske made the share locking around DNS lookups slightly different to
- allow the share system's DNS lookups to run somewhat more
- independent/faster.
-
-Daniel (9 October)
-- Lachlan O'Dea fixed a resume problem: "If I set CURLOPT_RESUME_FROM, perform
- an HTTP download, then reset CURLOPT_RESUME_FROM to 0, the next download
- still has a Range header with a garbage value." bug report #820502
-
-- Dominick Meglio made the inet_pton.c file build fine using MSVC.
-
-- The 'sws' test suite web server now #include setup.h from the lib directory.
- This makes it more portable easier.
-
-Version 7.10.8-pre3 (8 October 2003)
-
-Daniel (8 October)
-- Frank Ticheler provided a patch that fixes how libcurl connects to multiple
- addresses, if one of them fails (IPv4 code).
-
-Daniel (7 October)
-- Neil Dunbar provided a patch that now makes libcurl check SSL
- subjectAltNames when matching certs. This is apparently detailed in RFC2818
- as the right thing to do. I had to add configure checks for inet_pton() and
- our own (strictly speaking, code from BIND written by Paul Vixie) provided
- code for the function for platforms that miss it.
-
-- HTTP POST using the read callback didn't work, as Florian Schoppmann
- reported.
-
-Daniel (5 October)
-- Shared provided a few fixes to make libcurl build on BeOS
- out-of-the-box. New code for BeOS-style non-blocking sockets, provided by
- Shard and Jeremy Friesner. Modified the autoconf check for non-blocking
- sockets to check for this kind too.
-
-Daniel (4 October)
-- Vincent Bronner pointed out that if you set CURLOPT_COOKIE for a transfer
- and then set it to NULL in a subsequent one, the previous cookie was still
- sent off!
-
-- Jon Turner fixed a problem libcurl had when it failed on an FTP transfer due
- to a bad path, it would cause the next transfer to use a bad path as well.
-
-- Siddhartha Prakash Jain provided a patch with a fix for libcurl with ares,
- when working on IP-only names as we then could return "wait" status when the
- name in fact already was resolved. I edited the patch slightly to not expose
- asynch details to non-ares aware source code.
-
-Daniel (3 October)
-- Neil Spring posted the debian bug report #213180, and pointed out that using
- the name 'access' in a function prototype is not very wise as some compilers
- complain.
-
-- Peter Sylvester provided his and Jean-Paul Merlin's curlx.c example source
- code that shows how they use ssl and callbacks.
-
-Daniel (2 October)
-- James MacMillan's patch makes curl build on QNX 6.2.x.
-
-Daniel (26 September)
-- My daughter was born!
-
-Daniel (23 September)
-- Added support for -4/--ipv4 and -6/--ipv6 to force names to resolve to that
- particular IP version. They only work for IPv6-enabled libcurls.
-
-- curl -V now outputs 'SPNEGO' as a feature in case libcurl was built to
- support that.
-
-Version 7.10.8-pre2 (22 September 2003)
-
-Daniel (22 September)
-- Giuseppe Attardi found a segfault in libcurl when using the multi interface
- with ares and doing repeated operations against a non-resolving host name.
-
-Daniel (19 September)
-- Added the CURLOPT_IPRESOLVE option, that allows an application to select
- what kind of IP addresses he wants to use when resolving host names. This
- is only interesting when using host names that resolve addresses using more
- than one version of IP.
-
-- Applied Markus Moeller's patch that introduces SPNEGO support if libcurl
- is built with the FBopenssl libraries. curl_version_info() now returns
- info on SPNEGO availability. The patch also made the GSSAPI stuff work fine
- with the MIT GSS-library (the Heimdal one still works too).
-
-Daniel (16 September)
-- Doing PUT with --digest failed, as reported in bug report #805853.
-
-- Using --anyauth that picked NTLM, and then a redirect closed the connection
- and took curl to a second NTLM page made curl fail. Bug report #806328
- identified the problem, test case 90 was added to verify the fix.
-
-Daniel (14 September)
-- codemastr brought a patch for ares to make the Windows portions of it work
- properly on NT4. I uploaded a new diff and updated the docs on where to get
- it etc.
-
-- Jeff Pohlmeyer tracked down a very hard-to-find bug where we removed a
- cached DNS entry even though it may be in use, which caused "random" memory
- to get overwritten and thus "random" crashes.
-
-Daniel (12 September)
-- Based on a bug report by David Kimdon, I made the runtests.pl script clear
- all possible proxy environment variables before the tests are run.
-
-- By default, easy handles within a multi handle now share DNS cache.
-
-- Tim Bartley brought a patch that makes the GSSNEGOTIATE option work for
- Microsoft's "Negotiate" authentication as well.
-
-Daniel (11 September)
-- A zero-length proxy string confused FTP transfers.
-
-- Bjorn Reese found a case with an uninitialized pointer, only present when
- built for ares.
-
-Version 7.10.8-pre1 (8 September 2003)
-
-Daniel (7 September)
-- Jurij Smakov found out that the non-OpenSSL MD5 code was not working on
- Alpha (or ia64). Only the OpenSSL-version did. I made a fix I think corrects
- the problem.
-
-Daniel (5 September)
-- Kevin Fisk reported that configure --enable-thread didn't work. I fixed.
-
-- De-macrofied the lib/hash.c source code somewhat.
-
-Daniel (4 September)
-- CURLINFO_HTTPAUTH_AVAIL and CURLINFO_PROXYAUTH_AVAIL added, Based on Joerg
- Mueller-Tolk's patch,
-
-Early (4 September)
-- Added CURLOPT_FTP_RESPONSE_TIMEOUT - allows user to set strict timeout
- requirements on the FTP server's ability to respond to individual commands
- without placing global requirements on transfer or connect time. Files
- affected:
- - include/curl/curl.h
- Added option CURLOPT_FTP_RESPONSE_TIMEOUT
- - lib/ftp.c
- Added branch inside Curl_GetFTPResponse to check for
- data->set.ftp_response_timeout
- - lib/url.c
- Modified Curl_setopt to recognize CURLOPT_FTP_RESPONSE_TIMEOUT
- - lib/urldata.h
- Added ftp_response_timeout to struct UserDefined
-
-Daniel (3 September)
-- Peter Pentchev found and fixed two problems in the test suite's web server
- code, that made it segfault at times.
-
-- J�rg Mueller-Tolk improved the proxy user+password handling, especially
- when providing a blank password.
-
-Daniel (2 September)
-- Fix for making CONNECT to proxies do the correct magic to allow NTLM, Digest
- and similar to work.
-
-Daniel (1 September)
-- Henrik Storner made libcurl work fine with OpenLDAP 2.1.22 (current).
-
-- Jeff Pohlmeyer added a proper error message for non-resolving hosts when
- using ares for lookups.
-
-Daniel (25 August)
-- John McGowan reported that curl -k still failed if the HTTPS server's CN
- field wasn't obtainable. This was due to the CURLOPT_SSL_VERIFYHOST being
- set to 1, and libcurl failed if the CN was missing. Starting now, having it
- set to 1 will simply output a warning if no CN could be obtained (as having
- a mismatch is OK).
-
-Daniel (21 August)
-- Vincent Sanders provided a fix for name resolving when linked with uClibc.
-
-Daniel (20 August)
-- Gerd v. Egidy provided a patch that makes libcurl store the FTP response
- code from ftp servers. Using curl_easy_getinfo() with CURLINFO_HTTP_CODE
- returns that data. The option is therefore now also known as
- CURLINFO_RESPONSE_CODE.
-
-- Antoine Calando found a segfault when doing multi-part/formpost using
- the multi interface.
-
-- Antoine Calando pointed out that curl_multi_info_read() didn't set the
- msgs_in_queue to 0 properly when returning NULL.
-
-Daniel (19 August)
-- I made curl support multiple -T options, as well as -T "{file1,file2}"
- style globbing. One -T for each URL is supported.
-
-- Jeff Pohlmeyer found a segfault when using ares-enabled libcurl and the
- multi interface when trying a non-existing host name.
-
-- Made the libcurl printf code support long longs if available.
-
-- Loren Kirkby pointed out that we did not clean up all SSL-allocated memory
- in curl_global_cleanup().
-
-Daniel (17 August)
-- Setting CURLOPT_WRITEFUNCTION or CURLOPT_READFUNCTION to NULL will now make
- them get the internal defaults restored. Previously this could cause a
- segfault. We should aim at having all pointer-related options get restored
- to default/safe values when set to NULL.
-
-Version 7.10.7 (15 August 2003)
-
-Daniel (14 August)
-- I modified the memdebug system to return failure on memory allocation
- functions after a set amount of successful ones. This enables us to test
- out-of-memory situations in a controlled manner and we can make sure that
- curl/libcurl behaves good in those.
-
- This made me find and fix several spots where we did not cleanup properly
- when bailing out due to errors (low memory).
-
-- Corrected test case 74. Made using -o with bad #[num] codes complain and
- bail out. Made #[num] support numbers larger than 9 as well. Added test
- case 86 for a proper range globbing test as well.
-
-Version 7.10.7-pre4 (12 August 2003)
-
-Daniel (12 August)
-- curl_version_info() now returns a flag if libcurl was built with asynch DNS
- support, and this is now also displayed with 'curl -V'.
-
-- Added a few new man pages to the docs/libcurl dir: curl_share_init,
- curl_share_setopt, curl_share_cleanup, libcurl-easy and libcurl-share.
-
-Daniel (11 August)
-- Mike Cherepov made the local binding code work for Windows, which makes
- the option CURLOPT_INTERFACE work on Windows as well.
-
-- Vincent Sanders updated the fopen.c example code a lot.
-
-- --proxy-ntlm is now supported by the curl tool. It forces the proxy
- authentication to be made using NTLM. It does not yet work for HTTPS over
- proxies (or other proxy-tunneling options). Test case 81 and 82 do some
- simple initial ntlm testing.
-
-- Found and fixed a minor memory leak on re-used connections with
- proxy-authentication.
-
-- I removed -@ and -Z as valid short options. They were very rarely used (@
- wasn't even documented).
-
-- Serge Semashko introduced CURLOPT_PROXYAUTH, and make it work when set to
- CURLAUTH_NTLM and/or CURLAUTH_BASIC. The PROXAUTH is similar to HTTPAUTH,
- but is for the proxy connection only, and HTTPAUTH is for the remote host.
-
-- Fixed loading of cookies with blank contents from a cookie jar. Also made the
- cookie functions inform on added and skipped cookies (for cookie debugging).
-
-Version 7.10.7-pre3 (8 August 2003)
-
-Daniel (8 August)
-- Applied David Byron's fix for file:// URLs with drive letters included.
-
-- I added the --ftp-create-dirs to the client code, which activates Early's
- CURLOPT_FTP_CREATE_MISSING_DIRS option, and wrote test case 147 to verify
- it. Added the option to the curl.1 man page too. Added the option to the
- curl_easy_setopt.3 man page too.
-
-Daniel (7 August)
-- Test case 60 failed on ia64 and AMD Opteron. Fixed now.
-
-- Fixed a printf problem that resulted in urlglobbing bugs (bug #203827 in the
- debian bug tracker). Added test case 74 to verify the fix and to discover if
- this breaks in the future.
-
-- "make distcheck" works again.
-
-Version 7.10.7-pre2 (6 August 2003)
-
-Daniel (5 August)
-- Duncan Wilcox helped me verify that the latest incarnation of my ares patch
- builds fine on Mac OS X (see the new lib/README.ares) file for all details.
-
-- Salvatore Sorrentino filed bug report #783116 and Early Ehlinger posted a
- bug report to the libcurl list, both identifying a problem with FTP
- persistent connections and how the dir hierarchy was not properly reset
- between files.
-
-- David Byron's thoughts on a fixed Makefile in tests/ were applied.
-
-- Jan Sundin reported a case where curl ignored a cookie that browsers don't,
- which turned up to be due to the number of dots in the 'domain'. I've now
- made curl follow the the original netscape cookie spec less strict on that
- part.
-
-Daniel (4 August)
-- Dirk Manske added cookie support for the experimental, hidden and still
- undocumented share feature!
-
-- Mark Fletcher provided an excellent bug report that identified a problem
- with FOLLOWLOCATION and chunked transfer-encoding, as libcurl would not
- properly ignore the body contents of 3XX response that included the
- Location: header.
-
-Early (6 August)
-- Added option CURLOPT_FTP_CREATE_MISSING_DIRS
- This option will force the target file's path to be created if it
- does not already exist on the remote system.
-
- Files affected:
- - include/curl/curl.h
- Added option CURLOPT_FTP_CREATE_MISSING_DIRS
- - lib/ftp.c
- Added function ftp_mkd, which issues a MKD command
- Added function ftp_force_cwd, which attempts a CWD,
- and does a MKD and retries the CWD if the original CWD
- fails
- Modified ftp_perform() to call its change directory function
- through a pointer. The pointer points to ftp_cwd by default,
- and is modified to point to ftp_force_cwd IFF
- data->set.ftp_create_missing_dirs is not 0.
- - lib/url.c
- Modified Curl_setopt to recognize CURLOPT_FTP_CREATE_MISSING_DIRS
- - lib/urldata.h
- Added ftp_create_missing_dirs to struct UserDefined
-
-- Minor Bugfix for CURLOPT_TIMECONDITION with FTP - if the file was not
- present to do the time comparison, it would fail.
- Files affected:
- - lib/ftp.c
- In ftp_perform(), the call to ftp_getfiletime() used to be followed
- by
- if (result)
- return result;
- And then by the code that actually did the time comparison.
- The code that did the comparison handled the case where the filetime
- was not available (as indicated by info.filetime < 0 or set.timevalue
- < 0), so I replaced the if (result) return result with a switch(result)
- that allows CURLE_FTP_COULDNT_RETR_FILE to fall through to the
- normal time comparison.
-
-Daniel (3 August)
-- When proxy authentication is used in a CONNECT request (as used for all SSL
- connects and otherwise enforced tunnel-thru-proxy requests), the same
- authentication header is also wrongly sent to the remote host.
-
- This is a rather significant info leak. I've fixed it now and mailed a patch
- and warning to the mailing lists.
-
-Daniel (1 August)
-- David Byron provided a patch to make 7.10.6 build correctly with the
- compressed hugehelp.c source file.
-
-Version 7.10.7-pre1 (31 July 2003)
-
-Daniel (30 July)
-- J�rg M�ller-Tolk updated the VC makefile.
-
-- Daniel Noguerol made the ftp code output "Accept-Ranges: bytes" in similar
- style like other faked HTTP headers when NOBODY and HEADER are used. I
- updated two corresponding test cases too.
-
-- Marty Kuhrt pointed out a compilation problem on VMS due to my having
- changed a type from long to time_t, and I'm now changing it back to work
- more portably...
-
- He also indicated that distributing the src/hugehelp.c in a compressed state
- like I accidentally did may not be the smartest move... I've now fixed the
- distribute procedure to automatically generate an uncompressed version when I
- make release archives.
-
-Daniel (29 July)
-- Gisle Vanem brought changes to the mkhelp script for the generation of the
- compressed help text on some platforms.
-
-Version 7.10.6 (28 July 2003)
-
-Daniel (28 July)
-- Fran�ois Pons brought a patch that once again made curl deal with ftp and
- "double slash" as indicating the root directory. In the RFC1738-fix of April
- 30, that ability was removed (since it is not the "right" way). So, starting
- now we can list the root dir of an ftp server both these ways:
-
- curl ftp://server.com/%2f as well as
- curl ftp://server.com//
-
-Daniel (24 July)
-- Henry Bland pointed out that we included sys/resource.h without good reason
- in several source files. Without it included, QNX builds better...
-
-- Andr�s Garc�a updated the mingw makefiles.
-
-Daniel (23 July)
-- Tracy Boehrer experienced DNS cache problems and did some nice debugging
- and tracking which made it easy for me to correct the problem and Tracy
- could verify that it did cure the problem! When re-using a connection we
- now make sure we don't re-use the 'connect_addr' struct.
-
-- Daniel Kouril corrected the GSS-Negotiate code.
-
-- Juan F. Codagnone provided fixes to allow curl to build fine on Windows
- again.
-
-Daniel (22 July)
-- Edited the curl/curl.h include file to build on Windows properly.
-
-Daniel (21 July)
-- Moved the proxy credentials from the SessionHandle struct to the connectdata
- struct, to make multiple proxy connections with differerent user names work.
-
-- Adjusted the NTLM code to support proxy functionality.
-
-- Made the krb4 stuff compile with the user+password fields moved.
-
-Version 7.10.6-pre4 (21 July 2003)
-
-Daniel (20 July)
-- David Gardner pointed out in bug report 770755 that using the FTP command
- CWD with a blank argument is a bad idea and I made libcurl skip empty path
- segments starting now.
-
-Daniel (18 July)
-- Cris pointed out that my fix on July 16th didn't work fully. His pointing
- out this (and his patch) also made me realize that we have a very similar
- bug in the FTP connection re-use code. We must store a separate user and
- password field for each connection we keep (at least for FTP and HTTP+NTLM
- connections, so I made us do this unconditionally).
-
-- Since NTLM authenticates connections instead of single requests, I had to
- re-arrange how we store the NTLM data and I had to improve the test suite to
- finally work properly with persistency to make the NTLM tests run fine
- again. This also forced me to have to update lots of HTTP test cases.
-
-Daniel (16 July)
-- Cris Bailiff's bug report 768275 pointed out that using Basic auth with
- wrong user+password caused an endless loop. Fixed now. He also found out that
- we didn't properly authenticate connections with NTLM. Fixed too.
-
-- Dan Winship provided fixes for the NTLM code.
-
-Daniel (5 July)
-- Doug Kaufman provided additional fixes for the DOS port.
-
-Daniel (4 July)
-- Rick Richardson pointed out that using setvbuf() to achieve non-buffering
- on output is no-good for SCO Xenix and other unixes. We switched over to
- using plain fflush() instead.
-
-- Dan Grayson pointed out that we set the CURL_CA_BUNDLE variable wrongly in
- the configure script, and I had to change some build stuff to make the new
- way work.
-
-- Peter Sylvester's patch was applied that introduces the following:
-
- CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the
- OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If
- anything but CURLE_OK is returned, that will also be returned by libcurl
- all the way back. If this function changes the CURLOPT_URL, libcurl will
- detect this and instead go use the new URL.
-
- CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set
- with CURLOPT_SSL_CTX_FUNCTION.
-
-Daniel (1 July)
-- David Byron provided a patch that allows a client to quit the test suite's
- HTTP server.
-
-- Gisle Vanem found and patched a lib handle leak in the ldap code.
-
-Daniel (25 June)
-- More NTLM-improvements. Less code. Smaller packets back and forth.
-
-Daniel (23 June)
-- Eric Glass provided us with a better doc on NTLM details, and I added more
- comments and clarified the current code more. Using the new knowledge, we
- should be able to make the NTLM stuff work even better.
- Eric's original URL: http://davenport.sourceforge.net/ntlm.html
- Version stored and provided at curl site: https://curl.haxx.se/rfc/ntlm.html
-
-- Fixed the minor compile problems pre3 had if built without GSSAPI and/or
- SSL.
-
-Version 7.10.6-pre3 (19 June 2003)
-
-Daniel (19 June)
-- Made curl use curl_free() on memory returned by curl_getenv(), as this
- should theoreticly make it possibly to build and run curl and libcurl with
- different memory allocation schemes with no problems.
-
-Daniel (18 June)
-- Improved the mkhelp.pl a bit further to make a nicer hugehelp text and to
- include a better comment in the top for the gzip compressed version.
-
-Daniel (17 June)
-- CURLOPT_HTTPAUTH is now a bitmask, in which you set which authentication
- type(s) you want to use. If more than one is set, libcurl will use one of
- the selected one and the one it considers is more secure. Test case 67 and
- 68 (for NTLM) were fixed and we've reduced a round-trip for specific --ntlm
- fetches, and test case 69 and 70 were added for testing authentication
- "picking". --anyauth is the new command line tool option, and I also added
- --basic for completeness (that's the default type).
-
-- Fixed the runtests.pl script to use the info provided by the new curl -V
- output.
-
-- --enable-debug now sets the CURLDEBUG define instead of MALLOCDEBUG, as it
- is meant to be a generic debug conditional.
-
-- curl_version_info() can now return CURL_VERSION_DEBUG as a feature bit, to
- indicate that the library was built with CURLDEBUG set.
-
-- Ralph Mitchell found out that some web applications very badly uses white
- spaces in Location: redirects, and apparently IE is a browser (the only
- one?) that supports this abomination. Based on Ralph's patch, I added code
- that now attempts to replace white spaces with the proper "%20" or "+".
- Test case 40 and 42 were added to verify my changes.
-
-- curl -V now also outputs a list of features the available library offers (if
- any).
-
-- The curl_version() string now includes "GSS" if libcurl is built with GSSAPI
- support.
-
-- David Orrell reported that libcurl still crashed when sending HUGE requests
- over HTTPS... I fixed.
-
-Version 7.10.6-pre2 (16 June 2003)
-
-Daniel (16 June)
-- curl_version_info() now returns bitmasked information weather NTLM and
- GSSNEGOTIATE are supported, since it is doomed to vary on different
- installations.
-
-- I remade the HTTP Digest code to use the MD5-code provided by OpenSSL if
- that is present, and only use our own MD5-code if it isn't.
-
-Daniel (13 June)
-- More NTLM help, fixes and patches from Cris Bailiff.
-
-- Marty Kuhrt brought include fixes for making VMS builds warning-free.
-
-Daniel (12 June)
-- NTLM authentication works somewhat against the test servers provided by
- Mathias Axelsson and Cris Bailiff. Use by setting CURLOPT_HTTPAUTH to
- CURLAUTH_NTLM to libcurl, or --ntlm for the curl tool. Test case 67 and 68
- were added for this. NTLM-support requires OpenSSL.
-
-- Dan Fandrich provided a patch, that granted that gzip and libz are available
- at build-time, compresses the hugehelp text in the curl command line and
- uncompresses it at request. Saves some ~60K in the final output executable.
-
-Daniel (11 June)
-- Long day of fighting the NTLM demons.
-
-Daniel (10 June)
-- Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead,
- and pick method. Supported ones currently are:
- CURLAUTH_BASIC - default selection
- CURLAUTH_DIGEST - formerly CURLOPT_HTTPDIGEST
- CURLAUTH_GSSNEGOTIATE
-
-- Daniel Kouril added HTTP GSS-Negotiate authentication support, as defined in
- the IETF draft draft-brezak-spnego-http-04.txt. In use already by various
- Microsoft web applications. --negotiate is the new family member. To take
- advantage of this, you need one of these packages:
-
- o Heimdal Kerberos5 http://www.pdc.kth.se/heimdal/heimdal.html
- o GSSAPI from Globus http://www.globus.org/
- o GSSAPI libraries from MIT Kerberos5 http://web.mit.edu/kerberos/www/
-
-- A missing ending bracket (']') while doing URL globbing could lead to a
- segfault. While fixing this, I also introduced better error reporting in the
- globbing code. (All this is application code outside libcurl.)
-
-Daniel (6 June)
-- David Orrell found out that sending a huge GET request over HTTPS could
- make libcurl fail and return an error code.
-
-Daniel (2 June)
-- Richard Bramante found out that "Content-Length: 0" was not properly used by
- libcurl if the response-headers indicated that the connection would be
- closed.
-
-- David Byron's patch was applied, that makes the --progress-bar take the
- local size into account when doing resumed downloads.
-
-- Feedback from Serge Semashko made me change the error message returned when
- CURLE_HTTP_RETURNED_ERROR is returned.
-
-- Anonymous in bug report #745122 pointed out that we should really be using
- SSL_CTX_set_options(... SSL_OP_ALL) to work around flaws in existing SSL
- implementations.
-
-Daniel (27 May)
-- Andreas Ley and Rich Gray helped me point out that no version of HP-UX has
- the sys/select.h header file so including it unconditionally in curl/multi.h
- is not a good thing. Now we check for HPUX and avoid using that header on
- such systems.
-
-- Rudy Koento experienced problems with curl's recent habit of POSTing data in
- two separate send() calls, first the headers and then the data. I've now
- made a fix that for static and known content that is less than 100K in size,
- everything is now sent in one single system call again. This is also better
- for network performance reasons.
-
-- I modified the main makefile to not build the test suite and a few other
- unnecessary things by default. Now, the test suite is built when 'make test'
- is run. This reduces build time for those who don't care for the test
- suite, and it also reduces confusion for people using platforms where the
- test suite build fails!
-
-Daniel (26 May)
-- Chris Lewis pointed out a flaw in the #ifdefs in curl/multi.h for Windows,
- which is now corrected.
-
-- Jis Joy found another flaw in the SOCK5 code, as libcurl treated the socks5
- proxy a little too much like as if it was a http proxy.
-
-Daniel (23 May)
-- Ricardo Cadime found a socket leak when listing directories without
- contents. Test cases 144 and 145 were added to verify the fix.
-
-- Rudy Koento found yet another problem when a HTTP server returns only a
- single-line of contents without any headers at all. libcurl then failed to
- count the data, thus returning error 52 "no contents". Test case 66 was
- added to verify that we now do right.
-
-Version 7.10.6-pre1 (23 May 2003)
-
-Daniel (23 May)
-- Jis in bug report #741841, fixed a bug in the SOCKS5 proxy-using code.
-
-Daniel (22 May)
-- David Remahl set up a test-server for me providing Digest authentication,
- and I wrote the first working code that support it. The test suite was
- modified slightly as well to work better for it and --digest was added to
- the command line options (and CURLOPT_HTTPDIGEST to the library)... RFC2617
- has all the gory details.
-
-Daniel (21 May)
-- David Balazic pointed out that curl_unescape() didn't check that %-codes
- were correctly followed by two hexadecimal digits when it unescape strings.
- Now, we do the check and only %XX codes are unescaped if the X letters are
- hexadecimals.
-
-- Gisle Vanem made curl build with djgpp on DOS.
-
-- Gisle Vanem improved the mkhelp.pl script to make a nicer manual that is
- shown with curl -M.
-
-Daniel (20 May)
-- Gisle Vanem provided a fix that makes libcurl more conservative, not
- expecting h_aliases of the hostent struct to always be non-NULL.
-
-Daniel (19 May)
-- As requested by Martin Michlmayr in Debian bug report #193630, libcurl now
- supports user name and password in the proxy environment variables. Added
- test case 63 to verify this.
-
-Version 7.10.5 (19 May 2003)
-
-Daniel (15 May)
-- Changed the order for the in_addr_t testing, as 'unsigned long' seems to be
- a very common type inet_addr() returns.
-
-Daniel (14 May)
-- George Comninos provided a fix that calls the progress meter when waiting
- for FTP command responses take >1 second. It'll make applications more
- "responsive" even when dealing with very slow ftp servers.
-
-Daniel (12 May)
-- George Comninos pointed out that libcurl uploads had two quirks:
- o when using FTP PORT command, it used blocking sockets!
- o it could loop a long time without doing progress meter updates
- Both items are fixed now.
-
-Daniel (9 May)
-- Dan Fandrich changed CURLOPT_ENCODING to select all supported encodings if
- set to "". This frees the application from having to know which encodings
- the library supports.
-
-- Dan Fandrich pointed out we had three unnecessary files in CVS that is
- generated with libtoolize, so they're now removed and libtoolize is invoked
- accordingly in the buildconf script.
-
-- Avery Fay found out that the CURLOPT_INTERFACE way of first checking if the
- given name is a network interface gave a real performance penalty on Linux,
- so now we more appropriately first check if it is an IP number and if so
- we don't check for a network interface with that name.
-
-- CURLOPT_FTP_USE_EPRT added. Set this to FALSE to disable libcurl's attempts
- to use EPRT and LPRT before the traditional PORT command. The command line
- tool sets this option with '--disable-eprt'.
-
-Version 7.10.5-pre2 (6 May 2003)
-
-Daniel (6 May)
-- Kevin Delafield reported another case where we didn't correctly check for
- EAGAIN but only EWOULDBLOCK, which caused badness on HPUX.
-
-Daniel (4 May)
-- Ben Greear noticed that the check for 'writable argv' exited the configure
- script when run for cross-compiling, which wasn't nice. Now it'll default to
- no and output a warning about the fact that it was not checked for.
-
-Daniel (2 May)
-- Added test case 62 and fixed some more on the cookie sending with a custom
- Host: header set.
-
-Daniel (1 May)
-- Andy Cedilnik fixed a few compiler warnings.
-
-- Made the "SSL read error: 5" error message more verbose, by adding code that
- queries the OpenSSL library to fill in the error buffer.
-
-Daniel (30 Apr)
-- Added sys/select.h include in the curl/multi.h file, after having been
- reminded about this by Rich Gray.
-
-- I made each test set its own server requirements, thus abandoning the
- previous system where the test number implied what server(s) to use for a
- specific test.
-
-- David Balazic made curl more RFC1738-compliant for FTP URLs, by fixing so
- that libcurl now uses one CWD command for each path part. A bunch of test
- cases were fixed to work accordingly.
-
-- Cookie fixes:
-
- A. Save domains in jars like Mozilla does. It means all domains set in
- Set-Cookie: headers are dot-prefixed.
- B. Save and use the 'tailmatch' field in the Mozilla/Netscape cookie jars
- (the second column).
- C. Reject cookies using illegal domains in the Set-Cookie: line. Concerns
- both domains with too few dots or domains that are outside the currently
- operating server host's domain.
- D. Set the path part by default to the one used in the request, if none was
- set in the Set-Cookie line.
-
- To make item C really good, I also made libcurl notice custom Host: headers
- and extract the host name set in there and use that as the host name for the
- site we're getting the cookies from. This allows user to specify a site's
- IP-address, but still be able to receive and send its cookies properly if
- you provide a valid Host: name for the site.
-
-Daniel (29 Apr)
-- Peter Kovacs provided a patch that makes the CURLINFO_CONNECT_TIME work fine
- when using the multi interface (too).
-
-Version 7.10.5-pre1 (23 Apr 2003)
-
-Daniel (23 Apr)
-- Upgraded to libtool 1.5.
-
-Daniel (22 Apr)
-- Peter Sylvester pointed out that curl_easy_setopt() will always (wrongly)
- return CURLE_OK no matter what happens.
-
-- Dan Fandrich fixed some gzip decompression bugs and flaws.
-
-Daniel (16 Apr)
-- Fixed minor typo in man page, reported in the Debian bug tracker.
-
-Daniel (15 Apr)
-- Fixed some FTP tests in the test suite that failed on my Solaris host, due
- to the config.h not being included before the system headers. When done that
- way, it did get a mixed sense of if big files are supported or not and then
- stat() and fstat() (as used in test case 505) got confused and failed to
- return a proper file size.
-
-- Formposting a file using a .html suffix is now properly set to Content-Type:
text/html.
-
-Daniel (14 Apr)
-- Fixed the SSL error handling to return proper SSL error messages again, they
- broke in 7.10.4. I also attempt to track down CA cert problems and then
- return the CURLE_SSL_CACERT error code.
-
-- The curl tool now intercepts the CURLE_SSL_CACERT error code and displays
- a fairly big and explanatory error message. Kevin Roth helped me out with
- the wording.
-
-Daniel (11 Apr)
-- Nic Hines provided a second patch for gzip decompression, and fixed a bug
- when deflate or gzip contents were downloaded using chunked encoding.
-
-- Dan Fandrich made libcurl support automatic decompression of gzip contents
- (as an addition to the previous deflate support).
-
-- I made the CWD command during FTP session consider all 2xy codes to be OK
- responses.
-
-Daniel (10 Apr)
-- Vlad Krupin fixed a URL parsing issue. URLs that were not using a slash
- after the host name, but still had "?" and parameters appended, as in
- "http://hostname.com?foobar=moo";, were not properly parsed by libcurl.
-
-Daniel (9 Apr)
-- Made CURLOPT_TIMECONDITION work for FTP transfers, using the same syntax as
- for HTTP. This then made -z work for ftp transfers too. Added test case 139
- and 140 for verifying this.
-
-- Getting the file date of an ftp file used the wrong time zone when
- displayed. It is supposedly always GMT. Added test case 141 for this.
-
-- Made the test suite's FTP server support MDTM.
-
-- The default DEBUGFUNCTION, as enabled with CURLOPT_VERBOSE now outputs
- CURLINFO_HEADER_IN data as well. The most notable effect from this is that
- using curl -v, you get to see the incoming "headers" as well. This is
- perhaps most useful when doing ftp.
-
-Daniel (8 Apr)
-- James Bursa fixed a flaw in the Content-Type extraction code, which missed
- the first letter if no space followed the colon.
-
-- Magnus Nilsson pointed out that share.c was missing in the MSVC project
- file.
-
-Daniel (6 Apr)
-- Ryan Weaver provided a patch that makes the CA cert bundle not get installed
- anymore when 'configure --without-ssl' has been used.
-
-Daniel (4 Apr)
-- Martijn Broenland found another cases where a server application didn't
- like the boundary string used by curl when doing a multi-part/formpost. We
- modified the boundary string to look like the one IE uses, as this is
- probably gonna make curl work with more applications.
-
-Daniel (3 Apr)
-- Kevin Roth reported that a bunch of tests fails on cygwin. One set fails
- when using perl 5.8 (and they run fine with perl 5.6), and another set
- failed because of an artifact in the test suite's FTP server that I
- corrected. It turned out the FTP server code was still having a file opened
- while the main test script removed it and invoked the HTTP server that
- attempted to create the same file name of the file the FTP server kept open.
- This operation works fine on unix, but not on cygwin.
-
-Version 7.10.4 (2 Apr 2003)
-
-Daniel (1 Apr)
-- Added test case 505 to exercise FTP upload with rename done with libcurl,
- and for that I had to extend the test suite's FTP server to deal with the
- RNFR and RNTO commands.
-
-Daniel (31 Mar)
-- Even more SSL config check modifications after Richard's testing.
-
-Version 7.10.4-pre6 (31 Mar 2003)
-
-Daniel (31 Mar)
-- More fixes for the SSL session ID cache checks when SSL configs are changed
- between connections. Based on tests and talks with Richard Bramante.
-
-- Guillaume Cottenceau provided a patch that added CURLOPT_UNRESTRICTED_AUTH.
- When enabled, it will prevent libcurl from limiting to which host it sends
- user+password to when following locations. By default, libcurl only sends
- name and password to the original host used in the first URL, but with this
- option set it will send the auth info to all hosts it follows location
- headers to. The new tool command line option for this is named
- "--location-trusted".
-
-- Frankie Fong reported a problem with libcurl if you re-used an easy handle
- with a proxy, and you first made a https:// connection to a host and then
- switched to a http:// one to the same host. libcurl would then wrongly re-use
- the same connection for it and fail to get the second URL properly
-
-Daniel (29 Mar)
-- Dan Shearer's fix that makes curl complain if invoked with nothing but "curl
- -O" was applied.
-
-Daniel (26 Mar)
-- Bryan Kemp was friendly enough to lend me an account on his Redhat 9 box and
- I could fix the configure problems on redhat 8.1 and 9 in no time thanks to
- this. Thanks a bunch Bryan!
-
-Daniel (25 Mar)
-- Renamed configure.in to configure.ac
-
-Version 7.10.4-pre5 (25 Mar 2003)
-
-Daniel (25 Mar)
-- Richard Bramante provided a fix for a handle re-use problem seen when you
- change options on an SSL-enabled connection between requests. Previously,
- changing peer verification or host verification and similar things was not
- taken into account when a connection were checked for re-use and thus
- enabling stricter check between requests on a re-used connection made no
- difference and the connection would thus be used erroneously.
-
-Daniel (24 Mar)
-- G�tz Babin-Ebell pointed out that the ca-bundle.crt file contained a
- certificate from Trustcenter that was a demo certificate only that was never
- intended to be part of a CA bundle.
-
-Daniel (21 Mar)
-- Life is a mystery. Within a time period of 17 hours, Tim Pope and Michael
- Churchill filed one bug report each, both identifying problems with a second
- transfer when doing persistent transfers re-using a connection. Tim's one is
- #706624, labeled "Multiple uploads per handle fail" and Michael's #707003
- "Does not send Authorization: header when reusing connection". I could track
- both down to the same piece of logic and it turned out libcurl was not using
- new settings properly when re-using an existing connection. This concerned
- both uploading and downloading and involved exactly those pieces these two
- reports identified. This code has been this faulty since the day I
- introduced persistent connection support in libcurl, more than 2 years ago.
-
-Daniel (20 Mar 2003)
-- Five year anniversary. Today five years ago, the first ever curl release saw
- the light of day.
-
-Daniel (17 Mar)
-- Andy Cedilnik corrected flaws in some libcurl example-usage sources.
-
-Daniel (16 Mar)
-- Juan F. Codagnone reported that the fix from March 2nd was incomplete.
-
-- Added code to the configure.in to check for select() argument types. I've
- not made any code use the results just yet though.
-
-Daniel (15 Mar)
-- Gisle Vanem provided two patches to build better on Windows.
-
-- Adjusted the test suite code to better make sure that the server(s) required
- for a specific test is properly started before the test case is attempted.
- Many tests now run a lot faster than before.
-
-Daniel (14 Mar)
-- Another configure.in adjustment made the configure detect functions properly
- on HPUX now.
-
-Daniel (13 Mar)
-- Philippe Raoult fixed pre4-compile quirks for FreeBSD.
-
-Version 7.10.4-pre4 (13 Mar 2003)
-
-Daniel (13 Mar)
-- Added a backup-check for functions that aren't found by AC_CHECK_FUNCS()
- as I believe some checks on HPUX need this. At least some of the info given
- to us by Rick Jones seemed to indicate this.
-
-Daniel (12 Mar)
-- Thomas Tonino found out that if you used the curl tool to do PUT operations
- as in 'curl www.foo.com/dir/ -T file' and the file name included for example
- space or other characters that don't belong in URLs, curl did not properly
- URL encode them before using them in the URL.
-
-- Added an option to configure called --enable-libgcc that simply adds -lgcc
- to the LIBS variable, as this seems to be a common problem.
-
-- I modified the configure.in file, so that the headers are now checked in an
- order of "viality". We must also make sure to use the "default headers"
- parameter to AC_CHECK_HEADERS() so that headers are checked with the proper
- prerequisites included (i.e all the major and generally important header
- files are included there by default). This might be what we need for various
- Sun, HP, AIX and Tru64 systems to behave good again on the header check
- front.
-
-- Rick Jones pointed out a few compiler warnings on HP-UX that I addressed.
-
-- I made the configure --help output nicer by using AC_HELP_STRING() a lot
- more.
-
-Daniel (11 Mar)
-- Christophe Demory fixed the socket sending code to work better on HP-UX
- when sending data to a socket that would block. It then returns EAGAIN, not
- EWOULDBLOCK.
-
-- Richard Gorton improved the seeding function for systems without a good
- and reliable random source.
-
-- Richard Gorton fixed a few warnings that popped up when you built curl
- using the Sun compiler on a 64bit SPARC platform.
-
-- Martin C. Martin fixed a case where a connect failure using the multi
- interface didn't produce a human readable error string.
-
-Daniel (10 Mar)
-- Reverted ltmain.sh back to libtool 1.4.2 status again, as the 1.4.3 version
- broke the build on numerous platforms. It seems that libtool 1.4.3 puts some
- requirements on what versions of the other tools (autoconf + automake) that
- I am not familiar with and thus I couldn't fulfill at this point.
-
- Yes, this is more than mildly frustrating.
-
-Daniel (7 Mar)
-- Run libtoolize version 1.4.3.
-
-Version 7.10.4-pre3 (4 Mar 2003)
-
-Daniel (3 Mar)
-- Added share.obj to the VC6 and Borland libcurl makefiles.
-
-- Troels Walsted Hansen found and investigated a problem with libcurl on AIX,
- presumably only on 4.3 or later. gethostbyname_r() is not returning data
- that is possible to "keep" and cache the way libcurl does. But instead these
- versions of AIX uses a gethostbyname() that works thread-safely we can
- instead use the ordinary gethostbyname() and our pack_hostent() approach to
- achieve what we want. The configure script now attempts to detect AIX 4.3 or
- later to adjust for this.
-
-Daniel (2 Mar)
-- Juan F. Codagnone found a problem introduced in 7.10.3 when you first did a
- POST and then back to a GET using the same easy handle.
-
-Daniel (28 Feb)
-- Removed the strequal and strnequal defines from curl/curl.h header. They
- were never meant for the public header anyway. Philippe Raoult brought it
- up.
-
-- James Bursa fixed the RISC OS build.
-
-Daniel (27 Feb)
-- Avery Fay pointed out the very misleading curl_multi_info_read man page, and
- I updated it to become more accurate.
-
-- Salvatore Sorrentino found a problem with FTP downloading that turned out to
- be his FTP server returning size zero (0 bytes) when SIZE was used on a file
- while being in BINARY mode. We now make a second check for the actual size
- by scanning the RETR reply anyway, even if the SIZE command returned 0.
-
-Daniel (26 Feb)
-- Kyle Sallee reported a case where he would do a transfer that didn't update
- the progress meter properly. It turned out to be a case where libcurl would
- loop a little too eagerly in the transfer loop, which isn't really good for
- the APIs, especially not the multi API.
-
-Version 7.10.4-pre2 (24 Feb 2003)
-
-Daniel (24 Feb)
-- Kjetil Jacobsen found out that setting CURLOPT_MAXCONNECTS to a value higher
- than 5 could cause a segfault.
-
-- I believe I fixed the 'Expect: 100-continue' behavior that has been broken
- for a while (I think since my change dated Dec 10 2002). When this header is
- used, libcurl should wait for a HTTP 100 (or timeout) before sending the
- post/put data.
-
-Daniel (14 Feb)
-- Matthew Clarke provided some info what to modify to make curl build
- flawlessly on AIX 3.2.5.
-
-- Martin C. Martin found and fixed a problem in the multi interface when
- running on Windows and trying to connect to a port without a listener.
-
-Daniel (13 Feb)
-- Christopher R. Palmer fixed Curl_base64_encode() to deal with zeroes in the
- data to encode.
-
-Daniel (4 Feb)
-- Jean-Philippe added the first code that enables the 'share' system. This
- should now enable sharing of DNS data between two curl easy handles.
-
-- Incorporated Nico Baggus' fixes to again compile flawlessly on VMS.
-
-- James Bursa corrected a bad comment in the public include file curl/multi.h
-
-- Peter Forret reported one of those error:00000000 cases in libcurl again
- when connecting to a HTTPS site, and this time I did discover some oddities
- in how curl reports SSL errors back. It could miss showing the actual error.
-
-Version 7.10.4-pre1 (3 Feb 2003)
-
-Daniel (3 Feb)
-- Removed things in the docs saying capath doesn't work on Windows, as Julian
- Noble told us it works fine.
-
-Daniel (31 Jan)
-- Kevin Roth fixed the zlib build stuff in the Mingw32 makefile.
-
-Daniel (30 Jan)
-- Kevin Roth found out that curl on Windows always checked for the CA cert
- bundle using the environment variable and the path scan, even though
- -k/--insecure was used.
-
-- Hamish Mackenzie pointed out that curl only did strict host name verifying
- if capath or cainfo was used. Now it'll always do it unless -k / --insecure
- is used!
-
-- Pavel Cenek pointed out that the Content-Type extraction was done wrongly
- as the full string was not fetched. Added test case 57 to verify that curl
- does it right now.
-
-Daniel (29 Jan)
-- Jamie Wilkinson provided a patch that now makes curl attempt to clear out
- "sensitive" command line arguments so that they don't appear in ps outputs
- (only on platforms that allow writing to argv[]).
-
-- John McGowan found out that the DEBUGFUNCTION could be called with bad
- arguments and thus cause the --trace outputs to go wrong.
-
-- Removed all the emacs local variables from all files. Mats Lidell provided
- the new sample.emacs file (for a sample of what to include in your .emacs)
- and the curl-style.el that sets a better c-style for editing curl sources.
-
-- Dave Halbakken found a problem with FTP downloads that could accidently
- return CURLE_PARTIAL_FILE when curl_easy_perform() was called with NOBODY
- set TRUE.
-
-Daniel (27 Jan)
-- The fopen.c example was flawed as Nick Humfrey noticed, and I fixed it to
- work again.
-
-Daniel (24 Jan)
-- Bertrand Demiddelaer found and fixed a memory leak (the content-type string)
- when following locations.
-
-Daniel (22 Jan 2003)
-- Ian Wilkes and Legoff Vincent both independently provided fixes for making
- curl/multi.h work properly when compiled with a C++ compiler.
-
-Daniel (20 Jan 2003)
-- Fixed 'buildconf' to check version number of the required tools before
- they're actually used.
-
-- Wrote 'testcurl.sh', a script targeted for automatic and distributed curl
- tests on various platforms.
-
-- David Thiel pointed out that the .netrc file was not being dealt with
- properly anymore. I broke this in the password prompting "fix".
-
-- Markus F.X.J. Oberhumer patched libcurl to allocate the scratch buffer only
- on demand and thus we save 32KB in each curl handle that don't use that
- buffer. This need appeared when some people started using thousands of
- simultaneous curl handles... :-)
-
-Daniel (16 Jan 2003)
-- Markus Oberhumer fixed curl-config --cflags when the includedir was not
- /usr/include.
-
-- Markus Oberhumer fixed CURLINFO_PRIVATE to properly return NULL if it was
- set to NULL!
-
-Version 7.10.3 (14 Jan 2003)
-
-Daniel (10 Jan 2003)
-- Steve Oliphant pointed out that test case 105 did not work anymore and this
- was due to a missing fix for the password prompting.
-
-Version 7.10.3-pre6 (10 Jan 2003)
-
-Daniel (9 Jan 2003)
-- Bryan Kemp pointed out that curl -u could not provide a blank password
- without prompting the user. It can now. -u username: makes the password
- empty, while -u username makes curl prompt the user for a password.
-
-- Kjetil Jacobsen found a remaining connect problem in the multi interface on
- ipv4 systems (Linux only?), that I fixed and Kjetil verified that it fixed
- his problems.
-
-- memanalyze.pl now reads a file name from the command line, and no longer
- takes the data on stdin as before.
-
-Version 7.10.3-pre5 (9 Jan 2003)
-
-Daniel (9 Jan 2003)
-- Fixed tests/memanalyze.pl to work with file names that contain colons (as on
- Windows).
-
-- Kjetil Jacobsen quickly pointed out that lib/share.h was missing...
-
-Version 7.10.3-pre4 (9 Jan 2003)
-
-Daniel (9 Jan 2003)
-- Updated lib/share.c quite a bit to match the design document at
- https://curl.haxx.se/dev/sharing.txt a lot more.
-
- I'll try to update the document soonish. share.c is still not actually used
- by libcurl, but the API is slowly getting there and we can start
- implementing code that takes advantage of this system.
-
-Daniel (8 Jan 2003)
-- Updated share stuff in curl/curl.h, including data types, structs and
- function prototypes. The corresponding files in lib/ were also modified
- of course to remain compilable. Based on input from Jean-Philippe and also
- to make it more in line with the design document.
-
-- Jean-Philippe Barrette-LaPierre patched a very trivial memory leak in
- curl_escape() that would happen when realloc() returns NULL...
-
-- Matthew Blain provided feedback to make the --create-dirs stuff build
- properly on Windows.
-
-- Fixed the #include in tests/libtest/first.c as Legoff Vincent pointed out.
-
-Daniel (7 Jan 2003)
-- Philippe Raoult provided a patch that now makes libcurl properly support
- wildcard checks for certificate names.
-
-- Simon Liu added CURLOPT_HTTP200ALIASES, to let an application set other
- strings recognized as "HTTP 200" to allow http-like protocols to get
- downloaded fine by curl.
-
-- Now using autoconf 2.57 and automake 1.7.2
-
-- Doing "curl -I ftp://domain/non-existing-file"; still outputed a date!
- Wayne Haigh reported.
-
-- The error message is now written properly with a newline in the --trace
- file.
-
-Daniel (6 Jan 2003)
-- Sterling Hughes fixed a possible bug: previously, if you called
- curl_easy_perform and then set the global dns cache, the global cache
- wouldn't be used. Pointed out by Jean-Philippe Barrette-LaPierre.
-
-- Matthew Blain's fixed the VC6 libcurl makefile to include better debug data
- on debug builds.
-Daniel (27 Dec 2002)
-- Philippe Raoult reported a bug with HTTPS connections which I evidently
- added in my 19 dec fix. I corrected it.
-
-Daniel (20 Dec)
-- Idea from the Debian latest patch: use AM_MAINTAINER_MODE in the configure
- script to make the default makefile less confusing "to the casual
- installer".
-
-Version 7.10.3-pre3 (20 Dec)
-
-Daniel (19 Dec)
-- Matthew Blain patched the Curl_base64_decode() function.
-
-- Evan Jordan reported in bug report #653022 that the SSL_read() usage was
- wrong, and it certainly was. It could lead to curl using too much CPU due to
- a stupid loop.
-
-Daniel (18 Dec)
-- As suggested by Margus Freudenthal, CURLE_HTTP_NOT_FOUND was renamed to
- CURLE_HTTP_RETURNED_ERROR since it is returned on any >= 400 code when
- CURLOPT_FAILONERROR is set.
-
-Daniel (17 Dec)
-- Bug reported #651464, reported by Christopher Palmer, provided an example
- source code using the multi interface that hang when trying to connect to a
- proxy on a localhost port where no proxy was listening. This bug was not
- repeatable on libcurls that were IPv6-enabled.
-
-Daniel (16 Dec)
-- Christopher Palmer also noticed what Vojtech Janota already was
- experiencing: The attempted name resolve fix for glibc 2.2.93 caused libcurl
- to crash when used on some older glibc versions. The problem is of course
- the silliness of the 2.2.93. I committed a fix that hopefully should make
- the binary run fine on either one of the versions, even though the solution
- is not as nice as I'd like it to be.
-
-Daniel (13 Dec)
-- Bug report #651460 by Christopher R. Palmer showed that when using libcurl
- to for example go over a proxy on localhost, it would attempt to connect
- through the proxy TWICE.
-
- I added test case 503 with which I managed to repeat this problem and I
- fixed the code to not re-attempt any connects (which also made it a nicer
- fix for the #650941 bug mentioned below).
-
- The sws server was extended to deal with CONNECT in order to make test
- case 503 do good.
-
-- Evan Jordan posted bug report #650989 about a memory leak in the public key
- retrieving code. He provided a suggested fix and I merely applied it!
-
-- Bug report #650941, posted by Christopher R. Palmer identified a problem
- with the multi interface and getting file:// URLs. This was now fixed and
- test case 502 was added to verify this.
-
-Daniel (12 Dec)
-- Test case 500 and 501 are the first ever libcurl test cases that run.
-
-- Made "configure --enable-debug" cut off all -O* options to the compiler
-
-- Finally fixed the test suite's ftp server so that test case 402 doesn't
- cause the following test case to fail anymore!
-
-Daniel (11 Dec)
-- CURL_MAX_WRITE_SIZE is now decreased to 16KB since it makes the Windows
- version perform uploads much faster!!! RBramante did lots of research on
- this topic.
-
-- Fixed the #include in curl/curl.h to include the other files outside the
- extern "C" scope.
-
-Daniel (10 Dec)
-- Moved around and added more logic:
-
- First, POST data is never sent as part of the request headers in the http.c
- code. It is always sent the "normal" read callback then send() way. This now
- enables a plain HTTP POST to be sent chunked if we want to. This also
- reduces the risk of having very big POSTs causing problems.
-
- Further, sending off the initial HTTP request is not done using a loop
- anymore. If it wasn't all sent off in the first send(), the rest of the
- request is sent off in the normal transfer select() loop. This makes several
- things possible, but mainly it makes libcurl block less when used from the
- multi interface and it also reduces the risk of problems with issuing very
- large requests.
-
-Daniel (9 Dec)
-- Moved the read callback pointer and data within the structs to a more
- suitable place. This in preparation for a better HTTP-request sending code
- without (a silly) loop.
-
-- The Dodds fix seems not to work.
-
-- Vojtech Janota tests proved that the resolve fix from oct 21st is not good
- enough since obviously older glibcs might return EAGAIN without this meaning
- that the buffer was too small.
-
-- [the other day] Made libcurl loop on recv() and send() now until done, and
- then get back to select(). Previously it went back to select() more often
- which really was a slight overhead. This was due to the reported performance
- problems on HTTP PUT on Windows. I couldn't see any notable difference on
- Linux...
-
-Version 7.10.3-pre2 (4 Dec 2002)
-
-Daniel (4 Dec 2002)
-- Lots of work with Malcolm Dodds made me add a temporary code fix that now
- shortens the timeout waiting for the 226 or 250 line after a completed
- FTP transfer.
-
- If no data is received within 60 seconds, this is taken as a sign of a dead
- control connection and we bail out.
-
-Daniel (3 Dec 2002)
-- Ralph's bug report #644841 identified a problem in which curl returned a
- timeout error code when in fact the problem was not a timeout. The proper
- error should now be propagated better when they're detected in the FTP
- response reading function.
-
-- Updated the Borland Makefiles.
-
-Daniel (2 Dec 2002)
-- Nicolas Berloquin provided a patch that introduced --create-dirs to the
- command line tool. When used in combination with -o, it lets curl create
- [non-existing] directories used in -o, suitably used with #-combinations
- such as:
-
- curl "www.images.com/{flowers,cities,parks,mountains}/pic_[1-100].jpg \
- -o "dir_#1/pic#2.jpg" --create-dirs
-
-Version 7.10.3-pre1
-
-Daniel (28 Nov 2002)
-- I visited Lars Nordgren and had a go with his problem, which lead me to
- implement this fix. If libcurl detects the added custom header
- "Transfer-Encoding: chunked", it will now enable a chunked transfer.
-
- Also, chunked transfer didn't quite work before but seems to do so now.
-
-- Kjetil Jacobsen pointed out that ./configure --disable-ipv6 --without-zlib
- didn't work on any platform...
-
-Daniel (26 Nov 2002)
-- Fixed a bad addrinfo free in the hostip.c code, hardly exposed anywhere
-
-- Dan Becker found and fixed a minor memory leak on persistent connnections
- using CURLOPT_USERPWD.
-
-Daniel (22 Nov 2002)
-- Based on Ralph Mitchell's excellent analysis I found a bug in the test suite
- web server (sws) which now lets test case 306 run fine even in combination
- with the other test cases.
-
-- Juan Ignacio Herv�s found a crash in the verbose connect message that is
- used on persistent connections. This bug was added in 7.10.2 due to the
- rearranged name resolve code.
-
-Daniel (20 Nov 2002)
-- Kjetil Jacobsen provided a patch that introduces:
-
- CURLOPT_PRIVATE stores a private pointer in the curl handle.
-
- CURLINFO_PRIVATE retrieves the private pointer from the curl handle.
-
-- Karol Pietrzak pointed out how curl-config --cflags didn't output a good
- include dir so I've removed that for now.
-
-Version 7.10.2 (18 Nov 2002)
-
-Daniel (11 Nov 2002)
-- Dave Halbakken added curl_version_info to lib/libcurl.def to make libcurl
- properly build with MSVC on Windows.
-
-Daniel (8 Nov 2002)
-- Doing HTTP PUT without a specified file size now makes libcurl use
- Transfer-Encoding: chunked.
-
-Daniel (7 Nov 2002)
-- Bug report #634625 identified how curl returned timeout immediately when
- CURLOPT_CONNECTTIMEOUT was used and provided a fix.
-
-Version 7.10.2-pre4 (6 Nov 2002)
-
-Daniel (5 Nov 2002)
-- Lehel Bernadt found out and fixed. libcurl sent error message to the debug
- output when it stored the error message.
-
-- Avery Fay found some problems with the DNS cache (when the cache time was
- set to 0 we got a memory leak, but when the leak was fixed he got a crash
- when he used the CURLOPT_INTERFACE with that) that had me do some real
- restructuring so that we now have a reference counter in the dns cache
- entries to prevent an entry to get flushed while still actually in use.
-
- I also detected that we previously didn't update the time stamp when we
- extracted an entry from the cache so that must've been a reason for some
- very weird dns cache bugs.
-
-Version 7.10.2-pre3
-
-Daniel (31 Oct 2002)
-- Downgraded automake to 1.6.3 in an attempt to fix cygwin problems. (It
- turned out this didn't help though.)
-
-- Disable the DNS cache (by setting the timeout to 0) made libcurl leak
- memory. Avery Fay brought the example code that proved this.
-
-Version 7.10.2-pre2
-
-Daniel (28 Oct 2002)
-- Upgraded to autoconf 2.54 and automake 1.7 on the release-build host.
-
-- Kevin Roth made the command line tool check for a CURL_CA_BUNDLE environment
- variable (if --cacert isn't used) and if not set, the Windows version will
- check for a file named "curl-ca-bundle.crt" in the current directory or the
- directory where curl is located. That file is then used as CA root cert
- bundle.
-
-- Avery Fay pointed out that curl's configure scrip didn't get right if you
- used autoconf newer than 2.52. This was due to some badly quoted code.
-
-Version 7.10.2-pre1
-
-Daniel (23 Oct 2002)
-- Emiliano Ida confirmed that we now build properly with the Borland C++
- compiler too. We needed yet another fix for the ISO cpp check in the curl.h
- header file.
-
-- Yet another fix was needed to get the HTTP download without headers to work.
- This time it was needed if the first "believed header" was read all in the
- first read. Test 306 has not run properly since the 11th october fix.
-
-Daniel (21 Oct 2002)
-- Zvi Har'El pointed out a problem with curl's name resolving on Redhat 8
- machines (running IPv6 disabled). Mats Lidell let me use an account on his
- machine and I could verify that gethostbyname_r() has been changed to return
- EAGAIN instead of ERANGE when the given buffer size is too small. This is
- glibc 2.2.93.
-
-- Albert Chin helped me get the -no-undefined option corrected in
- lib/Makefile.am since Cygwin builds want it there while Solaris builds don't
- want it present. Kevin Roth helped me try it out on cygwin.
-
-- Nikita Schmidt provided a bug fix for a FOLLOWLOCATION bug introduced when
- the ../ support got in (7.10.1).
-
-Daniel (18 Oct 2002)
-- Fabrizio Ammollo pointed out a remaining problem with FOLLOWLOCATION in
- the multi interface.
-
-Daniel (17 Oct 2002)
-- Richard Cooper's experimenting proved that -j (CURLOPT_COOKIESESSION) didn't
- work quite as supposed. You needed to set it *before* you use
- CURLOPT_COOKIEFILE, and we dont' want that kind of dependencies.
-
-Daniel (15 Oct 2002)
-- Andr�s Garc�a provided corrections for erratas in four libcurl man pages.
-
-Daniel (13 Oct 2002)
-- Starting now, we generate and include PDF versions of all the docs in the
- release archives.
-
-Daniel (12 Oct 2002)
-- Trying to connect to a host on a bad port number caused the multi interface
- to never return failure and it appeared to keep on trying forever (it just
- didn't do anything).
-
-Daniel (11 Oct 2002)
-- Downloading HTTP without headers didn't work 100%, some of the initial data
- got written twice. Kevin Roth reported.
-
-- Kevin Roth found out the "config file" parser in the client code could
- segfault, like if DOS newlines were used.
-
-Version 7.10.1 (11 Oct 2002)
-
-Daniel (10 Oct 2002)
-- Jeff Lawson fixed a few problems with connection re-use that remained when
- you set CURLOPT_PROXY to "".
-
-Daniel (9 Oct 2002)
-- Craig Davison found a terrible flaw and Cris Bailiff helped out in the
- search. Getting HTTP data from servers when the headers are split up in
- multiple reads, could cause junk data to get inserted among the saved
- headers. This only concerns HTTP(S) headers.
-
-Daniel (8 Oct 2002)
-- Vincent Penquerc'h gave us the good suggestion that when the ERRRORBUFFER
- is set internally, the error text is sent to the debug function as well.
-
-- I fixed the telnet code to timeout properly as the option tells it to. On
- non-windows platforms.
-
-Daniel (7 Oct 2002)
-- John Crow pointed out that libcurl-the-guide wasn't included in the release
- tarball!
-
-- Kevin Roth pointed out that make install didn't do right if build outside
- the source tree (ca-bundle wise).
-
-- FOLLOWLOCATION bugfix for the multi interface
-
-Daniel (4 Oct 2002)
-- Kevin Roth got problems with his cygwin build with -no-undefined was not
- present in lib/Makefile.am so I put it back in there again. The poor one who
- needs to remove it again must write a configure script to detect that need.
-
-- Ralph Mitchell pointed out that curl was a bit naive and didn't deal with ./
- or ../ stuff in the string passed back in a Location: header when following
- locations.
-
-- Albert Chin helped me to work out a better configure.in check for zlib, and
- both --without-zlib and -with-zlib seem to work rather well right now.
-
-- Zvi Har'El improvied the OpenSSL ENGINE check in the configure script to
- become more accurate.
-
-Daniel (1 Oct 2002)
-- Detlef Schmier pointed out the lack of a --without-libz option to configure,
- so I added one.
-
-Version 7.10 (1 Oct 2002)
-
-Daniel (30 Sep 2002)
-- Modified the curl_version_info() proto and returned struct once again, and
- updated the man page accordingly.
-
-- Cris Bailiff found out that the pre-releases crashed on name lookups on
- names such as "a:" or "baz:" (on Linux versions not being IPv6-enabled) due
- to some weird return codes from gethostbyname_r(). I'll blame the complete
- lack of docs in that department. Cris provided a fix, which I modified only
- slightly.
-
-Daniel (27 Sep 2002)
-- After a suggestion from Christian Kurz to Debian curl package maintainer
- Domenico Andreoli, I made it possible to override the proxy environment
- variables better. Now, by setting -x "" you can explicitly tell libcurl to
- not use a proxy, no matter whan the environment variables say.
-
-Version 7.10-pre4
-
-Daniel (26 Sep 2002)
-- Extended curl_version_info() more and wrote a man page for it.
-
-Daniel (25 Sep 2002)
-- libcurl could leak memory when downloading multiple files using http ranges,
- reported and fixed by Jean-Luc Guevel.
-
-- Walter J. Mack provided code and docs for the new curl_free() function that
- shall be used to free memory that is allocated by libcurl and returned back
- to the application, as curl_escape() and curl_unescape() do.
-
-- Yarram Sunil pointed out a flaw in the multi interface where a failed
- connection didn't close down properly and thus a second transfer using the
- same handle failed.
-
-- Andr�s Garc�a fixed a flaw that made (among other things) dict-fetches
- return a random value.
-
-Daniel (24 Sep 2002)
-- Wez Furlong brought his initial patch that introduced curl_version_info().
- We might need to tweak it somewhat before release.
-
-Daniel (20 Sep 2002)
-- Craig Markwardt fixed another Tru64 IP resolve problem.
-
-Daniel (19 Sep 2002)
-- Dolbneff A.V and Spiridonoff A.V made the file:// code work with resumes
- in the same style other code does.
-
-- Ilguiz Latypov fixed a flaw in the client code when fetching multiple URLs
- and -C - was used. The first file's resume position was then accidentally
- reused on all the other files too.
-
-Daniel (18 Sep 2002)
-- The curl_easy_setopt.3 man page was greatly modified and the options have
- now been grouped in logical groups so that it should be somewhat easier to
- read it and find things you search for.
-
-Daniel (13 Sep 2002)
-- Kevin Roth pinpointed a scary flaw in libcurl, when the HTTP server doesn't
- send any headers back, only raw content. Right, that is a violation of the
- standard but still happens at times and we need to deal with it. Test case
- 306 was added to verify that we do right now.
-
-Version 7.10-pre3
-
-Daniel (11 Sep 2002)
-- Lukasz Czekierda found out that curl didn't send a correct HTTP Host: header
- when you specified the URL with an IPv6 IP-address.
-
-Daniel (4 Sep 2002)
-- Sven Neuhaus made --silent being acknowledged even when multiple URLs
- were used. It used to output "[1/2]: http://host/a.html.de --> a.html.d" etc
- even when told to shut up.
-
-Daniel (3 Sep 2002)
-- Updated all source code headers to use MIT-license references only, and
- point to the COPYING file and the https://curl.haxx.se/docs/copyright.html
- URL. I've cut out all references to MPL that I could find.
-
-- Corected the makefiles to not always use -lz when linking
-
-Version 7.10-pre2
-
-Daniel (2 Sep 2002)
-- James Gallagher added Content-Encoding support to libcurl so now curl and
- libcurl-using apps can request compressed contents using the 'deflate'
- method. See the special file lib/README.encoding for details.
-
- curl --compressed is now used to request compressed contents.
-
- curl-config --feature will include 'libz' if this feature was around when
- the library was built.
-
-Daniel (30 Aug 2002)
-- Applied an anonymous SOCKS5-proxy patch. Not properly working in all
- situations though, as all getaddrinfo()-using libcurls will fail on this.
- This is because of the somewhat naive way the current code tries to extract
- the IP address of the proxy.
-
-- Fixed up the SSL cert fixes from the other day even more after more inputs
- from Cris. Added three new SSL error codes to make the
- CURLE_SSL_CONNECT_ERROR slightly less overloaded.
-
-Daniel (27 Aug 2002)
-- After lots of talk with Tom Zerucha, Nick Gimbrone and Cris Bailiff I
- decided to talk the bold path and I now made libcurl do CA certificate
- verification by default. Thus library users need to explicitly turn this off
- if you want to connect to sites without proper checking. We also install a
- CA cert bundle on 'make install' now.
-
- The curl tool now requires the -k/--insecure option in order to allow
- connections and operations on SSL sites that aren't properly verified with
- -cafile or --capath.
-
- curl-config --ca displays the built-in path to the CA cert bundle.
-
-Daniel (26 Aug 2002)
-- Andrew Francis cleaned up some code that now compiles fine without the need
- for ugly MSVC pragmas.
-
-- Keith MacDonald found a minor bug in src/main.c that made it close stdin
- instead of the actual file handle. It shouldn't have resulted in much
- trouble as most operating systems close all file handles on process exit
- anyway.
-
-Daniel (22 Aug 2002)
-- Markus Oberhumer provided some documentation for his previously provided
- CURLOPT_NOSIGNAL fix.
-
-- Patched the lib/Makefile.am to hopefully no longer complain on undefined
- symbols that seemed to occur on builds with shared OpenSSL libraries on
- Solaris lately...
-
-Daniel (20 Aug 2002)
-- Fixed compiler warnings on MSCV++ compiles. We're looking for help here:
- remove the pragmas from lib/config-win32.h and adjust the sources where
- the warnings occur. Hiding them with pragmas like this is not the correct
- way of dealing with compiler warnings.
-
-Daniel (13 Aug 2002)
-- Ulrich Zadow made the global include files in curl/* include themselves
- using "curl.h" instead of <curl/curl.h> which thus allows people to more
- freely decide how to include curl and how to setup their include paths.
-
-- Sterling Hughes added the curl_share* interface, somewhat as discussed
- previously.
-
-- J�rn Hartroth pointed out that poll() was used in the pre1 source code and
- it isn't very portable, so now I check for it in the configure script and
- work around it.
-
-Version 7.9.9-pre1
-
-Daniel (12 Aug 2002)
-- Applied my initial take on making the multi stuff more asynchronous. Connects
- should now return back without "hanging" until it has connected for real.
- This should also be the case for FTP-PASV connects.
-
-Daniel (9 Aug 2002)
-- Applied Markus F.X.J. Oberhumer's patch that introduces CURLOPT_NOSIGNAL,
- which effectively prevents libcurl from doing anything that may cause
- signals to get sent. This is basicly for multi-threaded applications that
- now can use timeouts properly, without risking any signals to burst in and
- ruin the party.
-
-Daniel (5 Aug 2002)
-- Lukasz Czekierda reported that RFC2732-style literal IPv6 addresses didn't
- work. When did that code vanish? Anyway, it's back again now and seems to
- work!
-
-- Jonatan Lander found out that POSTing an empty string didn't work with the
- command line tool.
-
-Daniel (3 Aug 2002)
-- J�rn Hartroth fixed the libcurl.def file to build the windows DLL with
- the multi interface enabled.
-
-Daniel (1 Aug 2002)
-- The ftp PORT command now uses a better default IP address, as it will
- extract and use the local IP address used by the control connection.
-
-- Modified the #include lines in curl/multi.h to work better on more
- platforms.
-
-Daniel (31 Jul 2002)
-- Attempted a fix for Ray DeGennaro's reported HP-UX host name resolve
- problems.
-
-Daniel (30 Jul 2002)
-- Priya Ramakrishnan and Ryan Jones compiles curl/curl.h with a C++ compiler
- and don't get __STDC__ defined, which required us to extend the preprocessor
- check for the ## operator usage.
-
-- Correct the description for CURLOPT_PASSWDFUNCTION, if set to NULL the
- internal default function will be put back.
-
-- danfuzz at milk.com found out that libcurl badly assumed a space after
- 'Set-Cookie:' so if it wasn't present, it caused the first letter of the
- cookie name to fall off!
-
-Daniel (29 Jul 2002)
-- The password prompt asking for user password used stdout and now uses
- stderr instead to better allow redirecting. It also leaked a fopen() file
- handle that is now fixed.
-
-Daniel (28 Jul 2002)
-- HAVE_SETVBUF was left out from src/main.c which made -N not work. Found out
- by M T.
-
-Daniel (26 Jun 2002)
-- Glen Nakamura solved a crash in the name resolving function for IP-only
- addresses on Alpha Linux (at least).
-
-- T. Bharath corrected the high resolution timer introduced in 7.9.8.
-
-Daniel (22 Jun 2002)
-- Andr�s Garc�a pointed out man page errors in curl_formadd.3. I fixed.
-
-Daniel (19 Jun 2002)
-- Chris Combes pointed out a flaw in curl_escape(). I fixed. We no longer
- tries to generate nor parse '+' in URLs. Spaces become %20, and only %-codes
- are translated by curl_unescape().
-
-Daniel (15 Jun 2002)
-- Added --limit-rate to the curl tool. Allows the user to set a maxmimum
- upper limit to how much bandwidth to use for transfers.
-
-- CURLOPT_BUFFERSIZE was added to libcurl. This sets a prefered size for the
- receive buffer in libcurl. The main point of this would be that the write
- callback gets called more often and with smaller chunks.
-
-Daniel (14 Jun 2002)
-- Yarram Sunil found out that the SocketIsDead() function performed a lot
- faster on Windows when removing the 1 microsecond timeout.
-
-- Hanno L. Kranzhoff fixed the VC++ project files.
-
-- Tom Mattison found out that ftp transfers closed the connection a little
- too often.
-
-- Miklos Nemeth posted a VC++ makefile fix and some INSTALL comments on how
- to disable specific protocols when building for Windows.
-
-Version 7.9.8
-
-Daniel (13 Jun 2002)
-- Time to let this baby go.
-
-Daniel (12 Jun 2002)
-- Chris Combes added three new options for curl_formadd(): CURLFORM_BUFFER,
- CURLFORM_BUFFERPTR, CURLFORM_BUFFERLENGTH. They are used to create a
- multipart that appears as a regular file upload, but the data is provided
- with a pointer and length.
-
-- Nico Baggus made the VMS version use sigsetjmp() too.
-
-- J�rn Hartroth fixed the mingw32 build using the mm lib.
-
-- Applied patches by Kris Kennaway that correct format string problems in
- lib/ftp.c and lib/ldap.c.
-
-Version 7.9.8-pre3
-
-Daniel (11 Jun 2002)
-- James Cone brought the idea of using sigsetjmp() in the signal handler to
- make the time-out of name lookups to work, even when the underlying name
- resolver library traps EINTR. The use of sigsetjmp() and siglongjmp() for
- this may be a bit drastic, and also not likely to exist on all platforms. I
- added careful checking for this in the configure script, even checks for it
- being a macro (which seems to be the case in for example Linux).
-
- sigsetjmp() seems to be mentioned in the Single Unix specification.
-
-- Miklos Nemeth brought a patch that allows libcurl to get built with specific
- protocols disabled. This is done by running ./configure
- --disable-[protocol].
-
-- FTP range downloads could make CURLE_FTP_WRITE_ERROR get returned. We now
- make precautions to not return this for range downloads.
-
- Added test case 135 that makes an ftp range download. Had to tweak the
- runtests.pl script a bit too.
-
-- Bug report #566835 identified a strlen() on a NULL pointer. Added additional
- check to prevent this.
-
-Daniel (10 Jun 2002)
-- Found and corrected a connect failure problem that didn't create a human
- error text.
-
-- Added code to compile with OpenSSL 0.9.7. Based on patch from Jacob Meuser
- and comments from G�tz Babin-Ebell.
-
-- Gautam Mani found a socket descriptor leak that happened when FTP transfers
- failed and you reinvoked curl_easy_perform().
-
-Daniel (5 Jun 2002)
-- Gustaf Hui corrected curl_multi_remove_handle() so that it won't crash no
- matter when you decide to remove the CURL handle.
-
-- HAVE_RAND_STATUS was added to lib/config-win32.h by Andreas Olsson, as it
- makes windows builds stop complaining about "weak seeding" when it in fact
- isn't.
-
-- Another 64bit architecture crash that was introduced in 7.9.7 was now
- removed, as bug report #564585 clarified. This happened due to our attempts
- to only allocate only as much memory as is actually needed for name
- resolving (using realloc) which called for a function that could 'move' a
- hostent struct in memory.
-
-Version 7.9.8-pre2
-
-Daniel (3 Jun 2002)
-- T. Bharath fixed the CURLINFO_REDIRECT_TIME to return a correct time and
- made the CURLINFO_REQUEST_SIZE return the correct total request size. He
- also made the win32 timers use higher resolution than before.
-
-Daniel (29 May 2002)
-- Renaud Chaillat made me aware of the fact that libcurl returned an error if
- you tried to get an empty FTP file. This seemed like a wrong thing to do, so
- now it no longer does that! I just hope that no one built anything fancy
- upon this unexpected behavior...
-
-Daniel (28 May 2002)
-- Cris Bailiff brought CURLOPT_CAPATH that works like CURLOPT_CAINFO but
- specifies a path to a directory with certificates rather than a single file
- with them all concatenated. --capath was added to the command line tool
- for the same function.
-
- Windows users need to pay attention that the directory should be setup with
- the c_rehash tool of the OpenSSL package, and that creates symlinks by
- default that need to be replaced with actual copies to work on Windows.
-
-- Gustaf Hui provided new code that changes how curl_multi_info_read()
- messages are stored, so that they don't have to be kept around for the multi
- handle's entire life time. He also made it return failure codes properly
- which it didn't do before.
-
-Daniel (27 May 2002)
-- Gustaf Hui pointed out that running curl_multi_perform() without doing
- curl_multi_fdset() first was not really a working combo. I added an internal
- check for this and have some extra select() code without timeout to make the
- library internals work identically nevertheless. We might need to somehow
- either document that once you've used the *_fdset() you should remain using
- them in select() or you should blank them somehow so that libcurl won't go
- crazy.
-
-Version 7.9.8-pre1
-
-Daniel (22 May 2002)
-- James Cone brought an excellent patch, including several tests and docs!
- CURLOPT_NETRC now takes an enum as argument instead of the previous boolean.
- --netrc-optional was introduced as an addition to --netrc to allow the
- command line client to take use of all that new netrc stuff.
-
-- Bug report #558888 showed a case where libcurl re-used the previous host
- name when a connection over a proxy was re-used but to a different target
- host.
-
-Daniel (21 May 2002)
-- Edin Kadribasic helped me sort out a problem to made libcurl crash when
- trying to HTTP POST an empty string.
-
-- Clarified that Juergen Wilke donated the original tests/server/sws.c code.
-
-- Jean-Philippe Barrette-LaPierre made curl_formadd() return a typedef named
- CURLFORMcode instead of the previous 'int', and the various return codes are
- now globally exported. It allows applications to better figure out what goes
- wrong when curl_formadd() returns errors.
-
-Daniel (20 May 2002)
-- Roland Zimmermann pointed out that SSL_CTX_use_certificate_chain_file()
- is prefered to SSL_CTX_use_certificate_file().
-
-Daniel (17 May 2002)
-- Bug report #556869 pointed out that src/writeout.c didn't compile on freebsd
- after my AIX fixes the other week.
-
-- Bug report #556930 pointed out a FreeBSD core dump introduced in 7.9.7 in
- the DNS struct realloc stuff. Actually, this crash could happen on all
- systems that made the pack_hostent() function get invoked.
-
-- I removed several compiler warnings in the test suite's HTTP server.
-
-Version 7.9.7
-
-Daniel (10 May 2002)
-- Kevin Roth adjusted the --trace-ascii output slightly.
-
-- Paul Harrington found out that src/writeout.c needed an additional header
- file included for AIX builds
-
-Version 7.9.7-pre2
-
-Daniel (7 May 2002)
-- Updated the man page with --trace-ascii and -j/--junk-session-cookies.
-
-- Made --trace-ascii do pretty much the same as --trace but without the hex
- part in the output.
-
-- Added CURLOPT_COOKIESESSION that when enabled makes libcurl ignore session
- cookies read from a file. This option is enforced by the curl command line
- tool using the new -j/--junk-session-cookies option. After discussions with
- Kevin Roth. This makes it easier to use curl to fully emulate a browser's
- behavior, even when it comes to "session cookies". Session cookies are
- cookies that a normal browser discards when the browser is shut
- down. They're identified by not having any expire date/time.
-
-- When CURLOPT_DEBUGDATA was set, it ruined the CURLOPT_STDERR setting and
- this was discovered when --trace was made to crash.
-
-- Using -v and --trace at the same time confused matters. -v is now pretty
- much ignored when --trace or --trace-ascii is used.
-
-- Made --trace (and --trace-ascii) support - as file name to pass output to
- stdout instead. It makes it consistent with how other options work.
-
-Version 7.9.7-pre1
-
-Daniel (6 May 2002)
-- Added multi-post.c to the examples directory. I got the basic source for
- this from Gustaf Hui.
-
-Daniel (3 May 2002)
-- CURL_MAX_WRITE_SIZE is now an exported #define in the curl/curl.h header and
- can be used to figure out the maximum buffer size your write callback can
- get.
-
-- CURLOPT_READDATA is now an alias for CURLOPT_INFILE and CURLOPT_WRITEDATE is
- an alias for CURLOPT_FILE. These two were added for conformity. Most other
- callback function's userdata are provided with options using a similar name-
- scheme.
-
-- Added "--trace [file]" to the command line tool. It makes a very detailed
- trace dump get stored, with a full protocol dump that includes all received
- and transmitted data. This could be a very effective tool for debugging what
- goes wrong. This dump includes every byte the way it is sent to/received
- from the server. The dump is the plain-text version, so SSL transfers will
- still be readable.
-
-- I found out that the DEBUGFUNCTION was not called properly everywhere as we
- wanted it to. I fixed it.
-
-- -D now stores all headers to the same file if multiple URLs are given on the
- command line! Kevin Roth made me aware of that it didn't already do this!
-
-- Gustaf Hui wrote an excellent formpost example that used the multi
- interface. Unfortunately, it didn't work due to several bugs in how
- transfers were made when the multi interface was used.
-
-Daniel (2 May 2002)
-- Hanno Kranzhoff found out that when doing multiple transfers on the same
- easy handle, the progress meter would show a bad "currently downloaded
- value" when the transfer starts.
-
-Daniel (1 May 2002)
-- Applied another patch by Jacky Lam to make the name resolve info realloc()
- stuff work properly.
-
-Daniel (28 April 2002)
-- curl_multi_info_read() is now implemented!
-
-Daniel (27 April 2002)
-- Updated BUGS, TODO, FAQ, INSTALL and added BINDINGS.
-
-- I think I fixed the DNS cache prune crach Jacky Lam found and reported.
-
-- I cleaned up the name prefix stuff in the hash and llist modules.
-
-- FTP responses should now be better on timing out properly. The timeout value
- is maximum timeout for the entire request operation, but before this, the
- timeout was used as a maximum allowed time between two reads...
-
-Daniel (26 April 2002)
-- Fixed the test suite http server to not use snprintf() anymore due to better
- portability.
-
-Daniel (25 April 2002)
-- With Sterling Hughes' new DNS pruning, Jacky Lam asked if this wouldn't
- cause problems since the pruning is only checking the entry time, and it
- sure could cause problems. Therefor, I've now added and changed code so that
- this should not be a problem. Nowhere in the code will be store name
- resolved information around so that a sunsequent DNS cache prune should
- cause a problem. This of course called for some mild internal changes.
-
-Daniel (23 April 2002)
-- Improved the 'no_proxy' check, as using port numbers in the URL confused it
- previously. Reported by Erwan Legrand in bug report #547484.
-
-- The --interface option now works even on IPv6 enabled builds. Reported by
- 'thor'.
-
-Daniel (22 April 2002)
-- The #defines names starting with TIMECOND now has CURL_ prefixes. (The old
- names are still #defined too.) Pointed out by Robert Olson.
-
-- Jacky Lam brought code that lets the name resolve function only use as much
- memory as it actually needs. This only works on certain operating systems,
- but is totally transparant to all users.
-
-Daniel (19 April 2002)
-- Bjorn Reese fixed pack_hostent to work properly with 64 bit pointers.
-
-Daniel (18 April 2002)
-- Sterling Hughes added code to prune old DNS cache entries, since Jacky Lam
- experienced very big caches.
-
-Daniel (17 April 2002)
-- Dirk Manske patched the 301 response to work against the RFC but more like
- common browsers do. If a POST get a 301 back, it'll switch to GET in the
- next request (if location-following is enabled).
-
-Daniel (16 April 2002)
-- Dirk Manske posted a patch originally written by Ingo Wilken that introduced
- two new CURLINFO_* values: CURLINFO_REDIRECT_TIME and
- CURLINFO_REDIRECT_COUNT.
-
-Daniel (15 April 2002)
-- Jonatan Lander patched the verbose text 'Disables POST, goes with GET' to
- reflect reality better, like when the first request isn't POST and when
- the second isn't GET... :-)
-
-- Craig Davison pointed out that when curl_formadd()ing a file that doesn't
- exist, libcurl doesn't return error. Now, curl_easy_perform() will return
- CURLE_READ_ERROR if that is the case. Test 41 was added to verify this.
-
-Version 7.9.6
-
-Daniel (14 April 2002)
-- Dirk Manske brought a fix that makes libcurl strip off white spaces from the
- beginning of cookie contents.
-
-- Had to patch include/curl/curl.h since MSVC doesn't set the __STDC__ define.
- Moonesamy pointed out the problem, Bjorn Reese the solution.
-
-Version 7.9.6-pre5
-
-Daniel (12 April 2002)
-- Fixed the TIMER_CONNECT to be more accurate for FTP transfers. Previously
- FTP transfers got the "connect done" time set after the initial FTP commands
- and not directly after the TCP/IP connect as it should.
-
- I also made the time stamp get set even if the connect itself fails, which
- it didn't do previously.
-
-- Jean-Philippe Barrette-LaPierre provided his patch that introduces
- CURLOPT_DEBUGFUNCTION and CURLOPT_DEBUGDATA. They allow a program to a set a
- callback to receive debug/information data. That includes headers and data
- that is received and sent. CURLOPT_VERBOSE still controls it.
-
- By default, there is an internal debugfunction that will make things look
- and work as before if not changed.
-
-Daniel (10 April 2002)
-- Sebastien Willemijns found out that -x didn't use the default port number as
- is documented. It does now.
-
-- libcurl-errors.3 is a new man page attempting to document all libcurl error
- codes
-
-- Added two new error codes and changed the behaviour of two old ones
- slightly:
-
- CURLE_WRITE_ERROR
- This error was returned *both* for errors that occured when writing
- received data to a local file, as well as when we get problems writing data
- to a remote server. CURLE_SEND_ERROR has now been added for the latter
- error.
-
- CURLE_READ_ERROR
- This error was similarly returned *both* for errors when reading a local
- file, as well as when getting problems when reading network data.
- CURLE_RECV_ERROR has now been added for the latter error.
-
- (Two test cases were adjusted accordingly.)
-
-Daniel (9 April 2002)
-- runtests.pl now sets the HOME variable before running curl, to prevent any
- actual ~/.curlrc file to fool the tests!
-
-Version 7.9.6-pre4
-
-Daniel (8 April 2002)
-- Michael Curtis provided new functionality for curl on some platforms. Using
- the --environment option, curl will *set* a bunch of environment variables
- to values. The names are the same ones as for the -w/--writeout option.
-
- For now, this only works on the RISC OS version, as this feature relies on
- both OS support and that it matches OS paradigms.
-
-- Jacky Lam provided a fix for getting headers-only when the reply is HTTP/1.0
- and 304, I edited it slightly.
-
-Daniel (5 April 2002)
-- As requested by Jay Graves, the '.curlrc' file (or _curlrc as it is called
- when used in windows), is now loaded from the current directory if the HOME
- environment variable isn't set (or if it is too long). I also enlarged the
- array used to store the full file path in, to 512 bytes.
-
-- Kevin Roth pointed out to me why the "19 March" change regarding -G and -I
- was stupid and the change was reverted. Added test case 48 to verify the
- functionality.
-
-Version 7.9.6-pre3
-
-Daniel (4 April 2002)
-- Jonatan Lander brought a patch that makes curl/curl.h compile nicely on
- pre-ISO compilers, like when using gcc -traditional.
-
-Daniel (3 April 2002)
-- Jacky Lam identified a glitch when getting headers-only, where libcurl would
- "hang" 1 second in vain in the select() loop before returning back.
-
-- Tor Arntsen brought a patch for multipart formposts. It turned out that the
- "CGI_Lite Perl package" makes some bad assumptions on what letters that may
- be used in boundary strings and thus curl could confuse it by including '+'
- and '/'. While this is standards-compliant, we change the behavior to work
- smoothly with existing software based on that package.
-
-Daniel (2 April 2002)
-- Gerhard Herre filed bug report #536238 where he pointed out a crash in
- verbose FTP passive transfers for AIX.
-
-- Clarence Gardner pointed out a minor flaw in how libcurl didn't properly
- take care of all errors that SSL_read() could return.
-
-- Jacky Lam fixed a MALLOCDEBUG problem in lib/getinfo.c
-
-Daniel (27 March 2002)
-- T. Bharath pointed out a flaw in the connection re-use function that didn't
- check proxy connections properly for "deadness" before they were re-used.
-
-- Pedro Neves found out that HTTP POSTing with --data-binary did not properly
- work under Windows as the file specified wasn't read fully binary!
-
-Daniel (25 March 2002)
-- Jacky Lam brought a fix that improves treatment of cookies using identical
- domains but with leading dots properly.
-
-Daniel (22 March 2002)
-- Miklos Nemeth updated the windows section of the docs/INSTALL file and the
- windows makefiles.
-
-- Jon Dillon provided us with several good-looking curl images for
- promotion. View them here https://curl.haxx.se/icons.html
-
-Daniel (20 March 2002)
-- Peter Verhas found out that CRLF replacement in uploads was not working. I
- fixed it, and added test case 128 that verifies the functionality.
-
-- The list formerly known as curl-main is now named curl-users and is hosted
- by sourceforge. Susbcribe to the new list, get off the old one.
-
-Version 7.9.6-pre2
-
-Daniel (19 March 2002)
-- Made -G and -I on the same command line cause an error.
-
-- Moved the multi.h file to the "public" include directory and made it get
- included by curl.h so that no extra include files will be necessary to use
- it.
-
- Added docs and man pages for the multi interface to the release archive.
- Added the three example source codes too.
-
- Necessary steps in my campaign to sneak in the multi interface... ;-)
-
-- Updated the year in all copyright notices in all C and H files.
-
-Daniel (18 March 2002)
-- Tomas Szepe found out that -d and -G didn't mix as they should. I broke this
- in 7.9.5... Added test case 32 for this.
-
-Version 7.9.6-pre1
-
-Daniel (16 March 2002)
-- Peter Verhas pointed out that the curl_escape and curl_unscape man pages
- contained factual errors.
-
-- Albert Choy found and corrected a problem with the verbose output when doing
- PASV ftp transfers. It could make libcurl crash.
-
- Details in bug report #530562:
- https://sourceforge.net/p/curl/bugs/178/
-
-Daniel (15 March 2002)
-- Jun-ichiro itojun Hagino filed bug report #530204 that clearly pointed out
- the PF_INET fix from February 19 as a not-very-good fix as it broke IPv6
- capability! That patch is now reverted.
-
- The problem with slow name lookups with getaddrinfo() on non-IPv6 enabled
- hosts are instead made by first checking if the stack is IPv6-enabled and if
- not, the PF_INET is used and otherwise we go with the full PF_UNSPEC.
-
-- T. Bharath pointed out that when we return an "error" from a WRITEFUNCTION
- as described in the man page, libcurl did not return the documented error
- code (CURLE_WRITE_ERROR) but would instead return CURLE_READ_ERROR. This is
- now corrected.
-
-Daniel (14 March 2002)
-- Setting CURLOPT_POST without setting CURLOPT_POSTFIELDS now read the POST-
- data from the callback.
-
-- The GOPHER support seems to be broken. I don't think I'll even start fixing
- it until someone else finds out... :-)
-
-Daniel (13 March 2002)
-- Trying 'curl -I ftp.sunet.se' or similar did a SIZE on a silly "(nil)"
- string. If such a file would be present, curl returned the size of it! Now
- we prevent this.
-
-- Curl_sendf() was fixed to deal with situation where Curl_write() would've
- blocked and thus return -1.
-
-- Setting CURLOPT_PROGRESSFUNCTION to NULL now restores the internal function.
-
-- All CURLFORM_* options can now be used in a CURLFORM_ARRAY except the
- CURLFORM_ARRAY itself. This was necessary since we couldn't expand the
- CURLFORM_* list proprely and unrestricted until this was the case. It was
- also a bit peculiar to users why some options could be used in an array
- while others couldn't.
-
-- Removed some silly CRLF lines that had accidentally slipped into src/main.c
- Nico Baggus pointed them out to me.
-
-Daniel (11 March 2002)
-- CURLFORM_FILENAME was added. This can be set when creating a file upload
- part, to set the 'filename' field to a custom value. If this isn't used,
- the actually used filename will be included instead (as libcurl always has
- done). curl was adjusted accordingly, and now -F accepts a 'filename=' field
- too, and allows constructs such as:
-
- -F 'address@hidden;filename=/dev/null'
-
- and this can be combined with type= too, in a manner similar to:
-
- -F "address@hidden/test39.txt;filename=fakerfile;type=moo/foobar"
-
- Test case 39 was added to verify this functionality.
-
-- The struct formerly known as HttpPost is now named curl_httppost to properly
- use the curl name space. I added a #define for the old name to make existing
- programs compile even when this new include file is used.
-
-Daniel (8 March 2002)
-- Clifford also discovered that if the client code failed early, as when doing
- "curl -O" only, it would do fclose(NULL) which caused a segmentation fault
- on some systems.
-
-- Clifford Wolf provided a patch that made --progress-bar work again.
-
-- I closed bug report #527032 by making sure that we add a newline after a
- transfer when --progress-bar has been used. Before, without the newline, it
- made the subsequent text come out wrong.
-
-Version 7.9.5
-
-Daniel (7 March 2002)
-- Added docs/KNOWN_BUGS to the release archive.
-
-Daniel (6 March 2002)
-- Kevin Roth corrected a flaw in the curl client globbing code that made it
- mess up backslashes. This was most notable on windows (cygwin) machines when
- using file://.
-
-- Brad provided another fix for building outside the source-tree.
-
-- Ralph Mitchell patched away a few compiler warnings in tests/server/sws.c
-
-Daniel (5 March 2002)
-- I noticed that the typedef in curl.h for the progress callback prototype was
- wrong and thus applications that used it would not get the proper input
- data. It used size_t where the implementation actually uses doubles!
-
- I wish I could blame someone else, but this was my fault. Again.
-
-Version 7.9.5-pre6
-
-Daniel (4 March 2002)
-- Cut off the changes done during 2001 from this changelog file and put them
- in a separate file (CHANGES.2001), available from CVS of course.
-
-- I removed the multi directory. The example sources were moved to the
- docs/examples directory where they belong.
-
-- Wrote 7 new man pages for the current functions in the new multi interface.
- They're all still pretty basic, but we can use them as a start and add more
- contents to them when we figure out what to write. The large amount of man
- pages for libcurl now present made me decide to put them in a new separate
- subdirectory in the docs directory. Named libcurl.
-
-- Giuseppe Corbelli provided a template file for the EPM package manager, it
- gets generated nicely by the configure script now.
-
-Version 7.9.5-pre5
-
-Daniel (1 March 2002)
-- Moved the memanalyze.pl script into the tests/ dir and added it to the
- release archives. It was previously only present in the CVS tree.
-
-- Modified the February 17th Host: fix, as bug report #523718 pointed out that
- it caused crashes!
-
-- Nico Baggus added more error codes to the VMS stuff.
-
-- Wesley Laxton brought the code that introduced the new CURLOPT_PREQUOTE
- option. It is just another FTP quote option that allows the user to specify
- a list of FTP commands to issue *just before* the transfer command (RETR or
- STOR etc). It has turned up a few systems that really need this.
-
- The curl command line tool can also take advantage of this by prefixing the
- quote commands with a plus (+) in similar style that post transfer quote
- commands are specified.
-
- This is not yet documented. There is no test case for this yet.
-
-Daniel (28 February 2002)
-- Ralph Mitchell made some serious efforts and put a lot of sweat in setting
- up scripts and things for me to be able to repeat his problems, and I
- finally could. I found a problem with the header byte counter that wasn't
- increased properly and thus we could return CURLE_GOT_NOTHING when we in
- fact had received data.
-
-Daniel (27 February 2002)
-- I had to revert the non-space parsing cookie fix I posted to the mailing
- list. Expire dates do have spaces and still need to get parsed properly!
- Instead we just ignore trailing white space and it seems to work...
-
-Daniel (26 February 2002)
-- Made the cookie property 'Max-Age' work, just since we already tried to
- support it, it is better to do it right. No one uses this anyway.
-
-- The cookie parser could crash if a really weird (illegal) cookie line was
- received. I also made it better discard really oddly formatted lines better.
-
- Made the cookie jar store the second field from the left using the syntax
- that Netscape and Mozilla probably like. Curl itself ignores it.
-
- Added test case 31 for these cases.
-
- Clay Loveless' email regarding some cookie issues started my cleanup.
-
-- Kevin Roth pointed out that my automake fiddles broke the ability to build
- outside the source-tree and I posted a patch to the mailing list that brings
- this ability back.
-
-Version 7.9.5-pre4
-
-Daniel (25 February 2002)
-- Fiddled with the automake files to make all source files in the lib
- directory not have ../src in the include path, and the src sources shouldn't
- have ../lib!
-
-- All 79 test cases ran OK under Linux and Solaris using the new HTTP server
- in the test suite. The new HTTP server was first donated by Georg Horn and
- subsequently modified to work with the test suite. It is currently still not
- portable enough to run on "all over" but this is a start and I can run all
- curl tests on my machines. This is an important requirement for the upcoming
- public release.
-
-- Using -d and -I on the same command line now reports an error, as it implies
- two different HTTP requests that can't be mixed.
-
-- Jeffrey Pohlmeyer provided a patch that made the -w/--write-out option
- support %{content_type} to get the content type of the recent download.
-
-- Kevin Roth reported that pre2 and pre3 didn't compile properly on cygwin,
- and this was because I used #ifdef HAVE_WINSOCK_H in lib/multi.h to figure
- out if we could include winsock.h which turns out not to be a wise choice to
- do on cygwin since it has the file but can't include it!
-
-Daniel (22 February 2002)
-- Added src/config-vms.h to the release archive.
-
-- Fixed the connection timeout value again, the change from February 18 wasn't
- complete.
-
-Version 7.9.5-pre3
-
-Daniel (21 February 2002)
-- Kevin Roth and Andr�s Garc�a both found out that lib/config.h.in was missing
- in the pre-release archive and thus the configure script failed.
-
-Version 7.9.5-pre2
-
-Daniel (20 February 2002)
-- Andr�s Garc�a provided a solution to bug report #515228. the total time
- counter was not set correctly when -I was used during some conditions (all
- headers were read in one single read).
-
-- Nico Baggus provided a huge patch with minor tweaks all over to make curl
- compile nicely on VMS.
-
-Daniel (19 February 2002)
-- Rick Richardson found out that by replacing PF_UNSPEC with PF_INET in the
- getaddrinfo() calls, he could speed up some name resolving calls with an
- order of magnitudes on his Redhat Linux 7.2.
-
-- Philip Gladstone found a second INADDR_NONE problem where we used long
- intead of in_addr_t which caused 64bit problemos. We really shouldn't define
- that on two different places.
-
-Daniel (18 February 2002)
-- Philip Gladstone found a problem in how HTTP requests were sent if the
- request couldn't be sent all at once.
-
-- Emil found and corrected a bad connection timeout comparison that made curl
- use the longest of connect-timeout and timout as a timeout value, instead of
- the shortest as it was supposed to!
-
-- Aron Roberts provided updated information about LDAP URL syntax to go into
- the manual as a replacement for the old references.
-
-Daniel (17 February 2002)
-- Philip Gladstone pointed out two missing include files that made curl core
- dump on 64bit architectures. We need to pay more attention on these details.
- It is *lethal* to for example forget the malloc() prototype, as 'int' is
- 32bit and malloc() must return a 64bit pointer on these platforms.
-
-- Giaslas Georgios fixed a problem with Host: headers on repeated requests on
- the same handle using a proxy.
-
-Daniel (8 February 2002)
-- Hanno L. Kranzhoff accurately found out that disabling the Expect: header
- when doing multipart formposts didn't work very well. It disabled other
- parts of the request header too, resulting in a broken header. When I fixed
- this, I also noticed that the Content-Type wasn't possible to disable. It is
- now, even though it probably is really stupid to try to do this (because of
- the boundary string that is included in the internally generated header,
- used as form part separator.)
-
-Daniel (7 February 2002)
-- I moved the config*.h files from the root directory to the lib/ directory.
-
-- I've added the new test suite HTTP server to the CVS repository, It seems to
- work pretty good now, but we must make it get used by the test scripts
- properly and then we need to make sure that it compiles, builds and runs on
- most operating systems.
-
-Version 7.9.5-pre1
-
-Daniel (6 February 2002)
-- Miklos Nemeth provided updated windows makefiles and INSTALL docs.
-
-- Mr Larry Fahnoe found a problem with formposts and I managed to track down
- and patch this bug. This was actually two bugs, as the posted size was also
- said to be two bytes too large.
-
-- Brent Beardsley found out and brought a correction for the
- CURLINFO_CONTENT_TYPE parser that was off one byte. This was my fault, I
- accidentaly broke Giaslas Georgios' patch.
-
-Daniel (5 February 2002)
-- Kevin Roth found yet another SSL download problem.
-
-Version 7.9.4
-
-- no changes since pre-release
-
-Version 7.9.4-pre2
-
-Daniel (3 February 2002)
-- Eric Melville provided a few spelling corrections in the curl man page.
-
-Daniel (1 February 2002)
-- Andreas Damm corrected the unconditional use of gmtime() in getdate, it now
- uses gmtime_r() on all hosts that have it.
-
-Daniel (31 January 2002)
-- An anonymous bug report identified a problem in the DNS caching which made it
- sometimes allocate one byte too little to store the cache entry in. This
- happened when the port number started with 1!
-
-- Albert Chin provided a patch that improves the gethostbyname_r() configure
- check on HP-UX 11.00.
-
-Version 7.9.4-pre1
-
-Daniel (30 January 2002)
-- Georg Horn found another way the SSL reading failed due to the non-blocking
- state of the sockets! I fixed.
-
-Daniel (29 January 2002)
-- Multipart formposts now send the full request properly, including the CRLF.
- They were previously treated as part of the post data.
-
-- The upload byte counter bugged.
-
-- T. Bharath pointed out that we seed SSL on every connect, which is a time-
- consuming operation that should only be needed to do once. We patched
- libcurl to now only seed on the first connect when unseeded. The seeded
- status is global so it'll now only happen once during a program's life time.
-
- If the random_file or egdsocket is set, the seed will be re-made though.
-
-- Giaslas Georgios introduced CURLINFO_CONTENT_TYPE that lets
- curl_easy_getinfo() read the content-type from the previous request.
-
-Daniel (28 January 2002)
-- Kjetil Jacobsen found a way to crash curl and after much debugging, it
- turned out it was a IPv4-linux only problem introduced in 7.9.3 related to
- name resolving.
-
-- Andreas Damm posted a huge patch that made the curl_getdate() function fully
- reentrant!
-
-- Steve Marx pointed out that you couldn't mix CURLOPT_CUSTOMREQUEST with
- CURLOPT_POSTFIELDS. You can now!
-
-Daniel (25 January 2002)
-- Krishnendu Majumdar pointed out that the header length counter was not reset
- between multiple requests on the same handle.
-
-- Pedro Neves rightfully questioned why curl always append \r\n to the data
- that is sent in HTTP POST requests. Unfortunately, this broke the test suite
- as the test HTTP server is lame enough not to deal with this... :-O
-
-- Following Location: headers when the connection didn't close didn't work as
- libcurl didn't properly stop reading. This problem was added in 7.9.3 due to
- the restructured internals. 'Frank' posted a bug report about this.
-
-Daniel (24 January 2002)
-- Kevin Roth very quickly spotted that we wrongly installed the example
- programs that were built in the multi directory, when 'make install' was
- used. :-/
-
-Version 7.9.3
-
-Daniel (23 January 2002)
-- Andr�s Garc�a found a persistancy problem when doing HTTP HEAD, that made
- curl "hang" until the connection was closed by the server. This problem has
- been introduced in 7.9.3 due to internal rewrites, this was not present in
- 7.9.2.
-
-Version 7.9.3-pre4
-
-Daniel (19 January 2002)
-- Antonio filed bug report #505514 and provided a fix! When doing multipart
- formposts, libcurl would include an error text in the actual post if a
- specified file wasn't found. This is not libcurl's job. Instead we add an
- empty part.
-
-Daniel (18 January 2002)
-- Played around with stricter compiler warnings for gcc (when ./configure
- --enable-debug is used) and changed some minor things to stop the warnings.
-
-- Commented out the 'long long' and 'long double' checks in configure.in, as
- we don't currently use them anyway and the code in lib/mprintf.c that use
- them causes warnings.
-
-- Saul Good and jonatan pointed out Mac OS X build problems with pre3 and how
- to correct them. Two compiler warnings were removed as well.
-
-- Andr�s Garc�a fixed two minor mingw32 building problems.
-
-Version 7.9.3-pre3
-
-Daniel (17 January 2002)
-- docs/libcurl-the-guide is a new tutorial for our libcurl programming
- friends.
-
-- Richard Archer brought back the ability to compile and build with OpenSSL
- versions before 0.9.5.
- [https://sourceforge.net/p/curl/bugs/149/]
-
-- The DNS cache code didn't take the port number into account, which made it
- work rather bad on IPv6-enabled hosts (especially when doing passive
- FTP). Sterling fixed it.
-
-Daniel (16 January 2002)
-- Georg Horn could make a transfer time-out without error text. I found it and
- corrected it.
-
-- SSL writes didn't work, they return an uninitialized value that caused
- havoc all over. Georg Horn experienced this.
-
-- Kevin Roth patched the curl_version() function to use the proper OpenSSL
- function for version information. This way, curl will report the version of
- the SSL library actually running right now, not the one that had its headers
- installed when libcurl was built. Mainly intersting when running with shared
- OpenSSL libraries.
-
-Version 7.9.3-pre2
-
-Daniel (16 January 2002)
-- Mofied the main transfer loop and related stuff to deal with non-blocking
- sockets in the upload section. While doing this, I've now separated the
- connection oriented buffers to have one for downloads and one for uploads
- (as two can happen simultaneously). I also shrunk the buffers to 20K
- each. As we have a scratch buffer twice the size of the upload buffer, we
- arrived at 80K for buffers compared with the previous 150K.
-
-- Added the --cc option to curl-config command as it enables so very cool
- one-liners. Have a go a this one, building the simple.c example:
-
- $ `curl-config --cc --cflags --libs` -o example simple.c
-
-Daniel (14 January 2002)
-- I made all socket reads (recv) handle EWOULDBLOCK. I hope nicely. Now we
- only need to address all writes (send) too and then I'm ready for another
- pre-release...
-
-- Stoned Elipot patched the in_addr_t configure test to make it work better on
- more platforms.
-
-Daniel (9 January 2002)
-- Cris Bailiff found out that filling up curl's SSL session cache caused a
- crash!
-
-- Posted the curl questionnaire on the web site. If you haven't posted your
- opinions there yet, go there and do it now while it is still there:
-
- https://curl.haxx.se/q/
-
-- Georg Horn quickly found out that the SSL reading no longer worked as
- supposed since the switch to non-blocking sockets. I've made a quick patch
- (for reading only) but we should improve it even further.
-
-Version 7.9.3-pre1
-
-Daniel (7 January 2002)
-- I made the 'bool' typedef use an "unsigned char". It makes it the same on
- all platforms, no matter what the platform thinks the default format for
- char is. This was noticed since we made a silly comparison involving such a
- bool variable, and only one compiler/platform combination (on Debian Linux)
- complained about it (that happened to have its char unsigned by default).
-
-- Bug report #495290 identified a cookie parsing problem that was corrected.
- When a Set-Cookie: line is received without a trailing semicolon, libcurl
- didn't read the last "name=value" pair of the line, leading to confusions...
-
-- Sterling committed his updated DNS cache code.
-
-- I worked with Georg Horn and comments from G�tz Babin-Ebell and switched
- curl's socket operations completely over to non-blocking for the entire
- operation (previously we used non-blocking only for the connection phase).
- We had to do this to make the SSL connection phase timeout properly without
- the use of signals. A little extra code to deal with this was added.
-
-- T. Bharath pointed out a slightly obscure cookie engine flaw.
-
-- Pete Su pointed out that libcurl didn't treat HTTP code 204 as it should.
- 204-replies never provides a response-body. This resulted in bad persistant
- behavior when 204 was received.
-
-Daniel (5 January 2002)
-- SM updated the VC++ library Makefiles for the new source files.
-
-Daniel (4 January 2002)
-- I discovered that we wrongly used inet_ntoa() (instead of inet_ntoa_r() in
- two places in the source code). One happened with VERBOSE set on connects,
- and the other when VERBOSE was on and krb4 over nat was used... I honestly
- don't think anyone has suffered from these mistakes.
-
-- I replaced a lot of silly occurances of printf() to instead use the more
- appropriate Curl_infof() or Curl_failf(). The krb4 and telnet code were
- affected.
-
-- Philip Gladstone found a few more problems with 64-bit archs (the 64-bit
- sparc on solaris 8).
-
-- After discussions on the libcurl list with Raoul Cridlig, I just made FTP
- response lines get passed to the header callback if such a one is
- registered. It'll make it possible for any application to get all the
- responses an FTP server sends to libcurl.
-
-Daniel (3 January 2002)
-- Sterling Hughes brought a few buckets of code. Now, libcurl will
- automatically cache DNS lookups and re-use the previous results first if any
- such is available. It greatly improves speed when doing many repeated
- operations to the same host.
-
-- As the test case uses --include and then --head, I had to modify src/main.c
- to deal with this situation slightly better than previously. When done, we
- have 100% good tests again in the main branch.
-
-Daniel (2 January 2002)
-- Made test case 25 run again in the multi-dev branch. But it seems that the
- changes done on dec-20 made test case 104 cease to work (in both branches).
-
-- Philip Gladstone pointed out a few portability problems in the source code
- that didn't compile on 64-bit sparcs using Sun's native compiler.
-Daniel (20 December 2001)
-- Bj�rn Stenberg caught an unpleasent (but hard-to-find) bug that could cause
- libcurl to hang on transfers over proxy, when the proxy was specified with
- an environment variable!
-
-- Added code to make ftp operations treat the NO_BODY and HEADERS options
- better:
-
- NO_BODY set TRUE and HEADERS set TRUE:
- Return a set of headers with file info
-
- NO_BODY set FALSE
- Transfer data as usual, HEADERS is ignored
-
- NO_BODY set TRUE and HEADERS set FALSE
- Don't transfer any data, don't return any headers. Just perform the set
- of FTP commands.
-
-Daniel (17 December 2001)
-- G�tz Babin-Ebell dove into the dark dungeons of the OpenSSL ENGINE stuff and
- made libcurl support it! This allows libcurl to do SSL connections with the
- private key stored in external hardware.
-
- To make this good, he had to add a bunch of new library options that'll be
- useful to others as well:
-
- CURLOPT_SSLCERTTYPE set SSL cert type (PEM/DER)
- CURLOPT_SSLKEY set SSL private key (file)
- CURLOPT_SSLKEYTYPE: set SSL key type (PEM/DER/ENG)
- CURLOPT_SSLKEYPASSWD: set the passphrase for your private key
- (CURLOPT_SSLCERTPASSWD is an alias)
- CURLOPT_SSLENGINE: set the name of the crypto engine
- (returns CURLE_SSL_ENGINE_NOTFOUND on error)
- CURLOPT_SSLENGINE_DEFAULT: set the default engine
-
- There are two new failure codes:
-
- CURLE_SSL_ENGINE_NOTFOUND
- CURLE_SSL_ENGINE_SETFAILED
-
-Daniel (14 December 2001)
-- We have "branched" the source-tree at a few places. Checkout the CVS sources
- with the 'multi-dev' label to get the latest multi interface development
- tree. The idea is to only branch affected files and to restrict the branch
- to the v8 multi interface development only.
-
- *NOTE* that if we get bug reports and patches etc, we might need to apply
- them in both branches!
-
- The multi-dev branch is what we are gonna use as main branch in the future
- if it turns out successful. Thus, we must maintain both now in case we need
- them. The current main branch will be used if we want to release a 7.9.3 or
- perhaps a 7.10 release before version 8. Which is very likely.
-
-- Marcus Webster provided code for the new CURLFORM_CONTENTHEADER option for
- curl_formadd(), that lets an application add a set of headers for that
- particular part in a multipart/form-post. He also provided a section to the
- man page that describes the new option.
-
-Daniel (11 December 2001)
-- Ben Greear made me aware of the fact that the Curl_failf() usage internally
- was a bit sloppy with adding newlines or not to the error messages. Let's
- once and for all say that they do not belong there!
-
-- When uploading files with -T to give a local file name, and you end the URL
- with a slash to have the local file name used remote too, we now no longer
- use the local directory as well. Only the file part of the -T file name
- will be appended to the right of the slash in the URL.
-
-Daniel (7 December 2001)
-- Michal Bonino pointed out that Digital Unix doesn't have gmtime_r so the
- link failed. Added a configure check and corrected source code.
-
-Version 7.9.2
-
-Daniel (5 December 2001)
-- Jon Travis found out that if you used libcurl and CURLOPT_UPLOAD and then
- on the same handle used CURLOPT_HTTPGET it would still attempt to upload.
- His suggested fix was perfect.
-
-Daniel (4 December 2001)
-- Incorporated more macos fixes and added four specific files in a new
- subdirectory below src.
-
-Daniel (3 December 2001)
-- Eric Lavigne reported two problems:
-
- First one in the curl_strnequal() function. I think this problem is rather
- macos 9 specific, as most platform provides a function to use instead of the
- one provided by libcurl.
-
- A second, more important, was in the way we take care of FTP responses. The
- code would read a large chunk of data and search for the end-of-response
- line within that chunk. When found, it would just skip the rest of the
- data. However, when the network connections are special, or perhaps the
- server is, we could actually get more than one response in that chunk of
- data so that when the next invoke to this function was done, the response
- had already been read and thrown away. Now, we cache the data not used in
- one call, as it could be useful in the subsequent call. Test case 126 was
- added and the test ftp server modified, to exercise this particular case.
-
-Version 7.9.2-pre8
-
-Daniel (2 December 2001)
-- Bug report #487825 correctly identified a problem when using a proxy and
- following a redirection from HTTP to HTTPS. libcurl then re-used the same
- proxy connection but without doing a proper HTTPS request.
-
-- Fixed win32 compiling quirks.
-
-Version 7.9.2-pre7
-
-Daniel (30 November 2001)
-- Documented --disable-epsv and CURLOPT_FTP_USE_EPSV.
-
-Daniel (29 November 2001)
-- Added --disable-epsv as an option. When used, curl won't attempt to use the
- EPSV command when doing passive FTP downloads. Wrote a test case for it.
-
-- Eric provided a few more fixes for building on Macs. He also pointed out
- a flaw in the signal handler restoration code.
-
-Daniel (28 November 2001)
-- Fiddled with some Tru64 problems reported by Dimitris Sarris. They appeared
- only when using VERBOSE ftp transfers. Do we use a too small buffer for
- gethostbyaddr_r(), was the lack of using in_addr_t wrong or is it that the
- hostent struct must be blanked before use? With Dimitris help and these
- patches, the problems seem to be history.
-
-- CURLOPT_FTP_USE_EPSV was added and can be set to FALSE to prevent libcurl
- from using the EPSV command before trying the normal PASV. Heikki Korpela
- pointed out that some firewalls and similar don't like the EPSV so we must
- be able to shut if off to work everywhere.
-
-- I added a configure check for 'in_addr_t' and made the ftp code use that to
- receive the inet_addr() return code in. Works on Solaris and Linux at
- least. The Linux man page for inet_addr() doesn't even mention in_addr_t...
-
-- Adjusted (almost) all FTP tests to the new command sequence.
-
-- FTP command sequence changes:
-
- EPSV is now always attempted before PASV. It is the final touch to make IPv6
- passive FTP downloads to work, but EPSV is not restricted to IPv6 but works
- fine with IPv4 too on the servers that support it.
-
- SIZE is now always issued before RETR. It makes curl know the actual
- download size before the download takes place, as it makes it less important
- to find the size sent in RETR responses. Many sites don't include the size
- in there.
-
- Both these changes made it necessary to change the test suite's ftp server
- code, and all FTP test cases need to be checked and adjusted!
-
-Daniel (27 November 2001)
-- Hans Steegers pointed out that the telnet code read from stdout, not stdin
- as it is supposed to do!
-
-Version 7.9.2-pre6
-
-Daniel (27 November 2001)
-- Eric Lavigne's minor changes to build on MacOS before OS X were applied.
-
-- greep at mindspring.com provided a main index.html page for our release
- archive docs directory. It just links to all the existing HTML files, but
- I think it may come useful to people.
-
-- There's now some initial code to support the EPSV FTP command. That should
- be used to do passive transfers IPv6-style. The code is still #if 0'ed in
- lib/ftp.c as I have no IPv6 ftp server to test this with.
-
-Daniel (26 November 2001)
-- Robert Schlabbach had problems to understand how to do resumed transfers,
- and I clarified the man page -C section somewhat.
-
-Version 7.9.2-pre5
-
-Daniel (22 November 2001)
-- Andr�s Garc�a helped me out to track down the roots of bug report #479537,
- which was concerning curl returning the wrong error code when failing to
- connect. This didn't happen on all systems, and more specificly I've so far
- only seen this happen on IPv4-only Linux hosts.
-
-- I applied the fixes for the two bugs Eric Lavigne found when doing his MacOS
- port. A missing comma in arpa_telnet.h and a pretty wild write in the FTP
- response reader function. The latter write is however likely to occur in our
- own buffer unless very big FTP server replies (>25K) are read. I've never
- seen such a reply ever, so I think this is a relatively minor risk.
-
-Daniel (21 November 2001)
-- Moonesamy provided code to prevent junk from being output when libcurl
- returns an error code but no error description and that corrects how make is
- run in the Makefile.dist file (that appears as root Makefile in release
- archives).
-
-- Eric Lavigne mailed me bugfixes and patches for building libcurl on MacOS
- (non-X).
-
-- Kevin Roth modified the cygwin files once again, now to build against the
- shared OpenSSL DLLs.
-
-Version 7.9.2-pre4
-
-Daniel (20 November 2001)
-- Georg Horn brought a patch that introduced CURLINFO_STARTTRANSFER_TIME,
- complete with man page updates!
-
-Daniel (19 November 2001)
-- Miklos Nemeth provided details enough to update the Borland makefile
- properly.
-
-- Lars M Gustafsson found a case with a bad free(). In fact, it was so bad I'm
- amazed we never saw this before!
-
-- Kevin Roth patched the cygwin Makfile.
-
-Daniel (16 November 2001)
-- Klevtsov Vadim fixed a bug in how time-conditionals were sent when doing
- HTTP.
-
-Version 7.9.2-pre3
-
-Daniel (14 November 2001)
-- Samuel Listopad patched away the problem with SSL we got when someone call
- curl_global_init() => curl_global_cleanup() => curl_global_init(). The
- second init would not "take" and SSL would be unusable with curl from that
- point. This doesn't change the fact that calling the functions that way is
- wrong. curl_global_init() should be called exactly once and not more.
-
-Daniel (13 November 2001)
-- Fixed some minor variable type mixups in ftp.c that caused compiler warnings
- on HP-UX 11.00.
-
-- The FTP fix I did yesterday used an uninitialized variable that caused
- spurious errors when doing FTP.
-
-Version 7.9.2-pre2
-
-Daniel (12 November 2001)
-- Ricardo Cadime fell over a multiple-requests problem when first a FTP
- directory fetch failed and then a second request is made after that. The
- second request happened to get the FTP server response back from the
- previous request, when it did its initial CWD command.
-
-- Bjorn Reese pointed out that we could improve the time diff function to
- prevent truncation a bit.
-
-- Kai-Uwe Rommel made me aware that -p (http proxy tunnel) silly enough didn't
- work for plain HTTP requests! So I made that work.
-
-Version 7.9.2-pre1
-
-Daniel (12 November 2001)
-- Rewrote the Curl_ConnectHTTPProxyTunnel(). It should now not only work a lot
- faster, it should also support such ("broken") proxies that John Lask
- previously have reported problems with. His proxy sends a trailing zero byte
- after the end of the (proxy-) headers. I've tested this myself and it seems
- to work on a proxy the previous version also worked with...! This rewrite is
- due to the problems John Lask previously experienced.
-
-- Andr�s Garc�a found out why the "current speed" meter sometimes showed 2048K
- for very quick transfers. It turned out the "time diff"-function returned a
- zero millisecond diff. We now always say it is at least one millisecond! In
- reality, these timers very rarely have that good resolution so even though
- the time diff was longer than 1 millisecond, it was reported as no diff.
-
-- I also modified the getinfo() again when returning times, as Paul Harrington
- reports that 7.9.1 only returns times with 1 second accuracy, which indeed
- is wrong.
-
-Daniel (8 November 2001)
-- Marcus Webster found out that curl_formadd() could read one byte outside a
- buffer boundary, which then of course could lead to a crash. Marcus also
- gracefully provided a patch for this this.
-
-- Glen Scott ran configure on his Cobalt Qube and it didn't figure out the
- correct way of calling gethostbyname_r() and thus failed to resolve hosts.
- This is two errors: it shouldn't continue the configure script if it finds
- gethostbyname_r() but can't figure out how to use it, and it should really
- figure out how to use it as it was running Linux and we know how that
- works...
-
-Daniel (7 November 2001)
-- docs/VERSIONS is a new file in the archive that explains the version number
- system we use in the curl project.
-
-- Did some more fixes that now makes libcurl only ignore signals as long as
- it needs to, and then restore (if any) previous signal handler again.
-
-Daniel (6 November 2001)
-- Enrik Berkhan posted bug report #478780, in which he very correctly pointed
- out two bad timeout matters in libcurl: we didn't restore the sigaction
- struct (the alarm handler for SIGALRM) nor did we restore the previous
- alarm() timeout that could've been set by a "parent" process or similar.
-
-- Kevin Roth made the cygwin binary get stripped before install.
-
-Daniel (5 November 2001)
-- Detlef Schmier reported that curl didn't compile using Solaris 8 with the
- native cc compiler. It was due to a bad function prototype. Fixed now.
- Unfortunately, I can't enable the -Wstrict-prototypes in my debug builds
- though, as gcc then complains like crazy on OpenSSL include files... :-(
-
-- John Lask provided SSL over HTTP proxy fixes. They'll need some tweaking
- to work on all platforms.
-
-- John Lask added the -1/--TLSv1 options that forces SSL into using TLS
- version 1 when speaking HTTPS.
-
-- John Lask brought a brand new VC++ makefile for the lib directory, that
- works a lot better than the previous!
-
-- Ramana Mokkapati brought some clever insights on the LDAP failures (bug
- report #475407), and his suggested changes are now applied.
-
-Version 7.9.1
-
-Daniel (4 November 2001)
-- I've added a number of new test cases the last few days. A few of them since
- I got reports that hinted on problems on timeouts, so I added four tests
- with timeouts for all sorts of protocols and stuff. I also came to think of
- a few other error scenarios that we currently didn't test properly, so I
- wrote up tests for a few of those too.
-
-Daniel (2 November 2001)
-- Replaced read() and write() with recv() and send() for socket operations
- even under normal unixes.
-
-Daniel (1 November 2001)
-- When an FTP transfer was aborted due to a timeout, it wasn't really aware of
- how many bytes that had been transferred and the error text always said 0
- bytes. I modified this to output the actually transferred amount! :-)
-
-- The FTP fixes in pre7 didn't compile on IPv6 enabled hosts. Does now. I also
- added more comments in the lib/ftp.c source file.
-
-- Minor updates to the FAQ, added a brand new section to the web site about
- the name issue (who owns "curl"? will someone sue us? etc etc):
- https://curl.haxx.se/legal/thename.html
-
-Version 7.9.1-pre7
-
-Daniel (31 October 2001)
-- The curl_easy_getinfo() timers accidentally lost their subsecond accuracy as
- the calculations used longs instead of doubles! Paul Harrington reported.
-
-- The SSL SocketIsDead() checks weren't good enough (as expected really), so I
- had to add a generic internal try-it-out system. If the request on a re-used
- connection seems to fail, then we go back and get a new (fresh) connection
- and re-tries the request on that instead. It kind of makes the
- SocketIsDead() check obsolete, but I think it is a quicker way for those
- cases where it actually discovers that the connection is dead.
-
-- When fixing the above, I noticed that we did quite a few writes to sockets
- in libcurl where we didn't check the return code (that it actually worked to
- send the data). With the new "attempted request" system we must detect those
- situations so I went over a bunch of functions, changed return types and
- added checks for what they actually return.
-
-Version 7.9.1-pre6
-
-Daniel (31 October 2001)
-- Paul Harrington detected a problem with persistant SSL connections. Or to be
- more exact, we didn't properly detect that the connection was dead and then
- a second connection would try to re-use it wrongly. The solution to this
- problem is still not very clear and I'm working on it. One OpenSSL insider
- said there is no way to know if the SSL connection is alive or not without
- actually trying an operation.
-
-Daniel (30 October 2001)
-- If a cookie was read from a file, it could accidentally strdup() a NULL
- pointer. Paul Harrington reported.
[http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/cookie.c.diff?r1=1.25&r2=1.26]
-
-- The MANUAL file now documents -t correctly. I also fixed the -T description
- in the curl.1 man page.
-
-Daniel (29 October 2001)
-- John Janssen found out that curl_formadd was missing in the libcurl.def file
- and that the docs stated the wrong return type for the function.
-
-- Andr�s Garc�a found a bug with multiple files in the curl_formadd() function,
- that I removed with this patch
[http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/formdata.c.diff?r1=1.25&r2=1.26].
-
-- Kevin Roth brought another patch that moved the cygwin package files to the
- packages/Win32/cygwin directory.
-
-- A bug in the connection re-use logic made repeated requests to the same FTP
- server (when using name+pasword in the URL) sometimes use more than one
- connection.
[http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/url.c.diff?r1=1.166&r2=1.167]
-
-- Moonesamy tracked down and fixed a problem with the new 7.9.1 connect
- code. This corrected the error Kevin Roth reported on the 7.9.1-pre5 release
- (test 19)...
-
[http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/connect.c.diff?r1=1.13&r2=1.14]
-
-Daniel (26 October 2001)
-- Added test28 which verifies that "Location:"-following works even if the
- contents is separated with more than one space.
-
-Daniel (25 October 2001)
-- Ramana Mokkapati pointed out that LDAP transfers would 'hang' after the
- correct data has been output.
-
-Version 7.9.1-pre5
-
-Daniel (24 October 2001)
-- T. Bharath found a memory leak in the cookie engine. When we update a cookie
- that we already knew about, we lost a chunk of memory in the progress... The
- brand new test case 27 now tests for this occurrence.
[http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/cookie.c.diff?r1=1.24&r2=1.25]
-
-Daniel (23 October 2001)
-- pack_hostent() didn't properly align some pointers, so at least SPARC CPUs
- would core.
[http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/hostip.c.diff?r1=1.34&r2=1.35]
-
-Daniel (22 October 2001)
-- Tom Benoist reported that this SGI IRIX compiler didn't handle indented
- preprocessor instructions, so they're no longer in the source code!
-
-- Applied Kevin Roth's patches to make it easier to build cygwin packages from
- the out-of-the-box curl release archives.
-
-- I forgot to mention it below, but libcurl now closes connections that report
- transfer failures. Unconditionally. This could be made more nicely in the
- future if we set a flag or something that the connection is still good to be
- used for the errors that know that for a fact. We have to close the
- connection for the cases where we abort for example a HTTP transfer in the
- middle, or otherwise we might re-use that connection later with lots of data
- still being sent to us on it.
[http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/transfer.c.diff?r1=1.63&r2=1.64]
-
-Daniel (19 October 2001)
-- CURLE_GOT_NOTHING is now returned when a HTTP server doesn't return
- anything, not even a header. test case 37 was added to test for this.
-
-- T. Bharath made curl_easy_duphandle() properly clone the cookie status as
- well.
-
-Version 7.9.1-pre4
-
-Daniel (18 October 2001)
-- CURLOPT_FAILONERROR, set with "curl --fail" no longer returns an error if
- the HTTP return code is below 400.
-
-Daniel (17 October 2001)
-- The test suite now kills any running test http server when you re-start the
- tests.
-
-- We had to remove 'use strict' from two perl scripts, as the cygwin
- adjustments didn't play nicely otherwise for some reason. Any perl wizard
- out there who can put the scrict back and still make it run good on unix and
- cygwin?
-
-- A potential memory leak pointed out to us by Yanick Pelletier was removed.
- It would occur when a http file transfer fails.
[http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/transfer.c.diff?r1=1.60&r2=1.61]
-
-- The memory debugging system should no longer display anything to stderr
- if the curl_memdebug() hasn't been used to explicitly say so. This makes it
- easier to use the memory debug system and switch the logging on/off.
-
-Daniel (16 October 2001)
-- Kevin Roth provided fixes for building curl nicer in cygwin environments.
-
-Daniel (12 October 2001)
-- Cleaning up the progress meter/info code. The "current speed" is now more
- accurate than before as we now use the true time spent between the measures,
- and not just "assuming" every-second-update like before. The output should
- now also be of the same width at all times, never to show "extra" zeroes on
- the right edge.
-
-- After talking about possible Location: bugs on the mailing list, I modified
- the "absolute URL" checker in lib/transfer.c to be more strict when checking
- if the redirected URL is absolute.
-
-Daniel (11 October 2001)
-- Kevin Roth provided patches that make the test suite run fine on Windows
- 2000 running cygwin.
-
-Daniel (10 October 2001)
-- Setting the -c or the CURLOPT_COOKIEJAR option now enables the cookie parser.
- Previously -b or CURLOPT_COOKIEFILE was also required for the jar to work.
-
-Version 7.9.1-pre3
-
-Daniel (9 October 2001)
-- Added a new option to the command line client: -0/--http1.0. It uses the new
- libcurl option CURLOPT_HTTP_VERSION to request that libcurl uses HTTP 1.0
- requests instead of the default version (1.1). It should only be used if you
- really MUST do that because of a silly remote server.
-
-- Renamed the 'TimeCond' typedef in curl/curl.h to use a 'curl_' prefix as
- all public curl-symbols should.
-
-- libcurl now explicitly ignores the SIGPIPE signal.
-
-Daniel (8 October 2001)
-- Kevin Roth's change to the cookie-jar comment (in the stored file) was
- applied.
-
-- Lucas Adamski's minor bug in the bind error code failf() was fixed.
-
-Daniel (5 October 2001)
-- Moonesamy fixed the Curl_connecthost() function to not give compiler errors
- on a bunch of compilers, due to the argument named 'socket'.
-
-- Moonesamy also provided updated VC++ makefiles and project files.
-
-Version 7.9.1-pre2
-
-Daniel (4 October 2001)
-- Albert Chin provided a configure patch that makes the script detect proper
- gethostbyname_r() method without actually running any code, only compiling
- is necessary. This also removes the need of having a resolving 'localhost'
- name.
-
-- Found and removed memory leakage (name resolve data) in libcurl on
- IPv6-enabled hosts. These could sneak through because we didn't have any
- resource tracing on the IPv6-related functions. We do now.
-
-Daniel (3 October 2001)
-- Keith McGuigan patched away a (mainly Windows-) problem with the name
- resolver data being kept in the static memory area, which is removed when a
- thread is killed. The curl handle itself though perfectly handles being
- passed between threads.
-
-- Dirk Eddelbuettel reported an odd bug that turned out to be his proxy that
- required an Authorization: header. Now, proxies are not supposed to require
- that header, that is for true servers...
-
-- I accidentally ruined Georg's curl_formadd(). Uh, bad me. Corrected now.
-
-Version 7.9.1-pre1
-
-Daniel (3 October 2001)
-- Georg Huettenegger once again made an effort beyond the call of duty and not
- only improved the curl_formadd() function, but also took care of adjusting
- the curl command line client to use this new function instead of the
- obsoleted curl_formparse.
-
-Daniel (2 October 2001)
-- Major fix in how libcurl does TCP connects. It now does non-blocking
- connects to enable good timeouts without signals, and it now tries all IP
- addresses for any given host (if it resolves more than one and the first
- one(s) don't connect). Added a new source file 'connect.c' to deal with all
- the TCP connect stuff.
-
-- We now support IPv4-style IP-addresses in rfc2732-format, to better support
- people writing scripts without knowing what address there is.
-
-Daniel (28 September 2001)
-- Cleanups in the FTP source code. Divided the code into even more smaller
- functions and generally tried to make the differences between IPv4 and IPv6
- get less noticable in the sources.
-
-- If the remote file time is not readable/accessable/understood by libcurl,
- libcurl now returns -1 in the CURLINFO_FILETIME data, not 0 as it previously
- did. This should make curl not touch the file data unless there was a known
- remote date when -R is used.
-
-Daniel (27 September 2001)
-- Working on getting non-blocking connects working platform independent. We
- will also make curl try all IPs for a given host if the first one should
- fail.
-
-Daniel (26 September 2001)
-- Kevin Roth provided a cookie example that proved the cookie jar
- functionality wasn't working properly. I added test case 46 and made it
- work.
-
-Daniel (25 September 2001)
-- J�rn Hartroth updated the mingw32 makefiles.
-
-Version 7.9
-
-Daniel (23 September 2001)
-- Found and removed a 'socket leak' that would occur on IPv6 enabled hosts
- when FTP RETR failed.
-
-- Made the FTP upload tests run fine on machines with IPv6 enabled.
-
-Version 7.9-pre8
-
-Daniel (19 September 2001)
-- Vojtech Minarik set up a special-purpose test server and provided me with
- test certificates in order for me to repeat the bug reports #440068 and
- #440373. It turned out we didn't check all the error codes properly. We do
- now, and connecting with a unacceptable certificate will make libcurl fail
- to connect with an error code returned.
-
-- Ramana Mokkapati found a case when the Location: following code did wrong.
- I wrote a test case for this (45).
-
-Version 7.9-pre7
-
-Daniel (17 September 2001)
-- Linus Nielsen Feltzing fixed telnet for win32. It makes libcurl require
- winsock 2.0.
-
-Version 7.9-pre6
-
-- libtool 1.4.2 is now in use!
-
-Version 7.9-pre5
-
-Daniel (14 September 2001)
-- Added another 14 ftp tests.
-
-Daniel (13 September 2001)
-- Added curl_easy_duphandle() to the easy.h header file. It has now been
- tested and proved to work in a real-world tests by T Bharath. We still need
- to write up some docs for this function.
-
-- Added four more ftp tests to the test suite.
-
-Daniel (12 September 2001)
-- CURLOPT_SSL_CIPHER_LIST was added, and the curl tool option is named
- --ciphers. Use them to specify a list of ciphers to use in the SSL
- connection.
-
-- T. Bharath found a memory leak in libcurl's windows version. It turned out
- to be the new duphandle() that didn't quite work yet.
-
-Version 7.9-pre4
-
-Daniel (11 September 2001)
-- Added verbose output for SSL connections that output the server
- certificate's start and expire dates. As suggested by Paul Harrington.
-
-- Heikki Korpela found problems in the perl ftp server used for the test
- suite, when he runs on on OpenBSD with perl 5.6. Some changes have been
- made, but nothing really certain.
-
-- T. Bharath has experienced problems with libcurl's stack usage on windows
- and works on reducing it.
-
-Daniel (10 September 2001)
-- Cris Bailiff fixed the perl interface. It stopped working since the changed
- behavior with WRITEHEADER and NULL pointers.
-
-- The "output cookies" function could dump core if no cookies were enabled.
-
-Daniel (7 September 2001)
-- SM pointed out that the SSL code didn't compile any longer if SSL was
- disabled... Also, we needed to correct the #include for the utime stuff on
- windows.
-
-Daniel (6 September 2001)
-- T. Bharath pointed out a flaw in the SSL session cache code that made it
- sometimes read from a NULL pointer.
-
-Version 7.9-pre3
-
-Daniel (3 September 2001)
-- Added the -R/--remote-time option, that uses the remote file's datestamp to
- set the local file's datestamp. Thus, when you get a remote file your local
- file will get the same time and date. Note that this only works when you use
- -o or -O.
-
-- Installed libtool 1.4.1, libtoolized and everything.
-
-Daniel (1 September 2001)
-- Heikki Korpela pointed out that I did not ship the proper libtool stuff in
- the pre-releases, even though that was my intention. libtoolize has now
- been re-run.
-
-- Heikki also patched away the bad use of 'make -C' in the test suite
- makefile. make -C is not very portable and is now banned from here.
-
-Version 7.9-pre2
-
-Daniel (31 August 2001)
-- I just made a huge internal struct rehaul, and all the big internally used
- structs have been renamed, redesigned and stuff have been moved around a bit
- to make the source easier to follow, more logically grouped and to hopefully
- decrease future bugs. I also hope that this will make new functions to get
- easier to add, and make it less likely that we have bugs left like the URL-
- free bug from August 23.
-
-Version 7.9-pre1
-
-Daniel (29 August 2001)
-- The new cookie code have enabled the brand new '-c/--cookie-jar' option. Use
- that to specify the file name in which you want to have all cookies curl
- knows of, dumped to. It'll be written using the netscape cookie format.
-
- This is internally done with the new CURLOPT_COOKIEJAR option to libcurl,
- which in turn dumps this information when curl_easy_cleanup() is invoked.
- There might be reasons to re-consider my choice of putting it there. Perhaps
- it is better placed to get done just before *_perform() is done. It is all
- of course depending on how you guys want to use this feature...
-
-- Added ftpupload.c in the source examples section, based on source code posted
- by Erick Nuwendam.
-
-Daniel (28 August 2001)
-- Now running libtool CVS branch-1-4 to generate stuff. Should fix problems
- on OpenBSD and hopefully on FreeBSD as well!
-
-- Georg Huettenegger modified the curl_formadd() functionality slightly, and
- added support for error code 417 when doing form post and using the Expect:
- header. Great work!
-
-- Made some tests with cached SSL session IDs, and they seem to work. There
- should be a significant speed improvement in the SSL connection phase, but
- in my tiny tests it just isn't possible to notice any difference. Like other
- caching in libcurl, you must reuse the same handle for the caching to take
- effect. SSL session ID caching is done on a per host-name and destination
- port number basis.
-
- Set verbose, and you'll get informational tests when libcurl detects and
- uses a previous SSL session ID.
-
-- Upgraded to automake 1.5 on my development/release machine.
-
-Daniel (27 August 2001)
-- Slowly started writing SSL session ID caching code
-
-Daniel (24 August 2001)
-- T. Bharath removed compiler warnings on windows and updated the MS project
- files.
-
-- Kevin Roth reported two kinds of command line constructs with the new -G that
- curl didn't really deal with the way one would like.
-
-- Tim Costello patched away a use of strcasecmp() in the SSL code. We have our
- own portable version named strequal() that should be used!
-
-- Tim also pointed out a problem in the lib/Makefile.vc6 file that made it mix
- debug object modules causing confusions.
-
-Daniel (23 August 2001)
-- T. Bharath accurately found a libcurl bug that would happen when doing a
- second invoke of curl_easy_perform() with a new URL when the previous invoke
- followed a Location: header.
-
-- Started the improvement work on the cookie engine:
- - Now keeps cookies in the same order as the cookie file
- - A write to the possibly static string was removed
- - Added a function that can output all cookies
- - Now supports reading multiple cookie files
-
-- Steve Lhomme corrected a DLL naming issue in the MSVC++ project file.
-
-- Split up the monster function in lib/ftp.c to use more smallish functions to
- increase readability and maintainability.
-
-Daniel (21 August 2001)
-- Georg Huettenegger's big patch was applied. Now we have:
- o "Expect: 100-continue" support. We will from now on send that header in
- all rfc1867-posts, as that makes us abort much faster when the server
- rejects our POST. Posting without the Expect: header is still possible in
- the standard replace-internal-header style.
- o curl_formadd() is a new formpost building function that is introduced to
- replace the now deprecated curl_formparse() function. The latter function
- will still hang around for a while, but the curl_formadd() is the new way
- and correct way to build form posts.
- o Documentation has been updated to reflect these changes
-
- These changes are reason enough to name the next curl release 7.9...
-
-- We now convert man pages to HTML pages and include them in the release
- archive. For the pleasure of everyone without nroff within reach.
-
-- Andr�s Garc�a's suggested flushing of the progress meter output stream was
- added. It should make the progress meter look better on Windows.
-
-- Troy Engel pointed out a mistake in the configure script that made it fail
- on many Red Hat boxes!
-
-Daniel (20 August 2001)
-- We need an updated libtool to make a better build environment for OpenBSD
- as well as FreeBSD
-
-Version 7.8.1
-
-Daniel (20 August 2001)
-- Brad pointed out that we ship two extra libtool files in the tarballs that
- we really don't need to! Removing them makes the gz-archive about 60K
- smaller!
-
-- Albert Chin brought fixes for the configure script to detect socklen_t
- properly as well as moving lots of our custom autoconf macros to
- acinclude.m4.
-
-Daniel (19 August 2001)
-- Moonesamy improved his -G feature for host names only URLs...
-
-Daniel (17 August 2001)
-- Finally cleaned up the kerberos code to use Curl_ prefixes on all global
- symbols and to not use global variables.
-
-Version 7.8.1-pre6
-
-Daniel (16 August 2001)
-- S. Moonesamy added the -G option to curl, that converts the data specified
- with -d to a GET request. Default action when using -d is POST. When -G is
- used, the -d specified data will be appended to the URL with a '?'
- separator. As suggested previously by Kevin Roth.
-
-- curl-config --libs should now display all linker options required to link
- with libcurl. It includes the path and options for libcurl itself.
- curl-config --cflags displays the compiler option(s) needed to compile
- source files that use libcurl functions. Basically, that sets the include
- path correct.
-
-Daniel (15 August 2001)
-- Arkadiusz Miskiewicz pointed out a mistake in how IPv6-style IP-addresses
- were parsed and used. (RFC2732-format)
-
-- Bug #12733 over on php.net identified a problem in libcurl that made it core
- dump if you used CURLOPT_POST without setting any data to post with
- CURLOPT_POSTFIELDS! This is no longer the case. Not using CURLOPT_POSTFIELDS
- now equals setting it to no data at all.
-
-- Ramana Mokkapati reported that curl with '-w %{http_code}' didn't work
- properly when used for multiple URLs on a single command line. Indeed, the
- variable was not reset between the requests. This is now fixed.
-
-- David James fixed the Borland makefile so that libcurl still compiles and
- builds with that compiler.
-
-Daniel (14 August 2001)
-- Oops. I ruined Nico's socklen_t define in config-vms.h, corrected it now.
-
-- An older item not mentioned here before: CURL_GLOBAL_WIN32 is a define for
- windows users to curl_global_init(), that makes libcurl init the winsock
- stuff. If libcurl is all socket stuff you do, then allowing it to fiddle
- with this is a comfortable shortcut to fame.
-
-Version 7.8.1-pre5
-
-Daniel (14 August 2001)
-- Nico Baggus provided more feedback from his VMS porting efforts and a few
- minor changes were necessary.
-
-- I modified configure.in so that --enable-debug sets more picky gcc options.
- I then removed almost all the new warnings that appeared, and by doing so I
- corrected the size_t-treated-as-signed problem that has been discussed on
- the mailing list previously. I also removed a bunch of the just recently
- added #ifdef VMS lines.
-
-- I removed the use of a global variable in the SSL code. It was once
- necessary but hasn't been needed since OpenSSL 0.9.4. The old code should
- (hopefully) still work if libcurl is built against an ancient version of
- OpenSSL.
-
-Daniel (13 August 2001)
-- Peter Todd posted a patch that now allows non-file rc1867-style form posts
- to be larger than 4K.
-
-Daniel (10 August 2001)
-- S. Moonesamy fixed bugs for building debug and SSL lib in VC makefile
-
-Daniel (9 August 2001)
-- The redirected error stream was closed before the curl_easy_cleanup() call
- was made, and when VERBOSE was enabled, the cleanup function tried to use
- the stream. It could lead to a segmentation fault. Also, the stream was
- closed even if we looped to get more files. Corrects Dustin Boswell's bug
- report #441610
-
-- Now generates the release configure script with autoconf 2.52
-
-Version 7.8.1-pre4
-
-Daniel (8 August 2001)
-- curl -E uses a colon to separate a file name from a passphrase. This turned
- out really bad for the windows people who wants to include a drive letter in
- the file name like "c:\cert.pem". There's now a win32 work-around
- implemented that tries work around that, when the colon seems to be used for
- this kind of construct.
-
-- Patrick Bihan-Faou introduced CURLOPT_SSL_VERIFYHOST, which makes curl
- verify the server's CN field when talking https://. If --cacert is not used,
- any failures in matching is only displayed as information (-v).
-
-Daniel (7 August 2001)
-- Wrote up nine more test cases, more or less converted from the former test
- suite.
-
-Daniel (6 August 2001)
-- Heikki Korpela posted a patch that makes 'curl-config --libs' include the
- directory in which libcurl itself is installed in. While this wasn't my
- initial intention with this option, it makes sense and makes linking with
- libcurl easier.
-
-- Stefan Ulrich pointed out to us that other tools and libraries treat file://
- URLs with only one slash after the host name slighly different than libcurl
- does. Since all the others seem to agree, we better follow them.
-
-- Nico Baggus provided us with a huge set of fixes to make curl compile and
- build under OpenVMS.
-
-Version 7.8.1-pre3
-
-Daniel (6 August 2001)
-- Jonathan Hseu noticed that you couldn't get a header callback unless you
- set CURLOPT_WRITEHEADER to non-NULL, even if you didn't care about that
- data. This is now fixed.
-
-Daniel (5 August 2001)
-- Sergio Ballestrero provided a patch for reading responses from NCSA httpd
- 1.5.x servers, as they return really screwed up response headers when asked
- for with HTTP 1.1.
-
-- curl_escape() no longer treats already encoded characters in the input
- string especially.
-
-Daniel (3 August 2001)
-- I replaced the former lib/arpa_telnet.h file with one I wrote myself, to
- avoid the BSD annoucement clause of the license in the former file.
-
-- Andrew Francis provided a new version of base64.c to work around the license
- boiler plate that came with the previous one. I patched it, but the glory
- should go to Andrew for his heads up.
-
-- Tomasz Lacki noticed that when you do repeated transfers with libcurl you
- couldn't always reliably change HTTP request. This has now been fixed and a
- new libcurl option was added: CURLOPT_HTTPGET, that can force the HTTP
- requestr (back) to GET.
-
-- Linus Nielsen Feltzing pointed out that httpsserver.pl wasn't included in
- release archives. It should be now.
-
-Daniel (2 August 2001)
-- Frank Keeney pointed out a manual mistake for certificate convertions.
-
-- Tomasz Lacki pointed out a problem in the transfer loop that could make the
- select() loop use far too much CPU.
-
-- Pawel A. Gajda pointed out an output mistake done when using libcurl's
- progress callback.
-
-Daniel (29 June 2001)
-- Naveen Noel noticed that the Borland library makefile wasn't updated.
-
-- Nic Roets brought a fix for the certificate verification when using SSL.
-
-Daniel (27 June 2001)
-- Made the FTP tests run OK even on machines running curl IPv6-enabled.
-
-- Troy Engel corrected some RPM package details.
-
-Version 7.8.1-pre2
-
-Daniel (25 June 2001)
-- Bj�rn Stenberg correctly identified a problem that occurred when downloading
- several files with curl, and using resume. The first file's resume index was
- then used for all files, resulting in weird results...
-
-- Anton Kalmykov provided a fix that makes curl work with form field names
- with spaces like when -F is used.
-
-Version 7.8.1-pre1
-
-Daniel (20 June 2001)
-- Mike Bytnar provided a fine report that proved that the --with-ssl option
- for configure needed tweaking. It no longer searches the default directories
- for OpenSSL libs or directories when a specified path is given.
-
-Daniel (19 June 2001)
-- When an FTP transfer is cut off during transfer, curl could present a truly
- garbaged error message and in worst case dump core. Thanks to detailed
- reports from Shawn Poulson we nailed this.
-
-Daniel (12 June 2001)
-- Salvador D�vila provided a fix for FTP range downloads.
-
-- Added a few more test cases from the former test suite to the new file
- format. We're now at a total of 26 tests.
-
-Daniel (11 June 2001)
-- libcurl's version-info was wrong, as noted by both Domenico Andreoli and
- David Odin.
-
-Daniel (7 June 2001)
-- J�rn fixed the curl_unescape duplicate entry in lib/libcurl.def
-
-- I made SSL certificate failure messages to be more detailed.
-
-Version 7.8
-
-Daniel (7 June 2001)
-- SDavila provided a resumed download fix.
-
-Version 7.8-pre4
-
-Daniel (1 June 2001)
-- Sterling provided some new PHP examples.
-
-- Changed the CVS hierarchy and the older checkout instruction does no longer
- work. We moved the entire source code into a CVS module named 'curl'.
-
-Daniel (31 May 2001)
-- CURLOPT_MUTE does not exist anymore. It is still present in the include file
- to not cause compiler errors for applications using it, but it isn't used
- anywhere in the library.
-
-Version 7.8-pre3
-
-Daniel (31 May 2001)
-- Once and for all fixed the _REENTRANT mess for Solaris compiles to present
- less warnings.
-
-- Sterling Hughes tirelessly points out and corrects my mistakes...! So,
- curl_global_init() now lets the argument flags *SET* what parts to
- init. CURL_GLOBAL_DEFAULT makes a nice default, CURL_GLOBAL_ALL inits all
- known subsystems and CURL_GLOBAL_NONE inits nothing more than absolutely
- necessary. Man page updated accordingly.
-
-- Fixed the strtok.h include file as it wouldn't compile on all platforms!
-
-Daniel (30 May 2001)
-- Made libcurl by default act as if CURLOPT_MUTE and CURLOPT_NOPROGRESS were
- set TRUE. Set them to FALSE to make libcurl more talkative. The *_MUTE
- option is subject for complete removal...
-
-Version 7.8-pre2
-
-Daniel (30 May 2001)
-- Cris Bailiff wrote a makefile for building Solaris packages.
-
-- Sterling Hughes brought fixes for 'buildconf' (the build-from-CVS tool) and
- we discussed and added a few CURL_GLOBAL_* flags in include/curl.h
-
-- Kjetil Jacobsen privately announced his python interface to libcurl,
- available at http://pycurl.sourceforge.net/
-
-Daniel (29 May 2001)
-- Sterling Hughes fixed a strtok() problem in libcurl. It is not a thread-
- safe function. Now configure checks for a thread-safe version, and
- lib/strtok.c offers one for the systems that don't come with one included!
-
-- Mettgut Jamalla correctly pointed out that the -# progress bar was written
- to stderr even though --stderr redirection was used. This is now corrected.
-
-- I moved out the list of contributors from the curl.1 man page and made a
- separate docs/THANKS file. It makes the list easier to find, and made it
- easier for me to make a separate web page with that same information.
-
- I really do want all you guys mentioned in there to feel you get the credit
- you deserve.
-
-- lib/easy.c didn't compile properly in the 7.8-pre1 due to a silly mistake
-
-Version 7.8-pre1
-
-Daniel (28 May 2001)
-- curl-config now supports '--vernum' that outputs a plain hexadecimal version
- of the libcurl version number (using 8 bits for each 3 numbers). Version
- 7.7.4 appears as 070704
-
-- Wrote man pages for curl_global_init and curl_global_cleanup...
-
-- T. Bharath brought news about the usage of the OpenSSL interface that was
- not previously taken into consideration and thus caused libcurl to leak
- memory. The only somewhat sane approach to fix this dilemma, is adding two
- two new functions curl_global_init() and curl_global_cleanup() that should
- be called *ONCE* by the application using libcurl. The init should be done
- only at startup, no matter how many threads the application is gonna use,
- and the cleanup should be called when the application has finished using
- libcurl completely.
-
- *** UPGRADE NOTICE ***
-
- If you write applications using libcurl, you really want to use the two
- functions mentioned above !!!
-
- I can't say I think this is a very beautiful solution, but as OpenSSL
- insists on making lots of stuff on a "global" scope, we're forced to walk
- the path they point us to.
-
-- Moving more test cases into the new file format.
-
-Version 7.7.4-pre3
-
-Daniel (23 May 2001)
-- Introduced a new file format for storing test cases, and thus I had to
- modify all the perl test scripts and more (I added a new one). I have not
- "ported" all the old test cases to the new format yet, but it'll come.
-
- The main advantage of this new format is that all test data for each test
- case is stored in a single file. It gives a better overview for each test
- case and a lot less files.
-
-- Andr�s Garc�a brought a fix for the netscape/mozilla cookie file parsing
- function, as it turns out it doesn't always store the path!
-
-Daniel (22 May 2001)
-- As was reported anonymously, when FAILONERROR was used, the httpcode was
- not stored properly and thus wasn't possibly to read after a transfer with
- the curl_easy_getinfo() function. This is now corrected.
-
-- Installed and made use of the following tool versions:
- autoconf 2.50
- libtool 1.4
- automake 1.4-p1
-
- I wouldn't recommend any developer to try to generate things with older
- versions than these. Building from CVS will probably more or less require
- at least these versions.
-
- As a result of this, the configure script grew to more than double its
- previous size!
-
- Arkadiusz Miskiewicz helped me by pointing out I had to remove my
- acinclude.m4 file before I could get it working!
-
-Daniel (21 May 2001)
-- I made ftps:// work. Added test case 400 to the release archive, as the
- first ftps:// test case. Requires stunnel.
-
-- Also made the test cases that runs ssl tests not run if libcurl isn't built
- with ssl support.
-
-Daniel (19 May 2001)
-- Made the configure not add any extra -L LDFLAGS or -I CPPFLAGS unless they
- are actually needed. Albert Chin's and Domenico Andreoli's suggestions
- helped out.
-
-Version 7.7.4-pre2
-
-Daniel (18 May 2001)
-- Nicer configure-check for the OpenSSL headers, which then sets the proper
- variable to have curl-config be good. (Albert Chin provided the fix)
-
-- For systems that don't have theiw own 'strlcat()' libcurl provides its own.
- It was now renamed to prevent collides with other libs. (After discussions
- with Sterling Hughes and the implications this had on PHP builds.)
-
-Daniel (17 May 2001)
-- Colm Buckley posted a detailed bug report on (the debianized) 7.7.3, that
- turned out to be a problem with the debian-built 7.7.3-package that
- contained files from the 7.7.2 release!
-
-- I added the CURLE_ALREADY_COMPLETE again, but with a fake value, just to
- make programs that use it, not fail when compiling against this version of
- libcurl.
-
-Daniel (14 May 2001)
-- Pawel A. Gajda fixed a problem with resumed transfers on re-used persistent
- connections.
-
-Version 7.7.4-pre1
-
-Daniel (14 May 2001)
-- Jun-ichiro itojun Hagino fixed FTP PORT for IPv6-enabled libcurl.
-
-- Added the first HTTPS test to the test suite in the release archive.
-
-Daniel (12 May 2001)
-- Jukka Pihl suggested that if (lib)curl is told to verify the peer's
- certificate and the peer can't be verified, it should fail and return a
- proper error code. I added a brand new error code named
- CURLE_SSL_PEER_CERTIFICATE for this purpose.
-
-Daniel (11 May 2001)
-- As was discussed with Frederic Lepied a while ago, I now made libcurl not
- return error even though no data was transfered on upload/download resume
- when the no transfer is needed. The CURLE_ALREADY_COMPLETE error was removed
- from the header file to make any implemenator that uses that to be aware of
- the fact that it can't be returned anymore!
-
-- Improved general header-parsing to better allow white spaces and more.
-
-- Rodney Simmons proved the fix I did yesterday was bad and I had to post
- another one.
-
-- Ingo Wilken patched away two redirect problems more!
-
-Daniel (10 May 2001)
-- Cris Bailiff correctly noted that the space-after-header problem with
- Location: is present on several other places in the libcurl sources.
-
-- Ingo Wilken patched away a problem libcurl had when following Location:
- headers with an extra space after the colon.
-
-- Rodney Simmons found out that multiple FTP transfers did not treat relative
- directories correctly.
-
-Daniel (9 May 2001)
-- Getting an FTP file with CURLOPT_NOBODY set (or -I from the command line),
- makes curl use the non-standard ftp command "SIZE". If it failed, libcurl
- returned error. Starting now, it just don't output the file size instead.
- Anonymous bug report.
-
-- stunnel.pm was accidentally left out from the release archive, it is now
- added (stunnel is needed to run the https-tests in the test suite)
-
-Daniel (7 May 2001)
-- Corrected two minor compiler warnings due to the FILE * to void * conversion
- that I missed at two places. J�rn Hartroth brought me patches. Sander Gates
- filed a bug report on this.
-
-Version 7.7.3
-
-Daniel (4 May 2001)
-- All callback functions now take 'void *' instead of 'FILE *'. This is made
- this way to make it more obvious to people that anything can be passed to
- them (by using the apropriate option). After discussions with Sterling
- Hughes.
-
-Daniel (3 May 2001)
-- Cris Bailiff fixed a chunked transfer encoding problem with persistent
- connection that made libcurl fail if the persistent connection used mixed
- chunked and non-chunked transfers.
-
-- Cris Bailiff fixed a bad treatment of 304-replies, as they would not be
- treated as content-length 0 replies but would cause a "hang" until the
- server timed-out and closed the connection.
-
-- Brad Burdick found a minor problem in the docs/examples/Makefile.am
-
-Daniel (27 April 2001)
-- Updated the INTERALS document again. It was lagging a bit. I think I made it
- more easy to follow now as well.
-
-- Brad Burdick found a problem with persistent connections when curl received
- a "Content-Length: 0" header.
-
-- Giuseppe D'Ambrosio was first out to report that TELNET doesn't work in curl
- compiled/built on win32. It seems to work for unixes though!
-
-- Dave Hamilton reported weird problems with CURL/PHP that I really can't
- explain at the moment. I'm hoping on some help from the PHP crew.
-
-Daniel (26 April 2001)
-- I rewrote the FTP command response function. I had to do it to make ftps
- work, as the OpenSSL read()-function didn't work the same way the normal
- unix read() does, but it was also a huge performance boost. Previously the
- function read one byte at a time, now it reads very large chunks, and it
- makes a notable speed difference.
-
-Daniel (25 April 2001)
-- Connection re-use when not using a proxy didn't work properly for
- non-default port numbers.
-
-Daniel (24 April 2001)
-- I've noticed that FTPS doesn't work. We attempt to use ssl even for the
- data transfer, which causes the transfer to 'hang'... We need to fix this.
-
-- Improved the test suite to use 'stunnel' to do HTTPS and FTPS testing on
- the alredy written perl servers easily.
-
-Daniel (23 April 2001)
-- The OpenSSL version string recently modified didn't zero terminate one
- of the generated strings properly, which could lead to a crash or simply
- weird version string output!
-
-Version 7.7.2
-
-Daniel (22 April 2001)
-- Rosimildo da Silva updated the Makefiles for Borland/Windows.
-
-- Eric Rautman pointed out a problem with persistent connections that would
- lead to broken Host: headers in the second HTTP request.
-
-Daniel (20 April 2001)
-- Added man pages for the curl_strequal() and curl_mprintf() families. Wrote
- a 'libcurl overview' man page.
-
-- Spell-fixed some documents.
-
-- S. Moonesamy corrected mistakes in the man page.
-
-- Cris Bailiff fixed the curl_slists options in the perl interface, present
- separately in the Curl::easy 1.1.4 package.
-
-Daniel (19 April 2001)
-- Linus Nielsen Feltzing removed the decimals from the size variables in the
- --write-out output. We hardly ever get fraction of bytes! :-)
-
-Version 7.7.2-pre1
-
-Daniel (19 April 2001)
-
-- Albert Chin provided a configure patch for the AC_SYS_LARGEFILE macro.
-
-Daniel (18 April 2001)
-- Input from Michael Mealling made me add --feature to curl-config. It
- displays a list of features that have been built-in in the current
- libcurl. The currently available features that can be listed are: SSL, KRB4
- and IPv6.
-
-- I committed Cris and Georg's perl interface work. They've got callbacks
- working and options that receives those slist pointers.
-
-- Puneet Pawaia detected a problem with resumed downloads that use persistent
- connections and I made a rather large writeup to correct this. It is
- important that all session-data is stored in the connectdata struct and not
- in the main struct as this previously did.
-
-Daniel (17 April 2001)
-- Frederic Lepied fixed a ftp resumed download problem and introduced a new
- error code that lets applications be able to detect when a resumed download
- actually didn't download anything since the whole file is already present.
- Should this return OK instead?
-
-- I added 'curl-config.in' to the root dir and configure script. Now, a
- curl-config script is made when curl is built. The script can be used to
- figure out compile time options used when libcurl was built, which in turn
- should be options YOU should use to build applications that use libcurl.
-
- This *-config style is not a new idea, but something that has been used
- successfully in other (library based) projects.
-
-- Phil Karn pointed out that libcurl wrongly did not always use GMT time zone
- for the If-Modified-Since style headers.
-
-- Georg Schwarz pointed out an extra needed #include file needed in src/main.c
- for curl to build on Ultrix.
-
-Daniel (11 April 2001)
-- Cris Bailiff pointed out two problems that I corrected. First, libcurl's use
- of the environment variable HTTP_PROXY in uppercase may become a security
- hazard when people use libcurl in a server/cgi situation where the server
- sets the HTTP_*-variables according to incoming headers in the HTTP
- request. Thus, a "Proxy:"-header would set that environment variable!
-
- Then, invoking curl_easy_perform() without having an URL set caused a crash.
-
-- S. Moonesamy brought a patch that make curl use non-blocking connects on
- windows when connection timeout is set, as it allows windows users to set
- that timeout!
-
-- Hirotaka Matsuyuki wrote a Ruby interface to libcurl!
-
-- Cris Bailiff, Forrest Cahoon and Georg Horn work on the Perl interface.
-
-- I've written a first shot at a Java interface to libcurl. Many thanks to
- Daniel Marell for tirelessly answering to all my basic Java questions. It
- works, but it is still very basic.
-
-Daniel (10 April 2001)
-- The progress display could get silly when doing multiple file transfers, as
- it wasn't properly reset between transfers!
-
-- Discussions with Cris Bailiff who writes a Perl interface to libcurl, made
- me add CURLOPT_HEADERFUNCTION. It can be used to set a separate callback
- function for writing headers. Previously you could only set a different FILE
- * when headers are written from within libcurl.
-
-Daniel (7 April 2001)
-- Andr�s Garc�a fixed a problem in curl_escape() and pointed out a flaw in
- the curl_easy_setopt man page.
-
-Daniel (6 April 2001)
-- Adjusted the version code to properly display OpenSSL 0.9.6a. They sure
- change their version define format often...
-
-- curl_formfree() now accepts a NULL pointer without crashing!
-
-Version 7.7.1
-
-Daniel (3 April 2001)
-- Puneet Pawaia pointed out two serious problems. Libcurl would attempt to
- read bad memory during situations when an (ftp) connection attempt failed.
- Also, the lib/Makefile.vc6 was corrected.
-
-- More investigations in the Location: following code made me realize that
- it was not clean enough to work transparantly with persistent and non-
- persistent connections. I think I've fixed it now.
-
-Daniel (29 March 2001)
-- Georg Horn mailed me some corrections for the Curl::easy perl interface.
-
-- Experimental ftps:// support added. It is basically FTP over SSL for the
- control connection. It still makes all data transfers going over unencrypted
- connections. Rainer Weikusat's ftpd-ssl server hack supports this and I used
- that to verify the functionality.
-
-Daniel (27 March 2001)
-- Guenole Bescon discovered that if you set a CURLOPT_TIMEOUT and then tried
- to get a file from a site and it fails, the SIGALRM would still be sent
- after the timeout-time, quite inexpectedly!
-
-- I added an ftp transfer example to docs/examples/ and I also wrote a tiny
- example makefile that can be used as a start when building one of the
- examples.
-
-Version 7.7.1-beta1
-
-Daniel (26 March 2001)
-- Mohamed Lrhazi reported problems with 7.6.1 and persistent HTTP/1.0
- connections (when the server replied a Connection: Keep-Alive) and this
- problem was not properly dealt with in 7.7 either. A patch was posted to the
- curl-and-php mailing list.
-
-Daniel (24 March 2001)
-- Colin Watson reported about a problem and brought a patch that corrected it,
- which was about the man page and lines starting with a single quote (') in a
- way that gnroff doesn't like.
-
-Daniel (23 March 2001)
-- Peter Bray reported correctly that the root makefile used make instead of
- $(MAKE) for the test target.
-
-- Corrected the Curl::easy perl interface to use curl_easy_setopt() and not
- curl_setopt() which was removed in 7.7!
-
-- S. Moonesamy provided updates on three documents (MANUAL, INSTALL and FAQ).
-
-- When following a Location:, libcurl would sometimes write to the URL string
- in a way it shouldn't. As the pointer is passed-in to libcurl from an
- application, we can't be allowed to write to it. The particular bug report
- from 'nk' that brought this up was because he had a read-only URL that then
- caused a libcurl crash!
-
-- No longer reads HEAD responses longer than to the last header. Previously,
- curl would read the full reply if the connection was a "close" one.
-
-- libcurl did re-use connections way too much. Doing "curl
- http://www.{microsoft,ibm}.com"; would make it re-use the connection which
- made the second request return very odd results.
-
-Daniel (22 March 2001)
-- Edin Kadribasic made me aware that curl should not re-send POST requests
- when following 302-redirects. I made 302 work like 303 which means curl uses
- GET in the following request(s).
-
-- libcurl now reset the "followed-location" counter on each invoke of
- curl_easy_perform() as it otherwise would sum up all redirects on the same
- connection and thus could reach the maxredirs counter wrongly.
-
-- Jim Drash suggested curl_escape() should not re-encode what already looks
- like an encoded sequence and I think that's a fair suggestion.
-
-Version 7.7
-
-Daniel (22 March 2001)
-- The configure script now fails with an error message if gethostbyname_r() is
- detected but it couldn't figure out how to invoke it (what amount of
- arguments it is supposed to get). Reports from Andr�s Garc�a made me aware
- of this need.
-
-- Talking with Jim Drash made me finally put the curl_escape and curl_unescape
- functions in the curl.h include file and write man pages for them. The
- escape function was modified to use the same interface as the unescape one
- had.
-
-- No bug reports at all on the latest betas. Release time coming up.
-
-Version 7.7-beta5
-
-Daniel (19 March 2001)
-- Georg Ottinger reported problems with using -C together with -L in the sense
- that the -C info got lost when it was redirected. I could not repeat this
- problem on the 7.7 branch why I leave this for the moment. Test case 39 was
- added to do exactly this, and it seems to do right.
-
-- Christian Robottom Reis reported how his 7.7 beta didn't successfully do
- form posts as elegantly as 7.6.1 did. Indeed, this was a flaw in the header
- engine, as HTTP 1.1 has introduced a new 100 "transient" return code for PUT
- and POST operations that I need to add support for. Section 8.2.3 in RFC2616
- has all the details. Seems to work now!
-
-Daniel (16 March 2001)
-- After having experienced another machine break-down, we're back.
-
-- Georg Horn's perl interface Curl::easy is now included in the curl release
- archive. The perl/ directory is now present. Please help me with docs,
- examples and updates you think fit.
-
-- Made a new php/ directory in the release archive and moved the PHP examples
- into a subdirectory in there. Not much PHP info yet, but I plan to. Please
- help me here as well!
-
-- Made libcurl return error if a transfer is aborted in the middle of a
- "chunk". It actually enables libcurl to discover premature transfer aborts
- even if the Content-Length: size is unknown.
-
-Daniel (15 March 2001)
-- Added --connect-timeout to curl, which sets the new CURLOPT_CONNECTTIMEOUT
- option in libcurl. It limits the time curl is allowed to spend in the
- connection phase. This differs from -m/--max-time that limits the entire
- file transfer operation. Requested by Larry Fahnoe and others.
-
- I also updated the curl.1 and curl_easy_setopt.3 man pages and removed the
- item from the TODO.
-
-Version 7.7-beta4
-
-Daniel (14 March 2001)
-- Made curl grok IPv6 with HTTP proxies and got everything to compile nicely
- again when ENABLE_IPV6 is set.
-
- I need to remake things in the test suite. I can't test the FTP parts with
- curl built for IPv6 as it uses a different set of FTP commands then!
-
-- I fell onto a bug report on php.net (posted by Lars Torben Wilson) that was
- a report meant for our project. Anyway, it said the .netrc parsing didn't
- work as supposed, and as I agreed with Lars, I made the netrc parser use
- getpwuid() to figure out the home directory of the effective user and try
- that netrc. It still uses the environment variable HOME for those that don't
- have that function or if the user doesn't return valid pwd info.
-
-- Edin Kadribaic posted a bug report where he got a crash when a fetch with
- user+password in the URL followed a Location: to a second URL (absolute,
- without name+password). This bug has been around for a long while and
- crashes due to a read at address zero. Fixed now. Wrote test case 38, that
- tests this.
-
-- Modified the test suite's httpserver slightly to append all client request
- data to its log file so that the test script now better can verify a range
- of requests and not only the last one, as it did previously.
-
-- Updated the curl man page with --random-file and --egd-file details.
-
-Version 7.7-beta3
-
-Daniel (14 March 2001)
-- Bj�rn Stenberg provided similar fixes as J�rn did and some additional patches
- for non-SSL compiles.
-
-- I increased the interface number for libcurl as I've removed the low level
- functions from the interface. I also took this opportunity to rename the
- Curl_strequal function to curl_strequal and Curl_strnequal to
- curl_strnequal, as they're public libcurl functions (even if they're still
- undocumented).
-
- This will make older programs not capable of using the new libcurl with
- just a drop-in replacement.
-
-- J�rn Hartroth updated stuff for win32 compiles:
- o config-win32.h was fixed for socklen_t
- o lib/ssluse.c had a bad #endif placement
- o lib/file.c was made to compile on win32 again
- o lib/Makefile.m32 was updated with the new files
- o lib/libcurl.def matches the current interface state
-
-Daniel (13 March 2001)
-- It only took an hour or so before J�rn Hartroth found a problem in the
- chunked transfer-encoding. Given his fine example-site, I could easily spot
- the problem and when I re-read the spec (the part I have pasted in the top
- of the http_chunks.h file), I realized I had made my state-machine slightly
- wrong and didn't expect/handle the trailing CRLF that comes after the data
- in each chunk (and those extra two bytes sure feel wasted).
-
- Had to modify test case 34 to match this as well.
-
-Version 7.7-beta2
-
-Daniel (13 March 2001)
-- Added the policy stuff to the curl_easy_setopt man page for the two supported
- policies.
-
-- Implemented some support for the CURLOPT_CLOSEPOLICY option. The policies
- CURLCLOSEPOLICY_LEAST_RECENTLY_USED and CURLCLOSEPOLICY_OLDEST are now
- supported, and the "least recently used" is used as default if no policy
- is chosen.
-
-Daniel (12 March 2001)
-- Added CURLOPT_RANDOM_FILE and CURLOPT_EGDSOCKET to libcurl for seeding the
- SSL random engine. The random seeding support was also brought to the curl
- client with the new options --random-file <file> and --egd-file <file>. I
- need some people to really test this to know they work as supposed. Remember
- that libcurl now informs (if verbose is on) if the random seed is considered
- weak (HTTPS connections).
-
-- Made the chunked transfer-encoding engine detected bad formatted data length
- and return error if so (we can't possibly extract sensible data if this is
- the case). Added a test case that detects this. Number 36. Now there are 60
- test cases.
-
-- Added 5 new libcurl options to curl/curl.h that can be used to control the
- persistent connection support in libcurl. They're also documented (fairly
- thoroughly) in the curl_easy_setopt.3 man page. Three of them are now
- implemented, although not really tested at this point... Anyway, the new
- implemented options are named CURLOPT_MAXCONNECTS, CURLOPT_FRESH_CONNECT,
- CURLOPT_FORBID_REUSE. The ones still left to write code for are:
- CURLOPT_CLOSEPOLICY and its related option CURLOPT_CLOSEFUNCTION.
-
-- Made curl (the actual command line tool) use the new libcurl 7.7 persistent
- connection support by re-using the same curl handle for every specified file
- transfer and after some more test case tweaking we have 100% test case OK.
- I made some test cases return HTTP/1.0 now to make sure that works as well.
-
-- Had to add 'Connection: close' to the headers of a bunch of test cases so
- that curl behaves "old-style" since the test http server doesn't do multiple
- connections... Now I get 100% test case OK.
-
-- The curl.haxx.se site, the main curl mailing list and my personal email are
- all dead today due to power blackout in the area where the main servers are
- located. Horrible.
-
-- I've made persistance work over a squid HTTP proxy. I find it disturbing
- that it uses headers that aren't present in any HTTP standard though
- (Proxy-Connection:) and that makes me feel that I'm now on the edge of what
- the standard actually defines. I need to get this code excercised on a lot
- of different HTTP proxies before I feel safe.
-
- Now I'm facing the problem with my test suite servers (both FTP and HTTP)
- not supporting persistent connections and libcurl is doing them now. I have
- to fix the test servers to get all the test cases do OK.
-
-Daniel (8 March 2001)
-- Guenole Bescon reported that libcurl did output errors to stderr even if
- MUTE and NOPROGRESS was set. It turned out to be a bug and happens if
- there's an error and no ERRORBUFFER is set. This is now corrected.
-
-Version 7.7-beta1
-
-Daniel (8 March 2001)
-- "Transfer-Encoding: chunked" is no longer any trouble for libcurl. I've
- added two source files and I've run some test downloads that look fine.
-
-- HTTP HEAD works too, even on 1.1 servers.
-
-Daniel (5 March 2001)
-- The current 57 test cases now pass OK. It would suggest that libcurl works
- using the old-style with one connection per handle. The test suite doesn't
- handle multiple connections yet so there are no test cases for this.
-
-- I patched the telnet.c heavily to not use any global variables anymore. It
- should make it a lot nicer library-wise.
-
-- The file:// support was modified slightly to use the internal connect-first-
- then-do approach.
-
-Daniel (4 March 2001)
-- More bugs erased.
-
-Version 7.7-alpha2
-
-Daniel (4 March 2001)
-- Now, there's even a basic check that a re-used connection is still alive
- before it is assumed so. A few first tests have proven that libcurl will
- then re-connect instead of re-use the dead connection!
-
-Daniel (2 March 2001)
-- Now they work intermixed as well. Major coolness!
-
-- More fiddling around, my 'tiny' client I have for testing purposes now has
- proved to download both FTP and HTTP with persistent connections. They do
- not work intermixed yet though.
-
-Daniel (1 March 2001)
-- Wilfredo Sanchez pointed out a minor spelling mistake in a man page and that
- curl_slist_append() should take a const char * as second argument. It does
- now.
-
-Daniel (22 February 2001)
-- The persistent connections start to look good for HTTP. On a subsequent
- request, it seems that libcurl now can pick an already existing connection
- if a suitable one exists, or it opens a new one.
-
-- Douglas R. Horner mailed me corrections to the curl_formparse() man page
- that I applied.
-
-Daniel (20 February 2001)
-- Added the docs/examples/win32sockets.c file for our windows friends.
-
-- Linus Nielsen Feltzing provided brand new TELNET functionality and
- improvements:
-
- * Negotiation is now passive. Curl does not negotiate until the peer does.
- * Possibility to set negotiation options on the command line, currently only
- XDISPLOC, TTYPE and NEW_ENVIRON (called NEW_ENV).
- * Now sends the USER environment variable if the -u switch is used.
- * Use -t to set telnet options (Linus even updated the man page, awesome!)
-
-- Haven't done this big changes to curl for a while. Moved around a lot of
- struct fields and stuff to make multiple connections get connection specific
- data in separate structs so that they can co-exist in a nice way. See the
- mailing lists for discussions around how this is gonna be implemented. Docs
- and more will follow.
-
- Studied the HTTP RFC to find out better how persistent connections should
- work. Seems cool enough.
-
-Daniel (19 February 2001)
-- Bob Schader brought me two files that help set up a MS VC++ libcurl project
- easier. He also provided me with an up-to-date libcurl.def file.
-
-- I moved a bunch of prototypes from the public <curl/curl.h> file to the
- library private urldata.h. This is because of the upcoming changes. The
- low level interface is no longer being planned to become reality.
-
-Daniel (15 February 2001)
-- CURLOPT_POST is not required anymore. Just setting the POST string with
- CURLOPT_POSTFIELDS will switch on the HTTP POST. Most other things in
- libcurl already works this way, i.e they require only the parameter to
- switch on a feature so I think this works well with the rest. Setting a NULL
- string switches off the POST again.
-
-- Excellent suggestions from Rich Gray, Rick Jones, Johan Nilsson and Bjorn
- Reese helped me define a way how to incorporate persistent connections into
- libcurl in a very smooth way. If done right, no change may have to be made
- to older programs and they will just start using persistent connections when
- applicable!
-
-Daniel (13 February 2001)
-- Changed the word 'timeouted' to 'timed out' in two different error messages.
- Suggested by Larry Fahnoe.
-
-Version 7.6.1
-
-Daniel (9 February 2001)
-- Frank Reid and Cain Hopwood provided information and research around a HTTPS
- PUT/upload problem we seem to have. No solution found yet.
-
-Daniel (8 February 2001)
-- An interesting discussion is how to specify an empty password without having
- curl ask for it interactively? The current implmentation takes an empty
- password as a request for a password prompt. However, I still want to
- support a blank user field. Thus, today if you enter "-u :" (without user
- and password) curl will prompt for the password. Tricky. How would you
- specify you want the prompt otherwise?
-
-- Made the netrc parse result possible to use for other protocols than FTP and
- HTTP (such as the upcoming TELNET fixes).
-
-- The previously mentioned "MSVC++ problems" turned out to be a non-issue.
-
-- Added a HTTP file upload code example in the docs/examples/ section on
- request.
-
-- Adjusted the FTP response fix slightly.
-
-Version 7.6.1-pre3
-
-Daniel (7 February 2001)
-- S. Moonesamy found a flaw in the response reading function for FTP that
- could make libcurl not get out of the loop properly when it should, if
- libcurl got -1 returned when reading the socket.
-
-- I found a similar mistake in http.c when using a proxy and reading the
- results from the proxy connection.
-
-Daniel (6 February 2001)
-- S. Moonesamy pointed out that the VC makefile in src/ needed the libpath set
- for the debug build to work.
-
-- Daniel Gehriger stepped in to assist with the VC++ stuff Robert Weaver
- brought up yesterday.
-
-Daniel (5 February 2001)
-- Jun-ichiro itojun Hagino brought a big patch that brings IPv6-awareness to
- a bunch of different areas within libcurl.
-
-- Robert Weaver told me about the problems the MS VC++ 6.0 compiler has with
- the 'static' keyword on a number of libcurl functions. I might need to add a
- patch that redefines static when libcurl is compiled with that compiler.
- How do I know when VC++ compiles, anyone?
-
-Daniel (4 February 2001)
-- curl_getinfo() was extended with two new options:
- CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD. They
- return the full assumed content length of the transfer in the given
- direction. The CURLINFO_CONTENT_LENGTH_DOWNLOAD will be the Content-Length:
- size of a HTTP download. Added descriptions to the man page as well. This
- was done after discussions with Bob Schader.
-
-Daniel (3 February 2001)
-- Ingo Ralf Blum provided another fix that makes curl build under the more
- recent cygwin installations. It seems they've changed the preset defines to
- not include WIN32 anymore.
-
-Version 7.6.1-pre2
-
-Daniel (31 January 2001)
-- Curl_read() and curl_read() now return a ssize_t for the size, as it had to
- be able to return -1. The telnet support crashed due to this and there was a
- possibility to weird behavior all over. Linus Nielsen Feltzing helped me
- find this.
-
-- Added a configure.in check for a working getaddrinfo() if IPv6 is requested.
- I also made the configure script feature --enable-debug which sets a couple
- of compiler options when used. It assumes gcc.
-
-Daniel (30 January 2001)
-- I finally took a stab at the long-term FIXME item I've had on myself, and
- now libcurl will properly work when doing a HTTP range-request that follows
- a Location:. Previously that would make libcurl fail saying that the server
- doesn't seem to support range requests.
-
-Daniel (29 January 2001)
-- I added a test case for the HTTP PUT resume thing (test case 33).
-
-Version 7.6.1-pre1
-
-Daniel (29 January 2001)
-- Yet another Content-Range change. Ok now? Bob Schader checks from his end
- and it works for him.
-
-Daniel (27 January 2001)
-- So the HTTP PUT resume fix wasn't good. There should appearantly be a
- Content-Range header when resuming a PUT.
-
-- I noticed I broke the download-check that verifies that a resumed HTTP
- download is actually resumed. It got broke because my new 'httpreq' field
- in the main curl struct. I should get slapped. I added a test case for
- this now, so I won't be able to ruin this again without noticing.
-
-- Added a test case for content-length verifying when downloading HTTP.
-
-- Made the progress meter title say if the transfer is being transfered. It
- makes the output slightly better for resumes.
-
-- When dealing with Location: and HTTP return codes, libcurl will not attempt
- to follow the spirit of RFC2616 better. It means that when POSTing to a
- URL that is being following to a second place, the standard will judge on
- what to do. All HTTP codes except 303 and 305 will cause curl to make a
- second POST operation. 303 will make a GET and 305 is not yet supported.
-
- I also wrote two test cases for this POST/GET/Location stuff.
-
-Version 7.6
-
-Daniel (26 January 2001)
-- Lots of mails back and forth with Bob Schader finally made me add a small
- piece of code in the HTTP engine so that HTTP upload resume works. You can
- now do an operation like 'curl -T file -C <offset> <URL>' and curl will PUT
- the ending part of the file starting at given offet to the specified URL.
-
-Version 7.6-pre4
-
-Daniel (25 January 2001)
-- I took hold of Rick Jones' question why we don't use recv() and send() for
- reading/writing to the sockets and I've now modified the sread() and
- swrite() macros to use them instead. If nothing else, they could be tested
- in the next beta-round coming right up.
-
-- Jeff Morrow found a problem with libcurl's usage of SSL_read() and supplied
- his research results in how to fix this. It turns out we have to invoke the
- function several times in some cases. The same goes for the SSL_write().
-
- I made some rather drastic changes all over libcurl to make all writes and
- reads get done on one single place so that this repeated-attempts thing
- would only have to be implemented at one point.
-
-- Rick Jones spotted that the 'total time' counter really didn't measure the
- total time very accurate on subsecond levels.
-
-- Johan Nilsson pointed out the need to more clearly specify that the timeout
- value you set for a download is for the *entire* download. There's currently
- no option available that sets a timeout for the connection phase only.
-
-Daniel (24 January 2001)
-- Ingo Ralf Blum submitted a series of patches required to get curl to compile
- properly with cygwin.
-
-- Robert Weaver posted a fix for the win32 section of the curl_getenv() code
- that corrected a potential memory leak.
-
-- Added comments in a few files in a sudden attempt to make the sources more
- easy to read and understand!
-
-Daniel (23 January 2001)
-- Added simple IPv6 detection in the configure script and made the version
- string add 'ipv6' to the enable section in that case. ENABLE_IPV6 will be
- set if curl is compiled with IPv6 support enabled.
-
-- Added a parser for IPv6-style specified IP-addresses in a URL. Thus, when
- IPv6 gets enabled soon, we can use URLs like '[0::1]:80'...
-
-- Made the URL globbing in the client possible to fail silently if there's an
- error in the globbing. It makes it almost intuitive, so when you don't
- follow the syntax rules, globbing is simply switched off and the raw string
- is used instead.
-
- I still think we'll get problems with IPv6-style IP-addresses when we *want*
- globbing on parts of the URL as the initial part of the URL will for sure
- seriously confuse the globber.
-
-Daniel (22 January 2001)
-- Bj�rn Stenberg supplied a progress meter patch that makes it look better even
- during slow starts. Previously it made some silly assumptions...
-
-- Added two FTP tests for -Q and -Q - stuff since it was being discussed on
- the mailing list. Had to correct the ftpserver.pl too as it bugged slightly.
-
-Daniel (19 January 2001)
-- Made the Location: parsers deal with any-length URLs. Thus I removed the last
- code that restricts the length of URLs that curl supports.
-
-- Added a --globoff test case (#28) and it quickly identified a memory problem
- in src/main.c that I took care of.
-
-Version 7.6-pre3
-
-Daniel (17 January 2001)
-- Made the two former files lib/download.c and lib/highlevel.c become the new
- lib/transfer.c which makes more sense. I also did the rename from Transfer()
- to Curl_Transfer() in the other source files that use the transfer function
- in the spirit of using Curl_ prefix for library-scoped global symbols.
-
-Daniel (11 January 2001)
-- Added -g/--globoff that switches OFF the URL globbing and thus enables {}[]
- letters to be part of the URL. Do note that RFC2396 section 2.4.3 explicitly
- mention these letters to be escaped. This was posted as a feature request by
- Jorge Gutierrez and as a bug by Terry.
-
-- Short options to curl that requires parameters can now be specified without
- having the option and its parameter space separated. -ofile works as good as
- -o file. -m20 is equal to -m 20. Do note that this goes for single-letter
- options only, verbose --long-style options still must be separated with
- space from their parameters.
-
-Daniel (8 January 2001)
-- Francis Dagenais reported that the SCO compiler still fails when compiling
- curl due to that getpass_r() prototype. I've now put it around #ifndef
- HAVE_GETPASS_R in an attempt to please the SCO systems.
-
-- Made some minor corrections to get the client to cleanup properly and I made
- the separator work again when getting multiple globbed URLs to stdout.
-
-- Worked with Loic Dachary to get the make dist and make distcheck work
- correctly. The 'maketgz' script is now using the automake generated 'make
- dist' when creating release archives. Loic successfully made 'make rpms'
- automatically build RPMs!
-
-Loic Dachary (6 January 2001)
-- Automated generation of rpm packages, no need to be root.
-
-- make distcheck generates a proper distribution (EXTRA_DIST
- in all Makefile.am modified to match FILES).
-
-Daniel (5 January 2001)
-- Huge client-side hack: now multiple URLs are supported. Any number of URLs
- can be specified on the command line, and they'll all be downloaded. There
- must be a corresponding -o or -O for each URL or the data will be written to
- stdout. This needs more testing, time to release a 7.6-pre package.
-
-- The krb4 support was broken in the release. Fixed now.
-
-- Huge internal symbol rename operation. All non-static but still lib-internal
- symbols should now be prefixed with 'Curl_' to prevent collisions with other
- libs. All public symbols should be prefixed with 'curl_' and the rest should
- be static and thus invisible to the outside world. I updated the INTERNALS
- document to say this as well.
-
-Version 7.5.2
-
-Daniel (4 January 2001)
-- As Kevin P Roth suggested, I've added text to the man page for every command
- line option and what happens when you specify that option more than
- once. That hasn't been exactly crystal clear before.
-
-- Made the configure script possible to run from outside the source-tree. For
- odd reasons I can't build curl properly outside though. It has to do with
- curl's dependencies on libcurl...
-
-- Cut off all older (dated 1999 and earlier) CHANGES entries from this file.
- The older piece is named CHANGES.0 and is added to the CVS repository in
- case anyone would need it.
-
-- I added another file 'CVS-INFO' to the CVS. It contains information about
- files in the CVS that aren't included in release archives and how to build
- curl when you get the sources off CVS.
-
-- Updated CONTRIBUTE and FAQ due to the new license.
-
-Daniel (3 January 2001)
-- Renamed README.libcurl to LIBCURL
-
-- Changed headers in all sources files to the new dual license concept of
- curl: use the MIT/X derivate license *or* MPL. The LEGAL file was updated
- accordingly and the MPL 1.1 and MIT/X derivate licenses are now part of the
- release archive.
-Daniel (30 December 2000)
-- Made all FTP commands get sent with the trailing CRLF in one single write()
- as splitting them up seems to confuse at least some firewalls (FW-1 being
- one major).
-
-Daniel (19 December 2000)
-- Added file desrciptor and FILE handle leak detection to the memdebug system
- and thus I found and removed a file descriptor leakage in the ftp parts
- that happened when you did PORTed downloads.
-
-- Added an include <stdio.h> in <curl/curl.h> since it uses FILE *.
-
-Daniel (12 December 2000)
-- Multiple URL downloads with -O was still bugging. Not anymore I think or
- hope, or at least I've tried... :-O
-
-- Francois Petitjean fixed another -O problem
-
-Version 7.5.1
-
-Daniel (11 December 2000)
-- Cleaned up a few of the makefiles to use unix-style newlines only. As Kevin
- P Roth found out, at least one CVS client behaved wrongly when it found
- different newline conventions within the same file.
-
-- Albert Chin-A-Young corrected the LDFLAGS use in the configure script for
- the SSL stuff.
-
-Daniel (6 December 2000)
-- Massimo Squillace correctly described how libcurl could use session ids when
- doing SSL connections.
-
-- James Griffiths found out that curl would crash if the file you specify with
- -o is shorter than the URL! This took some hours to fully hunt down, but it
- is fixed now.
-
-Daniel (5 December 2000)
-- Jaepil Kim sent us makefiles that build curl using the free windows borland
- compiler. The root makefile now accepts 'make borland' to build curl with
- that compiler.
-
-- Stefan Radman pointed out that the test makefiles didn't use the PERL
- variable that the configure scripts figure out. Actually, you still need
- perl in the path for the test suite to run ok.
-
-- Rich Gray found numerous portability problems:
- * The SCO compiler got an error on the getpass_r() prototype in getpass.h
- since the curl one differed from the SCO one
- * The HPUX compiler got an error because of how curl did the sigaction
- stuff and used a define HPUX doesn't have (or need).
- * A few more problems remain to be researched.
-
-- Paul Harrington experienced a core dump using https. Not much details yet.
-
-Daniel (4 December 2000)
-- J�rn Hartroth fixed a problem with multiple URLs and -o/-O.
-
-Version 7.5
-
-Daniel (1 December 2000)
-- Craig Davison gave us his updates on the VC++ makefiles, so now curl should
- build fine with the Microsoft compiler on windows too.
-
-- Fixed the libcurl versioning so that we don't ruin old programs when
- releasing new shared library interfaces.
-
-Daniel (30 November 2000)
-- Renamed docs/README.curl to docs/MANUAL to better reflect what the document
- actually contains.
-
-Daniel (29 November 2000)
-- I removed a bunch of '#if 0' sections from the code. They only make things
- harder to follow. After all, we do have all older versions in the CVS.
-
-Version 7.5-pre5
-
-Daniel (28 November 2000)
-- I filled in more error codes in the man page error code list that had been
- lagging.
-
-- James Griffiths mailed me a fine patch that introduces the CURLOPT_MAXREDIRS
- libcurl option. When used, it'll prevent location following more than the
- set number of times. It is useful to break out of endless redirect-loops.
-
-Daniel (27 November 2000)
-- Added two test cases for file://.
-
-Daniel (22 November 2000)
-- Added the libcurl CURLOPT_FILETIME setopt, when set it tries to get the
- modified time of the remote document. This is a special option since it
- involves an extra set of commands on FTP servers. (Using the MDTM command
- which is not in the RFC959)
-
- curl_easy_getinfo() got a corresponding CURLINFO_FILETIME to get the time
- after a transfer. It'll return a zero if CURLOPT_FILETIME wasn't used or if
- the time wasn't possible to get.
-
- --head/-I used on a FTP server will now present a 'Last-Modified:' header
- if curl could get the time of the specified file.
-
-- Added the option '--cacert [file]' to curl, which allows a specified PEM
- file to be used to verify the peer's certificate when doing HTTPS
- connections. This has been requested, rather recently by Hulka Bohuslav but
- others have asked for it before as well.
-
-Daniel (21 November 2000)
-- Numerous fixes the test suite has brought into the daylight:
-
- * curl_unescape() could return a too long string
- * on ftp transfer failures, there could be memory leaks
- * ftp CWD could use bad directory names
- * memdebug now uses the mprintf() routines for better portability
- * free(NULL) removed when doing resumed transfers
-
-- Added a bunch of test cases for FTP.
-
-- General cleanups to make less warnings with gcc -Wall -pedantic.
-
-- I made the tests/ftpserver.pl work with the most commonly used ftp
- operations. PORT, PASV, RETR, STOR, LIST, SIZE, USER, PASS all work now. Now
- all I have to do is integrate the ftp server doings in the runtests.pl
- script so that ftp tests can be run the same way http tests already run.
-
-Daniel (20 November 2000)
-- Made libcurl capable of dealing with any-length URLs. The former limit of
- 4096 bytes was a bit annoying when people wanted to use curl to really make
- life tough on a web server. Now, the command line limit is the most annoying
- but that can be circumvented by using a config file.
-
- NOTE: there is still a 4096-byte limit on URLs extracted from Location:
- headers.
-
-- Corrected the spelling of 'resolve' in two error messages.
-
-- Alexander Kourakos posted a bug report and a patch that corrected it! It
- turned out that lynx and wget support lowercase environment variable names
- where curl only looked for the uppercase versions. Now curl will use the
- lowercase versions if they exist, but if they don't, it'll use the uppercase
- versions.
-
-Daniel (17 November 2000)
-- curl_formfree() was added. How come no one missed that one before? I ran the
- test suite with the malloc debug enabled and got lots of "nice" warnings on
- memory leaks. The most serious one was this. There were also leaks in the
- cookie handling, and a few errors when curl failed to connect and similar
- things. More tests cases were added to cover up and to verify that these
- problems have been removed.
-
-- Mucho updated config file parser (I'm dead tired of all the bug reports and
- weird behaviour I get on the former one). It works slightly differently now,
- although I doubt many people will notice the differences. The main
- difference being that if you use options that require parameters, they must
- both be specified on the same line. With this new parser, you can also
- specify long options without '--' and you may separate options and
- parameters with : or =. It makes a config file line could look like:
-
- user-agent = "foobar and something"
-
- Parameters within quotes may contain spaces. Without quotes, they're
- expected to be a single non-space word.
-
- Had to patch the command line argument parser a little to make this work.
-
-- Added --url as an option to allow the URL to be specified this way. It makes
- way nicer config files. The previous way of specifying URLs in the config
- file doesn't work anymore.
-
-Daniel (15 November 2000)
-- Using certain characters in usernames or passwords for HTTP authentication
- failed. This was due to the mprintf() that had a silly check for letters,
- and if they weren't isprint() they weren't outputed "as-is". This caused
- passwords and usernames using '�' (for example) to fail.
-
-Version 7.4.2
-
-Daniel (15 November 2000)
-- 'tests/runtests.pl' now sorts the test cases properly when 'all' is used.
-
-Daniel (14 November 2000)
-- I fell over the draft-ietf-ftpext-mlst-12.txt Internet Draft titled
- "Extensions to FTP" that contains a defined way how the ftp command SIZE
- could be assumed to work.
-
-- Laurent Papier posted a bug report about using "-C -" and FTP uploading a
- file that isn't prsent on the server. The server might then return a 550 and
- curl will fail. Should it instead as Laurent Papier suggests, start
- uploading from the beginning as a normal upload?
-
-Daniel (13 November 2000)
-- Fixed a crash with the followlocation counter.
-
-- While writing test cases for the test suite, I discovered an old limitation
- that prevented -o and -T to be used at the same time. I removed this
- immediately as this has no relevance in the current libcurl.
-
-- Chris Faherty fixed a free-twice problem in lib/file.c
-
-- I fixed the perl http server problem in the test suite.
-
-Version 7.4.2 pre4
-
-Daniel (10 November 2000)
-- I've (finally) started working on the curl test suite. It is in the new
- tests/ directory. It requires sh and perl. There's a TCP server in perl and
- most of the other stuff running a pretty simple shell script.
-
- I've only made four test cases so far, but it proves the system can work.
-
-- Laurent Papier noticed that curl didn't set TYPE when doing --head checks
- for sizes on FTP servers. Some servers seem to return different sizes
- depending on whether ASCII or BINARY is used!
-
-- Laurent Papier detected that if you appended a FTP upload and everything was
- already uploaded, curl would hang.
-
-- Angus Mackay's getpass_r() in lib/getpass.c is now compliant with the
- getpass_r() function it seems some systems actually have.
-
-- Venkataramana Mokkapati detected a bug in the cookie parser and corrected
- it. If the cookie was set for the full host name (domain=full.host.com),
- the cookie was never sent back because of a faulty length comparison between
- the set domain length and the current host name.
-
-Daniel (9 November 2000)
-- Added a configure check for gethostbyname in -lsocket (OS/2 seems to need
- it). Added a check for RSAglue/rsaref for the cases where libcrypto is found
- but libssl isn't. I haven't verified this fix yet though, as I have no
- system that requires those libs to build.
-
-Version 7.4.2 pre3
-
-Daniel (7 November 2000)
-- Removed perror() outputs from getpass.c. Angus Mackay also agreed to a
- slightly modified license of the getpass.c file as the prototype was changed.
-
-Daniel (6 November 2000)
-- Added possibility to set a password callback to use instead of the built-in.
- They're controled with curl_easy_setopt() of course, the tags are
- CURLOPT_PASSWDFUNCTION and CURLOPT_PASSWDDATA.
-
-- Used T. Bharath's thinking and fixed the timers that showed terribly wrong
- times when location: headers were followed.
-
-- Emmanuel Tychon discovered that curl didn't really like user names only in
- the URL. I corrected this and I also fixed the since long living problem
- with URL encoded user names and passwords in the URLs. They should work now.
-
-Daniel (2 November 2000)
-- When I added --interface, the new error code that was added with it was
- inserted in the wrong place and thus all error codes from 35 and upwards got
- increased one step. This is now corrected, we're back at the previous
- numbers. All new exit codes should be added at the end.
-
-Daniel (1 November 2000)
-- Added a check for signal() in the configure script so that if sigaction()
- isn't present, we can use signal() instead.
-
-- I'm having a license discussion going on privately. The issue is yet again
- GPL-licensed programs that have problems with MPL. I am leaning towards
- making a kind of dual-license that will solve this once and for all...
-
-Daniel (31 October 2000)
-- Added the packages/ directory. I intend to let this contain some docs and
- templates on how to generate custom-format packages for various platforms.
- I've now removed the RPM related curl.spec files from the archive root.
-
-Daniel (30 October 2000)
-- T. Bharath brought a set of patches that bring new functionality to
- curl_easy_getinfo() and curl_easy_setopt(). Now you can request peer
- certificate verification with the *setopt() CURLOPT_SSL_VERIFYPEER option
- and then use the CURLOPT_CAINFO to set the certificate to verify the remote
- peer against. After an such an operation with a verification request, the
- *_getinfo() option CURLINFO_SSL_VERIFYRESULT will return information about
- whether the verification succeeded or not.
-
-Daniel (27 October 2000)
-- Georg Horn brought us a splendid patch that solves the long-standing
- annoying problem with timeouts that made curl exit with silly exit codes
- (which as been commented out lately). This solution is sigaction() based and
- of course then only works for unixes (and only those unixes that actually
- have the sigaction() function).
-
-Daniel (26 October 2000)
-- Bj�rn Stenberg supplied a patch that fixed the flaw mentioned by Kevin Roth
- that made the password get echoed when prompted for interactively. The
- getpass() function (now known as my_getpass()) was also fixed to not use any
- static buffers. This also means we cannot use the "standard" getpass()
- function even for those systems that have it, since it isn't thread-safe.
-
-- Kevin Roth found out that if you'd write a config file with '-v url', the
- url would not be used as "default URL" as documented, although if you wrote
- it 'url -v' it worked! This has been corrected now.
-
-- Kevin Roth's idea of using multiple -d options on the same command line was
- just brilliant, and I couldn't really think of any reason why we shouldn't
- support it! The append function always append '&' and then the new -d
- chunk. This enables constructs like the following:
-
- curl -d name=daniel -d age=unknown foobarsite.com
-
-Daniel (24 October 2000)
-- I fixed the lib/memdebug.c source so that it compiles on Linux and other
- systems. It will be useful one day when someone else but me wants to run the
- memory debugging system.
-
-Daniel (23 October 2000)
-- I modified the maketgz and configure scripts, so that the configure script
- will fetch the version number from the include/curl/curl.h header files, and
- then the maketgz doesn't have to rebuild the configure script when I build
- release-archives.
-
-- Bj�rn Stenberg and Linus Nielsen correctly pointed out that curl was silly
- enough to not allow @-letters in passwords when they were specified with the
- -u or -U flags (CURLOPT_USERPWD and CURLOPT_PROXYUSERPWD). This also
- suggests that curl probably should url-decode the password piece of an URL
- so that you could pass an encoded @-letter there...
-
-Daniel (20 October 2000)
-- Yet another http server barfed on curl's request that include the port
- number in the Host: header always. I now only include the port number if it
- isn't the default (80 for HTTP, 443 for HTTPS). www.perl.com turned out to
- run one of those nasty servers.
-
-- The PHP4 module for curl had problems with referer that seems to have been
- corrected just yesterday. (Sterling Hughes of the PHP team confirmed this)
-
-Daniel (17 October 2000)
-- Vladimir Oblomov reported that the -Y and -y options didn't work. They
- didn't work for me either. This once again proves we should have that test
- suite...
-
-- I finally changed the error message libcurl returns if you try a https://
- URL when the library wasn't build with SSL enabled. It will now return this
- error:
- "libcurl was built with SSL disabled, https: not supported!"
-
- I really hope it will make it a bit clearer to users where the actual
- problem lies.
-
-Version 7.4.1
-
-Daniel (16 October 2000)
-- I forgot to remove some of the malloc debug defines from the makefiles in
- the release archive (of course).
-
-Version 7.4
-
-Daniel (16 October 2000)
-- The buffer overflow mentioned below was posted to bugtraq on Friday 13th.
-
-Daniel (12 October 2000)
-- Colin Robert Phipps elegantly corrected a buffer overflow. It could be used
- by an evil ftp server to crash curl. I took the opportunity of replacing a
- few other sprintf()s into snprintf()s as well.
-
-Daniel (11 October 2000)
-- Found some more memory leaks. This new simple memory debugger has turned out
- really useful!
-
-Version 7.4 pre6
-
-Daniel (9 October 2000)
-- Florian Koenig pointed out that the bool typedef in the curl/curl.h include
- file was breaking PHP 4.0.3 compiling. The bool typedef is not used in the
- public interface and was wrongly inserted in that header file.
-
-- J�rg Hartroth corrected a minor memory leak in the src/urlglob.c stuff. It
- didn't harm anyone since the memory is free()ed on exit anyway.
-
-- Corrected the src/main.c. We use the _MPRINTF_REPLACE #define to use our
- libcurl-printf() functions. This gives us snprintf() et al on all
- platforms. I converted the allocated useragent string to one that uses a
- local buffer.
-
-- I've set an #if 0 section around the Content-Transfer-Encoding header
- generated in lib/formdata.c. This will hopefully make curl do more
- PHP-friendly multi-part posts.
-
-Version 7.4 pre5
-
-Daniel (9 October 2000)
-- Nico Baggus found out that curl's ability to force a ASCII download when
- using FTP was no longer working! I corrected this. This problem was probably
- introduced when I redesigned libcurl for version 7.
-
-- Georg Horn provided a source example that proved a memory leak in libcurl.
- I added simple memory debugging facilities and now we can make libcurl log
- all memory fiddling functions. An additional perl script is used to analyze
- the output logfile and to match malloc()s with free()s etc. The memory leak
- Georg found turned out to be the main cookie struct that cookie_cleanup()
- didn't free! The perl script is named memanalyze.pl and it is available in
- the CVS respository, not in the release archive.
-
-Daniel (8 October 2000)
-- Georg Horn found a GetHost() problem. It turned out it never assigned the
- pointer in the third argument properly! This could make a crash, or at best
- a memory leak!
-
-Version 7.4 pre4
-
-Daniel (6 October 2000)
-- Is the -F post following the RFC 1867 spec? We had this dicussion on the
- mailing list since it appears curl can't post -F form posts to a PHP
- receiver... I've been in touch with the PHP developers about this.
-
-- Domenico Andreoli found out that the long option '--proxy' wasn't working
- anymore! The option parser got confused when I added the --proxytunnel for
- 7.3. This was indeed a very old flaw that hasn't turned up until now...
-
-- J�rn Hartroth provided patches, updated makefiles and two new files for DLL
- stuff on win32. He also pointed out that lib source files were compiled with
- -I../src which isn't only wrong but plain stupid!
-
-- Troels Walsted Hansen fixed a problem with HTTP resume. Curl previously used
- a local variable badly, that could lead to crashes.
-
-Version 7.4 pre3
-
-Daniel (4 October 2000)
-- More docs written. The curl_easy_getinfo.3 man page is now pretty accurate,
- as is the -w section in curl.1. I added two options to enable the user to
- get information about the received headers' size and the size of the HTTP
- request. T. Bharath requested them.
-
-Daniel (3 October 2000)
-- Corrected a sever free() before use in the new add_buffer_send()! ;-)
-
-Version 7.4 pre2
-
-Daniel (3 October 2000)
-- Jason S. Priebe sent me patches that changed the way curl issues HTTP
- requests. The entire request is now issued in one single shot. It didn't do
- this previously, and it has turned out that since the common browsers do it
- this way, some sites have turned out to work with browsers but not with
- curl! Although this is not a client-side problem, we want to be able to
- fully emulate browsers, and thus we have now adjusted the networking layer
- to slightly more appear as a browser. I adjusted Jason's patch, the faults
- are probably mine.
-
-Daniel (2 October 2000)
-- Anyone who ever uploaded data with curl on a slow link has noticed that the
- progess meter is updated very infrequently. That is due to the large buffer
- size curl is using. It reads 50Kb and sends it, updates the progress meter
- and loops. 50Kb is very much on a slow link, although it is pretty neat to
- use on a fast one.
-
- I've now made an adjustment that makes curl use a 2Kb buffer for uploads to
- start with. If curl's average upload speed is faster than buffer size bytes
- per second, curl will increase the used buffer size up to max 50Kb. It
- should make the progress meter work better.
-
-Version 7.4 pre1
-
-Daniel (29 September 2000)
-- Ripped out the -w stuff from the library and put in the curl tool. It gets
- all the relevant info from the library using the new curl_easy_getinfo()
- function.
-
-- brad at openbsd.org mailed me a patch that corrected my kerberos mistake and
- removed a compiler warning from hostip.c that OpenBSD people get.
-
-Daniel (28 September 2000)
-- Of course (I should probably get punished somehow) I didn't properly correct
- the #include lines for the base64 stuff in the kerberos sources in the just
- released 7.3 package. They still include the *_krb.h files! Now, the error
- is sooo very easy to spot and fix so I won't bother with a quick bug fix
- release. I'll post a patch whenever one is needed instead. It'll be
- available in the CVS in a few minutes anyway.
-
-Version 7.3
-
-Daniel (28 September 2000)
-- Removed the base64_krb.[ch] files. They've now replaced the former
- base64.[ch] files.
-
-Daniel (26 September 2000)
-- Updated some docs.
-
-- I changed the OpenSSL fix to work with older versions as well. The posted
- patch was only working with 0.9.6 and no older ones.
-
-Version 7.3-pre8
-
-Daniel (25 September 2000)
-- Erdmut Pfeifer informed us that curl didn't build with OpenSSL 0.9.6 and
- showed us what needed to get patched in order to make it build properly
- again.
-
-- Dirk Kruschewski found a bug in the cookie parser. I made an alternative
- approach to the solution Dirk himself suggested. The bug made a cookie
- header that didn't end with a trailing semicolon to not get parsed.
-
-- I've marked -c and -t deprecated now. If you use any of them, curl will tell
- you to use "-C -" or "-T -" instead. I don't think occupying two letters for
- nearly identical functions is good use. Also, -T - kind of follows the curl
- tradition of using - for stdin where a file name is expected.
-
-Daniel (23 September 2000)
-- Martin Hedenfalk provided the patch that finally made the krb4 ftp upload
- work!
-
-Daniel (21 September 2000)
-- The kerberos code is not quite thread-safe yet. There are a few more globals
- that need to be take care of. Let's get the upload working first!
-
-Daniel (20 September 2000)
-- Richard Prescott solved another name lookup buffer size problem. I took this
- opportunity to rewrite the GetHost() function. With these large buffer
- sizes, I think keeping them as local arrays quickly turn ugly. I now use
- malloc() to get the buffer memory. Thanks to this, I now can realloc() to a
- large buffer in case of demand (errno == ERANGE) in case a solution like
- that would become necessary. I still want to avoid that kind of nastiness.
-
-- Tried to compile and run curl on Linux for alpha and FreeBSD for alpha. Went
- as smooth as it could.
-
-- Added a docs/examples directory with two tiny example sources that show how
- to use libcurl. I hope users will supply me with more useful examples
- further on.
-
-- Applied a patch by J�rn Hartroth to no longer use the word 'inteface' in the
- config struct in the src/main.c file since certain compilers have that word
- "reservered". I figure that is some kind of C++ decease.
-
-- Updated the curl.1 man page with --interface and --krb4.
-
-- Modified the base64Encode() function to work like the kerberos one, so that
- I could remove the use of that. There is no need for *two* base64 encoding
- functions! ;-)
-
-Version 7.3pre5
-
-Daniel (19 September 2000)
-- The kerberos4-layer source code that is much "influenced" by the original
- krb4 source code, through yafc into curl, was using quite a lot of global
- variables. libcurl can't work properly with globals like that why I had to
- clean up almost every function in the new security.c to make them use
- connection specific variables instead of the globals. I just hope I didn't
- destroy anything now... :-) configure updated, version string now reflects
- krb4 built-in. It almost works now. Only uploads are still being naughty.
-
-Version 7.3pre3
-
-Daniel (18 September 2000)
-- Martin Hedenfalk supplied a major patch that introduces krb4-ftp support to
- curl. Martin is the primary author of the ftp client named yafc and he did
- not hesitate to help us implement this when I asked him. Many and sincere
- thanks to a splendid effort. It didn't even take many hours!
-
-- Stephen Kick supplied a big patch that introduces the --interface flag to
- the curl tool and CURLOPT_INTERFACE for libcurl. It allows you to specify an
- outgoing interface to use for your request. This may not work on all
- platforms. This needs testing.
-
-- Richard Prescott noticed that curl on Tru64 unix could core dumped if the
- name didn't resolve properly. This was due to the GetHost() function not
- returning an error even though it failed on some platforms!
-
-Daniel (15 September 2000)
-- Updated all sorts of documents in regards to the new proxytunnel support.
-
-Version 7.3pre2
-
-Daniel (15 September 2000)
-- Kai-Uwe Rommel pointed out a problem in the httpproxytunnel stuff for ftp.
- Adjusted it. Added better info message when setting up the tunnel and the
- pasv message when doing the second connect.
-
-Version 7.3pre1
-
-Daniel (15 September 2000)
-- libcurl now allows "httpproxytunnel" to an arbitrary host and port name. The
- second connection on ftp needed that.
-
-- TheArtOfHTTPScripting was corrected all over. I both type and spell really
- bad at times!
-
-Daniel (14 September 2000)
-- -p/--proxytunnel was added to 'curl'. It uses the new
- CURLOPT_HTTPPROXYTUNNEL libcurl option that allows "any" protocol to tunnel
- through the specified http proxy. At the moment, this should work with ftp.
-
-Daniel (13 September 2000)
-- Jochen Schaeuble found that file:// didn't work as expected. Corrected this
- and mailed the patch to the mailing list.
-
-Daniel (7 September 2000)
-- I changed the #define T() in curl.h since it turned out it wasn't really
- a good symbol to use (when you compiled PHP with curl as a module, that
- define collided with some IMAP define or something). This was posted to the
- PHP bug tracker.
-
-- I added extern "C" stuff in two header files to better allow libcurl usage
- in C++ sorces. Discussions on the libcurl list with Danny Horswell lead to
- this.
-
-Version 7.2.1
-
-Daniel (31 August 2000)
-- Albert Chin-A-Young fixed the configure script *again* and now it seems to
- detect Linux name resolving properly! (heard that before?)
-
-- Troels Walsted Hansen pointed out that downloading a file containing the
- letter '+' from an ftp server didn't work. It did work from HTTP though and
- the reason was my lame URL decoder.
-
-- I happened to notice that -I didn't at all work on ftp anymore. I corrected
- that.
-
-Version 7.2
-
-Daniel (30 August 2000)
-- Understanding AIX is a hard task. I believe I'll never figure out why they
- solve things so differently from the other unixes. Now, I'm left with the
- AIX 4.3 run-time warnings about duplicate symbols that according to this
- article (http://www.geocrawler.com/archives/3/405/1999/9/0/2593428/) is a
- libtool flaw. I tried the mentioned patch, although that stops the linking
- completely.
-
- So, if I select to ignore the ld warnings there are compiler warnings that
- fill the screen pretty bad when curl compiles. It turns out that if I want
- to '#include <arpa/inet.h>', I can get tid of the warnings by include the
- following three include files before that one:
-
- #include <net/if_dl.h>
- #include <sys/mbuf.h>
- #include <netinet/if_ether.h>
-
- Now, is it really sane to add those include files before arpa/inet.h in all
- the source files that include it?
-
- Thanks to Albert Chin-A-Young at thewrittenword.com who gave me the AIX
- login to try everything on.
-
-Daniel (24 August 2000)
-- Jan Schmidt supplied us a new VC6 makefile for Windows as the previous one
- was not up to date but lacked several object files.
-
-- More work on the naming.
-
-- Albert Chin-A-Young provided a configure-check for large file support, as
- some systems seem to need that for them to work. Had to change the position
- for the config.h include file in every .c file in the libcurl dir...
-
-- As suggested on the mailing list (by Troy Engel), I did use a --data-binary
- option instead of the messy way I've left described below. It seems to
- work. The libcurl fix remained the same as yesterday.
-
-Daniel (23 August 2000)
-- Back on the -d stripping newlines thing. The 'plain post' thing was added
- when I had no thought of that one could actually post binary data with
- it. Now, I have to add this functionality in a graceful manner and I think
- I've managed to come up with a way: '-d @file;binary' will thus post the
- file binary, exactly as its contents are. It is implemented with a new
- *setopt() option (CURLOPT_POSTFIELDSIZE) to set the postfield size, since
- libcurl can't strlen() the data in these cases.
-
-- Albert Chin-A-Young made some very serious efforts and all the name
- resolving problems seem to have been sorted out now on all the platforms
- that previously showed them. I'll make another release now anyday because of
- this.
-
-- The FAQ was much enhanced when it comes to the licensing issues thanks to
- Bjorn Reese.
-
-Daniel (21 August 2000)
-- Rick Welykochy pointed out a problem when you use -d to post and you want to
- keep the newlines, as curl strips them off as a bonus before posting...
- This needs to be addressed.
-
-Version 7.1.1
-
-Daniel (21 August 2000)
-- Got more people involved in the gethostbyname_r() mess. Caolan McNamara sent
- me configure-code that turned out to be very similar to my existing tests
- which only make me more sure I'm on the right path. I changed the order of
- the tests slightly, as it seems that some compilers don't yell error if a
- function is used with too many parameters. Thus, the first tested function
- will seem ok... Let's hope more compilers think of too-few parameters as bad
- manners, as we're now trying the functions in that order; fewer first. I
- should also add that Lars Hecking mailed me and volunteered to run tests on
- a few odd systems. Coalan is keeping his work over at
- http://www.csn.ul.ie/~caolan/publink/gethostbyname_r/. Might be handy in the
- future as well.
-
-Daniel (18 August 2000)
-- I noticed I hadn't increased the name lookup buffer in lib/ftp.c. I don't
- think this is the reason for the continued trouble though.
-
-Daniel (17 August 2000)
-- Fred Noz corrected my stupid mistakes in the gethostbyname_r() fluff. It
- should affect some AIX, Digital Unix and HPUX 10 systems.
-
-Daniel (15 August 2000)
-- Mathieu Legare compiled and build 7.1 without errors on both AIX 4.2 as well
- as AIX 4.3. Now why did problems occur before?
-
-- Fred Noz reported a -w/--write-out bug that caused it to malfunction when
- used combined with multiple URL retrievales. All but the first display got
- screwed up!
-
-Daniel (11 August 2000)
-- Jason Priebe and an anonymous friend found some host names the Linux version
- of curl could not resolve. It turned out the buffer used to retrieve that
- information was too small. Fixed. One could argue about the usefulness of
- not having the slightest trace of a man page for gethostbyname_r() on my
- Linux Redhat installation...
-
-Daniel (10 August 2000)
-- Balaji S Rao was first in line to note the missing possibility to replace
- the Content-Type: and Content-Length: headers when doing -d posts. I added
- the possibility just now. It seems some people wants to do standard posts
- using custom Content-Types.
-
-Daniel (8 August 2000)
-- Mike Dowell correctly discovered that curl did not approve of URLs with no
- user name but password. As in 'http://:address@hidden'. I corrected this.
-
-Version 7.1
-
-Daniel (7 August 2000)
-- My AIX 4 fix does not work. I need help from a AIX 4 hacker.
-
-- I added my new document in the docs directory. It is aimed to become a sort
- of tutorial on how to do HTTP scripting with curl.
-
-Daniel (4 August 2000)
-- Working with Rich Gray on compiling curl for lots of different platforms.
- My fix for AIX 3.2 was not good enough and was slightly changed, I had to
- move an include file before another, as is now described in the source.
-
- AIX 4.2 (4.X?) has different gethostbyname_r() and gethostbyaddr_r()
- functions that the configure script didn't check for and thus the compile
- broke with an error. I have now changed the gethostbyname_r() check in the
- configure file to support all three versions of both these functions. My
- implementation that uses the AIX-style is though not yet verified and I may
- get problems to fix it if it turns out to bug since I don't have access to
- any system using that.
-
- For problems like that, I made the configure script allow --disable-thread
- to completely switch off the check for threadsafe versions of a few
- functions and thus go with the "good old versions" that tend to work
- although will break thread-safeness for libcurl. Most people won't use
- libcurl for other things than curl though, and curl doesn't need a
- thread-safe lib.
-
-- Working on my big tutorial about HTTP scripting with curl.
-
-Daniel (1 August 2000)
-- Rich Gray spotted a problem in src/setup.h caused by a #define strequal()
- that was just a left-over from passed times. The strequal() is now a true
- function supplied by libcurl for a portable case insensitive string
- comparison. I added the prototypes in include/curl.h and removed the
- now obsolete #define.
-
-- Igor Khristophorov made a fix to allow resumed download from Sun's
- JavaWebServer/1.1.1. It seems that their server sends bad Content-Range
- headers.
-
-- The makefiles forced a static library build, which is bad since we now use
- libtool and thus have excellent shared library support! Albert Chin-A-Young
- found out.
-
-Version 7.0.11beta
-
-Daniel (1 August 2000)
-- Albert Chin-A-Young pointed out that 'make install' did not properly create
- the header include directory, why it failed to install the header files as
- it should. Automake isn't really equipped to deal with subdirectories
- without Makefiles in any nice way. I had to run ahead and add Makefiles in
- both include and include/curl before I managed to create a top-level
- makefile that succeeds in install everything properly!
-
-- Ok, no more "features" added now. Let's just verify that there's no major
- flaws added now.
-
-Daniel (31 July 2000)
-- Both Jeff Schasny and Ketil Froyn asked me how to tell curl not to send one
- of those internally generated headers. They didn't settle with the blank
- ones you could tell curl to use. I rewrote the header-replace stuff a
- little. Now, if you replace an internal header with your own and that new
- one is a blank header you will only remove the internal one and not get any
- blank. I couldn't figure out any case when you want that blank header.
-
-Daniel (29 July 2000)
-- It struck me that the lib used localtime() which is not thread-safe, so now
- I use localtime_r() in the systems that has it.
-
-- I went through this entire document and removed all email addresses and left
- names only. I've really made an effort to always note who brought be bug
- reports or fixes, but more and more people ask me to remove the email
- addresses since they become victims for spams this way. Gordon Beaton got me
- working on this.
-
-Daniel (27 July 2000)
-- J�rn Hartroth found out that when you specified a HTTP proxy in an
- environment variable and used -L, curl failed in the second fetch. I
- corrected this problem and posted a patch to the list. No need for an extra
- beta release just for this.
-
-Version 7.0.10beta
-
-Daniel (27 July 2000)
-- So, libtool replaced two of my files with symbolic links and I forgot to add
- the two new libtool files to the release archive (and they were added as
- symlinks as well!) This of course lead to that the configure script failed
- on 7.0.9...
-
-Version 7.0.9beta
-
-Daniel (25 July 2000)
-- Kristian K�hntopp <kris at koehntopp.de> brought a fix that makes libcurl
- libtoolified, just as we've wanted for a while now. He also made the
- recently added man pages get installed properly on 'make install' and some
- other nice cleanups.
-
-- In a discussion with Eetu Ojanen it struck me that if we use curl to get a
- page using a password, and that page then sends a Location: to another
- server that curl follows, curl will send the user name and password to that
- server as well.
-
- Now, I'll never be able to make curl do Location: following all that perfect
- and you're all sooner or later required to write a script to do several
- fetches when you're doing advanced stuff, but now I've modified curl to at
- least *only* send the user name and password to the original server. Which
- means that if get a page from server A with a password, that forwards curl
- to server B, curl won't use the password there. If server B then forwards
- curl back to server A again, the password will be used again.
-
- This is not a perfect implementation, as in a browser case it would only use
- the password if the left-prefix of the first path is the same. I just think
- that this fix prevents a somewhat lurky "security hole".
-
- As a side-note in this subject: HTTP passwords are sent in cleartext and
- will never be considered to be safe or secure. Use HTTPS for that.
-
-- As discussed on the mailing list, I converted the FTP response reading
- function into using select() which then allows timeouts (even under win32!)
- if the command-reply session gets too slow or dies completely. I made a
- default timeout on 3600 seconds unless anything else is specified, since I
- don't think anyone wants to wait more than that for a single character to
- get received...
-
-- Torsten Foertsch <torsten.foertsch at gmx.net> brought a set of fixes for
- the rfc1867 form posts. He introduced 'name=<file' which brings a means to
- suuply very large text chunks read from the given file name. It differs from
- 'address@hidden' in the way that this latter thing is marked in the uploaded
- contents as a file upload, while the first is just text (as in a input or
- textarea field). Torsten also corrected a bug that would happen if you used
- %s or similar in a -F file name.
-
-- As discovered by Nico Baggus <Nico.Baggus at mail.ing.nl>, when transferring
- files to/from FTP using type ASCII curl should not expect the transfer to be
- the exact size reported by the server as the file size. Since ASCII may very
- well mean that the content is translated while transfered, the final size
- may very well differ. Therefor, curl now ignores the file size when doing
- ASCII transfers in FTP.
-
-Daniel (24 July 2000)
-- Added CURLOPT_PROXYPORT to the curl_easy_setopt() call to allow the proxy
- port number to be set separately from the proxy host name.
-
-- Andrew <andrew at ugh.net.au> pointed out a netrc manual bug.
-
-- The FTP transfer code now accepts a 250-code as well as the previously
- accepted 226, after a successful file transfer. Mohan <mnair at
- evergreen-funds.com> pointed this out.
-
-- The check for *both* nsl and socket was never added in the v7 configure.in
- when I moved the main branch. I re-added that check to configure.in. This was
- discovered by Rich Gray.
-
-- Howard, Blaise <Blaise.Howard at factiva.com> pointed out a missing free() in
- curl_disconnect() which of course meant libcurl ate memory.
-
-- Brian E. Gallew noted that the HTTP 'Host:' header curl sent did not
- properly include the port number if non-default ports were used. This should
- now have been fixed.
-
-- HTTP connect errors now return errors earlier. This was most notably causing
- problems when the HTTPS certificate had problems and later caused a crash.
- Many thanks to Gregory Nicholls <gnicholls at level8.com> for discovering
- and suggesting a fix...
-
-Daniel (21 June 2000)
-- After a "bug report" I received where the user was using both -F and -I in a
- HTTP request (it severly confused the library I should add), I added some
- checks to src/main.c that prevents setting more than one HTTP request
- command, no matter what the user wants! ;-)
-
-Version 7.0.8beta
-
-Daniel (20 June 2000)
-- I did a major replace in many files to use the new curl domain haxx.se
- instead of the previous one.
-
-- As Eetu Ojanen suggested, I finally took the step and now libcurl no longer
- makes a POST after it has followed a location. When the initial POST has
- been done, it'll turned into a GET for the further requests. This is only
- interesting when using -L/--location *and* doing a POST at the same time.
-
- While messing with this, I added another weird feature I call 'auto
- referer'. If you append ';auto' to the right of a given referer string (or
- only use that string as referer), libcurl will automatically set the
- previoud URL as refered when it follows a Location: and gets a succeeding
- document.
-
-- My hero Rich Gray found the very obscure FTP bug that happened to him only
- when passing through a particular firewall and using the PORT command. It
- turned out that PORT was the only command in the lib/ftp.c source that
- didn't send a proper \r\n sequence but instead used the faulty \n which as
- it seemed is supported by most major ftp servers... :-O
-
-Version 7.0.7beta
-
-Daniel (16 June 2000)
-- I had avoided this long enough now, so I moved the alternative progress bar
- stuff from the lib and added it to the client code. This is now using the
- recently added progress callback and it seems to work pretty much like
- before. Since it is only one progress bar and you and download and upload at
- the same time, this bar shows the combined progress of both directions. This
- code was just ported from the old place to this, Lars is still our saviour!
- ;-) This also made the documentation more accurate since I never removed
- this function from any docs! Although I now removed the CURLOPT_PROGRESSMODE
- from the library since the lib has only one internal progress meter and it
- will never get another. It is although likely that the internal one also
- will be moved to the client code in the future (when I have other means of
- getting the writeout data and move that too to the client).
-
-- I took the opportunity to verify that standard progress meter works and I
- found out it didn't get inited properly. Grrr. I corrected that as well.
-
-Daniel (15 June 2000)
-- I thought I'd better verify that the -F option still works in v7 and of
- course it didn't... :-/ Anyway, I had the problems I could discover
- corrected. About one month of beta testing and not a single person has used
- this feature with v7?
-
-- Bj�rn correctly pointed out that the --progress-bar still doesn't work in
- v7. Hm.
-
-Daniel (14 June 2000)
-- Tim Tassonis discovered that curl 7 didn't handle normal http POST as it
- should. I corrected this.
-
-Version 7.0.6beta
-
-Daniel (14 June 2000)
-- Bj�rn Stenberg pointed out several problems (related to win32 compiling):
- lib/strequal.c had a bad #ifdef for one of the string comparisons (win32)
- src/main.c had several minor problems
- lib/makefile.m32 had getpass.[co] twice
- src/config-win32.h lacked the HAVE_FCNTL_H define
- both config-win32.h files now only set the HAVE_UNISTD_H define if the
- define MINGW32 is set, and I modified src/makefile.m32 and lib/makefile.m32
- to set it.
-
-Version 7.0.5beta
-
-Daniel (14 June 2000)
-- Applied Luong Dinh Dung's comments about a few win32 compile problems.
-
-- Applied Bj�rn Stenberg's suggested fix that turns the win32 stdout to
- binary. It won't do it if the -B / --use-ascii option is used. That option
- is now an extended version of the previous -B /--ftp--ascii. The flag was
- already in use be the ldap as well so the new name fits pretty good. The
- libcyrl CURLOPT_TRANSFERTEXT was also introduced as an alias to the now
- obsolete CURLOPT_FTPASCII. Can't verify this fix myself as I have no win32
- compiler around.
-
-Daniel (13 June 2000)
-- Luong Dinh Dung <dung at sch.bme.hu> found a problem in curl_easy_cleanup()
- since it free()ed the main curl struct *twice*. This is now corrected.
-
-Daniel (9 June 2000)
-- Updated the RESOURCES file, added a README.win32 file.
-
-Daniel (8 June 2000)
-- So I finally added the progress callback to the *setopt() options and it
- should work now. I don't have the energy to write any test program for it
- right now.
-- Made the callback function typedefs public in curl/curl.h for comfort. Just
- in case anyone wanna fiddle with such pointers.
-- Updated the curl_easy_setopt() man page accordingly.
-
-Version 7.0.4beta
-
-Daniel (2 June 2000)
-- I noticed that when doing Location: following, we lost custom headers in all
- but the first request.
-- Removed the 'HttpPost' struct and moved the header stuff to the more generic
- curl_slist.
-- Added some better slist-cleanups in src/main.c
-
-Version 7.0.3beta
-
-Daniel (31 May 2000)
-- So I discovered that I released the 7.0.2beta without it being able to
- compile under Linux. gethostbyname_r() and gethostbyaddr_r() turned out to
- feature a different amount of arguments on different systems so I had to add
- a configure check for this and adjust the code slightly.
-
-Version 7.0.2beta
-
-Daniel (29 May 2000)
-- Corrected the bits.* assignments when using CURLOPT options that only
- toggles one of those bits.
-
-- Applied the huge patches from David LeBlanc <dleblanc at qnx.com> that add
- usage of the gethostbyname_r() and similar functions in case they're around,
- since that make libcurl much better threadsafe in many systems (such as
- solaris). I added the checks for these functions to the configure script.
-
- I can't explain why, but the inet_ntoa_r() function did not appear in my
- Solaris include files, I had to add my own include file for this for now.
-
-Daniel (22 May 2000)
-- J�rn Hartroth brought me fixes to make the win32 version compile properly as
- well as a rename of the 'interface' field in the urldata struct, as it seems
- to be reserved in some gcc versions!
-
-- Rich Gray struck back with yet some portability reports. Data General DG/UX
- needed a little fix in lib/ldap.c since it doesn't have RTLD_GLOBAL defined.
- More fixes are expected as a result of Richies very helpful work.
-
-Version 7.0.1beta
-
-Daniel (21 May 2000)
-- Updated lots of #defines, enums and variable type names in the library. No
- more weird URG or URLTAG prefixes. All types and names should be curl-
- prefixed to avoid name space clashes. The FLAGS-parameter to the former
- curl_urlget() has been converted into a bunch of flags to use in separate
- setopt calls. I'm still focusing on the easy-interface, as the curl tool is
- now using that.
-
-- Bjorn Reese has provided me with an asynchronous name resolver that I plan
- to use in upcoming versions of curl to be able to gracefully timeout name
- lookups.
-
-Version 7.0beta
-
-Daniel (18 May 2000)
-- Introduced LIBCURL_VERSION_NUM to the curl.h include file to better allow
- source codes to be dependent on the lib version. This define is now set to
- a dexadecimal number, with 8 bits each for major number, minor number and
- patch number. In other words, version 1.2.3 would make it 0x010203. It also
- makes a larger number a newer version.
-
-Daniel (17 May 2000)
-- Martin Kammerhofer correctly pointed out several flaws in the FTP range
- option. I corrected them.
-- Removed the win32 winsock init crap from the lib to the src/main.c file
- in the application instead. They can't be in the lib, especially not for
- multithreaded purposes.
-
-Daniel (16 May 2000)
-- Rewrote the src/main.c source to use the new easy-interface to libcurl 7.
- There is still more work to do, but the first step is now taken.
- <curl/easy.h> is the include file to use.
-
-Daniel (14 May 2000)
-- FTP URLs are now treated slightly different, more according to RFC 1738.
-- FTP sessions are now performed differently, with CWD commands to change
- directory instead of RETR/STOR/LIST with the full path. Discussions with
- Rich Gray made me notice these problems.
-- Janne Johansson discovered and corrected a buffer overflow in the
- src/usrglob.c file.
-- I had to add a lib/strequal.c file for doing case insensitive string
- compares on all platforms.
-
-Daniel (8 May 2000):
-- Been working lots on the new lib.
-- Together with Rich Gray, I've tried to adjust the configure script to work
- better on the NCR MP-RAS Unix.
-
-Daniel (2 May 2000):
-- Albert Chin-A-Young pointed out that I had a few too many instructions in
- configure.in that didn't do any good.
-
-Daniel (24 April 2000):
-- Added a new paragraph to the FAQ about what to do when configure can't
- find OpenSSL even though it is installed. Supplied by Bob Allison
-
-Daniel (12 April 2000):
-- Started messing around big-time to convert the old library interface to a
- better one...
-
-Daniel (8 April 2000):
-- Made the progress bar look better for file sizes between 9999 kilobytes
- and 100 megabytes. They're now displayed XX.XM.
-- I also noticed that ftp fetches through HTTP proxies didn't add the user
- agent string. It does now.
-- Habibie <habibie at MailandNews.com> supplied a pretty good way to build RPMs
- on a Linux machine. It still a) requires me to be root to do it, b) leaves
- the rpm packages laying at some odd place on my disk c) doesn't work to
- build the ssl version of curl since I didn't install openssl from an rpm
- package so now the rpm crap thinks I don't have openssl and refuses to build
- a package that depends on ssl... Did I mention I don't get along with RPM?
-- Once again I received a bug report about autoconf not setting -L prior to -l
- on the command line when checking for libs. In this case it made the native
- cc compiler on Solaris 7 to fail the OpenSSL check. This has previously been
- reported to cause problems on HP-UX and is a known flaw in autoconf 2.13. It
- is a pity there's no newer release around...
-
-Daniel (4 April 2000):
-- Marco G. Salvagno supplied me with two fixes that
- appearantly makes the OS/2 port work better with multiple URLs.
-
-Daniel (2 April 2000):
-- Another Location: fix. This time, when curl connected to a port and then
- followed a location with an absolute URL to another port, it misbehaved.
-
-Daniel (27 March 2000):
-- H. Daphne Luong pointed out that curl was wrongly
- messing up the proxy string when fetching a document through a http proxy,
- which screwed up multiple fetches such as in location: followings.
-
-Daniel (23 March 2000):
-- Marco G. Salvagno corrected my badly applied patch he
- actually already told me about!
-
-- H. Daphne Luong brought me a fix that now makes curl
- ignore select() errors in the download if errno is EINTR, which turns out to
- happen every now and then when using libcurl multi-threaded...
-
-Daniel (22 March 2000):
-- Wham Bang supplied a couple of win32 fixes. HAVE_UNAME
- was accidentally #defined in config-win32.h, which it shouldn't have been.
- The HAVE_UNISTD_H is not defined when compiling with the Makefile.vc6
- makefile for MS VC++.
-
-Daniel (21 March 2000):
-- I removed the AC_PROG_INSTALL macro from configure.in, since it appears that
- one of the AM_* macros searches for a BSD compatible install already. Janne
- Johansson made me aware of this.
-
-Version 6.5.2
-
-Daniel (21 March 2000):
-- Paul Harrington quickly pointed out to me that 6.5.1
- crashes hard. I upload 6.5.2 now as quickly as possible! The problem was
- the -D adjustments in src/main.c.
-
-Version 6.5.1
-
-Daniel (20 March 2000):
-- An anonymous post on sourceforge correctly pointed out a possible buffer
- overflow in the curl_unescape() function for URL conversions. The main
- problem with this bug is that the ftp download uses that function and this
- single- byte overflow could lead to very odd bugs (as one reported by Janne
- Johansson).
-
-Daniel (19 March 2000):
-- Marco G. Salvagno supplied me with a series of patches
- that now allows curl to get compiled on OS/2. It even includes a section in
- the INSTALL file. Very nice job!
-
-Daniel (17 March 2000):
-- Wham Bang supplied a patch for the lib/Makefile.vc6
- file. We still need some fixes for the config-win32.h since it appears that
- VC++ and mingw32 have different opinions about (at least) unistd.h's
- existence.
-
-Daniel (15 March 2000):
-- I modified the -D/--dump-header workings so that it doesn't write anything
- to the file until it needs to. This way, you can actually use -b and -D
- on the same file if you want repeated invokes to store and read the cookies
- in that one single file.
-
-- Poked around in lots of texts. Added the BUGS file for bug reporting stuff.
- Added the classic HTTP POST question to the FAQ, removed some #ifdef WIN32
- stuff from the sources (they're covered by the config-win32.h now).
-
-- Pascal Gaudette fixed a missing ldap.c problem in the
- Makefile.vc6 file. He also addressed a problem in src/config-win32.h.
-
-Daniel (14 March 2000):
-- Paul Harrington pointed out that the 'http_code' variable in the -w output
- was never written. I fixed it now.
-
-- Janne Johansson reported the complaints that OpenBSD does
- when getdate.c #includes malloc.h. It claims stdlib.h should be included
- instead. I added #ifdef HAVE_MALLOC_H code in getdate.y and two checks in
- the configure.in for malloc.h and stdlib.h.
-
-Version 6.5
-
-Daniel (13 March 2000):
-- <curl at spam.wolvesbane.net> pointed out that the way curl sent cookies in a
- single line wasn't enjoyed by IIS4.0 servers. In my view, that is not what
- the standards say, but I added a white space between the name/value pairs to
- perhaps make them work better.
-
-- Added the perl check back in the configure.in again since the mkhelp.pl
- script needs it!
-
-- Made some beautifications in the curl man page.
-
-Daniel (3 March 2000):
-- J�rn helped me update the config-win32.h files with HAVE_SETVBUF and
- HAVE_STRDUP.
-
-Daniel (3 March 2000):
-- Uploaded the 6.5pre2 package.
-
-Daniel (2 March 2000):
-- Removed the perl-programs from the distribution, they never made many people
- happy and I'll still keep them available on the web.
-
-- Added the -w and -N stuff to the man page. Documented the new progress meter
- display in README.curl.
-
-- J�rn Hartroth, Chris <cbayliss at csc.come> and Ulf
- M�ller from the openssl development team helped bringing me the details for
- fixing an OpenSSL usage flaw. It became apparent when they released openssl
- 0.9.5 since that barfed on curl's bad behavior (not seeding a random number
- thing).
-
-- Yet another option: -N/--no-buffer disables buffering in the output stream.
- Probably most useful for very slow transfers when you really want to get
- every byte curl receives within some preferred time. Andrew <tmr at gci.net>
- suggested this.
-
-- Damien Adant mailed me his fixes for making curl compile on Ultrix.
-
-Daniel (24 February 2000):
-- Applied J�rn Hartroth's fixes for config-win32.h and lib/Makefile.w32.
-
- I should also make a note here, if nothing else to myself, that when using
- the %-syntax for variables in DOS command prompts, you must use two %-
- letters for each one since that is an escape letter there! Maybe I should
- use another letter instead!
-
-- Added more variables to -w:
-
- 'http_code'
- 'time_namelookup'
- 'time_connect'
- 'time_pretransfer'
- 'url_effective'
-
-- Made address@hidden read the syntax from a file and address@hidden reads the
syntax from
- stdin in the good old "standard" curl way.
-
-Daniel (22 February 2000):
-- Released a 6.5pre1 version to get some test and user feedback.
-
-Daniel (21 February 2000):
-
-- I added the -w/--write-out flag and some variables to go with it. -w is a
- single string, whatever you enter there will be written out when curl has
- completed a successful request. There are some variable substitutions and
- they are specified as '%{variable}' (without the quotes). Variables that
- exist as of this moment are:
-
- total_time - total transfer time in seconds (with 2 decimals)
- size_download - total downloaded amount of bytes
- size_upload - total uploaded amount of bytes
- speed_download - the average speed of the entire download
- speed_upload - the average speed of the entire upload
-
- I will of course add more variables, but I need input on these and others.
-
-- It struck me that the -# progress bar will be hard to just apply on the new
- progress bar concept. I need some feedback on this before that'll get re-
- introduced! :-/
-
-Daniel (16 February 2000):
-- J�rn Hartroth brought me some fixes for the progress meter and I continued
- working on it. It seems to work for http download, http post, ftp download
- and ftp upload. It should be a pretty good test it works generally good.
-
-- Still need to add the -# progress bar into the new style progress interface.
-
-- Gonna have a go at my new output option parameter next.
-
-Daniel (15 February 2000):
-- The progress meter stuff is slowly taking place. There's more left before it
- is working ok and everything is tested, but we're reaching there. Slowly!
-
-Daniel (11 February 2000):
-- Paul Marquis fixed the config file parsing of curl to
- deal with any-length lines, removing the previous limit of 4K.
-
-- Eetu Ojanen's suggestion of supporting the @-style for -b
- is implemented. Now -b@<filename> works as well as the old style.
address@hidden also
- similarly reads the cookies from stdin.
-
-- Reminder: -D should not write to the file until it needs to, in the same way
- -o does. That would enable curl to use -b and -D on the same file...
-
-- Ellis Pritchard made getdate.y work for MacOS X.
-
-- Paul Harrington helped me out finding the crash in the
- cookie parser. He also pointed out curl's habit of sending empty cookies to
- the server.
-
-Daniel (8 February 2000):
- - Ron Zapp corrected a problem in src/urlglob.c that
- prevented curl from getting compiled on sunos 4. The problem had to do
- with the difference in sprintf() return code types.
-
- - Transfer() should now be able to download and upload simultaneously. Let's
- do some progress meter fixes later this week.
-
-Daniel (31 January 2000):
- - Paul Harrington found another core dump in the cookie
- parser. Curl doesn't properly recognize the 'version' keyword and I think
- that is what caused this. I need to refresh some specs on cookies and see
- what else curl lacks to improve this a bit more once and for all.
-
- RFC 2109 clearly specifies how cookies should be dealt with when they are
- compliant with that spec. I don't think many servers are though...
-
- - Mark W. Eichin found that while curl is uploading a form
- to a web site, it doesn't read incoming data why it'll hang after a while
- since the socket "pipe" becomes full.
-
- It took me two hours to rewrite Download() and Upload() into the new
- single function Transfer(). It even seems to work! More testing is required
- of course... I should get the header-sending together in a kind of queue
- and let them get "uploaded" in Transfer() as well.
-
- - Zhibiao Wu pointed out a curl bug in the location: area,
- although I did not get a reproducible way to do this why I have to wait
- with fixing anything.
-
- - Bob Schader suggested I should implement resume
- support for the HTTP PUT operation, and as I think it is a valid suggestion
- I'll work on it.
-
-Daniel (25 January 2000):
- - M Travis Obenhaus pointed out a manual mixup with -y and -Y that was
- corrected.
-
- - Jens Schleusener pointed out a problem to compile
- curl on AIX 4.1.4 and gave me a solution. This problem was already fixed
- by J�rn's recent #include modifications!
-
-Daniel (19 January 2000):
- - Oskar Liljeblad pointed out and corrected a problem
- in the Location: following system that made curl following a location: to a
- different protocol to fail.
-
- At January 31st I re-considered this fix and the surrounding source code. I
- could not really see that the patch did any difference, why I removed it
- again for further research and debugging. (It disabled location: following
- on server not running on default ports.)
-
- - J�rn Hartroth brought a fix that once again
- made it possible to select progress bar.
-
- - J�rn also fixed a few include problems.
-
-Version 6.4
-
-Daniel (17 January 2000):
- - Based on suggestions from Bj�rn Stenberg, I made the
- progress deal better with larger files and added a "Time" field which shows
- the time spent on the download so far.
- - I'm now using the CVS repository on sourceforge.net, which also allows web
- browsing.
-
-Daniel (10 January 2000):
- - Renumbered some enums in curl/curl.h since tag number 35 was used twice!
- - Added "postquote" support to the ftp section that enables post-ftp-transfer
- quote commands.
- - Now made the -Q/--quote parameter recognize '-' as a prefix, which means
- that command will be issued AFTER a successful ftp transfer. This can of
- course be used to delete or rename a file after it has been uploaded or
- downloaded. Use your imagination! ;-)
- - Since I do the main development on solaris 2.6 now, I had to download and
- install GNU groff to generate the hugehelp.c file. The solaris nroff cores
- on the man page! So, in order to make the solaris configure script find a
- better result I made gnroff get checked prior to the regular nroff.
- - Added all the curl exit codes to the man page.
- - Jim Gallagher properly tracked down a bug in autoconf
- 2.13. The AC_CHECK_LIB() macro wrongfully uses the -l flag before the -L
- flag to 'ld' which causes the HP-UX 10.20 flavour to fail on all libchecks
- and therefore you can't make the configure script find the openssl libs!
-
-Daniel (28 December 1999):
- - Tim Verhoeven correctly identified that curl
- doesn't support URL formatted file names when getting ftp. Now, there's a
- problem with getting very weird file names off FTP servers. RFC 959 defines
- that the file name syntax to use should be the same as in the native OS of
- the server. Since we don't know the peer server system we currently just
- translate the URL syntax into plain letters. It is still better and with
- the solaris 2.6-supplied ftp server it works with spaces in the file names.
-
-Daniel (27 December 1999):
- - When curl parsed cookies straight off a remote site, it corrupted the input
- data, which, if the downloaded headers were stored made very odd characters
- in the saved data. Correctly identified and reported by Paul Harrington.
-
-Daniel (13 December 1999):
- - General cleanups in the library interface. There had been some bad kludges
- added during times of stress and I did my best to clean them off. It was
- both regarding the lib API as well as include file confusions.
-
-Daniel (3 December 1999):
- - A small --stderr bug was reported by Eetu Ojanen...
-
- - who also brought the suggestion of extending the -X flag to ftp list as
- well. So, now it is and the long option is now --request instead. It is
- only for ftp list for now (and the former http stuff too of course).
-
-Lars J. Aas (24 November 1999):
- - Patched curl to compile and build under BeOS. Doesn't work yet though!
-
- - Corrected the Makefile.am files to allow putting object files in
- different directories than the sources.
-
-Version 6.3.1
-
-Daniel (23 November 1999):
- - I've had this major disk crash. My good old trust-worthy source disk died
- along with the machine that hosted it. Thank goodness most of all the
- things I've done are either backed up elsewhere or stored in this CVS
- server!
-
- - Michael S. Steuer pointed out a bug in the -F handling
- that made curl hang if you posted an empty variable such as '-F name='. It
- was one of those old bugs that never have worked properly...
-
- - Jason Baietto pointed out a general flaw in the HTTP
- download. Curl didn't complain if it was prematurely aborted before the
- entire download was completed. It does now.
-
-Daniel (19 November 1999):
- - Chris Maltby very accurately criticized the lack of
- return code checks on the fwrite() calls. I did a thorough check for all
- occurrences and corrected this.
-
-Daniel (17 November 1999):
- - Paul Harrington pointed out that the -m/--max-time option
- doesn't work for the slow system calls like gethostbyname()... I don't have
- any good fix yet, just a slightly less bad one that makes curl exit hard
- when the timeout is reached.
-
- - Bjorn Reese helped me point out a possible problem that might be the reason
- why Thomas Hurst experience problems in his Amiga version.
-
- Daniel (12 November 1999):
- - I found a crash in the new cookie file parser. It crashed when you gave
- a plain http header file as input...
-
-Version 6.3
-
- Daniel (10 November 1999):
- - I kind of found out that the HTTP time-conditional GETs (-z) aren't always
- respected by the web server and the document is therefore sent in whole
- again, even though it doesn't match the requested condition. After reading
- section 13.3.4 of RFC 2616, I think I'm doing the right thing now when I do
- my own check as well. If curl thinks the condition isn't met, the transfer
- is aborted prematurely (after all the headers have been received).
-
- - After comments from Robert Linden I also rewrote some parts of the man page
- to better describe how the -F works.
-
- - Michael Anti put up a new curl download mirror in
- China: http://www.pshowing.com/curl/
-
- - I added the list of download mirrors to the README file
-
- - I did add more explanations to the man page
-
- Daniel (8 November 1999):
- - I made the -b/--cookie option capable of reading netscape formatted cookie
- files as well as normal http-header files. It should be able to
- transparently figure out what kind of file it got as input.
-
- Daniel (29 October 1999):
- - Another one of Sebastiaan van Erk's ideas (that has been requested before
- but I seem to have forgotten who it was), is to add support for ranges in
- FTP downloads. As usual, one request is just a request, when they're two
- it is a demand. I've added simple support for X-Y style fetches. X has to
- be the lower number, though you may omit one of the numbers. Use the -r/
- --range switch (previously HTTP-only).
-
- - Sebastiaan van Erk suggested that curl should be
- able to show the file size of a specified file. I think this is a splendid
- idea and the -I flag is now working for FTP. It displays the file size in
- this manner:
- Content-Length: XXXX
- As it resembles normal headers, and leaves us the opportunity to add more
- info in that display if we can come up with more in the future! It also
- makes sense since if you access ftp through a HTTP proxy, you'd get the
- file size the same way.
-
- I changed the order of the QUOTE command executions. They're now executed
- just after the login and before any other command. I made this to enable
- quote commands to run before the -I stuff is done too.
-
- - I found out that -D/--dump-header and -V/--version weren't documented in
- the man page.
-
- - Many HTTP/1.1 servers do not support ranges. Don't ask me why. I did add
- some text about this in the man page for the range option. The thread in
- the mailing list that started this was initiated by Michael Anti.
-
- - I get reports about nroff crashes on solaris 2.6+ when displaying the curl
- man page. Switch to gnroff instead, it is reported to work(!). Adam Barclay
- reported and brought the suggestion.
-
- - In a dialogue with Johannes G. Kristinsson we came
- up with the idea to let -H/--header specified headers replace the
- internally generated headers, if you happened to select to add a header
- that curl normally uses by itself. The advantage with this is not entirely
- obvious, but in Johannes' case it means that he can use another Host: than
- the one curl would set.
-
- Daniel (27 October 1999):
- - Jongki Suwandi brought a nice patch for (yet another) crash when following
- a location:. This time you had to follow a https:// server's redirect to
- get the core.
-
-Version 6.2
-
- Daniel (21 October 1999):
- - I think I managed to remove the suspicious (nil) that has been seen just
- before the "Host:" in HTTP requests when -v was used.
- - I found out that if you followed a location: when using a proxy, without
- having specified http:// in the URL, the protocol part was added once again
- when moving to the next URL! (The protocol part has to be added to the
- URL when going through a proxy since it has no protocol-guessing system
- such as curl has.)
- - Benjamin Ritcey reported a core dump under solaris 2.6
- with OpenSSL 0.9.4. It turned out this was due to a bad free() in main.c
- that occurred after the download was done and completed.
- - Benjamin found ftp downloads to show the first line of the download meter
- to get written twice, and I removed that problem. It was introduced with
- the multiple URL support.
- - Dan Zitter correctly pointed out that curl 6.1 and earlier versions didn't
- honor RFC 2616 chapter 4 section 2, "Message Headers": "...Field names are
- case-insensitive..." HTTP header parsing assumed a certain casing. Dan
- also provided me with a patch that corrected this, which I took the liberty
- of editing slightly.
- - Dan Zitter also provided a nice patch for config.guess to better recognize
- the Mac OS X
- - Dan also corrected a minor problem in the lib/Makefile that caused linking
- to fail on OS X.
-
- Daniel (19 October 1999):
- - Len Marinaccio came up with some problems with curl. Since Windows has a
- crippled shell, it can't redirect stderr and that causes trouble. I added
- --stderr today which allows the user to redirect the stderr stream to a
- file or stdout.
-
- Daniel (18 October 1999):
- - The configure script now understands the '--without-ssl' flag, which now
- totally disable SSL/https support. Previously it wasn't possible to force
- the configure script to leave SSL alone. The previous functionality has
- been retained. Troy Engel helped test this new one.
-
-Version 6.1 (October 17 1999)
-
- Daniel (17 October 1999):
- - I ifdef'ed or commented all the zlib stuff in the sources and configure
- script. It turned out we needed to mock more with zlib than I initially
- thought, to make it capable of downloading compressed HTTP documents and
- uncompress them on the fly. I didn't mean the zlib parts of curl to become
- more than minor so this means I halt the zlib expedition for now and wait
- until someone either writes the code or zlib gets updated and better
- adjusted for this kind of usage. I won't get into details here, but a
- short a summary is suitable:
- - zlib can't automatically detect whether to use zlib or gzip
- decompression methods.
- - zlib is very neat for reading gzipped files from a file descriptor,
- although not as nice for reading buffer-based data such as we would
- want it.
- - there are still some problems with the win32 version when reading from
- a file descriptor if that is a socket
-
- Daniel (14 October 1999):
- - Moved the (external) include files for libcurl into a subdirectory named
- curl and adjusted all #include lines to use <curl/XXXX> to maintain a
- better name space and control of the headers. This has been requested.
-
- Daniel (12 October 1999):
- - I modified the 'maketgz' script to perform a 'make' too before a release
- archive is put together in an attempt to make the time stamps better and
- hopefully avoid the double configure-running that use to occur.
-
- Daniel (11 October 1999):
- - Applied J�rn's patches that fixes zlib for mingw32 compiles as well as
- some other missing zlib #ifdef and more text on the multiple URL docs in
- the man page.
-
-Version 6.1beta
-
- Daniel (6 October 1999):
- - Douglas E. Wegscheid sent me a patch that made the exact same thing as I
- just made: the -d switch is now capable of reading post data from a named
- file or stdin. Use it similarly to the -F. To read the post data from a
- given file:
-
- curl -d @path/to/filename www.postsite.com
-
- or let curl read it out from stdin:
-
- curl -d @- www.postit.com
-
- J�rn Hartroth (3 October 1999):
- - Brought some more patches for multiple URL functionality. The MIME
- separation ideas are almost scrapped now, and a custom separator is being
- used instead. This is still compile-time "flagged".
-
- Daniel
- - Updated curl.1 with multiple URL info.
-
- Daniel (30 September 1999):
- - Felix von Leitner brought openssl-check fixes for configure.in to work
- out-of-the-box when the openssl files are installed in the system default
- dirs.
-
- Daniel (28 September 1999)
- - Added libz functionality. This should enable decompressing gzip, compress
- or deflate encoding HTTP documents. It also makes curl send an accept that
- it accepts that kind of encoding. Compressed contents usually shortens
- download time. I *need* someone to tell me a site that uses compressed HTTP
- documents so that I can test this out properly.
-
- - As a result of the adding of zlib awareness, I changed the version string
- a little. I plan to add openldap version reporting in there too.
-
- Daniel (17 September 1999)
- - Made the -F option allow stdin when specifying files. By using '-' instead
- of file name, the data will be read from stdin.
-
-Version 6.0 (September 14 1999)
-
- Daniel (13 September 1999)
- - Added -X/--http-request <request> to enable any HTTP command to be sent.
- Do not that your server has to support the exact string you enter. This
- should possibly a string like DELETE or TRACE.
-
- - Applied Douglas' mingw32-fixes for the makefiles.
-
- Daniel (10 September 1999)
- - Douglas E. Wegscheid pointed out a problem. Curl didn't check the FTP
- servers return code properly after the --quote commands were issued. It
- took anything non 200 as an error, when all 2XX codes should be accepted as
- OK.
-
- - Sending cookies to the same site in multiple lines like curl used to do
- turned out to be bad and breaking the cookie specs. Curl now sends all
- cookies on a single Cookie: line. Curl is not yet RFC 2109 compliant, but I
- doubt that many servers do use that syntax (yet).
-
- Daniel (8 September 1999)
- - J�rn helped me make sure it still compiles nicely with mingw32 under win32.
-
- Daniel (7 September 1999)
- - FTP upload through proxy is now turned into a HTTP PUT. Requested by
- Stefan Kanthak.
-
- - Added the ldap files to the .m32 makefile.
-
- Daniel (3 September 1999)
- - Made cookie matching work while using HTTP proxy.
-
- Bjorn Reese (31 August 1999)
- - Passed his ldap:// patch. Note that this requires the openldap shared
- library to be installed and that LD_LIBRARY_PATH points to the
- directory where the lib will be found when curl is run with a
- ldap:// URL.
-
- J�rn Hartroth (31 August 1999)
- - Made the Mingw32 makefiles into single files.
- - Made file:// work for Win32. The same code is now used for unix as well for
- performance reasons.
-
- Douglas E. Wegscheid (30 August 1999)
- - Patched the Mingw32 makefiles for SSL builds.
-
- Matthew Clarke (30 August 1999)
- - Made a cool patch for configure.in to allow --with-ssl to specify the
- root dir of the openssl installation, as in
-
- ./configure --with-ssl=/usr/ssl_here
-
- - Corrected the 'reconf' script to work better with some shells.
-
- J�rn Hartroth (26 August 1999)
- - Fixed the Mingw32 makefiles in lib/ and corrected the file.c for win32
- compiles.
-
-Version 5.11
-
- Daniel (25 August 1999)
- - John Weismiller pointed out a bug in the header-line
- realloc() system in download.c.
-
- - I added lib/file.[ch] to offer a first, simple, file:// support. It
- probably won't do much good on win32 system at this point, but I see it
- as a start.
-
- - Made the release archives get a Makefile in the root dir, which can be
- used to start the compiling/building process easier. I haven't really
- changed any INSTALL text yet, I wanted to get some feed-back on this
- first.
-
- Daniel (17 August 1999)
- - Another Location: bug. Curl didn't do proper relative locations if the
- original URL had cgi-parameters that contained a slash. Nusu's page
- again.
-
- - Corrected the NO_PROXY usage. It is a list of substrings that if one of
- them matches the tail of the host name it should connect to, curl should
- not use a proxy to connect there. Pointed out to me by Douglas
- E. Wegscheid. I also changed the README text a little regarding this.
-
- Daniel (16 August 1999)
- - Fixed a memory bug with http-servers that sent Location: to a Location:
- page. Nusu's page showed this too.
-
- - Made cookies work a lot better. Setting the same cookie name several times
- used to add more cookies instead of replacing the former one which it
- should've. Nusu <nus at intergorj.ro> brought me an URL that made this
- painfully visible...
-
- Troy (15 August 1999)
- - Brought new .spec files as well as a patch for configure.in that lets the
- configure script find the openssl files better, even when the include
- files are in /usr/include/openssl
-
-Version 5.10
-
- Daniel (13 August 1999)
- - SSL_CTX_set_default_passwd_cb() has been modified in the 0.9.4 version of
- OpenSSL. Now why couldn't they simply add a *new* function instead of
- modifying the parameters of an already existing function? This way, we get
- a compiler warning if compiling with 0.9.4 but not with earlier. So, I had
- to come up with a #if construction that deals with this...
-
- - Made curl output the SSL version number get displayed properly with 0.9.4.
-
- Troy (12 August 1999)
- - Added MingW32 (GCC-2.95) support under Win32. The INSTALL file was also
- a bit rearranged.
-
- Daniel (12 August 1999)
- - I had to copy a good <arpa/telnet.h> include file into the curl source
- tree to enable the silly win32 systems to compile. The distribution rights
- allows us to do that as long as the file remains unmodified.
-
- - I corrected a few minor things that made the compiler complain when
- -Wall -pedantic was used.
-
- - I'm moving the official curl web page to curl.haxx.nu. I think it
- will make it easier to remember as it is a lot shorter and less cryptic.
- The old one still works and shows the same info.
-
- Daniel (11 August 1999)
- - Albert Chin-A-Young mailed me another correction for NROFF in the
- configure.in that is supposed to be better for IRIX users.
-
- Daniel (10 August 1999)
- - Albert Chin-A-Young helped me with some stupid Makefile things, as well as
- some fiddling with the getdate.c stuff that he had problems with under
- HP-UX v10. getdate.y will now be compiled into getdate.c if the appropriate
- yacc or bison is found by the configure script. Since this is slightly new,
- we need to test the output getdate.c with win32 systems to make sure it
- still compiles there.
-
- Daniel (5 August 1999)
- - I've just setup a new mailing list with the intention to keep discussions
- around libcurl development in it. I mainly expect it to be for thoughts and
- brainstorming around a "next generation" library, rather than nitpicking
- about the current implementation or details in the current libcurl.
-
- To join our happy bunch of future-looking geeks, enter 'subscribe
- <address>' in the body of a mail and send it to
- address@hidden Curl bug reports, the usual curl
- talk and everything else should still be kept in this mailing list. I've
- started to archive this mailing list and have put the libcurl web page at
- www.fts.frontec.se/~dast/libcurl/.
-
- - Stefan Kanthak contacted me regarding a few problems in the configure
- script which he discovered when trying to make curl compile and build under
- Siemens SINIX-Z V5.42B2004!
-
- - Marcus Klein very accurately informed me that src/version.h was not present
- in the CVS repository. Oh, how silly...
-
- - Linus Nielsen rewrote the telnet:// part and now curl offers limited telnet
- support. If you run curl like 'curl telnet://host' you'll get all output on
- the screen and curl will read input from stdin. You'll be able to login and
- run commands etc, but since the output is buffered, expect to get a little
- weird output.
-
- This is still in its infancy and it might get changed. We need your
- feed-back and input in how this is best done.
-
- WIN32 NOTE: I bet we'll get problems when trying to compile the current
- lib/telnet.c on win32, but I think we can sort them out in time.
-
- - David Sanderson reported that FORCE_ALLOCA_H or HAVE_ALLOCA_H must be
- defined for getdate.c to compile properly on HP-UX 11.0. I updated the
- configure script to check for alloca.h which should make it.
-
- Daniel (4 August 1999)
- - I finally got to understand Marcus Klein's ftp download resume problem,
- which turns out to be due to different outputs from different ftp
- servers. It makes ftp download resuming a little trickier, but I've made
- some modifications I really believe will work for most ftp servers and I do
- hope you report if you have problems with this!
-
- - Added text about file transfer resuming to README.curl.
-
- Daniel (2 August 1999)
- - Applied a progress-bar patch from Lars J. Aas. It offers
- a new styled progress bar enabled with -#/--progress-bar.
-
- T. Yamada <tai at imasy.or.jp> (30 July 1999)
- - It breaks with segfault when 1) curl is using .netrc to obtain
- username/password (option '-n'), and 2) is automatically redirected to
- another location (option '-L').
-
- There is a small bug in lib/url.c (block starting from line 641), which
- tries to take out username/password from user- supplied command-line
- argument ('-u' option). This block is never executed on first attempt since
- CONF_USERPWD bit isn't set at first, but curl later turns it on when it
- checks for CONF_NETRC bit. So when curl tries to redo everything due to
- redirection, it segfaults trying to access *data->userpwd.
-
-Version 5.9.1
-
- Daniel (30 July 1999)
- - Steve Walch pointed out that there is a memory leak in the formdata
- functions. I added a FormFree() function that is now used and supposed to
- correct this flaw.
-
- - Mark Wotton reported:
- 'curl -L https://www.cwa.com.au/' core dumps. I managed to cure this by
- correcting the cleanup procedure. The bug seems to be gone with my OpenSSL
- 0.9.2b, although still occurs when I run the ~100 years old SSLeay 0.8.0. I
- don't know whether it is curl or SSLeay that is to blame for that.
-
- - Marcus Klein:
- Reported an FTP upload resume bug that I really can't repeat nor understand.
- I leave it here so that it won't be forgotten.
-
- Daniel (29 July 1999)
- - Costya Shulyupin suggested support for longer URLs when following Location:
- and I could only agree and fix it!
-
- - Leigh Purdie found a problem in the upload/POST department. It turned out
- that http.c accidentaly cleared the pointer instead of the byte counter
- when supposed to.
-
- - Costya Shulyupin pointed out a problem with port numbers and Location:. If
- you had a server at a non-standard port that redirected to an URL using a
- standard port number, curl still used that first port number.
-
- - Ralph Beckmann pointed out a problem when using both CONF_FOLLOWLOCATION
- and CONF_FAILONERROR simultaneously. Since the CONF_FAILONERROR exits on
- the 302-code that the follow location header outputs it will never show any
- html on location: pages. I have now made it look for >=400 codes if
- CONF_FOLLOWLOCATION is set.
-
- - 'struct slist' is now renamed to 'struct curl_slist' (as suggested by Ralph
- Beckmann).
-
- - Joshua Swink and Rick Welykochy were the first to point out to me that the
- latest OpenSSL package now have moved the standard include path. It is now
- in /usr/local/ssl/include/openssl and I have now modified the --enable-ssl
- option for the configure script to use that as the primary path, and I
- leave the former path too to work with older packages of OpenSSL too.
-
- Daniel (9 June 1999)
- - I finally understood the IRIX problem and now it seem to compile on it!
- I am gonna remove those #define strcasecmp() things once and for all now.
-
- Daniel (4 June 1999)
- - I adjusted the FTP reply 227 parser to make the PASV command work better
- with more ftp servers. Appearantly the Roxen Challanger server replied
- something curl 5.9 could deal with! :-( Reported by Ashley Reid-Montanaro
- and Mark Butler brought a solution for it.
-
- Daniel (26 May 1999)
- - Rearranged. README is new, the old one is now README.curl and I added a
- README.libcurl with text I got from Ralph Beckmann.
-
- - I also updated the INSTALL text.
-
- Daniel (25 May 1999)
- - David Jonathan Lowsky correctly pointed out that curl didn't properly deal
- with form posting where the variable shouldn't have any content, as in curl
- -F "form=" www.site.com. It was now fixed.
-
-Version 5.9 (May 22 1999)
-
- Daniel (22 May 1999)
- - I've got a bug report from Aaron Scarisbrick in which he states he has some
- problems with -L under FreeBSD 3.0. I have previously got another bug
- report from Stefan Grether which points at an error with similar sympthoms
- when using win32. I made the allocation of the new url string a bit faster
- and different, don't know if it actually improves anything though...
-
- Daniel (20 May 1999)
- - Made the cookie parser deal with CRLF newlines too.
-
- Daniel (19 May 1999)
- - Download() didn't properly deal with failing return codes from the sread()
- function. Adam Coyne found the problem in the win32 version, and Troy Engel
- helped me out isolating it.
-
- Daniel (16 May 1999)
- - Richard Adams pointed out a bug I introduced in 5.8. --dump-header doesn't
- work anymore! :-/ I fixed it now.
-
- - After a suggestion by Joshua Swink I added -S / --show-error to force curl
- to display the error message in case of an error, even if -s/--silent was
- used.
-
- Daniel (10 May 1999)
- - I moved the stuff concerning HTTP, DICT and TELNET it their own source
- files now. It is a beginning on my clean-up of the sources to make them
- layer all those protocols better to enable more to be added easier in the
- future!
-
- - Leon Breedt sent me some files I've not put into the main curl
- archive. They're for creating the Debian package thingie. He also sent me a
- debian package that I've made available for download at the web page
-
- Daniel (9 May 1999)
- - Made it compile on cygwin too.
-
- Troy Engel (7 May 1999)
- - Brought a series of patches to allow curl to compile smoothly on MSVC++ 6
- again!
-
- Daniel (6 May 1999)
- - I changed the #ifdef HAVE_STRFTIME placement for the -z code so that it
- will be easier to discover systems that don't have that function and thus
- can't use -z successfully. Made the strftime() get used if WIN32 is defined
- too.
-
-Version 5.8
-
- Daniel (5 May 1999)
- - I've had it with this autoconf/automake mess. It seems to work allright
- for most people who don't have automake installed, but for those who have
- there are problems all over.
-
- I've got like five different bug reports on this only the last
- week... Claudio Neves and Federico Bianchi and root <duggerj001 at
- hawaii.rr.com> are some of them reporting this.
-
- Currently, I have no really good fix since I want to use automake myself to
- generate the Makefile.in files. I've found out that the @address@hidden
- can often be fixed by manually invoking 'automake' in the archive root
- before you run ./configure... I've hacked my maketgz script now to fiddle
- a bit with this and my tests seem to work better than before at least!
-
- Daniel (4 May 1999)
- - mkhelp.pl has been doing badly lately. I corrected a case problem in
- the regexes.
-
- - I've now remade the -o option to not touch the file unless it needs to.
- I had to do this to make -z option really fine, since now you can make a
- curl fetch and use a local copy's time when downloading to that file, as
- in:
-
- curl -z dump -o dump remote.site.com/file.html
-
- This will only get the file if the remote one is newer than the local.
- I'm aware that this alters previous behaviour a little. Some scripts out
- there may depend on that the file is always touched...
-
- - Corrected a bug in the SSLv2/v3 selection.
-
- - Felix von Leitner requested that curl should be able to send
- "If-Modified-Since" headers, which indeed is a fair idea. I implemented it
- right away! Try -z <expression> where expression is a full GNU date
- expression or a file name to get the date from!
-
- Stephan Lagerholm (30 Apr 1999)
- - Pointed out a problem with the src/Makefile for FreeBSD. The RM variable
- isn't set and causes the make to fail.
-
- Daniel (26 April 1999)
- - Am I silly or what? Irving Wolfe pointed out to me that the curl version
- number was not set properly. Hasn't been since 5.6. This was due to a bug
- in my maketgz script!
-
- David Eriksson (25 Apr 1999)
- - Found a bug in cookies.c that made it crash at times.
-
-Version 5.7.1
-
- Doug Kaufman (23 Apr 1999)
- - Brought two sunos 4 fixes. One of them being the hostip.c fix mentioned
- below and the other one a correction in include/stdcheaders.h
-
- - Added a paragraph about compiling with the US-version of openssl to the
- INSTALL file.
-
- Daniel
- - New mailing list address. Info updated on the web page as well as in the
- README file
-
- Greg Onufer (20 Apr 1999)
- - hostip.c didn't compile properly on SunOS 5.5.1.
- It needs an #include <sys/types.h>
-
-Version 5.7
-
- Daniel (Apr 20 1999)
- - Decided to upload a non-beta version right now!
-
- - Made curl support any-length HTTP headers. The destination buffer is now
- simply enlarged every time it turns out to be too small!
-
- - Added the FAQ file to the archive. Still a bit smallish, but it is a
- start.
-
- Eric Thelin (15 Apr 1999)
- - Made -D accept '-' instead of filename to write to stdout.
-
-Version 5.6.3beta
-
- Daniel (Apr 12 1999)
-
- - Changed two #ifdef WIN32 to better #ifdef <errorcode> when connect()ing
- in url.c and ftp.c. Makes cygwin32 deal with them better too. We should
- try to get some decent win32-replacement there. Anyone?
-
- - The old -3/--crlf option is now ONLY --crlf!
-
- - I changed the "SSL fix" to a more lame one, but that doesn't remove as
- much functionality. Now I've enabled the lib to select what SSL version it
- should try first. Appearantly some older SSL-servers don't like when you
- talk v3 with them so you need to be able to force curl to talk v2 from the
- start. The fix dated April 6 and posted on the mailing list forced curl to
- use v2 at all times using a modern OpenSSL version, but we don't really
- want such a crippled solution.
-
- - Marc Boucher sent me a patch that corrected a math error for the
- "Curr.Speed" progress meter.
-
- - Eric Thelin sent me a patch that enables '-K -' to read a config file from
- stdin.
-
- - I found out we didn't close the file properly before so I added it!
-
- Daniel (Apr 9 1999)
- - Yu Xin pointed out a problem with ftp download resume. It didn't work at
- all! ;-O
-
- Daniel (Apr 6 1999)
- - Corrected the version string part generated for the SSL version.
-
- - I found a way to make some other SSL page work with openssl 0.9.1+ that
- previously didn't (ssleay 0.8.0 works with it though!). Trying to get
- some real info from the OpenSSL guys to see how I should do to behave the
- best way. SSLeay 0.8.0 shouldn't be that much in use anyway these days!
-
-Version 5.6.2beta
-
- Daniel (Apr 4 1999)
- - Finally have curl more cookie "aware". Now read carefully. This is how
- it works.
- To make curl read cookies from an already existing file, in plain header-
- format (like from the headers of a previous fetch) invoke curl with the
- -b flag like:
-
- curl -b file http://site/foo.html
-
- Curl will then use all cookies it finds matching. The old style that sets
- a single cookie with -b is still supported and is used if the string
- following -b includes a '=' letter, as in "-b name=daniel".
-
- To make curl read the cookies sent in combination with a location: (which
- sites often do) point curl to read a non-existing file at first (i.e
- to start with no existing cookies), like:
-
- curl -b nowhere http://site/setcookieandrelocate.html
-
- - Added a paragraph in the TODO file about the SSL problems recently
- reported. Evidently, some kind of SSL-problem curl may need to address.
-
- - Better "Location:" following.
-
- Douglas E. Wegscheid (Tue, 30 Mar 1999)
- - A subsecond display patch.
-
- Daniel (Mar 14 1999)
- - I've separated the version number of libcurl and curl now. To make
- things a little easier, I decided to start the curl numbering from
- 5.6 and the former version number known as "curl" is now the one
- set for libcurl.
-
- - Removed the 'enable-no-pass' from configure, I doubt anyone wanted
- that.
-
- - Made lots of tiny adjustments to compile smoothly with cygwin under
- win32. It's a killer for porting this to win32, bye bye VC++! ;-)
- Compiles and builds out-of-the-box now. See the new wordings in
- INSTALL for details.
-
- - Beginning experiments with downloading multiple document from a http
- server while remaining connected.
-
-Version 5.6beta
-
- Daniel (Mar 13 1999)
- - Since I've changed so much, I thought I'd just go ahead and implement the
- suggestion from Douglas E. Wegscheid. -D or --dump-header is now storing
- HTTP headers separately in the specified file.
-
- - Added new text to INSTALL on what to do to build this on win32 now.
-
- - Aaargh. I had to take a step back and prefix the shared #include files
- in the sources with "../include/" to please VC++...
-
- Daniel (Mar 12 1999)
- - Split the url.c source into many tiny sources for better readability
- and smaller size.
-
- Daniel (Mar 11 1999)
- - Started to change stuff for a move to make libcurl and a more separate
- curl application that uses the libcurl. Made the libcurl sources into
- the new lib directory while the curl application will remain in src as
- before. New makefiles, adjusted configure script and so.
-
- libcurl.a built quickly and easily. I better make a better interface to
- the lib functions though.
-
- The new root dir include/ is supposed to contain the public information
- about the new libcurl. It is a little ugly so far :-)
-
-
- Daniel (Mar 1 1999)
- - Todd Kaufmann sent me a good link to Netscape's cookie spec as well as the
- info that RFC 2109 specifies how to use them. The link is now in the
- README and the RFC in the RESOURCES.
-
- Daniel (Feb 23 1999)
- - Finally made configure accept --with-ssl to look for SSL libs and includes
- in the "standard" place /usr/local/ssl...
-
- Daniel (Feb 22 1999)
- - Verified that curl linked fine with OpenSSL 0.9.1c which seems to be
- the most recent.
-
- Henri Gomez (Fri Feb 5 1999)
- - Sent in an updated curl-ssl.spec. I still miss the script that builds an
- RPM automatically...
-
-Version 5.5.1
-
- Mark Butler (27 Jan 1999)
- - Corrected problems in Download().
-
- Danitel Stenberg (25 Jan 1999)
- - Jeremie Petit pointed out a few flaws in the source that prevented it from
- compile warning free with the native compiler under Digital Unix v4.0d.
-
-Version 5.5
-
- Daniel Stenberg (15 Jan 1999)
- - Added Bjorns small text to the README about the DICT protocol.
-
- Daniel Stenberg (11 Jan 1999)
- - <jswink at softcom.net> reported about the win32-versioin: "Doesn't use
- ALL_PROXY environment variable". Turned out to be because of the static-
- buffer nature of the win32 environment variable calls!
-
- Bjorn Reese (10 Jan 1999)
- - I have attached a simple addition for the DICT protocol (RFC 2229).
- It performs dictionary lookups. The output still needs to be better
- formatted.
-
- To test it try (the exact format, and more examples are described in
- the RFC)
-
- dict://dict.org/m:hello
- dict://dict.org/m:hello::soundex
-
-
- Vicente Garcia (10 Jan 1999)
- - Corrected the progress meter for files larger than 20MB.
-
- Daniel Stenberg (7 Jan 1999)
- - Corrected the -t and -T help texts. They claimed to be FTP only.
-
-Version 5.4
-
- Daniel Stenberg
- (7 Jan 1999)
- - Irving Wolfe reported that curl -s didn't always supress the progress
- reporting. It was the form post that autoamtically always switched it on
- again. This is now corrected!
-
- (4 Jan 1999)
- - Andreas Kostyrka suggested I'd add PUT and he helped me out to test it. If
- you use -t or -T now on a http or https server, PUT will be used for file
- upload.
-
- I removed the former use of -T with HTTP. I doubt anyone ever really used
- that.
-
- (4 Jan 1999)
- - Erik Jacobsen found a width bug in the mprintf() function. I corrected it
- now.
-
- (4 Jan 1999)
- - As John V. Chow pointed out to me, curl accepted very limited URL sizes. It
- should now accept path parts that are up to at least 4096 bytes.
-
- - Somehow I screwed up when applying the AIX fix from Gilbert Ramirez, so
- I redid that now.
-
-Version 5.3a (win32 only)
-
- Troy Engel
- - Corrected a win32 bug in the environment variable part.
-
-Version 5.3
-
- Gilbert Ramirez Jr. (21 Dec 1998)
- - I have implemented the "quote" function of FTP clients. It allows you to
- send arbitrary commands to the remote FTP server. I chose the -Q/--quote
- command-line arguments.
-
- You can have more than one quoted string, and curl will apply them in
- order. This is what I use for my MVS upload:
-
- curl -B --crlf -Q "site lrecl=80" -Q "site blk=8000" -T file ftp://os390/test
-
- Curl will send the two quoted "site" commands in the proper order.
-
- - Made it compile smoothly on AIX.
-
- Gilbert Ramirez Jr. (18 Dec 1998)
- - Brought an MVS patch: -3/--mvs, for ftp upload to the MVS ftp server.
-
- Troy Engel (17 Dec 1998)
- - Brought a correction that fixes the win32 curl bug.
-
- Daniel Stenberg
- - A bug, pointed out to me by Dr H. T. Leung, caused curl to crash on the -A
- flag on certain systems. Actually, all systems should've!
-
- - Added a few defines to make directories/file names get build nicer (with _
- instead of . and \ instead of / in win32).
-
- - steve <fisk at polar.bowdoin.edu> reported a weird bug that occured if the
- ftp server response line had a parenthesis on the line before the (size)
- info. I hope it works better now!
-
-Version 5.2.1
-
- Steven G. Johnson (Dec 14, 1998)
- - Brought a fix that corrected a crash in 5.2 due to bad treatment of the
- environment variables.
-
-Version 5.2
-
- Daniel Stenberg (Dec 14, 1998)
- - Rewrote the mkhelp script and now, the mkhelp.pl script generates the
- hugehelp.c file from the README *and* the man page file curl.1. By using
- both files, I no longer need to have double information in both the man
- page and the README as well. So, win32-users will only have the hugehelp.c
- file for all info, but then, they download the plain binary most times
- anyway.
-
- - gcc2.8.1 with the -Wall flag complaints a lot on subscript has type `char'
- if I don't explicitly typecast the argument to isdigit() or isspace() to
- int. So I did to compile warning free with that too.
-
- - Added checks for 'long double' and 'long long' in the configure script. I
- need those for the mprintf.c source to compile well on non long long
- comforming systems!
-
-Version 5.1 (not publicly released)
-
- Daniel Stenberg (Dec 10, 1998)
- - I got a request for a pre-compiled NT Alpha version. Anyone?
-
- - Added Lynx/CERN www lib proxy environment variable support. That means curl
- now reads and understands the following environment variables:
-
- HTTP_PROXY, HTTPS_PROXY, FTP_PROXY, GOPHER_PROXY
-
- They should be set for protocol-specific proxies. General proxy should be
- set with
-
- ALL_PROXY
-
- And a comma-separated list of host names that shouldn't go through any
- proxy is set in (only an asterisk, '*' matches all hosts).
-
- NO_PROXY
-
- The usage of the -x/--proxy flag overrides the environment variables.
-
- - Proxy can now be specified with a procotol:// prefix.
-
- - Wrote the curl.1 man page.
-
- - Introduced a whole new dynamic buffer system for all sprintf()s. It is
- based on the *printf() package by yours truly and Bjorn Reese. Hopefully,
- there aren't that many buffer overflow risks left now.
-
- - Ah, I should mention I've compiled and built curl successfully under
- solaris 2.6 with gcc now, gcc 2.7.2 won't work but 2.8.1 did ok.
-
- Oren Tirosh (Dec 3, 1998)
- - Brought two .spec files, to use when creating (Linux) Redhat style RPM
- packages. They're named curl.spec and curl-ssl.spec.
-
- Troy Engel
- - Supplied the src/Makefile.vc6 for easy compiling with VC++ under Win32.
-
-Version 5.0
-
- Daniel Stenberg (Dec 1, 1998)
- - Not a single bug report in ages.
- - Corrected getpass.c and main.c to compile warning and error free with the
- Win32 VC++ crap.
-
-Version 5.0 beta 24
-
- Daniel Stenberg (Nov 20, 1998)
-
- HOW TO BUILD A RELEASE ARCHIVE:
-
- * Pre-requisite software:
- What To build what Reads data from
- ==== ============= ===============
- GNU automake Makefile.in, aclocal.m4 configure.in
- GNU make(1) - " -
- GNU gcc(1) - " -
- GNU autoconf configure configure.in
- GNU autoheader(2) config.h.in configure.in, acconfig.h
-
- * Make sure all files that should be part of the archive are put in FILES.
-
- * Run './maketgz' and enter version number of the new to become archive.
-
- maketgz does:
-
- - Enters the newly created version number in url.h.
- - (If you don't have automake, this script will warn about that, but unless
- you have changed the Makefile.am files, that is nothing to care about.)
- If you have it, it'll run it.
- - If you have autoconf, the configure.in will be edited to get the newly
- created version number and autoconf will be run.
- - Creates a new directory named curl-<version>. (Actually, it uses the base
- name of the current directory up to the first '-'.)
- - Copies all files mentioned in FILES to the new directory. Saving
- permissions and directory structure.
- - Uses tar to create an archive of it all, named curl-<version>.tar.gz
- - gzips the archive
- - Removes the new directory and all its contents.
-
- * When done, you have an archive stored in your directory named
- curl-<version>.tar.gz.
-
- Done!
-
- (1) They're required to make automake run properly.
- (2) It is distributed as a part of the GNU autoconf archive.
-
- Daniel Stenberg (Nov 18, 1998)
- - I changed the TAG-system. If you ever used urlget() from this package in
- another product, you need to recompile with the new headers. I did this
- new stuff to better deal with different compilers and system with different
- variable sizes. I think it makes it a little more portable. This proves
- to compile warning free with the problematic IRIX compiler!
- - Win32 compiled with a silly error. Corrected now.
- - Brian Chaplin reported yet another problem in
- multiline FTP responses. I've tried to correct it. I mailed him a new
- version and I hope he gets back soon with positive feedback!
- - Improved the 'maketgz' to create a temporary directory tree which it makes
- an archive from instead of the previous renaming of the current one.
- - Mailing list opened (see README).
- - Made -v more verbose on the PASV section of ftp transfers. Now it tells
- host name and IP of the new host (and port number). I also added a section
- about PORT vs PASV in the README.
-
-Version 5.0 beta 21
-
- Angus Mackay (Nov 15, 1998)
- - Introduced automake stuff.
-
- Daniel Stenberg (Nov 13, 1998)
- - Just made a successful GET of a document from an SSL-server using my own
- private certificate for authentication! The certificate has to be in PEM
- format. You do that the easiest way (although not *that* easy) by
- downloading the SSLyeay PKCS#12-patch by Dr Stephen N. Henson from his site
- at: http://www.drh-consultancy.demon.co.uk/. Using his tool, you can
- convert any modern Netscape or (even) MSIE certificate to PEM-format. Use
- it with 'curl -E <certificate:password> https://site.com'. If this isn't a
- cool feature, then I don't know what cool features look like! ;-)
- - Working slowly on telnet connections. #define TRY_TELNET to try it out.
- (curl -u user:passwd "telnet://host.com/cat .login" is one example) I do
- have problem to define how it should work. The prime purpose for this must
- be to get (8bit clean) files via telnet, and it really isn't that easy to
- get files this way. Still having problems with \n being converted to \r\n.
-
- Angus Mackay (Nov 12, 1998)
- - Corrected another bug in the long parameter name parser.
- - Modified getpass.c (NOTE: see the special licensing in the top of that
- source file).
-
- Daniel Stenberg (Nov 12, 1998)
- - We may have removed the silly warnings from url.c when compiled under IRIX.
- Thanks again to Bjorn Reese and Martin Staael.
- - Wrote formfind.pl which is a new perl script intended to help you find out
- how a FORM submission should be done. This needs a little more work to get
- really good.
-
- Daniel Stenberg (Nov 11, 1998)
- - Made the HTTP header-checker accept white spaces before the HTTP/1.? line.
- Appearantly some proxies/sites add such at times (my test proxy did when I
- downloaded a gopher page with it)!
- - Moved the former -h to -M and made -h show the short help text instead. I
- had to enable a forced help text option. Now an even shorter help text will
- be presented when an unknown option and similar, is used.
- - stdcheaders.h didn't work with IRIX 6.4 native cc compiler. I hope my
- changes don't make other versions go nuts instead.
-
- Daniel Stenberg (Nov 10, 1998)
- - Added a weird check in the configure script to check for the silly AIX
- warnings about my #define strcasecmp() stuff. I do that define to prevent
- me and other contributors to accidentaly use that function name instead
- of strequal()...
- - I bugfixed Angus's getpass.c very little.
- - Fixed the verbose flag names to getopt-style, i.e 'curl --loc' will be
- sufficient instead of --location as "loc" is a unique prefix. Also, anything
- after a '--' is treated as an URL. So if you do have a host with a weeeird
- name you can do 'curl -- -host.com'.
- - Another getopt-adjust; curl now accepts flags after the URL on the command
- line. 'curl www.foo.com -O' is perfectly valid.
- - Corrected the .curlrc parser so that strtok() is no longer used and I
- believe it works better. Even URLs can be specified in it now.
-
- Angus Mackay (Nov 9, 1998)
- - Replaced getpass.c with a newly written one, not under GPL license
- - Changed OS to a #define in config.h instead of compiler flag
- - Makefile now uses -DHAVE_CONFIG_H
-
- Daniel Stenberg (Nov 9, 1998)
- - Ok, I expanded the tgz-target to update the version string on each occation
- I build a release archive!
- - I reacted on Angus Mackay's initiative and remade the parameter parser to
- be more getopt compliant. Curl now supports "merged" flags as in
- curl -lsv ftp.site.com
- Do note that I had to move three short-names of the options. Parameters
- that needs an additional string such as -x must be stand-alone or the
- last in a merged sequence:
- curl -lsx my-proxy ftp.site.com
- is ok, but using the flags in a different order like '-lxs' would cause
- unexpected results (as the 's' option would be skipped).
- - I've changed the headers in all files that are subject to the MozPL
- license, as they are supposed to look like when conforming.
- - Made the configure script make the config.h. The former config.h is now
- setup.h.
- - The RESOURCES and TODO files have been added to the archive.
-
- Angus Mackay (Nov 5, 1998)
- - Fixed getpass.c and various configure stuff
-
- Daniel Stenberg (Nov 3, 1998)
- - Use -H/--header for custom HTTP-headers. Lets you pass on your own
- specified headers to the remote server. I wouldn't recommend trying to use
- a header with a defined usage according to standards. Use this flag once
- for every custom header you want to add.
- - Use -B/--ftp-ascii to force ftp to use ASCII mode when transfering files.
- - Corrected the 'getlinks.pl' script, I accidentally left my silly proxy
- usage in there! Since the introduction of the .curlrc file, it is easier to
- write scripts that use curl since proxies and stuff should be in the
- .curlrc file anyway.
- - Introducing the new -F flag for HTTP POST. It supports multipart/form-data
- which means it is gonna be possible to upload files etc through HTTP POST.
- Shiraz Kanga asked for the feature and my brother,
- Bj�rn Stenberg helped me design the user
- interface for this beast. This feature requires quite some docs,
- since it has turned out not only quite capable, but also complicated! :-)
- - A note here, since I've received mail about it. SSLeay versions prior to
- 0.8 will *not* work with curl!
- - Wil Langford reported a bug that occurred since curl
- did not properly use CRLF when issuing ftp commands. I fixed it.
- - Rearranged the order config files are read. .curlrc is now *always* read
- first and before the command line flags. -K config files then act as
- additional config items.
- - Use -q AS THE FIRST OPTION specified to prevent .curlrc from being read.
- - You can now disable a proxy by using -x "". Useful if the .curlrc file
- specifies a proxy and you wanna fetch something without going through
- that.
- - I'm thinking of dropping the -p support. Its really not useful since ports
- could (and should?) be specified as :<port> appended on the host name
- instead, both in URLs and to proxy host names.
- - Martin Staael reports curl -L bugs under Windows NT
- (test with URL http://come.to/scsde). This bug is not present in this
- version anymore.
- - Added support for the weird FTP URL type= thing. You can download a file
- using ASCII transfer by appending ";type=A" to the right of it. Other
- available types are type=D for dir-list (NLST) and type=I for binary
- transfer. I can't say I've ever seen anyone use this kind of URL though!
- :-)
- - Troy Engel pointed out a bug in my getenv("HOME")
- usage for win32 systems. I introduce getenv.c to better cope with
- this. Mr Engel helps me with the details around that...
- - A little note to myself and others, I should make the win32-binary built
- with SSL support...
- - Ryan Nelson sent me comments about building curl
- with SSL under FreeBSD. See the Makefile for details. Using the configure
- script, it should work better and automatically now...
- - Cleaned up in the port number mess in the source. No longer stores and uses
- proxy port number separate from normal port number.
- - 'configure' script working. Confirmed compiles on:
- Host SSL Compiler
- SunOS 5.5 no gcc
- SunOS 5.5.1 yes gcc
- SunOS 5.6 no cc (with gcc, it has the "gcc include files" problem)
- SunOS 4.1.3 no gcc (without ANSI C headers)
- SunOS 4.1.2 no gcc (native compiler failed)
- Linux 2.0.18 no gcc
- Linux 2.0.32 yes gcc
- Linux 2.0.35 no gcc (with glibc)
- IRIX 6.2 no gcc (cc compiles generate a few warnings)
- IRIX 6.4 no cc (generated warnings though)
- Win32 no Borland
- OSF4.0 no ?
-
- - Ooops. The 5beta (and 4.10) under win32 failed if the HOME variable wasn't
- set.
- - When using a proxy, curl now guesses and uses the protocol part in cases
- like:
- curl -x proxy:80 www.site.com
- Proxies normally go nuts unless http:// is prepended to the host name, so
- if curl is used like this, it guesses protocol and appends the protocol
- string before passing it to the proxy. It already did this when used
- without proxy.
- - Better port usage with SSL through proxy now. If you specified a different
- https-port when accessing through a proxy, it didn't use that number
- correctly. I also rewrote the code that parses the stuff read from the
- proxy when you wanna connect through it with SSL.
- - Bjorn Reese helped me work around one of the compiler
- warnings on IRIX native cc compiles.
-
-Version 4.10 (Oct 26, 1998)
- Daniel Stenberg
- - John A. Bristor suggested a config file switch,
- and since I've been having that idea kind of in the background for a long
- time I rewrote the parameter parsing function a little and now I introduce
- the -K/--config flag. I also made curl *always* (unless -K is used) try to
- load the .curlrc file for command line parameters. The syntax for the
- config file is the standard command line argument style. Details in 'curl
- -h' or the README.
- - I removed the -k option. Keep-alive isn't really anything anyone would
- want to enable with curl anyway.
- - Martin Staael helped me add the 'irix' target. Now
- "make irix" should build curl successfully on non-gcc SGI machines.
- - Single switches now toggle behaviours. I.e if you use -v -v the second
- will switch off the verbose mode the first one enabled. This is so that
- you can disable a default setting a .curlrc file enables etc.
-
-Version 4.9 (Oct 7, 1998)
- Daniel Stenberg
- - Martin Staael suggested curl would support cookies.
- I added -b/--cookie to enable free-text cookie data to be passed. There's
- also a little blurb about general cookie stuff in the README/help text.
- - dmh <dmh at jet.es> suggested HTTP resume capabilities. Although you could
- manually get curl to resume HTTP documents, I made the -c resume flag work
- for HTTP too (unless -r is used too, which would be very odd anyway).
- - Added checklinks.pl to the archive. It is a still experimental perl script
- that checks all links of a web page by using curl.
- - Rearranged the archive hierarchy a little. Build the executable in the
- src/ dir from now on!
- - Version 4.9 and hereafter, is no longer released under the GPL license.
- I have now updated the LEGAL file etc and now this is released using the
- Mozilla Public License to avoid the plague known as "the GPL virus". You
- must make the source available if you decide to change and/or redistribute
- curl, but if you decide to use curl within something else you do not need
- to offer the world the source to that too.
- - Curl did not like HTTP servers that sent no headers at all on a GET
- request. It is a violation of RFC2068 but appearantly some servers do
- that anyway. Thanks to Gordon Beaton for the report!
- - -L/--location was added after a suggestion from Martin Staael. This makes
- curl ATTEMPT to follow the Location: redirect if one is present in the HTTP
- headers. If -i or -I is used with this flag, you will see headers from all
- sites the Location: points to. Do note that the first server can point to a
- second that points to a third etc. It seems the Location: parameter (said
- to be an AbsoluteURI in RFC2068) isn't always absolute.. :-/ Anyway, I've
- made curl ATTEMPT to do the best it can to deal with the reality.
- - Added getlinks.pl to the archive. getlinks.pl selectively downloads
- files that a web page links to.
-
-Version 4.8.4
- Daniel Stenberg
- - As Julian Romero Nieto reported, curl reported wrong version number.
- - As Teemu Yli-Elsila pointed out, the win32 version of 4.8 (and probably all
- other versions for win32) didn't work with binary files since I'm too used
- to the Unix style fopen() where binary and text don't differ...
- - Ralph Beckmann brought me some changes that lets curl compile error and
- warning free with -Wall -pedantic with g++. I also took the opportunity to
- clean off some unused variables and similar.
- - Ralph Beckmann made me aware of a really odd bug now corrected. When curl
- read a set of headers from a HTTP server, divided into more than one read
- and the first read showed a full line *exactly* (i.e ending with a
- newline), curl did not behave well.
-
-Version 4.8.3
- Daniel Stenberg
- - I was too quick to release 4.8.2 with too little testing. One of the
- changes is now reverted slightly to the 4.8.1 way since 4.8.2 couldn't
- upload files. I still think both problems corrected in 4.8.2 remain
- corrected. Reported by Julian Romero Nieto.
-
-Version 4.8.2
- Daniel Stenberg
- - Bernhard Iselborn reported two FTP protocol errors curl did. They're now
- corrected. Both appeared when getting files from a MS FTP server! :-)
-
-Version 4.8.1
- Daniel Stenberg
- - Added a last update of the progress meter when the transfer is done. The
- final output on the screen didn't have to be the final size transfered
- which made it sometimes look odd.
- - Thanks to David Long I got rid of a silly bug that happened if a HTTP-page
- had nothing but header. Appearantly Solaris deals with negative sizes in
- fwrite() calls a lot better than Linux does... =B-]
-
-Version 4.8 (Aug 31, 1998)
- Daniel Stenberg
- - Continue FTP file transfer. -c is the switch. Note that you need to
- specify a file name if you wanna resume a download (you can't resume a
- download sent to stdout). Resuming upload may be limited by the server
- since curl is then using the non-RFC959 command SIZE to get the size of
- the target file before upload begins (to figure out which offset to
- use). Use -C to specify the offset yourself! -C is handy if you're doing
- the output to something else but a plain file or when you just want to get
- the end of a file.
- - recursiveftpget.pl now features a maximum recursive level argument.
-
-Version 4.7
- Daniel Stenberg
- - Added support to abort a download if the speed is below a certain amount
- (speed-limit) bytes per second for a certain (speed-time) time.
- - Wrote a perl script 'recursiveftpget.pl' to recursively use curl to get a
- whole ftp directory tree. It is meant as an example of how curl can be
- used. I agree it isn't the wisest thing to do to make a separate new
- connection for each file and directory for this.
-
-Version 4.6
- Daniel Stenberg
- - Added a first attempt to optionally parse the .netrc file for login user
- and password. If used with http, it enables user authentication. -n is
- the new switch.
- - Removed the extra newlines on the default user-agent string.
- - Corrected the missing ftp upload error messages when it failed without the
- verbose flag set. Gary W. Swearingen found it.
- - Now using alarm() to enable second-precision timeout even on the name
- resolving/connecting phase. The timeout is although reset after that first
- sequence. (This should be corrected.) Gary W. Swearingen reported.
- - Now spells "Unknown" properly, as in "Unknown option 'z'"... :-)
- - Added bug report email address in the README.
- - Added a "current speed" field to the progress meter. It shows the average
- speed the last 5 seconds. The other speed field shows the average speed of
- the entire transfer so far.
-
-Version 4.5.1
- Linas Vepstas
- - SSL through proxy fix
- - Added -A to allow User-Agent: changes
-
- Daniel Stenberg
- - Made the -A work when SSL-through-proxy.
-
-Version 4.5
- Linas Vepstas
- - More SSL corrections
- - I've added a port to AIX.
- - running SSL through a proxy causes a chunk of code to be executred twice.
- one of those blocks needs to be deleted.
-
- Daniel Stenberg
- - Made -i and -I work again
-
-Version 4.4
- Linas Vepstas
- - -x can now also specify proxyport when used as in 'proxyhost:proxyport'
- - SSL fixes
-
-Version 4.3
- Daniel Stenberg
- - Adjusted to compile under win32 (VisualC++ 5). The -P switch does not
- support network interface names in win32. I couldn't figure out how!
-
-Version 4.2
- Linas Vepstas / Sampo Kellomaki
- - Added SSL / SSLeay support (https://)
- - Added the -T usage for HTTP POST.
-
- Daniel Stenberg
- - Bugfixed the SSL implementation.
- - Made -P a lot better to use other IP addresses. It now accepts a following
- parameter that can be either
- interface - i.e "eth0" to specify which interface's IP address you
- want to use
- IP address - i.e "192.168.10.1" to specify exact IP number
- host name - i.e "my.host.domain" to specify machine
- "-" - (any single-letter string) to make it pick the machine's
- default
- - The Makefile is now ready to compile for solaris, sunos4 and linux right
- out of the box.
- - Better generated version string seen with 'curl -V'
-
-Version 4.1
- Daniel Stenberg
- - The IP number returned by the ftp server as a reply to PASV does no longer
- have to DNS resolve. In fact, no IP-number-only addresses have to anymore.
- - Binds better to available port when -P is used.
- - Now LISTs ./ instead of / when used as in ftp://ftp.funet.fi/. The reason
- for this is that exactly that site, ftp.funet.fi, does not allow LIST /
- while LIST ./ is fine. Any objections?
-
-Version 4 (1998-03-20)
- Daniel Stenberg
- - I took another huge step and changed both version number and project name!
- The reason for the new name is that there are just one too many programs
- named urlget already and this program already can a lot more than merely
- getting URLs, and the reason for the version number is that I did add the
- pretty big change in -P and since I changed name I wanted to start with
- something fresh!
- - The --style flags are working better now.
- - Listing directories with FTP often reported that the file transfer was
- incomplete. Wrong assumptions were too common for directories, why no
- size will be attempted to get compared on them from now on.
- - Implemented the -P flag that let's the ftp control issue a PORT command
- instead of the standard PASV.
- - -a for appending FTP uploads works.
-
-***************************************************************************
-
-Version 3.12 (14 March 1998)
- Daniel Stenberg
- - End-of-header tracking still lacked support for \r\n or just \n at the
- end of the last header line.
- Sergio Barresi
- - Added PROXY authentication.
- Rafael Sagula
- - Fixed some little bugs.
-
-Version 3.11
- Daniel Stenberg
- - The header parsing was still not correct since the 3.2 modification...
-
-Version 3.10
- Daniel Stenberg
- - 3.7 and 3.9 were simultaneously developed and merged into this version.
- - FTP upload did not work correctly since 3.2.
-
-Version 3.9
- Rafael Sagula
- - Added the "-e <url> / --referer <url>" option where we can specify
- the referer page. Obviously, this is necessary only to fool the
- server, but...
-
-Version 3.7
- Daniel Stenberg
- - Now checks the last error code sent from the ftp server after a file has
- been received or uploaded. Wasn't done previously.
- - When 'urlget <host>' is used without a 'protocol://' first in the host part,
- it now checks for host names starting with ftp or gopher and if it does,
- it uses that protocol by default instead of http.
-
-Version 3.6
- Daniel Stenberg
- - Silly mistake made the POST bug. This has now also been tested to work with
- proxy.
-
-Version 3.5
- Daniel Stenberg
- - Highly inspired by Rafael Sagula's changes to the 3.1 that added an almost
- functional POST, I applied his changes into this version and made them work.
- (It seems POST requires the Content-Type and Content-Length headers.) It is
- now usable with the -d switch.
-
-Version 3.3 - 3.4
- Passed to avoid confusions
-
-Version 3.2
- Daniel Stenberg
- - Major rewrite of two crucial parts of this code: upload and download.
- They are both now using a select() switch, that allows much better
- progress meter and time control.
- - alarm() usage removed completely
- - FTP get can now list directory contents if the path ends with a slash '/'.
- Urlget on a ftp-path that doesn't end with a slash means urlget will
- attempt getting it as a file name.
- - FTP directory view supports -l for "list-only" which lists the file names
- only.
- - All operations support -m for max time usage in seconds allowed.
- - FTP upload now allows the size of the uploaded file to be provided, and
- thus it can better check it actually uploaded the whole file. It also
- makes the progress meter for uploads much better!
- - Made the parameter parsing fail in cases like 'urlget -r 900' which
- previously tried to connect to the host named '900'.
-
-Version 3.1
- Kjell Ericson
- - Pointed out how to correct the 3 warnings in win32-compiles.
-
- Daniel Stenberg
- - Removed all calls to exit().
- - Made the short help text get written to stdout instead of stderr.
- - Made this file instead of keeping these comments in the source.
- - Made two callback hooks, that enable external programs to use urlget()
- easier and to grab the output/offer the input easier.
- - It is evident that Win32-compiles are painful. I watched the output from
- the Borland C++ v5 and it was awful. Just ignore all those warnings.
-
-Version 3.0
- Daniel Stenberg
- - Added FTP upload capabilities. The name urlget gets a bit silly now
- when we can put too... =)
- - Restructured the source quite a lot.
- Changed the urlget() interface. This way, we will survive changes much
- better. New features can come and old can be removed without us needing
- to change the interface. I've written a small explanation in urlget.h
- that explains it.
- - New flags include -t, -T, -O and -h. The -h text is generated by the new
- mkhelp script.
-
-Version 2.9
- Remco van Hooff
- - Added a fix to make it compile smoothly on Amiga using the SAS/C
- compiler.
-
- Daniel Stenberg
- - Believe it or not, but the STUPID Novell web server seems to require
- that the Host: keyword is used, so well I use it and I (re-introduce) the
- urlget User-Agent:. I still have to check that this Host: usage works with
- proxies... 'Host:' is required for HTTP/1.1 GET according to RFC2068.
-
-Version 2.8
- Rafael Sagula
- - some little modifications
-
-Version 2.7
- Daniel Stenberg
- - Removed the -l option and introduced the -f option instead. Now I'll
- rewrite the former -l kludge in an external script that'll use urlget to
- fetch multipart files like that.
- - '-f' is introduced, it means Fail without output in case of HTTP server
- errors (return code >=400).
- - Added support for -r, ranges. Specify which part of a document you
- want, and only that part is returned. Only with HTTP/1.1-servers.
- - Split up the source in 3 parts. Now all pure URL functions are in
- urlget.c and stuff that deals with the stand-alone program is in main.c.
- - I took a few minutes and wrote an embryo of a README file to explain
- a few things.
-
-Version 2.6
- Daniel Stenberg
- - Made the -l (loop) thing use the new CONF_FAILONERROR which makes
- urlget() return error code if non-successful. It also won't output anything
- then. Now finally removed the HTTP 1.0 and error 404 dependencies.
- - Added -I which uses the HEAD request to get the header only from a
- http-server.
-
-Version 2.5
- Rafael Sagula
- - Made the progress meter use HHH:MM:SS instead of only seconds.
-
-Version 2.4
- Daniel Stenberg
- - Added progress meter. It appears when downloading > BUFFER SIZE and
- mute is not selected. I found out that when downloading large files from
- really really slow sites, it is desirable to know the status of the
- download. Do note that some downloads are done unawaring of the size, which
- makes the progress meter less thrilling ;) If the output is sent to a tty,
- the progress meter is shut off.
- - Increased buffer size used for reading.
- - Added length checks in the user+passwd parsing.
- - Made it grok user+passwd for HTTP fetches. The trick is to base64
- encode the user+passwd and send an extra header line. Read chapter 11.1 in
- RFC2068 for details. I added it to be used just like the ftp one. To get a
- http document from a place that requires user and password, use an URL
- like:
-
- http://user:address@hidden/doc.html
-
- I also added the -u flag, since WHEN USING A PROXY YOU CAN'T SPECIFY THE
- USER AND PASSWORD WITH HTTP LIKE THAT. The -u flag works for ftp too, but
- not if used with proxy. To do the same as the above one, you can invoke:
-
- urlget -u user:passwd http://www.site.to.leach/doc.html
-
-Version 2.3
- Rafael Sagula
- - Added "-o" option (output file)
- - Added URG_HTTP_NOT_FOUND return code.
- (Daniel's note:)
- Perhaps we should detect all kinds of errors and instead of writing that
- custom string for the particular 404-error, use the error text we actually
- get from the server. See further details in RFC2068 (HTTP 1.1
- definition). The current way also relies on a HTTP/1.0 reply, which newer
- servers might not do.
- - Looping mode ("-l" option). It's easier to get various split files.
- (Daniel's note:)
- Use it like 'urlget -l 1 http://from.this.site/file%d.html', which will
- make urlget to attempt to fetch all files named file1.html, file2.html etc
- until no more files are found. This is only a modification of the
- STAND_ALONE part, nothing in the urlget() function was modfified for this.
- Daniel Stenberg
- - Changed the -h to be -i instead. -h should be preserved to help use.
- - Bjorn Reese indicated that Borland _might_ use '_WIN32' instead of the
- VC++ WIN32 define and therefore I added a little fix for that.
-
-Version 2.2
- Johan Andersson
- - The urlget function didn't set the path to url when using proxy.
- - Fixed bug with IMC proxy. Now using (almost) complete GET command.
-
- Daniel Stenberg
- - Made it compile on Solaris. Had to reorganize the includes a bit.
- (so Win32, Linux, SunOS 4 and Solaris 2 compile fine.)
- - Made Johan's keepalive keyword optional with the -k flag (since it
- makes a lot of urlgets take a lot longer time).
- - Made a '-h' switch in case you want the HTTP-header in the output.
-
-Version 2.1
- Daniel Stenberg and Kjell Ericson
- - Win32-compilable
- - No more global variables
- - Mute option (no output at all to stderr)
- - Full range of return codes from urlget(), which is now written to be a
- function for easy-to-use in [other] programs.
- - Define STAND_ALONE to compile the stand alone urlget program
- - Now compiles with gcc options -ansi -Wall -pedantic ;)
-
-Version 2.0
- - Introducing ftp GET support. The FTP URL type is recognized and used.
- - Renamed the project to 'urlget'.
- - Supports the user+passwd in the FTP URL (otherwise it tries anonymous
- login with a weird email address as password).
-
-Version 1.5
- Daniel Stenberg
- - The skip_header() crap messed it up big-time. By simply removing that
- one we can all of a sudden download anything ;)
- - No longer requires a trailing slash on the URLs.
- - If the given URL isn't prefixed with 'http://', HTTP is assumed and
- given a try!
- - 'void main()' is history.
-
-Version 1.4
- Daniel Stenberg
- - The gopher source used the ppath variable instead of path which could
- lead to disaster.
-
-Version 1.3
- Daniel Stenberg
- - Well, I added a lame text about the time it took to get the data. I also
- fought against Johan to prevent his -f option (to specify a file name
- that should be written instead of stdout)! =)
- - Made it write 'connection refused' for that particular connect()
- problem.
- - Renumbered the version. Let's not make silly 1.0.X versions, this is
- a plain 1.3 instead.
-
-Version 1.2
- Johan Andersson
- - Discovered and fixed the problem with getting binary files. puts() is
- now replaced with fwrite(). (Daniel's note: this also fixed the buffer
- overwrite problem I found in the previous version.)
-
- Rafael Sagula
- - Let "-p" before "-x".
-
- Daniel Stenberg
- - Bugfixed the proxy usage. It should *NOT* use nor strip the port number
- from the URL but simply pass that information to the proxy. This also
- made the user/password fields possible to use in proxy [ftp-] URLs.
- (like in ftp://user:address@hidden:8021/README)
-
- Johan Andersson
- - Implemented HTTP proxy support.
- - Receive byte counter added.
-
- Bjorn Reese
- - Implemented URLs (and skipped the old syntax).
- - Output is written to stdout, so to achieve the above example, do:
- httpget http://143.54.10.6/info_logo.gif > test.gif
-
-Version 1.1
- Daniel Stenberg
- - Adjusted it slightly to accept named hosts on the command line. We
- wouldn't wanna use IP numbers for the rest of our lifes, would we?
-
-Version 1.0
- Rafael Sagula
- - Wrote the initial httpget, which started all this!
diff --git a/CMake/CurlTests.c b/CMake/CurlTests.c
index ceff39151..bc36c8ef7 100644
--- a/CMake/CurlTests.c
+++ b/CMake/CurlTests.c
@@ -533,3 +533,19 @@ main () {
return 0;
}
#endif
+#ifdef HAVE_FSETXATTR_6
+#include <sys/xattr.h> /* header from libc, not from libattr */
+int
+main() {
+ fsetxattr(0, 0, 0, 0, 0, 0);
+ return 0;
+}
+#endif
+#ifdef HAVE_FSETXATTR_5
+#include <sys/xattr.h> /* header from libc, not from libattr */
+int
+main() {
+ fsetxattr(0, 0, 0, 0, 0);
+ return 0;
+}
+#endif
diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake
index dfaeaf307..60dcb73c9 100644
--- a/CMake/FindGSS.cmake
+++ b/CMake/FindGSS.cmake
@@ -12,7 +12,7 @@
# GSS_LINKER_FLAGS - Additional linker flags
# GSS_COMPILER_FLAGS - Additional compiler flags
# GSS_VERSION - This is set to version advertised by pkg-config or read from
manifest.
-# In case the library is found but no version info availabe
it'll be set to "unknown"
+# In case the library is found but no version info available
it'll be set to "unknown"
set(_MIT_MODNAME mit-krb5-gssapi)
set(_HEIMDAL_MODNAME heimdal-gssapi)
diff --git a/CMake/FindMbedTLS.cmake b/CMake/FindMbedTLS.cmake
new file mode 100644
index 000000000..a91639589
--- /dev/null
+++ b/CMake/FindMbedTLS.cmake
@@ -0,0 +1,13 @@
+find_path(MBEDTLS_INCLUDE_DIRS mbedtls/ssl.h)
+
+find_library(MBEDTLS_LIBRARY mbedtls)
+find_library(MBEDX509_LIBRARY mbedx509)
+find_library(MBEDCRYPTO_LIBRARY mbedcrypto)
+
+set(MBEDTLS_LIBRARIES "${MBEDTLS_LIBRARY}" "${MBEDX509_LIBRARY}"
"${MBEDCRYPTO_LIBRARY}")
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(MBEDTLS DEFAULT_MSG
+ MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARY MBEDX509_LIBRARY MBEDCRYPTO_LIBRARY)
+
+mark_as_advanced(MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARY MBEDX509_LIBRARY
MBEDCRYPTO_LIBRARY)
diff --git a/CMake/FindNGHTTP2.cmake b/CMake/FindNGHTTP2.cmake
new file mode 100644
index 000000000..4e566cf02
--- /dev/null
+++ b/CMake/FindNGHTTP2.cmake
@@ -0,0 +1,18 @@
+include(FindPackageHandleStandardArgs)
+
+find_path(NGHTTP2_INCLUDE_DIR "nghttp2/nghttp2.h")
+
+find_library(NGHTTP2_LIBRARY NAMES nghttp2)
+
+find_package_handle_standard_args(NGHTTP2
+ FOUND_VAR
+ NGHTTP2_FOUND
+ REQUIRED_VARS
+ NGHTTP2_LIBRARY
+ NGHTTP2_INCLUDE_DIR
+ FAIL_MESSAGE
+ "Could NOT find NGHTTP2"
+)
+
+set(NGHTTP2_INCLUDE_DIRS ${NGHTTP2_INCLUDE_DIR} )
+set(NGHTTP2_LIBRARIES ${NGHTTP2_LIBRARY})
diff --git a/CMake/OtherTests.cmake b/CMake/OtherTests.cmake
index d59949871..989f04eb2 100644
--- a/CMake/OtherTests.cmake
+++ b/CMake/OtherTests.cmake
@@ -32,9 +32,9 @@ int main(void) {
if(curl_cv_recv)
if(NOT DEFINED curl_cv_func_recv_args OR "${curl_cv_func_recv_args}"
STREQUAL "unknown")
foreach(recv_retv "int" "ssize_t" )
- foreach(recv_arg1 "int" "ssize_t" "SOCKET")
- foreach(recv_arg2 "void *" "char *")
- foreach(recv_arg3 "size_t" "int" "socklen_t" "unsigned int")
+ foreach(recv_arg1 "SOCKET" "int" )
+ foreach(recv_arg2 "char *" "void *" )
+ foreach(recv_arg3 "int" "size_t" "socklen_t" "unsigned int")
foreach(recv_arg4 "int" "unsigned int")
if(NOT curl_cv_func_recv_done)
unset(curl_cv_func_recv_test CACHE)
@@ -96,9 +96,9 @@ int main(void) {
if(curl_cv_send)
if(NOT DEFINED curl_cv_func_send_args OR "${curl_cv_func_send_args}"
STREQUAL "unknown")
foreach(send_retv "int" "ssize_t" )
- foreach(send_arg1 "int" "ssize_t" "SOCKET")
- foreach(send_arg2 "const void *" "void *" "char *" "const char *")
- foreach(send_arg3 "size_t" "int" "socklen_t" "unsigned int")
+ foreach(send_arg1 "SOCKET" "int" "ssize_t" )
+ foreach(send_arg2 "const char *" "const void *" "void *" "char *")
+ foreach(send_arg3 "int" "size_t" "socklen_t" "unsigned int")
foreach(send_arg4 "int" "unsigned int")
if(NOT curl_cv_func_send_done)
unset(curl_cv_func_send_test CACHE)
@@ -179,17 +179,20 @@ int main(void) {
include(CheckCSourceRuns)
-set(CMAKE_REQUIRED_FLAGS)
-if(HAVE_SYS_POLL_H)
- set(CMAKE_REQUIRED_FLAGS "-DHAVE_SYS_POLL_H")
-endif(HAVE_SYS_POLL_H)
-check_c_source_runs("
- #ifdef HAVE_SYS_POLL_H
- # include <sys/poll.h>
- #endif
- int main(void) {
- return poll((void *)0, 0, 10 /*ms*/);
- }" HAVE_POLL_FINE)
+# See HAVE_POLL in CMakeLists.txt for why poll is disabled on macOS
+if(NOT APPLE)
+ set(CMAKE_REQUIRED_FLAGS)
+ if(HAVE_SYS_POLL_H)
+ set(CMAKE_REQUIRED_FLAGS "-DHAVE_SYS_POLL_H")
+ endif(HAVE_SYS_POLL_H)
+ check_c_source_runs("
+ #ifdef HAVE_SYS_POLL_H
+ # include <sys/poll.h>
+ #endif
+ int main(void) {
+ return poll((void *)0, 0, 10 /*ms*/);
+ }" HAVE_POLL_FINE)
+endif()
set(HAVE_SIG_ATOMIC_T 1)
set(CMAKE_REQUIRED_FLAGS)
diff --git a/CMake/Utilities.cmake b/CMake/Utilities.cmake
index 37cdfe3bf..8b6276df6 100644
--- a/CMake/Utilities.cmake
+++ b/CMake/Utilities.cmake
@@ -29,3 +29,16 @@ function(IN_STR_LIST LIST_NAME ITEM_SEARCHED RETVAL)
set(${RETVAL} TRUE PARENT_SCOPE)
endif()
endfunction()
+
+# Returns a list of arguments that evaluate to true
+function(collect_true output_var output_count_var)
+ set(${output_var})
+ foreach(option_var IN LISTS ARGN)
+ if(${option_var})
+ list(APPEND ${output_var} ${option_var})
+ endif()
+ endforeach()
+ set(${output_var} ${${output_var}} PARENT_SCOPE)
+ list(LENGTH ${output_var} ${output_count_var})
+ set(${output_count_var} ${${output_count_var}} PARENT_SCOPE)
+endfunction()
diff --git a/CMake/cmake_uninstall.cmake.in b/CMake/cmake_uninstall.cmake.in
new file mode 100644
index 000000000..d00a51665
--- /dev/null
+++ b/CMake/cmake_uninstall.cmake.in
@@ -0,0 +1,26 @@
+if(NOT EXISTS "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt")
+ message(FATAL_ERROR "Cannot find install manifest:
@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt")
+endif(NOT EXISTS "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt")
+
+if (NOT DEFINED CMAKE_INSTALL_PREFIX)
+ set (CMAKE_INSTALL_PREFIX "@CMAKE_INSTALL_PREFIX@")
+endif ()
+ message(${CMAKE_INSTALL_PREFIX})
+
+file(READ "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt" files)
+string(REGEX REPLACE "\n" ";" files "${files}")
+foreach(file ${files})
+ message(STATUS "Uninstalling $ENV{DESTDIR}${file}")
+ if(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}")
+ exec_program(
+ "@CMAKE_COMMAND@" ARGS "-E remove \"$ENV{DESTDIR}${file}\""
+ OUTPUT_VARIABLE rm_out
+ RETURN_VALUE rm_retval
+ )
+ if(NOT "${rm_retval}" STREQUAL 0)
+ message(FATAL_ERROR "Problem when removing $ENV{DESTDIR}${file}")
+ endif(NOT "${rm_retval}" STREQUAL 0)
+ else(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}")
+ message(STATUS "File $ENV{DESTDIR}${file} does not exist.")
+ endif(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}")
+endforeach(file)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index a0f42133e..be3fb4b3c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -19,7 +19,7 @@
# KIND, either express or implied.
#
###########################################################################
-# cURL/libcurl CMake script
+# curl/libcurl CMake script
# by Tetetest and Sukender (Benoit Neil)
# TODO:
@@ -48,7 +48,7 @@ project( CURL C )
message(WARNING "the curl cmake build system is poorly maintained. Be aware")
-file (READ ${CURL_SOURCE_DIR}/include/curl/curlver.h CURL_VERSION_H_CONTENTS)
+file (READ ${CURL_SOURCE_DIR}/include/gnurl/curlver.h CURL_VERSION_H_CONTENTS)
string (REGEX MATCH "#define LIBCURL_VERSION \"[^\"]*"
CURL_VERSION ${CURL_VERSION_H_CONTENTS})
string (REGEX REPLACE "[^\"]+\"" "" CURL_VERSION ${CURL_VERSION})
@@ -69,20 +69,22 @@ message(STATUS "curl version=[${CURL_VERSION}]")
set(OPERATING_SYSTEM "${CMAKE_SYSTEM_NAME}")
set(OS "\"${CMAKE_SYSTEM_NAME}\"")
-include_directories(${PROJECT_BINARY_DIR}/include/curl)
+include_directories(${PROJECT_BINARY_DIR}/include/gnurl)
include_directories( ${CURL_SOURCE_DIR}/include )
-option(BUILD_CURL_EXE "Set to ON to build cURL executable." ON)
+option(CURL_WERROR "Turn compiler warnings into errors" OFF)
+option(BUILD_CURL_EXE "Set to ON to build curl executable." ON)
option(CURL_STATICLIB "Set to ON to build libcurl with static linking." OFF)
option(ENABLE_ARES "Set to ON to enable c-ares support" OFF)
if(WIN32)
- CMAKE_DEPENDENT_OPTION(ENABLE_THREADED_RESOLVER
- "Set to ON to enable threaded DNS lookup"
- ON "NOT ENABLE_ARES"
- OFF)
-else()
- option(ENABLE_THREADED_RESOLVER "Set to ON to enable POSIX threaded DNS
lookup" OFF)
+ option(CURL_STATIC_CRT "Set to ON to build libcurl with static CRT on
Windows (/MT)." OFF)
+ option(ENABLE_INET_PTON "Set to OFF to prevent usage of inet_pton when
building against modern SDKs while still requiring compatibility with older
Windows versions, such as Windows XP, Windows Server 2003 etc." ON)
endif()
+
+CMAKE_DEPENDENT_OPTION(ENABLE_THREADED_RESOLVER "Set to ON to enable threaded
DNS lookup"
+ ON "NOT ENABLE_ARES"
+ OFF)
+
option(ENABLE_DEBUG "Set to ON to enable curl debug features" OFF)
option(ENABLE_CURLDEBUG "Set to ON to build with TrackMemory feature enabled"
OFF)
@@ -100,13 +102,12 @@ if (ENABLE_CURLDEBUG)
set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS CURLDEBUG)
endif()
+# For debug libs and exes, add "-d" postfix
+set(CMAKE_DEBUG_POSTFIX "-d" CACHE STRING "Set debug library postfix")
+
# initialize CURL_LIBS
set(CURL_LIBS "")
-if(ENABLE_THREADED_RESOLVER AND ENABLE_ARES)
- message(FATAL_ERROR "Options ENABLE_THREADED_RESOLVER and ENABLE_ARES are
mutually exclusive")
-endif()
-
if(ENABLE_ARES)
set(USE_ARES 1)
find_package(CARES REQUIRED)
@@ -114,11 +115,6 @@ if(ENABLE_ARES)
set(CURL_LIBS ${CURL_LIBS} ${CARES_LIBRARY})
endif()
-if(MSVC)
- option(BUILD_RELEASE_DEBUG_DIRS "Set OFF to build each configuration to a
separate directory" OFF)
- mark_as_advanced(BUILD_RELEASE_DEBUG_DIRS)
-endif()
-
include(CurlSymbolHiding)
option(HTTP_ONLY "disables all protocols except HTTP (This overrides all
CURL_DISABLE_* options)" OFF)
@@ -224,16 +220,33 @@ if(ENABLE_MANUAL)
message(WARNING "Found no *nroff program")
endif()
endif()
+# Required for building manual, docs, tests
+find_package(Perl REQUIRED)
# We need ansi c-flags, especially on HP
set(CMAKE_C_FLAGS "${CMAKE_ANSI_CFLAGS} ${CMAKE_C_FLAGS}")
set(CMAKE_REQUIRED_FLAGS ${CMAKE_ANSI_CFLAGS})
+if(CURL_STATIC_CRT)
+ set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} /MT")
+ set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} /MTd")
+endif()
+
# Disable warnings on Borland to avoid changing 3rd party code.
if(BORLAND)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -w-")
endif(BORLAND)
+if(CURL_WERROR)
+ if(MSVC_VERSION)
+ set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} /WX")
+ set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} /WX")
+ else()
+ # this assumes clang or gcc style options
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror")
+ endif()
+endif(CURL_WERROR)
+
# If we are on AIX, do the _ALL_SOURCE magic
if(${CMAKE_SYSTEM_NAME} MATCHES AIX)
set(_ALL_SOURCE 1)
@@ -251,24 +264,19 @@ include (CMakeDependentOption)
# On windows preload settings
if(WIN32)
- set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS}
-D_WINSOCKAPI_")
+ set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS}
-D_WINSOCKAPI_=")
include(${CMAKE_CURRENT_SOURCE_DIR}/CMake/Platforms/WindowsCache.cmake)
endif(WIN32)
if(ENABLE_THREADED_RESOLVER)
+ find_package(Threads REQUIRED)
if(WIN32)
set(USE_THREADS_WIN32 ON)
else()
- check_include_file_concat("pthread.h" HAVE_PTHREAD_H)
- if(HAVE_PTHREAD_H)
- set(CMAKE_THREAD_PREFER_PTHREAD 1)
- find_package(Threads)
- if(CMAKE_USE_PTHREADS_INIT)
- set(CURL_LIBS ${CURL_LIBS} ${CMAKE_THREAD_LIBS_INIT})
- set(USE_THREADS_POSIX 1)
- endif()
- endif()
+ set(USE_THREADS_POSIX ${CMAKE_USE_PTHREADS_INIT})
+ set(HAVE_PTHREAD_H ${CMAKE_USE_PTHREADS_INIT})
endif()
+ set(CURL_LIBS ${CURL_LIBS} ${CMAKE_THREAD_LIBS_INIT})
endif()
# Check for all needed libraries
@@ -289,47 +297,103 @@ endif(NOT NOT_NEED_LIBNSL)
check_function_exists(gethostname HAVE_GETHOSTNAME)
-set(OPENSSL_DEFAULT ON)
if(WIN32)
- set(OPENSSL_DEFAULT OFF)
check_library_exists_concat("ws2_32" getch HAVE_LIBWS2_32)
check_library_exists_concat("winmm" getch HAVE_LIBWINMM)
endif()
-option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ${OPENSSL_DEFAULT})
-mark_as_advanced(CMAKE_USE_OPENSSL)
+# check SSL libraries
+# TODO support GNUTLS, NSS, POLARSSL, AXTLS, CYASSL
+if(APPLE)
+ option(CMAKE_USE_DARWINSSL "enable Apple OS native SSL/TLS" OFF)
+endif()
if(WIN32)
- CMAKE_DEPENDENT_OPTION(CURL_WINDOWS_SSPI "Use windows libraries to allow
NTLM authentication without openssl" ON
- "NOT CMAKE_USE_OPENSSL" OFF)
- mark_as_advanced(CURL_WINDOWS_SSPI)
+ option(CMAKE_USE_WINSSL "enable Windows native SSL/TLS" OFF)
+ cmake_dependent_option(CURL_WINDOWS_SSPI "Use windows libraries to allow
NTLM authentication without openssl" ON
+ CMAKE_USE_WINSSL OFF)
+endif()
+option(CMAKE_USE_MBEDTLS "Enable mbedTLS for SSL/TLS" OFF)
+
+set(openssl_default ON)
+if(WIN32 OR CMAKE_USE_DARWINSSL OR CMAKE_USE_WINSSL OR CMAKE_USE_MBEDTLS)
+ set(openssl_default OFF)
+endif()
+option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ${openssl_default})
+
+collect_true(enabled_ssl_options enabled_ssl_options_count
+ CMAKE_USE_WINSSL
+ CMAKE_USE_DARWINSSL
+ CMAKE_USE_OPENSSL
+ CMAKE_USE_MBEDTLS
+)
+if(enabled_ssl_options_count GREATER 1)
+ message(FATAL_ERROR "Multiple SSL options specified: ${enabled_ssl_options}.
Please pick at most one and disable the rest.")
endif()
-set(USE_OPENSSL OFF)
-set(HAVE_LIBCRYPTO OFF)
-set(HAVE_LIBSSL OFF)
+if(CMAKE_USE_WINSSL)
+ set(SSL_ENABLED ON)
+ set(USE_SCHANNEL ON) # Windows native SSL/TLS support
+ set(USE_WINDOWS_SSPI ON) # CMAKE_USE_WINSSL implies CURL_WINDOWS_SSPI
+ list(APPEND CURL_LIBS "crypt32")
+endif()
+if(CURL_WINDOWS_SSPI)
+ set(USE_WINDOWS_SSPI ON)
+ set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS}
-DSECURITY_WIN32")
+endif()
-if(CMAKE_USE_OPENSSL)
- find_package(OpenSSL)
- if(OPENSSL_FOUND)
- list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})
- set(USE_OPENSSL ON)
- set(HAVE_LIBCRYPTO ON)
- set(HAVE_LIBSSL ON)
- include_directories(${OPENSSL_INCLUDE_DIR})
- set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
- check_include_file("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
- check_include_file("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
- check_include_file("openssl/err.h" HAVE_OPENSSL_ERR_H)
- check_include_file("openssl/pem.h" HAVE_OPENSSL_PEM_H)
- check_include_file("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
- check_include_file("openssl/rsa.h" HAVE_OPENSSL_RSA_H)
- check_include_file("openssl/ssl.h" HAVE_OPENSSL_SSL_H)
- check_include_file("openssl/x509.h" HAVE_OPENSSL_X509_H)
- check_include_file("openssl/rand.h" HAVE_OPENSSL_RAND_H)
- elseif(WIN32)
- set(CURL_WINDOWS_SSPI ON)
+if(CMAKE_USE_DARWINSSL)
+ find_library(COREFOUNDATION_FRAMEWORK "CoreFoundation")
+ if(NOT COREFOUNDATION_FRAMEWORK)
+ message(FATAL_ERROR "CoreFoundation framework not found")
endif()
+
+ find_library(SECURITY_FRAMEWORK "Security")
+ if(NOT SECURITY_FRAMEWORK)
+ message(FATAL_ERROR "Security framework not found")
+ endif()
+
+ set(SSL_ENABLED ON)
+ set(USE_DARWINSSL ON)
+ list(APPEND CURL_LIBS "${COREFOUNDATION_FRAMEWORK}" "${SECURITY_FRAMEWORK}")
+endif()
+
+if(CMAKE_USE_OPENSSL)
+ find_package(OpenSSL REQUIRED)
+ set(SSL_ENABLED ON)
+ set(USE_OPENSSL ON)
+ set(HAVE_LIBCRYPTO ON)
+ set(HAVE_LIBSSL ON)
+ list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})
+ include_directories(${OPENSSL_INCLUDE_DIR})
+ set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
+ check_include_file("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
+ check_include_file("openssl/engine.h" HAVE_OPENSSL_ENGINE_H)
+ check_include_file("openssl/err.h" HAVE_OPENSSL_ERR_H)
+ check_include_file("openssl/pem.h" HAVE_OPENSSL_PEM_H)
+ check_include_file("openssl/pkcs12.h" HAVE_OPENSSL_PKCS12_H)
+ check_include_file("openssl/rsa.h" HAVE_OPENSSL_RSA_H)
+ check_include_file("openssl/ssl.h" HAVE_OPENSSL_SSL_H)
+ check_include_file("openssl/x509.h" HAVE_OPENSSL_X509_H)
+ check_include_file("openssl/rand.h" HAVE_OPENSSL_RAND_H)
+ check_symbol_exists(RAND_status "${CURL_INCLUDES}" HAVE_RAND_STATUS)
+ check_symbol_exists(RAND_screen "${CURL_INCLUDES}" HAVE_RAND_SCREEN)
+ check_symbol_exists(RAND_egd "${CURL_INCLUDES}" HAVE_RAND_EGD)
+endif()
+
+if(CMAKE_USE_MBEDTLS)
+ find_package(MbedTLS REQUIRED)
+ set(SSL_ENABLED ON)
+ set(USE_MBEDTLS ON)
+ list(APPEND CURL_LIBS ${MBEDTLS_LIBRARIES})
+ include_directories(${MBEDTLS_INCLUDE_DIRS})
+endif()
+
+option(USE_NGHTTP2 "Use Nghttp2 library" OFF)
+if(USE_NGHTTP2)
+ find_package(NGHTTP2 REQUIRED)
+ include_directories(${NGHTTP2_INCLUDE_DIRS})
+ list(APPEND CURL_LIBS ${NGHTTP2_LIBRARIES})
endif()
if(NOT CURL_DISABLE_LDAP)
@@ -442,12 +506,12 @@ if(NOT CURL_DISABLE_LDAPS)
endif()
# Check for idn
-check_library_exists_concat("idn" idna_to_ascii_lz HAVE_LIBIDN)
+check_library_exists_concat("idn2" idn2_lookup_ul HAVE_LIBIDN2)
# Check for symbol dlopen (same as HAVE_LIBDL)
check_library_exists("${CURL_LIBS}" dlopen "" HAVE_DLOPEN)
-option(CURL_ZLIB "Set to ON to enable building cURL with zlib support." ON)
+option(CURL_ZLIB "Set to ON to enable building curl with zlib support." ON)
set(HAVE_LIBZ OFF)
set(HAVE_ZLIB_H OFF)
set(HAVE_ZLIB OFF)
@@ -565,24 +629,86 @@ else()
endif()
+#
+# CA handling
+#
+set(CURL_CA_BUNDLE "auto" CACHE STRING
+ "Path to the CA bundle. Set 'none' to disable or 'auto' for
auto-detection. Defaults to 'auto'.")
+set(CURL_CA_FALLBACK OFF CACHE BOOL
+ "Set ON to use built-in CA store of TLS backend. Defaults to OFF")
+set(CURL_CA_PATH "auto" CACHE STRING
+ "Location of default CA path. Set 'none' to disable or 'auto' for
auto-detection. Defaults to 'auto'.")
+
+if("${CURL_CA_BUNDLE}" STREQUAL "")
+ message(FATAL_ERROR "Invalid value of CURL_CA_BUNDLE. Use 'none', 'auto'
or file path.")
+elseif("${CURL_CA_BUNDLE}" STREQUAL "none")
+ unset(CURL_CA_BUNDLE CACHE)
+elseif("${CURL_CA_BUNDLE}" STREQUAL "auto")
+ unset(CURL_CA_BUNDLE CACHE)
+ set(CURL_CA_BUNDLE_AUTODETECT TRUE)
+else()
+ set(CURL_CA_BUNDLE_SET TRUE)
+endif()
+
+if("${CURL_CA_PATH}" STREQUAL "")
+ message(FATAL_ERROR "Invalid value of CURL_CA_PATH. Use 'none', 'auto' or
directory path.")
+elseif("${CURL_CA_PATH}" STREQUAL "none")
+ unset(CURL_CA_PATH CACHE)
+elseif("${CURL_CA_PATH}" STREQUAL "auto")
+ unset(CURL_CA_PATH CACHE)
+ set(CURL_CA_PATH_AUTODETECT TRUE)
+else()
+ set(CURL_CA_PATH_SET TRUE)
+endif()
+
+if(CURL_CA_BUNDLE_SET AND CURL_CA_PATH_AUTODETECT)
+ # Skip autodetection of unset CA path because CA bundle is set explicitly
+elseif(CURL_CA_PATH_SET AND CURL_CA_BUNDLE_AUTODETECT)
+ # Skip autodetection of unset CA bundle because CA path is set explicitly
+elseif(CURL_CA_PATH_AUTODETECT OR CURL_CA_BUNDLE_AUTODETECT)
+ # first try autodetecting a CA bundle, then a CA path
+
+ if(CURL_CA_BUNDLE_AUTODETECT)
+ set(SEARCH_CA_BUNDLE_PATHS
+ /etc/ssl/certs/ca-certificates.crt
+ /etc/pki/tls/certs/ca-bundle.crt
+ /usr/share/ssl/certs/ca-bundle.crt
+ /usr/local/share/certs/ca-root-nss.crt
+ /etc/ssl/cert.pem)
+
+ foreach(SEARCH_CA_BUNDLE_PATH ${SEARCH_CA_BUNDLE_PATHS})
+ if(EXISTS "${SEARCH_CA_BUNDLE_PATH}")
+ message(STATUS "Found CA bundle: ${SEARCH_CA_BUNDLE_PATH}")
+ set(CURL_CA_BUNDLE "${SEARCH_CA_BUNDLE_PATH}")
+ set(CURL_CA_BUNDLE_SET TRUE CACHE BOOL "Path to the CA bundle
has been set")
+ break()
+ endif()
+ endforeach()
+ endif()
+
+ if(CURL_CA_PATH_AUTODETECT AND (NOT CURL_CA_PATH_SET))
+ if(EXISTS "/etc/ssl/certs")
+ set(CURL_CA_PATH "/etc/ssl/certs")
+ set(CURL_CA_PATH_SET TRUE CACHE BOOL "Path to the CA bundle has
been set")
+ endif()
+ endif()
+endif()
+
+if(CURL_CA_PATH_SET AND NOT USE_OPENSSL AND NOT USE_MBEDTLS)
+ message(FATAL_ERROR
+ "CA path only supported by OpenSSL, GnuTLS or mbed TLS. "
+ "Set CURL_CA_PATH=none or enable one of those TLS backends.")
+endif()
+
+
# Check for header files
if(NOT UNIX)
check_include_file_concat("windows.h" HAVE_WINDOWS_H)
check_include_file_concat("winsock.h" HAVE_WINSOCK_H)
check_include_file_concat("ws2tcpip.h" HAVE_WS2TCPIP_H)
check_include_file_concat("winsock2.h" HAVE_WINSOCK2_H)
- if(CURL_WINDOWS_SSPI)
- set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS}
-DSECURITY_WIN32")
- check_include_file_concat("sspi.h" HAVE_SSPI_H)
- if(HAVE_SSPI_H)
- check_include_file_concat("schannel.h" HAVE_SCHANNEL_H)
- set(USE_WINDOWS_SSPI ON)
- if(HAVE_SCHANNEL_H)
- set(USE_SCHANNEL ON)
- set(SSL_ENABLED ON)
- set(CURL_LIBS ${CURL_LIBS} "crypt32")
- endif()
- endif()
+ if(NOT CURL_WINDOWS_SSPI AND USE_OPENSSL)
+ set(CURL_LIBS ${CURL_LIBS} "crypt32")
endif()
endif(NOT UNIX)
@@ -602,6 +728,7 @@ check_include_file_concat("sys/types.h"
HAVE_SYS_TYPES_H)
check_include_file_concat("sys/uio.h" HAVE_SYS_UIO_H)
check_include_file_concat("sys/un.h" HAVE_SYS_UN_H)
check_include_file_concat("sys/utime.h" HAVE_SYS_UTIME_H)
+check_include_file_concat("sys/xattr.h" HAVE_SYS_XATTR_H)
check_include_file_concat("alloca.h" HAVE_ALLOCA_H)
check_include_file_concat("arpa/inet.h" HAVE_ARPA_INET_H)
check_include_file_concat("arpa/tftp.h" HAVE_ARPA_TFTP_H)
@@ -611,7 +738,7 @@ check_include_file_concat("des.h" HAVE_DES_H)
check_include_file_concat("err.h" HAVE_ERR_H)
check_include_file_concat("errno.h" HAVE_ERRNO_H)
check_include_file_concat("fcntl.h" HAVE_FCNTL_H)
-check_include_file_concat("idn-free.h" HAVE_IDN_FREE_H)
+check_include_file_concat("idn2.h" HAVE_IDN2_H)
check_include_file_concat("ifaddrs.h" HAVE_IFADDRS_H)
check_include_file_concat("io.h" HAVE_IO_H)
check_include_file_concat("krb.h" HAVE_KRB_H)
@@ -641,7 +768,6 @@ check_include_file_concat("stropts.h" HAVE_STROPTS_H)
check_include_file_concat("termio.h" HAVE_TERMIO_H)
check_include_file_concat("termios.h" HAVE_TERMIOS_H)
check_include_file_concat("time.h" HAVE_TIME_H)
-check_include_file_concat("tld.h" HAVE_TLD_H)
check_include_file_concat("unistd.h" HAVE_UNISTD_H)
check_include_file_concat("utime.h" HAVE_UTIME_H)
check_include_file_concat("x509.h" HAVE_X509_H)
@@ -655,9 +781,6 @@ check_include_file_concat("netinet/if_ether.h"
HAVE_NETINET_IF_ETHER_H)
check_include_file_concat("stdint.h" HAVE_STDINT_H)
check_include_file_concat("sockio.h" HAVE_SOCKIO_H)
check_include_file_concat("sys/utsname.h" HAVE_SYS_UTSNAME_H)
-check_include_file_concat("idna.h" HAVE_IDNA_H)
-
-
check_type_size(size_t SIZEOF_SIZE_T)
check_type_size(ssize_t SIZEOF_SSIZE_T)
@@ -739,7 +862,11 @@ endif()
check_symbol_exists(basename "${CURL_INCLUDES}" HAVE_BASENAME)
check_symbol_exists(socket "${CURL_INCLUDES}" HAVE_SOCKET)
-check_symbol_exists(poll "${CURL_INCLUDES}" HAVE_POLL)
+# poll on macOS is unreliable, it first did not exist, then was broken until
+# fixed in 10.9 only to break again in 10.12.
+if(NOT APPLE)
+ check_symbol_exists(poll "${CURL_INCLUDES}" HAVE_POLL)
+endif()
check_symbol_exists(select "${CURL_INCLUDES}" HAVE_SELECT)
check_symbol_exists(strdup "${CURL_INCLUDES}" HAVE_STRDUP)
check_symbol_exists(strstr "${CURL_INCLUDES}" HAVE_STRSTR)
@@ -771,16 +898,6 @@ check_symbol_exists(strlcat "${CURL_INCLUDES}"
HAVE_STRLCAT)
check_symbol_exists(getpwuid "${CURL_INCLUDES}" HAVE_GETPWUID)
check_symbol_exists(geteuid "${CURL_INCLUDES}" HAVE_GETEUID)
check_symbol_exists(utime "${CURL_INCLUDES}" HAVE_UTIME)
-if(CMAKE_USE_OPENSSL)
- check_symbol_exists(RAND_status "${CURL_INCLUDES}" HAVE_RAND_STATUS)
- check_symbol_exists(RAND_screen "${CURL_INCLUDES}" HAVE_RAND_SCREEN)
- check_symbol_exists(RAND_egd "${CURL_INCLUDES}" HAVE_RAND_EGD)
- check_symbol_exists(CRYPTO_cleanup_all_ex_data "${CURL_INCLUDES}"
- HAVE_CRYPTO_CLEANUP_ALL_EX_DATA)
- if(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
- set(USE_OPENSSL 1)
- endif(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
-endif(CMAKE_USE_OPENSSL)
check_symbol_exists(gmtime_r "${CURL_INCLUDES}" HAVE_GMTIME_R)
check_symbol_exists(localtime_r "${CURL_INCLUDES}" HAVE_LOCALTIME_R)
@@ -806,9 +923,6 @@ check_symbol_exists(pipe "${CURL_INCLUDES}"
HAVE_PIPE)
check_symbol_exists(ftruncate "${CURL_INCLUDES}" HAVE_FTRUNCATE)
check_symbol_exists(getprotobyname "${CURL_INCLUDES}" HAVE_GETPROTOBYNAME)
check_symbol_exists(getrlimit "${CURL_INCLUDES}" HAVE_GETRLIMIT)
-check_symbol_exists(idn_free "${CURL_INCLUDES}" HAVE_IDN_FREE)
-check_symbol_exists(idna_strerror "${CURL_INCLUDES}" HAVE_IDNA_STRERROR)
-check_symbol_exists(tld_strerror "${CURL_INCLUDES}" HAVE_TLD_STRERROR)
check_symbol_exists(setlocale "${CURL_INCLUDES}" HAVE_SETLOCALE)
check_symbol_exists(setrlimit "${CURL_INCLUDES}" HAVE_SETRLIMIT)
check_symbol_exists(fcntl "${CURL_INCLUDES}" HAVE_FCNTL)
@@ -816,7 +930,25 @@ check_symbol_exists(ioctl "${CURL_INCLUDES}"
HAVE_IOCTL)
check_symbol_exists(setsockopt "${CURL_INCLUDES}" HAVE_SETSOCKOPT)
# symbol exists in win32, but function does not.
-check_function_exists(inet_pton HAVE_INET_PTON)
+if(WIN32)
+ if(ENABLE_INET_PTON)
+ check_function_exists(inet_pton HAVE_INET_PTON)
+ # _WIN32_WINNT_VISTA (0x0600)
+ add_definitions(-D_WIN32_WINNT=0x0600)
+ else()
+ # _WIN32_WINNT_WINXP (0x0501)
+ add_definitions(-D_WIN32_WINNT=0x0501)
+ endif()
+else()
+ check_function_exists(inet_pton HAVE_INET_PTON)
+endif()
+
+check_symbol_exists(fsetxattr "${CURL_INCLUDES}" HAVE_FSETXATTR)
+if(HAVE_FSETXATTR)
+ foreach(CURL_TEST HAVE_FSETXATTR_5 HAVE_FSETXATTR_6)
+ curl_internal_test_run(${CURL_TEST})
+ endforeach(CURL_TEST)
+endif(HAVE_FSETXATTR)
# sigaction and sigsetjmp are special. Use special mechanism for
# detecting those, but only if previous attempt failed.
@@ -996,7 +1128,7 @@ else()
set(CURL_SIZEOF_CURL_SOCKLEN_T ${SIZEOF_INT})
endif()
-# TODO test which of these headers are required for the typedefs used in
curlbuild.h
+# TODO test which of these headers are required
if(WIN32)
set(CURL_PULL_WS2TCPIP_H ${HAVE_WS2TCPIP_H})
else()
@@ -1011,11 +1143,6 @@ include(CMake/OtherTests.cmake)
add_definitions(-DHAVE_CONFIG_H)
-# For windows, do not allow the compiler to use default target (Vista).
-if(WIN32)
- add_definitions(-D_WIN32_WINNT=0x0501)
-endif(WIN32)
-
# For windows, all compilers used by cmake should support large files
if(WIN32)
set(USE_WIN32_LARGE_FILES ON)
@@ -1023,6 +1150,11 @@ endif(WIN32)
if(MSVC)
add_definitions(-D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE)
+ if(CMAKE_C_FLAGS MATCHES "/W[0-4]")
+ string(REGEX REPLACE "/W[0-4]" "/W4" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}")
+ else(CMAKE_C_FLAGS MATCHES "/W[0-4]")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4")
+ endif(CMAKE_C_FLAGS MATCHES "/W[0-4]")
endif(MSVC)
# Ugly (but functional) way to include "Makefile.inc" by transforming it (=
regenerate it).
@@ -1031,9 +1163,9 @@ function(TRANSFORM_MAKEFILE_INC INPUT_FILE OUTPUT_FILE)
string(REPLACE "$(top_srcdir)" "\${CURL_SOURCE_DIR}" MAKEFILE_INC_TEXT
${MAKEFILE_INC_TEXT})
string(REPLACE "$(top_builddir)" "\${CURL_BINARY_DIR}" MAKEFILE_INC_TEXT
${MAKEFILE_INC_TEXT})
- string(REGEX REPLACE "\\\\\n" "�!�" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})
+ string(REGEX REPLACE "\\\\\n" "!π!α!" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})
string(REGEX REPLACE "([a-zA-Z_][a-zA-Z0-9_]*)[\t ]*=[\t ]*([^\n]*)"
"SET(\\1 \\2)" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})
- string(REPLACE "�!�" "\n" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})
+ string(REPLACE "!π!α!" "\n" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})
string(REGEX REPLACE "\\$\\(([a-zA-Z_][a-zA-Z0-9_]*)\\)" "\${\\1}"
MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT}) # Replace $() with ${}
string(REGEX REPLACE "@([a-zA-Z_][a-zA-Z0-9_]*)@" "\${\\1}"
MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT}) # Replace @@ with ${}, even if that
may not be read by CMake scripts.
@@ -1041,6 +1173,7 @@ function(TRANSFORM_MAKEFILE_INC INPUT_FILE OUTPUT_FILE)
endfunction()
+add_subdirectory(docs)
add_subdirectory(lib)
if(BUILD_CURL_EXE)
add_subdirectory(src)
@@ -1051,11 +1184,6 @@ if(BUILD_TESTING)
add_subdirectory(tests)
endif()
-# TODO support GNUTLS, NSS, POLARSSL, AXTLS, CYASSL, WINSSL, DARWINSSL
-if(USE_OPENSSL)
- set(SSL_ENABLED 1)
-endif()
-
# Helper to populate a list (_items) with a label when conditions (the
remaining
# args) are satisfied
function(_add_if label)
@@ -1069,11 +1197,13 @@ endfunction()
set(_items)
_add_if("WinSSL" SSL_ENABLED AND USE_WINDOWS_SSPI)
_add_if("OpenSSL" SSL_ENABLED AND USE_OPENSSL)
+_add_if("DarwinSSL" SSL_ENABLED AND USE_DARWINSSL)
+_add_if("mbedTLS" SSL_ENABLED AND USE_MBEDTLS)
_add_if("IPv6" ENABLE_IPV6)
_add_if("unix-sockets" USE_UNIX_SOCKETS)
_add_if("libz" HAVE_LIBZ)
_add_if("AsynchDNS" USE_ARES OR USE_THREADS_POSIX OR USE_THREADS_WIN32)
-_add_if("IDN" HAVE_LIBIDN)
+_add_if("IDN" HAVE_LIBIDN2)
_add_if("Largefile" (CURL_SIZEOF_CURL_OFF_T GREATER 4) AND
((SIZEOF_OFF_T GREATER 4) OR USE_WIN32_LARGE_FILES))
# TODO SSP1 (WinSSL) check is missing
@@ -1085,9 +1215,8 @@ _add_if("SPNEGO" NOT CURL_DISABLE_CRYPTO_AUTH AND
_add_if("Kerberos" NOT CURL_DISABLE_CRYPTO_AUTH AND
(HAVE_GSSAPI OR USE_WINDOWS_SSPI))
# NTLM support requires crypto function adaptions from various SSL libs
-# TODO alternative SSL libs tests for SSP1, GNUTLS, NSS, DARWINSSL
-if(NOT CURL_DISABLE_CRYPTO_AUTH AND (USE_OPENSSL OR
- USE_WINDOWS_SSPI OR GNUTLS_ENABLED OR NSS_ENABLED OR DARWINSSL_ENABLED))
+# TODO alternative SSL libs tests for SSP1, GNUTLS, NSS
+if(NOT CURL_DISABLE_CRYPTO_AUTH AND (USE_OPENSSL OR USE_WINDOWS_SSPI OR
USE_DARWINSSL OR USE_MBEDTLS))
_add_if("NTLM" 1)
# TODO missing option (autoconf: --enable-ntlm-wb)
_add_if("NTLM_WB" NOT CURL_DISABLE_HTTP AND NTLM_WB_ENABLED)
@@ -1136,8 +1265,6 @@ set(CC "${CMAKE_C_COMPILER}")
set(CONFIGURE_OPTIONS "")
# TODO when to set "-DCURL_STATICLIB" for CPPFLAG_CURL_STATICLIB?
set(CPPFLAG_CURL_STATICLIB "")
-# TODO need to set this (see CURL_CHECK_CA_BUNDLE in acinclude.m4)
-set(CURL_CA_BUNDLE "")
set(CURLVERSION "${CURL_VERSION}")
set(ENABLE_SHARED "yes")
if(CURL_STATICLIB)
@@ -1151,7 +1278,7 @@ set(LDFLAGS
"${CMAKE_SHARED_LINKER_FLAGS}")
set(LIBCURL_LIBS "")
set(libdir "${CMAKE_INSTALL_PREFIX}/lib")
foreach(_lib ${CMAKE_C_IMPLICIT_LINK_LIBRARIES} ${CURL_LIBS})
- if(_lib MATCHES ".*/.*")
+ if(_lib MATCHES ".*/.*" OR _lib MATCHES "^-")
set(LIBCURL_LIBS "${LIBCURL_LIBS} ${_lib}")
else()
set(LIBCURL_LIBS "${LIBCURL_LIBS} -l${_lib}")
@@ -1187,16 +1314,10 @@ if(NOT CURL_CONFIG_HAS_BEEN_RUN_BEFORE)
set(CURL_CONFIG_HAS_BEEN_RUN_BEFORE 1 CACHE INTERNAL "Flag to track whether
this is the first time running CMake or if CMake has been configured before")
endif()
-# Installation.
-# First, install generated curlbuild.h
-install(FILES "${CMAKE_CURRENT_BINARY_DIR}/include/curl/curlbuild.h"
- DESTINATION include/curl )
-# Next, install other headers excluding curlbuild.h
-install(DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}/include/curl"
+# install headers
+install(DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}/include/gnurl"
DESTINATION include
- FILES_MATCHING PATTERN "*.h"
- PATTERN "curlbuild.h" EXCLUDE)
-
+ FILES_MATCHING PATTERN "*.h")
# Workaround for MSVS10 to avoid the Dialog Hell
# FIXME: This could be removed with future version of CMake.
@@ -1206,3 +1327,14 @@ if(MSVC_VERSION EQUAL 1600)
file(APPEND "${CURL_SLN_FILENAME}" "\n# This should be regenerated!\n")
endif()
endif()
+
+if(NOT TARGET uninstall)
+ configure_file(
+ ${CMAKE_CURRENT_SOURCE_DIR}/CMake/cmake_uninstall.cmake.in
+ ${CMAKE_CURRENT_BINARY_DIR}/CMake/cmake_uninstall.cmake
+ IMMEDIATE @ONLY)
+
+ add_custom_target(uninstall
+ COMMAND ${CMAKE_COMMAND} -P
+ ${CMAKE_CURRENT_BINARY_DIR}/CMake/cmake_uninstall.cmake)
+endif()
diff --git a/COPYING b/COPYING
index a98663e94..1e45a5e2c 100644
--- a/COPYING
+++ b/COPYING
@@ -1,6 +1,6 @@
COPYRIGHT AND PERMISSION NOTICE
-Copyright (c) 1996 - 2016, Daniel Stenberg, <address@hidden>, and many
+Copyright (c) 1996 - 2017, Daniel Stenberg, <address@hidden>, and many
contributors, see the THANKS file.
All rights reserved.
diff --git a/CTestConfig.cmake b/CTestConfig.cmake
deleted file mode 100644
index 6b1e798e4..000000000
--- a/CTestConfig.cmake
+++ /dev/null
@@ -1,13 +0,0 @@
-## This file should be placed in the root directory of your project.
-## Then modify the CMakeLists.txt file in the root directory of your
-## project to incorporate the testing dashboard.
-## # The following are required to uses Dart and the Cdash dashboard
-## ENABLE_TESTING()
-## INCLUDE(Dart)
-set(CTEST_PROJECT_NAME "CURL")
-set(CTEST_NIGHTLY_START_TIME "00:00:00 EST")
-
-set(CTEST_DROP_METHOD "http")
-set(CTEST_DROP_SITE "my.cdash.org")
-set(CTEST_DROP_LOCATION "/submit.php?project=CURL")
-set(CTEST_DROP_SITE_CDASH TRUE)
diff --git a/GIT-INFO b/GIT-INFO
index 16f4a2201..51df76ab4 100644
--- a/GIT-INFO
+++ b/GIT-INFO
@@ -10,15 +10,6 @@ This file is only present in git - never in release
archives. It contains
information about other files and things that the git repository keeps in its
inner sanctum.
-Compile and build instructions follow below.
-
- CHANGES.0 contains ancient changes
- CHANGES contains the most recent changes
-
- Makefile.dist is included as the root Makefile in distribution archives
-
- perl/ is a subdirectory with various perl scripts
-
To build in environments that support configure, after having extracted
everything from git, do this:
@@ -51,17 +42,3 @@ installed:
install them, you can rename the source file src/tool_hugehelp.c.cvs to
src/tool_hugehelp.c and avoid having to generate this file. This will
give you a stubbed version of the file that doesn't contain actual content.
-
-MAC OS X
-
- With Mac OS X 10.2 and the associated Developer Tools, the installed versions
- of the build tools are adequate. For Mac OS X 10.1 users, Guido Neitzer
- wrote the following step-by-step guide:
-
- 1. Install fink (http://fink.sourceforge.net)
- 2. Update fink to the newest version (with the installed fink)
- 3. Install the latest version of autoconf, automake and m4 with fink
- 4. Install version 1.4.1 of libtool - you find it in the "unstable" section
- (read the manual to see how to get unstable versions)
- 5. Get cURL from git
- 6. Build cURL with "./buildconf", "./configure", "make", "sudo make install"
diff --git a/MacOSX-Framework b/MacOSX-Framework
index 19b338f1d..e6badcde5 100755
--- a/MacOSX-Framework
+++ b/MacOSX-Framework
@@ -126,15 +126,6 @@ if test ! -z $SDK32; then
pwd
lipo libcurl.framework/${FRAMEWORK_VERSION}/libcurl32
libcurl.framework/${FRAMEWORK_VERSION}/libcurl64 -create -output
libcurl.framework/${FRAMEWORK_VERSION}/libcurl
rm libcurl.framework/${FRAMEWORK_VERSION}/libcurl32
libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
- cp libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl/curlbuild.h
libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl/curlbuild32.h
- cp include/curl/curlbuild.h
libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl/curlbuild64.h
- cat >libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl/curlbuild.h <<EOF
-#ifdef __LP64__
-#include "curl/curlbuild64.h"
-#else
-#include "curl/curlbuild32.h"
-#endif
-EOF
fi
pwd
diff --git a/Makefile.am b/Makefile.am
index d4264d0a0..7037d1c84 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -24,10 +24,13 @@ AUTOMAKE_OPTIONS = foreign
ACLOCAL_AMFLAGS = -I m4
-CMAKE_DIST = CMakeLists.txt CMake/CMakeConfigurableFile.in \
- CMake/CurlTests.c CMake/FindGSS.cmake CMake/OtherTests.cmake \
- CMake/Platforms/WindowsCache.cmake CMake/Utilities.cmake \
- include/curl/curlbuild.h.cmake CMake/Macros.cmake
+CMAKE_DIST = CMakeLists.txt CMake/CMakeConfigurableFile.in \
+ CMake/CurlTests.c CMake/FindGSS.cmake CMake/OtherTests.cmake \
+ CMake/Platforms/WindowsCache.cmake CMake/Utilities.cmake \
+ CMake/Macros.cmake \
+ CMake/CurlSymbolHiding.cmake CMake/FindCARES.cmake \
+ CMake/FindLibSSH2.cmake CMake/FindNGHTTP2.cmake \
+ CMake/FindMbedTLS.cmake CMake/cmake_uninstall.cmake.in
VC6_LIBTMPL = projects/Windows/VC6/lib/libcurl.tmpl
VC6_LIBDSP = projects/Windows/VC6/lib/libcurl.dsp.dist
@@ -130,16 +133,18 @@ VC_DIST = projects/README \
projects/Windows/VC14/lib/libcurl.sln \
projects/Windows/VC14/lib/libcurl.vcxproj.filters \
projects/Windows/VC14/src/curl.sln \
- projects/Windows/VC14/src/curl.vcxproj.filters
+ projects/Windows/VC14/src/curl.vcxproj.filters \
+ projects/generate.bat \
+ projects/wolfssl_options.h \
+ projects/wolfssl_override.props
WINBUILD_DIST = winbuild/BUILD.WINDOWS.txt winbuild/gen_resp_file.bat \
- winbuild/MakefileBuild.vc winbuild/Makefile.vc
\
- winbuild/Makefile.msvc.names
+ winbuild/MakefileBuild.vc winbuild/Makefile.vc
EXTRA_DIST = CHANGES COPYING maketgz Makefile.dist gnurl-config.in \
RELEASE-NOTES buildconf libgnurl.pc.in MacOSX-Framework scripts/zsh.pl
\
- $(CMAKE_DIST) $(VC_DIST) $(WINBUILD_DIST) lib/libcurl.vers.in \
- buildconf.bat
+ scripts/updatemanpages.pl $(CMAKE_DIST) $(VC_DIST) $(WINBUILD_DIST) \
+ lib/libcurl.vers.in buildconf.bat scripts/coverage.sh
CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ)
\
$(VC71_LIBVCPROJ) $(VC71_SRCVCPROJ) $(VC8_LIBVCPROJ) $(VC8_SRCVCPROJ) \
@@ -149,8 +154,8 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ)
$(VC7_SRCVCPROJ) \
bin_SCRIPTS = gnurl-config
-SUBDIRS = lib src include
-DIST_SUBDIRS = $(SUBDIRS) tests packages docs scripts
+SUBDIRS = lib src
+DIST_SUBDIRS = $(SUBDIRS) tests packages scripts include docs
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libgnurl.pc
@@ -165,14 +170,14 @@ dist-hook:
(distit=`find $(srcdir) -name "*.dist" | grep -v ./ares/`; \
for file in $$distit; do \
strip=`echo $$file | sed -e s/^$(srcdir)// -e s/\.dist//`; \
- cp $$file $(distdir)$$strip; \
+ cp -p $$file $(distdir)$$strip; \
done)
html:
- cd docs && make html
+ cd docs && $(MAKE) html
pdf:
- cd docs && make pdf
+ cd docs && $(MAKE) pdf
check: test examples check-docs
@@ -191,9 +196,15 @@ test:
test-full:
@(cd tests; $(MAKE) all full-test)
+test-nonflaky:
+ @(cd tests; $(MAKE) all nonflaky-test)
+
test-torture:
@(cd tests; $(MAKE) all torture-test)
+test-event:
+ @(cd tests; $(MAKE) all event-test)
+
test-am:
@(cd tests; $(MAKE) all am-test)
@@ -248,10 +259,10 @@ rpm:
# pkgadd -d ./HAXXcurl-*
#
-# gak - libtool requires an absoulte directory, hence the pwd below...
+# gak - libtool requires an absolute directory, hence the pwd below...
pkgadd:
umask 022 ; \
- make install DESTDIR=`/bin/pwd`/packages/Solaris/root ; \
+ $(MAKE) install DESTDIR=`/bin/pwd`/packages/Solaris/root ; \
cat COPYING > $(srcdir)/packages/Solaris/copyright ; \
cd $(srcdir)/packages/Solaris && $(MAKE) package
@@ -265,11 +276,13 @@ cygwinbin:
install-data-hook:
cd include && $(MAKE) install
cd docs && $(MAKE) install
+ cd docs/libcurl && $(MAKE) install
# We extend the standard uninstall with a custom hook:
uninstall-hook:
cd include && $(MAKE) uninstall
cd docs && $(MAKE) uninstall
+ cd docs/libcurl && $(MAKE) uninstall
ca-bundle: lib/mk-ca-bundle.pl
@echo "generating a fresh ca-bundle.crt"
diff --git a/Makefile.dist b/Makefile.dist
index 329e4f3a8..8577c8a14 100644
--- a/Makefile.dist
+++ b/Makefile.dist
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -20,8 +20,6 @@
#
###########################################################################
-VC=vc6
-
all:
./configure
make
@@ -87,366 +85,13 @@ mingw32%:
$(MAKE) -C lib -f Makefile.m32 CFG=$@
$(MAKE) -C src -f Makefile.m32 CFG=$@
-vc-clean: $(VC)
- cd lib
- nmake -f Makefile.$(VC) clean
- cd ..\src
- nmake -f Makefile.$(VC) clean
-
-vc-all: $(VC)
- cd lib
- nmake -f Makefile.$(VC) cfg=release
- nmake -f Makefile.$(VC) cfg=release-ssl
- nmake -f Makefile.$(VC) cfg=release-zlib
- nmake -f Makefile.$(VC) cfg=release-ssl-zlib
- nmake -f Makefile.$(VC) cfg=release-ssl-dll
- nmake -f Makefile.$(VC) cfg=release-zlib-dll
- nmake -f Makefile.$(VC) cfg=release-ssl-dll-zlib-dll
- nmake -f Makefile.$(VC) cfg=release-dll
- nmake -f Makefile.$(VC) cfg=release-dll-ssl-dll
- nmake -f Makefile.$(VC) cfg=release-dll-zlib-dll
- nmake -f Makefile.$(VC) cfg=release-dll-ssl-dll-zlib-dll
- nmake -f Makefile.$(VC) cfg=debug
- nmake -f Makefile.$(VC) cfg=debug-ssl
- nmake -f Makefile.$(VC) cfg=debug-zlib
- nmake -f Makefile.$(VC) cfg=debug-ssl-zlib
- nmake -f Makefile.$(VC) cfg=debug-ssl-dll
- nmake -f Makefile.$(VC) cfg=debug-zlib-dll
- nmake -f Makefile.$(VC) cfg=debug-ssl-dll-zlib-dll
- nmake -f Makefile.$(VC) cfg=debug-dll
- nmake -f Makefile.$(VC) cfg=debug-dll-ssl-dll
- nmake -f Makefile.$(VC) cfg=debug-dll-zlib-dll
- nmake -f Makefile.$(VC) cfg=debug-dll-ssl-dll-zlib-dll
-
-vc: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release
- cd ..\src
- nmake /f Makefile.$(VC)
-
-vc-x64: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release
-
-vc-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
-
-vc-x64-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release WINDOWS_SSPI=1
-
-vc-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release USE_IDN=1
-
-vc-x64-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1
-
-vc-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release USE_IDN=1 WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release USE_IDN=1 WINDOWS_SSPI=1
-
-vc-x64-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1 WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release USE_IDN=1 WINDOWS_SSPI=1
-
-vc-zlib: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-zlib
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-zlib
-
-vc-x64-zlib: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib
-
-vc-zlib-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-zlib WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-zlib WINDOWS_SSPI=1
-
-vc-x64-zlib-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib WINDOWS_SSPI=1
-
-vc-zlib-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1
-
-vc-x64-zlib-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1
-
-vc-zlib-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-zlib USE_IDN=1 WINDOWS_SSPI=1
-
-vc-x64-zlib-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1
WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib USE_IDN=1
WINDOWS_SSPI=1
-
-vc-ssl: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl
-
-vc-x64-ssl: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl
-
-vc-ssl-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl WINDOWS_SSPI=1
-
-vc-x64-ssl-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl WINDOWS_SSPI=1
-
-vc-ssl-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1
-
-vc-x64-ssl-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1
-
-vc-ssl-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl USE_IDN=1 WINDOWS_SSPI=1
-
-vc-x64-ssl-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1
WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl USE_IDN=1
WINDOWS_SSPI=1
-
-vc-ssl-zlib: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-zlib
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-zlib
-
-vc-x64-ssl-zlib: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib
-
-vc-ssl-zlib-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-zlib WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-zlib WINDOWS_SSPI=1
-
-vc-x64-ssl-zlib-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib WINDOWS_SSPI=1
-
-vc-ssl-zlib-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1
-
-vc-x64-ssl-zlib-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1
-
-vc-ssl-zlib-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-zlib USE_IDN=1 WINDOWS_SSPI=1
-
-vc-x64-ssl-zlib-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1
WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib USE_IDN=1
WINDOWS_SSPI=1
-
-vc-ssl-ssh2-zlib: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib
-
-vc-x64-ssl-ssh2-zlib: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
-
-vc-ssl-ssh2-zlib-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib WINDOWS_SSPI=1
-
-vc-x64-ssl-ssh2-zlib-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib
WINDOWS_SSPI=1
-
-vc-ssl-ssh2-zlib-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1
-
-vc-x64-ssl-ssh2-zlib-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1
-
-vc-ssl-ssh2-zlib-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1
WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-ssh2-zlib USE_IDN=1
WINDOWS_SSPI=1
-
-vc-x64-ssl-ssh2-zlib-idn-sspi: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1
WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-ssh2-zlib USE_IDN=1
WINDOWS_SSPI=1
-
-vc-winssl: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
-
-vc-x64-winssl: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
-
-vc-winssl-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-winssl USE_IDN=1 WINDOWS_SSPI=1
-
-vc-x64-winssl-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl USE_IDN=1
WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl USE_IDN=1
WINDOWS_SSPI=1
-
-vc-winssl-zlib: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-winssl-zlib WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-winssl-zlib WINDOWS_SSPI=1
+vc:
+ cd winbuild
+ nmake /f Makefile.vc MACHINE=x86
-vc-x64-winssl-zlib: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib
WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib
WINDOWS_SSPI=1
-
-vc-winssl-zlib-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-winssl-zlib USE_IDN=1 WINDOWS_SSPI=1
-
-vc-x64-winssl-zlib-idn: $(VC)
- cd lib
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib USE_IDN=1
WINDOWS_SSPI=1
- cd ..\src
- nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib USE_IDN=1
WINDOWS_SSPI=1
-
-vc-ssl-dll: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-dll
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-dll
-
-vc-dll-ssl-dll: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-dll-ssl-dll
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-dll-ssl-dll
-
-vc-dll: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-dll
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-dll
-
-vc-dll-zlib-dll: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-dll-zlib-dll
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-dll-zlib-dll
-
-vc-dll-ssl-dll-zlib-dll: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-dll-ssl-dll-zlib-dll
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-dll-ssl-dll-zlib-dll
-
-vc-ssl-dll-zlib-dll: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-ssl-dll-zlib-dll
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-ssl-dll-zlib-dll
-
-vc-zlib-dll: $(VC)
- cd lib
- nmake /f Makefile.$(VC) cfg=release-zlib-dll
- cd ..\src
- nmake /f Makefile.$(VC) cfg=release-zlib-dll
+vc-x64:
+ cd winbuild
+ nmake /f Makefile.vc MACHINE=x64
djgpp:
$(MAKE) -C lib -f Makefile.dj
@@ -497,86 +142,6 @@ linux: all
linux-ssl: ssl
-# We don't need to do anything for vc6.
-vc6:
-
-# VC7 makefiles are for use with VS.NET and VS.NET 2003
-vc7: lib/Makefile.vc7 src/Makefile.vc7
-
-lib/Makefile.vc7: lib/Makefile.vc6
- @echo "generate $@"
- @sed -e "s/VC6/VC7/g" lib/Makefile.vc6 > lib/Makefile.vc7
-
-src/Makefile.vc7: src/Makefile.vc6
- @echo "generate $@"
- @sed -e "s/VC6/VC7/g" src/Makefile.vc6 > src/Makefile.vc7
-
-# VC8 makefiles are for use with VS2005
-vc8: lib/Makefile.vc8 src/Makefile.vc8
-
-lib/Makefile.vc8: lib/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g"
lib/Makefile.vc6 > lib/Makefile.vc8
-
-src/Makefile.vc8: src/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g"
src/Makefile.vc6 > src/Makefile.vc8
-
-# VC9 makefiles are for use with VS2008
-vc9: lib/Makefile.vc9 src/Makefile.vc9
-
-lib/Makefile.vc9: lib/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc9/g" -e "s/VC6/VC9/g" lib/Makefile.vc6
> lib/Makefile.vc9
-
-src/Makefile.vc9: src/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc9/g" -e "s/VC6/VC9/g" src/Makefile.vc6
> src/Makefile.vc9
-
-# VC10 makefiles are for use with VS2010
-vc10: lib/Makefile.vc10 src/Makefile.vc10
-
-lib/Makefile.vc10: lib/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc10/g" -e "s/VC6/VC10/g"
lib/Makefile.vc6 > lib/Makefile.vc10
-
-src/Makefile.vc10: src/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc10/g" -e "s/VC6/VC10/g"
src/Makefile.vc6 > src/Makefile.vc10
-
-# VC11 makefiles are for use with VS2012
-vc11: lib/Makefile.vc11 src/Makefile.vc11
-
-lib/Makefile.vc11: lib/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc11/g" -e "s/VC6/VC11/g"
lib/Makefile.vc6 > lib/Makefile.vc11
-
-src/Makefile.vc11: src/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc11/g" -e "s/VC6/VC11/g"
src/Makefile.vc6 > src/Makefile.vc11
-
-# VC12 makefiles are for use with VS2013
-vc12: lib/Makefile.vc12 src/Makefile.vc12
-
-lib/Makefile.vc12: lib/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc12/g" -e "s/VC6/VC12/g"
lib/Makefile.vc6 > lib/Makefile.vc12
-
-src/Makefile.vc12: src/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc12/g" -e "s/VC6/VC12/g"
src/Makefile.vc6 > src/Makefile.vc12
-
-# VC14 makefiles are for use with VS2015
-vc14: lib/Makefile.vc14 src/Makefile.vc14
-
-lib/Makefile.vc14: lib/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc14/g" -e "s/VC6/VC14/g"
lib/Makefile.vc6 > lib/Makefile.vc14
-
-src/Makefile.vc14: src/Makefile.vc6
- @echo "generate $@"
- @sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e
"s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc14/g" -e "s/VC6/VC14/g"
src/Makefile.vc6 > src/Makefile.vc14
-
ca-bundle: lib/mk-ca-bundle.pl
@echo "generate a fresh ca-bundle.crt"
@perl $< -b -l -u lib/ca-bundle.crt
diff --git a/README.md b/README.md
index 567d6d1de..4abb51bc2 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,8 @@
[](https://bestpractices.coreinfrastructure.org/projects/63)
+[](https://scan.coverity.com/projects/curl)
+[](https://travis-ci.org/curl/curl)
+[](https://coveralls.io/github/curl/curl)
Curl is a command-line tool for transferring data specified with URL
syntax. Find out how to use curl by reading [the curl.1 man
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 4880ed68d..a735262d0 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,24 +1,40 @@
-Curl and libcurl 7.50.3
+Curl and libcurl 7.55.1
- Public curl releases: 159
- Command line options: 185
- curl_easy_setopt() options: 224
+ Public curl releases: 168
+ Command line options: 210
+ curl_easy_setopt() options: 247
Public functions in libcurl: 61
- Contributors: 1445
+ Contributors: 1592
This release includes the following bugfixes:
- o CVE-2016-7167: escape and unescape integer overflows [8]
- o mk-ca-bundle.pl: use SHA256 instead of SHA1
- o checksrc: detect strtok() use
- o errors: new alias CURLE_WEIRD_SERVER_REPLY [1]
- o http2: support > 64bit sized uploads [2]
- o openssl: fix bad memory free (regression) [3]
- o CMake: hide private library symbols [4]
- o http: refuse to pass on response body with NO_NODY was set [5]
- o cmake: fix curl-config --static-libs [6]
- o mbedtls: switch off NTLM in build if md4 isn't available [7]
- o curl: --create-dirs on windows groks both forward and backward slashes [9]
+ o build: fix 'make install' with configure, install docs/libcurl/* too
+ o make install: add 8 missing man pages to the installation
+ o curl: do bounds check using a double comparison [1]
+ o dist: Add dictserver.py/negtelnetserver.py to release [2]
+ o digest_sspi: Don't reuse context if the user/passwd has changed [3]
+ o gitignore: ignore top-level .vs folder [4]
+ o build: check out *.sln files with Windows line endings [5]
+ o travis: verify "make install" [6]
+ o dist: fix the cmake build by shipping cmake_uninstall.cmake.in too [7]
+ o metalink: fix error: ‘*’ in boolean context, suggest ‘&&’ instead
+ o configure: use the threaded resolver backend by default if possible [8]
+ o mkhelp.pl: allow executing this script directly [9]
+ o maketgz: remove old *.dist files before making the tarball [10]
+ o openssl: remove CONST_ASN1_BIT_STRING [11]
+ o openssl: fix "error: this statement may fall through"
+ o proxy: fix memory leak in case of invalid proxy server name [12]
+ o curl/system.h: support more architectures (OpenRISC, ARC) [13]
+ o docs: fix typos [14]
+ o curl/system.h: add Oracle Solaris Studio [15]
+ o CURLINFO_TOTAL_TIME: could wrongly return 4200 seconds [16]
+ o docs: --connect-to clarified
+ o cmake: allow user to override CMAKE_DEBUG_POSTFIX [17]
+ o travis: test cmake build on tarball too
+ o redirect: make it handle absolute redirects to IDN names [18]
+ o curl/system.h: fix for gcc on PowerPC [19]
+ o curl --interface: fixed for IPV6 unique local addresses [20]
+ o cmake: threads detection improvements [21]
This release includes the following known bugs:
@@ -27,20 +43,36 @@ This release includes the following known bugs:
This release would not have looked like this without help, code, reports and
advice from friends like these:
- Daniel Stenberg, Harold Stuart, Jakub Zakrzewski, Peter Wu, Randy Armstrong,
- Ray Satiro, Ryan Scott, Tony Kelman, Viktor Szakáts,
- (9 contributors)
+ Adam Sampson, Alessandro Ghedini, Alex Potapenko, Bernard Spil,
+ Christian Weisgerber, Dagobert Michelsen, Dan Fandrich, Daniel Krügler,
+ Daniel Stenberg, David Benjamin, David Lord, Even Rouault, Han Qiao,
+ Isaac Boukris, James Slaughter, Marcel Raad, paulharris on github,
+ Ray Satiro, Salah-Eddin Shaban, Sergei Nikulov, Simon Warta,
+ Thomas Petazzoni,
+ (22 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
- [1] = https://curl.haxx.se/bug/?i=975
- [2] = https://curl.haxx.se/bug/?i=996
- [3] = https://curl.haxx.se/bug/?i=1005
- [4] = https://curl.haxx.se/bug/?i=981
- [5] = https://curl.haxx.se/bug/?i=973
- [6] = https://curl.haxx.se/bug/?i=841
- [7] = https://curl.haxx.se/bug/?i=1004
- [8] = https://curl.haxx.se/docs/adv_20160914.html
- [9] = https://curl.haxx.se/bug/?i=1007
+ [1] = https://curl.haxx.se/bug/?i=1750
+ [2] = https://curl.haxx.se/bug/?i=1744
+ [3] = https://curl.haxx.se/bug/?i=1742
+ [4] = https://curl.haxx.se/bug/?i=1746
+ [5] = https://curl.haxx.se/bug/?i=1746
+ [6] = https://curl.haxx.se/bug/?i=1753
+ [7] = https://curl.haxx.se/bug/?i=1755
+ [8] = https://curl.haxx.se/bug/?i=1647
+ [9] = https://curl.haxx.se/bug/?i=1743
+ [10] = https://curl.haxx.se/mail/lib-2017-08/0050.html
+ [11] = https://curl.haxx.se/bug/?i=1759
+ [12] = https://curl.haxx.se/bug/?i=1761
+ [13] = https://curl.haxx.se/bug/?i=1766
+ [14] = https://curl.haxx.se/bug/?i=1770
+ [15] = https://curl.haxx.se/bug/?i=1752
+ [16] = https://curl.haxx.se/bug/?i=1769
+ [17] = https://curl.haxx.se/bug/?i=1763
+ [18] = https://curl.haxx.se/bug/?i=1762
+ [19] = https://curl.haxx.se/bug/?i=1774
+ [20] = https://curl.haxx.se/bug/?i=1764
+ [21] = https://curl.haxx.se/bug/?i=1719
diff --git a/acinclude.m4 b/acinclude.m4
index 312efcb47..539322870 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -199,8 +199,6 @@ AC_DEFUN([CURL_CHECK_HEADER_WINDOWS], [
yes)
AC_DEFINE_UNQUOTED(HAVE_WINDOWS_H, 1,
[Define to 1 if you have the windows.h header file.])
- AC_DEFINE_UNQUOTED(WIN32_LEAN_AND_MEAN, 1,
- [Define to avoid automatic inclusion of winsock.h])
;;
esac
])
@@ -790,8 +788,8 @@ AC_DEFUN([CURL_CHECK_LIBS_LDAP], [
#
for x_nlibs in '' "$u_libs" \
'-lldap' \
- '-llber -lldap' \
'-lldap -llber' \
+ '-llber -lldap' \
'-lldapssl -lldapx -lldapsdk' \
'-lldapsdk -lldapx -lldapssl' ; do
if test "$curl_cv_ldap_LIBS" = "unknown"; then
@@ -1084,7 +1082,11 @@ AC_DEFUN([CURL_CHECK_FUNC_GETNAMEINFO], [
#endif
#define GNICALLCONV
#endif
- extern int GNICALLCONV getnameinfo($gni_arg1, $gni_arg2,
+ extern int GNICALLCONV
+#ifdef __ANDROID__
+__attribute__((overloadable))
+#endif
+ getnameinfo($gni_arg1, $gni_arg2,
char *, $gni_arg46,
char *, $gni_arg46,
$gni_arg7);
@@ -1388,6 +1390,9 @@ AC_DEFUN([CURL_CHECK_FUNC_RECV], [
#define RECVCALLCONV
#endif
extern $recv_retv RECVCALLCONV
+#ifdef __ANDROID__
+__attribute__((overloadable))
+#endif
recv($recv_arg1, $recv_arg2, $recv_arg3, $recv_arg4);
]],[[
$recv_arg1 s=0;
@@ -1522,6 +1527,9 @@ AC_DEFUN([CURL_CHECK_FUNC_SEND], [
#define SENDCALLCONV
#endif
extern $send_retv SENDCALLCONV
+#ifdef __ANDROID__
+__attribute__((overloadable))
+#endif
send($send_arg1, $send_arg2, $send_arg3, $send_arg4);
]],[[
$send_arg1 s=0;
@@ -1856,7 +1864,7 @@ AC_DEFUN([CURL_CHECK_FUNC_CLOCK_GETTIME_MONOTONIC], [
AC_CHECK_HEADERS(sys/types.h sys/time.h time.h)
AC_MSG_CHECKING([for monotonic clock_gettime])
#
- if test "x$dontwant_rt" == "xno" ; then
+ if test "x$dontwant_rt" = "xno" ; then
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#ifdef HAVE_SYS_TYPES_H
@@ -2079,10 +2087,7 @@ _EOF
dnl CURL_CONFIGURE_LONG
dnl -------------------------------------------------
dnl Find out the size of long as reported by sizeof() and define
-dnl CURL_SIZEOF_LONG as appropriate to be used in template file
-dnl include/curl/curlbuild.h.in to properly configure the library.
-dnl The size of long is a build time characteristic and as such
-dnl must be recorded in curlbuild.h
+dnl CURL_SIZEOF_LONG.
AC_DEFUN([CURL_CONFIGURE_LONG], [
if test -z "$ac_cv_sizeof_long" ||
@@ -2095,10 +2100,6 @@ AC_DEFUN([CURL_CONFIGURE_LONG], [
dnl CURL_CONFIGURE_CURL_SOCKLEN_T
dnl -------------------------------------------------
-dnl Find out suitable curl_socklen_t data type definition and size, making
-dnl appropriate definitions for template file include/curl/curlbuild.h.in
-dnl to properly configure and use the library.
-dnl
dnl The need for the curl_socklen_t definition arises mainly to properly
dnl interface HP-UX systems which on one hand have a typedef'ed socklen_t
dnl data type which is 32 or 64-Bit wide depending on the data model being
@@ -2222,10 +2223,6 @@ AC_DEFUN([CURL_CONFIGURE_CURL_SOCKLEN_T], [
dnl CURL_CONFIGURE_PULL_SYS_POLL
dnl -------------------------------------------------
-dnl Find out if system header file sys/poll.h must be included by the
-dnl external interface, making appropriate definitions for template file
-dnl include/curl/curlbuild.h.in to properly configure and use the library.
-dnl
dnl The need for the sys/poll.h inclusion arises mainly to properly
dnl interface AIX systems which define macros 'events' and 'revents'.
@@ -2378,11 +2375,15 @@ AC_DEFUN([CURL_CHECK_FUNC_SELECT], [
long tv_usec;
};
#endif
- extern $sel_retv SELECTCALLCONV select($sel_arg1,
- $sel_arg234,
- $sel_arg234,
- $sel_arg234,
- $sel_arg5);
+ extern $sel_retv SELECTCALLCONV
+#ifdef __ANDROID__
+__attribute__((overloadable))
+#endif
+ select($sel_arg1,
+ $sel_arg234,
+ $sel_arg234,
+ $sel_arg234,
+ $sel_arg5);
]],[[
$sel_arg1 nfds=0;
$sel_arg234 rfds=0;
@@ -2859,8 +2860,7 @@ AC_DEFUN([DO_CURL_OFF_T_SUFFIX_CHECK], [
dnl CURL_CONFIGURE_CURL_OFF_T
dnl -------------------------------------------------
dnl Find out suitable curl_off_t data type definition and associated
-dnl items, and make the appropriate definitions used in template file
-dnl include/curl/curlbuild.h.in to properly configure the library.
+dnl items
AC_DEFUN([CURL_CONFIGURE_CURL_OFF_T], [
AC_REQUIRE([CURL_INCLUDES_INTTYPES])dnl
@@ -3199,3 +3199,47 @@ TEST EINVAL TEST
CPPPFLAG=""
fi
])
+
+
+dnl CURL_MAC_CFLAGS
+dnl
+dnl Check if -mmacosx-version-min, -miphoneos-version-min or any
+dnl similar are set manually, otherwise do. And set
+dnl -Werror=partial-availability.
+dnl
+
+AC_DEFUN([CURL_MAC_CFLAGS], [
+
+ tst_cflags="no"
+ case $host_os in
+ darwin*)
+ tst_cflags="yes"
+ ;;
+ esac
+
+ AC_MSG_CHECKING([for good-to-use Mac CFLAGS])
+ AC_MSG_RESULT([$tst_cflags]);
+
+ if test "$tst_cflags" = "yes"; then
+ AC_MSG_CHECKING([for *version-min in CFLAGS])
+ min=""
+ if test -z "$(echo $CFLAGS | grep m.*os.*-version-min)"; then
+ min="-mmacosx-version-min=10.8"
+ CFLAGS="$CFLAGS $min"
+ fi
+ if test -z "$min"; then
+ AC_MSG_RESULT([set by user])
+ else
+ AC_MSG_RESULT([$min set])
+ fi
+
+ old_CFLAGS=$CFLAGS
+ CFLAGS="$CFLAGS -Werror=partial-availability"
+ AC_MSG_CHECKING([whether $CC accepts -Werror=partial-availability])
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM()],
+ [AC_MSG_RESULT([yes])],
+ [AC_MSG_RESULT([no])
+ CFLAGS=$old_CFLAGS])
+ fi
+
+])
diff --git a/appveyor.yml b/appveyor.yml
index b9d5a7f2f..3c60a4690 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -61,5 +61,10 @@ environment:
build_script:
- mkdir build.%BDIR%
- cd build.%BDIR%
- - cmake .. -G"%PRJ_GEN%" -DCMAKE_USE_OPENSSL=%OPENSSL%
-DCURL_STATICLIB=%STATICLIB% -DBUILD_TESTING=%TESTING%
+ - cmake .. -G"%PRJ_GEN%" -DCMAKE_USE_OPENSSL=%OPENSSL%
-DCURL_STATICLIB=%STATICLIB% -DBUILD_TESTING=%TESTING% -DCURL_WERROR=ON
- cmake --build . --config %PRJ_CFG% --clean-first
+
+# whitelist branches to avoid testing feature branches twice (as branch and as
pull request)
+branches:
+ only:
+ - master
diff --git a/buildconf b/buildconf
index 0d998c2bf..e151bb2e8 100755
--- a/buildconf
+++ b/buildconf
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -83,7 +83,7 @@ removethis(){
if test ! -f configure.ac ||
test ! -f src/tool_main.c ||
test ! -f lib/urldata.h ||
- test ! -f include/curl/curl.h ||
+ test ! -f include/gnurl/curl.h ||
test ! -f m4/curl-functions.m4; then
echo "Can not run buildconf from outside of curl's source subdirectory!"
echo "Change to the subdirectory where buildconf is found, and try again."
@@ -255,7 +255,7 @@ echo "buildconf: libtoolize version $lt_version (ok)"
#--------------------------------------------------------------------------
# m4 check
#
-m4=`(${M4:-m4} --version || ${M4:-gm4} --version) 2>/dev/null | head -n 1`;
+m4=`(${M4:-m4} --version 0<&- || ${M4:-gm4} --version) 2>/dev/null 0<&- | head
-n 1`;
m4_version=`echo $m4 | sed -e 's/^.* \([0-9]\)/\1/' -e 's/[a-z]* *$//'`
if { echo $m4 | grep "GNU" >/dev/null 2>&1; } then
@@ -305,8 +305,7 @@ for fname in .deps \
config.sub \
configure \
configurehelp.pm \
- curl-config \
- curlbuild.h \
+ gnurl-config \
depcomp \
libcares.pc \
libcurl.pc \
diff --git a/buildconf.bat b/buildconf.bat
index ad3fba6bc..da5c0391a 100644
--- a/buildconf.bat
+++ b/buildconf.bat
@@ -6,7 +6,7 @@ rem * / __| | | | |_) | |
rem * | (__| |_| | _ <| |___
rem * \___|\___/|_| \_\_____|
rem *
-rem * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+rem * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
rem *
rem * This software is licensed as described in the file COPYING, which
rem * you should have received as part of this distribution. The terms
@@ -73,7 +73,6 @@ rem
echo Generating prerequisite files
call :generate
- if errorlevel 4 goto nogencurlbuild
if errorlevel 3 goto nogenhugehelp
if errorlevel 2 goto nogenmakefile
if errorlevel 1 goto warning
@@ -83,7 +82,6 @@ rem
echo Removing prerequisite files
call :clean
- if errorlevel 3 goto nocleancurlbuild
if errorlevel 2 goto nocleanhugehelp
if errorlevel 1 goto nocleanmakefile
)
@@ -98,7 +96,6 @@ rem 0 - success
rem 1 - success with simplified tool_hugehelp.c
rem 2 - failed to generate Makefile
rem 3 - failed to generate tool_hugehelp.c
-rem 4 - failed to generate curlbuild.h
rem
:generate
if "%OS%" == "Windows_NT" setlocal
@@ -126,16 +123,6 @@ rem
)
cmd /c exit 0
- rem Create curlbuild.h
- echo * %CD%\include\curl\curlbuild.h
- if exist include\curl\curlbuild.h.dist (
- copy /Y include\curl\curlbuild.h.dist include\curl\curlbuild.h 1>NUL 2>&1
- if errorlevel 1 (
- if "%OS%" == "Windows_NT" endlocal
- exit /B 4
- )
- )
-
rem Setup c-ares git tree
if exist ares\buildconf.bat (
echo.
@@ -160,7 +147,6 @@ rem
rem 0 - success
rem 1 - failed to clean Makefile
rem 2 - failed to clean tool_hugehelp.c
-rem 3 - failed to clean curlbuild.h
rem
:clean
rem Remove Makefile
@@ -181,15 +167,6 @@ rem
)
)
- rem Remove curlbuild.h
- echo * %CD%\include\curl\curlbuild.h
- if exist include\curl\curlbuild.h (
- del include\curl\curlbuild.h 2>NUL
- if exist include\curl\curlbuild.h (
- exit /B 3
- )
- )
-
exit /B
rem Function to generate src\tool_hugehelp.c
@@ -304,11 +281,6 @@ rem
echo Error: Unable to generate src\tool_hugehelp.c
goto error
-:nogencurlbuild
- echo.
- echo Error: Unable to generate include\curl\curlbuild.h
- goto error
-
:nocleanmakefile
echo.
echo Error: Unable to clean Makefile
@@ -319,11 +291,6 @@ rem
echo Error: Unable to clean src\tool_hugehelp.c
goto error
-:nocleancurlbuild
- echo.
- echo Error: Unable to clean include\curl\curlbuild.h
- goto error
-
:warning
echo.
echo Warning: The curl manual could not be integrated in the source. This
means when
diff --git a/configure.ac b/configure.ac
index 0a9edd0fd..c27c516e4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -31,12 +31,12 @@ XC_OVR_ZZ60
CURL_OVERRIDE_AUTOCONF
dnl configure script copyright
-AC_COPYRIGHT([Copyright (c) 1998 - 2016 Daniel Stenberg, <address@hidden>
+AC_COPYRIGHT([Copyright (c) 1998 - 2017 Daniel Stenberg, <address@hidden>
This configure script may be copied, distributed and modified under the
terms of the curl license; see COPYING for more details])
AC_CONFIG_SRCDIR([lib/urldata.h])
-AC_CONFIG_HEADERS(lib/curl_config.h include/curl/curlbuild.h)
+AC_CONFIG_HEADERS(lib/curl_config.h)
AC_CONFIG_MACRO_DIR([m4])
AM_MAINTAINER_MODE
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
@@ -51,6 +51,7 @@ CURL_CHECK_OPTION_ARES
CURL_CHECK_OPTION_RT
XC_CHECK_PATH_SEPARATOR
+AX_CODE_COVERAGE
#
# save the configure arguments
@@ -120,13 +121,8 @@ AC_SUBST([AR])
AC_SUBST(libext)
-dnl Remove non-configure distributed curlbuild.h
-if test -f ${srcdir}/include/curl/curlbuild.h; then
- rm -f ${srcdir}/include/curl/curlbuild.h
-fi
-
dnl figure out the libcurl version
-CURLVERSION=`$SED -ne 's/^#define LIBCURL_VERSION "\(.*\)"/\1/p'
${srcdir}/include/curl/curlver.h`
+CURLVERSION=`$SED -ne 's/^#define LIBCURL_VERSION "\(.*\)".*/\1/p'
${srcdir}/include/gnurl/curlver.h`
XC_CHECK_PROG_CC
XC_AUTOMAKE
AC_MSG_CHECKING([curl version])
@@ -136,12 +132,12 @@ AC_SUBST(CURLVERSION)
dnl
dnl we extract the numerical version for curl-config only
-VERSIONNUM=`$SED -ne 's/^#define LIBCURL_VERSION_NUM 0x\(.*\)/\1/p'
${srcdir}/include/curl/curlver.h`
+VERSIONNUM=`$SED -ne 's/^#define LIBCURL_VERSION_NUM
0x\([0-9A-Fa-f]*\).*/\1/p' ${srcdir}/include/gnurl/curlver.h`
AC_SUBST(VERSIONNUM)
dnl Solaris pkgadd support definitions
PKGADD_PKG="HAXXcurl"
-PKGADD_NAME="cURL - a client that groks URLs"
+PKGADD_NAME="curl - a client that groks URLs"
PKGADD_VENDOR="curl.haxx.se"
AC_SUBST(PKGADD_PKG)
AC_SUBST(PKGADD_NAME)
@@ -157,7 +153,7 @@ curl_tls_srp_msg="no (--enable-tls-srp)"
curl_res_msg="default (--enable-ares / --enable-threaded-resolver)"
curl_ipv6_msg="no (--enable-ipv6)"
curl_unix_sockets_msg="no (--enable-unix-sockets)"
- curl_idn_msg="no (--with-{libidn,winidn})"
+ curl_idn_msg="no (--with-{libidn2,winidn})"
curl_manual_msg="no (--enable-manual)"
curl_libcurl_msg="enabled (--disable-libcurl-option)"
curl_verbose_msg="enabled (--disable-verbose)"
@@ -357,6 +353,8 @@ case X-"$curl_cv_native_windows" in
esac
CURL_CHECK_WIN32_LARGEFILE
+CURL_MAC_CFLAGS
+
dnl ************************************************************
dnl switch off particular protocols
dnl
@@ -368,6 +366,7 @@ AC_HELP_STRING([--disable-http],[Disable HTTP support]),
no)
AC_MSG_RESULT(no)
AC_DEFINE(CURL_DISABLE_HTTP, 1, [to disable HTTP])
+ disable_http="yes"
AC_MSG_WARN([disable HTTP disables FTP over proxy and RTSP])
AC_SUBST(CURL_DISABLE_HTTP, [1])
AC_DEFINE(CURL_DISABLE_RTSP, 1, [to disable RTSP])
@@ -891,17 +890,16 @@ else
OPT_ZLIB=""
fi
- CURL_CHECK_PKGCONFIG(zlib)
-
- if test "$PKGCONFIG" != "no" ; then
- LIBS="`$PKGCONFIG --libs-only-l zlib` $LIBS"
- LDFLAGS="`$PKGCONFIG --libs-only-L zlib` $LDFLAGS"
- CPPFLAGS="`$PKGCONFIG --cflags-only-I zlib` $CPPFLAGS"
- OPT_ZLIB=""
- HAVE_LIBZ="1"
- fi
-
if test -z "$OPT_ZLIB" ; then
+ CURL_CHECK_PKGCONFIG(zlib)
+
+ if test "$PKGCONFIG" != "no" ; then
+ LIBS="`$PKGCONFIG --libs-only-l zlib` $LIBS"
+ LDFLAGS="$LDFLAGS `$PKGCONFIG --libs-only-L zlib`"
+ CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags-only-I zlib`"
+ OPT_ZLIB=""
+ HAVE_LIBZ="1"
+ fi
if test -z "$HAVE_LIBZ"; then
@@ -1364,18 +1362,18 @@ fi
OPT_DARWINSSL=no
AC_ARG_WITH(darwinssl,dnl
-AC_HELP_STRING([--with-darwinssl],[enable iOS/Mac OS X native SSL/TLS])
-AC_HELP_STRING([--without-darwinssl], [disable iOS/Mac OS X native SSL/TLS]),
+AC_HELP_STRING([--with-darwinssl],[enable Apple OS native SSL/TLS])
+AC_HELP_STRING([--without-darwinssl], [disable Apple OS native SSL/TLS]),
OPT_DARWINSSL=$withval)
-AC_MSG_CHECKING([whether to enable iOS/Mac OS X native SSL/TLS])
+AC_MSG_CHECKING([whether to enable Apple OS native SSL/TLS])
if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test "x$OPT_DARWINSSL" != "xno" &&
test -d "/System/Library/Frameworks/Security.framework"; then
AC_MSG_RESULT(yes)
- AC_DEFINE(USE_DARWINSSL, 1, [to enable iOS/Mac OS X native SSL/TLS
support])
+ AC_DEFINE(USE_DARWINSSL, 1, [to enable Apple OS native SSL/TLS support])
AC_SUBST(USE_DARWINSSL, [1])
- curl_ssl_msg="enabled (iOS/Mac OS X-native)"
+ curl_ssl_msg="enabled (Apple OS-native)"
DARWINSSL_ENABLED=1
LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security"
else
@@ -1509,52 +1507,50 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test
X"$OPT_SSL" != Xno; then
AC_CHECK_LIB(crypto, HMAC_Init_ex,[
HAVECRYPTO="yes"
LIBS="-lcrypto $LIBS"], [
- LDFLAGS="$CLEANLDFLAGS"
- CPPFLAGS="$CLEANCPPFLAGS"
- LIBS="$CLEANLIBS"
- ])
- ])
-
- if test X"$HAVECRYPTO" = X"yes"; then
- AC_MSG_CHECKING([OpenSSL linking without -ldl])
- saved_libs=$LIBS
- AC_TRY_LINK(
- [
- #include <openssl/evp.h>
- ],
- [
- SSLeay_add_all_algorithms();
- ],
- [
- AC_MSG_RESULT(yes)
- LIBS="$saved_libs"
- ],
- [
- AC_MSG_RESULT(no)
- AC_MSG_CHECKING([OpenSSL linking with -ldl])
- LIBS="-ldl $LIBS"
- AC_TRY_LINK(
- [
- #include <openssl/evp.h>
- ],
- [
- SSLeay_add_all_algorithms();
- ],
- [
- AC_MSG_RESULT(yes)
- LIBS="$saved_libs -ldl"
- ],
- [
- AC_MSG_RESULT(no)
- LIBS="$saved_libs"
- ]
- )
+ dnl still no, but what about with -ldl?
+ AC_MSG_CHECKING([OpenSSL linking with -ldl])
+ LIBS="-ldl $LIBS"
+ AC_TRY_LINK(
+ [
+ #include <openssl/err.h>
+ ],
+ [
+ ERR_clear_error();
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ HAVECRYPTO="yes"
+ ],
+ [
+ AC_MSG_RESULT(no)
+ dnl ok, so what about bouth -ldl and -lpthread?
+
+ AC_MSG_CHECKING([OpenSSL linking with -ldl and -lpthread])
+ LIBS="-lpthread $LIBS"
+ AC_TRY_LINK(
+ [
+ #include <openssl/err.h>
+ ],
+ [
+ ERR_clear_error();
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ HAVECRYPTO="yes"
+ ],
+ [
+ AC_MSG_RESULT(no)
+ LDFLAGS="$CLEANLDFLAGS"
+ CPPFLAGS="$CLEANCPPFLAGS"
+ LIBS="$CLEANLIBS"
+
+ ])
- ]
- )
+ ])
- fi
+ ])
+ ])
if test X"$HAVECRYPTO" = X"yes"; then
dnl This is only reasonable to do if crypto actually is there: check for
@@ -1628,11 +1624,8 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test
X"$OPT_SSL" != Xno; then
dnl SSL_get_shutdown (but this check won't actually detect it there
dnl as it's a macro that needs the header files be included)
- AC_CHECK_FUNCS( RAND_status \
- RAND_screen \
- RAND_egd \
+ AC_CHECK_FUNCS( RAND_egd \
ENGINE_cleanup \
- CRYPTO_cleanup_all_ex_data \
SSL_get_shutdown \
SSLv2_client_method )
@@ -1841,7 +1834,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
AC_MSG_NOTICE([Added $gtlslib to LD_LIBRARY_PATH])
fi
fi
- AC_CHECK_FUNCS(gnutls_certificate_set_x509_key_file2)
+ AC_CHECK_FUNCS([gnutls_certificate_set_x509_key_file2
gnutls_alpn_set_protocols gnutls_ocsp_req_init])
fi
fi
@@ -2490,8 +2483,8 @@ if test X"$OPT_LIBMETALINK" != Xno; then
clean_CPPFLAGS="$CPPFLAGS"
clean_LDFLAGS="$LDFLAGS"
clean_LIBS="$LIBS"
- CPPFLAGS="$addcflags $clean_CPPFLAGS"
- LDFLAGS="$addld $clean_LDFLAGS"
+ CPPFLAGS="$clean_CPPFLAGS $addcflags"
+ LDFLAGS="$clean_LDFLAGS $addld"
LIBS="$addlib $clean_LIBS"
AC_MSG_CHECKING([if libmetalink is recent enough])
AC_LINK_IFELSE([
@@ -2654,6 +2647,7 @@ if test X"$OPT_LIBRTMP" != Xno; then
;;
*)
dnl use the given --with-librtmp spot
+ LIB_RTMP="-lrtmp"
PREFIX_RTMP=$OPT_LIBRTMP
;;
esac
@@ -2781,6 +2775,7 @@ if test "$want_winidn" = "yes"; then
clean_LDFLAGS="$LDFLAGS"
clean_LIBS="$LIBS"
WINIDN_LIBS="-lnormaliz"
+ WINIDN_CPPFLAGS="-DWINVER=0x0600"
#
if test "$want_winidn_path" != "default"; then
dnl path has been specified
@@ -2790,13 +2785,17 @@ if test "$want_winidn" = "yes"; then
WINIDN_DIR="$want_winidn_path/lib$libsuff"
fi
#
- CPPFLAGS="$WINIDN_CPPFLAGS $CPPFLAGS"
- LDFLAGS="$WINIDN_LDFLAGS $LDFLAGS"
+ CPPFLAGS="$CPPFLAGS $WINIDN_CPPFLAGS"
+ LDFLAGS="$LDFLAGS $WINIDN_LDFLAGS"
LIBS="$WINIDN_LIBS $LIBS"
#
AC_MSG_CHECKING([if IdnToUnicode can be linked])
AC_LINK_IFELSE([
- AC_LANG_FUNC_LINK_TRY([IdnToUnicode])
+ AC_LANG_PROGRAM([[
+ #include <windows.h>
+ ]],[[
+ IdnToUnicode(0, NULL, 0, NULL, 0);
+ ]])
],[
AC_MSG_RESULT([yes])
tst_links_winidn="yes"
@@ -2822,15 +2821,15 @@ dnl
**********************************************************************
dnl Check for the presence of IDN libraries and headers
dnl **********************************************************************
-AC_MSG_CHECKING([whether to build with libidn])
+AC_MSG_CHECKING([whether to build with libidn2])
OPT_IDN="default"
-AC_ARG_WITH(libidn,
-AC_HELP_STRING([--with-libidn=PATH],[Enable libidn usage])
-AC_HELP_STRING([--without-libidn],[Disable libidn usage]),
+AC_ARG_WITH(libidn2,
+AC_HELP_STRING([--with-libidn2=PATH],[Enable libidn2 usage])
+AC_HELP_STRING([--without-libidn2],[Disable libidn2 usage]),
[OPT_IDN=$withval])
case "$OPT_IDN" in
no)
- dnl --without-libidn option used
+ dnl --without-libidn2 option used
want_idn="no"
AC_MSG_RESULT([no])
;;
@@ -2841,13 +2840,13 @@ case "$OPT_IDN" in
AC_MSG_RESULT([(assumed) yes])
;;
yes)
- dnl --with-libidn option used without path
+ dnl --with-libidn2 option used without path
want_idn="yes"
want_idn_path="default"
AC_MSG_RESULT([yes])
;;
*)
- dnl --with-libidn option used with path
+ dnl --with-libidn2 option used with path
want_idn="yes"
want_idn_path="$withval"
AC_MSG_RESULT([yes ($withval)])
@@ -2864,33 +2863,33 @@ if test "$want_idn" = "yes"; then
if test "$want_idn_path" != "default"; then
dnl path has been specified
IDN_PCDIR="$want_idn_path/lib$libsuff/pkgconfig"
- CURL_CHECK_PKGCONFIG(libidn, [$IDN_PCDIR])
+ CURL_CHECK_PKGCONFIG(libidn2, [$IDN_PCDIR])
if test "$PKGCONFIG" != "no"; then
IDN_LIBS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
- $PKGCONFIG --libs-only-l libidn 2>/dev/null`
+ $PKGCONFIG --libs-only-l libidn2 2>/dev/null`
IDN_LDFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
- $PKGCONFIG --libs-only-L libidn 2>/dev/null`
+ $PKGCONFIG --libs-only-L libidn2 2>/dev/null`
IDN_CPPFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
- $PKGCONFIG --cflags-only-I libidn 2>/dev/null`
+ $PKGCONFIG --cflags-only-I libidn2 2>/dev/null`
IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
else
dnl pkg-config not available or provides no info
- IDN_LIBS="-lidn"
+ IDN_LIBS="-lidn2"
IDN_LDFLAGS="-L$want_idn_path/lib$libsuff"
IDN_CPPFLAGS="-I$want_idn_path/include"
IDN_DIR="$want_idn_path/lib$libsuff"
fi
else
dnl path not specified
- CURL_CHECK_PKGCONFIG(libidn)
+ CURL_CHECK_PKGCONFIG(libidn2)
if test "$PKGCONFIG" != "no"; then
- IDN_LIBS=`$PKGCONFIG --libs-only-l libidn 2>/dev/null`
- IDN_LDFLAGS=`$PKGCONFIG --libs-only-L libidn 2>/dev/null`
- IDN_CPPFLAGS=`$PKGCONFIG --cflags-only-I libidn 2>/dev/null`
+ IDN_LIBS=`$PKGCONFIG --libs-only-l libidn2 2>/dev/null`
+ IDN_LDFLAGS=`$PKGCONFIG --libs-only-L libidn2 2>/dev/null`
+ IDN_CPPFLAGS=`$PKGCONFIG --cflags-only-I libidn2 2>/dev/null`
IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
else
dnl pkg-config not available or provides no info
- IDN_LIBS="-lidn"
+ IDN_LIBS="-lidn2"
fi
fi
#
@@ -2906,13 +2905,13 @@ if test "$want_idn" = "yes"; then
AC_MSG_NOTICE([IDN_DIR: "$IDN_DIR"])
fi
#
- CPPFLAGS="$IDN_CPPFLAGS $CPPFLAGS"
- LDFLAGS="$IDN_LDFLAGS $LDFLAGS"
+ CPPFLAGS="$CPPFLAGS $IDN_CPPFLAGS"
+ LDFLAGS="$LDFLAGS $IDN_LDFLAGS"
LIBS="$IDN_LIBS $LIBS"
#
- AC_MSG_CHECKING([if idna_to_ascii_4i can be linked])
+ AC_MSG_CHECKING([if idn2_lookup_ul can be linked])
AC_LINK_IFELSE([
- AC_LANG_FUNC_LINK_TRY([idna_to_ascii_4i])
+ AC_LANG_FUNC_LINK_TRY([idn2_lookup_ul])
],[
AC_MSG_RESULT([yes])
tst_links_libidn="yes"
@@ -2920,37 +2919,19 @@ if test "$want_idn" = "yes"; then
AC_MSG_RESULT([no])
tst_links_libidn="no"
])
- if test "$tst_links_libidn" = "no"; then
- AC_MSG_CHECKING([if idna_to_ascii_lz can be linked])
- AC_LINK_IFELSE([
- AC_LANG_FUNC_LINK_TRY([idna_to_ascii_lz])
- ],[
- AC_MSG_RESULT([yes])
- tst_links_libidn="yes"
- ],[
- AC_MSG_RESULT([no])
- tst_links_libidn="no"
- ])
- fi
#
+ AC_CHECK_HEADERS( idn2.h )
+
if test "$tst_links_libidn" = "yes"; then
- AC_DEFINE(HAVE_LIBIDN, 1, [Define to 1 if you have the `idn' library
(-lidn).])
+ AC_DEFINE(HAVE_LIBIDN2, 1, [Define to 1 if you have the `idn2' library
(-lidn2).])
dnl different versions of libidn have different setups of these:
- AC_CHECK_FUNCS( idn_free idna_strerror tld_strerror )
- AC_CHECK_HEADERS( idn-free.h tld.h )
- if test "x$ac_cv_header_tld_h" = "xyes"; then
- AC_SUBST([IDN_ENABLED], [1])
- curl_idn_msg="enabled"
- if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
- LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
- export LD_LIBRARY_PATH
- AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
- fi
- else
- AC_MSG_WARN([Libraries for IDN support too old: IDN disabled])
- CPPFLAGS="$clean_CPPFLAGS"
- LDFLAGS="$clean_LDFLAGS"
- LIBS="$clean_LIBS"
+
+ AC_SUBST([IDN_ENABLED], [1])
+ curl_idn_msg="enabled (libidn2)"
+ if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
+ LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
+ export LD_LIBRARY_PATH
+ AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
fi
else
AC_MSG_WARN([Cannot find libraries for IDN support: IDN disabled])
@@ -2971,6 +2952,12 @@ dnl Check for nghttp2
dnl **********************************************************************
OPT_H2="yes"
+
+if test "x$disable_http" = "xyes"; then
+ # without HTTP, nghttp2 is no use
+ OPT_H2="no"
+fi
+
AC_ARG_WITH(nghttp2,
AC_HELP_STRING([--with-nghttp2=PATH],[Enable nghttp2 usage])
AC_HELP_STRING([--without-nghttp2],[Disable nghttp2 usage]),
@@ -3292,24 +3279,20 @@ case $host in
;;
esac
-AC_CHECK_FUNCS([fork \
- geteuid \
+AC_CHECK_FUNCS([geteuid \
getpass_r \
getppid \
- getprotobyname \
getpwuid \
getpwuid_r \
getrlimit \
gettimeofday \
if_nametoindex \
- inet_addr \
- perror \
pipe \
setlocale \
setmode \
setrlimit \
- uname \
- utime
+ utime \
+ utimes
],[
],[
func="$ac_func"
@@ -3412,14 +3395,52 @@ else
fi
AM_CONDITIONAL(BUILD_LIBHOSTNAME, test x$build_libhostname = xyes)
-CURL_CHECK_OPTION_THREADED_RESOLVER
+if test "x$want_ares" != xyes; then
+ CURL_CHECK_OPTION_THREADED_RESOLVER
+fi
+
+dnl ************************************************************
+dnl disable POSIX threads
+dnl
+AC_MSG_CHECKING([whether to use POSIX threads for threaded resolver])
+AC_ARG_ENABLE(pthreads,
+AC_HELP_STRING([--enable-pthreads],
+ [Enable POSIX threads (default for threaded resolver)])
+AC_HELP_STRING([--disable-pthreads],[Disable POSIX threads]),
+[ case "$enableval" in
+ no) AC_MSG_RESULT(no)
+ want_pthreads=no
+ ;;
+ *) AC_MSG_RESULT(yes)
+ want_pthreads=yes
+ ;;
+ esac ], [
+ AC_MSG_RESULT(auto)
+ want_pthreads=auto
+ ]
+)
+
+dnl turn off pthreads if rt is disabled
+if test "$want_pthreads" != "no"; then
+ if test "$want_pthreads" = "yes" && test "$dontwant_rt" = "yes"; then
+ AC_MSG_ERROR([options --enable-pthreads and --disable-rt are mutually
exclusive])
+ fi
+ if test "$dontwant_rt" != "no"; then
+ dnl if --enable-pthreads was explicit then warn it's being ignored
+ if test "$want_pthreads" = "yes"; then
+ AC_MSG_WARN([--enable-pthreads Ignored since librt is disabled.])
+ fi
+ want_pthreads=no
+ fi
+fi
-if test "x$want_thres" = xyes && test "x$want_ares" = xyes; then
- AC_MSG_ERROR(
-[Options --enable-threaded-resolver and --enable-ares are mutually exclusive])
+dnl turn off pthreads if no threaded resolver
+if test "$want_pthreads" != "no" && test "$want_thres" != "yes"; then
+ want_pthreads=no
fi
-if test "$want_thres" = "yes" && test "$dontwant_rt" = "no"; then
+dnl detect pthreads
+if test "$want_pthreads" != "no"; then
AC_CHECK_HEADER(pthread.h,
[ AC_DEFINE(HAVE_PTHREAD_H, 1, [if you have <pthread.h>])
save_CFLAGS="$CFLAGS"
@@ -3441,11 +3462,24 @@ if test "$want_thres" = "yes" && test "$dontwant_rt" =
"no"; then
AC_DEFINE(USE_THREADS_POSIX, 1, [if you want POSIX threaded DNS
lookup])
curl_res_msg="POSIX threaded"
fi
-
-
])
fi
+dnl threaded resolver check
+if test "$want_thres" = "yes" && test "x$USE_THREADS_POSIX" != "x1"; then
+ if test "$want_pthreads" = "yes"; then
+ AC_MSG_ERROR([--enable-pthreads but pthreads was not found])
+ fi
+ dnl If native Windows fallback on Win32 threads since no POSIX threads
+ if test "$curl_cv_native_windows" = "yes"; then
+ USE_THREADS_WIN32=1
+ AC_DEFINE(USE_THREADS_WIN32, 1, [if you want Win32 threaded DNS lookup])
+ curl_res_msg="Win32 threaded"
+ else
+ AC_MSG_ERROR([Threaded resolver enabled but no thread library found])
+ fi
+fi
+
dnl ************************************************************
dnl disable verbose text strings
dnl
@@ -3673,7 +3707,8 @@ fi
if test "x$HAVE_LIBZ" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES libz"
fi
-if test "x$USE_ARES" = "x1" -o "x$USE_THREADS_POSIX" = "x1"; then
+if test "x$USE_ARES" = "x1" -o "x$USE_THREADS_POSIX" = "x1" \
+ -o "x$USE_THREADS_WIN32" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES AsynchDNS"
fi
if test "x$IDN_ENABLED" = "x1"; then
@@ -3722,6 +3757,11 @@ if test "x$USE_NGHTTP2" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP2"
fi
+if test "x$OPENSSL_ENABLED" = "x1" -o "x$GNUTLS_ENABLED" = "x1" \
+ -o "x$NSS_ENABLED" = "x1"; then
+ SUPPORT_FEATURES="$SUPPORT_FEATURES HTTPS-proxy"
+fi
+
AC_SUBST(SUPPORT_FEATURES)
dnl For supported protocols in pkg-config file
@@ -3834,8 +3874,9 @@ AC_CONFIG_FILES([Makefile \
docs/examples/Makefile \
docs/libcurl/Makefile \
docs/libcurl/opts/Makefile \
+ docs/cmdline-opts/Makefile \
include/Makefile \
- include/curl/Makefile \
+ include/gnurl/Makefile \
src/Makefile \
lib/Makefile \
scripts/Makefile \
@@ -3847,6 +3888,7 @@ AC_CONFIG_FILES([Makefile \
tests/server/Makefile \
tests/libtest/Makefile \
tests/unit/Makefile \
+ tests/fuzz/Makefile \
packages/Makefile \
packages/Win32/Makefile \
packages/Win32/cygwin/Makefile \
diff --git a/docs/.gitignore b/docs/.gitignore
index 23f832b73..60f329382 100644
--- a/docs/.gitignore
+++ b/docs/.gitignore
@@ -1,2 +1,4 @@
*.html
*.pdf
+curl.1
+*.1.dist
diff --git a/docs/BINDINGS b/docs/BINDINGS
deleted file mode 100644
index eb67c3d6b..000000000
--- a/docs/BINDINGS
+++ /dev/null
@@ -1,260 +0,0 @@
- _ _ ____ _
- ___| | | | _ \| |
- / __| | | | |_) | |
- | (__| |_| | _ <| |___
- \___|\___/|_| \_\_____|
-
- libcurl bindings
-
- Creative people have written bindings or interfaces for various environments
- and programming languages. Using one of these allows you to take advantage of
- curl powers from within your favourite language or system.
-
- This is a list of all known interfaces as of this writing.
-
- The bindings listed below are not part of the curl/libcurl distribution
- archives, but must be downloaded and installed separately.
-
-Ada95
-
- Writtten by Andreas Almroth
- http://www.almroth.com/adacurl/index.html
-
-Basic
-
- ScriptBasic bindings to libcurl. Writtten by Peter Verhas
- http://scriptbasic.com/
-
-C
- libcurl is a C library in itself!
- https://curl.haxx.se/libcurl/
-
-C++
-
- Written by Jean-Philippe Barrette-LaPierre
- http://curlpp.org/
-
-Ch
-
- Written by Stephen Nestinger and Jonathan Rogado
- http://chcurl.sourceforge.net/
-
-Cocoa
-
- BBHTTP: written by Bruno de Carvalho
- https://github.com/brunodecarvalho/BBHTTP
-
- curlhandle: Written by Dan Wood
- http://curlhandle.sourceforge.net/
-
-D
-
- Written by Kenneth Bogert
- http://dlang.org/library/std/net/curl.html
-
-Dylan
-
- Written by Chris Double
- http://dylanlibs.sourceforge.net/
-
-Eiffel
-
- Written by Eiffel Software
- https://room.eiffel.com/library/curl
-
-Euphoria
-
- Written by Ray Smith
- http://rays-web.com/eulibcurl.htm
-
-Falcon
-
- http://www.falconpl.org/index.ftd?page_id=prjs&prj_id=curl
-
-Ferite
-
- Written by Paul Querna
- http://www.ferite.org/
-
-Gambas
-
- http://gambas.sourceforge.net/
-
-glib/GTK+
-
- Written by Richard Atterer
- http://atterer.net/glibcurl/
-
-Guile:
-
- Written by Michael L. Gran
- http://www.lonelycactus.com/guile-curl.html
-
-Harbour
-
- Written by Viktor Szakáts
- https://github.com/vszakats/harbour-core/tree/master/contrib/hbcurl
-
-Haskell
-
- Written by Galois, Inc
- http://hackage.haskell.org/cgi-bin/hackage-scripts/package/curl
-
-Java
-
- https://github.com/pjlegato/curl-java
-
-Julia
-
- Written by Paul Howe
- https://github.com/forio/Curl.jl
-
-Lisp
-
- Written by Liam Healy
- http://common-lisp.net/project/cl-curl/
-
-Lua
-
- luacurl by Alexander Marinov
- http://luacurl.luaforge.net/
-
- Lua-cURL by Jürgen Hötzel
- http://luaforge.net/projects/lua-curl/
-
-Mono
-
- Written by Jeffrey Phillips
- http://forge.novell.com/modules/xfmod/project/?libcurl-mono
-
-.NET
-
- libcurl-net by Jeffrey Phillips
- https://sourceforge.net/projects/libcurl-net/
-
-node.js
-
- node-libcurl by Jonathan Cardoso Machado
- https://github.com/JCMais/node-libcurl
-
-Object-Pascal
-
- Free Pascal, Delphi and Kylix binding written by Christophe Espern.
- http://www.tekool.com/opcurl
-
-O'Caml
-
- Written by Lars Nilsson
- https://sourceforge.net/projects/ocurl/
-
-Pascal
-
- Free Pascal, Delphi and Kylix binding written by Jeffrey Pohlmeyer.
- http://houston.quik.com/jkp/curlpas/
-
-Perl
-
- Maintained by Cris Bailiff and Bálint Szilakszi
- https://github.com/szbalint/WWW--Curl
-
-PHP
-
- Written by Sterling Hughes
- https://php.net/curl
-
-PostgreSQL
-
- Written by Gian Paolo Ciceri
- http://gborg.postgresql.org/project/pgcurl/projdisplay.php
-
-Python
-
- PycURL by Kjetil Jacobsen
- http://pycurl.sourceforge.net/
-
-R
-
- http://cran.r-project.org/package=curl
-
-Rexx
-
- Written Mark Hessling
- http://rexxcurl.sourceforge.net/
-
-RPG
-
- Support for ILE/RPG on OS/400 is included in source distribution
- https://curl.haxx.se/libcurl/
- See packages/OS400/README.OS400 and packages/OS400/curl.inc.in
-
-Ruby
-
- curb - written by Ross Bamford
- http://curb.rubyforge.org/
-
- ruby-curl-multi - written by Kristjan Petursson and Keith Rarick
- http://curl-multi.rubyforge.org/
-
-Rust
-
- curl-rust - by Carl Lerche
- https://github.com/carllerche/curl-rust
-
-Scheme
-
- Bigloo binding by Kirill Lisovsky
- http://www.metapaper.net/lisovsky/web/curl/
-
-S-Lang
-
- S-Lang binding by John E Davis
- http://www.jedsoft.org/slang/modules/curl.html
-
-Smalltalk
-
- Smalltalk binding by Danil Osipchuk
- http://www.squeaksource.com/CurlPlugin/
-
-SP-Forth
-
- SP-Forth binding by ygrek
- http://www.forth.org.ru/~ac/lib/lin/curl/
-
-SPL
-
- SPL binding by Clifford Wolf
- http://www.clifford.at/spl/
-
-Tcl
-
- Tclcurl by Andrés García
- http://mirror.yellow5.com/tclcurl/
-
-Visual Basic
-
- libcurl-vb by Jeffrey Phillips
- https://sourceforge.net/projects/libcurl-vb/
-
-Visual Foxpro
-
- by Carlos Alloatti
- http://www.ctl32.com.ar/libcurl.asp
-
-Q
- The libcurl module is part of the default install
- http://q-lang.sourceforge.net/
-
-wxWidgets
-
- Written by Casey O'Donnell
- http://wxcode.sourceforge.net/components/wxcurl/
-
-XBLite
-
- Written by David Szafranski
- http://perso.wanadoo.fr/xblite/libraries.html
-
-Xojo
-
- Written by Andrew Lambert
- https://github.com/charonn0/RB-libcURL
diff --git a/docs/BINDINGS.md b/docs/BINDINGS.md
new file mode 100644
index 000000000..0c6534800
--- /dev/null
+++ b/docs/BINDINGS.md
@@ -0,0 +1,118 @@
+libcurl bindings
+================
+
+ Creative people have written bindings or interfaces for various environments
+ and programming languages. Using one of these allows you to take advantage of
+ curl powers from within your favourite language or system.
+
+ This is a list of all known interfaces as of this writing.
+
+ The bindings listed below are not part of the curl/libcurl distribution
+ archives, but must be downloaded and installed separately.
+
+[Ada95](http://www.almroth.com/adacurl/index.html) Written by Andreas Almroth
+
+[Basic](http://scriptbasic.com/) ScriptBasic bindings written by Peter Verhas
+
+C++: [curlpp](http://curlpp.org/) Written by Jean-Philippe Barrette-LaPierre,
+[curlcpp](https://github.com/JosephP91/curlcpp) by Giuseppe Persico and [C++
+Requests](https://github.com/whoshuu/cpr) by Huu Nguyen
+
+[Ch](https://chcurl.sourceforge.io/) Written by Stephen Nestinger and Jonathan
Rogado
+
+Cocoa: [BBHTTP](https://github.com/brunodecarvalho/BBHTTP) written by Bruno de
Carvalho
+[curlhandle](https://github.com/karelia/curlhandle) Written by Dan Wood
+
+[D](https://dlang.org/library/std/net/curl.html) Written by Kenneth Bogert
+
+[Delphi](https://github.com/Mercury13/curl4delphi) Written by Mikhail Merkuryev
+
+[Dylan](https://dylanlibs.sourceforge.io/) Written by Chris Double
+
+[Eiffel](https://room.eiffel.com/library/curl) Written by Eiffel Software
+
+[Euphoria](http://rays-web.com/eulibcurl.htm) Written by Ray Smith
+
+[Falcon](http://www.falconpl.org/index.ftd?page_id=prjs&prj_id=curl)
+
+[Ferite](http://www.ferite.org/) Written by Paul Querna
+
+[Gambas](https://gambas.sourceforge.io/)
+
+[glib/GTK+](http://atterer.net/glibcurl/) Written by Richard Atterer
+
+Go: [go-curl](https://github.com/andelf/go-curl) by ShuYu Wang
+
+[Guile](http://www.lonelycactus.com/guile-curl.html) Written by Michael L. Gran
+
+[Harbour](https://github.com/vszakats/harbour-core/tree/master/contrib/hbcurl)
Written by Viktor Szakáts
+
+[Haskell](https://hackage.haskell.org/cgi-bin/hackage-scripts/package/curl)
Written by Galois, Inc
+
+[Java](https://github.com/pjlegato/curl-java)
+
+[Julia](https://github.com/forio/Curl.jl) Written by Paul Howe
+
+[Lisp](https://common-lisp.net/project/cl-curl/) Written by Liam Healy
+
+Lua: [luacurl](http://luacurl.luaforge.net/) by Alexander Marinov,
[Lua-cURL](https://github.com/Lua-cURL) by Jürgen Hötzel
+
+[Mono](https://forge.novell.com/modules/xfmod/project/?libcurl-mono) Written
by Jeffrey Phillips
+
+[.NET](https://sourceforge.net/projects/libcurl-net/) libcurl-net by Jeffrey
Phillips
+
+[node.js](https://github.com/JCMais/node-libcurl) node-libcurl by Jonathan
Cardoso Machado
+
+[Object-Pascal](http://www.tekool.com/opcurl) Free Pascal, Delphi and Kylix
binding written by Christophe Espern.
+
+[OCaml](https://opam.ocaml.org/packages/ocurl/) Written by Lars Nilsson and
ygrek
+
+[Pascal](http://houston.quik.com/jkp/curlpas/) Free Pascal, Delphi and Kylix
binding written by Jeffrey Pohlmeyer.
+
+Perl: [WWW--Curl](https://github.com/szbalint/WWW--Curl) Maintained by Cris
+Bailiff and Bálint Szilakszi,
+[perl6-net-curl](https://github.com/azawawi/perl6-net-curl) by Ahmad M. Zawawi
+
+[PHP](https://php.net/curl) Originally written by Sterling Hughes
+
+[PostgreSQL](http://gborg.postgresql.org/project/pgcurl/projdisplay.php)
Written by Gian Paolo Ciceri
+
+[Python](http://pycurl.io/) PycURL by Kjetil Jacobsen
+
+[R](https://cran.r-project.org/package=curl)
+
+[Rexx](https://rexxcurl.sourceforge.io/) Written Mark Hessling
+
+[Ring](https://ring-lang.sourceforge.io/doc1.3/libcurl.html) RingLibCurl by
Mahmoud Fayed
+
+RPG, support for ILE/RPG on OS/400 is included in source distribution
+
+Ruby: [curb](http://curb.rubyforge.org/) written by Ross Bamford,
[ruby-curl-multi](http://curl-multi.rubyforge.org/) written by Kristjan
Petursson and Keith Rarick
+
+[Rust](https://github.com/carllerche/curl-rust) curl-rust - by Carl Lerche
+
+[Scheme](https://www.metapaper.net/lisovsky/web/curl/) Bigloo binding by
Kirill Lisovsky
+
+[Scilab](https://help.scilab.org/docs/current/fr_FR/getURL.html) binding by
Sylvestre Ledru
+
+[S-Lang](http://www.jedsoft.org/slang/modules/curl.html) by John E Davis
+
+[Smalltalk](http://www.squeaksource.com/CurlPlugin/) Written by Danil Osipchuk
+
+[SP-Forth](https://sourceforge.net/p/spf/spf/ci/master/tree/devel/~ac/lib/lin/curl/)
Written by Andrey Cherezov
+
+[SPL](http://www.clifford.at/spl/) Written by Clifford Wolf
+
+[Tcl](http://mirror.yellow5.com/tclcurl/) Tclcurl by Andrés García
+
+[Visual Basic](https://sourceforge.net/projects/libcurl-vb/) libcurl-vb by
Jeffrey Phillips
+
+[Visual Foxpro](http://www.ctl32.com.ar/libcurl.asp) by Carlos Alloatti
+
+[Q](https://q-lang.sourceforge.io/) The libcurl module is part of the default
install
+
+[wxWidgets](https://wxcode.sourceforge.io/components/wxcurl/) Written by Casey
O'Donnell
+
+[XBLite](http://perso.wanadoo.fr/xblite/libraries.html) Written by David
Szafranski
+
+[Xojo](https://github.com/charonn0/RB-libcURL) Written by Andrew Lambert
diff --git a/docs/BUGS b/docs/BUGS
index dfd9b205a..3c8fa9fcc 100644
--- a/docs/BUGS
+++ b/docs/BUGS
@@ -9,19 +9,30 @@ BUGS
1. Bugs
1.1 There are still bugs
1.2 Where to report
- 1.3 What to report
- 1.4 libcurl problems
- 1.5 Who will fix the problems
- 1.6 How to get a stack trace
- 1.7 Bugs in libcurl bindings
+ 1.3 Security bugs
+ 1.4 What to report
+ 1.5 libcurl problems
+ 1.6 Who will fix the problems
+ 1.7 How to get a stack trace
+ 1.8 Bugs in libcurl bindings
+ 1.9 Bugs in old versions
+
+ 2. Bug fixing procedure
+ 2.1 What happens on first filing
+ 2.2 First response
+ 2.3 Not reproducible
+ 2.4 Unresponsive
+ 2.5 Lack of time/interest
+ 2.6 KNOWN_BUGS
+ 2.7 TODO
+ 2.8 Closing off stalled bugs
==============================================================================
1.1 There are still bugs
- Curl and libcurl have grown substantially since the beginning. At the time
- of writing (January 2013), there are about 83,000 lines of source code, and
- by the time you read this it has probably grown even more.
+ Curl and libcurl keep being developed. Adding features and changing code
+ means that bugs will sneak in, no matter how hard we try not to.
Of course there are lots of bugs left. And lots of misfeatures.
@@ -42,7 +53,24 @@ BUGS
If you feel you need to ask around first, find a suitable mailing list and
post there. The lists are available on https://curl.haxx.se/mail/
-1.3 What to report
+1.3 Security bugs
+
+ If you find a bug or problem in curl or libcurl that you think has a
+ security impact, for example a bug that can put users in danger or make them
+ vulnerable if the bug becomes public knowledge, then please report that bug
+ using our security development process.
+
+ Security related bugs or bugs that are suspected to have a security impact,
+ should be reported by email to address@hidden so that they first can
+ be dealt with away from the public to minimize the harm and impact it will
+ have on existing users out there who might be using the vulernable versions.
+
+ The curl project's process for handling security related issues is
+ documented here:
+
+ https://curl.haxx.se/dev/security.html
+
+1.4 What to report
When reporting a bug, you should include all information that will help us
understand what's wrong, what you expected to happen and how to repeat the
@@ -74,9 +102,7 @@ BUGS
The address and how to subscribe to the mailing lists are detailed in the
MANUAL file.
-1.4 libcurl problems
-
- First, post all libcurl problems on the curl-library mailing list.
+1.5 libcurl problems
When you've written your own application with libcurl to perform transfers,
it is even more important to be specific and detailed when reporting bugs.
@@ -96,7 +122,7 @@ BUGS
valgrind or similar before you post memory-related or "crashing" problems to
us.
-1.5 Who will fix the problems
+1.6 Who will fix the problems
If the problems or bugs you describe are considered to be bugs, we want to
have the problems fixed.
@@ -115,7 +141,7 @@ BUGS
We get reports from many people every month and each report can take a
considerable amount of time to really go to the bottom with.
-1.6 How to get a stack trace
+1.7 How to get a stack trace
First, you must make sure that you compile all sources with -g and that you
don't 'strip' the final executable. Try to avoid optimizing the code as
@@ -135,7 +161,7 @@ BUGS
crashed. Include the stack trace with your detailed bug report. It'll help a
lot.
-1.7 Bugs in libcurl bindings
+1.8 Bugs in libcurl bindings
There will of course pop up bugs in libcurl bindings. You should then
primarily approach the team that works on that particular binding and see
@@ -144,3 +170,128 @@ BUGS
If you suspect that the problem exists in the underlying libcurl, then
please convert your program over to plain C and follow the steps outlined
above.
+
+1.9 Bugs in old versions
+
+ The curl project typically releases new versions every other month, and we
+ fix several hundred bugs per year. For a huge table of releases, number of
+ bug fixes and more, see: https://curl.haxx.se/docs/releases.html
+
+ The developers in the curl project do not have bandwidth or energy enough to
+ maintain several branches or to spend much time on hunting down problems in
+ old versions when chances are we already fixed them or at least that they've
+ changed nature and appearance in later versions.
+
+ When you experience a problem and want to report it, you really SHOULD
+ include the version number of the curl you're using when you experience the
+ issue. If that version number shows us that you're using an out-of-date
+ curl, you should also try out a modern curl version to see if the problem
+ persists or how/if it has changed in apperance.
+
+ Even if you cannot immediately upgrade your application/system to run the
+ latest curl version, you can most often at least run a test version or
+ experimental build or similar, to get this confirmed or not.
+
+ At times people insist that they cannot upgrade to a modern curl version,
+ but instead they "just want the bug fixed". That's fine, just don't count on
+ us spending many cycles on trying to identify which single commit, if that's
+ even possible, that at some point in the past fixed the problem you're now
+ experiencing.
+
+ Security wise, it is almost always a bad idea to lag behind the current curl
+ versions by a lot. We keeping discovering and reporting security problems
+ over time see you can see in this table:
+ https://curl.haxx.se/docs/vulnerabilities.html
+
+2. Bug fixing procedure
+
+2.1 What happens on first filing
+
+ When a new issue is posted in the issue tracker or on the mailing list, the
+ team of developers first need to see the report. Maybe they took the day
+ off, maybe they're off in the woods hunting. Have patience. Allow at least a
+ few days before expecting someone to have responded.
+
+ In the issue tracker you can expect that some labels will be set on the
+ issue to help categorize it.
+
+2.2 First response
+
+ If your issue/bug report wasn't perfect at once (and few are), chances are
+ that someone will ask follow-up questions. Which version did you use? Which
+ options did you use? How often does the problem occur? How can we reproduce
+ this problem? Which protocols does it involve? Or perhaps much more specific
+ and deep diving questions. It all depends on your specific issue.
+
+ You should then respond to these follow-up questions and provide more info
+ about the problem, so that we can help you figure it out. Or maybe you can
+ help us figure it out. An active back-and-forth communication is important
+ and the key for finding a cure and landing a fix.
+
+2.3 Not reproducible
+
+ For problems that we can't reproduce and can't understand even after having
+ gotten all the info we need and having studied the source code over again,
+ are really hard to solve so then we may require further work from you who
+ actually see or experience the problem.
+
+2.4 Unresponsive
+
+ If the problem haven't been understood or reproduced, and there's nobody
+ responding to follow-up questions or questions asking for clarifications or
+ for discussing possible ways to move forward with the task, we take that as
+ a strong suggestion that the bug is not important.
+
+ Unimportant issues will be closed as inactive sooner or later as they can't
+ be fixed. The inactivity period (waiting for responses) should not be
+ shorter than two weeks but may extend months.
+
+2.5 Lack of time/interest
+
+ Bugs that are filed and are understood can unfortunately end up in the
+ "nobody cares enough about it to work on it" category. Such bugs are
+ perfectly valid problems that *should* get fixed but apparently aren't. We
+ try to mark such bugs as "KNOWN_BUGS material" after a time of inactivity
+ and if no activity is noticed after yet some time those bugs are added to
+ KNOWN_BUGS and are closed in the issue tracker.
+
+2.6 KNOWN_BUGS
+
+ This is a list of known bugs. Bugs we know exist and that have been pointed
+ out but that haven't yet been fixed. The reasons for why they haven't been
+ fixed can involve anything really, but the primary reason is that nobody has
+ considered these problems to be important enough to spend the necessary time
+ and effort to have them fixed.
+
+ The KNOWN_BUGS are always up for grabs and we will always love the ones who
+ bring one of them back to live and offers solutions to them.
+
+ The KNOWN_BUGS document has a sibling document known as TODO.
+
+2.7 TODO
+
+ Issues that are filed or reported that aren't really bugs but more missing
+ features or ideas for future improvements and so on are marked as
+ 'enhancement' or 'feature-request' and will be added to the TODO document
+ instead and the issue is closed. We don't keep TODO items in the issue
+ tracker.
+
+ The TODO document is full of ideas and suggestions of what we can add or fix
+ one day. You're always encouraged and free to grab one of those items and
+ take up a discussion with the curl development team on how that could be
+ implemented or provided in the project so that you can work on ticking it
+ odd that document.
+
+ If the issue is rather a bug and not a missing feature or functionality, it
+ is listed in KNOWN_BUGS instead.
+
+2.8 Closing off stalled bugs
+
+ The issue and pull request trackers on https://github.com/curl/curl will
+ only hold "active" entries (using a non-precise definition of what active
+ actually is, but they're at least not completely dead). Those that are
+ abandonded or in other ways dormant will be closed and sometimes added to
+ TODO and KNOWN_BUGS instead.
+
+ This way, we only have "active" issues open on github. Irrelevant issues and
+ pull requests will not distract developes or casual visitors.
diff --git a/docs/CHECKSRC.md b/docs/CHECKSRC.md
index 591e066f6..b42de8470 100644
--- a/docs/CHECKSRC.md
+++ b/docs/CHECKSRC.md
@@ -20,7 +20,7 @@ when, for example, one of the files is generated.
checksrc does not check and verify the code against the entire style guide,
but the script is instead an effort to detect the most common mistakes and
-syntax mistakes that contributers make before they get accustomed to our code
+syntax mistakes that contributors make before they get accustomed to our code
style. Heck, many of us regulars do the mistakes too and this script helps us
keep the code in shape.
@@ -33,7 +33,7 @@ warnings are:
- `BADCOMMAND`: There's a bad !checksrc! instruction in the code. See the
**Ignore certain warnings** section below for details.
-- `BANNEDFUNC`: A banned function was used. The funtions sprintf, vsprintf,
+- `BANNEDFUNC`: A banned function was used. The functions sprintf, vsprintf,
strcat, strncat, gets are **never** allowed in curl source code.
- `BRACEELSE`: '} else' on the same line. The else is supposed to be on the
diff --git a/docs/CIPHERS.md b/docs/CIPHERS.md
new file mode 100644
index 000000000..e09533b0d
--- /dev/null
+++ b/docs/CIPHERS.md
@@ -0,0 +1,426 @@
+# Ciphers
+
+With curl's options `CURLOPT_SSL_CIPHER_LIST` and `--ciphers` users can
+control which ciphers to consider when negotiating TLS connections.
+
+The names of the known ciphers differ depending on which TLS backend that
+libcurl was built to use. This is an attempt to list known cipher names.
+
+## OpenSSL
+
+(based on [OpenSSL
docs](https://www.openssl.org/docs/man1.1.0/apps/ciphers.html))
+
+### SSL3 cipher suites
+
+`NULL-MD5`
+`NULL-SHA`
+`RC4-MD5`
+`RC4-SHA`
+`IDEA-CBC-SHA`
+`DES-CBC3-SHA`
+`DH-DSS-DES-CBC3-SHA`
+`DH-RSA-DES-CBC3-SHA`
+`DHE-DSS-DES-CBC3-SHA`
+`DHE-RSA-DES-CBC3-SHA`
+`ADH-RC4-MD5`
+`ADH-DES-CBC3-SHA`
+
+### TLS v1.0 cipher suites
+
+`NULL-MD5`
+`NULL-SHA`
+`RC4-MD5`
+`RC4-SHA`
+`IDEA-CBC-SHA`
+`DES-CBC3-SHA`
+`DHE-DSS-DES-CBC3-SHA`
+`DHE-RSA-DES-CBC3-SHA`
+`ADH-RC4-MD5`
+`ADH-DES-CBC3-SHA`
+
+### AES ciphersuites from RFC3268, extending TLS v1.0
+
+`AES128-SHA`
+`AES256-SHA`
+`DH-DSS-AES128-SHA`
+`DH-DSS-AES256-SHA`
+`DH-RSA-AES128-SHA`
+`DH-RSA-AES256-SHA`
+`DHE-DSS-AES128-SHA`
+`DHE-DSS-AES256-SHA`
+`DHE-RSA-AES128-SHA`
+`DHE-RSA-AES256-SHA`
+`ADH-AES128-SHA`
+`ADH-AES256-SHA`
+
+### SEED ciphersuites from RFC4162, extending TLS v1.0
+
+`SEED-SHA`
+`DH-DSS-SEED-SHA`
+`DH-RSA-SEED-SHA`
+`DHE-DSS-SEED-SHA`
+`DHE-RSA-SEED-SHA`
+`ADH-SEED-SHA`
+
+### GOST ciphersuites, extending TLS v1.0
+
+`GOST94-GOST89-GOST89`
+`GOST2001-GOST89-GOST89`
+`GOST94-NULL-GOST94`
+`GOST2001-NULL-GOST94`
+
+### Elliptic curve cipher suites
+
+`ECDHE-RSA-NULL-SHA`
+`ECDHE-RSA-RC4-SHA`
+`ECDHE-RSA-DES-CBC3-SHA`
+`ECDHE-RSA-AES128-SHA`
+`ECDHE-RSA-AES256-SHA`
+`ECDHE-ECDSA-NULL-SHA`
+`ECDHE-ECDSA-RC4-SHA`
+`ECDHE-ECDSA-DES-CBC3-SHA`
+`ECDHE-ECDSA-AES128-SHA`
+`ECDHE-ECDSA-AES256-SHA`
+`AECDH-NULL-SHA`
+`AECDH-RC4-SHA`
+`AECDH-DES-CBC3-SHA`
+`AECDH-AES128-SHA`
+`AECDH-AES256-SHA`
+
+### TLS v1.2 cipher suites
+
+`NULL-SHA256`
+`AES128-SHA256`
+`AES256-SHA256`
+`AES128-GCM-SHA256`
+`AES256-GCM-SHA384`
+`DH-RSA-AES128-SHA256`
+`DH-RSA-AES256-SHA256`
+`DH-RSA-AES128-GCM-SHA256`
+`DH-RSA-AES256-GCM-SHA384`
+`DH-DSS-AES128-SHA256`
+`DH-DSS-AES256-SHA256`
+`DH-DSS-AES128-GCM-SHA256`
+`DH-DSS-AES256-GCM-SHA384`
+`DHE-RSA-AES128-SHA256`
+`DHE-RSA-AES256-SHA256`
+`DHE-RSA-AES128-GCM-SHA256`
+`DHE-RSA-AES256-GCM-SHA384`
+`DHE-DSS-AES128-SHA256`
+`DHE-DSS-AES256-SHA256`
+`DHE-DSS-AES128-GCM-SHA256`
+`DHE-DSS-AES256-GCM-SHA384`
+`ECDHE-RSA-AES128-SHA256`
+`ECDHE-RSA-AES256-SHA384`
+`ECDHE-RSA-AES128-GCM-SHA256`
+`ECDHE-RSA-AES256-GCM-SHA384`
+`ECDHE-ECDSA-AES128-SHA256`
+`ECDHE-ECDSA-AES256-SHA384`
+`ECDHE-ECDSA-AES128-GCM-SHA256`
+`ECDHE-ECDSA-AES256-GCM-SHA384`
+`ADH-AES128-SHA256`
+`ADH-AES256-SHA256`
+`ADH-AES128-GCM-SHA256`
+`ADH-AES256-GCM-SHA384`
+`AES128-CCM`
+`AES256-CCM`
+`DHE-RSA-AES128-CCM`
+`DHE-RSA-AES256-CCM`
+`AES128-CCM8`
+`AES256-CCM8`
+`DHE-RSA-AES128-CCM8`
+`DHE-RSA-AES256-CCM8`
+`ECDHE-ECDSA-AES128-CCM`
+`ECDHE-ECDSA-AES256-CCM`
+`ECDHE-ECDSA-AES128-CCM8`
+`ECDHE-ECDSA-AES256-CCM8`
+
+### Camellia HMAC-Based ciphersuites from RFC6367, extending TLS v1.2
+
+`ECDHE-ECDSA-CAMELLIA128-SHA256`
+`ECDHE-ECDSA-CAMELLIA256-SHA384`
+`ECDHE-RSA-CAMELLIA128-SHA256`
+`ECDHE-RSA-CAMELLIA256-SHA384`
+
+## NSS
+
+### Totally insecure
+
+`rc4`
+`rc4-md5`
+`rc4export`
+`rc2`
+`rc2export`
+`des`
+`desede3`
+
+### SSL3/TLS cipher suites
+
+`rsa_rc4_128_md5`
+`rsa_rc4_128_sha`
+`rsa_3des_sha`
+`rsa_des_sha`
+`rsa_rc4_40_md5`
+`rsa_rc2_40_md5`
+`rsa_null_md5`
+`rsa_null_sha`
+`fips_3des_sha`
+`fips_des_sha`
+`fortezza`
+`fortezza_rc4_128_sha`
+`fortezza_null`
+
+### TLS 1.0 Exportable 56-bit Cipher Suites
+
+`rsa_des_56_sha`
+`rsa_rc4_56_sha`
+
+### AES ciphers
+
+`dhe_dss_aes_128_cbc_sha`
+`dhe_dss_aes_256_cbc_sha`
+`dhe_rsa_aes_128_cbc_sha`
+`dhe_rsa_aes_256_cbc_sha`
+`rsa_aes_128_sha`
+`rsa_aes_256_sha`
+
+### ECC ciphers
+
+`ecdh_ecdsa_null_sha`
+`ecdh_ecdsa_rc4_128_sha`
+`ecdh_ecdsa_3des_sha`
+`ecdh_ecdsa_aes_128_sha`
+`ecdh_ecdsa_aes_256_sha`
+`ecdhe_ecdsa_null_sha`
+`ecdhe_ecdsa_rc4_128_sha`
+`ecdhe_ecdsa_3des_sha`
+`ecdhe_ecdsa_aes_128_sha`
+`ecdhe_ecdsa_aes_256_sha`
+`ecdh_rsa_null_sha`
+`ecdh_rsa_128_sha`
+`ecdh_rsa_3des_sha`
+`ecdh_rsa_aes_128_sha`
+`ecdh_rsa_aes_256_sha`
+`ecdhe_rsa_null`
+`ecdhe_rsa_rc4_128_sha`
+`ecdhe_rsa_3des_sha`
+`ecdhe_rsa_aes_128_sha`
+`ecdhe_rsa_aes_256_sha`
+`ecdh_anon_null_sha`
+`ecdh_anon_rc4_128sha`
+`ecdh_anon_3des_sha`
+`ecdh_anon_aes_128_sha`
+`ecdh_anon_aes_256_sha`
+
+### HMAC-SHA256 cipher suites
+
+`rsa_null_sha_256`
+`rsa_aes_128_cbc_sha_256`
+`rsa_aes_256_cbc_sha_256`
+`dhe_rsa_aes_128_cbc_sha_256`
+`dhe_rsa_aes_256_cbc_sha_256`
+`ecdhe_ecdsa_aes_128_cbc_sha_256`
+`ecdhe_rsa_aes_128_cbc_sha_256`
+
+### AES GCM cipher suites in RFC 5288 and RFC 5289
+
+`rsa_aes_128_gcm_sha_256`
+`dhe_rsa_aes_128_gcm_sha_256`
+`dhe_dss_aes_128_gcm_sha_256`
+`ecdhe_ecdsa_aes_128_gcm_sha_256`
+`ecdh_ecdsa_aes_128_gcm_sha_256`
+`ecdhe_rsa_aes_128_gcm_sha_256`
+`ecdh_rsa_aes_128_gcm_sha_256`
+
+### cipher suites using SHA384
+
+`rsa_aes_256_gcm_sha_384`
+`dhe_rsa_aes_256_gcm_sha_384`
+`dhe_dss_aes_256_gcm_sha_384`
+`ecdhe_ecdsa_aes_256_sha_384`
+`ecdhe_rsa_aes_256_sha_384`
+`ecdhe_ecdsa_aes_256_gcm_sha_384`
+`ecdhe_rsa_aes_256_gcm_sha_384`
+
+### chacha20-poly1305 cipher suites
+
+`ecdhe_rsa_chacha20_poly1305_sha_256`
+`ecdhe_ecdsa_chacha20_poly1305_sha_256`
+`dhe_rsa_chacha20_poly1305_sha_256`
+
+## GSKit
+
+Ciphers are internally defined as numeric codes
(https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_73/apis/gsk_attribute_set_buffer.htm),
+but libcurl maps them to the following case-insensitive names.
+
+### SSL2 cipher suites (insecure: disabled by default)
+
+`rc2-md5`
+`rc4-md5`
+`exp-rc2-md5`
+`exp-rc4-md5`
+`des-cbc-md5`
+`des-cbc3-md5`
+
+### SSL3 cipher suites
+
+`null-md5`
+`null-sha`
+`rc4-md5`
+`rc4-sha`
+`exp-rc2-cbc-md5`
+`exp-rc4-md5`
+`exp-des-cbc-sha`
+`des-cbc3-sha`
+
+### TLS v1.0 cipher suites
+
+`null-md5`
+`null-sha`
+`rc4-md5`
+`rc4-sha`
+`exp-rc2-cbc-md5`
+`exp-rc4-md5`
+`exp-des-cbc-sha`
+`des-cbc3-sha`
+`aes128-sha`
+`aes256-sha`
+
+### TLS v1.1 cipher suites
+
+`null-md5`
+`null-sha`
+`rc4-md5`
+`rc4-sha`
+`exp-des-cbc-sha`
+`des-cbc3-sha`
+`aes128-sha`
+`aes256-sha`
+
+### TLS v1.2 cipher suites
+
+`null-md5`
+`null-sha`
+`null-sha256`
+`rc4-md5`
+`rc4-sha`
+`des-cbc3-sha`
+`aes128-sha`
+`aes256-sha`
+`aes128-sha256`
+`aes256-sha256`
+`aes128-gcm-sha256`
+`aes256-gcm-sha384`
+
+## WolfSSL
+
+`RC4-SHA`,
+`RC4-MD5`,
+`DES-CBC3-SHA`,
+`AES128-SHA`,
+`AES256-SHA`,
+`NULL-SHA`,
+`NULL-SHA256`,
+`DHE-RSA-AES128-SHA`,
+`DHE-RSA-AES256-SHA`,
+`DHE-PSK-AES256-GCM-SHA384`,
+`DHE-PSK-AES128-GCM-SHA256`,
+`PSK-AES256-GCM-SHA384`,
+`PSK-AES128-GCM-SHA256`,
+`DHE-PSK-AES256-CBC-SHA384`,
+`DHE-PSK-AES128-CBC-SHA256`,
+`PSK-AES256-CBC-SHA384`,
+`PSK-AES128-CBC-SHA256`,
+`PSK-AES128-CBC-SHA`,
+`PSK-AES256-CBC-SHA`,
+`DHE-PSK-AES128-CCM`,
+`DHE-PSK-AES256-CCM`,
+`PSK-AES128-CCM`,
+`PSK-AES256-CCM`,
+`PSK-AES128-CCM-8`,
+`PSK-AES256-CCM-8`,
+`DHE-PSK-NULL-SHA384`,
+`DHE-PSK-NULL-SHA256`,
+`PSK-NULL-SHA384`,
+`PSK-NULL-SHA256`,
+`PSK-NULL-SHA`,
+`HC128-MD5`,
+`HC128-SHA`,
+`HC128-B2B256`,
+`AES128-B2B256`,
+`AES256-B2B256`,
+`RABBIT-SHA`,
+`NTRU-RC4-SHA`,
+`NTRU-DES-CBC3-SHA`,
+`NTRU-AES128-SHA`,
+`NTRU-AES256-SHA`,
+`AES128-CCM-8`,
+`AES256-CCM-8`,
+`ECDHE-ECDSA-AES128-CCM`,
+`ECDHE-ECDSA-AES128-CCM-8`,
+`ECDHE-ECDSA-AES256-CCM-8`,
+`ECDHE-RSA-AES128-SHA`,
+`ECDHE-RSA-AES256-SHA`,
+`ECDHE-ECDSA-AES128-SHA`,
+`ECDHE-ECDSA-AES256-SHA`,
+`ECDHE-RSA-RC4-SHA`,
+`ECDHE-RSA-DES-CBC3-SHA`,
+`ECDHE-ECDSA-RC4-SHA`,
+`ECDHE-ECDSA-DES-CBC3-SHA`,
+`AES128-SHA256`,
+`AES256-SHA256`,
+`DHE-RSA-AES128-SHA256`,
+`DHE-RSA-AES256-SHA256`,
+`ECDH-RSA-AES128-SHA`,
+`ECDH-RSA-AES256-SHA`,
+`ECDH-ECDSA-AES128-SHA`,
+`ECDH-ECDSA-AES256-SHA`,
+`ECDH-RSA-RC4-SHA`,
+`ECDH-RSA-DES-CBC3-SHA`,
+`ECDH-ECDSA-RC4-SHA`,
+`ECDH-ECDSA-DES-CBC3-SHA`,
+`AES128-GCM-SHA256`,
+`AES256-GCM-SHA384`,
+`DHE-RSA-AES128-GCM-SHA256`,
+`DHE-RSA-AES256-GCM-SHA384`,
+`ECDHE-RSA-AES128-GCM-SHA256`,
+`ECDHE-RSA-AES256-GCM-SHA384`,
+`ECDHE-ECDSA-AES128-GCM-SHA256`,
+`ECDHE-ECDSA-AES256-GCM-SHA384`,
+`ECDH-RSA-AES128-GCM-SHA256`,
+`ECDH-RSA-AES256-GCM-SHA384`,
+`ECDH-ECDSA-AES128-GCM-SHA256`,
+`ECDH-ECDSA-AES256-GCM-SHA384`,
+`CAMELLIA128-SHA`,
+`DHE-RSA-CAMELLIA128-SHA`,
+`CAMELLIA256-SHA`,
+`DHE-RSA-CAMELLIA256-SHA`,
+`CAMELLIA128-SHA256`,
+`DHE-RSA-CAMELLIA128-SHA256`,
+`CAMELLIA256-SHA256`,
+`DHE-RSA-CAMELLIA256-SHA256`,
+`ECDHE-RSA-AES128-SHA256`,
+`ECDHE-ECDSA-AES128-SHA256`,
+`ECDH-RSA-AES128-SHA256`,
+`ECDH-ECDSA-AES128-SHA256`,
+`ECDHE-RSA-AES256-SHA384`,
+`ECDHE-ECDSA-AES256-SHA384`,
+`ECDH-RSA-AES256-SHA384`,
+`ECDH-ECDSA-AES256-SHA384`,
+`ECDHE-RSA-CHACHA20-POLY1305`,
+`ECDHE-ECDSA-CHACHA20-POLY1305`,
+`DHE-RSA-CHACHA20-POLY1305`,
+`ECDHE-RSA-CHACHA20-POLY1305-OLD`,
+`ECDHE-ECDSA-CHACHA20-POLY1305-OLD`,
+`DHE-RSA-CHACHA20-POLY1305-OLD`,
+`ADH-AES128-SHA`,
+`QSH`,
+`RENEGOTIATION-INFO`,
+`IDEA-CBC-SHA`,
+`ECDHE-ECDSA-NULL-SHA`,
+`ECDHE-PSK-NULL-SHA256`,
+`ECDHE-PSK-AES128-CBC-SHA256`,
+`PSK-CHACHA20-POLY1305`,
+`ECDHE-PSK-CHACHA20-POLY1305`,
+`DHE-PSK-CHACHA20-POLY1305`,
+`EDH-RSA-DES-CBC3-SHA`,
diff --git a/docs/CMakeLists.txt b/docs/CMakeLists.txt
new file mode 100644
index 000000000..694861725
--- /dev/null
+++ b/docs/CMakeLists.txt
@@ -0,0 +1,3 @@
+#add_subdirectory(examples)
+add_subdirectory(libcurl)
+add_subdirectory(cmdline-opts)
diff --git a/docs/CODE_STYLE.md b/docs/CODE_STYLE.md
index e1da5c2c0..ba5f71026 100644
--- a/docs/CODE_STYLE.md
+++ b/docs/CODE_STYLE.md
@@ -1,4 +1,4 @@
-# cURL C code style
+# curl C code style
Source code that has a common style is easier to read than code that uses
different styles in different places. It helps making the code feel like one
@@ -9,8 +9,8 @@ style is more important than individual contributors having
their own personal
tastes satisfied.
Our C code has a few style rules. Most of them are verified and upheld by the
-lib/checksrc.pl script. Invoked with `make checksrc` or even by default by the
-build system when built after `./configure --enable-debug` has been used.
+`lib/checksrc.pl` script. Invoked with `make checksrc` or even by default by
+the build system when built after `./configure --enable-debug` has been used.
It is normally not a problem for anyone to follow the guidelines, as you just
need to copy the style already used in the source code and there are no
@@ -28,7 +28,8 @@ other places of the code, just that the names should be
logical,
understandable and be named according to what they're used for. File-local
functions should be made static. We like lower case names.
-See the INTERNALS document on how we name non-exported library-global symbols.
+See the [INTERNALS](INTERNALS.md) document on how we name non-exported
+library-global symbols.
## Indenting
diff --git a/docs/CONTRIBUTE.md b/docs/CONTRIBUTE.md
index cbda0c046..536a9ceb3 100644
--- a/docs/CONTRIBUTE.md
+++ b/docs/CONTRIBUTE.md
@@ -4,7 +4,7 @@ This document is intended to offer guidelines on how to best
contribute to the
curl project. This concerns new features as well as corrections to existing
flaws or bugs.
-## Learning cURL
+## Learning curl
### Join the Community
@@ -83,14 +83,14 @@ It is annoying when you get a huge patch from someone that
is said to fix 511
odd problems, but discussions and opinions don't agree with 510 of them - or
509 of them were already fixed in a different way. Then the person merging
this change needs to extract the single interesting patch from somewhere
-within the huge pile of source, and that gives a lot of extra work.
+within the huge pile of source, and that creates a lot of extra work.
-Preferably, each fix that correct a problem should be in its own patch/commit
+Preferably, each fix that corrects a problem should be in its own patch/commit
with its own description/commit message stating exactly what they correct so
that all changes can be selectively applied by the maintainer or other
interested parties.
-Also, separate changes enable bisecting much better when we track problems
+Also, separate changes enable bisecting much better for tracking problems
and regression in the future.
### Patch Against Recent Sources
@@ -103,9 +103,9 @@ release archive is quite OK as well!
### Documentation
Writing docs is dead boring and one of the big problems with many open source
-projects. Someone's gotta do it. It makes it a lot easier if you submit a
-small description of your fix or your new features with every contribution so
-that it can be swiftly added to the package documentation.
+projects. But someone's gotta do it! It makes things a lot easier if you
+submit a small description of your fix or your new features with every
+contribution so that it can be swiftly added to the package documentation.
The documentation is always made in man pages (nroff formatted) or plain
ASCII files. All HTML files on the web site and in the release archives are
@@ -135,8 +135,8 @@ list](https://curl.haxx.se/mail/list.cgi?list=curl-library).
Either way, your change will be reviewed and discussed there and you will be
expected to correct flaws pointed out and update accordingly, or the change
-risk stalling and eventually just get deleted without action. As a submitter
-of a change, you are the owner of that change until it has been merged.
+risks stalling and eventually just getting deleted without action. As a
+submitter of a change, you are the owner of that change until it has been
merged.
Respond on the list or on github about the change and answer questions and/or
fix nits/flaws. This is very important. We will take lack of replies as a
@@ -149,20 +149,39 @@ With github it is easy to send a [pull
request](https://github.com/curl/curl/pulls) to the curl project to have
changes merged.
-We prefer pull requests to mailed patches, as it makes it a proper git commit
-that is easy to merge and they are easy to track and not that easy to loose
-in a flood of many emails, like they sometimes do on the mailing lists.
-
-When you ajust your pull requests after review, consider squashing the
+We strongly prefer pull requests to mailed patches, as it makes it a proper
+git commit that is easy to merge and they are easy to track and not that easy
+to loose in the flood of many emails, like they sometimes do on the mailing
+lists.
+
+Every pull request submitted will automatically be tested in several different
+ways. Every pull request is verfied that:
+
+ - ... it still builds, warning-free, on Linux and macOS, with both
+ clang and gcc
+ - ... it still builds fine on Windows with several MSVC versions
+ - ... it still builds with cmake on Linux, with gcc and clang
+ - ... it follows rudimentary code style rules
+ - ... the test suite still runs 100% fine
+ - ... the release tarball (the "dist") still works
+ - ... it builds fine in-tree as well as out-of-tree
+ - ... code coverage doesn't shrink drastically
+
+If the pull-request fails one of these tests, it will show up as a red X and
+you are expected to fix the problem. If you don't understand whan the issue is
+or have other problems to fix the complaint, just ask and other project
+members will likely be able to help out.
+
+When you adjust your pull requests after review, consider squashing the
commits so that we can review the full updated version more easily.
### Making quality patches
-Make the patch against as recent sources as possible.
+Make the patch against as recent source versions as possible.
If you've followed the tips in this document and your patch still hasn't been
-incorporated or responded to after some weeks, consider resubmitting it to
-the list or better yet: change it to a pull request.
+incorporated or responded to after some weeks, consider resubmitting it to the
+list or better yet: change it to a pull request.
### Write good commit messages
@@ -175,14 +194,15 @@ A short guide to how to write commit messages in the curl
project.
possible as to why this change is made, and possibly what things
it fixes and everything else that is related]
-- empty line --
+ [Closes/Fixes #1234 - if this closes or fixes a github issue]
[Bug: URL to source of the report or more related discussion]
[Reported-by: John Doe - credit the reporter]
[whatever-else-by: credit all helpers, finders, doers]
---- stop ----
-Don't forget to use commit --author="" if you commit someone else's work,
-and make sure that you have your own user and email setup correctly in git
-before you commit
+Don't forget to use commit --author="" if you commit someone else's work, and
+make sure that you have your own user and email setup correctly in git before
+you commit
### Write Access to git Repository
@@ -204,8 +224,8 @@ local repository:
git commit [file]
-As usual, group your commits so that you commit all changes that at once that
-constitutes a logical change.
+As usual, group your commits so that you commit all changes at once that
+constitute a logical change.
Once you have done all your commits and you're happy with what you see, you
can make patches out of your changes that are suitable for mailing:
@@ -243,5 +263,5 @@ For unix-like operating systems:
For Windows:
- -
[http://gnuwin32.sourceforge.net/packages/patch.htm](http://gnuwin32.sourceforge.net/packages/patch.htm)
- -
[http://gnuwin32.sourceforge.net/packages/diffutils.htm](http://gnuwin32.sourceforge.net/packages/diffutils.htm)
+ -
[https://gnuwin32.sourceforge.io/packages/patch.htm](https://gnuwin32.sourceforge.io/packages/patch.htm)
+ -
[https://gnuwin32.sourceforge.io/packages/diffutils.htm](https://gnuwin32.sourceforge.io/packages/diffutils.htm)
diff --git a/docs/FAQ b/docs/FAQ
index d9e538aff..5b9810637 100644
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -30,7 +30,6 @@ FAQ
2.2 Does curl work/build with other SSL libraries?
2.3 Where can I find a copy of LIBEAY32.DLL?
2.4 Does curl support SOCKS (RFC 1928) ?
- 2.5 Install libcurl for both 32bit and 64bit?
3. Usage Problems
3.1 curl: (1) SSL is disabled, https: not supported
@@ -81,7 +80,7 @@ FAQ
4.16 My HTTP POST or PUT requests are slow!
4.17 Non-functional connect timeouts on Windows
4.18 file:// URLs containing drive letters (Windows, NetWare)
- 4.19 Why doesn't cURL return an error when the network cable is unplugged?
+ 4.19 Why doesn't curl return an error when the network cable is unplugged?
4.20 curl doesn't return error for HTTP non-200 responses!
4.21 Why is there a HTTP/1.1 in my HTTP/2 request?
@@ -118,6 +117,7 @@ FAQ
7.1 What is PHP/CURL?
7.2 Who wrote PHP/CURL?
7.3 Can I perform multiple requests using the same handle?
+ 7.4 Does PHP/CURL have dependencies?
==============================================================================
@@ -162,7 +162,7 @@ FAQ
We pronounce curl with an initial k sound. It rhymes with words like girl
and earl. This is a short WAV file to help you:
- http://media.merriam-webster.com/soundc11/c/curl0001.wav
+ https://media.merriam-webster.com/soundc11/c/curl0001.wav
There are numerous sub-projects and related projects that also use the word
curl in the project names in various combinations, but you should take
@@ -215,22 +215,22 @@ FAQ
another tool that uses libcurl.
We do not add things to curl that other small and available tools already do
- very fine at the side. Curl's output is fine to pipe into another program or
- redirect to another file for the next program to interpret.
+ very well at the side. Curl's output can be piped into another program or
+ redirected to another file for the next program to interpret.
We focus on protocol related issues and improvements. If you wanna do more
- magic with the supported protocols than curl currently does, chances are big
+ magic with the supported protocols than curl currently does, chances are good
we will agree. If you wanna add more protocols, we may very well agree.
- If you want someone else to make all the work while you wait for us to
+ If you want someone else to do all the work while you wait for us to
implement it for you, that is not a very friendly attitude. We spend a
considerable time already on maintaining and developing curl. In order to
get more out of us, you should consider trading in some of your time and
- efforts in return. Simply go to the GitHub repo which resides at
+ effort in return. Simply go to the GitHub repo which resides at
https://github.com/curl/curl, fork the project, and create pull requests
with your proposed changes.
- If you write the code, chances are bigger that it will get into curl faster.
+ If you write the code, chances are better that it will get into curl faster.
1.5 Who makes curl?
@@ -238,7 +238,7 @@ FAQ
project leader and main developer, but other persons' submissions are
important and crucial. Anyone can contribute and post their changes and
improvements and have them inserted in the main sources (of course on the
- condition that developers agree on that the fixes are good).
+ condition that developers agree that the fixes are good).
The full list of all contributors is found in the docs/THANKS file.
@@ -247,9 +247,9 @@ FAQ
1.6 What do you get for making curl?
Project cURL is entirely free and open. No person gets paid for developing
- curl on full time. We do this voluntarily, mostly on spare time.
+ curl full time. We do this voluntarily, mostly in our spare time.
Occasionally companies pay individual developers to work on curl, but that's
- up to each company and developer. It is not controlled by nor supervised in
+ up to each company and developer. This is not controlled by nor supervised in
any way by the project.
We still get help from companies. Haxx provides web site, bandwidth, mailing
@@ -260,11 +260,11 @@ FAQ
do so in the future.
If you want to support our project, consider a donation or a banner-program
- or even better: by helping us coding, documenting, testing etc.
+ or even better: by helping us with coding, documenting or testing etc.
1.7 What about CURL from curl.com?
- During the summer 2001, curl.com was busy advertising their client-side
+ During the summer of 2001, curl.com was busy advertising their client-side
programming language for the web, named CURL.
We are in no way associated with curl.com or their CURL programming
@@ -277,7 +277,7 @@ FAQ
We recognize that we will be living in parallel with curl.com and wish them
every success.
- 1.8 I have a problem who do I mail?
+ 1.8 I have a problem whom do I mail?
Please do not mail any single individual unless you really need to. Keep
curl-related questions on a suitable mailing list. All available mailing
@@ -285,8 +285,8 @@ FAQ
https://curl.haxx.se/mail/
Keeping curl-related questions and discussions on mailing lists allows
- others to join in and help, to share their ideas, contribute their
- suggestions and spread their wisdom. Keeping discussions on public mailing
+ others to join in and help, to share their ideas, to contribute their
+ suggestions and to spread their wisdom. Keeping discussions on public mailing
lists also allows for others to learn from this (both current and future
users thanks to the web based archives of the mailing lists), thus saving us
from having to repeat ourselves even more. Thanks for respecting this.
@@ -324,9 +324,9 @@ FAQ
1.11 Why don't you update ca-bundle.crt
- The ca cert bundle that used to shipped with curl was very outdated and must
- be replaced with an up-to-date version by anyone who wants to verify
- peers. It is no longer provided by curl. The last curl release ever that
+ The ca cert bundle that used to be shipped with curl was very outdated and
+ must be replaced with an up-to-date version by anyone who wants to verify
+ peers. It is no longer provided by curl. The last curl release that ever
shipped a ca cert bundle was curl 7.18.0.
In the cURL project we've decided not to attempt to keep this file updated
@@ -347,7 +347,7 @@ FAQ
1.12 I have a problem who can I chat with?
There's a bunch of friendly people hanging out in the #curl channel on the
- IRC network irc.freenode.net. If you're polite and nice, chances are big
+ IRC network irc.freenode.net. If you're polite and nice, chances are good
that you can get -- or provide -- help instantly.
1.13 curl's ECCN number?
@@ -366,8 +366,8 @@ FAQ
Comprehensible explanations of the meaning of such numbers and how to obtain
them (resp.) are here
- http://www.bis.doc.gov/licensing/exportingbasics.htm
- http://www.bis.doc.gov/licensing/do_i_needaneccn.html
+ https://www.bis.doc.gov/licensing/exportingbasics.htm
+ https://www.bis.doc.gov/licensing/do_i_needaneccn.html
An incomprehensible description of the two numbers above is here
http://www.access.gpo.gov/bis/ear/pdf/ccl5-pt2.pdf
@@ -430,7 +430,7 @@ FAQ
2.1.2 only the libssl lib is missing
If all include files and the libcrypto lib is present, with only the
- libssl being missing according to configure, this is mostly likely because
+ libssl being missing according to configure, this is most likely because
a few functions are left out from the libssl.
If the function names missing include RSA or RSAREF you can be certain
@@ -465,32 +465,6 @@ FAQ
Yes, SOCKS 4 and 5 are supported.
- 2.5 Install libcurl for both 32bit and 64bit?
-
- In curl's configure procedure one of the regular include files get created
- with platform specific information. The file 'curl/curlbuild.h' in the
- installed libcurl file tree is therefore somewhat tied to that particular
- platform.
-
- To allow applications to get built for either 32bit or 64bit you need to
- install libcurl headers for both setups and unfortunately curl doesn't do
- this automatically.
-
- A commonly used procedure is this:
-
- $ ./configure [32bit platform]
- $ mv curl/curlbuild.h curl/curlbuild-32bit.h
- $ ./configure [64bit platform]
- $ mv curl/curlbuild.h curl/curlbuild-64bit.h
-
- Then you make a toplevel curl/curlbuild.h replacement that only does this:
-
- #ifdef IS_32BIT
- #include "curlbuild-32bit.h"
- else
- #include "curlbuild-64bit.h"
- #endif
-
3. Usage problems
@@ -520,11 +494,14 @@ FAQ
3.3 Why doesn't my posting using -F work?
- You can't simply use -F or -d at your choice. The web server that will
- receive your post expects one of the formats. If the form you're trying to
- submit uses the type 'multipart/form-data', then and only then you must use
- the -F type. In all the most common cases, you should use -d which then
- causes a posting with the type 'application/x-www-form-urlencoded'.
+ You can't arbitrarily use -F or -d, the choice between -F or -d depends on
the
+ HTTP operation you need curl to do and what the web server that will receive
+ your post expects.
+
+ If the form you're trying to submit uses the type 'multipart/form-data', then
+ and only then you must use the -F type. In all the most common cases, you
+ should use -d which then causes a posting with the type
+ 'application/x-www-form-urlencoded'.
This is described in some detail in the MANUAL and TheArtOfHttpScripting
documents, and if you don't understand it the first time, read it again
@@ -599,7 +576,7 @@ FAQ
In October 2009, there were interfaces available for the following
languages: Ada95, Basic, C, C++, Ch, Cocoa, D, Dylan, Eiffel, Euphoria,
Ferite, Gambas, glib/GTK+, Haskell, ILE/RPG, Java, Lisp, Lua, Mono, .NET,
- Object-Pascal, O'Caml, Pascal, Perl, PHP, PostgreSQL, Python, R, Rexx, Ruby,
+ Object-Pascal, OCaml, Pascal, Perl, PHP, PostgreSQL, Python, R, Rexx, Ruby,
Scheme, S-Lang, Smalltalk, SP-Forth, SPL, Tcl, Visual Basic, Visual FoxPro,
Q, wxwidgets and XBLite. By the time you read this, additional ones may have
appeared!
@@ -611,7 +588,7 @@ FAQ
XML-RPC are all such ones. You can use -X to set custom requests and -H to
set custom headers (or replace internally generated ones).
- Using libcurl is of course just as fine and you'd just use the proper
+ Using libcurl is of course just as good and you'd just use the proper
library options to do the same.
3.11 How do I POST with a different Content-Type?
@@ -631,7 +608,7 @@ FAQ
There is one exception to this rule, and that is if you can "tunnel through"
the given HTTP proxy. Proxy tunneling is enabled with a special option (-p)
and is generally not available as proxy admins usually disable tunneling to
- other ports than 443 (which is used for HTTPS access through proxies).
+ ports other than 443 (which is used for HTTPS access through proxies).
3.13 Why does my single/double quotes fail?
@@ -650,7 +627,7 @@ FAQ
Windows/DOS prompts I believe you're forced to use double (") quotes.
Please study the documentation for your particular environment. Examples in
- the curl docs will use a mix of both these ones as shown above. You must
+ the curl docs will use a mix of both of these as shown above. You must
adjust them to work in your environment.
Remember that curl works and runs on more operating systems than most single
@@ -685,7 +662,7 @@ FAQ
No. curl itself has no code that performs recursive operations, such as
those performed by wget and similar tools.
- There exist wrapper scripts with that functionality (for example the
+ There exists wrapper scripts with that functionality (for example the
curlmirror perl script), and you can write programs based on libcurl to do
it, but the command line tool curl itself cannot.
@@ -696,9 +673,9 @@ FAQ
CLIENT CERTIFICATE
- The server you communicate may require that you can provide this in order to
- prove that you actually are who you claim to be. If the server doesn't
- require this, you don't need a client certificate.
+ The server you communicate with may require that you can provide this in
+ order to prove that you actually are who you claim to be. If the server
+ doesn't require this, you don't need a client certificate.
A client certificate is always used together with a private key, and the
private key has a pass phrase that protects it.
@@ -859,14 +836,14 @@ FAQ
4.3 How can I use {, }, [ or ] to specify multiple URLs?
- Because those letters have a special meaning to the shell, and to be used in
+ Because those letters have a special meaning to the shell, to be used in
a URL specified to curl you must quote them.
- An example that downloads two URLs (sequentially) would do:
+ An example that downloads two URLs (sequentially) would be:
curl '{curl,www}.haxx.se'
- To be able to use those letters as actual parts of the URL (without using
+ To be able to use those characters as actual parts of the URL (without using
them for the curl URL "globbing" system), use the -g/--globoff option:
curl -g 'www.site.com/weirdname[].html'
@@ -1016,14 +993,16 @@ FAQ
4.13 Why is curl -R on Windows one hour off?
- During daylight savings time, when -R is used, curl will set a time that
- appears one hour off. This happens due to a flaw in how Windows stores and
- uses file modification times and it is not easily worked around. For details
- on this problem, read this: http://www.codeproject.com/datetime/dstbugs.asp
+ Since curl 7.53.0 this issue should be fixed as long as curl was built with
+ any modern compiler that allows for a 64-bit curl_off_t type. For older
+ compilers or prior curl versions it may set a time that appears one hour off.
+ This happens due to a flaw in how Windows stores and uses file modification
+ times and it is not easily worked around. For more details read this:
+ http://www.codeproject.com/datetime/dstbugs.asp
4.14 Redirects work in browser but not with curl!
- curl supports HTTP redirects fine (see item 3.8). Browsers generally support
+ curl supports HTTP redirects well (see item 3.8). Browsers generally support
at least two other ways to perform redirects that curl does not:
Meta tags. You can write a HTML tag that will cause the browser to redirect
@@ -1047,7 +1026,7 @@ FAQ
To use explicit FTPS, you use a FTP:// URL and the --ftp-ssl option (or one
of its related flavours). This is the most common method, and the one
- mandated by RFC4217. This kind of connection then of course uses the
+ mandated by RFC4217. This kind of connection will then of course use the
standard FTP port 21 by default.
4.16 My HTTP POST or PUT requests are slow!
@@ -1055,7 +1034,7 @@ FAQ
libcurl makes all POST and PUT requests (except for POST requests with a
very tiny request body) use the "Expect: 100-continue" header. This header
allows the server to deny the operation early so that libcurl can bail out
- already before having to send any data. This is useful in authentication
+ before having to send any data. This is useful in authentication
cases and others.
However, many servers don't implement the Expect: stuff properly and if the
@@ -1083,18 +1062,18 @@ FAQ
4.18 file:// URLs containing drive letters (Windows, NetWare)
- When using cURL to try to download a local file, one might use a URL
+ When using curl to try to download a local file, one might use a URL
in this format:
file://D:/blah.txt
- You'll find that even if D:\blah.txt does exist, cURL returns a 'file
+ You'll find that even if D:\blah.txt does exist, curl returns a 'file
not found' error.
According to RFC 1738 (https://www.ietf.org/rfc/rfc1738.txt),
file:// URLs must contain a host component, but it is ignored by
most implementations. In the above example, 'D:' is treated as the
- host component, and is taken away. Thus, cURL tries to open '/blah.txt'.
+ host component, and is taken away. Thus, curl tries to open '/blah.txt'.
If your system is installed to drive C:, that will resolve to 'C:\blah.txt',
and if that doesn't exist you will get the not found error.
@@ -1107,9 +1086,9 @@ FAQ
file://localhost/D:/blah.txt
- In either case, cURL should now be looking for the correct file.
+ In either case, curl should now be looking for the correct file.
- 4.19 Why doesn't cURL return an error when the network cable is unplugged?
+ 4.19 Why doesn't curl return an error when the network cable is unplugged?
Unplugging a cable is not an error situation. The TCP/IP protocol stack
was designed to be fault tolerant, so even though there may be a physical
@@ -1146,7 +1125,7 @@ FAQ
When doing HTTP transfers, curl will perform exactly what you're asking it
to do and if successful it will not return an error. You can use curl to
test your web server's "file not found" page (that gets 404 back), you can
- use it to check your authentication protected web pages (that get a 401
+ use it to check your authentication protected web pages (that gets a 401
back) and so on.
The specific HTTP response code does not constitute a problem or error for
@@ -1161,7 +1140,7 @@ FAQ
libcurl speak).
You can also use the -w option and the variable %{response_code} to extract
- the exact response code that was return in the response.
+ the exact response code that was returned in the response.
4.21 Why is there a HTTP/1.1 in my HTTP/2 request?
@@ -1171,8 +1150,8 @@ FAQ
The reason for this is that we first generate the request to send using the
old 1.1 style and show that request in the verbose output, and then we
convert it over to the binary header-compressed HTTP/2 style. The actual
- "1.1" part from that request is then not actually used in the transfer. The
- binary HTTP/2 headers are not human readable.
+ "1.1" part from that request is then not actually used in the transfer.
+ The binary HTTP/2 headers are not human readable.
5. libcurl Issues
@@ -1254,10 +1233,10 @@ FAQ
libcurl will reuse connections for all transfers that are made using the
same libcurl handle.
- When you use the easy interface, the connection cache is kept within the
- easy handle. If you instead use the multi interface, the connection cache
- will be kept within the multi handle and will be shared among all the easy
- handles that are used within the same multi handle.
+ When you use the easy interface the connection cache is kept within the easy
+ handle. If you instead use the multi interface, the connection cache will be
+ kept within the multi handle and will be shared among all the easy handles
+ that are used within the same multi handle.
5.7 Link errors when building libcurl on Windows!
@@ -1316,8 +1295,8 @@ FAQ
you want to change name resolver function you must rebuild libcurl and tell
it to use a different function.
- - The non-IPv6 resolver that can use one out of four host name resolve calls
- (depending on what your system supports):
+ - The non-IPv6 resolver that can use one of four different host name resolve
+ calls (depending on what your system supports):
A - gethostbyname()
B - gethostbyname_r() with 3 arguments
@@ -1351,7 +1330,7 @@ FAQ
5.12 Can I make libcurl fake or hide my real IP address?
No. libcurl operates on a higher level. Besides, faking IP address would
- imply sending IP packet with a made-up source address, and then you normally
+ imply sending IP packets with a made-up source address, and then you normally
get a problem with receiving the packet sent back as they would then not be
routed to you!
@@ -1381,18 +1360,18 @@ FAQ
libcurl is a C library, it doesn't know anything about C++ member functions.
- You can overcome this "limitation" with a relative ease using a static
+ You can overcome this "limitation" with relative ease using a static
member function that is passed a pointer to the class:
// f is the pointer to your object.
- static YourClass::func(void *buffer, size_t sz, size_t n, void *f)
+ static size_t YourClass::func(void *buffer, size_t sz, size_t n, void *f)
{
// Call non-static member function.
static_cast<YourClass*>(f)->nonStaticFunction();
}
// This is how you pass pointer to the static function:
- curl_easy_setopt(hcurl, CURLOPT_WRITEFUNCTION, YourClass:func);
+ curl_easy_setopt(hcurl, CURLOPT_WRITEFUNCTION, YourClass::func);
curl_easy_setopt(hcurl, CURLOPT_WRITEDATA, this);
5.15 How do I get an FTP directory listing?
diff --git a/docs/FEATURES b/docs/FEATURES
index 24fa56dd3..39ac39040 100644
--- a/docs/FEATURES
+++ b/docs/FEATURES
@@ -185,7 +185,7 @@ FOOTNOTES
*1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, WinSSL (native
Windows), Secure Transport (native iOS/OS X) or GSKit (native IBM i)
- *2 = requires OpenLDAP
+ *2 = requires OpenLDAP or WinLDAP
*3 = requires a GSS-API implementation (such as Heimdal or MIT Kerberos) or
SSPI (native Windows)
*4 = requires a GSS-API implementation, however, only Windows SSPI is
diff --git a/docs/HISTORY.md b/docs/HISTORY.md
index 76c887f8b..551e7d258 100644
--- a/docs/HISTORY.md
+++ b/docs/HISTORY.md
@@ -1,14 +1,14 @@
-How cURL Became Like This
+How curl Became Like This
=========================
Towards the end of 1996, Daniel Stenberg was spending time writing an IRC bot
for an Amiga related channel on EFnet. He then came up with the idea to make
currency-exchange calculations available to Internet Relay Chat (IRC)
-users. All the necessary data are published on the Web; he just needed to
+users. All the necessary data were published on the Web; he just needed to
automate their retrieval.
Daniel simply adopted an existing command-line open-source tool, httpget, that
-Brazilian Rafael Sagula had written and recently release version 0.1 of. After
+Brazilian Rafael Sagula had written and recently released version 0.1 of. After
a few minor adjustments, it did just what he needed.
1997
@@ -35,14 +35,14 @@ was revealed to us much later.)
SSL support was added, powered by the SSLeay library.
-August, first announcement of curl on freshmeat.net.
+August: first announcement of curl on freshmeat.net.
-October, with the curl 4.9 release and the introduction of cookie support,
+October: with the curl 4.9 release and the introduction of cookie support,
curl was no longer released under the GPL license. Now we're at 4000 lines of
code, we switched over to the MPL license to restrict the effects of
"copyleft".
-November, configure script and reported successful compiles on several
+November: configure script and reported successful compiles on several
major operating systems. The never-quite-understood -F option was added and
curl could now simulate quite a lot of a browser. TELNET support was added.
@@ -52,30 +52,30 @@ page. People started making Linux RPM packages out of it.
1999
----
-January, DICT support added.
+January: DICT support added.
-OpenSSL took over where SSLeay was abandoned.
+OpenSSL took over and SSLeay was abandoned.
-May, first Debian package.
+May: first Debian package.
-August, LDAP:// and FILE:// support added. The curl web site gets 1300 visits
+August: LDAP:// and FILE:// support added. The curl web site gets 1300 visits
weekly. Moved site to curl.haxx.nu.
-Released curl 6.0 in September. 15000 lines of code.
+September: Released curl 6.0. 15000 lines of code.
-December 28, added the project on Sourceforge and started using its services
+December 28: added the project on Sourceforge and started using its services
for managing the project.
2000
----
-Spring 2000, major internal overhaul to provide a suitable library interface.
+Spring: major internal overhaul to provide a suitable library interface.
The first non-beta release was named 7.1 and arrived in August. This offered
the easy interface and turned out to be the beginning of actually getting
-other software and programs to get based on and powered by libcurl. Almost
+other software and programs to be based on and powered by libcurl. Almost
20000 lines of code.
-June 2000: the curl site moves to "curl.haxx.se"
+June: the curl site moves to "curl.haxx.se"
August, the curl web site gets 4000 visits weekly.
@@ -84,41 +84,40 @@ party libcurl binding showed up. CURL has been a supported
module in PHP since
the release of PHP 4.0.2. This would soon get followers. More than 16
different bindings exist at the time of this writing.
-September, kerberos4 support was added.
+September: kerberos4 support was added.
-In November started the work on a test suite for curl. It was later re-written
+November: started the work on a test suite for curl. It was later re-written
from scratch again. The libcurl major SONAME number was set to 1.
2001
----
-January, Daniel released curl 7.5.2 under a new license again: MIT (or
-MPL). The MIT license is extremely liberal and can be used combined with GPL
+January: Daniel released curl 7.5.2 under a new license again: MIT (or
+MPL). The MIT license is extremely liberal and can be combined with GPL
in other projects. This would finally put an end to the "complaints" from
people involved in GPLed projects that previously were prohibited from using
libcurl while it was released under MPL only. (Due to the fact that MPL is
deemed "GPL incompatible".)
-curl supports HTTP 1.1 starting with the release of 7.7, March 22 2001. This
+March 22: curl supports HTTP 1.1 starting with the release of 7.7. This
also introduced libcurl's ability to do persistent connections. 24000 lines of
code. The libcurl major SONAME number was bumped to 2 due to this overhaul.
+The first experimental ftps:// support was added.
-The first experimental ftps:// support was added in March 2001.
-
-August. curl is bundled in Mac OS X, 10.1. It was already becoming more and
+August: curl is bundled in Mac OS X, 10.1. It was already becoming more and
more of a standard utility of Linux distributions and a regular in the BSD
ports collections. The curl web site gets 8000 visits weekly. Curl Corporation
contacted Daniel to discuss "the name issue". After Daniel's reply, they have
-never since got in touch again.
+never since got back in touch again.
-September, libcurl 7.9 introduces cookie jar and curl_formadd(). During the
+September: libcurl 7.9 introduces cookie jar and curl_formadd(). During the
forthcoming 7.9.x releases, we introduced the multi interface slowly and
-without much whistles.
+without many whistles.
2002
----
-June, the curl web site gets 13000 visits weekly. curl and libcurl is
+June: the curl web site gets 13000 visits weekly. curl and libcurl is
35000 lines of code. Reported successful compiles on more than 40 combinations
of CPUs and operating systems.
@@ -127,15 +126,15 @@ impossible. Around 5000 downloaded packages each week
from the main site gives
a hint, but the packages are mirrored extensively, bundled with numerous OS
distributions and otherwise retrieved as part of other software.
-September, with the release of curl 7.10 it is released under the MIT license
+September: with the release of curl 7.10 it is released under the MIT license
only.
2003
----
-January. Started working on the distributed curl tests. The autobuilds.
+January: Started working on the distributed curl tests. The autobuilds.
-February, the curl site averages at 20000 visits weekly. At any given moment,
+February: the curl site averages at 20000 visits weekly. At any given moment,
there's an average of 3 people browsing the curl.haxx.se site.
Multiple new authentication schemes are supported: Digest (May), NTLM (June)
@@ -144,7 +143,7 @@ and Negotiate (June).
November: curl 7.10.8 is released. 45000 lines of code. ~55000 unique visitors
to the curl.haxx.se site. Five official web mirrors.
-December, full-fledged SSL for FTP is supported.
+December: full-fledged SSL for FTP is supported.
2004
----
@@ -158,18 +157,18 @@ curl_formparse() function
August: Curl and libcurl 7.12.1
- Public curl release number: 82
+ Public curl release number: 82
Releases counted from the very beginning: 109
- Available command line options: 96
+ Available command line options: 96
Available curl_easy_setopt() options: 120
- Number of public functions in libcurl: 36
- Amount of public web site mirrors: 12
- Number of known libcurl bindings: 26
+ Number of public functions in libcurl: 36
+ Amount of public web site mirrors: 12
+ Number of known libcurl bindings: 26
2005
----
-April. GnuTLS can now optionally be used for the secure layer when curl is
+April: GnuTLS can now optionally be used for the secure layer when curl is
built.
April: Added the multi_socket() API
@@ -183,8 +182,8 @@ December: security vulnerability: libcurl URL Buffer
Overflow
2006
----
-January. We dropped support for Gopher. We found bugs in the implementation
-that turned out having been introduced years ago, so with the conclusion that
+January: We dropped support for Gopher. We found bugs in the implementation
+that turned out to have been introduced years ago, so with the conclusion that
nobody had found out in all this time we removed it instead of fixing it.
March: security vulnerability: libcurl TFTP Packet Buffer Overflow
@@ -208,8 +207,8 @@ November:
Command line options: 128
curl_easy_setopt() options: 158
- Public functions in libcurl: 58
- Known libcurl bindings: 37
+ Public functions in libcurl: 58
+ Known libcurl bindings: 37
Contributors: 683
145,000 unique visitors. >100 GB downloaded.
@@ -242,11 +241,11 @@ August:
Public curl releases: 117
Command line options: 138
curl_easy_setopt() options: 180
- Public functions in libcurl: 58
- Known libcurl bindings: 39
+ Public functions in libcurl: 58
+ Known libcurl bindings: 39
Contributors: 808
- Gopher support added (re-added actually)
+ Gopher support added (re-added actually, see January 2006)
2012
----
diff --git a/docs/HTTP2.md b/docs/HTTP2.md
index cc5a5b334..efbe69991 100644
--- a/docs/HTTP2.md
+++ b/docs/HTTP2.md
@@ -96,18 +96,31 @@ curl tool
curl offers the `--http2` command line option to enable use of HTTP/2.
-curl offers the `--http2-prior-knowledge` command line option to enable use of
+curl offers the `--http2-prior-knowledge` command line option to enable use of
HTTP/2 without HTTP/1.1 Upgrade.
Since 7.47.0, the curl tool enables HTTP/2 by default for HTTPS connections.
+curl tool limitations
+---------------------
+
+The command line tool won't do any HTTP/2 multiplexing even though libcurl
+supports it, simply because the curl tool is not written to take advantage of
+the libcurl API that's necessary for this (the multi interface). We have an
+outstanding TODO item for this and **you** can help us make it happen.
+
+The command line tool also doesn't support HTTP/2 server push for the same
+reason it doesn't do multiplexing: it needs to use the multi interface for
+that so that multiplexing is supported.
+
HTTP Alternative Services
-------------------------
-Alt-Svc is a suggested extension with a corresponding frame (ALTSVC) in HTTP/2
-that tells the client about an alternative "route" to the same content for the
-same origin server that you get the response from. A browser or long-living
-client can use that hint to create a new connection asynchronously. For
-libcurl, we may introduce a way to bring such clues to the applicaton and/or
-let a subsequent request use the alternate route
-automatically.
[Spec](https://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-14)
+Alt-Svc is an extension with a corresponding frame (ALTSVC) in HTTP/2 that
+tells the client about an alternative "route" to the same content for the same
+origin server that you get the response from. A browser or long-living client
+can use that hint to create a new connection asynchronously. For libcurl, we
+may introduce a way to bring such clues to the application and/or let a
+subsequent request use the alternate route automatically.
+
+[Detailed in RFC 7838](https://tools.ietf.org/html/rfc7838)
diff --git a/docs/INSTALL b/docs/INSTALL
index 2e1075ba4..ff260b1b1 100644
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -6,1110 +6,4 @@
How To Compile
-Installing Binary Packages
-==========================
-
- Lots of people download binary distributions of curl and libcurl. This
- document does not describe how to install curl or libcurl using such a
- binary package. This document describes how to compile, build and install
- curl and libcurl from source code.
-
-Building from git
-=================
-
- If you get your code off a git repository, see the GIT-INFO file in the
- root directory for specific instructions on how to proceed.
-
-Unix
-====
-
- A normal Unix installation is made in three or four steps (after you've
- unpacked the source archive):
-
- ./configure
- make
- make test (optional)
- make install
-
- You probably need to be root when doing the last command.
-
- If you have checked out the sources from the git repository, read the
- GIT-INFO on how to proceed.
-
- Get a full listing of all available configure options by invoking it like:
-
- ./configure --help
-
- If you want to install curl in a different file hierarchy than /usr/local,
- you need to specify that already when running configure:
-
- ./configure --prefix=/path/to/curl/tree
-
- If you happen to have write permission in that directory, you can do 'make
- install' without being root. An example of this would be to make a local
- install in your own home directory:
-
- ./configure --prefix=$HOME
- make
- make install
-
- The configure script always tries to find a working SSL library unless
- explicitly told not to. If you have OpenSSL installed in the default search
- path for your compiler/linker, you don't need to do anything special. If
- you have OpenSSL installed in /usr/local/ssl, you can run configure like:
-
- ./configure --with-ssl
-
- If you have OpenSSL installed somewhere else (for example, /opt/OpenSSL)
- and you have pkg-config installed, set the pkg-config path first, like this:
-
- env PKG_CONFIG_PATH=/opt/OpenSSL/lib/pkgconfig ./configure --with-ssl
-
- Without pkg-config installed, use this:
-
- ./configure --with-ssl=/opt/OpenSSL
-
- If you insist on forcing a build without SSL support, even though you may
- have OpenSSL installed in your system, you can run configure like this:
-
- ./configure --without-ssl
-
- If you have OpenSSL installed, but with the libraries in one place and the
- header files somewhere else, you have to set the LDFLAGS and CPPFLAGS
- environment variables prior to running configure. Something like this
- should work:
-
- (with the Bourne shell and its clones):
-
- CPPFLAGS="-I/path/to/ssl/include" LDFLAGS="-L/path/to/ssl/lib" \
- ./configure
-
- (with csh, tcsh and their clones):
-
- env CPPFLAGS="-I/path/to/ssl/include" LDFLAGS="-L/path/to/ssl/lib" \
- ./configure
-
- If you have shared SSL libs installed in a directory where your run-time
- linker doesn't find them (which usually causes configure failures), you can
- provide the -R option to ld on some operating systems to set a hard-coded
- path to the run-time linker:
-
- env LDFLAGS=-R/usr/local/ssl/lib ./configure --with-ssl
-
- MORE OPTIONS
- ------------
-
- To force configure to use the standard cc compiler if both cc and gcc are
- present, run configure like
-
- CC=cc ./configure
- or
- env CC=cc ./configure
-
- To force a static library compile, disable the shared library creation
- by running configure like:
-
- ./configure --disable-shared
-
- To tell the configure script to skip searching for thread-safe functions,
- add an option like:
-
- ./configure --disable-thread
-
- If you're a curl developer and use gcc, you might want to enable more
- debug options with the --enable-debug option.
-
- curl can be built to use a whole range of libraries to provide various
- useful services, and configure will try to auto-detect a decent
- default. But if you want to alter it, you can select how to deal with
- each individual library.
-
- To build with GnuTLS for SSL/TLS, use both --without-ssl and
- --with-gnutls.
-
- To build with Cyassl for SSL/TLS, use both --without-ssl and
- --with-cyassl.
-
- To build with NSS for SSL/TLS, use both --without-ssl and --with-nss.
-
- To build with PolarSSL for SSL/TLS, use both --without-ssl and
- --with-polarssl.
-
- To build with axTLS for SSL/TLS, use both --without-ssl and --with-axtls.
-
- To build with GSS-API support, use --with-gssapi and have the MIT Kerberos
- or Heimdal packages installed.
-
- To get support for SCP and SFTP, build with --with-libssh2 and have
- libssh2 0.16 or later installed.
-
- To get Metalink support, build with --with-libmetalink and have the
- libmetalink packages installed.
-
- SPECIAL CASES
- -------------
-
- Some versions of uClibc require configuring with CPPFLAGS=-D_GNU_SOURCE=1
- to get correct large file support.
-
- The Open Watcom C compiler on Linux requires configuring with the variables:
-
- ./configure CC=owcc AR="$WATCOM/binl/wlib" AR_FLAGS=-q \
- RANLIB=/bin/true STRIP="$WATCOM/binl/wstrip" CFLAGS=-Wextra
-
-Win32
-=====
-
- Building Windows DLLs and C run-time (CRT) linkage issues
- ---------------------------------------------------------
-
- As a general rule, building a DLL with static CRT linkage is highly
- discouraged, and intermixing CRTs in the same app is something to
- avoid at any cost.
-
- Reading and comprehension of Microsoft Knowledge Base articles
- KB94248 and KB140584 is a must for any Windows developer. Especially
- important is full understanding if you are not going to follow the
- advice given above.
-
- KB94248 - How To Use the C Run-Time
- https://support.microsoft.com/kb/94248/en-us
-
- KB140584 - How to link with the correct C Run-Time (CRT) library
- https://support.microsoft.com/kb/140584/en-us
-
- KB190799 - Potential Errors Passing CRT Objects Across DLL Boundaries
- https://msdn.microsoft.com/en-us/library/ms235460
-
- If your app is misbehaving in some strange way, or it is suffering
- from memory corruption, before asking for further help, please try
- first to rebuild every single library your app uses as well as your
- app using the debug multithreaded dynamic C runtime.
-
- If you get linkage errors read section 5.7 of the FAQ document.
-
- MingW32
- -------
-
- Make sure that MinGW32's bin dir is in the search path, for example:
-
- set PATH=c:\mingw32\bin;%PATH%
-
- then run 'mingw32-make mingw32' in the root dir. There are other
- make targets available to build libcurl with more features, use:
- 'mingw32-make mingw32-zlib' to build with Zlib support;
- 'mingw32-make mingw32-ssl-zlib' to build with SSL and Zlib enabled;
- 'mingw32-make mingw32-ssh2-ssl-zlib' to build with SSH2, SSL, Zlib;
- 'mingw32-make mingw32-ssh2-ssl-sspi-zlib' to build with SSH2, SSL, Zlib
- and SSPI support.
-
- If you have any problems linking libraries or finding header files, be sure
- to verify that the provided "Makefile.m32" files use the proper paths, and
- adjust as necessary. It is also possible to override these paths with
- environment variables, for example:
-
- set ZLIB_PATH=c:\zlib-1.2.8
- set OPENSSL_PATH=c:\openssl-1.0.2c
- set LIBSSH2_PATH=c:\libssh2-1.6.0
-
- ATTENTION: if you want to build with libssh2 support you have to use latest
- version 0.17 - previous versions will NOT work with 7.17.0 and later!
- Use 'mingw32-make mingw32-ssh2-ssl-zlib' to build with SSH2 and SSL enabled.
-
- It is now also possible to build with other LDAP SDKs than MS LDAP;
- currently it is possible to build with native Win32 OpenLDAP, or with the
- Novell CLDAP SDK. If you want to use these you need to set these vars:
-
- set LDAP_SDK=c:\openldap
- set USE_LDAP_OPENLDAP=1
-
- or for using the Novell SDK:
-
- set USE_LDAP_NOVELL=1
-
- If you want to enable LDAPS support then set LDAPS=1.
-
- - optional MingW32-built OpenLDAP SDK available from:
- http://www.gknw.net/mirror/openldap/
- - optional recent Novell CLDAP SDK available from:
- https://www.novell.com/developer/ndk/ldap_libraries_for_c.html
-
- Cygwin
- ------
-
- Almost identical to the unix installation. Run the configure script in the
- curl root with 'sh configure'. Make sure you have the sh executable in
- /bin/ or you'll see the configure fail toward the end.
-
- Run 'make'
-
- Dev-Cpp
- -------
-
- See the separate INSTALL.devcpp file for details.
-
- MSVC 6 caveats
- --------------
-
- If you use MSVC 6 it is required that you use the February 2003 edition of
- the 'Platform SDK' which can be downloaded from:
-
- https://www.microsoft.com/en-us/download/details.aspx?id=12261
-
- Building any software with MSVC 6 without having PSDK installed is just
- asking for trouble down the road once you have released it, you might notice
- the problems in the first corner or ten miles ahead, depending mostly on
your
- choice of static vs dynamic runtime and third party libraries. Anyone using
- software built in such way will at some point regret having done so.
-
- If the compiler has been updated with the installation of a service pack as
- those mentioned in https://support.microsoft.com/kb/194022 the compiler can
be
- safely used to read source code, translate and make it object code.
-
- But, even with the service packs mentioned above installed, the resulting
- software generated in such an environment will be using outdated system
- header files and libraries with bugs and security issues which have already
- been addressed and fixed long time ago.
-
- So, building curl and libcurl with MSVC 6 without PSDK is absolutely
- discouraged for the benefit of anyone using software built in such
- environment. And it will not be supported in any way, as we could just
- be hunting bugs which have already been fixed way back in 2003.
-
- When building with MSVC 6 we attempt to detect if PSDK is not being used,
- and if this is the case the build process will fail hard with an error
- message stating that the February 2003 PSDK is required. This is done to
- protect the unsuspecting and avoid PEBKAC issues.
-
- Additionally it might happen that a die hard MSVC hacker still wants to
- build curl and libcurl with MSVC 6 without PSDK installed, even knowing
- that this is a highly discouraged and unsupported build environment. In
- this case the brave of heart will be able to build in such an environment
- with the requisite of defining preprocessor symbol ALLOW_MSVC6_WITHOUT_PSDK
- in lib/config-win32.h and knowing that LDAP and IPv6 support will be
missing.
-
- MSVC from command line
- ----------------------
-
- Run the 'vcvars32.bat' file to get a proper environment. The
- vcvars32.bat file is part of the Microsoft development environment and
- you may find it in 'C:\Program Files\Microsoft Visual Studio\vc98\bin'
- provided that you installed Visual C/C++ 6 in the default directory.
-
- Then run 'nmake vc' in curl's root directory.
-
- If you want to compile with zlib support, you will need to build
- zlib (http://www.zlib.net/) as well. Please read the zlib
- documentation on how to compile zlib. Define the ZLIB_PATH environment
- variable to the location of zlib.h and zlib.lib, for example:
-
- set ZLIB_PATH=c:\zlib-1.2.8
-
- Then run 'nmake vc-zlib' in curl's root directory.
-
- If you want to compile with SSL support you need the OpenSSL package.
- Please read the OpenSSL documentation on how to compile and install
- the OpenSSL libraries. The build process of OpenSSL generates the
- libeay32.dll and ssleay32.dll files in the out32dll subdirectory in
- the OpenSSL home directory. OpenSSL static libraries (libeay32.lib,
- ssleay32.lib, RSAglue.lib) are created in the out32 subdirectory.
-
- Before running nmake define the OPENSSL_PATH environment variable with
- the root/base directory of OpenSSL, for example:
-
- set OPENSSL_PATH=c:\openssl-0.9.8zc
-
- Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root
- directory. 'nmake vc-ssl' will create a libcurl static and dynamic
- libraries in the lib subdirectory, as well as a statically linked
- version of curl.exe in the src subdirectory. This statically linked
- version is a standalone executable not requiring any DLL at
- runtime. This make method requires that you have the static OpenSSL
- libraries available in OpenSSL's out32 subdirectory.
- 'nmake vc-ssl-dll' creates the libcurl dynamic library and
- links curl.exe against libcurl and OpenSSL dynamically.
- This executable requires libcurl.dll and the OpenSSL DLLs
- at runtime.
- Run 'nmake vc-ssl-zlib' to build with both ssl and zlib support.
-
- MSVC IDE
- --------
-
- A fairly comprehensive set of Visual Studio project files are available for
- v6.0 through v12.0 and are located in the projects folder to allow proper
- building of both the libcurl library as well as the curl tool.
-
- For more information about these projects and building via Visual Studio
- please see the README file located in the projects folder.
-
- Borland C++ compiler
- --------------------
-
- Ensure that your build environment is properly set up to use the compiler
- and associated tools. PATH environment variable must include the path to
- bin subdirectory of your compiler installation, eg: c:\Borland\BCC55\bin
-
- It is advisable to set environment variable BCCDIR to the base path of
- the compiler installation.
-
- set BCCDIR=c:\Borland\BCC55
-
- In order to build a plain vanilla version of curl and libcurl run the
- following command from curl's root directory:
-
- make borland
-
- To build curl and libcurl with zlib and OpenSSL support set environment
- variables ZLIB_PATH and OPENSSL_PATH to the base subdirectories of the
- already built zlib and OpenSSL libraries and from curl's root directory
- run command:
-
- make borland-ssl-zlib
-
- libcurl library will be built in 'lib' subdirectory while curl tool
- is built in 'src' subdirectory. In order to use libcurl library it is
- advisable to modify compiler's configuration file bcc32.cfg located
- in c:\Borland\BCC55\bin to reflect the location of libraries include
- paths for example the '-I' line could result in something like:
-
- -I"c:\Borland\BCC55\include;c:\curl\include;c:\openssl\inc32"
-
- bcc3.cfg '-L' line could also be modified to reflect the location of
- of libcurl library resulting for example:
-
- -L"c:\Borland\BCC55\lib;c:\curl\lib;c:\openssl\out32"
-
- In order to build sample program 'simple.c' from the docs\examples
- subdirectory run following command from mentioned subdirectory:
-
- bcc32 simple.c libcurl.lib cw32mt.lib
-
- In order to build sample program simplessl.c an SSL enabled libcurl
- is required, as well as the OpenSSL libeay32.lib and ssleay32.lib
- libraries.
-
- OTHER MSVC IDEs
- ---------------
-
- If you use VC++, Borland or similar compilers. Include all lib source
- files in a static lib "project" (all .c and .h files that is).
- (you should name it libcurl or similar)
-
- Make the sources in the src/ drawer be a "win32 console application"
- project. Name it curl.
-
- Disabling Specific Protocols in Win32 builds
- --------------------------------------------
-
- The configure utility, unfortunately, is not available for the Windows
- environment, therefore, you cannot use the various disable-protocol
- options of the configure utility on this platform.
-
- However, you can use the following defines to disable specific
- protocols:
-
- HTTP_ONLY disables all protocols except HTTP
- CURL_DISABLE_FTP disables FTP
- CURL_DISABLE_LDAP disables LDAP
- CURL_DISABLE_TELNET disables TELNET
- CURL_DISABLE_DICT disables DICT
- CURL_DISABLE_FILE disables FILE
- CURL_DISABLE_TFTP disables TFTP
- CURL_DISABLE_HTTP disables HTTP
- CURL_DISABLE_IMAP disables IMAP
- CURL_DISABLE_POP3 disables POP3
- CURL_DISABLE_SMTP disables SMTP
-
- If you want to set any of these defines you have the following options:
-
- - Modify lib/config-win32.h
- - Modify lib/curl_setup.h
- - Modify lib/Makefile.vc6
- - Modify the "Preprocessor Definitions" in the libcurl project
-
- Note: The pre-processor settings can be found using the Visual Studio IDE
- under "Project -> Settings -> C/C++ -> General" in VC6 and "Project ->
- Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later
- versions.
-
- Using BSD-style lwIP instead of Winsock TCP/IP stack in Win32 builds
- --------------------------------------------------------------------
-
- In order to compile libcurl and curl using BSD-style lwIP TCP/IP stack
- it is necessary to make definition of preprocessor symbol USE_LWIPSOCK
- visible to libcurl and curl compilation processes. To set this definition
- you have the following alternatives:
-
- - Modify lib/config-win32.h and src/config-win32.h
- - Modify lib/Makefile.vc6
- - Modify the "Preprocessor Definitions" in the libcurl project
-
- Note: The pre-processor settings can be found using the Visual Studio IDE
- under "Project -> Settings -> C/C++ -> General" in VC6 and "Project ->
- Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later
- versions.
-
- Once that libcurl has been built with BSD-style lwIP TCP/IP stack support,
- in order to use it with your program it is mandatory that your program
- includes lwIP header file <lwip/opt.h> (or another lwIP header that includes
- this) before including any libcurl header. Your program does not need the
- USE_LWIPSOCK preprocessor definition which is for libcurl internals only.
-
- Compilation has been verified with lwIP 1.4.0 and contrib-1.4.0 from:
-
- http://download.savannah.gnu.org/releases/lwip/lwip-1.4.0.zip
- http://download.savannah.gnu.org/releases/lwip/contrib-1.4.0.zip
-
- This BSD-style lwIP TCP/IP stack support must be considered experimental
- given that it has been verified that lwIP 1.4.0 still needs some polish,
- and libcurl might yet need some additional adjustment, caveat emptor.
-
- Important static libcurl usage note
- -----------------------------------
-
- When building an application that uses the static libcurl library, you must
- add '-DCURL_STATICLIB' to your CFLAGS. Otherwise the linker will look for
- dynamic import symbols.
-
- Legacy Windows and SSL
- ----------------------
-
- WinSSL (specifically SChannel from Windows SSPI), is the native SSL library
- in Windows. However, WinSSL in Windows <= XP is unable to connect to servers
- that no longer support the legacy handshakes and algorithms used by those
- versions. If you will be using curl in one of those earlier versions of
- Windows you should choose another SSL backend such as OpenSSL.
-
-Apple iOS and Mac OS X
-======================
-
- On recent Apple operating systems, curl can be built to use Apple's
- SSL/TLS implementation, Secure Transport, instead of OpenSSL. To build with
- Secure Transport for SSL/TLS, use the configure option --with-darwinssl. (It
- is not necessary to use the option --without-ssl.) This feature requires iOS
- 5.0 or later, or OS X 10.5 ("Leopard") or later.
-
- When Secure Transport is in use, the curl options --cacert and --capath and
- their libcurl equivalents, will be ignored, because Secure Transport uses
- the certificates stored in the Keychain to evaluate whether or not to trust
- the server. This, of course, includes the root certificates that ship with
- the OS. The --cert and --engine options, and their libcurl equivalents, are
- currently unimplemented in curl with Secure Transport.
-
- For OS X users: In OS X 10.8 ("Mountain Lion"), Apple made a major
- overhaul to the Secure Transport API that, among other things, added
- support for the newer TLS 1.1 and 1.2 protocols. To get curl to support
- TLS 1.1 and 1.2, you must build curl on Mountain Lion or later, or by
- using the equivalent SDK. If you set the MACOSX_DEPLOYMENT_TARGET
- environmental variable to an earlier version of OS X prior to building curl,
- then curl will use the new Secure Transport API on Mountain Lion and later,
- and fall back on the older API when the same curl binary is executed on
- older cats. For example, running these commands in curl's directory in the
- shell will build the code such that it will run on cats as old as OS X 10.6
- ("Snow Leopard") (using bash):
-
- export MACOSX_DEPLOYMENT_TARGET="10.6"
- ./configure --with-darwinssl
- make
-
-IBM OS/2
-========
-
- Building under OS/2 is not much different from building under unix.
- You need:
-
- - emx 0.9d
- - GNU make
- - GNU patch
- - ksh
- - GNU bison
- - GNU file utilities
- - GNU sed
- - autoconf 2.13
-
- If you want to build with OpenSSL or OpenLDAP support, you'll need to
- download those libraries, too. Dirk Ohme has done some work to port SSL
- libraries under OS/2, but it looks like he doesn't care about emx. You'll
- find his patches on: http://come.to/Dirk_Ohme
-
- If during the linking you get an error about _errno being an undefined
- symbol referenced from the text segment, you need to add -D__ST_MT_ERRNO__
- in your definitions.
-
- If everything seems to work fine but there's no curl.exe, you need to add
- -Zexe to your linker flags.
-
- If you're getting huge binaries, probably your makefiles have the -g in
- CFLAGS.
-
-VMS
-===
-
- (The VMS section is in whole contributed by the friendly Nico Baggus)
-
- Curl seems to work with FTP & HTTP other protocols are not tested. (the
- perl http/ftp testing server supplied as testing too cannot work on VMS
- because vms has no concept of fork(). [ I tried to give it a whack, but
- that's of no use.
-
- SSL stuff has not been ported.
-
- Telnet has about the same issues as for Win32. When the changes for Win32
- are clear maybe they'll work for VMS too. The basic problem is that select
- ONLY works for sockets.
-
- Marked instances of fopen/[f]stat that might become a problem, especially
- for non stream files. In this regard, the files opened for writing will be
- created stream/lf and will thus be safe. Just keep in mind that non-binary
- read/wring from/to files will have a records size limit of 32767 bytes
- imposed.
-
- Stat to get the size of the files is again only safe for stream files &
- fixed record files without implied CC.
-
- -- My guess is that only allowing access to stream files is the quickest
- way to get around the most issues. Therefore all files need to to be
- checked to be sure they will be stream/lf before processing them. This is
- the easiest way out, I know. The reason for this is that code that needs to
- report the filesize will become a pain in the ass otherwise.
-
- Exit status.... Well we needed something done here,
-
- VMS has a structured exist status:
- | 3 | 2 | 1 | 0|
- |1098|765432109876|5432109876543|210|
- +----+------------+-------------+---+
- |Ctrl| Facility | Error code |sev|
- +----+------------+-------------+---+
-
- With the Ctrl-bits an application can tell if part or the whole message has
- already been printed from the program, DCL doesn't need to print it again.
-
- Facility - basically the program ID. A code assigned to the program
- the name can be fetched from external or internal message libraries
- Error code - the err codes assigned by the application
- Sev. - severity: Even = error, off = non error
-
- 0 = Warning
- 1 = Success
- 2 = Error
- 3 = Information
- 4 = Fatal
- <5-7> reserved.
-
- This all presents itself with:
- %<FACILITY>-<Sev>-<Errorname>, <Error message>
-
- See also the src/curlmsg.msg file, it has the source for the messages In
- src/main.c a section is devoted to message status values, the globalvalues
- create symbols with certain values, referenced from a compiled message
- file. Have all exit function use a exit status derived from a translation
- table with the compiled message codes.
-
- This was all compiled with:
-
- Compaq C V6.2-003 on OpenVMS Alpha V7.1-1H2
-
- So far for porting notes as of:
-
- 13-jul-2001
- N. Baggus
-
-QNX
-===
-
- (This section was graciously brought to us by David Bentham)
-
- As QNX is targeted for resource constrained environments, the QNX headers
- set conservative limits. This includes the FD_SETSIZE macro, set by default
- to 32. Socket descriptors returned within the CURL library may exceed this,
- resulting in memory faults/SIGSEGV crashes when passed into select(..)
- calls using fd_set macros.
-
- A good all-round solution to this is to override the default when building
- libcurl, by overriding CFLAGS during configure, example
-
- # configure CFLAGS='-DFD_SETSIZE=64 -g -O2'
-
-RISC OS
-=======
-
- The library can be cross-compiled using gccsdk as follows:
-
- CC=riscos-gcc AR=riscos-ar RANLIB='riscos-ar -s' ./configure \
- --host=arm-riscos-aof --without-random --disable-shared
- make
-
- where riscos-gcc and riscos-ar are links to the gccsdk tools.
- You can then link your program with curl/lib/.libs/libcurl.a
-
-AmigaOS
-=======
-
- (This section was graciously brought to us by Diego Casorran)
-
- To build cURL/libcurl on AmigaOS just type 'make amiga' ...
-
- What you need is: (not tested with others versions)
-
- GeekGadgets / gcc 2.95.3 (http://www.geekgadgets.org/)
-
- AmiTCP SDK v4.3 (http://www.aminet.net/comm/tcp/AmiTCP-SDK-4.3.lha)
-
- Native Developer Kit (http://www.amiga.com/3.9/download/NDK3.9.lha)
-
- As no ixemul.library is required you will be able to build it for
- WarpOS/PowerPC (not tested by me), as well a MorphOS version should be
- possible with no problems.
-
- To enable SSL support, you need a OpenSSL native version (without ixemul),
- you can find a precompiled package at http://amiga.sourceforge.net/OpenSSL/
-
-NetWare
-=======
-
- To compile curl.nlm / libcurl.nlm you need:
-
- - either any gcc / nlmconv, or CodeWarrior 7 PDK 4 or later.
- - gnu make and awk running on the platform you compile on;
- native Win32 versions can be downloaded from:
- http://www.gknw.net/development/prgtools/
- - recent Novell LibC or Novell CLib SDK available from:
- https://www.novell.com/developer/ndk/
- - optional recent Novell CLDAP SDK available from:
- https://www.novell.com/developer/ndk/ldap_libraries_for_c.html
- - optional zlib sources (static or dynamic linking with zlib.imp);
- sources with NetWare Makefile can be obtained from:
- http://www.gknw.net/mirror/zlib/
- - optional OpenSSL sources (version 0.9.8 or later build with BSD sockets);
- you can find precompiled packages at:
- http://www.gknw.net/development/ossl/netware/
- for CLIB-based builds OpenSSL 0.9.8h or later is required - earlier
versions
- don't support building with CLIB BSD sockets.
- - optional SSH2 sources (version 0.17 or later);
-
- Set a search path to your compiler, linker and tools; on Linux make
- sure that the var OSTYPE contains the string 'linux'; set the var
- NDKBASE to point to the base of your Novell NDK; and then type
- 'make netware' from the top source directory; other targets available
- are 'netware-ssl', 'netware-ssl-zlib', 'netware-zlib' and 'netware-ares';
- if you need other combinations you can control the build with the
- environment variables WITH_SSL, WITH_ZLIB, WITH_ARES, WITH_SSH2, and
- ENABLE_IPV6; you can set LINK_STATIC=1 to link curl.nlm statically.
- By default LDAP support is enabled, however currently you will need a patch
- in order to use the CLDAP NDK with BSD sockets (Novell Bug 300237):
- http://www.gknw.net/test/curl/cldap_ndk/ldap_ndk.diff
- I found on some Linux systems (RH9) that OS detection didn't work although
- a 'set | grep OSTYPE' shows the var present and set; I simply overwrote it
- with 'OSTYPE=linux-rh9-gnu' and the detection in the Makefile worked...
- Any help in testing appreciated!
- Builds automatically created 8 times a day from current git are here:
- http://www.gknw.net/mirror/curl/autobuilds/
- the status of these builds can be viewed at the autobuild table:
- https://curl.haxx.se/dev/builds.html
-
-eCos
-====
-
- curl does not use the eCos build system, so you must first build eCos
- separately, then link curl to the resulting eCos library. Here's a sample
- configure line to do so on an x86 Linux box targeting x86:
-
- GCCLIB=`gcc -print-libgcc-file-name` && \
- CFLAGS="-D__ECOS=1 -nostdinc -I$ECOS_INSTALL/include \
- -I`dirname $GCCLIB`/include" \
- LDFLAGS="-nostdlib -Wl,--gc-sections -Wl,-static \
- -L$ECOS_INSTALL/lib -Ttarget.ld -ltarget" \
- ./configure --host=i386 --disable-shared \
- --without-ssl --without-zlib --disable-manual --disable-ldap
-
- In most cases, eCos users will be using libcurl from within a custom
- embedded application. Using the standard 'curl' executable from
- within eCos means facing the limitation of the standard eCos C
- startup code which does not allow passing arguments in main(). To
- run 'curl' from eCos and have it do something useful, you will need
- to either modify the eCos startup code to pass in some arguments, or
- modify the curl application itself to retrieve its arguments from
- some location set by the bootloader or hard-code them.
-
- Something like the following patch could be used to hard-code some
- arguments. The MTAB_ENTRY line mounts a RAM disk as the root filesystem
- (without mounting some kind of filesystem, eCos errors out all file
- operations which curl does not take to well). The next section synthesizes
- some command-line arguments for curl to use, in this case to direct curl
- to read further arguments from a file. It then creates that file on the
- RAM disk and places within it a URL to download: a file: URL that
- just happens to point to the configuration file itself. The results
- of running curl in this way is the contents of the configuration file
- printed to the console.
-
---- src/main.c 19 Jul 2006 19:09:56 -0000 1.363
-+++ src/main.c 24 Jul 2006 21:37:23 -0000
-@@ -4286,11 +4286,31 @@
- }
-
-
-+#ifdef __ECOS
-+#include <cyg/fileio/fileio.h>
-+MTAB_ENTRY( testfs_mte1,
-+ "/",
-+ "ramfs",
-+ "",
-+ 0);
-+#endif
-
- int main(int argc, char *argv[])
- {
- int res;
- struct Configurable config;
-+#ifdef __ECOS
-+ char *args[] = {"ecos-curl", "-K", "curlconf.txt"};
-+ FILE *f;
-+ argc = sizeof(args)/sizeof(args[0]);
-+ argv = args;
-+
-+ f = fopen("curlconf.txt", "w");
-+ if (f) {
-+ fprintf(f, "--url file:curlconf.txt");
-+ fclose(f);
-+ }
-+#endif
- memset(&config, 0, sizeof(struct Configurable));
-
- config.errors = stderr; /* default errors to stderr */
-
-Minix
-=====
-
- curl can be compiled on Minix 3 using gcc or ACK (starting with
- ver. 3.1.3). Ensure that GNU gawk and bash are both installed and
- available in the PATH.
-
- ACK
- ---
- Increase the heap sizes of the compiler with the command:
-
- binsizes xxl
-
- then configure and compile curl with:
-
- ./configure CC=cc LD=cc AR=/usr/bin/aal GREP=grep \
- CPPFLAGS='-D_POSIX_SOURCE=1 -I/usr/local/include'
- make
- chmem =256000 src/curl
-
- GCC
- ---
- Make sure gcc is in your PATH with the command:
-
- export PATH=/usr/gnu/bin:$PATH
-
- then configure and compile curl with:
-
- ./configure CC=gcc AR=/usr/gnu/bin/gar GREP=grep
- make
- chmem =256000 src/curl
-
-Symbian OS
-==========
-
- The Symbian OS port uses the Symbian build system to compile. From the
- packages/Symbian/group/ directory, run:
-
- bldmake bldfiles
- abld build
-
- to compile and install curl and libcurl using SBSv1. If your Symbian
- SDK doesn't include support for P.I.P.S., you will need to contact
- your SDK vendor to obtain that first.
-
-VxWorks
-========
-
- Build for VxWorks is performed using cross compilation.
- That means you build on Windows machine using VxWorks tools and
- run the built image on the VxWorks device.
-
- To build libcurl for VxWorks you need:
-
- - CYGWIN (free, https://cygwin.com/)
- - Wind River Workbench (commercial)
-
- If you have CYGWIN and Workbench installed on you machine
- follow after next steps:
-
- 1. Open the Command Prompt window and change directory ('cd')
- to the libcurl 'lib' folder.
- 2. Add CYGWIN 'bin' folder to the PATH environment variable.
- For example, type 'set PATH=C:/embedded/cygwin/bin;%PATH%'.
- 3. Adjust environment variables defined in 'Environment' section
- of the Makefile.vxworks file to point to your software folders.
- 4. Build the libcurl by typing 'make -f ./Makefile.vxworks'
-
- As a result the libcurl.a library should be created in the 'lib' folder.
- To clean the build results type 'make -f ./Makefile.vxworks clean'.
-
-Android
-=======
-
- Method using the static makefile:
-
- - see the build notes in the packages/Android/Android.mk file.
-
- Method using a configure cross-compile (tested with Android NDK r7c, r8):
-
- - prepare the toolchain of the Android NDK for standalone use; this can
- be done by invoking the script:
- ./build/tools/make-standalone-toolchain.sh
- which creates a usual cross-compile toolchain. Lets assume that you put
- this toolchain below /opt then invoke configure with something like:
- export PATH=/opt/arm-linux-androideabi-4.4.3/bin:$PATH
- ./configure --host=arm-linux-androideabi [more configure options]
- make
- - if you want to compile directly from our GIT repo you might run into
- this issue with older automake stuff:
- checking host system type...
- Invalid configuration `arm-linux-androideabi':
- system `androideabi' not recognized
- configure: error: /bin/sh ./config.sub arm-linux-androideabi failed
- this issue can be fixed with using more recent versions of config.sub
- and config.guess which can be obtained here:
- http://git.savannah.gnu.org/gitweb/?p=config.git;a=tree
- you need to replace your system-own versions which usually can be
- found in your automake folder:
- find /usr -name config.sub
-
- Wrapper for pkg-config:
-
- - In order to make proper use of pkg-config so that configure is able to
- find all dependencies you should create a wrapper script for
pkg-config;
- file
/opt/arm-linux-androideabi-4.4.3/bin/arm-linux-androideabi-pkg-config:
-
- #!/bin/sh
- SYSROOT=$(dirname ${0%/*})/sysroot
- export PKG_CONFIG_DIR=
- export
PKG_CONFIG_LIBDIR=${SYSROOT}/usr/local/lib/pkgconfig:${SYSROOT}/usr/share/pkgconfig
- export PKG_CONFIG_SYSROOT_DIR=${SYSROOT}
- exec pkg-config "$@"
-
- also create a copy or symlink with name
arm-unknown-linux-androideabi-pkg-config.
-
-CROSS COMPILE
-=============
-
- (This section was graciously brought to us by Jim Duey, with additions by
- Dan Fandrich)
-
- Download and unpack the cURL package.
-
- 'cd' to the new directory. (e.g. cd curl-7.12.3)
-
- Set environment variables to point to the cross-compile toolchain and call
- configure with any options you need. Be sure and specify the '--host' and
- '--build' parameters at configuration time. The following script is an
- example of cross-compiling for the IBM 405GP PowerPC processor using the
- toolchain from MonteVista for Hardhat Linux.
-
- (begin script)
-
- #! /bin/sh
-
- export PATH=$PATH:/opt/hardhat/devkit/ppc/405/bin
- export CPPFLAGS="-I/opt/hardhat/devkit/ppc/405/target/usr/include"
- export AR=ppc_405-ar
- export AS=ppc_405-as
- export LD=ppc_405-ld
- export RANLIB=ppc_405-ranlib
- export CC=ppc_405-gcc
- export NM=ppc_405-nm
-
- ./configure --target=powerpc-hardhat-linux \
- --host=powerpc-hardhat-linux \
- --build=i586-pc-linux-gnu \
- --prefix=/opt/hardhat/devkit/ppc/405/target/usr/local \
- --exec-prefix=/usr/local
-
- (end script)
-
- You may also need to provide a parameter like '--with-random=/dev/urandom'
- to configure as it cannot detect the presence of a random number
- generating device for a target system. The '--prefix' parameter
- specifies where cURL will be installed. If 'configure' completes
- successfully, do 'make' and 'make install' as usual.
-
- In some cases, you may be able to simplify the above commands to as
- little as:
-
- ./configure --host=ARCH-OS
-
-REDUCING SIZE
-=============
-
- There are a number of configure options that can be used to reduce the
- size of libcurl for embedded applications where binary size is an
- important factor. First, be sure to set the CFLAGS variable when
- configuring with any relevant compiler optimization flags to reduce the
- size of the binary. For gcc, this would mean at minimum the -Os option,
- and potentially the -march=X, -mdynamic-no-pic and -flto options as well,
- e.g.
-
- ./configure CFLAGS='-Os' LDFLAGS='-Wl,-Bsymbolic'...
-
- Note that newer compilers often produce smaller code than older versions
- due to improved optimization.
-
- Be sure to specify as many --disable- and --without- flags on the configure
- command-line as you can to disable all the libcurl features that you
- know your application is not going to need. Besides specifying the
- --disable-PROTOCOL flags for all the types of URLs your application
- will not use, here are some other flags that can reduce the size of the
- library:
-
- --disable-ares (disables support for the C-ARES DNS library)
- --disable-cookies (disables support for HTTP cookies)
- --disable-crypto-auth (disables HTTP cryptographic authentication)
- --disable-ipv6 (disables support for IPv6)
- --disable-manual (disables support for the built-in documentation)
- --disable-proxy (disables support for HTTP and SOCKS proxies)
- --disable-unix-sockets (disables support for UNIX sockets)
- --disable-verbose (eliminates debugging strings and error code strings)
- --disable-versioned-symbols (disables support for versioned symbols)
- --enable-hidden-symbols (eliminates unneeded symbols in the shared
library)
- --without-libidn (disables support for the libidn DNS library)
- --without-librtmp (disables support for RTMP)
- --without-ssl (disables support for SSL/TLS)
- --without-zlib (disables support for on-the-fly decompression)
-
- The GNU compiler and linker have a number of options that can reduce the
- size of the libcurl dynamic libraries on some platforms even further.
- Specify them by providing appropriate CFLAGS and LDFLAGS variables on the
- configure command-line, e.g.
-
- CFLAGS="-Os -ffunction-sections -fdata-sections \
- -fno-unwind-tables -fno-asynchronous-unwind-tables -flto" \
- LDFLAGS="-Wl,-s -Wl,-Bsymbolic -Wl,--gc-sections"
-
- Be sure also to strip debugging symbols from your binaries after
- compiling using 'strip' (or the appropriate variant if cross-compiling).
- If space is really tight, you may be able to remove some unneeded
- sections of the shared library using the -R option to objcopy (e.g. the
- .comment section).
-
- Using these techniques it is possible to create a basic HTTP-only shared
- libcurl library for i386 Linux platforms that is only 109 KiB in size, and
- an FTP-only library that is 109 KiB in size (as of libcurl version 7.45.0,
- using gcc 4.9.2).
-
- You may find that statically linking libcurl to your application will
- result in a lower total size than dynamically linking.
-
- Note that the curl test harness can detect the use of some, but not all, of
- the --disable statements suggested above. Use will cause tests relying on
- those features to fail. The test harness can be manually forced to skip
- the relevant tests by specifying certain key words on the runtests.pl
- command line. Following is a list of appropriate key words:
-
- --disable-cookies !cookies
- --disable-manual !--manual
- --disable-proxy !HTTP\ proxy !proxytunnel !SOCKS4 !SOCKS5
-
-PORTS
-=====
-
- This is a probably incomplete list of known hardware and operating systems
- that curl has been compiled for. If you know a system curl compiles and
- runs on, that isn't listed, please let us know!
-
- - Alpha DEC OSF 4
- - Alpha Digital UNIX v3.2
- - Alpha FreeBSD 4.1, 4.5
- - Alpha Linux 2.2, 2.4
- - Alpha NetBSD 1.5.2
- - Alpha OpenBSD 3.0
- - Alpha OpenVMS V7.1-1H2
- - Alpha Tru64 v5.0 5.1
- - AVR32 Linux
- - ARM Android 1.5, 2.1, 2.3, 3.2, 4.x
- - ARM INTEGRITY
- - ARM iOS
- - Cell Linux
- - Cell Cell OS
- - HP-PA HP-UX 9.X 10.X 11.X
- - HP-PA Linux
- - HP3000 MPE/iX
- - MicroBlaze uClinux
- - MIPS IRIX 6.2, 6.5
- - MIPS Linux
- - OS/400
- - Pocket PC/Win CE 3.0
- - Power AIX 3.2.5, 4.2, 4.3.1, 4.3.2, 5.1, 5.2
- - PowerPC Darwin 1.0
- - PowerPC INTEGRITY
- - PowerPC Linux
- - PowerPC Mac OS 9
- - PowerPC Mac OS X
- - SH4 Linux 2.6.X
- - SH4 OS21
- - SINIX-Z v5
- - Sparc Linux
- - Sparc Solaris 2.4, 2.5, 2.5.1, 2.6, 7, 8, 9, 10
- - Sparc SunOS 4.1.X
- - StrongARM (and other ARM) RISC OS 3.1, 4.02
- - StrongARM/ARM7/ARM9 Linux 2.4, 2.6
- - StrongARM NetBSD 1.4.1
- - Symbian OS (P.I.P.S.) 9.x
- - TPF
- - Ultrix 4.3a
- - UNICOS 9.0
- - i386 BeOS
- - i386 DOS
- - i386 eCos 1.3.1
- - i386 Esix 4.1
- - i386 FreeBSD
- - i386 HURD
- - i386 Haiku OS
- - i386 Linux 1.3, 2.0, 2.2, 2.3, 2.4, 2.6
- - i386 Mac OS X
- - i386 MINIX 3.1
- - i386 NetBSD
- - i386 Novell NetWare
- - i386 OS/2
- - i386 OpenBSD
- - i386 QNX 6
- - i386 SCO unix
- - i386 Solaris 2.7
- - i386 Windows 95, 98, ME, NT, 2000, XP, 2003
- - i486 ncr-sysv4.3.03 (NCR MP-RAS)
- - ia64 Linux 2.3.99
- - m68k AmigaOS 3
- - m68k Linux
- - m68k uClinux
- - m68k OpenBSD
- - m88k dg-dgux5.4R3.00
- - s390 Linux
- - x86_64 Linux
- - XScale/PXA250 Linux 2.4
- - Nios II uClinux
-
-Useful URLs
-===========
-
-axTLS http://axtls.sourceforge.net/
-c-ares http://c-ares.haxx.se/
-GNU GSS https://www.gnu.org/software/gss/
-GnuTLS https://www.gnu.org/software/gnutls/
-Heimdal http://www.h5l.org/
-libidn https://www.gnu.org/software/libidn/
-libmetalink https://launchpad.net/libmetalink/
-libssh2 https://www.libssh2.org/
-MIT Kerberos http://web.mit.edu/kerberos/www/dist/
-NSS https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
-OpenLDAP http://www.openldap.org/
-OpenSSL https://www.openssl.org/
-PolarSSL https://tls.mbed.org/
-wolfSSL https://www.wolfssl.com/wolfSSL/
-Zlib http://www.zlib.net/
-
-MingW http://www.mingw.org/
-MinGW-w64 http://mingw-w64.sourceforge.net/
-OpenWatcom http://www.openwatcom.org/
+see INSTALL.md
diff --git a/docs/INSTALL.cmake b/docs/INSTALL.cmake
index b2924e642..abdfb46b2 100644
--- a/docs/INSTALL.cmake
+++ b/docs/INSTALL.cmake
@@ -24,8 +24,9 @@ Current flaws in the curl CMake build
Missing features in the cmake build:
- Builds libcurl without large file support
- - Can't select which SSL library to build with, only OpenSSL
- - Doesn't build with SCP and SFTP support (libssh2)
+ - Does not support all SSL libraries (only OpenSSL, WinSSL, DarwinSSL, and
+ mbed TLS)
+ - Doesn't build with SCP and SFTP support (libssh2) (see issue #1155)
- Doesn't allow different resolver backends (no c-ares build support)
- No RTMP support built
- Doesn't allow build curl and libcurl debug enabled
@@ -33,19 +34,9 @@ Current flaws in the curl CMake build
- Doesn't allow you to disable specific protocols from the build
- Doesn't find or use krb4 or GSS
- Rebuilds test files too eagerly, but still can't run the tests
+ - Does't detect the correct strerror_r flavor when cross-compiling (issue
#1123)
-Important notice
-==================
- If you got your curl sources from a distribution tarball, make sure to
- delete the generic 'include/curl/curlbuild.h' file that comes with it:
- rm -f curl/include/curl/curlbuild.h
-
- The purpose of this file is to provide reasonable definitions for systems
- where autoconfiguration is not available. CMake will create its own
- version of this file in its build directory. If the "generic" version
- is not deleted, weird build errors may occur on some systems.
-
Command Line CMake
==================
A CMake build of curl is similar to the autotools build of curl. It
diff --git a/docs/INSTALL.devcpp b/docs/INSTALL.devcpp
deleted file mode 100644
index f989d5295..000000000
--- a/docs/INSTALL.devcpp
+++ /dev/null
@@ -1,302 +0,0 @@
-DevCpp-Mingw Install & Compilation Sept 2005
-==================================
-
-Reference Emails available at address@hidden:
-
- Libcurl Install and Use Issues
- Awaiting an Answer for Win 32 Install
- res = curl_easy_perform(curl); Error
- Makefile Issues
-
-
-Having previously done a thorough review of what was available that met my
-requirements under GPL, I settled for Libcurl as the software of choice for
-many reasons not the least of which was the support.
-
-Background
-----------
-
-This quest started when I innocently tried to incorporate the libcurl library
-into my simple source code. I figured that a few easy steps would accomplish
-this without major headaches. I had no idea that I would be facing an almost
-insurmountable challenge.
-
-The main problem lies in two areas. First the bulk of support for libcurl
-exists for a Unix/linux command line environments. This is of little help when
-it comes to Windows O/S.
-
-Secondly the help that does exist for the Windows O/S focused around mingw
-through a command line argument environment.
-
-You may ask "Why is this a problem?"
-
-I'm using a Windows O/S with DevCpp. For those of you who are unfamiliar with
-DevCpp, it is a window shell GUI that replaces the command line environment
-for gcc. A definite improvement that I am unwilling to give up. However using
-DevCpp presented its own set of issues. Inadvertently I also made some
-careless errors such as compiling the 7.14 version of Makefile with an older
-version of source code. Thanks to Dan Fandrich for picking this up.
-
-I did eventually with the help of Daniel, Phillipe and others manage to
-implement successfully (the only mingw available version)
-curl-7.13.0-win32-ssl-devel-mingw32 into the DevCpp environment. Only the
-dynamic libcurl.dll libcurldll.a libraries worked. The static library which I
-was interested in did not. Furthermore when I tried to implement one of the
-examples included with the curl package (get info.c) it caused the executable
-to crash. Tracing the bug I found it in the code and function res =
-curl_easy_perform(curl);.
-
-At this point I had to make a choice as to whether invest my limited
-time-energy resource to fixing the bug or to compile the new version
-available. After searching the archives I found a very similar or the same bug
-reported from version 7.12x on. Daniel did inform me that he thought that this
-bug had been fixed with the latest version. So I proceeded to compile the
-latest SSL version where I faced other challenges.
-
-In order to make this process unremarkable for others using the same
-environment I decided to document the process so that others will find it
-routine. It would be a shame if newbies could not implement this excellent
-package for their use.
-
-I would like to thank the many others in this forum and in the DevCpp forum
-for their help. Without your help I may either have given up or it would have
-taken me many times longer to achieve success.
-
-The Cookbook Approach
----------------------
-
-This discussion will be confined to a SSL static library compilation and
-installation. Limited mention and comments will be inserted where appropriate
-to help with non-SSL, dynamic libraries and executables.
-
-
- Using Makefile from DevCpp to compile Libcurl libraries
-
-Preamble
---------
-
-Using the latest version release - curl-7.14.0.tar.gz. Curl source code is
-platform independent. This simply means that the source code can be compiled
-for any Operating System (Linux/Unix Windows etc. and variations of thereof).
-
-The first thing to note is that inside curl-7.14.0 you will find two folders
-lib and src. Both contain Makefile.m32 (required for win mingw library or exe
-compilation) files which are different. The main difference between these two
-folders and the makefiles is that the src folder contents are used to compile
-an executable file(curl.exe) while the lib folder contents are used to compile
-a static (libcurl.a) and dynamic (libcurl.dll & libcurldll.a) file that can be
-used to compile libcurl with your own source code so that one can use and
-access all libcurl functions.
-
-Before we start please make sure that DevCpp is installed properly. In
-particular make sure you have no spaces in the name of any of the directories
-and subdirectories where DevCpp is installed. Failure to comply with the
-install instructions may produce erratic behaviour in DevCpp. For further info
-check the following sites
-
-http://aditsu.freeunixhost.com/dev-cpp-faq.html
-https://sourceforge.net/p/dev-cpp/discussion/48211/thread/2a85ea46
-
-As I have mentioned before I will confine this to the SSL Library compilations
-but the process is very similar for compilation of the executable - curl.exe;
-just substitute the src folder makefile in its stead.
-
-First use a text processor Notepad, or your own favourite text processor. To
-engage your favourite text processor, select Makefile.m32 click once with your
-mouse on file icon; icon turns blue, press the shift key and right-click on
-mouse, menu appears select "Open with", select your favourite text processor.
-
-Next read the contents of Makefile.m32. It includes instructions on its use.
-
-Method I - DOS Command Line
----------------------------
-
-Note - The only reason I have included this method is that Method II which is
-the preferred method for compiling does not allow for the setting of option
-switches (e.g. SSL = 1 or SSL =0). At least that's what they tell me at the
-Dev-Cpp forum.
-
-1 - Make a copy of (D:\Dev-Cpp\bin) bin folder and name it "bin Original"
-place it in the Dev-Cpp installed directory (D:\Dev-Cpp\ for this example)
-
-2 - Copy the entire contents of the LIB folder of curl-7.14.0.tar.gz or zip
-version into the bin folder above (D:\Dev-Cpp\bin). The reason being is that
-the make.exe file resides in this folder. Make.exe will use - Makefile.m32,
-Makefile.inc, and the source code included in the lib folder to compile the
-source code. There is a PATH issue with make.exe that remains unresolved at
-least for me. Unless the entire source code to be compiled is placed entirely
-within the directory of make.exe an error message will be generated - "file
-xxxx.yyy not available".
-
-3- Go to Dev-Cpp\bin and double click on make .exe. You will see a DOS window
-quickly pop up and close very quickly. Not to worry! Please do not skip this
-step.
-
-4- Click on the start button\Programs\MS-DOS Prompt.Once the DOS Window is up
-Type the disk drive letter (e.g. E: ) engage the enter button. The path should
-automatically take you to the directory of the make.exe file.
-
-5- To compile the source code simply type at the DOS prompt make -f
-Makefile.m32 as per instructions contained in the Makefile.m32 file (use any
-text processor to read instructions). I don't believe that this makefile
-allows for the option of non SSL. Ignore any warnings.
-
-6- Collect and make copies of libcurl.a, libcurl.dll, libcurldll.a and any *.o
-compilations you might need in another directory outside of the bin directory
-as you will need this files shortly to set up libcurl for use with
-Dev-cpp. For most apps *.o is not required. Later on we will show what to do
-with these files.
-
-7- You are finished but before closing we need to do cleanup - erase the bin
-folder and rename the "bin Original" folder created in step 1 to bin.
-
-Note to compile a curl executable the process is probably similar but instead
-of using the LIB folder contents use the SRC folder contents and Makefiles in
-curl-7.14.0.tar.gz. File directories relative placements must be respected for
-compiling to take place successfully. This may not be possible with the PATH
-problem that make.exe experiences. If anyone has solved this PATH issue and
-please make sure it actually works on Win 9x/2000/XP before letting me
-know. Then please let me or Daniel in on the solution so that it can be
-included with these instructions. Thanks.
-
-or
-
-Method II - Dev-Cpp GUI
------------------------
-
-1- Copy the entire contents of the LIB folder of curl-7.14.0.tar.gz or zip
-version into any folder outside of (Dev-Cpp\bin).
-
-2- Drop the File/New/click on Project.
-
-3- New Project Dialogue box appears. Double click on the Static Library.
-
-4- Create Project Dialogue box appears. Select the LIB folder location to
-place and locate your Project File Name. Placing the Project File Name
-elsewhere may cause problems (PATH issue problem again).
-
-5- Drop down the Project/Project Options. Project Options Dialogue box
-appears.
-
-6- Select the Makefile tab in the Project Options Dialogue Box. Check Box -
-Use Custom Makefile. Click on the Folder icon at the extreme right of the
-Check Box. Select Makefile.m32 in the folder wherever you have placed the
-contents of the LIB Folder. Press OK and close the Dialogue Box.
-
-7- Drop the Menu Project/Click on Add to Project. Open File Dialogue Box
-appears. The Dialogue Box should open in the folder wherever you have placed
-the contents of the LIB Folder. If not go there.
-
-8- Select Crtl-A to select all files in the LIB folder. Click on open to add
-files and close box. Wait till all files are added. This may take 30 seconds
-or longer.
-
-9- Drop the Menu Execute/Click on Compile.
-
-10- That's it.
-
-
- The following steps must be completed if Curl is to work properly
- =================================================================
-
-LIB folder inclusions (*.a placement)
--------------------------------------
-
-1- Refer to Method I - DOS Command Line point # 6 Take libcurl.a, libcurldll.a
-and install it in the directory C( or whichever drive Dev is installed)
-:\Dev-Cpp\lib.
-
-
-Include Folder
---------------
-
-1- Create a new folder by the name of curl (do not change the name curl to
-some other name as it will cause major issues) in the directory
-C:\Dev-Cpp\include.
-
-2- Copy the entire contents of the curl folder of curl-7.14.0.tar.gz or zip
- version into the newly created curl directory - C:\Dev-Cpp\include\curl.
-
-Links To Include And Lib Folder
--------------------------------
-
-1- Drop the Menu - Tools\Compiler Options\Directories\Libraries. Make sure
-that C( or whichever drive Dev is installed):\DEV-CPP\lib is included.
-
-2- Next select the Menu - Tools\Compiler Options\Directories\C Includes. Make
-sure that C:\DEV-CPP\include and C:\Dev-Cpp\include\curl are included.
-
-3- Next select the Menu - Tools\Compiler Options\Directories\C++
-Includes. Make sure that C:\DEV-CPP\include and C:\Dev-Cpp\include\curl are
-included.
-
-Linker Links
-------------
-
-1- Drop the Menu - Tools\Compiler Options\Directories\Compiler.
-
-2- Make sure that the box "Add these commands to the linker command line" is
-checked.
-
-3- Include in the white space immediately below the box referred in 2 -lcurl
--lws2_32.
-
-SSL Files
----------
-
-1- Get the latest openSSL (as of time of this writing)
-openssl-0.9.7e-win32-bin.zip for the minimalist package of the openssl-0.9.7e
-binaries ported to MS Windows 95/98/NT/XP using the MingW32/GCC-3.1
-development environment. The file may be downloaded at
-https://curl.haxx.se/download/.
-
-2- Open the above zip file. You will find two files - SDL.dll,
-SDL_mixer.dll. Install them in the directory C:\WINDOWS\SYSTEM32 for Win 9x
-users and c:\winnt\system32 for NT-family users.
-
-Multithreading Files
---------------------
-
-To be completed
-
-#define
--------
-
-1- Make sure that your program includes the following - #define CURL_STATICLIB
-must be declared FIRST before any other define functions may be
-added. Otherwise you may experience link errors.
-
-2- Don't forget to include #include "curl/curl.h".
-
-e.g.
- #define CURL_STATICLIB
-#include <windows.h>
- #include "curl/curl.h"
-#include <fstream>
-#include <iostream>
-#include <vector>
-etc...
-
-
-Static or Dynamic Library
--------------------------
-
-The above steps apply for the use by a static library. Should you choose to
-use a dynamic library you will be required to perform these additional steps.
-
-1- Refer to Method I - DOS Command Line point # 6. Install libcurl.dll in the
-directory C:\WINDOWS\SYSTEM32 for Win 9x users and c:\winnt\system32 for
-NT-family users.
-
-2- Refer to Linker Links point 3 - Replace -lcurl with -lcurldll.
-
-Voila you're done.
-
-The non-SSL static Library build may not be possible to use at least as of the
-time of this writing - v7.14. Check reference emails - Phillipe and I found it
-impossible to fully compile as certain files were missing for linking. No big
-loss as SSL is a major plus.
-
-Hope this Helps
-
-Tom
diff --git a/docs/INSTALL.md b/docs/INSTALL.md
new file mode 100644
index 000000000..6c2c8ce64
--- /dev/null
+++ b/docs/INSTALL.md
@@ -0,0 +1,513 @@
+# how to install curl and libcurl
+
+## Installing Binary Packages
+
+Lots of people download binary distributions of curl and libcurl. This
+document does not describe how to install curl or libcurl using such a binary
+package. This document describes how to compile, build and install curl and
+libcurl from source code.
+
+## Building from git
+
+If you get your code off a git repository instead of a release tarball, see
+the `GIT-INFO` file in the root directory for specific instructions on how to
+proceed.
+
+# Unix
+
+A normal Unix installation is made in three or four steps (after you've
+unpacked the source archive):
+
+ ./configure
+ make
+ make test (optional)
+ make install
+
+You probably need to be root when doing the last command.
+
+Get a full listing of all available configure options by invoking it like:
+
+ ./configure --help
+
+If you want to install curl in a different file hierarchy than `/usr/local`,
+specify that when running configure:
+
+ ./configure --prefix=/path/to/curl/tree
+
+If you have write permission in that directory, you can do 'make install'
+without being root. An example of this would be to make a local install in
+your own home directory:
+
+ ./configure --prefix=$HOME
+ make
+ make install
+
+The configure script always tries to find a working SSL library unless
+explicitly told not to. If you have OpenSSL installed in the default search
+path for your compiler/linker, you don't need to do anything special. If you
+have OpenSSL installed in /usr/local/ssl, you can run configure like:
+
+ ./configure --with-ssl
+
+If you have OpenSSL installed somewhere else (for example, /opt/OpenSSL) and
+you have pkg-config installed, set the pkg-config path first, like this:
+
+ env PKG_CONFIG_PATH=/opt/OpenSSL/lib/pkgconfig ./configure --with-ssl
+
+Without pkg-config installed, use this:
+
+ ./configure --with-ssl=/opt/OpenSSL
+
+If you insist on forcing a build without SSL support, even though you may
+have OpenSSL installed in your system, you can run configure like this:
+
+ ./configure --without-ssl
+
+If you have OpenSSL installed, but with the libraries in one place and the
+header files somewhere else, you have to set the LDFLAGS and CPPFLAGS
+environment variables prior to running configure. Something like this should
+work:
+
+ CPPFLAGS="-I/path/to/ssl/include" LDFLAGS="-L/path/to/ssl/lib" ./configure
+
+If you have shared SSL libs installed in a directory where your run-time
+linker doesn't find them (which usually causes configure failures), you can
+provide the -R option to ld on some operating systems to set a hard-coded
+path to the run-time linker:
+
+ LDFLAGS=-R/usr/local/ssl/lib ./configure --with-ssl
+
+## More Options
+
+To force a static library compile, disable the shared library creation by
+running configure like:
+
+ ./configure --disable-shared
+
+To tell the configure script to skip searching for thread-safe functions, add
+an option like:
+
+ ./configure --disable-thread
+
+If you're a curl developer and use gcc, you might want to enable more debug
+options with the `--enable-debug` option.
+
+curl can be built to use a whole range of libraries to provide various useful
+services, and configure will try to auto-detect a decent default. But if you
+want to alter it, you can select how to deal with each individual library.
+
+## Select TLS backend
+
+The default OpenSSL configure check will also detect and use BoringSSL or
+libressl.
+
+ - GnuTLS: `--without-ssl --with-gnutls`.
+ - Cyassl: `--without-ssl --with-cyassl`
+ - NSS: `--without-ssl --with-nss`
+ - PolarSSL: `--without-ssl --with-polarssl`
+ - mbedTLS: `--without-ssl --with-mbedtls`
+ - axTLS: `--without-ssl --with-axtls`
+ - schannel: `--without-ssl --with-winssl`
+ - secure transport: `--without-ssl --with-darwinssl`
+
+# Windows
+
+## Building Windows DLLs and C run-time (CRT) linkage issues
+
+ As a general rule, building a DLL with static CRT linkage is highly
+ discouraged, and intermixing CRTs in the same app is something to avoid at
+ any cost.
+
+ Reading and comprehending Microsoft Knowledge Base articles KB94248 and
+ KB140584 is a must for any Windows developer. Especially important is full
+ understanding if you are not going to follow the advice given above.
+
+ - [How To Use the C Run-Time](https://support.microsoft.com/kb/94248/en-us)
+ - [How to link with the correct C Run-Time CRT
library](https://support.microsoft.com/kb/140584/en-us)
+ - [Potential Errors Passing CRT Objects Across DLL
Boundaries](https://msdn.microsoft.com/en-us/library/ms235460)
+
+If your app is misbehaving in some strange way, or it is suffering from
+memory corruption, before asking for further help, please try first to
+rebuild every single library your app uses as well as your app using the
+debug multithreaded dynamic C runtime.
+
+ If you get linkage errors read section 5.7 of the FAQ document.
+
+## MingW32
+
+Make sure that MinGW32's bin dir is in the search path, for example:
+
+ set PATH=c:\mingw32\bin;%PATH%
+
+then run `mingw32-make mingw32` in the root dir. There are other
+make targets available to build libcurl with more features, use:
+
+ - `mingw32-make mingw32-zlib` to build with Zlib support;
+ - `mingw32-make mingw32-ssl-zlib` to build with SSL and Zlib enabled;
+ - `mingw32-make mingw32-ssh2-ssl-zlib` to build with SSH2, SSL, Zlib;
+ - `mingw32-make mingw32-ssh2-ssl-sspi-zlib` to build with SSH2, SSL, Zlib
+ and SSPI support.
+
+If you have any problems linking libraries or finding header files, be sure
+to verify that the provided "Makefile.m32" files use the proper paths, and
+adjust as necessary. It is also possible to override these paths with
+environment variables, for example:
+
+ set ZLIB_PATH=c:\zlib-1.2.8
+ set OPENSSL_PATH=c:\openssl-1.0.2c
+ set LIBSSH2_PATH=c:\libssh2-1.6.0
+
+It is also possible to build with other LDAP SDKs than MS LDAP; currently
+it is possible to build with native Win32 OpenLDAP, or with the Novell CLDAP
+SDK. If you want to use these you need to set these vars:
+
+ set LDAP_SDK=c:\openldap
+ set USE_LDAP_OPENLDAP=1
+
+or for using the Novell SDK:
+
+ set USE_LDAP_NOVELL=1
+
+If you want to enable LDAPS support then set LDAPS=1.
+
+## Cygwin
+
+Almost identical to the unix installation. Run the configure script in the
+curl source tree root with `sh configure`. Make sure you have the sh
+executable in /bin/ or you'll see the configure fail toward the end.
+
+Run `make`
+
+## Borland C++ compiler
+
+Ensure that your build environment is properly set up to use the compiler and
+associated tools. PATH environment variable must include the path to bin
+subdirectory of your compiler installation, eg: `c:\Borland\BCC55\bin`
+
+It is advisable to set environment variable BCCDIR to the base path of the
+compiler installation.
+
+ set BCCDIR=c:\Borland\BCC55
+
+In order to build a plain vanilla version of curl and libcurl run the
+following command from curl's root directory:
+
+ make borland
+
+To build curl and libcurl with zlib and OpenSSL support set environment
+variables `ZLIB_PATH` and `OPENSSL_PATH` to the base subdirectories of the
+already built zlib and OpenSSL libraries and from curl's root directory run
+command:
+
+ make borland-ssl-zlib
+
+libcurl library will be built in 'lib' subdirectory while curl tool is built
+in 'src' subdirectory. In order to use libcurl library it is advisable to
+modify compiler's configuration file bcc32.cfg located in
+`c:\Borland\BCC55\bin` to reflect the location of libraries include paths for
+example the '-I' line could result in something like:
+
+ -I"c:\Borland\BCC55\include;c:\curl\include;c:\openssl\inc32"
+
+bcc3.cfg `-L` line could also be modified to reflect the location of of
+libcurl library resulting for example:
+
+ -L"c:\Borland\BCC55\lib;c:\curl\lib;c:\openssl\out32"
+
+In order to build sample program `simple.c` from the docs\examples
+subdirectory run following command from mentioned subdirectory:
+
+ bcc32 simple.c libcurl.lib cw32mt.lib
+
+In order to build sample program simplessl.c an SSL enabled libcurl is
+required, as well as the OpenSSL libeay32.lib and ssleay32.lib libraries.
+
+## Disabling Specific Protocols in Windows builds
+
+The configure utility, unfortunately, is not available for the Windows
+environment, therefore, you cannot use the various disable-protocol options of
+the configure utility on this platform.
+
+However, you can use the following defines to disable specific
+protocols:
+
+ - `HTTP_ONLY` disables all protocols except HTTP
+ - `CURL_DISABLE_FTP` disables FTP
+ - `CURL_DISABLE_LDAP` disables LDAP
+ - `CURL_DISABLE_TELNET` disables TELNET
+ - `CURL_DISABLE_DICT` disables DICT
+ - `CURL_DISABLE_FILE` disables FILE
+ - `CURL_DISABLE_TFTP` disables TFTP
+ - `CURL_DISABLE_HTTP` disables HTTP
+ - `CURL_DISABLE_IMAP` disables IMAP
+ - `CURL_DISABLE_POP3` disables POP3
+ - `CURL_DISABLE_SMTP` disables SMTP
+
+If you want to set any of these defines you have the following options:
+
+ - Modify lib/config-win32.h
+ - Modify lib/curl_setup.h
+ - Modify winbuild/Makefile.vc
+ - Modify the "Preprocessor Definitions" in the libcurl project
+
+Note: The pre-processor settings can be found using the Visual Studio IDE
+under "Project -> Settings -> C/C++ -> General" in VC6 and "Project ->
+Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later
+versions.
+
+## Using BSD-style lwIP instead of Winsock TCP/IP stack in Win32 builds
+
+In order to compile libcurl and curl using BSD-style lwIP TCP/IP stack it is
+necessary to make definition of preprocessor symbol USE_LWIPSOCK visible to
+libcurl and curl compilation processes. To set this definition you have the
+following alternatives:
+
+ - Modify lib/config-win32.h and src/config-win32.h
+ - Modify winbuild/Makefile.vc
+ - Modify the "Preprocessor Definitions" in the libcurl project
+
+Note: The pre-processor settings can be found using the Visual Studio IDE
+under "Project -> Settings -> C/C++ -> General" in VC6 and "Project ->
+Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later
+versions.
+
+Once that libcurl has been built with BSD-style lwIP TCP/IP stack support, in
+order to use it with your program it is mandatory that your program includes
+lwIP header file `<lwip/opt.h>` (or another lwIP header that includes this)
+before including any libcurl header. Your program does not need the
+`USE_LWIPSOCK` preprocessor definition which is for libcurl internals only.
+
+Compilation has been verified with [lwIP
+1.4.0](https://download.savannah.gnu.org/releases/lwip/lwip-1.4.0.zip) and
+[contrib-1.4.0](https://download.savannah.gnu.org/releases/lwip/contrib-1.4.0.zip).
+
+This BSD-style lwIP TCP/IP stack support must be considered experimental given
+that it has been verified that lwIP 1.4.0 still needs some polish, and libcurl
+might yet need some additional adjustment, caveat emptor.
+
+## Important static libcurl usage note
+
+When building an application that uses the static libcurl library on Windows,
+you must add `-DCURL_STATICLIB` to your `CFLAGS`. Otherwise the linker will
+look for dynamic import symbols.
+
+## Legacy Windows and SSL
+
+WinSSL (specifically SChannel from Windows SSPI), is the native SSL library in
+Windows. However, WinSSL in Windows <= XP is unable to connect to servers that
+no longer support the legacy handshakes and algorithms used by those
+versions. If you will be using curl in one of those earlier versions of
+Windows you should choose another SSL backend such as OpenSSL.
+
+# Apple iOS and Mac OS X
+
+On modern Apple operating systems, curl can be built to use Apple's SSL/TLS
+implementation, Secure Transport, instead of OpenSSL. To build with Secure
+Transport for SSL/TLS, use the configure option `--with-darwinssl`. (It is not
+necessary to use the option `--without-ssl`.) This feature requires iOS 5.0 or
+later, or OS X 10.5 ("Leopard") or later.
+
+When Secure Transport is in use, the curl options `--cacert` and `--capath`
+and their libcurl equivalents, will be ignored, because Secure Transport uses
+the certificates stored in the Keychain to evaluate whether or not to trust
+the server. This, of course, includes the root certificates that ship with the
+OS. The `--cert` and `--engine` options, and their libcurl equivalents, are
+currently unimplemented in curl with Secure Transport.
+
+For OS X users: In OS X 10.8 ("Mountain Lion"), Apple made a major overhaul to
+the Secure Transport API that, among other things, added support for the newer
+TLS 1.1 and 1.2 protocols. To get curl to support TLS 1.1 and 1.2, you must
+build curl on Mountain Lion or later, or by using the equivalent SDK. If you
+set the `MACOSX_DEPLOYMENT_TARGET` environmental variable to an earlier
+version of OS X prior to building curl, then curl will use the new Secure
+Transport API on Mountain Lion and later, and fall back on the older API when
+the same curl binary is executed on older cats. For example, running these
+commands in curl's directory in the shell will build the code such that it
+will run on cats as old as OS X 10.6 ("Snow Leopard") (using bash):
+
+ export MACOSX_DEPLOYMENT_TARGET="10.6"
+ ./configure --with-darwinssl
+ make
+
+# Cross compile
+
+Download and unpack the curl package.
+
+'cd' to the new directory. (e.g. `cd curl-7.12.3`)
+
+Set environment variables to point to the cross-compile toolchain and call
+configure with any options you need. Be sure and specify the `--host` and
+`--build` parameters at configuration time. The following script is an
+example of cross-compiling for the IBM 405GP PowerPC processor using the
+toolchain from MonteVista for Hardhat Linux.
+
+ #! /bin/sh
+
+ export PATH=$PATH:/opt/hardhat/devkit/ppc/405/bin
+ export CPPFLAGS="-I/opt/hardhat/devkit/ppc/405/target/usr/include"
+ export AR=ppc_405-ar
+ export AS=ppc_405-as
+ export LD=ppc_405-ld
+ export RANLIB=ppc_405-ranlib
+ export CC=ppc_405-gcc
+ export NM=ppc_405-nm
+
+ ./configure --target=powerpc-hardhat-linux
+ --host=powerpc-hardhat-linux
+ --build=i586-pc-linux-gnu
+ --prefix=/opt/hardhat/devkit/ppc/405/target/usr/local
+ --exec-prefix=/usr/local
+
+You may also need to provide a parameter like `--with-random=/dev/urandom` to
+configure as it cannot detect the presence of a random number generating
+device for a target system. The `--prefix` parameter specifies where curl
+will be installed. If `configure` completes successfully, do `make` and `make
+install` as usual.
+
+In some cases, you may be able to simplify the above commands to as little as:
+
+ ./configure --host=ARCH-OS
+
+# REDUCING SIZE
+
+There are a number of configure options that can be used to reduce the size of
+libcurl for embedded applications where binary size is an important factor.
+First, be sure to set the CFLAGS variable when configuring with any relevant
+compiler optimization flags to reduce the size of the binary. For gcc, this
+would mean at minimum the -Os option, and potentially the `-march=X`,
+`-mdynamic-no-pic` and `-flto` options as well, e.g.
+
+ ./configure CFLAGS='-Os' LDFLAGS='-Wl,-Bsymbolic'...
+
+Note that newer compilers often produce smaller code than older versions
+due to improved optimization.
+
+Be sure to specify as many `--disable-` and `--without-` flags on the
+configure command-line as you can to disable all the libcurl features that you
+know your application is not going to need. Besides specifying the
+`--disable-PROTOCOL` flags for all the types of URLs your application will not
+use, here are some other flags that can reduce the size of the library:
+
+ - `--disable-ares` (disables support for the C-ARES DNS library)
+ - `--disable-cookies` (disables support for HTTP cookies)
+ - `--disable-crypto-auth` (disables HTTP cryptographic authentication)
+ - `--disable-ipv6` (disables support for IPv6)
+ - `--disable-manual` (disables support for the built-in documentation)
+ - `--disable-proxy` (disables support for HTTP and SOCKS proxies)
+ - `--disable-unix-sockets` (disables support for UNIX sockets)
+ - `--disable-verbose` (eliminates debugging strings and error code strings)
+ - `--disable-versioned-symbols` (disables support for versioned symbols)
+ - `--enable-hidden-symbols` (eliminates unneeded symbols in the shared
library)
+ - `--without-libidn` (disables support for the libidn DNS library)
+ - `--without-librtmp` (disables support for RTMP)
+ - `--without-ssl` (disables support for SSL/TLS)
+ - `--without-zlib` (disables support for on-the-fly decompression)
+
+The GNU compiler and linker have a number of options that can reduce the
+size of the libcurl dynamic libraries on some platforms even further.
+Specify them by providing appropriate CFLAGS and LDFLAGS variables on the
+configure command-line, e.g.
+
+ CFLAGS="-Os -ffunction-sections -fdata-sections
+ -fno-unwind-tables -fno-asynchronous-unwind-tables -flto"
+ LDFLAGS="-Wl,-s -Wl,-Bsymbolic -Wl,--gc-sections"
+
+Be sure also to strip debugging symbols from your binaries after compiling
+using 'strip' (or the appropriate variant if cross-compiling). If space is
+really tight, you may be able to remove some unneeded sections of the shared
+library using the -R option to objcopy (e.g. the .comment section).
+
+Using these techniques it is possible to create a basic HTTP-only shared
+libcurl library for i386 Linux platforms that is only 113 KiB in size, and an
+FTP-only library that is 113 KiB in size (as of libcurl version 7.50.3, using
+gcc 5.4.0).
+
+You may find that statically linking libcurl to your application will result
+in a lower total size than dynamically linking.
+
+Note that the curl test harness can detect the use of some, but not all, of
+the `--disable` statements suggested above. Use will cause tests relying on
+those features to fail. The test harness can be manually forced to skip the
+relevant tests by specifying certain key words on the runtests.pl command
+line. Following is a list of appropriate key words:
+
+ - `--disable-cookies` !cookies
+ - `--disable-manual` !--manual
+ - `--disable-proxy` !HTTP\ proxy !proxytunnel !SOCKS4 !SOCKS5
+
+# PORTS
+
+This is a probably incomplete list of known hardware and operating systems
+that curl has been compiled for. If you know a system curl compiles and
+runs on, that isn't listed, please let us know!
+
+ - Alpha DEC OSF 4
+ - Alpha Digital UNIX v3.2
+ - Alpha FreeBSD 4.1, 4.5
+ - Alpha Linux 2.2, 2.4
+ - Alpha NetBSD 1.5.2
+ - Alpha OpenBSD 3.0
+ - Alpha OpenVMS V7.1-1H2
+ - Alpha Tru64 v5.0 5.1
+ - AVR32 Linux
+ - ARM Android 1.5, 2.1, 2.3, 3.2, 4.x
+ - ARM INTEGRITY
+ - ARM iOS
+ - Cell Linux
+ - Cell Cell OS
+ - HP-PA HP-UX 9.X 10.X 11.X
+ - HP-PA Linux
+ - HP3000 MPE/iX
+ - MicroBlaze uClinux
+ - MIPS IRIX 6.2, 6.5
+ - MIPS Linux
+ - OS/400
+ - Pocket PC/Win CE 3.0
+ - Power AIX 3.2.5, 4.2, 4.3.1, 4.3.2, 5.1, 5.2
+ - PowerPC Darwin 1.0
+ - PowerPC INTEGRITY
+ - PowerPC Linux
+ - PowerPC Mac OS 9
+ - PowerPC Mac OS X
+ - SH4 Linux 2.6.X
+ - SH4 OS21
+ - SINIX-Z v5
+ - Sparc Linux
+ - Sparc Solaris 2.4, 2.5, 2.5.1, 2.6, 7, 8, 9, 10
+ - Sparc SunOS 4.1.X
+ - StrongARM (and other ARM) RISC OS 3.1, 4.02
+ - StrongARM/ARM7/ARM9 Linux 2.4, 2.6
+ - StrongARM NetBSD 1.4.1
+ - Symbian OS (P.I.P.S.) 9.x
+ - TPF
+ - Ultrix 4.3a
+ - UNICOS 9.0
+ - i386 BeOS
+ - i386 DOS
+ - i386 eCos 1.3.1
+ - i386 Esix 4.1
+ - i386 FreeBSD
+ - i386 HURD
+ - i386 Haiku OS
+ - i386 Linux 1.3, 2.0, 2.2, 2.3, 2.4, 2.6
+ - i386 Mac OS X
+ - i386 MINIX 3.1
+ - i386 NetBSD
+ - i386 Novell NetWare
+ - i386 OS/2
+ - i386 OpenBSD
+ - i386 QNX 6
+ - i386 SCO unix
+ - i386 Solaris 2.7
+ - i386 Windows 95, 98, ME, NT, 2000, XP, 2003
+ - i486 ncr-sysv4.3.03 (NCR MP-RAS)
+ - ia64 Linux 2.3.99
+ - m68k AmigaOS 3
+ - m68k Linux
+ - m68k uClinux
+ - m68k OpenBSD
+ - m88k dg-dgux5.4R3.00
+ - s390 Linux
+ - x86_64 Linux
+ - XScale/PXA250 Linux 2.4
+ - Nios II uClinux
diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md
index 1691fcc04..2e273a9dc 100644
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -56,7 +56,7 @@ git
All changes to the sources are committed to the git repository as soon as
they're somewhat verified to work. Changes shall be committed as independently
- as possible so that individual changes can be easier spotted and tracked
+ as possible so that individual changes can be easily spotted and tracked
afterwards.
Tagging shall be used extensively, and by the time we release new archives we
@@ -88,7 +88,7 @@ Dependencies
- MIT Kerberos 1.2.4
- GSKit V5R3M0
- NSS 3.14.x
- - axTLS 1.2.7
+ - axTLS 2.1.0
- PolarSSL 1.3.0
- Heimdal ?
- nghttp2 1.0.0
@@ -98,7 +98,7 @@ Operating Systems
On systems where configure runs, we aim at working on them all - if they have
a suitable C compiler. On systems that don't run configure, we strive to keep
- curl running fine on:
+ curl running correctly on:
- Windows 98
- AS/400 V5R3M0
@@ -126,13 +126,13 @@ Build tools
Windows vs Unix
===============
- There are a few differences in how to program curl the unix way compared to
- the Windows way. The four perhaps most notable details are:
+ There are a few differences in how to program curl the Unix way compared to
+ the Windows way. Perhaps the four most notable details are:
1. Different function names for socket operations.
In curl, this is solved with defines and macros, so that the source looks
- the same at all places except for the header file that defines them. The
+ the same in all places except for the header file that defines them. The
macros in use are sclose(), sread() and swrite().
2. Windows requires a couple of init calls for the socket stuff.
@@ -142,7 +142,7 @@ Windows vs Unix
behaviour.
3. The file descriptors for network communication and file operations are
- not easily interchangeable as in unix.
+ not as easily interchangeable as in Unix.
We avoid this by not trying any funny tricks on file descriptors.
@@ -156,11 +156,11 @@ Windows vs Unix
conditionals that deal with features *should* instead be in the format
`#ifdef HAVE_THAT_WEIRD_FUNCTION`. Since Windows can't run configure scripts,
we maintain a `curl_config-win32.h` file in lib directory that is supposed to
- look exactly as a `curl_config.h` file would have looked like on a Windows
+ look exactly like a `curl_config.h` file would have looked like on a Windows
machine!
Generally speaking: always remember that this will be compiled on dozens of
- operating systems. Don't walk on the edge.
+ operating systems. Don't walk on the edge!
<a name="Library"></a>
Library
@@ -174,7 +174,7 @@ Library
rather small and easy-to-follow. All the ones prefixed with `curl_easy` are
put in the lib/easy.c file.
- `curl_global_init_()` and `curl_global_cleanup()` should be called by the
+ `curl_global_init()` and `curl_global_cleanup()` should be called by the
application to initialize and clean up global stuff in the library. As of
today, it can handle the global SSL initing if SSL is enabled and it can init
the socket layer on windows machines. libcurl itself has no "global" scope.
@@ -184,14 +184,14 @@ Library
[ `curl_easy_init()`][2] allocates an internal struct and makes some
initializations. The returned handle does not reveal internals. This is the
- 'Curl_easy' struct which works as an "anchor" struct for all `curl_easy`
+ `Curl_easy` struct which works as an "anchor" struct for all `curl_easy`
functions. All connections performed will get connect-specific data allocated
that should be used for things related to particular connections/requests.
[`curl_easy_setopt()`][1] takes three arguments, where the option stuff must
be passed in pairs: the parameter-ID and the parameter-value. The list of
options is documented in the man page. This function mainly sets things in
- the 'Curl_easy' struct.
+ the `Curl_easy` struct.
`curl_easy_perform()` is just a wrapper function that makes use of the multi
API. It basically calls `curl_multi_init()`, `curl_multi_add_handle()`,
@@ -218,7 +218,7 @@ Curl_connect()
This function makes sure there's an allocated and initiated 'connectdata'
struct that is used for this particular connection only (although there may
be several requests performed on the same connect). A bunch of things are
- inited/inherited from the Curl_easy struct.
+ inited/inherited from the `Curl_easy` struct.
<a name="Curl_do"></a>
Curl_do()
@@ -250,8 +250,8 @@ Curl_readwrite()
Called during the transfer of the actual protocol payload.
- During transfer, the progress functions in lib/progress.c are called at a
- frequent interval (or at the user's choice, a specified callback might get
+ During transfer, the progress functions in lib/progress.c are called at
+ frequent intervals (or at the user's choice, a specified callback might get
called). The speedcheck functions in lib/speedcheck.c are also used to
verify that the transfer is as fast as required.
@@ -272,7 +272,7 @@ Curl_disconnect()
When doing normal connections and transfers, no one ever tries to close any
connections so this is not normally called when `curl_easy_perform()` is
used. This function is only used when we are certain that no more transfers
- is going to be made on the connection. It can be also closed by force, or
+ are going to be made on the connection. It can be also closed by force, or
it can be called to make sure that libcurl doesn't keep too many
connections alive at the same time.
@@ -290,7 +290,7 @@ HTTP(S)
base64-functions for user+password stuff (and more) is in (lib/base64.c) and
all functions for parsing and sending cookies are found in (lib/cookie.c).
- HTTPS uses in almost every means the same procedure as HTTP, with only two
+ HTTPS uses in almost every case the same procedure as HTTP, with only two
exceptions: the connect procedure is different and the function used to read
or write from the socket is different, although the latter fact is hidden in
the source by the use of `Curl_read()` for reading and `Curl_write()` for
@@ -301,8 +301,7 @@ HTTP(S)
An interesting detail with the HTTP(S) request, is the `Curl_add_buffer()`
series of functions we use. They append data to one single buffer, and when
- the building is done the entire request is sent off in one single write. This
- is done this way to overcome problems with flawed firewalls and lame servers.
+ the building is finished the entire request is sent off in one single write.
This is done this way to overcome problems with flawed firewalls and lame
servers.
<a name="ftp"></a>
FTP
@@ -385,23 +384,23 @@ Persistent Connections
The persistent connection support in libcurl requires some considerations on
how to do things inside of the library.
- - The 'Curl_easy' struct returned in the [`curl_easy_init()`][2] call
+ - The `Curl_easy` struct returned in the [`curl_easy_init()`][2] call
must never hold connection-oriented data. It is meant to hold the root data
as well as all the options etc that the library-user may choose.
- - The 'Curl_easy' struct holds the "connection cache" (an array of
+ - The `Curl_easy` struct holds the "connection cache" (an array of
pointers to 'connectdata' structs).
- This enables the 'curl handle' to be reused on subsequent transfers.
- When libcurl is told to perform a transfer, it first checks for an already
existing connection in the cache that we can use. Otherwise it creates a
- new one and adds that the cache. If the cache is full already when a new
- connection is added added, it will first close the oldest unused one.
+ new one and adds that to the cache. If the cache is full already when a new
+ connection is added, it will first close the oldest unused one.
- When the transfer operation is complete, the connection is left
open. Particular options may tell libcurl not to, and protocols may signal
- closure on connections and then they won't be kept open of course.
+ closure on connections and then they won't be kept open, of course.
- When `curl_easy_cleanup()` is called, we close all still opened connections,
unless of course the multi interface "owns" the connections.
@@ -414,7 +413,7 @@ multi interface/non-blocking
============================
The multi interface is a non-blocking interface to the library. To make that
- interface work as good as possible, no low-level functions within libcurl
+ interface work as well as possible, no low-level functions within libcurl
must be written to work in a blocking manner. (There are still a few spots
violating this rule.)
@@ -465,7 +464,7 @@ Return Codes and Informationals
description.
In aiding the user to understand what's happening and to debug curl usage, we
- must supply a fair amount of informational messages by using the
+ must supply a fair number of informational messages by using the
`Curl_infof()` function. Those messages are only displayed when the user
explicitly asks for them. They are best used when revealing information that
isn't otherwise obvious.
@@ -485,11 +484,11 @@ Client
main() resides in `src/tool_main.c`.
`src/tool_hugehelp.c` is automatically generated by the mkhelp.pl perl script
- to display the complete "manual" and the src/tool_urlglob.c file holds the
+ to display the complete "manual" and the `src/tool_urlglob.c` file holds the
functions used for the URL-"globbing" support. Globbing in the sense that the
{} and [] expansion stuff is there.
- The client mostly messes around to setup its 'config' struct properly, then
+ The client mostly sets up its 'config' struct properly, then
it calls the `curl_easy_*()` functions of the library and when it gets back
control after the `curl_easy_perform()` it cleans up the library, checks
status and exits.
@@ -542,13 +541,13 @@ Test Suite
The main test script is runtests.pl that will invoke test servers like
httpserver.pl and ftpserver.pl before all the test cases are performed. The
- test suite currently only runs on unix-like platforms.
+ test suite currently only runs on Unix-like platforms.
You'll find a description of the test suite in the tests/README file, and the
test case data files in the tests/FILEFORMAT file.
The test suite automatically detects if curl was built with the memory
- debugging enabled, and if it was it will detect memory leaks, too.
+ debugging enabled, and if it was, it will detect memory leaks, too.
<a name="asyncdns"></a>
Asynchronous name resolves
@@ -589,7 +588,7 @@ Asynchronous name resolves
`curl_off_t`
==========
- curl_off_t is a data type provided by the external libcurl include
+ `curl_off_t` is a data type provided by the external libcurl include
headers. It is the type meant to be used for the [`curl_easy_setopt()`][1]
options that end with LARGE. The type is 64bit large on most modern
platforms.
@@ -607,10 +606,10 @@ curlx
`curlx_strtoofft()`
-------------------
- A macro that converts a string containing a number to a curl_off_t number.
- This might use the curlx_strtoll() function which is provided as source
+ A macro that converts a string containing a number to a `curl_off_t` number.
+ This might use the `curlx_strtoll()` function which is provided as source
code in strtoofft.c. Note that the function is only provided if no
- strtoll() (or equivalent) function exist on your platform. If curl_off_t
+ strtoll() (or equivalent) function exist on your platform. If `curl_off_t`
is only a 32 bit number on your platform, this macro uses strtol().
`curlx_tvnow()`
@@ -624,17 +623,17 @@ curlx
`curlx_tvdiff_secs()`
---------------------
- returns the same as curlx_tvdiff but with full usec resolution (as a
+ returns the same as `curlx_tvdiff` but with full usec resolution (as a
double)
Future
------
- Several functions will be removed from the public curl_ name space in a
- future libcurl release. They will then only become available as curlx_
+ Several functions will be removed from the public `curl_` name space in a
+ future libcurl release. They will then only become available as `curlx_`
functions instead. To make the transition easier, we already today provide
- these functions with the curlx_ prefix to allow sources to get built properly
- with the new function names. The functions this concerns are:
+ these functions with the `curlx_` prefix to allow sources to be built
+ properly with the new function names. The concerned functions are:
- `curlx_getenv`
- `curlx_strequal`
@@ -659,7 +658,7 @@ Content Encoding
[HTTP/1.1][4] specifies that a client may request that a server encode its
response. This is usually used to compress a response using one of a set of
commonly available compression techniques. These schemes are 'deflate' (the
- zlib algorithm), 'gzip' and 'compress'. A client requests that the sever
+ zlib algorithm), 'gzip' and 'compress'. A client requests that the server
perform an encoding by including an Accept-Encoding header in the request
document. The value of the header should be one of the recognized tokens
'deflate', ... (there's a way to register new schemes/tokens, see sec 3.5 of
@@ -719,7 +718,7 @@ hostip.c explained
this host has getaddrinfo() and family, and thus we use that. The host may
not be able to resolve IPv6, but we don't really have to take that into
- account. Hosts that aren't IPv6-enabled have CURLRES_IPV4 defined.
+ account. Hosts that aren't IPv6-enabled have `CURLRES_IPV4` defined.
## `CURLRES_ARES`
@@ -750,7 +749,7 @@ hostip.c explained
- hostip6.c - IPv6 specific functions
The hostip.h is the single united header file for all this. It defines the
- `CURLRES_*` defines based on the config*.h and curl_setup.h defines.
+ `CURLRES_*` defines based on the config*.h and `curl_setup.h` defines.
<a name="memoryleak"></a>
Track Down Memory Leaks
@@ -767,7 +766,7 @@ Track Down Memory Leaks
Rebuild libcurl with -DCURLDEBUG (usually, rerunning configure with
--enable-debug fixes this). 'make clean' first, then 'make' so that all
- files actually are rebuilt properly. It will also make sense to build
+ files are actually rebuilt properly. It will also make sense to build
libcurl with the debug option (usually -g to the compiler) so that debugging
it will be easier if you actually do find a leak in the library.
@@ -828,16 +827,16 @@ Track Down Memory Leaks
We also added a timer callback that makes libcurl call the application when
the timeout value changes, and you set that with [`curl_multi_setopt()`][9]
and the [`CURLMOPT_TIMERFUNCTION`][10] option. To get this to work,
- Internally, there's an added a struct to each easy handle in which we store
+ Internally, there's an added struct to each easy handle in which we store
an "expire time" (if any). The structs are then "splay sorted" so that we
can add and remove times from the linked list and yet somewhat swiftly
- figure out both how long time there is until the next nearest timer expires
+ figure out both how long there is until the next nearest timer expires
and which timer (handle) we should take care of now. Of course, the upside
of all this is that we get a [`curl_multi_timeout()`][8] that should also
work with old-style applications that use [`curl_multi_perform()`][11].
We created an internal "socket to easy handles" hash table that given
- a socket (file descriptor) return the easy handle that waits for action on
+ a socket (file descriptor) returns the easy handle that waits for action on
that socket. This hash is made using the already existing hash code
(previously only used for the DNS cache).
@@ -858,7 +857,7 @@ for older and later versions as things don't change
drastically that often.
## Curl_easy
- The Curl_easy struct is the one returned to the outside in the external API
+ The `Curl_easy` struct is the one returned to the outside in the external API
as a "CURL *". This is usually known as an easy handle in API documentations
and examples.
@@ -866,27 +865,27 @@ for older and later versions as things don't change
drastically that often.
'connectdata' struct. When a transfer is about to be made, libcurl will
either create a new connection or re-use an existing one. The particular
connectdata that is used by this handle is pointed out by
- Curl_easy->easy_conn.
+ `Curl_easy->easy_conn`.
Data and information that regard this particular single transfer is put in
the SingleRequest sub-struct.
- When the Curl_easy struct is added to a multi handle, as it must be in order
- to do any transfer, the ->multi member will point to the `Curl_multi` struct
- it belongs to. The ->prev and ->next members will then be used by the multi
- code to keep a linked list of Curl_easy structs that are added to that same
- multi handle. libcurl always uses multi so ->multi *will* point to a
- `Curl_multi` when a transfer is in progress.
+ When the `Curl_easy` struct is added to a multi handle, as it must be in
+ order to do any transfer, the ->multi member will point to the `Curl_multi`
+ struct it belongs to. The ->prev and ->next members will then be used by the
+ multi code to keep a linked list of `Curl_easy` structs that are added to
+ that same multi handle. libcurl always uses multi so ->multi *will* point to
+ a `Curl_multi` when a transfer is in progress.
- ->mstate is the multi state of this particular Curl_easy. When
+ ->mstate is the multi state of this particular `Curl_easy`. When
`multi_runsingle()` is called, it will act on this handle according to which
state it is in. The mstate is also what tells which sockets to return for a
- specific Curl_easy when [`curl_multi_fdset()`][12] is called etc.
+ specific `Curl_easy` when [`curl_multi_fdset()`][12] is called etc.
The libcurl source code generally use the name 'data' for the variable that
- points to the Curl_easy.
+ points to the `Curl_easy`.
- When doing multiplexed HTTP/2 transfers, each Curl_easy is associated with
+ When doing multiplexed HTTP/2 transfers, each `Curl_easy` is associated with
an individual stream, sharing the same connectdata struct. Multiplexing
makes it even more important to keep things associated with the right thing!
@@ -901,21 +900,21 @@ for older and later versions as things don't change
drastically that often.
the connection can't be kept alive, the connection will be closed after use
and then this struct can be removed from the cache and freed.
- Thus, the same Curl_easy can be used multiple times and each time select
+ Thus, the same `Curl_easy` can be used multiple times and each time select
another connectdata struct to use for the connection. Keep this in mind, as
it is then important to consider if options or choices are based on the
- connection or the Curl_easy.
+ connection or the `Curl_easy`.
Functions in libcurl will assume that connectdata->data points to the
- Curl_easy that uses this connection (for the moment).
+ `Curl_easy` that uses this connection (for the moment).
As a special complexity, some protocols supported by libcurl require a
special disconnect procedure that is more than just shutting down the
socket. It can involve sending one or more commands to the server before
doing so. Since connections are kept in the connection cache after use, the
- original Curl_easy may no longer be around when the time comes to shut down
+ original `Curl_easy` may no longer be around when the time comes to shut down
a particular connection. For this purpose, libcurl holds a special dummy
- `closure_handle` Curl_easy in the `Curl_multi` struct to use when needed.
+ `closure_handle` `Curl_easy` in the `Curl_multi` struct to use when needed.
FTP uses two TCP connections for a typical transfer but it keeps both in
this single struct and thus can be considered a single connection for most
@@ -929,36 +928,37 @@ for older and later versions as things don't change
drastically that often.
Internally, the easy interface is implemented as a wrapper around multi
interface functions. This makes everything multi interface.
- `Curl_multi` is the multi handle struct exposed as "CURLM *" in external
APIs.
+ `Curl_multi` is the multi handle struct exposed as "CURLM *" in external
+ APIs.
- This struct holds a list of Curl_easy structs that have been added to this
+ This struct holds a list of `Curl_easy` structs that have been added to this
handle with [`curl_multi_add_handle()`][13]. The start of the list is
- ->easyp and ->num_easy is a counter of added Curl_easys.
+ `->easyp` and `->num_easy` is a counter of added `Curl_easy`s.
- ->msglist is a linked list of messages to send back when
+ `->msglist` is a linked list of messages to send back when
[`curl_multi_info_read()`][14] is called. Basically a node is added to that
- list when an individual Curl_easy's transfer has completed.
+ list when an individual `Curl_easy`'s transfer has completed.
- ->hostcache points to the name cache. It is a hash table for looking up name
- to IP. The nodes have a limited life time in there and this cache is meant
- to reduce the time for when the same name is wanted within a short period of
- time.
+ `->hostcache` points to the name cache. It is a hash table for looking up
+ name to IP. The nodes have a limited life time in there and this cache is
+ meant to reduce the time for when the same name is wanted within a short
+ period of time.
- ->timetree points to a tree of Curl_easys, sorted by the remaining time
- until it should be checked - normally some sort of timeout. Each Curl_easy
+ `->timetree` points to a tree of `Curl_easy`s, sorted by the remaining time
+ until it should be checked - normally some sort of timeout. Each `Curl_easy`
has one node in the tree.
- ->sockhash is a hash table to allow fast lookups of socket descriptor to
- which Curl_easy that uses that descriptor. This is necessary for the
+ `->sockhash` is a hash table to allow fast lookups of socket descriptor for
+ which `Curl_easy` uses that descriptor. This is necessary for the
`multi_socket` API.
- ->conn_cache points to the connection cache. It keeps track of all
+ `->conn_cache` points to the connection cache. It keeps track of all
connections that are kept after use. The cache has a maximum size.
- ->closure_handle is described in the 'connectdata' section.
+ `->closure_handle` is described in the 'connectdata' section.
The libcurl source code generally use the name 'multi' for the variable that
- points to the Curl_multi struct.
+ points to the `Curl_multi` struct.
## Curl_handler
@@ -971,41 +971,40 @@ for older and later versions as things don't change
drastically that often.
from a single array which is scanned through when a URL is given to libcurl
to work with.
- ->scheme is the URL scheme name, usually spelled out in uppercase. That's
- "HTTP" or "FTP" etc. SSL versions of the protcol need its own `Curl_handler`
- setup so HTTPS separate from HTTP.
+ `->scheme` is the URL scheme name, usually spelled out in uppercase. That's
+ "HTTP" or "FTP" etc. SSL versions of the protocol need their own
`Curl_handler` setup so HTTPS separate from HTTP.
- ->setup_connection is called to allow the protocol code to allocate protocol
- specific data that then gets associated with that Curl_easy for the rest of
- this transfer. It gets freed again at the end of the transfer. It will be
- called before the 'connectdata' for the transfer has been selected/created.
- Most protocols will allocate its private 'struct [PROTOCOL]' here and assign
- Curl_easy->req.protop to point to it.
+ `->setup_connection` is called to allow the protocol code to allocate
+ protocol specific data that then gets associated with that `Curl_easy` for
+ the rest of this transfer. It gets freed again at the end of the transfer.
+ It will be called before the 'connectdata' for the transfer has been
+ selected/created. Most protocols will allocate its private
+ 'struct [PROTOCOL]' here and assign `Curl_easy->req.protop` to point to it.
- ->connect_it allows a protocol to do some specific actions after the TCP
+ `->connect_it` allows a protocol to do some specific actions after the TCP
connect is done, that can still be considered part of the connection phase.
- Some protocols will alter the connectdata->recv[] and connectdata->send[]
- function pointers in this function.
+ Some protocols will alter the `connectdata->recv[]` and
+ `connectdata->send[]` function pointers in this function.
- ->connecting is similarly a function that keeps getting called as long as the
- protocol considers itself still in the connecting phase.
+ `->connecting` is similarly a function that keeps getting called as long as
+ the protocol considers itself still in the connecting phase.
- ->do_it is the function called to issue the transfer request. What we call
+ `->do_it` is the function called to issue the transfer request. What we call
the DO action internally. If the DO is not enough and things need to be kept
- getting done for the entire DO sequence to complete, ->doing is then usually
- also provided. Each protocol that needs to do multiple commands or similar
- for do/doing need to implement their own state machines (see SCP, SFTP,
- FTP). Some protocols (only FTP and only due to historical reasons) has a
- separate piece of the DO state called `DO_MORE`.
+ getting done for the entire DO sequence to complete, `->doing` is then
+ usually also provided. Each protocol that needs to do multiple commands or
+ similar for do/doing need to implement their own state machines (see SCP,
+ SFTP, FTP). Some protocols (only FTP and only due to historical reasons) has
+ a separate piece of the DO state called `DO_MORE`.
- ->doing keeps getting called while issuing the transfer request command(s)
+ `->doing` keeps getting called while issuing the transfer request command(s)
- ->done gets called when the transfer is complete and DONE. That's after the
+ `->done` gets called when the transfer is complete and DONE. That's after the
main data has been transferred.
- ->do_more gets called during the `DO_MORE` state. The FTP protocol uses this
- state when setting up the second connection.
+ `->do_more` gets called during the `DO_MORE` state. The FTP protocol uses
+ this state when setting up the second connection.
->`proto_getsock`
->`doing_getsock`
@@ -1034,11 +1033,11 @@ for older and later versions as things don't change
drastically that often.
- `PROTOPT_CLOSEACTION` - this protocol has actions to do before closing the
connection. This flag is no longer used by code, yet still set for a bunch
- protocol handlers.
+ of protocol handlers.
- `PROTOPT_DIRLOCK` - "direction lock". The SSH protocols set this bit to
limit which "direction" of socket actions that the main engine will
- concern itself about.
+ concern itself with.
- `PROTOPT_NONETWORK` - a protocol that doesn't use network (read file:)
@@ -1050,21 +1049,21 @@ for older and later versions as things don't change
drastically that often.
## conncache
- Is a hash table with connections for later re-use. Each Curl_easy has a
+ Is a hash table with connections for later re-use. Each `Curl_easy` has a
pointer to its connection cache. Each multi handle sets up a connection
- cache that all added Curl_easys share by default.
+ cache that all added `Curl_easy`s share by default.
## Curl_share
The libcurl share API allocates a `Curl_share` struct, exposed to the
external API as "CURLSH *".
- The idea is that the struct can have a set of own versions of caches and
+ The idea is that the struct can have a set of its own versions of caches and
pools and then by providing this struct in the `CURLOPT_SHARE` option, those
- specific Curl_easys will use the caches/pools that this share handle
+ specific `Curl_easy`s will use the caches/pools that this share handle
holds.
- Then individual Curl_easy structs can be made to share specific things
+ Then individual `Curl_easy` structs can be made to share specific things
that they otherwise wouldn't, such as cookies.
The `Curl_share` struct can currently hold cookies, DNS cache and the SSL
@@ -1073,14 +1072,14 @@ for older and later versions as things don't change
drastically that often.
## CookieInfo
This is the main cookie struct. It holds all known cookies and related
- information. Each Curl_easy has its own private CookieInfo even when
+ information. Each `Curl_easy` has its own private CookieInfo even when
they are added to a multi handle. They can be made to share cookies by using
the share API.
[1]: https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
[2]: https://curl.haxx.se/libcurl/c/curl_easy_init.html
-[3]: http://c-ares.haxx.se/
+[3]: https://c-ares.haxx.se/
[4]: https://tools.ietf.org/html/rfc7230 "RFC 7230"
[5]: https://curl.haxx.se/libcurl/c/CURLOPT_ACCEPT_ENCODING.html
[6]: https://curl.haxx.se/docs/manpage.html#--compressed
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
index 5230ecbbc..17731945a 100644
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -18,18 +18,16 @@ problems may have been fixed or changed somewhat since this
was written!
1.4 multipart formposts file name encoding
1.5 Expect-100 meets 417
1.6 Unnecessary close when 401 received waiting for 100
- 1.7 CONNECT response larger than 16KB
1.8 DNS timing is wrong for HTTP redirects
1.9 HTTP/2 frames while in the connection pool kill reuse
1.10 Strips trailing dot from host name
- 1.11 transfer-encoding: chunked in HTTP/2
- 1.12 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM
+ 1.11 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM
2. TLS
- 2.1 Hangs with PolarSSL
- 2.2 CURLINFO_SSL_VERIFYRESULT has limited support
- 2.3 DER in keychain
- 2.4 GnuTLS backend skips really long certificate fields
+ 2.1 CURLINFO_SSL_VERIFYRESULT has limited support
+ 2.2 DER in keychain
+ 2.3 GnuTLS backend skips really long certificate fields
+ 2.4 DarwinSSL won't import PKCS#12 client certificates without a password
3. Email protocols
3.1 IMAP SEARCH ALL truncated response
@@ -45,11 +43,12 @@ problems may have been fixed or changed somewhat since this
was written!
5. Build and portability issues
5.1 Windows Borland compiler
5.2 curl-config --libs contains private details
- 5.3 libidn and old iconv
5.4 AIX shared build with c-ares fails
5.5 can't handle Unicode arguments in Windows
5.6 cmake support gaps
5.7 Visual Studio project gaps
+ 5.8 configure finding libs in wrong directory
+ 5.9 Utilize Requires.private directives in libcurl.pc
6. Authentication
6.1 NTLM authentication and unicode
@@ -83,11 +82,12 @@ problems may have been fixed or changed somewhat since this
was written!
11. Internals
11.1 Curl leaks .onion hostnames in DNS
11.2 error buffer not set if connection to multiple addresses fails
+ 11.3 c-ares deviates from stock resolver on http://1346569778
12. LDAP and OpenLDAP
12.1 OpenLDAP hangs after returning results
- 13 TCP/IP
+ 13. TCP/IP
13.1 --interface for ipv6 binds to unusable IP address
@@ -140,13 +140,6 @@ problems may have been fixed or changed somewhat since
this was written!
waiting for the the 100-continue response.
https://curl.haxx.se/mail/lib-2008-08/0462.html
-1.7 CONNECT response larger than 16KB
-
- If a CONNECT response-headers are larger than BUFSIZE (16KB) when the
- connection is meant to be kept alive (like for NTLM proxy auth), the function
- will return prematurely and will confuse the rest of the HTTP protocol
- code. This should be very rare.
-
1.8 DNS timing is wrong for HTTP redirects
When extracting timing information after HTTP redirects, only the last
@@ -165,7 +158,7 @@ problems may have been fixed or changed somewhat since this
was written!
1.10 Strips trailing dot from host name
- When given a URL wit a trailing dot for the host name part:
+ When given a URL with a trailing dot for the host name part:
"https://example.com./";, libcurl will strip off the dot and use the name
without a dot internally and send it dot-less in HTTP Host: headers and in
the TLS SNI field.
@@ -190,7 +183,7 @@ problems may have been fixed or changed somewhat since this
was written!
It can also be noted that while adding a trailing dot to the host name in
most (all?) cases will make the name resolve to the same set of IP addresses,
many HTTP servers will not happily accept the trailing dot there unless that
- has been specificly configured to be a fine virtual host.
+ has been specifically configured to be a fine virtual host.
If URLs with trailing dots for host names become more popular or even just
used more than for just plain fun experiments, I'm sure we will have reason
@@ -198,15 +191,7 @@ problems may have been fixed or changed somewhat since
this was written!
See https://github.com/curl/curl/issues/716 for the discussion.
-1.11 transfer-encoding: chunked in HTTP/2
-
- For HTTP/1, when -H transfer-encoding:chunked option is given, curl encodes
- the request using chunked encoding. But when HTTP/2 is being used, the
- command wrongly sends a request with both content-length and
- transfer-encoding: chunked headers being set (and the request body is not
- chunked-encoded). See https://github.com/curl/curl/issues/662
-
-1.12 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM
+1.11 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM
I'm using libcurl to POST form data using a FILE* with the CURLFORM_STREAM
option of curl_formadd(). I've noticed that if the connection drops at just
@@ -220,31 +205,28 @@ problems may have been fixed or changed somewhat since
this was written!
2. TLS
-2.1 Hangs with PolarSSL
-
- "curl_easy_perform hangs with imap and PolarSSL"
- https://github.com/curl/curl/issues/334
-
- Most likely, a fix similar to commit c111178bd4 (for mbedTLS) is
- necessary. Or if we just wait a little longer we'll rip out all support for
- PolarSSL instead...
-
-2.2 CURLINFO_SSL_VERIFYRESULT has limited support
+2.1 CURLINFO_SSL_VERIFYRESULT has limited support
CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS
backends, so relying on this information in a generic app is flaky.
-2.3 DER in keychain
+2.2 DER in keychain
Curl doesn't recognize certificates in DER format in keychain, but it works
with PEM. https://curl.haxx.se/bug/view.cgi?id=1065
-2.4 GnuTLS backend skips really long certificate fields
+2.3 GnuTLS backend skips really long certificate fields
libcurl calls gnutls_x509_crt_get_dn() with a fixed buffer size and if the
field is too long in the cert, it'll just return an error and the field will
be displayed blank.
+2.4 DarwinSSL won't import PKCS#12 client certificates without a password
+
+ libcurl calls SecPKCS12Import with the PKCS#12 client certificate, but that
+ function rejects certificates that do not have a password.
+ https://github.com/curl/curl/issues/1308
+
3. Email protocols
@@ -319,14 +301,6 @@ problems may have been fixed or changed somewhat since
this was written!
run that might be needed only for building libcurl. Further, curl-config
--cflags suffers from the same effects with CFLAGS/CPPFLAGS.
-5.3 libidn and old iconv
-
- Test case 165 might fail on a system which has libidn present, but with an
- old iconv version (2.1.3 is a known bad version), since it doesn't recognize
- the charset when named ISO8859-1. Changing the name to ISO-8859-1 makes the
- test pass, but instead makes it fail on Solaris hosts that use its native
- iconv.
-
5.4 AIX shared build with c-ares fails
curl version 7.12.2 fails on AIX if compiled with --enable-ares. The
@@ -368,6 +342,27 @@ problems may have been fixed or changed somewhat since
this was written!
- support for other development IDEs
- add PATH environment variables for third-party DLLs
+5.8 configure finding libs in wrong directory
+
+ When the configure script checks for third-party libraries, it adds those
+ directories to the LDFLAGS variable and then tries linking to see if it
+ works. When successful, the found directory is kept in the LDFLAGS variable
+ when the script continues to execute and do more tests and possibly check for
+ more libraries.
+
+ This can make subsequent checks for libraries wrongly detect another
+ installation in a directory that was previously added to LDFLAGS by another
+ library check!
+
+ A possibly better way to do these checks would be to keep the pristine LDFLAGS
+ even after successful checks and instead add those verified paths to a
+ separate variable that only after all library checks have been performed gets
+ appended to LDFLAGS.
+
+5.9 Utilize Requires.private directives in libcurl.pc
+
+ https://github.com/curl/curl/issues/864
+
6. Authentication
6.1 NTLM authentication and unicode
@@ -385,7 +380,7 @@ problems may have been fixed or changed somewhat since this
was written!
libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's
library header files exporting symbols/macros that should be kept private to
- the KfW library. See ticket #5601 at http://krbdev.mit.edu/rt/
+ the KfW library. See ticket #5601 at https://krbdev.mit.edu/rt/
6.3 NTLM in system context uses wrong name
@@ -552,6 +547,18 @@ problems may have been fixed or changed somewhat since
this was written!
CURLE_COULDNT_CONNECT. But the error buffer set by CURLOPT_ERRORBUFFER
remains empty. Issue: https://github.com/curl/curl/issues/544
+11.3 c-ares deviates from stock resolver on http://1346569778
+
+ When using the socket resolvers, that URL becomes:
+
+ * Rebuilt URL to: http://1346569778/
+ * Trying 80.67.6.50...
+
+ but with c-ares it instead says "Could not resolve: 1346569778 (Domain name
+ not found)"
+
+ See https://github.com/curl/curl/issues/893
+
12. LDAP and OpenLDAP
@@ -575,7 +582,7 @@ problems may have been fixed or changed somewhat since this
was written!
https://curl.haxx.se/mail/lib-2016-01/0101.html
-13 TCP/IP
+13. TCP/IP
13.1 --interface for ipv6 binds to unusable IP address
diff --git a/docs/LICENSE-MIXING.md b/docs/LICENSE-MIXING.md
index 0bff73e6d..5376bdb70 100644
--- a/docs/LICENSE-MIXING.md
+++ b/docs/LICENSE-MIXING.md
@@ -45,7 +45,7 @@ not have the announcement clause that collides with GPL.
## WolfSSL
- (May be used for SSL/TLS support) Uses the GPL license or a propietary
+ (May be used for SSL/TLS support) Uses the GPL license or a proprietary
license. If this is a problem for you, consider using another TLS library.
## NSS
@@ -63,8 +63,11 @@ not have the announcement clause that collides with GPL.
## mbedTLS
- (May be used for SSL/TLS support) Uses the GPL license or a propietary
- license. If this is a problem for you, consider using another TLS library.
+ (May be used for SSL/TLS support) Uses the [Apache 2.0
+ license](https://opensource.org/licenses/Apache-2.0) or the GPL license.
+ You may choose to license the code under Apache 2.0 terms or GPL terms.
+ These licenses grant you different permissions and impose different
+ obligations. You should select the license that best meets your needs.
## BoringSSL
diff --git a/docs/MAIL-ETIQUETTE b/docs/MAIL-ETIQUETTE
index 75058009e..897fc9f52 100644
--- a/docs/MAIL-ETIQUETTE
+++ b/docs/MAIL-ETIQUETTE
@@ -38,17 +38,17 @@ MAIL ETIQUETTE
Each mailing list is targeted to a specific set of users and subjects,
please use the one or the ones that suit you the most.
- Each mailing list have hundreds up to thousands of readers, meaning that
- each mail sent will be received and read by a very large amount of people.
+ Each mailing list has hundreds up to thousands of readers, meaning that
+ each mail sent will be received and read by a very large number of people.
People from various cultures, regions, religions and continents.
1.2 Netiquette
- Netiquette is a common name for how to behave on the internet. Of course, in
+ Netiquette is a common term for how to behave on the internet. Of course, in
each particular group and subculture there will be differences in what is
acceptable and what is considered good manners.
- This document outlines what we in the cURL project considers to be good
+ This document outlines what we in the curl project consider to be good
etiquette, and primarily this focus on how to behave on and how to use our
mailing lists.
@@ -56,7 +56,7 @@ MAIL ETIQUETTE
Many people send one question to one person. One person gets many mails, and
there is only one person who can give you a reply. The question may be
- something that other people are also wanting to ask. These other people have
+ something that other people would also like to ask. These other people have
no way to read the reply, but to ask the one person the question. The one
person consequently gets overloaded with mail.
@@ -79,8 +79,8 @@ MAIL ETIQUETTE
1.5 Moderation of new posters
Several of the curl mailing lists automatically make all posts from new
- subscribers require moderation. This means that after you've subscribed and
- send your first mail to a list, that mail will not be let through to the
+ subscribers be moderated. This means that after you've subscribed and
+ sent your first mail to a list, that mail will not be let through to the
list until a mailing list administrator has verified that it is OK and
permits it to get posted.
@@ -104,26 +104,26 @@ MAIL ETIQUETTE
messages"
No matter what, we NEVER EVER respond to trolls or spammers on the list. If
- you believe the list admin should do something particular, contact him/her
- off-list. The subject will be taken care of as good as possible to prevent
- repeated offenses, but responding on the list to such messages never lead to
+ you believe the list admin should do something in particular, contact him/her
+ off-list. The subject will be taken care of as much as possible to prevent
+ repeated offenses, but responding on the list to such messages never leads to
anything good and only puts the light even more on the offender: which was
- the entire purpose of it getting to the list in the first place.
+ the entire purpose of it getting sent to the list in the first place.
Don't feed the trolls!
1.7 How to unsubscribe
- You unsubscribe the same way you subscribed in the first place. You go to
- the page for the particular mailing list you're subscribed to and you enter
+ You can unsubscribe the same way you subscribed in the first place. You go
+ to the page for the particular mailing list you're subscribed to and you
enter
your email address and password and press the unsubscribe button.
- Also, this information is included in the headers of every mail that is sent
- out to all curl related mailing lists and there's footer in each mail that
- links to the "admin" page on which you can unsubscribe and change other
- options.
+ Also, the instructions to unsubscribe are included in the headers of every
+ mail that is sent out to all curl related mailing lists and there's a footer
+ in each mail that links to the "admin" page on which you can unsubscribe and
+ change other options.
- You NEVER EVER email the mailing list requesting someone else to get you off
+ You NEVER EVER email the mailing list requesting someone else to take you off
the list.
1.8 I posted, now what?
@@ -132,35 +132,35 @@ MAIL ETIQUETTE
send the email, your post will just be silently discarded.
If you posted for the first time to the mailing list, you first need to wait
- for an administrator to allow your email to go through. This normally
+ for an administrator to allow your email to go through (moderated). This
normally
happens very quickly but in case we're asleep, you may have to wait a few
hours.
Once your email goes through it is sent out to several hundred or even
- thousand recipients. Your email may cover an area that not that many people
+ thousands of recipients. Your email may cover an area that not that many
people
know about or are interested in. Or possibly the person who knows about it
- is on vacation or under a very heavy work load right now. You have to wait
- for a response and you must not expect to get a response at all, but
+ is on vacation or under a very heavy work load right now. You may have to
wait
+ for a response and you should not expect to get a response at all, but
hopefully you get an answer within a couple of days.
You do yourself and all of us a service when you include as many details as
possible already in your first email. Mention your operating system and
environment. Tell us which curl version you're using and tell us what you
did, what happened and what you expected would happen. Preferably, show us
- what you did in details enough to allow others to help point out the problem
- or repeat the same steps in their places.
+ what you did with details enough to allow others to help point out the
problem
+ or repeat the same steps in their locations.
Failing to include details will only delay responses and make people respond
- and ask for the details and you have to send a follow-up email that includes
- them.
+ and ask for more details and you will have to send a follow-up email that
+ includes them.
- Expect the responses to primarily help YOU debug the issue, or ask you
+ Expect the responses to primarily help YOU debug the issue, or ask YOU
questions that can lead you or others towards a solution or explanation to
whatever you experience.
If you are a repeat offender to the guidelines outlined in this document,
chances are that people will ignore you at will and your chances to get
- responses will greatly diminish.
+ responses in the future will greatly diminish.
2. Sending mail
@@ -183,7 +183,7 @@ MAIL ETIQUETTE
We're actively discouraging replying back to the single person by setting
the Reply-To: field in outgoing mails back to the mailing list address,
- making it harder for people to mail the author only by mistake.
+ making it harder for people to mail the author directly, if only by mistake.
2.3 Use a Sensible Subject
@@ -198,10 +198,9 @@ MAIL ETIQUETTE
mail conversation below. It forces users to read the mail in a backwards
order to properly understand it.
- This is why top posting is so bad:
+ This is why top posting is so bad (in top posting order):
- A: Because it messes up the order in which people normally read
- text.
+ A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?
@@ -255,7 +254,7 @@ MAIL ETIQUETTE
If you are the one who asks, please consider responding once more in case
one of the hints was what solved your problems. The guys who write answers
feel good to know that they provided a good answer and that you fixed the
- problem. Far too often, the person who asked the question is never heard of
+ problem. Far too often, the person who asked the question is never heard from
again, and we never get to know if he/she is gone because the problem was
solved or perhaps because the problem was unsolvable!
diff --git a/docs/MANUAL b/docs/MANUAL
index 0ea3e61f4..0e3db0ffb 100644
--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -815,6 +815,10 @@ LDAP
If you have installed the OpenLDAP library, curl can take advantage of it
and offer ldap:// support.
+ On Windows, curl will use WinLDAP from Platform SDK by default.
+
+ Default protocol version used by curl is LDAPv3. LDAPv2 will be used as
+ fallback mechanism in case if LDAPv3 will fail to connect.
LDAP is a complex thing and writing an LDAP query is not an easy task. I do
advise you to dig up the syntax description for that elsewhere. One such
@@ -830,6 +834,20 @@ LDAP
If I want the same info in HTML format, I can get it by not using the -B
(enforce ASCII) flag.
+ You also can use authentication when accessing LDAP catalog:
+
+ curl -u user:passwd "ldap://ldap.frontec.se/o=frontec??sub?mail=*";
+ curl "ldap://user:address@hidden/o=frontec??sub?mail=*";
+
+ By default, if user and password provided, OpenLDAP/WinLDAP will use basic
+ authentication. On Windows you can control this behavior by providing
+ one of --basic, --ntlm or --digest option in curl command line
+
+ curl --ntlm "ldap://user:address@hidden/o=frontec??sub?mail=*";
+
+ On Windows, if no user/password specified, auto-negotiation mechanism will
+ be used with current logon credentials (SSPI/SPNEGO).
+
ENVIRONMENT VARIABLES
Curl reads and understands the following environment variables:
@@ -848,8 +866,11 @@ ENVIRONMENT VARIABLES
If the host name matches one of these strings, or the host is within the
domain of one of these strings, transactions with that node will not be
- proxied.
-
+ proxied. When a domain is used, it needs to start with a period. A user can
+ specify that both www.example.com and foo.example.com should not uses a
+ proxy by setting NO_PROXY to ".example.com". By including the full name you
+ can exclude specific host names, so to make www.example.com not use a proxy
+ but still have foo.example.com do it, set NO_PROXY to "www.example.com"
The usage of the -x/--proxy flag overrides the environment variables.
diff --git a/docs/Makefile.am b/docs/Makefile.am
index 516dd02e4..0cc9b5acf 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -22,33 +22,54 @@
AUTOMAKE_OPTIONS = foreign no-dependencies
-man_MANS = gnurl.1 gnurl-config.1
-noinst_man_MANS = mk-ca-bundle.1
+# EXTRA_DIST breaks with $(abs_builddir) so build it using this variable
+# but distribute it (using the relative file name) in the next variable
+man_MANS = $(abs_builddir)/gnurl.1
+noinst_man_MANS = gnurl.1 mk-ca-bundle.1
+dist_man_MANS = gnurl-config.1
GENHTMLPAGES = gnurl.html gnurl-config.html mk-ca-bundle.html
PDFPAGES = gnurl.pdf gnurl-config.pdf mk-ca-bundle.pdf
+MANDISTPAGES = gnurl.1.dist gnurl-config.1.dist
HTMLPAGES = $(GENHTMLPAGES) index.html
-SUBDIRS = examples libcurl
+# Build targets in this file (.) before cmdline-opts to ensure that
+# the curl.1 rule below runs first
+SUBDIRS = . cmdline-opts
+DIST_SUBDIRS = $(SUBDIRS) examples libcurl
-CLEANFILES = $(GENHTMLPAGES) $(PDFPAGES)
+CLEANFILES = $(GENHTMLPAGES) $(PDFPAGES) $(MANDISTPAGES) curl.1
-EXTRA_DIST = MANUAL BUGS CONTRIBUTE.md FAQ FEATURES INTERNALS.md SSLCERTS.md \
- README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \
- KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY.md INSTALL \
- $(PDFPAGES) LICENSE-MIXING.md README.netware INSTALL.devcpp \
- MAIL-ETIQUETTE HTTP-COOKIES.md SECURITY.md RELEASE-PROCEDURE SSL-PROBLEMS.md \
- HTTP2.md ROADMAP.md CODE_OF_CONDUCT.md CODE_STYLE.md CHECKSRC.md
+EXTRA_DIST = MANUAL BUGS CONTRIBUTE.md FAQ FEATURES INTERNALS.md SSLCERTS.md
\
+ README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS KNOWN_BUGS
\
+ BINDINGS.md HISTORY.md INSTALL INSTALL.md LICENSE-MIXING.md \
+ README.netware MAIL-ETIQUETTE HTTP-COOKIES.md SECURITY.md RELEASE-PROCEDURE
\
+ SSL-PROBLEMS.md HTTP2.md ROADMAP.md CODE_OF_CONDUCT.md CODE_STYLE.md
\
+ CHECKSRC.md CMakeLists.txt README.md CIPHERS.md INSTALL.cmake README.cmake
\
+ $(noinst_man_MANS)
MAN2HTML= roffit $< >$@
SUFFIXES = .1 .html .pdf
+# $(abs_builddir) is to disable VPATH when searching for this file, which
+# would otherwise find the copy in $(srcdir) which breaks the $(HUGE)
+# rule in src/Makefile.am in out-of-tree builds that references the file in the
+# build directory.
+#
+# First, seed the used copy of curl.1 with the prebuilt copy (in an out-of-tree
+# build), then run make recursively to rebuild it only if its dependencies
+# have changed.
+$(abs_builddir)/curl.1:
+ if test "$(top_builddir)x" != "$(top_srcdir)x" -a -e
"$(srcdir)/curl.1"; then \
+ cp -fp "$(srcdir)/curl.1" $@; fi
+ cd cmdline-opts && $(MAKE)
+
html: $(HTMLPAGES)
- cd libcurl && make html
+ cd libcurl && $(MAKE) html
pdf: $(PDFPAGES)
- cd libcurl && make pdf
+ cd libcurl && $(MAKE) pdf
.1.html:
$(MAN2HTML)
diff --git a/docs/README.md b/docs/README.md
index eaf85ae2f..56691fc4e 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -3,10 +3,10 @@
# Documentation
You'll find a mix of various documentation in this directory and
-subdirectories, using several different formats. Some of them are not ideally
+subdirectories, using several different formats. Some of them are not ideal
for reading directly in your browser.
-If you rather see the rendered version of the documentation, check out the
+If you'd rather see the rendered version of the documentation, check out the
curl web site's [documentation section](https://curl.haxx.se/docs/) for
general curl stuff or the [libcurl section](https://curl.haxx.se/libcurl/) for
libcurl related documentation.
diff --git a/docs/README.netware b/docs/README.netware
index 12065f305..9028963f6 100644
--- a/docs/README.netware
+++ b/docs/README.netware
@@ -11,17 +11,16 @@ README.netware
Curl has been successfully compiled with gcc / nlmconv on different flavours
of Linux as well as with the official Metrowerks CodeWarrior compiler.
While not being the main development target, a continuously growing share of
- curl users are NetWare-based, specially also consuming the lib from PHP.
+ curl users are NetWare-based, especially also consuming the lib from PHP.
- The unix-style man pages are tricky to read on windows, so therefore are all
- those pages converted to HTML as well as pdf, and included in the release
- archives.
+ The unix-style man pages are tricky to read on windows, so therefore all
+ those pages are also provided as web pages on the curl web site.
The main curl.1 man page is also "built-in" in the command line tool. Use a
command line similar to this in order to extract a separate text file:
curl -M >manual.txt
- Read the INSTALL file for instructions how to compile curl self.
+ Read the INSTALL file for instructions on how to compile curl self.
diff --git a/docs/README.win32 b/docs/README.win32
index cfd45dd25..00ca197fe 100644
--- a/docs/README.win32
+++ b/docs/README.win32
@@ -12,15 +12,14 @@ README.win32
systems. While not being the main develop target, a fair share of curl users
are win32-based.
- The unix-style man pages are tricky to read on windows, so therefore are all
- those pages converted to HTML as well as pdf, and included in the release
- archives.
+ The unix-style man pages are tricky to read on windows, so therefore all
+ those pages are also provided as web pages on the curl web site.
The main curl.1 man page is also "built-in" in the command line tool. Use a
command line similar to this in order to extract a separate text file:
curl -M >manual.txt
- Read the INSTALL file for instructions how to compile curl self.
+ Read the INSTALL file for instructions on how to compile curl self.
diff --git a/docs/RELEASE-PROCEDURE b/docs/RELEASE-PROCEDURE
index 1b574526e..5137f55d5 100644
--- a/docs/RELEASE-PROCEDURE
+++ b/docs/RELEASE-PROCEDURE
@@ -83,10 +83,10 @@ Coming dates
Based on the description above, here are some planned release dates (at the
time of this writing):
-- September 7, 2016 (version 7.50.2)
-- November 2, 2016
-- December 28, 2016
-- February 22, 2017
-- April 19, 2017
-- June 14, 2017
+- June 14, 2017 (version 7.54.1)
- August 9, 2017
+- October 4, 2017
+- November 29, 2017
+- January 24, 2018
+- March 21, 2018
+- May 16, 2018
diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md
index 367130d33..1007ccb02 100644
--- a/docs/ROADMAP.md
+++ b/docs/ROADMAP.md
@@ -5,15 +5,6 @@ Roadmap of things Daniel Stenberg and Steve Holme want to work
on next. It is
intended to serve as a guideline for others for information, feedback and
possible participation.
-HTTP/2
-------
-
-Improve performance. Measurements and tests have shown that in several cases
-doing transfers over HTTP/2 can be notably slower than the same transfer done
-over HTTP/1. Some of that difference can be attributed the inefficient window
-size handling currently in use but there are probably more to be learned and
-worked on to optimize this.
-
QUIC
----
@@ -25,15 +16,6 @@ handle the binary/framing layer in a similar fashion to how
HTTP/2 is
implemented. This, to allow other projects to benefit from the work and to
thus broaden the interest and chance of others to participate.
-TLS 1.3
--------
-
-The new version of the TLS protocol is in the pipeline and will soon start to
-get used out in the wild. It offers some new interesting features and will
-need the TLS libraries to adapt and quite likely provide additional or
-modified APIs. libcurl needs to adapt accordingly.
-
-
HTTP cookies
------------
@@ -52,19 +34,17 @@ SRV records
How to find services for specific domains/hosts.
-HTTPS to proxy
---------------
-
-To avoid network traffic to/from the proxy getting snooped on. There's a git
-branch in the public git repository for this that we need to make sure works
-for all TLS backends and then merge!
-
curl_formadd()
--------------
make sure there's an easy handle passed in to `curl_formadd()`,
`curl_formget()` and `curl_formfree()` by adding replacement functions and
-deprecating the old ones to allow custom mallocs and more
+deprecating the old ones to allow custom mallocs and more.
+
+Or perhaps even better: revamp the formpost API completely while we're at it
+and making something that is easier to use and understand:
+
+ https://github.com/curl/curl/wiki/formpost-API-redesigned
Third-party SASL
----------------
@@ -120,18 +100,14 @@ Improve
2. curl -h output (considered overwhelming to users)
-3. we have > 170 command line options, is there a way to redo things to
+3. we have > 200 command line options, is there a way to redo things to
simplify or improve the situation as we are likely to keep adding
features/options in the future too
-4. docs (considered "bad" by users but how do we make it better?)
-
- - split up curl.1
-
-5. authentication framework (consider merging HTTP and SASL authentication to
+4. authentication framework (consider merging HTTP and SASL authentication to
give one API for protocols to call)
-6. Perform some of the clean up from the TODO document, removing old
+5. Perform some of the clean up from the TODO document, removing old
definitions and such like that are currently earmarked to be removed years
ago
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
index 3c07e0bbe..c88cc9c81 100644
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -1,9 +1,3 @@
- _ _ ____ _
- ___| | | | _ \| |
- / __| | | | |_) | |
- | (__| |_| | _ <| |___
- \___|\___/|_| \_\_____|
-
curl security for developers
============================
@@ -81,9 +75,11 @@ announcement.
to the 'distros' mailing list to allow them to use the fix prior to the
public announcement.
-- At the day of the next release, the private branch is merged into the master
- branch and pushed. Once pushed, the information is accessible to the public
- and the actual release should follow suit immediately afterwards.
+- No more than 48 hours before the release, the private branch is merged into
+ the master branch and pushed. Once pushed, the information is accessible to
+ the public and the actual release should follow suit immediately afterwards.
+ The time between the push and the release is used for final tests and
+ reviews.
- The project team creates a release that includes the fix.
@@ -94,9 +90,19 @@ announcement.
- The security web page on the web site should get the new vulnerability
mentioned.
+Pre-notification
+----------------
+
+If you think you are or should be eligible for a pre-notification about
+upcoming security announcements for curl, we urge OS distros and similar
+vendors to primarily join the address@hidden list as that is one of the
+purposes of that list - and not just for curl of course.
+If you are not a distro or otherwise not suitable for address@hidden and yet
+want pre-notifications from us, contact the curl security team with a detailed
+and clear explanation why this is the case.
-CURL-SECURITY (at haxx dot se)
+curl-security (at haxx dot se)
------------------------------
Who is on this list? There are a couple of criteria you must meet, and then we
@@ -106,5 +112,5 @@ curl project and you have shown an understanding for the
project and its way
of working. You must've been around for a good while and you should have no
plans in vanishing in the near future.
-We do not make the list of partipants public mostly because it tends to vary
+We do not make the list of participants public mostly because it tends to vary
somewhat over time and a list somewhere will only risk getting outdated.
diff --git a/docs/SSLCERTS.md b/docs/SSLCERTS.md
index 7755609c4..3fcd345b0 100644
--- a/docs/SSLCERTS.md
+++ b/docs/SSLCERTS.md
@@ -161,3 +161,13 @@ disabled. Secure Transport on iOS will run OCSP checks on
certificates unless
peer verification is disabled. Secure Transport on OS X will run either OCSP
or CRL checks on certificates if those features are enabled, and this behavior
can be adjusted in the preferences of Keychain Access.
+
+HTTPS proxy
+-----------
+
+Since version 7.52.0, curl can do HTTPS to the proxy separately from the
+connection to the server. This TLS connection is handled separately from the
+server connection so instead of `--insecure` and `--cacert` to control the
+certificate verification, you use `--proxy-insecure` and `--proxy-cacert`.
+With these options, you make sure that the TLS connection and the trust of the
+proxy can be kept totally separate from the TLS connection to the server.
diff --git a/docs/THANKS b/docs/THANKS
index e7eea0199..5e4a98eff 100644
--- a/docs/THANKS
+++ b/docs/THANKS
@@ -11,6 +11,7 @@ Aaron Oneal
Aaron Orenstein
Abram Pousada
Adam D. Moss
+Adam Langley
Adam Light
Adam Piggott
Adam Sampson
@@ -18,9 +19,12 @@ Adam Tkac
Adrian Schuur
Adriano Meirelles
Ajit Dhumale
+Akhil Kedia
Aki Koskinen
Akos Pasztory
+Akshay Vernekar
Alain Danteny
+Alan Jenkins
Alan Pinstein
Albert Chin-A-Young
Albert Choy
@@ -28,14 +32,18 @@ Ale Vesely
Alejandro Alvarez Ayllon
Aleksandar Milivojevic
Aleksey Tulinov
+Ales Mlakar
Ales Novak
Alessandro Ghedini
Alessandro Vesely
Alex Bligh
+Alex Chan
Alex Fishman
Alex Gruz
Alex McLellan
Alex Neblett
+Alex Potapenko
+Alex Rousskov
Alex Suykov
Alex Vinnik
Alex aka WindEagle
@@ -48,6 +56,7 @@ Alexander Krasnostavsky
Alexander Lazic
Alexander Pepper
Alexander Peslyak
+Alexander Sinditskiy
Alexander Traud
Alexander Zhuravlev
Alexey Borzov
@@ -66,6 +75,7 @@ Anatoli Tubman
Anders Bakken
Anders Gustafsson
Anders Havn
+Anders Roxell
Andi Jahja
Andre Guibert de Bruet
Andre Heinecke
@@ -76,17 +86,21 @@ Andreas Malzahn
Andreas Ntaflos
Andreas Olsson
Andreas Rieke
+Andreas Roth
Andreas Schuldei
+Andreas Streichardt
Andreas Wurf
Andrei Benea
Andrei Cipu
Andrei Kurushin
+Andrei Sedoi
Andrej E Baranov
Andrew Benham
Andrew Biggs
Andrew Bushnell
Andrew Francis
Andrew Fuller
+Andrew Krieger
Andrew Kurushin
Andrew Moise
Andrew Robbins
@@ -103,12 +117,15 @@ Anthon Pang
Anthony Avina
Anthony Bryan
Anthony G. Basile
+Antoine Aubert
Antoine Calando
Anton Bychkov
Anton Kalmykov
Anton Malov
Anton Yabchinskiy
Antonio Larrosa
+Antony74 on github
+Antti Hätälä
Arkadiusz Miskiewicz
Armel Asselin
Arnaud Compan
@@ -145,6 +162,7 @@ Benoit Neil
Benoit Sigoure
Bernard Leak
Bernard Spil
+Bernhard M. Wiedemann
Bernhard Reutner-Fischer
Bert Huijben
Bertrand Demiddelaer
@@ -175,6 +193,8 @@ Brandon Wang
Brendan Jurd
Brent Beardsley
Brian Akins
+Brian Carpenter
+Brian Childs
Brian Chrisman
Brian Dessent
Brian J. Murrell
@@ -184,14 +204,18 @@ Brian Ulm
Brock Noland
Bru Rom
Bruce Mitchener
+Bruce Stephens
Bruno Thomsen
Bruno de Carvalho
Bryan Henderson
Bryan Kemp
Byrial Jensen
Cameron Kaiser
+Cameron MacMinn
Camille Moncelier
Caolan McNamara
+Carlo Cannas
+Carlo Teubner
Carlo Wood
Carsten Lange
Casey O'Donnell
@@ -204,9 +228,11 @@ Chen Prog
Chih-Chung Chang
Chris "Bob Bob"
Chris Araman
+Chris Carlmar
Chris Combes
Chris Conlon
Chris Deidun
+Chris Faherty
Chris Flerackers
Chris Gaukroger
Chris Maltby
@@ -215,6 +241,7 @@ Chris Smowton
Chris Young
Christian Fillion
Christian Grothoff
+Christian Heimes
Christian Hägele
Christian Krause
Christian Kurz
@@ -229,6 +256,7 @@ Christopher Conroy
Christopher Palow
Christopher R. Palmer
Christopher Stone
+Chungtsun Li
Ciprian Badescu
Claes Jakobsson
Clarence Gardner
@@ -267,7 +295,9 @@ Dan C
Dan Cristian
Dan Donahue
Dan Fandrich
+Dan Jacobson
Dan Locks
+Dan McNulty
Dan Nelson
Dan Petitt
Dan Torop
@@ -279,9 +309,11 @@ Daniel Gustafsson
Daniel Hwang
Daniel Johnson
Daniel Kahn Gillmor
+Daniel Krügler
Daniel Lee Hwang
Daniel Melani
Daniel Mentz
+Daniel Romero
Daniel Schauenberg
Daniel Seither
Daniel Shahaf
@@ -289,8 +321,10 @@ Daniel Steinberg
Daniel Stenberg
Daniel Theron
Daniel at touchtunes
+Daphne Luong
Darryl House
Darshan Mody
+Darío Hereñú
Dave Dribin
Dave Halbakken
Dave Hamilton
@@ -305,6 +339,7 @@ David Binderman
David Blaikie
David Byron
David Cohen
+David E. Narváez
David Eriksson
David Houlder
David Hull
@@ -315,12 +350,14 @@ David Kierznowski
David Kimdon
David Lang
David LeBlanc
+David Lord
David McCreedy
David Meyer
David Odin
David Phillips
David Rosenstrauch
David Ryskalczyk
+David Schweikert
David Shaw
David Strauss
David Tarendash
@@ -333,6 +370,7 @@ Dengminwen
Denis Feklushkin
Dennis Clarke
Derek Higgins
+Desmond O. Chang
Detlef Schmier
Didier Brisebourg
Diego Bes
@@ -352,6 +390,7 @@ Dmitriy Sergeyev
Dmitry Bartsevich
Dmitry Eremin-Solenikov
Dmitry Falko
+Dmitry Kostjuchenko
Dmitry Kurochkin
Dmitry Popov
Dmitry Rechkin
@@ -359,6 +398,7 @@ Dmitry S. Baikov
Dolbneff A.V
Domenico Andreoli
Dominick Meglio
+Dominik Hölzl
Dominique Leuenberger
Doug Kaufman
Doug Porter
@@ -373,15 +413,19 @@ Duane Cathey
Duncan Mac-Vicar Prett
Dustin Boswell
Dusty Mabe
+Dwarakanath Yadavalli
Dylan Ellicott
Dylan Salisbury
+Dániel Bakai
Early Ehlinger
Ebenezer Ikonne
Ed Morley
Edin Kadribasic
Eduard Bloch
+Edward Kimmel
Edward Rudd
Edward Sheldrake
+Edward Thomson
Eelco Dolstra
Eetu Ojanen
Egon Eckert
@@ -392,8 +436,10 @@ Emanuele Bovisio
Emil Lerner
Emil Romanus
Emiliano Ida
+Emmanuel Tychon
Enrico Scholz
Enrik Berkhan
+Eramoto Masaya
Eric Cooper
Eric Hu
Eric Landes
@@ -418,6 +464,8 @@ Erwin Authried
Ethan Glasser Camp
Eugene Kotlyarov
Evan Jordan
+Even Rouault
+Evert Pot
Evgeny Grin
Evgeny Turnaev
Eygene Ryabinkin
@@ -426,6 +474,7 @@ Fabian Hiernaux
Fabian Keil
Fabian Ruff
Fabrizio Ammollo
+Fahim Chandurwala
Fedor Karpelevitch
Feist Josselin
Felix Yan
@@ -437,6 +486,7 @@ Florian Schoppmann
Florian Weimer
Forrest Cahoon
Francisco Moraes
+Francois Petitjean
Frank Gevaerts
Frank Hempel
Frank Keeney
@@ -451,6 +501,7 @@ Fred New
Fred Noz
Fred Stluka
Frederic Lepied
+Frederik B
Fredrik Thulin
Gabriel Kuri
Gabriel Sjoberg
@@ -481,6 +532,7 @@ Gilles Blanc
Gisle Vanem
Giuseppe Attardi
Giuseppe D'Ambrosio
+Giuseppe Persico
Glen A Johnson Jr.
Glen Nakamura
Glen Scott
@@ -495,7 +547,9 @@ Greg Hewgill
Greg Morse
Greg Onufer
Greg Pratt
+Greg Rowe
Greg Zavertnik
+Gregory Szorc
Grigory Entin
Guenole Bescon
Guenter Knauf
@@ -504,12 +558,15 @@ Guillaume Arluison
Gunter Knauf
Gustaf Hui
Gustavo Grieco
+GwanYeong Kim
Gwenole Beauchesne
Gökhan Şengün
Götz Babin-Ebell
Hamish Mackenzie
+Han Qiao
Hang Kin Lau
Hang Su
+Hannes Magnusson
Hanno Böck
Hanno Kranzhoff
Hans Steegers
@@ -523,6 +580,7 @@ He Qin
Heikki Korpela
Heinrich Ko
Heinrich Schaefer
+Helmut K. C. Tessarek
Helwing Lutz
Hendrik Visage
Henrik Gaßmann
@@ -566,7 +624,9 @@ Jacob Moshenko
Jactry Zeng
Jad Chamcham
Jaime Fullaondo
+Jakub Wilk
Jakub Zakrzewski
+James Atwill
James Bursa
James Cheng
James Clancy
@@ -576,6 +636,7 @@ James Gallagher
James Griffiths
James Housley
James MacMillan
+James Slaughter
Jamie Lokier
Jamie Newton
Jamie Wilkinson
@@ -583,6 +644,7 @@ Jan Ehrhardt
Jan Koen Annot
Jan Kunder
Jan Schaumann
+Jan Schmidt
Jan Van Boghout
Jared Jennings
Jared Lundell
@@ -597,6 +659,7 @@ Javier G. Sogo
Jay Austin
Jayesh A Shah
Jaz Fresh
+Jean Gressmann
Jean Jacques Drouin
Jean-Claude Chauve
Jean-Francois Bertrand
@@ -618,6 +681,8 @@ Jens Rantil
Jeremy Friesner
Jeremy Huddleston
Jeremy Lin
+Jeremy Pearson
+Jeremy Tan
Jeroen Koekkoek
Jeroen Ooms
Jerome Muffat-Meridol
@@ -627,6 +692,7 @@ Jerry Krinock
Jerry Wu
Jes Badwal
Jesper Jensen
+Jesse Chisholm
Jesse Noller
Jesse Tan
Jie He
@@ -637,7 +703,7 @@ Jim Meyering
Jiri Dvorak
Jiri Hruska
Jiri Jaburek
-Jiri Malak
+Jiří Malák
Jocelyn Jaubert
Joe Halpin
Joe Malicki
@@ -700,6 +766,7 @@ Josef Wolf
Josh Kapell
Joshua Kwan
Josue Andrade Gomes
+Jozef Kralik
Juan Barreto
Juan F. Codagnone
Juan Ignacio Hervás
@@ -715,6 +782,7 @@ Julien Nabet
Julien Royer
Jun-ichiro itojun Hagino
Jurij Smakov
+Justin Clift
Justin Ehlert
Justin Fletcher
Justin Karneges
@@ -747,9 +815,11 @@ Kent Boortz
Keshav Krity
Kevin Baughman
Kevin Fisk
+Kevin Ji
Kevin Lussier
Kevin Reed
Kevin Roth
+Kim Minjoong
Kim Rinnewitz
Kim Vandry
Kimmo Kinnunen
@@ -766,10 +836,12 @@ Kurt Fankhauser
Kyle J. McKay
Kyle L. Huff
Kyle Sallee
+Kyselgov E.N
Lachlan O'Dea
Larry Campbell
Larry Fahnoe
Larry Lin
+Larry Stefani
Larry Stone
Lars Buitinck
Lars Gustafsson
@@ -800,6 +872,7 @@ Lior Kaplan
Lisa Xu
Liviu Chircu
Liza Alenchery
+Lloyd Fournier
Lluís Batlle i Rossell
Loic Dachary
Loren Kirkby
@@ -817,10 +890,12 @@ Luke Call
Luke Dashjr
Luo Jinghua
Luong Dinh Dung
+Luật Nguyễn
Lyndon Hill
Maciej Karpiuk
Maciej Puzio
Maciej W. Rozycki
+Mahmoud Samir Fayed
Maks Naumov
Maksim Kuzevanov
Maksim Stsepanenka
@@ -835,6 +910,7 @@ Marc Hesse
Marc Hörsken
Marc Kleine-Budde
Marc Renault
+Marc-Antoine Perennou
Marcel Raad
Marcel Roelofs
Marcelo Echeverria
@@ -845,6 +921,7 @@ Marcin Konicki
Marco Deckel
Marco G. Salvagno
Marco Maggi
+Marcus Hoffmann
Marcus Sundberg
Marcus Webster
Mario Schroeder
@@ -865,16 +942,19 @@ Markus Elfring
Markus Koetter
Markus Moeller
Markus Oberhumer
+Markus Westerlind
Marquis de Muesli
Martijn Koster
Martin C. Martin
Martin Drasar
+Martin Frodl
Martin Hager
Martin Hedenfalk
Martin Jansen
+Martin Kepplinger
Martin Lemke
Martin Skinner
-Martin Storsjo
+Martin Storsjö
Martin Vejnár
Marty Kuhrt
Maruko
@@ -889,6 +969,7 @@ Matt Kraai
Matt Veenstra
Matt Witherspoon
Matt Wixson
+Matteo B.
Matteo Rocco
Matthew Blain
Matthew Clarke
@@ -896,7 +977,10 @@ Matthew Hall
Matthias Bolte
Maurice Barnum
Mauro Iorio
+Mauro Rappa
+Max Dymond
Max Katsev
+Max Khon
Maxim Ivanov
Maxim Perenesenko
Maxim Prohorov
@@ -916,6 +1000,7 @@ Michael Jerris
Michael Kalinin
Michael Kaufmann
Michael König
+Michael Maltese
Michael Mealling
Michael Mueller
Michael Osipov
@@ -948,6 +1033,8 @@ Mike Power
Mike Protts
Mike Revi
Miklos Nemeth
+Miloš Ljumović
+Mingliang Zhu
Miroslav Franc
Miroslav Spousta
Mitz Wark
@@ -965,13 +1052,18 @@ Nathanael Nerode
Nathaniel Waisbrot
Naveen Chandran
Naveen Noel
+Neal Poole
+Nehal J Wani
Neil Bowers
Neil Dunbar
+Neil Kolban
Neil Spring
Nic Roets
Nicholas Maniscalco
+Nick Draffen
Nick Gimbrone
Nick Humfrey
+Nick Miyake
Nick Zitzmann
Nico Baggus
Nicolas Berloquin
@@ -993,6 +1085,7 @@ Norbert Kett
Norbert Novotny
Octavio Schroeder
Ofer
+Okhin Vasilij
Ola Mork
Olaf Flebbe
Olaf Stüben
@@ -1011,8 +1104,10 @@ Ori Avtalion
Oscar Koeroo
Oscar Norlander
P R Schaffner
+Palo Markovic
Paolo Piacentini
Paras Sethia
+Pascal Gaudette
Pascal Terjan
Pasha Kuznetsov
Pasi Karkkainen
@@ -1030,7 +1125,9 @@ Patrik Thunstrom
Pau Garcia i Quiles
Paul Donohue
Paul Harrington
+Paul Harris
Paul Howarth
+Paul Joyce
Paul Marks
Paul Marquis
Paul Moore
@@ -1041,6 +1138,7 @@ Paul Saab
Pavel Cenek
Pavel Orehov
Pavel Raiskup
+Pavel Rochnyak
Pawel A. Gajda
Pawel Kierski
Pedro Larroy
@@ -1070,6 +1168,7 @@ Petr Bahula
Petr Novak
Petr Pisar
Phil Blundell
+Phil Crump
Phil Karn
Phil Lisiecki
Phil Pellouchoud
@@ -1084,14 +1183,17 @@ Pierre Brico
Pierre Chapuis
Pierre Joye
Pierre Ynard
+Piotr Dobrogost
Pooyan McSporran
Pramod Sharma
Prash Dush
+Praveen Pvs
Priyanka Shah
Puneet Pawaia
Quagmire
Quanah Gibson-Mount
Quinn Slack
+R. Dennis Steed
Radu Simionescu
Rafa Muyo
Rafael Antonio
@@ -1101,6 +1203,7 @@ Rafaël Carré
Rainer Canavan
Rainer Jung
Rainer Koenig
+Rainer Müller
Rajesh Naganathan
Rajkumar Mandal
Ralf S. Engelschall
@@ -1117,6 +1220,7 @@ Razvan Cojocaru
Reinhard Max
Reinout van Schouwen
Remi Gacogne
+Remo E
Renato Botelho
Renaud Chaillat
Renaud Duhaut
@@ -1138,16 +1242,21 @@ Richard Cooper
Richard Gorton
Richard Gray
Richard Hosking
+Richard Hsu
Richard Michael
Richard Moore
Richard Prescott
Richard Silverman
Richard van den Berg
+Richy Kim
Rick Jones
Rick Richardson
+Ricki Hirner
+Rider Linden
Rob Crittenden
Rob Davies
Rob Jones
+Rob Sanders
Rob Stanzel
Rob Ward
Robert A. Monat
@@ -1176,6 +1285,7 @@ Romain Coltel
Roman Koifman
Roman Mamedov
Romulo A. Ceccon
+Ron Eldor
Ron Parker
Ron Zapp
Ronnie Mose
@@ -1189,8 +1299,11 @@ Ryan Chan
Ryan Nelson
Ryan Schmidt
Ryan Scott
+Ryan Winograd
+Ryuichi KAWAMATA
Rémy Léone
S. Moonesamy
+Salah-Eddin Shaban
Salvador Dávila
Salvatore Sorrentino
Sam Deane
@@ -1216,16 +1329,21 @@ Scott Cantor
Scott Davis
Scott McCreary
Sean Boudreau
+Sean Burford
+Sebastian Mundry
Sebastian Pohlschmidt
Sebastian Rasmussen
Senthil Raja Velu
+Sergei Kuzmin
Sergei Nikulov
Sergey Tatarincev
+Sergii Pylypenko
Sergio Ballestrero
Serj Kalichev
Seshubabu Pasam
Seth Mos
Sh Diao
+Shachaf Ben-Kiki
Shao Shuchao
Sharad Gupta
Shard
@@ -1260,10 +1378,13 @@ Stefan Tomanek
Stefan Ulrich
Steinar H. Gunderson
Stephan Bergmann
+Stephen Brokenshire
Stephen Collyer
Stephen Kick
Stephen More
+Stephen Toub
Sterling Hughes
+Steve Brokenshire
Steve Green
Steve H Truong
Steve Havelka
@@ -1279,11 +1400,13 @@ Steven Gu
Steven M. Schweda
Steven Parkes
Stoned Elipot
+Stuart Henderson
Sune Ahlgren
Sven Anders
Sven Neuhaus
Sven Wegener
Svyatoslav Mishyn
+Sylvestre Ledru
Symeon Paraschoudis
Sébastien Willemijns
T. Bharath
@@ -1295,6 +1418,7 @@ Tanguy Fautre
Tatsuhiro Tsujikawa
Temprimus
Terri Oda
+TheAssassin at github
Theodore Dubois
Thomas Braun
Thomas Glanzmann
@@ -1302,6 +1426,7 @@ Thomas J. Moore
Thomas Klausner
Thomas L. Shinnick
Thomas Lopatic
+Thomas Petazzoni
Thomas Ruecker
Thomas Schwinge
Thomas Tonino
@@ -1322,6 +1447,7 @@ Tim Stack
Tim Starling
Timo Sirainen
Timotej Lazar
+Timothe Litt
Timothy Polich
Tinus van den Berg
Tobias Markus
@@ -1330,6 +1456,7 @@ Tobias Stoeckmann
Toby Peterson
Todd A Ouska
Todd Kulesza
+Todd Short
Todd Vierling
Tom Benoist
Tom Donovan
@@ -1357,11 +1484,13 @@ Toni Moreno
Tony Kelman
Toon Verwaest
Tor Arntsen
+Torben Dannhauer
Torsten Foertsch
Toshio Kuratomi
Toshiyuki Maezawa
Traian Nicolescu
Travis Burtrum
+Travis Obenhaus
Troels Walsted Hansen
Troy Engel
Tupone Alfredo
@@ -1372,13 +1501,17 @@ Ulf Samuelsson
Ulrich Doehner
Ulrich Telle
Ulrich Zadow
+Valentin David
+Vasy Okhin
Venkat Akella
+Venkataramana Mokkapati
Victor Snezhko
Vijay Panghal
Vikram Saxena
Viktor Szakáts
Ville Skyttä
Vilmos Nebehaj
+Vincas Razma
Vincent Bronner
Vincent Le Normand
Vincent Penquerc'h
@@ -1403,6 +1536,7 @@ Werner Koch
Wesley Laxton
Wesley Miaw
Wez Furlong
+Wham Bang
Wilfredo Sanchez
Will Dietz
Willem Sparreboom
@@ -1432,20 +1566,41 @@ Zdenek Pavlas
Zekun Ni
Zmey Petroff
Zvi Har'El
+afrind on github
asavah on github
baumanj on github
bsammon on github
+canavan at github
+destman at github
dkjjr89 on github
eXeC64 on github
+jonrumsey at github
+jonrumsey on github
jveazey on github
+ka7 on github
kreshano on github
+lijian996 on github
+lukaszgn on github
+madblobfish on github
marc-groundctl on github
+mccormickt12 on github
+mkzero on github
neex on github
+neheb on github
nk
+nopjmp on github
+olesteban at github
+ovidiu-benea on github
+paulharris on github
silveja1 on github
+stootill at github
swalkaus at yahoo.com
+tarek112 on github
tommink[at]post.pl
vanillajonathan on github
wmsch on github
+wyattoday at github
+zelinchen on github
+İsmail Dönmez
Štefan Kremeň
Никита Дорохин
diff --git a/docs/THANKS-filter b/docs/THANKS-filter
index 6eb6d5c9c..3ff912214 100644
--- a/docs/THANKS-filter
+++ b/docs/THANKS-filter
@@ -69,3 +69,10 @@ s/Joern Hartroth$/Jörn Hartroth/
s/Hongli Lai (Phusion)$/Hongli Lai/
s/github user 'kreshano'$/kreshano on github/
s/Marc Hoersken$/Marc Hörsken/
+s/Martin Storsjo$/Martin Storsjö/
+s/Jiri Malak$/Jiří Malák/
+s/JDepooter$/Joel Depooter/
+s/ERAMOTO Masaya$/Eramoto Masaya/
+s/shachaf on github$/Shachaf Ben-Kiki/
+s/CarloCannas on github$/Carlo Cannas/
+s/Henrik S. Gaßmann$/Henrik Gaßmann/
diff --git a/docs/TODO b/docs/TODO
index 40b8cc8ec..dde2994b6 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -6,7 +6,7 @@
Things that could be nice to do in the future
- Things to do in project cURL. Please tell us what you think, contribute and
+ Things to do in project curl. Please tell us what you think, contribute and
send us patches that improve things!
Be aware that these are things that we could do, or have once been considered
@@ -23,10 +23,10 @@
1.5 get rid of PATH_MAX
1.6 Modified buffer size approach
1.7 Detect when called from within callbacks
- 1.8 Allow SSL (HTTPS) to proxy
+ 1.8 CURLOPT_RESOLVE for any port number
1.9 Cache negative name resolves
- 1.10 Support IDNA2008
- 1.11 minimize dependencies with dynamicly loaded modules
+ 1.10 auto-detect proxy
+ 1.11 minimize dependencies with dynamically loaded modules
1.12 have form functions use CURL handle argument
1.14 Typesafe curl_easy_setopt()
1.15 Monitor connections in the connection pool
@@ -37,6 +37,7 @@
1.20 SRV and URI DNS records
1.21 API for URL parsing/splitting
1.23 Offer API to flush the connection pool
+ 1.24 TCP Fast Open for windows
2. libcurl - multi interface
2.1 More non-blocking
@@ -46,7 +47,6 @@
2.5 Edge-triggered sockets should work
3. Documentation
- 3.1 Update date and version in man pages
3.2 Provide cmake config-file
4. FTP
@@ -62,17 +62,19 @@
5.1 Better persistency for HTTP 1.0
5.2 support FF3 sqlite cookie files
5.3 Rearrange request header order
- 5.4 Use huge HTTP/2 windows
+ 5.4 HTTP Digest using SHA-256
5.5 auth= in URLs
5.6 Refuse "downgrade" redirects
5.7 Brotli compression
5.8 QUIC
+ 5.9 Improve formpost API
+ 5.10 Leave secure cookies alone
+ 5.11 Chunked transfer multipart formpost
6. TELNET
6.1 ditch stdin
6.2 ditch telnet-specific select
6.3 feature negotiation debug data
- 6.4 send data in chunks
7. SMTP
7.1 Pipelining
@@ -102,12 +104,15 @@
13.1 Disable specific versions
13.2 Provide mutex locking API
13.3 Evaluate SSL patches
- 13.4 Cache OpenSSL contexts
+ 13.4 Cache/share OpenSSL contexts
13.5 Export session ids
13.6 Provide callback for cert verification
13.7 improve configure --with-ssl
13.8 Support DANE
- 13.9 Support TLS v1.3
+ 13.10 Support SSLKEYLOGFILE
+ 13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
+ 13.12 Support HSTS
+ 13.13 Support HPKP
14. GnuTLS
14.1 SSL engine stuff
@@ -126,6 +131,8 @@
17. SSH protocols
17.1 Multiplexing
17.2 SFTP performance
+ 17.3 Support better than MD5 hostkey hash
+ 17.4 Support CURLOPT_PREQUOTE
18. Command line tool
18.1 sync
@@ -134,7 +141,6 @@
18.4 simultaneous parallel transfers
18.5 provide formpost headers
18.6 warning when setting an option
- 18.7 warning when sending binary output to terminal
18.8 offer color-coded HTTP header output
18.9 Choose the name of file in braces for complex URLs
18.10 improve how curl works in a windows console window
@@ -142,9 +148,13 @@
18.12 keep running, read instructions from pipe/socket
18.13 support metalink in http headers
18.14 --fail without --location should treat 3xx as a failure
+ 18.15 --retry should resume
+ 18.16 send only part of --data
+ 18.17 consider file name from the redirected URL with -O ?
19. Build
19.1 roffit
+ 19.2 Enable PIE and RELRO by default
20. Test suite
20.1 SSL tunnel
@@ -233,28 +243,32 @@
subsequently can add code within libcurl that returns error if called within
callbacks for when that's not supported.
-1.8 Allow SSL (HTTPS) to proxy
+1.8 CURLOPT_RESOLVE for any port number
- To prevent local users from snooping on your traffic to the proxy. Supported
- by Firefox and Chrome already:
- https://www.chromium.org/developers/design-documents/secure-web-proxy
+ This option allows applications to set a replacement IP address for a given
+ host + port pair. Consider making support for providing a replacement address
+ for the host name on all port numbers.
- See this stale work in progress branch:
- https://github.com/curl/curl/tree/HTTPS-proxy based on this PR:
- https://github.com/curl/curl/pull/305
+ See https://github.com/curl/curl/issues/1264
1.9 Cache negative name resolves
A name resolve that has failed is likely to fail when made again within a
short period of time. Currently we only cache positive responses.
-1.10 Support IDNA2008
+1.10 auto-detect proxy
- International Domain Names are supported in libcurl since years back, powered
- by libidn. libidn implements IDNA2003 which has been superseded by IDNA2008.
- libidn2 is an existing library offering support for IDNA2008.
+ libcurl could be made to detect the system proxy setup automatically and use
+ that. On Windows, macOS and Linux desktops for example.
-1.11 minimize dependencies with dynamicly loaded modules
+ The pull-request to use libproxy for this was deferred due to doubts on the
+ reliability of the dependency and how to use it:
+ https://github.com/curl/curl/pull/977
+
+ libdetectproxy is a (C++) library for detecting the proxy on Windows
+ https://github.com/paulharris/libdetectproxy
+
+1.11 minimize dependencies with dynamically loaded modules
We can create a system with loadable modules/plug-ins, where these modules
would be the ones that link to 3rd party libs. That would allow us to avoid
@@ -360,6 +374,11 @@
An API could allow a forced flush or just a forced loop that would properly
close all connections that have been closed by the server already.
+1.24 TCP Fast Open for windows
+
+ libcurl supports the CURLOPT_TCP_FASTOPEN option since 7.49.0 for Linux and
+ Mac OS. Windows supports TCP Fast Open starting with Windows 10, version 1607
+ and we should add support for it.
2. libcurl - multi interface
@@ -368,9 +387,7 @@
Make sure we don't ever loop because of non-blocking sockets returning
EWOULDBLOCK or similar. Blocking cases include:
- - Name resolves on non-windows unless c-ares is used
- - NSS SSL connections
- - HTTP proxy CONNECT operations
+ - Name resolves on non-windows unless c-ares or the threaded resolver is used
- SOCKS proxy handshakes
- file:// transfers
- TELNET transfers
@@ -408,12 +425,6 @@
3. Documentation
-3.1 Update date and version in man pages
-
- 'maketgz' or another suitable script could update the .TH sections of the man
- pages at release time to use the current date and curl/libcurl version
- number.
-
3.2 Provide cmake config-file
A config-file package is a set of files provided by us to allow applications
@@ -491,12 +502,14 @@ This is not detailed in any FTP specification.
headers use a default value so only headers that need to be moved have to be
specified.
-5.4 Use huge HTTP/2 windows
+5.4 HTTP Digest using SHA-256
+
+ RFC 7616 introduces an update to the HTTP Digest authentication
+ specification, which amongst other thing defines how new digest algorithms
+ can be used instead of MD5 which is considered old and not recommended.
- We're currently using nghttp2's default window size which is terribly small
- (64K). This becomes a bottle neck over high bandwidth networks. We should
- instead make the window size to be very big (512MB?) as we really don't do
- much flow control anyway.
+ See https://tools.ietf.org/html/rfc7616 and
+ https://github.com/curl/curl/issues/1018
5.5 auth= in URLs
@@ -519,11 +532,9 @@ This is not detailed in any FTP specification.
5.7 Brotli compression
- Compression algorithms that perform better than gzip are being considered for
- use and inclusion in existing browsers. For example 'brotli'. If servers
- follow along it is a good reason for us to also allow users to take advantage
- of this. The algorithm: https://github.com/google/brotli The Firefox bug:
- https://bugzilla.mozilla.org/show_bug.cgi?id=366559
+ Brotli compression performs better than gzip and is being implemented by
+ browsers and servers widely. The algorithm: https://github.com/google/brotli
+ The Firefox bug: https://bugzilla.mozilla.org/show_bug.cgi?id=366559
5.8 QUIC
@@ -535,6 +546,29 @@ This is not detailed in any FTP specification.
implemented. This, to allow other projects to benefit from the work and to
thus broaden the interest and chance of others to participate.
+5.9 Improve formpost API
+
+ Revamp the formpost API and making something that is easier to use and
+ understand:
+
+ https://github.com/curl/curl/wiki/formpost-API-redesigned
+
+5.10 Leave secure cookies alone
+
+ Non-secure origins (HTTP sites) should not be allowed to set or modify
+ cookies with the 'secure' property:
+
+ https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-01
+
+5.11 Chunked transfer multipart formpost
+
+ For a case where the file is being made during the upload is progressing
+ (like passed on stdin to the curl tool), we cannot know the size before-hand
+ and we rather not read the entire thing into memory before it can start the
+ upload.
+
+ https://github.com/curl/curl/issues/1139
+
6. TELNET
@@ -554,11 +588,6 @@ to provide the data to send.
Add telnet feature negotiation data to the debug callback as header data.
-6.4 send data in chunks
-
- Currently, telnet sends data one byte at a time. This is fine for
interactive
- use, but inefficient for any other. Sent data should be sent in larger
- chunks.
7. SMTP
@@ -655,7 +684,7 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
Evaluate/apply Gertjan van Wingerde's SSL patches:
https://curl.haxx.se/mail/lib-2004-03/0087.html
-13.4 Cache OpenSSL contexts
+13.4 Cache/share OpenSSL contexts
"Look at SSL cafile - quick traces look to me like these are done on every
request as well, when they should only be necessary once per SSL context (or
@@ -665,6 +694,12 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
style connections are re-used. It will make us use slightly more memory but
it will libcurl do less creations and deletions of SSL contexts.
+ Technically, the "caching" is probably best implemented by getting added to
+ the share interface so that easy handles who want to and can reuse the
+ context specify that by sharing with the right properties set.
+
+ https://github.com/curl/curl/issues/1110
+
13.5 Export session ids
Add an interface to libcurl that enables "session IDs" to get
@@ -699,14 +734,51 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
Björn Stenberg wrote a separate initial take on DANE that was never
completed.
-13.9 Support TLS v1.3
+13.10 Support SSLKEYLOGFILE
+
+ When used, Firefox and Chrome dumps their master TLS keys to the file name
+ this environment variable specifies. This allows tools like for example
+ Wireshark to capture and decipher TLS traffic to/from those clients. libcurl
+ could be made to support this more widely (presumably this already works when
+ built with NSS). Peter Wu made a OpenSSL preload to make possible that can be
+ used as inspiration and guidance
+ https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c
+
+13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
+
+ CURLOPT_PINNEDPUBLICKEY does not consider the hashes of intermediate & root
+ certificates when comparing the pinned keys. Therefore it is not compatible
+ with "HTTP Public Key Pinning" as there also intermediate and root
certificates
+ can be pinned. This is very useful as it prevents webadmins from "locking
+ themself out of their servers".
+
+ Adding this feature would make curls pinning 100% compatible to HPKP and allow
+ more flexible pinning.
+
+13.12 Support HSTS
- TLS version 1.3 is about to ship and is getting implemented by TLS libraries
- as we speak. We should start to support the symbol and make sure all backends
- handle it accordingly, then gradually add support as the TLS libraries add
- the corresponding support. There may be a need to add some additional options
- to allow libcurl to take advantage of the new features in 1.3.
+ "HTTP Strict Transport Security" is TOFU (trust on first use), time-based
+ features indicated by a HTTP header send by the webserver. It is widely used
+ in browsers and it's purpose is to prevent insecure HTTP connections after
+ a previous HTTPS connection. It protects against SSLStripping attacks.
+ Doc:
https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
+ RFC 6797: https://tools.ietf.org/html/rfc6797
+
+13.13 Support HPKP
+
+ "HTTP Public Key Pinning" is TOFU (trust on first use), time-based
+ features indicated by a HTTP header send by the webserver. It's purpose is
+ to prevent Man-in-the-middle attacks by trusted CAs by allowing webadmins
+ to specify which CAs/certificates/public keys to trust when connection to
+ their websites.
+
+ It can be build based on PINNEDPUBLICKEY.
+
+ Wikipedia: https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning
+ OWASP: https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning
+ Doc: https://developer.mozilla.org/de/docs/Web/Security/Public_Key_Pinning
+ RFC: https://tools.ietf.org/html/draft-ietf-websec-key-pinning-21
14. GnuTLS
@@ -791,6 +863,20 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
libcurl's SFTP transfer performance is sub par and can be improved, mostly by
the approach mentioned in "1.6 Modified buffer size approach".
+17.3 Support better than MD5 hostkey hash
+
+ libcurl offers the CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 option for verifying the
+ server's key. MD5 is generally being deprecated so we should implement
+ support for stronger hashing algorithms. libssh2 itself is what provides this
+ underlying functionality and it supports at least SHA-1 as an alternative.
+ SHA-1 is also being deprecated these days so we should consider workign with
+ libssh2 to instead offer support for SHA-256 or similar.
+
+17.4 Support CURLOPT_PREQUOTE
+
+ The two other QUOTE options are supported for SFTP, but this was left out for
+ unknown reasons!
+
18. Command line tool
18.1 sync
@@ -809,7 +895,7 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
18.3 prevent file overwriting
- Add an option that prevents cURL from overwriting existing local files. When
+ Add an option that prevents curl from overwriting existing local files. When
used, and there already is an existing file with the target file name
(either -O or -o), a number should be appended (and increased if already
existing). So that index.html becomes first index.html.1 and then
@@ -845,11 +931,6 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
This can be useful to tell when support for a particular feature hasn't been
compiled into the library.
-18.7 warning when sending binary output to terminal
-
- Provide a way that prompts the user for confirmation before binary data is
- sent to the terminal, much in the style 'less' does it.
-
18.8 offer color-coded HTTP header output
By offering different color output on the header name and the header
@@ -914,6 +995,42 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
way to implement this is probably to add that new logic in the command line
tool only and not in the underlying CURLOPT_FAILONERROR logic.
+18.15 --retry should resume
+
+ When --retry is used and curl actually retries transfer, it should use the
+ already transferred data and do a resumed transfer for the rest (when
+ possible) so that it doesn't have to transfer the same data again that was
+ already transferred before the retry.
+
+ See https://github.com/curl/curl/issues/1084
+
+18.16 send only part of --data
+
+ When the user only wants to send a small piece of the data provided with
+ --data or --data-binary, like when that data is a huge file, consider a way
+ to specify that curl should only send a piece of that. One suggested syntax
+ would be: "--data-binary @largefile.zip!1073741823-2147483647".
+
+ See https://github.com/curl/curl/issues/1200
+
+18.17 consider file name from the redirected URL with -O ?
+
+ When a user gives a URL and uses -O, and curl follows a redirect to a new
+ URL, the file name is not extracted and used from the newly redirected-to URL
+ even if the new URL may have a much more sensible file name.
+
+ This is clearly documented and helps for security since there's no surprise
+ to users which file name that might get overwritten. But maybe a new option
+ could allow for this or maybe -J should imply such a treatment as well as -J
+ already allows for the server to decide what file name to use so it already
+ provides the "may overwrite any file" risk.
+
+ This is extra tricky if the original URL has no file name part at all since
+ then the current code path will error out with an error message, and we can't
+ *know* already at that point if curl will be redirected to a URL that has a
+ file name...
+
+ See https://github.com/curl/curl/issues/1241
19. Build
@@ -922,6 +1039,19 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
Consider extending 'roffit' to produce decent ASCII output, and use that
instead of (g)nroff when building src/tool_hugehelp.c
+19.2 Enable PIE and RELRO by default
+
+ Especially when having programs that execute curl via the command line, PIE
+ renders the exploitation of memory corruption vulnerabilities a lot more
+ difficult. This can be attributed to the additional information leaks being
+ required to conduct a successful attack. RELRO, on the other hand, masks
+ different binary sections like the GOT as read-only and thus kills a handful
+ of techniques that come in handy when attackers are able to arbitrarily
+ overwrite memory. A few tests showed that enabling these features had close
+ to no impact, neither on the performance nor on the general functionality of
+ curl.
+
+
20. Test suite
20.1 SSL tunnel
diff --git a/docs/TheArtOfHttpScripting b/docs/TheArtOfHttpScripting
index 047db809b..b2bd9db7a 100644
--- a/docs/TheArtOfHttpScripting
+++ b/docs/TheArtOfHttpScripting
@@ -145,7 +145,7 @@ The Art Of Scripting HTTP Requests Using Curl
address and that's what curl will communicate with. Alternatively you specify
the IP address directly in the URL instead of a name.
- For development and other trying out situation, you can point out a different
+ For development and other trying out situations, you can point to a different
IP address for a host name than what would otherwise be used, by using curl's
--resolve option:
@@ -153,7 +153,7 @@ The Art Of Scripting HTTP Requests Using Curl
2.3 Port number
- Each protocol curl supports operate on a default port number, be it over TCP
+ Each protocol curl supports operates on a default port number, be it over TCP
or in some cases UDP. Normally you don't have to take that into
consideration, but at times you run test servers on other ports or
similar. Then you can specify the port number in the URL with a colon and a
@@ -164,7 +164,7 @@ The Art Of Scripting HTTP Requests Using Curl
The port number you specify in the URL is the number that the server uses to
offer its services. Sometimes you may use a local proxy, and then you may
- need to specify that proxy's port number separate on what curl needs to
+ need to specify that proxy's port number separately for what curl needs to
connect to locally. Like when using a HTTP proxy on port 4321:
curl --proxy http://proxy.example.org:4321 http://remote.example.org/
@@ -172,7 +172,7 @@ The Art Of Scripting HTTP Requests Using Curl
2.4 User name and password
Some services are setup to require HTTP authentication and then you need to
- provide name and password which then is transferred to the remote site in
+ provide name and password which is then transferred to the remote site in
various ways depending on the exact authentication protocol used.
You can opt to either insert the user and password in the URL or you can
@@ -198,7 +198,7 @@ The Art Of Scripting HTTP Requests Using Curl
3.1 GET
- The simplest and most common request/operation made using HTTP is to get a
+ The simplest and most common request/operation made using HTTP is to GET a
URL. The URL could itself refer to a web page, an image or a file. The client
issues a GET request to the server and receives the document it asked for.
If you issue the command line
@@ -269,14 +269,14 @@ The Art Of Scripting HTTP Requests Using Curl
4.1 Forms explained
Forms are the general way a web site can present a HTML page with fields for
- the user to enter data in, and then press some kind of 'OK' or 'submit'
+ the user to enter data in, and then press some kind of 'OK' or 'Submit'
button to get that data sent to the server. The server then typically uses
the posted data to decide how to act. Like using the entered words to search
- in a database, or to add the info in a bug track system, display the entered
+ in a database, or to add the info in a bug tracking system, display the
entered
address on a map or using the info as a login-prompt verifying that the user
is allowed to see what it is about to see.
- Of course there has to be some kind of program in the server end to receive
+ Of course there has to be some kind of program on the server end to receive
the data you send. You cannot just invent something out of the air.
4.2 GET
@@ -369,7 +369,7 @@ The Art Of Scripting HTTP Requests Using Curl
4.5 Hidden Fields
- A very common way for HTML based application to pass state information
+ A very common way for HTML based applications to pass state information
between pages is to add hidden fields to the forms. Hidden fields are
already filled in, they aren't displayed to the user and they get passed
along just as all the other fields.
@@ -383,7 +383,7 @@ The Art Of Scripting HTTP Requests Using Curl
<input type=submit name="press" value="OK">
</form>
- To post this with curl, you won't have to think about if the fields are
+ To POST this with curl, you won't have to think about if the fields are
hidden or not. To curl they're all the same:
curl --data "birthyear=1905&press=OK&person=daniel" [URL]
@@ -405,7 +405,7 @@ The Art Of Scripting HTTP Requests Using Curl
5.1 PUT
- The perhaps best way to upload data to a HTTP server is to use PUT. Then
+ Perhaps the best way to upload data to a HTTP server is to use PUT. Then
again, this of course requires that someone put a program or script on the
server end that knows how to receive a HTTP PUT stream.
@@ -446,7 +446,7 @@ The Art Of Scripting HTTP Requests Using Curl
If your proxy requires the authentication to be done using the NTLM method,
use --proxy-ntlm, if it requires Digest use --proxy-digest.
- If you use any one these user+password options but leave out the password
+ If you use any one of these user+password options but leave out the password
part, curl will prompt for the password interactively.
6.4 Hiding credentials
@@ -508,7 +508,7 @@ The Art Of Scripting HTTP Requests Using Curl
to redirect is Location:.
Curl does not follow Location: headers by default, but will simply display
- such pages in the same manner it display all HTTP replies. It does however
+ such pages in the same manner it displays all HTTP replies. It does however
feature an option that will make it attempt to follow the Location: pointers.
To tell curl to follow a Location:
@@ -562,7 +562,7 @@ The Art Of Scripting HTTP Requests Using Curl
(Take note that the --cookie-jar option described below is a better way to
store cookies.)
- Curl has a full blown cookie parsing engine built-in that comes to use if you
+ Curl has a full blown cookie parsing engine built-in that comes in use if you
want to reconnect to a server and use cookies that were stored from a
previous connection (or hand-crafted manually to fool the server into
believing you had a previous connection). To use previously stored cookies,
@@ -592,7 +592,7 @@ The Art Of Scripting HTTP Requests Using Curl
10.1 HTTPS is HTTP secure
- There are a few ways to do secure HTTP transfers. The by far most common
+ There are a few ways to do secure HTTP transfers. By far the most common
protocol for doing this is what is generally known as HTTPS, HTTP over
SSL. SSL encrypts all the data that is sent and received over the network and
thus makes it harder for attackers to spy on sensitive information.
@@ -680,7 +680,7 @@ The Art Of Scripting HTTP Requests Using Curl
12.1 Some login tricks
- While not strictly just HTTP related, it still cause a lot of people problems
+ While not strictly just HTTP related, it still causes a lot of people problems
so here's the executive run-down of how the vast majority of all login forms
work and how to login to them using curl.
@@ -693,7 +693,7 @@ The Art Of Scripting HTTP Requests Using Curl
make sure you got there through their login page) so you should make a habit
of first getting the login-form page to capture the cookies set there.
- Some web-based login systems features various amounts of javascript, and
+ Some web-based login systems feature various amounts of javascript, and
sometimes they use such code to set or modify cookie contents. Possibly they
do that to prevent programmed logins, like this manual describes how to...
Anyway, if reading the code isn't enough to let you repeat the behavior
@@ -755,4 +755,4 @@ The Art Of Scripting HTTP Requests Using Curl
14.2 Sites
- https://curl.haxx.se is the home of the cURL project
+ https://curl.haxx.se is the home of the curl project
diff --git a/docs/cmdline-opts/CMakeLists.txt b/docs/cmdline-opts/CMakeLists.txt
new file mode 100644
index 000000000..5aa20dfdb
--- /dev/null
+++ b/docs/cmdline-opts/CMakeLists.txt
@@ -0,0 +1,12 @@
+set(MANPAGE "${CMAKE_BINARY_DIR}/docs/curl.1")
+
+# Load DPAGES and OTHERPAGES from shared file
+transform_makefile_inc("Makefile.inc"
"${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake")
+include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake")
+
+add_custom_command(OUTPUT "${MANPAGE}"
+ COMMAND "${PERL_EXECUTABLE}" "${CMAKE_CURRENT_SOURCE_DIR}/gen.pl" mainpage
"${CMAKE_CURRENT_SOURCE_DIR}" > "${MANPAGE}"
+ DEPENDS ${DPAGES} ${OTHERPAGES}
+ VERBATIM
+)
+add_custom_target(generate-curl.1 DEPENDS "${MANPAGE}")
diff --git a/docs/cmdline-opts/MANPAGE.md b/docs/cmdline-opts/MANPAGE.md
new file mode 100644
index 000000000..3a8270b03
--- /dev/null
+++ b/docs/cmdline-opts/MANPAGE.md
@@ -0,0 +1,52 @@
+# curl man page generator
+
+This is the curl man page generator. It generates a single nroff man page
+output from the set of sources files in this directory.
+
+There is one source file for each supported command line option. The format is
+described below.
+
+## Option files
+
+Each command line option is described in a file named `<long name>.d`, where
+option name is written without any prefixing dashes. Like the file name for
+the -v, --verbose option is named `verbose.d`.
+
+Each file has a set of meta-data and a body of text.
+
+### Meta-data
+
+ Short: (single letter, without dash)
+ Long: (long form name, without dashes)
+ Arg: (the argument the option takes)
+ Magic: (description of "magic" options)
+ Tags: (space separated list)
+ Protocols: (space separated list for which protocols this option works)
+ Added: (version number in which this was added)
+ Mutexed: (space separated list of options this overrides, no dashes)
+ Requires: (space separated list of features this requires, no dashes)
+ See-also: (space separated list of related options, no dashes)
+ Help: (short text for the --help output for this option)
+ --- (end of meta-data)
+
+### Body
+
+The body of the description. Only refer to options with their long form option
+version, like --verbose. The output generator will replace such with the
+correct markup that shows both short and long version.
+
+## Header
+
+`page-header` is the nroff formatted file that will be output before the
+generated options output for the master man page.
+
+## Generate
+
+`./gen.pl mainpage`
+
+This command outputs a single huge nroff file, meant to become `curl.1`. The
+full curl man page.
+
+`./gen.pl listhelp`
+
+Generates a full `curl --help` output for all known command line options.
diff --git a/docs/cmdline-opts/Makefile.am b/docs/cmdline-opts/Makefile.am
new file mode 100644
index 000000000..e6ecf7a6b
--- /dev/null
+++ b/docs/cmdline-opts/Makefile.am
@@ -0,0 +1,34 @@
+#***************************************************************************
+# _ _ ____ _
+# Project ___| | | | _ \| |
+# / __| | | | |_) | |
+# | (__| |_| | _ <| |___
+# \___|\___/|_| \_\_____|
+#
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+
+AUTOMAKE_OPTIONS = foreign no-dependencies
+
+MANPAGE = $(top_builddir)/docs/curl.1
+
+include Makefile.inc
+
+EXTRA_DIST = $(DPAGES) MANPAGE.md gen.pl $(OTHERPAGES) CMakeLists.txt
+
+all: $(MANPAGE)
+
+$(MANPAGE): $(DPAGES) $(OTHERPAGES) Makefile.inc
+ @PERL@ $(srcdir)/gen.pl mainpage $(srcdir) > $(MANPAGE)
diff --git a/docs/cmdline-opts/Makefile.inc b/docs/cmdline-opts/Makefile.inc
new file mode 100644
index 000000000..7eea5c6c5
--- /dev/null
+++ b/docs/cmdline-opts/Makefile.inc
@@ -0,0 +1,48 @@
+# Shared between Makefile.am and CMakeLists.txt
+
+DPAGES = abstract-unix-socket.d anyauth.d append.d basic.d cacert.d capath.d
cert.d \
+ cert-status.d cert-type.d ciphers.d compressed.d config.d \
+ connect-timeout.d connect-to.d continue-at.d cookie.d cookie-jar.d \
+ create-dirs.d crlf.d crlfile.d data-ascii.d data-binary.d data.d \
+ data-raw.d data-urlencode.d delegation.d digest.d disable.d \
+ disable-eprt.d disable-epsv.d dns-interface.d dns-ipv4-addr.d \
+ dns-ipv6-addr.d dns-servers.d dump-header.d egd-file.d engine.d \
+ expect100-timeout.d fail.d fail-early.d false-start.d \
+ form.d form-string.d ftp-account.d ftp-alternative-to-user.d \
+ ftp-create-dirs.d ftp-method.d ftp-pasv.d ftp-port.d ftp-pret.d \
+ ftp-skip-pasv-ip.d ftp-ssl-ccc.d ftp-ssl-ccc-mode.d ftp-ssl-control.d \
+ get.d globoff.d head.d header.d help.d hostpubmd5.d http1.0.d \
+ http1.1.d http2.d http2-prior-knowledge.d ignore-content-length.d \
+ include.d insecure.d interface.d ipv4.d ipv6.d junk-session-cookies.d \
+ keepalive-time.d key.d key-type.d krb.d libcurl.d limit-rate.d \
+ list-only.d local-port.d location.d location-trusted.d \
+ login-options.d mail-auth.d mail-from.d mail-rcpt.d manual.d \
+ max-filesize.d max-redirs.d max-time.d metalink.d negotiate.d netrc.d \
+ netrc-file.d netrc-optional.d next.d no-alpn.d no-buffer.d \
+ no-keepalive.d no-npn.d noproxy.d no-sessionid.d ntlm.d ntlm-wb.d \
+ oauth2-bearer.d output.d pass.d path-as-is.d pinnedpubkey.d post301.d \
+ post302.d post303.d preproxy.d progress-bar.d proto.d proto-default.d \
+ proto-redir.d proxy1.0.d proxy-anyauth.d proxy-basic.d proxy-cacert.d \
+ proxy-capath.d proxy-cert.d proxy-cert-type.d proxy-ciphers.d \
+ proxy-crlfile.d proxy.d proxy-digest.d proxy-header.d \
+ proxy-insecure.d proxy-key.d proxy-key-type.d proxy-negotiate.d \
+ proxy-ntlm.d proxy-pass.d proxy-service-name.d \
+ proxy-ssl-allow-beast.d proxy-tlsauthtype.d proxy-tlspassword.d \
+ proxy-tlsuser.d proxy-tlsv1.d proxytunnel.d proxy-user.d pubkey.d \
+ quote.d random-file.d range.d raw.d referer.d remote-header-name.d \
+ remote-name-all.d remote-name.d remote-time.d request.d resolve.d \
+ retry-connrefused.d retry.d retry-delay.d retry-max-time.d sasl-ir.d \
+ service-name.d show-error.d silent.d socks4a.d socks4.d socks5.d \
+ socks5-basic.d socks5-gssapi.d \
+ socks5-gssapi-nec.d socks5-gssapi-service.d socks5-hostname.d \
+ speed-limit.d speed-time.d ssl-allow-beast.d ssl.d ssl-no-revoke.d \
+ ssl-reqd.d sslv2.d sslv3.d stderr.d suppress-connect-headers.d \
+ tcp-fastopen.d tcp-nodelay.d \
+ telnet-option.d tftp-blksize.d tftp-no-options.d time-cond.d \
+ tls-max.d \
+ tlsauthtype.d tlspassword.d tlsuser.d tlsv1.0.d tlsv1.1.d tlsv1.2.d \
+ tlsv1.3.d tlsv1.d trace-ascii.d trace.d trace-time.d tr-encoding.d \
+ unix-socket.d upload-file.d url.d use-ascii.d user-agent.d user.d \
+ verbose.d version.d write-out.d xattr.d request-target.d
+
+OTHERPAGES = page-footer page-header
diff --git a/docs/cmdline-opts/abstract-unix-socket.d
b/docs/cmdline-opts/abstract-unix-socket.d
new file mode 100644
index 000000000..1fda4e5df
--- /dev/null
+++ b/docs/cmdline-opts/abstract-unix-socket.d
@@ -0,0 +1,9 @@
+Long: abstract-unix-socket
+Arg: <path>
+Help: Connect via abstract Unix domain socket
+Added: 7.53.0
+Protocols: HTTP
+---
+Connect through an abstract Unix domain socket, instead of using the network.
+Note: netstat shows the path of an abstract socket prefixed with '@', however
+the <path> argument should not have this leading character.
diff --git a/docs/cmdline-opts/anyauth.d b/docs/cmdline-opts/anyauth.d
new file mode 100644
index 000000000..c32d1ed5e
--- /dev/null
+++ b/docs/cmdline-opts/anyauth.d
@@ -0,0 +1,17 @@
+Long: anyauth
+Help: Pick any authentication method
+Protocols: HTTP
+See-also: proxy-anyauth basic digest
+---
+Tells curl to figure out authentication method by itself, and use the most
+secure one the remote site claims to support. This is done by first doing a
+request and checking the response-headers, thus possibly inducing an extra
+network round-trip. This is used instead of setting a specific authentication
+method, which you can do with --basic, --digest, --ntlm, and --negotiate.
+
+Using --anyauth is not recommended if you do uploads from stdin, since it may
+require data to be sent twice and then the client must be able to rewind. If
+the need should arise when uploading from stdin, the upload operation will
+fail.
+
+Used together with --user.
diff --git a/docs/cmdline-opts/append.d b/docs/cmdline-opts/append.d
new file mode 100644
index 000000000..f001b1239
--- /dev/null
+++ b/docs/cmdline-opts/append.d
@@ -0,0 +1,8 @@
+Short: a
+Long: append
+Help: Append to target file when uploading
+Protocols: FTP SFTP
+---
+When used in an upload, this makes curl append to the target file instead of
+overwriting it. If the remote file doesn't exist, it will be created. Note
+that this flag is ignored by some SFTP servers (including OpenSSH).
diff --git a/docs/cmdline-opts/basic.d b/docs/cmdline-opts/basic.d
new file mode 100644
index 000000000..09d42af9d
--- /dev/null
+++ b/docs/cmdline-opts/basic.d
@@ -0,0 +1,11 @@
+Long: basic
+Help: Use HTTP Basic Authentication
+See-also: proxy-basic
+Protocols: HTTP
+---
+Tells curl to use HTTP Basic authentication with the remote host. This is the
+default and this option is usually pointless, unless you use it to override a
+previously set option that sets a different authentication method (such as
+--ntlm, --digest, or --negotiate).
+
+Used together with --user.
diff --git a/docs/cmdline-opts/cacert.d b/docs/cmdline-opts/cacert.d
new file mode 100644
index 000000000..04e113980
--- /dev/null
+++ b/docs/cmdline-opts/cacert.d
@@ -0,0 +1,28 @@
+Long: cacert
+Arg: <CA certificate>
+Help: CA certificate to verify peer against
+Protocols: TLS
+---
+Tells curl to use the specified certificate file to verify the peer. The file
+may contain multiple CA certificates. The certificate(s) must be in PEM
+format. Normally curl is built to use a default file for this, so this option
+is typically used to alter that default file.
+
+curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is
+set, and uses the given path as a path to a CA cert bundle. This option
+overrides that variable.
+
+The windows version of curl will automatically look for a CA certs file named
+\'curl-ca-bundle.crt\', either in the same directory as curl.exe, or in the
+Current Working Directory, or in any folder along your PATH.
+
+If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
+(libnsspem.so) needs to be available for this option to work properly.
+
+(iOS and macOS only) If curl is built against Secure Transport, then this
+option is supported for backward compatibility with other SSL engines, but it
+should not be set. If the option is not set, then curl will use the
+certificates in the system and user Keychain to verify the peer, which is the
+preferred method of verifying the peer's certificate chain.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/capath.d b/docs/cmdline-opts/capath.d
new file mode 100644
index 000000000..0763f7a0d
--- /dev/null
+++ b/docs/cmdline-opts/capath.d
@@ -0,0 +1,15 @@
+Long: capath
+Arg: <dir>
+Help: CA directory to verify peer against
+Protocols: TLS
+---
+Tells curl to use the specified certificate directory to verify the
+peer. Multiple paths can be provided by separating them with ":" (e.g.
+\&"path1:path2:path3"). The certificates must be in PEM format, and if curl is
+built against OpenSSL, the directory must have been processed using the
+c_rehash utility supplied with OpenSSL. Using --capath can allow
+OpenSSL-powered curl to make SSL-connections much more efficiently than using
+--cacert if the --cacert file contains many CA certificates.
+
+If this option is set, the default capath value will be ignored, and if it is
+used several times, the last one will be used.
diff --git a/docs/cmdline-opts/cert-status.d b/docs/cmdline-opts/cert-status.d
new file mode 100644
index 000000000..f1aaa2174
--- /dev/null
+++ b/docs/cmdline-opts/cert-status.d
@@ -0,0 +1,13 @@
+Long: cert-status
+Protocols: TLS
+Added: 7.41.0
+Help: Verify the status of the server certificate
+---
+Tells curl to verify the status of the server certificate by using the
+Certificate Status Request (aka. OCSP stapling) TLS extension.
+
+If this option is enabled and the server sends an invalid (e.g. expired)
+response, if the response suggests that the server certificate has been
revoked,
+or no response at all is received, the verification fails.
+
+This is currently only implemented in the OpenSSL, GnuTLS and NSS backends.
diff --git a/docs/cmdline-opts/cert-type.d b/docs/cmdline-opts/cert-type.d
new file mode 100644
index 000000000..a04bdce5d
--- /dev/null
+++ b/docs/cmdline-opts/cert-type.d
@@ -0,0 +1,10 @@
+Long: cert-type
+Protocols: TLS
+Arg: <type>
+Help: Certificate file type (DER/PEM/ENG)
+See-also: cert key key-type
+---
+Tells curl what certificate type the provided certificate is in. PEM, DER and
+ENG are recognized types. If not specified, PEM is assumed.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/cert.d b/docs/cmdline-opts/cert.d
new file mode 100644
index 000000000..0cd5d535f
--- /dev/null
+++ b/docs/cmdline-opts/cert.d
@@ -0,0 +1,32 @@
+Short: E
+Long: cert
+Arg: <certificate[:password]>
+Help: Client certificate file and password
+Protocols: TLS
+See-also: cert-type key key-type
+---
+Tells curl to use the specified client certificate file when getting a file
+with HTTPS, FTPS or another SSL-based protocol. The certificate must be in
+PKCS#12 format if using Secure Transport, or PEM format if using any other
+engine. If the optional password isn't specified, it will be queried for on
+the terminal. Note that this option assumes a \&"certificate" file that is the
+private key and the client certificate concatenated! See --cert and --key to
+specify them independently.
+
+If curl is built against the NSS SSL library then this option can tell
+curl the nickname of the certificate to use within the NSS database defined
+by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the
+NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be
+loaded. If you want to use a file from the current directory, please precede
+it with "./" prefix, in order to avoid confusion with a nickname. If the
+nickname contains ":", it needs to be preceded by "\\" so that it is not
+recognized as password delimiter. If the nickname contains "\\", it needs to
+be escaped as "\\\\" so that it is not recognized as an escape character.
+
+(iOS and macOS only) If curl is built against Secure Transport, then the
+certificate string can either be the name of a certificate/private key in the
+system or user keychain, or the path to a PKCS#12-encoded certificate and
+private key. If you want to use a file from the current directory, please
+precede it with "./" prefix, in order to avoid confusion with a nickname.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/ciphers.d b/docs/cmdline-opts/ciphers.d
new file mode 100644
index 000000000..d3bac6026
--- /dev/null
+++ b/docs/cmdline-opts/ciphers.d
@@ -0,0 +1,11 @@
+Long: ciphers
+Arg: <list of ciphers>
+help: SSL ciphers to use
+Protocols: TLS
+---
+Specifies which ciphers to use in the connection. The list of ciphers must
+specify valid ciphers. Read up on SSL cipher list details on this URL:
+
+ https://curl.haxx.se/docs/ssl-ciphers.html
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/compressed.d b/docs/cmdline-opts/compressed.d
new file mode 100644
index 000000000..dc130c1f0
--- /dev/null
+++ b/docs/cmdline-opts/compressed.d
@@ -0,0 +1,7 @@
+Long: compressed
+Help: Request compressed response
+Protocols: HTTP
+---
+Request a compressed response using one of the algorithms curl supports, and
+save the uncompressed document. If this option is used and the server sends
+an unsupported encoding, curl will report an error.
diff --git a/docs/cmdline-opts/config.d b/docs/cmdline-opts/config.d
new file mode 100644
index 000000000..105d62828
--- /dev/null
+++ b/docs/cmdline-opts/config.d
@@ -0,0 +1,61 @@
+Long: config
+Arg: <file>
+Help: Read config from a file
+Short: K
+---
+
+Specify a text file to read curl arguments from. The command line arguments
+found in the text file will be used as if they were provided on the command
+line.
+
+Options and their parameters must be specified on the same line in the file,
+separated by whitespace, colon, or the equals sign. Long option names can
+optionally be given in the config file without the initial double dashes and
+if so, the colon or equals characters can be used as separators. If the option
+is specified with one or two dashes, there can be no colon or equals character
+between the option and its parameter.
+
+If the parameter is to contain whitespace, the parameter must be enclosed
+within quotes. Within double quotes, the following escape sequences are
+available: \\\\, \\", \\t, \\n, \\r and \\v. A backslash preceding any other
+letter is ignored. If the first column of a config line is a '#' character,
+the rest of the line will be treated as a comment. Only write one option per
+physical line in the config file.
+
+Specify the filename to --config as '-' to make curl read the file from stdin.
+
+Note that to be able to specify a URL in the config file, you need to specify
+it using the --url option, and not by simply writing the URL on its own
+line. So, it could look similar to this:
+
+url = "https://curl.haxx.se/docs/";
+
+When curl is invoked, it (unless --disable is used) checks for a default
+config file and uses it if found. The default config file is checked for in
+the following places in this order:
+
+1) curl tries to find the "home dir": It first checks for the CURL_HOME and
+then the HOME environment variables. Failing that, it uses getpwuid() on
+Unix-like systems (which returns the home dir given the current user in your
+system). On Windows, it then checks for the APPDATA variable, or as a last
+resort the '%USERPROFILE%\\Application Data'.
+
+2) On windows, if there is no _curlrc file in the home dir, it checks for one
+in the same dir the curl executable is placed. On Unix-like systems, it will
+simply try to load .curlrc from the determined home dir.
+
+.nf
+# --- Example file ---
+# this is a comment
+url = "example.com"
+output = "curlhere.html"
+user-agent = "superagent/1.0"
+
+# and fetch another URL too
+url = "example.com/docs/manpage.html"
+-O
+referer = "http://nowhereatall.example.com/";
+# --- End of example file ---
+.fi
+
+This option can be used multiple times to load multiple config files.
diff --git a/docs/cmdline-opts/connect-timeout.d
b/docs/cmdline-opts/connect-timeout.d
new file mode 100644
index 000000000..3a32d8685
--- /dev/null
+++ b/docs/cmdline-opts/connect-timeout.d
@@ -0,0 +1,11 @@
+Long: connect-timeout
+Arg: <seconds>
+Help: Maximum time allowed for connection
+See-also: max-time
+---
+Maximum time in seconds that you allow curl's connection to take. This only
+limits the connection phase, so if curl connects within the given period it
+will continue - if not it will exit. Since version 7.32.0, this option
+accepts decimal values.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/connect-to.d b/docs/cmdline-opts/connect-to.d
new file mode 100644
index 000000000..458bfe855
--- /dev/null
+++ b/docs/cmdline-opts/connect-to.d
@@ -0,0 +1,21 @@
+Long: connect-to
+Arg: <HOST1:PORT1:HOST2:PORT2>
+Help: Connect to host
+Added: 7.49.0
+See-also: resolve header
+---
+
+For a request to the given HOST1:PORT1 pair, connect to HOST2:PORT2 instead.
+This option is suitable to direct requests at a specific server, e.g. at a
+specific cluster node in a cluster of servers. This option is only used to
+establish the network connection. It does NOT affect the hostname/port that is
+used for TLS/SSL (e.g. SNI, certificate verification) or for the application
+protocols. "HOST1" and "PORT1" may be the empty string, meaning "any
+host/port". "HOST2" and "PORT2" may also be the empty string, meaning "use the
+request's original host/port".
+
+A "host" specified to this option is compared as a string, so it needs to
+match the name used in request URL. It can be either numerical such as
+"127.0.0.1" or the full host name such as "example.org".
+
+This option can be used many times to add many connect rules.
diff --git a/docs/cmdline-opts/continue-at.d b/docs/cmdline-opts/continue-at.d
new file mode 100644
index 000000000..733f4941e
--- /dev/null
+++ b/docs/cmdline-opts/continue-at.d
@@ -0,0 +1,15 @@
+Short: C
+Long: continue-at
+Arg: <offset>
+Help: Resumed transfer offset
+See-also: range
+---
+Continue/Resume a previous file transfer at the given offset. The given offset
+is the exact number of bytes that will be skipped, counting from the beginning
+of the source file before it is transferred to the destination. If used with
+uploads, the FTP server command SIZE will not be used by curl.
+
+Use "-C -" to tell curl to automatically find out where/how to resume the
+transfer. It then uses the given output/input files to figure that out.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/cookie-jar.d b/docs/cmdline-opts/cookie-jar.d
new file mode 100644
index 000000000..da79777eb
--- /dev/null
+++ b/docs/cmdline-opts/cookie-jar.d
@@ -0,0 +1,24 @@
+Short: c
+Long: cookie-jar
+Arg: <filename>
+Protocols: HTTP
+Help: Write cookies to <filename> after operation
+---
+Specify to which file you want curl to write all cookies after a completed
+operation. Curl writes all cookies from its in-memory cookie storage to the
+given file at the end of operations. If no cookies are known, no data will be
+written. The file will be written using the Netscape cookie file format. If
+you set the file name to a single dash, "-", the cookies will be written to
+stdout.
+
+This command line option will activate the cookie engine that makes curl
+record and use cookies. Another way to activate it is to use the --cookie
+option.
+
+If the cookie jar can't be created or written to, the whole curl operation
+won't fail or even report an error clearly. Using --verbose will get a warning
+displayed, but that is the only visible feedback you get about this possibly
+lethal situation.
+
+If this option is used several times, the last specified file name will be
+used.
diff --git a/docs/cmdline-opts/cookie.d b/docs/cmdline-opts/cookie.d
new file mode 100644
index 000000000..383adda6e
--- /dev/null
+++ b/docs/cmdline-opts/cookie.d
@@ -0,0 +1,36 @@
+Short: b
+Long: cookie
+Arg: <data>
+Protocols: HTTP
+Help: Send cookies from string/file
+---
+Pass the data to the HTTP server in the Cookie header. It is supposedly
+the data previously received from the server in a "Set-Cookie:" line. The
+data should be in the format "NAME1=VALUE1; NAME2=VALUE2".
+
+If no '=' symbol is used in the argument, it is instead treated as a filename
+to read previously stored cookie from. This option also activates the cookie
+engine which will make curl record incoming cookies, which may be handy if
+you're using this in combination with the --location option or do multiple URL
+transfers on the same invoke.
+
+The file format of the file to read cookies from should be plain HTTP headers
+(Set-Cookie style) or the Netscape/Mozilla cookie file format.
+
+The file specified with --cookie is only used as input. No cookies will be
+written to the file. To store cookies, use the --cookie-jar option.
+
+Exercise caution if you are using this option and multiple transfers may
+occur. If you use the NAME1=VALUE1; format, or in a file use the Set-Cookie
+format and don't specify a domain, then the cookie is sent for any domain
+(even after redirects are followed) and cannot be modified by a server-set
+cookie. If the cookie engine is enabled and a server sets a cookie of the same
+name then both will be sent on a future transfer to that server, likely not
+what you intended. To address these issues set a domain in Set-Cookie (doing
+that will include sub domains) or use the Netscape format.
+
+If this option is used several times, the last one will be used.
+
+Users very often want to both read cookies from a file and write updated
+cookies back to a file, so using both --cookie and --cookie-jar in the same
+command line is common.
diff --git a/docs/cmdline-opts/create-dirs.d b/docs/cmdline-opts/create-dirs.d
new file mode 100644
index 000000000..49e22e75a
--- /dev/null
+++ b/docs/cmdline-opts/create-dirs.d
@@ -0,0 +1,9 @@
+Long: create-dirs
+Help: Create necessary local directory hierarchy
+---
+When used in conjunction with the --output option, curl will create the
+necessary local directory hierarchy as needed. This option creates the dirs
+mentioned with the --output option, nothing else. If the --output file name
+uses no dir or if the dirs it mentions already exist, no dir will be created.
+
+To create remote directories when using FTP or SFTP, try --ftp-create-dirs.
diff --git a/docs/cmdline-opts/crlf.d b/docs/cmdline-opts/crlf.d
new file mode 100644
index 000000000..f6694b654
--- /dev/null
+++ b/docs/cmdline-opts/crlf.d
@@ -0,0 +1,7 @@
+Long: crlf
+Help: Convert LF to CRLF in upload
+Protocols: FTP SMTP
+---
+Convert LF to CRLF in upload. Useful for MVS (OS/390).
+
+(SMTP added in 7.40.0)
diff --git a/docs/cmdline-opts/crlfile.d b/docs/cmdline-opts/crlfile.d
new file mode 100644
index 000000000..0fcc63c85
--- /dev/null
+++ b/docs/cmdline-opts/crlfile.d
@@ -0,0 +1,10 @@
+Long: crlfile
+Arg: <file>
+Protocols: TLS
+Help: Get a CRL list in PEM format from the given file
+Added: 7.19.7
+---
+Provide a file using PEM format with a Certificate Revocation List that may
+specify peer certificates that are to be considered revoked.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/data-ascii.d b/docs/cmdline-opts/data-ascii.d
new file mode 100644
index 000000000..bda4abc3d
--- /dev/null
+++ b/docs/cmdline-opts/data-ascii.d
@@ -0,0 +1,6 @@
+Long: data-ascii
+Arg: <data>
+Help: HTTP POST ASCII data
+Protocols: HTTP
+---
+This is just an alias for --data.
diff --git a/docs/cmdline-opts/data-binary.d b/docs/cmdline-opts/data-binary.d
new file mode 100644
index 000000000..c6721c641
--- /dev/null
+++ b/docs/cmdline-opts/data-binary.d
@@ -0,0 +1,13 @@
+Long: data-binary
+Arg: <data>
+Help: HTTP POST binary data
+Protocols: HTTP
+---
+This posts data exactly as specified with no extra processing whatsoever.
+
+If you start the data with the letter @, the rest should be a filename. Data
+is posted in a similar manner as --data does, except that newlines and
+carriage returns are preserved and conversions are never done.
+
+If this option is used several times, the ones following the first will append
+data as described in --data.
diff --git a/docs/cmdline-opts/data-raw.d b/docs/cmdline-opts/data-raw.d
new file mode 100644
index 000000000..7669b4abf
--- /dev/null
+++ b/docs/cmdline-opts/data-raw.d
@@ -0,0 +1,9 @@
+Long: data-raw
+Arg: <data>
+Protocols: HTTP
+Help: HTTP POST data, '@' allowed
+Added: 7.43.0
+See-also: data
+---
+This posts data similarly to --data but without the special
+interpretation of the @ character.
diff --git a/docs/cmdline-opts/data-urlencode.d
b/docs/cmdline-opts/data-urlencode.d
new file mode 100644
index 000000000..9873f3356
--- /dev/null
+++ b/docs/cmdline-opts/data-urlencode.d
@@ -0,0 +1,33 @@
+Long: data-urlencode
+Arg: <data>
+Help: HTTP POST data url encoded
+Protocols: HTTP
+See-also: data data-raw
+Added: 7.18.0
+---
+This posts data, similar to the other --data options with the exception
+that this performs URL-encoding.
+
+To be CGI-compliant, the <data> part should begin with a \fIname\fP followed
+by a separator and a content specification. The <data> part can be passed to
+curl using one of the following syntaxes:
+.RS
+.IP "content"
+This will make curl URL-encode the content and pass that on. Just be careful
+so that the content doesn't contain any = or @ symbols, as that will then make
+the syntax match one of the other cases below!
+.IP "=content"
+This will make curl URL-encode the content and pass that on. The preceding =
+symbol is not included in the data.
+.IP "name=content"
+This will make curl URL-encode the content part and pass that on. Note that
+the name part is expected to be URL-encoded already.
+.IP "@filename"
+This will make curl load data from the given file (including any newlines),
+URL-encode that data and pass it on in the POST.
+.IP "address@hidden"
+This will make curl load data from the given file (including any newlines),
+URL-encode that data and pass it on in the POST. The name part gets an equal
+sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
+name is expected to be URL-encoded already.
+.RE
diff --git a/docs/cmdline-opts/data.d b/docs/cmdline-opts/data.d
new file mode 100644
index 000000000..157285840
--- /dev/null
+++ b/docs/cmdline-opts/data.d
@@ -0,0 +1,30 @@
+Long: data
+Short: d
+Arg: <data>
+Help: HTTP POST data
+Protocols: HTTP
+See-also: data-binary data-urlencode data-raw
+Mutexed: form head upload
+---
+Sends the specified data in a POST request to the HTTP server, in the same way
+that a browser does when a user has filled in an HTML form and presses the
+submit button. This will cause curl to pass the data to the server using the
+content-type application/x-www-form-urlencoded. Compare to --form.
+
+--data-raw is almost the same but does not have a special interpretation of
+the @ character. To post data purely binary, you should instead use the
+--data-binary option. To URL-encode the value of a form field you may use
+--data-urlencode.
+
+If any of these options is used more than once on the same command line, the
+data pieces specified will be merged together with a separating
+&-symbol. Thus, using '-d name=daniel -d skill=lousy' would generate a post
+chunk that looks like \&'name=daniel&skill=lousy'.
+
+If you start the data with the letter @, the rest should be a file name to
+read the data from, or - if you want curl to read the data from
+stdin. Multiple files can also be specified. Posting data from a file named
+'foobar' would thus be done with --data @foobar. When --data is told to read
+from a file like that, carriage returns and newlines will be stripped out. If
+you don't want the @ character to have a special interpretation use --data-raw
+instead.
diff --git a/docs/cmdline-opts/delegation.d b/docs/cmdline-opts/delegation.d
new file mode 100644
index 000000000..138d82333
--- /dev/null
+++ b/docs/cmdline-opts/delegation.d
@@ -0,0 +1,16 @@
+Long: delegation
+Arg: <LEVEL>
+Help: GSS-API delegation permission
+Protocols: GSS/kerberos
+---
+Set LEVEL to tell the server what it is allowed to delegate when it
+comes to user credentials.
+.RS
+.IP "none"
+Don't allow any delegation.
+.IP "policy"
+Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos
+service ticket, which is a matter of realm policy.
+.IP "always"
+Unconditionally allow the server to delegate.
+.RE
diff --git a/docs/cmdline-opts/digest.d b/docs/cmdline-opts/digest.d
new file mode 100644
index 000000000..5cdd9258a
--- /dev/null
+++ b/docs/cmdline-opts/digest.d
@@ -0,0 +1,11 @@
+Long: digest
+Help: Use HTTP Digest Authentication
+Protocols: HTTP
+Mutexed: basic ntlm negotiate
+See-also: user proxy-digest anyauth
+---
+Enables HTTP Digest authentication. This is an authentication scheme that
+prevents the password from being sent over the wire in clear text. Use this in
+combination with the normal --user option to set user name and password.
+
+If this option is used several times, only the first one is used.
diff --git a/docs/cmdline-opts/disable-eprt.d b/docs/cmdline-opts/disable-eprt.d
new file mode 100644
index 000000000..a1e53c0bd
--- /dev/null
+++ b/docs/cmdline-opts/disable-eprt.d
@@ -0,0 +1,19 @@
+Long: disable-eprt
+Help: Inhibit using EPRT or LPRT
+Protocols: FTP
+---
+Tell curl to disable the use of the EPRT and LPRT commands when doing active
+FTP transfers. Curl will normally always first attempt to use EPRT, then LPRT
+before using PORT, but with this option, it will use PORT right away. EPRT and
+LPRT are extensions to the original FTP protocol, and may not work on all
+servers, but they enable more functionality in a better way than the
+traditional PORT command.
+
+--eprt can be used to explicitly enable EPRT again and --no-eprt is an alias
+for --disable-eprt.
+
+If the server is accessed using IPv6, this option will have no effect as EPRT
+is necessary then.
+
+Disabling EPRT only changes the active behavior. If you want to switch to
+passive mode you need to not use --ftp-port or force it with --ftp-pasv.
diff --git a/docs/cmdline-opts/disable-epsv.d b/docs/cmdline-opts/disable-epsv.d
new file mode 100644
index 000000000..6d2cb7089
--- /dev/null
+++ b/docs/cmdline-opts/disable-epsv.d
@@ -0,0 +1,16 @@
+Long: disable-epsv
+Help: Inhibit using EPSV
+Protocols: FTP
+---
+(FTP) Tell curl to disable the use of the EPSV command when doing passive FTP
+transfers. Curl will normally always first attempt to use EPSV before PASV,
+but with this option, it will not try using EPSV.
+
+--epsv can be used to explicitly enable EPSV again and --no-epsv is an alias
+for --disable-epsv.
+
+If the server is an IPv6 host, this option will have no effect as EPSV is
+necessary then.
+
+Disabling EPSV only changes the passive behavior. If you want to switch to
+active mode you need to use --ftp-port.
diff --git a/docs/cmdline-opts/disable.d b/docs/cmdline-opts/disable.d
new file mode 100644
index 000000000..20b27b4c5
--- /dev/null
+++ b/docs/cmdline-opts/disable.d
@@ -0,0 +1,7 @@
+Long: disable
+Short: q
+Help: Disable .curlrc
+---
+If used as the first parameter on the command line, the \fIcurlrc\fP config
+file will not be read and used. See the --config for details on the default
+config file search path.
diff --git a/docs/cmdline-opts/dns-interface.d
b/docs/cmdline-opts/dns-interface.d
new file mode 100644
index 000000000..45e5af263
--- /dev/null
+++ b/docs/cmdline-opts/dns-interface.d
@@ -0,0 +1,11 @@
+Long: dns-interface
+Arg: <interface>
+Help: Interface to use for DNS requests
+Protocols: DNS
+See-also: dns-ipv4-addr dns-ipv6-addr
+Added: 7.33.0
+Requires: c-ares
+---
+Tell curl to send outgoing DNS requests through <interface>. This option is a
+counterpart to --interface (which does not affect DNS). The supplied string
+must be an interface name (not an address).
diff --git a/docs/cmdline-opts/dns-ipv4-addr.d
b/docs/cmdline-opts/dns-ipv4-addr.d
new file mode 100644
index 000000000..597b85884
--- /dev/null
+++ b/docs/cmdline-opts/dns-ipv4-addr.d
@@ -0,0 +1,11 @@
+Long: dns-ipv4-addr
+Arg: <address>
+Help: IPv4 address to use for DNS requests
+Protocols: DNS
+See-also: dns-interface dns-ipv6-addr
+Added: 7.33.0
+Requires: c-ares
+---
+Tell curl to bind to <ip-address> when making IPv4 DNS requests, so that
+the DNS requests originate from this address. The argument should be a
+single IPv4 address.
diff --git a/docs/cmdline-opts/dns-ipv6-addr.d
b/docs/cmdline-opts/dns-ipv6-addr.d
new file mode 100644
index 000000000..581f01953
--- /dev/null
+++ b/docs/cmdline-opts/dns-ipv6-addr.d
@@ -0,0 +1,11 @@
+Long: dns-ipv6-addr
+Arg: <address>
+Help: IPv6 address to use for DNS requests
+Protocols: DNS
+See-also: dns-interface dns-ipv4-addr
+Added: 7.33.0
+Requires: c-ares
+---
+Tell curl to bind to <ip-address> when making IPv6 DNS requests, so that
+the DNS requests originate from this address. The argument should be a
+single IPv6 address.
diff --git a/docs/cmdline-opts/dns-servers.d b/docs/cmdline-opts/dns-servers.d
new file mode 100644
index 000000000..a98fd07d8
--- /dev/null
+++ b/docs/cmdline-opts/dns-servers.d
@@ -0,0 +1,10 @@
+Long: dns-servers
+Arg: <addresses>
+Help: DNS server addrs to use
+Requires: c-ares
+Added: 7.33.0
+---
+Set the list of DNS servers to be used instead of the system default.
+The list of IP addresses should be separated with commas. Port numbers
+may also optionally be given as \fI:<port-number>\fP after each IP
+address.
diff --git a/docs/cmdline-opts/dump-header.d b/docs/cmdline-opts/dump-header.d
new file mode 100644
index 000000000..05c10affd
--- /dev/null
+++ b/docs/cmdline-opts/dump-header.d
@@ -0,0 +1,18 @@
+Long: dump-header
+Short: D
+Arg: <filename>
+Help: Write the received headers to <filename>
+Protocols: HTTP FTP
+See-also: output
+---
+Write the received protocol headers to the specified file.
+
+This option is handy to use when you want to store the headers that an HTTP
+site sends to you. Cookies from the headers could then be read in a second
+curl invocation by using the --cookie option! The --cookie-jar option is a
+better way to store cookies.
+
+When used in FTP, the FTP server response lines are considered being "headers"
+and thus are saved there.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/egd-file.d b/docs/cmdline-opts/egd-file.d
new file mode 100644
index 000000000..c22790f6a
--- /dev/null
+++ b/docs/cmdline-opts/egd-file.d
@@ -0,0 +1,8 @@
+Long: egd-file
+Arg: <file>
+Help: EGD socket path for random data
+Protocols: TLS
+See-also: random-file
+---
+Specify the path name to the Entropy Gathering Daemon socket. The socket is
+used to seed the random engine for SSL connections.
diff --git a/docs/cmdline-opts/engine.d b/docs/cmdline-opts/engine.d
new file mode 100644
index 000000000..cde1a4773
--- /dev/null
+++ b/docs/cmdline-opts/engine.d
@@ -0,0 +1,8 @@
+Long: engine
+Arg: <name>
+Help: Crypto engine to use
+Protocols: TLS
+---
+Select the OpenSSL crypto engine to use for cipher operations. Use --engine
+list to print a list of build-time supported engines. Note that not all (or
+none) of the engines may be available at run-time.
diff --git a/docs/cmdline-opts/expect100-timeout.d
b/docs/cmdline-opts/expect100-timeout.d
new file mode 100644
index 000000000..c88f0b84f
--- /dev/null
+++ b/docs/cmdline-opts/expect100-timeout.d
@@ -0,0 +1,11 @@
+Long: expect100-timeout
+Arg: <seconds>
+Help: How long to wait for 100-continue
+Protocols: HTTP
+Added: 7.47.0
+See-also: connect-timeout
+---
+Maximum time in seconds that you allow curl to wait for a 100-continue
+response when curl emits an Expects: 100-continue header in its request. By
+default curl will wait one second. This option accepts decimal values! When
+curl stops waiting, it will continue as if the response has been received.
diff --git a/docs/cmdline-opts/fail-early.d b/docs/cmdline-opts/fail-early.d
new file mode 100644
index 000000000..375d4c919
--- /dev/null
+++ b/docs/cmdline-opts/fail-early.d
@@ -0,0 +1,21 @@
+Long: fail-early
+Help: Fail on first transfer error, do not continue
+Added: 7.52.0
+---
+Fail and exit on the first detected transfer error.
+
+When curl is used to do multiple transfers on the command line, it will
+attempt to operate on each given URL, one by one. By default, it will ignore
+errors if there are more URLs given and the last URL's success will determine
+the error code curl returns. So early failures will be "hidden" by subsequent
+successful transfers.
+
+Using this option, curl will instead return an error on the first transfer
+that fails, independent of the amount of URLs that are given on the command
+line. This way, no transfer failures go undetected by scripts and similar.
+
+This option is global and does not need to be specified for each use of --next.
+
+This option does not imply --fail, which causes transfers to fail due to the
+server's HTTP status code. You can combine the two options, however note --fail
+is not global and is therefore contained by --next.
diff --git a/docs/cmdline-opts/fail.d b/docs/cmdline-opts/fail.d
new file mode 100644
index 000000000..c46c571bf
--- /dev/null
+++ b/docs/cmdline-opts/fail.d
@@ -0,0 +1,14 @@
+Long: fail
+Short: f
+Protocols: HTTP
+Help: Fail silently (no output at all) on HTTP errors
+---
+Fail silently (no output at all) on server errors. This is mostly done to
+better enable scripts etc to better deal with failed attempts. In normal cases
+when an HTTP server fails to deliver a document, it returns an HTML document
+stating so (which often also describes why and more). This flag will prevent
+curl from outputting that and return error 22.
+
+This method is not fail-safe and there are occasions where non-successful
+response codes will slip through, especially when authentication is involved
+(response codes 401 and 407).
diff --git a/docs/cmdline-opts/false-start.d b/docs/cmdline-opts/false-start.d
new file mode 100644
index 000000000..65a8afb8f
--- /dev/null
+++ b/docs/cmdline-opts/false-start.d
@@ -0,0 +1,12 @@
+Long: false-start
+Help: Enable TLS False Start
+Protocols: TLS
+Added: 7.42.0
+---
+Tells curl to use false start during the TLS handshake. False start is a mode
+where a TLS client will start sending application data before verifying the
+server's Finished message, thus saving a round trip when performing a full
+handshake.
+
+This is currently only implemented in the NSS and Secure Transport (on iOS 7.0
+or later, or OS X 10.9 or later) backends.
diff --git a/docs/cmdline-opts/form-string.d b/docs/cmdline-opts/form-string.d
new file mode 100644
index 000000000..80790553c
--- /dev/null
+++ b/docs/cmdline-opts/form-string.d
@@ -0,0 +1,11 @@
+Long: form-string
+Help: Specify HTTP multipart POST data
+Protocols: HTTP
+Arg: <name=string>
+See-also: form
+---
+Similar to --form except that the value string for the named parameter is used
+literally. Leading \&'@' and \&'<' characters, and the \&';type=' string in
+the value have no special meaning. Use this in preference to --form if
+there's any possibility that the string value may accidentally trigger the
+\&'@' or \&'<' features of --form.
diff --git a/docs/cmdline-opts/form.d b/docs/cmdline-opts/form.d
new file mode 100644
index 000000000..87a7d0766
--- /dev/null
+++ b/docs/cmdline-opts/form.d
@@ -0,0 +1,54 @@
+Long: form
+Short: F
+Arg: <name=content>
+Help: Specify HTTP multipart POST data
+Protocols: HTTP
+Mutexed: data head upload
+---
+This lets curl emulate a filled-in form in which a user has pressed the submit
+button. This causes curl to POST data using the Content-Type
+multipart/form-data according to RFC 2388. This enables uploading of binary
+files etc. To force the 'content' part to be a file, prefix the file name with
+an @ sign. To just get the content part from a file, prefix the file name with
+the symbol <. The difference between @ and < is then that @ makes a file get
+attached in the post as a file upload, while the < makes a text field and just
+get the contents for that text field from a file.
+
+Example: to send an image to a server, where \&'profile' is the name of the
+form-field to which portrait.jpg will be the input:
+
+ curl -F address@hidden https://example.com/upload.cgi
+
+To read content from stdin instead of a file, use - as the filename. This goes
+for both @ and < constructs. Unfortunately it does not support reading the
+file from a named pipe or similar, as it needs the full size before the
+transfer starts.
+
+You can also tell curl what Content-Type to use by using 'type=', in a manner
+similar to:
+
+ curl -F "address@hidden;type=text/html" example.com
+
+or
+
+ curl -F "name=daniel;type=text/foo" example.com
+
+You can also explicitly change the name field of a file upload part by setting
+filename=, like this:
+
+ curl -F "address@hidden;filename=nameinpost" example.com
+
+If filename/path contains ',' or ';', it must be quoted by double-quotes like:
+
+ curl -F "address@hidden"localfile\\";filename=\\"nameinpost\\"" example.com
+
+or
+
+ curl -F 'file=@"localfile";filename="nameinpost"' example.com
+
+Note that if a filename/path is quoted by double-quotes, any double-quote
+or backslash within the filename must be escaped by backslash.
+
+See further examples and details in the MANUAL.
+
+This option can be used multiple times.
diff --git a/docs/cmdline-opts/ftp-account.d b/docs/cmdline-opts/ftp-account.d
new file mode 100644
index 000000000..013c4f37b
--- /dev/null
+++ b/docs/cmdline-opts/ftp-account.d
@@ -0,0 +1,10 @@
+Long: ftp-account
+Arg: <data>
+Help: Account data string
+Protocols: FTP
+Added: 7.13.0
+---
+When an FTP server asks for "account data" after user name and password has
+been provided, this data is sent off using the ACCT command.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/ftp-alternative-to-user.d
b/docs/cmdline-opts/ftp-alternative-to-user.d
new file mode 100644
index 000000000..8982ba8b8
--- /dev/null
+++ b/docs/cmdline-opts/ftp-alternative-to-user.d
@@ -0,0 +1,10 @@
+Long: ftp-alternative-to-user
+Arg: <command>
+Help: String to replace USER [name]
+Protocols: FTP
+Added: 7.15.5
+---
+If authenticating with the USER and PASS commands fails, send this command.
+When connecting to Tumbleweed's Secure Transport server over FTPS using a
+client certificate, using "SITE AUTH" will tell the server to retrieve the
+username from the certificate.
diff --git a/docs/cmdline-opts/ftp-create-dirs.d
b/docs/cmdline-opts/ftp-create-dirs.d
new file mode 100644
index 000000000..ede57100d
--- /dev/null
+++ b/docs/cmdline-opts/ftp-create-dirs.d
@@ -0,0 +1,8 @@
+Long: ftp-create-dirs
+Protocols: FTP SFTP
+Help: Create the remote dirs if not present
+See-also: create-dirs
+---
+When an FTP or SFTP URL/operation uses a path that doesn't currently exist on
+the server, the standard behavior of curl is to fail. Using this option, curl
+will instead attempt to create missing directories.
diff --git a/docs/cmdline-opts/ftp-method.d b/docs/cmdline-opts/ftp-method.d
new file mode 100644
index 000000000..95aa522e8
--- /dev/null
+++ b/docs/cmdline-opts/ftp-method.d
@@ -0,0 +1,21 @@
+Long: ftp-method
+Arg: <method>
+Help: Control CWD usage
+Protocols: FTP
+Added: 7.15.1
+---
+Control what method curl should use to reach a file on an FTP(S)
+server. The method argument should be one of the following alternatives:
+.RS
+.IP multicwd
+curl does a single CWD operation for each path part in the given URL. For deep
+hierarchies this means very many commands. This is how RFC 1738 says it should
+be done. This is the default but the slowest behavior.
+.IP nocwd
+curl does no CWD at all. curl will do SIZE, RETR, STOR etc and give a full
+path to the server for all these commands. This is the fastest behavior.
+.IP singlecwd
+curl does one CWD with the full target directory and then operates on the file
+\&"normally" (like in the multicwd case). This is somewhat more standards
+compliant than 'nocwd' but without the full penalty of 'multicwd'.
+.RE
diff --git a/docs/cmdline-opts/ftp-pasv.d b/docs/cmdline-opts/ftp-pasv.d
new file mode 100644
index 000000000..44103e21a
--- /dev/null
+++ b/docs/cmdline-opts/ftp-pasv.d
@@ -0,0 +1,16 @@
+Long: ftp-pasv
+Help: Use PASV/EPSV instead of PORT
+Protocols: FTP
+Added: 7.11.0
+See-also: disable-epsv
+---
+Use passive mode for the data connection. Passive is the internal default
+behavior, but using this option can be used to override a previous --ftp-port
+option.
+
+If this option is used several times, only the first one is used. Undoing an
+enforced passive really isn't doable but you must then instead enforce the
+correct --ftp-port again.
+
+Passive mode means that curl will try the EPSV command first and then PASV,
+unless --disable-epsv is used.
diff --git a/docs/cmdline-opts/ftp-port.d b/docs/cmdline-opts/ftp-port.d
new file mode 100644
index 000000000..a852e9054
--- /dev/null
+++ b/docs/cmdline-opts/ftp-port.d
@@ -0,0 +1,32 @@
+Long: ftp-port
+Arg: <address>
+Help: Use PORT instead of PASV
+Short: P
+Protocols: FTP
+See-also: ftp-pasv disable-eprt
+---
+Reverses the default initiator/listener roles when connecting with FTP. This
+option makes curl use active mode. curl then tells the server to connect back
+to the client's specified address and port, while passive mode asks the server
+to setup an IP address and port for it to connect to. <address> should be one
+of:
+.RS
+.IP interface
+i.e "eth0" to specify which interface's IP address you want to use (Unix only)
+.IP "IP address"
+i.e "192.168.10.1" to specify the exact IP address
+.IP "host name"
+i.e "my.host.domain" to specify the machine
+.IP "-"
+make curl pick the same IP address that is already used for the control
+connection
+.RE
+
+If this option is used several times, the last one will be used. Disable the
+use of PORT with --ftp-pasv. Disable the attempt to use the EPRT command
+instead of PORT by using --disable-eprt. EPRT is really PORT++.
+
+Since 7.19.5, you can append \&":[start]-[end]\&" to the right of the address,
+to tell curl what TCP port range to use. That means you specify a port range,
+from a lower to a higher number. A single number works as well, but do note
+that it increases the risk of failure since the port may not be available.
diff --git a/docs/cmdline-opts/ftp-pret.d b/docs/cmdline-opts/ftp-pret.d
new file mode 100644
index 000000000..dac4c3531
--- /dev/null
+++ b/docs/cmdline-opts/ftp-pret.d
@@ -0,0 +1,8 @@
+Long: ftp-pret
+Help: Send PRET before PASV
+Protocols: FTP
+Added: 7.20.0
+---
+Tell curl to send a PRET command before PASV (and EPSV). Certain FTP servers,
+mainly drftpd, require this non-standard command for directory listings as
+well as up and downloads in PASV mode.
diff --git a/docs/cmdline-opts/ftp-skip-pasv-ip.d
b/docs/cmdline-opts/ftp-skip-pasv-ip.d
new file mode 100644
index 000000000..da6ab11fc
--- /dev/null
+++ b/docs/cmdline-opts/ftp-skip-pasv-ip.d
@@ -0,0 +1,12 @@
+Long: ftp-skip-pasv-ip
+Help: Skip the IP address for PASV
+Protocols: FTP
+Added: 7.14.2
+See-also: ftp-pasv
+---
+Tell curl to not use the IP address the server suggests in its response
+to curl's PASV command when curl connects the data connection. Instead curl
+will re-use the same IP address it already uses for the control
+connection.
+
+This option has no effect if PORT, EPRT or EPSV is used instead of PASV.
diff --git a/docs/cmdline-opts/ftp-ssl-ccc-mode.d
b/docs/cmdline-opts/ftp-ssl-ccc-mode.d
new file mode 100644
index 000000000..be1029498
--- /dev/null
+++ b/docs/cmdline-opts/ftp-ssl-ccc-mode.d
@@ -0,0 +1,11 @@
+Long: ftp-ssl-ccc-mode
+Arg: <active/passive>
+Help: Set CCC mode
+Protocols: FTP
+Added: 7.16.2
+See-also: ftp-ssl-ccc
+---
+Sets the CCC mode. The passive mode will not initiate the shutdown, but
+instead wait for the server to do it, and will not reply to the shutdown from
+the server. The active mode initiates the shutdown and waits for a reply from
+the server.
diff --git a/docs/cmdline-opts/ftp-ssl-ccc.d b/docs/cmdline-opts/ftp-ssl-ccc.d
new file mode 100644
index 000000000..c6edc5b39
--- /dev/null
+++ b/docs/cmdline-opts/ftp-ssl-ccc.d
@@ -0,0 +1,10 @@
+Long: ftp-ssl-ccc
+Help: Send CCC after authenticating
+Protocols: FTP
+See-also: ssl ftp-ssl-ccc-mode
+Added: 7.16.1
+---
+Use CCC (Clear Command Channel) Shuts down the SSL/TLS layer after
+authenticating. The rest of the control channel communication will be
+unencrypted. This allows NAT routers to follow the FTP transaction. The
+default mode is passive.
diff --git a/docs/cmdline-opts/ftp-ssl-control.d
b/docs/cmdline-opts/ftp-ssl-control.d
new file mode 100644
index 000000000..87a822531
--- /dev/null
+++ b/docs/cmdline-opts/ftp-ssl-control.d
@@ -0,0 +1,8 @@
+Long: ftp-ssl-control
+Help: Require SSL/TLS for FTP login, clear for transfer
+Protocols: FTP
+Added: 7.16.0
+---
+Require SSL/TLS for the FTP login, clear for transfer. Allows secure
+authentication, but non-encrypted data transfers for efficiency. Fails the
+transfer if the server doesn't support SSL/TLS.
diff --git a/docs/cmdline-opts/gen.pl b/docs/cmdline-opts/gen.pl
new file mode 100755
index 000000000..73ea6d47b
--- /dev/null
+++ b/docs/cmdline-opts/gen.pl
@@ -0,0 +1,385 @@
+#!/usr/bin/perl
+
+=begin comment
+
+This script generates the manpage.
+
+Example: gen.pl mainpage > curl.1
+
+Dev notes:
+
+We open *input* files in :crlf translation (a no-op on many platforms) in
+case we have CRLF line endings in Windows but a perl that defaults to LF.
+Unfortunately it seems some perls like msysgit can't handle a global input-only
+:crlf so it has to be specified on each file open for text input.
+
+=end comment
+=cut
+
+my $some_dir=$ARGV[1] || ".";
+
+opendir(my $dh, $some_dir) || die "Can't opendir $some_dir: $!";
+my @s = grep { /\.d$/ && -f "$some_dir/$_" } readdir($dh);
+closedir $dh;
+
+my %optshort;
+my %optlong;
+my %helplong;
+my %arglong;
+my %redirlong;
+my %protolong;
+
+# get the long name version, return the man page string
+sub manpageify {
+ my ($k)address@hidden;
+ my $l;
+ if($optlong{$k} ne "") {
+ # both short + long
+ $l = "\\fI-".$optlong{$k}.", --$k\\fP";
+ }
+ else {
+ # only long
+ $l = "\\fI--$k\\fP";
+ }
+ return $l;
+}
+
+sub printdesc {
+ my @desc = @_;
+ for my $d (@desc) {
+ # skip lines starting with space (examples)
+ if($d =~ /^[^ ]/) {
+ for my $k (keys %optlong) {
+ my $l = manpageify($k);
+ $d =~ s/--$k([^a-z0-9_-])/$l$1/;
+ }
+ }
+ print $d;
+ }
+}
+
+sub seealso {
+ my($standalone, $data)address@hidden;
+ if($standalone) {
+ return sprintf
+ ".SH \"SEE ALSO\"\n$data\n";
+ }
+ else {
+ return "See also $data. ";
+ }
+}
+
+sub overrides {
+ my ($standalone, $data)address@hidden;
+ if($standalone) {
+ return ".SH \"OVERRIDES\"\n$data\n";
+ }
+ else {
+ return $data;
+ }
+}
+
+sub protocols {
+ my ($standalone, $data)address@hidden;
+ if($standalone) {
+ return ".SH \"PROTOCOLS\"\n$data\n";
+ }
+ else {
+ return "($data) ";
+ }
+}
+
+sub added {
+ my ($standalone, $data)address@hidden;
+ if($standalone) {
+ return ".SH \"ADDED\"\nAdded in curl version $data\n";
+ }
+ else {
+ return "Added in $data. ";
+ }
+}
+
+sub single {
+ my ($f, $standalone)address@hidden;
+ open(F, "<:crlf", "$some_dir/$f") ||
+ return 1;
+ my $short;
+ my $long;
+ my $tags;
+ my $added;
+ my $protocols;
+ my $arg;
+ my $mutexed;
+ my $requires;
+ my $seealso;
+ my $magic; # cmdline special option
+ while(<F>) {
+ if(/^Short: *(.)/i) {
+ $short=$1;
+ }
+ elsif(/^Long: *(.*)/i) {
+ $long=$1;
+ }
+ elsif(/^Added: *(.*)/i) {
+ $added=$1;
+ }
+ elsif(/^Tags: *(.*)/i) {
+ $tags=$1;
+ }
+ elsif(/^Arg: *(.*)/i) {
+ $arg=$1;
+ }
+ elsif(/^Magic: *(.*)/i) {
+ $magic=$1;
+ }
+ elsif(/^Mutexed: *(.*)/i) {
+ $mutexed=$1;
+ }
+ elsif(/^Protocols: *(.*)/i) {
+ $protocols=$1;
+ }
+ elsif(/^See-also: *(.*)/i) {
+ $seealso=$1;
+ }
+ elsif(/^Requires: *(.*)/i) {
+ $requires=$1;
+ }
+ elsif(/^Help: *(.*)/i) {
+ ;
+ }
+ elsif(/^---/) {
+ if(!$long) {
+ print STDERR "WARN: no 'Long:' in $f\n";
+ }
+ last;
+ }
+ else {
+ chomp;
+ print STDERR "WARN: unrecognized line in $f, ignoring:\n:'$_';"
+ }
+ }
+ my @dest;
+ while(<F>) {
+ push @desc, $_;
+ }
+ close(F);
+ my $opt;
+ if(defined($short) && $long) {
+ $opt = "-$short, --$long";
+ }
+ elsif($short && !$long) {
+ $opt = "-$short";
+ }
+ elsif($long && !$short) {
+ $opt = "--$long";
+ }
+
+ if($arg) {
+ $opt .= " $arg";
+ }
+
+ if($standalone) {
+ print ".TH curl 1 \"30 Nov 2016\" \"curl 7.52.0\" \"curl manual\"\n";
+ print ".SH OPTION\n";
+ print "curl $opt\n";
+ }
+ else {
+ print ".IP \"$opt\"\n";
+ }
+ if($protocols) {
+ print protocols($standalone, $protocols);
+ }
+
+ if($standalone) {
+ print ".SH DESCRIPTION\n";
+ }
+
+ printdesc(@desc);
+ undef @desc;
+
+ my @foot;
+ if($seealso) {
+ my @m=split(/ /, $seealso);
+ my $mstr;
+ for my $k (@m) {
+ my $l = manpageify($k);
+ $mstr .= sprintf "%s$l", $mstr?" and ":"";
+ }
+ push @foot, seealso($standalone, $mstr);
+ }
+ if($requires) {
+ my $l = manpageify($long);
+ push @foot, "$l requires that the underlying libcurl".
+ " was built to support $requires. ";
+ }
+ if($mutexed) {
+ my @m=split(/ /, $mutexed);
+ my $mstr;
+ for my $k (@m) {
+ my $l = manpageify($k);
+ $mstr .= sprintf "%s$l", $mstr?" and ":"";
+ }
+ push @foot, overrides($standalone, "This option overrides $mstr. ");
+ }
+ if($added) {
+ push @foot, added($standalone, $added);
+ }
+ if($foot[0]) {
+ print "\n";
+ my $f = join("", @foot);
+ $f =~ s/ +\z//; # remove trailing space
+ print "$f\n";
+ }
+ return 0;
+}
+
+sub getshortlong {
+ my ($f)address@hidden;
+ open(F, "<:crlf", "$some_dir/$f");
+ my $short;
+ my $long;
+ my $help;
+ my $arg;
+ my $protocols;
+ while(<F>) {
+ if(/^Short: (.)/i) {
+ $short=$1;
+ }
+ elsif(/^Long: (.*)/i) {
+ $long=$1;
+ }
+ elsif(/^Help: (.*)/i) {
+ $help=$1;
+ }
+ elsif(/^Arg: (.*)/i) {
+ $arg=$1;
+ }
+ elsif(/^Protocols: (.*)/i) {
+ $protocols=$1;
+ }
+ elsif(/^---/) {
+ last;
+ }
+ }
+ close(F);
+ if($short) {
+ $optshort{$short}=$long;
+ }
+ if($long) {
+ $optlong{$long}=$short;
+ $helplong{$long}=$help;
+ $arglong{$long}=$arg;
+ $protolong{$long}=$protocols;
+ }
+}
+
+sub indexoptions {
+ foreach my $f (@s) {
+ getshortlong($f);
+ }
+}
+
+sub header {
+ my ($f)address@hidden;
+ open(F, "<:crlf", "$some_dir/$f");
+ my @d;
+ while(<F>) {
+ push @d, $_;
+ }
+ close(F);
+ printdesc(@d);
+}
+
+sub listhelp {
+ foreach my $f (sort keys %helplong) {
+ my $long = $f;
+ my $short = $optlong{$long};
+ my $opt;
+
+ if(defined($short) && $long) {
+ $opt = "-$short, --$long";
+ }
+ elsif($long && !$short) {
+ $opt = " --$long";
+ }
+
+ my $arg = $arglong{$long};
+ if($arg) {
+ $opt .= " $arg";
+ }
+ my $desc = $helplong{$f};
+ $desc =~ s/\"/\\\"/g; # escape double quotes
+
+ my $line = sprintf " {\"%s\",\n \"%s\"},\n", $opt, $desc;
+
+ if(length($opt) + length($desc) > 78) {
+ print STDERR "WARN: the --$long line is too long\n";
+ }
+ print $line;
+ }
+}
+
+sub mainpage {
+ # show the page header
+ header("page-header");
+
+ # output docs for all options
+ foreach my $f (sort @s) {
+ single($f, 0);
+ }
+
+ header("page-footer");
+}
+
+sub showonly {
+ my ($f) = @_;
+ if(single($f, 1)) {
+ print STDERR "$f: failed\n";
+ }
+}
+
+sub showprotocols {
+ my %prots;
+ foreach my $f (keys %optlong) {
+ my @p = split(/ /, $protolong{$f});
+ for my $p (@p) {
+ $prots{$p}++;
+ }
+ }
+ for(sort keys %prots) {
+ printf "$_ (%d options)\n", $prots{$_};
+ }
+}
+
+sub getargs {
+ my $f;
+ do {
+ $f = shift @ARGV;
+ if($f eq "mainpage") {
+ mainpage();
+ return;
+ }
+ elsif($f eq "listhelp") {
+ listhelp();
+ return;
+ }
+ elsif($f eq "single") {
+ showonly(shift @ARGV);
+ return;
+ }
+ elsif($f eq "protos") {
+ showprotocols();
+ return;
+ }
+ } while($f);
+
+ print "Usage: gen.pl <mainpage/listhelp/single FILE/protos> [srcdir]\n";
+}
+
+#------------------------------------------------------------------------
+
+# learn all existing options
+indexoptions();
+
+getargs();
+
diff --git a/docs/cmdline-opts/get.d b/docs/cmdline-opts/get.d
new file mode 100644
index 000000000..be7cb25f0
--- /dev/null
+++ b/docs/cmdline-opts/get.d
@@ -0,0 +1,15 @@
+Long: get
+Short: G
+Help: Put the post data in the URL and use GET
+---
+When used, this option will make all data specified with --data, --data-binary
+or --data-urlencode to be used in an HTTP GET request instead of the POST
+request that otherwise would be used. The data will be appended to the URL
+with a '?' separator.
+
+If used in combination with --head, the POST data will instead be appended to
+the URL with a HEAD request.
+
+If this option is used several times, only the first one is used. This is
+because undoing a GET doesn't make sense, but you should then instead enforce
+the alternative method you prefer.
diff --git a/docs/cmdline-opts/globoff.d b/docs/cmdline-opts/globoff.d
new file mode 100644
index 000000000..fff6516b6
--- /dev/null
+++ b/docs/cmdline-opts/globoff.d
@@ -0,0 +1,8 @@
+Long: globoff
+Short: g
+Help: Disable URL sequences and ranges using {} and []
+---
+This option switches off the "URL globbing parser". When you set this option,
+you can specify URLs that contain the letters {}[] without having them being
+interpreted by curl itself. Note that these letters are not normal legal URL
+contents but they should be encoded according to the URI standard.
diff --git a/docs/cmdline-opts/head.d b/docs/cmdline-opts/head.d
new file mode 100644
index 000000000..350a100f6
--- /dev/null
+++ b/docs/cmdline-opts/head.d
@@ -0,0 +1,8 @@
+Long: head
+Short: I
+Help: Show document info only
+Protocols: HTTP FTP FILE
+---
+Fetch the headers only! HTTP-servers feature the command HEAD which this uses
+to get nothing but the header of a document. When used on an FTP or FILE file,
+curl displays the file size and last modification time only.
diff --git a/docs/cmdline-opts/header.d b/docs/cmdline-opts/header.d
new file mode 100644
index 000000000..d8292ed77
--- /dev/null
+++ b/docs/cmdline-opts/header.d
@@ -0,0 +1,41 @@
+Long: header
+Short: H
+Arg: <header/@file>
+Help: Pass custom header(s) to server
+Protocols: HTTP
+---
+Extra header to include in the request when sending HTTP to a server. You may
+specify any number of extra headers. Note that if you should add a custom
+header that has the same name as one of the internal ones curl would use, your
+externally set header will be used instead of the internal one. This allows
+you to make even trickier stuff than curl would normally do. You should not
+replace internally set headers without knowing perfectly well what you're
+doing. Remove an internal header by giving a replacement without content on
+the right side of the colon, as in: -H \&"Host:". If you send the custom
+header with no-value then its header must be terminated with a semicolon, such
+as \-H \&"X-Custom-Header;" to send "X-Custom-Header:".
+
+curl will make sure that each header you add/replace is sent with the proper
+end-of-line marker, you should thus \fBnot\fP add that as a part of the header
+content: do not add newlines or carriage returns, they will only mess things up
+for you.
+
+Starting in 7.55.0, this option can take an argument in @filename style, which
+then adds a header for each line in the input file. Using @- will make curl
+read the header file from stdin.
+
+See also the --user-agent and --referer options.
+
+Starting in 7.37.0, you need --proxy-header to send custom headers intended
+for a proxy.
+
+Example:
+
+ curl -H "X-First-Name: Joe" http://example.com/
+
+\fBWARNING\fP: headers set with this option will be set in all requests - even
+after redirects are followed, like when told with --location. This can lead to
+the header being sent to other hosts than the original host, so sensitive
+headers should be used with caution combined with following redirects.
+
+This option can be used multiple times to add/replace/remove multiple headers.
diff --git a/docs/cmdline-opts/help.d b/docs/cmdline-opts/help.d
new file mode 100644
index 000000000..64aa696d4
--- /dev/null
+++ b/docs/cmdline-opts/help.d
@@ -0,0 +1,6 @@
+Long: help
+Short: h
+Help: This help text
+---
+Usage help. This lists all current command line options with a short
+description.
diff --git a/docs/cmdline-opts/hostpubmd5.d b/docs/cmdline-opts/hostpubmd5.d
new file mode 100644
index 000000000..a85115803
--- /dev/null
+++ b/docs/cmdline-opts/hostpubmd5.d
@@ -0,0 +1,9 @@
+Long: hostpubmd5
+Arg: <md5>
+Help: Acceptable MD5 hash of the host public key
+Protocols: SFTP SCP
+Added: 7.17.1
+---
+Pass a string containing 32 hexadecimal digits. The string should
+be the 128 bit MD5 checksum of the remote host's public key, curl will refuse
+the connection with the host unless the md5sums match.
diff --git a/docs/cmdline-opts/http1.0.d b/docs/cmdline-opts/http1.0.d
new file mode 100644
index 000000000..d9bbd76f0
--- /dev/null
+++ b/docs/cmdline-opts/http1.0.d
@@ -0,0 +1,10 @@
+Short: 0
+Long: http1.0
+Tags: Versions
+Protocols: HTTP
+Added:
+Mutexed: http1.1 http2
+Help: Use HTTP 1.0
+---
+Tells curl to use HTTP version 1.0 instead of using its internally preferred
+HTTP version.
diff --git a/docs/cmdline-opts/http1.1.d b/docs/cmdline-opts/http1.1.d
new file mode 100644
index 000000000..f1e6b5c3b
--- /dev/null
+++ b/docs/cmdline-opts/http1.1.d
@@ -0,0 +1,8 @@
+Long: http1.1
+Tags: Versions
+Protocols: HTTP
+Added: 7.33.0
+Mutexed: http1.0 http2
+Help: Use HTTP 1.1
+---
+Tells curl to use HTTP version 1.1.
diff --git a/docs/cmdline-opts/http2-prior-knowledge.d
b/docs/cmdline-opts/http2-prior-knowledge.d
new file mode 100644
index 000000000..f793f775d
--- /dev/null
+++ b/docs/cmdline-opts/http2-prior-knowledge.d
@@ -0,0 +1,12 @@
+Long: http2-prior-knowledge
+Tags: Versions
+Protocols: HTTP
+Added: 7.49.0
+Mutexed: http1.1 http1.0 http2
+Requires: HTTP/2
+Help: Use HTTP 2 without HTTP/1.1 Upgrade
+---
+Tells curl to issue its non-TLS HTTP requests using HTTP/2 without HTTP/1.1
+Upgrade. It requires prior knowledge that the server supports HTTP/2 straight
+away. HTTPS requests will still do HTTP/2 the standard way with negotiated
+protocol version in the TLS handshake.
diff --git a/docs/cmdline-opts/http2.d b/docs/cmdline-opts/http2.d
new file mode 100644
index 000000000..04cff00a4
--- /dev/null
+++ b/docs/cmdline-opts/http2.d
@@ -0,0 +1,10 @@
+Long: http2
+Tags: Versions
+Protocols: HTTP
+Added: 7.33.0
+Mutexed: http1.1 http1.0 http2-prior-knowledge
+Requires: HTTP/2
+See-also: no-alpn
+Help: Use HTTP 2
+---
+Tells curl to use HTTP version 2.
diff --git a/docs/cmdline-opts/ignore-content-length.d
b/docs/cmdline-opts/ignore-content-length.d
new file mode 100644
index 000000000..53524f518
--- /dev/null
+++ b/docs/cmdline-opts/ignore-content-length.d
@@ -0,0 +1,10 @@
+Long: ignore-content-length
+Help: Ignore the size of the remote resource
+Protocols: FTP HTTP
+---
+For HTTP, Ignore the Content-Length header. This is particularly useful for
+servers running Apache 1.x, which will report incorrect Content-Length for
+files larger than 2 gigabytes.
+
+For FTP (since 7.46.0), skip the RETR command to figure out the size before
+downloading a file.
diff --git a/docs/cmdline-opts/include.d b/docs/cmdline-opts/include.d
new file mode 100644
index 000000000..9d282dd16
--- /dev/null
+++ b/docs/cmdline-opts/include.d
@@ -0,0 +1,10 @@
+Long: include
+Short: i
+Help: Include protocol response headers in the output
+See-also: verbose
+---
+Include the HTTP response headers in the output. The HTTP response headers can
+include things like server name, cookies, date of the document, HTTP version
+and more...
+
+To view the request headers, consider the --verbose option.
diff --git a/docs/cmdline-opts/insecure.d b/docs/cmdline-opts/insecure.d
new file mode 100644
index 000000000..49b0a4322
--- /dev/null
+++ b/docs/cmdline-opts/insecure.d
@@ -0,0 +1,16 @@
+Long: insecure
+Short: k
+Help: Allow insecure server connections when using SSL
+Protocols: TLS
+See-also: proxy-insecure cacert
+---
+
+By default, every SSL connection curl makes is verified to be secure. This
+option allows curl to proceed and operate even for server connections
+otherwise considered insecure.
+
+The server connection is verified by making sure the server's certificate
+contains the right name and verifies successfully using the cert store.
+
+See this online resource for further details:
+ https://curl.haxx.se/docs/sslcerts.html
diff --git a/docs/cmdline-opts/interface.d b/docs/cmdline-opts/interface.d
new file mode 100644
index 000000000..da84cd2b6
--- /dev/null
+++ b/docs/cmdline-opts/interface.d
@@ -0,0 +1,12 @@
+Long: interface
+Arg: <name>
+Help: Use network INTERFACE (or address)
+See-also: dns-interface
+---
+
+Perform an operation using a specified interface. You can enter interface
+name, IP address or host name. An example could look like:
+
+ curl --interface eth0:1 https://www.example.com/
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/ipv4.d b/docs/cmdline-opts/ipv4.d
new file mode 100644
index 000000000..9c40c8c3e
--- /dev/null
+++ b/docs/cmdline-opts/ipv4.d
@@ -0,0 +1,12 @@
+Short: 4
+Long: ipv4
+Tags: Versions
+Protocols:
+Added:
+Mutexed: ipv6
+Requires:
+See-also: http1.1 http2
+Help: Resolve names to IPv4 addresses
+---
+This option tells curl to resolve names to IPv4 addresses only, and not for
+example try IPv6.
diff --git a/docs/cmdline-opts/ipv6.d b/docs/cmdline-opts/ipv6.d
new file mode 100644
index 000000000..c2392e771
--- /dev/null
+++ b/docs/cmdline-opts/ipv6.d
@@ -0,0 +1,12 @@
+Short: 6
+Long: ipv6
+Tags: Versions
+Protocols:
+Added:
+Mutexed: ipv6
+Requires:
+See-also: http1.1 http2
+Help: Resolve names to IPv6 addresses
+---
+This option tells curl to resolve names to IPv6 addresses only, and not for
+example try IPv4.
diff --git a/docs/cmdline-opts/junk-session-cookies.d
b/docs/cmdline-opts/junk-session-cookies.d
new file mode 100644
index 000000000..40ccd9c2d
--- /dev/null
+++ b/docs/cmdline-opts/junk-session-cookies.d
@@ -0,0 +1,10 @@
+Long: junk-session-cookies
+Short: j
+Help: Ignore session cookies read from file
+Protocols: HTTP
+See-also: cookie cookie-jar
+---
+When curl is told to read cookies from a given file, this option will make it
+discard all "session cookies". This will basically have the same effect as if
+a new session is started. Typical browsers always discard session cookies when
+they're closed down.
diff --git a/docs/cmdline-opts/keepalive-time.d
b/docs/cmdline-opts/keepalive-time.d
new file mode 100644
index 000000000..c816e13ff
--- /dev/null
+++ b/docs/cmdline-opts/keepalive-time.d
@@ -0,0 +1,13 @@
+Long: keepalive-time
+Arg: <seconds>
+Help: Interval time for keepalive probes
+Added: 7.18.0
+---
+This option sets the time a connection needs to remain idle before sending
+keepalive probes and the time between individual keepalive probes. It is
+currently effective on operating systems offering the TCP_KEEPIDLE and
+TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This
+option has no effect if --no-keepalive is used.
+
+If this option is used several times, the last one will be used. If
+unspecified, the option defaults to 60 seconds.
diff --git a/docs/cmdline-opts/key-type.d b/docs/cmdline-opts/key-type.d
new file mode 100644
index 000000000..bf39bcd35
--- /dev/null
+++ b/docs/cmdline-opts/key-type.d
@@ -0,0 +1,9 @@
+Long: key-type
+Arg: <type>
+Help: Private key file type (DER/PEM/ENG)
+Protocols: TLS
+---
+Private key file type. Specify which type your --key provided private key
+is. DER, PEM, and ENG are supported. If not specified, PEM is assumed.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/key.d b/docs/cmdline-opts/key.d
new file mode 100644
index 000000000..fbf583af0
--- /dev/null
+++ b/docs/cmdline-opts/key.d
@@ -0,0 +1,10 @@
+Long: key
+Arg: <key>
+Protocols: TLS SSH
+Help: Private key file name
+---
+Private key file name. Allows you to provide your private key in this separate
+file. For SSH, if not specified, curl tries the following candidates in order:
+'~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/krb.d b/docs/cmdline-opts/krb.d
new file mode 100644
index 000000000..19547af08
--- /dev/null
+++ b/docs/cmdline-opts/krb.d
@@ -0,0 +1,11 @@
+Long: krb
+Arg: <level>
+Help: Enable Kerberos with security <level>
+Protocols: FTP
+Requires: Kerberos
+---
+Enable Kerberos authentication and use. The level must be entered and should
+be one of 'clear', 'safe', 'confidential', or 'private'. Should you use a
+level that is not one of these, 'private' will instead be used.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/libcurl.d b/docs/cmdline-opts/libcurl.d
new file mode 100644
index 000000000..ef132fe74
--- /dev/null
+++ b/docs/cmdline-opts/libcurl.d
@@ -0,0 +1,11 @@
+Long: libcurl
+Arg: <file>
+Help: Dump libcurl equivalent code of this command line
+Added: 7.16.1
+---
+Append this option to any ordinary curl command line, and you will get a
+libcurl-using C source code written to the file that does the equivalent
+of what your command-line operation does!
+
+If this option is used several times, the last given file name will be
+used.
diff --git a/docs/cmdline-opts/limit-rate.d b/docs/cmdline-opts/limit-rate.d
new file mode 100644
index 000000000..8784a84d3
--- /dev/null
+++ b/docs/cmdline-opts/limit-rate.d
@@ -0,0 +1,18 @@
+Long: limit-rate
+Arg: <speed>
+Help: Limit transfer speed to RATE
+---
+Specify the maximum transfer rate you want curl to use - for both downloads
+and uploads. This feature is useful if you have a limited pipe and you'd like
+your transfer not to use your entire bandwidth. To make it slower than it
+otherwise would be.
+
+The given speed is measured in bytes/second, unless a suffix is appended.
+Appending 'k' or 'K' will count the number as kilobytes, 'm' or M' makes it
+megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G.
+
+If you also use the --speed-limit option, that option will take precedence and
+might cripple the rate-limiting slightly, to help keeping the speed-limit
+logic working.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/list-only.d b/docs/cmdline-opts/list-only.d
new file mode 100644
index 000000000..4c56304a0
--- /dev/null
+++ b/docs/cmdline-opts/list-only.d
@@ -0,0 +1,24 @@
+Long: list-only
+Short: l
+Protocols: FTP POP3
+Help: List only mode
+Added: 7.21.5
+---
+(FTP)
+When listing an FTP directory, this switch forces a name-only view. This is
+especially useful if the user wants to machine-parse the contents of an FTP
+directory since the normal directory view doesn't use a standard look or
+format. When used like this, the option causes a NLST command to be sent to
+the server instead of LIST.
+
+Note: Some FTP servers list only files in their response to NLST; they do not
+include sub-directories and symbolic links.
+
+(POP3)
+When retrieving a specific email from POP3, this switch forces a LIST command
+to be performed instead of RETR. This is particularly useful if the user wants
+to see if a specific message id exists on the server and what size it is.
+
+Note: When combined with --request, this option can be used to send an UIDL
+command instead, so the user may use the email's unique identifier rather than
+it's message id to make the request.
diff --git a/docs/cmdline-opts/local-port.d b/docs/cmdline-opts/local-port.d
new file mode 100644
index 000000000..d96b46eb8
--- /dev/null
+++ b/docs/cmdline-opts/local-port.d
@@ -0,0 +1,9 @@
+Long: local-port
+Arg: <num/range>
+Help: Force use of RANGE for local port numbers
+Added: 7.15.2
+---
+Set a preferred single number or range (FROM-TO) of local port numbers to use
+for the connection(s). Note that port numbers by nature are a scarce resource
+that will be busy at times so setting this range to something too narrow might
+cause unnecessary connection setup failures.
diff --git a/docs/cmdline-opts/location-trusted.d
b/docs/cmdline-opts/location-trusted.d
new file mode 100644
index 000000000..995a8718a
--- /dev/null
+++ b/docs/cmdline-opts/location-trusted.d
@@ -0,0 +1,9 @@
+Long: location-trusted
+Help: Like --location, and send auth to other hosts
+Protocols: HTTP
+See-also: user
+---
+Like --location, but will allow sending the name + password to all hosts that
+the site may redirect to. This may or may not introduce a security breach if
+the site redirects you to a site to which you'll send your authentication info
+(which is plaintext in the case of HTTP Basic authentication).
diff --git a/docs/cmdline-opts/location.d b/docs/cmdline-opts/location.d
new file mode 100644
index 000000000..7c70e6981
--- /dev/null
+++ b/docs/cmdline-opts/location.d
@@ -0,0 +1,23 @@
+Long: location
+Short: L
+Help: Follow redirects
+Protocols: HTTP
+---
+If the server reports that the requested page has moved to a different
+location (indicated with a Location: header and a 3XX response code), this
+option will make curl redo the request on the new place. If used together with
+--include or --head, headers from all requested pages will be shown. When
+authentication is used, curl only sends its credentials to the initial
+host. If a redirect takes curl to a different host, it won't be able to
+intercept the user+password. See also --location-trusted on how to change
+this. You can limit the amount of redirects to follow by using the
+--max-redirs option.
+
+When curl follows a redirect and the request is not a plain GET (for example
+POST or PUT), it will do the following request with a GET if the HTTP response
+was 301, 302, or 303. If the response code was any other 3xx code, curl will
+re-send the following request using the same unmodified method.
+
+You can tell curl to not change the non-GET request method to GET after a 30x
+response by using the dedicated options for that: --post301, --post302 and
+--post303.
diff --git a/docs/cmdline-opts/login-options.d
b/docs/cmdline-opts/login-options.d
new file mode 100644
index 000000000..8bad0511d
--- /dev/null
+++ b/docs/cmdline-opts/login-options.d
@@ -0,0 +1,14 @@
+Long: login-options
+Arg: <options>
+Protocols: IMAP POP3 SMTP
+Help: Server login options
+Added: 7.34.0
+---
+Specify the login options to use during server authentication.
+
+You can use the login options to specify protocol specific options that may
+be used during authentication. At present only IMAP, POP3 and SMTP support
+login options. For more information about the login options please see
+RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/mail-auth.d b/docs/cmdline-opts/mail-auth.d
new file mode 100644
index 000000000..70cf0eda4
--- /dev/null
+++ b/docs/cmdline-opts/mail-auth.d
@@ -0,0 +1,10 @@
+Long: mail-auth
+Arg: <address>
+Protocols: SMTP
+Help: Originator address of the original email
+Added: 7.25.0
+See-also: mail-rcpt mail-from
+---
+Specify a single address. This will be used to specify the authentication
+address (identity) of a submitted message that is being relayed to another
+server.
diff --git a/docs/cmdline-opts/mail-from.d b/docs/cmdline-opts/mail-from.d
new file mode 100644
index 000000000..1d932344c
--- /dev/null
+++ b/docs/cmdline-opts/mail-from.d
@@ -0,0 +1,8 @@
+Long: mail-from
+Arg: <address>
+Help: Mail from this address
+Protocols: SMTP
+Added: 7.20.0
+See-also: mail-rcpt mail-auth
+---
+Specify a single address that the given mail should get sent from.
diff --git a/docs/cmdline-opts/mail-rcpt.d b/docs/cmdline-opts/mail-rcpt.d
new file mode 100644
index 000000000..d747ceabf
--- /dev/null
+++ b/docs/cmdline-opts/mail-rcpt.d
@@ -0,0 +1,19 @@
+Long: mail-rcpt
+Arg: <address>
+Help: Mail from this address
+Protocols: SMTP
+Added: 7.20.0
+---
+Specify a single address, user name or mailing list name. Repeat this
+option several times to send to multiple recipients.
+
+When performing a mail transfer, the recipient should specify a valid email
+address to send the mail to.
+
+When performing an address verification (VRFY command), the recipient should be
+specified as the user name or user name and domain (as per Section 3.5 of
+RFC5321). (Added in 7.34.0)
+
+When performing a mailing list expand (EXPN command), the recipient should be
+specified using the mailing list name, such as "Friends" or "London-Office".
+(Added in 7.34.0)
diff --git a/docs/cmdline-opts/manual.d b/docs/cmdline-opts/manual.d
new file mode 100644
index 000000000..a9dbb0c78
--- /dev/null
+++ b/docs/cmdline-opts/manual.d
@@ -0,0 +1,5 @@
+Long: manual
+Short: M
+Help: Display the full manual
+---
+Manual. Display the huge help text.
diff --git a/docs/cmdline-opts/max-filesize.d b/docs/cmdline-opts/max-filesize.d
new file mode 100644
index 000000000..e92ef5837
--- /dev/null
+++ b/docs/cmdline-opts/max-filesize.d
@@ -0,0 +1,12 @@
+Long: max-filesize
+Arg: <bytes>
+Help: Maximum file size to download
+See-also: limit-rate
+---
+Specify the maximum size (in bytes) of a file to download. If the file
+requested is larger than this value, the transfer will not start and curl will
+return with exit code 63.
+
+\fBNOTE:\fP The file size is not always known prior to download, and for such
+files this option has no effect even if the file transfer ends up being larger
+than this given limit. This concerns both FTP and HTTP transfers.
diff --git a/docs/cmdline-opts/max-redirs.d b/docs/cmdline-opts/max-redirs.d
new file mode 100644
index 000000000..04b824bd2
--- /dev/null
+++ b/docs/cmdline-opts/max-redirs.d
@@ -0,0 +1,11 @@
+Long: max-redirs
+Arg: <num>
+Help: Maximum number of redirects allowed
+Protocols: HTTP
+---
+Set maximum number of redirection-followings allowed. When --location is used,
+is used to prevent curl from following redirections \&"in absurdum". By
+default, the limit is set to 50 redirections. Set this option to -1 to make it
+unlimited.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/max-time.d b/docs/cmdline-opts/max-time.d
new file mode 100644
index 000000000..c22343d32
--- /dev/null
+++ b/docs/cmdline-opts/max-time.d
@@ -0,0 +1,13 @@
+Long: max-time
+Short: m
+Arg: <time>
+Help: Maximum time allowed for the transfer
+See-also: connect-timeout
+---
+Maximum time in seconds that you allow the whole operation to take. This is
+useful for preventing your batch jobs from hanging for hours due to slow
+networks or links going down. Since 7.32.0, this option accepts decimal
+values, but the actual timeout will decrease in accuracy as the specified
+timeout increases in decimal precision.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/metalink.d b/docs/cmdline-opts/metalink.d
new file mode 100644
index 000000000..8047e9f51
--- /dev/null
+++ b/docs/cmdline-opts/metalink.d
@@ -0,0 +1,27 @@
+Long: metalink
+Help: Process given URLs as metalink XML file
+Added: 7.27.0
+Requires: metalink
+---
+This option can tell curl to parse and process a given URI as Metalink file
+(both version 3 and 4 (RFC 5854) are supported) and make use of the mirrors
+listed within for failover if there are errors (such as the file or server not
+being available). It will also verify the hash of the file after the download
+completes. The Metalink file itself is downloaded and processed in memory and
+not stored in the local file system.
+
+Example to use a remote Metalink file:
+
+ curl --metalink http://www.example.com/example.metalink
+
+To use a Metalink file in the local file system, use FILE protocol (file://):
+
+ curl --metalink file://example.metalink
+
+Please note that if FILE protocol is disabled, there is no way to use a local
+Metalink file at the time of this writing. Also note that if --metalink and
+--include are used together, --include will be ignored. This is because
+including headers in the response will break Metalink parser and if the
+headers are included in the file described in Metalink file, hash check will
+fail.
+
diff --git a/docs/cmdline-opts/negotiate.d b/docs/cmdline-opts/negotiate.d
new file mode 100644
index 000000000..69a6b9170
--- /dev/null
+++ b/docs/cmdline-opts/negotiate.d
@@ -0,0 +1,15 @@
+Long: negotiate
+Help: Use HTTP Negotiate (SPNEGO) authentication
+Protocols: HTTP
+See-also: basic ntlm anyauth proxy-negotiate
+---
+Enables Negotiate (SPNEGO) authentication.
+
+This option requires a library built with GSS-API or SSPI support. Use
+--version to see if your curl supports GSS-API/SSPI or SPNEGO.
+
+When using this option, you must also provide a fake --user option to activate
+the authentication code properly. Sending a '-u :' is enough as the user name
+and password from the --user option aren't actually used.
+
+If this option is used several times, only the first one is used.
diff --git a/docs/cmdline-opts/netrc-file.d b/docs/cmdline-opts/netrc-file.d
new file mode 100644
index 000000000..0b5d2400c
--- /dev/null
+++ b/docs/cmdline-opts/netrc-file.d
@@ -0,0 +1,12 @@
+Long: netrc-file
+Help: Specify FILE for netrc
+Arg: <filename>
+Added: 7.21.5
+Mutexed: netrc
+---
+This option is similar to --netrc, except that you provide the path (absolute
+or relative) to the netrc file that Curl should use. You can only specify one
+netrc file per invocation. If several --netrc-file options are provided,
+the last one will be used.
+
+It will abide by --netrc-optional if specified.
diff --git a/docs/cmdline-opts/netrc-optional.d
b/docs/cmdline-opts/netrc-optional.d
new file mode 100644
index 000000000..c28540309
--- /dev/null
+++ b/docs/cmdline-opts/netrc-optional.d
@@ -0,0 +1,7 @@
+Long: netrc-optional
+Help: Use either .netrc or URL
+Mutexed: netrc
+See-also: netrc-file
+---
+Very similar to --netrc, but this option makes the .netrc usage \fBoptional\fP
+and not mandatory as the --netrc option does.
diff --git a/docs/cmdline-opts/netrc.d b/docs/cmdline-opts/netrc.d
new file mode 100644
index 000000000..2df26782c
--- /dev/null
+++ b/docs/cmdline-opts/netrc.d
@@ -0,0 +1,17 @@
+Long: netrc
+Short: n
+Help: Must read .netrc for user name and password
+---
+Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
+home directory for login name and password. This is typically used for FTP on
+Unix. If used with HTTP, curl will enable user authentication. See
+\fInetrc(5)\fP \fIftp(1)\fP for details on the file format. Curl will not
+complain if that file doesn't have the right permissions (it should not be
+either world- or group-readable). The environment variable "HOME" is used to
+find the home directory.
+
+A quick and very simple example of how to setup a \fI.netrc\fP to allow curl
+to FTP to the machine host.domain.com with user name \&'myself' and password
+\&'secret' should look similar to:
+
+.B "machine host.domain.com login myself password secret"
diff --git a/docs/cmdline-opts/next.d b/docs/cmdline-opts/next.d
new file mode 100644
index 000000000..1d1e70a35
--- /dev/null
+++ b/docs/cmdline-opts/next.d
@@ -0,0 +1,20 @@
+Short: :
+Long: next
+Tags:
+Protocols:
+Added: 7.36.0
+Magic: divider
+Help: Make next URL use its separate set of options
+---
+Tells curl to use a separate operation for the following URL and associated
+options. This allows you to send several URL requests, each with their own
+specific options, for example, such as different user names or custom requests
+for each.
+
+--next will reset all local options and only global ones will have their
+values survive over to the operation following the --next instruction. Global
+options include --verbose, --trace, --trace-ascii and --fail-early.
+
+For example, you can do both a GET and a POST in a single command line:
+
+ curl www1.example.com --next -d postthis www2.example.com
diff --git a/docs/cmdline-opts/no-alpn.d b/docs/cmdline-opts/no-alpn.d
new file mode 100644
index 000000000..88abb8368
--- /dev/null
+++ b/docs/cmdline-opts/no-alpn.d
@@ -0,0 +1,11 @@
+Long: no-alpn
+Tags: HTTP/2
+Protocols: HTTPS
+Added: 7.36.0
+See-also: no-npn http2
+Requires: TLS
+Help: Disable the ALPN TLS extension
+---
+Disable the ALPN TLS extension. ALPN is enabled by default if libcurl was built
+with an SSL library that supports ALPN. ALPN is used by a libcurl that supports
+HTTP/2 to negotiate HTTP/2 support with the server during https sessions.
diff --git a/docs/cmdline-opts/no-buffer.d b/docs/cmdline-opts/no-buffer.d
new file mode 100644
index 000000000..65a6282f6
--- /dev/null
+++ b/docs/cmdline-opts/no-buffer.d
@@ -0,0 +1,11 @@
+Long: no-buffer
+Short: N
+Help: Disable buffering of the output stream
+---
+Disables the buffering of the output stream. In normal work situations, curl
+will use a standard buffered output stream that will have the effect that it
+will output the data in chunks, not necessarily exactly when the data arrives.
+Using this option will disable that buffering.
+
+Note that this is the negated option name documented. You can thus use
+--buffer to enforce the buffering.
diff --git a/docs/cmdline-opts/no-keepalive.d b/docs/cmdline-opts/no-keepalive.d
new file mode 100644
index 000000000..8fb28a036
--- /dev/null
+++ b/docs/cmdline-opts/no-keepalive.d
@@ -0,0 +1,8 @@
+Long: no-keepalive
+Help: Disable TCP keepalive on the connection
+---
+Disables the use of keepalive messages on the TCP connection. curl otherwise
+enables them by default.
+
+Note that this is the negated option name documented. You can thus use
+--keepalive to enforce keepalive.
diff --git a/docs/cmdline-opts/no-npn.d b/docs/cmdline-opts/no-npn.d
new file mode 100644
index 000000000..ab0f6de2e
--- /dev/null
+++ b/docs/cmdline-opts/no-npn.d
@@ -0,0 +1,12 @@
+Long: no-npn
+Tags: Versions HTTP/2
+Protocols: HTTPS
+Added: 7.36.0
+Mutexed:
+See-also: no-alpn http2
+Requires: TLS
+Help: Disable the NPN TLS extension
+---
+Disable the NPN TLS extension. NPN is enabled by default if libcurl was built
+with an SSL library that supports NPN. NPN is used by a libcurl that supports
+HTTP/2 to negotiate HTTP/2 support with the server during https sessions.
diff --git a/docs/cmdline-opts/no-sessionid.d b/docs/cmdline-opts/no-sessionid.d
new file mode 100644
index 000000000..397a15869
--- /dev/null
+++ b/docs/cmdline-opts/no-sessionid.d
@@ -0,0 +1,13 @@
+Long: no-sessionid
+Help: Disable SSL session-ID reusing
+Protocols: TLS
+Added: 7.16.0
+---
+Disable curl's use of SSL session-ID caching. By default all transfers are
+done using the cache. Note that while nothing should ever get hurt by
+attempting to reuse SSL session-IDs, there seem to be broken SSL
+implementations in the wild that may require you to disable this in order for
+you to succeed.
+
+Note that this is the negated option name documented. You can thus use
+--sessionid to enforce session-ID caching.
diff --git a/docs/cmdline-opts/noproxy.d b/docs/cmdline-opts/noproxy.d
new file mode 100644
index 000000000..a216e75f4
--- /dev/null
+++ b/docs/cmdline-opts/noproxy.d
@@ -0,0 +1,15 @@
+Long: noproxy
+Arg: <no-proxy-list>
+Help: List of hosts which do not use proxy
+Added: 7.19.4
+---
+Comma-separated list of hosts which do not use a proxy, if one is specified.
+The only wildcard is a single * character, which matches all hosts, and
+effectively disables the proxy. Each name in this list is matched as either
+a domain which contains the hostname, or the hostname itself. For example,
+local.com would match local.com, local.com:80, and www.local.com, but not
+www.notlocal.com.
+
+Since 7.53.0, This option overrides the environment variables that disable the
+proxy. If there's an environment variable disabling a proxy, you can set
+noproxy list to \&"" to override it.
diff --git a/docs/cmdline-opts/ntlm-wb.d b/docs/cmdline-opts/ntlm-wb.d
new file mode 100644
index 000000000..7b9338408
--- /dev/null
+++ b/docs/cmdline-opts/ntlm-wb.d
@@ -0,0 +1,7 @@
+Long: ntlm-wb
+Help: Use HTTP NTLM authentication with winbind
+Protocols: HTTP
+See-also: ntlm proxy-ntlm
+---
+Enables NTLM much in the style --ntlm does, but hand over the authentication
+to the separate binary ntlmauth application that is executed when needed.
diff --git a/docs/cmdline-opts/ntlm.d b/docs/cmdline-opts/ntlm.d
new file mode 100644
index 000000000..d71cd43fe
--- /dev/null
+++ b/docs/cmdline-opts/ntlm.d
@@ -0,0 +1,18 @@
+Long: ntlm
+Help: Use HTTP NTLM authentication
+Mutexed: basic negotiated digest anyauth
+See-also: proxy-ntlm
+Protocols: HTTP
+Requires: TLS
+---
+Enables NTLM authentication. The NTLM authentication method was designed by
+Microsoft and is used by IIS web servers. It is a proprietary protocol,
+reverse-engineered by clever people and implemented in curl based on their
+efforts. This kind of behavior should not be endorsed, you should encourage
+everyone who uses NTLM to switch to a public and documented authentication
+method instead, such as Digest.
+
+If you want to enable NTLM for your proxy authentication, then use
+--proxy-ntlm.
+
+If this option is used several times, only the first one is used.
diff --git a/docs/cmdline-opts/oauth2-bearer.d
b/docs/cmdline-opts/oauth2-bearer.d
new file mode 100644
index 000000000..780716748
--- /dev/null
+++ b/docs/cmdline-opts/oauth2-bearer.d
@@ -0,0 +1,12 @@
+Long: oauth2-bearer
+Help: OAuth 2 Bearer Token
+Arg: <token>
+Protocols: IMAP POP3 SMTP
+---
+Specify the Bearer Token for OAUTH 2.0 server authentication. The Bearer Token
+is used in conjunction with the user name which can be specified as part of
+the --url or --user options.
+
+The Bearer Token and user name are formatted according to RFC 6750.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/output.d b/docs/cmdline-opts/output.d
new file mode 100644
index 000000000..35f52a213
--- /dev/null
+++ b/docs/cmdline-opts/output.d
@@ -0,0 +1,32 @@
+Long: output
+Arg: <file>
+Short: o
+Help: Write to file instead of stdout
+See-also: remote-name remote-name-all remote-header-name
+---
+Write output to <file> instead of stdout. If you are using {} or [] to fetch
+multiple documents, you can use '#' followed by a number in the <file>
+specifier. That variable will be replaced with the current string for the URL
+being fetched. Like in:
+
+ curl http://{one,two}.example.com -o "file_#1.txt"
+
+or use several variables like:
+
+ curl http://{site,host}.host[1-5].com -o "#1_#2"
+
+You may use this option as many times as the number of URLs you have. For
+example, if you specify two URLs on the same command line, you can use it like
+this:
+
+ curl -o aa example.com -o bb example.net
+
+and the order of the -o options and the URLs doesn't matter, just that the
+first -o is for the first URL and so on, so the above command line can also be
+written as
+
+ curl example.com example.net -o aa -o bb
+
+See also the --create-dirs option to create the local directories
+dynamically. Specifying the output as '-' (a single dash) will force the
+output to be done to stdout.
diff --git a/docs/cmdline-opts/page-footer b/docs/cmdline-opts/page-footer
new file mode 100644
index 000000000..55aefb23c
--- /dev/null
+++ b/docs/cmdline-opts/page-footer
@@ -0,0 +1,244 @@
+.SH FILES
+.I ~/.curlrc
+.RS
+Default config file, see --config for details.
+.SH ENVIRONMENT
+The environment variables can be specified in lower case or upper case. The
+lower case version has precedence. http_proxy is an exception as it is only
+available in lower case.
+
+Using an environment variable to set the proxy has the same effect as using
+the --proxy option.
+
+.IP "http_proxy [protocol://]<host>[:port]"
+Sets the proxy server to use for HTTP.
+.IP "HTTPS_PROXY [protocol://]<host>[:port]"
+Sets the proxy server to use for HTTPS.
+.IP "[url-protocol]_PROXY [protocol://]<host>[:port]"
+Sets the proxy server to use for [url-protocol], where the protocol is a
+protocol that curl supports and as specified in a URL. FTP, FTPS, POP3, IMAP,
+SMTP, LDAP etc.
+.IP "ALL_PROXY [protocol://]<host>[:port]"
+Sets the proxy server to use if no protocol-specific proxy is set.
+.IP "NO_PROXY <comma-separated list of hosts>"
+list of host names that shouldn't go through any proxy. If set to a asterisk
+\&'*' only, it matches all hosts.
+
+Since 7.53.0, this environment variable disable the proxy even if specify
+--proxy option. That is
+.B NO_PROXY=direct.example.com curl -x http://proxy.example.com
+.B http://direct.example.com
+accesses the target URL directly, and
+.B NO_PROXY=direct.example.com curl -x http://proxy.example.com
+.B http://somewhere.example.com
+accesses the target URL through proxy.
+
+.SH "PROXY PROTOCOL PREFIXES"
+Since curl version 7.21.7, the proxy string may be specified with a
+protocol:// prefix to specify alternative proxy protocols.
+
+If no protocol is specified in the proxy string or if the string doesn't match
+a supported one, the proxy will be treated as an HTTP proxy.
+
+The supported proxy protocol prefixes are as follows:
+.IP "socks4://"
+Makes it the equivalent of --socks4
+.IP "socks4a://"
+Makes it the equivalent of --socks4a
+.IP "socks5://"
+Makes it the equivalent of --socks5
+.IP "socks5h://"
+Makes it the equivalent of --socks5-hostname
+.SH EXIT CODES
+There are a bunch of different error codes and their corresponding error
+messages that may appear during bad conditions. At the time of this writing,
+the exit codes are:
+.IP 1
+Unsupported protocol. This build of curl has no support for this protocol.
+.IP 2
+Failed to initialize.
+.IP 3
+URL malformed. The syntax was not correct.
+.IP 4
+A feature or option that was needed to perform the desired request was not
+enabled or was explicitly disabled at build-time. To make curl able to do
+this, you probably need another build of libcurl!
+.IP 5
+Couldn't resolve proxy. The given proxy host could not be resolved.
+.IP 6
+Couldn't resolve host. The given remote host was not resolved.
+.IP 7
+Failed to connect to host.
+.IP 8
+Weird server reply. The server sent data curl couldn't parse.
+.IP 9
+FTP access denied. The server denied login or denied access to the particular
+resource or directory you wanted to reach. Most often you tried to change to a
+directory that doesn't exist on the server.
+.IP 10
+FTP accept failed. While waiting for the server to connect back when an active
+FTP session is used, an error code was sent over the control connection or
+similar.
+.IP 11
+FTP weird PASS reply. Curl couldn't parse the reply sent to the PASS request.
+.IP 12
+During an active FTP session while waiting for the server to connect back to
+curl, the timeout expired.
+.IP 13
+FTP weird PASV reply, Curl couldn't parse the reply sent to the PASV request.
+.IP 14
+FTP weird 227 format. Curl couldn't parse the 227-line the server sent.
+.IP 15
+FTP can't get host. Couldn't resolve the host IP we got in the 227-line.
+.IP 16
+HTTP/2 error. A problem was detected in the HTTP2 framing layer. This is
+somewhat generic and can be one out of several problems, see the error message
+for details.
+.IP 17
+FTP couldn't set binary. Couldn't change transfer method to binary.
+.IP 18
+Partial file. Only a part of the file was transferred.
+.IP 19
+FTP couldn't download/access the given file, the RETR (or similar) command
+failed.
+.IP 21
+FTP quote error. A quote command returned error from the server.
+.IP 22
+HTTP page not retrieved. The requested url was not found or returned another
+error with the HTTP error code being 400 or above. This return code only
+appears if --fail is used.
+.IP 23
+Write error. Curl couldn't write data to a local filesystem or similar.
+.IP 25
+FTP couldn't STOR file. The server denied the STOR operation, used for FTP
+uploading.
+.IP 26
+Read error. Various reading problems.
+.IP 27
+Out of memory. A memory allocation request failed.
+.IP 28
+Operation timeout. The specified time-out period was reached according to the
+conditions.
+.IP 30
+FTP PORT failed. The PORT command failed. Not all FTP servers support the PORT
+command, try doing a transfer using PASV instead!
+.IP 31
+FTP couldn't use REST. The REST command failed. This command is used for
+resumed FTP transfers.
+.IP 33
+HTTP range error. The range "command" didn't work.
+.IP 34
+HTTP post error. Internal post-request generation error.
+.IP 35
+SSL connect error. The SSL handshaking failed.
+.IP 36
+Bad download resume. Couldn't continue an earlier aborted download.
+.IP 37
+FILE couldn't read file. Failed to open the file. Permissions?
+.IP 38
+LDAP cannot bind. LDAP bind operation failed.
+.IP 39
+LDAP search failed.
+.IP 41
+Function not found. A required LDAP function was not found.
+.IP 42
+Aborted by callback. An application told curl to abort the operation.
+.IP 43
+Internal error. A function was called with a bad parameter.
+.IP 45
+Interface error. A specified outgoing interface could not be used.
+.IP 47
+Too many redirects. When following redirects, curl hit the maximum amount.
+.IP 48
+Unknown option specified to libcurl. This indicates that you passed a weird
+option to curl that was passed on to libcurl and rejected. Read up in the
+manual!
+.IP 49
+Malformed telnet option.
+.IP 51
+The peer's SSL certificate or SSH MD5 fingerprint was not OK.
+.IP 52
+The server didn't reply anything, which here is considered an error.
+.IP 53
+SSL crypto engine not found.
+.IP 54
+Cannot set SSL crypto engine as default.
+.IP 55
+Failed sending network data.
+.IP 56
+Failure in receiving network data.
+.IP 58
+Problem with the local certificate.
+.IP 59
+Couldn't use specified SSL cipher.
+.IP 60
+Peer certificate cannot be authenticated with known CA certificates.
+.IP 61
+Unrecognized transfer encoding.
+.IP 62
+Invalid LDAP URL.
+.IP 63
+Maximum file size exceeded.
+.IP 64
+Requested FTP SSL level failed.
+.IP 65
+Sending the data requires a rewind that failed.
+.IP 66
+Failed to initialise SSL Engine.
+.IP 67
+The user name, password, or similar was not accepted and curl failed to log in.
+.IP 68
+File not found on TFTP server.
+.IP 69
+Permission problem on TFTP server.
+.IP 70
+Out of disk space on TFTP server.
+.IP 71
+Illegal TFTP operation.
+.IP 72
+Unknown TFTP transfer ID.
+.IP 73
+File already exists (TFTP).
+.IP 74
+No such user (TFTP).
+.IP 75
+Character conversion failed.
+.IP 76
+Character conversion functions required.
+.IP 77
+Problem with reading the SSL CA cert (path? access rights?).
+.IP 78
+The resource referenced in the URL does not exist.
+.IP 79
+An unspecified error occurred during the SSH session.
+.IP 80
+Failed to shut down the SSL connection.
+.IP 82
+Could not load CRL file, missing or wrong format (added in 7.19.0).
+.IP 83
+Issuer check failed (added in 7.19.0).
+.IP 84
+The FTP PRET command failed
+.IP 85
+RTSP: mismatch of CSeq numbers
+.IP 86
+RTSP: mismatch of Session Identifiers
+.IP 87
+unable to parse FTP file list
+.IP 88
+FTP chunk callback reported error
+.IP 89
+No connection available, the session will be queued
+.IP 90
+SSL public key does not matched pinned public key
+.IP XX
+More error codes will appear here in future releases. The existing ones
+are meant to never change.
+.SH AUTHORS / CONTRIBUTORS
+Daniel Stenberg is the main author, but the whole list of contributors is
+found in the separate THANKS file.
+.SH WWW
+https://curl.haxx.se
+.SH "SEE ALSO"
+.BR ftp (1),
+.BR wget (1)
diff --git a/docs/cmdline-opts/page-header b/docs/cmdline-opts/page-header
new file mode 100644
index 000000000..ee5af1477
--- /dev/null
+++ b/docs/cmdline-opts/page-header
@@ -0,0 +1,141 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.\" DO NOT EDIT. Generated by the curl project gen.pl man page generator.
+.\"
+.TH curl 1 "16 Dec 2016" "Curl 7.52.0" "Curl Manual"
+.SH NAME
+curl \- transfer a URL
+.SH SYNOPSIS
+.B curl [options]
+.I [URL...]
+.SH DESCRIPTION
+.B curl
+is a tool to transfer data from or to a server, using one of the supported
+protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP,
+LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET
+and TFTP). The command is designed to work without user interaction.
+
+curl offers a busload of useful tricks like proxy support, user
+authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer
+resume, Metalink, and more. As you will see below, the number of features will
+make your head spin!
+
+curl is powered by libcurl for all transfer-related features. See
+\fIlibcurl(3)\fP for details.
+.SH URL
+The URL syntax is protocol-dependent. You'll find a detailed description in
+RFC 3986.
+
+You can specify multiple URLs or parts of URLs by writing part sets within
+braces as in:
+
+ http://site.{one,two,three}.com
+
+or you can get sequences of alphanumeric series by using [] as in:
+
+ ftp://ftp.example.com/file[1-100].txt
+
+ ftp://ftp.example.com/file[001-100].txt (with leading zeros)
+
+ ftp://ftp.example.com/file[a-z].txt
+
+Nested sequences are not supported, but you can use several ones next to each
+other:
+
+ http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html
+
+You can specify any amount of URLs on the command line. They will be fetched
+in a sequential manner in the specified order.
+
+You can specify a step counter for the ranges to get every Nth number or
+letter:
+
+ http://example.com/file[1-100:10].txt
+
+ http://example.com/file[a-z:2].txt
+
+When using [] or {} sequences when invoked from a command line prompt, you
+probably have to put the full URL within double quotes to avoid the shell from
+interfering with it. This also goes for other characters treated special, like
+for example '&', '?' and '*'.
+
+Provide the IPv6 zone index in the URL with an escaped percentage sign and the
+interface name. Like in
+
+ http://[fe80::3%25eth0]/
+
+If you specify URL without protocol:// prefix, curl will attempt to guess what
+protocol you might want. It will then default to HTTP but try other protocols
+based on often-used host name prefixes. For example, for host names starting
+with "ftp." curl will assume you want to speak FTP.
+
+curl will do its best to use what you pass to it as a URL. It is not trying to
+validate it as a syntactically correct URL by any means but is instead
+\fBvery\fP liberal with what it accepts.
+
+curl will attempt to re-use connections for multiple file transfers, so that
+getting many files from the same server will not do multiple connects /
+handshakes. This improves speed. Of course this is only done on files
+specified on a single command line and cannot be used between separate curl
+invokes.
+.SH "PROGRESS METER"
+curl normally displays a progress meter during operations, indicating the
+amount of transferred data, transfer speeds and estimated time left, etc. The
+progress meter displays number of bytes and the speeds are in bytes per
+second. The suffixes (k, M, G, T, P) are 1024 based. For example 1k is 1024
+bytes. 1M is 1048576 bytes.
+
+curl displays this data to the terminal by default, so if you invoke curl to
+do an operation and it is about to write data to the terminal, it
+\fIdisables\fP the progress meter as otherwise it would mess up the output
+mixing progress meter and response data.
+
+If you want a progress meter for HTTP POST or PUT requests, you need to
+redirect the response output to a file, using shell redirect (>), --output or
+similar.
+
+It is not the same case for FTP upload as that operation does not spit out
+any response data to the terminal.
+
+If you prefer a progress "bar" instead of the regular meter, --progress-bar is
+your friend. You can also disable the progress meter completely with the
+--silent option.
+.SH OPTIONS
+Options start with one or two dashes. Many of the options require an
+additional value next to them.
+
+The short "single-dash" form of the options, -d for example, may be used with
+or without a space between it and its value, although a space is a recommended
+separator. The long "double-dash" form, --data for example, requires a space
+between it and its value.
+
+Short version options that don't need any additional values can be used
+immediately next to each other, like for example you can specify all the
+options -O, -L and -v at once as -OLv.
+
+In general, all boolean options are enabled with --\fBoption\fP and yet again
+disabled with --\fBno-\fPoption. That is, you use the exact same option name
+but prefix it with "no-". However, in this list we mostly only list and show
+the --option version of them. (This concept with --no options was added in
+7.19.0. Previously most options were toggled on/off on repeated use of the
+same command line option.)
diff --git a/docs/cmdline-opts/pass.d b/docs/cmdline-opts/pass.d
new file mode 100644
index 000000000..2639cb9d0
--- /dev/null
+++ b/docs/cmdline-opts/pass.d
@@ -0,0 +1,8 @@
+Long: pass
+Arg: <phrase>
+Help: Pass phrase for the private key
+Protocols: SSH TLS
+---
+Passphrase for the private key
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/path-as-is.d b/docs/cmdline-opts/path-as-is.d
new file mode 100644
index 000000000..946e2f07a
--- /dev/null
+++ b/docs/cmdline-opts/path-as-is.d
@@ -0,0 +1,7 @@
+Long: path-as-is
+Help: Do not squash .. sequences in URL path
+Added: 7.42.0
+---
+Tell curl to not handle sequences of /../ or /./ in the given URL
+path. Normally curl will squash or merge them according to standards but with
+this option set you tell it not to do that.
diff --git a/docs/cmdline-opts/pinnedpubkey.d b/docs/cmdline-opts/pinnedpubkey.d
new file mode 100644
index 000000000..0657e6e79
--- /dev/null
+++ b/docs/cmdline-opts/pinnedpubkey.d
@@ -0,0 +1,27 @@
+Long: pinnedpubkey
+Arg: <hashes>
+Help: FILE/HASHES Public key to verify peer against
+Protocols: TLS
+---
+Tells curl to use the specified public key file (or hashes) to verify the
+peer. This can be a path to a file which contains a single public key in PEM
+or DER format, or any number of base64 encoded sha256 hashes preceded by
+\'sha256//\' and separated by \';\'
+
+When negotiating a TLS or SSL connection, the server sends a certificate
+indicating its identity. A public key is extracted from this certificate and
+if it does not exactly match the public key provided to this option, curl will
+abort the connection before sending or receiving any data.
+
+PEM/DER support:
+ 7.39.0: OpenSSL, GnuTLS and GSKit
+ 7.43.0: NSS and wolfSSL/CyaSSL
+ 7.47.0: mbedtls
+ 7.49.0: PolarSSL
+sha256 support:
+ 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.
+ 7.47.0: mbedtls
+ 7.49.0: PolarSSL
+Other SSL backends not supported.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/post301.d b/docs/cmdline-opts/post301.d
new file mode 100644
index 000000000..87a9fe7ed
--- /dev/null
+++ b/docs/cmdline-opts/post301.d
@@ -0,0 +1,11 @@
+Long: post301
+Help: Do not switch to GET after following a 301
+Protocols: HTTP
+See-also: post302 post303 location
+Added: 7.17.1
+---
+Tells curl to respect RFC 7231/6.4.2 and not convert POST requests into GET
+requests when following a 301 redirection. The non-RFC behaviour is ubiquitous
+in web browsers, so curl does the conversion by default to maintain
+consistency. However, a server may require a POST to remain a POST after such
+a redirection. This option is meaningful only when using --location.
diff --git a/docs/cmdline-opts/post302.d b/docs/cmdline-opts/post302.d
new file mode 100644
index 000000000..caf0d87f1
--- /dev/null
+++ b/docs/cmdline-opts/post302.d
@@ -0,0 +1,11 @@
+Long: post302
+Help: Do not switch to GET after following a 302
+Protocols: HTTP
+See-also: post301 post303 location
+Added: 7.19.1
+---
+Tells curl to respect RFC 7231/6.4.3 and not convert POST requests into GET
+requests when following a 302 redirection. The non-RFC behaviour is ubiquitous
+in web browsers, so curl does the conversion by default to maintain
+consistency. However, a server may require a POST to remain a POST after such
+a redirection. This option is meaningful only when using --location.
diff --git a/docs/cmdline-opts/post303.d b/docs/cmdline-opts/post303.d
new file mode 100644
index 000000000..f8a60ec5f
--- /dev/null
+++ b/docs/cmdline-opts/post303.d
@@ -0,0 +1,11 @@
+Long: post303
+Help: Do not switch to GET after following a 303
+Protocols: HTTP
+See-also: post302 post301 location
+Added: 7.26.0
+---
+Tells curl to respect RFC 7231/6.4.4 and not convert POST requests into GET
+requests when following a 303 redirection. The non-RFC behaviour is ubiquitous
+in web browsers, so curl does the conversion by default to maintain
+consistency. However, a server may require a POST to remain a POST after such
+a redirection. This option is meaningful only when using --location.
diff --git a/docs/cmdline-opts/preproxy.d b/docs/cmdline-opts/preproxy.d
new file mode 100644
index 000000000..b8eb77fa4
--- /dev/null
+++ b/docs/cmdline-opts/preproxy.d
@@ -0,0 +1,22 @@
+Long: preproxy
+Arg: [protocol://]host[:port]
+Help: Use this proxy first
+Added: 7.52.0
+---
+Use the specified SOCKS proxy before connecting to an HTTP or HTTPS --proxy. In
+such a case curl first connects to the SOCKS proxy and then connects (through
+SOCKS) to the HTTP or HTTPS proxy. Hence pre proxy.
+
+The pre proxy string should be specified with a protocol:// prefix to specify
+alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
+socks5h:// to request the specific SOCKS version to be used. No protocol
+specified will make curl default to SOCKS4.
+
+If the port number is not specified in the proxy string, it is assumed to be
+1080.
+
+User and password that might be provided in the proxy string are URL decoded
+by curl. This allows you to pass in special characters such as @ by using %40
+or pass in a colon with %3a.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/progress-bar.d b/docs/cmdline-opts/progress-bar.d
new file mode 100644
index 000000000..11e95b45e
--- /dev/null
+++ b/docs/cmdline-opts/progress-bar.d
@@ -0,0 +1,11 @@
+Short: #
+Long: progress-bar
+Help: Display transfer progress as a bar
+---
+Make curl display transfer progress as a simple progress bar instead of the
+standard, more informational, meter.
+
+This progress bar draws a single line of '#' characters across the screen and
+shows a percentage if the transfer size is known. For transfers without a
+known size, it will instead output one '#' character for every 1024 bytes
+transferred.
diff --git a/docs/cmdline-opts/proto-default.d
b/docs/cmdline-opts/proto-default.d
new file mode 100644
index 000000000..ccc3b85f3
--- /dev/null
+++ b/docs/cmdline-opts/proto-default.d
@@ -0,0 +1,18 @@
+Long: proto-default
+Help: Use PROTOCOL for any URL missing a scheme
+Arg: <protocol>
+Added: 7.45.0
+---
+Tells curl to use \fIprotocol\fP for any URL missing a scheme name.
+
+Example:
+
+ curl --proto-default https ftp.mozilla.org
+
+An unknown or unsupported protocol causes error
+\fICURLE_UNSUPPORTED_PROTOCOL\fP (1).
+
+This option does not change the default proxy protocol (http).
+
+Without this option curl would make a guess based on the host, see --url for
+details.
diff --git a/docs/cmdline-opts/proto-redir.d b/docs/cmdline-opts/proto-redir.d
new file mode 100644
index 000000000..c9eeeab1d
--- /dev/null
+++ b/docs/cmdline-opts/proto-redir.d
@@ -0,0 +1,17 @@
+Long: proto-redir
+Arg: <protocols>
+Help: Enable/disable PROTOCOLS on redirect
+Added: 7.20.2
+---
+Tells curl to limit what protocols it may use on redirect. Protocols denied by
+--proto are not overridden by this option. See --proto for how protocols are
+represented.
+
+Example, allow only HTTP and HTTPS on redirect:
+
+ curl --proto-redir -all,http,https http://example.com
+
+By default curl will allow all protocols on redirect except several disabled
+for security reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0
+SMB and SMBS are also disabled. Specifying \fIall\fP or \fI+all\fP enables all
+protocols on redirect, including those disabled for security.
diff --git a/docs/cmdline-opts/proto.d b/docs/cmdline-opts/proto.d
new file mode 100644
index 000000000..1513fdc05
--- /dev/null
+++ b/docs/cmdline-opts/proto.d
@@ -0,0 +1,43 @@
+Long: proto
+Arg: <protocols>
+Help: Enable/disable PROTOCOLS
+See-also: proto-redir proto-default
+Added: 7.20.2
+---
+Tells curl to limit what protocols it may use in the transfer. Protocols are
+evaluated left to right, are comma separated, and are each a protocol name or
+'all', optionally prefixed by zero or more modifiers. Available modifiers are:
+.RS
+.TP 3
+.B +
+Permit this protocol in addition to protocols already permitted (this is
+the default if no modifier is used).
+.TP
+.B -
+Deny this protocol, removing it from the list of protocols already permitted.
+.TP
+.B =
+Permit only this protocol (ignoring the list already permitted), though
+subject to later modification by subsequent entries in the comma separated
+list.
+.RE
+.IP
+For example:
+.RS
+.TP 15
+.B --proto -ftps
+uses the default protocols, but disables ftps
+.TP
+.B --proto -all,https,+http
+only enables http and https
+.TP
+.B --proto =http,https
+also only enables http and https
+.RE
+
+Unknown protocols produce a warning. This allows scripts to safely rely on
+being able to disable potentially dangerous protocols, without relying upon
+support for that protocol being built into curl to avoid an error.
+
+This option can be used multiple times, in which case the effect is the same
+as concatenating the protocols into one instance of the option.
diff --git a/docs/cmdline-opts/proxy-anyauth.d
b/docs/cmdline-opts/proxy-anyauth.d
new file mode 100644
index 000000000..b60d0a05e
--- /dev/null
+++ b/docs/cmdline-opts/proxy-anyauth.d
@@ -0,0 +1,7 @@
+Long: proxy-anyauth
+Help: Pick any proxy authentication method
+Added: 7.13.2
+See-also: proxy proxy-basic proxy-digest
+---
+Tells curl to pick a suitable authentication method when communicating with
+the given HTTP proxy. This might cause an extra request/response round-trip.
diff --git a/docs/cmdline-opts/proxy-basic.d b/docs/cmdline-opts/proxy-basic.d
new file mode 100644
index 000000000..566f890a9
--- /dev/null
+++ b/docs/cmdline-opts/proxy-basic.d
@@ -0,0 +1,7 @@
+Long: proxy-basic
+Help: Use Basic authentication on the proxy
+See-also: proxy proxy-anyauth proxy-digest
+---
+Tells curl to use HTTP Basic authentication when communicating with the given
+proxy. Use --basic for enabling HTTP Basic with a remote host. Basic is the
+default authentication method curl uses with proxies.
diff --git a/docs/cmdline-opts/proxy-cacert.d b/docs/cmdline-opts/proxy-cacert.d
new file mode 100644
index 000000000..2713dd2a4
--- /dev/null
+++ b/docs/cmdline-opts/proxy-cacert.d
@@ -0,0 +1,7 @@
+Long: proxy-cacert
+Help: CA certificate to verify peer against for proxy
+Arg: <file>
+Added: 7.52.0
+See-also: proxy-capath cacert capath proxy
+---
+Same as --cacert but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-capath.d b/docs/cmdline-opts/proxy-capath.d
new file mode 100644
index 000000000..177246aab
--- /dev/null
+++ b/docs/cmdline-opts/proxy-capath.d
@@ -0,0 +1,7 @@
+Long: proxy-capath
+Help: CA directory to verify peer against for proxy
+Arg: <dir>
+Added: 7.52.0
+See-also: proxy-cacert proxy capath
+---
+Same as --capath but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-cert-type.d
b/docs/cmdline-opts/proxy-cert-type.d
new file mode 100644
index 000000000..8c9e7889b
--- /dev/null
+++ b/docs/cmdline-opts/proxy-cert-type.d
@@ -0,0 +1,6 @@
+Long: proxy-cert-type
+Arg: <type>
+Added: 7.52.0
+Help: Client certificate type for HTTS proxy
+---
+Same as --cert-type but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-cert.d b/docs/cmdline-opts/proxy-cert.d
new file mode 100644
index 000000000..43acd3950
--- /dev/null
+++ b/docs/cmdline-opts/proxy-cert.d
@@ -0,0 +1,6 @@
+Long: proxy-cert
+Arg: <cert[:passwd]>
+Help: Set client certificate for proxy
+Added: 7.52.0
+---
+Same as --cert but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-ciphers.d
b/docs/cmdline-opts/proxy-ciphers.d
new file mode 100644
index 000000000..dcac81284
--- /dev/null
+++ b/docs/cmdline-opts/proxy-ciphers.d
@@ -0,0 +1,6 @@
+Long: proxy-ciphers
+Arg: <list>
+Help: SSL ciphers to use for proxy
+Added: 7.52.0
+---
+Same as --ciphers but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-crlfile.d
b/docs/cmdline-opts/proxy-crlfile.d
new file mode 100644
index 000000000..1d6247f47
--- /dev/null
+++ b/docs/cmdline-opts/proxy-crlfile.d
@@ -0,0 +1,6 @@
+Long: proxy-crlfile
+Arg: <file>
+Help: Set a CRL list for proxy
+Added: 7.52.0
+---
+Same as --crlfile but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-digest.d b/docs/cmdline-opts/proxy-digest.d
new file mode 100644
index 000000000..ccf46636c
--- /dev/null
+++ b/docs/cmdline-opts/proxy-digest.d
@@ -0,0 +1,6 @@
+Long: proxy-digest
+Help: Use Digest authentication on the proxy
+See-also: proxy proxy-anyauth proxy-basic
+---
+Tells curl to use HTTP Digest authentication when communicating with the given
+proxy. Use --digest for enabling HTTP Digest with a remote host.
diff --git a/docs/cmdline-opts/proxy-header.d b/docs/cmdline-opts/proxy-header.d
new file mode 100644
index 000000000..c1b0bb7c4
--- /dev/null
+++ b/docs/cmdline-opts/proxy-header.d
@@ -0,0 +1,24 @@
+Long: proxy-header
+Arg: <header/@file>
+Help: Pass custom header(s) to proxy
+Protocols: HTTP
+Added: 7.37.0
+---
+Extra header to include in the request when sending HTTP to a proxy. You may
+specify any number of extra headers. This is the equivalent option to --header
+but is for proxy communication only like in CONNECT requests when you want a
+separate header sent to the proxy to what is sent to the actual remote host.
+
+curl will make sure that each header you add/replace is sent with the proper
+end-of-line marker, you should thus \fBnot\fP add that as a part of the header
+content: do not add newlines or carriage returns, they will only mess things
+up for you.
+
+Headers specified with this option will not be included in requests that curl
+knows will not be sent to a proxy.
+
+Starting in 7.55.0, this option can take an argument in @filename style, which
+then adds a header for each line in the input file. Using @- will make curl
+read the header file from stdin.
+
+This option can be used multiple times to add/replace/remove multiple headers.
diff --git a/docs/cmdline-opts/proxy-insecure.d
b/docs/cmdline-opts/proxy-insecure.d
new file mode 100644
index 000000000..762828f43
--- /dev/null
+++ b/docs/cmdline-opts/proxy-insecure.d
@@ -0,0 +1,5 @@
+Long: proxy-insecure
+Help: Do HTTPS proxy connections without verifying the proxy
+Added: 7.52.0
+---
+Same as --insecure but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-key-type.d
b/docs/cmdline-opts/proxy-key-type.d
new file mode 100644
index 000000000..ce7482ae9
--- /dev/null
+++ b/docs/cmdline-opts/proxy-key-type.d
@@ -0,0 +1,6 @@
+Long: proxy-key-type
+Arg: <type>
+Help: Private key file type for proxy
+Added: 7.52.0
+---
+Same as --key-type but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-key.d b/docs/cmdline-opts/proxy-key.d
new file mode 100644
index 000000000..e61eb18a9
--- /dev/null
+++ b/docs/cmdline-opts/proxy-key.d
@@ -0,0 +1,5 @@
+Long: proxy-key
+Help: Private key for HTTPS proxy
+Arg: <key>
+---
+Same as --key but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-negotiate.d
b/docs/cmdline-opts/proxy-negotiate.d
new file mode 100644
index 000000000..775f62a9a
--- /dev/null
+++ b/docs/cmdline-opts/proxy-negotiate.d
@@ -0,0 +1,8 @@
+Long: proxy-negotiate
+Help: Use HTTP Negotiate (SPNEGO) authentication on the proxy
+Added: 7.17.1
+See-also: proxy-anyauth proxy-basic
+---
+Tells curl to use HTTP Negotiate (SPNEGO) authentication when communicating
+with the given proxy. Use --negotiate for enabling HTTP Negotiate (SPNEGO)
+with a remote host.
diff --git a/docs/cmdline-opts/proxy-ntlm.d b/docs/cmdline-opts/proxy-ntlm.d
new file mode 100644
index 000000000..c30db53b9
--- /dev/null
+++ b/docs/cmdline-opts/proxy-ntlm.d
@@ -0,0 +1,6 @@
+Long: proxy-ntlm
+Help: Use NTLM authentication on the proxy
+See-also: proxy-negotiate proxy-anyauth
+---
+Tells curl to use HTTP NTLM authentication when communicating with the given
+proxy. Use --ntlm for enabling NTLM with a remote host.
diff --git a/docs/cmdline-opts/proxy-pass.d b/docs/cmdline-opts/proxy-pass.d
new file mode 100644
index 000000000..3371714ba
--- /dev/null
+++ b/docs/cmdline-opts/proxy-pass.d
@@ -0,0 +1,6 @@
+Long: proxy-pass
+Arg: <phrase>
+Help: Pass phrase for the private key for HTTPS proxy
+Added: 7.52.0
+---
+Same as --pass but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-service-name.d
b/docs/cmdline-opts/proxy-service-name.d
new file mode 100644
index 000000000..e774d2427
--- /dev/null
+++ b/docs/cmdline-opts/proxy-service-name.d
@@ -0,0 +1,6 @@
+long: proxy-service-name
+Arg: <name>
+Help: SPNEGO proxy service name
+Added: 7.43.0
+---
+This option allows you to change the service name for proxy negotiation.
diff --git a/docs/cmdline-opts/proxy-ssl-allow-beast.d
b/docs/cmdline-opts/proxy-ssl-allow-beast.d
new file mode 100644
index 000000000..de96b8436
--- /dev/null
+++ b/docs/cmdline-opts/proxy-ssl-allow-beast.d
@@ -0,0 +1,5 @@
+Long: proxy-ssl-allow-beast
+Help: Allow security flaw for interop for HTTPS proxy
+Added: 7.52.0
+---
+Same as --ssl-allow-beast but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-tlsauthtype.d
b/docs/cmdline-opts/proxy-tlsauthtype.d
new file mode 100644
index 000000000..7d0ce8e1a
--- /dev/null
+++ b/docs/cmdline-opts/proxy-tlsauthtype.d
@@ -0,0 +1,6 @@
+Long: proxy-tlsauthtype
+Arg: <type>
+Help: TLS authentication type for HTTPS proxy
+Added: 7.52.0
+---
+Same as --tlsauthtype but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-tlspassword.d
b/docs/cmdline-opts/proxy-tlspassword.d
new file mode 100644
index 000000000..cf003844e
--- /dev/null
+++ b/docs/cmdline-opts/proxy-tlspassword.d
@@ -0,0 +1,6 @@
+Long: proxy-tlspassword
+Arg: <string>
+Help: TLS password for HTTPS proxy
+Added: 7.52.0
+---
+Same as --tlspassword but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-tlsuser.d
b/docs/cmdline-opts/proxy-tlsuser.d
new file mode 100644
index 000000000..758a7c953
--- /dev/null
+++ b/docs/cmdline-opts/proxy-tlsuser.d
@@ -0,0 +1,6 @@
+Long: proxy-tlsuser
+Arg: <name>
+Help: TLS username for HTTPS proxy
+Added: 7.52.0
+---
+Same as --tlsuser but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-tlsv1.d b/docs/cmdline-opts/proxy-tlsv1.d
new file mode 100644
index 000000000..d024eeac3
--- /dev/null
+++ b/docs/cmdline-opts/proxy-tlsv1.d
@@ -0,0 +1,5 @@
+Long: proxy-tlsv1
+Help: Use TLSv1 for HTTPS proxy
+Added: 7.52.0
+---
+Same as --tlsv1 but used in HTTPS proxy context.
diff --git a/docs/cmdline-opts/proxy-user.d b/docs/cmdline-opts/proxy-user.d
new file mode 100644
index 000000000..b1f6f6e03
--- /dev/null
+++ b/docs/cmdline-opts/proxy-user.d
@@ -0,0 +1,12 @@
+Long: proxy-user
+Short: U
+Arg: <user:password>
+Help: Proxy user and password
+---
+Specify the user name and password to use for proxy authentication.
+
+If you use a Windows SSPI-enabled curl binary and do either Negotiate or NTLM
+authentication then you can tell curl to select the user name and password
+from your environment by specifying a single colon with this option: "-U :".
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/proxy.d b/docs/cmdline-opts/proxy.d
new file mode 100644
index 000000000..6506692be
--- /dev/null
+++ b/docs/cmdline-opts/proxy.d
@@ -0,0 +1,39 @@
+Long: proxy
+Short: x
+Arg: [protocol://]host[:port]
+Help: Use this proxy
+---
+Use the specified proxy.
+
+The proxy string can be specified with a protocol:// prefix. No protocol
+specified or http:// will be treated as HTTP proxy. Use socks4://, socks4a://,
+socks5:// or socks5h:// to request a specific SOCKS version to be used.
+(The protocol support was added in curl 7.21.7)
+
+HTTPS proxy support via https:// protocol prefix was added in 7.52.0 for
+OpenSSL, GnuTLS and NSS.
+
+Unrecognized and unsupported proxy protocols cause an error since 7.52.0.
+Prior versions may ignore the protocol and use http:// instead.
+
+If the port number is not specified in the proxy string, it is assumed to be
+1080.
+
+This option overrides existing environment variables that set the proxy to
+use. If there's an environment variable setting a proxy, you can set proxy to
+\&"" to override it.
+
+All operations that are performed over an HTTP proxy will transparently be
+converted to HTTP. It means that certain protocol specific operations might
+not be available. This is not the case if you can tunnel through the proxy, as
+one with the --proxytunnel option.
+
+User and password that might be provided in the proxy string are URL decoded
+by curl. This allows you to pass in special characters such as @ by using %40
+or pass in a colon with %3a.
+
+The proxy host can be specified the exact same way as the proxy environment
+variables, including the protocol prefix (http://) and the embedded user +
+password.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/proxy1.0.d b/docs/cmdline-opts/proxy1.0.d
new file mode 100644
index 000000000..4a931bd15
--- /dev/null
+++ b/docs/cmdline-opts/proxy1.0.d
@@ -0,0 +1,10 @@
+Long: proxy1.0
+Arg: <host[:port]>
+Help: Use HTTP/1.0 proxy on given port
+---
+Use the specified HTTP 1.0 proxy. If the port number is not specified, it is
+assumed at port 1080.
+
+The only difference between this and the HTTP proxy option --proxy, is that
+attempts to use CONNECT through the proxy will specify an HTTP 1.0 protocol
+instead of the default HTTP 1.1.
diff --git a/docs/cmdline-opts/proxytunnel.d b/docs/cmdline-opts/proxytunnel.d
new file mode 100644
index 000000000..f2e8b802d
--- /dev/null
+++ b/docs/cmdline-opts/proxytunnel.d
@@ -0,0 +1,13 @@
+Long: proxytunnel
+Short: p
+Help: Operate through a HTTP proxy tunnel (using CONNECT)
+See-also: proxy
+---
+When an HTTP proxy is used --proxy, this option will cause non-HTTP protocols
+to attempt to tunnel through the proxy instead of merely using it to do
+HTTP-like operations. The tunnel approach is made with the HTTP proxy CONNECT
+request and requires that the proxy allows direct connect to the remote port
+number curl wants to tunnel through to.
+
+To suppress proxy CONNECT response headers when curl is set to output headers
+use --suppress-connect-headers.
diff --git a/docs/cmdline-opts/pubkey.d b/docs/cmdline-opts/pubkey.d
new file mode 100644
index 000000000..b2e11c024
--- /dev/null
+++ b/docs/cmdline-opts/pubkey.d
@@ -0,0 +1,14 @@
+Long: pubkey
+Arg: <key>
+Protocols: SFTP SCP
+Help: SSH Public key file name
+---
+Public key file name. Allows you to provide your public key in this separate
+file.
+
+If this option is used several times, the last one will be used.
+
+(As of 7.39.0, curl attempts to automatically extract the public key from the
+private key file, so passing this option is generally not required. Note that
+this public key extraction requires libcurl to be linked against a copy of
+libssh2 1.2.8 or higher that is itself linked against OpenSSL.)
diff --git a/docs/cmdline-opts/quote.d b/docs/cmdline-opts/quote.d
new file mode 100644
index 000000000..cdd3ca6bd
--- /dev/null
+++ b/docs/cmdline-opts/quote.d
@@ -0,0 +1,56 @@
+Long: quote
+Short: Q
+Help: Send command(s) to server before transfer
+Protocols: FTP SFTP
+---
+
+Send an arbitrary command to the remote FTP or SFTP server. Quote commands are
+sent BEFORE the transfer takes place (just after the initial PWD command in an
+FTP transfer, to be exact). To make commands take place after a successful
+transfer, prefix them with a dash '-'. To make commands be sent after curl
+has changed the working directory, just before the transfer command(s), prefix
+the command with a '+' (this is only supported for FTP). You may specify any
+number of commands.
+
+If the server returns failure for one of the commands, the entire operation
+will be aborted. You must send syntactically correct FTP commands as RFC 959
+defines to FTP servers, or one of the commands listed below to SFTP servers.
+
+This option can be used multiple times. When speaking to an FTP server, prefix
+the command with an asterisk (*) to make curl continue even if the command
+fails as by default curl will stop at first failure.
+
+SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands
+itself before sending them to the server. File names may be quoted
+shell-style to embed spaces or special characters. Following is the list of
+all supported SFTP quote commands:
+.RS
+.IP "chgrp group file"
+The chgrp command sets the group ID of the file named by the file operand to
+the group ID specified by the group operand. The group operand is a decimal
+integer group ID.
+.IP "chmod mode file"
+The chmod command modifies the file mode bits of the specified file. The
+mode operand is an octal integer mode number.
+.IP "chown user file"
+The chown command sets the owner of the file named by the file operand to the
+user ID specified by the user operand. The user operand is a decimal
+integer user ID.
+.IP "ln source_file target_file"
+The ln and symlink commands create a symbolic link at the target_file location
+pointing to the source_file location.
+.IP "mkdir directory_name"
+The mkdir command creates the directory named by the directory_name operand.
+.IP "pwd"
+The pwd command returns the absolute pathname of the current working directory.
+.IP "rename source target"
+The rename command renames the file or directory named by the source
+operand to the destination path named by the target operand.
+.IP "rm file"
+The rm command removes the file specified by the file operand.
+.IP "rmdir directory"
+The rmdir command removes the directory entry specified by the directory
+operand, provided it is empty.
+.IP "symlink source_file target_file"
+See ln.
+.RE
diff --git a/docs/cmdline-opts/random-file.d b/docs/cmdline-opts/random-file.d
new file mode 100644
index 000000000..51626f88d
--- /dev/null
+++ b/docs/cmdline-opts/random-file.d
@@ -0,0 +1,7 @@
+Long: random-file
+Arg: <file>
+Help: File for reading random data from
+---
+Specify the path name to file containing what will be considered as random
+data. The data may be used to seed the random engine for SSL connections. See
+also the --egd-file option.
diff --git a/docs/cmdline-opts/range.d b/docs/cmdline-opts/range.d
new file mode 100644
index 000000000..760d15e22
--- /dev/null
+++ b/docs/cmdline-opts/range.d
@@ -0,0 +1,46 @@
+Long: range
+Short: r
+Help: Retrieve only the bytes within RANGE
+Arg: <range>
+Protocols: HTTP FTP SFTP FILE
+---
+Retrieve a byte range (i.e a partial document) from a HTTP/1.1, FTP or SFTP
+server or a local FILE. Ranges can be specified in a number of ways.
+.RS
+.TP 10
+.B 0-499
+specifies the first 500 bytes
+.TP
+.B 500-999
+specifies the second 500 bytes
+.TP
+.B -500
+specifies the last 500 bytes
+.TP
+.B 9500-
+specifies the bytes from offset 9500 and forward
+.TP
+.B 0-0,-1
+specifies the first and last byte only(*)(HTTP)
+.TP
+.B 100-199,500-599
+specifies two separate 100-byte ranges(*) (HTTP)
+.RE
+.IP
+(*) = NOTE that this will cause the server to reply with a multipart
+response!
+
+Only digit characters (0-9) are valid in the 'start' and 'stop' fields of the
+\&'start-stop' range syntax. If a non-digit character is given in the range,
+the server's response will be unspecified, depending on the server's
+configuration.
+
+You should also be aware that many HTTP/1.1 servers do not have this feature
+enabled, so that when you attempt to get a range, you'll instead get the whole
+document.
+
+FTP and SFTP range downloads only support the simple 'start-stop' syntax
+(optionally with one of the numbers omitted). FTP use depends on the extended
+FTP command SIZE.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/raw.d b/docs/cmdline-opts/raw.d
new file mode 100644
index 000000000..c3328e69a
--- /dev/null
+++ b/docs/cmdline-opts/raw.d
@@ -0,0 +1,7 @@
+Long: raw
+Help: Do HTTP "raw"; no transfer decoding
+Added: 7.16.2
+Protocols: HTTP
+---
+When used, it disables all internal HTTP decoding of content or transfer
+encodings and instead makes them passed on unaltered, raw.
diff --git a/docs/cmdline-opts/referer.d b/docs/cmdline-opts/referer.d
new file mode 100644
index 000000000..cd84e9d5a
--- /dev/null
+++ b/docs/cmdline-opts/referer.d
@@ -0,0 +1,14 @@
+Long: referer
+Short: e
+Arg: <URL>
+Protocols: HTTP
+Help: Referrer URL
+See-also: user-agent header
+---
+Sends the "Referrer Page" information to the HTTP server. This can also be set
+with the --header flag of course. When used with --location you can append
+";auto" to the --referer URL to make curl automatically set the previous URL
+when it follows a Location: header. The \&";auto" string can be used alone,
+even if you don't set an initial --referer.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/remote-header-name.d
b/docs/cmdline-opts/remote-header-name.d
new file mode 100644
index 000000000..771b6d469
--- /dev/null
+++ b/docs/cmdline-opts/remote-header-name.d
@@ -0,0 +1,19 @@
+Long: remote-header-name
+Short: J
+Protocols: HTTP
+Help: Use the header-provided filename
+---
+This option tells the --remote-name option to use the server-specified
+Content-Disposition filename instead of extracting a filename from the URL.
+
+If the server specifies a file name and a file with that name already exists
+in the current working directory it will not be overwritten and an error will
+occur. If the server doesn't specify a file name then this option has no
+effect.
+
+There's no attempt to decode %-sequences (yet) in the provided file name, so
+this option may provide you with rather unexpected file names.
+
+\fBWARNING\fP: Exercise judicious use of this option, especially on Windows. A
+rogue server could send you the name of a DLL or other file that could possibly
+be loaded automatically by Windows or some third party software.
diff --git a/docs/cmdline-opts/remote-name-all.d
b/docs/cmdline-opts/remote-name-all.d
new file mode 100644
index 000000000..f7a199679
--- /dev/null
+++ b/docs/cmdline-opts/remote-name-all.d
@@ -0,0 +1,8 @@
+Long: remote-name-all
+Help: Use the remote file name for all URLs
+Added: 7.19.0
+---
+This option changes the default action for all given URLs to be dealt with as
+if --remote-name were used for each one. So if you want to disable that for a
+specific URL after --remote-name-all has been used, you must use "-o -" or
+--no-remote-name.
diff --git a/docs/cmdline-opts/remote-name.d b/docs/cmdline-opts/remote-name.d
new file mode 100644
index 000000000..9fed64bf4
--- /dev/null
+++ b/docs/cmdline-opts/remote-name.d
@@ -0,0 +1,21 @@
+Long: remote-name
+Short: O
+Help: Write output to a file named as the remote file
+---
+Write output to a local file named like the remote file we get. (Only the file
+part of the remote file is used, the path is cut off.)
+
+The file will be saved in the current working directory. If you want the file
+saved in a different directory, make sure you change the current working
+directory before invoking curl with this option.
+
+The remote file name to use for saving is extracted from the given URL,
+nothing else, and if it already exists it will be overwritten. If you want the
+server to be able to choose the file name refer to --remote-header-name which
+can be used in addition to this option. If the server chooses a file name and
+that name already exists it will not be overwritten.
+
+There is no URL decoding done on the file name. If it has %20 or other URL
+encoded parts of the name, they will end up as-is as file name.
+
+You may use this option as many times as the number of URLs you have.
diff --git a/docs/cmdline-opts/remote-time.d b/docs/cmdline-opts/remote-time.d
new file mode 100644
index 000000000..0f369e01f
--- /dev/null
+++ b/docs/cmdline-opts/remote-time.d
@@ -0,0 +1,7 @@
+long: remote-time
+short: R
+Help: Set the remote file's time on the local output
+---
+When used, this will make curl attempt to figure out the timestamp of the
+remote file, and if that is available make the local file get that same
+timestamp.
diff --git a/docs/cmdline-opts/request-target.d
b/docs/cmdline-opts/request-target.d
new file mode 100644
index 000000000..630f8b3b4
--- /dev/null
+++ b/docs/cmdline-opts/request-target.d
@@ -0,0 +1,8 @@
+Long: request-target
+Help: Specify the target for this request
+Protocols: HTTP
+---
+Tells curl to use an alternative "target" (path) instead of using the path as
+provided in the URL. Particularly useful when wanting to issue HTTP requests
+without leading slash or other data that doesn't follow the regular URL
+pattern, like "OPTIONS *".
diff --git a/docs/cmdline-opts/request.d b/docs/cmdline-opts/request.d
new file mode 100644
index 000000000..3919d426a
--- /dev/null
+++ b/docs/cmdline-opts/request.d
@@ -0,0 +1,39 @@
+Long: request
+Short: X
+Arg: <command>
+Help: Specify request command to use
+---
+(HTTP) Specifies a custom request method to use when communicating with the
+HTTP server. The specified request method will be used instead of the method
+otherwise used (which defaults to GET). Read the HTTP 1.1 specification for
+details and explanations. Common additional HTTP requests include PUT and
+DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and
+more.
+
+Normally you don't need this option. All sorts of GET, HEAD, POST and PUT
+requests are rather invoked by using dedicated command line options.
+
+This option only changes the actual word used in the HTTP request, it does not
+alter the way curl behaves. So for example if you want to make a proper HEAD
+request, using -X HEAD will not suffice. You need to use the --head option.
+
+The method string you set with --request will be used for all requests, which
+if you for example use --location may cause unintended side-effects when curl
+doesn't change request method according to the HTTP 30x response codes - and
+similar.
+
+(FTP)
+Specifies a custom FTP command to use instead of LIST when doing file lists
+with FTP.
+
+(POP3)
+Specifies a custom POP3 command to use instead of LIST or RETR. (Added in
+7.26.0)
+
+(IMAP)
+Specifies a custom IMAP command to use instead of LIST. (Added in 7.30.0)
+
+(SMTP)
+Specifies a custom SMTP command to use instead of HELP or VRFY. (Added in
7.34.0)
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/resolve.d b/docs/cmdline-opts/resolve.d
new file mode 100644
index 000000000..ba3967a14
--- /dev/null
+++ b/docs/cmdline-opts/resolve.d
@@ -0,0 +1,17 @@
+Long: resolve
+Arg: <host:port:address>
+Help: Resolve the host+port to this address
+Added: 7.21.3
+---
+Provide a custom address for a specific host and port pair. Using this, you
+can make the curl requests(s) use a specified address and prevent the
+otherwise normally resolved address to be used. Consider it a sort of
+/etc/hosts alternative provided on the command line. The port number should be
+the number used for the specific protocol the host will be used for. It means
+you need several entries if you want to provide address for the same host but
+different ports.
+
+The provided address set by this option will be used even if --ipv4 or --ipv6
+is set to make curl use another IP version.
+
+This option can be used many times to add many host names to resolve.
diff --git a/docs/cmdline-opts/retry-connrefused.d
b/docs/cmdline-opts/retry-connrefused.d
new file mode 100644
index 000000000..6a78e1fda
--- /dev/null
+++ b/docs/cmdline-opts/retry-connrefused.d
@@ -0,0 +1,6 @@
+Long: retry-connrefused
+Help: Retry on connection refused (use with --retry)
+Added: 7.52.0
+---
+In addition to the other conditions, consider ECONNREFUSED as a transient
+error too for --retry. This option is used together with --retry.
diff --git a/docs/cmdline-opts/retry-delay.d b/docs/cmdline-opts/retry-delay.d
new file mode 100644
index 000000000..43c5affa2
--- /dev/null
+++ b/docs/cmdline-opts/retry-delay.d
@@ -0,0 +1,11 @@
+long: retry-delay
+arg: <seconds>
+Help: Wait time between retries
+Added: 7.12.3
+---
+Make curl sleep this amount of time before each retry when a transfer has
+failed with a transient error (it changes the default backoff time algorithm
+between retries). This option is only interesting if --retry is also
+used. Setting this delay to zero will make curl use the default backoff time.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/retry-max-time.d
b/docs/cmdline-opts/retry-max-time.d
new file mode 100644
index 000000000..1c2f972ab
--- /dev/null
+++ b/docs/cmdline-opts/retry-max-time.d
@@ -0,0 +1,13 @@
+long: retry-max-time
+Arg: <seconds>
+Help: Retry only within this period
+Added: 7.12.3
+---
+The retry timer is reset before the first transfer attempt. Retries will be
+done as usual (see --retry) as long as the timer hasn't reached this given
+limit. Notice that if the timer hasn't reached the limit, the request will be
+made and while performing, it may take longer than this given time period. To
+limit a single request\'s maximum time, use --max-time. Set this option to
+zero to not timeout retries.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/retry.d b/docs/cmdline-opts/retry.d
new file mode 100644
index 000000000..35215dfd4
--- /dev/null
+++ b/docs/cmdline-opts/retry.d
@@ -0,0 +1,17 @@
+Long: retry
+Arg: <num>
+Added: 7.12.3
+Help: Retry request if transient problems occur
+---
+If a transient error is returned when curl tries to perform a transfer, it
+will retry this number of times before giving up. Setting the number to 0
+makes curl do no retries (which is the default). Transient error means either:
+a timeout, an FTP 4xx response code or an HTTP 5xx response code.
+
+When curl is about to retry a transfer, it will first wait one second and then
+for all forthcoming retries it will double the waiting time until it reaches
+10 minutes which then will be the delay between the rest of the retries. By
+using --retry-delay you disable this exponential backoff algorithm. See also
+--retry-max-time to limit the total time allowed for retries.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/sasl-ir.d b/docs/cmdline-opts/sasl-ir.d
new file mode 100644
index 000000000..120b19da0
--- /dev/null
+++ b/docs/cmdline-opts/sasl-ir.d
@@ -0,0 +1,5 @@
+long: sasl-ir
+Help: Enable initial response in SASL authentication
+Added: 7.31.0
+---
+Enable initial response in SASL authentication.
diff --git a/docs/cmdline-opts/service-name.d b/docs/cmdline-opts/service-name.d
new file mode 100644
index 000000000..4dfeb27d6
--- /dev/null
+++ b/docs/cmdline-opts/service-name.d
@@ -0,0 +1,8 @@
+Long: service-name
+Help: SPNEGO service name
+Arg: <name>
+Added: 7.43.0
+---
+This option allows you to change the service name for SPNEGO.
+
+Examples: --negotiate --service-name sockd would use sockd/server-name.
diff --git a/docs/cmdline-opts/show-error.d b/docs/cmdline-opts/show-error.d
new file mode 100644
index 000000000..ede174b7d
--- /dev/null
+++ b/docs/cmdline-opts/show-error.d
@@ -0,0 +1,5 @@
+long: show-error
+Short: S
+Help: Show error even when -s is used
+---
+When used with --silent, it makes curl show an error message if it fails.
diff --git a/docs/cmdline-opts/silent.d b/docs/cmdline-opts/silent.d
new file mode 100644
index 000000000..7603b7634
--- /dev/null
+++ b/docs/cmdline-opts/silent.d
@@ -0,0 +1,11 @@
+long: silent
+Short: s
+Help: Silent mode
+See-also: verbose stderr
+---
+Silent or quiet mode. Don't show progress meter or error messages. Makes Curl
+mute. It will still output the data you ask for, potentially even to the
+terminal/stdout unless you redirect it.
+
+Use --show-error in addition to this option to disable progress meter but
+still show error messages.
diff --git a/docs/cmdline-opts/socks4.d b/docs/cmdline-opts/socks4.d
new file mode 100644
index 000000000..11f6ae033
--- /dev/null
+++ b/docs/cmdline-opts/socks4.d
@@ -0,0 +1,19 @@
+Long: socks4
+Arg: <host[:port]>
+Help: SOCKS4 proxy on given host + port
+Added: 7.15.2
+---
+Use the specified SOCKS4 proxy. If the port number is not specified, it is
+assumed at port 1080.
+
+This option overrides any previous use of --proxy, as they are mutually
+exclusive.
+
+Since 7.21.7, this option is superfluous since you can specify a socks4 proxy
+with --proxy using a socks4:// protocol prefix.
+
+Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at the same time
+--proxy is used with an HTTP/HTTPS proxy. In such a case curl first connects to
+the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/socks4a.d b/docs/cmdline-opts/socks4a.d
new file mode 100644
index 000000000..ae254ae0e
--- /dev/null
+++ b/docs/cmdline-opts/socks4a.d
@@ -0,0 +1,19 @@
+Long: socks4a
+Arg: <host[:port]>
+Help: SOCKS4a proxy on given host + port
+Added: 7.18.0
+---
+Use the specified SOCKS4a proxy. If the port number is not specified, it is
+assumed at port 1080.
+
+This option overrides any previous use of --proxy, as they are mutually
+exclusive.
+
+Since 7.21.7, this option is superfluous since you can specify a socks4a proxy
+with --proxy using a socks4a:// protocol prefix.
+
+Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at the same time
+--proxy is used with an HTTP/HTTPS proxy. In such a case curl first connects to
+the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/socks5-basic.d b/docs/cmdline-opts/socks5-basic.d
new file mode 100644
index 000000000..67d16b3a6
--- /dev/null
+++ b/docs/cmdline-opts/socks5-basic.d
@@ -0,0 +1,7 @@
+Long: socks5-basic
+Help: Enable username/password auth for SOCKS5 proxies
+Added: 7.55.0
+---
+Tells curl to use username/password authentication when connecting to a SOCKS5
+proxy. The username/password authentication is enabled by default. Use
+--socks5-gssapi to force GSS-API authentication to SOCKS5 proxies.
diff --git a/docs/cmdline-opts/socks5-gssapi-nec.d
b/docs/cmdline-opts/socks5-gssapi-nec.d
new file mode 100644
index 000000000..477e218e3
--- /dev/null
+++ b/docs/cmdline-opts/socks5-gssapi-nec.d
@@ -0,0 +1,8 @@
+Long: socks5-gssapi-nec
+Help: Compatibility with NEC SOCKS5 server
+Added: 7.19.4
+---
+As part of the GSS-API negotiation a protection mode is negotiated. RFC 1961
+says in section 4.3/4.4 it should be protected, but the NEC reference
+implementation does not. The option --socks5-gssapi-nec allows the
+unprotected exchange of the protection mode negotiation.
diff --git a/docs/cmdline-opts/socks5-gssapi-service.d
b/docs/cmdline-opts/socks5-gssapi-service.d
new file mode 100644
index 000000000..eb3b2407b
--- /dev/null
+++ b/docs/cmdline-opts/socks5-gssapi-service.d
@@ -0,0 +1,12 @@
+Long: socks5-gssapi-service
+Arg: <name>
+Help: SOCKS5 proxy service name for GSS-API
+Added: 7.19.4
+---
+The default service name for a socks server is rcmd/server-fqdn. This option
+allows you to change it.
+
+Examples: --socks5 proxy-name --socks5-gssapi-service sockd would use
+sockd/proxy-name --socks5 proxy-name --socks5-gssapi-service sockd/real-name
+would use sockd/real-name for cases where the proxy-name does not match the
+principal name.
diff --git a/docs/cmdline-opts/socks5-gssapi.d
b/docs/cmdline-opts/socks5-gssapi.d
new file mode 100644
index 000000000..0070f37eb
--- /dev/null
+++ b/docs/cmdline-opts/socks5-gssapi.d
@@ -0,0 +1,8 @@
+Long: socks5-gssapi
+Help: Enable GSS-API auth for SOCKS5 proxies
+Added: 7.55.0
+---
+Tells curl to use GSS-API authentication when connecting to a SOCKS5 proxy.
+The GSS-API authentication is enabled by default (if curl is compiled with
+GSS-API support). Use --socks5-basic to force username/password authentication
+to SOCKS5 proxies.
diff --git a/docs/cmdline-opts/socks5-hostname.d
b/docs/cmdline-opts/socks5-hostname.d
new file mode 100644
index 000000000..9d9d946e5
--- /dev/null
+++ b/docs/cmdline-opts/socks5-hostname.d
@@ -0,0 +1,19 @@
+Long: socks5-hostname
+Arg: <host[:port]>
+Help: SOCKS5 proxy, pass host name to proxy
+Added: 7.18.0
+---
+Use the specified SOCKS5 proxy (and let the proxy resolve the host name). If
+the port number is not specified, it is assumed at port 1080.
+
+This option overrides any previous use of --proxy, as they are mutually
+exclusive.
+
+Since 7.21.7, this option is superfluous since you can specify a socks5
+hostname proxy with --proxy using a socks5h:// protocol prefix.
+
+Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at the same time
+--proxy is used with an HTTP/HTTPS proxy. In such a case curl first connects to
+the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/socks5.d b/docs/cmdline-opts/socks5.d
new file mode 100644
index 000000000..22fae7629
--- /dev/null
+++ b/docs/cmdline-opts/socks5.d
@@ -0,0 +1,21 @@
+Long: socks5
+Arg: <host[:port]>
+Help: SOCKS5 proxy on given host + port
+Added: 7.18.0
+---
+Use the specified SOCKS5 proxy - but resolve the host name locally. If the
+port number is not specified, it is assumed at port 1080.
+
+This option overrides any previous use of --proxy, as they are mutually
+exclusive.
+
+Since 7.21.7, this option is superfluous since you can specify a socks5 proxy
+with --proxy using a socks5:// protocol prefix.
+
+Since 7.52.0, --preproxy can be used to specify a SOCKS proxy at the same time
+--proxy is used with an HTTP/HTTPS proxy. In such a case curl first connects to
+the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy.
+
+If this option is used several times, the last one will be used.
+
+This option (as well as --socks4) does not work with IPV6, FTPS or LDAP.
diff --git a/docs/cmdline-opts/speed-limit.d b/docs/cmdline-opts/speed-limit.d
new file mode 100644
index 000000000..e2b81c79a
--- /dev/null
+++ b/docs/cmdline-opts/speed-limit.d
@@ -0,0 +1,10 @@
+Long: speed-limit
+Short: Y
+Arg: <speed>
+Help: Stop transfers slower than this
+---
+If a download is slower than this given speed (in bytes per second) for
+speed-time seconds it gets aborted. speed-time is set with --speed-time and is
+30 if not set.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/speed-time.d b/docs/cmdline-opts/speed-time.d
new file mode 100644
index 000000000..98d6ae13c
--- /dev/null
+++ b/docs/cmdline-opts/speed-time.d
@@ -0,0 +1,13 @@
+Long: speed-time
+Short: y
+Arg: <seconds>
+Help: Trigger 'speed-limit' abort after this time
+---
+If a download is slower than speed-limit bytes per second during a speed-time
+period, the download gets aborted. If speed-time is used, the default
+speed-limit will be 1 unless set with --speed-limit.
+
+This option controls transfers and thus will not affect slow connects etc. If
+this is a concern for you, try the --connect-timeout option.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/ssl-allow-beast.d
b/docs/cmdline-opts/ssl-allow-beast.d
new file mode 100644
index 000000000..973fcd451
--- /dev/null
+++ b/docs/cmdline-opts/ssl-allow-beast.d
@@ -0,0 +1,9 @@
+Long: ssl-allow-beast
+Help: Allow security flaw to improve interop
+Added: 7.25.0
+---
+This option tells curl to not work around a security flaw in the SSL3 and
+TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer may
+use workarounds known to cause interoperability problems with some older SSL
+implementations. WARNING: this option loosens the SSL security, and by using
+this flag you ask for exactly that.
diff --git a/docs/cmdline-opts/ssl-no-revoke.d
b/docs/cmdline-opts/ssl-no-revoke.d
new file mode 100644
index 000000000..cdb6fb5ee
--- /dev/null
+++ b/docs/cmdline-opts/ssl-no-revoke.d
@@ -0,0 +1,7 @@
+Long: ssl-no-revoke
+Help: Disable cert revocation checks (WinSSL)
+Added: 7.44.0
+---
+(WinSSL) This option tells curl to disable certificate revocation checks.
+WARNING: this option loosens the SSL security, and by using this flag you ask
+for exactly that.
diff --git a/docs/cmdline-opts/ssl-reqd.d b/docs/cmdline-opts/ssl-reqd.d
new file mode 100644
index 000000000..b21aed104
--- /dev/null
+++ b/docs/cmdline-opts/ssl-reqd.d
@@ -0,0 +1,9 @@
+long: ssl-reqd
+Help: Require SSL/TLS
+Protocols: FTP IMAP POP3 SMTP
+Added: 7.20.0
+---
+Require SSL/TLS for the connection. Terminates the connection if the server
+doesn't support SSL/TLS.
+
+This option was formerly known as --ftp-ssl-reqd.
diff --git a/docs/cmdline-opts/ssl.d b/docs/cmdline-opts/ssl.d
new file mode 100644
index 000000000..71c187ae3
--- /dev/null
+++ b/docs/cmdline-opts/ssl.d
@@ -0,0 +1,12 @@
+long: ssl
+Help: Try SSL/TLS
+Protocols: FTP IMAP POP3 SMTP
+Added: 7.20.0
+---
+
+Try to use SSL/TLS for the connection. Reverts to a non-secure connection if
+the server doesn't support SSL/TLS. See also --ftp-ssl-control and --ssl-reqd
+for different levels of encryption required.
+
+This option was formerly known as --ftp-ssl (Added in 7.11.0). That option
+name can still be used but will be removed in a future version.
diff --git a/docs/cmdline-opts/sslv2.d b/docs/cmdline-opts/sslv2.d
new file mode 100644
index 000000000..67d2b8506
--- /dev/null
+++ b/docs/cmdline-opts/sslv2.d
@@ -0,0 +1,13 @@
+Short: 2
+Long: sslv2
+Tags: Versions
+Protocols: SSL
+Added:
+Mutexed: sslv3 tlsv1 tlsv1.1 tlsv1.2
+Requires: TLS
+See-also: http1.1 http2
+Help: Use SSLv2
+---
+Forces curl to use SSL version 2 when negotiating with a remote SSL
+server. Sometimes curl is built without SSLv2 support. SSLv2 is widely
+considered insecure (see RFC 6176).
diff --git a/docs/cmdline-opts/sslv3.d b/docs/cmdline-opts/sslv3.d
new file mode 100644
index 000000000..101ad1004
--- /dev/null
+++ b/docs/cmdline-opts/sslv3.d
@@ -0,0 +1,13 @@
+Short: 3
+Long: sslv3
+Tags: Versions
+Protocols: SSL
+Added:
+Mutexed: sslv2 tlsv1 tlsv1.1 tlsv1.2
+Requires: TLS
+See-also: http1.1 http2
+Help: Use SSLv3
+---
+Forces curl to use SSL version 3 when negotiating with a remote SSL
+server. Sometimes curl is built without SSLv3 support. SSLv3 is widely
+considered insecure (see RFC 7568).
diff --git a/docs/cmdline-opts/stderr.d b/docs/cmdline-opts/stderr.d
new file mode 100644
index 000000000..e8cf7ba68
--- /dev/null
+++ b/docs/cmdline-opts/stderr.d
@@ -0,0 +1,8 @@
+Long: stderr
+Help: Where to redirect stderr
+See-also: verbose silent
+---
+Redirect all writes to stderr to the specified file instead. If the file name
+is a plain '-', it is instead written to stdout.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/suppress-connect-headers.d
b/docs/cmdline-opts/suppress-connect-headers.d
new file mode 100644
index 000000000..d208b8917
--- /dev/null
+++ b/docs/cmdline-opts/suppress-connect-headers.d
@@ -0,0 +1,8 @@
+Long: suppress-connect-headers
+Help: Suppress proxy CONNECT response headers
+See-also: dump-header include proxytunnel
+---
+When --proxytunnel is used and a CONNECT request is made don't output proxy
+CONNECT response headers. This option is meant to be used with --dump-header or
+--include which are used to show protocol headers in the output. It has no
+effect on debug options such as --verbose or --trace, or any statistics.
diff --git a/docs/cmdline-opts/tcp-fastopen.d b/docs/cmdline-opts/tcp-fastopen.d
new file mode 100644
index 000000000..08e141df7
--- /dev/null
+++ b/docs/cmdline-opts/tcp-fastopen.d
@@ -0,0 +1,5 @@
+Long: tcp-fastopen
+Added: 7.49.0
+Help: Use TCP Fast Open
+---
+Enable use of TCP Fast Open (RFC7413).
diff --git a/docs/cmdline-opts/tcp-nodelay.d b/docs/cmdline-opts/tcp-nodelay.d
new file mode 100644
index 000000000..f047a7c6f
--- /dev/null
+++ b/docs/cmdline-opts/tcp-nodelay.d
@@ -0,0 +1,9 @@
+Long: tcp-nodelay
+Help: Use the TCP_NODELAY option
+Added: 7.11.2
+---
+Turn on the TCP_NODELAY option. See the \fIcurl_easy_setopt(3)\fP man page for
+details about this option.
+
+Since 7.50.2, curl sets this option by default and you need to explicitly
+switch it off if you don't want it on.
diff --git a/docs/cmdline-opts/telnet-option.d
b/docs/cmdline-opts/telnet-option.d
new file mode 100644
index 000000000..a67cb627b
--- /dev/null
+++ b/docs/cmdline-opts/telnet-option.d
@@ -0,0 +1,12 @@
+Long: telnet-option
+Short: t
+Arg: <opt=val>
+Help: Set telnet option
+---
+Pass options to the telnet protocol. Supported options are:
+
+TTYPE=<term> Sets the terminal type.
+
+XDISPLOC=<X display> Sets the X display location.
+
+NEW_ENV=<var,val> Sets an environment variable.
diff --git a/docs/cmdline-opts/tftp-blksize.d b/docs/cmdline-opts/tftp-blksize.d
new file mode 100644
index 000000000..04c6c53b6
--- /dev/null
+++ b/docs/cmdline-opts/tftp-blksize.d
@@ -0,0 +1,11 @@
+Long: tftp-blksize
+Arg: <value>
+help: Set TFTP BLKSIZE option
+Protocols: TFTP
+Added: 7.20.0
+---
+Set TFTP BLKSIZE option (must be >512). This is the block size that curl will
+try to use when transferring data to or from a TFTP server. By default 512
+bytes will be used.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/tftp-no-options.d
b/docs/cmdline-opts/tftp-no-options.d
new file mode 100644
index 000000000..e2a4dacd5
--- /dev/null
+++ b/docs/cmdline-opts/tftp-no-options.d
@@ -0,0 +1,10 @@
+Long: tftp-no-options
+Help: Do not send any TFTP options
+Protocols: TFTP
+Added: 7.48.0
+---
+Tells curl not to send TFTP options requests.
+
+This option improves interop with some legacy servers that do not acknowledge
+or properly implement TFTP options. When this option is used --tftp-blksize is
+ignored.
diff --git a/docs/cmdline-opts/time-cond.d b/docs/cmdline-opts/time-cond.d
new file mode 100644
index 000000000..830b4e1a2
--- /dev/null
+++ b/docs/cmdline-opts/time-cond.d
@@ -0,0 +1,17 @@
+Long: time-cond
+Short: z
+Arg: <time>
+Help: Transfer based on a time condition
+Protocols: HTTP FTP
+---
+Request a file that has been modified later than the given time and date, or
+one that has been modified before that time. The <date expression> can be all
+sorts of date strings or if it doesn't match any internal ones, it is taken as
+a filename and tries to get the modification date (mtime) from <file>
+instead. See the \fIcurl_getdate(3)\fP man pages for date expression details.
+
+Start the date expression with a dash (-) to make it request for a document
+that is older than the given date/time, default is a document that is newer
+than the specified date/time.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/tls-max.d b/docs/cmdline-opts/tls-max.d
new file mode 100644
index 000000000..7ae862252
--- /dev/null
+++ b/docs/cmdline-opts/tls-max.d
@@ -0,0 +1,24 @@
+Long: tls-max
+Arg: <VERSION>
+Tags: Versions
+Protocols: SSL
+Added: 7.54.0
+Requires: TLS
+See-also: tlsv1.0 tlsv1.1 tlsv1.2
+Help: Use TLSv1.0 or greater
+---
+VERSION defines maximum supported TLS version. A minimum is defined
+by arguments tlsv1.0 or tlsv1.1 or tlsv1.2.
+
+.RS
+.IP "default"
+Use up to recommended TLS version.
+.IP "1.0"
+Use up to TLSv1.0.
+.IP "1.1"
+Use up to TLSv1.1.
+.IP "1.2"
+Use up to TLSv1.2.
+.IP "1.3"
+Use up to TLSv1.3.
+.RE
diff --git a/docs/cmdline-opts/tlsauthtype.d b/docs/cmdline-opts/tlsauthtype.d
new file mode 100644
index 000000000..1b1481ffe
--- /dev/null
+++ b/docs/cmdline-opts/tlsauthtype.d
@@ -0,0 +1,8 @@
+Long: tlsauthtype
+Arg: <type>
+Help: TLS authentication type
+Added: 7.21.4
+---
+Set TLS authentication type. Currently, the only supported option is "SRP",
+for TLS-SRP (RFC 5054). If --tlsuser and --tlspassword are specified but
+--tlsauthtype is not, then this option defaults to "SRP".
diff --git a/docs/cmdline-opts/tlspassword.d b/docs/cmdline-opts/tlspassword.d
new file mode 100644
index 000000000..234a1168c
--- /dev/null
+++ b/docs/cmdline-opts/tlspassword.d
@@ -0,0 +1,6 @@
+Long: tlspassword
+Help: TLS password
+Added: 7.21.4
+---
+Set password for use with the TLS authentication method specified with
+--tlsauthtype. Requires that --tlsuser also be set.
diff --git a/docs/cmdline-opts/tlsuser.d b/docs/cmdline-opts/tlsuser.d
new file mode 100644
index 000000000..72f1e1667
--- /dev/null
+++ b/docs/cmdline-opts/tlsuser.d
@@ -0,0 +1,7 @@
+Long: tlsuser
+Arg: <name>
+Help: TLS user name
+Added: 7.21.4
+---
+Set username for use with the TLS authentication method specified with
+--tlsauthtype. Requires that --tlspassword also is set.
diff --git a/docs/cmdline-opts/tlsv1.0.d b/docs/cmdline-opts/tlsv1.0.d
new file mode 100644
index 000000000..8789025e0
--- /dev/null
+++ b/docs/cmdline-opts/tlsv1.0.d
@@ -0,0 +1,6 @@
+Long: tlsv1.0
+Help: Use TLSv1.0
+Protocols: TLS
+Added: 7.34.0
+---
+Forces curl to use TLS version 1.0 when connecting to a remote TLS server.
diff --git a/docs/cmdline-opts/tlsv1.1.d b/docs/cmdline-opts/tlsv1.1.d
new file mode 100644
index 000000000..9bfdc3536
--- /dev/null
+++ b/docs/cmdline-opts/tlsv1.1.d
@@ -0,0 +1,6 @@
+Long: tlsv1.1
+Help: Use TLSv1.1
+Protocols: TLS
+Added: 7.34.0
+---
+Forces curl to use TLS version 1.1 when connecting to a remote TLS server.
diff --git a/docs/cmdline-opts/tlsv1.2.d b/docs/cmdline-opts/tlsv1.2.d
new file mode 100644
index 000000000..6db94dc8d
--- /dev/null
+++ b/docs/cmdline-opts/tlsv1.2.d
@@ -0,0 +1,6 @@
+Long: tlsv1.2
+Help: Use TLSv1.2
+Protocols: TLS
+Added: 7.34.0
+---
+Forces curl to use TLS version 1.2 when connecting to a remote TLS server.
diff --git a/docs/cmdline-opts/tlsv1.3.d b/docs/cmdline-opts/tlsv1.3.d
new file mode 100644
index 000000000..7d9640e71
--- /dev/null
+++ b/docs/cmdline-opts/tlsv1.3.d
@@ -0,0 +1,9 @@
+Long: tlsv1.3
+Help: Use TLSv1.3
+Protocols: TLS
+Added: 7.52.0
+---
+Forces curl to use TLS version 1.3 when connecting to a remote TLS server.
+
+Note that TLS 1.3 is only supported by a subset of TLS backends. At the time
+of writing this, those are BoringSSL and NSS only.
diff --git a/docs/cmdline-opts/tlsv1.d b/docs/cmdline-opts/tlsv1.d
new file mode 100644
index 000000000..9c9f6b3f5
--- /dev/null
+++ b/docs/cmdline-opts/tlsv1.d
@@ -0,0 +1,12 @@
+Short: 1
+Long: tlsv1
+Tags: Versions
+Protocols: SSL
+Added:
+Mutexed: tlsv1.1 tlsv1.2 tlsv1.3
+Requires: TLS
+See-also: http1.1 http2
+Help: Use TLSv1.0 or greater
+---
+Tells curl to use TLS version 1.x when negotiating with a remote TLS
+server. That means TLS version 1.0, 1.1 or 1.2.
diff --git a/docs/cmdline-opts/tr-encoding.d b/docs/cmdline-opts/tr-encoding.d
new file mode 100644
index 000000000..01bb62bb3
--- /dev/null
+++ b/docs/cmdline-opts/tr-encoding.d
@@ -0,0 +1,7 @@
+Long: tr-encoding
+Added: 7.21.6
+Help: Request compressed transfer encoding
+Protocols: HTTP
+---
+Request a compressed Transfer-Encoding response using one of the algorithms
+curl supports, and uncompress the data while receiving it.
diff --git a/docs/cmdline-opts/trace-ascii.d b/docs/cmdline-opts/trace-ascii.d
new file mode 100644
index 000000000..fceaa7126
--- /dev/null
+++ b/docs/cmdline-opts/trace-ascii.d
@@ -0,0 +1,14 @@
+Long: trace-ascii
+Arg: <file>
+Help: Like --trace, but without hex output
+Mutexed: trace verbose
+---
+Enables a full trace dump of all incoming and outgoing data, including
+descriptive information, to the given output file. Use "-" as filename to have
+the output sent to stdout.
+
+This is very similar to --trace, but leaves out the hex part and only shows
+the ASCII part of the dump. It makes smaller output that might be easier to
+read for untrained humans.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/trace-time.d b/docs/cmdline-opts/trace-time.d
new file mode 100644
index 000000000..27dcc42cf
--- /dev/null
+++ b/docs/cmdline-opts/trace-time.d
@@ -0,0 +1,5 @@
+Long: trace-time
+Help: Add time stamps to trace/verbose output
+Added: 7.14.0
+---
+Prepends a time stamp to each trace or verbose line that curl displays.
diff --git a/docs/cmdline-opts/trace.d b/docs/cmdline-opts/trace.d
new file mode 100644
index 000000000..334ea5ad6
--- /dev/null
+++ b/docs/cmdline-opts/trace.d
@@ -0,0 +1,11 @@
+Long: trace
+Arg: <file>
+Help: Write a debug trace to FILE
+Mutexed: verbose trace-ascii
+---
+Enables a full trace dump of all incoming and outgoing data, including
+descriptive information, to the given output file. Use "-" as filename to have
+the output sent to stdout. Use "%" as filename to have the output sent to
+stderr.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/unix-socket.d b/docs/cmdline-opts/unix-socket.d
new file mode 100644
index 000000000..812d20f3b
--- /dev/null
+++ b/docs/cmdline-opts/unix-socket.d
@@ -0,0 +1,7 @@
+Long: unix-socket
+Arg: <path>
+Help: Connect through this Unix domain socket
+Added: 7.40.0
+Protocols: HTTP
+---
+Connect through this Unix domain socket, instead of using the network.
diff --git a/docs/cmdline-opts/upload-file.d b/docs/cmdline-opts/upload-file.d
new file mode 100644
index 000000000..6f01dbf35
--- /dev/null
+++ b/docs/cmdline-opts/upload-file.d
@@ -0,0 +1,33 @@
+Long: upload-file
+Short: T
+Arg: <file>
+Help: Transfer local FILE to destination
+---
+This transfers the specified local file to the remote URL. If there is no file
+part in the specified URL, curl will append the local file name. NOTE that you
+must use a trailing / on the last directory to really prove to Curl that there
+is no file name or curl will think that your last directory name is the remote
+file name to use. That will most likely cause the upload operation to fail. If
+this is used on an HTTP(S) server, the PUT command will be used.
+
+Use the file name "-" (a single dash) to use stdin instead of a given file.
+Alternately, the file name "." (a single period) may be specified instead
+of "-" to use stdin in non-blocking mode to allow reading server output
+while stdin is being uploaded.
+
+You can specify one --upload-file for each URL on the command line. Each
+--upload-file + URL pair specifies what to upload and to where. curl also
+supports "globbing" of the --upload-file argument, meaning that you can upload
+multiple files to a single URL by using the same URL globbing style supported
+in the URL, like this:
+
+ curl --upload-file "{file1,file2}" http://www.example.com
+
+or even
+
+ curl -T "img[1-1000].png" ftp://ftp.example.com/upload/
+
+When uploading to an SMTP server: the uploaded data is assumed to be RFC 5322
+formatted. It has to feature the necessary set of headers and mail body
+formatted correctly by the user as curl will not transcode nor encode it
+further in any way.
diff --git a/docs/cmdline-opts/url.d b/docs/cmdline-opts/url.d
new file mode 100644
index 000000000..c54e1ea85
--- /dev/null
+++ b/docs/cmdline-opts/url.d
@@ -0,0 +1,15 @@
+long: url
+Arg: <url>
+Help: URL to work with
+---
+Specify a URL to fetch. This option is mostly handy when you want to specify
+URL(s) in a config file.
+
+If the given URL is missing a scheme name (such as "http://"; or "ftp://"; etc)
+then curl will make a guess based on the host. If the outermost sub-domain
+name matches DICT, FTP, IMAP, LDAP, POP3 or SMTP then that protocol will be
+used, otherwise HTTP will be used. Since 7.45.0 guessing can be disabled by
+setting a default protocol, see --proto-default for details.
+
+This option may be used any number of times. To control where this URL is
+written, use the --output or the --remote-name options.
diff --git a/docs/cmdline-opts/use-ascii.d b/docs/cmdline-opts/use-ascii.d
new file mode 100644
index 000000000..d59fad922
--- /dev/null
+++ b/docs/cmdline-opts/use-ascii.d
@@ -0,0 +1,8 @@
+Short: B
+Long: use-ascii
+Help: Use ASCII/text transfer
+Protocols: FTP LDAP
+---
+Enable ASCII transfer. For FTP, this can also be enforced by using a URL that
+ends with ";type=A". This option causes data sent to stdout to be in text mode
+for win32 systems.
diff --git a/docs/cmdline-opts/user-agent.d b/docs/cmdline-opts/user-agent.d
new file mode 100644
index 000000000..c98619d7d
--- /dev/null
+++ b/docs/cmdline-opts/user-agent.d
@@ -0,0 +1,12 @@
+Short: A
+Long: user-agent
+Arg: <name>
+Help: Send User-Agent <name> to server
+Protocols: HTTP
+---
+
+Specify the User-Agent string to send to the HTTP server. To encode blanks in
+the string, surround the string with single quote marks. This can also be set
+with the --header option of course.
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/user.d b/docs/cmdline-opts/user.d
new file mode 100644
index 000000000..439def348
--- /dev/null
+++ b/docs/cmdline-opts/user.d
@@ -0,0 +1,33 @@
+Long: user
+Short: u
+Arg: <user:password>
+Help: Server user and password
+---
+Specify the user name and password to use for server authentication. Overrides
+--netrc and --netrc-optional.
+
+If you simply specify the user name, curl will prompt for a password.
+
+The user name and passwords are split up on the first colon, which makes it
+impossible to use a colon in the user name with this option. The password can,
+still.
+
+When using Kerberos V5 with a Windows based server you should include the
+Windows domain name in the user name, in order for the server to successfully
+obtain a Kerberos Ticket. If you don't then the initial authentication
+handshake may fail.
+
+When using NTLM, the user name can be specified simply as the user name,
+without the domain, if there is a single domain and forest in your setup
+for example.
+
+To specify the domain name use either Down-Level Logon Name or UPN (User
+Principal Name) formats. For example, EXAMPLE\\user and address@hidden
+respectively.
+
+If you use a Windows SSPI-enabled curl binary and perform Kerberos V5,
+Negotiate, NTLM or Digest authentication then you can tell curl to select
+the user name and password from your environment by specifying a single colon
+with this option: "-u :".
+
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/verbose.d b/docs/cmdline-opts/verbose.d
new file mode 100644
index 000000000..5d3352183
--- /dev/null
+++ b/docs/cmdline-opts/verbose.d
@@ -0,0 +1,19 @@
+Short: v
+Long: verbose
+Mutexed: trace trace-ascii
+Help: Make the operation more talkative
+See-also: include
+---
+Makes curl verbose during the operation. Useful for debugging and seeing
+what's going on "under the hood". A line starting with '>' means "header data"
+sent by curl, '<' means "header data" received by curl that is hidden in
+normal cases, and a line starting with '*' means additional info provided by
+curl.
+
+If you only want HTTP headers in the output, --include might be the option
+you're looking for.
+
+If you think this option still doesn't give you enough details, consider using
+--trace or --trace-ascii instead.
+
+Use --silent to make curl really quiet.
diff --git a/docs/cmdline-opts/version.d b/docs/cmdline-opts/version.d
new file mode 100644
index 000000000..196a4a9f5
--- /dev/null
+++ b/docs/cmdline-opts/version.d
@@ -0,0 +1,58 @@
+Long: version
+Short: V
+Help: Show version number and quit
+---
+Displays information about curl and the libcurl version it uses.
+
+The first line includes the full version of curl, libcurl and other 3rd party
+libraries linked with the executable.
+
+The second line (starts with "Protocols:") shows all protocols that libcurl
+reports to support.
+
+The third line (starts with "Features:") shows specific features libcurl
+reports to offer. Available features include:
+.RS
+.IP "IPv6"
+You can use IPv6 with this.
+.IP "krb4"
+Krb4 for FTP is supported.
+.IP "SSL"
+SSL versions of various protocols are supported, such as HTTPS, FTPS, POP3S
+and so on.
+.IP "libz"
+Automatic decompression of compressed files over HTTP is supported.
+.IP "NTLM"
+NTLM authentication is supported.
+.IP "Debug"
+This curl uses a libcurl built with Debug. This enables more error-tracking
+and memory debugging etc. For curl-developers only!
+.IP "AsynchDNS"
+This curl uses asynchronous name resolves. Asynchronous name resolves can be
+done using either the c-ares or the threaded resolver backends.
+.IP "SPNEGO"
+SPNEGO authentication is supported.
+.IP "Largefile"
+This curl supports transfers of large files, files larger than 2GB.
+.IP "IDN"
+This curl supports IDN - international domain names.
+.IP "GSS-API"
+GSS-API is supported.
+.IP "SSPI"
+SSPI is supported.
+.IP "TLS-SRP"
+SRP (Secure Remote Password) authentication is supported for TLS.
+.IP "HTTP2"
+HTTP/2 support has been built-in.
+.IP "UnixSockets"
+Unix sockets support is provided.
+.IP "HTTPS-proxy"
+This curl is built to support HTTPS proxy.
+.IP "Metalink"
+This curl supports Metalink (both version 3 and 4 (RFC 5854)), which
+describes mirrors and hashes. curl will use mirrors for failover if
+there are errors (such as the file or server not being available).
+.IP "PSL"
+PSL is short for Public Suffix List and means that this curl has been built
+with knowledge about "public suffixes".
+.RE
diff --git a/docs/cmdline-opts/write-out.d b/docs/cmdline-opts/write-out.d
new file mode 100644
index 000000000..3747845cc
--- /dev/null
+++ b/docs/cmdline-opts/write-out.d
@@ -0,0 +1,142 @@
+Long: write-out
+Short: w
+Arg: <format>
+Help: Use output FORMAT after completion
+---
+Make curl display information on stdout after a completed transfer. The format
+is a string that may contain plain text mixed with any number of
+variables. The format can be specified as a literal "string", or you can have
+curl read the format from a file with "@filename" and to tell curl to read the
+format from stdin you write "@-".
+
+The variables present in the output format will be substituted by the value or
+text that curl thinks fit, as described below. All variables are specified as
+%{variable_name} and to output a normal % you just write them as %%. You can
+output a newline by using \\n, a carriage return with \\r and a tab space with
+\\t.
+
+.B NOTE:
+The %-symbol is a special symbol in the win32-environment, where all
+occurrences of % must be doubled when using this option.
+
+The variables available are:
+.RS
+.TP 15
+.B content_type
+The Content-Type of the requested document, if there was any.
+.TP
+.B filename_effective
+The ultimate filename that curl writes out to. This is only meaningful if curl
+is told to write to a file with the --remote-name or --output
+option. It's most useful in combination with the --remote-header-name
+option. (Added in 7.26.0)
+.TP
+.B ftp_entry_path
+The initial path curl ended up in when logging on to the remote FTP
+server. (Added in 7.15.4)
+.TP
+.B http_code
+The numerical response code that was found in the last retrieved HTTP(S) or
+FTP(s) transfer. In 7.18.2 the alias \fBresponse_code\fP was added to show the
+same info.
+.TP
+.B http_connect
+The numerical code that was found in the last response (from a proxy) to a
+curl CONNECT request. (Added in 7.12.4)
+.TP
+.B http_version
+The http version that was effectively used. (Added in 7.50.0)
+.TP
+.B local_ip
+The IP address of the local end of the most recently done connection - can be
+either IPv4 or IPv6 (Added in 7.29.0)
+.TP
+.B local_port
+The local port number of the most recently done connection (Added in 7.29.0)
+.TP
+.B num_connects
+Number of new connects made in the recent transfer. (Added in 7.12.3)
+.TP
+.B num_redirects
+Number of redirects that were followed in the request. (Added in 7.12.3)
+.TP
+.B proxy_ssl_verify_result
+The result of the HTTPS proxy's SSL peer certificate verification that was
+requested. 0 means the verification was successful. (Added in 7.52.0)
+.TP
+.B redirect_url
+When an HTTP request was made without --location to follow redirects (or when
+--max-redir is met), this variable will show the actual URL a redirect
+\fIwould\fP have gone to. (Added in 7.18.2)
+.TP
+.B remote_ip
+The remote IP address of the most recently done connection - can be either
+IPv4 or IPv6 (Added in 7.29.0)
+.TP
+.B remote_port
+The remote port number of the most recently done connection (Added in 7.29.0)
+.TP
+.B scheme
+The URL scheme (sometimes called protocol) that was effectively used (Added in
7.52.0)
+.TP
+.B size_download
+The total amount of bytes that were downloaded.
+.TP
+.B size_header
+The total amount of bytes of the downloaded headers.
+.TP
+.B size_request
+The total amount of bytes that were sent in the HTTP request.
+.TP
+.B size_upload
+The total amount of bytes that were uploaded.
+.TP
+.B speed_download
+The average download speed that curl measured for the complete download. Bytes
+per second.
+.TP
+.B speed_upload
+The average upload speed that curl measured for the complete upload. Bytes per
+second.
+.TP
+.B ssl_verify_result
+The result of the SSL peer certificate verification that was requested. 0
+means the verification was successful. (Added in 7.19.0)
+.TP
+.B time_appconnect
+The time, in seconds, it took from the start until the SSL/SSH/etc
+connect/handshake to the remote host was completed. (Added in 7.19.0)
+.TP
+.B time_connect
+The time, in seconds, it took from the start until the TCP connect to the
+remote host (or proxy) was completed.
+.TP
+.B time_namelookup
+The time, in seconds, it took from the start until the name resolving was
+completed.
+.TP
+.B time_pretransfer
+The time, in seconds, it took from the start until the file transfer was just
+about to begin. This includes all pre-transfer commands and negotiations that
+are specific to the particular protocol(s) involved.
+.TP
+.B time_redirect
+The time, in seconds, it took for all redirection steps including name lookup,
+connect, pretransfer and transfer before the final transaction was
+started. time_redirect shows the complete execution time for multiple
+redirections. (Added in 7.12.3)
+.TP
+.B time_starttransfer
+The time, in seconds, it took from the start until the first byte was just
+about to be transferred. This includes time_pretransfer and also the time the
+server needed to calculate the result.
+.TP
+.B time_total
+The total time, in seconds, that the full operation lasted.
+.TP
+.B url_effective
+The URL that was fetched last. This is most meaningful if you've told curl
+to follow location: headers.
+.RE
+.IP
+If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/xattr.d b/docs/cmdline-opts/xattr.d
new file mode 100644
index 000000000..b7553daeb
--- /dev/null
+++ b/docs/cmdline-opts/xattr.d
@@ -0,0 +1,8 @@
+Long: xattr
+Help: Store metadata in extended file attributes
+---
+When saving output to a file, this option tells curl to store certain file
+metadata in extended file attributes. Currently, the URL is stored in the
+xdg.origin.url attribute and, for HTTP, the content type is stored in
+the mime_type attribute. If the file system does not support extended
+attributes, a warning is issued.
diff --git a/docs/examples/10-at-a-time.c b/docs/examples/10-at-a-time.c
index aa1862ec5..b0c65b77e 100644
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -32,7 +32,7 @@
#ifndef WIN32
# include <unistd.h>
#endif
-#include <curl/multi.h>
+#include <gnurl/multi.h>
static const char *urls[] = {
"http://www.microsoft.com";,
@@ -86,7 +86,7 @@ static const char *urls[] = {
};
#define MAX 10 /* number of simultaneous transfers */
-#define CNT sizeof(urls)/sizeof(char*) /* total number of transfers to do */
+#define CNT sizeof(urls)/sizeof(char *) /* total number of transfers to do */
static size_t cb(char *d, size_t n, size_t l, void *p)
{
diff --git a/docs/examples/Makefile.am b/docs/examples/Makefile.am
index ec5f9a6f1..fed027166 100644
--- a/docs/examples/Makefile.am
+++ b/docs/examples/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -30,13 +30,9 @@ EXTRA_DIST = README Makefile.example Makefile.inc
Makefile.m32 \
# being currently built and tested are searched before the library which
# might possibly already be installed in the system.
#
-# $(top_builddir)/include/curl for generated curlbuild.h included from curl.h
-# $(top_builddir)/include for generated curlbuild.h inc. from lib/curl_setup.h
# $(top_srcdir)/include is for libcurl's external include files
-AM_CPPFLAGS = -I$(top_builddir)/include/curl \
- -I$(top_builddir)/include \
- -I$(top_srcdir)/include
+AM_CPPFLAGS = -I$(top_srcdir)/include
LIBDIR = $(top_builddir)/lib
diff --git a/docs/examples/Makefile.inc b/docs/examples/Makefile.inc
index 8ce6f57f0..b92ad6bd5 100644
--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -32,7 +32,7 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface
debug fileupload \
imap-list imap-lsub imap-fetch imap-store imap-append imap-examine \
imap-search imap-create imap-delete imap-copy imap-noop imap-ssl \
imap-tls imap-multi url2file sftpget ftpsget postinmemory http2-download \
- http2-upload http2-serverpush getredirect
+ http2-upload http2-serverpush getredirect ftpuploadfrommem
# These examples require external dependencies that may not be commonly
# available on POSIX systems, so don't bother attempting to compile them here.
diff --git a/docs/examples/Makefile.m32 b/docs/examples/Makefile.m32
index e75b6d130..5fbc5d66c 100644
--- a/docs/examples/Makefile.m32
+++ b/docs/examples/Makefile.m32
@@ -84,7 +84,7 @@ endif
endif
CC = $(CROSSPREFIX)gcc
-CFLAGS = -g -O2 -Wall
+CFLAGS = -g -O2 -Wall -W
CFLAGS += -fno-strict-aliasing
ifeq ($(ARCH),w64)
CFLAGS += -m64 -D_AMD64_
diff --git a/docs/examples/Makefile.netware b/docs/examples/Makefile.netware
index 2d85e736a..e75d143d5 100644
--- a/docs/examples/Makefile.netware
+++ b/docs/examples/Makefile.netware
@@ -60,11 +60,11 @@ endif
TARGET = examples
VERSION = $(LIBCURL_VERSION)
COPYR = Copyright (C) $(LIBCURL_COPYRIGHT_STR)
-DESCR = cURL ($(LIBARCH))
+DESCR = curl ($(LIBARCH))
MTSAFE = YES
STACK = 8192
SCREEN = Example Program
-# Comment the line below if you dont want to load protected automatically.
+# Comment the line below if you don't want to load protected automatically.
# LDRING = 3
# Uncomment the next line to enable linking with POSIX semantics.
@@ -136,7 +136,7 @@ endif
CFLAGS += -align 4
else
# PRELUDE = $(NDK_CLIB)/imports/clibpre.o
- # to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+ # to avoid the __init_* / __deinit_* whoes don't use prelude from NDK
PRELUDE = "$(MWCW_PATH)/libraries/runtime/prelude.obj"
# CFLAGS += -include "$(MWCW_PATH)/headers/nlm_clib_prefix.h"
CFLAGS += -align 1
@@ -159,7 +159,7 @@ else
endif
else
# PRELUDE = $(NDK_CLIB)/imports/clibpre.gcc.o
- # to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+ # to avoid the __init_* / __deinit_* whoes don't use prelude from NDK
# http://www.gknw.net/development/mk_nlm/gcc_pre.zip
PRELUDE = $(NDK_ROOT)/pre/prelude.o
CFLAGS += -include $(NDKBASE)/nlmconv/genlm.h
diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c
index b1367deb8..243a367a8 100644
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -29,41 +29,17 @@
#ifdef WIN32
# include <io.h>
#else
-# ifdef __VMS
- typedef int intptr_t;
-# endif
-# if !defined(_AIX) && !defined(__sgi) && !defined(__osf__)
-# include <stdint.h>
-# endif
# include <unistd.h>
#endif
#include <sys/types.h>
#include <sys/stat.h>
-#ifdef _MSC_VER
-# ifdef _WIN64
- typedef __int64 intptr_t;
-# else
- typedef int intptr_t;
-# endif
-#endif
-
#include <curl/curl.h>
#if LIBCURL_VERSION_NUM < 0x070c03
#error "upgrade your libcurl to no less than 7.12.3"
#endif
-#ifndef TRUE
-#define TRUE 1
-#endif
-
-#if defined(_AIX) || defined(__sgi) || defined(__osf__)
-#ifndef intptr_t
-#define intptr_t long
-#endif
-#endif
-
/*
* This example shows a HTTP PUT operation with authentiction using "any"
* type. It PUTs a file given as a command line argument to the URL also given
@@ -147,13 +123,13 @@ int main(int argc, char **argv)
curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
/* which file to upload */
- curl_easy_setopt(curl, CURLOPT_READDATA, (void*)&hd);
+ curl_easy_setopt(curl, CURLOPT_READDATA, (void *)&hd);
/* set the ioctl function */
curl_easy_setopt(curl, CURLOPT_IOCTLFUNCTION, my_ioctl);
/* pass the file descriptor to the ioctl callback as well */
- curl_easy_setopt(curl, CURLOPT_IOCTLDATA, (void*)&hd);
+ curl_easy_setopt(curl, CURLOPT_IOCTLDATA, (void *)&hd);
/* enable "uploading" (which means PUT when doing HTTP) */
curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
diff --git a/docs/examples/asiohiper.cpp b/docs/examples/asiohiper.cpp
index d6065e554..9e0554f59 100644
--- a/docs/examples/asiohiper.cpp
+++ b/docs/examples/asiohiper.cpp
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2012 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -40,8 +40,8 @@
* Note:
* For the sake of simplicity, URL is hard coded to "www.google.com"
*
- * This is purely a demo app, all retrieved data is simply discarded by the
write
- * callback.
+ * This is purely a demo app, all retrieved data is simply discarded by the
+ * write callback.
*/
@@ -85,14 +85,12 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms,
GlobalInfo *g)
/* cancel running timer */
timer.cancel();
- if(timeout_ms > 0)
- {
+ if(timeout_ms > 0) {
/* update timer */
timer.expires_from_now(boost::posix_time::millisec(timeout_ms));
timer.async_wait(boost::bind(&timer_cb, _1, g));
}
- else
- {
+ else if(timeout_ms == 0) {
/* call timeout function immediately */
boost::system::error_code error; /*success*/
timer_cb(error, g);
@@ -104,11 +102,9 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms,
GlobalInfo *g)
/* Die if we get a bad CURLMcode somewhere */
static void mcode_or_die(const char *where, CURLMcode code)
{
- if(CURLM_OK != code)
- {
+ if(CURLM_OK != code) {
const char *s;
- switch(code)
- {
+ switch(code) {
case CURLM_CALL_MULTI_PERFORM:
s = "CURLM_CALL_MULTI_PERFORM";
break;
@@ -158,10 +154,8 @@ static void check_multi_info(GlobalInfo *g)
fprintf(MSG_OUT, "\nREMAINING: %d", g->still_running);
- while((msg = curl_multi_info_read(g->multi, &msgs_left)))
- {
- if(msg->msg == CURLMSG_DONE)
- {
+ while((msg = curl_multi_info_read(g->multi, &msgs_left))) {
+ if(msg->msg == CURLMSG_DONE) {
easy = msg->easy_handle;
res = msg->data.result;
curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn);
@@ -176,34 +170,62 @@ static void check_multi_info(GlobalInfo *g)
}
/* Called by asio when there is an action on a socket */
-static void event_cb(GlobalInfo *g, boost::asio::ip::tcp::socket *tcp_socket,
- int action)
+static void event_cb(GlobalInfo *g, curl_socket_t s,
+ int action, const boost::system::error_code & error,
+ int *fdp)
{
fprintf(MSG_OUT, "\nevent_cb: action=%d", action);
- CURLMcode rc;
- rc = curl_multi_socket_action(g->multi, tcp_socket->native_handle(), action,
- &g->still_running);
+ if(socket_map.find(s) == socket_map.end()) {
+ fprintf(MSG_OUT, "\nevent_cb: socket already closed");
+ return;
+ }
+
+ /* make sure the event matches what are wanted */
+ if(*fdp == action || *fdp == CURL_POLL_INOUT) {
+ CURLMcode rc;
+ if(error)
+ action = CURL_CSELECT_ERR;
+ rc = curl_multi_socket_action(g->multi, s, action, &g->still_running);
- mcode_or_die("event_cb: curl_multi_socket_action", rc);
- check_multi_info(g);
+ mcode_or_die("event_cb: curl_multi_socket_action", rc);
+ check_multi_info(g);
+
+ if(g->still_running <= 0) {
+ fprintf(MSG_OUT, "\nlast transfer done, kill timeout");
+ timer.cancel();
+ }
- if(g->still_running <= 0)
- {
- fprintf(MSG_OUT, "\nlast transfer done, kill timeout");
- timer.cancel();
+ /* keep on watching.
+ * the socket may have been closed and/or fdp may have been changed
+ * in curl_multi_socket_action(), so check them both */
+ if(!error && socket_map.find(s) != socket_map.end() &&
+ (*fdp == action || *fdp == CURL_POLL_INOUT)) {
+ boost::asio::ip::tcp::socket *tcp_socket = socket_map.find(s)->second;
+
+ if(action == CURL_POLL_IN) {
+ tcp_socket->async_read_some(boost::asio::null_buffers(),
+ boost::bind(&event_cb, g, s,
+ action, _1, fdp));
+ }
+ if(action == CURL_POLL_OUT) {
+ tcp_socket->async_write_some(boost::asio::null_buffers(),
+ boost::bind(&event_cb, g, s,
+ action, _1, fdp));
+ }
+ }
}
}
/* Called by asio when our timeout expires */
static void timer_cb(const boost::system::error_code & error, GlobalInfo *g)
{
- if(!error)
- {
+ if(!error) {
fprintf(MSG_OUT, "\ntimer_cb: ");
CURLMcode rc;
- rc = curl_multi_socket_action(g->multi, CURL_SOCKET_TIMEOUT, 0,
&g->still_running);
+ rc = curl_multi_socket_action(g->multi, CURL_SOCKET_TIMEOUT, 0,
+ &g->still_running);
mcode_or_die("timer_cb: curl_multi_socket_action", rc);
check_multi_info(g);
@@ -215,22 +237,21 @@ static void remsock(int *f, GlobalInfo *g)
{
fprintf(MSG_OUT, "\nremsock: ");
- if(f)
- {
+ if(f) {
free(f);
}
}
-static void setsock(int *fdp, curl_socket_t s, CURL*e, int act, GlobalInfo*g)
+static void setsock(int *fdp, curl_socket_t s, CURL *e, int act, int oldact,
+ GlobalInfo *g)
{
fprintf(MSG_OUT, "\nsetsock: socket=%d, act=%d, fdp=%p", s, act, fdp);
- std::map<curl_socket_t, boost::asio::ip::tcp::socket *>::iterator it =
socket_map.find(s);
+ std::map<curl_socket_t, boost::asio::ip::tcp::socket *>::iterator it =
+ socket_map.find(s);
- if(it == socket_map.end())
- {
+ if(it == socket_map.end()) {
fprintf(MSG_OUT, "\nsocket %d is a c-ares socket, ignoring", s);
-
return;
}
@@ -238,29 +259,34 @@ static void setsock(int *fdp, curl_socket_t s, CURL*e,
int act, GlobalInfo*g)
*fdp = act;
- if(act == CURL_POLL_IN)
- {
+ if(act == CURL_POLL_IN) {
fprintf(MSG_OUT, "\nwatching for socket to become readable");
-
- tcp_socket->async_read_some(boost::asio::null_buffers(),
- boost::bind(&event_cb, g, tcp_socket, act));
+ if(oldact != CURL_POLL_IN && oldact != CURL_POLL_INOUT) {
+ tcp_socket->async_read_some(boost::asio::null_buffers(),
+ boost::bind(&event_cb, g, s,
+ CURL_POLL_IN, _1, fdp));
+ }
}
- else if (act == CURL_POLL_OUT)
- {
+ else if(act == CURL_POLL_OUT) {
fprintf(MSG_OUT, "\nwatching for socket to become writable");
-
- tcp_socket->async_write_some(boost::asio::null_buffers(),
- boost::bind(&event_cb, g, tcp_socket, act));
+ if(oldact != CURL_POLL_OUT && oldact != CURL_POLL_INOUT) {
+ tcp_socket->async_write_some(boost::asio::null_buffers(),
+ boost::bind(&event_cb, g, s,
+ CURL_POLL_OUT, _1, fdp));
+ }
}
- else if(act == CURL_POLL_INOUT)
- {
+ else if(act == CURL_POLL_INOUT) {
fprintf(MSG_OUT, "\nwatching for socket to become readable & writable");
-
- tcp_socket->async_read_some(boost::asio::null_buffers(),
- boost::bind(&event_cb, g, tcp_socket, act));
-
- tcp_socket->async_write_some(boost::asio::null_buffers(),
- boost::bind(&event_cb, g, tcp_socket, act));
+ if(oldact != CURL_POLL_IN && oldact != CURL_POLL_INOUT) {
+ tcp_socket->async_read_some(boost::asio::null_buffers(),
+ boost::bind(&event_cb, g, s,
+ CURL_POLL_IN, _1, fdp));
+ }
+ if(oldact != CURL_POLL_OUT && oldact != CURL_POLL_INOUT) {
+ tcp_socket->async_write_some(boost::asio::null_buffers(),
+ boost::bind(&event_cb, g, s,
+ CURL_POLL_OUT, _1, fdp));
+ }
}
}
@@ -269,7 +295,7 @@ static void addsock(curl_socket_t s, CURL *easy, int
action, GlobalInfo *g)
/* fdp is used to store current action */
int *fdp = (int *) calloc(sizeof(int), 1);
- setsock(fdp, s, easy, action, g);
+ setsock(fdp, s, easy, action, 0, g);
curl_multi_assign(g->multi, s, fdp);
}
@@ -285,24 +311,20 @@ static int sock_cb(CURL *e, curl_socket_t s, int what,
void *cbp, void *sockp)
fprintf(MSG_OUT,
"\nsocket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
- if(what == CURL_POLL_REMOVE)
- {
+ if(what == CURL_POLL_REMOVE) {
fprintf(MSG_OUT, "\n");
remsock(actionp, g);
}
- else
- {
- if(!actionp)
- {
+ else {
+ if(!actionp) {
fprintf(MSG_OUT, "\nAdding data: %s", whatstr[what]);
addsock(s, e, what, g);
}
- else
- {
+ else {
fprintf(MSG_OUT,
"\nChanging action from %s to %s",
whatstr[*actionp], whatstr[what]);
- setsock(actionp, s, e, what, g);
+ setsock(actionp, s, e, what, *actionp, g);
}
}
@@ -312,9 +334,8 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void
*cbp, void *sockp)
/* CURLOPT_WRITEFUNCTION */
static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data)
{
-
size_t written = size * nmemb;
- char* pBuffer = (char *) malloc(written + 1);
+ char *pBuffer = (char *)malloc(written + 1);
strncpy(pBuffer, (const char *)ptr, written);
pBuffer[written] = '\0';
@@ -350,28 +371,28 @@ static curl_socket_t opensocket(void *clientp,
curlsocktype purpose,
curl_socket_t sockfd = CURL_SOCKET_BAD;
/* restrict to IPv4 */
- if(purpose == CURLSOCKTYPE_IPCXN && address->family == AF_INET)
- {
+ if(purpose == CURLSOCKTYPE_IPCXN && address->family == AF_INET) {
/* create a tcp socket object */
- boost::asio::ip::tcp::socket *tcp_socket = new
boost::asio::ip::tcp::socket(io_service);
+ boost::asio::ip::tcp::socket *tcp_socket =
+ new boost::asio::ip::tcp::socket(io_service);
/* open it and get the native handle*/
boost::system::error_code ec;
tcp_socket->open(boost::asio::ip::tcp::v4(), ec);
- if(ec)
- {
+ if(ec) {
/* An error occurred */
- std::cout << std::endl << "Couldn't open socket [" << ec << "][" <<
ec.message() << "]";
+ std::cout << std::endl << "Couldn't open socket [" << ec << "][" <<
+ ec.message() << "]";
fprintf(MSG_OUT, "\nERROR: Returning CURL_SOCKET_BAD to signal error");
}
- else
- {
+ else {
sockfd = tcp_socket->native_handle();
fprintf(MSG_OUT, "\nOpened socket %d", sockfd);
/* save it for monitoring */
- socket_map.insert(std::pair<curl_socket_t, boost::asio::ip::tcp::socket
*>(sockfd, tcp_socket));
+ socket_map.insert(std::pair<curl_socket_t,
+ boost::asio::ip::tcp::socket *>(sockfd, tcp_socket));
}
}
@@ -383,10 +404,10 @@ static int close_socket(void *clientp, curl_socket_t item)
{
fprintf(MSG_OUT, "\nclose_socket : %d", item);
- std::map<curl_socket_t, boost::asio::ip::tcp::socket *>::iterator it =
socket_map.find(item);
+ std::map<curl_socket_t, boost::asio::ip::tcp::socket *>::iterator it =
+ socket_map.find(item);
- if(it != socket_map.end())
- {
+ if(it != socket_map.end()) {
delete it->second;
socket_map.erase(it);
}
@@ -403,10 +424,8 @@ static void new_conn(char *url, GlobalInfo *g)
conn = (ConnInfo *) calloc(1, sizeof(ConnInfo));
conn->easy = curl_easy_init();
- if(!conn->easy)
- {
+ if(!conn->easy) {
fprintf(MSG_OUT, "\ncurl_easy_init() failed, exiting!");
-
exit(2);
}
diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c
index bba8c722e..e3c49e02c 100644
--- a/docs/examples/cacertinmem.c
+++ b/docs/examples/cacertinmem.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -34,12 +34,12 @@ size_t writefunction(void *ptr, size_t size, size_t nmemb,
void *stream)
return (nmemb*size);
}
-static CURLcode sslctx_function(CURL * curl, void * sslctx, void * parm)
+static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm)
{
- X509_STORE * store;
- X509 * cert=NULL;
- BIO * bio;
- char * mypem = /* www.cacert.org */
+ X509_STORE *store;
+ X509 *cert=NULL;
+ BIO *bio;
+ char *mypem = /* www.cacert.org */
"-----BEGIN CERTIFICATE-----\n"\
"MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\n"\
"IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\n"\
@@ -107,7 +107,7 @@ static CURLcode sslctx_function(CURL * curl, void * sslctx,
void * parm)
int main(void)
{
- CURL * ch;
+ CURL *ch;
CURLcode rv;
rv=curl_global_init(CURL_GLOBAL_ALL);
@@ -133,7 +133,7 @@ int main(void)
printf("*** transfer failed ***\n");
/* second try: retrieve page using cacerts' certificate -> will succeed
- * load the certificate by installing a function doing the nescessary
+ * load the certificate by installing a function doing the necessary
* "modifications" to the SSL CONTEXT just before link init
*/
rv=curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);
diff --git a/docs/examples/certinfo.c b/docs/examples/certinfo.c
index de2e31088..1aee614ce 100644
--- a/docs/examples/certinfo.c
+++ b/docs/examples/certinfo.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -56,24 +56,19 @@ int main(void)
res = curl_easy_perform(curl);
if(!res) {
- union {
- struct curl_slist *to_info;
- struct curl_certinfo *to_certinfo;
- } ptr;
+ struct curl_certinfo *certinfo;
- ptr.to_info = NULL;
+ res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &certinfo);
- res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ptr.to_info);
-
- if(!res && ptr.to_info) {
+ if(!res && certinfo) {
int i;
- printf("%d certs!\n", ptr.to_certinfo->num_of_certs);
+ printf("%d certs!\n", certinfo->num_of_certs);
- for(i = 0; i < ptr.to_certinfo->num_of_certs; i++) {
+ for(i = 0; i < certinfo->num_of_certs; i++) {
struct curl_slist *slist;
- for(slist = ptr.to_certinfo->certinfo[i]; slist; slist = slist->next)
+ for(slist = certinfo->certinfo[i]; slist; slist = slist->next)
printf("%s\n", slist->data);
}
diff --git a/docs/examples/cookie_interface.c b/docs/examples/cookie_interface.c
index 064c7b329..2af0619b5 100644
--- a/docs/examples/cookie_interface.c
+++ b/docs/examples/cookie_interface.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -47,7 +47,8 @@ print_cookies(CURL *curl)
curl_easy_strerror(res));
exit(1);
}
- nc = cookies, i = 1;
+ nc = cookies;
+ i = 1;
while(nc) {
printf("[%d]: %s\n", i, nc->data);
nc = nc->next;
@@ -93,9 +94,9 @@ main(void)
#endif
/* Netscape format cookie */
snprintf(nline, sizeof(nline), "%s\t%s\t%s\t%s\t%lu\t%s\t%s",
- ".google.com", "TRUE", "/", "FALSE",
+ ".example.com", "TRUE", "/", "FALSE",
(unsigned long)time(NULL) + 31337UL,
- "PREF", "hello google, i like you very much!");
+ "PREF", "hello example, i like you very much!");
res = curl_easy_setopt(curl, CURLOPT_COOKIELIST, nline);
if(res != CURLE_OK) {
fprintf(stderr, "Curl curl_easy_setopt failed: %s\n",
@@ -111,7 +112,7 @@ main(void)
*/
snprintf(nline, sizeof(nline),
"Set-Cookie: OLD_PREF=3d141414bf4209321; "
- "expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com");
+ "expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.example.com");
res = curl_easy_setopt(curl, CURLOPT_COOKIELIST, nline);
if(res != CURLE_OK) {
fprintf(stderr, "Curl curl_easy_setopt failed: %s\n",
diff --git a/docs/examples/curlx.c b/docs/examples/curlx.c
index 155da2371..db0ed24d9 100644
--- a/docs/examples/curlx.c
+++ b/docs/examples/curlx.c
@@ -101,7 +101,7 @@
static const char *curlx_usage[]={
"usage: curlx args\n",
" -p12 arg - tia file ",
- " -envpass arg - environement variable which content the tia private"
+ " -envpass arg - environment variable which content the tia private"
" key password",
" -out arg - output file (response)- default stdout",
" -in arg - input file (request)- default stdin",
@@ -133,14 +133,14 @@ static const char *curlx_usage[]={
/* This is a context that we pass to all callbacks */
typedef struct sslctxparm_st {
- unsigned char * p12file;
- const char * pst;
- PKCS12 * p12;
- EVP_PKEY * pkey;
- X509 * usercert;
+ unsigned char *p12file;
+ const char *pst;
+ PKCS12 *p12;
+ EVP_PKEY *pkey;
+ X509 *usercert;
STACK_OF(X509) * ca;
- CURL * curl;
- BIO * errorbio;
+ CURL *curl;
+ BIO *errorbio;
int accesstype;
int verbose;
@@ -196,11 +196,12 @@ static int ssl_app_verify_callback(X509_STORE_CTX *ctx,
void *arg)
BIO_printf(p->errorbio, "entering ssl_app_verify_callback\n");
if((ok= X509_verify_cert(ctx)) && ctx->cert) {
- unsigned char * accessinfo;
+ unsigned char *accessinfo;
if(p->verbose > 1)
X509_print_ex(p->errorbio, ctx->cert, 0, 0);
- if(accessinfo = my_get_ext(ctx->cert, p->accesstype, NID_sinfo_access)) {
+ accessinfo = my_get_ext(ctx->cert, p->accesstype, NID_sinfo_access);
+ if(accessinfo) {
if(p->verbose)
BIO_printf(p->errorbio, "Setting URL from SIA to: %s\n", accessinfo);
@@ -228,10 +229,10 @@ static int ssl_app_verify_callback(X509_STORE_CTX *ctx,
void *arg)
- an application verification callback (the function above)
*/
-static CURLcode sslctxfun(CURL * curl, void * sslctx, void * parm)
+static CURLcode sslctxfun(CURL *curl, void *sslctx, void *parm)
{
- sslctxparm * p = (sslctxparm *) parm;
- SSL_CTX * ctx = (SSL_CTX *) sslctx;
+ sslctxparm *p = (sslctxparm *) parm;
+ SSL_CTX *ctx = (SSL_CTX *) sslctx;
if(!SSL_CTX_use_certificate(ctx, p->usercert)) {
BIO_printf(p->errorbio, "SSL_CTX_use_certificate problem\n");
@@ -270,30 +271,30 @@ int main(int argc, char **argv)
BIO* in=NULL;
BIO* out=NULL;
- char * outfile = NULL;
- char * infile = NULL;
+ char *outfile = NULL;
+ char *infile = NULL;
int tabLength=100;
char *binaryptr;
- char* mimetype;
- char* mimetypeaccept=NULL;
- char* contenttype;
- const char** pp;
- unsigned char* hostporturl = NULL;
- BIO * p12bio;
+ char *mimetype;
+ char *mimetypeaccept=NULL;
+ char *contenttype;
+ const char **pp;
+ unsigned char *hostporturl = NULL;
+ BIO *p12bio;
char **args = argv + 1;
- unsigned char * serverurl;
+ unsigned char *serverurl;
sslctxparm p;
char *response;
CURLcode res;
- struct curl_slist * headers=NULL;
+ struct curl_slist *headers=NULL;
int badarg=0;
binaryptr = malloc(tabLength);
p.verbose = 0;
- p.errorbio = BIO_new_fp (stderr, BIO_NOCLOSE);
+ p.errorbio = BIO_new_fp(stderr, BIO_NOCLOSE);
curl_global_init(CURL_GLOBAL_DEFAULT);
@@ -355,7 +356,8 @@ int main(int argc, char **argv)
}
else if(strcmp(*args, "-accesstype") == 0) {
if(args[1]) {
- if((p.accesstype = OBJ_obj2nid(OBJ_txt2obj(*++args, 0))) == 0)
+ p.accesstype = OBJ_obj2nid(OBJ_txt2obj(*++args, 0));
+ if(p.accesstype == 0)
badarg=1;
}
else
@@ -408,18 +410,21 @@ int main(int argc, char **argv)
}
- p.errorbio = BIO_new_fp (stderr, BIO_NOCLOSE);
+ p.errorbio = BIO_new_fp(stderr, BIO_NOCLOSE);
- if(!(p.curl = curl_easy_init())) {
+ p.curl = curl_easy_init();
+ if(!p.curl) {
BIO_printf(p.errorbio, "Cannot init curl lib\n");
goto err;
}
- if(!(p12bio = BIO_new_file(p.p12file, "rb"))) {
+ p12bio = BIO_new_file(p.p12file, "rb");
+ if(!p12bio) {
BIO_printf(p.errorbio, "Error opening P12 file %s\n", p.p12file);
goto err;
}
- if(!(p.p12 = d2i_PKCS12_bio (p12bio, NULL))) {
+ p.p12 = d2i_PKCS12_bio(p12bio, NULL);
+ if(!p.p12) {
BIO_printf(p.errorbio, "Cannot decode P12 structure %s\n", p.p12file);
goto err;
}
@@ -447,16 +452,19 @@ int main(int argc, char **argv)
}
else if(p.accesstype != 0) { /* see whether we can find an AIA or SIA for a
given access type */
- if(!(serverurl = my_get_ext(p.usercert, p.accesstype, NID_info_access))) {
+ serverurl = my_get_ext(p.usercert, p.accesstype, NID_info_access);
+ if(!serverurl) {
int j=0;
BIO_printf(p.errorbio, "no service URL in user cert "
"cherching in others certificats\n");
for(j=0; j<sk_X509_num(p.ca); j++) {
- if((serverurl = my_get_ext(sk_X509_value(p.ca, j), p.accesstype,
- NID_info_access)))
+ serverurl = my_get_ext(sk_X509_value(p.ca, j), p.accesstype,
+ NID_info_access);
+ if(serverurl)
break;
- if((serverurl = my_get_ext(sk_X509_value(p.ca, j), p.accesstype,
- NID_sinfo_access)))
+ serverurl = my_get_ext(sk_X509_value(p.ca, j), p.accesstype,
+ NID_sinfo_access);
+ if(serverurl)
break;
}
}
@@ -505,7 +513,7 @@ int main(int argc, char **argv)
{
int lu; int i=0;
- while((lu = BIO_read (in, &binaryptr[i], tabLength-i)) >0) {
+ while((lu = BIO_read(in, &binaryptr[i], tabLength-i)) >0) {
i+=lu;
if(i== tabLength) {
tabLength+=100;
diff --git a/docs/examples/debug.c b/docs/examples/debug.c
index f5d58bf19..e8a87ea4c 100644
--- a/docs/examples/debug.c
+++ b/docs/examples/debug.c
@@ -88,9 +88,10 @@ int my_trace(CURL *handle, curl_infotype type,
const char *text;
(void)handle; /* prevent compiler warning */
- switch (type) {
+ switch(type) {
case CURLINFO_TEXT:
fprintf(stderr, "== Info: %s", data);
+ /* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
diff --git a/docs/examples/evhiperfifo.c b/docs/examples/evhiperfifo.c
index 118f152ee..9cb8eae47 100644
--- a/docs/examples/evhiperfifo.c
+++ b/docs/examples/evhiperfifo.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -86,7 +86,7 @@ typedef struct _GlobalInfo
struct ev_timer timer_event;
CURLM *multi;
int still_running;
- FILE* input;
+ FILE *input;
} GlobalInfo;
@@ -124,7 +124,7 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms,
GlobalInfo *g)
ev_timer_init(&g->timer_event, timer_cb, t, 0.);
ev_timer_start(g->loop, &g->timer_event);
}
- else
+ else if(timeout_ms == 0)
timer_cb(g->loop, &g->timer_event, 0);
return 0;
}
@@ -134,7 +134,7 @@ static void mcode_or_die(const char *where, CURLMcode code)
{
if(CURLM_OK != code) {
const char *s;
- switch (code) {
+ switch(code) {
case CURLM_BAD_HANDLE:
s="CURLM_BAD_HANDLE";
break;
@@ -243,7 +243,8 @@ static void remsock(SockInfo *f, GlobalInfo *g)
/* Assign information to a SockInfo structure */
-static void setsock(SockInfo*f, curl_socket_t s, CURL*e, int act, GlobalInfo*g)
+static void setsock(SockInfo *f, curl_socket_t s, CURL *e, int act,
+ GlobalInfo *g)
{
printf("%s \n", __PRETTY_FUNCTION__);
@@ -316,8 +317,8 @@ static size_t write_cb(void *ptr, size_t size, size_t
nmemb, void *data)
/* CURLOPT_PROGRESSFUNCTION */
-static int prog_cb (void *p, double dltotal, double dlnow, double ult,
- double uln)
+static int prog_cb(void *p, double dltotal, double dlnow, double ult,
+ double uln)
{
ConnInfo *conn = (ConnInfo *)p;
(void)ult;
@@ -387,7 +388,7 @@ static void fifo_cb(EV_P_ struct ev_io *w, int revents)
}
/* Create a named pipe and tell libevent to monitor it */
-static int init_fifo (GlobalInfo *g)
+static int init_fifo(GlobalInfo *g)
{
struct stat st;
static const char *fifo = "hiper.fifo";
@@ -398,18 +399,18 @@ static int init_fifo (GlobalInfo *g)
if((st.st_mode & S_IFMT) == S_IFREG) {
errno = EEXIST;
perror("lstat");
- exit (1);
+ exit(1);
}
}
unlink(fifo);
if(mkfifo (fifo, 0600) == -1) {
perror("mkfifo");
- exit (1);
+ exit(1);
}
sockfd = open(fifo, O_RDWR | O_NONBLOCK, 0);
if(sockfd == -1) {
perror("open");
- exit (1);
+ exit(1);
}
g->input = fdopen(sockfd, "r");
diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c
index 9b144b42d..0ac113db3 100644
--- a/docs/examples/externalsocket.c
+++ b/docs/examples/externalsocket.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -38,7 +38,7 @@
#include <sys/types.h> /* socket types */
#include <sys/socket.h> /* socket definitions */
#include <netinet/in.h>
-#include <arpa/inet.h> /* inet (3) funtions */
+#include <arpa/inet.h> /* inet (3) functions */
#include <unistd.h> /* misc. Unix functions */
#endif
@@ -58,6 +58,13 @@ static size_t write_data(void *ptr, size_t size, size_t
nmemb, void *stream)
return written;
}
+static int closecb(void *clientp, curl_socket_t item)
+{
+ (void)clientp;
+ printf("libcurl wants to close %d now\n", (int)item);
+ return 0;
+}
+
static curl_socket_t opensocket(void *clientp,
curlsocktype purpose,
struct curl_sockaddr *address)
@@ -90,9 +97,8 @@ int main(void)
#ifdef WIN32
WSADATA wsaData;
- int initwsa;
-
- if((initwsa = WSAStartup(MAKEWORD(2, 0), &wsaData)) != 0) {
+ int initwsa = WSAStartup(MAKEWORD(2, 0), &wsaData);
+ if(initwsa != 0) {
printf("WSAStartup failed: %d\n", initwsa);
return 1;
}
@@ -107,7 +113,8 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_URL, "http://99.99.99.99:9999";);
/* Create the socket "manually" */
- if((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == CURL_SOCKET_BAD) {
+ sockfd = socket(AF_INET, SOCK_STREAM, 0);
+ if(sockfd == CURL_SOCKET_BAD) {
printf("Error creating listening socket.\n");
return 3;
}
@@ -116,7 +123,8 @@ int main(void)
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(PORTNUM);
- if(INADDR_NONE == (servaddr.sin_addr.s_addr = inet_addr(IPADDR)))
+ servaddr.sin_addr.s_addr = inet_addr(IPADDR);
+ if(INADDR_NONE == servaddr.sin_addr.s_addr)
return 2;
if(connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)) ==
@@ -136,6 +144,10 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_OPENSOCKETFUNCTION, opensocket);
curl_easy_setopt(curl, CURLOPT_OPENSOCKETDATA, &sockfd);
+ /* call this function to close sockets */
+ curl_easy_setopt(curl, CURLOPT_CLOSESOCKETFUNCTION, closecb);
+ curl_easy_setopt(curl, CURLOPT_CLOSESOCKETDATA, &sockfd);
+
/* call this function to set options for the socket */
curl_easy_setopt(curl, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
diff --git a/docs/examples/fileupload.c b/docs/examples/fileupload.c
index 363fae694..6b05c4cec 100644
--- a/docs/examples/fileupload.c
+++ b/docs/examples/fileupload.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -37,16 +37,12 @@ int main(void)
FILE *fd;
fd = fopen("debugit", "rb"); /* open file to upload */
- if(!fd) {
-
+ if(!fd)
return 1; /* can't continue */
- }
/* to get the file size */
- if(fstat(fileno(fd), &file_info) != 0) {
-
+ if(fstat(fileno(fd), &file_info) != 0)
return 1; /* can't continue */
- }
curl = curl_easy_init();
if(curl) {
@@ -86,5 +82,6 @@ int main(void)
/* always cleanup */
curl_easy_cleanup(curl);
}
+ fclose(fd);
return 0;
}
diff --git a/docs/examples/fopen.c b/docs/examples/fopen.c
index 71be178ef..1e0a09a0a 100644
--- a/docs/examples/fopen.c
+++ b/docs/examples/fopen.c
@@ -10,8 +10,8 @@
* instead of (only) local files. Local files (ie those that can be directly
* fopened) will drop back to using the underlying clib implementations
*
- * See the main() function at the bottom that shows an app that retrives from a
- * specified url using fgets() and fread() and saves as two output files.
+ * See the main() function at the bottom that shows an app that retrieves from
+ * a specified url using fgets() and fread() and saves as two output files.
*
* Copyright (c) 2003 Simtec Electronics
*
@@ -84,11 +84,11 @@ URL_FILE *url_fopen(const char *url, const char *operation);
int url_fclose(URL_FILE *file);
int url_feof(URL_FILE *file);
size_t url_fread(void *ptr, size_t size, size_t nmemb, URL_FILE *file);
-char * url_fgets(char *ptr, size_t size, URL_FILE *file);
+char *url_fgets(char *ptr, size_t size, URL_FILE *file);
void url_rewind(URL_FILE *file);
/* we use a global one for convenience */
-CURLM *multi_handle;
+static CURLM *multi_handle;
/* curl calls this routine to get more data */
static size_t write_callback(char *buffer,
@@ -345,7 +345,7 @@ size_t url_fread(void *ptr, size_t size, size_t nmemb,
URL_FILE *file)
fill_buffer(file, want);
- /* check if theres data in the buffer - if not fill_buffer()
+ /* check if there's data in the buffer - if not fill_buffer()
* either errored or EOF */
if(!file->buffer_pos)
return 0;
@@ -384,7 +384,7 @@ char *url_fgets(char *ptr, size_t size, URL_FILE *file)
case CFTYPE_CURL:
fill_buffer(file, want);
- /* check if theres data in the buffer - if not fill either errored or
+ /* check if there's data in the buffer - if not fill either errored or
* EOF */
if(!file->buffer_pos)
return NULL;
@@ -404,7 +404,7 @@ char *url_fgets(char *ptr, size_t size, URL_FILE *file)
/* xfer data to caller */
memcpy(ptr, file->buffer, want);
- ptr[want]=0;/* allways null terminate */
+ ptr[want]=0;/* always null terminate */
use_buffer(file, want);
@@ -450,7 +450,7 @@ void url_rewind(URL_FILE *file)
#define FREADFILE "fread.test"
#define REWINDFILE "rewind.test"
-/* Small main program to retrive from a url using fgets and fread saving the
+/* Small main program to retrieve from a url using fgets and fread saving the
* output to two test files (note the fgets method will corrupt binary files if
* they contain 0 chars */
int main(int argc, char *argv[])
diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c
index bba0c4d53..41e2d807c 100644
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -127,7 +127,7 @@ int main(void)
curl_easy_strerror(res));
/* clean up the FTP commands list */
- curl_slist_free_all (headerlist);
+ curl_slist_free_all(headerlist);
/* always cleanup */
curl_easy_cleanup(curl);
diff --git a/docs/examples/ftpuploadfrommem.c b/docs/examples/ftpuploadfrommem.c
new file mode 100644
index 000000000..134cda364
--- /dev/null
+++ b/docs/examples/ftpuploadfrommem.c
@@ -0,0 +1,124 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+/* <DESC>
+ * FTP upload a file from memory
+ * </DESC>
+ */
+#include <stdio.h>
+#include <string.h>
+#include <curl/curl.h>
+
+static const char data[]=
+ "Lorem ipsum dolor sit amet, consectetur adipiscing elit. "
+ "Nam rhoncus odio id venenatis volutpat. Vestibulum dapibus "
+ "bibendum ullamcorper. Maecenas finibus elit augue, vel "
+ "condimentum odio maximus nec. In hac habitasse platea dictumst. "
+ "Vestibulum vel dolor et turpis rutrum finibus ac at nulla. "
+ "Vivamus nec neque ac elit blandit pretium vitae maximus ipsum. "
+ "Quisque sodales magna vel erat auctor, sed pellentesque nisi "
+ "rhoncus. Donec vehicula maximus pretium. Aliquam eu tincidunt "
+ "lorem.";
+
+struct WriteThis {
+ const char *readptr;
+ size_t sizeleft;
+};
+
+static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *userp)
+{
+ struct WriteThis *upload = (struct WriteThis *)userp;
+ size_t max = size*nmemb;
+
+ if(max < 1)
+ return 0;
+
+ if(upload->sizeleft) {
+ size_t copylen = max;
+ if(copylen > upload->sizeleft)
+ copylen = upload->sizeleft;
+ memcpy(ptr, upload->readptr, copylen);
+ upload->readptr += copylen;
+ upload->sizeleft -= copylen;
+ return copylen;
+ }
+
+ return 0; /* no more data left to deliver */
+}
+
+int main(void)
+{
+ CURL *curl;
+ CURLcode res;
+
+ struct WriteThis upload;
+
+ upload.readptr = data;
+ upload.sizeleft = strlen(data);
+
+ /* In windows, this will init the winsock stuff */
+ res = curl_global_init(CURL_GLOBAL_DEFAULT);
+ /* Check for errors */
+ if(res != CURLE_OK) {
+ fprintf(stderr, "curl_global_init() failed: %s\n",
+ curl_easy_strerror(res));
+ return 1;
+ }
+
+ /* get a curl handle */
+ curl = curl_easy_init();
+ if(curl) {
+ /* First set the URL, the target file */
+ curl_easy_setopt(curl, CURLOPT_URL,
+ "ftp://example.com/path/to/upload/file";);
+
+ /* User and password for the FTP login */
+ curl_easy_setopt(curl, CURLOPT_USERPWD, "login:secret");
+
+ /* Now specify we want to UPLOAD data */
+ curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
+
+ /* we want to use our own read function */
+ curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
+
+ /* pointer to pass to our read function */
+ curl_easy_setopt(curl, CURLOPT_READDATA, &upload);
+
+ /* get verbose debug output please */
+ curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
+
+ /* Set the expected upload size. */
+ curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE,
+ (curl_off_t)upload.sizeleft);
+
+ /* Perform the request, res will get the return code */
+ res = curl_easy_perform(curl);
+ /* Check for errors */
+ if(res != CURLE_OK)
+ fprintf(stderr, "curl_easy_perform() failed: %s\n",
+ curl_easy_strerror(res));
+
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+ }
+ curl_global_cleanup();
+ return 0;
+}
diff --git a/docs/examples/ftpuploadresume.c b/docs/examples/ftpuploadresume.c
index 641563404..8f7f45dae 100644
--- a/docs/examples/ftpuploadresume.c
+++ b/docs/examples/ftpuploadresume.c
@@ -36,8 +36,8 @@
/* The MinGW headers are missing a few Win32 function definitions,
you shouldn't need this if you use VC++ */
#if defined(__MINGW32__) && !defined(__MINGW64__)
-int __cdecl _snscanf(const char * input, size_t length,
- const char * format, ...);
+int __cdecl _snscanf(const char *input, size_t length,
+ const char *format, ...);
#endif
@@ -77,7 +77,7 @@ size_t readfunc(void *ptr, size_t size, size_t nmemb, void
*stream)
}
-int upload(CURL *curlhandle, const char * remotepath, const char * localpath,
+int upload(CURL *curlhandle, const char *remotepath, const char *localpath,
long timeout, long tries)
{
FILE *f;
diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c
index 7317a63d8..505e90ab0 100644
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -94,10 +94,11 @@ typedef struct _SockInfo {
} SockInfo;
/* Die if we get a bad CURLMcode somewhere */
-static void mcode_or_die(const char *where, CURLMcode code) {
+static void mcode_or_die(const char *where, CURLMcode code)
+{
if(CURLM_OK != code) {
const char *s;
- switch (code) {
+ switch(code) {
case CURLM_BAD_HANDLE: s="CURLM_BAD_HANDLE"; break;
case CURLM_BAD_EASY_HANDLE: s="CURLM_BAD_EASY_HANDLE"; break;
case CURLM_OUT_OF_MEMORY: s="CURLM_OUT_OF_MEMORY"; break;
@@ -162,6 +163,15 @@ static int update_timeout_cb(CURLM *multi, long
timeout_ms, void *userp)
MSG_OUT("*** update_timeout_cb %ld => %ld:%ld ***\n",
timeout_ms, timeout.tv_sec, timeout.tv_usec);
+ /* TODO
+ *
+ * if timeout_ms is 0, call curl_multi_socket_action() at once!
+ *
+ * if timeout_ms is -1, just delete the timer
+ *
+ * for all other values of timeout_ms, this should set or *update*
+ * the timer to the new value
+ */
g->timer_event = g_timeout_add(timeout_ms, timer_cb, g);
return 0;
}
@@ -206,7 +216,8 @@ static void remsock(SockInfo *f)
}
/* Assign information to a SockInfo structure */
-static void setsock(SockInfo*f, curl_socket_t s, CURL*e, int act, GlobalInfo*g)
+static void setsock(SockInfo *f, curl_socket_t s, CURL *e, int act,
+ GlobalInfo *g)
{
GIOCondition kind =
(act&CURL_POLL_IN?G_IO_IN:0)|(act&CURL_POLL_OUT?G_IO_OUT:0);
@@ -270,8 +281,8 @@ static size_t write_cb(void *ptr, size_t size, size_t
nmemb, void *data)
}
/* CURLOPT_PROGRESSFUNCTION */
-static int prog_cb (void *p, double dltotal, double dlnow, double ult,
- double uln)
+static int prog_cb(void *p, double dltotal, double dlnow, double ult,
+ double uln)
{
ConnInfo *conn = (ConnInfo *)p;
MSG_OUT("Progress: %s (%g/%g)\n", conn->url, dlnow, dltotal);
@@ -316,7 +327,7 @@ static void new_conn(char *url, GlobalInfo *g)
}
/* This gets called by glib whenever data is received from the fifo */
-static gboolean fifo_cb (GIOChannel *ch, GIOCondition condition, gpointer data)
+static gboolean fifo_cb(GIOChannel *ch, GIOCondition condition, gpointer data)
{
#define BUF_SIZE 1024
gsize len, tp;
@@ -378,21 +389,21 @@ int init_fifo(void)
if((st.st_mode & S_IFMT) == S_IFREG) {
errno = EEXIST;
perror("lstat");
- exit (1);
+ exit(1);
}
}
- unlink (fifo);
+ unlink(fifo);
if(mkfifo (fifo, 0600) == -1) {
perror("mkfifo");
- exit (1);
+ exit(1);
}
- socket = open (fifo, O_RDWR | O_NONBLOCK, 0);
+ socket = open(fifo, O_RDWR | O_NONBLOCK, 0);
if(socket == -1) {
perror("open");
- exit (1);
+ exit(1);
}
MSG_OUT("Now, pipe some URL's into > %s\n", fifo);
diff --git a/docs/examples/hiperfifo.c b/docs/examples/hiperfifo.c
index 98bcafe6d..45b69b0d1 100644
--- a/docs/examples/hiperfifo.c
+++ b/docs/examples/hiperfifo.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -82,7 +82,7 @@ typedef struct _GlobalInfo
struct event *timer_event;
CURLM *multi;
int still_running;
- FILE* input;
+ FILE *input;
} GlobalInfo;
@@ -108,8 +108,6 @@ typedef struct _SockInfo
GlobalInfo *global;
} SockInfo;
-
-
/* Update the event timer after curl_multi library calls */
static int multi_timer_cb(CURLM *multi, long timeout_ms, GlobalInfo *g)
{
@@ -119,6 +117,16 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms,
GlobalInfo *g)
timeout.tv_sec = timeout_ms/1000;
timeout.tv_usec = (timeout_ms%1000)*1000;
fprintf(MSG_OUT, "multi_timer_cb: Setting timeout to %ld ms\n", timeout_ms);
+
+ /* TODO
+ *
+ * if timeout_ms is 0, call curl_multi_socket_action() at once!
+ *
+ * if timeout_ms is -1, just delete the timer
+ *
+ * for all other values of timeout_ms, this should set or *update*
+ * the timer to the new value
+ */
evtimer_add(g->timer_event, &timeout);
return 0;
}
@@ -128,7 +136,7 @@ static void mcode_or_die(const char *where, CURLMcode code)
{
if(CURLM_OK != code) {
const char *s;
- switch (code) {
+ switch(code) {
case CURLM_BAD_HANDLE: s="CURLM_BAD_HANDLE"; break;
case CURLM_BAD_EASY_HANDLE: s="CURLM_BAD_EASY_HANDLE"; break;
case CURLM_OUT_OF_MEMORY: s="CURLM_OUT_OF_MEMORY"; break;
@@ -230,7 +238,8 @@ static void remsock(SockInfo *f)
/* Assign information to a SockInfo structure */
-static void setsock(SockInfo*f, curl_socket_t s, CURL*e, int act, GlobalInfo*g)
+static void setsock(SockInfo *f, curl_socket_t s, CURL *e, int act,
+ GlobalInfo *g)
{
int kind =
(act&CURL_POLL_IN?EV_READ:0)|(act&CURL_POLL_OUT?EV_WRITE:0)|EV_PERSIST;
@@ -299,8 +308,8 @@ static size_t write_cb(void *ptr, size_t size, size_t
nmemb, void *data)
/* CURLOPT_PROGRESSFUNCTION */
-static int prog_cb (void *p, double dltotal, double dlnow, double ult,
- double uln)
+static int prog_cb(void *p, double dltotal, double dlnow, double ult,
+ double uln)
{
ConnInfo *conn = (ConnInfo *)p;
(void)ult;
@@ -370,7 +379,7 @@ static void fifo_cb(int fd, short event, void *arg)
/* Create a named pipe and tell libevent to monitor it */
static const char *fifo = "hiper.fifo";
-static int init_fifo (GlobalInfo *g)
+static int init_fifo(GlobalInfo *g)
{
struct stat st;
curl_socket_t sockfd;
@@ -380,18 +389,18 @@ static int init_fifo (GlobalInfo *g)
if((st.st_mode & S_IFMT) == S_IFREG) {
errno = EEXIST;
perror("lstat");
- exit (1);
+ exit(1);
}
}
unlink(fifo);
if(mkfifo (fifo, 0600) == -1) {
perror("mkfifo");
- exit (1);
+ exit(1);
}
sockfd = open(fifo, O_RDWR | O_NONBLOCK, 0);
if(sockfd == -1) {
perror("open");
- exit (1);
+ exit(1);
}
g->input = fdopen(sockfd, "r");
diff --git a/docs/examples/htmltitle.cpp b/docs/examples/htmltitle.cpp
index 5e6b4a003..8148888a4 100644
--- a/docs/examples/htmltitle.cpp
+++ b/docs/examples/htmltitle.cpp
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,14 +22,14 @@
/* <DESC>
* Get a web page, extract the title with libxml.
* </DESC>
- */
-// Written by Lars Nilsson
-//
-// GNU C++ compile command line suggestion (edit paths accordingly):
-//
-// g++ -Wall -I/opt/curl/include -I/opt/libxml/include/libxml2 htmltitle.cpp \
-// -o htmltitle -L/opt/curl/lib -L/opt/libxml/lib -lcurl -lxml2
+ Written by Lars Nilsson
+
+ GNU C++ compile command line suggestion (edit paths accordingly):
+
+ g++ -Wall -I/opt/curl/include -I/opt/libxml/include/libxml2 htmltitle.cpp \
+ -o htmltitle -L/opt/curl/lib -L/opt/libxml/lib -lcurl -lxml2
+*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -72,7 +72,7 @@ static std::string buffer;
static int writer(char *data, size_t size, size_t nmemb,
std::string *writerData)
{
- if (writerData == NULL)
+ if(writerData == NULL)
return 0;
writerData->append(data, size*nmemb);
@@ -90,50 +90,38 @@ static bool init(CURL *&conn, char *url)
conn = curl_easy_init();
- if (conn == NULL)
- {
+ if(conn == NULL) {
fprintf(stderr, "Failed to create CURL connection\n");
-
exit(EXIT_FAILURE);
}
code = curl_easy_setopt(conn, CURLOPT_ERRORBUFFER, errorBuffer);
- if (code != CURLE_OK)
- {
+ if(code != CURLE_OK) {
fprintf(stderr, "Failed to set error buffer [%d]\n", code);
-
return false;
}
code = curl_easy_setopt(conn, CURLOPT_URL, url);
- if (code != CURLE_OK)
- {
+ if(code != CURLE_OK) {
fprintf(stderr, "Failed to set URL [%s]\n", errorBuffer);
-
return false;
}
code = curl_easy_setopt(conn, CURLOPT_FOLLOWLOCATION, 1L);
- if (code != CURLE_OK)
- {
+ if(code != CURLE_OK) {
fprintf(stderr, "Failed to set redirect option [%s]\n", errorBuffer);
-
return false;
}
code = curl_easy_setopt(conn, CURLOPT_WRITEFUNCTION, writer);
- if (code != CURLE_OK)
- {
+ if(code != CURLE_OK) {
fprintf(stderr, "Failed to set writer [%s]\n", errorBuffer);
-
return false;
}
code = curl_easy_setopt(conn, CURLOPT_WRITEDATA, &buffer);
- if (code != CURLE_OK)
- {
+ if(code != CURLE_OK) {
fprintf(stderr, "Failed to set write data [%s]\n", errorBuffer);
-
return false;
}
@@ -150,8 +138,7 @@ static void StartElement(void *voidContext,
{
Context *context = (Context *)voidContext;
- if (COMPARE((char *)name, "TITLE"))
- {
+ if(COMPARE((char *)name, "TITLE")) {
context->title = "";
context->addTitle = true;
}
@@ -167,7 +154,7 @@ static void EndElement(void *voidContext,
{
Context *context = (Context *)voidContext;
- if (COMPARE((char *)name, "TITLE"))
+ if(COMPARE((char *)name, "TITLE"))
context->addTitle = false;
}
@@ -179,7 +166,7 @@ static void handleCharacters(Context *context,
const xmlChar *chars,
int length)
{
- if (context->addTitle)
+ if(context->addTitle)
context->title.append((char *)chars, length);
}
@@ -273,10 +260,8 @@ int main(int argc, char *argv[])
// Ensure one argument is given
- if (argc != 2)
- {
+ if(argc != 2) {
fprintf(stderr, "Usage: %s <url>\n", argv[0]);
-
exit(EXIT_FAILURE);
}
@@ -284,10 +269,8 @@ int main(int argc, char *argv[])
// Initialize CURL connection
- if (!init(conn, argv[1]))
- {
+ if(!init(conn, argv[1])) {
fprintf(stderr, "Connection initializion failed\n");
-
exit(EXIT_FAILURE);
}
@@ -296,19 +279,15 @@ int main(int argc, char *argv[])
code = curl_easy_perform(conn);
curl_easy_cleanup(conn);
- if (code != CURLE_OK)
- {
+ if(code != CURLE_OK) {
fprintf(stderr, "Failed to get '%s' [%s]\n", argv[1], errorBuffer);
-
exit(EXIT_FAILURE);
}
// Parse the (assumed) HTML code
-
parseHtml(buffer, title);
// Display the extracted title
-
printf("Title: %s\n", title.c_str());
return EXIT_SUCCESS;
diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c
index 9e87a064e..8e28eaa73 100644
--- a/docs/examples/http2-download.c
+++ b/docs/examples/http2-download.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -43,8 +43,8 @@
#define NUM_HANDLES 1000
-void *curl_hnd[NUM_HANDLES];
-int num_transfers;
+static void *curl_hnd[NUM_HANDLES];
+static int num_transfers;
/* a handle to number lookup, highly ineffective when we do many
transfers... */
@@ -114,9 +114,10 @@ int my_trace(CURL *handle, curl_infotype type,
int num = hnd2num(handle);
(void)handle; /* prevent compiler warning */
(void)userp;
- switch (type) {
+ switch(type) {
case CURLINFO_TEXT:
fprintf(stderr, "== %d Info: %s", num, data);
+ /* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
@@ -159,7 +160,7 @@ static void setup(CURL *hnd, int num)
/* set the same URL */
curl_easy_setopt(hnd, CURLOPT_URL, "https://localhost:8443/index.html";);
- /* send it verbose for max debuggaility */
+ /* please be verbose */
curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace);
diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c
index 1a8c69b7d..b497e76a9 100644
--- a/docs/examples/http2-serverpush.c
+++ b/docs/examples/http2-serverpush.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -93,9 +93,10 @@ int my_trace(CURL *handle, curl_infotype type,
const char *text;
(void)handle; /* prevent compiler warning */
(void)userp;
- switch (type) {
+ switch(type) {
case CURLINFO_TEXT:
fprintf(stderr, "== Info: %s", data);
+ /* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
@@ -135,7 +136,7 @@ static void setup(CURL *hnd)
/* set the same URL */
curl_easy_setopt(hnd, CURLOPT_URL, "https://localhost:8443/index.html";);
- /* send it verbose for max debuggaility */
+ /* please be verbose */
curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace);
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index b6353713e..43809ab69 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -45,8 +45,8 @@
#define NUM_HANDLES 1000
-void *curl_hnd[NUM_HANDLES];
-int num_transfers;
+static void *curl_hnd[NUM_HANDLES];
+static int num_transfers;
/* a handle to number lookup, highly ineffective when we do many
transfers... */
@@ -133,9 +133,10 @@ int my_trace(CURL *handle, curl_infotype type,
snprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld",
now->tm_hour, now->tm_min, now->tm_sec, (long)tv.tv_usec);
- switch (type) {
+ switch(type) {
case CURLINFO_TEXT:
fprintf(stderr, "%s [%d] Info: %s", timebuf, num, data);
+ /* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
@@ -177,7 +178,7 @@ static size_t read_callback(void *ptr, size_t size, size_t
nmemb, void *userp)
return retcode;
}
-struct input indata[NUM_HANDLES];
+static struct input indata[NUM_HANDLES];
static void setup(CURL *hnd, int num, const char *upload)
{
@@ -215,7 +216,7 @@ static void setup(CURL *hnd, int num, const char *upload)
/* upload please */
curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L);
- /* send it verbose for max debuggaility */
+ /* please be verbose */
curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace);
diff --git a/docs/examples/imap-append.c b/docs/examples/imap-append.c
index 3f832897d..bbf9fe436 100644
--- a/docs/examples/imap-append.c
+++ b/docs/examples/imap-append.c
@@ -85,6 +85,8 @@ int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
+ const char **p;
+ long infilesize;
struct upload_status upload_ctx;
upload_ctx.lines_read = 0;
@@ -107,6 +109,12 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
+ infilesize = 0;
+ for(p = payload_text; *p; ++p) {
+ infilesize += (long)strlen(*p);
+ }
+ curl_easy_setopt(curl, CURLOPT_INFILESIZE, infilesize);
+
/* Perform the append */
res = curl_easy_perform(curl);
diff --git a/docs/examples/imap-copy.c b/docs/examples/imap-copy.c
index 4c3b640b9..1ef43f893 100644
--- a/docs/examples/imap-copy.c
+++ b/docs/examples/imap-copy.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -48,7 +48,7 @@ int main(void)
/* This is source mailbox folder to select */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX");
- /* Set the COPY command specifing the message ID and destination folder */
+ /* Set the COPY command specifying the message ID and destination folder */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "COPY 1 FOLDER");
/* Note that to perform a move operation you will need to perform the copy,
diff --git a/docs/examples/imap-create.c b/docs/examples/imap-create.c
index 8f72cb8fe..6f04453b2 100644
--- a/docs/examples/imap-create.c
+++ b/docs/examples/imap-create.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -48,7 +48,7 @@ int main(void)
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
- /* Set the CREATE command specifing the new folder name */
+ /* Set the CREATE command specifying the new folder name */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "CREATE FOLDER");
/* Perform the custom request */
diff --git a/docs/examples/imap-delete.c b/docs/examples/imap-delete.c
index bd9d1a490..cf1ae0bbf 100644
--- a/docs/examples/imap-delete.c
+++ b/docs/examples/imap-delete.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -48,7 +48,7 @@ int main(void)
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
- /* Set the DELETE command specifing the existing folder */
+ /* Set the DELETE command specifying the existing folder */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELETE FOLDER");
/* Perform the custom request */
diff --git a/docs/examples/imap-examine.c b/docs/examples/imap-examine.c
index 4287f8a10..b89e9dc6d 100644
--- a/docs/examples/imap-examine.c
+++ b/docs/examples/imap-examine.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -48,7 +48,7 @@ int main(void)
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
- /* Set the EXAMINE command specifing the mailbox folder */
+ /* Set the EXAMINE command specifying the mailbox folder */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "EXAMINE OUTBOX");
/* Perform the custom request */
diff --git a/docs/examples/imap-search.c b/docs/examples/imap-search.c
index f1261e1ec..427dcc905 100644
--- a/docs/examples/imap-search.c
+++ b/docs/examples/imap-search.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -48,7 +48,7 @@ int main(void)
/* This is mailbox folder to select */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX");
- /* Set the SEARCH command specifing what we want to search for. Note that
+ /* Set the SEARCH command specifying what we want to search for. Note that
* this can contain a message sequence set and a number of search criteria
* keywords including flags such as ANSWERED, DELETED, DRAFT, FLAGGED, NEW,
* RECENT and SEEN. For more information about the search criteria please
diff --git a/docs/examples/multi-app.c b/docs/examples/multi-app.c
index f8447930a..9a8ecfeb8 100644
--- a/docs/examples/multi-app.c
+++ b/docs/examples/multi-app.c
@@ -156,7 +156,7 @@ int main(void)
break;
}
- switch (idx) {
+ switch(idx) {
case HTTP_HANDLE:
printf("HTTP transfer completed with status %d\n", msg->data.result);
break;
diff --git a/docs/examples/multi-debugcallback.c
b/docs/examples/multi-debugcallback.c
index d07cc3bb9..07f044b4e 100644
--- a/docs/examples/multi-debugcallback.c
+++ b/docs/examples/multi-debugcallback.c
@@ -96,9 +96,10 @@ int my_trace(CURL *handle, curl_infotype type,
(void)userp;
(void)handle; /* prevent compiler warning */
- switch (type) {
+ switch(type) {
case CURLINFO_TEXT:
fprintf(stderr, "== Info: %s", data);
+ /* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
diff --git a/docs/examples/multi-post.c b/docs/examples/multi-post.c
index 5d9abc12f..cc2ca18e9 100644
--- a/docs/examples/multi-post.c
+++ b/docs/examples/multi-post.c
@@ -165,7 +165,7 @@ int main(void)
curl_formfree(formpost);
/* free slist */
- curl_slist_free_all (headerlist);
+ curl_slist_free_all(headerlist);
}
return 0;
}
diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c
index 51526c894..ceddad04a 100644
--- a/docs/examples/multi-uv.c
+++ b/docs/examples/multi-uv.c
@@ -24,18 +24,12 @@
* multi_socket API using libuv
* </DESC>
*/
-/* Example application code using the multi socket interface to download
- multiple files at once, but instead of using curl_multi_perform and
- curl_multi_wait, which uses select(), we use libuv.
- It supports epoll, kqueue, etc. on unixes and fast IO completion ports on
- Windows, which means, it should be very fast on all platforms..
-
- Written by Clemens Gruber, based on an outdated example from uvbook and
- some tests from libuv.
+/* Example application using the multi socket interface to download multiple
+ files in parallel, powered by libuv.
Requires libuv and (of course) libcurl.
- See http://nikhilm.github.com/uvbook/ for more information on libuv.
+ See https://nikhilm.github.com/uvbook/ for more information on libuv.
*/
#include <stdio.h>
@@ -52,7 +46,7 @@ typedef struct curl_context_s {
curl_socket_t sockfd;
} curl_context_t;
-curl_context_t* create_curl_context(curl_socket_t sockfd)
+static curl_context_t* create_curl_context(curl_socket_t sockfd)
{
curl_context_t *context;
@@ -66,19 +60,18 @@ curl_context_t* create_curl_context(curl_socket_t sockfd)
return context;
}
-void curl_close_cb(uv_handle_t *handle)
+static void curl_close_cb(uv_handle_t *handle)
{
curl_context_t *context = (curl_context_t *) handle->data;
free(context);
}
-void destroy_curl_context(curl_context_t *context)
+static void destroy_curl_context(curl_context_t *context)
{
uv_close((uv_handle_t *) &context->poll_handle, curl_close_cb);
}
-
-void add_download(const char *url, int num)
+static void add_download(const char *url, int num)
{
char filename[50];
FILE *file;
@@ -102,22 +95,28 @@ void add_download(const char *url, int num)
static void check_multi_info(void)
{
- int running_handles;
char *done_url;
CURLMsg *message;
int pending;
+ CURL *easy_handle;
FILE *file;
while((message = curl_multi_info_read(curl_handle, &pending))) {
switch(message->msg) {
case CURLMSG_DONE:
- curl_easy_getinfo(message->easy_handle, CURLINFO_EFFECTIVE_URL,
- &done_url);
- curl_easy_getinfo(message->easy_handle, CURLINFO_PRIVATE, &file);
+ /* Do not use message data after calling curl_multi_remove_handle() and
+ curl_easy_cleanup(). As per curl_multi_info_read() docs:
+ "WARNING: The data the returned pointer points to will not survive
+ calling curl_multi_cleanup, curl_multi_remove_handle or
+ curl_easy_cleanup." */
+ easy_handle = message->easy_handle;
+
+ curl_easy_getinfo(easy_handle, CURLINFO_EFFECTIVE_URL, &done_url);
+ curl_easy_getinfo(easy_handle, CURLINFO_PRIVATE, &file);
printf("%s DONE\n", done_url);
- curl_multi_remove_handle(curl_handle, message->easy_handle);
- curl_easy_cleanup(message->easy_handle);
+ curl_multi_remove_handle(curl_handle, easy_handle);
+ curl_easy_cleanup(easy_handle);
if(file) {
fclose(file);
}
@@ -130,23 +129,18 @@ static void check_multi_info(void)
}
}
-void curl_perform(uv_poll_t *req, int status, int events)
+static void curl_perform(uv_poll_t *req, int status, int events)
{
int running_handles;
int flags = 0;
curl_context_t *context;
- char *done_url;
- CURLMsg *message;
- int pending;
-
- uv_timer_stop(&timeout);
if(events & UV_READABLE)
flags |= CURL_CSELECT_IN;
if(events & UV_WRITABLE)
flags |= CURL_CSELECT_OUT;
- context = (curl_context_t *) req;
+ context = (curl_context_t *) req->data;
curl_multi_socket_action(curl_handle, context->sockfd, flags,
&running_handles);
@@ -154,7 +148,7 @@ void curl_perform(uv_poll_t *req, int status, int events)
check_multi_info();
}
-void on_timeout(uv_timer_t *req, int status)
+static void on_timeout(uv_timer_t *req)
{
int running_handles;
curl_multi_socket_action(curl_handle, CURL_SOCKET_TIMEOUT, 0,
@@ -162,34 +156,41 @@ void on_timeout(uv_timer_t *req, int status)
check_multi_info();
}
-void start_timeout(CURLM *multi, long timeout_ms, void *userp)
+static int start_timeout(CURLM *multi, long timeout_ms, void *userp)
{
- if(timeout_ms <= 0)
- timeout_ms = 1; /* 0 means directly call socket_action, but we'll do it in
- a bit */
- uv_timer_start(&timeout, on_timeout, timeout_ms, 0);
+ if(timeout_ms < 0) {
+ uv_timer_stop(&timeout);
+ }
+ else {
+ if(timeout_ms == 0)
+ timeout_ms = 1; /* 0 means directly call socket_action, but we'll do it
+ in a bit */
+ uv_timer_start(&timeout, on_timeout, timeout_ms, 0);
+ }
+ return 0;
}
-int handle_socket(CURL *easy, curl_socket_t s, int action, void *userp,
+static int handle_socket(CURL *easy, curl_socket_t s, int action, void *userp,
void *socketp)
{
curl_context_t *curl_context;
- if(action == CURL_POLL_IN || action == CURL_POLL_OUT) {
- if(socketp) {
- curl_context = (curl_context_t *) socketp;
- }
- else {
- curl_context = create_curl_context(s);
- }
- curl_multi_assign(curl_handle, s, (void *) curl_context);
- }
+ int events = 0;
switch(action) {
case CURL_POLL_IN:
- uv_poll_start(&curl_context->poll_handle, UV_READABLE, curl_perform);
- break;
case CURL_POLL_OUT:
- uv_poll_start(&curl_context->poll_handle, UV_WRITABLE, curl_perform);
+ case CURL_POLL_INOUT:
+ curl_context = socketp ?
+ (curl_context_t *) socketp : create_curl_context(s);
+
+ curl_multi_assign(curl_handle, s, (void *) curl_context);
+
+ if(action != CURL_POLL_IN)
+ events |= UV_WRITABLE;
+ if(action != CURL_POLL_OUT)
+ events |= UV_READABLE;
+
+ uv_poll_start(&curl_context->poll_handle, events, curl_perform);
break;
case CURL_POLL_REMOVE:
if(socketp) {
@@ -213,7 +214,7 @@ int main(int argc, char **argv)
return 0;
if(curl_global_init(CURL_GLOBAL_ALL)) {
- fprintf(stderr, "Could not init cURL\n");
+ fprintf(stderr, "Could not init curl\n");
return 1;
}
diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c
index 475e8fcfc..26c40f5a1 100644
--- a/docs/examples/multithread.c
+++ b/docs/examples/multithread.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -33,10 +33,10 @@
/*
List of URLs to fetch.
- If you intend to use a SSL-based protocol here you MUST setup the OpenSSL
- callback functions as described here:
+ If you intend to use a SSL-based protocol here you might need to setup TLS
+ library mutex callbacks as described here:
- https://www.openssl.org/docs/crypto/threads.html#DESCRIPTION
+ https://curl.haxx.se/libcurl/c/threadsafe.html
*/
const char * const urls[NUMT]= {
diff --git a/docs/examples/opensslthreadlock.c
b/docs/examples/opensslthreadlock.c
index eebc42ee2..6f86c7f70 100644
--- a/docs/examples/opensslthreadlock.c
+++ b/docs/examples/opensslthreadlock.c
@@ -52,7 +52,7 @@ void handle_error(const char *file, int lineno, const char
*msg)
/* This array will store all of the mutexes available to OpenSSL. */
static MUTEX_TYPE *mutex_buf= NULL;
-static void locking_function(int mode, int n, const char * file, int line)
+static void locking_function(int mode, int n, const char *file, int line)
{
if(mode & CRYPTO_LOCK)
MUTEX_LOCK(mutex_buf[n]);
diff --git a/docs/examples/pop3-top.c b/docs/examples/pop3-top.c
index f452b4127..4f5937fd4 100644
--- a/docs/examples/pop3-top.c
+++ b/docs/examples/pop3-top.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
***************************************************************************/
/* <DESC>
- * POP3 example showing how to retreive only the headers of an e-mail
+ * POP3 example showing how to retrieve only the headers of an e-mail
* </DESC>
*/
diff --git a/docs/examples/post-callback.c b/docs/examples/post-callback.c
index f4cd50c0b..dbf249140 100644
--- a/docs/examples/post-callback.c
+++ b/docs/examples/post-callback.c
@@ -28,7 +28,7 @@
#include <string.h>
#include <curl/curl.h>
-const char data[]="this is what we post to the silly web server";
+static const char data[]="this is what we post to the silly web server";
struct WriteThis {
const char *readptr;
diff --git a/docs/examples/postit2.c b/docs/examples/postit2.c
index 67e685f1e..ef50a66d9 100644
--- a/docs/examples/postit2.c
+++ b/docs/examples/postit2.c
@@ -101,7 +101,7 @@ int main(int argc, char *argv[])
/* then cleanup the formpost chain */
curl_formfree(formpost);
/* free slist */
- curl_slist_free_all (headerlist);
+ curl_slist_free_all(headerlist);
}
return 0;
}
diff --git a/docs/examples/rtsp.c b/docs/examples/rtsp.c
index 63c46e151..5c66aa6e5 100644
--- a/docs/examples/rtsp.c
+++ b/docs/examples/rtsp.c
@@ -61,13 +61,15 @@ static int _getch(void)
#define VERSION_STR "V1.0"
/* error handling macros */
-#define my_curl_easy_setopt(A, B, C) \
- if((res = curl_easy_setopt((A), (B), (C))) != CURLE_OK) \
+#define my_curl_easy_setopt(A, B, C) \
+ res = curl_easy_setopt((A), (B), (C)); \
+ if(!res) \
fprintf(stderr, "curl_easy_setopt(%s, %s, %s) failed: %d\n", \
#A, #B, #C, res);
-#define my_curl_easy_perform(A) \
- if((res = curl_easy_perform((A))) != CURLE_OK) \
+#define my_curl_easy_perform(A) \
+ res = curl_easy_perform(A); \
+ if(!res) \
fprintf(stderr, "curl_easy_perform(%s) failed: %d\n", #A, res);
@@ -188,7 +190,7 @@ int main(int argc, char * const argv[])
printf("\nRTSP request %s\n", VERSION_STR);
printf(" Project web site: http://code.google.com/p/rtsprequest/\n";);
- printf(" Requires cURL V7.20 or greater\n\n");
+ printf(" Requires curl V7.20 or greater\n\n");
/* check command line */
if((argc != 2) && (argc != 3)) {
@@ -226,7 +228,7 @@ int main(int argc, char * const argv[])
if(res == CURLE_OK) {
curl_version_info_data *data = curl_version_info(CURLVERSION_NOW);
CURL *curl;
- fprintf(stderr, " cURL V%s loaded\n", data->version);
+ fprintf(stderr, " curl V%s loaded\n", data->version);
/* initialize this curl session */
curl = curl_easy_init();
diff --git a/docs/examples/sampleconv.c b/docs/examples/sampleconv.c
index eece6aae1..96eff4669 100644
--- a/docs/examples/sampleconv.c
+++ b/docs/examples/sampleconv.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -42,49 +42,49 @@
#include <stdio.h>
#include <curl/curl.h>
-CURLcode my_conv_from_ascii_to_ebcdic(char *buffer, size_t length)
+static CURLcode my_conv_from_ascii_to_ebcdic(char *buffer, size_t length)
{
- char *tempptrin, *tempptrout;
- size_t bytes = length;
- int rc;
- tempptrin = tempptrout = buffer;
- rc = platform_a2e(&tempptrin, &bytes, &tempptrout, &bytes);
- if(rc == PLATFORM_CONV_OK) {
- return CURLE_OK;
- }
- else {
- return CURLE_CONV_FAILED;
- }
+ char *tempptrin, *tempptrout;
+ size_t bytes = length;
+ int rc;
+ tempptrin = tempptrout = buffer;
+ rc = platform_a2e(&tempptrin, &bytes, &tempptrout, &bytes);
+ if(rc == PLATFORM_CONV_OK) {
+ return CURLE_OK;
+ }
+ else {
+ return CURLE_CONV_FAILED;
+ }
}
-CURLcode my_conv_from_ebcdic_to_ascii(char *buffer, size_t length)
+static CURLcode my_conv_from_ebcdic_to_ascii(char *buffer, size_t length)
{
- char *tempptrin, *tempptrout;
- size_t bytes = length;
- int rc;
- tempptrin = tempptrout = buffer;
- rc = platform_e2a(&tempptrin, &bytes, &tempptrout, &bytes);
- if(rc == PLATFORM_CONV_OK) {
- return CURLE_OK;
- }
- else {
- return CURLE_CONV_FAILED;
- }
+ char *tempptrin, *tempptrout;
+ size_t bytes = length;
+ int rc;
+ tempptrin = tempptrout = buffer;
+ rc = platform_e2a(&tempptrin, &bytes, &tempptrout, &bytes);
+ if(rc == PLATFORM_CONV_OK) {
+ return CURLE_OK;
+ }
+ else {
+ return CURLE_CONV_FAILED;
+ }
}
-CURLcode my_conv_from_utf8_to_ebcdic(char *buffer, size_t length)
+static CURLcode my_conv_from_utf8_to_ebcdic(char *buffer, size_t length)
{
- char *tempptrin, *tempptrout;
- size_t bytes = length;
- int rc;
- tempptrin = tempptrout = buffer;
- rc = platform_u2e(&tempptrin, &bytes, &tempptrout, &bytes);
- if(rc == PLATFORM_CONV_OK) {
- return CURLE_OK;
- }
- else {
- return CURLE_CONV_FAILED;
- }
+ char *tempptrin, *tempptrout;
+ size_t bytes = length;
+ int rc;
+ tempptrin = tempptrout = buffer;
+ rc = platform_u2e(&tempptrin, &bytes, &tempptrout, &bytes);
+ if(rc == PLATFORM_CONV_OK) {
+ return CURLE_OK;
+ }
+ else {
+ return CURLE_CONV_FAILED;
+ }
}
int main(void)
diff --git a/docs/examples/sendrecv.c b/docs/examples/sendrecv.c
index 41e283cdc..2b9dc9b19 100644
--- a/docs/examples/sendrecv.c
+++ b/docs/examples/sendrecv.c
@@ -52,7 +52,7 @@ static int wait_on_socket(curl_socket_t sockfd, int for_recv,
long timeout_ms)
}
/* select() returns the number of signalled sockets or -1 */
- res = select(sockfd + 1, &infd, &outfd, &errfd, &tv);
+ res = select((int)sockfd + 1, &infd, &outfd, &errfd, &tv);
return res;
}
@@ -62,10 +62,9 @@ int main(void)
CURLcode res;
/* Minimalistic http request */
const char *request = "GET / HTTP/1.0\r\nHost: example.com\r\n\r\n";
- curl_socket_t sockfd; /* socket */
- long sockextr;
- size_t iolen;
- curl_off_t nread;
+ size_t request_len = strlen(request);
+ curl_socket_t sockfd;
+ size_t nsent_total = 0;
/* A general note of caution here: if you're using curl_easy_recv() or
curl_easy_send() to implement HTTP or _any_ other protocol libcurl
@@ -82,54 +81,76 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 1L);
res = curl_easy_perform(curl);
- if(CURLE_OK != res) {
- printf("Error: %s\n", strerror(res));
+ if(res != CURLE_OK) {
+ printf("Error: %s\n", curl_easy_strerror(res));
return 1;
}
- /* Extract the socket from the curl handle - we'll need it for waiting.
- * Note that this API takes a pointer to a 'long' while we use
- * curl_socket_t for sockets otherwise.
- */
- res = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sockextr);
+ /* Extract the socket from the curl handle - we'll need it for waiting. */
+ res = curl_easy_getinfo(curl, CURLINFO_ACTIVESOCKET, &sockfd);
- if(CURLE_OK != res) {
+ if(res != CURLE_OK) {
printf("Error: %s\n", curl_easy_strerror(res));
return 1;
}
- sockfd = (curl_socket_t)sockextr;
+ printf("Sending request.\n");
- /* wait for the socket to become ready for sending */
- if(!wait_on_socket(sockfd, 0, 60000L)) {
- printf("Error: timeout.\n");
- return 1;
- }
+ do {
+ /* Warning: This example program may loop indefinitely.
+ * A production-quality program must define a timeout and exit this loop
+ * as soon as the timeout has expired. */
+ size_t nsent;
+ do {
+ nsent = 0;
+ res = curl_easy_send(curl, request + nsent_total,
+ request_len - nsent_total, &nsent);
+ nsent_total += nsent;
- puts("Sending request.");
- /* Send the request. Real applications should check the iolen
- * to see if all the request has been sent */
- res = curl_easy_send(curl, request, strlen(request), &iolen);
+ if(res == CURLE_AGAIN && !wait_on_socket(sockfd, 0, 60000L)) {
+ printf("Error: timeout.\n");
+ return 1;
+ }
+ } while(res == CURLE_AGAIN);
- if(CURLE_OK != res) {
- printf("Error: %s\n", curl_easy_strerror(res));
- return 1;
- }
- puts("Reading response.");
+ if(res != CURLE_OK) {
+ printf("Error: %s\n", curl_easy_strerror(res));
+ return 1;
+ }
- /* read the response */
- for(;;) {
- char buf[1024];
+ printf("Sent %" CURL_FORMAT_CURL_OFF_T " bytes.\n",
+ (curl_off_t)nsent);
+
+ } while(nsent_total < request_len);
- wait_on_socket(sockfd, 1, 60000L);
- res = curl_easy_recv(curl, buf, 1024, &iolen);
+ printf("Reading response.\n");
- if(CURLE_OK != res)
+ for(;;) {
+ /* Warning: This example program may loop indefinitely (see above). */
+ char buf[1024];
+ size_t nread;
+ do {
+ nread = 0;
+ res = curl_easy_recv(curl, buf, sizeof(buf), &nread);
+
+ if(res == CURLE_AGAIN && !wait_on_socket(sockfd, 1, 60000L)) {
+ printf("Error: timeout.\n");
+ return 1;
+ }
+ } while(res == CURLE_AGAIN);
+
+ if(res != CURLE_OK) {
+ printf("Error: %s\n", curl_easy_strerror(res));
break;
+ }
- nread = (curl_off_t)iolen;
+ if(nread == 0) {
+ /* end of the response */
+ break;
+ }
- printf("Received %" CURL_FORMAT_CURL_OFF_T " bytes.\n", nread);
+ printf("Received %" CURL_FORMAT_CURL_OFF_T " bytes.\n",
+ (curl_off_t)nread);
}
/* always cleanup */
diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c
index 11c87cd1b..024a0e12d 100644
--- a/docs/examples/sessioninfo.c
+++ b/docs/examples/sessioninfo.c
@@ -24,7 +24,7 @@
* </DESC>
*/
-/* Note that this example currently requires cURL to be linked against
+/* Note that this example currently requires curl to be linked against
GnuTLS (and this program must also be linked against -lgnutls). */
#include <stdio.h>
diff --git a/docs/examples/smooth-gtk-thread.c
b/docs/examples/smooth-gtk-thread.c
index 547cc0f30..713fcc6c3 100644
--- a/docs/examples/smooth-gtk-thread.c
+++ b/docs/examples/smooth-gtk-thread.c
@@ -105,7 +105,7 @@ void *pull_one_url(void *NaN)
curl_easy_cleanup(curl);
}
- g_free (http);
+ g_free(http);
/* Adds more latency, testing the mutex.*/
sleep(1);
@@ -118,7 +118,7 @@ void *pull_one_url(void *NaN)
gboolean pulse_bar(gpointer data)
{
gdk_threads_enter();
- gtk_progress_bar_pulse (GTK_PROGRESS_BAR (data));
+ gtk_progress_bar_pulse(GTK_PROGRESS_BAR (data));
gdk_threads_leave();
/* Return true so the function will be called again;
@@ -182,8 +182,8 @@ int main(int argc, char **argv)
/* Init thread */
g_thread_init(NULL);
- gdk_threads_init ();
- gdk_threads_enter ();
+ gdk_threads_init();
+ gdk_threads_enter();
gtk_init(&argc, &argv);
@@ -203,9 +203,9 @@ int main(int argc, char **argv)
/* Progress bar */
progress_bar = gtk_progress_bar_new();
- gtk_progress_bar_pulse (GTK_PROGRESS_BAR (progress_bar));
+ gtk_progress_bar_pulse(GTK_PROGRESS_BAR (progress_bar));
/* Make uniform pulsing */
- gint pulse_ref = g_timeout_add (300, pulse_bar, progress_bar);
+ gint pulse_ref = g_timeout_add(300, pulse_bar, progress_bar);
g_object_set_data(G_OBJECT(progress_bar), "pulse_id",
GINT_TO_POINTER(pulse_ref));
gtk_container_add(GTK_CONTAINER(inside_frame), progress_bar);
diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c
index 1c787bb91..48377f527 100644
--- a/docs/examples/synctime.c
+++ b/docs/examples/synctime.c
@@ -152,9 +152,9 @@ size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size,
size_t nmemb,
TmpStr1 & 2? */
AutoSyncTime = 0;
else {
- RetVal = sscanf ((char *)(ptr), "Date: %s %hu %s %hu %hu:%hu:%hu",
- TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear,
- &SYSTime.wHour, &SYSTime.wMinute, &SYSTime.wSecond);
+ RetVal = sscanf((char *)(ptr), "Date: %s %hu %s %hu %hu:%hu:%hu",
+ TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear,
+ &SYSTime.wHour, &SYSTime.wMinute, &SYSTime.wSecond);
if(RetVal == 7) {
SYSTime.wMilliseconds = 500; /* adjust to midpoint, 0.5 sec */
diff --git a/docs/examples/usercertinmem.c b/docs/examples/usercertinmem.c
index 47573ebbd..77fde911c 100644
--- a/docs/examples/usercertinmem.c
+++ b/docs/examples/usercertinmem.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2013 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2013 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -20,8 +20,7 @@
*
***************************************************************************/
/* <DESC>
-/* Example using an in memory PEM user certificate and RSA key to retrieve an
- * https page.
+ * Use an in-memory user certificate and RSA key and retrieve an https page.
* </DESC>
*/
/* Written by Ishan SinghLevett, based on Theo Borm's cacertinmem.c.
diff --git a/docs/gnurl.1 b/docs/gnurl.1
index 9f657ddb3..797b848f0 100644
--- a/docs/gnurl.1
+++ b/docs/gnurl.1
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -20,7 +20,9 @@
.\" *
.\" **************************************************************************
.\"
-.TH curl 1 "30 Nov 2014" "Curl 7.40.0" "Curl Manual"
+.\" DO NOT EDIT. Generated by the curl project gen.pl man page generator.
+.\"
+.TH curl 1 "16 Dec 2016" "Curl 7.52.0" "Curl Manual"
.SH NAME
curl \- transfer a URL
.SH SYNOPSIS
@@ -109,21 +111,22 @@ do an operation and it is about to write data to the
terminal, it
mixing progress meter and response data.
If you want a progress meter for HTTP POST or PUT requests, you need to
-redirect the response output to a file, using shell redirect (>), -o [file] or
+redirect the response output to a file, using shell redirect (>), \fI-o,
--output\fP or
similar.
It is not the same case for FTP upload as that operation does not spit out
any response data to the terminal.
-If you prefer a progress "bar" instead of the regular meter, \fI-#\fP is your
-friend.
+If you prefer a progress "bar" instead of the regular meter, \fI-#,
--progress-bar\fP is
+your friend. You can also disable the progress meter completely with the
+\fI-s, --silent\fP option.
.SH OPTIONS
Options start with one or two dashes. Many of the options require an
additional value next to them.
The short "single-dash" form of the options, -d for example, may be used with
or without a space between it and its value, although a space is a recommended
-separator. The long "double-dash" form, --data for example, requires a space
+separator. The long "double-dash" form, \fI-d, --data\fP for example, requires
a space
between it and its value.
Short version options that don't need any additional values can be used
@@ -136,256 +139,312 @@ but prefix it with "no-". However, in this list we
mostly only list and show
the --option version of them. (This concept with --no options was added in
7.19.0. Previously most options were toggled on/off on repeated use of the
same command line option.)
-.IP "-#, --progress-bar"
-Make curl display progress as a simple progress bar instead of the standard,
-more informational, meter.
-.IP "-:, --next"
-Tells curl to use a separate operation for the following URL and associated
-options. This allows you to send several URL requests, each with their own
-specific options, for example, such as different user names or custom requests
-for each. (Added in 7.36.0)
-.IP "-0, --http1.0"
-(HTTP) Tells curl to use HTTP version 1.0 instead of using its internally
-preferred: HTTP 1.1.
-.IP "--http1.1"
-(HTTP) Tells curl to use HTTP version 1.1. This is the internal default
-version. (Added in 7.33.0)
-.IP "--http2"
-(HTTP) Tells curl to issue its requests using HTTP 2. This requires that the
-underlying libcurl was built to support it. (Added in 7.33.0)
-.IP "--http2-prior-knowledge"
-(HTTP) Tells curl to issue its non-TLS HTTP requests using HTTP/2 without
-HTTP/1.1 Upgrade. It requires prior knowledge that the server supports HTTP/2
-straight away. HTTPS requests will still do HTTP/2 the standard way with
-negotiated protocol version in the TLS handshake.
+.IP "--abstract-unix-socket <path>"
+(HTTP) Connect through an abstract Unix domain socket, instead of using the
network.
+Note: netstat shows the path of an abstract socket prefixed with '@', however
+the <path> argument should not have this leading character.
-HTTP/2 support in general also requires that the underlying libcurl was built
-to support it. (Added in 7.49.0)
-.IP "--no-npn"
-Disable the NPN TLS extension. NPN is enabled by default if libcurl was built
-with an SSL library that supports NPN. NPN is used by a libcurl that supports
-HTTP 2 to negotiate HTTP 2 support with the server during https sessions.
+Added in 7.53.0.
+.IP "--anyauth"
+(HTTP) Tells curl to figure out authentication method by itself, and use the
most
+secure one the remote site claims to support. This is done by first doing a
+request and checking the response-headers, thus possibly inducing an extra
+network round-trip. This is used instead of setting a specific authentication
+method, which you can do with \fI--basic\fP, \fI--digest\fP, \fI--ntlm\fP, and
\fI--negotiate\fP.
-(Added in 7.36.0)
-.IP "--no-alpn"
-Disable the ALPN TLS extension. ALPN is enabled by default if libcurl was built
-with an SSL library that supports ALPN. ALPN is used by a libcurl that supports
-HTTP 2 to negotiate HTTP 2 support with the server during https sessions.
+Using \fI--anyauth\fP is not recommended if you do uploads from stdin, since
it may
+require data to be sent twice and then the client must be able to rewind. If
+the need should arise when uploading from stdin, the upload operation will
+fail.
-(Added in 7.36.0)
-.IP "-1, --tlsv1"
-(SSL)
-Forces curl to use TLS version 1.x when negotiating with a remote TLS server.
-You can use options \fI--tlsv1.0\fP, \fI--tlsv1.1\fP, and \fI--tlsv1.2\fP to
-control the TLS version more precisely (if the SSL backend in use supports such
-a level of control).
-.IP "-2, --sslv2"
-(SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL
-server. Sometimes curl is built without SSLv2 support. SSLv2 is widely
-considered insecure (see RFC 6176).
-.IP "-3, --sslv3"
-(SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL
-server. Sometimes curl is built without SSLv3 support. SSLv3 is widely
-considered insecure (see RFC 7568).
-.IP "-4, --ipv4"
-This option tells curl to resolve names to IPv4 addresses only, and not for
-example try IPv6.
-.IP "-6, --ipv6"
-This option tells curl to resolve names to IPv6 addresses only, and not for
-example try IPv4.
+Used together with \fI-u, --user\fP.
+
+See also \fI--proxy-anyauth\fP and \fI--basic\fP and \fI--digest\fP.
.IP "-a, --append"
-(FTP/SFTP) When used in an upload, this makes curl append to the target file
-instead of overwriting it. If the remote file doesn't exist, it will be
-created. Note that this flag is ignored by some SFTP servers (including
-OpenSSH).
-.IP "-A, --user-agent <agent string>"
-(HTTP) Specify the User-Agent string to send to the HTTP server. Some badly
-done CGIs fail if this field isn't set to "Mozilla/4.0". To encode blanks in
-the string, surround the string with single quote marks. This can also be set
-with the \fI-H, --header\fP option of course.
+(FTP SFTP) When used in an upload, this makes curl append to the target file
instead of
+overwriting it. If the remote file doesn't exist, it will be created. Note
+that this flag is ignored by some SFTP servers (including OpenSSH).
+.IP "--basic"
+(HTTP) Tells curl to use HTTP Basic authentication with the remote host. This
is the
+default and this option is usually pointless, unless you use it to override a
+previously set option that sets a different authentication method (such as
+\fI--ntlm\fP, \fI--digest\fP, or \fI--negotiate\fP).
-If this option is used several times, the last one will be used.
-.IP "--anyauth"
-(HTTP) Tells curl to figure out authentication method by itself, and use the
-most secure one the remote site claims to support. This is done by first
-doing a request and checking the response-headers, thus possibly inducing an
-extra network round-trip. This is used instead of setting a specific
-authentication method, which you can do with \fI--basic\fP, \fI--digest\fP,
-\fI--ntlm\fP, and \fI--negotiate\fP.
-
-Note that using --anyauth is not recommended if you do uploads from stdin,
-since it may require data to be sent twice and then the client must be able to
-rewind. If the need should arise when uploading from stdin, the upload
-operation will fail.
-.IP "-b, --cookie <name=data>"
-(HTTP) Pass the data to the HTTP server as a cookie. It is supposedly the data
-previously received from the server in a "Set-Cookie:" line. The data should
-be in the format "NAME1=VALUE1; NAME2=VALUE2".
-
-If no '=' symbol is used in the line, it is treated as a filename to use to
-read previously stored cookie lines from, which should be used in this session
-if they match. Using this method also activates the cookie engine which will
-make curl record incoming cookies too, which may be handy if you're using this
-in combination with the \fI-L, --location\fP option. The file format of the
-file to read cookies from should be plain HTTP headers (Set-Cookie style) or
-the Netscape/Mozilla cookie file format.
-
-The file specified with \fI-b, --cookie\fP is only used as input. No cookies
-will be written to the file. To store cookies, use the \fI-c, --cookie-jar\fP
-option.
+Used together with \fI-u, --user\fP.
+
+See also \fI--proxy-basic\fP.
+.IP "--cacert <CA certificate>"
+(TLS) Tells curl to use the specified certificate file to verify the peer. The
file
+may contain multiple CA certificates. The certificate(s) must be in PEM
+format. Normally curl is built to use a default file for this, so this option
+is typically used to alter that default file.
+
+curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is
+set, and uses the given path as a path to a CA cert bundle. This option
+overrides that variable.
+
+The windows version of curl will automatically look for a CA certs file named
+\'curl-ca-bundle.crt\', either in the same directory as curl.exe, or in the
+Current Working Directory, or in any folder along your PATH.
+
+If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
+(libnsspem.so) needs to be available for this option to work properly.
-Exercise caution if you are using this option and multiple transfers may occur.
-If you use the NAME1=VALUE1; format, or in a file use the Set-Cookie format and
-don't specify a domain, then the cookie is sent for any domain (even after
-redirects are followed) and cannot be modified by a server-set cookie. If the
-cookie engine is enabled and a server sets a cookie of the same name then both
-will be sent on a future transfer to that server, likely not what you intended.
-To address these issues set a domain in Set-Cookie (doing that will include
-sub-domains) or use the Netscape format.
+(iOS and macOS only) If curl is built against Secure Transport, then this
+option is supported for backward compatibility with other SSL engines, but it
+should not be set. If the option is not set, then curl will use the
+certificates in the system and user Keychain to verify the peer, which is the
+preferred method of verifying the peer's certificate chain.
If this option is used several times, the last one will be used.
-.IP "-B, --use-ascii"
-(FTP/LDAP) Enable ASCII transfer. For FTP, this can also be enforced by using
-an URL that ends with ";type=A". This option causes data sent to stdout to be
-in text mode for win32 systems.
-.IP "--basic"
-(HTTP) Tells curl to use HTTP Basic authentication with the remote host. This
-is the default and this option is usually pointless, unless you use it to
-override a previously set option that sets a different authentication method
-(such as \fI--ntlm\fP, \fI--digest\fP, or \fI--negotiate\fP).
+.IP "--capath <dir>"
+(TLS) Tells curl to use the specified certificate directory to verify the
+peer. Multiple paths can be provided by separating them with ":" (e.g.
+\&"path1:path2:path3"). The certificates must be in PEM format, and if curl is
+built against OpenSSL, the directory must have been processed using the
+c_rehash utility supplied with OpenSSL. Using \fI--capath\fP can allow
+OpenSSL-powered curl to make SSL-connections much more efficiently than using
+\fI--cacert\fP if the --cacert file contains many CA certificates.
-Used together with \fI-u, --user\fP and \fI-x, --proxy\fP.
+If this option is set, the default capath value will be ignored, and if it is
+used several times, the last one will be used.
+.IP "--cert-status"
+(TLS) Tells curl to verify the status of the server certificate by using the
+Certificate Status Request (aka. OCSP stapling) TLS extension.
-See also \fI--proxy-basic\fP.
-.IP "-c, --cookie-jar <file name>"
-(HTTP) Specify to which file you want curl to write all cookies after a
-completed operation. Curl writes all cookies previously read from a specified
-file as well as all cookies received from remote server(s). If no cookies are
-known, no data will be written. The file will be written using the Netscape
-cookie file format. If you set the file name to a single dash, "-", the
-cookies will be written to stdout.
+If this option is enabled and the server sends an invalid (e.g. expired)
+response, if the response suggests that the server certificate has been
revoked,
+or no response at all is received, the verification fails.
-This command line option will activate the cookie engine that makes curl
-record and use cookies. Another way to activate it is to use the \fI-b,
---cookie\fP option.
+This is currently only implemented in the OpenSSL, GnuTLS and NSS backends.
-If the cookie jar can't be created or written to, the whole curl operation
-won't fail or even report an error clearly. Using -v will get a warning
-displayed, but that is the only visible feedback you get about this possibly
-lethal situation.
+Added in 7.41.0.
+.IP "--cert-type <type>"
+(TLS) Tells curl what certificate type the provided certificate is in. PEM,
DER and
+ENG are recognized types. If not specified, PEM is assumed.
-Since 7.43.0 cookies that were imported in the Set-Cookie format without a
-domain name are not exported by this option.
+If this option is used several times, the last one will be used.
-If this option is used several times, the last specified file name will be
-used.
-.IP "-C, --continue-at <offset>"
-Continue/Resume a previous file transfer at the given offset. The given offset
-is the exact number of bytes that will be skipped, counting from the beginning
-of the source file before it is transferred to the destination. If used with
-uploads, the FTP server command SIZE will not be used by curl.
+See also \fI-E, --cert\fP and \fI--key\fP and \fI--key-type\fP.
+.IP "-E, --cert <certificate[:password]>"
+(TLS) Tells curl to use the specified client certificate file when getting a
file
+with HTTPS, FTPS or another SSL-based protocol. The certificate must be in
+PKCS#12 format if using Secure Transport, or PEM format if using any other
+engine. If the optional password isn't specified, it will be queried for on
+the terminal. Note that this option assumes a \&"certificate" file that is the
+private key and the client certificate concatenated! See \fI-E, --cert\fP and
\fI--key\fP to
+specify them independently.
-Use "-C -" to tell curl to automatically find out where/how to resume the
-transfer. It then uses the given output/input files to figure that out.
+If curl is built against the NSS SSL library then this option can tell
+curl the nickname of the certificate to use within the NSS database defined
+by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the
+NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be
+loaded. If you want to use a file from the current directory, please precede
+it with "./" prefix, in order to avoid confusion with a nickname. If the
+nickname contains ":", it needs to be preceded by "\\" so that it is not
+recognized as password delimiter. If the nickname contains "\\", it needs to
+be escaped as "\\\\" so that it is not recognized as an escape character.
+
+(iOS and macOS only) If curl is built against Secure Transport, then the
+certificate string can either be the name of a certificate/private key in the
+system or user keychain, or the path to a PKCS#12-encoded certificate and
+private key. If you want to use a file from the current directory, please
+precede it with "./" prefix, in order to avoid confusion with a nickname.
If this option is used several times, the last one will be used.
+
+See also \fI--cert-type\fP and \fI--key\fP and \fI--key-type\fP.
.IP "--ciphers <list of ciphers>"
-(SSL) Specifies which ciphers to use in the connection. The list of ciphers
-must specify valid ciphers. Read up on SSL cipher list details on this URL:
-\fIhttps://www.openssl.org/docs/apps/ciphers.html\fP
+(TLS) Specifies which ciphers to use in the connection. The list of ciphers
must
+specify valid ciphers. Read up on SSL cipher list details on this URL:
-NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS
-ciphers is in the NSSCipherSuite entry at this URL:
-\fIhttps://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP
+
+ https://curl.haxx.se/docs/ssl-ciphers.html
If this option is used several times, the last one will be used.
.IP "--compressed"
-(HTTP) Request a compressed response using one of the algorithms curl
-supports, and save the uncompressed document. If this option is used and the
-server sends an unsupported encoding, curl will report an error.
+(HTTP) Request a compressed response using one of the algorithms curl
supports, and
+save the uncompressed document. If this option is used and the server sends
+an unsupported encoding, curl will report an error.
+.IP "-K, --config <file>"
+Specify which config file to read curl arguments from. The config file is a
+text file in which command line arguments can be written which then will be
+used as if they were written on the actual command line.
+
+Options and their parameters must be specified on the same config file line,
+separated by whitespace, colon, or the equals sign. Long option names can
+optionally be given in the config file without the initial double dashes and
+if so, the colon or equals characters can be used as separators. If the option
+is specified with one or two dashes, there can be no colon or equals character
+between the option and its parameter.
+
+If the parameter is to contain whitespace, the parameter must be enclosed
+within quotes. Within double quotes, the following escape sequences are
+available: \\\\, \\", \\t, \\n, \\r and \\v. A backslash preceding any other
+letter is ignored. If the first column of a config line is a '#' character,
+the rest of the line will be treated as a comment. Only write one option per
+physical line in the config file.
+
+Specify the filename to \fI-K, --config\fP as '-' to make curl read the file
from stdin.
+
+Note that to be able to specify a URL in the config file, you need to specify
+it using the \fI--url\fP option, and not by simply writing the URL on its own
+line. So, it could look similar to this:
+
+url = "https://curl.haxx.se/docs/";
+
+When curl is invoked, it always (unless \fI-q, --disable\fP is used) checks
for a
+default config file and uses it if found. The default config file is checked
+for in the following places in this order:
+
+1) curl tries to find the "home dir": It first checks for the CURL_HOME and
+then the HOME environment variables. Failing that, it uses getpwuid() on
+Unix-like systems (which returns the home dir given the current user in your
+system). On Windows, it then checks for the APPDATA variable, or as a last
+resort the '%USERPROFILE%\\Application Data'.
+
+2) On windows, if there is no _curlrc file in the home dir, it checks for one
+in the same dir the curl executable is placed. On Unix-like systems, it will
+simply try to load .curlrc from the determined home dir.
+
+.nf
+# --- Example file ---
+# this is a comment
+url = "example.com"
+output = "curlhere.html"
+user-agent = "superagent/1.0"
+
+# and fetch another URL too
+url = "example.com/docs/manpage.html"
+-O
+referer = "http://nowhereatall.example.com/";
+# --- End of example file ---
+.fi
+
+This option can be used multiple times to load multiple config files.
.IP "--connect-timeout <seconds>"
Maximum time in seconds that you allow curl's connection to take. This only
limits the connection phase, so if curl connects within the given period it
will continue - if not it will exit. Since version 7.32.0, this option
accepts decimal values.
-See also the \fI-m, --max-time\fP option.
-
If this option is used several times, the last one will be used.
-.IP "--create-dirs"
-When used in conjunction with the \fI-o\fP option, curl will create the
-necessary local directory hierarchy as needed. This option creates the dirs
-mentioned with the \fI-o\fP option, nothing else. If the \fI-o\fP file name
-uses no dir or if the dirs it mentions already exist, no dir will be created.
-To create remote directories when using FTP or SFTP, try
-\fI--ftp-create-dirs\fP.
-.IP "--crlf"
-Convert LF to CRLF in upload. Useful for MVS (OS/390).
+See also \fI-m, --max-time\fP.
+.IP "--connect-to <HOST1:PORT1:HOST2:PORT2>"
-(SMTP added in 7.40.0)
-.IP "--crlfile <file>"
-(HTTPS/FTPS) Provide a file using PEM format with a Certificate Revocation
-List that may specify peer certificates that are to be considered revoked.
+For a request to the given HOST:PORT pair, connect to
+CONNECT-TO-HOST:CONNECT-TO-PORT instead. This option is suitable to direct
+requests at a specific server, e.g. at a specific cluster node in a cluster of
+servers. This option is only used to establish the network connection. It
+does NOT affect the hostname/port that is used for TLS/SSL (e.g. SNI,
+certificate verification) or for the application protocols. "host" and "port"
+may be the empty string, meaning "any host/port". "connect-to-host" and
+"connect-to-port" may also be the empty string, meaning "use the request's
+original host/port".
+
+This option can be used many times to add many connect rules.
+
+See also \fI--resolve\fP and \fI-H, --header\fP. Added in 7.49.0.
+.IP "-C, --continue-at <offset>"
+Continue/Resume a previous file transfer at the given offset. The given offset
+is the exact number of bytes that will be skipped, counting from the beginning
+of the source file before it is transferred to the destination. If used with
+uploads, the FTP server command SIZE will not be used by curl.
+
+Use "-C -" to tell curl to automatically find out where/how to resume the
+transfer. It then uses the given output/input files to figure that out.
If this option is used several times, the last one will be used.
-(Added in 7.19.7)
-.IP "-d, --data <data>"
-(HTTP) Sends the specified data in a POST request to the HTTP server, in the
-same way that a browser does when a user has filled in an HTML form and
-presses the submit button. This will cause curl to pass the data to the server
-using the content-type application/x-www-form-urlencoded. Compare to
-\fI-F, --form\fP.
+See also \fI-r, --range\fP.
+.IP "-c, --cookie-jar <filename>"
+(HTTP) Specify to which file you want curl to write all cookies after a
completed
+operation. Curl writes all cookies from its in-memory cookie storage to the
+given file at the end of operations. If no cookies are known, no data will be
+written. The file will be written using the Netscape cookie file format. If
+you set the file name to a single dash, "-", the cookies will be written to
+stdout.
-\fI-d, --data\fP is the same as \fI--data-ascii\fP. \fI--data-raw\fP is almost
-the same but does not have a special interpretation of the @ character. To
-post data purely binary, you should instead use the \fI--data-binary\fP option.
-To URL-encode the value of a form field you may use \fI--data-urlencode\fP.
+This command line option will activate the cookie engine that makes curl
+record and use cookies. Another way to activate it is to use the \fI-b,
--cookie\fP
+option.
-If any of these options is used more than once on the same command line, the
-data pieces specified will be merged together with a separating
-&-symbol. Thus, using '-d name=daniel -d skill=lousy' would generate a post
-chunk that looks like \&'name=daniel&skill=lousy'.
+If the cookie jar can't be created or written to, the whole curl operation
+won't fail or even report an error clearly. Using \fI-v, --verbose\fP will get
a warning
+displayed, but that is the only visible feedback you get about this possibly
+lethal situation.
-If you start the data with the letter @, the rest should be a file name to
-read the data from, or - if you want curl to read the data from
-stdin. Multiple files can also be specified. Posting data from a file
-named 'foobar' would thus be done with \fI--data\fP @foobar. When --data is
-told to read from a file like that, carriage returns and newlines will be
-stripped out. If you don't want the @ character to have a special
-interpretation use \fI--data-raw\fP instead.
-.IP "-D, --dump-header <file>"
-Write the protocol headers to the specified file.
+If this option is used several times, the last specified file name will be
+used.
+.IP "-b, --cookie <data>"
+(HTTP) Pass the data to the HTTP server in the Cookie header. It is supposedly
+the data previously received from the server in a "Set-Cookie:" line. The
+data should be in the format "NAME1=VALUE1; NAME2=VALUE2".
+
+If no '=' symbol is used in the argument, it is instead treated as a filename
+to read previously stored cookie from. This option also activates the cookie
+engine which will make curl record incoming cookies, which may be handy if
+you're using this in combination with the \fI-L, --location\fP option or do
multiple URL
+transfers on the same invoke.
+
+The file format of the file to read cookies from should be plain HTTP headers
+(Set-Cookie style) or the Netscape/Mozilla cookie file format.
+
+The file specified with \fI-b, --cookie\fP is only used as input. No cookies
will be
+written to the file. To store cookies, use the \fI-c, --cookie-jar\fP option.
+
+Exercise caution if you are using this option and multiple transfers may
+occur. If you use the NAME1=VALUE1; format, or in a file use the Set-Cookie
+format and don't specify a domain, then the cookie is sent for any domain
+(even after redirects are followed) and cannot be modified by a server-set
+cookie. If the cookie engine is enabled and a server sets a cookie of the same
+name then both will be sent on a future transfer to that server, likely not
+what you intended. To address these issues set a domain in Set-Cookie (doing
+that will include sub domains) or use the Netscape format.
-This option is handy to use when you want to store the headers that an HTTP
-site sends to you. Cookies from the headers could then be read in a second
-curl invocation by using the \fI-b, --cookie\fP option! The
-\fI-c, --cookie-jar\fP option is a better way to store cookies.
+If this option is used several times, the last one will be used.
-When used in FTP, the FTP server response lines are considered being "headers"
-and thus are saved there.
+Users very often want to both read cookies from a file and write updated
+cookies back to a file, so using both \fI-b, --cookie\fP and \fI-c,
--cookie-jar\fP in the same
+command line is common.
+.IP "--create-dirs"
+When used in conjunction with the \fI-o, --output\fP option, curl will create
the
+necessary local directory hierarchy as needed. This option creates the dirs
+mentioned with the \fI-o, --output\fP option, nothing else. If the --output
file name
+uses no dir or if the dirs it mentions already exist, no dir will be created.
+
+To create remote directories when using FTP or SFTP, try
\fI--ftp-create-dirs\fP.
+.IP "--crlf"
+(FTP SMTP) Convert LF to CRLF in upload. Useful for MVS (OS/390).
+
+(SMTP added in 7.40.0)
+.IP "--crlfile <file>"
+(TLS) Provide a file using PEM format with a Certificate Revocation List that
may
+specify peer certificates that are to be considered revoked.
If this option is used several times, the last one will be used.
+
+Added in 7.19.7.
.IP "--data-ascii <data>"
-See \fI-d, --data\fP.
+(HTTP) This is just an alias for \fI-d, --data\fP.
.IP "--data-binary <data>"
-(HTTP) This posts data exactly as specified with no extra processing
-whatsoever.
+(HTTP) This posts data exactly as specified with no extra processing
whatsoever.
If you start the data with the letter @, the rest should be a filename. Data
-is posted in a similar manner as \fI--data-ascii\fP does, except that newlines
-and carriage returns are preserved and conversions are never done.
+is posted in a similar manner as \fI-d, --data\fP does, except that newlines
and
+carriage returns are preserved and conversions are never done.
If this option is used several times, the ones following the first will append
data as described in \fI-d, --data\fP.
.IP "--data-raw <data>"
-(HTTP) This posts data similarly to \fI--data\fP but without the special
-interpretation of the @ character. See \fI-d, --data\fP.
-(Added in 7.43.0)
+(HTTP) This posts data similarly to \fI-d, --data\fP but without the special
+interpretation of the @ character.
+
+See also \fI-d, --data\fP. Added in 7.43.0.
.IP "--data-urlencode <data>"
-(HTTP) This posts data, similar to the other --data options with the exception
-that this performs URL-encoding. (Added in 7.18.0)
+(HTTP) This posts data, similar to the other \fI-d, --data\fP options with the
exception
+that this performs URL-encoding.
To be CGI-compliant, the <data> part should begin with a \fIname\fP followed
by a separator and a content specification. The <data> part can be passed to
@@ -410,9 +469,36 @@ URL-encode that data and pass it on in the POST. The name
part gets an equal
sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
name is expected to be URL-encoded already.
.RE
-.IP "--delegation LEVEL"
-Set \fILEVEL\fP to tell the server what it is allowed to delegate when it
-comes to user credentials. Used with GSS/kerberos.
+
+See also \fI-d, --data\fP and \fI--data-raw\fP. Added in 7.18.0.
+.IP "-d, --data <data>"
+(HTTP) Sends the specified data in a POST request to the HTTP server, in the
same way
+that a browser does when a user has filled in an HTML form and presses the
+submit button. This will cause curl to pass the data to the server using the
+content-type application/x-www-form-urlencoded. Compare to \fI-F, --form\fP.
+
+\fI--data-raw\fP is almost the same but does not have a special interpretation
of
+the @ character. To post data purely binary, you should instead use the
+\fI--data-binary\fP option. To URL-encode the value of a form field you may
use
+\fI--data-urlencode\fP.
+
+If any of these options is used more than once on the same command line, the
+data pieces specified will be merged together with a separating
+&-symbol. Thus, using '-d name=daniel -d skill=lousy' would generate a post
+chunk that looks like \&'name=daniel&skill=lousy'.
+
+If you start the data with the letter @, the rest should be a file name to
+read the data from, or - if you want curl to read the data from
+stdin. Multiple files can also be specified. Posting data from a file named
+'foobar' would thus be done with \fI-d, --data\fP @foobar. When --data is told
to read
+from a file like that, carriage returns and newlines will be stripped out. If
+you don't want the @ character to have a special interpretation use
\fI--data-raw\fP
+instead.
+
+See also \fI--data-binary\fP and \fI--data-urlencode\fP and \fI--data-raw\fP.
This option overrides \fI-F, --form\fP and \fI-I, --head\fP and \fI--upload\fP.
+.IP "--delegation <LEVEL>"
+(GSS/kerberos) Set LEVEL to tell the server what it is allowed to delegate
when it
+comes to user credentials.
.RS
.IP "none"
Don't allow any delegation.
@@ -423,226 +509,155 @@ service ticket, which is a matter of realm policy.
Unconditionally allow the server to delegate.
.RE
.IP "--digest"
-(HTTP) Enables HTTP Digest authentication. This is an authentication scheme
-that prevents the password from being sent over the wire in clear text. Use
-this in combination with the normal \fI-u, --user\fP option to set user name
-and password. See also \fI--ntlm\fP, \fI--negotiate\fP and \fI--anyauth\fP for
-related options.
+(HTTP) Enables HTTP Digest authentication. This is an authentication scheme
that
+prevents the password from being sent over the wire in clear text. Use this in
+combination with the normal \fI-u, --user\fP option to set user name and
password.
If this option is used several times, only the first one is used.
+
+See also \fI-u, --user\fP and \fI--proxy-digest\fP and \fI--anyauth\fP. This
option overrides \fI--basic\fP and \fI--ntlm\fP and \fI--negotiate\fP.
.IP "--disable-eprt"
-(FTP) Tell curl to disable the use of the EPRT and LPRT commands when doing
-active FTP transfers. Curl will normally always first attempt to use EPRT,
-then LPRT before using PORT, but with this option, it will use PORT right
-away. EPRT and LPRT are extensions to the original FTP protocol, and may not
-work on all servers, but they enable more functionality in a better way than
-the traditional PORT command.
+(FTP) Tell curl to disable the use of the EPRT and LPRT commands when doing
active
+FTP transfers. Curl will normally always first attempt to use EPRT, then LPRT
+before using PORT, but with this option, it will use PORT right away. EPRT and
+LPRT are extensions to the original FTP protocol, and may not work on all
+servers, but they enable more functionality in a better way than the
+traditional PORT command.
-\fB--eprt\fP can be used to explicitly enable EPRT again and \fB--no-eprt\fP
-is an alias for \fB--disable-eprt\fP.
+--eprt can be used to explicitly enable EPRT again and --no-eprt is an alias
+for \fI--disable-eprt\fP.
-If the server is an IPv6 host, this option will have no effect as EPRT is
-necessary then.
+If the server is accessed using IPv6, this option will have no effect as EPRT
+is necessary then.
Disabling EPRT only changes the active behavior. If you want to switch to
-passive mode you need to not use \fI-P, --ftp-port\fP or force it with
-\fI--ftp-pasv\fP.
+passive mode you need to not use \fI-P, --ftp-port\fP or force it with
\fI--ftp-pasv\fP.
.IP "--disable-epsv"
-(FTP) Tell curl to disable the use of the EPSV command when doing passive FTP
+(FTP) (FTP) Tell curl to disable the use of the EPSV command when doing
passive FTP
transfers. Curl will normally always first attempt to use EPSV before PASV,
but with this option, it will not try using EPSV.
-\fB--epsv\fP can be used to explicitly enable EPSV again and \fB--no-epsv\fP
-is an alias for \fB--disable-epsv\fP.
+--epsv can be used to explicitly enable EPSV again and --no-epsv is an alias
+for \fI--disable-epsv\fP.
If the server is an IPv6 host, this option will have no effect as EPSV is
necessary then.
Disabling EPSV only changes the passive behavior. If you want to switch to
active mode you need to use \fI-P, --ftp-port\fP.
+.IP "-q, --disable"
+If used as the first parameter on the command line, the \fIcurlrc\fP config
+file will not be read and used. See the \fI-K, --config\fP for details on the
default
+config file search path.
.IP "--dns-interface <interface>"
-Tell curl to send outgoing DNS requests through <interface>. This option
-is a counterpart to \fI--interface\fP (which does not affect DNS). The
-supplied string must be an interface name (not an address).
-
-This option requires that libcurl was built with a resolver backend that
-supports this operation. The c-ares backend is the only such one. (Added in
-7.33.0)
-.IP "--dns-ipv4-addr <ip-address>"
-Tell curl to bind to <ip-address> when making IPv4 DNS requests, so that
+(DNS) Tell curl to send outgoing DNS requests through <interface>. This option
is a
+counterpart to \fI--interface\fP (which does not affect DNS). The supplied
string
+must be an interface name (not an address).
+
+See also \fI--dns-ipv4-addr\fP and \fI--dns-ipv6-addr\fP.
\fI--dns-interface\fP requires that the underlying libcurl was built to support
c-ares. Added in 7.33.0.
+.IP "--dns-ipv4-addr <address>"
+(DNS) Tell curl to bind to <ip-address> when making IPv4 DNS requests, so that
the DNS requests originate from this address. The argument should be a
single IPv4 address.
-This option requires that libcurl was built with a resolver backend that
-supports this operation. The c-ares backend is the only such one. (Added in
-7.33.0)
-.IP "--dns-ipv6-addr <ip-address>"
-Tell curl to bind to <ip-address> when making IPv6 DNS requests, so that
+See also \fI--dns-interface\fP and \fI--dns-ipv6-addr\fP.
\fI--dns-ipv4-addr\fP requires that the underlying libcurl was built to support
c-ares. Added in 7.33.0.
+.IP "--dns-ipv6-addr <address>"
+(DNS) Tell curl to bind to <ip-address> when making IPv6 DNS requests, so that
the DNS requests originate from this address. The argument should be a
single IPv6 address.
-This option requires that libcurl was built with a resolver backend that
-supports this operation. The c-ares backend is the only such one. (Added in
-7.33.0)
-.IP "--dns-servers <ip-address,ip-address>"
+See also \fI--dns-interface\fP and \fI--dns-ipv4-addr\fP.
\fI--dns-ipv6-addr\fP requires that the underlying libcurl was built to support
c-ares. Added in 7.33.0.
+.IP "--dns-servers <addresses>"
Set the list of DNS servers to be used instead of the system default.
The list of IP addresses should be separated with commas. Port numbers
may also optionally be given as \fI:<port-number>\fP after each IP
address.
-This option requires that libcurl was built with a resolver backend that
-supports this operation. The c-ares backend is the only such one. (Added in
-7.33.0)
-.IP "-e, --referer <URL>"
-(HTTP) Sends the "Referrer Page" information to the HTTP server. This can also
-be set with the \fI-H, --header\fP flag of course. When used with
-\fI-L, --location\fP you can append ";auto" to the --referer URL to make curl
-automatically set the previous URL when it follows a Location: header. The
-\&";auto" string can be used alone, even if you don't set an initial --referer.
-
-If this option is used several times, the last one will be used.
-.IP "-E, --cert <certificate[:password]>"
-(SSL) Tells curl to use the specified client certificate file when getting a
-file with HTTPS, FTPS or another SSL-based protocol. The certificate must be
-in PKCS#12 format if using Secure Transport, or PEM format if using any other
-engine. If the optional password isn't specified, it will be queried for on
-the terminal. Note that this option assumes a \&"certificate" file that is the
-private key and the client certificate concatenated! See \fI--cert\fP and
-\fI--key\fP to specify them independently.
+\fI--dns-servers\fP requires that the underlying libcurl was built to support
c-ares. Added in 7.33.0.
+.IP "-D, --dump-header <filename>"
+(HTTP FTP) Write the received protocol headers to the specified file.
-If curl is built against the NSS SSL library then this option can tell
-curl the nickname of the certificate to use within the NSS database defined
-by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the
-NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be
-loaded. If you want to use a file from the current directory, please precede
-it with "./" prefix, in order to avoid confusion with a nickname. If the
-nickname contains ":", it needs to be preceded by "\\" so that it is not
-recognized as password delimiter. If the nickname contains "\\", it needs to
-be escaped as "\\\\" so that it is not recognized as an escape character.
+This option is handy to use when you want to store the headers that an HTTP
+site sends to you. Cookies from the headers could then be read in a second
+curl invocation by using the \fI-b, --cookie\fP option! The \fI-c,
--cookie-jar\fP option is a
+better way to store cookies.
-(iOS and macOS only) If curl is built against Secure Transport, then the
-certificate string can either be the name of a certificate/private key in the
-system or user keychain, or the path to a PKCS#12-encoded certificate and
-private key. If you want to use a file from the current directory, please
-precede it with "./" prefix, in order to avoid confusion with a nickname.
+When used in FTP, the FTP server response lines are considered being "headers"
+and thus are saved there.
If this option is used several times, the last one will be used.
+
+See also \fI-o, --output\fP.
+.IP "--egd-file <file>"
+(TLS) Specify the path name to the Entropy Gathering Daemon socket. The socket
is
+used to seed the random engine for SSL connections.
+
+See also \fI--random-file\fP.
.IP "--engine <name>"
-Select the OpenSSL crypto engine to use for cipher
-operations. Use \fI--engine list\fP to print a list of build-time supported
-engines. Note that not all (or none) of the engines may be available at
-run-time.
+(TLS) Select the OpenSSL crypto engine to use for cipher operations. Use
\fI--engine\fP
+list to print a list of build-time supported engines. Note that not all (or
+none) of the engines may be available at run-time.
.IP "--environment"
-(RISC OS ONLY) Sets a range of environment variables, using the names the
-\fI-w\fP option supports, to allow easier extraction of useful information
-after having run curl.
-.IP "--egd-file <file>"
-(SSL) Specify the path name to the Entropy Gathering Daemon socket. The socket
-is used to seed the random engine for SSL connections. See also the
-\fI--random-file\fP option.
+Sets a range of environment variables, using the names the \fI-w,
--write-out\fP option
+supports, to allow easier extraction of useful information after having run
+curl.
+
+\fI--environment\fP requires that the underlying libcurl was built to support
RISC OS.
.IP "--expect100-timeout <seconds>"
(HTTP) Maximum time in seconds that you allow curl to wait for a 100-continue
response when curl emits an Expects: 100-continue header in its request. By
default curl will wait one second. This option accepts decimal values! When
curl stops waiting, it will continue as if the response has been received.
-(Added in 7.47.0)
-.IP "--cert-type <type>"
-(SSL) Tells curl what certificate type the provided certificate is in. PEM,
-DER and ENG are recognized types. If not specified, PEM is assumed.
+See also \fI--connect-timeout\fP. Added in 7.47.0.
+.IP "--fail-early"
+Fail and exit on first detected error.
-If this option is used several times, the last one will be used.
-.IP "--cacert <CA certificate>"
-(SSL) Tells curl to use the specified certificate file to verify the peer. The
-file may contain multiple CA certificates. The certificate(s) must be in PEM
-format. Normally curl is built to use a default file for this, so this option
-is typically used to alter that default file.
-
-curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is
-set, and uses the given path as a path to a CA cert bundle. This option
-overrides that variable.
-
-The windows version of curl will automatically look for a CA certs file named
-\'curl-ca-bundle.crt\', either in the same directory as curl.exe, or in the
-Current Working Directory, or in any folder along your PATH.
-
-If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
-(libnsspem.so) needs to be available for this option to work properly.
-
-(iOS and macOS only) If curl is built against Secure Transport, then this
-option is supported for backward compatibility with other SSL engines, but it
-should not be set. If the option is not set, then curl will use the
-certificates in the system and user Keychain to verify the peer, which is the
-preferred method of verifying the peer's certificate chain.
-
-If this option is used several times, the last one will be used.
-.IP "--capath <CA certificate directory>"
-(SSL) Tells curl to use the specified certificate directory to verify the
-peer. Multiple paths can be provided by separating them with ":" (e.g.
-\&"path1:path2:path3"). The certificates must be in PEM format, and if curl is
-built against OpenSSL, the directory must have been processed using the
-c_rehash utility supplied with OpenSSL. Using \fI--capath\fP can allow
-OpenSSL-powered curl to make SSL-connections much more efficiently than using
-\fI--cacert\fP if the \fI--cacert\fP file contains many CA certificates.
-
-If this option is set, the default capath value will be ignored, and if it is
-used several times, the last one will be used.
-.IP "--pinnedpubkey <pinned public key (hashes)>"
-(SSL) Tells curl to use the specified public key file (or hashes) to verify the
-peer. This can be a path to a file which contains a single public key in PEM or
-DER format, or any number of base64 encoded sha256 hashes preceded by
-\'sha256//\' and separated by \';\'
-
-When negotiating a TLS or SSL connection, the server sends a certificate
-indicating its identity. A public key is extracted from this certificate and
-if it does not exactly match the public key provided to this option, curl will
-abort the connection before sending or receiving any data.
+When curl is used to do multiple transfers on the command line, it will
+attempt to operate on each given URL, one by one. By default, it will ignore
+errors if there are more URLs given and the last URL's success will determine
+the error code curl returns. So early failures will be "hidden" by subsequent
+successful transfers.
-PEM/DER support:
- 7.39.0: OpenSSL, GnuTLS and GSKit
- 7.43.0: NSS and wolfSSL/CyaSSL
- 7.47.0: mbedtls
- 7.49.0: PolarSSL
-sha256 support:
- 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.
- 7.47.0: mbedtls
- 7.49.0: PolarSSL
-Other SSL backends not supported.
+Using this option, curl will instead return an error on the first transfers
+that fails, independent on the amount of more URLs that are given on the
+command line. This way, no transfer failures go undetected by scripts and
+similar.
-If this option is used several times, the last one will be used.
-.IP "--cert-status"
-(SSL) Tells curl to verify the status of the server certificate by using the
-Certificate Status Request (aka. OCSP stapling) TLS extension.
+This option will apply for all given URLs even if you use \fI-:, --next\fP.
-If this option is enabled and the server sends an invalid (e.g. expired)
-response, if the response suggests that the server certificate has been
revoked,
-or no response at all is received, the verification fails.
+Added in 7.52.0.
+.IP "-f, --fail"
+(HTTP) Fail silently (no output at all) on server errors. This is mostly done
to
+better enable scripts etc to better deal with failed attempts. In normal cases
+when an HTTP server fails to deliver a document, it returns an HTML document
+stating so (which often also describes why and more). This flag will prevent
+curl from outputting that and return error 22.
-This is currently only implemented in the OpenSSL, GnuTLS and NSS backends.
-(Added in 7.41.0)
+This method is not fail-safe and there are occasions where non-successful
+response codes will slip through, especially when authentication is involved
+(response codes 401 and 407).
.IP "--false-start"
-
-(SSL) Tells curl to use false start during the TLS handshake. False start is a
-mode where a TLS client will start sending application data before verifying
-the server's Finished message, thus saving a round trip when performing a full
+(TLS) Tells curl to use false start during the TLS handshake. False start is a
mode
+where a TLS client will start sending application data before verifying the
+server's Finished message, thus saving a round trip when performing a full
handshake.
This is currently only implemented in the NSS and Secure Transport (on iOS 7.0
or later, or OS X 10.9 or later) backends.
-(Added in 7.42.0)
-.IP "-f, --fail"
-(HTTP) Fail silently (no output at all) on server errors. This is mostly done
-to better enable scripts etc to better deal with failed attempts. In normal
-cases when an HTTP server fails to deliver a document, it returns an HTML
-document stating so (which often also describes why and more). This flag will
-prevent curl from outputting that and return error 22.
-This method is not fail-safe and there are occasions where non-successful
-response codes will slip through, especially when authentication is involved
-(response codes 401 and 407).
+Added in 7.42.0.
+.IP "--form-string <name=string>"
+(HTTP) Similar to \fI-F, --form\fP except that the value string for the named
parameter is used
+literally. Leading \&'@' and \&'<' characters, and the \&';type=' string in
+the value have no special meaning. Use this in preference to \fI-F, --form\fP
if
+there's any possibility that the string value may accidentally trigger the
+\&'@' or \&'<' features of \fI-F, --form\fP.
+
+See also \fI-F, --form\fP.
.IP "-F, --form <name=content>"
-(HTTP) This lets curl emulate a filled-in form in which a user has pressed the
-submit button. This causes curl to POST data using the Content-Type
+(HTTP) This lets curl emulate a filled-in form in which a user has pressed the
submit
+button. This causes curl to POST data using the Content-Type
multipart/form-data according to RFC 2388. This enables uploading of binary
files etc. To force the 'content' part to be a file, prefix the file name with
an @ sign. To just get the content part from a file, prefix the file name with
@@ -653,7 +668,7 @@ get the contents for that text field from a file.
Example: to send an image to a server, where \&'profile' is the name of the
form-field to which portrait.jpg will be the input:
-\fBcurl\fP -F address@hidden https://example.com/upload.cgi
+ curl -F address@hidden https://example.com/upload.cgi
To read content from stdin instead of a file, use - as the filename. This goes
for both @ and < constructs. Unfortunately it does not support reading the
@@ -663,24 +678,24 @@ transfer starts.
You can also tell curl what Content-Type to use by using 'type=', in a manner
similar to:
-\fBcurl\fP -F "address@hidden;type=text/html" example.com
+ curl -F "address@hidden;type=text/html" example.com
or
-\fBcurl\fP -F "name=daniel;type=text/foo" example.com
+ curl -F "name=daniel;type=text/foo" example.com
You can also explicitly change the name field of a file upload part by setting
filename=, like this:
-\fBcurl\fP -F "address@hidden;filename=nameinpost" example.com
+ curl -F "address@hidden;filename=nameinpost" example.com
If filename/path contains ',' or ';', it must be quoted by double-quotes like:
-\fBcurl\fP -F "address@hidden"localfile\\";filename=\\"nameinpost\\""
example.com
+ curl -F "address@hidden"localfile\\";filename=\\"nameinpost\\"" example.com
or
-\fBcurl\fP -F 'file=@"localfile";filename="nameinpost"' example.com
+ curl -F 'file=@"localfile";filename="nameinpost"' example.com
Note that if a filename/path is quoted by double-quotes, any double-quote
or backslash within the filename must be escaped by backslash.
@@ -688,23 +703,29 @@ or backslash within the filename must be escaped by
backslash.
See further examples and details in the MANUAL.
This option can be used multiple times.
-.IP "--ftp-account [data]"
-(FTP) When an FTP server asks for "account data" after user name and password
-has been provided, this data is sent off using the ACCT command. (Added in
-7.13.0)
+
+This option overrides \fI-d, --data\fP and \fI-I, --head\fP and \fI--upload\fP.
+.IP "--ftp-account <data>"
+(FTP) When an FTP server asks for "account data" after user name and password
has
+been provided, this data is sent off using the ACCT command.
If this option is used several times, the last one will be used.
+
+Added in 7.13.0.
.IP "--ftp-alternative-to-user <command>"
-(FTP) If authenticating with the USER and PASS commands fails, send this
-command. When connecting to Tumbleweed's Secure Transport server over FTPS
-using a client certificate, using "SITE AUTH" will tell the server to retrieve
-the username from the certificate. (Added in 7.15.5)
+(FTP) If authenticating with the USER and PASS commands fails, send this
command.
+When connecting to Tumbleweed's Secure Transport server over FTPS using a
+client certificate, using "SITE AUTH" will tell the server to retrieve the
+username from the certificate.
+
+Added in 7.15.5.
.IP "--ftp-create-dirs"
-(FTP/SFTP) When an FTP or SFTP URL/operation uses a path that doesn't
-currently exist on the server, the standard behavior of curl is to
-fail. Using this option, curl will instead attempt to create missing
-directories.
-.IP "--ftp-method [method]"
+(FTP SFTP) When an FTP or SFTP URL/operation uses a path that doesn't
currently exist on
+the server, the standard behavior of curl is to fail. Using this option, curl
+will instead attempt to create missing directories.
+
+See also \fI--create-dirs\fP.
+.IP "--ftp-method <method>"
(FTP) Control what method curl should use to reach a file on an FTP(S)
server. The method argument should be one of the following alternatives:
.RS
@@ -720,12 +741,12 @@ curl does one CWD with the full target directory and then
operates on the file
\&"normally" (like in the multicwd case). This is somewhat more standards
compliant than 'nocwd' but without the full penalty of 'multicwd'.
.RE
-.IP
-(Added in 7.15.1)
+
+Added in 7.15.1.
.IP "--ftp-pasv"
(FTP) Use passive mode for the data connection. Passive is the internal default
-behavior, but using this option can be used to override a previous
-\fI-P/-ftp-port\fP option. (Added in 7.11.0)
+behavior, but using this option can be used to override a previous \fI-P,
--ftp-port\fP
+option.
If this option is used several times, only the first one is used. Undoing an
enforced passive really isn't doable but you must then instead enforce the
@@ -733,75 +754,104 @@ correct \fI-P, --ftp-port\fP again.
Passive mode means that curl will try the EPSV command first and then PASV,
unless \fI--disable-epsv\fP is used.
+
+See also \fI--disable-epsv\fP. Added in 7.11.0.
+.IP "-P, --ftp-port <address>"
+(FTP) Reverses the default initiator/listener roles when connecting with FTP.
This
+option makes curl use active mode. curl then tells the server to connect back
+to the client's specified address and port, while passive mode asks the server
+to setup an IP address and port for it to connect to. <address> should be one
+of:
+.RS
+.IP interface
+i.e "eth0" to specify which interface's IP address you want to use (Unix only)
+.IP "IP address"
+i.e "192.168.10.1" to specify the exact IP address
+.IP "host name"
+i.e "my.host.domain" to specify the machine
+.IP "-"
+make curl pick the same IP address that is already used for the control
+connection
+.RE
+
+If this option is used several times, the last one will be used. Disable the
+use of PORT with \fI--ftp-pasv\fP. Disable the attempt to use the EPRT command
+instead of PORT by using \fI--disable-eprt\fP. EPRT is really PORT++.
+
+Since 7.19.5, you can append \&":[start]-[end]\&" to the right of the address,
+to tell curl what TCP port range to use. That means you specify a port range,
+from a lower to a higher number. A single number works as well, but do note
+that it increases the risk of failure since the port may not be available.
+
+See also \fI--ftp-pasv\fP and \fI--disable-eprt\fP.
+.IP "--ftp-pret"
+(FTP) Tell curl to send a PRET command before PASV (and EPSV). Certain FTP
servers,
+mainly drftpd, require this non-standard command for directory listings as
+well as up and downloads in PASV mode.
+
+Added in 7.20.0.
.IP "--ftp-skip-pasv-ip"
(FTP) Tell curl to not use the IP address the server suggests in its response
to curl's PASV command when curl connects the data connection. Instead curl
will re-use the same IP address it already uses for the control
-connection. (Added in 7.14.2)
+connection.
This option has no effect if PORT, EPRT or EPSV is used instead of PASV.
-.IP "--ftp-pret"
-(FTP) Tell curl to send a PRET command before PASV (and EPSV). Certain
-FTP servers, mainly drftpd, require this non-standard command for
-directory listings as well as up and downloads in PASV mode.
-(Added in 7.20.x)
+
+See also \fI--ftp-pasv\fP. Added in 7.14.2.
+.IP "--ftp-ssl-ccc-mode <active/passive>"
+(FTP) Sets the CCC mode. The passive mode will not initiate the shutdown, but
+instead wait for the server to do it, and will not reply to the shutdown from
+the server. The active mode initiates the shutdown and waits for a reply from
+the server.
+
+See also \fI--ftp-ssl-ccc\fP. Added in 7.16.2.
.IP "--ftp-ssl-ccc"
-(FTP) Use CCC (Clear Command Channel)
-Shuts down the SSL/TLS layer after authenticating. The rest of the
-control channel communication will be unencrypted. This allows
-NAT routers to follow the FTP transaction. The default mode is
-passive. See \fI--ftp-ssl-ccc-mode\fP for other modes.
-(Added in 7.16.1)
-.IP "--ftp-ssl-ccc-mode [active/passive]"
-(FTP) Use CCC (Clear Command Channel)
-Sets the CCC mode. The passive mode will not initiate the shutdown, but
-instead wait for the server to do it, and will not reply to the
-shutdown from the server. The active mode initiates the shutdown and
-waits for a reply from the server.
-(Added in 7.16.2)
+(FTP) Use CCC (Clear Command Channel) Shuts down the SSL/TLS layer after
+authenticating. The rest of the control channel communication will be
+unencrypted. This allows NAT routers to follow the FTP transaction. The
+default mode is passive.
+
+See also \fI--ssl\fP and \fI--ftp-ssl-ccc-mode\fP. Added in 7.16.1.
.IP "--ftp-ssl-control"
(FTP) Require SSL/TLS for the FTP login, clear for transfer. Allows secure
authentication, but non-encrypted data transfers for efficiency. Fails the
-transfer if the server doesn't support SSL/TLS. (Added in 7.16.0)
-that can still be used but will be removed in a future version.
-.IP "--ftp-ssl"
-(FTP) This deprecated option is now known as \fI--ssl\fP.
-.IP "--ftp-ssl-reqd"
-(FTP) This deprecated option is now known as \fI--ssl-reqd\fP.
-.IP "--form-string <name=string>"
-(HTTP) Similar to \fI--form\fP except that the value string for the named
-parameter is used literally. Leading \&'@' and \&'<' characters, and the
-\&';type=' string in the value have no special meaning. Use this in preference
-to \fI--form\fP if there's any possibility that the string value may
-accidentally trigger the \&'@' or \&'<' features of \fI--form\fP.
-.IP "-g, --globoff"
-This option switches off the "URL globbing parser". When you set this option,
-you can specify URLs that contain the letters {}[] without having them being
-interpreted by curl itself. Note that these letters are not normal legal URL
-contents but they should be encoded according to the URI standard.
+transfer if the server doesn't support SSL/TLS.
+
+Added in 7.16.0.
.IP "-G, --get"
-When used, this option will make all data specified with \fI-d, --data\fP,
-\fI--data-binary\fP or \fI--data-urlencode\fP to be used in an HTTP GET
-request instead of the POST request that otherwise would be used. The data
-will be appended to the URL with a '?' separator.
+When used, this option will make all data specified with \fI-d, --data\fP,
\fI--data-binary\fP
+or \fI--data-urlencode\fP to be used in an HTTP GET request instead of the POST
+request that otherwise would be used. The data will be appended to the URL
+with a '?' separator.
-If used in combination with -I, the POST data will instead be appended to the
-URL with a HEAD request.
+If used in combination with \fI-I, --head\fP, the POST data will instead be
appended to
+the URL with a HEAD request.
If this option is used several times, only the first one is used. This is
because undoing a GET doesn't make sense, but you should then instead enforce
the alternative method you prefer.
+.IP "-g, --globoff"
+This option switches off the "URL globbing parser". When you set this option,
+you can specify URLs that contain the letters {}[] without having them being
+interpreted by curl itself. Note that these letters are not normal legal URL
+contents but they should be encoded according to the URI standard.
+.IP "-I, --head"
+(HTTP FTP FILE) Fetch the headers only! HTTP-servers feature the command HEAD
which this uses
+to get nothing but the header of a document. When used on an FTP or FILE file,
+curl displays the file size and last modification time only.
.IP "-H, --header <header>"
-(HTTP) Extra header to include in the request when sending HTTP to a
-server. You may specify any number of extra headers. Note that if you should
-add a custom header that has the same name as one of the internal ones curl
-would use, your externally set header will be used instead of the internal
-one. This allows you to make even trickier stuff than curl would normally
-do. You should not replace internally set headers without knowing perfectly
-well what you're doing. Remove an internal header by giving a replacement
-without content on the right side of the colon, as in: -H \&"Host:". If you
-send the custom header with no-value then its header must be terminated with a
-semicolon, such as \-H \&"X-Custom-Header;" to send "X-Custom-Header:".
+(HTTP)
+Extra header to include in the request when sending HTTP to a server. You may
+specify any number of extra headers. Note that if you should add a custom
+header that has the same name as one of the internal ones curl would use, your
+externally set header will be used instead of the internal one. This allows
+you to make even trickier stuff than curl would normally do. You should not
+replace internally set headers without knowing perfectly well what you're
+doing. Remove an internal header by giving a replacement without content on
+the right side of the colon, as in: -H \&"Host:". If you send the custom
+header with no-value then its header must be terminated with a semicolon, such
+as \-H \&"X-Custom-Header;" to send "X-Custom-Header:".
curl will make sure that each header you add/replace is sent with the proper
end-of-line marker, you should thus \fBnot\fP add that as a part of the header
@@ -810,167 +860,151 @@ for you.
See also the \fI-A, --user-agent\fP and \fI-e, --referer\fP options.
-Starting in 7.37.0, you need \fI--proxy-header\fP to send custom headers
-intended for a proxy.
+Starting in 7.37.0, you need \fI--proxy-header\fP to send custom headers
intended
+for a proxy.
Example:
-\&# curl -H "X-First-Name: Joe" http://example.com/
+ curl -H "X-First-Name: Joe" http://example.com/
\fBWARNING\fP: headers set with this option will be set in all requests - even
-after redirects are followed, like when told with \fB-L, --location\fP. This
-can lead to the header being sent to other hosts than the original host, so
-sensitive headers should be used with caution combined with following
-redirects.
+after redirects are followed, like when told with \fI-L, --location\fP. This
can lead to
+the header being sent to other hosts than the original host, so sensitive
+headers should be used with caution combined with following redirects.
This option can be used multiple times to add/replace/remove multiple headers.
+.IP "-h, --help"
+Usage help. This lists all current command line options with a short
+description.
.IP "--hostpubmd5 <md5>"
-(SCP/SFTP) Pass a string containing 32 hexadecimal digits. The string should
+(SFTP SCP) Pass a string containing 32 hexadecimal digits. The string should
be the 128 bit MD5 checksum of the remote host's public key, curl will refuse
-the connection with the host unless the md5sums match. (Added in 7.17.1)
+the connection with the host unless the md5sums match.
+
+Added in 7.17.1.
+.IP "-0, --http1.0"
+(HTTP) Tells curl to use HTTP version 1.0 instead of using its internally
preferred
+HTTP version.
+
+This option overrides \fI--http1.1\fP and \fI--http2\fP.
+.IP "--http1.1"
+(HTTP) Tells curl to use HTTP version 1.1.
+
+This option overrides \fI-0, --http1.0\fP and \fI--http2\fP. Added in 7.33.0.
+.IP "--http2-prior-knowledge"
+(HTTP) Tells curl to issue its non-TLS HTTP requests using HTTP/2 without
HTTP/1.1
+Upgrade. It requires prior knowledge that the server supports HTTP/2 straight
+away. HTTPS requests will still do HTTP/2 the standard way with negotiated
+protocol version in the TLS handshake.
+
+\fI--http2-prior-knowledge\fP requires that the underlying libcurl was built
to support HTTP/2. This option overrides \fI--http1.1\fP and \fI-0,
--http1.0\fP and \fI--http2\fP. Added in 7.49.0.
+.IP "--http2"
+(HTTP) Tells curl to use HTTP version 2.
+
+See also \fI--no-alpn\fP. \fI--http2\fP requires that the underlying libcurl
was built to support HTTP/2. This option overrides \fI--http1.1\fP and \fI-0,
--http1.0\fP and \fI--http2-prior-knowledge\fP. Added in 7.33.0.
.IP "--ignore-content-length"
-For HTTP, Ignore the Content-Length header. This is particularly useful for
+(FTP HTTP) For HTTP, Ignore the Content-Length header. This is particularly
useful for
servers running Apache 1.x, which will report incorrect Content-Length for
files larger than 2 gigabytes.
For FTP (since 7.46.0), skip the RETR command to figure out the size before
downloading a file.
.IP "-i, --include"
-(HTTP) Include the HTTP-header in the output. The HTTP-header includes things
-like server-name, date of the document, HTTP-version and more...
-.IP "-I, --head"
-(HTTP/FTP/FILE)
-Fetch the HTTP-header only! HTTP-servers feature the command HEAD
-which this uses to get nothing but the header of a document. When used
-on an FTP or FILE file, curl displays the file size and last modification
-time only.
-.IP "--interface <name>"
-Perform an operation using a specified interface. You can enter interface
-name, IP address or host name. An example could look like:
-
- curl --interface eth0:1 https://www.example.com/
-
-If this option is used several times, the last one will be used.
-.IP "-j, --junk-session-cookies"
-(HTTP) When curl is told to read cookies from a given file, this option will
-make it discard all "session cookies". This will basically have the same effect
-as if a new session is started. Typical browsers always discard session
-cookies when they're closed down.
-.IP "-J, --remote-header-name"
-(HTTP) This option tells the \fI-O, --remote-name\fP option to use the
-server-specified Content-Disposition filename instead of extracting a filename
-from the URL.
-
-If the server specifies a file name and a file with that name already exists
-in the current working directory it will not be overwritten and an error will
-occur. If the server doesn't specify a file name then this option has no
-effect.
-
-There's no attempt to decode %-sequences (yet) in the provided file name, so
-this option may provide you with rather unexpected file names.
+Include the HTTP-header in the output. The HTTP-header includes things like
+server-name, date of the document, HTTP-version and more...
-\fBWARNING\fP: Exercise judicious use of this option, especially on Windows. A
-rogue server could send you the name of a DLL or other file that could possibly
-be loaded automatically by Windows or some third party software.
+See also \fI-v, --verbose\fP.
.IP "-k, --insecure"
-(SSL) This option explicitly allows curl to perform "insecure" SSL connections
-and transfers. All SSL connections are attempted to be made secure by using
-the CA certificate bundle installed by default. This makes all connections
-considered "insecure" fail unless \fI-k, --insecure\fP is used.
+(TLS) This option explicitly allows curl to perform "insecure" SSL connections
and
+transfers. All SSL connections are attempted to be made secure by using the CA
+certificate bundle installed by default. This makes all connections considered
+\&"insecure" fail unless \fI-k, --insecure\fP is used.
See this online resource for further details:
-\fBhttps://curl.haxx.se/docs/sslcerts.html\fP
-.IP "-K, --config <config file>"
-Specify which config file to read curl arguments from. The config file is a
-text file in which command line arguments can be written which then will be
-used as if they were written on the actual command line.
-
-Options and their parameters must be specified on the same config file line,
-separated by whitespace, colon, or the equals sign. Long option names can
-optionally be given in the config file without the initial double dashes and
-if so, the colon or equals characters can be used as separators. If the option
-is specified with one or two dashes, there can be no colon or equals character
-between the option and its parameter.
-
-If the parameter is to contain whitespace, the parameter must be enclosed
-within quotes. Within double quotes, the following escape sequences are
-available: \\\\, \\", \\t, \\n, \\r and \\v. A backslash preceding any other
-letter is ignored. If the first column of a config line is a '#' character,
-the rest of the line will be treated as a comment. Only write one option per
-physical line in the config file.
-
-Specify the filename to -K, --config as '-' to make curl read the file from
-stdin.
-
-Note that to be able to specify a URL in the config file, you need to specify
-it using the \fI--url\fP option, and not by simply writing the URL on its own
-line. So, it could look similar to this:
+ https://curl.haxx.se/docs/sslcerts.html
+.IP "--interface <name>"
-url = "https://curl.haxx.se/docs/";
+Perform an operation using a specified interface. You can enter interface
+name, IP address or host name. An example could look like:
-When curl is invoked, it always (unless \fI-q\fP is used) checks for a default
-config file and uses it if found. The default config file is checked for in
-the following places in this order:
+ curl --interface eth0:1 https://www.example.com/
-1) curl tries to find the "home dir": It first checks for the CURL_HOME and
-then the HOME environment variables. Failing that, it uses getpwuid() on
-Unix-like systems (which returns the home dir given the current user in your
-system). On Windows, it then checks for the APPDATA variable, or as a last
-resort the '%USERPROFILE%\\Application Data'.
+If this option is used several times, the last one will be used.
-2) On windows, if there is no _curlrc file in the home dir, it checks for one
-in the same dir the curl executable is placed. On Unix-like systems, it will
-simply try to load .curlrc from the determined home dir.
+See also \fI--dns-interface\fP.
+.IP "-4, --ipv4"
+This option tells curl to resolve names to IPv4 addresses only, and not for
+example try IPv6.
-.nf
-# --- Example file ---
-# this is a comment
-url = "example.com"
-output = "curlhere.html"
-user-agent = "superagent/1.0"
+See also \fI--http1.1\fP and \fI--http2\fP. This option overrides \fI-6,
--ipv6\fP.
+.IP "-6, --ipv6"
+This option tells curl to resolve names to IPv6 addresses only, and not for
+example try IPv4.
-# and fetch another URL too
-url = "example.com/docs/manpage.html"
--O
-referer = "http://nowhereatall.example.com/";
-# --- End of example file ---
-.fi
+See also \fI--http1.1\fP and \fI--http2\fP. This option overrides \fI-6,
--ipv6\fP.
+.IP "-j, --junk-session-cookies"
+(HTTP) When curl is told to read cookies from a given file, this option will
make it
+discard all "session cookies". This will basically have the same effect as if
+a new session is started. Typical browsers always discard session cookies when
+they're closed down.
-This option can be used multiple times to load multiple config files.
+See also \fI-b, --cookie\fP and \fI-c, --cookie-jar\fP.
.IP "--keepalive-time <seconds>"
This option sets the time a connection needs to remain idle before sending
keepalive probes and the time between individual keepalive probes. It is
currently effective on operating systems offering the TCP_KEEPIDLE and
TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This
-option has no effect if \fI--no-keepalive\fP is used. (Added in 7.18.0)
+option has no effect if \fI--no-keepalive\fP is used.
If this option is used several times, the last one will be used. If
unspecified, the option defaults to 60 seconds.
-.IP "--key <key>"
-(SSL/SSH) Private key file name. Allows you to provide your private key in this
-separate file. For SSH, if not specified, curl tries the following candidates
-in order: '~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
-If this option is used several times, the last one will be used.
+Added in 7.18.0.
.IP "--key-type <type>"
-(SSL) Private key file type. Specify which type your \fI--key\fP provided
-private key is. DER, PEM, and ENG are supported. If not specified, PEM is
-assumed.
+(TLS) Private key file type. Specify which type your \fI--key\fP provided
private key
+is. DER, PEM, and ENG are supported. If not specified, PEM is assumed.
+
+If this option is used several times, the last one will be used.
+.IP "--key <key>"
+(TLS SSH) Private key file name. Allows you to provide your private key in
this separate
+file. For SSH, if not specified, curl tries the following candidates in order:
+'~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
If this option is used several times, the last one will be used.
.IP "--krb <level>"
-(FTP) Enable Kerberos authentication and use. The level must be entered and
-should be one of 'clear', 'safe', 'confidential', or 'private'. Should you use
-a level that is not one of these, 'private' will instead be used.
+(FTP) Enable Kerberos authentication and use. The level must be entered and
should
+be one of 'clear', 'safe', 'confidential', or 'private'. Should you use a
+level that is not one of these, 'private' will instead be used.
+
+If this option is used several times, the last one will be used.
+
+\fI--krb\fP requires that the underlying libcurl was built to support Kerberos.
+.IP "--libcurl <file>"
+Append this option to any ordinary curl command line, and you will get a
+libcurl-using C source code written to the file that does the equivalent
+of what your command-line operation does!
+
+If this option is used several times, the last given file name will be
+used.
+
+Added in 7.16.1.
+.IP "--limit-rate <speed>"
+Specify the maximum transfer rate you want curl to use - for both downloads
+and uploads. This feature is useful if you have a limited pipe and you'd like
+your transfer not to use your entire bandwidth. To make it slower than it
+otherwise would be.
+
+The given speed is measured in bytes/second, unless a suffix is appended.
+Appending 'k' or 'K' will count the number as kilobytes, 'm' or M' makes it
+megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G.
-This option requires a library built with kerberos4 support. This is not
-very common. Use \fI-V, --version\fP to see if your curl supports it.
+If you also use the \fI-Y, --speed-limit\fP option, that option will take
precedence and
+might cripple the rate-limiting slightly, to help keeping the speed-limit
+logic working.
If this option is used several times, the last one will be used.
-.IP "--krb4 <level>"
-(FTP) This is the former name for \fI--krb\fP. Do not use.
.IP "-l, --list-only"
-(FTP)
+(FTP POP3) (FTP)
When listing an FTP directory, this switch forces a name-only view. This is
especially useful if the user wants to machine-parse the contents of an FTP
directory since the normal directory view doesn't use a standard look or
@@ -985,18 +1019,34 @@ When retrieving a specific email from POP3, this switch
forces a LIST command
to be performed instead of RETR. This is particularly useful if the user wants
to see if a specific message id exists on the server and what size it is.
-Note: When combined with \fI-X, --request <command>\fP, this option can be used
-to send an UIDL command instead, so the user may use the email's unique
-identifier rather than it's message id to make the request. (Added in 7.21.5)
+Note: When combined with \fI-X, --request\fP, this option can be used to send
an UIDL
+command instead, so the user may use the email's unique identifier rather than
+it's message id to make the request.
+
+Added in 7.21.5.
+.IP "--local-port <num/range>"
+Set a preferred single number or range (FROM-TO) of local port numbers to use
+for the connection(s). Note that port numbers by nature are a scarce resource
+that will be busy at times so setting this range to something too narrow might
+cause unnecessary connection setup failures.
+
+Added in 7.15.2.
+.IP "--location-trusted"
+(HTTP) Like \fI-L, --location\fP, but will allow sending the name + password
to all hosts that
+the site may redirect to. This may or may not introduce a security breach if
+the site redirects you to a site to which you'll send your authentication info
+(which is plaintext in the case of HTTP Basic authentication).
+
+See also \fI-u, --user\fP.
.IP "-L, --location"
-(HTTP/HTTPS) If the server reports that the requested page has moved to a
-different location (indicated with a Location: header and a 3XX response code),
-this option will make curl redo the request on the new place. If used together
-with \fI-i, --include\fP or \fI-I, --head\fP, headers from all requested pages
-will be shown. When authentication is used, curl only sends its credentials to
-the initial host. If a redirect takes curl to a different host, it won't be
-able to intercept the user+password. See also \fI--location-trusted\fP on how
-to change this. You can limit the amount of redirects to follow by using the
+(HTTP) If the server reports that the requested page has moved to a different
+location (indicated with a Location: header and a 3XX response code), this
+option will make curl redo the request on the new place. If used together with
+\fI-i, --include\fP or \fI-I, --head\fP, headers from all requested pages will
be shown. When
+authentication is used, curl only sends its credentials to the initial
+host. If a redirect takes curl to a different host, it won't be able to
+intercept the user+password. See also \fI--location-trusted\fP on how to change
+this. You can limit the amount of redirects to follow by using the
\fI--max-redirs\fP option.
When curl follows a redirect and the request is not a plain GET (for example
@@ -1005,84 +1055,35 @@ was 301, 302, or 303. If the response code was any
other 3xx code, curl will
re-send the following request using the same unmodified method.
You can tell curl to not change the non-GET request method to GET after a 30x
-response by using the dedicated options for that: \fI--post301\fP,
-\fI--post302\fP and \fI--post303\fP.
-.IP "--libcurl <file>"
-Append this option to any ordinary curl command line, and you will get a
-libcurl-using C source code written to the file that does the equivalent
-of what your command-line operation does!
-
-If this option is used several times, the last given file name will be
-used. (Added in 7.16.1)
-.IP "--limit-rate <speed>"
-Specify the maximum transfer rate you want curl to use - for both downloads
-and uploads. This feature is useful if you have a limited pipe and you'd like
-your transfer not to use your entire bandwidth. To make it slower than it
-otherwise would be.
-
-The given speed is measured in bytes/second, unless a suffix is appended.
-Appending 'k' or 'K' will count the number as kilobytes, 'm' or M' makes it
-megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G.
-
-If you also use the \fI-Y, --speed-limit\fP option, that option will take
-precedence and might cripple the rate-limiting slightly, to help keeping the
-speed-limit logic working.
-
-If this option is used several times, the last one will be used.
-.IP "--local-port <num>[-num]"
-Set a preferred number or range of local port numbers to use for the
-connection(s). Note that port numbers by nature are a scarce resource that
-will be busy at times so setting this range to something too narrow might
-cause unnecessary connection setup failures. (Added in 7.15.2)
-.IP "--location-trusted"
-(HTTP/HTTPS) Like \fI-L, --location\fP, but will allow sending the name +
-password to all hosts that the site may redirect to. This may or may not
-introduce a security breach if the site redirects you to a site to which
-you'll send your authentication info (which is plaintext in the case of HTTP
-Basic authentication).
-.IP "-m, --max-time <seconds>"
-Maximum time in seconds that you allow the whole operation to take. This is
-useful for preventing your batch jobs from hanging for hours due to slow
-networks or links going down. Since 7.32.0, this option accepts decimal
-values, but the actual timeout will decrease in accuracy as the specified
-timeout increases in decimal precision. See also the \fI--connect-timeout\fP
-option.
-
-If this option is used several times, the last one will be used.
+response by using the dedicated options for that: \fI--post301\fP,
\fI--post302\fP and
+\fI--post303\fP.
.IP "--login-options <options>"
-Specify the login options to use during server authentication.
+(IMAP POP3 SMTP) Specify the login options to use during server authentication.
You can use the login options to specify protocol specific options that may
be used during authentication. At present only IMAP, POP3 and SMTP support
login options. For more information about the login options please see
-RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt (Added in
-7.34.0).
+RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt
If this option is used several times, the last one will be used.
+
+Added in 7.34.0.
.IP "--mail-auth <address>"
-(SMTP) Specify a single address. This will be used to specify the
-authentication address (identity) of a submitted message that is being relayed
-to another server.
+(SMTP) Specify a single address. This will be used to specify the
authentication
+address (identity) of a submitted message that is being relayed to another
+server.
-(Added in 7.25.0)
+See also \fI--mail-rcpt\fP and \fI--mail-from\fP. Added in 7.25.0.
.IP "--mail-from <address>"
(SMTP) Specify a single address that the given mail should get sent from.
-(Added in 7.20.0)
-.IP "--max-filesize <bytes>"
-Specify the maximum size (in bytes) of a file to download. If the file
-requested is larger than this value, the transfer will not start and curl will
-return with exit code 63.
-
-\fBNOTE:\fP The file size is not always known prior to download, and for such
-files this option has no effect even if the file transfer ends up being larger
-than this given limit. This concerns both FTP and HTTP transfers.
+See also \fI--mail-rcpt\fP and \fI--mail-auth\fP. Added in 7.20.0.
.IP "--mail-rcpt <address>"
(SMTP) Specify a single address, user name or mailing list name. Repeat this
option several times to send to multiple recipients.
When performing a mail transfer, the recipient should specify a valid email
-address to send the mail to. (Added in 7.20.0)
+address to send the mail to.
When performing an address verification (VRFY command), the recipient should be
specified as the user name or user name and domain (as per Section 3.5 of
@@ -1091,13 +1092,37 @@ RFC5321). (Added in 7.34.0)
When performing a mailing list expand (EXPN command), the recipient should be
specified using the mailing list name, such as "Friends" or "London-Office".
(Added in 7.34.0)
+
+Added in 7.20.0.
+.IP "-M, --manual"
+Manual. Display the huge help text.
+.IP "--max-filesize <bytes>"
+Specify the maximum size (in bytes) of a file to download. If the file
+requested is larger than this value, the transfer will not start and curl will
+return with exit code 63.
+
+\fBNOTE:\fP The file size is not always known prior to download, and for such
+files this option has no effect even if the file transfer ends up being larger
+than this given limit. This concerns both FTP and HTTP transfers.
+
+See also \fI--limit-rate\fP.
.IP "--max-redirs <num>"
-Set maximum number of redirection-followings allowed. If \fI-L, --location\fP
-is used, this option can be used to prevent curl from following redirections
-\&"in absurdum". By default, the limit is set to 50 redirections. Set this
-option to -1 to make it limitless.
+(HTTP) Set maximum number of redirection-followings allowed. When \fI-L,
--location\fP is used,
+is used to prevent curl from following redirections \&"in absurdum". By
+default, the limit is set to 50 redirections. Set this option to -1 to make it
+unlimited.
+
+If this option is used several times, the last one will be used.
+.IP "-m, --max-time <time>"
+Maximum time in seconds that you allow the whole operation to take. This is
+useful for preventing your batch jobs from hanging for hours due to slow
+networks or links going down. Since 7.32.0, this option accepts decimal
+values, but the actual timeout will decrease in accuracy as the specified
+timeout increases in decimal precision.
If this option is used several times, the last one will be used.
+
+See also \fI--connect-timeout\fP.
.IP "--metalink"
This option can tell curl to parse and process a given URI as Metalink file
(both version 3 and 4 (RFC 5854) are supported) and make use of the mirrors
@@ -1108,21 +1133,48 @@ not stored in the local file system.
Example to use a remote Metalink file:
-\fBcurl\fP --metalink http://www.example.com/example.metalink
+ curl --metalink http://www.example.com/example.metalink
+
+To use a Metalink file in the local file system, use FILE protocol (file://):
+
+ curl --metalink file://example.metalink
+
+Please note that if FILE protocol is disabled, there is no way to use a local
+Metalink file at the time of this writing. Also note that if \fI--metalink\fP
and
+\fI-i, --include\fP are used together, --include will be ignored. This is
because
+including headers in the response will break Metalink parser and if the
+headers are included in the file described in Metalink file, hash check will
+fail.
-To use a Metalink file in the local file system, use FILE protocol
-(file://):
-\fBcurl\fP --metalink file://example.metalink
+\fI--metalink\fP requires that the underlying libcurl was built to support
metalink. Added in 7.27.0.
+.IP "--negotiate"
+(HTTP) Enables Negotiate (SPNEGO) authentication.
-Please note that if FILE protocol is disabled, there is no way to use
-a local Metalink file at the time of this writing. Also note that if
-\fI--metalink\fP and \fI--include\fP are used together, \fI--include\fP will be
-ignored. This is because including headers in the response will break
-Metalink parser and if the headers are included in the file described
-in Metalink file, hash check will fail.
+This option requires a library built with GSS-API or SSPI support. Use
+\fI-V, --version\fP to see if your curl supports GSS-API/SSPI or SPNEGO.
-(Added in 7.27.0, if built against the libmetalink library.)
+When using this option, you must also provide a fake \fI-u, --user\fP option
to activate
+the authentication code properly. Sending a '-u :' is enough as the user name
+and password from the \fI-u, --user\fP option aren't actually used.
+
+If this option is used several times, only the first one is used.
+
+See also \fI--basic\fP and \fI--ntlm\fP and \fI--anyauth\fP and
\fI--proxy-negotiate\fP.
+.IP "--netrc-file <filemame>"
+This option is similar to \fI-n, --netrc\fP, except that you provide the path
(absolute
+or relative) to the netrc file that Curl should use. You can only specify one
+netrc file per invocation. If several \fI--netrc-file\fP options are provided,
+the last one will be used.
+
+It will abide by \fI--netrc-optional\fP if specified.
+
+This option overrides \fI-n, --netrc\fP. Added in 7.21.5.
+.IP "--netrc-optional"
+Very similar to \fI-n, --netrc\fP, but this option makes the .netrc usage
\fBoptional\fP
+and not mandatory as the \fI-n, --netrc\fP option does.
+
+See also \fI--netrc-file\fP. This option overrides \fI-n, --netrc\fP.
.IP "-n, --netrc"
Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
home directory for login name and password. This is typically used for FTP on
@@ -1137,6 +1189,27 @@ to FTP to the machine host.domain.com with user name
\&'myself' and password
\&'secret' should look similar to:
.B "machine host.domain.com login myself password secret"
+.IP "-:, --next"
+Tells curl to use a separate operation for the following URL and associated
+options. This allows you to send several URL requests, each with their own
+specific options, for example, such as different user names or custom requests
+for each.
+
+\fI-:, --next\fP will reset all local options and only global ones will have
their
+values survive over to the operation following the \fI-:, --next\fP
instruction. Global
+options include \fI-v, --verbose\fP, \fI--trace\fP, \fI--trace-ascii\fP and
\fI--fail-early\fP.
+
+For example, you can do both a GET and a POST in a single command line:
+
+ curl www1.example.com --next -d postthis www2.example.com
+
+Added in 7.36.0.
+.IP "--no-alpn"
+(HTTPS) Disable the ALPN TLS extension. ALPN is enabled by default if libcurl
was built
+with an SSL library that supports ALPN. ALPN is used by a libcurl that supports
+HTTP/2 to negotiate HTTP/2 support with the server during https sessions.
+
+See also \fI--no-npn\fP and \fI--http2\fP. \fI--no-alpn\fP requires that the
underlying libcurl was built to support TLS. Added in 7.36.0.
.IP "-N, --no-buffer"
Disables the buffering of the output stream. In normal work situations, curl
will use a standard buffered output stream that will have the effect that it
@@ -1144,186 +1217,101 @@ will output the data in chunks, not necessarily
exactly when the data arrives.
Using this option will disable that buffering.
Note that this is the negated option name documented. You can thus use
-\fI--buffer\fP to enforce the buffering.
-.IP "--netrc-file"
-This option is similar to \fI--netrc\fP, except that you provide the path
-(absolute or relative) to the netrc file that Curl should use.
-You can only specify one netrc file per invocation. If several
-\fI--netrc-file\fP options are provided, only the \fBlast one\fP will be used.
-(Added in 7.21.5)
-
-This option overrides any use of \fI--netrc\fP as they are mutually exclusive.
-It will also abide by \fI--netrc-optional\fP if specified.
-
-.IP "--netrc-optional"
-Very similar to \fI--netrc\fP, but this option makes the .netrc usage
-\fBoptional\fP and not mandatory as the \fI--netrc\fP option does.
-
-.IP "--negotiate"
-(HTTP) Enables Negotiate (SPNEGO) authentication.
-
-If you want to enable Negotiate (SPNEGO) for proxy authentication, then use
-\fI--proxy-negotiate\fP.
-
-This option requires a library built with GSS-API or SSPI support. Use \fI-V,
---version\fP to see if your curl supports GSS-API/SSPI and SPNEGO.
-
-When using this option, you must also provide a fake \fI-u, --user\fP option to
-activate the authentication code properly. Sending a '-u :' is enough as the
-user name and password from the \fI-u\fP option aren't actually used.
-
-If this option is used several times, only the first one is used.
+--buffer to enforce the buffering.
.IP "--no-keepalive"
-Disables the use of keepalive messages on the TCP connection, as by default
-curl enables them.
+Disables the use of keepalive messages on the TCP connection. curl otherwis
+enables them by default.
Note that this is the negated option name documented. You can thus use
-\fI--keepalive\fP to enforce keepalive.
+--keepalive to enforce keepalive.
+.IP "--no-npn"
+(HTTPS) Disable the NPN TLS extension. NPN is enabled by default if libcurl
was built
+with an SSL library that supports NPN. NPN is used by a libcurl that supports
+HTTP/2 to negotiate HTTP/2 support with the server during https sessions.
+
+See also \fI--no-alpn\fP and \fI--http2\fP. \fI--no-npn\fP requires that the
underlying libcurl was built to support TLS. Added in 7.36.0.
.IP "--no-sessionid"
-(SSL) Disable curl's use of SSL session-ID caching. By default all transfers
-are done using the cache. Note that while nothing should ever get hurt by
+(TLS) Disable curl's use of SSL session-ID caching. By default all transfers
are
+done using the cache. Note that while nothing should ever get hurt by
attempting to reuse SSL session-IDs, there seem to be broken SSL
implementations in the wild that may require you to disable this in order for
-you to succeed. (Added in 7.16.0)
+you to succeed.
Note that this is the negated option name documented. You can thus use
-\fI--sessionid\fP to enforce session-ID caching.
+--sessionid to enforce session-ID caching.
+
+Added in 7.16.0.
.IP "--noproxy <no-proxy-list>"
Comma-separated list of hosts which do not use a proxy, if one is specified.
The only wildcard is a single * character, which matches all hosts, and
effectively disables the proxy. Each name in this list is matched as either
a domain which contains the hostname, or the hostname itself. For example,
local.com would match local.com, local.com:80, and www.local.com, but not
-www.notlocal.com. (Added in 7.19.4).
-.IP "--connect-to <host:port:connect-to-host:connect-to-port>"
-For a request to the given "host:port" pair, connect to
-"connect-to-host:connect-to-port" instead.
-This is suitable to direct the request at a specific server, e.g. at a specific
-cluster node in a cluster of servers.
-This option is only used to establish the network connection. It does NOT
-affect the hostname/port that is used for TLS/SSL (e.g. SNI, certificate
-verification) or for the application protocols.
-"host" and "port" may be the empty string, meaning "any host/port".
-"connect-to-host" and "connect-to-port" may also be the empty string,
-meaning "use the request's original host/port".
-This option can be used many times to add many connect rules.
-(Added in 7.49.0).
+www.notlocal.com.
+
+Since 7.53.0, This option overrides the environment variables that disable the
+proxy. If there's an environment variable disabling a proxy, you can set
+noproxy list to \&"" to override it.
+
+Added in 7.19.4.
+.IP "--ntlm-wb"
+(HTTP) Enables NTLM much in the style \fI--ntlm\fP does, but hand over the
authentication
+to the separate binary ntlmauth application that is executed when needed.
+
+See also \fI--ntlm\fP and \fI--proxy-ntlm\fP.
.IP "--ntlm"
-(HTTP) Enables NTLM authentication. The NTLM authentication method was
-designed by Microsoft and is used by IIS web servers. It is a proprietary
-protocol, reverse-engineered by clever people and implemented in curl based
-on their efforts. This kind of behavior should not be endorsed, you should
-encourage everyone who uses NTLM to switch to a public and documented
-authentication method instead, such as Digest.
+(HTTP) Enables NTLM authentication. The NTLM authentication method was
designed by
+Microsoft and is used by IIS web servers. It is a proprietary protocol,
+reverse-engineered by clever people and implemented in curl based on their
+efforts. This kind of behavior should not be endorsed, you should encourage
+everyone who uses NTLM to switch to a public and documented authentication
+method instead, such as Digest.
If you want to enable NTLM for your proxy authentication, then use
\fI--proxy-ntlm\fP.
-This option requires a library built with SSL support. Use
-\fI-V, --version\fP to see if your curl supports NTLM.
-
If this option is used several times, only the first one is used.
-.IP "--ntlm-wb"
-(HTTP) Enables NTLM much in the style \fI--ntlm\fP does, but hand over the
-authentication to the separate binary ntlmauth application that is executed
-when needed.
+
+See also \fI--proxy-ntlm\fP. \fI--ntlm\fP requires that the underlying libcurl
was built to support TLS. This option overrides \fI--basic\fP and
\fI--negotiated\fP and \fI--digest\fP and \fI--anyauth\fP.
+.IP "--oauth2-bearer"
+(IMAP POP3 SMTP) Specify the Bearer Token for OAUTH 2.0 server authentication.
The Bearer Token
+is used in conjunction with the user name which can be specified as part of
+the \fI--url\fP or \fI-u, --user\fP options.
+
+The Bearer Token and user name are formatted according to RFC 6750.
+
+If this option is used several times, the last one will be used.
.IP "-o, --output <file>"
Write output to <file> instead of stdout. If you are using {} or [] to fetch
multiple documents, you can use '#' followed by a number in the <file>
specifier. That variable will be replaced with the current string for the URL
being fetched. Like in:
- curl http://{one,two}.example.com -o "file_#1.txt"
+ curl http://{one,two}.example.com -o "file_#1.txt"
or use several variables like:
- curl http://{site,host}.host[1-5].com -o "#1_#2"
-
-You may use this option as many times as the number of URLs you have.
-
-See also the \fI--create-dirs\fP option to create the local directories
-dynamically. Specifying the output as '-' (a single dash) will force the
-output to be done to stdout.
-.IP "-O, --remote-name"
-Write output to a local file named like the remote file we get. (Only the file
-part of the remote file is used, the path is cut off.)
-
-The file will be saved in the current working directory. If you want the file
-saved in a different directory, make sure you change the current working
-directory before invoking curl with this option.
+ curl http://{site,host}.host[1-5].com -o "#1_#2"
-The remote file name to use for saving is extracted from the given URL, nothing
-else, and if it already exists it will be overwritten. If you want the server
-to be able to choose the file name refer to \fI-J, --remote-header-name\fP
-which can be used in addition to this option. If the server chooses a file name
-and that name already exists it will not be overwritten.
+You may use this option as many times as the number of URLs you have. For
+example, if you specify two URLs on the same command line, you can use it like
+this:
-There is no URL decoding done on the file name. If it has %20 or other URL
-encoded parts of the name, they will end up as-is as file name.
+ curl -o aa example.com -o bb example.net
-You may use this option as many times as the number of URLs you have.
-.IP "--oauth2-bearer"
-(IMAP, POP3, SMTP)
-Specify the Bearer Token for OAUTH 2.0 server authentication. The Bearer Token
-is used in conjunction with the user name which can be specified as part of the
-\fI--url\fP or \fI-u, --user\fP options.
+and the order of the -o options and the URLs doesn't matter, just that the
+first -o is for the first URL and so on, so the above command line can also be
+written as
-The Bearer Token and user name are formatted according to RFC 6750.
+ curl example.com example.net -o aa -o bb
-If this option is used several times, the last one will be used.
-.IP "--proxy-header <header>"
-(HTTP) Extra header to include in the request when sending HTTP to a
-proxy. You may specify any number of extra headers. This is the equivalent
-option to \fI-H, --header\fP but is for proxy communication only like in
-CONNECT requests when you want a separate header sent to the proxy to what is
-sent to the actual remote host.
-
-curl will make sure that each header you add/replace is sent with the proper
-end-of-line marker, you should thus \fBnot\fP add that as a part of the header
-content: do not add newlines or carriage returns, they will only mess things
-up for you.
-
-Headers specified with this option will not be included in requests that curl
-knows will not be sent to a proxy.
-
-This option can be used multiple times to add/replace/remove multiple headers.
-
-(Added in 7.37.0)
-.IP "-p, --proxytunnel"
-When an HTTP proxy is used (\fI-x, --proxy\fP), this option will cause non-HTTP
-protocols to attempt to tunnel through the proxy instead of merely using it to
-do HTTP-like operations. The tunnel approach is made with the HTTP proxy
-CONNECT request and requires that the proxy allows direct connect to the
-remote port number curl wants to tunnel through to.
-.IP "-P, --ftp-port <address>"
-(FTP) Reverses the default initiator/listener roles when connecting with
-FTP. This switch makes curl use active mode. In practice, curl then tells the
-server to connect back to the client's specified address and port, while
-passive mode asks the server to setup an IP address and port for it to connect
-to. <address> should be one of:
-.RS
-.IP interface
-i.e "eth0" to specify which interface's IP address you want to use (Unix only)
-.IP "IP address"
-i.e "192.168.10.1" to specify the exact IP address
-.IP "host name"
-i.e "my.host.domain" to specify the machine
-.IP "-"
-make curl pick the same IP address that is already used for the control
-connection
-.RE
-.IP
-If this option is used several times, the last one will be used. Disable the
-use of PORT with \fI--ftp-pasv\fP. Disable the attempt to use the EPRT command
-instead of PORT by using \fI--disable-eprt\fP. EPRT is really PORT++.
+See also the \fI--create-dirs\fP option to create the local directories
+dynamically. Specifying the output as '-' (a single dash) will force the
+output to be done to stdout.
-Starting in 7.19.5, you can append \&":[start]-[end]\&" to the right of the
-address, to tell curl what TCP port range to use. That means you specify a
-port range, from a lower to a higher number. A single number works as well,
-but do note that it increases the risk of failure since the port may not be
-available.
+See also \fI-O, --remote-name\fP and \fI--remote-name-all\fP and \fI-J,
--remote-header-name\fP.
.IP "--pass <phrase>"
-(SSL/SSH) Passphrase for the private key
+(SSH TLS) Passphrase for the private key
If this option is used several times, the last one will be used.
.IP "--path-as-is"
@@ -1331,33 +1319,116 @@ Tell curl to not handle sequences of /../ or /./ in
the given URL
path. Normally curl will squash or merge them according to standards but with
this option set you tell it not to do that.
-(Added in 7.42.0)
+Added in 7.42.0.
+.IP "--pinnedpubkey <hashes>"
+(TLS) Tells curl to use the specified public key file (or hashes) to verify the
+peer. This can be a path to a file which contains a single public key in PEM
+or DER format, or any number of base64 encoded sha256 hashes preceded by
+\'sha256//\' and separated by \';\'
+
+When negotiating a TLS or SSL connection, the server sends a certificate
+indicating its identity. A public key is extracted from this certificate and
+if it does not exactly match the public key provided to this option, curl will
+abort the connection before sending or receiving any data.
+
+PEM/DER support:
+ 7.39.0: OpenSSL, GnuTLS and GSKit
+ 7.43.0: NSS and wolfSSL/CyaSSL
+ 7.47.0: mbedtls
+ 7.49.0: PolarSSL
+sha256 support:
+ 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.
+ 7.47.0: mbedtls
+ 7.49.0: PolarSSL
+Other SSL backends not supported.
+
+If this option is used several times, the last one will be used.
.IP "--post301"
-(HTTP) Tells curl to respect RFC 7230/6.4.2 and not convert POST requests
-into GET requests when following a 301 redirection. The non-RFC behaviour is
-ubiquitous in web browsers, so curl does the conversion by default to maintain
+(HTTP) Tells curl to respect RFC 7231/6.4.2 and not convert POST requests into
GET
+requests when following a 301 redirection. The non-RFC behaviour is ubiquitous
+in web browsers, so curl does the conversion by default to maintain
consistency. However, a server may require a POST to remain a POST after such
-a redirection. This option is meaningful only when using \fI-L, --location\fP
-(Added in 7.17.1)
+a redirection. This option is meaningful only when using \fI-L, --location\fP.
+
+See also \fI--post302\fP and \fI--post303\fP and \fI-L, --location\fP. Added
in 7.17.1.
.IP "--post302"
-(HTTP) Tells curl to respect RFC 7230/6.4.3 and not convert POST requests
-into GET requests when following a 302 redirection. The non-RFC behaviour is
-ubiquitous in web browsers, so curl does the conversion by default to maintain
+(HTTP) Tells curl to respect RFC 7231/6.4.3 and not convert POST requests into
GET
+requests when following a 302 redirection. The non-RFC behaviour is ubiquitous
+in web browsers, so curl does the conversion by default to maintain
consistency. However, a server may require a POST to remain a POST after such
-a redirection. This option is meaningful only when using \fI-L, --location\fP
-(Added in 7.19.1)
+a redirection. This option is meaningful only when using \fI-L, --location\fP.
+
+See also \fI--post301\fP and \fI--post303\fP and \fI-L, --location\fP. Added
in 7.19.1.
.IP "--post303"
-(HTTP) Tells curl to respect RFC 7230/6.4.4 and not convert POST requests
-into GET requests when following a 303 redirection. The non-RFC behaviour is
-ubiquitous in web browsers, so curl does the conversion by default to maintain
+(HTTP) Tells curl to respect RFC 7231/6.4.4 and not convert POST requests into
GET
+requests when following a 303 redirection. The non-RFC behaviour is ubiquitous
+in web browsers, so curl does the conversion by default to maintain
consistency. However, a server may require a POST to remain a POST after such
-a redirection. This option is meaningful only when using \fI-L, --location\fP
-(Added in 7.26.0)
+a redirection. This option is meaningful only when using \fI-L, --location\fP.
+
+See also \fI--post302\fP and \fI--post301\fP and \fI-L, --location\fP. Added
in 7.26.0.
+.IP "--preproxy [protocol://]host[:port]"
+Use the specified proxy before connecting to the ordinary proxy. Hence pre
+proxy. A pre proxy must be a SOCKS speaking proxy.
+
+The pre proxy string should be specified with a protocol:// prefix to specify
+alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
+socks5h:// to request the specific SOCKS version to be used. No protocol
+specified will make curl default to SOCKS4.
+
+If the port number is not specified in the proxy string, it is assumed to be
+1080.
+
+User and password that might be provided in the proxy string are URL decoded
+by curl. This allows you to pass in special characters such as @ by using %40
+or pass in a colon with %3a.
+
+If this option is used several times, the last one will be used.
+
+Added in 7.52.0.
+.IP "-#, --progress-bar"
+Make curl display transfer progress as a simple progress bar instead of the
+standard, more informational, meter.
+
+This progress bar draws a single line of '#' characters across the screen and
+shows a percentage if the transfer size is known. For transfers without a
+known size, it will instead output one '#' character for every 1024 bytes
+transferred.
+.IP "--proto-default <protocol>"
+Tells curl to use \fIprotocol\fP for any URL missing a scheme name.
+
+Example:
+
+ curl --proto-default https ftp.mozilla.org
+
+An unknown or unsupported protocol causes error
+\fICURLE_UNSUPPORTED_PROTOCOL\fP (1).
+
+This option does not change the default proxy protocol (http).
+
+Without this option curl would make a guess based on the host, see \fI--url\fP
for
+details.
+
+Added in 7.45.0.
+.IP "--proto-redir <protocols>"
+Tells curl to limit what protocols it may use on redirect. Protocols denied by
+\fI--proto\fP are not overridden by this option. See --proto for how protocols
are
+represented.
+
+Example, allow only HTTP and HTTPS on redirect:
+
+ curl --proto-redir -all,http,https http://example.com
+
+By default curl will allow all protocols on redirect except several disabled
+for security reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0
+SMB and SMBS are also disabled. Specifying \fIall\fP or \fI+all\fP enables all
+protocols on redirect, including those disabled for security.
+
+Added in 7.20.2.
.IP "--proto <protocols>"
-Tells curl to use the listed protocols for its initial retrieval. Protocols
-are evaluated left to right, are comma separated, and are each a protocol
-name or 'all', optionally prefixed by zero or more modifiers. Available
-modifiers are:
+Tells curl to limit what protocols it may use in the transfer. Protocols are
+evaluated left to right, are comma separated, and are each a protocol name or
+'all', optionally prefixed by zero or more modifiers. Available modifiers are:
.RS
.TP 3
.B +
@@ -1376,16 +1447,16 @@ list.
For example:
.RS
.TP 15
-.B --proto -ftps
+.B \fI--proto\fP -ftps
uses the default protocols, but disables ftps
.TP
-.B --proto -all,https,+http
+.B \fI--proto\fP -all,https,+http
only enables http and https
.TP
-.B --proto =http,https
+.B \fI--proto\fP =http,https
also only enables http and https
.RE
-.IP
+
Unknown protocols produce a warning. This allows scripts to safely rely on
being able to disable potentially dangerous protocols, without relying upon
support for that protocol being built into curl to avoid an error.
@@ -1393,76 +1464,169 @@ support for that protocol being built into curl to
avoid an error.
This option can be used multiple times, in which case the effect is the same
as concatenating the protocols into one instance of the option.
-(Added in 7.20.2)
-.IP "--proto-default <protocol>"
-Tells curl to use \fIprotocol\fP for any URL missing a scheme name.
-
-Example:
-
-.RS
-.IP "--proto-default https ftp.mozilla.org"
-https://ftp.mozilla.org
-.RE
+See also \fI--proto-redir\fP and \fI--proto-default\fP. Added in 7.20.2.
+.IP "--proxy-anyauth"
+Tells curl to pick a suitable authentication method when communicating with
+the given HTTP proxy. This might cause an extra request/response round-trip.
-An unknown or unsupported protocol causes error
-\fICURLE_UNSUPPORTED_PROTOCOL\fP.
+See also \fI-x, --proxy\fP and \fI--proxy-basic\fP and \fI--proxy-digest\fP.
Added in 7.13.2.
+.IP "--proxy-basic"
+Tells curl to use HTTP Basic authentication when communicating with the given
+proxy. Use \fI--basic\fP for enabling HTTP Basic with a remote host. Basic is
the
+default authentication method curl uses with proxies.
-This option does not change the default proxy protocol (http).
+See also \fI-x, --proxy\fP and \fI--proxy-anyauth\fP and \fI--proxy-digest\fP.
+.IP "--proxy-cacert <file>"
+Same as \fI--cacert\fP but used in HTTPS proxy context.
-Without this option curl would make a guess based on the host, see \fI--url\fP
-for details.
+See also \fI--proxy-capath\fP and \fI--cacert\fP and \fI--capath\fP and \fI-x,
--proxy\fP. Added in 7.52.0.
+.IP "--proxy-capath <dir>"
+Same as \fI--capath\fP but used in HTTPS proxy context.
-(Added in 7.45.0)
-.IP "--proto-redir <protocols>"
-Tells curl to use the listed protocols on redirect. See --proto for how
-protocols are represented.
+See also \fI--proxy-cacert\fP and \fI-x, --proxy\fP and \fI--capath\fP. Added
in 7.52.0.
+.IP "--proxy-cert-type <type>"
+Same as \fI--cert-type\fP but used in HTTPS proxy context.
-Example:
+Added in 7.52.0.
+.IP "--proxy-cert <cert[:passwd]>"
+Same as \fI-E, --cert\fP but used in HTTPS proxy context.
-.RS
-.IP "--proto-redir -all,http,https"
-Allow only HTTP and HTTPS on redirect.
-.RE
+Added in 7.52.0.
+.IP "--proxy-ciphers <list>"
+Same as \fI--ciphers\fP but used in HTTPS proxy context.
-By default curl will allow all protocols on redirect except several disabled
-for security reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0
-SMB and SMBS are also disabled. Specifying \fIall\fP or \fI+all\fP enables all
-protocols on redirect, including those disabled for security.
+Added in 7.52.0.
+.IP "--proxy-crlfile <file>"
+Same as \fI--crlfile\fP but used in HTTPS proxy context.
-(Added in 7.20.2)
-.IP "--proxy-anyauth"
-Tells curl to pick a suitable authentication method when communicating with
-the given proxy. This might cause an extra request/response round-trip. (Added
-in 7.13.2)
-.IP "--proxy-basic"
-Tells curl to use HTTP Basic authentication when communicating with the given
-proxy. Use \fI--basic\fP for enabling HTTP Basic with a remote host. Basic is
-the default authentication method curl uses with proxies.
+Added in 7.52.0.
.IP "--proxy-digest"
Tells curl to use HTTP Digest authentication when communicating with the given
proxy. Use \fI--digest\fP for enabling HTTP Digest with a remote host.
+
+See also \fI-x, --proxy\fP and \fI--proxy-anyauth\fP and \fI--proxy-basic\fP.
+.IP "--proxy-header <header>"
+(HTTP) Extra header to include in the request when sending HTTP to a proxy.
You may
+specify any number of extra headers. This is the equivalent option to \fI-H,
--header\fP
+but is for proxy communication only like in CONNECT requests when you want a
+separate header sent to the proxy to what is sent to the actual remote host.
+
+curl will make sure that each header you add/replace is sent with the proper
+end-of-line marker, you should thus \fBnot\fP add that as a part of the header
+content: do not add newlines or carriage returns, they will only mess things
+up for you.
+
+Headers specified with this option will not be included in requests that curl
+knows will not be sent to a proxy.
+
+This option can be used multiple times to add/replace/remove multiple headers.
+
+Added in 7.37.0.
+.IP "--proxy-insecure"
+Same as \fI-k, --insecure\fP but used in HTTPS proxy context.
+
+Added in 7.52.0.
+.IP "--proxy-key-type <type>"
+Same as \fI--key-type\fP but used in HTTPS proxy context.
+
+Added in 7.52.0.
+.IP "--proxy-key <key>"
+Same as \fI--key\fP but used in HTTPS proxy context.
.IP "--proxy-negotiate"
Tells curl to use HTTP Negotiate (SPNEGO) authentication when communicating
with the given proxy. Use \fI--negotiate\fP for enabling HTTP Negotiate
(SPNEGO)
-with a remote host. (Added in 7.17.1)
+with a remote host.
+
+See also \fI--proxy-anyauth\fP and \fI--proxy-basic\fP. Added in 7.17.1.
.IP "--proxy-ntlm"
Tells curl to use HTTP NTLM authentication when communicating with the given
proxy. Use \fI--ntlm\fP for enabling NTLM with a remote host.
-.IP "--proxy-service-name <servicename>"
+
+See also \fI--proxy-negotiate\fP and \fI--proxy-anyauth\fP.
+.IP "--proxy-pass <phrase>"
+Same as \fI--pass\fP but used in HTTPS proxy context.
+
+Added in 7.52.0.
+.IP "--proxy-service-name <name>"
This option allows you to change the service name for proxy negotiation.
-Examples: --proxy-negotiate proxy-name \fI--proxy-service-name\fP sockd would
use
-sockd/proxy-name. (Added in 7.43.0).
-.IP "--proxy1.0 <proxyhost[:port]>"
+Added in 7.43.0.
+.IP "--proxy-ssl-allow-beast"
+Same as \fI--ssl-allow-beast\fP but used in HTTPS proxy context.
+
+Added in 7.52.0.
+.IP "--proxy-tlsauthtype <type>"
+Same as \fI--tlsauthtype\fP but used in HTTPS proxy context.
+
+Added in 7.52.0.
+.IP "--proxy-tlspassword <string>"
+Same as \fI--tlspassword\fP but used in HTTPS proxy context.
+
+Added in 7.52.0.
+.IP "--proxy-tlsuser <name>"
+Same as \fI--tlsuser\fP but used in HTTPS proxy context.
+
+Added in 7.52.0.
+.IP "--proxy-tlsv1"
+Same as \fI-1, --tlsv1\fP but used in HTTPS proxy context.
+
+Added in 7.52.0.
+.IP "-U, --proxy-user <user:password>"
+Specify the user name and password to use for proxy authentication.
+
+If you use a Windows SSPI-enabled curl binary and do either Negotiate or NTLM
+authentication then you can tell curl to select the user name and password
+from your environment by specifying a single colon with this option: "-U :".
+
+If this option is used several times, the last one will be used.
+.IP "-x, --proxy [protocol://]host[:port]"
+Use the specified proxy.
+
+The proxy string can be specified with a protocol:// prefix to specify
+alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
+socks5h:// to request the specific SOCKS version to be used. No protocol
+specified, http:// and all others will be treated as HTTP proxies. (The
+protocol support was added in curl 7.21.7)
+
+If the port number is not specified in the proxy string, it is assumed to be
+1080.
+
+This option overrides existing environment variables that set the proxy to
+use. If there's an environment variable setting a proxy, you can set proxy to
+\&"" to override it.
+
+All operations that are performed over an HTTP proxy will transparently be
+converted to HTTP. It means that certain protocol specific operations might
+not be available. This is not the case if you can tunnel through the proxy, as
+one with the \fI-p, --proxytunnel\fP option.
+
+User and password that might be provided in the proxy string are URL decoded
+by curl. This allows you to pass in special characters such as @ by using %40
+or pass in a colon with %3a.
+
+The proxy host can be specified the exact same way as the proxy environment
+variables, including the protocol prefix (http://) and the embedded user +
+password.
+
+If this option is used several times, the last one will be used.
+.IP "--proxy1.0 <host[:port]>"
Use the specified HTTP 1.0 proxy. If the port number is not specified, it is
assumed at port 1080.
-The only difference between this and the HTTP proxy option (\fI-x, --proxy\fP),
-is that attempts to use CONNECT through the proxy will specify an HTTP 1.0
-protocol instead of the default HTTP 1.1.
+The only difference between this and the HTTP proxy option \fI-x, --proxy\fP,
is that
+attempts to use CONNECT through the proxy will specify an HTTP 1.0 protocol
+instead of the default HTTP 1.1.
+.IP "-p, --proxytunnel"
+When an HTTP proxy is used \fI-x, --proxy\fP, this option will cause non-HTTP
protocols
+to attempt to tunnel through the proxy instead of merely using it to do
+HTTP-like operations. The tunnel approach is made with the HTTP proxy CONNECT
+request and requires that the proxy allows direct connect to the remote port
+number curl wants to tunnel through to.
+
+See also \fI-x, --proxy\fP.
.IP "--pubkey <key>"
-(SSH) Public key file name. Allows you to provide your public key in this
-separate file.
+(SFTP SCP) Public key file name. Allows you to provide your public key in this
separate
+file.
If this option is used several times, the last one will be used.
@@ -1470,24 +1634,23 @@ If this option is used several times, the last one will
be used.
private key file, so passing this option is generally not required. Note that
this public key extraction requires libcurl to be linked against a copy of
libssh2 1.2.8 or higher that is itself linked against OpenSSL.)
-.IP "-q, --disable"
-If used as the first parameter on the command line, the \fIcurlrc\fP config
-file will not be read and used. See the \fI-K, --config\fP for details on the
-default config file search path.
-.IP "-Q, --quote <command>"
-(FTP/SFTP) Send an arbitrary command to the remote FTP or SFTP server. Quote
-commands are sent BEFORE the transfer takes place (just after the initial PWD
-command in an FTP transfer, to be exact). To make commands take place after a
-successful transfer, prefix them with a dash '-'. To make commands be sent
-after curl has changed the working directory, just before the transfer
-command(s), prefix the command with a '+' (this is only supported for
-FTP). You may specify any number of commands. If the server returns failure
-for one of the commands, the entire operation will be aborted. You must send
-syntactically correct FTP commands as RFC 959 defines to FTP servers, or one
-of the commands listed below to SFTP servers. This option can be used
-multiple times. When speaking to an FTP server, prefix the command with an
-asterisk (*) to make curl continue even if the command fails as by default
-curl will stop at first failure.
+.IP "-Q, --quote"
+(FTP SFTP)
+Send an arbitrary command to the remote FTP or SFTP server. Quote commands are
+sent BEFORE the transfer takes place (just after the initial PWD command in an
+FTP transfer, to be exact). To make commands take place after a successful
+transfer, prefix them with a dash '-'. To make commands be sent after curl
+has changed the working directory, just before the transfer command(s), prefix
+the command with a '+' (this is only supported for FTP). You may specify any
+number of commands.
+
+If the server returns failure for one of the commands, the entire operation
+will be aborted. You must send syntactically correct FTP commands as RFC 959
+defines to FTP servers, or one of the commands listed below to SFTP servers.
+
+This option can be used multiple times. When speaking to an FTP server, prefix
+the command with an asterisk (*) to make curl continue even if the command
+fails as by default curl will stop at first failure.
SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands
itself before sending them to the server. File names may be quoted
@@ -1523,10 +1686,13 @@ operand, provided it is empty.
.IP "symlink source_file target_file"
See ln.
.RE
+.IP "--random-file <file>"
+Specify the path name to file containing what will be considered as random
+data. The data may be used to seed the random engine for SSL connections. See
+also the \fI--egd-file\fP option.
.IP "-r, --range <range>"
-(HTTP/FTP/SFTP/FILE) Retrieve a byte range (i.e a partial document) from a
-HTTP/1.1, FTP or SFTP server or a local FILE. Ranges can be specified
-in a number of ways.
+(HTTP FTP SFTP FILE) Retrieve a byte range (i.e a partial document) from a
HTTP/1.1, FTP or SFTP
+server or a local FILE. Ranges can be specified in a number of ways.
.RS
.TP 10
.B 0-499
@@ -1565,22 +1731,100 @@ FTP and SFTP range downloads only support the simple
'start-stop' syntax
FTP command SIZE.
If this option is used several times, the last one will be used.
-.IP "-R, --remote-time"
-When used, this will make curl attempt to figure out the timestamp of the
-remote file, and if that is available make the local file get that same
-timestamp.
-.IP "--random-file <file>"
-(SSL) Specify the path name to file containing what will be considered as
-random data. The data is used to seed the random engine for SSL connections.
-See also the \fI--egd-file\fP option.
.IP "--raw"
(HTTP) When used, it disables all internal HTTP decoding of content or transfer
-encodings and instead makes them passed on unaltered, raw. (Added in 7.16.2)
+encodings and instead makes them passed on unaltered, raw.
+
+Added in 7.16.2.
+.IP "-e, --referer <URL>"
+(HTTP) Sends the "Referrer Page" information to the HTTP server. This can also
be set
+with the \fI-H, --header\fP flag of course. When used with \fI-L,
--location\fP you can append
+";auto" to the \fI-e, --referer\fP URL to make curl automatically set the
previous URL
+when it follows a Location: header. The \&";auto" string can be used alone,
+even if you don't set an initial \fI-e, --referer\fP.
+
+If this option is used several times, the last one will be used.
+
+See also \fI-A, --user-agent\fP and \fI-H, --header\fP.
+.IP "-J, --remote-header-name"
+(HTTP) This option tells the \fI-O, --remote-name\fP option to use the
server-specified
+Content-Disposition filename instead of extracting a filename from the URL.
+
+If the server specifies a file name and a file with that name already exists
+in the current working directory it will not be overwritten and an error will
+occur. If the server doesn't specify a file name then this option has no
+effect.
+
+There's no attempt to decode %-sequences (yet) in the provided file name, so
+this option may provide you with rather unexpected file names.
+
+\fBWARNING\fP: Exercise judicious use of this option, especially on Windows. A
+rogue server could send you the name of a DLL or other file that could possibly
+be loaded automatically by Windows or some third party software.
.IP "--remote-name-all"
This option changes the default action for all given URLs to be dealt with as
-if \fI-O, --remote-name\fP were used for each one. So if you want to disable
-that for a specific URL after \fI--remote-name-all\fP has been used, you must
-use "-o -" or \fI--no-remote-name\fP. (Added in 7.19.0)
+if \fI-O, --remote-name\fP were used for each one. So if you want to disable
that for a
+specific URL after \fI--remote-name-all\fP has been used, you must use "-o -"
or
+--no-remote-name.
+
+Added in 7.19.0.
+.IP "-O, --remote-name"
+Write output to a local file named like the remote file we get. (Only the file
+part of the remote file is used, the path is cut off.)
+
+The file will be saved in the current working directory. If you want the file
+saved in a different directory, make sure you change the current working
+directory before invoking curl with this option.
+
+The remote file name to use for saving is extracted from the given URL,
+nothing else, and if it already exists it will be overwritten. If you want the
+server to be able to choose the file name refer to \fI-J,
--remote-header-name\fP which
+can be used in addition to this option. If the server chooses a file name and
+that name already exists it will not be overwritten.
+
+There is no URL decoding done on the file name. If it has %20 or other URL
+encoded parts of the name, they will end up as-is as file name.
+
+You may use this option as many times as the number of URLs you have.
+.IP "-R, --remote-time"
+When used, this will make curl attempt to figure out the timestamp of the
+remote file, and if that is available make the local file get that same
+timestamp.
+.IP "-X, --request <command>"
+(HTTP) Specifies a custom request method to use when communicating with the
+HTTP server. The specified request method will be used instead of the method
+otherwise used (which defaults to GET). Read the HTTP 1.1 specification for
+details and explanations. Common additional HTTP requests include PUT and
+DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and
+more.
+
+Normally you don't need this option. All sorts of GET, HEAD, POST and PUT
+requests are rather invoked by using dedicated command line options.
+
+This option only changes the actual word used in the HTTP request, it does not
+alter the way curl behaves. So for example if you want to make a proper HEAD
+request, using -X HEAD will not suffice. You need to use the \fI-I, --head\fP
option.
+
+The method string you set with \fI-X, --request\fP will be used for all
requests, which
+if you for example use \fI-L, --location\fP may cause unintended side-effects
when curl
+doesn't change request method according to the HTTP 30x response codes - and
+similar.
+
+(FTP)
+Specifies a custom FTP command to use instead of LIST when doing file lists
+with FTP.
+
+(POP3)
+Specifies a custom POP3 command to use instead of LIST or RETR. (Added in
+7.26.0)
+
+(IMAP)
+Specifies a custom IMAP command to use instead of LIST. (Added in 7.30.0)
+
+(SMTP)
+Specifies a custom SMTP command to use instead of HELP or VRFY. (Added in
7.34.0)
+
+If this option is used several times, the last one will be used.
.IP "--resolve <host:port:address>"
Provide a custom address for a specific host and port pair. Using this, you
can make the curl requests(s) use a specified address and prevent the
@@ -1590,160 +1834,334 @@ the number used for the specific protocol the host
will be used for. It means
you need several entries if you want to provide address for the same host but
different ports.
-The provided address set by this option will be used even if \fI-4, --ipv4\fP
-or \fI-6, --ipv6\fP is set to make curl use another IP version.
+The provided address set by this option will be used even if \fI-4, --ipv4\fP
or \fI-6, --ipv6\fP
+is set to make curl use another IP version.
This option can be used many times to add many host names to resolve.
-(Added in 7.21.3)
-.IP "--retry <num>"
-If a transient error is returned when curl tries to perform a transfer, it
-will retry this number of times before giving up. Setting the number to 0
-makes curl do no retries (which is the default). Transient error means either:
-a timeout, an FTP 4xx response code or an HTTP 5xx response code.
-
-When curl is about to retry a transfer, it will first wait one second and then
-for all forthcoming retries it will double the waiting time until it reaches
-10 minutes which then will be the delay between the rest of the retries. By
-using \fI--retry-delay\fP you disable this exponential backoff algorithm. See
-also \fI--retry-max-time\fP to limit the total time allowed for
-retries. (Added in 7.12.3)
+Added in 7.21.3.
+.IP "--retry-connrefused"
+In addition to the other conditions, consider ECONNREFUSED as a transient
+error too for \fI--retry\fP. This option is used together with --retry.
-If this option is used several times, the last one will be used.
+Added in 7.52.0.
.IP "--retry-delay <seconds>"
Make curl sleep this amount of time before each retry when a transfer has
failed with a transient error (it changes the default backoff time algorithm
between retries). This option is only interesting if \fI--retry\fP is also
used. Setting this delay to zero will make curl use the default backoff time.
-(Added in 7.12.3)
If this option is used several times, the last one will be used.
+
+Added in 7.12.3.
.IP "--retry-max-time <seconds>"
The retry timer is reset before the first transfer attempt. Retries will be
-done as usual (see \fI--retry\fP) as long as the timer hasn't reached this
-given limit. Notice that if the timer hasn't reached the limit, the request
-will be made and while performing, it may take longer than this given time
-period. To limit a single request\'s maximum time, use \fI-m, --max-time\fP.
-Set this option to zero to not timeout retries. (Added in 7.12.3)
+done as usual (see \fI--retry\fP) as long as the timer hasn't reached this
given
+limit. Notice that if the timer hasn't reached the limit, the request will be
+made and while performing, it may take longer than this given time period. To
+limit a single request\'s maximum time, use \fI-m, --max-time\fP. Set this
option to
+zero to not timeout retries.
If this option is used several times, the last one will be used.
-.IP "-s, --silent"
-Silent or quiet mode. Don't show progress meter or error messages. Makes Curl
-mute. It will still output the data you ask for, potentially even to the
-terminal/stdout unless you redirect it.
+
+Added in 7.12.3.
+.IP "--retry <num>"
+If a transient error is returned when curl tries to perform a transfer, it
+will retry this number of times before giving up. Setting the number to 0
+makes curl do no retries (which is the default). Transient error means either:
+a timeout, an FTP 4xx response code or an HTTP 5xx response code.
+
+When curl is about to retry a transfer, it will first wait one second and then
+for all forthcoming retries it will double the waiting time until it reaches
+10 minutes which then will be the delay between the rest of the retries. By
+using \fI--retry-delay\fP you disable this exponential backoff algorithm. See
also
+\fI--retry-max-time\fP to limit the total time allowed for retries.
+
+If this option is used several times, the last one will be used.
+
+Added in 7.12.3.
.IP "--sasl-ir"
Enable initial response in SASL authentication.
-(Added in 7.31.0)
-.IP "--service-name <servicename>"
+
+Added in 7.31.0.
+.IP "--service-name <name>"
This option allows you to change the service name for SPNEGO.
-Examples: --negotiate \fI--service-name\fP sockd would use
-sockd/server-name. (Added in 7.43.0).
+Examples: \fI--negotiate\fP \fI--service-name\fP sockd would use
sockd/server-name.
+
+Added in 7.43.0.
.IP "-S, --show-error"
-When used with \fI-s\fP it makes curl show an error message if it fails.
-.IP "--ssl"
-(FTP, POP3, IMAP, SMTP) Try to use SSL/TLS for the connection. Reverts to a
-non-secure connection if the server doesn't support SSL/TLS. See also
-\fI--ftp-ssl-control\fP and \fI--ssl-reqd\fP for different levels of
-encryption required. (Added in 7.20.0)
+When used with \fI-s, --silent\fP, it makes curl show an error message if it
fails.
+.IP "-s, --silent"
+Silent or quiet mode. Don't show progress meter or error messages. Makes Curl
+mute. It will still output the data you ask for, potentially even to the
+terminal/stdout unless you redirect it.
-This option was formerly known as \fI--ftp-ssl\fP (Added in 7.11.0). That
-option name can still be used but will be removed in a future version.
-.IP "--ssl-reqd"
-(FTP, POP3, IMAP, SMTP) Require SSL/TLS for the connection. Terminates the
-connection if the server doesn't support SSL/TLS. (Added in 7.20.0)
+Use \fI-S, --show-error\fP in addition to this option to disable progress
meter but
+still show error messages.
-This option was formerly known as \fI--ftp-ssl-reqd\fP.
-.IP "--ssl-allow-beast"
-(SSL) This option tells curl to not work around a security flaw in the SSL3
-and TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer
-may use workarounds known to cause interoperability problems with some older
-SSL implementations. WARNING: this option loosens the SSL security, and by
-using this flag you ask for exactly that. (Added in 7.25.0)
-.IP "--ssl-no-revoke"
-(WinSSL) This option tells curl to disable certificate revocation checks.
-WARNING: this option loosens the SSL security, and by using this flag you ask
-for exactly that. (Added in 7.44.0)
+See also \fI-v, --verbose\fP and \fI--stderr\fP.
.IP "--socks4 <host[:port]>"
Use the specified SOCKS4 proxy. If the port number is not specified, it is
-assumed at port 1080. (Added in 7.15.2)
+assumed at port 1080.
-This option overrides any previous use of \fI-x, --proxy\fP, as they are
-mutually exclusive.
+This option overrides any previous use of \fI-x, --proxy\fP, as they are
mutually
+exclusive.
Since 7.21.7, this option is superfluous since you can specify a socks4 proxy
with \fI-x, --proxy\fP using a socks4:// protocol prefix.
If this option is used several times, the last one will be used.
+
+Added in 7.15.2.
.IP "--socks4a <host[:port]>"
Use the specified SOCKS4a proxy. If the port number is not specified, it is
-assumed at port 1080. (Added in 7.18.0)
+assumed at port 1080.
-This option overrides any previous use of \fI-x, --proxy\fP, as they are
-mutually exclusive.
+This option overrides any previous use of \fI-x, --proxy\fP, as they are
mutually
+exclusive.
Since 7.21.7, this option is superfluous since you can specify a socks4a proxy
with \fI-x, --proxy\fP using a socks4a:// protocol prefix.
If this option is used several times, the last one will be used.
+
+Added in 7.18.0.
+.IP "--socks5-gssapi-nec"
+As part of the GSS-API negotiation a protection mode is negotiated. RFC 1961
+says in section 4.3/4.4 it should be protected, but the NEC reference
+implementation does not. The option \fI--socks5-gssapi-nec\fP allows the
+unprotected exchange of the protection mode negotiation.
+
+Added in 7.19.4.
+.IP "--socks5-gssapi-service <name>"
+The default service name for a socks server is rcmd/server-fqdn. This option
+allows you to change it.
+
+Examples: \fI--socks5\fP proxy-name \fI--socks5-gssapi-service\fP sockd would
use
+sockd/proxy-name \fI--socks5\fP proxy-name \fI--socks5-gssapi-service\fP
sockd/real-name
+would use sockd/real-name for cases where the proxy-name does not match the
+principal name.
+
+Added in 7.19.4.
.IP "--socks5-hostname <host[:port]>"
Use the specified SOCKS5 proxy (and let the proxy resolve the host name). If
-the port number is not specified, it is assumed at port 1080. (Added in
-7.18.0)
+the port number is not specified, it is assumed at port 1080.
-This option overrides any previous use of \fI-x, --proxy\fP, as they are
-mutually exclusive.
+This option overrides any previous use of \fI-x, --proxy\fP, as they are
mutually
+exclusive.
Since 7.21.7, this option is superfluous since you can specify a socks5
hostname proxy with \fI-x, --proxy\fP using a socks5h:// protocol prefix.
-If this option is used several times, the last one will be used. (This option
-was previously wrongly documented and used as --socks without the number
-appended.)
+If this option is used several times, the last one will be used.
+
+Added in 7.18.0.
.IP "--socks5 <host[:port]>"
Use the specified SOCKS5 proxy - but resolve the host name locally. If the
port number is not specified, it is assumed at port 1080.
-This option overrides any previous use of \fI-x, --proxy\fP, as they are
-mutually exclusive.
+This option overrides any previous use of \fI-x, --proxy\fP, as they are
mutually
+exclusive.
Since 7.21.7, this option is superfluous since you can specify a socks5 proxy
with \fI-x, --proxy\fP using a socks5:// protocol prefix.
-If this option is used several times, the last one will be used. (This option
-was previously wrongly documented and used as --socks without the number
-appended.)
+If this option is used several times, the last one will be used.
This option (as well as \fI--socks4\fP) does not work with IPV6, FTPS or LDAP.
-.IP "--socks5-gssapi-service <servicename>"
-The default service name for a socks server is rcmd/server-fqdn. This option
-allows you to change it.
-Examples: --socks5 proxy-name \fI--socks5-gssapi-service\fP sockd would use
-sockd/proxy-name --socks5 proxy-name \fI--socks5-gssapi-service\fP
-sockd/real-name would use sockd/real-name for cases where the proxy-name does
-not match the principal name. (Added in 7.19.4).
-.IP "--socks5-gssapi-nec"
-As part of the GSS-API negotiation a protection mode is negotiated. RFC 1961
-says in section 4.3/4.4 it should be protected, but the NEC reference
-implementation does not. The option \fI--socks5-gssapi-nec\fP allows the
-unprotected exchange of the protection mode negotiation. (Added in 7.19.4).
-.IP "--stderr <file>"
+Added in 7.18.0.
+.IP "-Y, --speed-limit <speed>"
+If a download is slower than this given speed (in bytes per second) for
+speed-time seconds it gets aborted. speed-time is set with \fI-y,
--speed-time\fP and is
+30 if not set.
+
+If this option is used several times, the last one will be used.
+.IP "-y, --speed-time <seconds>"
+If a download is slower than speed-limit bytes per second during a speed-time
+period, the download gets aborted. If speed-time is used, the default
+speed-limit will be 1 unless set with \fI-Y, --speed-limit\fP.
+
+This option controls transfers and thus will not affect slow connects etc. If
+this is a concern for you, try the \fI--connect-timeout\fP option.
+
+If this option is used several times, the last one will be used.
+.IP "--ssl-allow-beast"
+This option tells curl to not work around a security flaw in the SSL3 and
+TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer may
+use workarounds known to cause interoperability problems with some older SSL
+implementations. WARNING: this option loosens the SSL security, and by using
+this flag you ask for exactly that.
+
+Added in 7.25.0.
+.IP "--ssl-no-revoke"
+(WinSSL) This option tells curl to disable certificate revocation checks.
+WARNING: this option loosens the SSL security, and by using this flag you ask
+for exactly that.
+
+Added in 7.44.0.
+.IP "--ssl-reqd"
+(FTP IMAP POP3 SMTP) Require SSL/TLS for the connection. Terminates the
connection if the server
+doesn't support SSL/TLS.
+
+This option was formerly known as --ftp-ssl-reqd.
+
+Added in 7.20.0.
+.IP "--ssl"
+(FTP IMAP POP3 SMTP)
+Try to use SSL/TLS for the connection. Reverts to a non-secure connection if
+the server doesn't support SSL/TLS. See also \fI--ftp-ssl-control\fP and
\fI--ssl-reqd\fP
+for different levels of encryption required.
+
+This option was formerly known as --ftp-ssl (Added in 7.11.0). That option
+name can still be used but will be removed in a future version.
+
+Added in 7.20.0.
+.IP "-2, --sslv2"
+(SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL
+server. Sometimes curl is built without SSLv2 support. SSLv2 is widely
+considered insecure (see RFC 6176).
+
+See also \fI--http1.1\fP and \fI--http2\fP. \fI-2, --sslv2\fP requires that
the underlying libcurl was built to support TLS. This option overrides \fI-3,
--sslv3\fP and \fI-1, --tlsv1\fP and \fI--tlsv1.1\fP and \fI--tlsv1.2\fP.
+.IP "-3, --sslv3"
+(SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL
+server. Sometimes curl is built without SSLv3 support. SSLv3 is widely
+considered insecure (see RFC 7568).
+
+See also \fI--http1.1\fP and \fI--http2\fP. \fI-3, --sslv3\fP requires that
the underlying libcurl was built to support TLS. This option overrides \fI-2,
--sslv2\fP and \fI-1, --tlsv1\fP and \fI--tlsv1.1\fP and \fI--tlsv1.2\fP.
+.IP "--stderr"
Redirect all writes to stderr to the specified file instead. If the file name
is a plain '-', it is instead written to stdout.
-If this option is used several times, the last one will be used.
-.IP "-t, --telnet-option <OPT=val>"
-Pass options to the telnet protocol. Supported options are:
+If this option is used several times, the last one will be used.
+
+See also \fI-v, --verbose\fP and \fI-s, --silent\fP.
+.IP "--tcp-fastopen"
+Enable use of TCP Fast Open (RFC7413).
+
+Added in 7.49.0.
+.IP "--tcp-nodelay"
+Turn on the TCP_NODELAY option. See the \fIcurl_easy_setopt(3)\fP man page for
+details about this option.
+
+Since 7.50.2, curl sets this option by default and you need to explictitly
+switch it off if you don't want it on.
+
+Added in 7.11.2.
+.IP "-t, --telnet-option <opt=val>"
+Pass options to the telnet protocol. Supported options are:
+
+TTYPE=<term> Sets the terminal type.
+
+XDISPLOC=<X display> Sets the X display location.
+
+NEW_ENV=<var,val> Sets an environment variable.
+.IP "--tftp-blksize <value>"
+(TFTP) Set TFTP BLKSIZE option (must be >512). This is the block size that
curl will
+try to use when transferring data to or from a TFTP server. By default 512
+bytes will be used.
+
+If this option is used several times, the last one will be used.
+
+Added in 7.20.0.
+.IP "--tftp-no-options"
+(TFTP) Tells curl not to send TFTP options requests.
+
+This option improves interop with some legacy servers that do not acknowledge
+or properly implement TFTP options. When this option is used
\fI--tftp-blksize\fP is
+ignored.
+
+Added in 7.48.0.
+.IP "-z, --time-cond <time>"
+(HTTP FTP) Request a file that has been modified later than the given time and
date, or
+one that has been modified before that time. The <date expression> can be all
+sorts of date strings or if it doesn't match any internal ones, it is taken as
+a filename and tries to get the modification date (mtime) from <file>
+instead. See the \fIcurl_getdate(3)\fP man pages for date expression details.
+
+Start the date expression with a dash (-) to make it request for a document
+that is older than the given date/time, default is a document that is newer
+than the specified date/time.
+
+If this option is used several times, the last one will be used.
+.IP "--tlsauthtype <type>"
+Set TLS authentication type. Currently, the only supported option is "SRP",
+for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are
specified but
+\fI--tlsauthtype\fP is not, then this option defaults to "SRP".
+
+Added in 7.21.4.
+.IP "--tlspassword"
+Set password for use with the TLS authentication method specified with
+\fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set.
+
+Added in 7.21.4.
+.IP "--tlsuser <name>"
+Set username for use with the TLS authentication method specified with
+\fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also is set.
+
+Added in 7.21.4.
+.IP "--tlsv1.0"
+(TLS) Forces curl to use TLS version 1.0 when connecting to a remote TLS
server.
+
+Added in 7.34.0.
+.IP "--tlsv1.1"
+(TLS) Forces curl to use TLS version 1.1 when connecting to a remote TLS
server.
+
+Added in 7.34.0.
+.IP "--tlsv1.2"
+(TLS) Forces curl to use TLS version 1.2 when connecting to a remote TLS
server.
+
+Added in 7.34.0.
+.IP "--tlsv1.3"
+(TLS) Forces curl to use TLS version 1.3 when connecting to a remote TLS
server.
+
+Note that TLS 1.3 is only supported by a subset of TLS backends. At the time
+of writing this, those are BoringSSL and NSS only.
+
+Added in 7.52.0.
+.IP "-1, --tlsv1"
+(SSL) Tells curl to use TLS version 1.x when negotiating with a remote TLS
+server. That means TLS version 1.0, 1.1 or 1.2.
+
+See also \fI--http1.1\fP and \fI--http2\fP. \fI-1, --tlsv1\fP requires that
the underlying libcurl was built to support TLS. This option overrides
\fI--tlsv1.1\fP and \fI--tlsv1.2\fP and \fI--tlsv1.3\fP.
+.IP "--tr-encoding"
+(HTTP) Request a compressed Transfer-Encoding response using one of the
algorithms
+curl supports, and uncompress the data while receiving it.
+
+Added in 7.21.6.
+.IP "--trace-ascii <file>"
+Enables a full trace dump of all incoming and outgoing data, including
+descriptive information, to the given output file. Use "-" as filename to have
+the output sent to stdout.
+
+This is very similar to \fI--trace\fP, but leaves out the hex part and only
shows
+the ASCII part of the dump. It makes smaller output that might be easier to
+read for untrained humans.
+
+If this option is used several times, the last one will be used.
+
+This option overrides \fI--trace\fP and \fI-v, --verbose\fP.
+.IP "--trace-time"
+Prepends a time stamp to each trace or verbose line that curl displays.
+
+Added in 7.14.0.
+.IP "--trace <file>"
+Enables a full trace dump of all incoming and outgoing data, including
+descriptive information, to the given output file. Use "-" as filename to have
+the output sent to stdout. Use "%" as filename to have the output sent to
+stderr.
-TTYPE=<term> Sets the terminal type.
+If this option is used several times, the last one will be used.
-XDISPLOC=<X display> Sets the X display location.
+This option overrides \fI-v, --verbose\fP and \fI--trace-ascii\fP.
+.IP "--unix-socket <path>"
+(HTTP) Connect through this Unix domain socket, instead of using the network.
-NEW_ENV=<var,val> Sets an environment variable.
+Added in 7.40.0.
.IP "-T, --upload-file <file>"
This transfers the specified local file to the remote URL. If there is no file
-part in the specified URL, Curl will append the local file name. NOTE that you
+part in the specified URL, curl will append the local file name. NOTE that you
must use a trailing / on the last directory to really prove to Curl that there
is no file name or curl will think that your last directory name is the remote
file name to use. That will most likely cause the upload operation to fail. If
@@ -1754,94 +2172,45 @@ Alternately, the file name "." (a single period) may be
specified instead
of "-" to use stdin in non-blocking mode to allow reading server output
while stdin is being uploaded.
-You can specify one -T for each URL on the command line. Each -T + URL pair
-specifies what to upload and to where. curl also supports "globbing" of the -T
-argument, meaning that you can upload multiple files to a single URL by using
-the same URL globbing style supported in the URL, like this:
+You can specify one \fI-T, --upload-file\fP for each URL on the command line.
Each
+\fI-T, --upload-file\fP + URL pair specifies what to upload and to where. curl
also
+supports "globbing" of the \fI-T, --upload-file\fP argument, meaning that you
can upload
+multiple files to a single URL by using the same URL globbing style supported
+in the URL, like this:
-curl -T "{file1,file2}" http://www.example.com
+ curl --upload-file "{file1,file2}" http://www.example.com
or even
-curl -T "img[1-1000].png" ftp://ftp.example.com/upload/
-.IP "--tcp-nodelay"
-Turn on the TCP_NODELAY option. See the \fIcurl_easy_setopt(3)\fP man page for
-details about this option. (Added in 7.11.2)
-.IP "--tcp-fastopen"
-Enable use of TCP Fast Open (RFC7413). (Added in 7.49.0)
-.IP "--tftp-blksize <value>"
-(TFTP) Set TFTP BLKSIZE option (must be >512). This is the block size that
-curl will try to use when transferring data to or from a TFTP server. By
-default 512 bytes will be used.
-
-If this option is used several times, the last one will be used.
-
-(Added in 7.20.0)
-.IP "--tftp-no-options"
-(TFTP) Tells curl not to send TFTP options requests.
-
-This option improves interop with some legacy servers that do not acknowledge
-or properly implement TFTP options. When this option is used
-\fI--tftp-blksize\fP is ignored.
-
-(Added in 7.48.0)
-.IP "--tlsauthtype <authtype>"
-Set TLS authentication type. Currently, the only supported option is "SRP",
-for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are
-specified but \fI--tlsauthtype\fP is not, then this option defaults to "SRP".
-(Added in 7.21.4)
-.IP "--tlspassword <password>"
-Set password for use with the TLS authentication method specified with
-\fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set. (Added in
-7.21.4)
-.IP "--tlsuser <user>"
-Set username for use with the TLS authentication method specified with
-\fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also be set. (Added in
-7.21.4)
-.IP "--tlsv1.0"
-(SSL)
-Forces curl to use TLS version 1.0 when negotiating with a remote TLS server.
-(Added in 7.34.0)
-.IP "--tlsv1.1"
-(SSL)
-Forces curl to use TLS version 1.1 when negotiating with a remote TLS server.
-(Added in 7.34.0)
-.IP "--tlsv1.2"
-(SSL)
-Forces curl to use TLS version 1.2 when negotiating with a remote TLS server.
-(Added in 7.34.0)
-.IP "--tr-encoding"
-(HTTP) Request a compressed Transfer-Encoding response using one of the
-algorithms curl supports, and uncompress the data while receiving it.
-
-(Added in 7.21.6)
-.IP "--trace <file>"
-Enables a full trace dump of all incoming and outgoing data, including
-descriptive information, to the given output file. Use "-" as filename to have
-the output sent to stdout.
-
-This option overrides previous uses of \fI-v, --verbose\fP or
-\fI--trace-ascii\fP.
+ curl -T "img[1-1000].png" ftp://ftp.example.com/upload/
-If this option is used several times, the last one will be used.
-.IP "--trace-ascii <file>"
-Enables a full trace dump of all incoming and outgoing data, including
-descriptive information, to the given output file. Use "-" as filename to have
-the output sent to stdout.
+When uploading to an SMTP server: the uploaded data is assumed to be RFC 5322
+formatted. It has to feature the necessary set of headers and mail body
+formatted correctly by the user as curl will not transcode nor encode it
+further in any way.
+.IP "--url <url>"
+Specify a URL to fetch. This option is mostly handy when you want to specify
+URL(s) in a config file.
-This is very similar to \fI--trace\fP, but leaves out the hex part and only
-shows the ASCII part of the dump. It makes smaller output that might be easier
-to read for untrained humans.
+If the given URL is missing a scheme name (such as "http://"; or "ftp://"; etc)
+then curl will make a guess based on the host. If the outermost sub-domain
+name matches DICT, FTP, IMAP, LDAP, POP3 or SMTP then that protocol will be
+used, otherwise HTTP will be used. Since 7.45.0 guessing can be disabled by
+setting a default protocol, see \fI--proto-default\fP for details.
-This option overrides previous uses of \fI-v, --verbose\fP or \fI--trace\fP.
+This option may be used any number of times. To control where this URL is
+written, use the \fI-o, --output\fP or the \fI-O, --remote-name\fP options.
+.IP "-B, --use-ascii"
+(FTP LDAP) Enable ASCII transfer. For FTP, this can also be enforced by using
an URL that
+ends with ";type=A". This option causes data sent to stdout to be in text mode
+for win32 systems.
+.IP "-A, --user-agent <name>"
+(HTTP)
+Specify the User-Agent string to send to the HTTP server. To encode blanks in
+the string, surround the string with single quote marks. This can also be set
+with the \fI-H, --header\fP option of course.
If this option is used several times, the last one will be used.
-.IP "--trace-time"
-Prepends a time stamp to each trace or verbose line that curl displays.
-(Added in 7.14.0)
-.IP "--unix-socket <path>"
-(HTTP) Connect through this Unix domain socket, instead of using the
-network. (Added in 7.40.0)
.IP "-u, --user <user:password>"
Specify the user name and password to use for server authentication. Overrides
\fI-n, --netrc\fP and \fI--netrc-optional\fP.
@@ -1871,42 +2240,77 @@ the user name and password from your environment by
specifying a single colon
with this option: "-u :".
If this option is used several times, the last one will be used.
-.IP "-U, --proxy-user <user:password>"
-Specify the user name and password to use for proxy authentication.
-
-If you use a Windows SSPI-enabled curl binary and do either Negotiate or NTLM
-authentication then you can tell curl to select the user name and password
-from your environment by specifying a single colon with this option: "-U :".
-
-If this option is used several times, the last one will be used.
-.IP "--url <URL>"
-Specify a URL to fetch. This option is mostly handy when you want to specify
-URL(s) in a config file.
-
-If the given URL is missing a scheme name (such as "http://"; or "ftp://"; etc)
-then curl will make a guess based on the host. If the outermost sub-domain name
-matches DICT, FTP, IMAP, LDAP, POP3 or SMTP then that protocol will be used,
-otherwise HTTP will be used. Since 7.45.0 guessing can be disabled by setting a
-default protocol, see \fI--proto-default\fP for details.
-
-This option may be used any number of times. To control where this URL is
-written, use the \fI-o, --output\fP or the \fI-O, --remote-name\fP options.
.IP "-v, --verbose"
-Be more verbose/talkative during the operation. Useful for debugging and
-seeing what's going on "under the hood". A line starting with '>' means
-"header data" sent by curl, '<' means "header data" received by curl that is
-hidden in normal cases, and a line starting with '*' means additional info
-provided by curl.
+Makes curl verbose during the operation. Useful for debugging and seeing
+what's going on "under the hood". A line starting with '>' means "header data"
+sent by curl, '<' means "header data" received by curl that is hidden in
+normal cases, and a line starting with '*' means additional info provided by
+curl.
-Note that if you only want HTTP headers in the output, \fI-i, --include\fP
-might be the option you're looking for.
+If you only want HTTP headers in the output, \fI-i, --include\fP might be the
option
+you're looking for.
If you think this option still doesn't give you enough details, consider using
\fI--trace\fP or \fI--trace-ascii\fP instead.
-This option overrides previous uses of \fI--trace-ascii\fP or \fI--trace\fP.
+Use \fI-s, --silent\fP to make curl really quiet.
+
+See also \fI-i, --include\fP. This option overrides \fI--trace\fP and
\fI--trace-ascii\fP.
+.IP "-V, --version"
+Displays information about curl and the libcurl version it uses.
+
+The first line includes the full version of curl, libcurl and other 3rd party
+libraries linked with the executable.
+
+The second line (starts with "Protocols:") shows all protocols that libcurl
+reports to support.
-Use \fI-s, --silent\fP to make curl quiet.
+The third line (starts with "Features:") shows specific features libcurl
+reports to offer. Available features include:
+.RS
+.IP "IPv6"
+You can use IPv6 with this.
+.IP "krb4"
+Krb4 for FTP is supported.
+.IP "SSL"
+SSL versions of various protocols are supported, such as HTTPS, FTPS, POP3S
+and so on.
+.IP "libz"
+Automatic decompression of compressed files over HTTP is supported.
+.IP "NTLM"
+NTLM authentication is supported.
+.IP "Debug"
+This curl uses a libcurl built with Debug. This enables more error-tracking
+and memory debugging etc. For curl-developers only!
+.IP "AsynchDNS"
+This curl uses asynchronous name resolves. Asynchronous name resolves can be
+done using either the c-ares or the threaded resolver backends.
+.IP "SPNEGO"
+SPNEGO authentication is supported.
+.IP "Largefile"
+This curl supports transfers of large files, files larger than 2GB.
+.IP "IDN"
+This curl supports IDN - international domain names.
+.IP "GSS-API"
+GSS-API is supported.
+.IP "SSPI"
+SSPI is supported.
+.IP "TLS-SRP"
+SRP (Secure Remote Password) authentication is supported for TLS.
+.IP "HTTP2"
+HTTP/2 support has been built-in.
+.IP "UnixSockets"
+Unix sockets support is provided.
+.IP "HTTPS-proxy"
+This curl is built to support HTTPS proxy.
+.IP "Metalink"
+This curl supports Metalink (both version 3 and 4 (RFC 5854)), which
+describes mirrors and hashes. curl will use mirrors for failover if
+there are errors (such as the file or server not being available).
+.IP "PSL"
+PSL is short for Public Suffix List and means that this curl has been built
+with knowledge about "public suffixes".
+.RE
.IP "-w, --write-out <format>"
Make curl display information on stdout after a completed transfer. The format
is a string that may contain plain text mixed with any number of
@@ -1915,10 +2319,10 @@ curl read the format from a file with "@filename" and
to tell curl to read the
format from stdin you write "@-".
The variables present in the output format will be substituted by the value or
-text that curl thinks fit, as described below. All variables are specified
-as %{variable_name} and to output a normal % you just write them as
-%%. You can output a newline by using \\n, a carriage return with \\r and a tab
-space with \\t.
+text that curl thinks fit, as described below. All variables are specified as
+%{variable_name} and to output a normal % you just write them as %%. You can
+output a newline by using \\n, a carriage return with \\r and a tab space with
+\\t.
.B NOTE:
The %-symbol is a special symbol in the win32-environment, where all
@@ -1932,8 +2336,8 @@ The Content-Type of the requested document, if there was
any.
.TP
.B filename_effective
The ultimate filename that curl writes out to. This is only meaningful if curl
-is told to write to a file with the \fI--remote-name\fP or \fI--output\fP
-option. It's most useful in combination with the \fI--remote-header-name\fP
+is told to write to a file with the \fI-O, --remote-name\fP or \fI-o,
--output\fP
+option. It's most useful in combination with the \fI-J, --remote-header-name\fP
option. (Added in 7.26.0)
.TP
.B ftp_entry_path
@@ -1976,6 +2380,9 @@ IPv4 or IPv6 (Added in 7.29.0)
.B remote_port
The remote port number of the most recently done connection (Added in 7.29.0)
.TP
+.B scheme
+The URL scheme (sometimes called protocol) that was effectively used (Added in
7.52.0)
+.TP
.B size_download
The total amount of bytes that were downloaded.
.TP
@@ -2029,8 +2436,7 @@ about to be transferred. This includes time_pretransfer
and also the time the
server needed to calculate the result.
.TP
.B time_total
-The total time, in seconds, that the full operation lasted. The time will be
-displayed with millisecond resolution.
+The total time, in seconds, that the full operation lasted.
.TP
.B url_effective
The URL that was fetched last. This is most meaningful if you've told curl
@@ -2038,160 +2444,12 @@ to follow location: headers.
.RE
.IP
If this option is used several times, the last one will be used.
-.IP "-x, --proxy <[protocol://][user:address@hidden:port]>"
-Use the specified proxy.
-
-The proxy string can be specified with a protocol:// prefix to specify
-alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
-socks5h:// to request the specific SOCKS version to be used. No protocol
-specified, http:// and all others will be treated as HTTP proxies. (The
-protocol support was added in curl 7.21.7)
-
-If the port number is not specified in the proxy string, it is assumed to be
-1080.
-
-This option overrides existing environment variables that set the proxy to
-use. If there's an environment variable setting a proxy, you can set proxy to
-\&"" to override it.
-
-All operations that are performed over an HTTP proxy will transparently be
-converted to HTTP. It means that certain protocol specific operations might
-not be available. This is not the case if you can tunnel through the proxy, as
-one with the \fI-p, --proxytunnel\fP option.
-
-User and password that might be provided in the proxy string are URL decoded
-by curl. This allows you to pass in special characters such as @ by using %40
-or pass in a colon with %3a.
-
-The proxy host can be specified the exact same way as the proxy environment
-variables, including the protocol prefix (http://) and the embedded user +
-password.
-
-If this option is used several times, the last one will be used.
-.IP "-X, --request <command>"
-(HTTP) Specifies a custom request method to use when communicating with the
-HTTP server. The specified request method will be used instead of the method
-otherwise used (which defaults to GET). Read the HTTP 1.1 specification for
-details and explanations. Common additional HTTP requests include PUT and
-DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and
-more.
-
-Normally you don't need this option. All sorts of GET, HEAD, POST and PUT
-requests are rather invoked by using dedicated command line options.
-
-This option only changes the actual word used in the HTTP request, it does not
-alter the way curl behaves. So for example if you want to make a proper HEAD
-request, using -X HEAD will not suffice. You need to use the \fI-I, --head\fP
-option.
-
-The method string you set with -X will be used for all requests, which if you
-for example use \fB-L, --location\fP may cause unintended side-effects when
-curl doesn't change request method according to the HTTP 30x response codes -
-and similar.
-
-(FTP)
-Specifies a custom FTP command to use instead of LIST when doing file lists
-with FTP.
-
-(POP3)
-Specifies a custom POP3 command to use instead of LIST or RETR. (Added in
-7.26.0)
-
-(IMAP)
-Specifies a custom IMAP command to use instead of LIST. (Added in 7.30.0)
-
-(SMTP)
-Specifies a custom SMTP command to use instead of HELP or VRFY. (Added in
7.34.0)
-
-If this option is used several times, the last one will be used.
.IP "--xattr"
When saving output to a file, this option tells curl to store certain file
metadata in extended file attributes. Currently, the URL is stored in the
xdg.origin.url attribute and, for HTTP, the content type is stored in
the mime_type attribute. If the file system does not support extended
attributes, a warning is issued.
-
-.IP "-y, --speed-time <time>"
-If a download is slower than speed-limit bytes per second during a speed-time
-period, the download gets aborted. If speed-time is used, the default
-speed-limit will be 1 unless set with \fI-Y\fP.
-
-This option controls transfers and thus will not affect slow connects etc. If
-this is a concern for you, try the \fI--connect-timeout\fP option.
-
-If this option is used several times, the last one will be used.
-.IP "-Y, --speed-limit <speed>"
-If a download is slower than this given speed (in bytes per second) for
-speed-time seconds it gets aborted. speed-time is set with \fI-y\fP and is 30
-if not set.
-
-If this option is used several times, the last one will be used.
-.IP "-z, --time-cond <date expression>|<file>"
-(HTTP/FTP) Request a file that has been modified later than the given time and
-date, or one that has been modified before that time. The <date expression>
-can be all sorts of date strings or if it doesn't match any internal ones, it
-is taken as a filename and tries to get the modification date (mtime) from
-<file> instead. See the \fIcurl_getdate(3)\fP man pages for date expression
-details.
-
-Start the date expression with a dash (-) to make it request for a document
-that is older than the given date/time, default is a document that is newer
-than the specified date/time.
-
-If this option is used several times, the last one will be used.
-.IP "-h, --help"
-Usage help. This lists all current command line options with a short
-description.
-.IP "-M, --manual"
-Manual. Display the huge help text.
-.IP "-V, --version"
-Displays information about curl and the libcurl version it uses.
-
-The first line includes the full version of curl, libcurl and other 3rd party
-libraries linked with the executable.
-
-The second line (starts with "Protocols:") shows all protocols that libcurl
-reports to support.
-
-The third line (starts with "Features:") shows specific features libcurl
-reports to offer. Available features include:
-.RS
-.IP "IPv6"
-You can use IPv6 with this.
-.IP "krb4"
-Krb4 for FTP is supported.
-.IP "SSL"
-SSL versions of various protocols are supported, such as HTTPS, FTPS, POP3S
-and so on.
-.IP "libz"
-Automatic decompression of compressed files over HTTP is supported.
-.IP "NTLM"
-NTLM authentication is supported.
-.IP "Debug"
-This curl uses a libcurl built with Debug. This enables more error-tracking
-and memory debugging etc. For curl-developers only!
-.IP "AsynchDNS"
-This curl uses asynchronous name resolves. Asynchronous name resolves can be
-done using either the c-ares or the threaded resolver backends.
-.IP "SPNEGO"
-SPNEGO authentication is supported.
-.IP "Largefile"
-This curl supports transfers of large files, files larger than 2GB.
-.IP "IDN"
-This curl supports IDN - international domain names.
-.IP "GSS-API"
-GSS-API is supported.
-.IP "SSPI"
-SSPI is supported.
-.IP "TLS-SRP"
-SRP (Secure Remote Password) authentication is supported for TLS.
-.IP "HTTP2"
-HTTP/2 support has been built-in.
-.IP "Metalink"
-This curl supports Metalink (both version 3 and 4 (RFC 5854)), which
-describes mirrors and hashes. curl will use mirrors for failover if
-there are errors (such as the file or server not being available).
-.RE
.SH FILES
.I ~/.curlrc
.RS
@@ -2202,7 +2460,7 @@ lower case version has precedence. http_proxy is an
exception as it is only
available in lower case.
Using an environment variable to set the proxy has the same effect as using
-the \fI--proxy\fP option.
+the \fI-x, --proxy\fP option.
.IP "http_proxy [protocol://]<host>[:port]"
Sets the proxy server to use for HTTP.
@@ -2217,6 +2475,16 @@ Sets the proxy server to use if no protocol-specific
proxy is set.
.IP "NO_PROXY <comma-separated list of hosts>"
list of host names that shouldn't go through any proxy. If set to a asterisk
\&'*' only, it matches all hosts.
+
+Since 7.53.0, this environment variable disable the proxy even if specify
+\fI-x, --proxy\fP option. That is
+.B NO_PROXY=direct.example.com curl -x http://proxy.example.com
+.B http://direct.example.com
+accesses the target URL directly, and
+.B NO_PROXY=direct.example.com curl -x http://proxy.example.com
+.B http://somewhere.example.com
+accesses the target URL through proxy.
+
.SH "PROXY PROTOCOL PREFIXES"
Since curl version 7.21.7, the proxy string may be specified with a
protocol:// prefix to specify alternative proxy protocols.
@@ -2259,6 +2527,15 @@ Weird server reply. The server sent data curl couldn't
parse.
FTP access denied. The server denied login or denied access to the particular
resource or directory you wanted to reach. Most often you tried to change to a
directory that doesn't exist on the server.
+.IP 10
+FTP accept failed. While waiting for the server to connect back when an active
+FTP session is used, an error code was sent over the control connection or
+similar.
+.IP 11
+FTP weird PASS reply. Curl couldn't parse the reply sent to the PASS request.
+.IP 12
+During an active FTP session while waiting for the server to connect back to
+curl, the timeout expired.
.IP 11
FTP weird PASS reply. Curl couldn't parse the reply sent to the PASS request.
.IP 13
@@ -2267,6 +2544,10 @@ FTP weird PASV reply, Curl couldn't parse the reply sent
to the PASV request.
FTP weird 227 format. Curl couldn't parse the 227-line the server sent.
.IP 15
FTP can't get host. Couldn't resolve the host IP we got in the 227-line.
+.IP 16
+HTTP/2 error. A problem was detected in the HTTP2 framing layer. This is
+somewhat generic and can be one out of several problems, see the error message
+for details.
.IP 17
FTP couldn't set binary. Couldn't change transfer method to binary.
.IP 18
@@ -2305,7 +2586,7 @@ HTTP post error. Internal post-request generation error.
.IP 35
SSL connect error. The SSL handshaking failed.
.IP 36
-FTP bad download resume. Couldn't continue an earlier aborted download.
+Bad download resume. Couldn't continue an earlier aborted download.
.IP 37
FILE couldn't read file. Failed to open the file. Permissions?
.IP 38
diff --git a/docs/index.html b/docs/index.html
deleted file mode 100644
index 4390378af..000000000
--- a/docs/index.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd";>
-<html><head>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-<title>Index to Curl documentation</title>
-</head>
-
-<body>
-<h1 align="center">Index to Curl documentation</h1>
-
-<h2>Programs</h2>
-<a href="curl-config.html">curl-config</A>
-<br><a href="curl.html">curl</A>
-
-<h2>Tutorial</h2>
-<a href="TheArtOfHttpScripting">The Art Of Scripting HTTP Requests Using
Curl</a> (plain text)
-
-<h2>libcurl</h2>
-See the <a href="libcurl/index.html">libcurl section</a>
-
-</body></html>
diff --git a/docs/libcurl/.gitignore b/docs/libcurl/.gitignore
index 2e5b359aa..270b0531f 100644
--- a/docs/libcurl/.gitignore
+++ b/docs/libcurl/.gitignore
@@ -1,3 +1,4 @@
*.html
*.pdf
+*.3.dist
libcurl-symbols.3
diff --git a/docs/libcurl/CMakeLists.txt b/docs/libcurl/CMakeLists.txt
new file mode 100644
index 000000000..0b32c5054
--- /dev/null
+++ b/docs/libcurl/CMakeLists.txt
@@ -0,0 +1,55 @@
+# Load man_MANS from shared file
+transform_makefile_inc("Makefile.inc"
"${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake")
+include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake")
+
+function(add_manual_pages _listname)
+ foreach(_file IN LISTS ${_listname})
+ if(_file STREQUAL "libcurl-symbols.3")
+ # Special case, an auto-generated file.
+ set(_srcfile "${CMAKE_CURRENT_BINARY_DIR}/${_file}")
+ else()
+ set(_srcfile "${CMAKE_CURRENT_SOURCE_DIR}/${_file}")
+ endif()
+
+ string(REPLACE ".3" ".html" _htmlfile
"${CMAKE_CURRENT_BINARY_DIR}/${_file}")
+ add_custom_command(OUTPUT "${_htmlfile}"
+ COMMAND roffit "--mandir=${CMAKE_CURRENT_SOURCE_DIR}" "${_srcfile}" >
"${_htmlfile}"
+ DEPENDS "${_srcfile}"
+ VERBATIM
+ )
+
+ string(REPLACE ".3" ".pdf" _pdffile "${CMAKE_CURRENT_BINARY_DIR}/${_file}")
+ string(REPLACE ".3" ".ps" _psfile "${CMAKE_CURRENT_BINARY_DIR}/${_file}")
+ # XXX any reason why groff -Tpdf (for gropdf) is not used?
+ add_custom_command(OUTPUT "${_pdffile}"
+ COMMAND groff -Tps -man "${_srcfile}" > "${_psfile}"
+ COMMAND ps2pdf "${_psfile}" "${_pdffile}"
+ COMMAND "${CMAKE_COMMAND}" -E remove "${_psfile}"
+ DEPENDS "${_srcfile}"
+ #BYPRODUCTS "${_psfile}"
+ VERBATIM
+ )
+ # "BYPRODUCTS" for add_custom_command requires CMake 3.2. For now hope that
+ # the temporary files are removed (i.e. the command is not interrupted).
+ endforeach()
+endfunction()
+
+add_custom_command(OUTPUT libcurl-symbols.3
+ COMMAND
+ "${PERL_EXECUTABLE}"
+ "${CMAKE_CURRENT_SOURCE_DIR}/mksymbolsmanpage.pl" <
+ "${CMAKE_CURRENT_SOURCE_DIR}/symbols-in-versions" > libcurl-symbols.3
+ DEPENDS
+ "${CMAKE_CURRENT_SOURCE_DIR}/symbols-in-versions"
+ "${CMAKE_CURRENT_SOURCE_DIR}/mksymbolsmanpage.pl"
+ VERBATIM
+)
+
+add_manual_pages(man_MANS)
+
+string(REPLACE ".3" ".html" HTMLPAGES "${man_MANS}")
+string(REPLACE ".3" ".pdf" PDFPAGES "${man_MANS}")
+add_custom_target(html DEPENDS ${HTMLPAGES})
+add_custom_target(pdf DEPENDS ${PDFPAGES})
+
+add_subdirectory(opts)
diff --git a/docs/libcurl/Makefile.am b/docs/libcurl/Makefile.am
index 49acd977f..8a232e838 100644
--- a/docs/libcurl/Makefile.am
+++ b/docs/libcurl/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -24,74 +24,22 @@ AUTOMAKE_OPTIONS = foreign no-dependencies
SUBDIRS = opts
-man_MANS = curl_easy_cleanup.3 curl_easy_getinfo.3 curl_easy_init.3 \
- curl_easy_perform.3 curl_easy_setopt.3 curl_easy_duphandle.3 \
- curl_formadd.3 curl_formfree.3 curl_getdate.3 curl_getenv.3 \
- curl_slist_append.3 curl_slist_free_all.3 curl_version.3 \
- curl_version_info.3 curl_escape.3 curl_unescape.3 curl_free.3 \
- curl_strequal.3 curl_mprintf.3 curl_global_init.3 \
- curl_global_cleanup.3 curl_multi_add_handle.3 curl_multi_cleanup.3 \
- curl_multi_fdset.3 curl_multi_info_read.3 curl_multi_init.3 \
- curl_multi_perform.3 curl_multi_remove_handle.3 curl_share_cleanup.3 \
- curl_share_init.3 curl_share_setopt.3 libcurl.3 libcurl-easy.3 \
- libcurl-multi.3 libcurl-share.3 libcurl-errors.3 curl_easy_strerror.3 \
- curl_multi_strerror.3 curl_share_strerror.3 curl_global_init_mem.3 \
- libcurl-tutorial.3 curl_easy_reset.3 curl_easy_escape.3 \
- curl_easy_unescape.3 curl_multi_setopt.3 curl_multi_socket.3 \
- curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3 \
- curl_easy_pause.3 curl_easy_recv.3 curl_easy_send.3 \
- curl_multi_socket_action.3 curl_multi_wait.3 libcurl-symbols.3 \
- libcurl-thread.3 curl_multi_socket_all.3
-
-HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html \
- curl_easy_init.html curl_easy_perform.html curl_easy_setopt.html \
- curl_easy_duphandle.html curl_formadd.html curl_formfree.html \
- curl_getdate.html curl_getenv.html curl_slist_append.html \
- curl_slist_free_all.html curl_version.html curl_version_info.html \
- curl_escape.html curl_unescape.html curl_free.html curl_strequal.html \
- curl_mprintf.html curl_global_init.html curl_global_cleanup.html \
- curl_multi_add_handle.html curl_multi_cleanup.html \
- curl_multi_fdset.html curl_multi_info_read.html curl_multi_init.html \
- curl_multi_perform.html curl_multi_remove_handle.html \
- curl_share_cleanup.html curl_share_init.html curl_share_setopt.html \
- libcurl.html libcurl-multi.html libcurl-easy.html libcurl-share.html \
- libcurl-errors.html curl_easy_strerror.html curl_multi_strerror.html \
- curl_share_strerror.html curl_global_init_mem.html \
- libcurl-tutorial.html curl_easy_reset.html curl_easy_escape.html \
- curl_easy_unescape.html curl_multi_setopt.html curl_multi_socket.html \
- curl_multi_timeout.html curl_formget.html curl_multi_assign.html \
- curl_easy_pause.html curl_easy_recv.html curl_easy_send.html \
- curl_multi_socket_action.html curl_multi_wait.html \
- libcurl-symbols.html libcurl-thread.html curl_multi_socket_all.html
-
-PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf \
- curl_easy_init.pdf curl_easy_perform.pdf curl_easy_setopt.pdf \
- curl_easy_duphandle.pdf curl_formadd.pdf curl_formfree.pdf \
- curl_getdate.pdf curl_getenv.pdf curl_slist_append.pdf \
- curl_slist_free_all.pdf curl_version.pdf curl_version_info.pdf \
- curl_escape.pdf curl_unescape.pdf curl_free.pdf curl_strequal.pdf \
- curl_mprintf.pdf curl_global_init.pdf curl_global_cleanup.pdf \
- curl_multi_add_handle.pdf curl_multi_cleanup.pdf curl_multi_fdset.pdf \
- curl_multi_info_read.pdf curl_multi_init.pdf curl_multi_perform.pdf \
- curl_multi_remove_handle.pdf curl_share_cleanup.pdf \
- curl_share_init.pdf curl_share_setopt.pdf libcurl.pdf \
- libcurl-multi.pdf libcurl-easy.pdf libcurl-share.pdf \
- libcurl-errors.pdf curl_easy_strerror.pdf curl_multi_strerror.pdf \
- curl_share_strerror.pdf curl_global_init_mem.pdf libcurl-tutorial.pdf \
- curl_easy_reset.pdf curl_easy_escape.pdf curl_easy_unescape.pdf \
- curl_multi_setopt.pdf curl_multi_socket.pdf curl_multi_timeout.pdf \
- curl_formget.pdf curl_multi_assign.pdf curl_easy_pause.pdf \
- curl_easy_recv.pdf curl_easy_send.pdf curl_multi_socket_action.pdf \
- curl_multi_wait.pdf libcurl-symbols.pdf libcurl-thread.pdf \
- curl_multi_socket_all.pdf
+include Makefile.inc
+
+man_DISTMANS = $(man_MANS:.3=.3.dist)
+
+HTMLPAGES = $(man_MANS:.3=.html)
+
+PDFPAGES = $(man_MANS:.3=.pdf)
m4macrodir = $(datadir)/aclocal
dist_m4macro_DATA = libcurl.m4
-CLEANFILES = $(HTMLPAGES) $(PDFPAGES) $(TESTS) libcurl-symbols.3
+CLEANFILES = $(HTMLPAGES) $(PDFPAGES) $(TESTS) $(man_DISTMANS) \
+ libcurl-symbols.3
-EXTRA_DIST = $(man_MANS) $(HTMLPAGES) index.html $(PDFPAGES) ABI \
- symbols-in-versions symbols.pl mksymbolsmanpage.pl
+EXTRA_DIST = $(man_MANS) index.html ABI symbols-in-versions symbols.pl \
+ mksymbolsmanpage.pl CMakeLists.txt
MAN2HTML= roffit --mandir=. $< >$@
SUFFIXES = .3 .html
@@ -100,13 +48,13 @@ libcurl-symbols.3: $(srcdir)/symbols-in-versions
$(srcdir)/mksymbolsmanpage.pl
perl $(srcdir)/mksymbolsmanpage.pl < $(srcdir)/symbols-in-versions > $@
html: $(HTMLPAGES)
- cd opts && make html
+ cd opts && $(MAKE) html
.3.html:
$(MAN2HTML)
pdf: $(PDFPAGES)
- cd opts && make pdf
+ cd opts && $(MAKE) pdf
.3.pdf:
@(foo=`echo $@ | sed -e 's/\.[0-9]$$//g'`; \
diff --git a/docs/libcurl/Makefile.inc b/docs/libcurl/Makefile.inc
new file mode 100644
index 000000000..84a037af5
--- /dev/null
+++ b/docs/libcurl/Makefile.inc
@@ -0,0 +1,20 @@
+# Shared between Makefile.am and CMakeLists.txt
+
+man_MANS = curl_easy_cleanup.3 curl_easy_getinfo.3 curl_easy_init.3 \
+ curl_easy_perform.3 curl_easy_setopt.3 curl_easy_duphandle.3 \
+ curl_formadd.3 curl_formfree.3 curl_getdate.3 curl_getenv.3 \
+ curl_slist_append.3 curl_slist_free_all.3 curl_version.3 \
+ curl_version_info.3 curl_escape.3 curl_unescape.3 curl_free.3 \
+ curl_strequal.3 curl_strnequal.3 curl_mprintf.3 curl_global_init.3 \
+ curl_global_cleanup.3 curl_multi_add_handle.3 curl_multi_cleanup.3 \
+ curl_multi_fdset.3 curl_multi_info_read.3 curl_multi_init.3 \
+ curl_multi_perform.3 curl_multi_remove_handle.3 curl_share_cleanup.3 \
+ curl_share_init.3 curl_share_setopt.3 libcurl.3 libcurl-easy.3 \
+ libcurl-multi.3 libcurl-share.3 libcurl-errors.3 curl_easy_strerror.3 \
+ curl_multi_strerror.3 curl_share_strerror.3 curl_global_init_mem.3 \
+ libcurl-tutorial.3 curl_easy_reset.3 curl_easy_escape.3 \
+ curl_easy_unescape.3 curl_multi_setopt.3 curl_multi_socket.3 \
+ curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3 \
+ curl_easy_pause.3 curl_easy_recv.3 curl_easy_send.3 \
+ curl_multi_socket_action.3 curl_multi_wait.3 libcurl-symbols.3 \
+ libcurl-thread.3 curl_multi_socket_all.3
diff --git a/docs/libcurl/curl_easy_escape.3 b/docs/libcurl/curl_easy_escape.3
index d2b6cd286..2f9192e10 100644
--- a/docs/libcurl/curl_easy_escape.3
+++ b/docs/libcurl/curl_easy_escape.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,6 +39,15 @@ If \fIlength\fP is set to 0 (zero),
\fIcurl_easy_escape(3)\fP uses strlen() on
the input \fIstring\fP to find out the size.
You must \fIcurl_free(3)\fP the returned string when you're done with it.
+.SH ENCODING
+libcurl is typically not aware of, nor does it care about, character
+encodings. \fIcurl_easy_escape(3)\fP encodes the data byte-by-byte into the
+URL encoded version without knowledge or care for what particular character
+encoding the application or the receiving server may assume that the data
+uses.
+
+The caller of \fIcurl_easy_escape(3)\fP must make sure that the data passed in
+to the function is encoded correctly.
.SH AVAILABILITY
Added in 7.15.4 and replaces the old \fIcurl_escape(3)\fP function.
.SH RETURN VALUE
diff --git a/docs/libcurl/curl_easy_getinfo.3 b/docs/libcurl/curl_easy_getinfo.3
index 9ffcd14af..3edef83e2 100644
--- a/docs/libcurl/curl_easy_getinfo.3
+++ b/docs/libcurl/curl_easy_getinfo.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -84,17 +84,29 @@ See \fICURLINFO_REDIRECT_COUNT(3)\fP
URL a redirect would take you to, had you enabled redirects.
See \fICURLINFO_REDIRECT_URL(3)\fP
.IP CURLINFO_SIZE_UPLOAD
-Number of bytes uploaded.
+(Deprecated) Number of bytes uploaded.
See \fICURLINFO_SIZE_UPLOAD(3)\fP
+.IP CURLINFO_SIZE_UPLOAD_T
+Number of bytes uploaded.
+See \fICURLINFO_SIZE_UPLOAD_T(3)\fP
.IP CURLINFO_SIZE_DOWNLOAD
-Number of bytes downloaded.
+(Deprecated) Number of bytes downloaded.
See \fICURLINFO_SIZE_DOWNLOAD(3)\fP
+.IP CURLINFO_SIZE_DOWNLOAD_T
+Number of bytes downloaded.
+See \fICURLINFO_SIZE_DOWNLOAD_T(3)\fP
.IP CURLINFO_SPEED_DOWNLOAD
-Average download speed.
+(Deprecated) Average download speed.
See \fICURLINFO_SPEED_DOWNLOAD(3)\fP
+.IP CURLINFO_SPEED_DOWNLOAD_T
+Average download speed.
+See \fICURLINFO_SPEED_DOWNLOAD_T(3)\fP
.IP CURLINFO_SPEED_UPLOAD
-Average upload speed.
+(Deprecated) Average upload speed.
See \fICURLINFO_SPEED_UPLOAD(3)\fP
+.IP CURLINFO_SPEED_UPLOAD_T
+Average upload speed.
+See \fICURLINFO_SPEED_UPLOAD_T(3)\fP
.IP CURLINFO_HEADER_SIZE
Number of bytes of all headers received.
See \fICURLINFO_HEADER_SIZE(3)\fP
@@ -104,15 +116,22 @@ See \fICURLINFO_REQUEST_SIZE(3)\fP
.IP CURLINFO_SSL_VERIFYRESULT
Certificate verification result.
See \fICURLINFO_SSL_VERIFYRESULT(3)\fP
+.IP CURLINFO_PROXY_SSL_VERIFYRESULT
+Proxy certificate verification result.
+See \fICURLINFO_PROXY_SSL_VERIFYRESULT(3)\fP
.IP CURLINFO_SSL_ENGINES
A list of OpenSSL crypto engines.
See \fICURLINFO_SSL_ENGINES(3)\fP
.IP CURLINFO_CONTENT_LENGTH_DOWNLOAD
-Content length from the Content-Length header.
+(Deprecated) Content length from the Content-Length header.
See \fICURLINFO_CONTENT_LENGTH_DOWNLOAD(3)\fP
+.IP CURLINFO_CONTENT_LENGTH_DOWNLOAD_T
+Content length from the Content-Length header.
+See \fICURLINFO_CONTENT_LENGTH_DOWNLOAD_T(3)\fP
.IP CURLINFO_CONTENT_LENGTH_UPLOAD
-Upload size.
-See \fICURLINFO_CONTENT_LENGTH_UPLOAD(3)\fP
+(Deprecated) Upload size. See \fICURLINFO_CONTENT_LENGTH_UPLOAD(3)\fP
+.IP CURLINFO_CONTENT_LENGTH_UPLOAD_T
+Upload size. See \fICURLINFO_CONTENT_LENGTH_UPLOAD_T(3)\fP
.IP CURLINFO_CONTENT_TYPE
Content type from the Content-Type header.
See \fICURLINFO_CONTENT_TYPE(3)\fP
@@ -180,6 +199,12 @@ See \fICURLINFO_RTSP_SERVER_CSEQ(3)\fP
.IP CURLINFO_RTSP_CSEQ_RECV
RTSP CSeq last received.
See \fICURLINFO_RTSP_CSEQ_RECV(3)\fP
+.IP CURLINFO_PROTOCOL
+The protocol used for the connection. (Added in 7.52.0)
+See \fICURLINFO_PROTOCOL(3)\fP
+.IP CURLINFO_SCHEME
+The scheme used for the connection. (Added in 7.52.0)
+See \fICURLINFO_SCHEME(3)\fP
.SH TIMES
.nf
An overview of the six time values available from curl_easy_getinfo()
diff --git a/docs/libcurl/curl_easy_recv.3 b/docs/libcurl/curl_easy_recv.3
index 3560cc511..7a812dd00 100644
--- a/docs/libcurl/curl_easy_recv.3
+++ b/docs/libcurl/curl_easy_recv.3
@@ -46,12 +46,21 @@ calling \fIcurl_easy_perform(3)\fP or
\fIcurl_multi_perform(3)\fP. Note that
\fIcurl_easy_recv(3)\fP does not work on connections that were created without
this option.
-You must ensure that the socket has data to read before calling
-\fIcurl_easy_recv(3)\fP, otherwise the call will return \fBCURLE_AGAIN\fP -
-the socket is used in non-blocking mode internally. Use
-\fIcurl_easy_getinfo(3)\fP with \fICURLINFO_ACTIVESOCKET(3)\fP to obtain the
-socket; use your operating system facilities like \fIselect(2)\fP to check if
-it has any data you can read.
+The call will return \fBCURLE_AGAIN\fP if there is no data to read - the
+socket is used in non-blocking mode internally. When \fBCURLE_AGAIN\fP is
+returned, use your operating system facilities like \fIselect(2)\fP to wait
+for data. The socket may be obtained using \fIcurl_easy_getinfo(3)\fP with
+\fICURLINFO_ACTIVESOCKET(3)\fP.
+
+Wait on the socket only if \fIcurl_easy_recv(3)\fP returns \fBCURLE_AGAIN\fP.
+The reason for this is libcurl or the SSL library may internally cache some
+data, therefore you should call \fIcurl_easy_recv(3)\fP until all data is
+read which would include any cached data.
+
+Furthermore if you wait on the socket and it tells you there is data to read,
+\fIcurl_easy_recv(3)\fP may return \fBCURLE_AGAIN\fP if the only data that was
+read was for internal SSL processing, and no other data is available.
+
.SH AVAILABILITY
Added in 7.18.2.
.SH RETURN VALUE
@@ -60,13 +69,13 @@ On success, returns \fBCURLE_OK\fP, stores the received
data into
On failure, returns the appropriate error code.
-If there is no data to read, the function returns \fBCURLE_AGAIN\fP. Use your
-operating system facilities to wait until the data is ready, and retry.
+The function may return \fBCURLE_AGAIN\fP. In this case, use your operating
+system facilities to wait until data can be read, and retry.
-Reading exactly 0 bytes would indicate a closed connection.
+Reading exactly 0 bytes indicates a closed connection.
If there's no socket available to use from the previous transfer, this function
-returns CURLE_UNSUPPORTED_PROTOCOL.
+returns \fBCURLE_UNSUPPORTED_PROTOCOL\fP.
.SH EXAMPLE
See \fBsendrecv.c\fP in \fBdocs/examples\fP directory for usage example.
.SH "SEE ALSO"
diff --git a/docs/libcurl/curl_easy_send.3 b/docs/libcurl/curl_easy_send.3
index 2a7443985..47976f391 100644
--- a/docs/libcurl/curl_easy_send.3
+++ b/docs/libcurl/curl_easy_send.3
@@ -40,16 +40,20 @@ connection set-up.
The variable \fBn\fP points to will receive the number of sent bytes.
To establish the connection, set \fICURLOPT_CONNECT_ONLY(3)\fP option before
-calling \fIcurl_easy_perform(3)\fP or \fIcurl_multi_perform()\fP. Note that
+calling \fIcurl_easy_perform(3)\fP or \fIcurl_multi_perform(3)\fP. Note that
\fIcurl_easy_send(3)\fP will not work on connections that were created without
this option.
-You must ensure that the socket is writable before calling
-\fIcurl_easy_send(3)\fP, otherwise the call will return \fBCURLE_AGAIN\fP -
-the socket is used in non-blocking mode internally. Use
-\fIcurl_easy_getinfo(3)\fP with \fICURLINFO_ACTIVESOCKET(3)\fP to obtain the
-socket; use your operating system facilities like \fIselect(2)\fP to check if
-it can be written to.
+The call will return \fBCURLE_AGAIN\fP if it's not possible to send data right
+now - the socket is used in non-blocking mode internally. When
+\fBCURLE_AGAIN\fP is returned, use your operating system facilities like
+\fIselect(2)\fP to wait until the socket is writable. The socket may be
+obtained using \fIcurl_easy_getinfo(3)\fP with \fICURLINFO_ACTIVESOCKET(3)\fP.
+
+Furthermore if you wait on the socket and it tells you it's writable,
+\fIcurl_easy_send(3)\fP may return \fBCURLE_AGAIN\fP if the only data that was
+sent was for internal SSL processing, and no other data could be sent.
+
.SH AVAILABILITY
Added in 7.18.2.
.SH RETURN VALUE
@@ -59,8 +63,11 @@ wanted to send.
On failure, returns the appropriate error code.
+This function may return \fBCURLE_AGAIN\fP. In this case, use your operating
+system facilities to wait until the socket is writable, and retry.
+
If there's no socket available to use from the previous transfer, this function
-returns CURLE_UNSUPPORTED_PROTOCOL.
+returns \fBCURLE_UNSUPPORTED_PROTOCOL\fP.
.SH EXAMPLE
See \fBsendrecv.c\fP in \fBdocs/examples\fP directory for usage example.
.SH "SEE ALSO"
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index 75f1ce46b..26f73ee14 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -137,6 +137,8 @@ Data pointer to pass to the chunk callbacks. See
\fICURLOPT_CHUNK_DATA(3)\fP
Callback for wildcard matching. See \fICURLOPT_FNMATCH_FUNCTION(3)\fP
.IP CURLOPT_FNMATCH_DATA
Data pointer to pass to the wildcard matching callback. See
\fICURLOPT_FNMATCH_DATA(3)\fP
+.IP CURLOPT_SUPPRESS_CONNECT_HEADERS
+Suppress proxy CONNECT response headers from user callbacks. See
\fICURLOPT_SUPPRESS_CONNECT_HEADERS(3)\fP
.SH ERROR OPTIONS
.IP CURLOPT_ERRORBUFFER
Error message buffer. See \fICURLOPT_ERRORBUFFER(3)\fP
@@ -144,6 +146,8 @@ Error message buffer. See \fICURLOPT_ERRORBUFFER(3)\fP
stderr replacement stream. See \fICURLOPT_STDERR(3)\fP
.IP CURLOPT_FAILONERROR
Fail on HTTP 4xx errors. \fICURLOPT_FAILONERROR(3)\fP
+.IP CURLOPT_KEEP_SENDING_ON_ERROR
+Keep sending on HTTP >= 300 errors. \fICURLOPT_KEEP_SENDING_ON_ERROR(3)\fP
.SH NETWORK OPTIONS
.IP CURLOPT_URL
URL to work on. See \fICURLOPT_URL(3)\fP
@@ -157,6 +161,8 @@ Protocols to allow redirects to. See
\fICURLOPT_REDIR_PROTOCOLS(3)\fP
Default protocol. See \fICURLOPT_DEFAULT_PROTOCOL(3)\fP
.IP CURLOPT_PROXY
Proxy to use. See \fICURLOPT_PROXY(3)\fP
+.IP CURLOPT_PRE_PROXY
+Socks proxy to use. See \fICURLOPT_PRE_PROXY(3)\fP
.IP CURLOPT_PROXYPORT
Proxy port to use. See \fICURLOPT_PROXYPORT(3)\fP
.IP CURLOPT_PROXYTYPE
@@ -167,6 +173,8 @@ Filter out hosts from proxy use. \fICURLOPT_NOPROXY(3)\fP
Tunnel through the HTTP proxy. \fICURLOPT_HTTPPROXYTUNNEL(3)\fP
.IP CURLOPT_CONNECT_TO
Connect to a specific host and port. See \fICURLOPT_CONNECT_TO(3)\fP
+.IP CURLOPT_SOCKS5_AUTH
+Socks5 authentication methods. See \fICURLOPT_SOCKS5_AUTH(3)\fP
.IP CURLOPT_SOCKS5_GSSAPI_SERVICE
Socks5 GSSAPI service name. \fICURLOPT_SOCKS5_GSSAPI_SERVICE(3)\fP
.IP CURLOPT_SOCKS5_GSSAPI_NEC
@@ -186,7 +194,7 @@ Timeout for DNS cache. See
\fICURLOPT_DNS_CACHE_TIMEOUT(3)\fP
.IP CURLOPT_DNS_USE_GLOBAL_CACHE
OBSOLETE Enable global DNS cache. See \fICURLOPT_DNS_USE_GLOBAL_CACHE(3)\fP
.IP CURLOPT_BUFFERSIZE
-Ask for smaller buffer size. See \fICURLOPT_BUFFERSIZE(3)\fP
+Ask for alternate buffer size. See \fICURLOPT_BUFFERSIZE(3)\fP
.IP CURLOPT_PORT
Port number to connect to. See \fICURLOPT_PORT(3)\fP
.IP CURLOPT_TCP_FASTOPEN
@@ -203,6 +211,8 @@ Idle time before sending keep-alive. See
\fICURLOPT_TCP_KEEPIDLE(3)\fP
Interval between keep-alive probes. See \fICURLOPT_TCP_KEEPINTVL(3)\fP
.IP CURLOPT_UNIX_SOCKET_PATH
Path to a Unix domain socket. See \fICURLOPT_UNIX_SOCKET_PATH(3)\fP
+.IP CURLOPT_ABSTRACT_UNIX_SOCKET
+Path to an abstract Unix domain socket. See
\fICURLOPT_ABSTRACT_UNIX_SOCKET(3)\fP
.SH NAMES and PASSWORDS OPTIONS (Authentication)
.IP CURLOPT_NETRC
Enable .netrc parsing. See \fICURLOPT_NETRC(3)\fP
@@ -226,10 +236,16 @@ Proxy password. See \fICURLOPT_PROXYPASSWORD(3)\fP
HTTP server authentication methods. See \fICURLOPT_HTTPAUTH(3)\fP
.IP CURLOPT_TLSAUTH_USERNAME
TLS authentication user name. See \fICURLOPT_TLSAUTH_USERNAME(3)\fP
+.IP CURLOPT_PROXY_TLSAUTH_USERNAME
+Proxy TLS authentication user name. See \fICURLOPT_PROXY_TLSAUTH_USERNAME(3)\fP
.IP CURLOPT_TLSAUTH_PASSWORD
TLS authentication password. See \fICURLOPT_TLSAUTH_PASSWORD(3)\fP
+.IP CURLOPT_PROXY_TLSAUTH_PASSWORD
+Proxy TLS authentication password. See \fICURLOPT_PROXY_TLSAUTH_PASSWORD(3)\fP
.IP CURLOPT_TLSAUTH_TYPE
TLS authentication methods. See \fICURLOPT_TLSAUTH_TYPE(3)\fP
+.IP CURLOPT_PROXY_TLSAUTH_TYPE
+Proxy TLS authentication methods. See \fICURLOPT_PROXY_TLSAUTH_TYPE(3)\fP
.IP CURLOPT_PROXYAUTH
HTTP proxy authentication methods. See \fICURLOPT_PROXYAUTH(3)\fP
.IP CURLOPT_SASL_IR
@@ -289,6 +305,8 @@ Start a new cookie session. See
\fICURLOPT_COOKIESESSION(3)\fP
Add or control cookies. See \fICURLOPT_COOKIELIST(3)\fP
.IP CURLOPT_HTTPGET
Do a HTTP GET request. See \fICURLOPT_HTTPGET(3)\fP
+.IP CURLOPT_REQUEST_TARGET
+Set the request target. \fICURLOPT_REQUEST_TARGET(3)\fP
.IP CURLOPT_HTTP_VERSION
HTTP version to use. \fICURLOPT_HTTP_VERSION(3)\fP
.IP CURLOPT_IGNORE_CONTENT_LENGTH
@@ -445,14 +463,24 @@ Timeout for waiting for the server's connect back to be
accepted. See \fICURLOPT
.SH SSL and SECURITY OPTIONS
.IP CURLOPT_SSLCERT
Client cert. See \fICURLOPT_SSLCERT(3)\fP
+.IP CURLOPT_PROXY_SSLCERT
+Proxy client cert. See \fICURLOPT_PROXY_SSLCERT(3)\fP
.IP CURLOPT_SSLCERTTYPE
Client cert type. See \fICURLOPT_SSLCERTTYPE(3)\fP
+.IP CURLOPT_PROXY_SSLCERTTYPE
+Proxy client cert type. See \fICURLOPT_PROXY_SSLCERTTYPE(3)\fP
.IP CURLOPT_SSLKEY
Client key. See \fICURLOPT_SSLKEY(3)\fP
+.IP CURLOPT_PROXY_SSLKEY
+Proxy client key. See \fICURLOPT_PROXY_SSLKEY(3)\fP
.IP CURLOPT_SSLKEYTYPE
Client key type. See \fICURLOPT_SSLKEYTYPE(3)\fP
+.IP CURLOPT_PROXY_SSLKEYTYPE
+Proxy client key type. See \fICURLOPT_PROXY_SSLKEYTYPE(3)\fP
.IP CURLOPT_KEYPASSWD
Client key password. See \fICURLOPT_KEYPASSWD(3)\fP
+.IP CURLOPT_PROXY_KEYPASSWD
+Proxy client key password. See \fICURLOPT_PROXY_KEYPASSWD(3)\fP
.IP CURLOPT_SSL_ENABLE_ALPN
Enable use of ALPN. See \fICURLOPT_SSL_ENABLE_ALPN(3)\fP
.IP CURLOPT_SSL_ENABLE_NPN
@@ -465,34 +493,53 @@ Default SSL engine. See \fICURLOPT_SSLENGINE_DEFAULT(3)\fP
Enable TLS False Start. See \fICURLOPT_SSL_FALSESTART(3)\fP
.IP CURLOPT_SSLVERSION
SSL version to use. See \fICURLOPT_SSLVERSION(3)\fP
+.IP CURLOPT_PROXY_SSLVERSION
+Proxy SSL version to use. See \fICURLOPT_PROXY_SSLVERSION(3)\fP
.IP CURLOPT_SSL_VERIFYHOST
Verify the host name in the SSL certificate. See
\fICURLOPT_SSL_VERIFYHOST(3)\fP
+.IP CURLOPT_PROXY_SSL_VERIFYHOST
+Verify the host name in the proxy SSL certificate. See
\fICURLOPT_PROXY_SSL_VERIFYHOST(3)\fP
.IP CURLOPT_SSL_VERIFYPEER
Verify the SSL certificate. See \fICURLOPT_SSL_VERIFYPEER(3)\fP
+.IP CURLOPT_PROXY_SSL_VERIFYPEER
+Verify the proxy SSL certificate. See \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP
.IP CURLOPT_SSL_VERIFYSTATUS
Verify the SSL certificate's status. See \fICURLOPT_SSL_VERIFYSTATUS(3)\fP
.IP CURLOPT_CAINFO
CA cert bundle. See \fICURLOPT_CAINFO(3)\fP
+.IP CURLOPT_PROXY_CAINFO
+Proxy CA cert bundle. See \fICURLOPT_PROXY_CAINFO(3)\fP
.IP CURLOPT_ISSUERCERT
Issuer certificate. See \fICURLOPT_ISSUERCERT(3)\fP
.IP CURLOPT_CAPATH
Path to CA cert bundle. See \fICURLOPT_CAPATH(3)\fP
+.IP CURLOPT_PROXY_CAPATH
+Path to proxy CA cert bundle. See \fICURLOPT_PROXY_CAPATH(3)\fP
.IP CURLOPT_CRLFILE
Certificate Revocation List. See \fICURLOPT_CRLFILE(3)\fP
+.IP CURLOPT_PROXY_CRLFILE
+Proxy Certificate Revocation List. See \fICURLOPT_PROXY_CRLFILE(3)\fP
.IP CURLOPT_CERTINFO
Extract certificate info. See \fICURLOPT_CERTINFO(3)\fP
.IP CURLOPT_PINNEDPUBLICKEY
Set pinned SSL public key . See \fICURLOPT_PINNEDPUBLICKEY(3)\fP
+.IP CURLOPT_PROXY_PINNEDPUBLICKEY
+Set the proxy's pinned SSL public key. See
+\fICURLOPT_PROXY_PINNEDPUBLICKEY(3)\fP
.IP CURLOPT_RANDOM_FILE
Provide source for entropy random data. See \fICURLOPT_RANDOM_FILE(3)\fP
.IP CURLOPT_EGDSOCKET
Identify EGD socket for entropy. See \fICURLOPT_EGDSOCKET(3)\fP
.IP CURLOPT_SSL_CIPHER_LIST
Ciphers to use. See \fICURLOPT_SSL_CIPHER_LIST(3)\fP
+.IP CURLOPT_PROXY_SSL_CIPHER_LIST
+Proxy ciphers to use. See \fICURLOPT_PROXY_SSL_CIPHER_LIST(3)\fP
.IP CURLOPT_SSL_SESSIONID_CACHE
Disable SSL session-id cache. See \fICURLOPT_SSL_SESSIONID_CACHE(3)\fP
.IP CURLOPT_SSL_OPTIONS
Control SSL behavior. See \fICURLOPT_SSL_OPTIONS(3)\fP
+.IP CURLOPT_PROXY_SSL_OPTIONS
+Control proxy SSL behavior. See \fICURLOPT_PROXY_SSL_OPTIONS(3)\fP
.IP CURLOPT_KRBLEVEL
Kerberos security level. See \fICURLOPT_KRBLEVEL(3)\fP
.IP CURLOPT_GSSAPI_DELEGATION
diff --git a/docs/libcurl/curl_easy_unescape.3
b/docs/libcurl/curl_easy_unescape.3
index 06fd6fcb5..50ce97db7 100644
--- a/docs/libcurl/curl_easy_unescape.3
+++ b/docs/libcurl/curl_easy_unescape.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,7 +40,10 @@ will use strlen() on the input \fIurl\fP string to find out
the size.
If \fBoutlength\fP is non-NULL, the function will write the length of the
returned string in the integer it points to. This allows an escaped string
-containing %00 to still get used properly after unescaping.
+containing %00 to still get used properly after unescaping. Since this is a
+pointer to an \fIint\fP type, it can only return a value up to INT_MAX so no
+longer string can be unescaped if the string length is returned in this
+parameter.
You must \fIcurl_free(3)\fP the returned string when you're done with it.
.SH AVAILABILITY
diff --git a/docs/libcurl/curl_formadd.3 b/docs/libcurl/curl_formadd.3
index 6923913d4..5d1faa532 100644
--- a/docs/libcurl/curl_formadd.3
+++ b/docs/libcurl/curl_formadd.3
@@ -105,6 +105,8 @@ content then you must make sure strlen() on the data
pointer returns zero.
followed by a filename, causes that file to be read and its contents used
as data in this part. This part does \fInot\fP automatically become a file
upload part simply because its data was read from a file.
+
+The specified file needs to kept around until the associated transfer is done.
.IP CURLFORM_FILE
followed by a filename, makes this part a file upload part. It sets the
\fIfilename\fP field to the basename of the provided filename, it reads the
@@ -117,6 +119,8 @@ providing multiple \fBCURLFORM_FILE\fP arguments each
followed by the filename
The given upload file has to exist in its full in the file system already when
the upload starts, as libcurl needs to read the correct file size beforehand.
+
+The specified file needs to kept around until the associated transfer is done.
.IP CURLFORM_CONTENTTYPE
is used in combination with \fICURLFORM_FILE\fP. Followed by a pointer to a
string which provides the content-type for this part, possibly instead of an
@@ -144,8 +148,8 @@ data. The parameter you pass to \fICURLFORM_STREAM\fP is
the pointer passed on
to the read callback's fourth argument. If you want the part to look like a
file upload one, set the \fICURLFORM_FILENAME\fP parameter as well. Note that
when using \fICURLFORM_STREAM\fP, \fICURLFORM_CONTENTSLENGTH\fP must also be
-set with the total expected length of the part. (Option added in libcurl
-7.18.2)
+set with the total expected length of the part unless the formpost is sent
+chunked encoded. (Option added in libcurl 7.18.2)
.IP CURLFORM_ARRAY
Another possibility to send options to curl_formadd() is the
\fBCURLFORM_ARRAY\fP option, that passes a struct curl_forms array pointer as
diff --git a/docs/libcurl/curl_global_cleanup.3
b/docs/libcurl/curl_global_cleanup.3
index 2e3ff0362..04ab0437c 100644
--- a/docs/libcurl/curl_global_cleanup.3
+++ b/docs/libcurl/curl_global_cleanup.3
@@ -42,8 +42,14 @@ these other libraries.
See the description in \fIlibcurl(3)\fP of global environment requirements for
details of how to use this function.
-
+.SH CAUTION
+\fIcurl_global_cleanup(3)\fP does not block waiting for any libcurl-created
+threads to terminate (such as threads used for name resolving). If a module
+containing libcurl is dynamically unloaded while libcurl-created threads are
+still running then your program may crash or other corruption may occur. We
+recommend you do not run libcurl from any module that may be unloaded
+dynamically. This behavior may be addressed in the future.
.SH "SEE ALSO"
.BR curl_global_init "(3), "
.BR libcurl "(3), "
-
+.BR libcurl-thread "(3), "
diff --git a/docs/libcurl/curl_mprintf.3 b/docs/libcurl/curl_mprintf.3
index e861ed9ce..6ca4e595d 100644
--- a/docs/libcurl/curl_mprintf.3
+++ b/docs/libcurl/curl_mprintf.3
@@ -25,7 +25,7 @@ curl_maprintf, curl_mfprintf, curl_mprintf, curl_msnprintf,
curl_msprintf
curl_mvaprintf, curl_mvfprintf, curl_mvprintf, curl_mvsnprintf,
curl_mvsprintf - formatted output conversion
.SH SYNOPSIS
-.B #include <curl/mprintf.h>
+.B #include <gnurl/mprintf.h>
.sp
.BI "int curl_mprintf(const char *" format ", ...);"
.br
diff --git a/docs/libcurl/curl_multi_socket.3 b/docs/libcurl/curl_multi_socket.3
index 52abf1ef8..ea29e7110 100644
--- a/docs/libcurl/curl_multi_socket.3
+++ b/docs/libcurl/curl_multi_socket.3
@@ -118,7 +118,7 @@ the return code means that libcurl may have more data
available to return or
that there may be more data to send off before it is "satisfied".
In modern libcurls, \fICURLM_CALL_MULTI_PERFORM\fP or
-\fICURLM_CALL_MULTI_SOKCET\fP should not be returned and no application needs
+\fICURLM_CALL_MULTI_SOCKET\fP should not be returned and no application needs
to care about them.
NOTE that the return code is for the whole multi stack. Problems still might
have
diff --git a/docs/libcurl/curl_slist_append.3 b/docs/libcurl/curl_slist_append.3
index fed802929..2d4e30527 100644
--- a/docs/libcurl/curl_slist_append.3
+++ b/docs/libcurl/curl_slist_append.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -29,11 +29,11 @@ curl_slist_append - add a string to an slist
.BI "const char * "string ");"
.ad
.SH DESCRIPTION
-curl_slist_append() appends a specified string to a linked list of
-strings. The existing \fIlist\fP should be passed as the first argument while
-the new list is returned from this function. The specified \fIstring\fP has
-been appended when this function returns. curl_slist_append() copies the
-string.
+\fIcurl_slist_append(3)\fP appends a string to a linked list of strings. The
+existing \fBlist\fP should be passed as the first argument and the new list is
+returned from this function. Pass in NULL in the \fBlist\fP argument to create
+a new list. The specified \fBstring\fP has been appended when this function
+returns. \fIcurl_slist_append(3)\fP copies the string.
The list should be freed again (after usage) with
\fIcurl_slist_free_all(3)\fP.
@@ -42,19 +42,19 @@ A null pointer is returned if anything went wrong,
otherwise the new list
pointer is returned.
.SH EXAMPLE
.nf
- CURL handle;
- struct curl_slist *slist=NULL;
+CURL *handle;
+struct curl_slist *slist=NULL;
- slist = curl_slist_append(slist, "pragma:");
+slist = curl_slist_append(slist, "pragma:");
- if (slist == NULL)
- return -1;
+if (slist == NULL)
+ return -1;
- curl_easy_setopt(handle, CURLOPT_HTTPHEADER, slist);
+curl_easy_setopt(handle, CURLOPT_HTTPHEADER, slist);
- curl_easy_perform(handle);
+curl_easy_perform(handle);
- curl_slist_free_all(slist); /* free the list again */
+curl_slist_free_all(slist); /* free the list again */
.fi
.SH "SEE ALSO"
.BR curl_slist_free_all "(3), "
diff --git a/docs/libcurl/curl_slist_free_all.3
b/docs/libcurl/curl_slist_free_all.3
index 31d81da91..895524914 100644
--- a/docs/libcurl/curl_slist_free_all.3
+++ b/docs/libcurl/curl_slist_free_all.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,6 +32,22 @@ curl_slist_free_all() removes all traces of a previously
built curl_slist
linked list.
.SH RETURN VALUE
Nothing.
+.SH EXAMPLE
+.nf
+CURL *handle;
+struct curl_slist *slist=NULL;
+
+slist = curl_slist_append(slist, "X-libcurl: coolness");
+
+if (slist == NULL)
+ return -1;
+
+curl_easy_setopt(handle, CURLOPT_HTTPHEADER, slist);
+
+curl_easy_perform(handle);
+
+curl_slist_free_all(slist); /* free the list again */
+.fi
.SH "SEE ALSO"
.BR curl_slist_append "(3), "
diff --git a/docs/libcurl/curl_strequal.3 b/docs/libcurl/curl_strequal.3
index a745f7eb6..e9cf80387 100644
--- a/docs/libcurl/curl_strequal.3
+++ b/docs/libcurl/curl_strequal.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -27,7 +27,7 @@ curl_strequal, curl_strnequal - case insensitive string
comparisons
.sp
.BI "int curl_strequal(char *" str1 ", char *" str2 ");"
.sp
-.BI "int curl_strenqual(char *" str1 ", char *" str2 ", size_t " len ");"
+.BI "int curl_strnequal(char *" str1 ", char *" str2 ", size_t " len ");"
.SH DESCRIPTION
The
.B curl_strequal()
diff --git a/docs/libcurl/curl_version_info.3 b/docs/libcurl/curl_version_info.3
index 5244c21b8..ebb11c33b 100644
--- a/docs/libcurl/curl_version_info.3
+++ b/docs/libcurl/curl_version_info.3
@@ -153,6 +153,9 @@ libcurl was built with support for Unix domain sockets.
libcurl was built with support for Mozilla's Public Suffix List. This makes
libcurl ignore cookies with a domain that's on the list.
(Added in 7.47.0)
+.IP CURL_VERSION_HTTPS_PROXY
+libcurl was built with support for HTTPS-proxy.
+(Added in 7.52.0)
.RE
\fIssl_version\fP is an ASCII string for the OpenSSL version used. If libcurl
has no SSL support, this is NULL.
diff --git a/docs/libcurl/libcurl-multi.3 b/docs/libcurl/libcurl-multi.3
index e5a589202..76f8c3620 100644
--- a/docs/libcurl/libcurl-multi.3
+++ b/docs/libcurl/libcurl-multi.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -42,7 +42,7 @@ and when to ask libcurl to get/send data.
complicated for the application.
3. Enable the application to wait for action on its own file descriptors and
-curl's file descriptors simultaneous easily.
+curl's file descriptors simultaneously.
4. Enable event-based handling and scaling transfers up to and beyond
thousands of parallel connections.
@@ -173,8 +173,6 @@ the future, you should be aware of the following current
restrictions:
.nf
- Name resolves unless the c-ares or threaded-resolver backends are used
- - NSS SSL connections
- - HTTP proxy CONNECT operations
- SOCKS proxy handshakes
- file:// transfers
- TELNET transfers
diff --git a/docs/libcurl/libcurl-thread.3 b/docs/libcurl/libcurl-thread.3
index 379ca8ffa..c18676e7e 100644
--- a/docs/libcurl/libcurl-thread.3
+++ b/docs/libcurl/libcurl-thread.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 2015 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 2015 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -53,7 +53,7 @@
https://www.openssl.org/docs/man1.0.2/crypto/threads.html#DESCRIPTION
https://curl.haxx.se/libcurl/c/opensslthreadlock.html
.IP GnuTLS
-http://gnutls.org/manual/html_node/Thread-safety.html
+https://gnutls.org/manual/html_node/Thread-safety.html
.IP NSS
thread-safe already without anything required.
.IP PolarSSL
@@ -77,9 +77,10 @@ without using either the c-ares or threaded resolver
backends. When using
multiple threads you should set the \fICURLOPT_NOSIGNAL(3)\fP option to 1L for
all handles. Everything will or might work fine except that timeouts are not
honored during the DNS lookup - which you can work around by building libcurl
-with c-ares support. c-ares is a library that provides asynchronous name
-resolves. On some platforms, libcurl simply will not function properly
-multi-threaded unless this option is set.
+with c-ares or threaded-resolver support. c-ares is a library that provides
+asynchronous name resolves. On some platforms, libcurl simply will not
+function properly multi-threaded unless the \fICURLOPT_NOSIGNAL(3)\fP option is
+set.
.IP "Name resolving"
\fBgethostby* functions and other system calls.\fP These functions, provided
by your operating system, must be thread safe. It is very important that
diff --git a/docs/libcurl/libcurl-tutorial.3 b/docs/libcurl/libcurl-tutorial.3
index 3144da3c6..cbfb081dc 100644
--- a/docs/libcurl/libcurl-tutorial.3
+++ b/docs/libcurl/libcurl-tutorial.3
@@ -1147,7 +1147,7 @@ behind a firewall. Apps can mitigate against this by
using the
.IP "IPv6 Addresses"
libcurl will normally handle IPv6 addresses transparently and just as easily
as IPv4 addresses. That means that a sanitizing function that filters out
-addressses like 127.0.0.1 isn't sufficient--the equivalent IPv6 addresses ::1,
+addresses like 127.0.0.1 isn't sufficient--the equivalent IPv6 addresses ::1,
::, 0:00::0:1, ::127.0.0.1 and ::ffff:7f00:1 supplied somehow by an attacker
would all bypass a naive filter and could allow access to undesired local
resources. IPv6 also has special address blocks like link-local and site-local
diff --git a/docs/libcurl/opts/CMakeLists.txt b/docs/libcurl/opts/CMakeLists.txt
new file mode 100644
index 000000000..709d3e4b8
--- /dev/null
+++ b/docs/libcurl/opts/CMakeLists.txt
@@ -0,0 +1,12 @@
+# Load man_MANS from shared file
+transform_makefile_inc("Makefile.inc"
"${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake")
+include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake")
+
+add_manual_pages(man_MANS)
+
+string(REPLACE ".3" ".html" HTMLPAGES "${man_MANS}")
+string(REPLACE ".3" ".pdf" PDFPAGES "${man_MANS}")
+add_custom_target(opts-html DEPENDS ${HTMLPAGES})
+add_custom_target(opts-pdf DEPENDS ${PDFPAGES})
+add_dependencies(html opts-html)
+add_dependencies(pdf opts-pdf)
diff --git a/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.3
b/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.3
index 0896d150d..b42ba110f 100644
--- a/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.3
+++ b/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,25 @@ that one isn't working on all platforms.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_socket_t sockfd;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Do not do the transfer - only connect to host */
+ curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 1L);
+ res = curl_easy_perform(curl);
+
+ /* Extract the socket from the curl handle */
+ res = curl_easy_getinfo(curl, CURLINFO_ACTIVESOCKET, &sockfd);
+
+ if(res != CURLE_OK) {
+ printf("Error: %s\\n", curl_easy_strerror(res));
+ return 1;
+ }
+}
+.fi
.SH AVAILABILITY
Added in 7.45.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.3
b/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.3
index dceb98b06..dee0981ed 100644
--- a/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.3
+++ b/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,22 @@ See also the TIMES overview in the
\fIcurl_easy_getinfo(3)\fP man page.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ double connect;
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ res = curl_easy_perform(curl);
+ if(CURLE_OK == res) {
+ res = curl_easy_getinfo(curl, CURLINFO_APPCONNECT_TIME, &connect);
+ if(CURLE_OK == res) {
+ printf("Time: %.1f", connect);
+ }
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_CERTINFO.3
b/docs/libcurl/opts/CURLINFO_CERTINFO.3
index cb0bd8aa3..29f29ec8d 100644
--- a/docs/libcurl/opts/CURLINFO_CERTINFO.3
+++ b/docs/libcurl/opts/CURLINFO_CERTINFO.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,37 @@ for the specific named data. See also the certinfo.c example.
.SH PROTOCOLS
All TLS-based
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/";);
+
+ /* connect to any HTTPS site, trusted or not */
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+
+ curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L);
+
+ res = curl_easy_perform(curl);
+
+ if (!res) {
+ struct curl_certinfo *ci;
+ res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci);
+
+ if (!res) {
+ printf("%d certs!\\n", ci->num_of_certs);
+
+ for(i = 0; i < ci->num_of_certs; i++) {
+ struct curl_slist *slist;
+
+ for(slist = ci->certinfo[i]; slist; slist = slist->next)
+ printf("%s\\n", slist->data);
+ }
+ }
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
This option is only working in libcurl built with OpenSSL, NSS, schannel or
GSKit support. schannel support added in 7.50.0
diff --git a/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.3
b/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.3
index 452c261fb..848d29708 100644
--- a/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.3
+++ b/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,30 @@ get a zero stored if the condition instead was met.
.SH PROTOCOLS
HTTP and some
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* January 1, 2020 is 1577833200 */
+ curl_easy_setopt(curl, CURLOPT_TIMEVALUE, 1577833200L);
+
+ /* If-Modified-Since the above time stamp */
+ curl_easy_setopt(curl, CURLOPT_TIMECONDITION, CURL_TIMECOND_IFMODSINCE);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* check the time condition */
+ long unmet;
+ res = curl_easy_getinfo(curl, CURLINFO_CONDITION_UNMET, &unmet);
+ if(!res) {
+ printf("The time condition was %sfulfilled\\n", unmet?"NOT":"");
+ }
+ }
+}
+.fi
.SH AVAILABILITY
Added in 7.19.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_CONNECT_TIME.3
b/docs/libcurl/opts/CURLINFO_CONNECT_TIME.3
index 1b63e2386..f9e5d812a 100644
--- a/docs/libcurl/opts/CURLINFO_CONNECT_TIME.3
+++ b/docs/libcurl/opts/CURLINFO_CONNECT_TIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,22 @@ See also the TIMES overview in the
\fIcurl_easy_getinfo(3)\fP man page.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ double connect;
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ res = curl_easy_perform(curl);
+ if(CURLE_OK == res) {
+ res = curl_easy_getinfo(curl, CURLINFO_CONNECT_TIME, &connect);
+ if(CURLE_OK == res) {
+ printf("Time: %.1f", connect);
+ }
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.4.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3
b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3
index 311f313ae..e5148410f 100644
--- a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,10 +32,30 @@ CURLcode curl_easy_getinfo(CURL *handle,
CURLINFO_CONTENT_LENGTH_DOWNLOAD,
Pass a pointer to a double to receive the content-length of the download. This
is the value read from the Content-Length: field. Since 7.19.4, this returns
-1 if the size isn't known.
+
+\fICURLINFO_CONTENT_LENGTH_DOWNLOAD_T(3)\fP is a newer replacement that
returns a more
+sensible variable type.
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* check the size */
+ double cl;
+ res = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD, &cl);
+ if(!res) {
+ printf("Size: %.0f\\n", cl);
+ }
+ }
+}
+.fi
.SH AVAILABILITY
Added in 7.6.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3
b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3
new file mode 100644
index 000000000..f418d13d7
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3
@@ -0,0 +1,62 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_CONTENT_LENGTH_DOWNLOAD_T 3 "25 May 2017" "libcurl 7.55.0"
"curl_easy_getinfo options"
+.SH NAME
+CURLINFO_CONTENT_LENGTH_DOWNLOAD_T \- get content-length of download
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
+ curl_off_t *content_length);
+.SH DESCRIPTION
+Pass a pointer to a \fIcurl_off_t\fP to receive the content-length of the
+download. This is the value read from the Content-Length: field. Stores -1 if
+the size isn't known.
+.SH PROTOCOLS
+HTTP(S)
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* check the size */
+ curl_off_t cl;
+ res = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T, &cl);
+ if(!res) {
+ printf("Size: " CURL_FORMAT_CURL_OFF_T "\\n", cl);
+ }
+ }
+}
+.fi
+.SH AVAILABILITY
+Added in 7.55.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_CONTENT_LENGTH_UPLOAD_T "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.3
b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.3
index e40d5ea9e..deaff925b 100644
--- a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.3
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -31,13 +31,34 @@ CURLcode curl_easy_getinfo(CURL *handle,
CURLINFO_CONTENT_LENGTH_UPLOAD,
.SH DESCRIPTION
Pass a pointer to a double to receive the specified size of the upload. Since
7.19.4, this returns -1 if the size isn't known.
+
+\fICURLINFO_CONTENT_LENGTH_UPLOAD_T(3)\fP is a newer replacement that returns a
+more sensible variable type.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the upload */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* check the size */
+ double cl;
+ res = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_UPLOAD, &cl);
+ if(!res) {
+ printf("Size: %.0f\\n", cl);
+ }
+ }
+}
+.fi
.SH AVAILABILITY
Added in 7.6.1
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_CONTENT_LENGTH_DOWNLOAD_T "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3
b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3
new file mode 100644
index 000000000..04b7811f4
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3
@@ -0,0 +1,61 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_CONTENT_LENGTH_UPLOAD_T 3 "25 May 2017" "libcurl 7.55.0"
"curl_easy_getinfo options"
+.SH NAME
+CURLINFO_CONTENT_LENGTH_UPLOAD_T \- get the specified size of the upload
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CONTENT_LENGTH_UPLOAD_T,
+ curl_off_t *content_length);
+.SH DESCRIPTION
+Pass a pointer to a \fIcurl_off_t\fP to receive the specified size of the
+upload. Stores -1 if the size isn't known.
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the upload */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* check the size */
+ curl_off_t cl;
+ res = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_UPLOAD_T, &cl);
+ if(!res) {
+ printf("Size: " CURL_FORMAT_CURL_OFF_T "\\n", cl);
+ }
+ }
+}
+.fi
+.SH AVAILABILITY
+Added in 7.55.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_CONTENT_LENGTH_DOWNLOAD_T "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.3
b/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.3
index 7536000c4..3dce953e6 100644
--- a/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.3
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,24 @@ corresponding CURL handle.
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* extract the content-type */
+ char *ct = NULL;
+ res = curl_easy_getinfo(curl, CURLINFO_CONTENT_TYPE, &ct);
+ if(!res && ct) {
+ printf("Content-Type: %s\\n", ct);
+ }
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.9.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_COOKIELIST.3
b/docs/libcurl/opts/CURLINFO_COOKIELIST.3
index 961fd9828..18203dba7 100644
--- a/docs/libcurl/opts/CURLINFO_COOKIELIST.3
+++ b/docs/libcurl/opts/CURLINFO_COOKIELIST.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,7 +30,7 @@ CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_COOKIELIST,
struct curl_slist **cookies);
.SH DESCRIPTION
Pass a pointer to a 'struct curl_slist *' to receive a linked-list of all
-cookies cURL knows (expired ones, too). Don't forget to call
+cookies curl knows (expired ones, too). Don't forget to call
\fIcurl_slist_free_all(3)\fP on the list after it has been used. If there are
no cookies (cookies for the handle have not been enabled or simply none have
been received) 'struct curl_slist *' will be set to point to NULL.
@@ -40,7 +40,33 @@ domain name are not exported by this option.
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* enable the cookie engine with a non-existing file */
+ curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "-");
+
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* extract all known cookies */
+ struct curl_slist *cookies = NULL;
+ res = curl_easy_getinfo(curl, CURLINFO_COOKIELIST, &cookies);
+ if(!res && cookies) {
+ /* a linked list of cookies in cookie file format */
+ while(cookies) {
+ printf("%s", cookies->data);
+ cookies = cookies->next;
+ }
+ /* we must free these cookies when we're done */
+ curl_slist_free_all(cookies);
+ }
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.14.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.3
b/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.3
index 342fd5dc9..97c0c2ab6 100644
--- a/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.3
+++ b/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,22 @@ corresponding CURL handle.
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ char *url = NULL;
+ curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &url);
+ if(url)
+ printf("Redirect to: %s\\n", url);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_FILETIME.3
b/docs/libcurl/opts/CURLINFO_FILETIME.3
index 84093eb2a..8e1bb981f 100644
--- a/docs/libcurl/opts/CURLINFO_FILETIME.3
+++ b/docs/libcurl/opts/CURLINFO_FILETIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,7 +40,24 @@ transfer is made, by using the \fICURLOPT_FILETIME(3)\fP
option to
.SH PROTOCOLS
HTTP(S), FTP(S), SFTP
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ /* Ask for filetime */
+ curl_easy_setopt(curl, CURLOPT_FILETIME, 1L);
+ res = curl_easy_perform(curl);
+ if(CURLE_OK == res) {
+ res = curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime);
+ if((CURLE_OK == res) && (filetime >= 0)) {
+ time_t file_time = (time_t)filetime;
+ printf("filetime %s: %s", filename, ctime(&file_time));
+ }
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.5
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.3
b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.3
index e7d7fcff2..00677fd1a 100644
--- a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.3
+++ b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,24 @@ corresponding CURL handle.
.SH PROTOCOLS
FTP(S) and SFTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com";);
+
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* extract the entry path */
+ char *ep = NULL;
+ res = curl_easy_getinfo(curl, CURLINFO_FTP_ENTRY_PATH, &ep);
+ if(!res && ep) {
+ printf("Entry path was: %s\\n", ep);
+ }
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.15.4. Works for SFTP since 7.21.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_HEADER_SIZE.3
b/docs/libcurl/opts/CURLINFO_HEADER_SIZE.3
index b4b9b578f..cc928c725 100644
--- a/docs/libcurl/opts/CURLINFO_HEADER_SIZE.3
+++ b/docs/libcurl/opts/CURLINFO_HEADER_SIZE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,10 +30,27 @@ CURLcode curl_easy_getinfo(CURL *handle,
CURLINFO_HEADER_SIZE, long *sizep);
.SH DESCRIPTION
Pass a pointer to a long to receive the total size of all the headers
received. Measured in number of bytes.
+
+The total includes the size of any received headers suppressed by
+\fICURLOPT_SUPPRESS_CONNECT_HEADERS(3)\fP.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long size;
+ res = curl_easy_getinfo(curl, CURLINFO_HEADER_SIZE, &size);
+ if(!res)
+ printf("Header size: %ld bytes\\n", size);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.4.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3
b/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3
index a5d0e725a..06f841ee1 100644
--- a/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3
+++ b/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,32 @@ bits is explained in the \fICURLOPT_HTTPAUTH(3)\fP option for
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* extract the available authentication types */
+ long auth;
+ res = curl_easy_getinfo(curl, CURLINFO_HTTPAUTH_AVAIL, &auth);
+ if(!res) {
+ if(!auth)
+ printf("No auth available, perhaps no 401?\\n");
+ else {
+ printf("%s%s%s%s\\n",
+ auth & CURLAUTH_BASIC ? "Basic ":"",
+ auth & CURLAUTH_DIGEST ? "Digest ":"",
+ auth & CURLAUTH_NEGOTIATE ? "Negotiate ":"",
+ auth % CURLAUTH_NTLM ? "NTLM ":"");
+ }
+ }
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.10.8
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.3
b/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.3
index acfef77fe..5f5038d72 100644
--- a/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.3
+++ b/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -34,7 +34,24 @@ was available.
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+
+ /* typically CONNECT is used to do HTTPS over HTTP proxies */
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://127.0.0.1";);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long code;
+ res = curl_easy_getinfo(curl, CURLINFO_HTTP_CONNECTCODE, &code);
+ if(!res && code)
+ printf("The CONNECT response code: %03ld\\n", code);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.10.7
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_LASTSOCKET.3
b/docs/libcurl/opts/CURLINFO_LASTSOCKET.3
index 8e734531e..693f215d5 100644
--- a/docs/libcurl/opts/CURLINFO_LASTSOCKET.3
+++ b/docs/libcurl/opts/CURLINFO_LASTSOCKET.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -43,7 +43,25 @@ type is 64 bits large while its 'long' is 32 bits. Use the
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ long sockfd; /* doesn't work on win64! */
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Do not do the transfer - only connect to host */
+ curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 1L);
+ res = curl_easy_perform(curl);
+
+ /* Extract the socket from the curl handle */
+ res = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sockfd);
+
+ if(res != CURLE_OK) {
+ printf("Error: %s\\n", curl_easy_strerror(res));
+ return 1;
+ }
+}
+.fi
.SH AVAILABILITY
Added in 7.15.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_LOCAL_IP.3
b/docs/libcurl/opts/CURLINFO_LOCAL_IP.3
index b2228e223..e342fd2b3 100644
--- a/docs/libcurl/opts/CURLINFO_LOCAL_IP.3
+++ b/docs/libcurl/opts/CURLINFO_LOCAL_IP.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,24 @@ corresponding CURL handle.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+{
+ char *ip;
+
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request, res will get the return code */
+ res = curl_easy_perform(curl);
+ /* Check for errors */
+ if((res == CURLE_OK) &&
+ !curl_easy_getinfo(curl, CURLINFO_LOCAL_IP, &ip) && ip) {
+ printf("Local IP: %s\\n", ip);
+ }
+
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.21.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_LOCAL_PORT.3
b/docs/libcurl/opts/CURLINFO_LOCAL_PORT.3
index aa7f418ef..bf6b6e533 100644
--- a/docs/libcurl/opts/CURLINFO_LOCAL_PORT.3
+++ b/docs/libcurl/opts/CURLINFO_LOCAL_PORT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2015, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,7 +33,29 @@ connection done with this \fBcurl\fP handle.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+{
+ CURL *curl;
+ CURLcode res;
+
+ curl = curl_easy_init();
+ if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/";);
+ res = curl_easy_perform(curl);
+
+ if(CURLE_OK == res) {
+ long port;
+ res = curl_easy_getinfo(curl, CURLINFO_LOCAL_PORT, &port);
+
+ if(CURLE_OK == res) {
+ printf("We used local port: %ld\\n", port);
+ }
+ }
+ curl_easy_cleanup(curl);
+ }
+ return 0;
+}
+.fi
.SH AVAILABILITY
Added in 7.21.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.3
b/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.3
index 68059ec65..3d98ab79d 100644
--- a/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.3
+++ b/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,22 @@ See also the TIMES overview in the
\fIcurl_easy_getinfo(3)\fP man page.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ double namelookup;
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ res = curl_easy_perform(curl);
+ if(CURLE_OK == res) {
+ res = curl_easy_getinfo(curl, CURLINFO_NAMELOOKUP_TIME, &namelookup);
+ if(CURLE_OK == res) {
+ printf("Time: %.1f", namelookup);
+ }
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.4.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.3
b/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.3
index eccff500c..e682179aa 100644
--- a/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.3
+++ b/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,22 @@ to make persistent connections to save time.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long connects;
+ res = curl_easy_getinfo(curl, CURLINFO_NUM_CONNECTS, &connects);
+ if(res)
+ printf("It needed %d connects\\n", connects);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.12.3
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_OS_ERRNO.3
b/docs/libcurl/opts/CURLINFO_OS_ERRNO.3
index b56d40ea2..6348d6cf8 100644
--- a/docs/libcurl/opts/CURLINFO_OS_ERRNO.3
+++ b/docs/libcurl/opts/CURLINFO_OS_ERRNO.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -34,7 +34,22 @@ operation. The number is OS and system specific.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ res = curl_easy_perform(curl);
+ if(res != CURLE_OK) {
+ long error;
+ res = curl_easy_getinfo(curl, CURLINFO_OS_ERRNO, &error);
+ if(res && error) {
+ printf("Errno: %ld\n", error);
+ }
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.12.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.3
b/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.3
index c445ea093..04802f21c 100644
--- a/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.3
+++ b/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,22 @@ See also the TIMES overview in the
\fIcurl_easy_getinfo(3)\fP man page.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ double pretransfer;
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ res = curl_easy_perform(curl);
+ if(CURLE_OK == res) {
+ res = curl_easy_getinfo(curl, CURLINFO_PRETRANSFER_TIME, &pretransfer);
+ if(CURLE_OK == res) {
+ printf("Time: %.1f", pretransfer);
+ }
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.4.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_PRIMARY_IP.3
b/docs/libcurl/opts/CURLINFO_PRIMARY_IP.3
index 9d276ead0..ec859d5d5 100644
--- a/docs/libcurl/opts/CURLINFO_PRIMARY_IP.3
+++ b/docs/libcurl/opts/CURLINFO_PRIMARY_IP.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2015, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,8 +38,26 @@ The \fBip\fP pointer will be NULL or pointing to private
memory you MUST NOT
free - it gets freed when you call \fIcurl_easy_cleanup(3)\fP on the
corresponding CURL handle.
.SH PROTOCOLS
+All network based ones
.SH EXAMPLE
-TODO
+.nf
+{
+ char *ip;
+
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request, res will get the return code */
+ res = curl_easy_perform(curl);
+ /* Check for errors */
+ if((res == CURLE_OK) &&
+ !curl_easy_getinfo(curl, CURLINFO_PRIMARY_IP, &ip) && ip) {
+ printf("IP: %s\\n", ip);
+ }
+
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.3
b/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.3
index 45ed6a689..f86855412 100644
--- a/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.3
+++ b/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,7 +33,21 @@ connection done with this \fBcurl\fP handle.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long port;
+ res = curl_easy_getinfo(curl, CURLINFO_PRIMARY_PORT, &port);
+ if(!res)
+ printf("Connected to remote port: %ld\\n", port);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.21.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_PRIVATE.3
b/docs/libcurl/opts/CURLINFO_PRIVATE.3
index a7fe9d538..03418e364 100644
--- a/docs/libcurl/opts/CURLINFO_PRIVATE.3
+++ b/docs/libcurl/opts/CURLINFO_PRIVATE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,22 @@ pointer, although effectively being a 'void *'.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ void *pointer = 0x2345454;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ /* set the private pointer */
+ curl_easy_setopt(curl, CURLOPT_PRIVATE, pointer);
+ ret = curl_easy_perform(curl);
+
+ /* extract the private pointer again */
+ ret = curl_easy_getinfo(curl, CURLINFO_PRIVATE, &pointer);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.10.3
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_PROTOCOL.3
b/docs/libcurl/opts/CURLINFO_PROTOCOL.3
new file mode 100644
index 000000000..b82111876
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_PROTOCOL.3
@@ -0,0 +1,55 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_PROTOCOL 3 "23 November 2016" "libcurl 7.52.0" "curl_easy_getinfo
options"
+.SH NAME
+CURLINFO_PROTOCOL \- get the protocol used in the connection
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_PROTOCOL, long *p);
+.SH DESCRIPTION
+Pass a pointer to a long to receive the version used in the last http
connection.
+The returned value will be one of the CURLPROTO_* values.
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long protocol;
+ curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &protocol);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLINFO_RESPONSE_CODE "(3), "
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3
b/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3
index d07c5b953..2a7724080 100644
--- a/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3
+++ b/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,33 @@ bits is explained in the \fICURLOPT_PROXYAUTH(3)\fP option
for
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://127.0.0.1:80";);
+
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* extract the available proxy authentication types */
+ long auth;
+ res = curl_easy_getinfo(curl, CURLINFO_PROXYAUTH_AVAIL, &auth);
+ if(!res) {
+ if(!auth)
+ printf("No proxy auth available, perhaps no 407?\\n");
+ else {
+ printf("%s%s%s%s\\n",
+ auth & CURLAUTH_BASIC ? "Basic ":"",
+ auth & CURLAUTH_DIGEST ? "Digest ":"",
+ auth & CURLAUTH_NEGOTIATE ? "Negotiate ":"",
+ auth % CURLAUTH_NTLM ? "NTLM ":"");
+ }
+ }
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.10.8
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.3
b/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.3
new file mode 100644
index 000000000..b6ef7d13e
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.3
@@ -0,0 +1,57 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_PROXY_SSL_VERIFYRESULT 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_getinfo options"
+.SH NAME
+CURLINFO_PROXY_SSL_VERIFYRESULT \- get the result of the proxy certificate
verification
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_PROXY_SSL_VERIFYRESULT, long
*result);
+.SH DESCRIPTION
+Pass a pointer to a long to receive the result of the certificate verification
+that was requested (using the \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP
+option. This is only used for HTTPS proxies.
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ long verifyresult;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy:443";);
+ res = curl_easy_perform(curl);
+ curl_easy_getinfo(curl, CURLINFO_PROXY_SSL_VERIFYRESULT, &verifyresult);
+ printf("The peer verification said %s\\n", verifyresult?
+ "fine":"BAAAD");
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_SSL_VERIFYRESULT "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.3
b/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.3
index ee1ebbb62..61d79830b 100644
--- a/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.3
+++ b/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,7 +33,20 @@ actually followed.
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long redirects;
+ curl_easy_getinfo(curl, CURLINFO_REDIRECT_COUNT, &redirects);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.9.7
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.3
b/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.3
index 1a9e6dfb1..26416c1b4 100644
--- a/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.3
+++ b/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,22 @@ See also the TIMES overview in the
\fIcurl_easy_getinfo(3)\fP man page.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ double redirect;
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ res = curl_easy_perform(curl);
+ if(CURLE_OK == res) {
+ res = curl_easy_getinfo(curl, CURLINFO_REDIRECT_TIME, &redirect);
+ if(CURLE_OK == res) {
+ printf("Time: %.1f", redirect);
+ }
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.9.7
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_URL.3
b/docs/libcurl/opts/CURLINFO_REDIRECT_URL.3
index a7bf7261e..f4f882e5b 100644
--- a/docs/libcurl/opts/CURLINFO_REDIRECT_URL.3
+++ b/docs/libcurl/opts/CURLINFO_REDIRECT_URL.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,10 +33,27 @@ take you to if you would enable
\fICURLOPT_FOLLOWLOCATION(3)\fP. This can come
very handy if you think using the built-in libcurl redirect logic isn't good
enough for you but you would still prefer to avoid implementing all the magic
of figuring out the new URL.
+
+This URL is also set if the \fICURLOPT_MAXREDIRS(3)\fP limit prevented a
+redirect to happen (since 7.54.1).
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ char *url = NULL;
+ curl_easy_getinfo(curl, CURLINFO_REDIRECT_URL, &url);
+ if(url)
+ printf("Redirect to: %s\\n", url);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.18.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.3
b/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.3
index 6f857353a..43b183fc4 100644
--- a/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.3
+++ b/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -34,7 +34,21 @@ than one request if \fICURLOPT_FOLLOWLOCATION(3)\fP is
enabled.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long req;
+ res = curl_easy_getinfo(curl, CURLINFO_REQUEST_SIZE, &req);
+ if(!res)
+ printf("Request size: %ld bytes\\n", req);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.4.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.3
b/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.3
index 822fde83d..6ca6781f5 100644
--- a/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.3
+++ b/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,7 +33,19 @@ application.
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://rtsp.example.com");
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long cseq;
+ curl_easy_getinfo(curl, CURLINFO_RTSP_CLIENT_CSEQ, &cseq);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.3
b/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.3
index 13d131914..66e9f6a08 100644
--- a/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.3
+++ b/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,19 @@ value.
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://rtsp.example.com");
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long cseq;
+ curl_easy_getinfo(curl, CURLINFO_RTSP_CSEQ_RECV, &cseq);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.3
b/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.3
index 571a915c8..1334dc5a6 100644
--- a/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.3
+++ b/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,19 @@ retrieve this info before closing the active connection.
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://rtsp.example.com");
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ long cseq;
+ curl_easy_getinfo(curl, CURLINFO_RTSP_SERVER_CSEQ, &cseq);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.3
b/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.3
index 4d4d3f1d4..faa52f3f8 100644
--- a/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.3
+++ b/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,7 +40,19 @@ corresponding CURL handle.
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://rtsp.example.com");
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ char *id;
+ curl_easy_getinfo(curl, CURLINFO_RTSP_SESSION_ID, &id);
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_SCHEME.3
b/docs/libcurl/opts/CURLINFO_SCHEME.3
new file mode 100644
index 000000000..38a3d15ba
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_SCHEME.3
@@ -0,0 +1,62 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_SCHEME 3 "23 November 2016" "libcurl 7.52.0" "curl_easy_getinfo
options"
+.SH NAME
+CURLINFO_SCHEME \- get the URL scheme (sometimes called protocol) used in the
connection
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_SCHEME, char **scheme);
+.SH DESCRIPTION
+Pass a pointer to a char pointer to receive the pointer to a zero-terminated
+string holding the URL scheme used for the most recent connection done with
+this CURL \fBhandle\fP.
+
+The \fBscheme\fP pointer will be NULL or pointing to private memory you MUST
+NOT free - it gets freed when you call \fIcurl_easy_cleanup(3)\fP on the
+corresponding CURL handle.
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ res = curl_easy_perform(curl);
+ if(res == CURLE_OK) {
+ char *scheme = NULL;
+ curl_easy_getinfo(curl, CURLINFO_SCHEME, &scheme);
+ if(scheme)
+ printf("scheme: %s\\n", scheme); /* scheme: HTTP */
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLINFO_RESPONSE_CODE "(3), "
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.3
b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.3
index 85039ffef..6253fed79 100644
--- a/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.3
+++ b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,13 +33,35 @@ downloaded. The amount is only for the latest transfer and
will be reset
again for each new transfer. This counts actual payload data, what's also
commonly called body. All meta and header data are excluded and will not be
counted in this number.
+
+\fICURLINFO_SIZE_DOWNLOAD_T(3)\fP is a newer replacement that returns a more
+sensible variable type.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* check the size */
+ double dl;
+ res = curl_easy_getinfo(curl, CURLINFO_SIZE_DOWNLOAD, &dl);
+ if(!res) {
+ printf("Downloaded %.0f bytes\\n", cl);
+ }
+ }
+}
+.fi
.SH AVAILABILITY
Added in 7.4.1
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_SIZE_DOWNLOAD_T "(3), "
+.BR CURLINFO_SIZE_UPLOAD_T "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.3
b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.3
new file mode 100644
index 000000000..834c6d6f0
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.3
@@ -0,0 +1,64 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_SIZE_DOWNLOAD_T 3 "25 May 2017" "libcurl 7.55.0"
"curl_easy_getinfo options"
+.SH NAME
+CURLINFO_SIZE_DOWNLOAD_T \- get the number of downloaded bytes
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_SIZE_DOWNLOAD_T, curl_off_t
*dlp);
+.SH DESCRIPTION
+Pass a pointer to a \fIcurl_off_t\fP to receive the total amount of bytes that
+were downloaded. The amount is only for the latest transfer and will be reset
+again for each new transfer. This counts actual payload data, what's also
+commonly called body. All meta and header data are excluded and will not be
+counted in this number.
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ /* check the size */
+ curl_off_t dl;
+ res = curl_easy_getinfo(curl, CURLINFO_SIZE_DOWNLOAD_T, &dl);
+ if(!res) {
+ printf("Downloaded " CURL_FORMAT_CURL_OFF_T " bytes\\n", cl);
+ }
+ }
+}
+.fi
+.SH AVAILABILITY
+Added in 7.55.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_SIZE_DOWNLOAD "(3), "
+.BR CURLINFO_SIZE_UPLOAD_T "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.3
b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.3
index 034c6df45..704902d6c 100644
--- a/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.3
+++ b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,13 +30,33 @@ CURLcode curl_easy_getinfo(CURL *handle,
CURLINFO_SIZE_UPLOAD, double *uploadp);
.SH DESCRIPTION
Pass a pointer to a double to receive the total amount of bytes that were
uploaded.
+
+\fICURLINFO_SIZE_UPLOAD_T(3)\fP is a newer replacement that returns a more
+sensible variable type.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ double ul;
+ res = curl_easy_getinfo(curl, CURLINFO_SIZE_UPLOAD, &ul);
+ if(!res) {
+ printf("Uploaded %.0f bytes\\n", ul);
+ }
+ }
+}
+.fi
.SH AVAILABILITY
Added in 7.4.1
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_SIZE_DOWNLOAD_T "(3), " CURLINFO_SIZE_UPLOAD_T "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.3
b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.3
new file mode 100644
index 000000000..2999be460
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.3
@@ -0,0 +1,59 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_SIZE_UPLOAD_T 3 "25 May 2017" "libcurl 7.55.0" "curl_easy_getinfo
options"
+.SH NAME
+CURLINFO_SIZE_UPLOAD_T \- get the number of uploaded bytes
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_SIZE_UPLOAD_T, curl_off_t
*uploadp);
+.SH DESCRIPTION
+Pass a pointer to a \fIcurl_off_t\fP to receive the total amount of bytes that
+were uploaded.
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ curl_off_t ul;
+ res = curl_easy_getinfo(curl, CURLINFO_SIZE_UPLOAD_T, &ul);
+ if(!res) {
+ printf("Uploaded " CURL_FORMAT_CURL_OFF_T " bytes\\n", ul);
+ }
+ }
+}
+.fi
+.SH AVAILABILITY
+Added in 7.55.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_SIZE_DOWNLOAD_T "(3), " CURLINFO_SIZE_UPLOAD "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.3
b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.3
index ef1c739e8..e78503c10 100644
--- a/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.3
+++ b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,9 +30,28 @@ CURLcode curl_easy_getinfo(CURL *handle,
CURLINFO_SPEED_DOWNLOAD, double *speed)
.SH DESCRIPTION
Pass a pointer to a double to receive the average download speed that curl
measured for the complete download. Measured in bytes/second.
+
+\fICURLINFO_SPEED_DOWNLOAD_T(3)\fP is a newer replacement that returns a more
+sensible variable type.
.SH PROTOCOLS
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ double speed;
+ res = curl_easy_getinfo(curl, CURLINFO_SPEED_DOWNLOAD, &speed);
+ if(!res) {
+ printf("Download speed %.0f bytes/sec\\n", ul);
+ }
+ }
+}
+.fi
.SH AVAILABILITY
Added in 7.4.1
.SH RETURN VALUE
@@ -40,3 +59,4 @@ Returns CURLE_OK if the option is supported, and
CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
.BR CURLINFO_SPEED_UPLOAD "(3), "
+.BR CURLINFO_SIZE_UPLOAD_T "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.3
b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.3
new file mode 100644
index 000000000..413389c80
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.3
@@ -0,0 +1,59 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_SPEED_DOWNLOAD_T 3 "28 Aug 2015" "libcurl 7.44.0"
"curl_easy_getinfo options"
+.SH NAME
+CURLINFO_SPEED_DOWNLOAD_T \- get download speed
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_SPEED_DOWNLOAD_T, curl_off_t
*speed);
+.SH DESCRIPTION
+Pass a pointer to a \fIcurl_off_t\fP to receive the average download speed
+that curl measured for the complete download. Measured in bytes/second.
+.SH PROTOCOLS
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ curl_off_t speed;
+ res = curl_easy_getinfo(curl, CURLINFO_SPEED_DOWNLOAD_T, &speed);
+ if(!res) {
+ printf("Download speed " CURL_FORMAT_CURL_OFF_T " bytes/sec\\n", ul);
+ }
+ }
+}
+.fi
+.SH AVAILABILITY
+Added in 7.55.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_SPEED_UPLOAD "(3), "
+.BR CURLINFO_SIZE_UPLOAD_T "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.3
b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.3
index f79ea1f1e..9d2e330d0 100644
--- a/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.3
+++ b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,9 +30,28 @@ CURLcode curl_easy_getinfo(CURL *handle,
CURLINFO_SPEED_UPLOAD, double *speed);
.SH DESCRIPTION
Pass a pointer to a double to receive the average upload speed that curl
measured for the complete upload. Measured in bytes/second.
+
+\fICURLINFO_SPEED_UPLOAD_T(3)\fP is a newer replacement that returns a more
+sensible variable type.
.SH PROTOCOLS
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ double speed;
+ res = curl_easy_getinfo(curl, CURLINFO_SPEED_UPLOAD, &speed);
+ if(!res) {
+ printf("Upload speed %.0f bytes/sec\\n", ul);
+ }
+ }
+}
+.fi
.SH AVAILABILITY
Added in
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.3
b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.3
new file mode 100644
index 000000000..36389b34b
--- /dev/null
+++ b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.3
@@ -0,0 +1,58 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_SPEED_UPLOAD_T 3 "25 May 2017" "libcurl 7.55.0"
"curl_easy_getinfo options"
+.SH NAME
+CURLINFO_SPEED_UPLOAD_T \- get upload speed
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_SPEED_UPLOAD_T, curl_off_t
*speed);
+.SH DESCRIPTION
+Pass a pointer to a \fIcurl_off_t\fP to receive the average upload speed that
+curl measured for the complete upload. Measured in bytes/second.
+.SH PROTOCOLS
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+
+ if(!res) {
+ curl_off_t speed;
+ res = curl_easy_getinfo(curl, CURLINFO_SPEED_UPLOAD_T, &speed);
+ if(!res) {
+ printf("Upload speed " CURL_FORMAT_CURL_OFF_T " bytes/sec\\n", ul);
+ }
+ }
+}
+.fi
+.SH AVAILABILITY
+Added in 7.55.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "
+.BR CURLINFO_SPEED_DOWNLOAD_T "(3), "
diff --git a/docs/libcurl/opts/CURLINFO_SSL_ENGINES.3
b/docs/libcurl/opts/CURLINFO_SSL_ENGINES.3
index c1ebfc9a2..ab598f1e9 100644
--- a/docs/libcurl/opts/CURLINFO_SSL_ENGINES.3
+++ b/docs/libcurl/opts/CURLINFO_SSL_ENGINES.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,20 @@ data for you.
.SH PROTOCOLS
All TLS based ones.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ struct curl_slist *engines;
+ res = curl_easy_getinfo(curl, CURLINFO_SSL_ENGINES, &engines);
+ if((res == CURLE_OK) && engines) {
+ /* we have a list, free it when done using it */
+ curl_slist_free_all(engines);
+ }
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.12.3. Available in OpenSSL builds with "engine" support.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.3
b/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.3
index a87ccfe0a..1afb693a4 100644
--- a/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.3
+++ b/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -22,19 +22,31 @@
.\"
.TH CURLINFO_SSL_VERIFYRESULT 3 "1 Sep 2015" "libcurl 7.44.0"
"curl_easy_getinfo options"
.SH NAME
-CURLINFO_SSL_VERIFYRESULT \- get the result of the certification verification
+CURLINFO_SSL_VERIFYRESULT \- get the result of the certificate verification
.SH SYNOPSIS
#include <curl/curl.h>
CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_SSL_VERIFYRESULT, long
*result);
.SH DESCRIPTION
-Pass a pointer to a long to receive the result of the certification
+Pass a pointer to a long to receive the result of the server SSL certificate
verification that was requested (using the \fICURLOPT_SSL_VERIFYPEER(3)\fP
option.
.SH PROTOCOLS
All using TLS
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ long verifyresult;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+ res = curl_easy_perform(curl);
+ curl_easy_getinfo(curl, CURLINFO_SSL_VERIFYRESULT, &verifyresult);
+ printf("The peer verification said %s\\n", verifyresult?
+ "fine":"BAAAD");
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.5
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.3
b/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.3
index 546436481..fa2e6c53b 100644
--- a/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.3
+++ b/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,22 @@ See also the TIMES overview in the
\fIcurl_easy_getinfo(3)\fP man page.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ double start;
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ res = curl_easy_perform(curl);
+ if(CURLE_OK == res) {
+ res = curl_easy_getinfo(curl, CURLINFO_STARTTRANSFER_TIME, &start);
+ if(CURLE_OK == res) {
+ printf("Time: %.1f", start);
+ }
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.9.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLINFO_TLS_SESSION.3
b/docs/libcurl/opts/CURLINFO_TLS_SESSION.3
index 3cc3b655c..fcfa17f25 100644
--- a/docs/libcurl/opts/CURLINFO_TLS_SESSION.3
+++ b/docs/libcurl/opts/CURLINFO_TLS_SESSION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -49,7 +49,17 @@ information.
.SH PROTOCOLS
All TLS-based
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ struct curl_tlssessioninfo *tls;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+ res = curl_easy_perform(curl);
+ curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &tls);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.34.0, and supported OpenSSL, GnuTLS, NSS and gskit only up until
7.48.0 was released.
diff --git a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3
b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3
index decf0fca8..59ddd599c 100644
--- a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3
+++ b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -128,7 +128,17 @@ https://github.com/curl/curl/issues/685
.SH PROTOCOLS
All TLS-based
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode res;
+ struct curl_tlssessioninfo *tls;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+ res = curl_easy_perform(curl);
+ curl_easy_getinfo(curl, CURLINFO_TLS_SSL_PTR, &tls);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.48.0.
diff --git a/docs/libcurl/opts/CURLINFO_TOTAL_TIME.3
b/docs/libcurl/opts/CURLINFO_TOTAL_TIME.3
index b068a8b8a..dea83d88e 100644
--- a/docs/libcurl/opts/CURLINFO_TOTAL_TIME.3
+++ b/docs/libcurl/opts/CURLINFO_TOTAL_TIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,22 @@ See also the TIMES overview in the
\fIcurl_easy_getinfo(3)\fP man page.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ double total;
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ res = curl_easy_perform(curl);
+ if(CURLE_OK == res) {
+ res = curl_easy_getinfo(curl, CURLINFO_TOTAL_TIME, &total);
+ if(CURLE_OK == res) {
+ printf("Time: %.1f", total);
+ }
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.4.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
b/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
index ab2d2f63e..f07676082 100644
--- a/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
+++ b/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,11 @@ The default value is 0, which means that the penalization is
inactive.
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURLM *m = curl_multi_init();
+long maxchunk = 10000;
+curl_multi_setopt(m, CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE, maxchunk);
+.fi
.SH AVAILABILITY
Added in 7.30.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
b/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
index 3b4e81d67..c7a004041 100644
--- a/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
+++ b/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,11 @@ The default value is 0, which means that the size
penalization is inactive.
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURLM *m = curl_multi_init();
+long maxlength = 10000;
+curl_multi_setopt(m, CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE, maxlength);
+.fi
.SH AVAILABILITY
Added in 7.30.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.3
b/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.3
index ee9bdca7f..eda68568c 100644
--- a/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.3
+++ b/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -51,7 +51,11 @@ See DESCRIPTION
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURLM *m = curl_multi_init();
+/* only keep 10 connections in the cache */
+curl_multi_setopt(m, CURLMOPT_MAXCONNECTS, 10L);
+.fi
.SH AVAILABILITY
Added in 7.16.3
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.3
b/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.3
index 2e0352f99..9507a04ec 100644
--- a/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.3
+++ b/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -49,7 +49,11 @@ considered to be the host for which this limit counts.
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURLM *m = curl_multi_init();
+/* do no more than 2 connections per host */
+curl_multi_setopt(m, CURLMOPT_MAX_HOST_CONNECTIONS, 2L);
+.fi
.SH AVAILABILITY
Added in 7.30.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.3
b/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.3
index cac3c7193..4ced6bfb9 100644
--- a/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.3
+++ b/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -29,8 +29,8 @@ CURLMOPT_MAX_PIPELINE_LENGTH \- maximum number of requests in
a pipeline
CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_MAX_PIPELINE_LENGTH, long
max);
.SH DESCRIPTION
Pass a long. The set \fBmax\fP number will be used as the maximum amount of
-outstanding requests in a pipelined connection. Only used if pipelining is
-enabled.
+outstanding requests in an HTTP/1.1 pipelined connection. This option is only
+used for HTTP/1.1 pipelining, not for HTTP/2 multiplexing.
When this limit is reached, libcurl will use another connection to the same
host (see \fICURLMOPT_MAX_HOST_CONNECTIONS(3)\fP), or queue the request until
@@ -42,7 +42,11 @@ total number of requests in-flight is
\fICURLMOPT_MAX_HOST_CONNECTIONS(3)\fP *
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURLM *m = curl_multi_init();
+/* set a more conservative pipe length */
+curl_multi_setopt(m, CURLMOPT_MAX_PIPELINE_LENGTH, 3L);
+.fi
.SH AVAILABILITY
Added in 7.30.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
b/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
index ea53bffff..bca000186 100644
--- a/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
+++ b/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,11 @@ controlled by the number of easy handles added.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURLM *m = curl_multi_init();
+/* never do more than 15 connections */
+curl_multi_setopt(m, CURLMOPT_MAX_TOTAL_CONNECTIONS, 15L);
+.fi
.SH AVAILABILITY
Added in 7.30.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_PIPELINING.3
b/docs/libcurl/opts/CURLMOPT_PIPELINING.3
index 1a4047659..796ac3c77 100644
--- a/docs/libcurl/opts/CURLMOPT_PIPELINING.3
+++ b/docs/libcurl/opts/CURLMOPT_PIPELINING.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -65,7 +65,12 @@ existing connection if possible. This requires HTTP/2.
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+CURLM *m = curl_multi_init();
+/* try HTTP/1 pipelining and HTTP/2 multiplexing */
+curl_multi_setopt(m, CURLMOPT_PIPELINING, CURLPIPE_HTTP1 |
+ CURLPIPE_MULTIPLEX);
+.fi
.SH AVAILABILITY
Added in 7.16.0. Multiplex support bit added in 7.43.0.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_PUSHDATA.3
b/docs/libcurl/opts/CURLMOPT_PUSHDATA.3
index ca9fe8a88..d8ada0100 100644
--- a/docs/libcurl/opts/CURLMOPT_PUSHDATA.3
+++ b/docs/libcurl/opts/CURLMOPT_PUSHDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,37 @@ NULL
.SH PROTOCOLS
HTTP(S)
.SH EXAMPLE
-TODO
+.nf
+/* only allow pushes for file names starting with "push-" */
+int push_callback(CURL *parent,
+ CURL *easy,
+ size_t num_headers,
+ struct curl_pushheaders *headers,
+ void *userp)
+{
+ char *headp;
+ int *transfers = (int *)userp;
+ FILE *out;
+ headp = curl_pushheader_byname(headers, ":path");
+ if(headp && !strncmp(headp, "/push-", 6)) {
+ fprintf(stderr, "The PATH is %s\\n", headp);
+
+ /* save the push here */
+ out = fopen("pushed-stream", "wb");
+
+ /* write to this file */
+ curl_easy_setopt(easy, CURLOPT_WRITEDATA, out);
+
+ (*transfers)++; /* one more */
+
+ return CURL_PUSH_OK;
+ }
+ return CURL_PUSH_DENY;
+}
+
+curl_multi_setopt(multi, CURLMOPT_PUSHFUNCTION, push_callback);
+curl_multi_setopt(multi, CURLMOPT_PUSHDATA, &counter);
+.fi
.SH AVAILABILITY
Added in 7.44.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_SOCKETDATA.3
b/docs/libcurl/opts/CURLMOPT_SOCKETDATA.3
index b9cdc834f..54e8befa6 100644
--- a/docs/libcurl/opts/CURLMOPT_SOCKETDATA.3
+++ b/docs/libcurl/opts/CURLMOPT_SOCKETDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,34 @@ NULL
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
+{
+ GlobalInfo *g = (GlobalInfo*) cbp;
+ SockInfo *fdp = (SockInfo*) sockp;
+
+ if(what == CURL_POLL_REMOVE) {
+ remsock(fdp);
+ }
+ else {
+ if(!fdp) {
+ addsock(s, e, what, g);
+ }
+ else {
+ setsock(fdp, s, e, what, g);
+ }
+ }
+ return 0;
+}
+
+main()
+{
+ GlobalInfo setup;
+ /* ... use socket callback and custom pointer */
+ curl_multi_setopt(multi, CURLMOPT_SOCKETFUNCTION, sock_cb);
+ curl_multi_setopt(multi, CURLMOPT_SOCKETDATA, &setup);
+}
+.fi
.SH AVAILABILITY
Added in 7.15.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3
b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3
index 51961972b..2b2b322fe 100644
--- a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3
+++ b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -63,7 +63,34 @@ NULL (no callback)
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
+{
+ GlobalInfo *g = (GlobalInfo*) cbp;
+ SockInfo *fdp = (SockInfo*) sockp;
+
+ if(what == CURL_POLL_REMOVE) {
+ remsock(fdp);
+ }
+ else {
+ if(!fdp) {
+ addsock(s, e, what, g);
+ }
+ else {
+ setsock(fdp, s, e, what, g);
+ }
+ }
+ return 0;
+}
+
+main()
+{
+ GlobalInfo setup;
+ /* ... use socket callback and custom pointer */
+ curl_multi_setopt(multi, CURLMOPT_SOCKETFUNCTION, sock_cb);
+ curl_multi_setopt(multi, CURLMOPT_SOCKETDATA, &setup);
+}
+.fi
.SH AVAILABILITY
Added in 7.15.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_TIMERDATA.3
b/docs/libcurl/opts/CURLMOPT_TIMERDATA.3
index 9d2b66f95..6f590d3e7 100644
--- a/docs/libcurl/opts/CURLMOPT_TIMERDATA.3
+++ b/docs/libcurl/opts/CURLMOPT_TIMERDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,41 @@ NULL
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+static gboolean timeout_cb(gpointer user_data)
+{
+ int running;
+ if(user_data) {
+ g_free(user_data);
+ curl_multi_setopt(curl_handle, CURLMOPT_TIMERDATA, NULL);
+ }
+ curl_multi_socket_action(multi, CURL_SOCKET_TIMEOUT, 0, &running);
+ return G_SOURCE_REMOVE;
+}
+
+static int timerfunc(CURLM *multi, long timeout_ms, void *userp)
+{
+ guint *id = userp;
+
+ if(id)
+ g_source_remove(*id);
+
+ /* -1 means we should just delete our timer. */
+ if(timeout_ms == -1) {
+ g_free(id);
+ id = NULL;
+ }
+ else {
+ if(!id)
+ id = g_new(guint, 1);
+ *id = g_timeout_add(timeout_ms, timeout_cb, id);
+ }
+ curl_multi_setopt(multi, CURLMOPT_TIMERDATA, id);
+ return 0;
+}
+
+curl_multi_setopt(multi, CURLMOPT_TIMERFUNCTION, timerfunc);
+.fi
.SH AVAILABILITY
Added in 7.16.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3
b/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3
index 7fcb7a51a..778a26c61 100644
--- a/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3
+++ b/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -62,33 +62,36 @@ NULL
All
.SH EXAMPLE
.nf
-static gboolean timeout_cb(gpointer user_data) {
- if (user_data) {
- g_free(user_data);
- curl_multi_setopt(curl_handle, CURLMOPT_TIMERDATA, NULL);
- }
- int running;
- curl_multi_socket_action(multi, CURL_SOCKET_TIMEOUT, 0, &running);
- return G_SOURCE_REMOVE;
+static gboolean timeout_cb(gpointer user_data)
+{
+ int running;
+ if(user_data) {
+ g_free(user_data);
+ curl_multi_setopt(curl_handle, CURLMOPT_TIMERDATA, NULL);
+ }
+ curl_multi_socket_action(multi, CURL_SOCKET_TIMEOUT, 0, &running);
+ return G_SOURCE_REMOVE;
}
-static int timerfunc(CURLM *multi, long timeout_ms, void *userp) {
- guint *id = userp;
+static int timerfunc(CURLM *multi, long timeout_ms, void *userp)
+{
+ guint *id = userp;
- if (id)
- g_source_remove(*id);
+ if(id)
+ g_source_remove(*id);
- // -1 means we should just delete our timer.
- if (timeout_ms == -1) {
- g_free(id);
- id = NULL;
- } else {
- if (!id)
- id = g_new(guint, 1);
- *id = g_timeout_add(timeout_ms, timeout_cb, id);
- }
- curl_multi_setopt(multi, CURLMOPT_TIMERDATA, id);
- return 0;
+ /* -1 means we should just delete our timer. */
+ if(timeout_ms == -1) {
+ g_free(id);
+ id = NULL;
+ }
+ else {
+ if(!id)
+ id = g_new(guint, 1);
+ *id = g_timeout_add(timeout_ms, timeout_cb, id);
+ }
+ curl_multi_setopt(multi, CURLMOPT_TIMERDATA, id);
+ return 0;
}
curl_multi_setopt(multi, CURLMOPT_TIMERFUNCTION, timerfunc);
diff --git a/docs/libcurl/opts/CURLOPT_ABSTRACT_UNIX_SOCKET.3
b/docs/libcurl/opts/CURLOPT_ABSTRACT_UNIX_SOCKET.3
new file mode 100644
index 000000000..8b61854c0
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_ABSTRACT_UNIX_SOCKET.3
@@ -0,0 +1,58 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_ABSTRACT_UNIX_SOCKET 3 "08 Jan 2017" "libcurl 7.53.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_ABSTRACT_UNIX_SOCKET \- set an abstract Unix domain socket
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_ABSTRACT_UNIX_SOCKET, char
*path);
+.SH DESCRIPTION
+Enables the use of an abstract Unix domain socket instead of establishing a TCP
+connection to a host. The parameter should be a char * to a zero terminated
string
+holding the path of the socket. The path will be set to \fIpath\fP prefixed by
a
+NULL byte (this is the convention for abstract sockets, however it should be
stressed
+that the path passed to this function should not contain a leading NULL).
+
+On non-supporting platforms, the abstract address will be interpreted as an
empty
+string and fail gracefully, generating a run-time error.
+
+This option shares the same semantics as
+.BR CURLOPT_UNIX_SOCKET_PATH "(3)
+in which documentation more details can be found. Internally, these two
options share
+the same storage and therefore only one of them can be set per handle.
+
+.SH DEFAULT
+Default is NULL.
+.SH EXAMPLE
+.nf
+ curl_easy_setopt(curl_handle, CURLOPT_ABSTRACT_UNIX_SOCKET,
"/tmp/foo.sock");
+ curl_easy_setopt(curl_handle, CURLOPT_URL, "http://localhost/";);
+.fi
+
+.SH AVAILABILITY
+Since 7.53.0.
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_UNIX_SOCKET_PATH "(3), " unix "(7), "
diff --git a/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3
b/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3
index c31263139..3a5fc166d 100644
--- a/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3
+++ b/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3
@@ -58,6 +58,9 @@ The Content-Length: servers send for a compressed response is
supposed to
indicate the length of the compressed content so when auto decoding is enabled
it may not match the sum of bytes reported by the write callbacks (although,
sending the length of the non-compressed content is a common server mistake).
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.3
b/docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.3
index f323279bd..4ce6db9b1 100644
--- a/docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.3
+++ b/docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,20 @@ link-local or site-local addresses.
.SH PROTOCOLS
All, when using IPv6
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* 0x2 link-local
+ 0x5 site-local
+ 0x8 organization-local
+ 0xe global ... */
+ curl_easy_setopt(curl, CURLOPT_ADDRESS_SCOPE, 0xEL);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_AUTOREFERER.3
b/docs/libcurl/opts/CURLOPT_AUTOREFERER.3
index e6a3a085d..4d8a1c04d 100644
--- a/docs/libcurl/opts/CURLOPT_AUTOREFERER.3
+++ b/docs/libcurl/opts/CURLOPT_AUTOREFERER.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,22 @@ a Location: redirect.
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ /* follow redirects */
+ curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+
+ /* set Referer: automatically when following redirects */
+ curl_easy_setopt(curl, CURLOPT_AUTOREFERER, 1L);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Along with HTTP
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_BUFFERSIZE.3
b/docs/libcurl/opts/CURLOPT_BUFFERSIZE.3
index 113118e73..b4100e607 100644
--- a/docs/libcurl/opts/CURLOPT_BUFFERSIZE.3
+++ b/docs/libcurl/opts/CURLOPT_BUFFERSIZE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,20 +30,35 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_BUFFERSIZE,
long size);
.SH DESCRIPTION
Pass a long specifying your preferred \fIsize\fP (in bytes) for the receive
buffer in libcurl. The main point of this would be that the write callback
-gets called more often and with smaller chunks. This is just treated as a
-request, not an order. You cannot be guaranteed to actually get the given
-size.
+gets called more often and with smaller chunks. Secondly, for some protocols,
+there's a benefit of having a larger buffer for performance.
-This size is by default set as big as possible (\fICURL_MAX_WRITE_SIZE\fP), so
-it only makes sense to use this option if you want it smaller.
+This is just treated as a request, not an order. You cannot be guaranteed to
+actually get the given size.
+
+This buffer size is by default \fICURL_MAX_WRITE_SIZE\fP (16kB). The maximum
+buffer size allowed to be set is \fICURL_MAX_READ_SIZE\fP (512kB). The minimum
+buffer size allowed to be set is 1024.
.SH DEFAULT
-CURL_MAX_WRITE_SIZE
+CURL_MAX_WRITE_SIZE (16kB)
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/foo.bin";);
+
+ /* ask libcurl to allocate a larger receive buffer */
+ curl_easy_setopt(curl, CURLOPT_BUFFERSIZE, 120000L);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
-Added in 7.10
+Added in 7.10. Growing the buffer was added in 7.53.0.
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
diff --git a/docs/libcurl/opts/CURLOPT_CAINFO.3
b/docs/libcurl/opts/CURLOPT_CAINFO.3
index 7db50a8fa..bc094ef00 100644
--- a/docs/libcurl/opts/CURLOPT_CAINFO.3
+++ b/docs/libcurl/opts/CURLOPT_CAINFO.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,18 +40,34 @@ is assumed to be stored, as established at build time.
If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
(libnsspem.so) needs to be available for this option to work properly.
+Starting with curl-7.55.0, if both \fICURLOPT_CAINFO(3)\fP and
+\fICURLOPT_CAPATH(3)\fP are unset, NSS-linked libcurl tries to load
+libnssckbi.so, which contains a more comprehensive set of trust information
+than supported by nss-pem, because libnssckbi.so also includes information
+about distrusted certificates.
(iOS and macOS only) If curl is built against Secure Transport, then this
option is supported for backward compatibility with other SSL engines, but it
should not be set. If the option is not set, then curl will use the
certificates in the system and user Keychain to verify the peer, which is the
preferred method of verifying the peer's certificate chain.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
Built-in system specific
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_CAINFO, "/etc/certs/cabundle.pem");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
For SSL engines that don't support certificate files the CURLOPT_CAINFO option
is ignored. Refer to https://curl.haxx.se/docs/ssl-compared.html
diff --git a/docs/libcurl/opts/CURLOPT_CAPATH.3
b/docs/libcurl/opts/CURLOPT_CAPATH.3
index 0369f8910..32bd42d2a 100644
--- a/docs/libcurl/opts/CURLOPT_CAPATH.3
+++ b/docs/libcurl/opts/CURLOPT_CAPATH.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,18 +36,34 @@ This makes sense only when used in combination with the
The \fICURLOPT_CAPATH(3)\fP function apparently does not work in Windows due
to some limitation in openssl.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_CAPATH, "/etc/cert-dir");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
This option is supported by the OpenSSL, GnuTLS and PolarSSL backends. The NSS
backend provides the option only for backward compatibility.
.SH RETURN VALUE
-Returns CURLE_OK if TLS enabled, and CURLE_UNKNOWN_OPTION if not, or
-CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+CURLE_OK if supported; or an error such as:
+
+CURLE_NOT_BUILT_IN - Not supported by the SSL backend
+
+CURLE_UNKNOWN_OPTION
+
+CURLE_OUT_OF_MEMORY
.SH "SEE ALSO"
.BR CURLOPT_CAINFO "(3), "
.BR CURLOPT_STDERR "(3), " CURLOPT_DEBUGFUNCTION "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_CERTINFO.3
b/docs/libcurl/opts/CURLOPT_CERTINFO.3
index e836e407d..f60b1d54d 100644
--- a/docs/libcurl/opts/CURLOPT_CERTINFO.3
+++ b/docs/libcurl/opts/CURLOPT_CERTINFO.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,37 @@ its option \fICURLINFO_CERTINFO(3)\fP.
.SH PROTOCOLS
All TLS-based
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/";);
+
+ /* connect to any HTTPS site, trusted or not */
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+
+ curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L);
+
+ res = curl_easy_perform(curl);
+
+ if (!res) {
+ struct curl_certinfo *ci;
+ res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci);
+
+ if (!res) {
+ printf("%d certs!\\n", ci->num_of_certs);
+
+ for(i = 0; i < ci->num_of_certs; i++) {
+ struct curl_slist *slist;
+
+ for(slist = ci->certinfo[i]; slist; slist = slist->next)
+ printf("%s\\n", slist->data);
+ }
+ }
+ }
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
This option is supported by the OpenSSL, GnuTLS, NSS and GSKit backends.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.3
b/docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.3
index d31412d23..69b6db07b 100644
--- a/docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -60,7 +60,52 @@ NULL
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+static long file_is_coming(struct curl_fileinfo *finfo,
+ struct callback_data *data,
+ int remains)
+{
+ printf("%3d %40s %10luB ", remains, finfo->filename,
+ (unsigned long)finfo->size);
+
+ switch(finfo->filetype) {
+ case CURLFILETYPE_DIRECTORY:
+ printf(" DIR\n");
+ break;
+ case CURLFILETYPE_FILE:
+ printf("FILE ");
+ break;
+ default:
+ printf("OTHER\n");
+ break;
+ }
+
+ if(finfo->filetype == CURLFILETYPE_FILE) {
+ /* do not transfer files >= 50B */
+ if(finfo->size > 50) {
+ printf("SKIPPED\n");
+ return CURL_CHUNK_BGN_FUNC_SKIP;
+ }
+
+ data->output = fopen(finfo->filename, "wb");
+ if(!data->output) {
+ return CURL_CHUNK_BGN_FUNC_FAIL;
+ }
+ }
+
+ return CURL_CHUNK_BGN_FUNC_OK;
+}
+
+int main()
+{
+ /* data for callback */
+ struct callback_data callback_info;
+
+ /* callback is called before download of concrete file started */
+ curl_easy_setopt(curl, CURLOPT_CHUNK_BGN_FUNCTION, file_is_coming);
+ curl_easy_setopt(curl, CURLOPT_CHUNK_DATA, &callback_info);
+}
+.fi
.SH AVAILABILITY
This was added in 7.21.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3
b/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3
index 1ceb2cea2..6a734e58c 100644
--- a/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3
+++ b/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,52 @@ NULL
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+static long file_is_coming(struct curl_fileinfo *finfo,
+ struct callback_data *data,
+ int remains)
+{
+ printf("%3d %40s %10luB ", remains, finfo->filename,
+ (unsigned long)finfo->size);
+
+ switch(finfo->filetype) {
+ case CURLFILETYPE_DIRECTORY:
+ printf(" DIR\n");
+ break;
+ case CURLFILETYPE_FILE:
+ printf("FILE ");
+ break;
+ default:
+ printf("OTHER\n");
+ break;
+ }
+
+ if(finfo->filetype == CURLFILETYPE_FILE) {
+ /* do not transfer files >= 50B */
+ if(finfo->size > 50) {
+ printf("SKIPPED\n");
+ return CURL_CHUNK_BGN_FUNC_SKIP;
+ }
+
+ data->output = fopen(finfo->filename, "wb");
+ if(!data->output) {
+ return CURL_CHUNK_BGN_FUNC_FAIL;
+ }
+ }
+
+ return CURL_CHUNK_BGN_FUNC_OK;
+}
+
+int main()
+{
+ /* data for callback */
+ struct callback_data callback_info;
+
+ /* callback is called before download of concrete file started */
+ curl_easy_setopt(curl, CURLOPT_CHUNK_BGN_FUNCTION, file_is_coming);
+ curl_easy_setopt(curl, CURLOPT_CHUNK_DATA, &callback_info);
+}
+.fi
.SH AVAILABILITY
Added in 7.21.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.3
b/docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.3
index d2b6c55aa..e8d20982b 100644
--- a/docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -45,7 +45,24 @@ NULL
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+static long file_is_downloaded(struct callback_data *data)
+{
+ if(data->output) {
+ fclose(data->output);
+ data->output = 0x0;
+ }
+ return CURL_CHUNK_END_FUNC_OK;
+}
+
+int main()
+{
+ /* data for callback */
+ struct callback_data callback_info;
+ curl_easy_setopt(curl, CURLOPT_CHUNK_END_FUNCTION, file_is_downloaded);
+ curl_easy_setopt(curl, CURLOPT_CHUNK_DATA, &callback_info);
+}
+.fi
.SH AVAILABILITY
Added in 7.21.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.3
b/docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.3
index 1d6ca06c6..b1eab0378 100644
--- a/docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.3
+++ b/docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,17 @@ The default value of this parameter is NULL.
.SH PROTOCOLS
All except file:
.SH EXAMPLE
-TODO
+.nf
+static int closesocket(void *clientp, curl_socket_t item)
+{
+ printf("libcurl wants to close %d now\n", (int)item);
+ return 0;
+}
+
+/* call this function to close sockets */
+curl_easy_setopt(curl, CURLOPT_CLOSESOCKETFUNCTION, closesocket);
+curl_easy_setopt(curl, CURLOPT_CLOSESOCKETDATA, &sockfd);
+.fi
.SH AVAILABILITY
Added in 7.21.7
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.3
b/docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.3
index f4e8bd996..7cfaa22be 100644
--- a/docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -47,7 +47,17 @@ By default libcurl uses the standard socket close function.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+static int closesocket(void *clientp, curl_socket_t item)
+{
+ printf("libcurl wants to close %d now\n", (int)item);
+ return 0;
+}
+
+/* call this function to close sockets */
+curl_easy_setopt(curl, CURLOPT_CLOSESOCKETFUNCTION, closesocket);
+curl_easy_setopt(curl, CURLOPT_CLOSESOCKETDATA, &sockfd);
+.fi
.SH AVAILABILITY
Added in 7.21.7
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.3
b/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.3
index 61289e8d2..89a2fc12b 100644
--- a/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.3
+++ b/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -42,10 +42,22 @@ transfers.
.SH PROTOCOLS
HTTP, SMTP, POP3 and IMAP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 1L);
+ ret = curl_easy_perform(curl);
+ if(ret == CURLE_OK) {
+ /* only connected! */
+ }
+}
+.fi
.SH AVAILABILITY
Added in 7.15.2
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
.BR CURLOPT_VERBOSE "(3), " CURLOPT_HTTPPROXYTUNNEL "(3), "
+.BR curl_easy_recv "(3), " curl_easy_send "(3) "
diff --git a/docs/libcurl/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3
b/docs/libcurl/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3
index 1ff300e27..b810129dd 100644
--- a/docs/libcurl/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -73,7 +73,26 @@ NULL
.SH PROTOCOLS
FTP, SMTP, IMAP, POP3
.SH EXAMPLE
-TODO
+.nf
+static CURLcode my_conv_from_ascii_to_ebcdic(char *buffer, size_t length)
+{
+ char *tempptrin, *tempptrout;
+ size_t bytes = length;
+ int rc;
+ tempptrin = tempptrout = buffer;
+ rc = platform_a2e(&tempptrin, &bytes, &tempptrout, &bytes);
+ if(rc == PLATFORM_CONV_OK) {
+ return CURLE_OK;
+ }
+ else {
+ return CURLE_CONV_FAILED;
+ }
+}
+
+/* use platform-specific functions for codeset conversions */
+curl_easy_setopt(curl, CURLOPT_CONV_FROM_NETWORK_FUNCTION,
+ my_conv_from_ascii_to_ebcdic);
+.fi
.SH AVAILABILITY
Available only if \fBCURL_DOES_CONVERSIONS\fP was defined when libcurl was
built.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.3
b/docs/libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.3
index 487492ceb..e029fc032 100644
--- a/docs/libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -72,7 +72,25 @@ NULL
.SH PROTOCOLS
TLS-based protocols.
.SH EXAMPLE
-TODO
+.nf
+static CURLcode my_conv_from_utf8_to_ebcdic(char *buffer, size_t length)
+{
+ char *tempptrin, *tempptrout;
+ size_t bytes = length;
+ int rc;
+ tempptrin = tempptrout = buffer;
+ rc = platform_u2e(&tempptrin, &bytes, &tempptrout, &bytes);
+ if(rc == PLATFORM_CONV_OK) {
+ return CURLE_OK;
+ }
+ else {
+ return CURLE_CONV_FAILED;
+ }
+}
+
+curl_easy_setopt(curl, CURLOPT_CONV_FROM_UTF8_FUNCTION,
+ my_conv_from_utf8_to_ebcdic);
+.fi
.SH AVAILABILITY
Available only if \fBCURL_DOES_CONVERSIONS\fP was defined when libcurl was
built.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3
b/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3
index a1d6a1aa2..c9aea1e44 100644
--- a/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -73,7 +73,25 @@ NULL
.SH PROTOCOLS
FTP, SMTP, IMAP, POP3
.SH EXAMPLE
-TODO
+.nf
+static CURLcode my_conv_from_ebcdic_to_ascii(char *buffer, size_t length)
+{
+ char *tempptrin, *tempptrout;
+ size_t bytes = length;
+ int rc;
+ tempptrin = tempptrout = buffer;
+ rc = platform_e2a(&tempptrin, &bytes, &tempptrout, &bytes);
+ if(rc == PLATFORM_CONV_OK) {
+ return CURLE_OK;
+ }
+ else {
+ return CURLE_CONV_FAILED;
+ }
+}
+
+curl_easy_setopt(curl, CURLOPT_CONV_TO_NETWORK_FUNCTION,
+ my_conv_from_ebcdic_to_ascii);
+.fi
.SH AVAILABILITY
Available only if \fBCURL_DOES_CONVERSIONS\fP was defined when libcurl was
built.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_COOKIE.3
b/docs/libcurl/opts/CURLOPT_COOKIE.3
index 32c2fc293..d0da3f1f1 100644
--- a/docs/libcurl/opts/CURLOPT_COOKIE.3
+++ b/docs/libcurl/opts/CURLOPT_COOKIE.3
@@ -55,6 +55,9 @@ previous ones.
This option will not enable the cookie engine. Use \fICURLOPT_COOKIEFILE(3)\fP
or \fICURLOPT_COOKIEJAR(3)\fP to enable parsing and sending cookies
automatically.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL, no cookies
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/CURLOPT_COOKIEFILE.3
b/docs/libcurl/opts/CURLOPT_COOKIEFILE.3
index 00816b15d..457d94470 100644
--- a/docs/libcurl/opts/CURLOPT_COOKIEFILE.3
+++ b/docs/libcurl/opts/CURLOPT_COOKIEFILE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -53,12 +53,27 @@ sub-domains) or use the Netscape format.
If you use this option multiple times, you just add more files to read.
Subsequent files will add more cookies.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ /* get cookies from an existing file */
+ curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "/tmp/cookies.txt");
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
As long as HTTP is supported
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_COOKIEJAR.3
b/docs/libcurl/opts/CURLOPT_COOKIEJAR.3
index 79a372305..d4f7ccdad 100644
--- a/docs/libcurl/opts/CURLOPT_COOKIEJAR.3
+++ b/docs/libcurl/opts/CURLOPT_COOKIEJAR.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -46,12 +46,28 @@ only visible feedback you get about this possibly lethal
situation.
Since 7.43.0 cookies that were imported in the Set-Cookie format without a
domain name are not exported by this option.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ /* export cookies to this file when closing the handle */
+ curl_easy_setopt(curl, CURLOPT_COOKIEJAR, "/tmp/cookies.txt");
+
+ ret = curl_easy_perform(curl);
+
+ /* close the handle, write the cookies! */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Along with HTTP
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_COOKIESESSION.3
b/docs/libcurl/opts/CURLOPT_COOKIESESSION.3
index ecc3757ee..c4c015f82 100644
--- a/docs/libcurl/opts/CURLOPT_COOKIESESSION.3
+++ b/docs/libcurl/opts/CURLOPT_COOKIESESSION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -42,7 +42,22 @@ browser up, more or less.
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ /* new "session", don't load session cookies */
+ curl_easy_setopt(curl, CURLOPT_COOKIESESSION, 1L);
+
+ /* get the (non session) cookies from this file */
+ curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "/tmp/cookies.txt");
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Along with HTTP
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CRLF.3 b/docs/libcurl/opts/CURLOPT_CRLF.3
index b13a06e63..61ac9e264 100644
--- a/docs/libcurl/opts/CURLOPT_CRLF.3
+++ b/docs/libcurl/opts/CURLOPT_CRLF.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,16 @@ This is a legacy option of questionable use.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_CRLF, 1L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
SMTP since 7.40.0, other protocols since they were introduced
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_CRLFILE.3
b/docs/libcurl/opts/CURLOPT_CRLFILE.3
index 6bb035e7e..1b8df4afc 100644
--- a/docs/libcurl/opts/CURLOPT_CRLFILE.3
+++ b/docs/libcurl/opts/CURLOPT_CRLFILE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -45,12 +45,23 @@ A specific error code (\fICURLE_SSL_CRL_BADFILE\fP) is
defined with the
option. It is returned when the SSL exchange fails because the CRL file cannot
be loaded. A failure in certificate verification due to a revocation
information found in the CRL does not trigger this specific error.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS-based protocols
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_CRLFILE, "/etc/certs/crl.pem");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.0
.SH RETURN VALUE
@@ -58,3 +69,4 @@ Returns CURLE_OK if the option is supported,
CURLE_UNKNOWN_OPTION if not, or
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
.SH "SEE ALSO"
.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_SSL_VERIFYHOST "(3), "
+.BR CURLOPT_PROXY_CRLFILE "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3
b/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3
index 553d40857..33cce250b 100644
--- a/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3
+++ b/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -80,12 +80,27 @@ Normally a multiline response is returned which can be
used, in conjunction
with \fICURLOPT_MAIL_RCPT(3)\fP, to specify an EXPN request. If the
\fICURLOPT_NOBODY(3)\fP option is specified then the request can be used to
issue NOOP and RSET commands.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
HTTP, FTP, IMAP, POP3 and SMTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ /* DELETE the given path */
+ curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELETE");
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
IMAP is supported since 7.30.0, POP3 since 7.26.0 and SMTP since 7.34.0.
.SH RETURN VALUE
@@ -93,3 +108,4 @@ Returns CURLE_OK if the option is supported,
CURLE_UNKNOWN_OPTION if not, or
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
.SH "SEE ALSO"
.BR CURLOPT_HTTPHEADER "(3), " CURLOPT_NOBODY "(3), "
+.BR CURLOPT_REQUEST_TARGET "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.3
b/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.3
index bf07499a0..535c5302b 100644
--- a/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.3
@@ -119,6 +119,7 @@ int my_trace(CURL *handle, curl_infotype type,
{
const char *text;
(void)handle; /* prevent compiler warning */
+ (void)userp;
switch (type) {
case CURLINFO_TEXT:
diff --git a/docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.3
b/docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.3
index f7f890cad..a39c6b3f4 100644
--- a/docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.3
+++ b/docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.3
@@ -49,6 +49,9 @@ This option does not change the default proxy protocol (http).
Without this option libcurl would make a guess based on the host, see
\fICURLOPT_URL(3)\fP for details.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL (make a guess based on the host)
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/CURLOPT_DIRLISTONLY.3
b/docs/libcurl/opts/CURLOPT_DIRLISTONLY.3
index 07b8ac380..203e247b7 100644
--- a/docs/libcurl/opts/CURLOPT_DIRLISTONLY.3
+++ b/docs/libcurl/opts/CURLOPT_DIRLISTONLY.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -51,7 +51,19 @@ will effectively break that feature then.
.SH PROTOCOLS
FTP, SFTP and POP3
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/dir/";);
+
+ /* list only */
+ curl_easy_setopt(curl, CURLOPT_DIRLISTONLY, 1L);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
This option was known as CURLOPT_FTPLISTONLY up to 7.16.4. POP3 is supported
since 7.21.5.
diff --git a/docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.3
b/docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.3
index 060741016..f672e6048 100644
--- a/docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.3
+++ b/docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -47,7 +47,23 @@ address for a certain small amount of time into the future.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ /* only reuse addresses for a very short time */
+ curl_easy_setopt(curl, CURLOPT_DNS_CACHE_TIMEOUT, 2L);
+
+ ret = curl_easy_perform(curl);
+
+ /* in this second request, the cache will not be used if more than
+ two seconds have passed since the previous name resolve */
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_DNS_INTERFACE.3
b/docs/libcurl/opts/CURLOPT_DNS_INTERFACE.3
index f76439807..824ca1ea6 100644
--- a/docs/libcurl/opts/CURLOPT_DNS_INTERFACE.3
+++ b/docs/libcurl/opts/CURLOPT_DNS_INTERFACE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,11 +32,22 @@ Pass a char * as parameter. Set the name of the network
interface that the DNS
resolver should bind to. This must be an interface name (not an address). Set
this option to NULL to use the default setting (don't bind to a specific
interface).
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_DNS_INTERFACE, "eth0");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.33.0. This option also requires that libcurl was built with a
resolver backend that supports this operation. The c-ares backend is the only
diff --git a/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.3
b/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.3
index ef9f1e267..57dad16b6 100644
--- a/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.3
+++ b/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,12 +32,23 @@ Set the local IPv4 \fIaddress\fP that the resolver should
bind to. The
argument should be of type char * and contain a single numerical IPv4 address
as a string. Set this option to NULL to use the default setting (don't bind
to a specific IP address).
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_DNS_LOCAL_IP4, "192.168.0.14");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one.
diff --git a/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.3
b/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.3
index 7d82bdf85..3402f346c 100644
--- a/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.3
+++ b/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,12 +32,23 @@ Set the local IPv6 \fIaddress\fP that the resolver should
bind to. The
argument should be of type char * and contain a single IPv6 address as a
string. Set this option to NULL to use the default setting (don't bind to a
specific IP address).
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_DNS_LOCAL_IP6, "fe80::a9ff:fe46:b619");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one.
diff --git a/docs/libcurl/opts/CURLOPT_DNS_SERVERS.3
b/docs/libcurl/opts/CURLOPT_DNS_SERVERS.3
index 14c9f9bd4..0067494ae 100644
--- a/docs/libcurl/opts/CURLOPT_DNS_SERVERS.3
+++ b/docs/libcurl/opts/CURLOPT_DNS_SERVERS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,12 +36,23 @@ host[:port][,host[:port]]...
For example:
192.168.1.100,192.168.1.101,3.4.5.6
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL - use system default
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_DNS_SERVERS,
"192.168.1.100:53,192.168.1.101");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one.
diff --git a/docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.3
b/docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.3
index 87f686a24..b23493b41 100644
--- a/docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.3
+++ b/docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,17 @@ to using the share interface instead! See
\fICURLOPT_SHARE(3)\fP and
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* switch off the use of a global, thread unsafe, cache */
+ curl_easy_setopt(curl, CURLOPT_DNS_USE_GLOBAL_CACHE, 0L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Subject for removal in the future. Do not use!
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_EGDSOCKET.3
b/docs/libcurl/opts/CURLOPT_EGDSOCKET.3
index ad91c3f01..8a2c1a603 100644
--- a/docs/libcurl/opts/CURLOPT_EGDSOCKET.3
+++ b/docs/libcurl/opts/CURLOPT_EGDSOCKET.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,12 +30,23 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_EGDSOCKET,
char *path);
.SH DESCRIPTION
Pass a char * to the zero terminated path name to the Entropy Gathering Daemon
socket. It will be used to seed the random engine for SSL.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_EGDSOCKET, "/var/egd.socket");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
If built TLS enabled. Only the OpenSSL and GnuTLS backends will use this.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.3
b/docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.3
index 10f3c062c..af7f31fe0 100644
--- a/docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.3
+++ b/docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,7 +40,17 @@ sent anyway.
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ /* wait 3 seconds for 100-continue */
+ curl_easy_setopt(curl, CURLOPT_EXPECT_100_TIMEOUT_MS, 3000L);
+
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.36.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FAILONERROR.3
b/docs/libcurl/opts/CURLOPT_FAILONERROR.3
index 79474cefd..451b07cad 100644
--- a/docs/libcurl/opts/CURLOPT_FAILONERROR.3
+++ b/docs/libcurl/opts/CURLOPT_FAILONERROR.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,16 +41,27 @@ detected, like when a "100-continue" is received as a
response to a POST/PUT
and a 401 or 407 is received immediately afterwards.
When this option is used and an error is detected, it will cause the
-connection to get closed.
+connection to get closed and \fICURLE_HTTP_RETURNED_ERROR\fP is returned.
.SH DEFAULT
0, do not fail on error
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1L);
+ ret = curl_easy_perform(curl);
+ if(ret == CURLE_HTTP_RETURNED_ERROR) {
+ /* a HTTP response error problem */
+ }
+}
+.fi
.SH AVAILABILITY
-Along with HTTP
+Along with HTTP.
.SH RETURN VALUE
Returns CURLE_OK if HTTP is enabled, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
-.BR CURLOPT_HTTP200ALIASES "(3), "
+.BR CURLOPT_HTTP200ALIASES "(3), " CURLOPT_KEEP_SENDING_ON_ERROR "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_FILETIME.3
b/docs/libcurl/opts/CURLOPT_FILETIME.3
index 99ba7f7e9..d8d1c7ed0 100644
--- a/docs/libcurl/opts/CURLOPT_FILETIME.3
+++ b/docs/libcurl/opts/CURLOPT_FILETIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,24 @@ argument can be used after a transfer to extract the
received time (if any).
.SH PROTOCOLS
HTTP, FTP, SFTP, FILE
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ /* Ask for filetime */
+ curl_easy_setopt(curl, CURLOPT_FILETIME, 1L);
+ res = curl_easy_perform(curl);
+ if(CURLE_OK == res) {
+ res = curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime);
+ if((CURLE_OK == res) && (filetime >= 0)) {
+ time_t file_time = (time_t)filetime;
+ printf("filetime %s: %s", filename, ctime(&file_time));
+ }
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always, for SFTP since 7.49.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3
b/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3
index 236c19df5..88f3ba662 100644
--- a/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3
+++ b/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,25 @@ NULL
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+static int my_fnmatch(void *clientp,
+ const char *pattern, const char *string)
+{
+ struct local_stuff *data = (struct local_stuff *)clientp;
+ if(string_match(pattern, string))
+ return CURL_FNMATCHFUNC_MATCH;
+ else
+ return CURL_FNMATCHFUNC_NOMATCH;
+}
+
+{
+ struct local_stuff local_data;
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://ftp.example.com/file*";);
+ curl_easy_setopt(curl, CURLOPT_WILDCARDMATCH, 1L);
+ curl_easy_setopt(curl, CURLOPT_FNMATCH_FUNCTION, my_fnmatch);
+ curl_easy_setopt(curl, CURLOPT_FNMATCH_DATA, &local_data);
+}
+.fi
.SH AVAILABILITY
Added in 7.21.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.3
b/docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.3
index 04967b899..7a79ad8a7 100644
--- a/docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -47,7 +47,25 @@ NULL == an internal function for wildcard matching.
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+static int my_fnmatch(void *clientp,
+ const char *pattern, const char *string)
+{
+ struct local_stuff *data = (struct local_stuff *)clientp;
+ if(string_match(pattern, string))
+ return CURL_FNMATCHFUNC_MATCH;
+ else
+ return CURL_FNMATCHFUNC_NOMATCH;
+}
+
+{
+ struct local_stuff local_data;
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://ftp.example.com/file*";);
+ curl_easy_setopt(curl, CURLOPT_WILDCARDMATCH, 1L);
+ curl_easy_setopt(curl, CURLOPT_FNMATCH_FUNCTION, my_fnmatch);
+ curl_easy_setopt(curl, CURLOPT_FNMATCH_DATA, &local_data);
+}
+.fi
.SH AVAILABILITY
Added in 7.21.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FORBID_REUSE.3
b/docs/libcurl/opts/CURLOPT_FORBID_REUSE.3
index b8464dfc3..509052381 100644
--- a/docs/libcurl/opts/CURLOPT_FORBID_REUSE.3
+++ b/docs/libcurl/opts/CURLOPT_FORBID_REUSE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,16 @@ Set to 0 to have libcurl keep the connection open for
possible later re-use
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+{
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_FORBID_REUSE, 1L);
+ curl_easy_perform(curl);
+
+ /* this second transfer may not reuse the same connection */
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FRESH_CONNECT.3
b/docs/libcurl/opts/CURLOPT_FRESH_CONNECT.3
index ce6e6fe75..19cd575c6 100644
--- a/docs/libcurl/opts/CURLOPT_FRESH_CONNECT.3
+++ b/docs/libcurl/opts/CURLOPT_FRESH_CONNECT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -43,7 +43,14 @@ Set \fIfresh\fP to 0 to have libcurl attempt re-using an
existing connection
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+{
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_FRESH_CONNECT, 1L);
+ /* this transfer must use a new connection, not reuse an existing */
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTPPORT.3
b/docs/libcurl/opts/CURLOPT_FTPPORT.3
index 8e300bc21..e150a5b29 100644
--- a/docs/libcurl/opts/CURLOPT_FTPPORT.3
+++ b/docs/libcurl/opts/CURLOPT_FTPPORT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -57,12 +57,23 @@ Examples with specified ports:
You disable PORT again and go back to using the passive version by setting
this option to NULL.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/old-server/file.txt";);
+ curl_easy_setopt(curl, CURLOPT_FTPPORT, "-");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Port range support was added in 7.19.5
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTPSSLAUTH.3
b/docs/libcurl/opts/CURLOPT_FTPSSLAUTH.3
index 5437b0c74..8aa9eec0b 100644
--- a/docs/libcurl/opts/CURLOPT_FTPSSLAUTH.3
+++ b/docs/libcurl/opts/CURLOPT_FTPSSLAUTH.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -44,7 +44,17 @@ CURLFTPAUTH_DEFAULT
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/file.txt";);
+ curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_TRY);
+ /* funny server, ask for SSL before TLS */
+ curl_easy_setopt(curl, CURLOPT_FTPSSLAUTH, CURLFTPAUTH_SSL);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.12.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.3
b/docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.3
index 0d768d773..8218038a1 100644
--- a/docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.3
+++ b/docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -31,12 +31,26 @@ CURLcode curl_easy_setopt(CURL *handle,
CURLOPT_FTP_ACCOUNT, char *account);
Pass a pointer to a zero terminated string (or NULL to disable). When an FTP
server asks for "account data" after user name and password has been provided,
this data is sent off using the ACCT command.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/foo.bin";);
+
+ curl_easy_setopt(curl, CURLOPT_FTP_ACCOUNT, "human-resources");
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.13.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.3
b/docs/libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.3
index 575810906..a9723b5f6 100644
--- a/docs/libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.3
+++ b/docs/libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,12 +35,26 @@ authenticate if the usual FTP "USER user" and "PASS
password" negotiation
fails. This is currently only known to be required when connecting to
Tumbleweed's Secure Transport FTPS server using client certificates for
authentication.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/foo.bin";);
+
+ curl_easy_setopt(curl, CURLOPT_FTP_ALTERNATIVE_TO_USER, "two users");
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.15.5
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.3
b/docs/libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.3
index d28a646ef..f57873605 100644
--- a/docs/libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.3
+++ b/docs/libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -59,7 +59,18 @@ CURLFTP_CREATE_DIR_NONE (0)
.SH PROTOCOLS
FTP and SFTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL,
"ftp://example.com/non-existing/new.txt";);
+ curl_easy_setopt(curl, CURLOPT_FTP_CREATE_MISSING_DIRS,
+ CURLFTP_CREATE_DIR_RETRY);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.10.7. SFTP support added in 7.16.3. The retry option was added in
7.19.4.
diff --git a/docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.3
b/docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.3
index 280e8f1dc..381145bc3 100644
--- a/docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.3
+++ b/docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -53,7 +53,18 @@ CURLFTPMETHOD_MULTICWD
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/1/2/3/4/new.txt";);
+ curl_easy_setopt(curl, CURLOPT_FTP_FILEMETHOD,
+ CURLFTPMETHOD_SINGLECWD);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.15.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.3
b/docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.3
index 45ec304c8..cc8cc7b21 100644
--- a/docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.3
+++ b/docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,7 +40,17 @@ None
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/slow.txt";);
+ /* wait no more than 23 seconds */
+ curl_easy_setopt(curl, CURLOPT_FTP_RESPONSE_TIMEOUT, 23L);
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.10.8
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3
b/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3
index b60c3b105..9d468a551 100644
--- a/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3
+++ b/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -43,7 +43,18 @@ This option has no effect if PORT, EPRT or EPSV is used
instead of PASV.
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/file.txt";);
+
+ /* please ignore the IP in the PASV response */
+ curl_easy_setopt(curl, CURLOPT_FTP_SKIP_PASV_IP, 1L);
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.14.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.3
b/docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.3
index 47371147f..2cd2c7380 100644
--- a/docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.3
+++ b/docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -45,7 +45,17 @@ CURLFTPSSL_CCC_NONE
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/file.txt";);
+ curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_CONTROL);
+ /* go back to clear-text FTP after authenticating */
+ curl_easy_setopt(curl, CURLOPT_FTP_SSL_CCC, CURLFTPSSL_CCC_ACTIVE);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.16.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.3
b/docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.3
index af7a45e95..970e08a83 100644
--- a/docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.3
+++ b/docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,19 @@ If the server is an IPv6 host, this option will have no
effect as of 7.12.3.
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/old-server/file.txt";);
+
+ /* let's shut off this modern feature */
+ curl_easy_setopt(curl, CURLOPT_FTP_USE_EPSV, 0L);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Along with FTP
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_FTP_USE_PRET.3
b/docs/libcurl/opts/CURLOPT_FTP_USE_PRET.3
index 10f713bb9..53b33e50d 100644
--- a/docs/libcurl/opts/CURLOPT_FTP_USE_PRET.3
+++ b/docs/libcurl/opts/CURLOPT_FTP_USE_PRET.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,19 @@ no effect when using the active FTP transfers mode.
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/old-server/file.txt";);
+
+ /* a drftpd server, do it! */
+ curl_easy_setopt(curl, CURLOPT_FTP_USE_PRET, 1L);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.3
b/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.3
index 65ea6ec4b..9cd7be906 100644
--- a/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.3
+++ b/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -28,18 +28,30 @@ CURLOPT_GSSAPI_DELEGATION \- set allowed GSS-API delegation
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_GSSAPI_DELEGATION, long level);
.SH DESCRIPTION
-Set the long parameter \fIlevel\fP to CURLGSSAPI_DELEGATION_FLAG to allow
-unconditional GSSAPI credential delegation. The delegation is disabled by
-default since 7.21.7. Set the parameter to CURLGSSAPI_DELEGATION_POLICY_FLAG
-to delegate only if the OK-AS-DELEGATE flag is set in the service ticket in
-case this feature is supported by the GSS-API implementation and the definition
-of GSS_C_DELEG_POLICY_FLAG was available at compile-time.
+Set the long parameter \fIlevel\fP to \fBCURLGSSAPI_DELEGATION_FLAG\fP to
+allow unconditional GSSAPI credential delegation. The delegation is disabled
+by default since 7.21.7. Set the parameter to
+\fBCURLGSSAPI_DELEGATION_POLICY_FLAG\fP to delegate only if the OK-AS-DELEGATE
+flag is set in the service ticket in case this feature is supported by the
+GSS-API implementation and the definition of GSS_C_DELEG_POLICY_FLAG was
+available at compile-time.
.SH DEFAULT
CURLGSSAPI_DELEGATION_NONE
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* delegate if okayed by policy */
+ curl_easy_setopt(curl, CURLOPT_GSSAPI_DELEGATION,
+ CURLGSSAPI_DELEGATION_POLICY_FLAG);
+ ret = curl_easy_perform(curl);
+}
+.fi
+
.SH AVAILABILITY
Added in 7.22.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_HEADERDATA.3
b/docs/libcurl/opts/CURLOPT_HEADERDATA.3
index c865c860f..73dcc2bb9 100644
--- a/docs/libcurl/opts/CURLOPT_HEADERDATA.3
+++ b/docs/libcurl/opts/CURLOPT_HEADERDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,35 @@ NULL
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+struct my_info {
+ int shoesize;
+ char *secret;
+};
+
+static size_t header_callback(char *buffer, size_t size,
+ size_t nitems, void *userdata)
+{
+ struct my_info *i = (struct my_info *)userdata;
+
+ /* now this callback can access the my_info struct */
+
+ return nitems * size;
+}
+
+CURL *curl = curl_easy_init();
+if(curl) {
+ struct my_info my = { 10, "the cookies are in the cupboard" };
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, header_callback);
+
+ /* pass in custom data to the callback */
+ curl_easy_setopt(curl, CURLOPT_HEADERDATA, &my);
+
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_HEADEROPT.3
b/docs/libcurl/opts/CURLOPT_HEADEROPT.3
index 7053a3af2..ff9070e74 100644
--- a/docs/libcurl/opts/CURLOPT_HEADEROPT.3
+++ b/docs/libcurl/opts/CURLOPT_HEADEROPT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -48,7 +48,24 @@ CURLHEADER_SEPARATE (changed in 7.42.1, ased
CURLHEADER_UNIFIED before then)
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ struct curl_slist *list;
+ list = curl_slist_append(NULL, "Shoesize: 10");
+ list = curl_slist_append(list, "Accept:");
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://localhost:8080";);
+
+ /* HTTPS over a proxy makes a separate CONNECT to the proxy, so tell
+ libcurl to not send the custom headers to the proxy. Keep them
+ separate! */
+ curl_easy_setopt(curl, CURLOPT_HEADEROPT, CURLHEADER_SEPARATE);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.37.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_HTTP200ALIASES.3
b/docs/libcurl/opts/CURLOPT_HTTP200ALIASES.3
index 17f1dd32c..24d33053f 100644
--- a/docs/libcurl/opts/CURLOPT_HTTP200ALIASES.3
+++ b/docs/libcurl/opts/CURLOPT_HTTP200ALIASES.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -49,7 +49,20 @@ NULL
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ struct curl_slist *list;
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+
+ list = curl_slist_append(NULL, "ICY 200 OK");
+ list = curl_slist_append(list, "WEIRDO 99 FINE");
+
+ curl_easy_setopt(curl, CURLOPT_HTTP200ALIASES, list);
+ curl_easy_perform(curl);
+ curl_slist_free_all(list); /* free the list again */
+}
+.fi
.SH AVAILABILITY
Added in 7.10.3
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_HTTPAUTH.3
b/docs/libcurl/opts/CURLOPT_HTTPAUTH.3
index fc7a3a41a..8a5ae4143 100644
--- a/docs/libcurl/opts/CURLOPT_HTTPAUTH.3
+++ b/docs/libcurl/opts/CURLOPT_HTTPAUTH.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -99,7 +99,17 @@ CURLAUTH_BASIC
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* allow whatever auth the server speaks */
+ curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
+ curl_easy_setopt(curl, CURLOPT_USERPWD, "james:bond");
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Option Added in 7.10.6.
diff --git a/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.3
b/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.3
index 6b48a0527..5ded4d27a 100644
--- a/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.3
+++ b/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -28,24 +28,38 @@ CURLOPT_HTTPPROXYTUNNEL \- tunnel through HTTP proxy
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTPPROXYTUNNEL, long tunnel);
.SH DESCRIPTION
-Set the parameter to 1 to make libcurl tunnel all operations through the HTTP
-proxy. There is a big difference between using a proxy and to tunnel through
-it. If you don't know what this means, you probably don't want this tunneling
-option.
+Set the \fBtunnel\fP parameter to 1L to make libcurl tunnel all operations
+through the HTTP proxy (set with \fICURLOPT_PROXY(3)\fP). There is a big
+difference between using a proxy and to tunnel through it.
-Tunneling essentially means that a CONNECT is sent to the proxy, asking it to
-connect to a remote host on a specific port number and then the traffic is
-just passed through the proxy. Proxies tend to whitelist specific port numbers
+Tunneling means that a HTTP CONNECT request is sent to the proxy, asking it
+to connect to a remote host on a specific port number and then the traffic is
+just passed through the proxy. Proxies tend to white-list specific port numbers
it allows CONNECT requests to and often only port 80 and 443 are allowed.
-When using this, it only makes sense to use \fICURLOPT_PROXYTYPE(3)\fP set to
-a HTTP proxy.
+To suppress proxy CONNECT response headers from user callbacks use
+\fICURLOPT_SUPPRESS_CONNECT_HEADERS(3)\fP.
+
+HTTP proxies can generally only speak HTTP (for obvious reasons), which makes
+libcurl convert non-HTTP requests to HTTP when using an HTTP proxy without
+this tunnel option set. For example, asking for an FTP URL and specifying an
+HTTP proxy will make libcurl send an FTP URL in a HTTP GET request to the
+proxy. By instead tunneling through the proxy, you avoid that conversion (that
+rarely works through the proxy anyway).
.SH DEFAULT
0
.SH PROTOCOLS
All network protocols
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/file.txt";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://127.0.0.1:80";);
+ curl_easy_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L);
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.3
b/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.3
index 9338b2494..084070774 100644
--- a/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.3
+++ b/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,15 @@ default content decoding but requires you to use
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_HTTP_CONTENT_DECODING, 0L);
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.16.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.3
b/docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.3
index ddd59d296..db629615b 100644
--- a/docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.3
+++ b/docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,15 @@ option is set to zero.
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_HTTP_TRANSFER_DECODING, 0L);
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.16.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3
b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3
index 96dd4b672..e602b0311 100644
--- a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3
+++ b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -64,7 +64,18 @@ CURL_HTTP_VERSION_NONE
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2TLS);
+ ret = curl_easy_perform(curl);
+ if(ret == CURLE_HTTP_RETURNED_ERROR) {
+ /* a HTTP response error problem */
+ }
+}
+.fi
.SH AVAILABILITY
Along with HTTP
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_INTERFACE.3
b/docs/libcurl/opts/CURLOPT_INTERFACE.3
index 77db3723e..16e542adb 100644
--- a/docs/libcurl/opts/CURLOPT_INTERFACE.3
+++ b/docs/libcurl/opts/CURLOPT_INTERFACE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,12 +40,26 @@ synchronously. Using the if! format is highly recommended
when using the
multi interfaces to avoid allowing the code to block. If "if!" is specified
but the parameter does not match an existing interface, CURLE_INTERFACE_FAILED
is returned from the libcurl function used to perform the transfer.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL, use whatever the TCP stack finds suitable
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ curl_easy_setopt(curl, CURLOPT_INTERFACE, "eth0");
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
The "if!" and "host!" syntax was added in 7.24.0.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.3
b/docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.3
index b47d21d9b..b11b6cd25 100644
--- a/docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.3
+++ b/docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,19 @@ NULL
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+static size_t rtp_write(void *ptr, size_t size, size_t nmemb, void *user)
+{
+ struct local *l = (struct local *)user;
+ /* take care of the packet in 'ptr', then return... */
+ return size * nmemb;
+}
+{
+ struct local rtp_data;
+ curl_easy_setopt(curl, CURLOPT_INTERLEAVEFUNCTION, rtp_write);
+ curl_easy_setopt(curl, CURLOPT_INTERLEAVEDATA, &rtp_data);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.3
b/docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.3
index 95e6fe524..522f4579e 100644
--- a/docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -59,7 +59,19 @@ NULL
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+static size_t rtp_write(void *ptr, size_t size, size_t nmemb, void *user)
+{
+ struct local *l = (struct local *)user;
+ /* take care of the packet in 'ptr', then return... */
+ return size * nmemb;
+}
+{
+ struct local rtp_data;
+ curl_easy_setopt(curl, CURLOPT_INTERLEAVEFUNCTION, rtp_write);
+ curl_easy_setopt(curl, CURLOPT_INTERLEAVEDATA, &rtp_data);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_IOCTLDATA.3
b/docs/libcurl/opts/CURLOPT_IOCTLDATA.3
index 0ef96e2b9..f8d1e6782 100644
--- a/docs/libcurl/opts/CURLOPT_IOCTLDATA.3
+++ b/docs/libcurl/opts/CURLOPT_IOCTLDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,23 @@ By default, the value of this parameter is NULL.
.SH PROTOCOLS
Used with HTTP
.SH EXAMPLE
-TODO
+.nf
+static curlioerr ioctl_callback(CURL *handle, int cmd, void *clientp)
+{
+ struct data *io = (struct data *)clientp;
+ if(cmd == CURLIOCMD_RESTARTREAD) {
+ lseek(fd, 0, SEEK_SET);
+ current_offset = 0;
+ return CURLIOE_OK;
+ }
+ return CURLIOE_UNKNOWNCMD;
+}
+{
+ struct data ioctl_data;
+ curl_easy_setopt(curl, CURLOPT_IOCTLFUNCTION, ioctl_callback);
+ curl_easy_setopt(curl, CURLOPT_IOCTLDATA, &ioctl_data);
+}
+.fi
.SH AVAILABILITY
Added in 7.12.3
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.3
b/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.3
index f2dd42eb8..d2917df26 100644
--- a/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -67,7 +67,23 @@ By default, this parameter is set to NULL. Not used.
.SH PROTOCOLS
Used with HTTP
.SH EXAMPLE
-TODO
+.nf
+static curlioerr ioctl_callback(CURL *handle, int cmd, void *clientp)
+{
+ struct data *io = (struct data *)clientp;
+ if(cmd == CURLIOCMD_RESTARTREAD) {
+ lseek(fd, 0, SEEK_SET);
+ current_offset = 0;
+ return CURLIOE_OK;
+ }
+ return CURLIOE_UNKNOWNCMD;
+}
+{
+ struct data ioctl_data;
+ curl_easy_setopt(curl, CURLOPT_IOCTLFUNCTION, ioctl_callback);
+ curl_easy_setopt(curl, CURLOPT_IOCTLDATA, &ioctl_data);
+}
+.fi
.SH AVAILABILITY
Added in 7.12.3
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_IPRESOLVE.3
b/docs/libcurl/opts/CURLOPT_IPRESOLVE.3
index 817f34d5f..a23d883fd 100644
--- a/docs/libcurl/opts/CURLOPT_IPRESOLVE.3
+++ b/docs/libcurl/opts/CURLOPT_IPRESOLVE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -42,7 +42,20 @@ CURL_IPRESOLVE_WHATEVER
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ /* resolve host name using IPv6-names only */
+ curl_easy_setopt(curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V6);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
+
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_ISSUERCERT.3
b/docs/libcurl/opts/CURLOPT_ISSUERCERT.3
index 61198eac2..8c5d70faf 100644
--- a/docs/libcurl/opts/CURLOPT_ISSUERCERT.3
+++ b/docs/libcurl/opts/CURLOPT_ISSUERCERT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -43,12 +43,23 @@ A specific error code (CURLE_SSL_ISSUER_ERROR) is defined
with the option,
which is returned if the setup of the SSL/TLS session has failed due to a
mismatch with the issuer of peer certificate (\fICURLOPT_SSL_VERIFYPEER(3)\fP
has to be set too for the check to fail). (Added in 7.19.0)
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS-based protocols
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_ISSUERCERT, "/etc/certs/cacert.pem");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
If built TLS enabled
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_KEEP_SENDING_ON_ERROR.3
b/docs/libcurl/opts/CURLOPT_KEEP_SENDING_ON_ERROR.3
new file mode 100644
index 000000000..384ca756c
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_KEEP_SENDING_ON_ERROR.3
@@ -0,0 +1,61 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_KEEP_SENDING_ON_ERROR 3 "22 Sep 2016" "libcurl 7.51.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_KEEP_SENDING_ON_ERROR \- keep sending on early HTTP response >= 300
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_KEEP_SENDING_ON_ERROR,
+ long keep_sending);
+.SH DESCRIPTION
+A long parameter set to 1 tells the library to keep sending the request body
+if the HTTP code returned is equal to or larger than 300. The default action
+would be to stop sending and close the stream or connection.
+
+This option is suitable for manual NTLM authentication, i.e. if an application
+does not use \fICURLOPT_HTTPAUTH(3)\fP, but instead sets "Authorization: NTLM
..."
+headers manually using \fICURLOPT_HTTPHEADER(3)\fP.
+
+Most applications do not need this option.
+.SH DEFAULT
+0, stop sending on error
+.SH PROTOCOLS
+HTTP
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, "sending data");
+ curl_easy_setopt(curl, CURLOPT_KEEP_SENDING_ON_ERROR, 1L);
+ ret = curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+Along with HTTP. Added in 7.51.0.
+.SH RETURN VALUE
+Returns CURLE_OK if HTTP is enabled, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_FAILONERROR "(3), " CURLOPT_HTTPHEADER "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_KEYPASSWD.3
b/docs/libcurl/opts/CURLOPT_KEYPASSWD.3
index 9b85b824d..ea3212144 100644
--- a/docs/libcurl/opts/CURLOPT_KEYPASSWD.3
+++ b/docs/libcurl/opts/CURLOPT_KEYPASSWD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,12 +32,25 @@ Pass a pointer to a zero terminated string as parameter. It
will be used as
the password required to use the \fICURLOPT_SSLKEY(3)\fP or
\fICURLOPT_SSH_PRIVATE_KEYFILE(3)\fP private key. You never needed a pass
phrase to load a certificate but you need one to load your private key.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_SSLCERT, "client.pem");
+ curl_easy_setopt(curl, CURLOPT_SSLKEY, "key.pem");
+ curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "superman");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
This option was known as CURLOPT_SSLKEYPASSWD up to 7.16.4 and
CURLOPT_SSLCERTPASSWD up to 7.9.2.
diff --git a/docs/libcurl/opts/CURLOPT_KRBLEVEL.3
b/docs/libcurl/opts/CURLOPT_KRBLEVEL.3
index 6ebd2f272..175e1cd77 100644
--- a/docs/libcurl/opts/CURLOPT_KRBLEVEL.3
+++ b/docs/libcurl/opts/CURLOPT_KRBLEVEL.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,12 +33,23 @@ enables kerberos awareness. This is a string that should
match one of the
following: \&'clear', \&'safe', \&'confidential' or \&'private'. If the
string is set but doesn't match one of these, 'private' will be used. Set the
string to NULL to disable kerberos support for FTP.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_KRBLEVEL, "private");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
This option was known as CURLOPT_KRB4LEVEL up to 7.16.3
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_LOCALPORT.3
b/docs/libcurl/opts/CURLOPT_LOCALPORT.3
index e56f01295..79239ec15 100644
--- a/docs/libcurl/opts/CURLOPT_LOCALPORT.3
+++ b/docs/libcurl/opts/CURLOPT_LOCALPORT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,17 @@ this option is set. Valid port numbers are 1 - 65535.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_LOCALPORT, 8080L);
+ /* and try 20 more ports following that */
+ curl_easy_setopt(curl, CURLOPT_LOCALPORTRANGE, 20L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.15.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.3
b/docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.3
index e54a1c87d..dfa231380 100644
--- a/docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.3
+++ b/docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,17 @@ setup failures.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_LOCALPORT, 8080L);
+ /* and try 20 more ports following that */
+ curl_easy_setopt(curl, CURLOPT_LOCALPORTRANGE, 20L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.15.2
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3
b/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3
index a9ca19287..9b690341c 100644
--- a/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3
+++ b/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,12 +38,23 @@ IETF draft draft-earhart-url-smtp-00.txt
options, such as the preferred authentication mechanism via "AUTH=NTLM" or
"AUTH=*", and should be used in conjunction with the \fICURLOPT_USERNAME(3)\fP
option.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
Only IMAP, POP3 and SMTP support login options.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "smtp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, "AUTH=*");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.34.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.3
b/docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.3
index 890ea720f..7061345cf 100644
--- a/docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.3
+++ b/docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,21 @@ slow and abort.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ /* abort if slower than 30 bytes/sec during 60 seconds */
+ curl_easy_setopt(curl, CURLOPT_LOW_SPEED_TIME, 60L);
+ curl_easy_setopt(curl, CURLOPT_LOW_SPEED_LIMIT, 30L);
+ res = curl_easy_perform(curl);
+ if(CURLE_OPERATION_TIMEDOUT == res) {
+ printf("Timeout!\\n");
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.3
b/docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.3
index ed3b8296c..64c336099 100644
--- a/docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.3
+++ b/docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,21 @@ library to consider it too slow and abort.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+ /* abort if slower than 30 bytes/sec during 60 seconds */
+ curl_easy_setopt(curl, CURLOPT_LOW_SPEED_TIME, 60L);
+ curl_easy_setopt(curl, CURLOPT_LOW_SPEED_LIMIT, 30L);
+ res = curl_easy_perform(curl);
+ if(CURLE_OPERATION_TIMEDOUT == res) {
+ printf("Timeout!\\n");
+ }
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_MAIL_AUTH.3
b/docs/libcurl/opts/CURLOPT_MAIL_AUTH.3
index bd581f0d2..6aa4d604d 100644
--- a/docs/libcurl/opts/CURLOPT_MAIL_AUTH.3
+++ b/docs/libcurl/opts/CURLOPT_MAIL_AUTH.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -43,12 +43,23 @@ Unlike \fICURLOPT_MAIL_FROM(3)\fP and
\fICURLOPT_MAIL_RCPT(3)\fP, the address
should not be specified within a pair of angled brackets (<>). However, if an
empty string is used then a pair of brackets will be sent by libcurl as
required by RFC2554.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
SMTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "smtp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_MAIL_AUTH, "<address@hidden>");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.25.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_MAIL_FROM.3
b/docs/libcurl/opts/CURLOPT_MAIL_FROM.3
index 0420d4936..2963c2731 100644
--- a/docs/libcurl/opts/CURLOPT_MAIL_FROM.3
+++ b/docs/libcurl/opts/CURLOPT_MAIL_FROM.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,12 +36,23 @@ around it, which if not specified will be added
automatically.
If this parameter is not specified then an empty address will be sent to the
mail server which may cause the email to be rejected.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
blank
.SH PROTOCOLS
SMTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "smtp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_MAIL_FROM, "address@hidden");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_MAIL_RCPT.3
b/docs/libcurl/opts/CURLOPT_MAIL_RCPT.3
index 01fa62ab7..403a7a510 100644
--- a/docs/libcurl/opts/CURLOPT_MAIL_RCPT.3
+++ b/docs/libcurl/opts/CURLOPT_MAIL_RCPT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -51,7 +51,19 @@ NULL
.SH PROTOCOLS
SMTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ struct curl_slist *list;
+ list = curl_slist_append(NULL, "address@hidden");
+ list = curl_slist_append(list, "address@hidden");
+ curl_easy_setopt(curl, CURLOPT_URL, "smtp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, list);
+ ret = curl_easy_perform(curl);
+ curl_slist_free_all(list);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0. The VRFY and EXPN logic was added in 7.34.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3
b/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3
index 8e90a9d26..b60517175 100644
--- a/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3
+++ b/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -50,7 +50,16 @@ acknowledged, and you must instead use
\fIcurl_multi_setopt(3)\fP and the
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* limit the connection cache for this handle to no more than 3 */
+ curl_easy_setopt(curl, CURLOPT_MAXCONNECTS, 3L);
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_MAXFILESIZE.3
b/docs/libcurl/opts/CURLOPT_MAXFILESIZE.3
index 5f5959a17..b75e66df7 100644
--- a/docs/libcurl/opts/CURLOPT_MAXFILESIZE.3
+++ b/docs/libcurl/opts/CURLOPT_MAXFILESIZE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -43,7 +43,16 @@ None
.SH PROTOCOLS
FTP and HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* refuse to download if larger than 1000 bytes! */
+ curl_easy_setopt(curl, CURLOPT_MAXFILESIZE, 1000L);
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.3
b/docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.3
index 630c0b5ab..969cc5f2c 100644
--- a/docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.3
+++ b/docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -43,7 +43,17 @@ None
.SH PROTOCOLS
FTP and HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_off_t ridiculous = 1 << 48;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* refuse to download if larger than ridiculous */
+ curl_easy_setopt(curl, CURLOPT_MAXFILESIZE_LARGE, ridiculous);
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.11.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3
b/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3
index c99ff61e3..e4ced8643 100644
--- a/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3
+++ b/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,6 +40,16 @@ This option doesn't affect transfer speeds done with FILE://
URLs.
.SH PROTOCOLS
All but file://
.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* cap the download speed to 31415 bytes/sec */
+ curl_easy_setopt(curl, CURLOPT_MAX_RECV_SPEED_LARGE, (curl_off_t)31415);
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.15.5
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3
b/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3
index 7f3efe57c..d9f5c8bf0 100644
--- a/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3
+++ b/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,17 @@ This option doesn't affect transfer speeds done with FILE://
URLs.
.SH PROTOCOLS
All except file://
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* cap the upload speed to 1000 bytes/sec */
+ curl_easy_setopt(curl, CURLOPT_MAX_SEND_SPEED_LARGE, (curl_off_t)1000);
+ /* (set some upload options as well!) */
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.15.5
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_NETRC.3
b/docs/libcurl/opts/CURLOPT_NETRC.3
index c453dd385..0f5fc7ad7 100644
--- a/docs/libcurl/opts/CURLOPT_NETRC.3
+++ b/docs/libcurl/opts/CURLOPT_NETRC.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,7 +30,9 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_NETRC, long
level);
.SH DESCRIPTION
This parameter controls the preference \fIlevel\fP of libcurl between using
user names and passwords from your \fI~/.netrc\fP file, relative to user names
-and passwords in the URL supplied with \fICURLOPT_URL(3)\fP.
+and passwords in the URL supplied with \fICURLOPT_URL(3)\fP. On Windows,
+libcurl will use the file as \fI%HOME%/_netrc\fP, but you can also tell
+libcurl a different file name to use with \fICURLOPT_NETRC_FILE(3)\fP.
libcurl uses a user name (and supplied or prompted password) supplied with
\fICURLOPT_USERPWD(3)\fP or \fICURLOPT_USERNAME(3)\fP in preference to any of
@@ -64,10 +66,18 @@ CURL_NETRC_IGNORED
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
Returns CURLE_OK
.SH "SEE ALSO"
-.BR CURLOPT_USERPWD "(3), " CURLOPT_USERNAME "(3), "
+.BR CURLOPT_USERPWD "(3), " CURLOPT_USERNAME "(3), ", CURLOPT_NETRC_FILE "(3),
"
diff --git a/docs/libcurl/opts/CURLOPT_NETRC_FILE.3
b/docs/libcurl/opts/CURLOPT_NETRC_FILE.3
index d3ecc9574..8cb29f534 100644
--- a/docs/libcurl/opts/CURLOPT_NETRC_FILE.3
+++ b/docs/libcurl/opts/CURLOPT_NETRC_FILE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,12 +33,24 @@ the full path name to the \fIfile\fP you want libcurl to
use as .netrc
file. If this option is omitted, and \fICURLOPT_NETRC(3)\fP is set, libcurl
will attempt to find a .netrc file in the current user's home
directory.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
+ curl_easy_setopt(curl, CURLOPT_NETRC_FILE, "/tmp/magic-netrc");
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.10.9
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.3
b/docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.3
index f195fabf8..e355dcd15 100644
--- a/docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.3
+++ b/docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,16 @@ this are \fIsftp://\fP, \fIscp://\fP, and \fIfile://\fP.
.SH PROTOCOLS
SFTP, SCP and FILE
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL,
"sftp://upload.example.com/newdir/file.zip";);
+ curl_easy_setopt(curl, CURLOPT_FTP_CREATE_MISSING_DIRS, 1L);
+ curl_easy_setopt(curl, CURLOPT_NEW_DIRECTORY_PERMS, 0644L);
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.16.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.3
b/docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.3
index 2a41aba4b..d74c34e4f 100644
--- a/docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.3
+++ b/docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,15 @@ this are \fIsftp://\fP, \fIscp://\fP, and \fIfile://\fP.
.SH PROTOCOLS
SFTP, SCP and FILE
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "sftp://upload.example.com/file.txt";);
+ curl_easy_setopt(curl, CURLOPT_NEW_FILE_PERMS, 0664L);
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.16.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_NOBODY.3
b/docs/libcurl/opts/CURLOPT_NOBODY.3
index 340b9f454..02590b212 100644
--- a/docs/libcurl/opts/CURLOPT_NOBODY.3
+++ b/docs/libcurl/opts/CURLOPT_NOBODY.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -44,10 +44,10 @@ curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
- /* get us the resource without a body! */
+ /* get us the resource without a body! */
curl_easy_setopt(curl, CURLOPT_NOBODY, 1L);
- /* Perform the request */
+ /* Perform the request */
curl_easy_perform(curl);
}
.fi
@@ -57,3 +57,4 @@ Always
Returns CURLE_OK
.SH "SEE ALSO"
.BR CURLOPT_HTTPGET "(3), " CURLOPT_POST "(3), "
+.BR CURLOPT_REQUEST_TARGET "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_NOPROXY.3
b/docs/libcurl/opts/CURLOPT_NOPROXY.3
index 2998a30a8..a1ee476f6 100644
--- a/docs/libcurl/opts/CURLOPT_NOPROXY.3
+++ b/docs/libcurl/opts/CURLOPT_NOPROXY.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,12 +36,30 @@ list is matched as either a domain which contains the
hostname, or the
hostname itself. For example, example.com would match example.com,
example.com:80, and www.example.com, but not www.notanexample.com or
example.com.othertld.
+
+If the name in the noproxy list has a leading period, it is a domain match
+against the provided host name. This way ".example.com" will switch off proxy
+use for both "www.example.com" as well as for "foo.example.com".
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ /* accept various URLs */
+ curl_easy_setopt(curl, CURLOPT_URL, input);
+ /* use this proxy */
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy:80";);
+ /* ... but make sure this host name is not proxied */
+ curl_easy_setopt(curl, CURLOPT_NOPROXY, "www.example.com");
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.3
b/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.3
index 869b7f6cb..dadc3651c 100644
--- a/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.3
+++ b/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,44 @@ The default value of this parameter is NULL.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+/* make libcurl use the already established socket 'sockfd' */
+
+static curl_socket_t opensocket(void *clientp,
+ curlsocktype purpose,
+ struct curl_sockaddr *address)
+{
+ curl_socket_t sockfd;
+ sockfd = *(curl_socket_t *)clientp;
+ /* the actual externally set socket is passed in via the OPENSOCKETDATA
+ option */
+ return sockfd;
+}
+
+static int sockopt_callback(void *clientp, curl_socket_t curlfd,
+ curlsocktype purpose)
+{
+ /* This return code was added in libcurl 7.21.5 */
+ return CURL_SOCKOPT_ALREADY_CONNECTED;
+}
+
+curl = curl_easy_init();
+if(curl) {
+ /* libcurl will internally think that you connect to the host
+ * and port that you specify in the URL option. */
+ curl_easy_setopt(curl, CURLOPT_URL, "http://99.99.99.99:9999";);
+ /* call this function to get a socket */
+ curl_easy_setopt(curl, CURLOPT_OPENSOCKETFUNCTION, opensocket);
+ curl_easy_setopt(curl, CURLOPT_OPENSOCKETDATA, &sockfd);
+
+ /* call this function to set options for the socket */
+ curl_easy_setopt(curl, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
+
+ res = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.17.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.3
b/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.3
index 314e0c4ab..28a0e5752 100644
--- a/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -81,6 +81,44 @@ The default behavior is the equivalent of this:
.SH PROTOCOLS
All
.SH EXAMPLE
+.nf
+/* make libcurl use the already established socket 'sockfd' */
+
+static curl_socket_t opensocket(void *clientp,
+ curlsocktype purpose,
+ struct curl_sockaddr *address)
+{
+ curl_socket_t sockfd;
+ sockfd = *(curl_socket_t *)clientp;
+ /* the actual externally set socket is passed in via the OPENSOCKETDATA
+ option */
+ return sockfd;
+}
+
+static int sockopt_callback(void *clientp, curl_socket_t curlfd,
+ curlsocktype purpose)
+{
+ /* This return code was added in libcurl 7.21.5 */
+ return CURL_SOCKOPT_ALREADY_CONNECTED;
+}
+
+curl = curl_easy_init();
+if(curl) {
+ /* libcurl will internally think that you connect to the host
+ * and port that you specify in the URL option. */
+ curl_easy_setopt(curl, CURLOPT_URL, "http://99.99.99.99:9999";);
+ /* call this function to get a socket */
+ curl_easy_setopt(curl, CURLOPT_OPENSOCKETFUNCTION, opensocket);
+ curl_easy_setopt(curl, CURLOPT_OPENSOCKETDATA, &sockfd);
+
+ /* call this function to set options for the socket */
+ curl_easy_setopt(curl, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
+
+ res = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.17.1.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PASSWORD.3
b/docs/libcurl/opts/CURLOPT_PASSWORD.3
index 06ed9e19e..3c5f7de40 100644
--- a/docs/libcurl/opts/CURLOPT_PASSWORD.3
+++ b/docs/libcurl/opts/CURLOPT_PASSWORD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,12 +33,26 @@ password to use for the transfer.
The \fICURLOPT_PASSWORD(3)\fP option should be used in conjunction with the
\fICURLOPT_USERNAME(3)\fP option.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
blank
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ curl_easy_setopt(curl, CURLOPT_PASSWORD, "qwerty");
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
index 4e673bd4d..47646474e 100644
--- a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
+++ b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,6 +39,9 @@ if it does not exactly match the public key provided to this
option, curl will
abort the connection before sending or receiving any data.
On mismatch, \fICURLE_SSL_PINNEDPUBKEYNOTMATCH\fP is returned.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
@@ -91,14 +94,27 @@ footer:
.fi
.SH AVAILABILITY
PEM/DER support:
+
7.39.0: OpenSSL, GnuTLS and GSKit
+
7.43.0: NSS and wolfSSL/CyaSSL
+
7.47.0: mbedtls
+
7.49.0: PolarSSL
+
+ 7.54.1: SecureTransport/DarwinSSL on macOS 10.7+/iOS 10+
+
sha256 support:
- 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.
+
+ 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL
+
7.47.0: mbedtls
+
7.49.0: PolarSSL
+
+ 7.54.1: SecureTransport/DarwinSSL on macOS 10.7+/iOS 10+
+
Other SSL backends not supported.
.SH RETURN VALUE
Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
diff --git a/docs/libcurl/opts/CURLOPT_PORT.3 b/docs/libcurl/opts/CURLOPT_PORT.3
index f47b243ab..6c7b9dc82 100644
--- a/docs/libcurl/opts/CURLOPT_PORT.3
+++ b/docs/libcurl/opts/CURLOPT_PORT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -42,7 +42,15 @@ By default this is 0 which makes it not used.
.SH PROTOCOLS
Used for all protocols that speak to a port number.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_PORT, 8080L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_POST.3 b/docs/libcurl/opts/CURLOPT_POST.3
index 7754c7dc0..5e4f0409b 100644
--- a/docs/libcurl/opts/CURLOPT_POST.3
+++ b/docs/libcurl/opts/CURLOPT_POST.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -68,7 +68,19 @@ re-used handle, you must explicitly set the new request type
using
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_POST, 1L);
+
+ /* set up the read callback with CURLOPT_READFUNCTION */
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Along with HTTP
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_POSTFIELDS.3
b/docs/libcurl/opts/CURLOPT_POSTFIELDS.3
index 17ec2d76f..515376bab 100644
--- a/docs/libcurl/opts/CURLOPT_POSTFIELDS.3
+++ b/docs/libcurl/opts/CURLOPT_POSTFIELDS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -52,8 +52,10 @@ the POST data from the read callback. If you want to send a
zero-byte POST set
\fICURLOPT_POSTFIELDS(3)\fP to an empty string, or set \fICURLOPT_POST(3)\fP to
1 and \fICURLOPT_POSTFIELDSIZE(3)\fP to 0.
-Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header.
-You can disable this header with \fICURLOPT_HTTPHEADER(3)\fP as usual.
+Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header,
+and libcurl will add that header automatically if the POST is either known to
+be larger than 1024 bytes or if the expected size is unknown. You can disable
+this header with \fICURLOPT_HTTPHEADER(3)\fP as usual.
To make multipart/formdata posts (aka RFC2388-posts), check out the
\fICURLOPT_HTTPPOST(3)\fP option combined with \fIcurl_formadd(3)\fP.
diff --git a/docs/libcurl/opts/CURLOPT_POSTQUOTE.3
b/docs/libcurl/opts/CURLOPT_POSTQUOTE.3
index 3283a1a4e..8af7ffdd0 100644
--- a/docs/libcurl/opts/CURLOPT_POSTQUOTE.3
+++ b/docs/libcurl/opts/CURLOPT_POSTQUOTE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,23 @@ NULL
.SH PROTOCOLS
SFTP and FTP
.SH EXAMPLE
-TODO
+.nf
+struct curl_slist *h = NULL;
+h = curl_slist_append(h, "RNFR source-name");
+h = curl_slist_append(h, "RNTO new-name");
+
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/foo.bin";);
+
+ /* pass in the FTP commands to run after the transfer */
+ curl_easy_setopt(curl, CURLOPT_POSTQUOTE, headerlist);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
If support for the protocols are built-in.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PREQUOTE.3
b/docs/libcurl/opts/CURLOPT_PREQUOTE.3
index 6b95265e7..77da3908a 100644
--- a/docs/libcurl/opts/CURLOPT_PREQUOTE.3
+++ b/docs/libcurl/opts/CURLOPT_PREQUOTE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -22,23 +22,42 @@
.\"
.TH CURLOPT_PREQUOTE 3 "17 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt
options"
.SH NAME
-CURLOPT_PREQUOTE \- commands to run before FTP or SFTP transfer
+CURLOPT_PREQUOTE \- commands to run before an FTP transfer
.SH SYNOPSIS
#include <curl/curl.h>
-CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PREQUOTE, char *cmds);
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PREQUOTE,
+ struct curl_slist *cmds);
.SH DESCRIPTION
-Pass a pointer to a linked list of FTP or SFTP commands to pass to the server
-after the transfer type is set. The linked list should be a fully valid list
-of struct curl_slist structs properly filled in as described for
+Pass a pointer to a linked list of FTP commands to pass to the server after
+the transfer type is set. The linked list should be a fully valid list of
+struct curl_slist structs properly filled in as described for
\fICURLOPT_QUOTE(3)\fP. Disable this operation again by setting a NULL to this
option.
+
+While \fICURLOPT_QUOTE(3)\fP and \fICURLOPT_POSTQUOTE(3)\fP work for SFTP,
+this option does not.
.SH DEFAULT
NULL
.SH PROTOCOLS
-FTP and SFTP
+FTP
.SH EXAMPLE
-TODO
+.nf
+struct curl_slist *h = NULL;
+h = curl_slist_append(h, "SYST");
+
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/foo.bin";);
+
+ /* pass in the FTP commands to run */
+ curl_easy_setopt(curl, CURLOPT_PREQUOTE, headerlist);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Along with the protocol support
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PRE_PROXY.3
b/docs/libcurl/opts/CURLOPT_PRE_PROXY.3
new file mode 100644
index 000000000..8894c16da
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PRE_PROXY.3
@@ -0,0 +1,80 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PRE_PROXY 3 "16 Nov 2016" "libcurl 7.52.0" "curl_easy_setopt
options"
+.SH NAME
+CURLOPT_PRE_PROXY \- set pre-proxy to use
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PRE_PROXY, char *preproxy);
+.SH DESCRIPTION
+Set the \fIpreproxy\fP to use for the upcoming request. The parameter
+should be a char * to a zero terminated string holding the host name or dotted
+numerical IP address. A numerical IPv6 address must be written within
+[brackets].
+
+To specify port number in this string, append :[port] to the end of the host
+name. The proxy's port number may optionally be specified with the separate
+option \fICURLOPT_PROXYPORT(3)\fP. If not specified, libcurl will default to
+using port 1080 for proxies.
+
+A pre proxy is a SOCKS proxy that curl connects to before it connects to the
+HTTP(S) proxy specified in the \fICURLOPT_PROXY\fP option. The pre proxy can
+only be a SOCKS proxy.
+
+The pre proxy string should be prefixed with [scheme]:// to specify which kind
+of socks is used. Use socks4://, socks4a://, socks5:// or socks5h:// (the last
+one to enable socks5 and asking the proxy to do the resolving, also known as
+\fICURLPROXY_SOCKS5_HOSTNAME\fP type) to request the specific SOCKS version to
+be used. Otherwise SOCKS4 is used as default.
+
+Setting the pre proxy string to "" (an empty string) will explicitly disable
+the use of a pre proxy.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+Default is NULL, meaning no pre proxy is used.
+
+When you set a host name to use, do not assume that there's any particular
+single port number used widely for proxies. Specify it!
+.SH PROTOCOLS
+All except file://. Note that some protocols don't do very well over proxy.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/file.txt";);
+ curl_easy_setopt(curl, CURLOPT_PREPROXY, "socks4://socks-proxy:1080");
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy:80";);
+ curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if proxies are supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY "(3), " CURLOPT_HTTPPROXYTUNNEL "(3), "
+
diff --git a/docs/libcurl/opts/CURLOPT_PROXY.3
b/docs/libcurl/opts/CURLOPT_PROXY.3
index 64b74faed..c543c2c5d 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY.3
+++ b/docs/libcurl/opts/CURLOPT_PROXY.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,10 +38,22 @@ option \fICURLOPT_PROXYPORT(3)\fP. If not specified,
libcurl will default to
using port 1080 for proxies.
The proxy string may be prefixed with [scheme]:// to specify which kind of
-proxy is used. Use socks4://, socks4a://, socks5:// or socks5h:// (the last
-one to enable socks5 and asking the proxy to do the resolving, also known as
-\fICURLPROXY_SOCKS5_HOSTNAME\fP type) to request the specific SOCKS version to
-be used. No scheme specified or http://, will be treated as HTTP proxies.
+proxy is used.
+
+.RS
+.IP http://
+HTTP Proxy. Default when no scheme or proxy type is specified.
+.IP https://
+HTTPS Proxy. (Added in 7.52.0 for OpenSSL, GnuTLS and NSS)
+.IP socks4://
+SOCKS4 Proxy.
+.IP socks4a://
+SOCKS4a Proxy. Proxy resolves URL hostname.
+.IP socks5://
+SOCKS5 Proxy.
+.IP socks5h://
+SOCKS5 Proxy. Proxy resolves URL hostname.
+.RE
Without a scheme prefix, \fICURLOPT_PROXYTYPE(3)\fP can be used to specify
which kind of proxy the string identifies.
@@ -53,15 +65,26 @@ an impact on what other features of the library you can
use, such as
tunnel through the HTTP proxy. Such tunneling is activated with
\fICURLOPT_HTTPPROXYTUNNEL(3)\fP.
-libcurl respects the environment variables \fBhttp_proxy\fP, \fBftp_proxy\fP,
-\fBall_proxy\fP etc, if any of those are set. The \fICURLOPT_PROXY(3)\fP
-option does however override any possibly set environment variables.
-
Setting the proxy string to "" (an empty string) will explicitly disable the
use of a proxy, even if there is an environment variable set for it.
A proxy host string can also include protocol scheme (http://) and embedded
user + password.
+
+The application does not have to keep the string around after setting this
+option.
+.SH "Environment variables"
+libcurl respects the proxy environment variables named \fBhttp_proxy\fP,
+\fBftp_proxy\fP, \fBsftp_proxy\fP etc. If set, libcurl will use the specified
+proxy for that URL scheme. So for a "FTP://" URL, the \fBftp_proxy\fP is
+considered. \fBall_proxy\fP is used if no protocol specific proxy was set.
+
+If \fBno_proxy\fP (or \fBNO_PROXY\fP) is set, it can specify a list of host
+names to not use a proxy for (even if one of the previous mention variables
+are set). That is the exact equivalent of setting the \fICURLOPT_NOPROXY(3)\fP
+option.
+
+The \fICURLOPT_PROXY(3)\fP option overrides environment variables.
.SH DEFAULT
Default is NULL, meaning no proxy is used.
@@ -70,7 +93,14 @@ single port number used widely for proxies. Specify it!
.SH PROTOCOLS
All except file://. Note that some protocols don't do very well over proxy.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/file.txt";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy:80";);
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Since 7.14.1 the proxy environment variable names can include the protocol
scheme.
diff --git a/docs/libcurl/opts/CURLOPT_PROXYAUTH.3
b/docs/libcurl/opts/CURLOPT_PROXYAUTH.3
index 24dbca5ab..fbf941430 100644
--- a/docs/libcurl/opts/CURLOPT_PROXYAUTH.3
+++ b/docs/libcurl/opts/CURLOPT_PROXYAUTH.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -43,7 +43,21 @@ CURLAUTH_BASIC
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* use this proxy */
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://local.example.com:1080";);
+ /* allow whatever auth the proxy speaks */
+ curl_easy_setopt(curl, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
+ /* set the proxy credentials */
+ curl_easy_setopt(curl, CURLOPT_PROXYUSERPWD, "james:007");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.10.7
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PROXYHEADER.3
b/docs/libcurl/opts/CURLOPT_PROXYHEADER.3
index bfec6293e..44ed85ece 100644
--- a/docs/libcurl/opts/CURLOPT_PROXYHEADER.3
+++ b/docs/libcurl/opts/CURLOPT_PROXYHEADER.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -48,7 +48,25 @@ NULL
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+
+struct curl_slist *list;
+
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy.example.com:80";);
+
+ list = curl_slist_append(NULL, "Shoesize: 10");
+ list = curl_slist_append(list, "Accept:");
+
+ curl_easy_setopt(curl, CURLOPT_PROXYHEADER, list);
+
+ curl_easy_perform(curl);
+
+ curl_slist_free_all(list); /* free the list again */
+}
+.fi
.SH AVAILABILITY
Added in 7.37.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.3
b/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.3
index 18272c34c..75b2b7df3 100644
--- a/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.3
+++ b/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,12 +33,25 @@ password to use for authentication with the proxy.
The \fICURLOPT_PROXYPASSWORD(3)\fP option should be used in conjunction with
the \fICURLOPT_PROXYUSERNAME(3)\fP option.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
blank
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://localhost:8080";);
+ curl_easy_setopt(curl, CURLOPT_PROXYUSERNAME, "mrsmith");
+ curl_easy_setopt(curl, CURLOPT_PROXYPASSWORD, "qwerty");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PROXYPORT.3
b/docs/libcurl/opts/CURLOPT_PROXYPORT.3
index 2380e09ec..30ed17f11 100644
--- a/docs/libcurl/opts/CURLOPT_PROXYPORT.3
+++ b/docs/libcurl/opts/CURLOPT_PROXYPORT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -29,7 +29,8 @@ CURLOPT_PROXYPORT \- port number the proxy listens on
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXYPORT, long port);
.SH DESCRIPTION
Pass a long with this option to set the proxy port to connect to unless it is
-specified in the proxy string \fICURLOPT_PROXY(3)\fP or uses the default one.
+specified in the proxy string \fICURLOPT_PROXY(3)\fP or uses 443 for https
+proxies and 1080 for all others as default.
While this accepts a 'long', the port number is 16 bit so it can't be larger
than 65535.
@@ -38,7 +39,16 @@ than 65535.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "localhost");
+ curl_easy_setopt(curl, CURLOPT_PROXYPORT, 8080L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PROXYTYPE.3
b/docs/libcurl/opts/CURLOPT_PROXYTYPE.3
index d2d924257..d7d97504e 100644
--- a/docs/libcurl/opts/CURLOPT_PROXYTYPE.3
+++ b/docs/libcurl/opts/CURLOPT_PROXYTYPE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -28,15 +28,26 @@ CURLOPT_PROXYTYPE \- proxy protocol type
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXYTYPE, long type);
.SH DESCRIPTION
-Pass a long with this option to set type of the proxy. Available options for
-this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_HTTP_1_0\fP
-\fICURLPROXY_SOCKS4\fP, \fICURLPROXY_SOCKS5\fP, \fICURLPROXY_SOCKS4A\fP and
-\fICURLPROXY_SOCKS5_HOSTNAME\fP. The HTTP type is default.
+Pass one of the values below to set the type of the proxy.
-If you set \fICURLOPT_PROXYTYPE(3)\fP to \fICURLPROXY_HTTP_1_0\fP, it will
-only affect how libcurl speaks to a proxy when CONNECT is used. The HTTP
-version used for "regular" HTTP requests is instead controlled with
-\fICURLOPT_HTTP_VERSION(3)\fP.
+.RS
+.IP CURLPROXY_HTTP
+HTTP Proxy. Default.
+.IP CURLPROXY_HTTPS
+HTTPS Proxy. (Added in 7.52.0 for OpenSSL, GnuTLS and NSS)
+.IP CURLPROXY_HTTP_1_0
+HTTP 1.0 Proxy. This is very similar to CURLPROXY_HTTP except it uses HTTP/1.0
+for any CONNECT tunnelling. It does not change the HTTP version of the actual
+HTTP requests, controlled by \fICURLOPT_HTTP_VERSION(3)\fP.
+.IP CURLPROXY_SOCKS4
+SOCKS4 Proxy.
+.IP CURLPROXY_SOCKS4A
+SOCKS4a Proxy. Proxy resolves URL hostname.
+.IP CURLPROXY_SOCKS5
+SOCKS5 Proxy.
+.IP CURLPROXY_SOCKS5_HOSTNAME
+SOCKS5 Proxy. Proxy resolves URL hostname.
+.RE
Often it is more convenient to specify the proxy type with the scheme part of
the \fICURLOPT_PROXY(3)\fP string.
@@ -45,7 +56,18 @@ CURLPROXY_HTTP
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "local.example.com:1080");
+ /* set the proxy type */
+ curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3
b/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3
index 0d7a241fb..54981b124 100644
--- a/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3
+++ b/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,12 +37,25 @@ user name to use for the transfer.
authentication with the proxy.
To specify the proxy password use the \fICURLOPT_PROXYPASSWORD(3)\fP.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
blank
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://localhost:8080";);
+ curl_easy_setopt(curl, CURLOPT_PROXYUSERNAME, "mrsmith");
+ curl_easy_setopt(curl, CURLOPT_PROXYPASSWORD, "qwerty");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PROXYUSERPWD.3
b/docs/libcurl/opts/CURLOPT_PROXYUSERPWD.3
index 1b47b892f..cdf4e0885 100644
--- a/docs/libcurl/opts/CURLOPT_PROXYUSERPWD.3
+++ b/docs/libcurl/opts/CURLOPT_PROXYUSERPWD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,12 +35,24 @@ should encode it as %3A. (This is different to how
\fICURLOPT_USERPWD(3)\fP is
used - beware.)
Use \fICURLOPT_PROXYAUTH(3)\fP to specify the authentication method.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
This is NULL by default.
.SH PROTOCOLS
Used with all protocols that can use a proxy
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://localhost:8080";);
+ curl_easy_setopt(curl, CURLOPT_PROXYUSERPWD, "clark%20kent:superman");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3
b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3
new file mode 100644
index 000000000..a5f61a5bd
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3
@@ -0,0 +1,83 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_CAINFO 3 "16 Nov 2016" "libcurl 7.52.0" "curl_easy_setopt
options"
+.SH NAME
+CURLOPT_PROXY_CAINFO \- path to proxy Certificate Authority (CA) bundle
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CAINFO, char *path);
+.SH DESCRIPTION
+This option is for connecting to a HTTPS proxy, not a HTTPS server.
+
+Pass a char * to a zero terminated string naming a file holding one or more
+certificates to verify the HTTPS proxy with.
+
+If \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP is zero and you avoid verifying the
+server's certificate, \fICURLOPT_PROXY_CAINFO(3)\fP need not even indicate an
+accessible file.
+
+This option is by default set to the system path where libcurl's cacert bundle
+is assumed to be stored, as established at build time.
+
+If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
+(libnsspem.so) needs to be available for this option to work properly.
+
+(iOS and macOS only) If curl is built against Secure Transport, then this
+option is supported for backward compatibility with other SSL engines, but it
+should not be set. If the option is not set, then curl will use the
+certificates in the system and user Keychain to verify the peer, which is the
+preferred method of verifying the peer's certificate chain.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+Built-in system specific
+.SH PROTOCOLS
+Used with HTTPS proxy
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* using a HTTPS proxy */
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_CAINFO, "/etc/certs/cabundle.pem");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+
+For TLS backends that don't support certificate files, the
+\fICURLOPT_PROXY_CAINFO(3)\fP option is ignored. Refer to
+https://curl.haxx.se/docs/ssl-compared.html
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_CAPATH "(3), "
+.BR CURLOPT_PROXY_SSL_VERIFYPEER "(3), " CURLOPT_PROXY_SSL_VERIFYHOST "(3), "
+.BR CURLOPT_CAPATH "(3), "
+.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_SSL_VERIFYHOST "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
b/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
new file mode 100644
index 000000000..4064dfd85
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
@@ -0,0 +1,71 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_CAPATH 3 "16 Nov 2016" "libcurl 7.52.0" "curl_easy_setopt
options"
+.SH NAME
+CURLOPT_PROXY_CAPATH \- specify directory holding proxy CA certificates
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CAPATH, char *capath);
+.SH DESCRIPTION
+Pass a char * to a zero terminated string naming a directory holding multiple
+CA certificates to verify the HTTPS proxy with. If libcurl is built against
+OpenSSL, the certificate directory must be prepared using the openssl c_rehash
+utility. This makes sense only when \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP is
+enabled (which it is by default).
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+Everything used over an HTTPS proxy
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* using a HTTPS proxy */
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_CAPATH, "/etc/cert-dir");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+
+This option is supported by the OpenSSL, GnuTLS and PolarSSL backends. The NSS
+backend provides the option only for backward compatibility.
+.SH RETURN VALUE
+CURLE_OK if supported; or an error such as:
+
+CURLE_NOT_BUILT_IN - Not supported by the SSL backend
+
+CURLE_UNKNOWN_OPTION
+
+CURLE_OUT_OF_MEMORY
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_CAINFO "(3), "
+.Br CURLOPT_CAINFO "(3), " CURLOPT_PROXY_SSL_VERIFYHOST "(3), "
+.BR CURLOPT_STDERR "(3), " CURLOPT_DEBUGFUNCTION "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.3
b/docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.3
new file mode 100644
index 000000000..310ad7a4e
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.3
@@ -0,0 +1,75 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_CRLFILE 3 "16 Nov 2016" "libcurl 7.52.0" "curl_easy_setopt
options"
+.SH NAME
+CURLOPT_PROXY_CRLFILE \- specify a proxy Certificate Revocation List file
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CRLFILE, char *file);
+.SH DESCRIPTION
+This option is for connecting to a HTTPS proxy, not a HTTPS server.
+
+Pass a char * to a zero terminated string naming a \fIfile\fP with the
+concatenation of CRL (in PEM format) to use in the certificate validation that
+occurs during the SSL exchange.
+
+When curl is built to use NSS or GnuTLS, there is no way to influence the use
+of CRL passed to help in the verification process. When libcurl is built with
+OpenSSL support, X509_V_FLAG_CRL_CHECK and X509_V_FLAG_CRL_CHECK_ALL are both
+set, requiring CRL check against all the elements of the certificate chain if
+a CRL file is passed.
+
+This option makes sense only when used in combination with the
+\fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP option.
+
+A specific error code (\fICURLE_SSL_CRL_BADFILE\fP) is defined with the
+option. It is returned when the SSL exchange fails because the CRL file cannot
+be loaded. A failure in certificate verification due to a revocation
+information found in the CRL does not trigger this specific error.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+Used with HTTPS proxy.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:80";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_CRLFILE, "/etc/certs/crl.pem");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSL_VERIFYPEER "(3), " CURLOPT_PROXY_SSL_VERIFYHOST "(3), "
+.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_SSL_VERIFYHOST "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.3
b/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.3
new file mode 100644
index 000000000..594290274
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.3
@@ -0,0 +1,62 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_KEYPASSWD 3 "16 Nov 2016" "libcurl 7.52.0" "curl_easy_setopt
options"
+.SH NAME
+CURLOPT_PROXY_KEYPASSWD \- set passphrase to proxy private key
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_KEYPASSWD, char *pwd);
+.SH DESCRIPTION
+This option is for connecting to a HTTPS proxy, not a HTTPS server.
+
+Pass a pointer to a zero terminated string as parameter. It will be used as
+the password required to use the \fICURLOPT_PROXY_SSLKEY(3)\fP private key.
+You never needed a pass phrase to load a certificate but you need one to load
+your private key.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+Used with HTTPS proxy
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy:443";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "superman");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSLKEY "(3), " CURLOPT_SSH_PRIVATE_KEYFILE "(3), "
+.BR CURLOPT_SSLKEY "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.3
b/docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.3
new file mode 100644
index 000000000..f6d56ebe9
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.3
@@ -0,0 +1,111 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_PINNEDPUBLICKEY 3 "24 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_PINNEDPUBLICKEY \- set pinned public key for https proxy
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_PINNEDPUBLICKEY, char
*pinnedpubkey);
+.SH DESCRIPTION
+Pass a pointer to a zero terminated string as parameter. The string can be the
+file name of your pinned public key. The file format expected is "PEM" or
"DER".
+The string can also be any number of base64 encoded sha256 hashes preceded by
+"sha256//" and separated by ";"
+
+When negotiating a TLS or SSL connection, the https proxy sends a certificate
+indicating its identity. A public key is extracted from this certificate and
+if it does not exactly match the public key provided to this option, curl will
+abort the connection before sending or receiving any data.
+
+On mismatch, \fICURLE_SSL_PINNEDPUBKEYNOTMATCH\fP is returned.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy:443";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_PINNEDPUBLICKEY,
+
"sha256//YhKJKSzoTt2b5FP18fvpHo7fJYqQCjAa3HWY3tvRMwE=;sha256//t62CeU2tQiqkexU74Gxa2eg7fRbEgoChTociMee9wno=");
+
+ /* Perform the request */
+ curl_easy_perform(curl);
+}
+.fi
+.SH PUBLIC KEY EXTRACTION
+If you do not have the https proxy server's public key file you can extract it
+from the https proxy server's certificate.
+.nf
+# retrieve the server's certificate if you don't already have it
+#
+# be sure to examine the certificate to see if it is what you expected
+#
+# Windows-specific:
+# - Use NUL instead of /dev/null.
+# - OpenSSL may wait for input instead of disconnecting. Hit enter.
+# - If you don't have sed, then just copy the certificate into a file:
+# Lines from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE-----.
+#
+openssl s_client -servername www.example.com -connect www.example.com:443 <
/dev/null | sed -n "/-----BEGIN/,/-----END/p" > www.example.com.pem
+
+# extract public key in pem format from certificate
+openssl x509 -in www.example.com.pem -pubkey -noout >
www.example.com.pubkey.pem
+
+# convert public key from pem to der
+openssl asn1parse -noout -inform pem -in www.example.com.pubkey.pem -out
www.example.com.pubkey.der
+
+# sha256 hash and base64 encode der to string for use
+openssl dgst -sha256 -binary www.example.com.pubkey.der | openssl base64
+.fi
+The public key in PEM format contains a header, base64 data and a
+footer:
+.nf
+-----BEGIN PUBLIC KEY-----
+[BASE 64 DATA]
+-----END PUBLIC KEY-----
+.fi
+.SH AVAILABILITY
+PEM/DER support:
+
+ 7.52.0: GSKit, GnuTLS, NSS, OpenSSL, PolarSSL, mbedtls, wolfSSL/CyaSSL
+
+sha256 support:
+
+ 7.52.0: GnuTLS, NSS, OpenSSL, PolarSSL, mbedtls, wolfSSL/CyaSSL
+
+Other SSL backends not supported.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSL_VERIFYPEER "(3), "
+.BR CURLOPT_PROXY_SSL_VERIFYHOST "(3), "
+.BR CURLOPT_PROXY_CAINFO "(3), "
+.BR CURLOPT_PROXY_CAPATH "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3
b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3
index a010382fd..4baa6a0ed 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -31,12 +31,23 @@ CURLcode curl_easy_setopt(CURL *handle,
CURLOPT_PROXY_SERVICE_NAME, char *name);
Pass a char * as parameter to a string holding the \fIname\fP of the
service. The default service name is "HTTP" for HTTP based proxies and "rcmd"
for SOCKS5. This option allows you to change it.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
See above
.SH PROTOCOLS
All network protocols
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_SERVICE_NAME, "custom");
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.43.0 for HTTP proxies, 7.49.0 for SOCKS5 proxies.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.3
b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.3
new file mode 100644
index 000000000..41e73190e
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.3
@@ -0,0 +1,72 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLCERT 3 "16 Nov 2016" "libcurl 7.52.0" "curl_easy_setopt
options"
+.SH NAME
+CURLOPT_PROXY_SSLCERT \- set SSL proxy client certificate
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLCERT, char *cert);
+.SH DESCRIPTION
+This option is for connecting to a HTTPS proxy, not a HTTPS server.
+
+Pass a pointer to a zero terminated string as parameter. The string should be
+the file name of your client certificate used to connect to the HTTPS proxy.
+The default format is "P12" on Secure Transport and "PEM" on other engines,
+and can be changed with \fICURLOPT_PROXY_SSLCERTTYPE(3)\fP.
+
+With NSS or Secure Transport, this can also be the nickname of the certificate
+you wish to authenticate with as it is named in the security database. If you
+want to use a file from the current directory, please precede it with "./"
+prefix, in order to avoid confusion with a nickname.
+
+When using a client certificate, you most likely also need to provide a
+private key with \fICURLOPT_PROXY_SSLKEY(3)\fP.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+Used with HTTPS proxy
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT, "client.pem");
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY, "key.pem");
+ curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "s3cret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSLCERTTYPE "(3), " CURLOPT_PROXY_SSLKEY "(3), "
+.BR CURLOPT_SSLCERT "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.3
b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.3
new file mode 100644
index 000000000..b8a6be0bb
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.3
@@ -0,0 +1,67 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLCERTTYPE 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSLCERTTYPE \- specify type of the proxy client SSL certificate
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLCERTTYPE, char *type);
+.SH DESCRIPTION
+Pass a pointer to a zero terminated string as parameter. The string should be
+the format of your client certificate used when connecting to a HTTPS proxy.
+
+Supported formats are "PEM" and "DER", except with Secure Transport. OpenSSL
+(versions 0.9.3 and later) and Secure Transport (on iOS 5 or later, or OS X
+10.7 or later) also support "P12" for PKCS#12-encoded files.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+"PEM"
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT, "client.pem");
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERTTYPE, "PEM");
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY, "key.pem");
+ curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "s3cret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSLCERT "(3), " CURLOPT_PROXY_SSLKEY "(3), "
+.BR CURLOPT_SSLCERTTYPE "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.3
b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.3
new file mode 100644
index 000000000..8df1c1ee6
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.3
@@ -0,0 +1,68 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLKEY 3 "16 Nov 2016" "libcurl 7.52.0" "curl_easy_setopt
options"
+.SH NAME
+CURLOPT_PROXY_SSLKEY \- specify private keyfile for TLS and SSL proxy client
cert
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLKEY, char *keyfile);
+.SH DESCRIPTION
+Pass a pointer to a zero terminated string as parameter. The string should be
+the file name of your private key used for connecting to the HTTPS proxy. The
+default format is "PEM" and can be changed with
+\fICURLOPT_PROXY_SSLKEYTYPE(3)\fP.
+
+(iOS and Mac OS X only) This option is ignored if curl was built against
+Secure Transport. Secure Transport expects the private key to be already
+present in the keychain or PKCS#12 file containing the certificate.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT, "client.pem");
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY, "key.pem");
+ curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "s3cret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSLKEYTYPE "(3), " CURLOPT_PROXY_SSLCERT "(3), "
+.BR CURLOPT_SSLKEYTYPE "(3), " CURLOPT_SSLCERT "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.3
b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.3
new file mode 100644
index 000000000..687c229a0
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.3
@@ -0,0 +1,61 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLKEYTYPE 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSLKEYTYPE \- set type of the proxy private key file
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLKEYTYPE, char *type);
+.SH DESCRIPTION
+This option is for connecting to a HTTPS proxy, not a HTTPS server.
+
+Pass a pointer to a zero terminated string as parameter. The string should be
+the format of your private key. Supported formats are "PEM", "DER" and "ENG".
+
+The application does not have to keep the string around after setting this
+option.
+.SH PROTOCOLS
+Used with HTTPS proxy
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT, "client.pem");
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY, "key.pem");
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEYTYPE, "PEM");
+ curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "s3cret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSLKEY "(3), " CURLOPT_PROXY_SSLCERT "(3), "
+.BR CURLOPT_SSLKEYTYPE "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3
b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3
new file mode 100644
index 000000000..6b9ff7dee
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3
@@ -0,0 +1,92 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSLVERSION 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSLVERSION \- set preferred proxy TLS/SSL version
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLVERSION, long
version);
+.SH DESCRIPTION
+Pass a long as parameter to control which version of SSL/TLS to attempt to use
+when connecting to an HTTPS proxy.
+
+Use one of the available defines for this purpose. The available options are:
+.RS
+.IP CURL_SSLVERSION_DEFAULT
+The default action. This will attempt to figure out the remote SSL protocol
+version.
+.IP CURL_SSLVERSION_TLSv1
+TLSv1.x
+.IP CURL_SSLVERSION_TLSv1_0
+TLSv1.0
+.IP CURL_SSLVERSION_TLSv1_1
+TLSv1.1
+.IP CURL_SSLVERSION_TLSv1_2
+TLSv1.2
+.IP CURL_SSLVERSION_TLSv1_3
+TLSv1.3
+.IP CURL_SSLVERSION_MAX_DEFAULT
+The flag defines the maximum supported TLS version as TLSv1.2, or the default
+value from the SSL library. Only the NSS library currently allows one to get
+the maximum supported TLS version.
+(Added in 7.54.0)
+.IP CURL_SSLVERSION_MAX_TLSv1_0
+The flag defines maximum supported TLS version as TLSv1.0.
+(Added in 7.54.0)
+.IP CURL_SSLVERSION_MAX_TLSv1_1
+The flag defines maximum supported TLS version as TLSv1.1.
+(Added in 7.54.0)
+.IP CURL_SSLVERSION_MAX_TLSv1_2
+The flag defines maximum supported TLS version as TLSv1.2.
+(Added in 7.54.0)
+.IP CURL_SSLVERSION_MAX_TLSv1_3
+The flag defines maximum supported TLS version as TLSv1.3.
+(Added in 7.54.0)
+.RE
+.SH DEFAULT
+CURL_SSLVERSION_DEFAULT
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+
+ /* ask libcurl to use TLS version 1.0 or later */
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSLVERSION, CURL_SSLVERSION_TLSv1_1 |
+ CURL_SSLVERSION_MAX_DEFAULT);
+
+ /* Perform the request */
+ curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_USE_SSL "(3), " CURLOPT_HTTP_VERSION "(3), "
+.BR CURLOPT_IPRESOLVE "(3) " CURLOPT_SSLVERSION "(3), "
+
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.3
b/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.3
new file mode 100644
index 000000000..caaef81a3
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.3
@@ -0,0 +1,80 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSL_CIPHER_LIST 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSL_CIPHER_LIST \- specify ciphers to use for proxy TLS
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_CIPHER_LIST, char
*list);
+.SH DESCRIPTION
+Pass a char *, pointing to a zero terminated string holding the list of
+ciphers to use for the connection to the HTTPS proxy. The list must be
+syntactically correct, it consists of one or more cipher strings separated by
+colons. Commas or spaces are also acceptable separators but colons are
+normally used, \&!, \&- and \&+ can be used as operators.
+
+For OpenSSL and GnuTLS valid examples of cipher lists include 'RC4-SHA',
+\'SHA1+DES\', 'TLSv1' and 'DEFAULT'. The default list is normally set when you
+compile OpenSSL.
+
+You'll find more details about cipher lists on this URL:
+
+ https://www.openssl.org/docs/apps/ciphers.html
+
+For NSS, valid examples of cipher lists include 'rsa_rc4_128_md5',
+\'rsa_aes_128_sha\', etc. With NSS you don't add/remove ciphers. If one uses
+this option then all known ciphers are disabled and only those passed in are
+enabled.
+
+You'll find more details about the NSS cipher lists on this URL:
+
+
http://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL, use internal default
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSL_CIPHER_LIST, "TLSv1");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSLVERSION "(3), " CURLOPT_USE_SSL "(3), "
+.BR CURLOPT_SSLVERSION "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3
b/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3
new file mode 100644
index 000000000..428efc38e
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3
@@ -0,0 +1,72 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSL_OPTIONS 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSL_OPTIONS \- set proxy SSL behavior options
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_OPTIONS, long
bitmask);
+.SH DESCRIPTION
+Pass a long with a bitmask to tell libcurl about specific SSL behaviors.
+
+\fICURLSSLOPT_ALLOW_BEAST\fP tells libcurl to not attempt to use any
+workarounds for a security flaw in the SSL3 and TLS1.0 protocols. If this
+option isn't used or this bit is set to 0, the SSL layer libcurl uses may use
+a work-around for this flaw although it might cause interoperability problems
+with some (older) SSL implementations. WARNING: avoiding this work-around
+lessens the security, and by setting this option to 1 you ask for exactly
+that. This option is only supported for DarwinSSL, NSS and OpenSSL.
+
+\fICURLSSLOPT_NO_REVOKE\fP tells libcurl to disable certificate revocation
+checks for those SSL backends where such behavior is present. \fBCurrently
+this option is only supported for WinSSL (the native Windows SSL library),
+with an exception in the case of Windows' Untrusted Publishers blacklist which
+it seems can't be bypassed.\fP This option may have broader support to
+accommodate other SSL backends in the future.
+https://curl.haxx.se/docs/ssl-compared.html
+
+.SH DEFAULT
+0
+.SH PROTOCOLS
+All
+.SH AVAILABLE
+Added in 7.52.0
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy";);
+ /* weaken TLS only for use with silly proxies */
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSL_OPTIONS, CURLSSLOPT_ALLOW_BEAST |
+ CURLSSLOPT_NO_REVOKE);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSLVERSION "(3), " CURLOPT_PROXY_SSL_CIPHER_LIST "(3), "
+.BR CURLOPT_SSLVERSION "(3), " CURLOPT_SSL_CIPHER_LIST "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.3
b/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.3
new file mode 100644
index 000000000..de4b15b34
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.3
@@ -0,0 +1,82 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSL_VERIFYHOST 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSL_VERIFYHOST \- verify the proxy certificate's name against
host
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYHOST, long
verify);
+.SH DESCRIPTION
+Pass a long set to 2L as asking curl to \fIverify\fP in the HTTPS proxy's
+certificate name fields against the proxy name.
+
+This option determines whether libcurl verifies that the proxy cert contains
+the correct name for the name it is known as.
+
+When \fICURLOPT_PROXY_SSL_VERIFYHOST(3)\fP is 2, the proxy certificate must
+indicate that the server is the proxy to which you meant to connect to, or the
+connection fails.
+
+Curl considers the proxy the intended one when the Common Name field or a
+Subject Alternate Name field in the certificate matches the host name in the
+proxy string which you told curl to use.
+
+When the \fIverify\fP value is 1L, \fIcurl_easy_setopt\fP will return an error
+and the option value will not be changed due to old legacy reasons.
+
+When the \fIverify\fP value is 0L, the connection succeeds regardless of the
+names used in the certificate. Use that ability with caution!
+
+See also \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP to verify the digital signature
+of the proxy certificate. If libcurl is built against NSS and
+\fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP is zero,
+\fICURLOPT_PROXY_SSL_VERIFYHOST(3)\fP is also set to zero and cannot be
+overridden.
+.SH DEFAULT
+2
+.SH PROTOCOLS
+All protocols when used over a HTTPS proxy.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+
+ /* Set the default value: strict name check please */
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 2L);
+
+ curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0.
+
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if TLS is supported, and CURLE_UNKNOWN_OPTION if not.
+
+If 1 is set as argument, \fICURLE_BAD_FUNCTION_ARGUMENT\fP is returned.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSL_VERIFYPEER "(3), " CURLOPT_PROXY_CAINFO "(3), ",
+.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_CAINFO "(3), ",
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.3
b/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.3
new file mode 100644
index 000000000..9473495cf
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.3
@@ -0,0 +1,89 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SSL_VERIFYPEER 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SSL_VERIFYPEER \- verify the proxy's SSL certificate
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYPEER, long
verify);
+.SH DESCRIPTION
+Pass a long as parameter set to 1L to enable or 0L to disable.
+
+This option tells curl to verifies the authenticity of the HTTPS proxy's
+certificate. A value of 1 means curl verifies; 0 (zero) means it doesn't.
+
+This is the proxy version of \fICURLOPT_SSL_VERIFYPEER(3)\fP that's used for
+ordinary HTTPS servers.
+
+When negotiating a TLS or SSL connection, the server sends a certificate
+indicating its identity. Curl verifies whether the certificate is authentic,
+i.e. that you can trust that the server is who the certificate says it is.
+This trust is based on a chain of digital signatures, rooted in certification
+authority (CA) certificates you supply. curl uses a default bundle of CA
+certificates (the path for that is determined at build time) and you can
+specify alternate certificates with the \fICURLOPT_PROXY_CAINFO(3)\fP option
+or the \fICURLOPT_PROXY_CAPATH(3)\fP option.
+
+When \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP is enabled, and the verification
+fails to prove that the certificate is authentic, the connection fails. When
+the option is zero, the peer certificate verification succeeds regardless.
+
+Authenticating the certificate is not enough to be sure about the server. You
+typically also want to ensure that the server is the server you mean to be
+talking to. Use \fICURLOPT_PROXY_SSL_VERIFYHOST(3)\fP for that. The check
+that the host name in the certificate is valid for the host name you're
+connecting to is done independently of the
+\fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP option.
+
+WARNING: disabling verification of the certificate allows bad guys to
+man-in-the-middle the communication without you knowing it. Disabling
+verification makes the communication insecure. Just having encryption on a
+transfer is not enough as you cannot be sure that you are communicating with
+the correct end-point.
+.SH DEFAULT
+1
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+
+ /* Set the default value: strict certificate check please */
+ curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYPEER, 1L);
+
+ curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+
+If built TLS enabled.
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_SSL_VERIFYHOST "(3), "
+.BR CURLOPT_SSL_VERIFYPEER "(3), "
+.BR CURLOPT_SSL_VERIFYHOST "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.3
b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.3
new file mode 100644
index 000000000..db3a3d1bb
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.3
@@ -0,0 +1,62 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_TLSAUTH_PASSWORD 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_TLSAUTH_PASSWORD \- password to use for proxy TLS authentication
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_TLSAUTH_PASSWORD, char
*pwd);
+.SH DESCRIPTION
+Pass a char * as parameter, which should point to the zero terminated password
+to use for the TLS authentication method specified with the
+\fICURLOPT_PROXY_TLSAUTH_TYPE(3)\fP option. Requires that the
+\fICURLOPT_PROXY_TLSAUTH_USERNAME(3)\fP option also be set.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_TYPE, "SRP");
+ curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_USERNAME, "user");
+ curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_PASSWORD, "secret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_TLSAUTH_TYPE "(3), " CURLOPT_PROXY_TLSAUTH_USERNAME "(3), "
+.BR CURLOPT_TLSAUTH_TYPE "(3), " CURLOPT_TLSAUTH_USERNAME "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.3
b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.3
new file mode 100644
index 000000000..47f4dae4a
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.3
@@ -0,0 +1,70 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_TLSAUTH_TYPE 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_TLSAUTH_TYPE \- set proxy TLS authentication methods
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_TLSAUTH_TYPE, char
*type);
+.SH DESCRIPTION
+Pass a pointer to a zero terminated string as parameter. The string should be
+the method of the TLS authentication used for the HTTPS connection. Supported
+method is "SRP".
+
+.IP SRP
+TLS-SRP authentication. Secure Remote Password authentication for TLS is
+defined in RFC5054 and provides mutual authentication if both sides have a
+shared secret. To use TLS-SRP, you must also set the
+\fICURLOPT_PROXY_TLSAUTH_USERNAME(3)\fP and
+\fICURLOPT_PROXY_TLSAUTH_PASSWORD(3)\fP options.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+blank
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_TYPE, "SRP");
+ curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_USERNAME, "user");
+ curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_PASSWORD, "secret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+
+You need to build libcurl with GnuTLS or OpenSSL with TLS-SRP support for this
+to work.
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_TLSAUTH_USERNAME "(3), " CURLOPT_PROXY_TLSAUTH_PASSWORD
"(3), "
+.BR CURLOPT_TLSAUTH_USERNAME "(3), " CURLOPT_TLSAUTH_PASSWORD "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.3
b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.3
new file mode 100644
index 000000000..6a2c4388d
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.3
@@ -0,0 +1,62 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_TLSAUTH_USERNAME 3 "16 Nov 2016" "libcurl 7.52.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_TLSAUTH_USERNAME \- user name to use for proxy TLS authentication
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_TLSAUTH_USERNAME, char
*user);
+.SH DESCRIPTION
+Pass a char * as parameter, which should point to the zero terminated username
+to use for the HTTPS proxy TLS authentication method specified with the
+\fICURLOPT_PROXY_TLSAUTH_TYPE(3)\fP option. Requires that the
+\fICURLOPT_PROXY_TLSAUTH_PASSWORD(3)\fP option also be set.
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_TYPE, "SRP");
+ curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_USERNAME, "user");
+ curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_PASSWORD, "secret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.52.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY_TLSAUTH_TYPE "(3), " CURLOPT_PROXY_TLSAUTH_PASSWORD "(3), "
+.BR CURLOPT_TLSAUTH_TYPE "(3), " CURLOPT_TLSAUTH_PASSWORD "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.3
b/docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.3
index 2e5c33a45..06366490b 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.3
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,17 @@ doing FTP via a proxy. Beware that not all proxies support
this feature.
.SH PROTOCOLS
FTP over proxy
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/old-server/file.txt";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://localhost:80";);
+ curl_easy_setopt(curl, CURLOPT_PROXY_TRANSFER_MODE, 1L);
+ curl_easy_setopt(curl, CURLOPT_TRANSFERTEXT, 1L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.18.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_PUT.3 b/docs/libcurl/opts/CURLOPT_PUT.3
index 87c6e0636..73f7e0a33 100644
--- a/docs/libcurl/opts/CURLOPT_PUT.3
+++ b/docs/libcurl/opts/CURLOPT_PUT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,8 +38,6 @@ This option is \fBdeprecated\fP since version 7.12.1. Use
0, disabled
.SH PROTOCOLS
HTTP
-.SH EXAMPLE
-TODO
.SH AVAILABILITY
Deprecated since 7.12.1. Do not use.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_QUOTE.3
b/docs/libcurl/opts/CURLOPT_QUOTE.3
index 4dce76df3..e02d2c742 100644
--- a/docs/libcurl/opts/CURLOPT_QUOTE.3
+++ b/docs/libcurl/opts/CURLOPT_QUOTE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -80,7 +80,23 @@ NULL
.SH PROTOCOLS
SFTP and FTP
.SH EXAMPLE
-TODO
+.nf
+struct curl_slist *h = NULL;
+h = curl_slist_append(h, "RNFR source-name");
+h = curl_slist_append(h, "RNTO new-name");
+
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/foo.bin";);
+
+ /* pass in the FTP commands to run before the transfer */
+ curl_easy_setopt(curl, CURLOPT_QUOTE, headerlist);
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
SFTP support added in 7.16.3. *-prefix for SFTP added in 7.24.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_RANDOM_FILE.3
b/docs/libcurl/opts/CURLOPT_RANDOM_FILE.3
index c82232505..9f3e3876d 100644
--- a/docs/libcurl/opts/CURLOPT_RANDOM_FILE.3
+++ b/docs/libcurl/opts/CURLOPT_RANDOM_FILE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -28,14 +28,25 @@ CURLOPT_RANDOM_FILE \- specify a source for random data
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_RANDOM_FILE, char *path);
.SH DESCRIPTION
-Pass a char * to a zero terminated file name. The file will be used to read
+Pass a char * to a zero terminated file name. The file might be used to read
from to seed the random engine for SSL and more.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL, not used
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_RANDOM_FILE, "junk.txt");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_RANGE.3
b/docs/libcurl/opts/CURLOPT_RANGE.3
index 375a944c6..e90696c01 100644
--- a/docs/libcurl/opts/CURLOPT_RANGE.3
+++ b/docs/libcurl/opts/CURLOPT_RANGE.3
@@ -44,6 +44,9 @@ RTSP, byte ranges are \fBnot\fP permitted. Instead, ranges
should be given in
npt, utc, or smpte formats.
Pass a NULL to this option to disable the use of ranges.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.3
b/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.3
index 8bd76f6b0..3a5c3fcdc 100644
--- a/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.3
+++ b/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.3
@@ -34,6 +34,9 @@ redirect when \fICURLOPT_FOLLOWLOCATION(3)\fP is enabled.
This allows you to
limit specific transfers to only be allowed to use a subset of protocols in
redirections.
+Protocols denied by \fICURLOPT_PROTOCOLS(3)\fP are not overridden by this
+option.
+
By default libcurl will allow all protocols on redirect except several disabled
for security reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0
SMB and SMBS are also disabled. \fICURLPROTO_ALL\fP enables all protocols on
diff --git a/docs/libcurl/opts/CURLOPT_REFERER.3
b/docs/libcurl/opts/CURLOPT_REFERER.3
index 71aae83f7..881f48c9e 100644
--- a/docs/libcurl/opts/CURLOPT_REFERER.3
+++ b/docs/libcurl/opts/CURLOPT_REFERER.3
@@ -32,6 +32,9 @@ Pass a pointer to a zero terminated string as parameter. It
will be used to
set the Referer: header in the http request sent to the remote server. This
can be used to fool servers or scripts. You can also set any custom header
with \fICURLOPT_HTTPHEADER(3)\fP.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/CURLOPT_REQUEST_TARGET.3
b/docs/libcurl/opts/CURLOPT_REQUEST_TARGET.3
new file mode 100644
index 000000000..eabefaa2d
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_REQUEST_TARGET.3
@@ -0,0 +1,56 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_REQUEST_TARGET 3 "17 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt
options"
+.SH NAME
+CURLOPT_REQUEST_TARGET \- specify an alternative target for this request
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_REQUEST_TARGET, string);
+.SH DESCRIPTION
+Pass a char * to string which libcurl uses in the upcoming request instead of
+the path as extracted from the URL.
+.SH DEFAULT
+NULL
+.SH PROTOCOLS
+HTTP
+.SH EXAMPLE
+.nf
+curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/*";);
+ curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "OPTIONS");
+
+ /* issue an OPTIONS * request (no leading slash) */
+ curl_easy_setopt(curl, CURLOPT_REQUEST_TARGET, "*");
+
+ /* Perform the request */
+ curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.55.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLOPT_CUSTOMREQUEST "(3), " CURLOPT_HTTPGET "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.3
b/docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.3
index 92536b950..c536e580d 100644
--- a/docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.3
+++ b/docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,15 @@ connection. The CSEQ will increment from this new number
henceforth.
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_RTSP_CLIENT_CSEQ, 1234L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_RTSP_REQUEST.3
b/docs/libcurl/opts/CURLOPT_RTSP_REQUEST.3
index 60d1d8b3f..f8a662877 100644
--- a/docs/libcurl/opts/CURLOPT_RTSP_REQUEST.3
+++ b/docs/libcurl/opts/CURLOPT_RTSP_REQUEST.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -91,8 +91,18 @@ data. It will return after processing one read buffer of
data in order to give
the application a chance to run.
.SH DEFAULT
.SH PROTOCOLS
+RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://example.com/");
+ /* ask for options! */
+ curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_OPTIONS);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.3
b/docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.3
index 70c505500..7bba1ecd5 100644
--- a/docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.3
+++ b/docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,15 @@ unimplemented.
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_RTSP_SERVER_CSEQ, 1234L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.3
b/docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.3
index cd3189939..b3dcf8b41 100644
--- a/docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.3
+++ b/docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -34,12 +34,24 @@ set to any non-NULL value, libcurl will return
\fICURLE_RTSP_SESSION_ERROR\fP
if ID received from the server does not match. If unset (or set to NULL),
libcurl will automatically set the ID the first time the server sets it in a
response.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ char *prev_id; /* saved from before somehow */
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_RTSP_SESSION_ID, prev_id);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3
b/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3
index 1abb61f6d..3bdf4e414 100644
--- a/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3
+++ b/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,12 +38,25 @@ with RTSP, the \fICURLOPT_RTSP_STREAM_URI(3)\fP indicates
what URL to send to
the server in the request header while the \fICURLOPT_URL(3)\fP indicates
where to make the connection to. (e.g. the \fICURLOPT_URL(3)\fP for the above
examples might be set to \fIrtsp://foo/twister\fP
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
'*'
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ char *prev_id; /* saved from before somehow */
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI,
+ "rtsp://foo.example.com/twister/video");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.3
b/docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.3
index 367236b60..82de2ef4a 100644
--- a/docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.3
+++ b/docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -34,12 +34,25 @@ Pass a char * to tell libcurl what to pass for the
Transport: header for this
RTSP session. This is mainly a convenience method to avoid needing to set a
custom Transport: header for every SETUP request. The application must set a
Transport: header before issuing a SETUP request.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
RTSP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "rtsp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_SETUP);
+ curl_easy_setopt(curl, CURLOPT_RTSP_TRANSPORT,
+ "RTP/AVP;unicast;client_port=4588-4589");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.20.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SASL_IR.3
b/docs/libcurl/opts/CURLOPT_SASL_IR.3
index 8fe4ee6c0..cc5da8c66 100644
--- a/docs/libcurl/opts/CURLOPT_SASL_IR.3
+++ b/docs/libcurl/opts/CURLOPT_SASL_IR.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -47,7 +47,15 @@ SASL-IR CAPABILITY.
.SH PROTOCOLS
IMAP, POP3 and SMTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "smtp://example.com/");
+ curl_easy_setopt(curl, CURLOPT_SASL_IR, 1L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.31.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SEEKDATA.3
b/docs/libcurl/opts/CURLOPT_SEEKDATA.3
index d4339ec6b..6ffa7d12a 100644
--- a/docs/libcurl/opts/CURLOPT_SEEKDATA.3
+++ b/docs/libcurl/opts/CURLOPT_SEEKDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,6 +36,20 @@ If you don't set this, NULL is passed to the callback.
.SH PROTOCOLS
HTTP, FTP, SFTP
.SH EXAMPLE
+.nf
+static int seek_cb(void *userp, curl_off_t offset, int origin)
+{
+ struct data *d = (struct data *)userp;
+ lseek(our_fd, offset, origin);
+ return CURL_SEEKFUNC_OK;
+}
+
+{
+ struct data seek_data;
+ curl_easy_setopt(CURL *handle, CURLOPT_SEEKFUNCTION, seek_cb);
+ curl_easy_setopt(CURL *handle, CURLOPT_SEEKDATA, &seek_data);
+}
+.fi
.SH AVAILABILITY
Added in 7.18.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SEEKFUNCTION.3
b/docs/libcurl/opts/CURLOPT_SEEKFUNCTION.3
index 179f0d2b6..95780c872 100644
--- a/docs/libcurl/opts/CURLOPT_SEEKFUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_SEEKFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -67,7 +67,20 @@ By default, this is NULL and unused.
.SH PROTOCOLS
HTTP, FTP, SFTP
.SH EXAMPLE
-TODO
+.nf
+static int seek_cb(void *userp, curl_off_t offset, int origin)
+{
+ struct data *d = (struct data *)userp;
+ lseek(our_fd, offset, origin);
+ return CURL_SEEKFUNC_OK;
+}
+
+{
+ struct data seek_data;
+ curl_easy_setopt(CURL *handle, CURLOPT_SEEKFUNCTION, seek_cb);
+ curl_easy_setopt(CURL *handle, CURLOPT_SEEKDATA, &seek_data);
+}
+.fi
.SH AVAILABILITY
Added in 7.18.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
index b9f491b03..303d0acb3 100644
--- a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
+++ b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,12 +32,23 @@ Pass a char * as parameter to a string holding the
\fIname\fP of the service
for DIGEST-MD5, SPNEGO and Kerberos 5 authentication mechanisms. The default
service names are "ftp", "HTTP", "imap", "pop" and "smtp". This option allows
you to change them.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
See above
.SH PROTOCOLS
HTTP, FTP, IMAP, POP and SMTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ CURLcode ret;
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SERVICE_NAME, "custom");
+ ret = curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.43.0 for HTTP, 7.49.0 for FTP, IMAP, POP3 and SMTP.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SHARE.3
b/docs/libcurl/opts/CURLOPT_SHARE.3
index 6a0c7b81e..d2a5d2dac 100644
--- a/docs/libcurl/opts/CURLOPT_SHARE.3
+++ b/docs/libcurl/opts/CURLOPT_SHARE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -50,7 +50,29 @@ NULL
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+CURL *curl2 = curl_easy_init(); /* a second handle */
+if(curl) {
+ CURLSH *shobject = curl_share_init();
+ curl_share_setopt(shobject, CURLSHOPT_SHARE, CURL_LOCK_DATA_COOKIE);
+
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "");
+ curl_easy_setopt(curl, CURLOPT_SHARE, shobject);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+
+ /* the second handle shares cookies from the first */
+ curl_easy_setopt(curl2, CURLOPT_URL, "https://example.com/second";);
+ curl_easy_setopt(curl2, CURLOPT_COOKIEFILE, "");
+ curl_easy_setopt(curl2, CURLOPT_SHARE, shobject);
+ ret = curl_easy_perform(curl2);
+ curl_easy_cleanup(curl2);
+
+ curl_share_cleanup(shobject);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SOCKOPTDATA.3
b/docs/libcurl/opts/CURLOPT_SOCKOPTDATA.3
index 00dd3166e..54d9ea052 100644
--- a/docs/libcurl/opts/CURLOPT_SOCKOPTDATA.3
+++ b/docs/libcurl/opts/CURLOPT_SOCKOPTDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,30 @@ The default value of this parameter is NULL.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+static int sockopt_callback(void *clientp, curl_socket_t curlfd,
+ curlsocktype purpose)
+{
+ int val = *(int *)clientp;
+ setsockopt(curldfd, SOL_SOCKET, SO_RCVBUF, (const char *)&val, sizeof(val));
+ return CURL_SOCKOPT_OK;
+}
+
+curl = curl_easy_init();
+if(curl) {
+ int recvbuffersize = 256 * 1024;
+
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/";);
+
+ /* call this function to set options for the socket */
+ curl_easy_setopt(curl, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
+ curl_easy_setopt(curl, CURLOPT_SOCKOPTDATA, &recvbuffersize);
+
+ res = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.16.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.3
b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.3
index 6262dc591..c04d8aa33 100644
--- a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -78,7 +78,43 @@ By default, this callback is NULL and unused.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+/* make libcurl use the already established socket 'sockfd' */
+
+static curl_socket_t opensocket(void *clientp,
+ curlsocktype purpose,
+ struct curl_sockaddr *address)
+{
+ curl_socket_t sockfd;
+ sockfd = *(curl_socket_t *)clientp;
+ /* the actual externally set socket is passed in via the OPENSOCKETDATA
+ option */
+ return sockfd;
+}
+
+static int sockopt_callback(void *clientp, curl_socket_t curlfd,
+ curlsocktype purpose)
+{
+ /* This return code was added in libcurl 7.21.5 */
+ return CURL_SOCKOPT_ALREADY_CONNECTED;
+}
+
+curl = curl_easy_init();
+if(curl) {
+ /* libcurl will internally think that you connect to the host
+ * and port that you specify in the URL option. */
+ curl_easy_setopt(curl, CURLOPT_URL, "http://99.99.99.99:9999";);
+ /* call this function to get a socket */
+ curl_easy_setopt(curl, CURLOPT_OPENSOCKETFUNCTION, opensocket);
+ curl_easy_setopt(curl, CURLOPT_OPENSOCKETDATA, &sockfd);
+
+ /* call this function to set options for the socket */
+ curl_easy_setopt(curl, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
+
+ res = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+.fi
.SH AVAILABILITY
Added in 7.16.0. The \fICURL_SOCKOPT_ALREADY_CONNECTED\fP return code was
added in 7.21.5.
diff --git a/docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.3
b/docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.3
new file mode 100644
index 000000000..7b5e5822b
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.3
@@ -0,0 +1,63 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_SOCKS5_AUTH 3 "27 April 2017" "libcurl 7.55.0" "curl_easy_setopt
options"
+.SH NAME
+CURLOPT_SOCKS5_AUTH \- set allowed methods for SOCKS5 proxy authentication
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SOCKS5_AUTH, long bitmask);
+.SH DESCRIPTION
+Pass a long as parameter, which is set to a bitmask, to tell libcurl which
+authentication method(s) are allowed for SOCKS5 proxy authentication. The only
+supported flags are \fICURLAUTH_BASIC\fP, which allows username/password
+authentication, \fICURLAUTH_GSSAPI\fP, which allows GSS-API authentication, and
+\fICURLAUTH_NONE\fP, which allows no authentication. Set the actual user name
+and password with the \fICURLOPT_PROXYUSERPWD(3)\fP option.
+.SH DEFAULT
+CURLAUTH_BASIC|CURLAUTH_GSSAPI
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+
+ /* request to use a SOCKS5 proxy */
+ curl_easy_setopt(curl, CURLOPT_PROXY, "socks5://user:address@hidden");
+
+ /* enable username/password authentication only */
+ curl_easy_setopt(curl, CURLOPT_SOCKS5_AUTH, CURLAUTH_BASIC);
+
+ /* Perform the request */
+ curl_easy_perform(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.55.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_NOT_BUILT_IN if the bitmask contains unsupported flags.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY "(3), " CURLOPT_PROXYTYPE "(3)"
diff --git a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.3
b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.3
index ad0863b70..1ff5a1f23 100644
--- a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.3
+++ b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,16 @@ negotiation.
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "socks5://proxy");
+ curl_easy_setopt(curl, CURLOPT_SOCKS5_GSSAPI_NEC, 1L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3
b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3
index 440f0894f..1ac38a2de 100644
--- a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3
+++ b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,12 +33,24 @@ Deprecated since 7.49.0. Use
\fICURLOPT_PROXY_SERVICE_NAME(3)\fP instead.
Pass a char * as parameter to a string holding the \fIname\fP of the service.
The default service name for a SOCKS5 server is "rcmd". This option allows you
to change it.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
See above
.SH PROTOCOLS
All network protocols
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "socks5://proxy");
+ curl_easy_setopt(curl, CURLOPT_SOCKS5_GSSAPI_SERVICE, "rcmd-special");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.4, deprecated in 7.49.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.3
b/docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.3
index 2ecca125d..5377531cc 100644
--- a/docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.3
+++ b/docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,16 @@ None
.SH PROTOCOLS
SFTP and SCP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/file";);
+ curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES,
+ CURLSSH_AUTH_PUBLICKEY | CURLSSH_AUTH_KEYBOARD);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
CURLSSH_AUTH_HOST was added in 7.16.1, CURLSSH_AUTH_AGENT was added in 7.28.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3
b/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3
index 2ea236024..5ea5a0fe1 100644
--- a/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3
+++ b/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,12 +33,24 @@ CURLcode curl_easy_setopt(CURL *handle,
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5,
Pass a char * pointing to a string containing 32 hexadecimal digits. The
string should be the 128 bit MD5 checksum of the remote host's public key, and
libcurl will reject the connection to the host unless the md5sums match.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
SCP and SFTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/file";);
+ curl_easy_setopt(curl, CURLOPT_SSH_HOST_PUBLIC_KEY_MD5,
+ "afe17cd62a0f3b61f1ab9cb22ba269a7");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.17.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSH_KEYDATA.3
b/docs/libcurl/opts/CURLOPT_SSH_KEYDATA.3
index 67c367384..aace0ffd5 100644
--- a/docs/libcurl/opts/CURLOPT_SSH_KEYDATA.3
+++ b/docs/libcurl/opts/CURLOPT_SSH_KEYDATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,7 +35,26 @@ NULL
.SH PROTOCOLS
SFTP and SCP
.SH EXAMPLE
-TODO
+.nf
+static int keycb(CURL *easy,
+ const struct curl_khkey *knownkey,
+ const struct curl_khkey *foundkey,
+ enum curl_khmatch,
+ void *clientp)
+{
+ /* 'clientp' points to the callback_data struct */
+ /* investigate the situation and return the correct value */
+ return CURLKHSTAT_FINE_ADD_TO_FILE;
+}
+{
+ curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/thisfile.txt";);
+ curl_easy_setopt(curl, CURLOPT_SSH_KEYFUNCTION, keycb);
+ curl_easy_setopt(curl, CURLOPT_SSH_KEYDATA, &callback_data);
+ curl_easy_setopt(curl, CURLOPT_SSH_KNOWNHOSTS, "/home/user/known_hosts");
+
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.6
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.3
b/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.3
index 21bc0e588..dc025d6ee 100644
--- a/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -96,7 +96,26 @@ NULL
.SH PROTOCOLS
SFTP and SCP
.SH EXAMPLE
-TODO
+.nf
+static int keycb(CURL *easy,
+ const struct curl_khkey *knownkey,
+ const struct curl_khkey *foundkey,
+ enum curl_khmatch,
+ void *clientp)
+{
+ /* 'clientp' points to the callback_data struct */
+ /* investigate the situation and return the correct value */
+ return CURLKHSTAT_FINE_ADD_TO_FILE;
+}
+{
+ curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/thisfile.txt";);
+ curl_easy_setopt(curl, CURLOPT_SSH_KEYFUNCTION, keycb);
+ curl_easy_setopt(curl, CURLOPT_SSH_KEYDATA, &callback_data);
+ curl_easy_setopt(curl, CURLOPT_SSH_KNOWNHOSTS, "/home/user/known_hosts");
+
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.6
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.3
b/docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.3
index 9ea0c8647..8da76a9f4 100644
--- a/docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.3
+++ b/docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -34,12 +34,24 @@ format as supported by libssh2. If this file is specified,
libcurl will only
accept connections with hosts that are known and present in that file, with a
matching public key. Use \fICURLOPT_SSH_KEYFUNCTION(3)\fP to alter the default
behavior on host and key (mis)matching.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
SFTP and SCP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/file";);
+ curl_easy_setopt(curl, CURLOPT_SSH_KNOWNHOSTS,
+ "/home/clarkkent/.ssh/known_hosts");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.6
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.3
b/docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.3
index 0c35ed55a..9a7ddfc89 100644
--- a/docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.3
+++ b/docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,12 +36,25 @@ is set, and just "id_dsa" in the current directory if HOME
is not set.
If the file is password-protected, set the password with
\fICURLOPT_KEYPASSWD(3)\fP.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
As explained above
.SH PROTOCOLS
SFTP and SCP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/file";);
+ curl_easy_setopt(curl, CURLOPT_SSH_PRIVATE_KEYFILE,
+ "/home/clarkkent/.ssh/id_rsa");
+ curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "password");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.16.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3
b/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3
index f9aaeaef3..518a19b38 100644
--- a/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3
+++ b/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,12 +38,24 @@ set.
If NULL (or an empty string) is passed, libcurl will pass no public key to
libssh2, which then tries to compute it from the private key. This is known
to work with libssh2 1.4.0+ linked against OpenSSL.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
SFTP and SCP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/file";);
+ curl_easy_setopt(curl, CURLOPT_SSH_PUBLIC_KEYFILE,
+ "/home/clarkkent/.ssh/id_rsa.pub");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
The "" trick was added in 7.26.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSLCERT.3
b/docs/libcurl/opts/CURLOPT_SSLCERT.3
index b5d68cf79..6e190dce1 100644
--- a/docs/libcurl/opts/CURLOPT_SSLCERT.3
+++ b/docs/libcurl/opts/CURLOPT_SSLCERT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,12 +40,25 @@ prefix, in order to avoid confusion with a nickname.
When using a client certificate, you most likely also need to provide a
private key with \fICURLOPT_SSLKEY(3)\fP.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SSLCERT, "client.pem");
+ curl_easy_setopt(curl, CURLOPT_SSLKEY, "key.pem");
+ curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "s3cret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
If built TLS enabled.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSLCERTTYPE.3
b/docs/libcurl/opts/CURLOPT_SSLCERTTYPE.3
index 98df39d7a..294ceb56f 100644
--- a/docs/libcurl/opts/CURLOPT_SSLCERTTYPE.3
+++ b/docs/libcurl/opts/CURLOPT_SSLCERTTYPE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2015, 2017, Daniel Stenberg, <address@hidden>, et
al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,12 +33,26 @@ the format of your certificate. Supported formats are "PEM"
and "DER", except
with Secure Transport. OpenSSL (versions 0.9.3 and later) and Secure Transport
(on iOS 5 or later, or OS X 10.7 or later) also support "P12" for
PKCS#12-encoded files.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
"PEM"
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SSLCERT, "client.pem");
+ curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
+ curl_easy_setopt(curl, CURLOPT_SSLKEY, "key.pem");
+ curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "s3cret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
If built TLS enabled. Added in 7.9.3
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSLENGINE.3
b/docs/libcurl/opts/CURLOPT_SSLENGINE.3
index d0c48a4b2..179c56839 100644
--- a/docs/libcurl/opts/CURLOPT_SSLENGINE.3
+++ b/docs/libcurl/opts/CURLOPT_SSLENGINE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,12 +30,23 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLENGINE,
char *id);
.SH DESCRIPTION
Pass a pointer to a zero terminated string as parameter. It will be used as
the identifier for the crypto engine you want to use for your private key.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SSLENGINE, "dynamic");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Only if the SSL backend is OpenSSL built with engine support.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3
b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3
index 0cd8d225a..15069d19e 100644
--- a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3
+++ b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,7 +37,16 @@ None
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SSLENGINE, "dynamic");
+ curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Only if the SSL backend is OpenSSL built with engine support.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSLKEY.3
b/docs/libcurl/opts/CURLOPT_SSLKEY.3
index 8bc82058b..e3216992d 100644
--- a/docs/libcurl/opts/CURLOPT_SSLKEY.3
+++ b/docs/libcurl/opts/CURLOPT_SSLKEY.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,12 +35,25 @@ changed with \fICURLOPT_SSLKEYTYPE(3)\fP.
(iOS and Mac OS X only) This option is ignored if curl was built against
Secure Transport. Secure Transport expects the private key to be already
present in the keychain or PKCS#12 file containing the certificate.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SSLCERT, "client.pem");
+ curl_easy_setopt(curl, CURLOPT_SSLKEY, "key.pem");
+ curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "s3cret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
If built TLS enabled.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSLKEYTYPE.3
b/docs/libcurl/opts/CURLOPT_SSLKEYTYPE.3
index 7616a3f44..42368fbee 100644
--- a/docs/libcurl/opts/CURLOPT_SSLKEYTYPE.3
+++ b/docs/libcurl/opts/CURLOPT_SSLKEYTYPE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -35,12 +35,26 @@ The format "ENG" enables you to load the private key from a
crypto engine. In
this case \fICURLOPT_SSLKEY(3)\fP is used as an identifier passed to the
engine. You have to set the crypto engine with \fICURLOPT_SSLENGINE(3)\fP.
\&"DER" format key file currently does not work because of a bug in OpenSSL.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
"PEM"
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SSLCERT, "client.pem");
+ curl_easy_setopt(curl, CURLOPT_SSLKEY, "key.pem");
+ curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM");
+ curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "s3cret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
If built TLS enabled.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSLVERSION.3
b/docs/libcurl/opts/CURLOPT_SSLVERSION.3
index 2f40e4631..5c447d8f3 100644
--- a/docs/libcurl/opts/CURLOPT_SSLVERSION.3
+++ b/docs/libcurl/opts/CURLOPT_SSLVERSION.3
@@ -48,6 +48,25 @@ TLSv1.0 (Added in 7.34.0)
TLSv1.1 (Added in 7.34.0)
.IP CURL_SSLVERSION_TLSv1_2
TLSv1.2 (Added in 7.34.0)
+.IP CURL_SSLVERSION_TLSv1_3
+TLSv1.3 (Added in 7.52.0)
+.IP CURL_SSLVERSION_MAX_DEFAULT
+The flag defines the maximum supported TLS version as TLSv1.2, or the default
+value from the SSL library. Only the NSS library currently allows one to get
+the maximum supported TLS version.
+(Added in 7.54.0)
+.IP CURL_SSLVERSION_MAX_TLSv1_0
+The flag defines maximum supported TLS version as TLSv1.0.
+(Added in 7.54.0)
+.IP CURL_SSLVERSION_MAX_TLSv1_1
+The flag defines maximum supported TLS version as TLSv1.1.
+(Added in 7.54.0)
+.IP CURL_SSLVERSION_MAX_TLSv1_2
+The flag defines maximum supported TLS version as TLSv1.2.
+(Added in 7.54.0)
+.IP CURL_SSLVERSION_MAX_TLSv1_3
+The flag defines maximum supported TLS version as TLSv1.3.
+(Added in 7.54.0)
.RE
.SH DEFAULT
CURL_SSLVERSION_DEFAULT
@@ -59,8 +78,9 @@ CURL *curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
- /* ask libcurl to use TLS version 1.0 or later */
- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
+ /* ask libcurl to use TLS version 1.1 or later */
+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1 |
+ CURL_SSLVERSION_MAX_DEFAULT);
/* Perform the request */
curl_easy_perform(curl);
diff --git a/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3
b/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3
index 71833b555..b64035ada 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,22 +40,32 @@ compile OpenSSL.
You'll find more details about cipher lists on this URL:
- https://www.openssl.org/docs/apps/ciphers.html
+ https://curl.haxx.se/docs/ssl-ciphers.html
For NSS, valid examples of cipher lists include 'rsa_rc4_128_md5',
\'rsa_aes_128_sha\', etc. With NSS you don't add/remove ciphers. If one uses
this option then all known ciphers are disabled and only those passed in are
enabled.
-You'll find more details about the NSS cipher lists on this URL:
+For WolfSSL, valid examples of cipher lists include
+\'ECDHE-RSA-RC4-SHA\', 'AES256-SHA:AES256-SHA256', etc.
-
http://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL, use internal default
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SSL_CIPHER_LIST, "TLSv1");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
If built TLS enabled.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.3
b/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.3
index be2cf348d..216bdec3a 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,11 +36,89 @@ NULL
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+/* OpenSSL specific */
+
+#include <openssl/ssl.h>
+#include <curl/curl.h>
+#include <stdio.h>
+
+static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm)
+{
+ X509_STORE *store;
+ X509 *cert=NULL;
+ BIO *bio;
+ char *mypem = (char *)parm;
+ /* get a BIO */
+ bio=BIO_new_mem_buf(mypem, -1);
+ /* use it to read the PEM formatted certificate from memory into an
+ * X509 structure that SSL can use
+ */
+ PEM_read_bio_X509(bio, &cert, 0, NULL);
+ if(cert == NULL)
+ printf("PEM_read_bio_X509 failed...\\n");
+
+ /* get a pointer to the X509 certificate store (which may be empty) */
+ store=SSL_CTX_get_cert_store((SSL_CTX *)sslctx);
+
+ /* add our certificate to this store */
+ if(X509_STORE_add_cert(store, cert)==0)
+ printf("error adding certificate\\n");
+
+ /* decrease reference counts */
+ X509_free(cert);
+ BIO_free(bio);
+
+ /* all set to go */
+ return CURLE_OK;
+}
+
+int main(void)
+{
+ CURL * ch;
+ CURLcode rv;
+ char *mypem = /* example CA cert PEM - shortened */
+ "-----BEGIN CERTIFICATE-----\\n"
+ "MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\\n"
+ "IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\\n"
+ "IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\\n"
+ "Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO\\n"
+ "GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk\\n"
+ "zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW\\n"
+ "omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD\\n"
+ "-----END CERTIFICATE-----\\n";
+
+ rv=curl_global_init(CURL_GLOBAL_ALL);
+ ch=curl_easy_init();
+ rv=curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM");
+ rv=curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L);
+ rv=curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/";);
+
+ /* Retrieve page using cacerts' certificate -> will succeed
+ * load the certificate by installing a function doing the necessary
+ * "modifications" to the SSL CONTEXT just before link init
+ */
+ rv=curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);
+ rv=curl_easy_setopt(ch, CURLOPT_SSL_CTX_DATA, mypem);
+ rv=curl_easy_perform(ch);
+ if(rv==CURLE_OK)
+ printf("*** transfer succeeded ***\\n");
+ else
+ printf("*** transfer failed ***\\n");
+
+ curl_easy_cleanup(ch);
+ curl_global_cleanup();
+ return rv;
+}
+.fi
.SH AVAILABILITY
Added in 7.11.0 for OpenSSL. Added in 7.42.0 for wolfSSL/CyaSSL. Other SSL
backends not supported.
.SH RETURN VALUE
-Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+CURLE_OK if supported; or an error such as:
+
+CURLE_NOT_BUILT_IN - Not supported by the SSL backend
+
+CURLE_UNKNOWN_OPTION
.SH "SEE ALSO"
.BR CURLOPT_SSL_CTX_FUNCTION "(3), " CURLOPT_SSLVERSION "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3
b/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3
index 177947bbc..6a6c57f35 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
.\"
.TH CURLOPT_SSL_CTX_FUNCTION 3 "19 Jun 2014" "libcurl 7.37.0"
"curl_easy_setopt options"
.SH NAME
-CURLOPT_SSL_CTX_FUNCTION \- SSL context callback for OpenSSL or wolfSSL/CyaSSL
+CURLOPT_SSL_CTX_FUNCTION \- SSL context callback for OpenSSL, wolfSSL/CyaSSL
or mbedTLS
.SH SYNOPSIS
.nf
#include <curl/curl.h>
@@ -32,8 +32,9 @@ CURLcode ssl_ctx_callback(CURL *curl, void *ssl_ctx, void
*userptr);
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CTX_FUNCTION,
ssl_ctx_callback);
.SH DESCRIPTION
-This option only works for libcurl powered by OpenSSL or wolfSSL/CyaSSL. If
-libcurl was built against another SSL library this functionality is absent.
+This option only works for libcurl powered by OpenSSL, wolfSSL/CyaSSL or
+mbedTLS. If libcurl was built against another SSL library this functionality is
+absent.
Pass a pointer to your callback function, which should match the prototype
shown above.
@@ -42,13 +43,15 @@ This callback function gets called by libcurl just before
the initialization
of an SSL connection after having processed all other SSL related options to
give a last chance to an application to modify the behaviour of the SSL
initialization. The \fIssl_ctx\fP parameter is actually a pointer to the SSL
-library's \fISSL_CTX\fP. If an error is returned from the callback no attempt
-to establish a connection is made and the perform operation will return the
-callback's error code. Set the \fIuserptr\fP argument with the
+library's \fISSL_CTX\fP for OpenSSL or wolfSSL/CyaSSL, and a pointer to
+\fImbedtls_ssl_config\fP for mbedTLS. If an error is returned from the callback
+no attempt to establish a connection is made and the perform operation will
+return the callback's error code. Set the \fIuserptr\fP argument with the
\fICURLOPT_SSL_CTX_DATA(3)\fP option.
This function will get called on all new connections made to a server, during
-the SSL negotiation. The SSL_CTX pointer will be a new one every time.
+the SSL negotiation. The \fIssl_ctx\fP will point to a newly initialized object
+each time, but note the pointer may be the same as from a prior call.
To use this properly, a non-trivial amount of knowledge of your SSL library is
necessary. For example, you can use this function to call library-specific
@@ -72,30 +75,30 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx,
void *parm)
X509 *cert=NULL;
BIO *bio;
char *mypem = /* example CA cert PEM - shortened */
- "-----BEGIN CERTIFICATE-----\n"
- "MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\n"
- "IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\n"
- "IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\n"
- "Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO\n"
- "GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk\n"
- "zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW\n"
- "omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD\n"\
- "-----END CERTIFICATE-----\n";
+ "-----BEGIN CERTIFICATE-----\\n"
+ "MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\\n"
+ "IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\\n"
+ "IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\\n"
+ "Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO\\n"
+ "GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk\\n"
+ "zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW\\n"
+ "omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD\\n"
+ "-----END CERTIFICATE-----\\n";
/* get a BIO */
bio=BIO_new_mem_buf(mypem, -1);
- /* use it to read the PEM formatted certificate from memory into an X509
- * structure that SSL can use
+ /* use it to read the PEM formatted certificate from memory into an
+ * X509 structure that SSL can use
*/
PEM_read_bio_X509(bio, &cert, 0, NULL);
if(cert == NULL)
- printf("PEM_read_bio_X509 failed...\n");
+ printf("PEM_read_bio_X509 failed...\\n");
- /* get a pointer to the X509 certificate store (which may be empty!) */
+ /* get a pointer to the X509 certificate store (which may be empty) */
store=SSL_CTX_get_cert_store((SSL_CTX *)sslctx);
/* add our certificate to this store */
if(X509_STORE_add_cert(store, cert)==0)
- printf("error adding certificate\n");
+ printf("error adding certificate\\n");
/* decrease reference counts */
X509_free(cert);
@@ -117,15 +120,15 @@ int main(void)
rv=curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/";);
/* Retrieve page using cacerts' certificate -> will succeed
- * load the certificate by installing a function doing the nescessary
+ * load the certificate by installing a function doing the necessary
* "modifications" to the SSL CONTEXT just before link init
*/
rv=curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);
rv=curl_easy_perform(ch);
if(rv==CURLE_OK)
- printf("*** transfer succeeded ***\n");
+ printf("*** transfer succeeded ***\\n");
else
- printf("*** transfer failed ***\n");
+ printf("*** transfer failed ***\\n");
curl_easy_cleanup(ch);
curl_global_cleanup();
@@ -133,9 +136,13 @@ int main(void)
}
.fi
.SH AVAILABILITY
-Added in 7.11.0 for OpenSSL. Added in 7.42.0 for wolfSSL/CyaSSL. Other SSL
-backends not supported.
+Added in 7.11.0 for OpenSSL. Added in 7.42.0 for wolfSSL/CyaSSL. Added in
+7.54.0 for mbedTLS. Other SSL backends not supported.
.SH RETURN VALUE
-Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+CURLE_OK if supported; or an error such as:
+
+CURLE_NOT_BUILT_IN - Not supported by the SSL backend
+
+CURLE_UNKNOWN_OPTION
.SH "SEE ALSO"
.BR CURLOPT_SSL_CTX_DATA "(3), " CURLOPT_SSL_VERIFYPEER "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.3
b/docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.3
index 61863c8c4..bf23a72a9 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,15 @@ is built to use supports it), which can be used to negotiate
http2.
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SSL_ENABLE_ALPN, 0L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.36.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.3
b/docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.3
index 67f0ebec4..3e8240f30 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,7 +36,15 @@ is built to use supports it), which can be used to negotiate
http2.
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_SSL_ENABLE_NPN, 1L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.36.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSL_FALSESTART.3
b/docs/libcurl/opts/CURLOPT_SSL_FALSESTART.3
index 3073dadb4..150e02f12 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_FALSESTART.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_FALSESTART.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -28,7 +28,7 @@ CURLOPT_SSL_FALSESTART \- enable TLS false start
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_FALSESTART, long enable);
.SH DESCRIPTION
-Pass a long as parameter set to 1 to enable or 0 to disable.
+Pass a long as parameter set to 1L to enable or 0 to disable.
This option determines whether libcurl should use false start during the TLS
handshake. False start is a mode where a TLS client will start sending
@@ -39,7 +39,14 @@ round trip when performing a full handshake.
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+ curl_easy_setopt(curl, CURLOPT_SSL_FALSESTART, 1L);
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.42.0. This option is currently only supported by the NSS and
Secure Transport (on iOS 7.0 or later, or OS X 10.9 or later) TLS backends.
diff --git a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.3
b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.3
index 4943233da..f71f8eaa7 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -47,14 +47,22 @@ exception in the case of Windows' Untrusted Publishers
blacklist which it seems
can't be bypassed.\fP This option may have broader support to accommodate other
SSL backends in the future.
https://curl.haxx.se/docs/ssl-compared.html
-
-
.SH DEFAULT
0
.SH PROTOCOLS
All TLS-based protocols
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* weaken TLS only for use with silly servers */
+ curl_easy_setopt(curl, CURLOPT_SSL_OPTIONS, CURLSSLOPT_ALLOW_BEAST |
+ CURLSSLOPT_NO_REVOKE);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.25.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.3
b/docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.3
index c939465f4..a72928421 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,7 +40,16 @@ wild that may require you to disable this in order for you
to succeed.
.SH PROTOCOLS
All TLS-based
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* switch off session-id use! */
+ curl_easy_setopt(curl, CURLOPT_SSL_SESSIONID_CACHE, 0L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.16.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3
b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3
index 159147327..acadd0774 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3
@@ -58,9 +58,16 @@ The default value for this option is 2.
This option controls checking the server's certificate's claimed identity.
The server could be lying. To control lying, see
-\fICURLOPT_SSL_VERIFYPEER(3)\fP. If libcurl is built against NSS and
-\fICURLOPT_SSL_VERIFYPEER(3)\fP is zero, \fICURLOPT_SSL_VERIFYHOST(3)\fP is
-also set to zero and cannot be overridden.
+\fICURLOPT_SSL_VERIFYPEER(3)\fP.
+.SH LIMITATIONS
+DarwinSSL: If \fIverify\fP value is 0, then SNI is also disabled. SNI is a TLS
+extension that sends the hostname to the server. The server may use that
+information to do such things as sending back a specific certificate for the
+hostname, or forwarding the request to a specific origin server. Some hostnames
+may be inaccessible if SNI is not sent.
+
+NSS: If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero,
+\fICURLOPT_SSL_VERIFYHOST(3)\fP is also set to zero and cannot be overridden.
.SH DEFAULT
2
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3
b/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3
index 5a63481ad..f7ff1b203 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -79,3 +79,5 @@ If built TLS enabled.
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
.BR CURLOPT_SSL_VERIFYHOST "(3), "
+.BR CURLOPT_PROXY_SSL_VERIFYPEER "(3), "
+.BR CURLOPT_PROXY_SSL_VERIFYHOST "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.3
b/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.3
index 302122595..5e5c14cda 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -40,7 +40,16 @@ extension, the verification will fail.
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ /* ask for OSCP stapling! */
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYSTATUS, 1L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.41.0. This option is currently only supported by the OpenSSL, GnuTLS
and NSS TLS backends.
diff --git a/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.3
b/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.3
index 831d2111a..c09d9b1cc 100644
--- a/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.3
+++ b/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,7 +30,7 @@ CURLcode curl_easy_setopt(CURL *handle,
CURLOPT_STREAM_DEPENDS, CURL *dephandle)
.SH DESCRIPTION
Pass a CURL * pointer in \fIdephandle\fP to identify the stream within the
same connection that this stream is depending upon. This option clears the
-exclusive it and is mutually exclusive to the
+exclusive bit and is mutually exclusive to the
\fICURLOPT_STREAM_DEPENDS_E(3)\fP option.
The spec says "Including a dependency expresses a preference to allocate
@@ -47,7 +47,19 @@ NULL
.SH PROTOCOLS
HTTP/2
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+CURL *curl2 = curl_easy_init(); /* a second handle */
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/one";);
+
+ /* the second depends on the first */
+ curl_easy_setopt(curl2, CURLOPT_URL, "https://example.com/two";);
+ curl_easy_setopt(curl2, CURLOPT_STREAM_DEPENDS, curl);
+
+ /* then add both to a multi handle and transfer them! */
+}
+.fi
.SH AVAILABILITY
Added in 7.46.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.3
b/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.3
index c1d9fd064..dbaa55271 100644
--- a/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.3
+++ b/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -50,7 +50,19 @@ NULL
.SH PROTOCOLS
HTTP/2
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+CURL *curl2 = curl_easy_init(); /* a second handle */
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/one";);
+
+ /* the second depends on the first */
+ curl_easy_setopt(curl2, CURLOPT_URL, "https://example.com/two";);
+ curl_easy_setopt(curl2, CURLOPT_STREAM_DEPENDS_E, curl);
+
+ /* then add both to a multi handle and transfer them! */
+}
+.fi
.SH AVAILABILITY
Added in 7.46.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.3
b/docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.3
index a2b2472ab..14ec2c2dd 100644
--- a/docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.3
+++ b/docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -53,7 +53,20 @@ is 16.
.SH PROTOCOLS
HTTP/2
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+CURL *curl2 = curl_easy_init(); /* a second handle */
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/one";);
+ curl_easy_setopt(curl, CURLOPT_STREAM_WEIGHT, 10L);
+
+ /* the second has twice the weight */
+ curl_easy_setopt(curl2, CURLOPT_URL, "https://example.com/two";);
+ curl_easy_setopt(curl2, CURLOPT_STREAM_WEIGHT, 20L);
+
+ /* then add both to a multi handle and transfer them! */
+}
+.fi
.SH AVAILABILITY
Added in 7.46.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.3
b/docs/libcurl/opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.3
new file mode 100644
index 000000000..8cfec7a8f
--- /dev/null
+++ b/docs/libcurl/opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.3
@@ -0,0 +1,95 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_SUPPRESS_CONNECT_HEADERS 3 "13 February 2017" "libcurl 7.54.0"
"curl_easy_setopt options"
+.SH NAME
+CURLOPT_SUPPRESS_CONNECT_HEADERS \- Suppress proxy CONNECT response headers
from user callbacks
+.SH SYNOPSIS
+.nf
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SUPPRESS_CONNECT_HEADERS, long
onoff);
+.fi
+.SH DESCRIPTION
+When \fICURLOPT_HTTPPROXYTUNNEL(3)\fP is used and a CONNECT request is made,
+suppress proxy CONNECT response headers from the user callback functions
+\fICURLOPT_HEADERFUNCTION(3)\fP and \fICURLOPT_WRITEFUNCTION(3)\fP.
+
+Proxy CONNECT response headers can complicate header processing since it's
+essentially a separate set of headers. You can enable this option to suppress
+those headers.
+
+For example let's assume an HTTPS URL is to be retrieved via CONNECT. On
+success there would normally be two sets of headers, and each header line sent
+to the header function and/or the write function. The data given to the
+callbacks would look like this:
+
+.nf
+HTTP/1.1 200 Connection established
+{headers}...
+
+HTTP/1.1 200 OK
+Content-Type: application/json
+{headers}...
+
+{body}...
+.fi
+
+However by enabling this option the CONNECT response headers are suppressed, so
+the data given to the callbacks would look like this:
+
+.nf
+HTTP/1.1 200 OK
+Content-Type: application/json
+{headers}...
+
+{body}...
+.fi
+
+.SH DEFAULT
+0
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com";);
+
+ curl_easy_setopt(curl, CURLOPT_HEADER, 1L);
+ curl_easy_setopt(curl, CURLOPT_PROXY, "http://foo:3128";);
+ curl_easy_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L);
+ curl_easy_setopt(curl, CURLOPT_SUPPRESS_CONNECT_HEADERS, 1L);
+
+ curl_easy_perform(curl);
+
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.54.0
+.SH RETURN VALUE
+CURLE_OK or an error such as CURLE_UNKNOWN_OPTION.
+.SH "SEE ALSO"
+.BR CURLOPT_HEADER "(3), " CURLOPT_PROXY "(3), "
+.BR CURLOPT_HTTPPROXYTUNNEL "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3
b/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3
index f8f934384..5949e3e44 100644
--- a/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3
+++ b/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -28,7 +28,7 @@ CURLOPT_TCP_FASTOPEN \- enable TCP Fast Open
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TCP_FASTOPEN, long enable);
.SH DESCRIPTION
-Pass a long as parameter set to 1 to enable or 0 to disable.
+Pass a long as parameter set to 1L to enable or 0 to disable.
TCP Fast Open (RFC7413) is a mechanism that allows data to be carried in the
SYN and SYN-ACK packets and consumed by the receiving end during the initial
@@ -38,7 +38,14 @@ connection handshake, saving up to one full round-trip time
(RTT).
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ curl_easy_setopt(curl, CURLOPT_TCP_FASTOPEN, 1L);
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.49.0. This option is currently only supported on Linux and OS X
El Capitan.
diff --git a/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.3
b/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.3
index f5f57628f..4d587a9b4 100644
--- a/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.3
+++ b/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.3
@@ -32,7 +32,7 @@ Pass a long. Sets the \fIdelay\fP, in seconds, that the
operating system will
wait while the connection is idle before sending keepalive probes. Not all
operating systems support this option.
.SH DEFAULT
-?
+60
.SH PROTOCOLS
All
.SH EXAMPLE
diff --git a/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.3
b/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.3
index f332a8f45..a755c0546 100644
--- a/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.3
+++ b/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.3
@@ -32,7 +32,9 @@ Pass a long. Sets the interval, in seconds, that the
operating system will
wait between sending keepalive probes. Not all operating systems support this
option. (Added in 7.25.0)
.SH DEFAULT
+60
.SH PROTOCOLS
+All
.SH EXAMPLE
.nf
CURL *curl = curl_easy_init();
@@ -42,7 +44,7 @@ if(curl) {
/* enable TCP keep-alive for this transfer */
curl_easy_setopt(curl, CURLOPT_TCP_KEEPALIVE, 1L);
- /* keep-alive idle time to 120 seconds */
+ /* set keep-alive idle time to 120 seconds */
curl_easy_setopt(curl, CURLOPT_TCP_KEEPIDLE, 120L);
/* interval time between keep-alive probes: 60 seconds */
diff --git a/docs/libcurl/opts/CURLOPT_TCP_NODELAY.3
b/docs/libcurl/opts/CURLOPT_TCP_NODELAY.3
index bd19fbaf0..701e31502 100644
--- a/docs/libcurl/opts/CURLOPT_TCP_NODELAY.3
+++ b/docs/libcurl/opts/CURLOPT_TCP_NODELAY.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -29,13 +29,13 @@ CURLOPT_TCP_NODELAY \- set the TCP_NODELAY option
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TCP_NODELAY, long nodelay);
.SH DESCRIPTION
Pass a long specifying whether the TCP_NODELAY option is to be set or cleared
-(1 = set, 0 = clear). The option is set by default. This will have no effect
+(1L = set, 0 = clear). The option is set by default. This will have no effect
after the connection has been established.
-Setting this option will disable TCP's Nagle algorithm. The purpose of this
-algorithm is to try to minimize the number of small packets on the network
-(where "small packets" means TCP segments less than the Maximum Segment Size
-(MSS) for the network).
+Setting this option to 1L will disable TCP's Nagle algorithm on this
+connection. The purpose of this algorithm is to try to minimize the number of
+small packets on the network (where "small packets" means TCP segments less
+than the Maximum Segment Size (MSS) for the network).
Maximizing the amount of data sent per TCP segment is good because it
amortizes the overhead of the send. However, in some cases small segments may
@@ -47,7 +47,15 @@ overdone.
.SH PROTOCOLS
All
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ /* disable Nagle */
+ curl_easy_setopt(curl, CURLOPT_TCP_FASTOPEN, 0);
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Always. The default was changed to 1 from 0 in 7.50.2.
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_TELNETOPTIONS.3
b/docs/libcurl/opts/CURLOPT_TELNETOPTIONS.3
index 7a181edee..b20dfaf6e 100644
--- a/docs/libcurl/opts/CURLOPT_TELNETOPTIONS.3
+++ b/docs/libcurl/opts/CURLOPT_TELNETOPTIONS.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,7 +38,19 @@ NULL
.SH PROTOCOLS
TELNET
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ struct curl_slist *options;
+ options = curl_slist_append(NULL, "TTTYPE=vt100");
+ options = curl_slist_append(options, "USER=foobar");
+ curl_easy_setopt(curl, CURLOPT_URL, "telnet://example.com/");
+ curl_easy_setopt(curl, CURLOPT_TELNETOPTIONS, options);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+ curl_slist_free_all(options);
+}
+.fi
.SH AVAILABILITY
Along with TELNET
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.3
b/docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.3
index 6aafbd144..b4e9365cc 100644
--- a/docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.3
+++ b/docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -39,7 +39,16 @@ will be used.
.SH PROTOCOLS
TFTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "tftp://example.com/bootimage";);
+ /* try using larger blocks */
+ curl_easy_setopt(curl, CURLOPT_TFTP_BLKSIZE, 2048L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.3
b/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.3
index 78fad0efb..ba2d9e488 100644
--- a/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.3
+++ b/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,12 +32,25 @@ Pass a char * as parameter, which should point to the zero
terminated password
to use for the TLS authentication method specified with the
\fICURLOPT_TLSAUTH_TYPE(3)\fP option. Requires that the
\fICURLOPT_TLSAUTH_USERNAME(3)\fP option also be set.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS-based protocols
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_TLSAUTH_TYPE, "SRP");
+ curl_easy_setopt(curl, CURLOPT_TLSAUTH_USERNAME, "user");
+ curl_easy_setopt(curl, CURLOPT_TLSAUTH_PASSWORD, "secret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.21.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.3
b/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.3
index 5655e7d71..6d1e131e7 100644
--- a/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.3
+++ b/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -37,12 +37,25 @@ defined in RFC5054 and provides mutual authentication if
both sides have a
shared secret. To use TLS-SRP, you must also set the
\fICURLOPT_TLSAUTH_USERNAME(3)\fP and \fICURLOPT_TLSAUTH_PASSWORD(3)\fP
options.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
blank
.SH PROTOCOLS
All TLS-based protocols
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_TLSAUTH_TYPE, "SRP");
+ curl_easy_setopt(curl, CURLOPT_TLSAUTH_USERNAME, "user");
+ curl_easy_setopt(curl, CURLOPT_TLSAUTH_PASSWORD, "secret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
You need to build libcurl with GnuTLS or OpenSSL with TLS-SRP support for this
to work. Added in 7.21.4
diff --git a/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.3
b/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.3
index 5022e4e08..56bb6377d 100644
--- a/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.3
+++ b/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,12 +32,25 @@ Pass a char * as parameter, which should point to the zero
terminated username
to use for the TLS authentication method specified with the
\fICURLOPT_TLSAUTH_TYPE(3)\fP option. Requires that the
\fICURLOPT_TLSAUTH_PASSWORD(3)\fP option also be set.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS-based protocols
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/";);
+ curl_easy_setopt(curl, CURLOPT_TLSAUTH_TYPE, "SRP");
+ curl_easy_setopt(curl, CURLOPT_TLSAUTH_USERNAME, "user");
+ curl_easy_setopt(curl, CURLOPT_TLSAUTH_PASSWORD, "secret");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.21.4
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_TRANSFERTEXT.3
b/docs/libcurl/opts/CURLOPT_TRANSFERTEXT.3
index aa1759c29..55f7e4e6c 100644
--- a/docs/libcurl/opts/CURLOPT_TRANSFERTEXT.3
+++ b/docs/libcurl/opts/CURLOPT_TRANSFERTEXT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -42,7 +42,15 @@ simply sets the mode to ASCII and performs a standard
transfer.
.SH PROTOCOLS
FTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/textfile";);
+ curl_easy_setopt(curl, CURLOPT_TRANSFERTEXT, 1L);
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Along with FTP
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3
b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3
index 242da13f0..9d5046e26 100644
--- a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3
+++ b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -28,7 +28,7 @@ CURLOPT_TRANSFER_ENCODING \- ask for HTTP Transfer Encoding
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TRANSFER_ENCODING, long
enable);
.SH DESCRIPTION
-Pass a long set to 1 to \fIenable\fP or 0 to disable.
+Pass a long set to 1L to \fIenable\fP or 0 to disable.
Adds a request for compressed Transfer Encoding in the outgoing HTTP
request. If the server supports this and so desires, it can respond with the
@@ -45,7 +45,14 @@ by both HTTP clients and HTTP servers.
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ curl_easy_setopt(curl, CURLOPT_TRANSFER_ENCODING, 1L);
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.21.6
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.3
b/docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.3
index 299c3ccba..8cf4d24ea 100644
--- a/docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.3
+++ b/docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,9 +33,9 @@ to \fIpath\fP. If \fIpath\fP is NULL, then Unix domain
sockets are disabled. An
empty string will result in an error at some point, it will not disable use of
Unix domain sockets.
-When enabled, cURL will connect to the Unix domain socket instead of
+When enabled, curl will connect to the Unix domain socket instead of
establishing a TCP connection to a host. Since no TCP connection is created,
-cURL does not need to resolve the DNS hostname in the URL.
+curl does not need to resolve the DNS hostname in the URL.
The maximum path length on Cygwin, Linux and Solaris is 107. On other platforms
it might be even less.
@@ -46,6 +46,9 @@ are not supported. Proxy options such as
.BR CURLOPT_PROXY "(3)
have no effect either as these are TCP-oriented, and asking a proxy server to
connect to a certain Unix domain socket is not possible.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
Default is NULL, meaning that no Unix domain sockets are used.
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.3
b/docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.3
index 9e4cf269d..a0099b2ef 100644
--- a/docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.3
+++ b/docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,16 +30,28 @@ CURLOPT_UNRESTRICTED_AUTH \- send credentials to other
hosts too
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_UNRESTRICTED_AUTH,
long goahead);
.SH DESCRIPTION
-A long parameter set to 1 tells libcurl it can continue to send authentication
-(user+password) credentials when following locations, even when hostname
-changed. This option is meaningful only when setting
+Set the long \fIgohead\fP parameter to 1L to make libcurl continue to send
+authentication (user+password) credentials when following locations, even when
+hostname changed. This option is meaningful only when setting
\fICURLOPT_FOLLOWLOCATION(3)\fP.
+
+By default, libcurl will only send given credentials to the initial host name
+as given in the original URL, to avoid leaking username + password to other
+sites.
.SH DEFAULT
0
.SH PROTOCOLS
HTTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com";);
+ curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+ curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L);
+ curl_easy_perform(curl);
+}
+.fi
.SH AVAILABILITY
Along with HTTP
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_URL.3 b/docs/libcurl/opts/CURLOPT_URL.3
index a7d81df2c..879f18323 100644
--- a/docs/libcurl/opts/CURLOPT_URL.3
+++ b/docs/libcurl/opts/CURLOPT_URL.3
@@ -283,6 +283,9 @@ user wants to pass in a '#' (hash) character it will be
treated as a fragment
and get cut off by libcurl if provided literally. You will instead have to
escape it by providing it as backslash and its ASCII value in hexadecimal:
"\\23".
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
There is no default URL. If this option isn't set, no transfer can be
performed.
diff --git a/docs/libcurl/opts/CURLOPT_USERAGENT.3
b/docs/libcurl/opts/CURLOPT_USERAGENT.3
index c769e955a..bf58f2bc9 100644
--- a/docs/libcurl/opts/CURLOPT_USERAGENT.3
+++ b/docs/libcurl/opts/CURLOPT_USERAGENT.3
@@ -32,6 +32,9 @@ Pass a pointer to a zero terminated string as parameter. It
will be used to
set the User-Agent: header in the HTTP request sent to the remote server. This
can be used to fool servers or scripts. You can also set any custom header
with \fICURLOPT_HTTPHEADER(3)\fP.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL, no User-Agent: header is used by default.
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/CURLOPT_USERNAME.3
b/docs/libcurl/opts/CURLOPT_USERNAME.3
index ec6001078..116b205da 100644
--- a/docs/libcurl/opts/CURLOPT_USERNAME.3
+++ b/docs/libcurl/opts/CURLOPT_USERNAME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -55,12 +55,26 @@ authentication as well.
To specify the password and login options, along with the user name, use the
\fICURLOPT_PASSWORD(3)\fP and \fICURLOPT_LOGIN_OPTIONS(3)\fP options.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
blank
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ curl_easy_setopt(curl, CURLOPT_USERNAME, "clark");
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.19.1
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_USERPWD.3
b/docs/libcurl/opts/CURLOPT_USERPWD.3
index 19404f6b6..c5b1f743e 100644
--- a/docs/libcurl/opts/CURLOPT_USERPWD.3
+++ b/docs/libcurl/opts/CURLOPT_USERPWD.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -61,12 +61,26 @@ SMTP options.
The user and password strings are not URL decoded, so there's no way to send
in a user name containing a colon using this option. Use
\fICURLOPT_USERNAME(3)\fP for that, or include it in the URL.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
Most
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/foo.bin";);
+
+ curl_easy_setopt(curl, CURLOPT_USERPWD, "clark:kent");
+
+ ret = curl_easy_perform(curl);
+
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Always
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.3
b/docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.3
index b6c1feef6..262c63764 100644
--- a/docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.3
+++ b/docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -34,12 +34,23 @@ the OAuth 2.0 Authorization Framework.
Note: The user name used to generate the Bearer Token should be supplied via
the \fICURLOPT_USERNAME(3)\fP option.
+
+The application does not have to keep the string around after setting this
+option.
.SH DEFAULT
NULL
.SH PROTOCOLS
IMAP, POP3 and SMTP
.SH EXAMPLE
-TODO
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, "pop3://example.com/");
+ curl_easy_setopt(curl, CURLOPT_XOAUTH2_BEARER, "1ab9cb22ba269a7");
+ ret = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+}
+.fi
.SH AVAILABILITY
Added in 7.33.0
.SH RETURN VALUE
diff --git a/docs/libcurl/opts/Makefile.am b/docs/libcurl/opts/Makefile.am
index a3fc0647f..3765ea7bf 100644
--- a/docs/libcurl/opts/Makefile.am
+++ b/docs/libcurl/opts/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -22,871 +22,17 @@
AUTOMAKE_OPTIONS = foreign no-dependencies
-man_MANS = \
- CURLINFO_ACTIVESOCKET.3 \
- CURLINFO_APPCONNECT_TIME.3 \
- CURLINFO_CERTINFO.3 \
- CURLINFO_CONDITION_UNMET.3 \
- CURLINFO_CONNECT_TIME.3 \
- CURLINFO_CONTENT_LENGTH_DOWNLOAD.3 \
- CURLINFO_CONTENT_LENGTH_UPLOAD.3 \
- CURLINFO_CONTENT_TYPE.3 \
- CURLINFO_COOKIELIST.3 \
- CURLINFO_EFFECTIVE_URL.3 \
- CURLINFO_FILETIME.3 \
- CURLINFO_FTP_ENTRY_PATH.3 \
- CURLINFO_HEADER_SIZE.3 \
- CURLINFO_HTTPAUTH_AVAIL.3 \
- CURLINFO_HTTP_CONNECTCODE.3 \
- CURLINFO_HTTP_VERSION.3 \
- CURLINFO_LASTSOCKET.3 \
- CURLINFO_LOCAL_IP.3 \
- CURLINFO_LOCAL_PORT.3 \
- CURLINFO_NAMELOOKUP_TIME.3 \
- CURLINFO_NUM_CONNECTS.3 \
- CURLINFO_OS_ERRNO.3 \
- CURLINFO_PRETRANSFER_TIME.3 \
- CURLINFO_PRIMARY_IP.3 \
- CURLINFO_PRIMARY_PORT.3 \
- CURLINFO_PRIVATE.3 \
- CURLINFO_PROXYAUTH_AVAIL.3 \
- CURLINFO_REDIRECT_COUNT.3 \
- CURLINFO_REDIRECT_TIME.3 \
- CURLINFO_REDIRECT_URL.3 \
- CURLINFO_REQUEST_SIZE.3 \
- CURLINFO_RESPONSE_CODE.3 \
- CURLINFO_RTSP_CLIENT_CSEQ.3 \
- CURLINFO_RTSP_CSEQ_RECV.3 \
- CURLINFO_RTSP_SERVER_CSEQ.3 \
- CURLINFO_RTSP_SESSION_ID.3 \
- CURLINFO_SIZE_DOWNLOAD.3 \
- CURLINFO_SIZE_UPLOAD.3 \
- CURLINFO_SPEED_DOWNLOAD.3 \
- CURLINFO_SPEED_UPLOAD.3 \
- CURLINFO_SSL_ENGINES.3 \
- CURLINFO_SSL_VERIFYRESULT.3 \
- CURLINFO_STARTTRANSFER_TIME.3 \
- CURLINFO_TLS_SESSION.3 \
- CURLINFO_TLS_SSL_PTR.3 \
- CURLINFO_TOTAL_TIME.3 \
- CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 \
- CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 \
- CURLMOPT_MAXCONNECTS.3 \
- CURLMOPT_MAX_HOST_CONNECTIONS.3 \
- CURLMOPT_MAX_PIPELINE_LENGTH.3 \
- CURLMOPT_MAX_TOTAL_CONNECTIONS.3 \
- CURLMOPT_PIPELINING.3 \
- CURLMOPT_PIPELINING_SERVER_BL.3 \
- CURLMOPT_PIPELINING_SITE_BL.3 \
- CURLMOPT_PUSHDATA.3 \
- CURLMOPT_PUSHFUNCTION.3 \
- CURLMOPT_SOCKETDATA.3 \
- CURLMOPT_SOCKETFUNCTION.3 \
- CURLMOPT_TIMERDATA.3 \
- CURLMOPT_TIMERFUNCTION.3 \
- CURLOPT_ACCEPTTIMEOUT_MS.3 \
- CURLOPT_ACCEPT_ENCODING.3 \
- CURLOPT_ADDRESS_SCOPE.3 \
- CURLOPT_APPEND.3 \
- CURLOPT_AUTOREFERER.3 \
- CURLOPT_BUFFERSIZE.3 \
- CURLOPT_CAINFO.3 \
- CURLOPT_CAPATH.3 \
- CURLOPT_CERTINFO.3 \
- CURLOPT_CHUNK_BGN_FUNCTION.3 \
- CURLOPT_CHUNK_DATA.3 \
- CURLOPT_CHUNK_END_FUNCTION.3 \
- CURLOPT_CLOSESOCKETDATA.3 \
- CURLOPT_CLOSESOCKETFUNCTION.3 \
- CURLOPT_CONNECTTIMEOUT.3 \
- CURLOPT_CONNECTTIMEOUT_MS.3 \
- CURLOPT_CONNECT_ONLY.3 \
- CURLOPT_CONNECT_TO.3 \
- CURLOPT_CONV_FROM_NETWORK_FUNCTION.3 \
- CURLOPT_CONV_FROM_UTF8_FUNCTION.3 \
- CURLOPT_CONV_TO_NETWORK_FUNCTION.3 \
- CURLOPT_COOKIE.3 \
- CURLOPT_COOKIEFILE.3 \
- CURLOPT_COOKIEJAR.3 \
- CURLOPT_COOKIELIST.3 \
- CURLOPT_COOKIESESSION.3 \
- CURLOPT_COPYPOSTFIELDS.3 \
- CURLOPT_CRLF.3 \
- CURLOPT_CRLFILE.3 \
- CURLOPT_CUSTOMREQUEST.3 \
- CURLOPT_DEBUGDATA.3 \
- CURLOPT_DEBUGFUNCTION.3 \
- CURLOPT_DEFAULT_PROTOCOL.3 \
- CURLOPT_DIRLISTONLY.3 \
- CURLOPT_DNS_CACHE_TIMEOUT.3 \
- CURLOPT_DNS_INTERFACE.3 \
- CURLOPT_DNS_LOCAL_IP4.3 \
- CURLOPT_DNS_LOCAL_IP6.3 \
- CURLOPT_DNS_SERVERS.3 \
- CURLOPT_DNS_USE_GLOBAL_CACHE.3 \
- CURLOPT_EGDSOCKET.3 \
- CURLOPT_ERRORBUFFER.3 \
- CURLOPT_EXPECT_100_TIMEOUT_MS.3 \
- CURLOPT_FAILONERROR.3 \
- CURLOPT_FILETIME.3 \
- CURLOPT_FNMATCH_DATA.3 \
- CURLOPT_FNMATCH_FUNCTION.3 \
- CURLOPT_FOLLOWLOCATION.3 \
- CURLOPT_FORBID_REUSE.3 \
- CURLOPT_FRESH_CONNECT.3 \
- CURLOPT_FTPPORT.3 \
- CURLOPT_FTPSSLAUTH.3 \
- CURLOPT_FTP_ACCOUNT.3 \
- CURLOPT_FTP_ALTERNATIVE_TO_USER.3 \
- CURLOPT_FTP_CREATE_MISSING_DIRS.3 \
- CURLOPT_FTP_FILEMETHOD.3 \
- CURLOPT_FTP_RESPONSE_TIMEOUT.3 \
- CURLOPT_FTP_SKIP_PASV_IP.3 \
- CURLOPT_FTP_SSL_CCC.3 \
- CURLOPT_FTP_USE_EPRT.3 \
- CURLOPT_FTP_USE_EPSV.3 \
- CURLOPT_FTP_USE_PRET.3 \
- CURLOPT_GSSAPI_DELEGATION.3 \
- CURLOPT_HEADER.3 \
- CURLOPT_HEADERDATA.3 \
- CURLOPT_HEADERFUNCTION.3 \
- CURLOPT_HEADEROPT.3 \
- CURLOPT_HTTP200ALIASES.3 \
- CURLOPT_HTTPAUTH.3 \
- CURLOPT_HTTPGET.3 \
- CURLOPT_HTTPHEADER.3 \
- CURLOPT_HTTPPOST.3 \
- CURLOPT_HTTPPROXYTUNNEL.3 \
- CURLOPT_HTTP_CONTENT_DECODING.3 \
- CURLOPT_HTTP_TRANSFER_DECODING.3 \
- CURLOPT_HTTP_VERSION.3 \
- CURLOPT_IGNORE_CONTENT_LENGTH.3 \
- CURLOPT_INFILESIZE.3 \
- CURLOPT_INFILESIZE_LARGE.3 \
- CURLOPT_INTERFACE.3 \
- CURLOPT_INTERLEAVEDATA.3 \
- CURLOPT_INTERLEAVEFUNCTION.3 \
- CURLOPT_IOCTLDATA.3 \
- CURLOPT_IOCTLFUNCTION.3 \
- CURLOPT_IPRESOLVE.3 \
- CURLOPT_ISSUERCERT.3 \
- CURLOPT_KEYPASSWD.3 \
- CURLOPT_KRBLEVEL.3 \
- CURLOPT_LOCALPORT.3 \
- CURLOPT_LOCALPORTRANGE.3 \
- CURLOPT_LOGIN_OPTIONS.3 \
- CURLOPT_LOW_SPEED_LIMIT.3 \
- CURLOPT_LOW_SPEED_TIME.3 \
- CURLOPT_MAIL_AUTH.3 \
- CURLOPT_MAIL_FROM.3 \
- CURLOPT_MAIL_RCPT.3 \
- CURLOPT_MAXCONNECTS.3 \
- CURLOPT_MAXFILESIZE.3 \
- CURLOPT_MAXFILESIZE_LARGE.3 \
- CURLOPT_MAXREDIRS.3 \
- CURLOPT_MAX_RECV_SPEED_LARGE.3 \
- CURLOPT_MAX_SEND_SPEED_LARGE.3 \
- CURLOPT_NETRC.3 \
- CURLOPT_NETRC_FILE.3 \
- CURLOPT_NEW_DIRECTORY_PERMS.3 \
- CURLOPT_NEW_FILE_PERMS.3 \
- CURLOPT_NOBODY.3 \
- CURLOPT_NOPROGRESS.3 \
- CURLOPT_NOPROXY.3 \
- CURLOPT_NOSIGNAL.3 \
- CURLOPT_OPENSOCKETDATA.3 \
- CURLOPT_OPENSOCKETFUNCTION.3 \
- CURLOPT_PASSWORD.3 \
- CURLOPT_PATH_AS_IS.3 \
- CURLOPT_PINNEDPUBLICKEY.3 \
- CURLOPT_PIPEWAIT.3 \
- CURLOPT_PORT.3 \
- CURLOPT_POST.3 \
- CURLOPT_POSTFIELDS.3 \
- CURLOPT_POSTFIELDSIZE.3 \
- CURLOPT_POSTFIELDSIZE_LARGE.3 \
- CURLOPT_POSTQUOTE.3 \
- CURLOPT_POSTREDIR.3 \
- CURLOPT_PREQUOTE.3 \
- CURLOPT_PRIVATE.3 \
- CURLOPT_PROGRESSDATA.3 \
- CURLOPT_PROGRESSFUNCTION.3 \
- CURLOPT_PROTOCOLS.3 \
- CURLOPT_PROXY.3 \
- CURLOPT_PROXYAUTH.3 \
- CURLOPT_PROXYHEADER.3 \
- CURLOPT_PROXYPASSWORD.3 \
- CURLOPT_PROXYPORT.3 \
- CURLOPT_PROXYTYPE.3 \
- CURLOPT_PROXYUSERNAME.3 \
- CURLOPT_PROXYUSERPWD.3 \
- CURLOPT_PROXY_SERVICE_NAME.3 \
- CURLOPT_PROXY_TRANSFER_MODE.3 \
- CURLOPT_PUT.3 \
- CURLOPT_QUOTE.3 \
- CURLOPT_RANDOM_FILE.3 \
- CURLOPT_RANGE.3 \
- CURLOPT_READDATA.3 \
- CURLOPT_READFUNCTION.3 \
- CURLOPT_REDIR_PROTOCOLS.3 \
- CURLOPT_REFERER.3 \
- CURLOPT_RESOLVE.3 \
- CURLOPT_RESUME_FROM.3 \
- CURLOPT_RESUME_FROM_LARGE.3 \
- CURLOPT_RTSP_CLIENT_CSEQ.3 \
- CURLOPT_RTSP_REQUEST.3 \
- CURLOPT_RTSP_SERVER_CSEQ.3 \
- CURLOPT_RTSP_SESSION_ID.3 \
- CURLOPT_RTSP_STREAM_URI.3 \
- CURLOPT_RTSP_TRANSPORT.3 \
- CURLOPT_SASL_IR.3 \
- CURLOPT_SEEKDATA.3 \
- CURLOPT_SEEKFUNCTION.3 \
- CURLOPT_SERVICE_NAME.3 \
- CURLOPT_SHARE.3 \
- CURLOPT_SOCKOPTDATA.3 \
- CURLOPT_SOCKOPTFUNCTION.3 \
- CURLOPT_SOCKS5_GSSAPI_NEC.3 \
- CURLOPT_SOCKS5_GSSAPI_SERVICE.3 \
- CURLOPT_SSH_AUTH_TYPES.3 \
- CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3 \
- CURLOPT_SSH_KEYDATA.3 \
- CURLOPT_SSH_KEYFUNCTION.3 \
- CURLOPT_SSH_KNOWNHOSTS.3 \
- CURLOPT_SSH_PRIVATE_KEYFILE.3 \
- CURLOPT_SSH_PUBLIC_KEYFILE.3 \
- CURLOPT_SSLCERT.3 \
- CURLOPT_SSLCERTTYPE.3 \
- CURLOPT_SSLENGINE.3 \
- CURLOPT_SSLENGINE_DEFAULT.3 \
- CURLOPT_SSLKEY.3 \
- CURLOPT_SSLKEYTYPE.3 \
- CURLOPT_SSLVERSION.3 \
- CURLOPT_SSL_CIPHER_LIST.3 \
- CURLOPT_SSL_CTX_DATA.3 \
- CURLOPT_SSL_CTX_FUNCTION.3 \
- CURLOPT_SSL_ENABLE_ALPN.3 \
- CURLOPT_SSL_ENABLE_NPN.3 \
- CURLOPT_SSL_FALSESTART.3 \
- CURLOPT_SSL_OPTIONS.3 \
- CURLOPT_SSL_SESSIONID_CACHE.3 \
- CURLOPT_SSL_VERIFYHOST.3 \
- CURLOPT_SSL_VERIFYPEER.3 \
- CURLOPT_SSL_VERIFYSTATUS.3 \
- CURLOPT_STDERR.3 \
- CURLOPT_STREAM_DEPENDS.3 \
- CURLOPT_STREAM_DEPENDS_E.3 \
- CURLOPT_STREAM_WEIGHT.3 \
- CURLOPT_TCP_FASTOPEN.3 \
- CURLOPT_TCP_KEEPALIVE.3 \
- CURLOPT_TCP_KEEPIDLE.3 \
- CURLOPT_TCP_KEEPINTVL.3 \
- CURLOPT_TCP_NODELAY.3 \
- CURLOPT_TELNETOPTIONS.3 \
- CURLOPT_TFTP_BLKSIZE.3 \
- CURLOPT_TFTP_NO_OPTIONS.3 \
- CURLOPT_TIMECONDITION.3 \
- CURLOPT_TIMEOUT.3 \
- CURLOPT_TIMEOUT_MS.3 \
- CURLOPT_TIMEVALUE.3 \
- CURLOPT_TLSAUTH_PASSWORD.3 \
- CURLOPT_TLSAUTH_TYPE.3 \
- CURLOPT_TLSAUTH_USERNAME.3 \
- CURLOPT_TRANSFERTEXT.3 \
- CURLOPT_TRANSFER_ENCODING.3 \
- CURLOPT_UNIX_SOCKET_PATH.3 \
- CURLOPT_UNRESTRICTED_AUTH.3 \
- CURLOPT_UPLOAD.3 \
- CURLOPT_URL.3 \
- CURLOPT_USERAGENT.3 \
- CURLOPT_USERNAME.3 \
- CURLOPT_USERPWD.3 \
- CURLOPT_USE_SSL.3 \
- CURLOPT_VERBOSE.3 \
- CURLOPT_WILDCARDMATCH.3 \
- CURLOPT_WRITEDATA.3 \
- CURLOPT_WRITEFUNCTION.3 \
- CURLOPT_XFERINFODATA.3 \
- CURLOPT_XFERINFOFUNCTION.3 \
- CURLOPT_XOAUTH2_BEARER.3
+include Makefile.inc
-HTMLPAGES = \
- CURLINFO_ACTIVESOCKET.html \
- CURLINFO_APPCONNECT_TIME.html \
- CURLINFO_CERTINFO.html \
- CURLINFO_CONDITION_UNMET.html \
- CURLINFO_CONNECT_TIME.html \
- CURLINFO_CONTENT_LENGTH_DOWNLOAD.html \
- CURLINFO_CONTENT_LENGTH_UPLOAD.html \
- CURLINFO_CONTENT_TYPE.html \
- CURLINFO_COOKIELIST.html \
- CURLINFO_EFFECTIVE_URL.html \
- CURLINFO_FILETIME.html \
- CURLINFO_FTP_ENTRY_PATH.html \
- CURLINFO_HEADER_SIZE.html \
- CURLINFO_HTTPAUTH_AVAIL.html \
- CURLINFO_HTTP_CONNECTCODE.html \
- CURLINFO_LASTSOCKET.html \
- CURLINFO_LOCAL_IP.html \
- CURLINFO_LOCAL_PORT.html \
- CURLINFO_NAMELOOKUP_TIME.html \
- CURLINFO_NUM_CONNECTS.html \
- CURLINFO_OS_ERRNO.html \
- CURLINFO_PRETRANSFER_TIME.html \
- CURLINFO_PRIMARY_IP.html \
- CURLINFO_PRIMARY_PORT.html \
- CURLINFO_PRIVATE.html \
- CURLINFO_PROXYAUTH_AVAIL.html \
- CURLINFO_REDIRECT_COUNT.html \
- CURLINFO_REDIRECT_TIME.html \
- CURLINFO_REDIRECT_URL.html \
- CURLINFO_REQUEST_SIZE.html \
- CURLINFO_RESPONSE_CODE.html \
- CURLINFO_RTSP_CLIENT_CSEQ.html \
- CURLINFO_RTSP_CSEQ_RECV.html \
- CURLINFO_RTSP_SERVER_CSEQ.html \
- CURLINFO_RTSP_SESSION_ID.html \
- CURLINFO_SIZE_DOWNLOAD.html \
- CURLINFO_SIZE_UPLOAD.html \
- CURLINFO_SPEED_DOWNLOAD.html \
- CURLINFO_SPEED_UPLOAD.html \
- CURLINFO_SSL_ENGINES.html \
- CURLINFO_SSL_VERIFYRESULT.html \
- CURLINFO_STARTTRANSFER_TIME.html \
- CURLINFO_TLS_SESSION.html \
- CURLINFO_TLS_SSL_PTR.html \
- CURLINFO_TOTAL_TIME.html \
- CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.html \
- CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.html \
- CURLMOPT_MAXCONNECTS.html \
- CURLMOPT_MAX_HOST_CONNECTIONS.html \
- CURLMOPT_MAX_PIPELINE_LENGTH.html \
- CURLMOPT_MAX_TOTAL_CONNECTIONS.html \
- CURLMOPT_PIPELINING.html \
- CURLMOPT_PIPELINING_SERVER_BL.html \
- CURLMOPT_PIPELINING_SITE_BL.html \
- CURLMOPT_PUSHDATA.html \
- CURLMOPT_PUSHFUNCTION.html \
- CURLMOPT_SOCKETDATA.html \
- CURLMOPT_SOCKETFUNCTION.html \
- CURLMOPT_TIMERDATA.html \
- CURLMOPT_TIMERFUNCTION.html \
- CURLOPT_ACCEPTTIMEOUT_MS.html \
- CURLOPT_ACCEPT_ENCODING.html \
- CURLOPT_ADDRESS_SCOPE.html \
- CURLOPT_APPEND.html \
- CURLOPT_AUTOREFERER.html \
- CURLOPT_BUFFERSIZE.html \
- CURLOPT_CAINFO.html \
- CURLOPT_CAPATH.html \
- CURLOPT_CERTINFO.html \
- CURLOPT_CHUNK_BGN_FUNCTION.html \
- CURLOPT_CHUNK_DATA.html \
- CURLOPT_CHUNK_END_FUNCTION.html \
- CURLOPT_CLOSESOCKETDATA.html \
- CURLOPT_CLOSESOCKETFUNCTION.html \
- CURLOPT_CONNECTTIMEOUT.html \
- CURLOPT_CONNECTTIMEOUT_MS.html \
- CURLOPT_CONNECT_ONLY.html \
- CURLOPT_CONNECT_TO.html \
- CURLOPT_CONV_FROM_NETWORK_FUNCTION.html \
- CURLOPT_CONV_FROM_UTF8_FUNCTION.html \
- CURLOPT_CONV_TO_NETWORK_FUNCTION.html \
- CURLOPT_COOKIE.html \
- CURLOPT_COOKIEFILE.html \
- CURLOPT_COOKIEJAR.html \
- CURLOPT_COOKIELIST.html \
- CURLOPT_COOKIESESSION.html \
- CURLOPT_COPYPOSTFIELDS.html \
- CURLOPT_CRLF.html \
- CURLOPT_CRLFILE.html \
- CURLOPT_CUSTOMREQUEST.html \
- CURLOPT_DEBUGDATA.html \
- CURLOPT_DEBUGFUNCTION.html \
- CURLOPT_DEFAULT_PROTOCOL.html \
- CURLOPT_DIRLISTONLY.html \
- CURLOPT_DNS_CACHE_TIMEOUT.html \
- CURLOPT_DNS_INTERFACE.html \
- CURLOPT_DNS_LOCAL_IP4.html \
- CURLOPT_DNS_LOCAL_IP6.html \
- CURLOPT_DNS_SERVERS.html \
- CURLOPT_DNS_USE_GLOBAL_CACHE.html \
- CURLOPT_EGDSOCKET.html \
- CURLOPT_ERRORBUFFER.html \
- CURLOPT_EXPECT_100_TIMEOUT_MS.html \
- CURLOPT_FAILONERROR.html \
- CURLOPT_FILETIME.html \
- CURLOPT_FNMATCH_DATA.html \
- CURLOPT_FNMATCH_FUNCTION.html \
- CURLOPT_FOLLOWLOCATION.html \
- CURLOPT_FORBID_REUSE.html \
- CURLOPT_FRESH_CONNECT.html \
- CURLOPT_FTPPORT.html \
- CURLOPT_FTPSSLAUTH.html \
- CURLOPT_FTP_ACCOUNT.html \
- CURLOPT_FTP_ALTERNATIVE_TO_USER.html \
- CURLOPT_FTP_CREATE_MISSING_DIRS.html \
- CURLOPT_FTP_FILEMETHOD.html \
- CURLOPT_FTP_RESPONSE_TIMEOUT.html \
- CURLOPT_FTP_SKIP_PASV_IP.html \
- CURLOPT_FTP_SSL_CCC.html \
- CURLOPT_FTP_USE_EPRT.html \
- CURLOPT_FTP_USE_EPSV.html \
- CURLOPT_FTP_USE_PRET.html \
- CURLOPT_GSSAPI_DELEGATION.html \
- CURLOPT_HEADER.html \
- CURLOPT_HEADERDATA.html \
- CURLOPT_HEADERFUNCTION.html \
- CURLOPT_HEADEROPT.html \
- CURLOPT_HTTP200ALIASES.html \
- CURLOPT_HTTPAUTH.html \
- CURLOPT_HTTPGET.html \
- CURLOPT_HTTPHEADER.html \
- CURLOPT_HTTPPOST.html \
- CURLOPT_HTTPPROXYTUNNEL.html \
- CURLOPT_HTTP_CONTENT_DECODING.html \
- CURLOPT_HTTP_TRANSFER_DECODING.html \
- CURLOPT_HTTP_VERSION.html \
- CURLOPT_IGNORE_CONTENT_LENGTH.html \
- CURLOPT_INFILESIZE.html \
- CURLOPT_INFILESIZE_LARGE.html \
- CURLOPT_INTERFACE.html \
- CURLOPT_INTERLEAVEDATA.html \
- CURLOPT_INTERLEAVEFUNCTION.html \
- CURLOPT_IOCTLDATA.html \
- CURLOPT_IOCTLFUNCTION.html \
- CURLOPT_IPRESOLVE.html \
- CURLOPT_ISSUERCERT.html \
- CURLOPT_KEYPASSWD.html \
- CURLOPT_KRBLEVEL.html \
- CURLOPT_LOCALPORT.html \
- CURLOPT_LOCALPORTRANGE.html \
- CURLOPT_LOGIN_OPTIONS.html \
- CURLOPT_LOW_SPEED_LIMIT.html \
- CURLOPT_LOW_SPEED_TIME.html \
- CURLOPT_MAIL_AUTH.html \
- CURLOPT_MAIL_FROM.html \
- CURLOPT_MAIL_RCPT.html \
- CURLOPT_MAXCONNECTS.html \
- CURLOPT_MAXFILESIZE.html \
- CURLOPT_MAXFILESIZE_LARGE.html \
- CURLOPT_MAXREDIRS.html \
- CURLOPT_MAX_RECV_SPEED_LARGE.html \
- CURLOPT_MAX_SEND_SPEED_LARGE.html \
- CURLOPT_NETRC.html \
- CURLOPT_NETRC_FILE.html \
- CURLOPT_NEW_DIRECTORY_PERMS.html \
- CURLOPT_NEW_FILE_PERMS.html \
- CURLOPT_NOBODY.html \
- CURLOPT_NOPROGRESS.html \
- CURLOPT_NOPROXY.html \
- CURLOPT_NOSIGNAL.html \
- CURLOPT_OPENSOCKETDATA.html \
- CURLOPT_OPENSOCKETFUNCTION.html \
- CURLOPT_PASSWORD.html \
- CURLOPT_PATH_AS_IS.html \
- CURLOPT_PINNEDPUBLICKEY.html \
- CURLOPT_PIPEWAIT.html \
- CURLOPT_PORT.html \
- CURLOPT_POST.html \
- CURLOPT_POSTFIELDS.html \
- CURLOPT_POSTFIELDSIZE.html \
- CURLOPT_POSTFIELDSIZE_LARGE.html \
- CURLOPT_POSTQUOTE.html \
- CURLOPT_POSTREDIR.html \
- CURLOPT_PREQUOTE.html \
- CURLOPT_PRIVATE.html \
- CURLOPT_PROGRESSDATA.html \
- CURLOPT_PROGRESSFUNCTION.html \
- CURLOPT_PROTOCOLS.html \
- CURLOPT_PROXY.html \
- CURLOPT_PROXYAUTH.html \
- CURLOPT_PROXYHEADER.html \
- CURLOPT_PROXYPASSWORD.html \
- CURLOPT_PROXYPORT.html \
- CURLOPT_PROXYTYPE.html \
- CURLOPT_PROXYUSERNAME.html \
- CURLOPT_PROXYUSERPWD.html \
- CURLOPT_PROXY_SERVICE_NAME.html \
- CURLOPT_PROXY_TRANSFER_MODE.html \
- CURLOPT_PUT.html \
- CURLOPT_QUOTE.html \
- CURLOPT_RANDOM_FILE.html \
- CURLOPT_RANGE.html \
- CURLOPT_READDATA.html \
- CURLOPT_READFUNCTION.html \
- CURLOPT_REDIR_PROTOCOLS.html \
- CURLOPT_REFERER.html \
- CURLOPT_RESOLVE.html \
- CURLOPT_RESUME_FROM.html \
- CURLOPT_RESUME_FROM_LARGE.html \
- CURLOPT_RTSP_CLIENT_CSEQ.html \
- CURLOPT_RTSP_REQUEST.html \
- CURLOPT_RTSP_SERVER_CSEQ.html \
- CURLOPT_RTSP_SESSION_ID.html \
- CURLOPT_RTSP_STREAM_URI.html \
- CURLOPT_RTSP_TRANSPORT.html \
- CURLOPT_SASL_IR.html \
- CURLOPT_SEEKDATA.html \
- CURLOPT_SEEKFUNCTION.html \
- CURLOPT_SERVICE_NAME.html \
- CURLOPT_SHARE.html \
- CURLOPT_SOCKOPTDATA.html \
- CURLOPT_SOCKOPTFUNCTION.html \
- CURLOPT_SOCKS5_GSSAPI_NEC.html \
- CURLOPT_SOCKS5_GSSAPI_SERVICE.html \
- CURLOPT_SSH_AUTH_TYPES.html \
- CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.html \
- CURLOPT_SSH_KEYDATA.html \
- CURLOPT_SSH_KEYFUNCTION.html \
- CURLOPT_SSH_KNOWNHOSTS.html \
- CURLOPT_SSH_PRIVATE_KEYFILE.html \
- CURLOPT_SSH_PUBLIC_KEYFILE.html \
- CURLOPT_SSLCERT.html \
- CURLOPT_SSLCERTTYPE.html \
- CURLOPT_SSLENGINE.html \
- CURLOPT_SSLENGINE_DEFAULT.html \
- CURLOPT_SSLKEY.html \
- CURLOPT_SSLKEYTYPE.html \
- CURLOPT_SSLVERSION.html \
- CURLOPT_SSL_CIPHER_LIST.html \
- CURLOPT_SSL_CTX_DATA.html \
- CURLOPT_SSL_CTX_FUNCTION.html \
- CURLOPT_SSL_ENABLE_ALPN.html \
- CURLOPT_SSL_ENABLE_NPN.html \
- CURLOPT_SSL_FALSESTART.html \
- CURLOPT_SSL_OPTIONS.html \
- CURLOPT_SSL_SESSIONID_CACHE.html \
- CURLOPT_SSL_VERIFYHOST.html \
- CURLOPT_SSL_VERIFYPEER.html \
- CURLOPT_SSL_VERIFYSTATUS.html \
- CURLOPT_STDERR.html \
- CURLOPT_STREAM_DEPENDS.html \
- CURLOPT_STREAM_DEPENDS_E.html \
- CURLOPT_STREAM_WEIGHT.html \
- CURLOPT_TCP_FASTOPEN.html \
- CURLOPT_TCP_KEEPALIVE.html \
- CURLOPT_TCP_KEEPIDLE.html \
- CURLOPT_TCP_KEEPINTVL.html \
- CURLOPT_TCP_NODELAY.html \
- CURLOPT_TELNETOPTIONS.html \
- CURLOPT_TFTP_BLKSIZE.html \
- CURLOPT_TFTP_NO_OPTIONS.html \
- CURLOPT_TIMECONDITION.html \
- CURLOPT_TIMEOUT.html \
- CURLOPT_TIMEOUT_MS.html \
- CURLOPT_TIMEVALUE.html \
- CURLOPT_TLSAUTH_PASSWORD.html \
- CURLOPT_TLSAUTH_TYPE.html \
- CURLOPT_TLSAUTH_USERNAME.html \
- CURLOPT_TRANSFERTEXT.html \
- CURLOPT_TRANSFER_ENCODING.html \
- CURLOPT_UNIX_SOCKET_PATH.html \
- CURLOPT_UNRESTRICTED_AUTH.html \
- CURLOPT_UPLOAD.html \
- CURLOPT_URL.html \
- CURLOPT_USERAGENT.html \
- CURLOPT_USERNAME.html \
- CURLOPT_USERPWD.html \
- CURLOPT_USE_SSL.html \
- CURLOPT_VERBOSE.html \
- CURLOPT_WILDCARDMATCH.html \
- CURLOPT_WRITEDATA.html \
- CURLOPT_WRITEFUNCTION.html \
- CURLOPT_XFERINFODATA.html \
- CURLOPT_XFERINFOFUNCTION.html \
- CURLOPT_XOAUTH2_BEARER.html
+man_DISTMANS = $(man_MANS:.3=.3.dist)
-PDFPAGES = \
- CURLINFO_ACTIVESOCKET.pdf \
- CURLINFO_APPCONNECT_TIME.pdf \
- CURLINFO_CERTINFO.pdf \
- CURLINFO_CONDITION_UNMET.pdf \
- CURLINFO_CONNECT_TIME.pdf \
- CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf \
- CURLINFO_CONTENT_LENGTH_UPLOAD.pdf \
- CURLINFO_CONTENT_TYPE.pdf \
- CURLINFO_COOKIELIST.pdf \
- CURLINFO_EFFECTIVE_URL.pdf \
- CURLINFO_FILETIME.pdf \
- CURLINFO_FTP_ENTRY_PATH.pdf \
- CURLINFO_HEADER_SIZE.pdf \
- CURLINFO_HTTPAUTH_AVAIL.pdf \
- CURLINFO_HTTP_CONNECTCODE.pdf \
- CURLINFO_LASTSOCKET.pdf \
- CURLINFO_LOCAL_IP.pdf \
- CURLINFO_LOCAL_PORT.pdf \
- CURLINFO_NAMELOOKUP_TIME.pdf \
- CURLINFO_NUM_CONNECTS.pdf \
- CURLINFO_OS_ERRNO.pdf \
- CURLINFO_PRETRANSFER_TIME.pdf \
- CURLINFO_PRIMARY_IP.pdf \
- CURLINFO_PRIMARY_PORT.pdf \
- CURLINFO_PRIVATE.pdf \
- CURLINFO_PROXYAUTH_AVAIL.pdf \
- CURLINFO_REDIRECT_COUNT.pdf \
- CURLINFO_REDIRECT_TIME.pdf \
- CURLINFO_REDIRECT_URL.pdf \
- CURLINFO_REQUEST_SIZE.pdf \
- CURLINFO_RESPONSE_CODE.pdf \
- CURLINFO_RTSP_CLIENT_CSEQ.pdf \
- CURLINFO_RTSP_CSEQ_RECV.pdf \
- CURLINFO_RTSP_SERVER_CSEQ.pdf \
- CURLINFO_RTSP_SESSION_ID.pdf \
- CURLINFO_SIZE_DOWNLOAD.pdf \
- CURLINFO_SIZE_UPLOAD.pdf \
- CURLINFO_SPEED_DOWNLOAD.pdf \
- CURLINFO_SPEED_UPLOAD.pdf \
- CURLINFO_SSL_ENGINES.pdf \
- CURLINFO_SSL_VERIFYRESULT.pdf \
- CURLINFO_STARTTRANSFER_TIME.pdf \
- CURLINFO_TLS_SESSION.pdf \
- CURLINFO_TLS_SSL_PTR.pdf \
- CURLINFO_TOTAL_TIME.pdf \
- CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf \
- CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf \
- CURLMOPT_MAXCONNECTS.pdf \
- CURLMOPT_MAX_HOST_CONNECTIONS.pdf \
- CURLMOPT_MAX_PIPELINE_LENGTH.pdf \
- CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf \
- CURLMOPT_PIPELINING.pdf \
- CURLMOPT_PIPELINING_SERVER_BL.pdf \
- CURLMOPT_PIPELINING_SITE_BL.pdf \
- CURLMOPT_PUSHDATA.pdf \
- CURLMOPT_PUSHFUNCTION.pdf \
- CURLMOPT_SOCKETDATA.pdf \
- CURLMOPT_SOCKETFUNCTION.pdf \
- CURLMOPT_TIMERDATA.pdf \
- CURLMOPT_TIMERFUNCTION.pdf \
- CURLOPT_ACCEPTTIMEOUT_MS.pdf \
- CURLOPT_ACCEPT_ENCODING.pdf \
- CURLOPT_ADDRESS_SCOPE.pdf \
- CURLOPT_APPEND.pdf \
- CURLOPT_AUTOREFERER.pdf \
- CURLOPT_BUFFERSIZE.pdf \
- CURLOPT_CAINFO.pdf \
- CURLOPT_CAPATH.pdf \
- CURLOPT_CERTINFO.pdf \
- CURLOPT_CHUNK_BGN_FUNCTION.pdf \
- CURLOPT_CHUNK_DATA.pdf \
- CURLOPT_CHUNK_END_FUNCTION.pdf \
- CURLOPT_CLOSESOCKETDATA.pdf \
- CURLOPT_CLOSESOCKETFUNCTION.pdf \
- CURLOPT_CONNECTTIMEOUT.pdf \
- CURLOPT_CONNECTTIMEOUT_MS.pdf \
- CURLOPT_CONNECT_ONLY.pdf \
- CURLOPT_CONNECT_TO.pdf \
- CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf \
- CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf \
- CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf \
- CURLOPT_COOKIE.pdf \
- CURLOPT_COOKIEFILE.pdf \
- CURLOPT_COOKIEJAR.pdf \
- CURLOPT_COOKIELIST.pdf \
- CURLOPT_COOKIESESSION.pdf \
- CURLOPT_COPYPOSTFIELDS.pdf \
- CURLOPT_CRLF.pdf \
- CURLOPT_CRLFILE.pdf \
- CURLOPT_CUSTOMREQUEST.pdf \
- CURLOPT_DEBUGDATA.pdf \
- CURLOPT_DEBUGFUNCTION.pdf \
- CURLOPT_DEFAULT_PROTOCOL.pdf \
- CURLOPT_DIRLISTONLY.pdf \
- CURLOPT_DNS_CACHE_TIMEOUT.pdf \
- CURLOPT_DNS_INTERFACE.pdf \
- CURLOPT_DNS_LOCAL_IP4.pdf \
- CURLOPT_DNS_LOCAL_IP6.pdf \
- CURLOPT_DNS_SERVERS.pdf \
- CURLOPT_DNS_USE_GLOBAL_CACHE.pdf \
- CURLOPT_EGDSOCKET.pdf \
- CURLOPT_ERRORBUFFER.pdf \
- CURLOPT_EXPECT_100_TIMEOUT_MS.pdf \
- CURLOPT_FAILONERROR.pdf \
- CURLOPT_FILETIME.pdf \
- CURLOPT_FNMATCH_DATA.pdf \
- CURLOPT_FNMATCH_FUNCTION.pdf \
- CURLOPT_FOLLOWLOCATION.pdf \
- CURLOPT_FORBID_REUSE.pdf \
- CURLOPT_FRESH_CONNECT.pdf \
- CURLOPT_FTPPORT.pdf \
- CURLOPT_FTPSSLAUTH.pdf \
- CURLOPT_FTP_ACCOUNT.pdf \
- CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf \
- CURLOPT_FTP_CREATE_MISSING_DIRS.pdf \
- CURLOPT_FTP_FILEMETHOD.pdf \
- CURLOPT_FTP_RESPONSE_TIMEOUT.pdf \
- CURLOPT_FTP_SKIP_PASV_IP.pdf \
- CURLOPT_FTP_SSL_CCC.pdf \
- CURLOPT_FTP_USE_EPRT.pdf \
- CURLOPT_FTP_USE_EPSV.pdf \
- CURLOPT_FTP_USE_PRET.pdf \
- CURLOPT_GSSAPI_DELEGATION.pdf \
- CURLOPT_HEADER.pdf \
- CURLOPT_HEADERDATA.pdf \
- CURLOPT_HEADERFUNCTION.pdf \
- CURLOPT_HEADEROPT.pdf \
- CURLOPT_HTTP200ALIASES.pdf \
- CURLOPT_HTTPAUTH.pdf \
- CURLOPT_HTTPGET.pdf \
- CURLOPT_HTTPHEADER.pdf \
- CURLOPT_HTTPPOST.pdf \
- CURLOPT_HTTPPROXYTUNNEL.pdf \
- CURLOPT_HTTP_CONTENT_DECODING.pdf \
- CURLOPT_HTTP_TRANSFER_DECODING.pdf \
- CURLOPT_HTTP_VERSION.pdf \
- CURLOPT_IGNORE_CONTENT_LENGTH.pdf \
- CURLOPT_INFILESIZE.pdf \
- CURLOPT_INFILESIZE_LARGE.pdf \
- CURLOPT_INTERFACE.pdf \
- CURLOPT_INTERLEAVEDATA.pdf \
- CURLOPT_INTERLEAVEFUNCTION.pdf \
- CURLOPT_IOCTLDATA.pdf \
- CURLOPT_IOCTLFUNCTION.pdf \
- CURLOPT_IPRESOLVE.pdf \
- CURLOPT_ISSUERCERT.pdf \
- CURLOPT_KEYPASSWD.pdf \
- CURLOPT_KRBLEVEL.pdf \
- CURLOPT_LOCALPORT.pdf \
- CURLOPT_LOCALPORTRANGE.pdf \
- CURLOPT_LOGIN_OPTIONS.pdf \
- CURLOPT_LOW_SPEED_LIMIT.pdf \
- CURLOPT_LOW_SPEED_TIME.pdf \
- CURLOPT_MAIL_AUTH.pdf \
- CURLOPT_MAIL_FROM.pdf \
- CURLOPT_MAIL_RCPT.pdf \
- CURLOPT_MAXCONNECTS.pdf \
- CURLOPT_MAXFILESIZE.pdf \
- CURLOPT_MAXFILESIZE_LARGE.pdf \
- CURLOPT_MAXREDIRS.pdf \
- CURLOPT_MAX_RECV_SPEED_LARGE.pdf \
- CURLOPT_MAX_SEND_SPEED_LARGE.pdf \
- CURLOPT_NETRC.pdf \
- CURLOPT_NETRC_FILE.pdf \
- CURLOPT_NEW_DIRECTORY_PERMS.pdf \
- CURLOPT_NEW_FILE_PERMS.pdf \
- CURLOPT_NOBODY.pdf \
- CURLOPT_NOPROGRESS.pdf \
- CURLOPT_NOPROXY.pdf \
- CURLOPT_NOSIGNAL.pdf \
- CURLOPT_OPENSOCKETDATA.pdf \
- CURLOPT_OPENSOCKETFUNCTION.pdf \
- CURLOPT_PASSWORD.pdf \
- CURLOPT_PATH_AS_IS.pdf \
- CURLOPT_PINNEDPUBLICKEY.pdf \
- CURLOPT_PIPEWAIT.pdf \
- CURLOPT_PORT.pdf \
- CURLOPT_POST.pdf \
- CURLOPT_POSTFIELDS.pdf \
- CURLOPT_POSTFIELDSIZE.pdf \
- CURLOPT_POSTFIELDSIZE_LARGE.pdf \
- CURLOPT_POSTQUOTE.pdf \
- CURLOPT_POSTREDIR.pdf \
- CURLOPT_PREQUOTE.pdf \
- CURLOPT_PRIVATE.pdf \
- CURLOPT_PROGRESSDATA.pdf \
- CURLOPT_PROGRESSFUNCTION.pdf \
- CURLOPT_PROTOCOLS.pdf \
- CURLOPT_PROXY.pdf \
- CURLOPT_PROXYAUTH.pdf \
- CURLOPT_PROXYHEADER.pdf \
- CURLOPT_PROXYPASSWORD.pdf \
- CURLOPT_PROXYPORT.pdf \
- CURLOPT_PROXYTYPE.pdf \
- CURLOPT_PROXYUSERNAME.pdf \
- CURLOPT_PROXYUSERPWD.pdf \
- CURLOPT_PROXY_SERVICE_NAME.pdf \
- CURLOPT_PROXY_TRANSFER_MODE.pdf \
- CURLOPT_PUT.pdf \
- CURLOPT_QUOTE.pdf \
- CURLOPT_RANDOM_FILE.pdf \
- CURLOPT_RANGE.pdf \
- CURLOPT_READDATA.pdf \
- CURLOPT_READFUNCTION.pdf \
- CURLOPT_REDIR_PROTOCOLS.pdf \
- CURLOPT_REFERER.pdf \
- CURLOPT_RESOLVE.pdf \
- CURLOPT_RESUME_FROM.pdf \
- CURLOPT_RESUME_FROM_LARGE.pdf \
- CURLOPT_RTSP_CLIENT_CSEQ.pdf \
- CURLOPT_RTSP_REQUEST.pdf \
- CURLOPT_RTSP_SERVER_CSEQ.pdf \
- CURLOPT_RTSP_SESSION_ID.pdf \
- CURLOPT_RTSP_STREAM_URI.pdf \
- CURLOPT_RTSP_TRANSPORT.pdf \
- CURLOPT_SASL_IR.pdf \
- CURLOPT_SEEKDATA.pdf \
- CURLOPT_SEEKFUNCTION.pdf \
- CURLOPT_SERVICE_NAME.pdf \
- CURLOPT_SHARE.pdf \
- CURLOPT_SOCKOPTDATA.pdf \
- CURLOPT_SOCKOPTFUNCTION.pdf \
- CURLOPT_SOCKS5_GSSAPI_NEC.pdf \
- CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf \
- CURLOPT_SSH_AUTH_TYPES.pdf \
- CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf \
- CURLOPT_SSH_KEYDATA.pdf \
- CURLOPT_SSH_KEYFUNCTION.pdf \
- CURLOPT_SSH_KNOWNHOSTS.pdf \
- CURLOPT_SSH_PRIVATE_KEYFILE.pdf \
- CURLOPT_SSH_PUBLIC_KEYFILE.pdf \
- CURLOPT_SSLCERT.pdf \
- CURLOPT_SSLCERTTYPE.pdf \
- CURLOPT_SSLENGINE.pdf \
- CURLOPT_SSLENGINE_DEFAULT.pdf \
- CURLOPT_SSLKEY.pdf \
- CURLOPT_SSLKEYTYPE.pdf \
- CURLOPT_SSLVERSION.pdf \
- CURLOPT_SSL_CIPHER_LIST.pdf \
- CURLOPT_SSL_CTX_DATA.pdf \
- CURLOPT_SSL_CTX_FUNCTION.pdf \
- CURLOPT_SSL_ENABLE_ALPN.pdf \
- CURLOPT_SSL_ENABLE_NPN.pdf \
- CURLOPT_SSL_FALSESTART.pdf \
- CURLOPT_SSL_OPTIONS.pdf \
- CURLOPT_SSL_SESSIONID_CACHE.pdf \
- CURLOPT_SSL_VERIFYHOST.pdf \
- CURLOPT_SSL_VERIFYPEER.pdf \
- CURLOPT_SSL_VERIFYSTATUS.pdf \
- CURLOPT_STDERR.pdf \
- CURLOPT_STREAM_DEPENDS.pdf \
- CURLOPT_STREAM_DEPENDS_E.pdf \
- CURLOPT_STREAM_WEIGHT.pdf \
- CURLOPT_TCP_FASTOPEN.pdf \
- CURLOPT_TCP_KEEPALIVE.pdf \
- CURLOPT_TCP_KEEPIDLE.pdf \
- CURLOPT_TCP_KEEPINTVL.pdf \
- CURLOPT_TCP_NODELAY.pdf \
- CURLOPT_TELNETOPTIONS.pdf \
- CURLOPT_TFTP_BLKSIZE.pdf \
- CURLOPT_TFTP_NO_OPTIONS.pdf \
- CURLOPT_TIMECONDITION.pdf \
- CURLOPT_TIMEOUT.pdf \
- CURLOPT_TIMEOUT_MS.pdf \
- CURLOPT_TIMEVALUE.pdf \
- CURLOPT_TLSAUTH_PASSWORD.pdf \
- CURLOPT_TLSAUTH_TYPE.pdf \
- CURLOPT_TLSAUTH_USERNAME.pdf \
- CURLOPT_TRANSFERTEXT.pdf \
- CURLOPT_TRANSFER_ENCODING.pdf \
- CURLOPT_UNIX_SOCKET_PATH.pdf \
- CURLOPT_UNRESTRICTED_AUTH.pdf \
- CURLOPT_UPLOAD.pdf \
- CURLOPT_URL.pdf \
- CURLOPT_USERAGENT.pdf \
- CURLOPT_USERNAME.pdf \
- CURLOPT_USERPWD.pdf \
- CURLOPT_USE_SSL.pdf \
- CURLOPT_VERBOSE.pdf \
- CURLOPT_WILDCARDMATCH.pdf \
- CURLOPT_WRITEDATA.pdf \
- CURLOPT_WRITEFUNCTION.pdf \
- CURLOPT_XFERINFODATA.pdf \
- CURLOPT_XFERINFOFUNCTION.pdf \
- CURLOPT_XOAUTH2_BEARER.pdf
+HTMLPAGES = $(man_MANS:.3=.html)
-CLEANFILES = $(HTMLPAGES) $(PDFPAGES)
+PDFPAGES = $(man_MANS:.3=.pdf)
-EXTRA_DIST = $(man_MANS) $(HTMLPAGES) $(PDFPAGES)
+CLEANFILES = $(HTMLPAGES) $(PDFPAGES) $(man_DISTMANS)
+
+EXTRA_DIST = $(man_MANS) CMakeLists.txt
MAN2HTML= roffit --mandir=. $< >$@
SUFFIXES = .3 .html
@@ -907,3 +53,9 @@ pdf: $(PDFPAGES)
mancheck:
@cd $(top_srcdir)/docs/libcurl/opts && ls `awk -F, '!/OBSOLETE/ && /^
CINIT/ { a=substr($$1, 9); print "CURLOPT_" a ".3"}'
$(top_srcdir)/include/curl/curl.h`
+ rm -f in_temp
+ @(for a in $(man_MANS); do echo $$a >>in_temp; done)
+ sort in_temp > in_makefile
+ ls CURL*.3 > in_directory
+ -diff -u in_makefile in_directory
+ rm in_temp in_directory in_makefile
diff --git a/docs/libcurl/opts/Makefile.inc b/docs/libcurl/opts/Makefile.inc
new file mode 100644
index 000000000..c3db5d225
--- /dev/null
+++ b/docs/libcurl/opts/Makefile.inc
@@ -0,0 +1,321 @@
+# Shared between Makefile.am and CMakeLists.txt
+
+man_MANS = \
+ CURLINFO_ACTIVESOCKET.3 \
+ CURLINFO_APPCONNECT_TIME.3 \
+ CURLINFO_CERTINFO.3 \
+ CURLINFO_CONDITION_UNMET.3 \
+ CURLINFO_CONNECT_TIME.3 \
+ CURLINFO_CONTENT_LENGTH_DOWNLOAD.3 \
+ CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3 \
+ CURLINFO_CONTENT_LENGTH_UPLOAD.3 \
+ CURLINFO_CONTENT_LENGTH_UPLOAD_T.3 \
+ CURLINFO_CONTENT_TYPE.3 \
+ CURLINFO_COOKIELIST.3 \
+ CURLINFO_EFFECTIVE_URL.3 \
+ CURLINFO_FILETIME.3 \
+ CURLINFO_FTP_ENTRY_PATH.3 \
+ CURLINFO_HEADER_SIZE.3 \
+ CURLINFO_HTTPAUTH_AVAIL.3 \
+ CURLINFO_HTTP_CONNECTCODE.3 \
+ CURLINFO_HTTP_VERSION.3 \
+ CURLINFO_LASTSOCKET.3 \
+ CURLINFO_LOCAL_IP.3 \
+ CURLINFO_LOCAL_PORT.3 \
+ CURLINFO_NAMELOOKUP_TIME.3 \
+ CURLINFO_NUM_CONNECTS.3 \
+ CURLINFO_OS_ERRNO.3 \
+ CURLINFO_PRETRANSFER_TIME.3 \
+ CURLINFO_PRIMARY_IP.3 \
+ CURLINFO_PRIMARY_PORT.3 \
+ CURLINFO_PRIVATE.3 \
+ CURLINFO_PROTOCOL.3 \
+ CURLINFO_PROXYAUTH_AVAIL.3 \
+ CURLINFO_PROXY_SSL_VERIFYRESULT.3 \
+ CURLINFO_REDIRECT_COUNT.3 \
+ CURLINFO_REDIRECT_TIME.3 \
+ CURLINFO_REDIRECT_URL.3 \
+ CURLINFO_REQUEST_SIZE.3 \
+ CURLINFO_RESPONSE_CODE.3 \
+ CURLINFO_RTSP_CLIENT_CSEQ.3 \
+ CURLINFO_RTSP_CSEQ_RECV.3 \
+ CURLINFO_RTSP_SERVER_CSEQ.3 \
+ CURLINFO_RTSP_SESSION_ID.3 \
+ CURLINFO_SCHEME.3 \
+ CURLINFO_SIZE_DOWNLOAD.3 \
+ CURLINFO_SIZE_DOWNLOAD_T.3 \
+ CURLINFO_SIZE_UPLOAD.3 \
+ CURLINFO_SIZE_UPLOAD_T.3 \
+ CURLINFO_SPEED_DOWNLOAD.3 \
+ CURLINFO_SPEED_DOWNLOAD_T.3 \
+ CURLINFO_SPEED_UPLOAD.3 \
+ CURLINFO_SPEED_UPLOAD_T.3 \
+ CURLINFO_SSL_ENGINES.3 \
+ CURLINFO_SSL_VERIFYRESULT.3 \
+ CURLINFO_STARTTRANSFER_TIME.3 \
+ CURLINFO_TLS_SESSION.3 \
+ CURLINFO_TLS_SSL_PTR.3 \
+ CURLINFO_TOTAL_TIME.3 \
+ CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 \
+ CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 \
+ CURLMOPT_MAXCONNECTS.3 \
+ CURLMOPT_MAX_HOST_CONNECTIONS.3 \
+ CURLMOPT_MAX_PIPELINE_LENGTH.3 \
+ CURLMOPT_MAX_TOTAL_CONNECTIONS.3 \
+ CURLMOPT_PIPELINING.3 \
+ CURLMOPT_PIPELINING_SERVER_BL.3 \
+ CURLMOPT_PIPELINING_SITE_BL.3 \
+ CURLMOPT_PUSHDATA.3 \
+ CURLMOPT_PUSHFUNCTION.3 \
+ CURLMOPT_SOCKETDATA.3 \
+ CURLMOPT_SOCKETFUNCTION.3 \
+ CURLMOPT_TIMERDATA.3 \
+ CURLMOPT_TIMERFUNCTION.3 \
+ CURLOPT_ABSTRACT_UNIX_SOCKET.3 \
+ CURLOPT_ACCEPTTIMEOUT_MS.3 \
+ CURLOPT_ACCEPT_ENCODING.3 \
+ CURLOPT_ADDRESS_SCOPE.3 \
+ CURLOPT_APPEND.3 \
+ CURLOPT_AUTOREFERER.3 \
+ CURLOPT_BUFFERSIZE.3 \
+ CURLOPT_CAINFO.3 \
+ CURLOPT_CAPATH.3 \
+ CURLOPT_CERTINFO.3 \
+ CURLOPT_CHUNK_BGN_FUNCTION.3 \
+ CURLOPT_CHUNK_DATA.3 \
+ CURLOPT_CHUNK_END_FUNCTION.3 \
+ CURLOPT_CLOSESOCKETDATA.3 \
+ CURLOPT_CLOSESOCKETFUNCTION.3 \
+ CURLOPT_CONNECTTIMEOUT.3 \
+ CURLOPT_CONNECTTIMEOUT_MS.3 \
+ CURLOPT_CONNECT_ONLY.3 \
+ CURLOPT_CONNECT_TO.3 \
+ CURLOPT_CONV_FROM_NETWORK_FUNCTION.3 \
+ CURLOPT_CONV_FROM_UTF8_FUNCTION.3 \
+ CURLOPT_CONV_TO_NETWORK_FUNCTION.3 \
+ CURLOPT_COOKIE.3 \
+ CURLOPT_COOKIEFILE.3 \
+ CURLOPT_COOKIEJAR.3 \
+ CURLOPT_COOKIELIST.3 \
+ CURLOPT_COOKIESESSION.3 \
+ CURLOPT_COPYPOSTFIELDS.3 \
+ CURLOPT_CRLF.3 \
+ CURLOPT_CRLFILE.3 \
+ CURLOPT_CUSTOMREQUEST.3 \
+ CURLOPT_DEBUGDATA.3 \
+ CURLOPT_DEBUGFUNCTION.3 \
+ CURLOPT_DEFAULT_PROTOCOL.3 \
+ CURLOPT_DIRLISTONLY.3 \
+ CURLOPT_DNS_CACHE_TIMEOUT.3 \
+ CURLOPT_DNS_INTERFACE.3 \
+ CURLOPT_DNS_LOCAL_IP4.3 \
+ CURLOPT_DNS_LOCAL_IP6.3 \
+ CURLOPT_DNS_SERVERS.3 \
+ CURLOPT_DNS_USE_GLOBAL_CACHE.3 \
+ CURLOPT_EGDSOCKET.3 \
+ CURLOPT_ERRORBUFFER.3 \
+ CURLOPT_EXPECT_100_TIMEOUT_MS.3 \
+ CURLOPT_FAILONERROR.3 \
+ CURLOPT_FILETIME.3 \
+ CURLOPT_FNMATCH_DATA.3 \
+ CURLOPT_FNMATCH_FUNCTION.3 \
+ CURLOPT_FOLLOWLOCATION.3 \
+ CURLOPT_FORBID_REUSE.3 \
+ CURLOPT_FRESH_CONNECT.3 \
+ CURLOPT_FTPPORT.3 \
+ CURLOPT_FTPSSLAUTH.3 \
+ CURLOPT_FTP_ACCOUNT.3 \
+ CURLOPT_FTP_ALTERNATIVE_TO_USER.3 \
+ CURLOPT_FTP_CREATE_MISSING_DIRS.3 \
+ CURLOPT_FTP_FILEMETHOD.3 \
+ CURLOPT_FTP_RESPONSE_TIMEOUT.3 \
+ CURLOPT_FTP_SKIP_PASV_IP.3 \
+ CURLOPT_FTP_SSL_CCC.3 \
+ CURLOPT_FTP_USE_EPRT.3 \
+ CURLOPT_FTP_USE_EPSV.3 \
+ CURLOPT_FTP_USE_PRET.3 \
+ CURLOPT_GSSAPI_DELEGATION.3 \
+ CURLOPT_HEADER.3 \
+ CURLOPT_HEADERDATA.3 \
+ CURLOPT_HEADERFUNCTION.3 \
+ CURLOPT_HEADEROPT.3 \
+ CURLOPT_HTTP200ALIASES.3 \
+ CURLOPT_HTTPAUTH.3 \
+ CURLOPT_HTTPGET.3 \
+ CURLOPT_HTTPHEADER.3 \
+ CURLOPT_HTTPPOST.3 \
+ CURLOPT_HTTPPROXYTUNNEL.3 \
+ CURLOPT_HTTP_CONTENT_DECODING.3 \
+ CURLOPT_HTTP_TRANSFER_DECODING.3 \
+ CURLOPT_HTTP_VERSION.3 \
+ CURLOPT_IGNORE_CONTENT_LENGTH.3 \
+ CURLOPT_INFILESIZE.3 \
+ CURLOPT_INFILESIZE_LARGE.3 \
+ CURLOPT_INTERFACE.3 \
+ CURLOPT_INTERLEAVEDATA.3 \
+ CURLOPT_INTERLEAVEFUNCTION.3 \
+ CURLOPT_IOCTLDATA.3 \
+ CURLOPT_IOCTLFUNCTION.3 \
+ CURLOPT_IPRESOLVE.3 \
+ CURLOPT_ISSUERCERT.3 \
+ CURLOPT_KEEP_SENDING_ON_ERROR.3 \
+ CURLOPT_KEYPASSWD.3 \
+ CURLOPT_KRBLEVEL.3 \
+ CURLOPT_LOCALPORT.3 \
+ CURLOPT_LOCALPORTRANGE.3 \
+ CURLOPT_LOGIN_OPTIONS.3 \
+ CURLOPT_LOW_SPEED_LIMIT.3 \
+ CURLOPT_LOW_SPEED_TIME.3 \
+ CURLOPT_MAIL_AUTH.3 \
+ CURLOPT_MAIL_FROM.3 \
+ CURLOPT_MAIL_RCPT.3 \
+ CURLOPT_MAXCONNECTS.3 \
+ CURLOPT_MAXFILESIZE.3 \
+ CURLOPT_MAXFILESIZE_LARGE.3 \
+ CURLOPT_MAXREDIRS.3 \
+ CURLOPT_MAX_RECV_SPEED_LARGE.3 \
+ CURLOPT_MAX_SEND_SPEED_LARGE.3 \
+ CURLOPT_NETRC.3 \
+ CURLOPT_NETRC_FILE.3 \
+ CURLOPT_NEW_DIRECTORY_PERMS.3 \
+ CURLOPT_NEW_FILE_PERMS.3 \
+ CURLOPT_NOBODY.3 \
+ CURLOPT_NOPROGRESS.3 \
+ CURLOPT_NOPROXY.3 \
+ CURLOPT_NOSIGNAL.3 \
+ CURLOPT_OPENSOCKETDATA.3 \
+ CURLOPT_OPENSOCKETFUNCTION.3 \
+ CURLOPT_PASSWORD.3 \
+ CURLOPT_PATH_AS_IS.3 \
+ CURLOPT_PINNEDPUBLICKEY.3 \
+ CURLOPT_PIPEWAIT.3 \
+ CURLOPT_PORT.3 \
+ CURLOPT_POST.3 \
+ CURLOPT_POSTFIELDS.3 \
+ CURLOPT_POSTFIELDSIZE.3 \
+ CURLOPT_POSTFIELDSIZE_LARGE.3 \
+ CURLOPT_POSTQUOTE.3 \
+ CURLOPT_POSTREDIR.3 \
+ CURLOPT_PREQUOTE.3 \
+ CURLOPT_PRE_PROXY.3 \
+ CURLOPT_PRIVATE.3 \
+ CURLOPT_PROGRESSDATA.3 \
+ CURLOPT_PROGRESSFUNCTION.3 \
+ CURLOPT_PROTOCOLS.3 \
+ CURLOPT_PROXY.3 \
+ CURLOPT_PROXYAUTH.3 \
+ CURLOPT_PROXYHEADER.3 \
+ CURLOPT_PROXYPASSWORD.3 \
+ CURLOPT_PROXYPORT.3 \
+ CURLOPT_PROXYTYPE.3 \
+ CURLOPT_PROXYUSERNAME.3 \
+ CURLOPT_PROXYUSERPWD.3 \
+ CURLOPT_PROXY_CAINFO.3 \
+ CURLOPT_PROXY_CAPATH.3 \
+ CURLOPT_PROXY_CRLFILE.3 \
+ CURLOPT_PROXY_KEYPASSWD.3 \
+ CURLOPT_PROXY_PINNEDPUBLICKEY.3 \
+ CURLOPT_PROXY_SERVICE_NAME.3 \
+ CURLOPT_PROXY_SSLCERT.3 \
+ CURLOPT_PROXY_SSLCERTTYPE.3 \
+ CURLOPT_PROXY_SSLKEY.3 \
+ CURLOPT_PROXY_SSLKEYTYPE.3 \
+ CURLOPT_PROXY_SSLVERSION.3 \
+ CURLOPT_PROXY_SSL_CIPHER_LIST.3 \
+ CURLOPT_PROXY_SSL_OPTIONS.3 \
+ CURLOPT_PROXY_SSL_VERIFYHOST.3 \
+ CURLOPT_PROXY_SSL_VERIFYPEER.3 \
+ CURLOPT_PROXY_TLSAUTH_PASSWORD.3 \
+ CURLOPT_PROXY_TLSAUTH_TYPE.3 \
+ CURLOPT_PROXY_TLSAUTH_USERNAME.3 \
+ CURLOPT_PROXY_TRANSFER_MODE.3 \
+ CURLOPT_PUT.3 \
+ CURLOPT_QUOTE.3 \
+ CURLOPT_RANDOM_FILE.3 \
+ CURLOPT_RANGE.3 \
+ CURLOPT_READDATA.3 \
+ CURLOPT_READFUNCTION.3 \
+ CURLOPT_REDIR_PROTOCOLS.3 \
+ CURLOPT_REFERER.3 \
+ CURLOPT_REQUEST_TARGET.3 \
+ CURLOPT_RESOLVE.3 \
+ CURLOPT_RESUME_FROM.3 \
+ CURLOPT_RESUME_FROM_LARGE.3 \
+ CURLOPT_RTSP_CLIENT_CSEQ.3 \
+ CURLOPT_RTSP_REQUEST.3 \
+ CURLOPT_RTSP_SERVER_CSEQ.3 \
+ CURLOPT_RTSP_SESSION_ID.3 \
+ CURLOPT_RTSP_STREAM_URI.3 \
+ CURLOPT_RTSP_TRANSPORT.3 \
+ CURLOPT_SASL_IR.3 \
+ CURLOPT_SEEKDATA.3 \
+ CURLOPT_SEEKFUNCTION.3 \
+ CURLOPT_SERVICE_NAME.3 \
+ CURLOPT_SHARE.3 \
+ CURLOPT_SOCKOPTDATA.3 \
+ CURLOPT_SOCKOPTFUNCTION.3 \
+ CURLOPT_SOCKS5_AUTH.3 \
+ CURLOPT_SOCKS5_GSSAPI_NEC.3 \
+ CURLOPT_SOCKS5_GSSAPI_SERVICE.3 \
+ CURLOPT_SSH_AUTH_TYPES.3 \
+ CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3 \
+ CURLOPT_SSH_KEYDATA.3 \
+ CURLOPT_SSH_KEYFUNCTION.3 \
+ CURLOPT_SSH_KNOWNHOSTS.3 \
+ CURLOPT_SSH_PRIVATE_KEYFILE.3 \
+ CURLOPT_SSH_PUBLIC_KEYFILE.3 \
+ CURLOPT_SSLCERT.3 \
+ CURLOPT_SSLCERTTYPE.3 \
+ CURLOPT_SSLENGINE.3 \
+ CURLOPT_SSLENGINE_DEFAULT.3 \
+ CURLOPT_SSLKEY.3 \
+ CURLOPT_SSLKEYTYPE.3 \
+ CURLOPT_SSLVERSION.3 \
+ CURLOPT_SSL_CIPHER_LIST.3 \
+ CURLOPT_SSL_CTX_DATA.3 \
+ CURLOPT_SSL_CTX_FUNCTION.3 \
+ CURLOPT_SSL_ENABLE_ALPN.3 \
+ CURLOPT_SSL_ENABLE_NPN.3 \
+ CURLOPT_SSL_FALSESTART.3 \
+ CURLOPT_SSL_OPTIONS.3 \
+ CURLOPT_SSL_SESSIONID_CACHE.3 \
+ CURLOPT_SSL_VERIFYHOST.3 \
+ CURLOPT_SSL_VERIFYPEER.3 \
+ CURLOPT_SSL_VERIFYSTATUS.3 \
+ CURLOPT_STDERR.3 \
+ CURLOPT_STREAM_DEPENDS.3 \
+ CURLOPT_STREAM_DEPENDS_E.3 \
+ CURLOPT_STREAM_WEIGHT.3 \
+ CURLOPT_SUPPRESS_CONNECT_HEADERS.3 \
+ CURLOPT_TCP_FASTOPEN.3 \
+ CURLOPT_TCP_KEEPALIVE.3 \
+ CURLOPT_TCP_KEEPIDLE.3 \
+ CURLOPT_TCP_KEEPINTVL.3 \
+ CURLOPT_TCP_NODELAY.3 \
+ CURLOPT_TELNETOPTIONS.3 \
+ CURLOPT_TFTP_BLKSIZE.3 \
+ CURLOPT_TFTP_NO_OPTIONS.3 \
+ CURLOPT_TIMECONDITION.3 \
+ CURLOPT_TIMEOUT.3 \
+ CURLOPT_TIMEOUT_MS.3 \
+ CURLOPT_TIMEVALUE.3 \
+ CURLOPT_TLSAUTH_PASSWORD.3 \
+ CURLOPT_TLSAUTH_TYPE.3 \
+ CURLOPT_TLSAUTH_USERNAME.3 \
+ CURLOPT_TRANSFERTEXT.3 \
+ CURLOPT_TRANSFER_ENCODING.3 \
+ CURLOPT_UNIX_SOCKET_PATH.3 \
+ CURLOPT_UNRESTRICTED_AUTH.3 \
+ CURLOPT_UPLOAD.3 \
+ CURLOPT_URL.3 \
+ CURLOPT_USERAGENT.3 \
+ CURLOPT_USERNAME.3 \
+ CURLOPT_USERPWD.3 \
+ CURLOPT_USE_SSL.3 \
+ CURLOPT_VERBOSE.3 \
+ CURLOPT_WILDCARDMATCH.3 \
+ CURLOPT_WRITEDATA.3 \
+ CURLOPT_WRITEFUNCTION.3 \
+ CURLOPT_XFERINFODATA.3 \
+ CURLOPT_XFERINFOFUNCTION.3 \
+ CURLOPT_XOAUTH2_BEARER.3
diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions
index e61319546..e141b6a57 100644
--- a/docs/libcurl/symbols-in-versions
+++ b/docs/libcurl/symbols-in-versions
@@ -17,6 +17,7 @@ CURLAUTH_ANYSAFE 7.10.6
CURLAUTH_BASIC 7.10.6
CURLAUTH_DIGEST 7.10.6
CURLAUTH_DIGEST_IE 7.19.3
+CURLAUTH_GSSAPI 7.55.0
CURLAUTH_GSSNEGOTIATE 7.10.6 7.38.0
CURLAUTH_NEGOTIATE 7.38.0
CURLAUTH_NONE 7.10.6
@@ -208,7 +209,9 @@ CURLINFO_CERTINFO 7.19.1
CURLINFO_CONDITION_UNMET 7.19.4
CURLINFO_CONNECT_TIME 7.4.1
CURLINFO_CONTENT_LENGTH_DOWNLOAD 7.6.1
+CURLINFO_CONTENT_LENGTH_DOWNLOAD_T 7.55.0
CURLINFO_CONTENT_LENGTH_UPLOAD 7.6.1
+CURLINFO_CONTENT_LENGTH_UPLOAD_T 7.55.0
CURLINFO_CONTENT_TYPE 7.9.4
CURLINFO_COOKIELIST 7.14.1
CURLINFO_DATA_IN 7.9.6
@@ -234,12 +237,16 @@ CURLINFO_MASK 7.4.1
CURLINFO_NAMELOOKUP_TIME 7.4.1
CURLINFO_NONE 7.4.1
CURLINFO_NUM_CONNECTS 7.12.3
+CURLINFO_OFF_T 7.55.0
CURLINFO_OS_ERRNO 7.12.2
CURLINFO_PRETRANSFER_TIME 7.4.1
CURLINFO_PRIMARY_IP 7.19.0
CURLINFO_PRIMARY_PORT 7.21.0
CURLINFO_PRIVATE 7.10.3
+CURLINFO_PROTOCOL 7.52.0
CURLINFO_PROXYAUTH_AVAIL 7.10.8
+CURLINFO_PROXY_SSL_VERIFYRESULT 7.52.0
+CURLINFO_PTR 7.54.1
CURLINFO_REDIRECT_COUNT 7.9.7
CURLINFO_REDIRECT_TIME 7.9.7
CURLINFO_REDIRECT_URL 7.18.2
@@ -249,12 +256,17 @@ CURLINFO_RTSP_CLIENT_CSEQ 7.20.0
CURLINFO_RTSP_CSEQ_RECV 7.20.0
CURLINFO_RTSP_SERVER_CSEQ 7.20.0
CURLINFO_RTSP_SESSION_ID 7.20.0
+CURLINFO_SCHEME 7.52.0
CURLINFO_SIZE_DOWNLOAD 7.4.1
+CURLINFO_SIZE_DOWNLOAD_T 7.55.0
CURLINFO_SIZE_UPLOAD 7.4.1
+CURLINFO_SIZE_UPLOAD_T 7.55.0
CURLINFO_SLIST 7.12.3
CURLINFO_SOCKET 7.45.0
CURLINFO_SPEED_DOWNLOAD 7.4.1
+CURLINFO_SPEED_DOWNLOAD_T 7.55.0
CURLINFO_SPEED_UPLOAD 7.4.1
+CURLINFO_SPEED_UPLOAD_T 7.55.0
CURLINFO_SSL_DATA_IN 7.12.1
CURLINFO_SSL_DATA_OUT 7.12.1
CURLINFO_SSL_ENGINES 7.12.3
@@ -314,6 +326,7 @@ CURLOPTTYPE_LONG 7.1
CURLOPTTYPE_OBJECTPOINT 7.1
CURLOPTTYPE_OFF_T 7.11.0
CURLOPTTYPE_STRINGPOINT 7.46.0
+CURLOPT_ABSTRACT_UNIX_SOCKET 7.53.0
CURLOPT_ACCEPTTIMEOUT_MS 7.24.0
CURLOPT_ACCEPT_ENCODING 7.21.6
CURLOPT_ADDRESS_SCOPE 7.19.0
@@ -410,6 +423,7 @@ CURLOPT_IOCTLDATA 7.12.3
CURLOPT_IOCTLFUNCTION 7.12.3
CURLOPT_IPRESOLVE 7.10.8
CURLOPT_ISSUERCERT 7.19.0
+CURLOPT_KEEP_SENDING_ON_ERROR 7.51.0
CURLOPT_KEYPASSWD 7.17.0
CURLOPT_KRB4LEVEL 7.3 7.17.0
CURLOPT_KRBLEVEL 7.16.4
@@ -455,6 +469,7 @@ CURLOPT_POSTFIELDSIZE_LARGE 7.11.1
CURLOPT_POSTQUOTE 7.1
CURLOPT_POSTREDIR 7.19.1
CURLOPT_PREQUOTE 7.9.5
+CURLOPT_PRE_PROXY 7.52.0
CURLOPT_PRIVATE 7.10.3
CURLOPT_PROGRESSDATA 7.1
CURLOPT_PROGRESSFUNCTION 7.1 7.32.0
@@ -467,7 +482,24 @@ CURLOPT_PROXYPORT 7.1
CURLOPT_PROXYTYPE 7.10
CURLOPT_PROXYUSERNAME 7.19.1
CURLOPT_PROXYUSERPWD 7.1
+CURLOPT_PROXY_CAINFO 7.52.0
+CURLOPT_PROXY_CAPATH 7.52.0
+CURLOPT_PROXY_CRLFILE 7.52.0
+CURLOPT_PROXY_KEYPASSWD 7.52.0
+CURLOPT_PROXY_PINNEDPUBLICKEY 7.52.0
CURLOPT_PROXY_SERVICE_NAME 7.43.0
+CURLOPT_PROXY_SSLCERT 7.52.0
+CURLOPT_PROXY_SSLCERTTYPE 7.52.0
+CURLOPT_PROXY_SSLKEY 7.52.0
+CURLOPT_PROXY_SSLKEYTYPE 7.52.0
+CURLOPT_PROXY_SSLVERSION 7.52.0
+CURLOPT_PROXY_SSL_CIPHER_LIST 7.52.0
+CURLOPT_PROXY_SSL_OPTIONS 7.52.0
+CURLOPT_PROXY_SSL_VERIFYHOST 7.52.0
+CURLOPT_PROXY_SSL_VERIFYPEER 7.52.0
+CURLOPT_PROXY_TLSAUTH_PASSWORD 7.52.0
+CURLOPT_PROXY_TLSAUTH_TYPE 7.52.0
+CURLOPT_PROXY_TLSAUTH_USERNAME 7.52.0
CURLOPT_PROXY_TRANSFER_MODE 7.18.0
CURLOPT_PUT 7.1
CURLOPT_QUOTE 7.1
@@ -477,6 +509,7 @@ CURLOPT_READDATA 7.9.7
CURLOPT_READFUNCTION 7.1
CURLOPT_REDIR_PROTOCOLS 7.19.4
CURLOPT_REFERER 7.1
+CURLOPT_REQUEST_TARGET 7.55.0
CURLOPT_RESOLVE 7.21.3
CURLOPT_RESUME_FROM 7.1
CURLOPT_RESUME_FROM_LARGE 7.11.0
@@ -495,6 +528,7 @@ CURLOPT_SERVICE_NAME 7.43.0
CURLOPT_SHARE 7.10
CURLOPT_SOCKOPTDATA 7.16.0
CURLOPT_SOCKOPTFUNCTION 7.16.0
+CURLOPT_SOCKS5_AUTH 7.55.0
CURLOPT_SOCKS5_GSSAPI_NEC 7.19.4
CURLOPT_SOCKS5_GSSAPI_SERVICE 7.19.4 7.49.0
CURLOPT_SOURCE_HOST 7.12.1 - 7.15.5
@@ -536,11 +570,12 @@ CURLOPT_STDERR 7.1
CURLOPT_STREAM_DEPENDS 7.46.0
CURLOPT_STREAM_DEPENDS_E 7.46.0
CURLOPT_STREAM_WEIGHT 7.46.0
+CURLOPT_SUPPRESS_CONNECT_HEADERS 7.54.0
+CURLOPT_TCP_FASTOPEN 7.49.0
CURLOPT_TCP_KEEPALIVE 7.25.0
CURLOPT_TCP_KEEPIDLE 7.25.0
CURLOPT_TCP_KEEPINTVL 7.25.0
CURLOPT_TCP_NODELAY 7.11.2
-CURLOPT_TCP_FASTOPEN 7.49.0
CURLOPT_TELNETOPTIONS 7.7
CURLOPT_TFTP_BLKSIZE 7.19.4
CURLOPT_TFTP_NO_OPTIONS 7.48.0
@@ -609,6 +644,7 @@ CURLPROTO_SMTPS 7.20.0
CURLPROTO_TELNET 7.19.4
CURLPROTO_TFTP 7.19.4
CURLPROXY_HTTP 7.10
+CURLPROXY_HTTPS 7.52.0
CURLPROXY_HTTP_1_0 7.19.4
CURLPROXY_SOCKS4 7.10
CURLPROXY_SOCKS4A 7.18.0
@@ -702,8 +738,8 @@ CURL_HTTPPOST_READFILE 7.46.0
CURL_HTTP_VERSION_1_0 7.9.1
CURL_HTTP_VERSION_1_1 7.9.1
CURL_HTTP_VERSION_2 7.43.0
-CURL_HTTP_VERSION_2_0 7.33.0
CURL_HTTP_VERSION_2TLS 7.47.0
+CURL_HTTP_VERSION_2_0 7.33.0
CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE 7.49.0
CURL_HTTP_VERSION_NONE 7.9.1
CURL_IPRESOLVE_V4 7.10.8
@@ -724,6 +760,7 @@ CURL_LOCK_TYPE_DNS 7.10 -
7.10.2
CURL_LOCK_TYPE_NONE 7.10 - 7.10.2
CURL_LOCK_TYPE_SSL_SESSION 7.10 - 7.10.2
CURL_MAX_HTTP_HEADER 7.19.7
+CURL_MAX_READ_SIZE 7.53.0
CURL_MAX_WRITE_SIZE 7.9.7
CURL_NETRC_IGNORED 7.9.8
CURL_NETRC_OPTIONAL 7.9.8
@@ -764,14 +801,21 @@ CURL_SOCKET_TIMEOUT 7.14.0
CURL_SOCKOPT_ALREADY_CONNECTED 7.21.5
CURL_SOCKOPT_ERROR 7.21.5
CURL_SOCKOPT_OK 7.21.5
-CURL_STRICTER 7.50.2
CURL_SSLVERSION_DEFAULT 7.9.2
+CURL_SSLVERSION_MAX_DEFAULT 7.54.0
+CURL_SSLVERSION_MAX_NONE 7.54.0
+CURL_SSLVERSION_MAX_TLSv1_0 7.54.0
+CURL_SSLVERSION_MAX_TLSv1_1 7.54.0
+CURL_SSLVERSION_MAX_TLSv1_2 7.54.0
+CURL_SSLVERSION_MAX_TLSv1_3 7.54.0
CURL_SSLVERSION_SSLv2 7.9.2
CURL_SSLVERSION_SSLv3 7.9.2
CURL_SSLVERSION_TLSv1 7.9.2
CURL_SSLVERSION_TLSv1_0 7.34.0
CURL_SSLVERSION_TLSv1_1 7.34.0
CURL_SSLVERSION_TLSv1_2 7.34.0
+CURL_SSLVERSION_TLSv1_3 7.52.0
+CURL_STRICTER 7.50.2
CURL_TIMECOND_IFMODSINCE 7.9.7
CURL_TIMECOND_IFUNMODSINCE 7.9.7
CURL_TIMECOND_LASTMOD 7.9.7
@@ -785,6 +829,7 @@ CURL_VERSION_DEBUG 7.10.6
CURL_VERSION_GSSAPI 7.38.0
CURL_VERSION_GSSNEGOTIATE 7.10.6 7.38.0
CURL_VERSION_HTTP2 7.33.0
+CURL_VERSION_HTTPS_PROXY 7.52.0
CURL_VERSION_IDN 7.12.0
CURL_VERSION_IPV6 7.10
CURL_VERSION_KERBEROS4 7.10 7.33.0
diff --git a/docs/mk-ca-bundle.1 b/docs/mk-ca-bundle.1
index b1ded4427..f754e74c7 100644
--- a/docs/mk-ca-bundle.1
+++ b/docs/mk-ca-bundle.1
@@ -20,18 +20,18 @@
.\" *
.\" **************************************************************************
.\"
-.TH mk-ca-bundle 1 "5 Jan 2013" "version 1.20" "mk-ca-bundle manual"
+.TH mk-ca-bundle 1 "24 Oct 2016" "version 1.27" "mk-ca-bundle manual"
.SH NAME
mk-ca-bundle \- convert mozilla's certdata.txt to PEM format
.SH SYNOPSIS
-mk-ca-bundle [bilnpqstuv]
+mk-ca-bundle [options]
.I [outputfile]
.SH DESCRIPTION
The mk-ca-bundle tool downloads the certdata.txt file from Mozilla's source
-tree over HTTP, then parses certdata.txt and extracts certificates
-into PEM format. By default, only CA root certificates trusted to issue SSL
-server authentication certificates are extracted. These are then processed with
-the OpenSSL commandline tool to produce the final ca-bundle file.
+tree over HTTPS, then parses certdata.txt and extracts certificates into PEM
+format. By default, only CA root certificates trusted to issue SSL server
+authentication certificates are extracted. These are then processed with the
+OpenSSL commandline tool to produce the final ca-bundle file.
The default \fIoutputfile\fP name is \fBca-bundle.crt\fP. By setting it to '-'
(a single dash) you will get the output sent to STDOUT instead of a file.
@@ -51,6 +51,10 @@ shortcuts for which source tree to get the cert data from.
force rebuild even if certdata.txt is current (Added in version 1.17)
.IP -i
print version info about used modules
+.IP -k
+Allow insecure data transfer. By default (since 1.27) this command will fail
+if the HTTPS transfer fails. This overrides that decision (and opens for
+man-in-the-middle attacks).
.IP -l
print license info about certdata.txt
.IP -m
@@ -103,7 +107,7 @@ Returns 0 on success. Returns 1 if it fails to download
data.
.SH CERTDATA FORMAT
The file format used by Mozilla for this trust information seems to be
documented here:
.nf
-http://p11-glue.freedesktop.org/doc/storing-trust-policy/storing-trust-existing.html
+https://p11-glue.freedesktop.org/doc/storing-trust-policy/storing-trust-existing.html
.fi
.SH SEE ALSO
.BR curl (1)
diff --git a/guix-gnurl.scm b/guix-gnurl.scm
new file mode 100644
index 000000000..f08f17f6d
--- /dev/null
+++ b/guix-gnurl.scm
@@ -0,0 +1,46 @@
+;;;
/***************************************************************************
+;;; *
+;;; *
+;;; * Copyright (C) 2016, 2017 ng0 <address@hidden>.
+;;; *
+;;; * This file is an appendum to gnurl.
+;;; *
+;;; * This software is licensed as described in the file COPYING, which
+;;; * you should have received as part of this distribution. The terms
+;;; * are also available at https://curl.haxx.se/docs/copyright.html.
+;;; *
+;;; * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+;;; * copies of the Software, and permit persons to whom the Software is
+;;; * furnished to do so, under the terms of the COPYING file.
+;;; *
+;;; * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+;;; * KIND, either express or implied.
+;;; *
+;;;
***************************************************************************/
+
+
+(use-modules
+ (ice-9 popen)
+ (ice-9 match)
+ (ice-9 rdelim)
+ (guix packages)
+ (guix build-system gnu)
+ (guix gexp)
+ ((guix build utils) #:select (with-directory-excursion))
+ (gnu packages)
+ (gnu packages base)
+ (gnu packages autotools)
+ (gnu packages gnunet))
+
+(define %source-dir (dirname (current-filename)))
+
+(define-public gnurl-git
+ (package
+ (inherit gnurl)
+ (name "gnurl-git")
+ (version (string-append "7.55.1-" "dev"))
+ (source
+ (local-file %source-dir
+ #:recursive? #t))))
+
+gnurl-git
diff --git a/include/Makefile.am b/include/Makefile.am
index 3b2486029..3d036b8ff 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = curl
+SUBDIRS = gnurl
EXTRA_DIST = README
diff --git a/include/README b/include/README
index 3e52a1d0a..0fc8f66d9 100644
--- a/include/README
+++ b/include/README
@@ -9,38 +9,16 @@ Include files for libcurl, external users.
They're all placed in the curl subdirectory here for better fit in any kind
of environment. You must include files from here using...
- #include <curl/curl.h>
+ #include <gnurl/curl.h>
... style and point the compiler's include path to the directory holding the
curl subdirectory. It makes it more likely to survive future modifications.
NOTE FOR LIBCURL HACKERS
-The following notes apply to libcurl version 7.19.0 and later.
-
-* The distributed curl/curlbuild.h file is only intended to be used on systems
- which can not run the also distributed configure script.
-
-* The distributed curlbuild.h file is generated as a copy of curlbuild.h.dist
- when the libcurl source code distribution archive file is originally created.
-
* If you check out from git on a non-configure platform, you must run the
- appropriate buildconf* script to set up curlbuild.h and other local files
- before being able of compiling the library.
-
-* On systems capable of running the configure script, the configure process
- will overwrite the distributed include/curl/curlbuild.h file with one that
- is suitable and specific to the library being configured and built, which
- is generated from the include/curl/curlbuild.h.in template file.
-
-* If you intend to distribute an already compiled libcurl library you _MUST_
- also distribute along with it the generated curl/curlbuild.h which has been
- used to compile it. Otherwise the library will be of no use for the users of
- the library that you have built. It is _your_ responsibility to provide this
- file. No one at the cURL project can know how you have built the library.
-
-* File curl/curlbuild.h includes platform and configuration dependent info,
- and must not be modified by anyone. Configure script generates it for you.
+ appropriate buildconf* script to set up files before being able of compiling
+ the library.
* We cannot assume anything else but very basic compiler features being
present. While libcurl requires an ANSI C compiler to build, some of the
diff --git a/include/curl/.gitignore b/include/curl/.gitignore
deleted file mode 100644
index 228a961fb..000000000
--- a/include/curl/.gitignore
+++ /dev/null
@@ -1,4 +0,0 @@
-curlbuild.h
-curlver.h.dist
-stamp-h2
-stamp-h3
diff --git a/include/curl/Makefile.am b/include/curl/Makefile.am
deleted file mode 100644
index 7c924fcb5..000000000
--- a/include/curl/Makefile.am
+++ /dev/null
@@ -1,53 +0,0 @@
-#***************************************************************************
-# _ _ ____ _
-# Project ___| | | | _ \| |
-# / __| | | | |_) | |
-# | (__| |_| | _ <| |___
-# \___|\___/|_| \_\_____|
-#
-# Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
-#
-# This software is licensed as described in the file COPYING, which
-# you should have received as part of this distribution. The terms
-# are also available at https://curl.haxx.se/docs/copyright.html.
-#
-# You may opt to use, copy, modify, merge, publish, distribute and/or sell
-# copies of the Software, and permit persons to whom the Software is
-# furnished to do so, under the terms of the COPYING file.
-#
-# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-# KIND, either express or implied.
-#
-###########################################################################
-pkginclude_HEADERS = \
- curl.h curlver.h easy.h mprintf.h stdcheaders.h multi.h \
- typecheck-gcc.h curlbuild.h curlrules.h
-
-pkgincludedir= $(includedir)/curl
-
-# curlbuild.h does not exist in the git tree. When the original libcurl
-# source code distribution archive file is created, curlbuild.h.dist is
-# renamed to curlbuild.h and included in the tarball so that it can be
-# used directly on non-configure systems.
-#
-# The distributed curlbuild.h will be overwritten on configure systems
-# when the configure script runs, with one that is suitable and specific
-# to the library being configured and built.
-#
-# curlbuild.h.in is the distributed template file from which the configure
-# script creates curlbuild.h at library configuration time, overwiting the
-# one included in the distribution archive.
-#
-# curlbuild.h.dist is not included in the source code distribution archive.
-
-EXTRA_DIST = curlbuild.h.in
-
-DISTCLEANFILES = curlbuild.h
-
-checksrc:
- @@PERL@ $(top_srcdir)/lib/checksrc.pl -Wcurlbuild.h
-D$(top_srcdir)/include/curl $(pkginclude_HEADERS) $(EXTRA_DIST)
-
-if CURLDEBUG
-# for debug builds, we scan the sources on all regular make invokes
-all-local: checksrc
-endif
diff --git a/include/curl/curl.h b/include/curl/curl.h
deleted file mode 100644
index 0ac238c28..000000000
--- a/include/curl/curl.h
+++ /dev/null
@@ -1,2450 +0,0 @@
-#ifndef __CURL_CURL_H
-#define __CURL_CURL_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-/*
- * If you have libcurl problems, all docs and details are found here:
- * https://curl.haxx.se/libcurl/
- *
- * curl-library mailing list subscription and unsubscription web interface:
- * https://cool.haxx.se/mailman/listinfo/curl-library/
- */
-
-#ifdef CURL_NO_OLDIES
-#define CURL_STRICTER
-#endif
-
-#include "curlver.h" /* libcurl version defines */
-#include "curlbuild.h" /* libcurl build definitions */
-#include "curlrules.h" /* libcurl rules enforcement */
-
-/*
- * Define WIN32 when build target is Win32 API
- */
-
-#if (defined(_WIN32) || defined(__WIN32__)) && \
- !defined(WIN32) && !defined(__SYMBIAN32__)
-#define WIN32
-#endif
-
-#include <stdio.h>
-#include <limits.h>
-
-#if defined(__FreeBSD__) && (__FreeBSD__ >= 2)
-/* Needed for __FreeBSD_version symbol definition */
-#include <osreldate.h>
-#endif
-
-/* The include stuff here below is mainly for time_t! */
-#include <sys/types.h>
-#include <time.h>
-
-#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__CYGWIN__)
-#if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H) || \
- defined(__LWIP_OPT_H__) || defined(LWIP_HDR_OPT_H))
-/* The check above prevents the winsock2 inclusion if winsock.h already was
- included, since they can't co-exist without problems */
-#include <winsock2.h>
-#include <ws2tcpip.h>
-#endif
-#endif
-
-/* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
- libc5-based Linux systems. Only include it on systems that are known to
- require it! */
-#if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || \
- defined(__minix) || defined(__SYMBIAN32__) || defined(__INTEGRITY) || \
- defined(ANDROID) || defined(__ANDROID__) || defined(__OpenBSD__) || \
- (defined(__FreeBSD_version) && (__FreeBSD_version < 800000))
-#include <sys/select.h>
-#endif
-
-#if !defined(WIN32) && !defined(_WIN32_WCE)
-#include <sys/socket.h>
-#endif
-
-#if !defined(WIN32) && !defined(__WATCOMC__) && !defined(__VXWORKS__)
-#include <sys/time.h>
-#endif
-
-#ifdef __BEOS__
-#include <support/SupportDefs.h>
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(BUILDING_LIBCURL) || defined(CURL_STRICTER)
-typedef struct Curl_easy CURL;
-typedef struct Curl_share CURLSH;
-#else
-typedef void CURL;
-typedef void CURLSH;
-#endif
-
-/*
- * libcurl external API function linkage decorations.
- */
-
-#ifdef CURL_STATICLIB
-# define CURL_EXTERN
-#elif defined(WIN32) || defined(_WIN32) || defined(__SYMBIAN32__)
-# if defined(BUILDING_LIBCURL)
-# define CURL_EXTERN __declspec(dllexport)
-# else
-# define CURL_EXTERN __declspec(dllimport)
-# endif
-#elif defined(BUILDING_LIBCURL) && defined(CURL_HIDDEN_SYMBOLS)
-# define CURL_EXTERN CURL_EXTERN_SYMBOL
-#else
-# define CURL_EXTERN
-#endif
-
-#ifndef curl_socket_typedef
-/* socket typedef */
-#if defined(WIN32) && !defined(__LWIP_OPT_H__) && !defined(LWIP_HDR_OPT_H)
-typedef SOCKET curl_socket_t;
-#define CURL_SOCKET_BAD INVALID_SOCKET
-#else
-typedef int curl_socket_t;
-#define CURL_SOCKET_BAD -1
-#endif
-#define curl_socket_typedef
-#endif /* curl_socket_typedef */
-
-struct curl_httppost {
- struct curl_httppost *next; /* next entry in the list */
- char *name; /* pointer to allocated name */
- long namelength; /* length of name length */
- char *contents; /* pointer to allocated data contents */
- long contentslength; /* length of contents field, see also
- CURL_HTTPPOST_LARGE */
- char *buffer; /* pointer to allocated buffer contents */
- long bufferlength; /* length of buffer field */
- char *contenttype; /* Content-Type */
- struct curl_slist* contentheader; /* list of extra headers for this form */
- struct curl_httppost *more; /* if one field name has more than one
- file, this link should link to following
- files */
- long flags; /* as defined below */
-
-/* specified content is a file name */
-#define CURL_HTTPPOST_FILENAME (1<<0)
-/* specified content is a file name */
-#define CURL_HTTPPOST_READFILE (1<<1)
-/* name is only stored pointer do not free in formfree */
-#define CURL_HTTPPOST_PTRNAME (1<<2)
-/* contents is only stored pointer do not free in formfree */
-#define CURL_HTTPPOST_PTRCONTENTS (1<<3)
-/* upload file from buffer */
-#define CURL_HTTPPOST_BUFFER (1<<4)
-/* upload file from pointer contents */
-#define CURL_HTTPPOST_PTRBUFFER (1<<5)
-/* upload file contents by using the regular read callback to get the data and
- pass the given pointer as custom pointer */
-#define CURL_HTTPPOST_CALLBACK (1<<6)
-/* use size in 'contentlen', added in 7.46.0 */
-#define CURL_HTTPPOST_LARGE (1<<7)
-
- char *showfilename; /* The file name to show. If not set, the
- actual file name will be used (if this
- is a file part) */
- void *userp; /* custom pointer used for
- HTTPPOST_CALLBACK posts */
- curl_off_t contentlen; /* alternative length of contents
- field. Used if CURL_HTTPPOST_LARGE is
- set. Added in 7.46.0 */
-};
-
-/* This is the CURLOPT_PROGRESSFUNCTION callback proto. It is now considered
- deprecated but was the only choice up until 7.31.0 */
-typedef int (*curl_progress_callback)(void *clientp,
- double dltotal,
- double dlnow,
- double ultotal,
- double ulnow);
-
-/* This is the CURLOPT_XFERINFOFUNCTION callback proto. It was introduced in
- 7.32.0, it avoids floating point and provides more detailed information. */
-typedef int (*curl_xferinfo_callback)(void *clientp,
- curl_off_t dltotal,
- curl_off_t dlnow,
- curl_off_t ultotal,
- curl_off_t ulnow);
-
-#ifndef CURL_MAX_WRITE_SIZE
- /* Tests have proven that 20K is a very bad buffer size for uploads on
- Windows, while 16K for some odd reason performed a lot better.
- We do the ifndef check to allow this value to easier be changed at build
- time for those who feel adventurous. The practical minimum is about
- 400 bytes since libcurl uses a buffer of this size as a scratch area
- (unrelated to network send operations). */
-#define CURL_MAX_WRITE_SIZE 16384
-#endif
-
-#ifndef CURL_MAX_HTTP_HEADER
-/* The only reason to have a max limit for this is to avoid the risk of a bad
- server feeding libcurl with a never-ending header that will cause reallocs
- infinitely */
-#define CURL_MAX_HTTP_HEADER (100*1024)
-#endif
-
-/* This is a magic return code for the write callback that, when returned,
- will signal libcurl to pause receiving on the current transfer. */
-#define CURL_WRITEFUNC_PAUSE 0x10000001
-
-typedef size_t (*curl_write_callback)(char *buffer,
- size_t size,
- size_t nitems,
- void *outstream);
-
-
-
-/* enumeration of file types */
-typedef enum {
- CURLFILETYPE_FILE = 0,
- CURLFILETYPE_DIRECTORY,
- CURLFILETYPE_SYMLINK,
- CURLFILETYPE_DEVICE_BLOCK,
- CURLFILETYPE_DEVICE_CHAR,
- CURLFILETYPE_NAMEDPIPE,
- CURLFILETYPE_SOCKET,
- CURLFILETYPE_DOOR, /* is possible only on Sun Solaris now */
-
- CURLFILETYPE_UNKNOWN /* should never occur */
-} curlfiletype;
-
-#define CURLFINFOFLAG_KNOWN_FILENAME (1<<0)
-#define CURLFINFOFLAG_KNOWN_FILETYPE (1<<1)
-#define CURLFINFOFLAG_KNOWN_TIME (1<<2)
-#define CURLFINFOFLAG_KNOWN_PERM (1<<3)
-#define CURLFINFOFLAG_KNOWN_UID (1<<4)
-#define CURLFINFOFLAG_KNOWN_GID (1<<5)
-#define CURLFINFOFLAG_KNOWN_SIZE (1<<6)
-#define CURLFINFOFLAG_KNOWN_HLINKCOUNT (1<<7)
-
-/* Content of this structure depends on information which is known and is
- achievable (e.g. by FTP LIST parsing). Please see the url_easy_setopt(3) man
- page for callbacks returning this structure -- some fields are mandatory,
- some others are optional. The FLAG field has special meaning. */
-struct curl_fileinfo {
- char *filename;
- curlfiletype filetype;
- time_t time;
- unsigned int perm;
- int uid;
- int gid;
- curl_off_t size;
- long int hardlinks;
-
- struct {
- /* If some of these fields is not NULL, it is a pointer to b_data. */
- char *time;
- char *perm;
- char *user;
- char *group;
- char *target; /* pointer to the target filename of a symlink */
- } strings;
-
- unsigned int flags;
-
- /* used internally */
- char * b_data;
- size_t b_size;
- size_t b_used;
-};
-
-/* return codes for CURLOPT_CHUNK_BGN_FUNCTION */
-#define CURL_CHUNK_BGN_FUNC_OK 0
-#define CURL_CHUNK_BGN_FUNC_FAIL 1 /* tell the lib to end the task */
-#define CURL_CHUNK_BGN_FUNC_SKIP 2 /* skip this chunk over */
-
-/* if splitting of data transfer is enabled, this callback is called before
- download of an individual chunk started. Note that parameter "remains" works
- only for FTP wildcard downloading (for now), otherwise is not used */
-typedef long (*curl_chunk_bgn_callback)(const void *transfer_info,
- void *ptr,
- int remains);
-
-/* return codes for CURLOPT_CHUNK_END_FUNCTION */
-#define CURL_CHUNK_END_FUNC_OK 0
-#define CURL_CHUNK_END_FUNC_FAIL 1 /* tell the lib to end the task */
-
-/* If splitting of data transfer is enabled this callback is called after
- download of an individual chunk finished.
- Note! After this callback was set then it have to be called FOR ALL chunks.
- Even if downloading of this chunk was skipped in CHUNK_BGN_FUNC.
- This is the reason why we don't need "transfer_info" parameter in this
- callback and we are not interested in "remains" parameter too. */
-typedef long (*curl_chunk_end_callback)(void *ptr);
-
-/* return codes for FNMATCHFUNCTION */
-#define CURL_FNMATCHFUNC_MATCH 0 /* string corresponds to the pattern */
-#define CURL_FNMATCHFUNC_NOMATCH 1 /* pattern doesn't match the string */
-#define CURL_FNMATCHFUNC_FAIL 2 /* an error occurred */
-
-/* callback type for wildcard downloading pattern matching. If the
- string matches the pattern, return CURL_FNMATCHFUNC_MATCH value, etc. */
-typedef int (*curl_fnmatch_callback)(void *ptr,
- const char *pattern,
- const char *string);
-
-/* These are the return codes for the seek callbacks */
-#define CURL_SEEKFUNC_OK 0
-#define CURL_SEEKFUNC_FAIL 1 /* fail the entire transfer */
-#define CURL_SEEKFUNC_CANTSEEK 2 /* tell libcurl seeking can't be done, so
- libcurl might try other means instead */
-typedef int (*curl_seek_callback)(void *instream,
- curl_off_t offset,
- int origin); /* 'whence' */
-
-/* This is a return code for the read callback that, when returned, will
- signal libcurl to immediately abort the current transfer. */
-#define CURL_READFUNC_ABORT 0x10000000
-/* This is a return code for the read callback that, when returned, will
- signal libcurl to pause sending data on the current transfer. */
-#define CURL_READFUNC_PAUSE 0x10000001
-
-typedef size_t (*curl_read_callback)(char *buffer,
- size_t size,
- size_t nitems,
- void *instream);
-
-typedef enum {
- CURLSOCKTYPE_IPCXN, /* socket created for a specific IP connection */
- CURLSOCKTYPE_ACCEPT, /* socket created by accept() call */
- CURLSOCKTYPE_LAST /* never use */
-} curlsocktype;
-
-/* The return code from the sockopt_callback can signal information back
- to libcurl: */
-#define CURL_SOCKOPT_OK 0
-#define CURL_SOCKOPT_ERROR 1 /* causes libcurl to abort and return
- CURLE_ABORTED_BY_CALLBACK */
-#define CURL_SOCKOPT_ALREADY_CONNECTED 2
-
-typedef int (*curl_sockopt_callback)(void *clientp,
- curl_socket_t curlfd,
- curlsocktype purpose);
-
-struct curl_sockaddr {
- int family;
- int socktype;
- int protocol;
- unsigned int addrlen; /* addrlen was a socklen_t type before 7.18.0 but it
- turned really ugly and painful on the systems that
- lack this type */
- struct sockaddr addr;
-};
-
-typedef curl_socket_t
-(*curl_opensocket_callback)(void *clientp,
- curlsocktype purpose,
- struct curl_sockaddr *address);
-
-typedef int
-(*curl_closesocket_callback)(void *clientp, curl_socket_t item);
-
-typedef enum {
- CURLIOE_OK, /* I/O operation successful */
- CURLIOE_UNKNOWNCMD, /* command was unknown to callback */
- CURLIOE_FAILRESTART, /* failed to restart the read */
- CURLIOE_LAST /* never use */
-} curlioerr;
-
-typedef enum {
- CURLIOCMD_NOP, /* no operation */
- CURLIOCMD_RESTARTREAD, /* restart the read stream from start */
- CURLIOCMD_LAST /* never use */
-} curliocmd;
-
-typedef curlioerr (*curl_ioctl_callback)(CURL *handle,
- int cmd,
- void *clientp);
-
-#ifndef CURL_DID_MEMORY_FUNC_TYPEDEFS
-/*
- * The following typedef's are signatures of malloc, free, realloc, strdup and
- * calloc respectively. Function pointers of these types can be passed to the
- * curl_global_init_mem() function to set user defined memory management
- * callback routines.
- */
-typedef void *(*curl_malloc_callback)(size_t size);
-typedef void (*curl_free_callback)(void *ptr);
-typedef void *(*curl_realloc_callback)(void *ptr, size_t size);
-typedef char *(*curl_strdup_callback)(const char *str);
-typedef void *(*curl_calloc_callback)(size_t nmemb, size_t size);
-
-#define CURL_DID_MEMORY_FUNC_TYPEDEFS
-#endif
-
-/* the kind of data that is passed to information_callback*/
-typedef enum {
- CURLINFO_TEXT = 0,
- CURLINFO_HEADER_IN, /* 1 */
- CURLINFO_HEADER_OUT, /* 2 */
- CURLINFO_DATA_IN, /* 3 */
- CURLINFO_DATA_OUT, /* 4 */
- CURLINFO_SSL_DATA_IN, /* 5 */
- CURLINFO_SSL_DATA_OUT, /* 6 */
- CURLINFO_END
-} curl_infotype;
-
-typedef int (*curl_debug_callback)
- (CURL *handle, /* the handle/transfer this concerns */
- curl_infotype type, /* what kind of data */
- char *data, /* points to the data */
- size_t size, /* size of the data pointed to */
- void *userptr); /* whatever the user please */
-
-/* All possible error codes from all sorts of curl functions. Future versions
- may return other values, stay prepared.
-
- Always add new return codes last. Never *EVER* remove any. The return
- codes must remain the same!
- */
-
-typedef enum {
- CURLE_OK = 0,
- CURLE_UNSUPPORTED_PROTOCOL, /* 1 */
- CURLE_FAILED_INIT, /* 2 */
- CURLE_URL_MALFORMAT, /* 3 */
- CURLE_NOT_BUILT_IN, /* 4 - [was obsoleted in August 2007 for
- 7.17.0, reused in April 2011 for 7.21.5] */
- CURLE_COULDNT_RESOLVE_PROXY, /* 5 */
- CURLE_COULDNT_RESOLVE_HOST, /* 6 */
- CURLE_COULDNT_CONNECT, /* 7 */
- CURLE_WEIRD_SERVER_REPLY, /* 8 */
- CURLE_REMOTE_ACCESS_DENIED, /* 9 a service was denied by the server
- due to lack of access - when login fails
- this is not returned. */
- CURLE_FTP_ACCEPT_FAILED, /* 10 - [was obsoleted in April 2006 for
- 7.15.4, reused in Dec 2011 for 7.24.0]*/
- CURLE_FTP_WEIRD_PASS_REPLY, /* 11 */
- CURLE_FTP_ACCEPT_TIMEOUT, /* 12 - timeout occurred accepting server
- [was obsoleted in August 2007 for 7.17.0,
- reused in Dec 2011 for 7.24.0]*/
- CURLE_FTP_WEIRD_PASV_REPLY, /* 13 */
- CURLE_FTP_WEIRD_227_FORMAT, /* 14 */
- CURLE_FTP_CANT_GET_HOST, /* 15 */
- CURLE_HTTP2, /* 16 - A problem in the http2 framing layer.
- [was obsoleted in August 2007 for 7.17.0,
- reused in July 2014 for 7.38.0] */
- CURLE_FTP_COULDNT_SET_TYPE, /* 17 */
- CURLE_PARTIAL_FILE, /* 18 */
- CURLE_FTP_COULDNT_RETR_FILE, /* 19 */
- CURLE_OBSOLETE20, /* 20 - NOT USED */
- CURLE_QUOTE_ERROR, /* 21 - quote command failure */
- CURLE_HTTP_RETURNED_ERROR, /* 22 */
- CURLE_WRITE_ERROR, /* 23 */
- CURLE_OBSOLETE24, /* 24 - NOT USED */
- CURLE_UPLOAD_FAILED, /* 25 - failed upload "command" */
- CURLE_READ_ERROR, /* 26 - couldn't open/read from file */
- CURLE_OUT_OF_MEMORY, /* 27 */
- /* Note: CURLE_OUT_OF_MEMORY may sometimes indicate a conversion error
- instead of a memory allocation error if CURL_DOES_CONVERSIONS
- is defined
- */
- CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was reached */
- CURLE_OBSOLETE29, /* 29 - NOT USED */
- CURLE_FTP_PORT_FAILED, /* 30 - FTP PORT operation failed */
- CURLE_FTP_COULDNT_USE_REST, /* 31 - the REST command failed */
- CURLE_OBSOLETE32, /* 32 - NOT USED */
- CURLE_RANGE_ERROR, /* 33 - RANGE "command" didn't work */
- CURLE_HTTP_POST_ERROR, /* 34 */
- CURLE_SSL_CONNECT_ERROR, /* 35 - wrong when connecting with SSL */
- CURLE_BAD_DOWNLOAD_RESUME, /* 36 - couldn't resume download */
- CURLE_FILE_COULDNT_READ_FILE, /* 37 */
- CURLE_LDAP_CANNOT_BIND, /* 38 */
- CURLE_LDAP_SEARCH_FAILED, /* 39 */
- CURLE_OBSOLETE40, /* 40 - NOT USED */
- CURLE_FUNCTION_NOT_FOUND, /* 41 */
- CURLE_ABORTED_BY_CALLBACK, /* 42 */
- CURLE_BAD_FUNCTION_ARGUMENT, /* 43 */
- CURLE_OBSOLETE44, /* 44 - NOT USED */
- CURLE_INTERFACE_FAILED, /* 45 - CURLOPT_INTERFACE failed */
- CURLE_OBSOLETE46, /* 46 - NOT USED */
- CURLE_TOO_MANY_REDIRECTS, /* 47 - catch endless re-direct loops */
- CURLE_UNKNOWN_OPTION, /* 48 - User specified an unknown option */
- CURLE_TELNET_OPTION_SYNTAX, /* 49 - Malformed telnet option */
- CURLE_OBSOLETE50, /* 50 - NOT USED */
- CURLE_PEER_FAILED_VERIFICATION, /* 51 - peer's certificate or fingerprint
- wasn't verified fine */
- CURLE_GOT_NOTHING, /* 52 - when this is a specific error */
- CURLE_SSL_ENGINE_NOTFOUND, /* 53 - SSL crypto engine not found */
- CURLE_SSL_ENGINE_SETFAILED, /* 54 - can not set SSL crypto engine as
- default */
- CURLE_SEND_ERROR, /* 55 - failed sending network data */
- CURLE_RECV_ERROR, /* 56 - failure in receiving network data */
- CURLE_OBSOLETE57, /* 57 - NOT IN USE */
- CURLE_SSL_CERTPROBLEM, /* 58 - problem with the local certificate */
- CURLE_SSL_CIPHER, /* 59 - couldn't use specified cipher */
- CURLE_SSL_CACERT, /* 60 - problem with the CA cert (path?) */
- CURLE_BAD_CONTENT_ENCODING, /* 61 - Unrecognized/bad encoding */
- CURLE_LDAP_INVALID_URL, /* 62 - Invalid LDAP URL */
- CURLE_FILESIZE_EXCEEDED, /* 63 - Maximum file size exceeded */
- CURLE_USE_SSL_FAILED, /* 64 - Requested FTP SSL level failed */
- CURLE_SEND_FAIL_REWIND, /* 65 - Sending the data requires a rewind
- that failed */
- CURLE_SSL_ENGINE_INITFAILED, /* 66 - failed to initialise ENGINE */
- CURLE_LOGIN_DENIED, /* 67 - user, password or similar was not
- accepted and we failed to login */
- CURLE_TFTP_NOTFOUND, /* 68 - file not found on server */
- CURLE_TFTP_PERM, /* 69 - permission problem on server */
- CURLE_REMOTE_DISK_FULL, /* 70 - out of disk space on server */
- CURLE_TFTP_ILLEGAL, /* 71 - Illegal TFTP operation */
- CURLE_TFTP_UNKNOWNID, /* 72 - Unknown transfer ID */
- CURLE_REMOTE_FILE_EXISTS, /* 73 - File already exists */
- CURLE_TFTP_NOSUCHUSER, /* 74 - No such user */
- CURLE_CONV_FAILED, /* 75 - conversion failed */
- CURLE_CONV_REQD, /* 76 - caller must register conversion
- callbacks using curl_easy_setopt options
- CURLOPT_CONV_FROM_NETWORK_FUNCTION,
- CURLOPT_CONV_TO_NETWORK_FUNCTION, and
- CURLOPT_CONV_FROM_UTF8_FUNCTION */
- CURLE_SSL_CACERT_BADFILE, /* 77 - could not load CACERT file, missing
- or wrong format */
- CURLE_REMOTE_FILE_NOT_FOUND, /* 78 - remote file not found */
- CURLE_SSH, /* 79 - error from the SSH layer, somewhat
- generic so the error message will be of
- interest when this has happened */
-
- CURLE_SSL_SHUTDOWN_FAILED, /* 80 - Failed to shut down the SSL
- connection */
- CURLE_AGAIN, /* 81 - socket is not ready for send/recv,
- wait till it's ready and try again (Added
- in 7.18.2) */
- CURLE_SSL_CRL_BADFILE, /* 82 - could not load CRL file, missing or
- wrong format (Added in 7.19.0) */
- CURLE_SSL_ISSUER_ERROR, /* 83 - Issuer check failed. (Added in
- 7.19.0) */
- CURLE_FTP_PRET_FAILED, /* 84 - a PRET command failed */
- CURLE_RTSP_CSEQ_ERROR, /* 85 - mismatch of RTSP CSeq numbers */
- CURLE_RTSP_SESSION_ERROR, /* 86 - mismatch of RTSP Session Ids */
- CURLE_FTP_BAD_FILE_LIST, /* 87 - unable to parse FTP file list */
- CURLE_CHUNK_FAILED, /* 88 - chunk callback reported error */
- CURLE_NO_CONNECTION_AVAILABLE, /* 89 - No connection available, the
- session will be queued */
- CURLE_SSL_PINNEDPUBKEYNOTMATCH, /* 90 - specified pinned public key did not
- match */
- CURLE_SSL_INVALIDCERTSTATUS, /* 91 - invalid certificate status */
- CURLE_HTTP2_STREAM, /* 92 - stream error in HTTP/2 framing layer
- */
- CURL_LAST /* never use! */
-} CURLcode;
-
-#ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
- the obsolete stuff removed! */
-
-/* Previously obsolete error code re-used in 7.38.0 */
-#define CURLE_OBSOLETE16 CURLE_HTTP2
-
-/* Previously obsolete error codes re-used in 7.24.0 */
-#define CURLE_OBSOLETE10 CURLE_FTP_ACCEPT_FAILED
-#define CURLE_OBSOLETE12 CURLE_FTP_ACCEPT_TIMEOUT
-
-/* compatibility with older names */
-#define CURLOPT_ENCODING CURLOPT_ACCEPT_ENCODING
-#define CURLE_FTP_WEIRD_SERVER_REPLY CURLE_WEIRD_SERVER_REPLY
-
-/* The following were added in 7.21.5, April 2011 */
-#define CURLE_UNKNOWN_TELNET_OPTION CURLE_UNKNOWN_OPTION
-
-/* The following were added in 7.17.1 */
-/* These are scheduled to disappear by 2009 */
-#define CURLE_SSL_PEER_CERTIFICATE CURLE_PEER_FAILED_VERIFICATION
-
-/* The following were added in 7.17.0 */
-/* These are scheduled to disappear by 2009 */
-#define CURLE_OBSOLETE CURLE_OBSOLETE50 /* no one should be using this! */
-#define CURLE_BAD_PASSWORD_ENTERED CURLE_OBSOLETE46
-#define CURLE_BAD_CALLING_ORDER CURLE_OBSOLETE44
-#define CURLE_FTP_USER_PASSWORD_INCORRECT CURLE_OBSOLETE10
-#define CURLE_FTP_CANT_RECONNECT CURLE_OBSOLETE16
-#define CURLE_FTP_COULDNT_GET_SIZE CURLE_OBSOLETE32
-#define CURLE_FTP_COULDNT_SET_ASCII CURLE_OBSOLETE29
-#define CURLE_FTP_WEIRD_USER_REPLY CURLE_OBSOLETE12
-#define CURLE_FTP_WRITE_ERROR CURLE_OBSOLETE20
-#define CURLE_LIBRARY_NOT_FOUND CURLE_OBSOLETE40
-#define CURLE_MALFORMAT_USER CURLE_OBSOLETE24
-#define CURLE_SHARE_IN_USE CURLE_OBSOLETE57
-#define CURLE_URL_MALFORMAT_USER CURLE_NOT_BUILT_IN
-
-#define CURLE_FTP_ACCESS_DENIED CURLE_REMOTE_ACCESS_DENIED
-#define CURLE_FTP_COULDNT_SET_BINARY CURLE_FTP_COULDNT_SET_TYPE
-#define CURLE_FTP_QUOTE_ERROR CURLE_QUOTE_ERROR
-#define CURLE_TFTP_DISKFULL CURLE_REMOTE_DISK_FULL
-#define CURLE_TFTP_EXISTS CURLE_REMOTE_FILE_EXISTS
-#define CURLE_HTTP_RANGE_ERROR CURLE_RANGE_ERROR
-#define CURLE_FTP_SSL_FAILED CURLE_USE_SSL_FAILED
-
-/* The following were added earlier */
-
-#define CURLE_OPERATION_TIMEOUTED CURLE_OPERATION_TIMEDOUT
-
-#define CURLE_HTTP_NOT_FOUND CURLE_HTTP_RETURNED_ERROR
-#define CURLE_HTTP_PORT_FAILED CURLE_INTERFACE_FAILED
-#define CURLE_FTP_COULDNT_STOR_FILE CURLE_UPLOAD_FAILED
-
-#define CURLE_FTP_PARTIAL_FILE CURLE_PARTIAL_FILE
-#define CURLE_FTP_BAD_DOWNLOAD_RESUME CURLE_BAD_DOWNLOAD_RESUME
-
-/* This was the error code 50 in 7.7.3 and a few earlier versions, this
- is no longer used by libcurl but is instead #defined here only to not
- make programs break */
-#define CURLE_ALREADY_COMPLETE 99999
-
-/* Provide defines for really old option names */
-#define CURLOPT_FILE CURLOPT_WRITEDATA /* name changed in 7.9.7 */
-#define CURLOPT_INFILE CURLOPT_READDATA /* name changed in 7.9.7 */
-#define CURLOPT_WRITEHEADER CURLOPT_HEADERDATA
-
-/* Since long deprecated options with no code in the lib that does anything
- with them. */
-#define CURLOPT_WRITEINFO CURLOPT_OBSOLETE40
-#define CURLOPT_CLOSEPOLICY CURLOPT_OBSOLETE72
-
-#endif /*!CURL_NO_OLDIES*/
-
-/* This prototype applies to all conversion callbacks */
-typedef CURLcode (*curl_conv_callback)(char *buffer, size_t length);
-
-typedef CURLcode (*curl_ssl_ctx_callback)(CURL *curl, /* easy handle */
- void *ssl_ctx, /* actually an
- OpenSSL SSL_CTX */
- void *userptr);
-
-typedef enum {
- CURLPROXY_HTTP = 0, /* added in 7.10, new in 7.19.4 default is to use
- CONNECT HTTP/1.1 */
- CURLPROXY_HTTP_1_0 = 1, /* added in 7.19.4, force to use CONNECT
- HTTP/1.0 */
- CURLPROXY_SOCKS4 = 4, /* support added in 7.15.2, enum existed already
- in 7.10 */
- CURLPROXY_SOCKS5 = 5, /* added in 7.10 */
- CURLPROXY_SOCKS4A = 6, /* added in 7.18.0 */
- CURLPROXY_SOCKS5_HOSTNAME = 7 /* Use the SOCKS5 protocol but pass along the
- host name rather than the IP address. added
- in 7.18.0 */
-} curl_proxytype; /* this enum was added in 7.10 */
-
-/*
- * Bitmasks for CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH options:
- *
- * CURLAUTH_NONE - No HTTP authentication
- * CURLAUTH_BASIC - HTTP Basic authentication (default)
- * CURLAUTH_DIGEST - HTTP Digest authentication
- * CURLAUTH_NEGOTIATE - HTTP Negotiate (SPNEGO) authentication
- * CURLAUTH_GSSNEGOTIATE - Alias for CURLAUTH_NEGOTIATE (deprecated)
- * CURLAUTH_NTLM - HTTP NTLM authentication
- * CURLAUTH_DIGEST_IE - HTTP Digest authentication with IE flavour
- * CURLAUTH_NTLM_WB - HTTP NTLM authentication delegated to winbind helper
- * CURLAUTH_ONLY - Use together with a single other type to force no
- * authentication or just that single type
- * CURLAUTH_ANY - All fine types set
- * CURLAUTH_ANYSAFE - All fine types except Basic
- */
-
-#define CURLAUTH_NONE ((unsigned long)0)
-#define CURLAUTH_BASIC (((unsigned long)1)<<0)
-#define CURLAUTH_DIGEST (((unsigned long)1)<<1)
-#define CURLAUTH_NEGOTIATE (((unsigned long)1)<<2)
-/* Deprecated since the advent of CURLAUTH_NEGOTIATE */
-#define CURLAUTH_GSSNEGOTIATE CURLAUTH_NEGOTIATE
-#define CURLAUTH_NTLM (((unsigned long)1)<<3)
-#define CURLAUTH_DIGEST_IE (((unsigned long)1)<<4)
-#define CURLAUTH_NTLM_WB (((unsigned long)1)<<5)
-#define CURLAUTH_ONLY (((unsigned long)1)<<31)
-#define CURLAUTH_ANY (~CURLAUTH_DIGEST_IE)
-#define CURLAUTH_ANYSAFE (~(CURLAUTH_BASIC|CURLAUTH_DIGEST_IE))
-
-#define CURLSSH_AUTH_ANY ~0 /* all types supported by the server */
-#define CURLSSH_AUTH_NONE 0 /* none allowed, silly but complete */
-#define CURLSSH_AUTH_PUBLICKEY (1<<0) /* public/private key files */
-#define CURLSSH_AUTH_PASSWORD (1<<1) /* password */
-#define CURLSSH_AUTH_HOST (1<<2) /* host key files */
-#define CURLSSH_AUTH_KEYBOARD (1<<3) /* keyboard interactive */
-#define CURLSSH_AUTH_AGENT (1<<4) /* agent (ssh-agent, pageant...) */
-#define CURLSSH_AUTH_DEFAULT CURLSSH_AUTH_ANY
-
-#define CURLGSSAPI_DELEGATION_NONE 0 /* no delegation (default) */
-#define CURLGSSAPI_DELEGATION_POLICY_FLAG (1<<0) /* if permitted by policy */
-#define CURLGSSAPI_DELEGATION_FLAG (1<<1) /* delegate always */
-
-#define CURL_ERROR_SIZE 256
-
-enum curl_khtype {
- CURLKHTYPE_UNKNOWN,
- CURLKHTYPE_RSA1,
- CURLKHTYPE_RSA,
- CURLKHTYPE_DSS
-};
-
-struct curl_khkey {
- const char *key; /* points to a zero-terminated string encoded with base64
- if len is zero, otherwise to the "raw" data */
- size_t len;
- enum curl_khtype keytype;
-};
-
-/* this is the set of return values expected from the curl_sshkeycallback
- callback */
-enum curl_khstat {
- CURLKHSTAT_FINE_ADD_TO_FILE,
- CURLKHSTAT_FINE,
- CURLKHSTAT_REJECT, /* reject the connection, return an error */
- CURLKHSTAT_DEFER, /* do not accept it, but we can't answer right now so
- this causes a CURLE_DEFER error but otherwise the
- connection will be left intact etc */
- CURLKHSTAT_LAST /* not for use, only a marker for last-in-list */
-};
-
-/* this is the set of status codes pass in to the callback */
-enum curl_khmatch {
- CURLKHMATCH_OK, /* match */
- CURLKHMATCH_MISMATCH, /* host found, key mismatch! */
- CURLKHMATCH_MISSING, /* no matching host/key found */
- CURLKHMATCH_LAST /* not for use, only a marker for last-in-list */
-};
-
-typedef int
- (*curl_sshkeycallback) (CURL *easy, /* easy handle */
- const struct curl_khkey *knownkey, /* known */
- const struct curl_khkey *foundkey, /* found */
- enum curl_khmatch, /* libcurl's view on the keys */
- void *clientp); /* custom pointer passed from app */
-
-/* parameter for the CURLOPT_USE_SSL option */
-typedef enum {
- CURLUSESSL_NONE, /* do not attempt to use SSL */
- CURLUSESSL_TRY, /* try using SSL, proceed anyway otherwise */
- CURLUSESSL_CONTROL, /* SSL for the control connection or fail */
- CURLUSESSL_ALL, /* SSL for all communication or fail */
- CURLUSESSL_LAST /* not an option, never use */
-} curl_usessl;
-
-/* Definition of bits for the CURLOPT_SSL_OPTIONS argument: */
-
-/* - ALLOW_BEAST tells libcurl to allow the BEAST SSL vulnerability in the
- name of improving interoperability with older servers. Some SSL libraries
- have introduced work-arounds for this flaw but those work-arounds sometimes
- make the SSL communication fail. To regain functionality with those broken
- servers, a user can this way allow the vulnerability back. */
-#define CURLSSLOPT_ALLOW_BEAST (1<<0)
-
-/* - NO_REVOKE tells libcurl to disable certificate revocation checks for those
- SSL backends where such behavior is present. */
-#define CURLSSLOPT_NO_REVOKE (1<<1)
-
-#ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
- the obsolete stuff removed! */
-
-/* Backwards compatibility with older names */
-/* These are scheduled to disappear by 2009 */
-
-#define CURLFTPSSL_NONE CURLUSESSL_NONE
-#define CURLFTPSSL_TRY CURLUSESSL_TRY
-#define CURLFTPSSL_CONTROL CURLUSESSL_CONTROL
-#define CURLFTPSSL_ALL CURLUSESSL_ALL
-#define CURLFTPSSL_LAST CURLUSESSL_LAST
-#define curl_ftpssl curl_usessl
-#endif /*!CURL_NO_OLDIES*/
-
-/* parameter for the CURLOPT_FTP_SSL_CCC option */
-typedef enum {
- CURLFTPSSL_CCC_NONE, /* do not send CCC */
- CURLFTPSSL_CCC_PASSIVE, /* Let the server initiate the shutdown */
- CURLFTPSSL_CCC_ACTIVE, /* Initiate the shutdown */
- CURLFTPSSL_CCC_LAST /* not an option, never use */
-} curl_ftpccc;
-
-/* parameter for the CURLOPT_FTPSSLAUTH option */
-typedef enum {
- CURLFTPAUTH_DEFAULT, /* let libcurl decide */
- CURLFTPAUTH_SSL, /* use "AUTH SSL" */
- CURLFTPAUTH_TLS, /* use "AUTH TLS" */
- CURLFTPAUTH_LAST /* not an option, never use */
-} curl_ftpauth;
-
-/* parameter for the CURLOPT_FTP_CREATE_MISSING_DIRS option */
-typedef enum {
- CURLFTP_CREATE_DIR_NONE, /* do NOT create missing dirs! */
- CURLFTP_CREATE_DIR, /* (FTP/SFTP) if CWD fails, try MKD and then CWD
- again if MKD succeeded, for SFTP this does
- similar magic */
- CURLFTP_CREATE_DIR_RETRY, /* (FTP only) if CWD fails, try MKD and then CWD
- again even if MKD failed! */
- CURLFTP_CREATE_DIR_LAST /* not an option, never use */
-} curl_ftpcreatedir;
-
-/* parameter for the CURLOPT_FTP_FILEMETHOD option */
-typedef enum {
- CURLFTPMETHOD_DEFAULT, /* let libcurl pick */
- CURLFTPMETHOD_MULTICWD, /* single CWD operation for each path part */
- CURLFTPMETHOD_NOCWD, /* no CWD at all */
- CURLFTPMETHOD_SINGLECWD, /* one CWD to full dir, then work on file */
- CURLFTPMETHOD_LAST /* not an option, never use */
-} curl_ftpmethod;
-
-/* bitmask defines for CURLOPT_HEADEROPT */
-#define CURLHEADER_UNIFIED 0
-#define CURLHEADER_SEPARATE (1<<0)
-
-/* CURLPROTO_ defines are for the CURLOPT_*PROTOCOLS options */
-#define CURLPROTO_HTTP (1<<0)
-#define CURLPROTO_HTTPS (1<<1)
-#define CURLPROTO_FTP (1<<2)
-#define CURLPROTO_FTPS (1<<3)
-#define CURLPROTO_SCP (1<<4)
-#define CURLPROTO_SFTP (1<<5)
-#define CURLPROTO_TELNET (1<<6)
-#define CURLPROTO_LDAP (1<<7)
-#define CURLPROTO_LDAPS (1<<8)
-#define CURLPROTO_DICT (1<<9)
-#define CURLPROTO_FILE (1<<10)
-#define CURLPROTO_TFTP (1<<11)
-#define CURLPROTO_IMAP (1<<12)
-#define CURLPROTO_IMAPS (1<<13)
-#define CURLPROTO_POP3 (1<<14)
-#define CURLPROTO_POP3S (1<<15)
-#define CURLPROTO_SMTP (1<<16)
-#define CURLPROTO_SMTPS (1<<17)
-#define CURLPROTO_RTSP (1<<18)
-#define CURLPROTO_RTMP (1<<19)
-#define CURLPROTO_RTMPT (1<<20)
-#define CURLPROTO_RTMPE (1<<21)
-#define CURLPROTO_RTMPTE (1<<22)
-#define CURLPROTO_RTMPS (1<<23)
-#define CURLPROTO_RTMPTS (1<<24)
-#define CURLPROTO_GOPHER (1<<25)
-#define CURLPROTO_SMB (1<<26)
-#define CURLPROTO_SMBS (1<<27)
-#define CURLPROTO_ALL (~0) /* enable everything */
-
-/* long may be 32 or 64 bits, but we should never depend on anything else
- but 32 */
-#define CURLOPTTYPE_LONG 0
-#define CURLOPTTYPE_OBJECTPOINT 10000
-#define CURLOPTTYPE_STRINGPOINT 10000
-#define CURLOPTTYPE_FUNCTIONPOINT 20000
-#define CURLOPTTYPE_OFF_T 30000
-
-/* *STRINGPOINT is an alias for OBJECTPOINT to allow tools to extract the
- string options from the header file */
-
-/* name is uppercase CURLOPT_<name>,
- type is one of the defined CURLOPTTYPE_<type>
- number is unique identifier */
-#ifdef CINIT
-#undef CINIT
-#endif
-
-#ifdef CURL_ISOCPP
-#define CINIT(na,t,nu) CURLOPT_ ## na = CURLOPTTYPE_ ## t + nu
-#else
-/* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */
-#define LONG CURLOPTTYPE_LONG
-#define OBJECTPOINT CURLOPTTYPE_OBJECTPOINT
-#define STRINGPOINT CURLOPTTYPE_OBJECTPOINT
-#define FUNCTIONPOINT CURLOPTTYPE_FUNCTIONPOINT
-#define OFF_T CURLOPTTYPE_OFF_T
-#define CINIT(name,type,number) CURLOPT_/**/name = type + number
-#endif
-
-/*
- * This macro-mania below setups the CURLOPT_[what] enum, to be used with
- * curl_easy_setopt(). The first argument in the CINIT() macro is the [what]
- * word.
- */
-
-typedef enum {
- /* This is the FILE * or void * the regular output should be written to. */
- CINIT(WRITEDATA, OBJECTPOINT, 1),
-
- /* The full URL to get/put */
- CINIT(URL, STRINGPOINT, 2),
-
- /* Port number to connect to, if other than default. */
- CINIT(PORT, LONG, 3),
-
- /* Name of proxy to use. */
- CINIT(PROXY, STRINGPOINT, 4),
-
- /* "user:password;options" to use when fetching. */
- CINIT(USERPWD, STRINGPOINT, 5),
-
- /* "user:password" to use with proxy. */
- CINIT(PROXYUSERPWD, STRINGPOINT, 6),
-
- /* Range to get, specified as an ASCII string. */
- CINIT(RANGE, STRINGPOINT, 7),
-
- /* not used */
-
- /* Specified file stream to upload from (use as input): */
- CINIT(READDATA, OBJECTPOINT, 9),
-
- /* Buffer to receive error messages in, must be at least CURL_ERROR_SIZE
- * bytes big. If this is not used, error messages go to stderr instead: */
- CINIT(ERRORBUFFER, OBJECTPOINT, 10),
-
- /* Function that will be called to store the output (instead of fwrite). The
- * parameters will use fwrite() syntax, make sure to follow them. */
- CINIT(WRITEFUNCTION, FUNCTIONPOINT, 11),
-
- /* Function that will be called to read the input (instead of fread). The
- * parameters will use fread() syntax, make sure to follow them. */
- CINIT(READFUNCTION, FUNCTIONPOINT, 12),
-
- /* Time-out the read operation after this amount of seconds */
- CINIT(TIMEOUT, LONG, 13),
-
- /* If the CURLOPT_INFILE is used, this can be used to inform libcurl about
- * how large the file being sent really is. That allows better error
- * checking and better verifies that the upload was successful. -1 means
- * unknown size.
- *
- * For large file support, there is also a _LARGE version of the key
- * which takes an off_t type, allowing platforms with larger off_t
- * sizes to handle larger files. See below for INFILESIZE_LARGE.
- */
- CINIT(INFILESIZE, LONG, 14),
-
- /* POST static input fields. */
- CINIT(POSTFIELDS, OBJECTPOINT, 15),
-
- /* Set the referrer page (needed by some CGIs) */
- CINIT(REFERER, STRINGPOINT, 16),
-
- /* Set the FTP PORT string (interface name, named or numerical IP address)
- Use i.e '-' to use default address. */
- CINIT(FTPPORT, STRINGPOINT, 17),
-
- /* Set the User-Agent string (examined by some CGIs) */
- CINIT(USERAGENT, STRINGPOINT, 18),
-
- /* If the download receives less than "low speed limit" bytes/second
- * during "low speed time" seconds, the operations is aborted.
- * You could i.e if you have a pretty high speed connection, abort if
- * it is less than 2000 bytes/sec during 20 seconds.
- */
-
- /* Set the "low speed limit" */
- CINIT(LOW_SPEED_LIMIT, LONG, 19),
-
- /* Set the "low speed time" */
- CINIT(LOW_SPEED_TIME, LONG, 20),
-
- /* Set the continuation offset.
- *
- * Note there is also a _LARGE version of this key which uses
- * off_t types, allowing for large file offsets on platforms which
- * use larger-than-32-bit off_t's. Look below for RESUME_FROM_LARGE.
- */
- CINIT(RESUME_FROM, LONG, 21),
-
- /* Set cookie in request: */
- CINIT(COOKIE, STRINGPOINT, 22),
-
- /* This points to a linked list of headers, struct curl_slist kind. This
- list is also used for RTSP (in spite of its name) */
- CINIT(HTTPHEADER, OBJECTPOINT, 23),
-
- /* This points to a linked list of post entries, struct curl_httppost */
- CINIT(HTTPPOST, OBJECTPOINT, 24),
-
- /* name of the file keeping your private SSL-certificate */
- CINIT(SSLCERT, STRINGPOINT, 25),
-
- /* password for the SSL or SSH private key */
- CINIT(KEYPASSWD, STRINGPOINT, 26),
-
- /* send TYPE parameter? */
- CINIT(CRLF, LONG, 27),
-
- /* send linked-list of QUOTE commands */
- CINIT(QUOTE, OBJECTPOINT, 28),
-
- /* send FILE * or void * to store headers to, if you use a callback it
- is simply passed to the callback unmodified */
- CINIT(HEADERDATA, OBJECTPOINT, 29),
-
- /* point to a file to read the initial cookies from, also enables
- "cookie awareness" */
- CINIT(COOKIEFILE, STRINGPOINT, 31),
-
- /* What version to specifically try to use.
- See CURL_SSLVERSION defines below. */
- CINIT(SSLVERSION, LONG, 32),
-
- /* What kind of HTTP time condition to use, see defines */
- CINIT(TIMECONDITION, LONG, 33),
-
- /* Time to use with the above condition. Specified in number of seconds
- since 1 Jan 1970 */
- CINIT(TIMEVALUE, LONG, 34),
-
- /* 35 = OBSOLETE */
-
- /* Custom request, for customizing the get command like
- HTTP: DELETE, TRACE and others
- FTP: to use a different list command
- */
- CINIT(CUSTOMREQUEST, STRINGPOINT, 36),
-
- /* FILE handle to use instead of stderr */
- CINIT(STDERR, OBJECTPOINT, 37),
-
- /* 38 is not used */
-
- /* send linked-list of post-transfer QUOTE commands */
- CINIT(POSTQUOTE, OBJECTPOINT, 39),
-
- CINIT(OBSOLETE40, OBJECTPOINT, 40), /* OBSOLETE, do not use! */
-
- CINIT(VERBOSE, LONG, 41), /* talk a lot */
- CINIT(HEADER, LONG, 42), /* throw the header out too */
- CINIT(NOPROGRESS, LONG, 43), /* shut off the progress meter */
- CINIT(NOBODY, LONG, 44), /* use HEAD to get http document */
- CINIT(FAILONERROR, LONG, 45), /* no output on http error codes >= 400 */
- CINIT(UPLOAD, LONG, 46), /* this is an upload */
- CINIT(POST, LONG, 47), /* HTTP POST method */
- CINIT(DIRLISTONLY, LONG, 48), /* bare names when listing directories */
-
- CINIT(APPEND, LONG, 50), /* Append instead of overwrite on upload! */
-
- /* Specify whether to read the user+password from the .netrc or the URL.
- * This must be one of the CURL_NETRC_* enums below. */
- CINIT(NETRC, LONG, 51),
-
- CINIT(FOLLOWLOCATION, LONG, 52), /* use Location: Luke! */
-
- CINIT(TRANSFERTEXT, LONG, 53), /* transfer data in text/ASCII format */
- CINIT(PUT, LONG, 54), /* HTTP PUT */
-
- /* 55 = OBSOLETE */
-
- /* DEPRECATED
- * Function that will be called instead of the internal progress display
- * function. This function should be defined as the curl_progress_callback
- * prototype defines. */
- CINIT(PROGRESSFUNCTION, FUNCTIONPOINT, 56),
-
- /* Data passed to the CURLOPT_PROGRESSFUNCTION and CURLOPT_XFERINFOFUNCTION
- callbacks */
- CINIT(PROGRESSDATA, OBJECTPOINT, 57),
-#define CURLOPT_XFERINFODATA CURLOPT_PROGRESSDATA
-
- /* We want the referrer field set automatically when following locations */
- CINIT(AUTOREFERER, LONG, 58),
-
- /* Port of the proxy, can be set in the proxy string as well with:
- "[host]:[port]" */
- CINIT(PROXYPORT, LONG, 59),
-
- /* size of the POST input data, if strlen() is not good to use */
- CINIT(POSTFIELDSIZE, LONG, 60),
-
- /* tunnel non-http operations through a HTTP proxy */
- CINIT(HTTPPROXYTUNNEL, LONG, 61),
-
- /* Set the interface string to use as outgoing network interface */
- CINIT(INTERFACE, STRINGPOINT, 62),
-
- /* Set the krb4/5 security level, this also enables krb4/5 awareness. This
- * is a string, 'clear', 'safe', 'confidential' or 'private'. If the string
- * is set but doesn't match one of these, 'private' will be used. */
- CINIT(KRBLEVEL, STRINGPOINT, 63),
-
- /* Set if we should verify the peer in ssl handshake, set 1 to verify. */
- CINIT(SSL_VERIFYPEER, LONG, 64),
-
- /* The CApath or CAfile used to validate the peer certificate
- this option is used only if SSL_VERIFYPEER is true */
- CINIT(CAINFO, STRINGPOINT, 65),
-
- /* 66 = OBSOLETE */
- /* 67 = OBSOLETE */
-
- /* Maximum number of http redirects to follow */
- CINIT(MAXREDIRS, LONG, 68),
-
- /* Pass a long set to 1 to get the date of the requested document (if
- possible)! Pass a zero to shut it off. */
- CINIT(FILETIME, LONG, 69),
-
- /* This points to a linked list of telnet options */
- CINIT(TELNETOPTIONS, OBJECTPOINT, 70),
-
- /* Max amount of cached alive connections */
- CINIT(MAXCONNECTS, LONG, 71),
-
- CINIT(OBSOLETE72, LONG, 72), /* OBSOLETE, do not use! */
-
- /* 73 = OBSOLETE */
-
- /* Set to explicitly use a new connection for the upcoming transfer.
- Do not use this unless you're absolutely sure of this, as it makes the
- operation slower and is less friendly for the network. */
- CINIT(FRESH_CONNECT, LONG, 74),
-
- /* Set to explicitly forbid the upcoming transfer's connection to be re-used
- when done. Do not use this unless you're absolutely sure of this, as it
- makes the operation slower and is less friendly for the network. */
- CINIT(FORBID_REUSE, LONG, 75),
-
- /* Set to a file name that contains random data for libcurl to use to
- seed the random engine when doing SSL connects. */
- CINIT(RANDOM_FILE, STRINGPOINT, 76),
-
- /* Set to the Entropy Gathering Daemon socket pathname */
- CINIT(EGDSOCKET, STRINGPOINT, 77),
-
- /* Time-out connect operations after this amount of seconds, if connects are
- OK within this time, then fine... This only aborts the connect phase. */
- CINIT(CONNECTTIMEOUT, LONG, 78),
-
- /* Function that will be called to store headers (instead of fwrite). The
- * parameters will use fwrite() syntax, make sure to follow them. */
- CINIT(HEADERFUNCTION, FUNCTIONPOINT, 79),
-
- /* Set this to force the HTTP request to get back to GET. Only really usable
- if POST, PUT or a custom request have been used first.
- */
- CINIT(HTTPGET, LONG, 80),
-
- /* Set if we should verify the Common name from the peer certificate in ssl
- * handshake, set 1 to check existence, 2 to ensure that it matches the
- * provided hostname. */
- CINIT(SSL_VERIFYHOST, LONG, 81),
-
- /* Specify which file name to write all known cookies in after completed
- operation. Set file name to "-" (dash) to make it go to stdout. */
- CINIT(COOKIEJAR, STRINGPOINT, 82),
-
- /* Specify which SSL ciphers to use */
- CINIT(SSL_CIPHER_LIST, STRINGPOINT, 83),
-
- /* Specify which HTTP version to use! This must be set to one of the
- CURL_HTTP_VERSION* enums set below. */
- CINIT(HTTP_VERSION, LONG, 84),
-
- /* Specifically switch on or off the FTP engine's use of the EPSV command. By
- default, that one will always be attempted before the more traditional
- PASV command. */
- CINIT(FTP_USE_EPSV, LONG, 85),
-
- /* type of the file keeping your SSL-certificate ("DER", "PEM", "ENG") */
- CINIT(SSLCERTTYPE, STRINGPOINT, 86),
-
- /* name of the file keeping your private SSL-key */
- CINIT(SSLKEY, STRINGPOINT, 87),
-
- /* type of the file keeping your private SSL-key ("DER", "PEM", "ENG") */
- CINIT(SSLKEYTYPE, STRINGPOINT, 88),
-
- /* crypto engine for the SSL-sub system */
- CINIT(SSLENGINE, STRINGPOINT, 89),
-
- /* set the crypto engine for the SSL-sub system as default
- the param has no meaning...
- */
- CINIT(SSLENGINE_DEFAULT, LONG, 90),
-
- /* Non-zero value means to use the global dns cache */
- CINIT(DNS_USE_GLOBAL_CACHE, LONG, 91), /* DEPRECATED, do not use! */
-
- /* DNS cache timeout */
- CINIT(DNS_CACHE_TIMEOUT, LONG, 92),
-
- /* send linked-list of pre-transfer QUOTE commands */
- CINIT(PREQUOTE, OBJECTPOINT, 93),
-
- /* set the debug function */
- CINIT(DEBUGFUNCTION, FUNCTIONPOINT, 94),
-
- /* set the data for the debug function */
- CINIT(DEBUGDATA, OBJECTPOINT, 95),
-
- /* mark this as start of a cookie session */
- CINIT(COOKIESESSION, LONG, 96),
-
- /* The CApath directory used to validate the peer certificate
- this option is used only if SSL_VERIFYPEER is true */
- CINIT(CAPATH, STRINGPOINT, 97),
-
- /* Instruct libcurl to use a smaller receive buffer */
- CINIT(BUFFERSIZE, LONG, 98),
-
- /* Instruct libcurl to not use any signal/alarm handlers, even when using
- timeouts. This option is useful for multi-threaded applications.
- See libcurl-the-guide for more background information. */
- CINIT(NOSIGNAL, LONG, 99),
-
- /* Provide a CURLShare for mutexing non-ts data */
- CINIT(SHARE, OBJECTPOINT, 100),
-
- /* indicates type of proxy. accepted values are CURLPROXY_HTTP (default),
- CURLPROXY_SOCKS4, CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5. */
- CINIT(PROXYTYPE, LONG, 101),
-
- /* Set the Accept-Encoding string. Use this to tell a server you would like
- the response to be compressed. Before 7.21.6, this was known as
- CURLOPT_ENCODING */
- CINIT(ACCEPT_ENCODING, STRINGPOINT, 102),
-
- /* Set pointer to private data */
- CINIT(PRIVATE, OBJECTPOINT, 103),
-
- /* Set aliases for HTTP 200 in the HTTP Response header */
- CINIT(HTTP200ALIASES, OBJECTPOINT, 104),
-
- /* Continue to send authentication (user+password) when following locations,
- even when hostname changed. This can potentially send off the name
- and password to whatever host the server decides. */
- CINIT(UNRESTRICTED_AUTH, LONG, 105),
-
- /* Specifically switch on or off the FTP engine's use of the EPRT command (
- it also disables the LPRT attempt). By default, those ones will always be
- attempted before the good old traditional PORT command. */
- CINIT(FTP_USE_EPRT, LONG, 106),
-
- /* Set this to a bitmask value to enable the particular authentications
- methods you like. Use this in combination with CURLOPT_USERPWD.
- Note that setting multiple bits may cause extra network round-trips. */
- CINIT(HTTPAUTH, LONG, 107),
-
- /* Set the ssl context callback function, currently only for OpenSSL ssl_ctx
- in second argument. The function must be matching the
- curl_ssl_ctx_callback proto. */
- CINIT(SSL_CTX_FUNCTION, FUNCTIONPOINT, 108),
-
- /* Set the userdata for the ssl context callback function's third
- argument */
- CINIT(SSL_CTX_DATA, OBJECTPOINT, 109),
-
- /* FTP Option that causes missing dirs to be created on the remote server.
- In 7.19.4 we introduced the convenience enums for this option using the
- CURLFTP_CREATE_DIR prefix.
- */
- CINIT(FTP_CREATE_MISSING_DIRS, LONG, 110),
-
- /* Set this to a bitmask value to enable the particular authentications
- methods you like. Use this in combination with CURLOPT_PROXYUSERPWD.
- Note that setting multiple bits may cause extra network round-trips. */
- CINIT(PROXYAUTH, LONG, 111),
-
- /* FTP option that changes the timeout, in seconds, associated with
- getting a response. This is different from transfer timeout time and
- essentially places a demand on the FTP server to acknowledge commands
- in a timely manner. */
- CINIT(FTP_RESPONSE_TIMEOUT, LONG, 112),
-#define CURLOPT_SERVER_RESPONSE_TIMEOUT CURLOPT_FTP_RESPONSE_TIMEOUT
-
- /* Set this option to one of the CURL_IPRESOLVE_* defines (see below) to
- tell libcurl to resolve names to those IP versions only. This only has
- affect on systems with support for more than one, i.e IPv4 _and_ IPv6. */
- CINIT(IPRESOLVE, LONG, 113),
-
- /* Set this option to limit the size of a file that will be downloaded from
- an HTTP or FTP server.
-
- Note there is also _LARGE version which adds large file support for
- platforms which have larger off_t sizes. See MAXFILESIZE_LARGE below. */
- CINIT(MAXFILESIZE, LONG, 114),
-
- /* See the comment for INFILESIZE above, but in short, specifies
- * the size of the file being uploaded. -1 means unknown.
- */
- CINIT(INFILESIZE_LARGE, OFF_T, 115),
-
- /* Sets the continuation offset. There is also a LONG version of this;
- * look above for RESUME_FROM.
- */
- CINIT(RESUME_FROM_LARGE, OFF_T, 116),
-
- /* Sets the maximum size of data that will be downloaded from
- * an HTTP or FTP server. See MAXFILESIZE above for the LONG version.
- */
- CINIT(MAXFILESIZE_LARGE, OFF_T, 117),
-
- /* Set this option to the file name of your .netrc file you want libcurl
- to parse (using the CURLOPT_NETRC option). If not set, libcurl will do
- a poor attempt to find the user's home directory and check for a .netrc
- file in there. */
- CINIT(NETRC_FILE, STRINGPOINT, 118),
-
- /* Enable SSL/TLS for FTP, pick one of:
- CURLUSESSL_TRY - try using SSL, proceed anyway otherwise
- CURLUSESSL_CONTROL - SSL for the control connection or fail
- CURLUSESSL_ALL - SSL for all communication or fail
- */
- CINIT(USE_SSL, LONG, 119),
-
- /* The _LARGE version of the standard POSTFIELDSIZE option */
- CINIT(POSTFIELDSIZE_LARGE, OFF_T, 120),
-
- /* Enable/disable the TCP Nagle algorithm */
- CINIT(TCP_NODELAY, LONG, 121),
-
- /* 122 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */
- /* 123 OBSOLETE. Gone in 7.16.0 */
- /* 124 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */
- /* 125 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */
- /* 126 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */
- /* 127 OBSOLETE. Gone in 7.16.0 */
- /* 128 OBSOLETE. Gone in 7.16.0 */
-
- /* When FTP over SSL/TLS is selected (with CURLOPT_USE_SSL), this option
- can be used to change libcurl's default action which is to first try
- "AUTH SSL" and then "AUTH TLS" in this order, and proceed when a OK
- response has been received.
-
- Available parameters are:
- CURLFTPAUTH_DEFAULT - let libcurl decide
- CURLFTPAUTH_SSL - try "AUTH SSL" first, then TLS
- CURLFTPAUTH_TLS - try "AUTH TLS" first, then SSL
- */
- CINIT(FTPSSLAUTH, LONG, 129),
-
- CINIT(IOCTLFUNCTION, FUNCTIONPOINT, 130),
- CINIT(IOCTLDATA, OBJECTPOINT, 131),
-
- /* 132 OBSOLETE. Gone in 7.16.0 */
- /* 133 OBSOLETE. Gone in 7.16.0 */
-
- /* zero terminated string for pass on to the FTP server when asked for
- "account" info */
- CINIT(FTP_ACCOUNT, STRINGPOINT, 134),
-
- /* feed cookie into cookie engine */
- CINIT(COOKIELIST, STRINGPOINT, 135),
-
- /* ignore Content-Length */
- CINIT(IGNORE_CONTENT_LENGTH, LONG, 136),
-
- /* Set to non-zero to skip the IP address received in a 227 PASV FTP server
- response. Typically used for FTP-SSL purposes but is not restricted to
- that. libcurl will then instead use the same IP address it used for the
- control connection. */
- CINIT(FTP_SKIP_PASV_IP, LONG, 137),
-
- /* Select "file method" to use when doing FTP, see the curl_ftpmethod
- above. */
- CINIT(FTP_FILEMETHOD, LONG, 138),
-
- /* Local port number to bind the socket to */
- CINIT(LOCALPORT, LONG, 139),
-
- /* Number of ports to try, including the first one set with LOCALPORT.
- Thus, setting it to 1 will make no additional attempts but the first.
- */
- CINIT(LOCALPORTRANGE, LONG, 140),
-
- /* no transfer, set up connection and let application use the socket by
- extracting it with CURLINFO_LASTSOCKET */
- CINIT(CONNECT_ONLY, LONG, 141),
-
- /* Function that will be called to convert from the
- network encoding (instead of using the iconv calls in libcurl) */
- CINIT(CONV_FROM_NETWORK_FUNCTION, FUNCTIONPOINT, 142),
-
- /* Function that will be called to convert to the
- network encoding (instead of using the iconv calls in libcurl) */
- CINIT(CONV_TO_NETWORK_FUNCTION, FUNCTIONPOINT, 143),
-
- /* Function that will be called to convert from UTF8
- (instead of using the iconv calls in libcurl)
- Note that this is used only for SSL certificate processing */
- CINIT(CONV_FROM_UTF8_FUNCTION, FUNCTIONPOINT, 144),
-
- /* if the connection proceeds too quickly then need to slow it down */
- /* limit-rate: maximum number of bytes per second to send or receive */
- CINIT(MAX_SEND_SPEED_LARGE, OFF_T, 145),
- CINIT(MAX_RECV_SPEED_LARGE, OFF_T, 146),
-
- /* Pointer to command string to send if USER/PASS fails. */
- CINIT(FTP_ALTERNATIVE_TO_USER, STRINGPOINT, 147),
-
- /* callback function for setting socket options */
- CINIT(SOCKOPTFUNCTION, FUNCTIONPOINT, 148),
- CINIT(SOCKOPTDATA, OBJECTPOINT, 149),
-
- /* set to 0 to disable session ID re-use for this transfer, default is
- enabled (== 1) */
- CINIT(SSL_SESSIONID_CACHE, LONG, 150),
-
- /* allowed SSH authentication methods */
- CINIT(SSH_AUTH_TYPES, LONG, 151),
-
- /* Used by scp/sftp to do public/private key authentication */
- CINIT(SSH_PUBLIC_KEYFILE, STRINGPOINT, 152),
- CINIT(SSH_PRIVATE_KEYFILE, STRINGPOINT, 153),
-
- /* Send CCC (Clear Command Channel) after authentication */
- CINIT(FTP_SSL_CCC, LONG, 154),
-
- /* Same as TIMEOUT and CONNECTTIMEOUT, but with ms resolution */
- CINIT(TIMEOUT_MS, LONG, 155),
- CINIT(CONNECTTIMEOUT_MS, LONG, 156),
-
- /* set to zero to disable the libcurl's decoding and thus pass the raw body
- data to the application even when it is encoded/compressed */
- CINIT(HTTP_TRANSFER_DECODING, LONG, 157),
- CINIT(HTTP_CONTENT_DECODING, LONG, 158),
-
- /* Permission used when creating new files and directories on the remote
- server for protocols that support it, SFTP/SCP/FILE */
- CINIT(NEW_FILE_PERMS, LONG, 159),
- CINIT(NEW_DIRECTORY_PERMS, LONG, 160),
-
- /* Set the behaviour of POST when redirecting. Values must be set to one
- of CURL_REDIR* defines below. This used to be called CURLOPT_POST301 */
- CINIT(POSTREDIR, LONG, 161),
-
- /* used by scp/sftp to verify the host's public key */
- CINIT(SSH_HOST_PUBLIC_KEY_MD5, STRINGPOINT, 162),
-
- /* Callback function for opening socket (instead of socket(2)). Optionally,
- callback is able change the address or refuse to connect returning
- CURL_SOCKET_BAD. The callback should have type
- curl_opensocket_callback */
- CINIT(OPENSOCKETFUNCTION, FUNCTIONPOINT, 163),
- CINIT(OPENSOCKETDATA, OBJECTPOINT, 164),
-
- /* POST volatile input fields. */
- CINIT(COPYPOSTFIELDS, OBJECTPOINT, 165),
-
- /* set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy */
- CINIT(PROXY_TRANSFER_MODE, LONG, 166),
-
- /* Callback function for seeking in the input stream */
- CINIT(SEEKFUNCTION, FUNCTIONPOINT, 167),
- CINIT(SEEKDATA, OBJECTPOINT, 168),
-
- /* CRL file */
- CINIT(CRLFILE, STRINGPOINT, 169),
-
- /* Issuer certificate */
- CINIT(ISSUERCERT, STRINGPOINT, 170),
-
- /* (IPv6) Address scope */
- CINIT(ADDRESS_SCOPE, LONG, 171),
-
- /* Collect certificate chain info and allow it to get retrievable with
- CURLINFO_CERTINFO after the transfer is complete. */
- CINIT(CERTINFO, LONG, 172),
-
- /* "name" and "pwd" to use when fetching. */
- CINIT(USERNAME, STRINGPOINT, 173),
- CINIT(PASSWORD, STRINGPOINT, 174),
-
- /* "name" and "pwd" to use with Proxy when fetching. */
- CINIT(PROXYUSERNAME, STRINGPOINT, 175),
- CINIT(PROXYPASSWORD, STRINGPOINT, 176),
-
- /* Comma separated list of hostnames defining no-proxy zones. These should
- match both hostnames directly, and hostnames within a domain. For
- example, local.com will match local.com and www.local.com, but NOT
- notlocal.com or www.notlocal.com. For compatibility with other
- implementations of this, .local.com will be considered to be the same as
- local.com. A single * is the only valid wildcard, and effectively
- disables the use of proxy. */
- CINIT(NOPROXY, STRINGPOINT, 177),
-
- /* block size for TFTP transfers */
- CINIT(TFTP_BLKSIZE, LONG, 178),
-
- /* Socks Service */
- CINIT(SOCKS5_GSSAPI_SERVICE, STRINGPOINT, 179), /* DEPRECATED, do not use! */
-
- /* Socks Service */
- CINIT(SOCKS5_GSSAPI_NEC, LONG, 180),
-
- /* set the bitmask for the protocols that are allowed to be used for the
- transfer, which thus helps the app which takes URLs from users or other
- external inputs and want to restrict what protocol(s) to deal
- with. Defaults to CURLPROTO_ALL. */
- CINIT(PROTOCOLS, LONG, 181),
-
- /* set the bitmask for the protocols that libcurl is allowed to follow to,
- as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs
- to be set in both bitmasks to be allowed to get redirected to. Defaults
- to all protocols except FILE and SCP. */
- CINIT(REDIR_PROTOCOLS, LONG, 182),
-
- /* set the SSH knownhost file name to use */
- CINIT(SSH_KNOWNHOSTS, STRINGPOINT, 183),
-
- /* set the SSH host key callback, must point to a curl_sshkeycallback
- function */
- CINIT(SSH_KEYFUNCTION, FUNCTIONPOINT, 184),
-
- /* set the SSH host key callback custom pointer */
- CINIT(SSH_KEYDATA, OBJECTPOINT, 185),
-
- /* set the SMTP mail originator */
- CINIT(MAIL_FROM, STRINGPOINT, 186),
-
- /* set the list of SMTP mail receiver(s) */
- CINIT(MAIL_RCPT, OBJECTPOINT, 187),
-
- /* FTP: send PRET before PASV */
- CINIT(FTP_USE_PRET, LONG, 188),
-
- /* RTSP request method (OPTIONS, SETUP, PLAY, etc...) */
- CINIT(RTSP_REQUEST, LONG, 189),
-
- /* The RTSP session identifier */
- CINIT(RTSP_SESSION_ID, STRINGPOINT, 190),
-
- /* The RTSP stream URI */
- CINIT(RTSP_STREAM_URI, STRINGPOINT, 191),
-
- /* The Transport: header to use in RTSP requests */
- CINIT(RTSP_TRANSPORT, STRINGPOINT, 192),
-
- /* Manually initialize the client RTSP CSeq for this handle */
- CINIT(RTSP_CLIENT_CSEQ, LONG, 193),
-
- /* Manually initialize the server RTSP CSeq for this handle */
- CINIT(RTSP_SERVER_CSEQ, LONG, 194),
-
- /* The stream to pass to INTERLEAVEFUNCTION. */
- CINIT(INTERLEAVEDATA, OBJECTPOINT, 195),
-
- /* Let the application define a custom write method for RTP data */
- CINIT(INTERLEAVEFUNCTION, FUNCTIONPOINT, 196),
-
- /* Turn on wildcard matching */
- CINIT(WILDCARDMATCH, LONG, 197),
-
- /* Directory matching callback called before downloading of an
- individual file (chunk) started */
- CINIT(CHUNK_BGN_FUNCTION, FUNCTIONPOINT, 198),
-
- /* Directory matching callback called after the file (chunk)
- was downloaded, or skipped */
- CINIT(CHUNK_END_FUNCTION, FUNCTIONPOINT, 199),
-
- /* Change match (fnmatch-like) callback for wildcard matching */
- CINIT(FNMATCH_FUNCTION, FUNCTIONPOINT, 200),
-
- /* Let the application define custom chunk data pointer */
- CINIT(CHUNK_DATA, OBJECTPOINT, 201),
-
- /* FNMATCH_FUNCTION user pointer */
- CINIT(FNMATCH_DATA, OBJECTPOINT, 202),
-
- /* send linked-list of name:port:address sets */
- CINIT(RESOLVE, OBJECTPOINT, 203),
-
- /* Set a username for authenticated TLS */
- CINIT(TLSAUTH_USERNAME, STRINGPOINT, 204),
-
- /* Set a password for authenticated TLS */
- CINIT(TLSAUTH_PASSWORD, STRINGPOINT, 205),
-
- /* Set authentication type for authenticated TLS */
- CINIT(TLSAUTH_TYPE, STRINGPOINT, 206),
-
- /* Set to 1 to enable the "TE:" header in HTTP requests to ask for
- compressed transfer-encoded responses. Set to 0 to disable the use of TE:
- in outgoing requests. The current default is 0, but it might change in a
- future libcurl release.
-
- libcurl will ask for the compressed methods it knows of, and if that
- isn't any, it will not ask for transfer-encoding at all even if this
- option is set to 1.
-
- */
- CINIT(TRANSFER_ENCODING, LONG, 207),
-
- /* Callback function for closing socket (instead of close(2)). The callback
- should have type curl_closesocket_callback */
- CINIT(CLOSESOCKETFUNCTION, FUNCTIONPOINT, 208),
- CINIT(CLOSESOCKETDATA, OBJECTPOINT, 209),
-
- /* allow GSSAPI credential delegation */
- CINIT(GSSAPI_DELEGATION, LONG, 210),
-
- /* Set the name servers to use for DNS resolution */
- CINIT(DNS_SERVERS, STRINGPOINT, 211),
-
- /* Time-out accept operations (currently for FTP only) after this amount
- of miliseconds. */
- CINIT(ACCEPTTIMEOUT_MS, LONG, 212),
-
- /* Set TCP keepalive */
- CINIT(TCP_KEEPALIVE, LONG, 213),
-
- /* non-universal keepalive knobs (Linux, AIX, HP-UX, more) */
- CINIT(TCP_KEEPIDLE, LONG, 214),
- CINIT(TCP_KEEPINTVL, LONG, 215),
-
- /* Enable/disable specific SSL features with a bitmask, see CURLSSLOPT_* */
- CINIT(SSL_OPTIONS, LONG, 216),
-
- /* Set the SMTP auth originator */
- CINIT(MAIL_AUTH, STRINGPOINT, 217),
-
- /* Enable/disable SASL initial response */
- CINIT(SASL_IR, LONG, 218),
-
- /* Function that will be called instead of the internal progress display
- * function. This function should be defined as the curl_xferinfo_callback
- * prototype defines. (Deprecates CURLOPT_PROGRESSFUNCTION) */
- CINIT(XFERINFOFUNCTION, FUNCTIONPOINT, 219),
-
- /* The XOAUTH2 bearer token */
- CINIT(XOAUTH2_BEARER, STRINGPOINT, 220),
-
- /* Set the interface string to use as outgoing network
- * interface for DNS requests.
- * Only supported by the c-ares DNS backend */
- CINIT(DNS_INTERFACE, STRINGPOINT, 221),
-
- /* Set the local IPv4 address to use for outgoing DNS requests.
- * Only supported by the c-ares DNS backend */
- CINIT(DNS_LOCAL_IP4, STRINGPOINT, 222),
-
- /* Set the local IPv4 address to use for outgoing DNS requests.
- * Only supported by the c-ares DNS backend */
- CINIT(DNS_LOCAL_IP6, STRINGPOINT, 223),
-
- /* Set authentication options directly */
- CINIT(LOGIN_OPTIONS, STRINGPOINT, 224),
-
- /* Enable/disable TLS NPN extension (http2 over ssl might fail without) */
- CINIT(SSL_ENABLE_NPN, LONG, 225),
-
- /* Enable/disable TLS ALPN extension (http2 over ssl might fail without) */
- CINIT(SSL_ENABLE_ALPN, LONG, 226),
-
- /* Time to wait for a response to a HTTP request containing an
- * Expect: 100-continue header before sending the data anyway. */
- CINIT(EXPECT_100_TIMEOUT_MS, LONG, 227),
-
- /* This points to a linked list of headers used for proxy requests only,
- struct curl_slist kind */
- CINIT(PROXYHEADER, OBJECTPOINT, 228),
-
- /* Pass in a bitmask of "header options" */
- CINIT(HEADEROPT, LONG, 229),
-
- /* The public key in DER form used to validate the peer public key
- this option is used only if SSL_VERIFYPEER is true */
- CINIT(PINNEDPUBLICKEY, STRINGPOINT, 230),
-
- /* Path to Unix domain socket */
- CINIT(UNIX_SOCKET_PATH, STRINGPOINT, 231),
-
- /* Set if we should verify the certificate status. */
- CINIT(SSL_VERIFYSTATUS, LONG, 232),
-
- /* Set if we should enable TLS false start. */
- CINIT(SSL_FALSESTART, LONG, 233),
-
- /* Do not squash dot-dot sequences */
- CINIT(PATH_AS_IS, LONG, 234),
-
- /* Proxy Service Name */
- CINIT(PROXY_SERVICE_NAME, STRINGPOINT, 235),
-
- /* Service Name */
- CINIT(SERVICE_NAME, STRINGPOINT, 236),
-
- /* Wait/don't wait for pipe/mutex to clarify */
- CINIT(PIPEWAIT, LONG, 237),
-
- /* Set the protocol used when curl is given a URL without a protocol */
- CINIT(DEFAULT_PROTOCOL, STRINGPOINT, 238),
-
- /* Set stream weight, 1 - 256 (default is 16) */
- CINIT(STREAM_WEIGHT, LONG, 239),
-
- /* Set stream dependency on another CURL handle */
- CINIT(STREAM_DEPENDS, OBJECTPOINT, 240),
-
- /* Set E-xclusive stream dependency on another CURL handle */
- CINIT(STREAM_DEPENDS_E, OBJECTPOINT, 241),
-
- /* Do not send any tftp option requests to the server */
- CINIT(TFTP_NO_OPTIONS, LONG, 242),
-
- /* Linked-list of host:port:connect-to-host:connect-to-port,
- overrides the URL's host:port (only for the network layer) */
- CINIT(CONNECT_TO, OBJECTPOINT, 243),
-
- /* Set TCP Fast Open */
- CINIT(TCP_FASTOPEN, LONG, 244),
-
- CURLOPT_LASTENTRY /* the last unused */
-} CURLoption;
-
-#ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
- the obsolete stuff removed! */
-
-/* Backwards compatibility with older names */
-/* These are scheduled to disappear by 2011 */
-
-/* This was added in version 7.19.1 */
-#define CURLOPT_POST301 CURLOPT_POSTREDIR
-
-/* These are scheduled to disappear by 2009 */
-
-/* The following were added in 7.17.0 */
-#define CURLOPT_SSLKEYPASSWD CURLOPT_KEYPASSWD
-#define CURLOPT_FTPAPPEND CURLOPT_APPEND
-#define CURLOPT_FTPLISTONLY CURLOPT_DIRLISTONLY
-#define CURLOPT_FTP_SSL CURLOPT_USE_SSL
-
-/* The following were added earlier */
-
-#define CURLOPT_SSLCERTPASSWD CURLOPT_KEYPASSWD
-#define CURLOPT_KRB4LEVEL CURLOPT_KRBLEVEL
-
-#else
-/* This is set if CURL_NO_OLDIES is defined at compile-time */
-#undef CURLOPT_DNS_USE_GLOBAL_CACHE /* soon obsolete */
-#endif
-
-
- /* Below here follows defines for the CURLOPT_IPRESOLVE option. If a host
- name resolves addresses using more than one IP protocol version, this
- option might be handy to force libcurl to use a specific IP version. */
-#define CURL_IPRESOLVE_WHATEVER 0 /* default, resolves addresses to all IP
- versions that your system allows */
-#define CURL_IPRESOLVE_V4 1 /* resolve to IPv4 addresses */
-#define CURL_IPRESOLVE_V6 2 /* resolve to IPv6 addresses */
-
- /* three convenient "aliases" that follow the name scheme better */
-#define CURLOPT_RTSPHEADER CURLOPT_HTTPHEADER
-
- /* These enums are for use with the CURLOPT_HTTP_VERSION option. */
-enum {
- CURL_HTTP_VERSION_NONE, /* setting this means we don't care, and that we'd
- like the library to choose the best possible
- for us! */
- CURL_HTTP_VERSION_1_0, /* please use HTTP 1.0 in the request */
- CURL_HTTP_VERSION_1_1, /* please use HTTP 1.1 in the request */
- CURL_HTTP_VERSION_2_0, /* please use HTTP 2 in the request */
- CURL_HTTP_VERSION_2TLS, /* use version 2 for HTTPS, version 1.1 for HTTP */
- CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE, /* please use HTTP 2 without HTTP/1.1
- Upgrade */
-
- CURL_HTTP_VERSION_LAST /* *ILLEGAL* http version */
-};
-
-/* Convenience definition simple because the name of the version is HTTP/2 and
- not 2.0. The 2_0 version of the enum name was set while the version was
- still planned to be 2.0 and we stick to it for compatibility. */
-#define CURL_HTTP_VERSION_2 CURL_HTTP_VERSION_2_0
-
-/*
- * Public API enums for RTSP requests
- */
-enum {
- CURL_RTSPREQ_NONE, /* first in list */
- CURL_RTSPREQ_OPTIONS,
- CURL_RTSPREQ_DESCRIBE,
- CURL_RTSPREQ_ANNOUNCE,
- CURL_RTSPREQ_SETUP,
- CURL_RTSPREQ_PLAY,
- CURL_RTSPREQ_PAUSE,
- CURL_RTSPREQ_TEARDOWN,
- CURL_RTSPREQ_GET_PARAMETER,
- CURL_RTSPREQ_SET_PARAMETER,
- CURL_RTSPREQ_RECORD,
- CURL_RTSPREQ_RECEIVE,
- CURL_RTSPREQ_LAST /* last in list */
-};
-
- /* These enums are for use with the CURLOPT_NETRC option. */
-enum CURL_NETRC_OPTION {
- CURL_NETRC_IGNORED, /* The .netrc will never be read.
- * This is the default. */
- CURL_NETRC_OPTIONAL, /* A user:password in the URL will be preferred
- * to one in the .netrc. */
- CURL_NETRC_REQUIRED, /* A user:password in the URL will be ignored.
- * Unless one is set programmatically, the .netrc
- * will be queried. */
- CURL_NETRC_LAST
-};
-
-enum {
- CURL_SSLVERSION_DEFAULT,
- CURL_SSLVERSION_TLSv1, /* TLS 1.x */
- CURL_SSLVERSION_SSLv2,
- CURL_SSLVERSION_SSLv3,
- CURL_SSLVERSION_TLSv1_0,
- CURL_SSLVERSION_TLSv1_1,
- CURL_SSLVERSION_TLSv1_2,
-
- CURL_SSLVERSION_LAST /* never use, keep last */
-};
-
-enum CURL_TLSAUTH {
- CURL_TLSAUTH_NONE,
- CURL_TLSAUTH_SRP,
- CURL_TLSAUTH_LAST /* never use, keep last */
-};
-
-/* symbols to use with CURLOPT_POSTREDIR.
- CURL_REDIR_POST_301, CURL_REDIR_POST_302 and CURL_REDIR_POST_303
- can be bitwise ORed so that CURL_REDIR_POST_301 | CURL_REDIR_POST_302
- | CURL_REDIR_POST_303 == CURL_REDIR_POST_ALL */
-
-#define CURL_REDIR_GET_ALL 0
-#define CURL_REDIR_POST_301 1
-#define CURL_REDIR_POST_302 2
-#define CURL_REDIR_POST_303 4
-#define CURL_REDIR_POST_ALL \
- (CURL_REDIR_POST_301|CURL_REDIR_POST_302|CURL_REDIR_POST_303)
-
-typedef enum {
- CURL_TIMECOND_NONE,
-
- CURL_TIMECOND_IFMODSINCE,
- CURL_TIMECOND_IFUNMODSINCE,
- CURL_TIMECOND_LASTMOD,
-
- CURL_TIMECOND_LAST
-} curl_TimeCond;
-
-
-/* curl_strequal() and curl_strnequal() are subject for removal in a future
- libcurl, see lib/README.curlx for details */
-CURL_EXTERN int (curl_strequal)(const char *s1, const char *s2);
-CURL_EXTERN int (curl_strnequal)(const char *s1, const char *s2, size_t n);
-
-/* name is uppercase CURLFORM_<name> */
-#ifdef CFINIT
-#undef CFINIT
-#endif
-
-#ifdef CURL_ISOCPP
-#define CFINIT(name) CURLFORM_ ## name
-#else
-/* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */
-#define CFINIT(name) CURLFORM_/**/name
-#endif
-
-typedef enum {
- CFINIT(NOTHING), /********* the first one is unused ************/
-
- /* */
- CFINIT(COPYNAME),
- CFINIT(PTRNAME),
- CFINIT(NAMELENGTH),
- CFINIT(COPYCONTENTS),
- CFINIT(PTRCONTENTS),
- CFINIT(CONTENTSLENGTH),
- CFINIT(FILECONTENT),
- CFINIT(ARRAY),
- CFINIT(OBSOLETE),
- CFINIT(FILE),
-
- CFINIT(BUFFER),
- CFINIT(BUFFERPTR),
- CFINIT(BUFFERLENGTH),
-
- CFINIT(CONTENTTYPE),
- CFINIT(CONTENTHEADER),
- CFINIT(FILENAME),
- CFINIT(END),
- CFINIT(OBSOLETE2),
-
- CFINIT(STREAM),
- CFINIT(CONTENTLEN), /* added in 7.46.0, provide a curl_off_t length */
-
- CURLFORM_LASTENTRY /* the last unused */
-} CURLformoption;
-
-#undef CFINIT /* done */
-
-/* structure to be used as parameter for CURLFORM_ARRAY */
-struct curl_forms {
- CURLformoption option;
- const char *value;
-};
-
-/* use this for multipart formpost building */
-/* Returns code for curl_formadd()
- *
- * Returns:
- * CURL_FORMADD_OK on success
- * CURL_FORMADD_MEMORY if the FormInfo allocation fails
- * CURL_FORMADD_OPTION_TWICE if one option is given twice for one Form
- * CURL_FORMADD_NULL if a null pointer was given for a char
- * CURL_FORMADD_MEMORY if the allocation of a FormInfo struct failed
- * CURL_FORMADD_UNKNOWN_OPTION if an unknown option was used
- * CURL_FORMADD_INCOMPLETE if the some FormInfo is not complete (or error)
- * CURL_FORMADD_MEMORY if a curl_httppost struct cannot be allocated
- * CURL_FORMADD_MEMORY if some allocation for string copying failed.
- * CURL_FORMADD_ILLEGAL_ARRAY if an illegal option is used in an array
- *
- ***************************************************************************/
-typedef enum {
- CURL_FORMADD_OK, /* first, no error */
-
- CURL_FORMADD_MEMORY,
- CURL_FORMADD_OPTION_TWICE,
- CURL_FORMADD_NULL,
- CURL_FORMADD_UNKNOWN_OPTION,
- CURL_FORMADD_INCOMPLETE,
- CURL_FORMADD_ILLEGAL_ARRAY,
- CURL_FORMADD_DISABLED, /* libcurl was built with this disabled */
-
- CURL_FORMADD_LAST /* last */
-} CURLFORMcode;
-
-/*
- * NAME curl_formadd()
- *
- * DESCRIPTION
- *
- * Pretty advanced function for building multi-part formposts. Each invoke
- * adds one part that together construct a full post. Then use
- * CURLOPT_HTTPPOST to send it off to libcurl.
- */
-CURL_EXTERN CURLFORMcode curl_formadd(struct curl_httppost **httppost,
- struct curl_httppost **last_post,
- ...);
-
-/*
- * callback function for curl_formget()
- * The void *arg pointer will be the one passed as second argument to
- * curl_formget().
- * The character buffer passed to it must not be freed.
- * Should return the buffer length passed to it as the argument "len" on
- * success.
- */
-typedef size_t (*curl_formget_callback)(void *arg, const char *buf,
- size_t len);
-
-/*
- * NAME curl_formget()
- *
- * DESCRIPTION
- *
- * Serialize a curl_httppost struct built with curl_formadd().
- * Accepts a void pointer as second argument which will be passed to
- * the curl_formget_callback function.
- * Returns 0 on success.
- */
-CURL_EXTERN int curl_formget(struct curl_httppost *form, void *arg,
- curl_formget_callback append);
-/*
- * NAME curl_formfree()
- *
- * DESCRIPTION
- *
- * Free a multipart formpost previously built with curl_formadd().
- */
-CURL_EXTERN void curl_formfree(struct curl_httppost *form);
-
-/*
- * NAME curl_getenv()
- *
- * DESCRIPTION
- *
- * Returns a malloc()'ed string that MUST be curl_free()ed after usage is
- * complete. DEPRECATED - see lib/README.curlx
- */
-CURL_EXTERN char *curl_getenv(const char *variable);
-
-/*
- * NAME curl_version()
- *
- * DESCRIPTION
- *
- * Returns a static ascii string of the libcurl version.
- */
-CURL_EXTERN char *curl_version(void);
-
-/*
- * NAME curl_easy_escape()
- *
- * DESCRIPTION
- *
- * Escapes URL strings (converts all letters consider illegal in URLs to their
- * %XX versions). This function returns a new allocated string or NULL if an
- * error occurred.
- */
-CURL_EXTERN char *curl_easy_escape(CURL *handle,
- const char *string,
- int length);
-
-/* the previous version: */
-CURL_EXTERN char *curl_escape(const char *string,
- int length);
-
-
-/*
- * NAME curl_easy_unescape()
- *
- * DESCRIPTION
- *
- * Unescapes URL encoding in strings (converts all %XX codes to their 8bit
- * versions). This function returns a new allocated string or NULL if an error
- * occurred.
- * Conversion Note: On non-ASCII platforms the ASCII %XX codes are
- * converted into the host encoding.
- */
-CURL_EXTERN char *curl_easy_unescape(CURL *handle,
- const char *string,
- int length,
- int *outlength);
-
-/* the previous version */
-CURL_EXTERN char *curl_unescape(const char *string,
- int length);
-
-/*
- * NAME curl_free()
- *
- * DESCRIPTION
- *
- * Provided for de-allocation in the same translation unit that did the
- * allocation. Added in libcurl 7.10
- */
-CURL_EXTERN void curl_free(void *p);
-
-/*
- * NAME curl_global_init()
- *
- * DESCRIPTION
- *
- * curl_global_init() should be invoked exactly once for each application that
- * uses libcurl and before any call of other libcurl functions.
- *
- * This function is not thread-safe!
- */
-CURL_EXTERN CURLcode curl_global_init(long flags);
-
-/*
- * NAME curl_global_init_mem()
- *
- * DESCRIPTION
- *
- * curl_global_init() or curl_global_init_mem() should be invoked exactly once
- * for each application that uses libcurl. This function can be used to
- * initialize libcurl and set user defined memory management callback
- * functions. Users can implement memory management routines to check for
- * memory leaks, check for mis-use of the curl library etc. User registered
- * callback routines with be invoked by this library instead of the system
- * memory management routines like malloc, free etc.
- */
-CURL_EXTERN CURLcode curl_global_init_mem(long flags,
- curl_malloc_callback m,
- curl_free_callback f,
- curl_realloc_callback r,
- curl_strdup_callback s,
- curl_calloc_callback c);
-
-/*
- * NAME curl_global_cleanup()
- *
- * DESCRIPTION
- *
- * curl_global_cleanup() should be invoked exactly once for each application
- * that uses libcurl
- */
-CURL_EXTERN void curl_global_cleanup(void);
-
-/* linked-list structure for the CURLOPT_QUOTE option (and other) */
-struct curl_slist {
- char *data;
- struct curl_slist *next;
-};
-
-/*
- * NAME curl_slist_append()
- *
- * DESCRIPTION
- *
- * Appends a string to a linked list. If no list exists, it will be created
- * first. Returns the new list, after appending.
- */
-CURL_EXTERN struct curl_slist *curl_slist_append(struct curl_slist *,
- const char *);
-
-/*
- * NAME curl_slist_free_all()
- *
- * DESCRIPTION
- *
- * free a previously built curl_slist.
- */
-CURL_EXTERN void curl_slist_free_all(struct curl_slist *);
-
-/*
- * NAME curl_getdate()
- *
- * DESCRIPTION
- *
- * Returns the time, in seconds since 1 Jan 1970 of the time string given in
- * the first argument. The time argument in the second parameter is unused
- * and should be set to NULL.
- */
-CURL_EXTERN time_t curl_getdate(const char *p, const time_t *unused);
-
-/* info about the certificate chain, only for OpenSSL builds. Asked
- for with CURLOPT_CERTINFO / CURLINFO_CERTINFO */
-struct curl_certinfo {
- int num_of_certs; /* number of certificates with information */
- struct curl_slist **certinfo; /* for each index in this array, there's a
- linked list with textual information in the
- format "name: value" */
-};
-
-/* enum for the different supported SSL backends */
-typedef enum {
- CURLSSLBACKEND_NONE = 0,
- CURLSSLBACKEND_OPENSSL = 1,
- CURLSSLBACKEND_GNUTLS = 2,
- CURLSSLBACKEND_NSS = 3,
- CURLSSLBACKEND_OBSOLETE4 = 4, /* Was QSOSSL. */
- CURLSSLBACKEND_GSKIT = 5,
- CURLSSLBACKEND_POLARSSL = 6,
- CURLSSLBACKEND_CYASSL = 7,
- CURLSSLBACKEND_SCHANNEL = 8,
- CURLSSLBACKEND_DARWINSSL = 9,
- CURLSSLBACKEND_AXTLS = 10,
- CURLSSLBACKEND_MBEDTLS = 11
-} curl_sslbackend;
-
-/* aliases for library clones and renames */
-#define CURLSSLBACKEND_LIBRESSL 1
-#define CURLSSLBACKEND_BORINGSSL 1
-#define CURLSSLBACKEND_WOLFSSL 6
-
-/* Information about the SSL library used and the respective internal SSL
- handle, which can be used to obtain further information regarding the
- connection. Asked for with CURLINFO_TLS_SSL_PTR or CURLINFO_TLS_SESSION. */
-struct curl_tlssessioninfo {
- curl_sslbackend backend;
- void *internals;
-};
-
-#define CURLINFO_STRING 0x100000
-#define CURLINFO_LONG 0x200000
-#define CURLINFO_DOUBLE 0x300000
-#define CURLINFO_SLIST 0x400000
-#define CURLINFO_SOCKET 0x500000
-#define CURLINFO_MASK 0x0fffff
-#define CURLINFO_TYPEMASK 0xf00000
-
-typedef enum {
- CURLINFO_NONE, /* first, never use this */
- CURLINFO_EFFECTIVE_URL = CURLINFO_STRING + 1,
- CURLINFO_RESPONSE_CODE = CURLINFO_LONG + 2,
- CURLINFO_TOTAL_TIME = CURLINFO_DOUBLE + 3,
- CURLINFO_NAMELOOKUP_TIME = CURLINFO_DOUBLE + 4,
- CURLINFO_CONNECT_TIME = CURLINFO_DOUBLE + 5,
- CURLINFO_PRETRANSFER_TIME = CURLINFO_DOUBLE + 6,
- CURLINFO_SIZE_UPLOAD = CURLINFO_DOUBLE + 7,
- CURLINFO_SIZE_DOWNLOAD = CURLINFO_DOUBLE + 8,
- CURLINFO_SPEED_DOWNLOAD = CURLINFO_DOUBLE + 9,
- CURLINFO_SPEED_UPLOAD = CURLINFO_DOUBLE + 10,
- CURLINFO_HEADER_SIZE = CURLINFO_LONG + 11,
- CURLINFO_REQUEST_SIZE = CURLINFO_LONG + 12,
- CURLINFO_SSL_VERIFYRESULT = CURLINFO_LONG + 13,
- CURLINFO_FILETIME = CURLINFO_LONG + 14,
- CURLINFO_CONTENT_LENGTH_DOWNLOAD = CURLINFO_DOUBLE + 15,
- CURLINFO_CONTENT_LENGTH_UPLOAD = CURLINFO_DOUBLE + 16,
- CURLINFO_STARTTRANSFER_TIME = CURLINFO_DOUBLE + 17,
- CURLINFO_CONTENT_TYPE = CURLINFO_STRING + 18,
- CURLINFO_REDIRECT_TIME = CURLINFO_DOUBLE + 19,
- CURLINFO_REDIRECT_COUNT = CURLINFO_LONG + 20,
- CURLINFO_PRIVATE = CURLINFO_STRING + 21,
- CURLINFO_HTTP_CONNECTCODE = CURLINFO_LONG + 22,
- CURLINFO_HTTPAUTH_AVAIL = CURLINFO_LONG + 23,
- CURLINFO_PROXYAUTH_AVAIL = CURLINFO_LONG + 24,
- CURLINFO_OS_ERRNO = CURLINFO_LONG + 25,
- CURLINFO_NUM_CONNECTS = CURLINFO_LONG + 26,
- CURLINFO_SSL_ENGINES = CURLINFO_SLIST + 27,
- CURLINFO_COOKIELIST = CURLINFO_SLIST + 28,
- CURLINFO_LASTSOCKET = CURLINFO_LONG + 29,
- CURLINFO_FTP_ENTRY_PATH = CURLINFO_STRING + 30,
- CURLINFO_REDIRECT_URL = CURLINFO_STRING + 31,
- CURLINFO_PRIMARY_IP = CURLINFO_STRING + 32,
- CURLINFO_APPCONNECT_TIME = CURLINFO_DOUBLE + 33,
- CURLINFO_CERTINFO = CURLINFO_SLIST + 34,
- CURLINFO_CONDITION_UNMET = CURLINFO_LONG + 35,
- CURLINFO_RTSP_SESSION_ID = CURLINFO_STRING + 36,
- CURLINFO_RTSP_CLIENT_CSEQ = CURLINFO_LONG + 37,
- CURLINFO_RTSP_SERVER_CSEQ = CURLINFO_LONG + 38,
- CURLINFO_RTSP_CSEQ_RECV = CURLINFO_LONG + 39,
- CURLINFO_PRIMARY_PORT = CURLINFO_LONG + 40,
- CURLINFO_LOCAL_IP = CURLINFO_STRING + 41,
- CURLINFO_LOCAL_PORT = CURLINFO_LONG + 42,
- CURLINFO_TLS_SESSION = CURLINFO_SLIST + 43,
- CURLINFO_ACTIVESOCKET = CURLINFO_SOCKET + 44,
- CURLINFO_TLS_SSL_PTR = CURLINFO_SLIST + 45,
- CURLINFO_HTTP_VERSION = CURLINFO_LONG + 46,
- /* Fill in new entries below here! */
-
- CURLINFO_LASTONE = 46
-} CURLINFO;
-
-/* CURLINFO_RESPONSE_CODE is the new name for the option previously known as
- CURLINFO_HTTP_CODE */
-#define CURLINFO_HTTP_CODE CURLINFO_RESPONSE_CODE
-
-typedef enum {
- CURLCLOSEPOLICY_NONE, /* first, never use this */
-
- CURLCLOSEPOLICY_OLDEST,
- CURLCLOSEPOLICY_LEAST_RECENTLY_USED,
- CURLCLOSEPOLICY_LEAST_TRAFFIC,
- CURLCLOSEPOLICY_SLOWEST,
- CURLCLOSEPOLICY_CALLBACK,
-
- CURLCLOSEPOLICY_LAST /* last, never use this */
-} curl_closepolicy;
-
-#define CURL_GLOBAL_SSL (1<<0)
-#define CURL_GLOBAL_WIN32 (1<<1)
-#define CURL_GLOBAL_ALL (CURL_GLOBAL_SSL|CURL_GLOBAL_WIN32)
-#define CURL_GLOBAL_NOTHING 0
-#define CURL_GLOBAL_DEFAULT CURL_GLOBAL_ALL
-#define CURL_GLOBAL_ACK_EINTR (1<<2)
-
-
-/*****************************************************************************
- * Setup defines, protos etc for the sharing stuff.
- */
-
-/* Different data locks for a single share */
-typedef enum {
- CURL_LOCK_DATA_NONE = 0,
- /* CURL_LOCK_DATA_SHARE is used internally to say that
- * the locking is just made to change the internal state of the share
- * itself.
- */
- CURL_LOCK_DATA_SHARE,
- CURL_LOCK_DATA_COOKIE,
- CURL_LOCK_DATA_DNS,
- CURL_LOCK_DATA_SSL_SESSION,
- CURL_LOCK_DATA_CONNECT,
- CURL_LOCK_DATA_LAST
-} curl_lock_data;
-
-/* Different lock access types */
-typedef enum {
- CURL_LOCK_ACCESS_NONE = 0, /* unspecified action */
- CURL_LOCK_ACCESS_SHARED = 1, /* for read perhaps */
- CURL_LOCK_ACCESS_SINGLE = 2, /* for write perhaps */
- CURL_LOCK_ACCESS_LAST /* never use */
-} curl_lock_access;
-
-typedef void (*curl_lock_function)(CURL *handle,
- curl_lock_data data,
- curl_lock_access locktype,
- void *userptr);
-typedef void (*curl_unlock_function)(CURL *handle,
- curl_lock_data data,
- void *userptr);
-
-
-typedef enum {
- CURLSHE_OK, /* all is fine */
- CURLSHE_BAD_OPTION, /* 1 */
- CURLSHE_IN_USE, /* 2 */
- CURLSHE_INVALID, /* 3 */
- CURLSHE_NOMEM, /* 4 out of memory */
- CURLSHE_NOT_BUILT_IN, /* 5 feature not present in lib */
- CURLSHE_LAST /* never use */
-} CURLSHcode;
-
-typedef enum {
- CURLSHOPT_NONE, /* don't use */
- CURLSHOPT_SHARE, /* specify a data type to share */
- CURLSHOPT_UNSHARE, /* specify which data type to stop sharing */
- CURLSHOPT_LOCKFUNC, /* pass in a 'curl_lock_function' pointer */
- CURLSHOPT_UNLOCKFUNC, /* pass in a 'curl_unlock_function' pointer */
- CURLSHOPT_USERDATA, /* pass in a user data pointer used in the lock/unlock
- callback functions */
- CURLSHOPT_LAST /* never use */
-} CURLSHoption;
-
-CURL_EXTERN CURLSH *curl_share_init(void);
-CURL_EXTERN CURLSHcode curl_share_setopt(CURLSH *, CURLSHoption option, ...);
-CURL_EXTERN CURLSHcode curl_share_cleanup(CURLSH *);
-
-/****************************************************************************
- * Structures for querying information about the curl library at runtime.
- */
-
-typedef enum {
- CURLVERSION_FIRST,
- CURLVERSION_SECOND,
- CURLVERSION_THIRD,
- CURLVERSION_FOURTH,
- CURLVERSION_LAST /* never actually use this */
-} CURLversion;
-
-/* The 'CURLVERSION_NOW' is the symbolic name meant to be used by
- basically all programs ever that want to get version information. It is
- meant to be a built-in version number for what kind of struct the caller
- expects. If the struct ever changes, we redefine the NOW to another enum
- from above. */
-#define CURLVERSION_NOW CURLVERSION_FOURTH
-
-typedef struct {
- CURLversion age; /* age of the returned struct */
- const char *version; /* LIBCURL_VERSION */
- unsigned int version_num; /* LIBCURL_VERSION_NUM */
- const char *host; /* OS/host/cpu/machine when configured */
- int features; /* bitmask, see defines below */
- const char *ssl_version; /* human readable string */
- long ssl_version_num; /* not used anymore, always 0 */
- const char *libz_version; /* human readable string */
- /* protocols is terminated by an entry with a NULL protoname */
- const char * const *protocols;
-
- /* The fields below this were added in CURLVERSION_SECOND */
- const char *ares;
- int ares_num;
-
- /* This field was added in CURLVERSION_THIRD */
- const char *libidn;
-
- /* These field were added in CURLVERSION_FOURTH */
-
- /* Same as '_libiconv_version' if built with HAVE_ICONV */
- int iconv_ver_num;
-
- const char *libssh_version; /* human readable string */
-
-} curl_version_info_data;
-
-#define CURL_VERSION_IPV6 (1<<0) /* IPv6-enabled */
-#define CURL_VERSION_KERBEROS4 (1<<1) /* Kerberos V4 auth is supported
- (deprecated) */
-#define CURL_VERSION_SSL (1<<2) /* SSL options are present */
-#define CURL_VERSION_LIBZ (1<<3) /* libz features are present */
-#define CURL_VERSION_NTLM (1<<4) /* NTLM auth is supported */
-#define CURL_VERSION_GSSNEGOTIATE (1<<5) /* Negotiate auth is supported
- (deprecated) */
-#define CURL_VERSION_DEBUG (1<<6) /* Built with debug capabilities */
-#define CURL_VERSION_ASYNCHDNS (1<<7) /* Asynchronous DNS resolves */
-#define CURL_VERSION_SPNEGO (1<<8) /* SPNEGO auth is supported */
-#define CURL_VERSION_LARGEFILE (1<<9) /* Supports files larger than 2GB */
-#define CURL_VERSION_IDN (1<<10) /* Internationized Domain Names are
- supported */
-#define CURL_VERSION_SSPI (1<<11) /* Built against Windows SSPI */
-#define CURL_VERSION_CONV (1<<12) /* Character conversions supported */
-#define CURL_VERSION_CURLDEBUG (1<<13) /* Debug memory tracking supported */
-#define CURL_VERSION_TLSAUTH_SRP (1<<14) /* TLS-SRP auth is supported */
-#define CURL_VERSION_NTLM_WB (1<<15) /* NTLM delegation to winbind helper
- is suported */
-#define CURL_VERSION_HTTP2 (1<<16) /* HTTP2 support built-in */
-#define CURL_VERSION_GSSAPI (1<<17) /* Built against a GSS-API library */
-#define CURL_VERSION_KERBEROS5 (1<<18) /* Kerberos V5 auth is supported */
-#define CURL_VERSION_UNIX_SOCKETS (1<<19) /* Unix domain sockets support */
-#define CURL_VERSION_PSL (1<<20) /* Mozilla's Public Suffix List, used
- for cookie domain verification */
-
- /*
- * NAME curl_version_info()
- *
- * DESCRIPTION
- *
- * This function returns a pointer to a static copy of the version info
- * struct. See above.
- */
-CURL_EXTERN curl_version_info_data *curl_version_info(CURLversion);
-
-/*
- * NAME curl_easy_strerror()
- *
- * DESCRIPTION
- *
- * The curl_easy_strerror function may be used to turn a CURLcode value
- * into the equivalent human readable error string. This is useful
- * for printing meaningful error messages.
- */
-CURL_EXTERN const char *curl_easy_strerror(CURLcode);
-
-/*
- * NAME curl_share_strerror()
- *
- * DESCRIPTION
- *
- * The curl_share_strerror function may be used to turn a CURLSHcode value
- * into the equivalent human readable error string. This is useful
- * for printing meaningful error messages.
- */
-CURL_EXTERN const char *curl_share_strerror(CURLSHcode);
-
-/*
- * NAME curl_easy_pause()
- *
- * DESCRIPTION
- *
- * The curl_easy_pause function pauses or unpauses transfers. Select the new
- * state by setting the bitmask, use the convenience defines below.
- *
- */
-CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int bitmask);
-
-#define CURLPAUSE_RECV (1<<0)
-#define CURLPAUSE_RECV_CONT (0)
-
-#define CURLPAUSE_SEND (1<<2)
-#define CURLPAUSE_SEND_CONT (0)
-
-#define CURLPAUSE_ALL (CURLPAUSE_RECV|CURLPAUSE_SEND)
-#define CURLPAUSE_CONT (CURLPAUSE_RECV_CONT|CURLPAUSE_SEND_CONT)
-
-#ifdef __cplusplus
-}
-#endif
-
-/* unfortunately, the easy.h and multi.h include files need options and info
- stuff before they can be included! */
-#include "easy.h" /* nothing in curl is fun without the easy stuff */
-#include "multi.h"
-
-/* the typechecker doesn't work in C++ (yet) */
-#if defined(__GNUC__) && defined(__GNUC_MINOR__) && \
- ((__GNUC__ > 4) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3)) && \
- !defined(__cplusplus) && !defined(CURL_DISABLE_TYPECHECK)
-#include "typecheck-gcc.h"
-#else
-#if defined(__STDC__) && (__STDC__ >= 1)
-/* This preprocessor magic that replaces a call with the exact same call is
- only done to make sure application authors pass exactly three arguments
- to these functions. */
-#define curl_easy_setopt(handle,opt,param) curl_easy_setopt(handle,opt,param)
-#define curl_easy_getinfo(handle,info,arg) curl_easy_getinfo(handle,info,arg)
-#define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
-#define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
-#endif /* __STDC__ >= 1 */
-#endif /* gcc >= 4.3 && !__cplusplus */
-
-#endif /* __CURL_CURL_H */
diff --git a/include/curl/curlbuild.h.cmake b/include/curl/curlbuild.h.cmake
deleted file mode 100644
index bbb31a940..000000000
--- a/include/curl/curlbuild.h.cmake
+++ /dev/null
@@ -1,197 +0,0 @@
-#ifndef __CURL_CURLBUILD_H
-#define __CURL_CURLBUILD_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2008, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-/* ================================================================ */
-/* NOTES FOR CONFIGURE CAPABLE SYSTEMS */
-/* ================================================================ */
-
-/*
- * NOTE 1:
- * -------
- *
- * Nothing in this file is intended to be modified or adjusted by the
- * curl library user nor by the curl library builder.
- *
- * If you think that something actually needs to be changed, adjusted
- * or fixed in this file, then, report it on the libcurl development
- * mailing list: https://cool.haxx.se/mailman/listinfo/curl-library/
- *
- * This header file shall only export symbols which are 'curl' or 'CURL'
- * prefixed, otherwise public name space would be polluted.
- *
- * NOTE 2:
- * -------
- *
- * Right now you might be staring at file include/curl/curlbuild.h.in or
- * at file include/curl/curlbuild.h, this is due to the following reason:
- *
- * On systems capable of running the configure script, the configure process
- * will overwrite the distributed include/curl/curlbuild.h file with one that
- * is suitable and specific to the library being configured and built, which
- * is generated from the include/curl/curlbuild.h.in template file.
- *
- */
-
-/* ================================================================ */
-/* DEFINITION OF THESE SYMBOLS SHALL NOT TAKE PLACE ANYWHERE ELSE */
-/* ================================================================ */
-
-#ifdef CURL_SIZEOF_LONG
-#error "CURL_SIZEOF_LONG shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SIZEOF_LONG_already_defined
-#endif
-
-#ifdef CURL_TYPEOF_CURL_SOCKLEN_T
-#error "CURL_TYPEOF_CURL_SOCKLEN_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_TYPEOF_CURL_SOCKLEN_T_already_defined
-#endif
-
-#ifdef CURL_SIZEOF_CURL_SOCKLEN_T
-#error "CURL_SIZEOF_CURL_SOCKLEN_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SIZEOF_CURL_SOCKLEN_T_already_defined
-#endif
-
-#ifdef CURL_TYPEOF_CURL_OFF_T
-#error "CURL_TYPEOF_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_TYPEOF_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_FORMAT_CURL_OFF_T
-#error "CURL_FORMAT_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_FORMAT_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_FORMAT_CURL_OFF_TU
-#error "CURL_FORMAT_CURL_OFF_TU shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_FORMAT_CURL_OFF_TU_already_defined
-#endif
-
-#ifdef CURL_FORMAT_OFF_T
-#error "CURL_FORMAT_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_FORMAT_OFF_T_already_defined
-#endif
-
-#ifdef CURL_SIZEOF_CURL_OFF_T
-#error "CURL_SIZEOF_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SIZEOF_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_SUFFIX_CURL_OFF_T
-#error "CURL_SUFFIX_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_SUFFIX_CURL_OFF_TU
-#error "CURL_SUFFIX_CURL_OFF_TU shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_TU_already_defined
-#endif
-
-/* ================================================================ */
-/* EXTERNAL INTERFACE SETTINGS FOR CONFIGURE CAPABLE SYSTEMS ONLY */
-/* ================================================================ */
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file ws2tcpip.h must be included by the external interface. */
-#cmakedefine CURL_PULL_WS2TCPIP_H
-#ifdef CURL_PULL_WS2TCPIP_H
-# ifndef WIN32_LEAN_AND_MEAN
-# define WIN32_LEAN_AND_MEAN
-# endif
-# include <windows.h>
-# include <winsock2.h>
-# include <ws2tcpip.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file sys/types.h must be included by the external interface. */
-#cmakedefine CURL_PULL_SYS_TYPES_H
-#ifdef CURL_PULL_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file stdint.h must be included by the external interface. */
-#cmakedefine CURL_PULL_STDINT_H
-#ifdef CURL_PULL_STDINT_H
-# include <stdint.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file inttypes.h must be included by the external interface. */
-#cmakedefine CURL_PULL_INTTYPES_H
-#ifdef CURL_PULL_INTTYPES_H
-# include <inttypes.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file sys/socket.h must be included by the external interface. */
-#cmakedefine CURL_PULL_SYS_SOCKET_H
-#ifdef CURL_PULL_SYS_SOCKET_H
-# include <sys/socket.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file sys/poll.h must be included by the external interface. */
-#cmakedefine CURL_PULL_SYS_POLL_H
-#ifdef CURL_PULL_SYS_POLL_H
-# include <sys/poll.h>
-#endif
-
-/* The size of `long', as computed by sizeof. */
-#define CURL_SIZEOF_LONG ${CURL_SIZEOF_LONG}
-
-/* Integral data type used for curl_socklen_t. */
-#define CURL_TYPEOF_CURL_SOCKLEN_T ${CURL_TYPEOF_CURL_SOCKLEN_T}
-
-/* The size of `curl_socklen_t', as computed by sizeof. */
-#define CURL_SIZEOF_CURL_SOCKLEN_T ${CURL_SIZEOF_CURL_SOCKLEN_T}
-
-/* Data type definition of curl_socklen_t. */
-typedef CURL_TYPEOF_CURL_SOCKLEN_T curl_socklen_t;
-
-/* Signed integral data type used for curl_off_t. */
-#define CURL_TYPEOF_CURL_OFF_T ${CURL_TYPEOF_CURL_OFF_T}
-
-/* Data type definition of curl_off_t. */
-typedef CURL_TYPEOF_CURL_OFF_T curl_off_t;
-
-/* curl_off_t formatting string directive without "%" conversion specifier. */
-#define CURL_FORMAT_CURL_OFF_T "${CURL_FORMAT_CURL_OFF_T}"
-
-/* unsigned curl_off_t formatting string without "%" conversion specifier. */
-#define CURL_FORMAT_CURL_OFF_TU "${CURL_FORMAT_CURL_OFF_TU}"
-
-/* curl_off_t formatting string directive with "%" conversion specifier. */
-#define CURL_FORMAT_OFF_T "${CURL_FORMAT_OFF_T}"
-
-/* The size of `curl_off_t', as computed by sizeof. */
-#define CURL_SIZEOF_CURL_OFF_T ${CURL_SIZEOF_CURL_OFF_T}
-
-/* curl_off_t constant suffix. */
-#define CURL_SUFFIX_CURL_OFF_T ${CURL_SUFFIX_CURL_OFF_T}
-
-/* unsigned curl_off_t constant suffix. */
-#define CURL_SUFFIX_CURL_OFF_TU ${CURL_SUFFIX_CURL_OFF_TU}
-
-#endif /* __CURL_CURLBUILD_H */
diff --git a/include/curl/curlbuild.h.dist b/include/curl/curlbuild.h.dist
deleted file mode 100644
index ae95095fa..000000000
--- a/include/curl/curlbuild.h.dist
+++ /dev/null
@@ -1,586 +0,0 @@
-#ifndef __CURL_CURLBUILD_H
-#define __CURL_CURLBUILD_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-/* ================================================================ */
-/* NOTES FOR CONFIGURE CAPABLE SYSTEMS */
-/* ================================================================ */
-
-/*
- * NOTE 1:
- * -------
- *
- * See file include/curl/curlbuild.h.in, run configure, and forget
- * that this file exists it is only used for non-configure systems.
- * But you can keep reading if you want ;-)
- *
- */
-
-/* ================================================================ */
-/* NOTES FOR NON-CONFIGURE SYSTEMS */
-/* ================================================================ */
-
-/*
- * NOTE 1:
- * -------
- *
- * Nothing in this file is intended to be modified or adjusted by the
- * curl library user nor by the curl library builder.
- *
- * If you think that something actually needs to be changed, adjusted
- * or fixed in this file, then, report it on the libcurl development
- * mailing list: https://cool.haxx.se/mailman/listinfo/curl-library/
- *
- * Try to keep one section per platform, compiler and architecture,
- * otherwise, if an existing section is reused for a different one and
- * later on the original is adjusted, probably the piggybacking one can
- * be adversely changed.
- *
- * In order to differentiate between platforms/compilers/architectures
- * use only compiler built in predefined preprocessor symbols.
- *
- * This header file shall only export symbols which are 'curl' or 'CURL'
- * prefixed, otherwise public name space would be polluted.
- *
- * NOTE 2:
- * -------
- *
- * For any given platform/compiler curl_off_t must be typedef'ed to a
- * 64-bit wide signed integral data type. The width of this data type
- * must remain constant and independent of any possible large file
- * support settings.
- *
- * As an exception to the above, curl_off_t shall be typedef'ed to a
- * 32-bit wide signed integral data type if there is no 64-bit type.
- *
- * As a general rule, curl_off_t shall not be mapped to off_t. This
- * rule shall only be violated if off_t is the only 64-bit data type
- * available and the size of off_t is independent of large file support
- * settings. Keep your build on the safe side avoiding an off_t gating.
- * If you have a 64-bit off_t then take for sure that another 64-bit
- * data type exists, dig deeper and you will find it.
- *
- * NOTE 3:
- * -------
- *
- * Right now you might be staring at file include/curl/curlbuild.h.dist or
- * at file include/curl/curlbuild.h, this is due to the following reason:
- * file include/curl/curlbuild.h.dist is renamed to include/curl/curlbuild.h
- * when the libcurl source code distribution archive file is created.
- *
- * File include/curl/curlbuild.h.dist is not included in the distribution
- * archive. File include/curl/curlbuild.h is not present in the git tree.
- *
- * The distributed include/curl/curlbuild.h file is only intended to be used
- * on systems which can not run the also distributed configure script.
- *
- * On systems capable of running the configure script, the configure process
- * will overwrite the distributed include/curl/curlbuild.h file with one that
- * is suitable and specific to the library being configured and built, which
- * is generated from the include/curl/curlbuild.h.in template file.
- *
- * If you check out from git on a non-configure platform, you must run the
- * appropriate buildconf* script to set up curlbuild.h and other local files.
- *
- */
-
-/* ================================================================ */
-/* DEFINITION OF THESE SYMBOLS SHALL NOT TAKE PLACE ANYWHERE ELSE */
-/* ================================================================ */
-
-#ifdef CURL_SIZEOF_LONG
-# error "CURL_SIZEOF_LONG shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SIZEOF_LONG_already_defined
-#endif
-
-#ifdef CURL_TYPEOF_CURL_SOCKLEN_T
-# error "CURL_TYPEOF_CURL_SOCKLEN_T shall not be defined except in
curlbuild.h"
- Error Compilation_aborted_CURL_TYPEOF_CURL_SOCKLEN_T_already_defined
-#endif
-
-#ifdef CURL_SIZEOF_CURL_SOCKLEN_T
-# error "CURL_SIZEOF_CURL_SOCKLEN_T shall not be defined except in
curlbuild.h"
- Error Compilation_aborted_CURL_SIZEOF_CURL_SOCKLEN_T_already_defined
-#endif
-
-#ifdef CURL_TYPEOF_CURL_OFF_T
-# error "CURL_TYPEOF_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_TYPEOF_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_FORMAT_CURL_OFF_T
-# error "CURL_FORMAT_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_FORMAT_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_FORMAT_CURL_OFF_TU
-# error "CURL_FORMAT_CURL_OFF_TU shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_FORMAT_CURL_OFF_TU_already_defined
-#endif
-
-#ifdef CURL_FORMAT_OFF_T
-# error "CURL_FORMAT_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_FORMAT_OFF_T_already_defined
-#endif
-
-#ifdef CURL_SIZEOF_CURL_OFF_T
-# error "CURL_SIZEOF_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SIZEOF_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_SUFFIX_CURL_OFF_T
-# error "CURL_SUFFIX_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_SUFFIX_CURL_OFF_TU
-# error "CURL_SUFFIX_CURL_OFF_TU shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_TU_already_defined
-#endif
-
-/* ================================================================ */
-/* EXTERNAL INTERFACE SETTINGS FOR NON-CONFIGURE SYSTEMS ONLY */
-/* ================================================================ */
-
-#if defined(__DJGPP__) || defined(__GO32__)
-# if defined(__DJGPP__) && (__DJGPP__ > 1)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# else
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__SALFORDC__)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__BORLANDC__)
-# if (__BORLANDC__ < 0x520)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# else
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T __int64
-# define CURL_FORMAT_CURL_OFF_T "I64d"
-# define CURL_FORMAT_CURL_OFF_TU "I64u"
-# define CURL_FORMAT_OFF_T "%I64d"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T i64
-# define CURL_SUFFIX_CURL_OFF_TU ui64
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__TURBOC__)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__WATCOMC__)
-# if defined(__386__)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T __int64
-# define CURL_FORMAT_CURL_OFF_T "I64d"
-# define CURL_FORMAT_CURL_OFF_TU "I64u"
-# define CURL_FORMAT_OFF_T "%I64d"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T i64
-# define CURL_SUFFIX_CURL_OFF_TU ui64
-# else
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__POCC__)
-# if (__POCC__ < 280)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# elif defined(_MSC_VER)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T __int64
-# define CURL_FORMAT_CURL_OFF_T "I64d"
-# define CURL_FORMAT_CURL_OFF_TU "I64u"
-# define CURL_FORMAT_OFF_T "%I64d"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T i64
-# define CURL_SUFFIX_CURL_OFF_TU ui64
-# else
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__LCC__)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__SYMBIAN32__)
-# if defined(__EABI__) /* Treat all ARM compilers equally */
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# elif defined(__CW32__)
-# pragma longlong on
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# elif defined(__VC32__)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T __int64
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T unsigned int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__MWERKS__)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(_WIN32_WCE)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T __int64
-# define CURL_FORMAT_CURL_OFF_T "I64d"
-# define CURL_FORMAT_CURL_OFF_TU "I64u"
-# define CURL_FORMAT_OFF_T "%I64d"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T i64
-# define CURL_SUFFIX_CURL_OFF_TU ui64
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__MINGW32__)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "I64d"
-# define CURL_FORMAT_CURL_OFF_TU "I64u"
-# define CURL_FORMAT_OFF_T "%I64d"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__VMS)
-# if defined(__VAX)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# else
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T unsigned int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-#elif defined(__OS400__)
-# if defined(__ILEC400__)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-# define CURL_PULL_SYS_TYPES_H 1
-# define CURL_PULL_SYS_SOCKET_H 1
-# endif
-
-#elif defined(__MVS__)
-# if defined(__IBMC__) || defined(__IBMCPP__)
-# if defined(_ILP32)
-# define CURL_SIZEOF_LONG 4
-# elif defined(_LP64)
-# define CURL_SIZEOF_LONG 8
-# endif
-# if defined(_LONG_LONG)
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# elif defined(_LP64)
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# else
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-# define CURL_PULL_SYS_TYPES_H 1
-# define CURL_PULL_SYS_SOCKET_H 1
-# endif
-
-#elif defined(__370__)
-# if defined(__IBMC__) || defined(__IBMCPP__)
-# if defined(_ILP32)
-# define CURL_SIZEOF_LONG 4
-# elif defined(_LP64)
-# define CURL_SIZEOF_LONG 8
-# endif
-# if defined(_LONG_LONG)
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# elif defined(_LP64)
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# else
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-# define CURL_PULL_SYS_TYPES_H 1
-# define CURL_PULL_SYS_SOCKET_H 1
-# endif
-
-#elif defined(TPF)
-# define CURL_SIZEOF_LONG 8
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-/* ===================================== */
-/* KEEP MSVC THE PENULTIMATE ENTRY */
-/* ===================================== */
-
-#elif defined(_MSC_VER)
-# if (_MSC_VER >= 900) && (_INTEGRAL_MAX_BITS >= 64)
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T __int64
-# define CURL_FORMAT_CURL_OFF_T "I64d"
-# define CURL_FORMAT_CURL_OFF_TU "I64u"
-# define CURL_FORMAT_OFF_T "%I64d"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T i64
-# define CURL_SUFFIX_CURL_OFF_TU ui64
-# else
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 4
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T int
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-
-/* ===================================== */
-/* KEEP GENERIC GCC THE LAST ENTRY */
-/* ===================================== */
-
-#elif defined(__GNUC__)
-# if !defined(__LP64__) && (defined(__ILP32__) || \
- defined(__i386__) || defined(__ppc__) || defined(__arm__) || \
- defined(__sparc__) || defined(__mips__) || defined(__sh__))
-# define CURL_SIZEOF_LONG 4
-# define CURL_TYPEOF_CURL_OFF_T long long
-# define CURL_FORMAT_CURL_OFF_T "lld"
-# define CURL_FORMAT_CURL_OFF_TU "llu"
-# define CURL_FORMAT_OFF_T "%lld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T LL
-# define CURL_SUFFIX_CURL_OFF_TU ULL
-# elif defined(__LP64__) || \
- defined(__x86_64__) || defined(__ppc64__) || defined(__sparc64__)
-# define CURL_SIZEOF_LONG 8
-# define CURL_TYPEOF_CURL_OFF_T long
-# define CURL_FORMAT_CURL_OFF_T "ld"
-# define CURL_FORMAT_CURL_OFF_TU "lu"
-# define CURL_FORMAT_OFF_T "%ld"
-# define CURL_SIZEOF_CURL_OFF_T 8
-# define CURL_SUFFIX_CURL_OFF_T L
-# define CURL_SUFFIX_CURL_OFF_TU UL
-# endif
-# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
-# define CURL_SIZEOF_CURL_SOCKLEN_T 4
-# define CURL_PULL_SYS_TYPES_H 1
-# define CURL_PULL_SYS_SOCKET_H 1
-
-#else
-# error "Unknown non-configure build target!"
- Error Compilation_aborted_Unknown_non_configure_build_target
-#endif
-
-/* CURL_PULL_SYS_TYPES_H is defined above when inclusion of header file */
-/* sys/types.h is required here to properly make type definitions below. */
-#ifdef CURL_PULL_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-/* CURL_PULL_SYS_SOCKET_H is defined above when inclusion of header file */
-/* sys/socket.h is required here to properly make type definitions below. */
-#ifdef CURL_PULL_SYS_SOCKET_H
-# include <sys/socket.h>
-#endif
-
-/* Data type definition of curl_socklen_t. */
-
-#ifdef CURL_TYPEOF_CURL_SOCKLEN_T
- typedef CURL_TYPEOF_CURL_SOCKLEN_T curl_socklen_t;
-#endif
-
-/* Data type definition of curl_off_t. */
-
-#ifdef CURL_TYPEOF_CURL_OFF_T
- typedef CURL_TYPEOF_CURL_OFF_T curl_off_t;
-#endif
-
-#endif /* __CURL_CURLBUILD_H */
diff --git a/include/curl/curlbuild.h.in b/include/curl/curlbuild.h.in
deleted file mode 100644
index ffab35670..000000000
--- a/include/curl/curlbuild.h.in
+++ /dev/null
@@ -1,197 +0,0 @@
-#ifndef __CURL_CURLBUILD_H
-#define __CURL_CURLBUILD_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-/* ================================================================ */
-/* NOTES FOR CONFIGURE CAPABLE SYSTEMS */
-/* ================================================================ */
-
-/*
- * NOTE 1:
- * -------
- *
- * Nothing in this file is intended to be modified or adjusted by the
- * curl library user nor by the curl library builder.
- *
- * If you think that something actually needs to be changed, adjusted
- * or fixed in this file, then, report it on the libcurl development
- * mailing list: https://cool.haxx.se/mailman/listinfo/curl-library/
- *
- * This header file shall only export symbols which are 'curl' or 'CURL'
- * prefixed, otherwise public name space would be polluted.
- *
- * NOTE 2:
- * -------
- *
- * Right now you might be staring at file include/curl/curlbuild.h.in or
- * at file include/curl/curlbuild.h, this is due to the following reason:
- *
- * On systems capable of running the configure script, the configure process
- * will overwrite the distributed include/curl/curlbuild.h file with one that
- * is suitable and specific to the library being configured and built, which
- * is generated from the include/curl/curlbuild.h.in template file.
- *
- */
-
-/* ================================================================ */
-/* DEFINITION OF THESE SYMBOLS SHALL NOT TAKE PLACE ANYWHERE ELSE */
-/* ================================================================ */
-
-#ifdef CURL_SIZEOF_LONG
-#error "CURL_SIZEOF_LONG shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SIZEOF_LONG_already_defined
-#endif
-
-#ifdef CURL_TYPEOF_CURL_SOCKLEN_T
-#error "CURL_TYPEOF_CURL_SOCKLEN_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_TYPEOF_CURL_SOCKLEN_T_already_defined
-#endif
-
-#ifdef CURL_SIZEOF_CURL_SOCKLEN_T
-#error "CURL_SIZEOF_CURL_SOCKLEN_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SIZEOF_CURL_SOCKLEN_T_already_defined
-#endif
-
-#ifdef CURL_TYPEOF_CURL_OFF_T
-#error "CURL_TYPEOF_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_TYPEOF_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_FORMAT_CURL_OFF_T
-#error "CURL_FORMAT_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_FORMAT_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_FORMAT_CURL_OFF_TU
-#error "CURL_FORMAT_CURL_OFF_TU shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_FORMAT_CURL_OFF_TU_already_defined
-#endif
-
-#ifdef CURL_FORMAT_OFF_T
-#error "CURL_FORMAT_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_FORMAT_OFF_T_already_defined
-#endif
-
-#ifdef CURL_SIZEOF_CURL_OFF_T
-#error "CURL_SIZEOF_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SIZEOF_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_SUFFIX_CURL_OFF_T
-#error "CURL_SUFFIX_CURL_OFF_T shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_T_already_defined
-#endif
-
-#ifdef CURL_SUFFIX_CURL_OFF_TU
-#error "CURL_SUFFIX_CURL_OFF_TU shall not be defined except in curlbuild.h"
- Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_TU_already_defined
-#endif
-
-/* ================================================================ */
-/* EXTERNAL INTERFACE SETTINGS FOR CONFIGURE CAPABLE SYSTEMS ONLY */
-/* ================================================================ */
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file ws2tcpip.h must be included by the external interface. */
-#undef CURL_PULL_WS2TCPIP_H
-#ifdef CURL_PULL_WS2TCPIP_H
-# ifndef WIN32_LEAN_AND_MEAN
-# define WIN32_LEAN_AND_MEAN
-# endif
-# include <windows.h>
-# include <winsock2.h>
-# include <ws2tcpip.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file sys/types.h must be included by the external interface. */
-#undef CURL_PULL_SYS_TYPES_H
-#ifdef CURL_PULL_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file stdint.h must be included by the external interface. */
-#undef CURL_PULL_STDINT_H
-#ifdef CURL_PULL_STDINT_H
-# include <stdint.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file inttypes.h must be included by the external interface. */
-#undef CURL_PULL_INTTYPES_H
-#ifdef CURL_PULL_INTTYPES_H
-# include <inttypes.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file sys/socket.h must be included by the external interface. */
-#undef CURL_PULL_SYS_SOCKET_H
-#ifdef CURL_PULL_SYS_SOCKET_H
-# include <sys/socket.h>
-#endif
-
-/* Configure process defines this to 1 when it finds out that system */
-/* header file sys/poll.h must be included by the external interface. */
-#undef CURL_PULL_SYS_POLL_H
-#ifdef CURL_PULL_SYS_POLL_H
-# include <sys/poll.h>
-#endif
-
-/* The size of `long', as computed by sizeof. */
-#undef CURL_SIZEOF_LONG
-
-/* Integral data type used for curl_socklen_t. */
-#undef CURL_TYPEOF_CURL_SOCKLEN_T
-
-/* The size of `curl_socklen_t', as computed by sizeof. */
-#undef CURL_SIZEOF_CURL_SOCKLEN_T
-
-/* Data type definition of curl_socklen_t. */
-typedef CURL_TYPEOF_CURL_SOCKLEN_T curl_socklen_t;
-
-/* Signed integral data type used for curl_off_t. */
-#undef CURL_TYPEOF_CURL_OFF_T
-
-/* Data type definition of curl_off_t. */
-typedef CURL_TYPEOF_CURL_OFF_T curl_off_t;
-
-/* curl_off_t formatting string directive without "%" conversion specifier. */
-#undef CURL_FORMAT_CURL_OFF_T
-
-/* unsigned curl_off_t formatting string without "%" conversion specifier. */
-#undef CURL_FORMAT_CURL_OFF_TU
-
-/* curl_off_t formatting string directive with "%" conversion specifier. */
-#undef CURL_FORMAT_OFF_T
-
-/* The size of `curl_off_t', as computed by sizeof. */
-#undef CURL_SIZEOF_CURL_OFF_T
-
-/* curl_off_t constant suffix. */
-#undef CURL_SUFFIX_CURL_OFF_T
-
-/* unsigned curl_off_t constant suffix. */
-#undef CURL_SUFFIX_CURL_OFF_TU
-
-#endif /* __CURL_CURLBUILD_H */
diff --git a/include/curl/curlrules.h b/include/curl/curlrules.h
deleted file mode 100644
index 55d21f68f..000000000
--- a/include/curl/curlrules.h
+++ /dev/null
@@ -1,262 +0,0 @@
-#ifndef __CURL_CURLRULES_H
-#define __CURL_CURLRULES_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-/* ================================================================ */
-/* COMPILE TIME SANITY CHECKS */
-/* ================================================================ */
-
-/*
- * NOTE 1:
- * -------
- *
- * All checks done in this file are intentionally placed in a public
- * header file which is pulled by curl/curl.h when an application is
- * being built using an already built libcurl library. Additionally
- * this file is also included and used when building the library.
- *
- * If compilation fails on this file it is certainly sure that the
- * problem is elsewhere. It could be a problem in the curlbuild.h
- * header file, or simply that you are using different compilation
- * settings than those used to build the library.
- *
- * Nothing in this file is intended to be modified or adjusted by the
- * curl library user nor by the curl library builder.
- *
- * Do not deactivate any check, these are done to make sure that the
- * library is properly built and used.
- *
- * You can find further help on the libcurl development mailing list:
- * https://cool.haxx.se/mailman/listinfo/curl-library/
- *
- * NOTE 2
- * ------
- *
- * Some of the following compile time checks are based on the fact
- * that the dimension of a constant array can not be a negative one.
- * In this way if the compile time verification fails, the compilation
- * will fail issuing an error. The error description wording is compiler
- * dependent but it will be quite similar to one of the following:
- *
- * "negative subscript or subscript is too large"
- * "array must have at least one element"
- * "-1 is an illegal array size"
- * "size of array is negative"
- *
- * If you are building an application which tries to use an already
- * built libcurl library and you are getting this kind of errors on
- * this file, it is a clear indication that there is a mismatch between
- * how the library was built and how you are trying to use it for your
- * application. Your already compiled or binary library provider is the
- * only one who can give you the details you need to properly use it.
- */
-
-/*
- * Verify that some macros are actually defined.
- */
-
-#ifndef CURL_SIZEOF_LONG
-# error "CURL_SIZEOF_LONG definition is missing!"
- Error Compilation_aborted_CURL_SIZEOF_LONG_is_missing
-#endif
-
-#ifndef CURL_TYPEOF_CURL_SOCKLEN_T
-# error "CURL_TYPEOF_CURL_SOCKLEN_T definition is missing!"
- Error Compilation_aborted_CURL_TYPEOF_CURL_SOCKLEN_T_is_missing
-#endif
-
-#ifndef CURL_SIZEOF_CURL_SOCKLEN_T
-# error "CURL_SIZEOF_CURL_SOCKLEN_T definition is missing!"
- Error Compilation_aborted_CURL_SIZEOF_CURL_SOCKLEN_T_is_missing
-#endif
-
-#ifndef CURL_TYPEOF_CURL_OFF_T
-# error "CURL_TYPEOF_CURL_OFF_T definition is missing!"
- Error Compilation_aborted_CURL_TYPEOF_CURL_OFF_T_is_missing
-#endif
-
-#ifndef CURL_FORMAT_CURL_OFF_T
-# error "CURL_FORMAT_CURL_OFF_T definition is missing!"
- Error Compilation_aborted_CURL_FORMAT_CURL_OFF_T_is_missing
-#endif
-
-#ifndef CURL_FORMAT_CURL_OFF_TU
-# error "CURL_FORMAT_CURL_OFF_TU definition is missing!"
- Error Compilation_aborted_CURL_FORMAT_CURL_OFF_TU_is_missing
-#endif
-
-#ifndef CURL_FORMAT_OFF_T
-# error "CURL_FORMAT_OFF_T definition is missing!"
- Error Compilation_aborted_CURL_FORMAT_OFF_T_is_missing
-#endif
-
-#ifndef CURL_SIZEOF_CURL_OFF_T
-# error "CURL_SIZEOF_CURL_OFF_T definition is missing!"
- Error Compilation_aborted_CURL_SIZEOF_CURL_OFF_T_is_missing
-#endif
-
-#ifndef CURL_SUFFIX_CURL_OFF_T
-# error "CURL_SUFFIX_CURL_OFF_T definition is missing!"
- Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_T_is_missing
-#endif
-
-#ifndef CURL_SUFFIX_CURL_OFF_TU
-# error "CURL_SUFFIX_CURL_OFF_TU definition is missing!"
- Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_TU_is_missing
-#endif
-
-/*
- * Macros private to this header file.
- */
-
-#define CurlchkszEQ(t, s) sizeof(t) == s ? 1 : -1
-
-#define CurlchkszGE(t1, t2) sizeof(t1) >= sizeof(t2) ? 1 : -1
-
-/*
- * Verify that the size previously defined and expected for long
- * is the same as the one reported by sizeof() at compile time.
- */
-
-typedef char
- __curl_rule_01__
- [CurlchkszEQ(long, CURL_SIZEOF_LONG)];
-
-/*
- * Verify that the size previously defined and expected for
- * curl_off_t is actually the the same as the one reported
- * by sizeof() at compile time.
- */
-
-typedef char
- __curl_rule_02__
- [CurlchkszEQ(curl_off_t, CURL_SIZEOF_CURL_OFF_T)];
-
-/*
- * Verify at compile time that the size of curl_off_t as reported
- * by sizeof() is greater or equal than the one reported for long
- * for the current compilation.
- */
-
-typedef char
- __curl_rule_03__
- [CurlchkszGE(curl_off_t, long)];
-
-/*
- * Verify that the size previously defined and expected for
- * curl_socklen_t is actually the the same as the one reported
- * by sizeof() at compile time.
- */
-
-typedef char
- __curl_rule_04__
- [CurlchkszEQ(curl_socklen_t, CURL_SIZEOF_CURL_SOCKLEN_T)];
-
-/*
- * Verify at compile time that the size of curl_socklen_t as reported
- * by sizeof() is greater or equal than the one reported for int for
- * the current compilation.
- */
-
-typedef char
- __curl_rule_05__
- [CurlchkszGE(curl_socklen_t, int)];
-
-/* ================================================================ */
-/* EXTERNALLY AND INTERNALLY VISIBLE DEFINITIONS */
-/* ================================================================ */
-
-/*
- * CURL_ISOCPP and CURL_OFF_T_C definitions are done here in order to allow
- * these to be visible and exported by the external libcurl interface API,
- * while also making them visible to the library internals, simply including
- * curl_setup.h, without actually needing to include curl.h internally.
- * If some day this section would grow big enough, all this should be moved
- * to its own header file.
- */
-
-/*
- * Figure out if we can use the ## preprocessor operator, which is supported
- * by ISO/ANSI C and C++. Some compilers support it without setting __STDC__
- * or __cplusplus so we need to carefully check for them too.
- */
-
-#if defined(__STDC__) || defined(_MSC_VER) || defined(__cplusplus) || \
- defined(__HP_aCC) || defined(__BORLANDC__) || defined(__LCC__) || \
- defined(__POCC__) || defined(__SALFORDC__) || defined(__HIGHC__) || \
- defined(__ILEC400__)
- /* This compiler is believed to have an ISO compatible preprocessor */
-#define CURL_ISOCPP
-#else
- /* This compiler is believed NOT to have an ISO compatible preprocessor */
-#undef CURL_ISOCPP
-#endif
-
-/*
- * Macros for minimum-width signed and unsigned curl_off_t integer constants.
- */
-
-#if defined(__BORLANDC__) && (__BORLANDC__ == 0x0551)
-# define __CURL_OFF_T_C_HLPR2(x) x
-# define __CURL_OFF_T_C_HLPR1(x) __CURL_OFF_T_C_HLPR2(x)
-# define CURL_OFF_T_C(Val) __CURL_OFF_T_C_HLPR1(Val) ## \
- __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_T)
-# define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val) ## \
- __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_TU)
-#else
-# ifdef CURL_ISOCPP
-# define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val ## Suffix
-# else
-# define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val/**/Suffix
-# endif
-# define __CURL_OFF_T_C_HLPR1(Val,Suffix) __CURL_OFF_T_C_HLPR2(Val,Suffix)
-# define CURL_OFF_T_C(Val) __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_T)
-# define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_TU)
-#endif
-
-/*
- * Get rid of macros private to this header file.
- */
-
-#undef CurlchkszEQ
-#undef CurlchkszGE
-
-/*
- * Get rid of macros not intended to exist beyond this point.
- */
-
-#undef CURL_PULL_WS2TCPIP_H
-#undef CURL_PULL_SYS_TYPES_H
-#undef CURL_PULL_SYS_SOCKET_H
-#undef CURL_PULL_SYS_POLL_H
-#undef CURL_PULL_STDINT_H
-#undef CURL_PULL_INTTYPES_H
-
-#undef CURL_TYPEOF_CURL_SOCKLEN_T
-#undef CURL_TYPEOF_CURL_OFF_T
-
-#ifdef CURL_NO_OLDIES
-#undef CURL_FORMAT_OFF_T /* not required since 7.19.0 - obsoleted in 7.20.0 */
-#endif
-
-#endif /* __CURL_CURLRULES_H */
diff --git a/include/curl/curlver.h b/include/curl/curlver.h
deleted file mode 100644
index 3bb0235b6..000000000
--- a/include/curl/curlver.h
+++ /dev/null
@@ -1,77 +0,0 @@
-#ifndef __CURL_CURLVER_H
-#define __CURL_CURLVER_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-/* This header file contains nothing but libcurl version info, generated by
- a script at release-time. This was made its own header file in 7.11.2 */
-
-/* This is the global package copyright */
-#define LIBCURL_COPYRIGHT "1996 - 2016 Daniel Stenberg, <address@hidden>."
-
-/* This is the version number of the libcurl package from which this header
- file origins: */
-#define LIBCURL_VERSION "7.51.0-DEV"
-
-/* The numeric version number is also available "in parts" by using these
- defines: */
-#define LIBCURL_VERSION_MAJOR 7
-#define LIBCURL_VERSION_MINOR 51
-#define LIBCURL_VERSION_PATCH 0
-
-/* This is the numeric version of the libcurl version number, meant for easier
- parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
- always follow this syntax:
-
- 0xXXYYZZ
-
- Where XX, YY and ZZ are the main version, release and patch numbers in
- hexadecimal (using 8 bits each). All three numbers are always represented
- using two digits. 1.2 would appear as "0x010200" while version 9.11.7
- appears as "0x090b07".
-
- This 6-digit (24 bits) hexadecimal number does not show pre-release number,
- and it is always a greater number in a more recent release. It makes
- comparisons with greater than and less than work.
-
- Note: This define is the full hex number and _does not_ use the
- CURL_VERSION_BITS() macro since curl's own configure script greps for it
- and needs it to contain the full number.
-*/
-#define LIBCURL_VERSION_NUM 0x073300
-
-/*
- * This is the date and time when the full source package was created. The
- * timestamp is not stored in git, as the timestamp is properly set in the
- * tarballs by the maketgz script.
- *
- * The format of the date should follow this template:
- *
- * "Mon Feb 12 11:35:33 UTC 2007"
- */
-#define LIBCURL_TIMESTAMP "DEV"
-
-#define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|z)
-#define CURL_AT_LEAST_VERSION(x,y,z) \
- (LIBCURL_VERSION_NUM >= CURL_VERSION_BITS(x, y, z))
-
-#endif /* __CURL_CURLVER_H */
diff --git a/include/curl/easy.h b/include/curl/easy.h
deleted file mode 100644
index afc766cd2..000000000
--- a/include/curl/easy.h
+++ /dev/null
@@ -1,102 +0,0 @@
-#ifndef __CURL_EASY_H
-#define __CURL_EASY_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2008, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-CURL_EXTERN CURL *curl_easy_init(void);
-CURL_EXTERN CURLcode curl_easy_setopt(CURL *curl, CURLoption option, ...);
-CURL_EXTERN CURLcode curl_easy_perform(CURL *curl);
-CURL_EXTERN void curl_easy_cleanup(CURL *curl);
-
-/*
- * NAME curl_easy_getinfo()
- *
- * DESCRIPTION
- *
- * Request internal information from the curl session with this function. The
- * third argument MUST be a pointer to a long, a pointer to a char * or a
- * pointer to a double (as the documentation describes elsewhere). The data
- * pointed to will be filled in accordingly and can be relied upon only if the
- * function returns CURLE_OK. This function is intended to get used *AFTER* a
- * performed transfer, all results from this function are undefined until the
- * transfer is completed.
- */
-CURL_EXTERN CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...);
-
-
-/*
- * NAME curl_easy_duphandle()
- *
- * DESCRIPTION
- *
- * Creates a new curl session handle with the same options set for the handle
- * passed in. Duplicating a handle could only be a matter of cloning data and
- * options, internal state info and things like persistent connections cannot
- * be transferred. It is useful in multithreaded applications when you can run
- * curl_easy_duphandle() for each new thread to avoid a series of identical
- * curl_easy_setopt() invokes in every thread.
- */
-CURL_EXTERN CURL* curl_easy_duphandle(CURL *curl);
-
-/*
- * NAME curl_easy_reset()
- *
- * DESCRIPTION
- *
- * Re-initializes a CURL handle to the default values. This puts back the
- * handle to the same state as it was in when it was just created.
- *
- * It does keep: live connections, the Session ID cache, the DNS cache and the
- * cookies.
- */
-CURL_EXTERN void curl_easy_reset(CURL *curl);
-
-/*
- * NAME curl_easy_recv()
- *
- * DESCRIPTION
- *
- * Receives data from the connected socket. Use after successful
- * curl_easy_perform() with CURLOPT_CONNECT_ONLY option.
- */
-CURL_EXTERN CURLcode curl_easy_recv(CURL *curl, void *buffer, size_t buflen,
- size_t *n);
-
-/*
- * NAME curl_easy_send()
- *
- * DESCRIPTION
- *
- * Sends data over the connected socket. Use after successful
- * curl_easy_perform() with CURLOPT_CONNECT_ONLY option.
- */
-CURL_EXTERN CURLcode curl_easy_send(CURL *curl, const void *buffer,
- size_t buflen, size_t *n);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/include/curl/multi.h b/include/curl/multi.h
deleted file mode 100644
index d1e00cc5d..000000000
--- a/include/curl/multi.h
+++ /dev/null
@@ -1,439 +0,0 @@
-#ifndef __CURL_MULTI_H
-#define __CURL_MULTI_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-/*
- This is an "external" header file. Don't give away any internals here!
-
- GOALS
-
- o Enable a "pull" interface. The application that uses libcurl decides where
- and when to ask libcurl to get/send data.
-
- o Enable multiple simultaneous transfers in the same thread without making it
- complicated for the application.
-
- o Enable the application to select() on its own file descriptors and curl's
- file descriptors simultaneous easily.
-
-*/
-
-/*
- * This header file should not really need to include "curl.h" since curl.h
- * itself includes this file and we expect user applications to do #include
- * <curl/curl.h> without the need for especially including multi.h.
- *
- * For some reason we added this include here at one point, and rather than to
- * break existing (wrongly written) libcurl applications, we leave it as-is
- * but with this warning attached.
- */
-#include "curl.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(BUILDING_LIBCURL) || defined(CURL_STRICTER)
-typedef struct Curl_multi CURLM;
-#else
-typedef void CURLM;
-#endif
-
-typedef enum {
- CURLM_CALL_MULTI_PERFORM = -1, /* please call curl_multi_perform() or
- curl_multi_socket*() soon */
- CURLM_OK,
- CURLM_BAD_HANDLE, /* the passed-in handle is not a valid CURLM handle */
- CURLM_BAD_EASY_HANDLE, /* an easy handle was not good/valid */
- CURLM_OUT_OF_MEMORY, /* if you ever get this, you're in deep sh*t */
- CURLM_INTERNAL_ERROR, /* this is a libcurl bug */
- CURLM_BAD_SOCKET, /* the passed in socket argument did not match */
- CURLM_UNKNOWN_OPTION, /* curl_multi_setopt() with unsupported option */
- CURLM_ADDED_ALREADY, /* an easy handle already added to a multi handle was
- attempted to get added - again */
- CURLM_LAST
-} CURLMcode;
-
-/* just to make code nicer when using curl_multi_socket() you can now check
- for CURLM_CALL_MULTI_SOCKET too in the same style it works for
- curl_multi_perform() and CURLM_CALL_MULTI_PERFORM */
-#define CURLM_CALL_MULTI_SOCKET CURLM_CALL_MULTI_PERFORM
-
-/* bitmask bits for CURLMOPT_PIPELINING */
-#define CURLPIPE_NOTHING 0L
-#define CURLPIPE_HTTP1 1L
-#define CURLPIPE_MULTIPLEX 2L
-
-typedef enum {
- CURLMSG_NONE, /* first, not used */
- CURLMSG_DONE, /* This easy handle has completed. 'result' contains
- the CURLcode of the transfer */
- CURLMSG_LAST /* last, not used */
-} CURLMSG;
-
-struct CURLMsg {
- CURLMSG msg; /* what this message means */
- CURL *easy_handle; /* the handle it concerns */
- union {
- void *whatever; /* message-specific data */
- CURLcode result; /* return code for transfer */
- } data;
-};
-typedef struct CURLMsg CURLMsg;
-
-/* Based on poll(2) structure and values.
- * We don't use pollfd and POLL* constants explicitly
- * to cover platforms without poll(). */
-#define CURL_WAIT_POLLIN 0x0001
-#define CURL_WAIT_POLLPRI 0x0002
-#define CURL_WAIT_POLLOUT 0x0004
-
-struct curl_waitfd {
- curl_socket_t fd;
- short events;
- short revents; /* not supported yet */
-};
-
-/*
- * Name: curl_multi_init()
- *
- * Desc: inititalize multi-style curl usage
- *
- * Returns: a new CURLM handle to use in all 'curl_multi' functions.
- */
-CURL_EXTERN CURLM *curl_multi_init(void);
-
-/*
- * Name: curl_multi_add_handle()
- *
- * Desc: add a standard curl handle to the multi stack
- *
- * Returns: CURLMcode type, general multi error code.
- */
-CURL_EXTERN CURLMcode curl_multi_add_handle(CURLM *multi_handle,
- CURL *curl_handle);
-
- /*
- * Name: curl_multi_remove_handle()
- *
- * Desc: removes a curl handle from the multi stack again
- *
- * Returns: CURLMcode type, general multi error code.
- */
-CURL_EXTERN CURLMcode curl_multi_remove_handle(CURLM *multi_handle,
- CURL *curl_handle);
-
- /*
- * Name: curl_multi_fdset()
- *
- * Desc: Ask curl for its fd_set sets. The app can use these to select() or
- * poll() on. We want curl_multi_perform() called as soon as one of
- * them are ready.
- *
- * Returns: CURLMcode type, general multi error code.
- */
-CURL_EXTERN CURLMcode curl_multi_fdset(CURLM *multi_handle,
- fd_set *read_fd_set,
- fd_set *write_fd_set,
- fd_set *exc_fd_set,
- int *max_fd);
-
-/*
- * Name: curl_multi_wait()
- *
- * Desc: Poll on all fds within a CURLM set as well as any
- * additional fds passed to the function.
- *
- * Returns: CURLMcode type, general multi error code.
- */
-CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle,
- struct curl_waitfd extra_fds[],
- unsigned int extra_nfds,
- int timeout_ms,
- int *ret);
-
- /*
- * Name: curl_multi_perform()
- *
- * Desc: When the app thinks there's data available for curl it calls this
- * function to read/write whatever there is right now. This returns
- * as soon as the reads and writes are done. This function does not
- * require that there actually is data available for reading or that
- * data can be written, it can be called just in case. It returns
- * the number of handles that still transfer data in the second
- * argument's integer-pointer.
- *
- * Returns: CURLMcode type, general multi error code. *NOTE* that this only
- * returns errors etc regarding the whole multi stack. There might
- * still have occurred problems on invidual transfers even when this
- * returns OK.
- */
-CURL_EXTERN CURLMcode curl_multi_perform(CURLM *multi_handle,
- int *running_handles);
-
- /*
- * Name: curl_multi_cleanup()
- *
- * Desc: Cleans up and removes a whole multi stack. It does not free or
- * touch any individual easy handles in any way. We need to define
- * in what state those handles will be if this function is called
- * in the middle of a transfer.
- *
- * Returns: CURLMcode type, general multi error code.
- */
-CURL_EXTERN CURLMcode curl_multi_cleanup(CURLM *multi_handle);
-
-/*
- * Name: curl_multi_info_read()
- *
- * Desc: Ask the multi handle if there's any messages/informationals from
- * the individual transfers. Messages include informationals such as
- * error code from the transfer or just the fact that a transfer is
- * completed. More details on these should be written down as well.
- *
- * Repeated calls to this function will return a new struct each
- * time, until a special "end of msgs" struct is returned as a signal
- * that there is no more to get at this point.
- *
- * The data the returned pointer points to will not survive calling
- * curl_multi_cleanup().
- *
- * The 'CURLMsg' struct is meant to be very simple and only contain
- * very basic informations. If more involved information is wanted,
- * we will provide the particular "transfer handle" in that struct
- * and that should/could/would be used in subsequent
- * curl_easy_getinfo() calls (or similar). The point being that we
- * must never expose complex structs to applications, as then we'll
- * undoubtably get backwards compatibility problems in the future.
- *
- * Returns: A pointer to a filled-in struct, or NULL if it failed or ran out
- * of structs. It also writes the number of messages left in the
- * queue (after this read) in the integer the second argument points
- * to.
- */
-CURL_EXTERN CURLMsg *curl_multi_info_read(CURLM *multi_handle,
- int *msgs_in_queue);
-
-/*
- * Name: curl_multi_strerror()
- *
- * Desc: The curl_multi_strerror function may be used to turn a CURLMcode
- * value into the equivalent human readable error string. This is
- * useful for printing meaningful error messages.
- *
- * Returns: A pointer to a zero-terminated error message.
- */
-CURL_EXTERN const char *curl_multi_strerror(CURLMcode);
-
-/*
- * Name: curl_multi_socket() and
- * curl_multi_socket_all()
- *
- * Desc: An alternative version of curl_multi_perform() that allows the
- * application to pass in one of the file descriptors that have been
- * detected to have "action" on them and let libcurl perform.
- * See man page for details.
- */
-#define CURL_POLL_NONE 0
-#define CURL_POLL_IN 1
-#define CURL_POLL_OUT 2
-#define CURL_POLL_INOUT 3
-#define CURL_POLL_REMOVE 4
-
-#define CURL_SOCKET_TIMEOUT CURL_SOCKET_BAD
-
-#define CURL_CSELECT_IN 0x01
-#define CURL_CSELECT_OUT 0x02
-#define CURL_CSELECT_ERR 0x04
-
-typedef int (*curl_socket_callback)(CURL *easy, /* easy handle */
- curl_socket_t s, /* socket */
- int what, /* see above */
- void *userp, /* private callback
- pointer */
- void *socketp); /* private socket
- pointer */
-/*
- * Name: curl_multi_timer_callback
- *
- * Desc: Called by libcurl whenever the library detects a change in the
- * maximum number of milliseconds the app is allowed to wait before
- * curl_multi_socket() or curl_multi_perform() must be called
- * (to allow libcurl's timed events to take place).
- *
- * Returns: The callback should return zero.
- */
-typedef int (*curl_multi_timer_callback)(CURLM *multi, /* multi handle */
- long timeout_ms, /* see above */
- void *userp); /* private callback
- pointer */
-
-CURL_EXTERN CURLMcode curl_multi_socket(CURLM *multi_handle, curl_socket_t s,
- int *running_handles);
-
-CURL_EXTERN CURLMcode curl_multi_socket_action(CURLM *multi_handle,
- curl_socket_t s,
- int ev_bitmask,
- int *running_handles);
-
-CURL_EXTERN CURLMcode curl_multi_socket_all(CURLM *multi_handle,
- int *running_handles);
-
-#ifndef CURL_ALLOW_OLD_MULTI_SOCKET
-/* This macro below was added in 7.16.3 to push users who recompile to use
- the new curl_multi_socket_action() instead of the old curl_multi_socket()
-*/
-#define curl_multi_socket(x,y,z) curl_multi_socket_action(x,y,0,z)
-#endif
-
-/*
- * Name: curl_multi_timeout()
- *
- * Desc: Returns the maximum number of milliseconds the app is allowed to
- * wait before curl_multi_socket() or curl_multi_perform() must be
- * called (to allow libcurl's timed events to take place).
- *
- * Returns: CURLM error code.
- */
-CURL_EXTERN CURLMcode curl_multi_timeout(CURLM *multi_handle,
- long *milliseconds);
-
-#undef CINIT /* re-using the same name as in curl.h */
-
-#ifdef CURL_ISOCPP
-#define CINIT(name,type,num) CURLMOPT_ ## name = CURLOPTTYPE_ ## type + num
-#else
-/* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */
-#define LONG CURLOPTTYPE_LONG
-#define OBJECTPOINT CURLOPTTYPE_OBJECTPOINT
-#define FUNCTIONPOINT CURLOPTTYPE_FUNCTIONPOINT
-#define OFF_T CURLOPTTYPE_OFF_T
-#define CINIT(name,type,number) CURLMOPT_/**/name = type + number
-#endif
-
-typedef enum {
- /* This is the socket callback function pointer */
- CINIT(SOCKETFUNCTION, FUNCTIONPOINT, 1),
-
- /* This is the argument passed to the socket callback */
- CINIT(SOCKETDATA, OBJECTPOINT, 2),
-
- /* set to 1 to enable pipelining for this multi handle */
- CINIT(PIPELINING, LONG, 3),
-
- /* This is the timer callback function pointer */
- CINIT(TIMERFUNCTION, FUNCTIONPOINT, 4),
-
- /* This is the argument passed to the timer callback */
- CINIT(TIMERDATA, OBJECTPOINT, 5),
-
- /* maximum number of entries in the connection cache */
- CINIT(MAXCONNECTS, LONG, 6),
-
- /* maximum number of (pipelining) connections to one host */
- CINIT(MAX_HOST_CONNECTIONS, LONG, 7),
-
- /* maximum number of requests in a pipeline */
- CINIT(MAX_PIPELINE_LENGTH, LONG, 8),
-
- /* a connection with a content-length longer than this
- will not be considered for pipelining */
- CINIT(CONTENT_LENGTH_PENALTY_SIZE, OFF_T, 9),
-
- /* a connection with a chunk length longer than this
- will not be considered for pipelining */
- CINIT(CHUNK_LENGTH_PENALTY_SIZE, OFF_T, 10),
-
- /* a list of site names(+port) that are blacklisted from
- pipelining */
- CINIT(PIPELINING_SITE_BL, OBJECTPOINT, 11),
-
- /* a list of server types that are blacklisted from
- pipelining */
- CINIT(PIPELINING_SERVER_BL, OBJECTPOINT, 12),
-
- /* maximum number of open connections in total */
- CINIT(MAX_TOTAL_CONNECTIONS, LONG, 13),
-
- /* This is the server push callback function pointer */
- CINIT(PUSHFUNCTION, FUNCTIONPOINT, 14),
-
- /* This is the argument passed to the server push callback */
- CINIT(PUSHDATA, OBJECTPOINT, 15),
-
- CURLMOPT_LASTENTRY /* the last unused */
-} CURLMoption;
-
-
-/*
- * Name: curl_multi_setopt()
- *
- * Desc: Sets options for the multi handle.
- *
- * Returns: CURLM error code.
- */
-CURL_EXTERN CURLMcode curl_multi_setopt(CURLM *multi_handle,
- CURLMoption option, ...);
-
-
-/*
- * Name: curl_multi_assign()
- *
- * Desc: This function sets an association in the multi handle between the
- * given socket and a private pointer of the application. This is
- * (only) useful for curl_multi_socket uses.
- *
- * Returns: CURLM error code.
- */
-CURL_EXTERN CURLMcode curl_multi_assign(CURLM *multi_handle,
- curl_socket_t sockfd, void *sockp);
-
-
-/*
- * Name: curl_push_callback
- *
- * Desc: This callback gets called when a new stream is being pushed by the
- * server. It approves or denies the new stream.
- *
- * Returns: CURL_PUSH_OK or CURL_PUSH_DENY.
- */
-#define CURL_PUSH_OK 0
-#define CURL_PUSH_DENY 1
-
-struct curl_pushheaders; /* forward declaration only */
-
-CURL_EXTERN char *curl_pushheader_bynum(struct curl_pushheaders *h,
- size_t num);
-CURL_EXTERN char *curl_pushheader_byname(struct curl_pushheaders *h,
- const char *name);
-
-typedef int (*curl_push_callback)(CURL *parent,
- CURL *easy,
- size_t num_headers,
- struct curl_pushheaders *headers,
- void *userp);
-
-#ifdef __cplusplus
-} /* end of extern "C" */
-#endif
-
-#endif
diff --git a/include/curl/stdcheaders.h b/include/curl/stdcheaders.h
deleted file mode 100644
index 6f0f7f343..000000000
--- a/include/curl/stdcheaders.h
+++ /dev/null
@@ -1,33 +0,0 @@
-#ifndef __STDC_HEADERS_H
-#define __STDC_HEADERS_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-#include <sys/types.h>
-
-size_t fread (void *, size_t, size_t, FILE *);
-size_t fwrite (const void *, size_t, size_t, FILE *);
-
-int strcasecmp(const char *, const char *);
-int strncasecmp(const char *, const char *, size_t);
-
-#endif /* __STDC_HEADERS_H */
diff --git a/include/curl/typecheck-gcc.h b/include/curl/typecheck-gcc.h
deleted file mode 100644
index 6ec8bcfd4..000000000
--- a/include/curl/typecheck-gcc.h
+++ /dev/null
@@ -1,622 +0,0 @@
-#ifndef __CURL_TYPECHECK_GCC_H
-#define __CURL_TYPECHECK_GCC_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-/* wraps curl_easy_setopt() with typechecking */
-
-/* To add a new kind of warning, add an
- * if(_curl_is_sometype_option(_curl_opt))
- * if(!_curl_is_sometype(value))
- * _curl_easy_setopt_err_sometype();
- * block and define _curl_is_sometype_option, _curl_is_sometype and
- * _curl_easy_setopt_err_sometype below
- *
- * NOTE: We use two nested 'if' statements here instead of the && operator, in
- * order to work around gcc bug #32061. It affects only gcc 4.3.x/4.4.x
- * when compiling with -Wlogical-op.
- *
- * To add an option that uses the same type as an existing option, you'll just
- * need to extend the appropriate _curl_*_option macro
- */
-#define curl_easy_setopt(handle, option, value) \
-__extension__ ({ \
- __typeof__ (option) _curl_opt = option; \
- if(__builtin_constant_p(_curl_opt)) { \
- if(_curl_is_long_option(_curl_opt)) \
- if(!_curl_is_long(value)) \
- _curl_easy_setopt_err_long(); \
- if(_curl_is_off_t_option(_curl_opt)) \
- if(!_curl_is_off_t(value)) \
- _curl_easy_setopt_err_curl_off_t(); \
- if(_curl_is_string_option(_curl_opt)) \
- if(!_curl_is_string(value)) \
- _curl_easy_setopt_err_string(); \
- if(_curl_is_write_cb_option(_curl_opt)) \
- if(!_curl_is_write_cb(value)) \
- _curl_easy_setopt_err_write_callback(); \
- if((_curl_opt) == CURLOPT_READFUNCTION) \
- if(!_curl_is_read_cb(value)) \
- _curl_easy_setopt_err_read_cb(); \
- if((_curl_opt) == CURLOPT_IOCTLFUNCTION) \
- if(!_curl_is_ioctl_cb(value)) \
- _curl_easy_setopt_err_ioctl_cb(); \
- if((_curl_opt) == CURLOPT_SOCKOPTFUNCTION) \
- if(!_curl_is_sockopt_cb(value)) \
- _curl_easy_setopt_err_sockopt_cb(); \
- if((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION) \
- if(!_curl_is_opensocket_cb(value)) \
- _curl_easy_setopt_err_opensocket_cb(); \
- if((_curl_opt) == CURLOPT_PROGRESSFUNCTION) \
- if(!_curl_is_progress_cb(value)) \
- _curl_easy_setopt_err_progress_cb(); \
- if((_curl_opt) == CURLOPT_DEBUGFUNCTION) \
- if(!_curl_is_debug_cb(value)) \
- _curl_easy_setopt_err_debug_cb(); \
- if((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION) \
- if(!_curl_is_ssl_ctx_cb(value)) \
- _curl_easy_setopt_err_ssl_ctx_cb(); \
- if(_curl_is_conv_cb_option(_curl_opt)) \
- if(!_curl_is_conv_cb(value)) \
- _curl_easy_setopt_err_conv_cb(); \
- if((_curl_opt) == CURLOPT_SEEKFUNCTION) \
- if(!_curl_is_seek_cb(value)) \
- _curl_easy_setopt_err_seek_cb(); \
- if(_curl_is_cb_data_option(_curl_opt)) \
- if(!_curl_is_cb_data(value)) \
- _curl_easy_setopt_err_cb_data(); \
- if((_curl_opt) == CURLOPT_ERRORBUFFER) \
- if(!_curl_is_error_buffer(value)) \
- _curl_easy_setopt_err_error_buffer(); \
- if((_curl_opt) == CURLOPT_STDERR) \
- if(!_curl_is_FILE(value)) \
- _curl_easy_setopt_err_FILE(); \
- if(_curl_is_postfields_option(_curl_opt)) \
- if(!_curl_is_postfields(value)) \
- _curl_easy_setopt_err_postfields(); \
- if((_curl_opt) == CURLOPT_HTTPPOST) \
- if(!_curl_is_arr((value), struct curl_httppost)) \
- _curl_easy_setopt_err_curl_httpost(); \
- if(_curl_is_slist_option(_curl_opt)) \
- if(!_curl_is_arr((value), struct curl_slist)) \
- _curl_easy_setopt_err_curl_slist(); \
- if((_curl_opt) == CURLOPT_SHARE) \
- if(!_curl_is_ptr((value), CURLSH)) \
- _curl_easy_setopt_err_CURLSH(); \
- } \
- curl_easy_setopt(handle, _curl_opt, value); \
-})
-
-/* wraps curl_easy_getinfo() with typechecking */
-/* FIXME: don't allow const pointers */
-#define curl_easy_getinfo(handle, info, arg) \
-__extension__ ({ \
- __typeof__ (info) _curl_info = info; \
- if(__builtin_constant_p(_curl_info)) { \
- if(_curl_is_string_info(_curl_info)) \
- if(!_curl_is_arr((arg), char *)) \
- _curl_easy_getinfo_err_string(); \
- if(_curl_is_long_info(_curl_info)) \
- if(!_curl_is_arr((arg), long)) \
- _curl_easy_getinfo_err_long(); \
- if(_curl_is_double_info(_curl_info)) \
- if(!_curl_is_arr((arg), double)) \
- _curl_easy_getinfo_err_double(); \
- if(_curl_is_slist_info(_curl_info)) \
- if(!_curl_is_arr((arg), struct curl_slist *)) \
- _curl_easy_getinfo_err_curl_slist(); \
- } \
- curl_easy_getinfo(handle, _curl_info, arg); \
-})
-
-/* TODO: typechecking for curl_share_setopt() and curl_multi_setopt(),
- * for now just make sure that the functions are called with three
- * arguments
- */
-#define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
-#define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
-
-
-/* the actual warnings, triggered by calling the _curl_easy_setopt_err*
- * functions */
-
-/* To define a new warning, use _CURL_WARNING(identifier, "message") */
-#define _CURL_WARNING(id, message) \
- static void __attribute__((__warning__(message))) \
- __attribute__((__unused__)) __attribute__((__noinline__)) \
- id(void) { __asm__(""); }
-
-_CURL_WARNING(_curl_easy_setopt_err_long,
- "curl_easy_setopt expects a long argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_curl_off_t,
- "curl_easy_setopt expects a curl_off_t argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_string,
- "curl_easy_setopt expects a "
- "string (char* or char[]) argument for this option"
- )
-_CURL_WARNING(_curl_easy_setopt_err_write_callback,
- "curl_easy_setopt expects a curl_write_callback argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_read_cb,
- "curl_easy_setopt expects a curl_read_callback argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_ioctl_cb,
- "curl_easy_setopt expects a curl_ioctl_callback argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_sockopt_cb,
- "curl_easy_setopt expects a curl_sockopt_callback argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_opensocket_cb,
- "curl_easy_setopt expects a "
- "curl_opensocket_callback argument for this option"
- )
-_CURL_WARNING(_curl_easy_setopt_err_progress_cb,
- "curl_easy_setopt expects a curl_progress_callback argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_debug_cb,
- "curl_easy_setopt expects a curl_debug_callback argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_ssl_ctx_cb,
- "curl_easy_setopt expects a curl_ssl_ctx_callback argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_conv_cb,
- "curl_easy_setopt expects a curl_conv_callback argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_seek_cb,
- "curl_easy_setopt expects a curl_seek_callback argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_cb_data,
- "curl_easy_setopt expects a "
- "private data pointer as argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_error_buffer,
- "curl_easy_setopt expects a "
- "char buffer of CURL_ERROR_SIZE as argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_FILE,
- "curl_easy_setopt expects a FILE* argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_postfields,
- "curl_easy_setopt expects a void* or char* argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_curl_httpost,
- "curl_easy_setopt expects a struct curl_httppost* argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_curl_slist,
- "curl_easy_setopt expects a struct curl_slist* argument for this option")
-_CURL_WARNING(_curl_easy_setopt_err_CURLSH,
- "curl_easy_setopt expects a CURLSH* argument for this option")
-
-_CURL_WARNING(_curl_easy_getinfo_err_string,
- "curl_easy_getinfo expects a pointer to char * for this info")
-_CURL_WARNING(_curl_easy_getinfo_err_long,
- "curl_easy_getinfo expects a pointer to long for this info")
-_CURL_WARNING(_curl_easy_getinfo_err_double,
- "curl_easy_getinfo expects a pointer to double for this info")
-_CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
- "curl_easy_getinfo expects a pointer to struct curl_slist * for this info")
-
-/* groups of curl_easy_setops options that take the same type of argument */
-
-/* To add a new option to one of the groups, just add
- * (option) == CURLOPT_SOMETHING
- * to the or-expression. If the option takes a long or curl_off_t, you don't
- * have to do anything
- */
-
-/* evaluates to true if option takes a long argument */
-#define _curl_is_long_option(option) \
- (0 < (option) && (option) < CURLOPTTYPE_OBJECTPOINT)
-
-#define _curl_is_off_t_option(option) \
- ((option) > CURLOPTTYPE_OFF_T)
-
-/* evaluates to true if option takes a char* argument */
-#define _curl_is_string_option(option) \
- ((option) == CURLOPT_ACCEPT_ENCODING || \
- (option) == CURLOPT_CAINFO || \
- (option) == CURLOPT_CAPATH || \
- (option) == CURLOPT_COOKIE || \
- (option) == CURLOPT_COOKIEFILE || \
- (option) == CURLOPT_COOKIEJAR || \
- (option) == CURLOPT_COOKIELIST || \
- (option) == CURLOPT_CRLFILE || \
- (option) == CURLOPT_CUSTOMREQUEST || \
- (option) == CURLOPT_DEFAULT_PROTOCOL || \
- (option) == CURLOPT_DNS_INTERFACE || \
- (option) == CURLOPT_DNS_LOCAL_IP4 || \
- (option) == CURLOPT_DNS_LOCAL_IP6 || \
- (option) == CURLOPT_DNS_SERVERS || \
- (option) == CURLOPT_EGDSOCKET || \
- (option) == CURLOPT_FTPPORT || \
- (option) == CURLOPT_FTP_ACCOUNT || \
- (option) == CURLOPT_FTP_ALTERNATIVE_TO_USER || \
- (option) == CURLOPT_INTERFACE || \
- (option) == CURLOPT_ISSUERCERT || \
- (option) == CURLOPT_KEYPASSWD || \
- (option) == CURLOPT_KRBLEVEL || \
- (option) == CURLOPT_LOGIN_OPTIONS || \
- (option) == CURLOPT_MAIL_AUTH || \
- (option) == CURLOPT_MAIL_FROM || \
- (option) == CURLOPT_NETRC_FILE || \
- (option) == CURLOPT_NOPROXY || \
- (option) == CURLOPT_PASSWORD || \
- (option) == CURLOPT_PINNEDPUBLICKEY || \
- (option) == CURLOPT_PROXY || \
- (option) == CURLOPT_PROXYPASSWORD || \
- (option) == CURLOPT_PROXYUSERNAME || \
- (option) == CURLOPT_PROXYUSERPWD || \
- (option) == CURLOPT_PROXY_SERVICE_NAME || \
- (option) == CURLOPT_RANDOM_FILE || \
- (option) == CURLOPT_RANGE || \
- (option) == CURLOPT_REFERER || \
- (option) == CURLOPT_RTSP_SESSION_ID || \
- (option) == CURLOPT_RTSP_STREAM_URI || \
- (option) == CURLOPT_RTSP_TRANSPORT || \
- (option) == CURLOPT_SERVICE_NAME || \
- (option) == CURLOPT_SOCKS5_GSSAPI_SERVICE || \
- (option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 || \
- (option) == CURLOPT_SSH_KNOWNHOSTS || \
- (option) == CURLOPT_SSH_PRIVATE_KEYFILE || \
- (option) == CURLOPT_SSH_PUBLIC_KEYFILE || \
- (option) == CURLOPT_SSLCERT || \
- (option) == CURLOPT_SSLCERTTYPE || \
- (option) == CURLOPT_SSLENGINE || \
- (option) == CURLOPT_SSLKEY || \
- (option) == CURLOPT_SSLKEYTYPE || \
- (option) == CURLOPT_SSL_CIPHER_LIST || \
- (option) == CURLOPT_TLSAUTH_PASSWORD || \
- (option) == CURLOPT_TLSAUTH_TYPE || \
- (option) == CURLOPT_TLSAUTH_USERNAME || \
- (option) == CURLOPT_UNIX_SOCKET_PATH || \
- (option) == CURLOPT_URL || \
- (option) == CURLOPT_USERAGENT || \
- (option) == CURLOPT_USERNAME || \
- (option) == CURLOPT_USERPWD || \
- (option) == CURLOPT_XOAUTH2_BEARER || \
- 0)
-
-/* evaluates to true if option takes a curl_write_callback argument */
-#define _curl_is_write_cb_option(option) \
- ((option) == CURLOPT_HEADERFUNCTION || \
- (option) == CURLOPT_WRITEFUNCTION)
-
-/* evaluates to true if option takes a curl_conv_callback argument */
-#define _curl_is_conv_cb_option(option) \
- ((option) == CURLOPT_CONV_TO_NETWORK_FUNCTION || \
- (option) == CURLOPT_CONV_FROM_NETWORK_FUNCTION || \
- (option) == CURLOPT_CONV_FROM_UTF8_FUNCTION)
-
-/* evaluates to true if option takes a data argument to pass to a callback */
-#define _curl_is_cb_data_option(option) \
- ((option) == CURLOPT_CHUNK_DATA || \
- (option) == CURLOPT_CLOSESOCKETDATA || \
- (option) == CURLOPT_DEBUGDATA || \
- (option) == CURLOPT_FNMATCH_DATA || \
- (option) == CURLOPT_HEADERDATA || \
- (option) == CURLOPT_INTERLEAVEDATA || \
- (option) == CURLOPT_IOCTLDATA || \
- (option) == CURLOPT_OPENSOCKETDATA || \
- (option) == CURLOPT_PRIVATE || \
- (option) == CURLOPT_PROGRESSDATA || \
- (option) == CURLOPT_READDATA || \
- (option) == CURLOPT_SEEKDATA || \
- (option) == CURLOPT_SOCKOPTDATA || \
- (option) == CURLOPT_SSH_KEYDATA || \
- (option) == CURLOPT_SSL_CTX_DATA || \
- (option) == CURLOPT_WRITEDATA || \
- 0)
-
-/* evaluates to true if option takes a POST data argument (void* or char*) */
-#define _curl_is_postfields_option(option) \
- ((option) == CURLOPT_POSTFIELDS || \
- (option) == CURLOPT_COPYPOSTFIELDS || \
- 0)
-
-/* evaluates to true if option takes a struct curl_slist * argument */
-#define _curl_is_slist_option(option) \
- ((option) == CURLOPT_HTTP200ALIASES || \
- (option) == CURLOPT_HTTPHEADER || \
- (option) == CURLOPT_MAIL_RCPT || \
- (option) == CURLOPT_POSTQUOTE || \
- (option) == CURLOPT_PREQUOTE || \
- (option) == CURLOPT_PROXYHEADER || \
- (option) == CURLOPT_QUOTE || \
- (option) == CURLOPT_RESOLVE || \
- (option) == CURLOPT_TELNETOPTIONS || \
- 0)
-
-/* groups of curl_easy_getinfo infos that take the same type of argument */
-
-/* evaluates to true if info expects a pointer to char * argument */
-#define _curl_is_string_info(info) \
- (CURLINFO_STRING < (info) && (info) < CURLINFO_LONG)
-
-/* evaluates to true if info expects a pointer to long argument */
-#define _curl_is_long_info(info) \
- (CURLINFO_LONG < (info) && (info) < CURLINFO_DOUBLE)
-
-/* evaluates to true if info expects a pointer to double argument */
-#define _curl_is_double_info(info) \
- (CURLINFO_DOUBLE < (info) && (info) < CURLINFO_SLIST)
-
-/* true if info expects a pointer to struct curl_slist * argument */
-#define _curl_is_slist_info(info) \
- (CURLINFO_SLIST < (info))
-
-
-/* typecheck helpers -- check whether given expression has requested type*/
-
-/* For pointers, you can use the _curl_is_ptr/_curl_is_arr macros,
- * otherwise define a new macro. Search for __builtin_types_compatible_p
- * in the GCC manual.
- * NOTE: these macros MUST NOT EVALUATE their arguments! The argument is
- * the actual expression passed to the curl_easy_setopt macro. This
- * means that you can only apply the sizeof and __typeof__ operators, no
- * == or whatsoever.
- */
-
-/* XXX: should evaluate to true iff expr is a pointer */
-#define _curl_is_any_ptr(expr) \
- (sizeof(expr) == sizeof(void*))
-
-/* evaluates to true if expr is NULL */
-/* XXX: must not evaluate expr, so this check is not accurate */
-#define _curl_is_NULL(expr) \
- (__builtin_types_compatible_p(__typeof__(expr), __typeof__(NULL)))
-
-/* evaluates to true if expr is type*, const type* or NULL */
-#define _curl_is_ptr(expr, type) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), type *) || \
- __builtin_types_compatible_p(__typeof__(expr), const type *))
-
-/* evaluates to true if expr is one of type[], type*, NULL or const type* */
-#define _curl_is_arr(expr, type) \
- (_curl_is_ptr((expr), type) || \
- __builtin_types_compatible_p(__typeof__(expr), type []))
-
-/* evaluates to true if expr is a string */
-#define _curl_is_string(expr) \
- (_curl_is_arr((expr), char) || \
- _curl_is_arr((expr), signed char) || \
- _curl_is_arr((expr), unsigned char))
-
-/* evaluates to true if expr is a long (no matter the signedness)
- * XXX: for now, int is also accepted (and therefore short and char, which
- * are promoted to int when passed to a variadic function) */
-#define _curl_is_long(expr) \
- (__builtin_types_compatible_p(__typeof__(expr), long) || \
- __builtin_types_compatible_p(__typeof__(expr), signed long) || \
- __builtin_types_compatible_p(__typeof__(expr), unsigned long) || \
- __builtin_types_compatible_p(__typeof__(expr), int) || \
- __builtin_types_compatible_p(__typeof__(expr), signed int) || \
- __builtin_types_compatible_p(__typeof__(expr), unsigned int) || \
- __builtin_types_compatible_p(__typeof__(expr), short) || \
- __builtin_types_compatible_p(__typeof__(expr), signed short) || \
- __builtin_types_compatible_p(__typeof__(expr), unsigned short) || \
- __builtin_types_compatible_p(__typeof__(expr), char) || \
- __builtin_types_compatible_p(__typeof__(expr), signed char) || \
- __builtin_types_compatible_p(__typeof__(expr), unsigned char))
-
-/* evaluates to true if expr is of type curl_off_t */
-#define _curl_is_off_t(expr) \
- (__builtin_types_compatible_p(__typeof__(expr), curl_off_t))
-
-/* evaluates to true if expr is abuffer suitable for CURLOPT_ERRORBUFFER */
-/* XXX: also check size of an char[] array? */
-#define _curl_is_error_buffer(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), char *) || \
- __builtin_types_compatible_p(__typeof__(expr), char[]))
-
-/* evaluates to true if expr is of type (const) void* or (const) FILE* */
-#if 0
-#define _curl_is_cb_data(expr) \
- (_curl_is_ptr((expr), void) || \
- _curl_is_ptr((expr), FILE))
-#else /* be less strict */
-#define _curl_is_cb_data(expr) \
- _curl_is_any_ptr(expr)
-#endif
-
-/* evaluates to true if expr is of type FILE* */
-#define _curl_is_FILE(expr) \
- (__builtin_types_compatible_p(__typeof__(expr), FILE *))
-
-/* evaluates to true if expr can be passed as POST data (void* or char*) */
-#define _curl_is_postfields(expr) \
- (_curl_is_ptr((expr), void) || \
- _curl_is_arr((expr), char))
-
-/* FIXME: the whole callback checking is messy...
- * The idea is to tolerate char vs. void and const vs. not const
- * pointers in arguments at least
- */
-/* helper: __builtin_types_compatible_p distinguishes between functions and
- * function pointers, hide it */
-#define _curl_callback_compatible(func, type) \
- (__builtin_types_compatible_p(__typeof__(func), type) || \
- __builtin_types_compatible_p(__typeof__(func), type*))
-
-/* evaluates to true if expr is of type curl_read_callback or "similar" */
-#define _curl_is_read_cb(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), __typeof__(fread)) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_read_callback) || \
- _curl_callback_compatible((expr), _curl_read_callback1) || \
- _curl_callback_compatible((expr), _curl_read_callback2) || \
- _curl_callback_compatible((expr), _curl_read_callback3) || \
- _curl_callback_compatible((expr), _curl_read_callback4) || \
- _curl_callback_compatible((expr), _curl_read_callback5) || \
- _curl_callback_compatible((expr), _curl_read_callback6))
-typedef size_t (_curl_read_callback1)(char *, size_t, size_t, void*);
-typedef size_t (_curl_read_callback2)(char *, size_t, size_t, const void*);
-typedef size_t (_curl_read_callback3)(char *, size_t, size_t, FILE*);
-typedef size_t (_curl_read_callback4)(void *, size_t, size_t, void*);
-typedef size_t (_curl_read_callback5)(void *, size_t, size_t, const void*);
-typedef size_t (_curl_read_callback6)(void *, size_t, size_t, FILE*);
-
-/* evaluates to true if expr is of type curl_write_callback or "similar" */
-#define _curl_is_write_cb(expr) \
- (_curl_is_read_cb(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), __typeof__(fwrite)) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_write_callback) || \
- _curl_callback_compatible((expr), _curl_write_callback1) || \
- _curl_callback_compatible((expr), _curl_write_callback2) || \
- _curl_callback_compatible((expr), _curl_write_callback3) || \
- _curl_callback_compatible((expr), _curl_write_callback4) || \
- _curl_callback_compatible((expr), _curl_write_callback5) || \
- _curl_callback_compatible((expr), _curl_write_callback6))
-typedef size_t (_curl_write_callback1)(const char *, size_t, size_t, void*);
-typedef size_t (_curl_write_callback2)(const char *, size_t, size_t,
- const void*);
-typedef size_t (_curl_write_callback3)(const char *, size_t, size_t, FILE*);
-typedef size_t (_curl_write_callback4)(const void *, size_t, size_t, void*);
-typedef size_t (_curl_write_callback5)(const void *, size_t, size_t,
- const void*);
-typedef size_t (_curl_write_callback6)(const void *, size_t, size_t, FILE*);
-
-/* evaluates to true if expr is of type curl_ioctl_callback or "similar" */
-#define _curl_is_ioctl_cb(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_ioctl_callback) || \
- _curl_callback_compatible((expr), _curl_ioctl_callback1) || \
- _curl_callback_compatible((expr), _curl_ioctl_callback2) || \
- _curl_callback_compatible((expr), _curl_ioctl_callback3) || \
- _curl_callback_compatible((expr), _curl_ioctl_callback4))
-typedef curlioerr (_curl_ioctl_callback1)(CURL *, int, void*);
-typedef curlioerr (_curl_ioctl_callback2)(CURL *, int, const void*);
-typedef curlioerr (_curl_ioctl_callback3)(CURL *, curliocmd, void*);
-typedef curlioerr (_curl_ioctl_callback4)(CURL *, curliocmd, const void*);
-
-/* evaluates to true if expr is of type curl_sockopt_callback or "similar" */
-#define _curl_is_sockopt_cb(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_sockopt_callback) || \
- _curl_callback_compatible((expr), _curl_sockopt_callback1) || \
- _curl_callback_compatible((expr), _curl_sockopt_callback2))
-typedef int (_curl_sockopt_callback1)(void *, curl_socket_t, curlsocktype);
-typedef int (_curl_sockopt_callback2)(const void *, curl_socket_t,
- curlsocktype);
-
-/* evaluates to true if expr is of type curl_opensocket_callback or
- "similar" */
-#define _curl_is_opensocket_cb(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_opensocket_callback) ||\
- _curl_callback_compatible((expr), _curl_opensocket_callback1) || \
- _curl_callback_compatible((expr), _curl_opensocket_callback2) || \
- _curl_callback_compatible((expr), _curl_opensocket_callback3) || \
- _curl_callback_compatible((expr), _curl_opensocket_callback4))
-typedef curl_socket_t (_curl_opensocket_callback1)
- (void *, curlsocktype, struct curl_sockaddr *);
-typedef curl_socket_t (_curl_opensocket_callback2)
- (void *, curlsocktype, const struct curl_sockaddr *);
-typedef curl_socket_t (_curl_opensocket_callback3)
- (const void *, curlsocktype, struct curl_sockaddr *);
-typedef curl_socket_t (_curl_opensocket_callback4)
- (const void *, curlsocktype, const struct curl_sockaddr *);
-
-/* evaluates to true if expr is of type curl_progress_callback or "similar" */
-#define _curl_is_progress_cb(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_progress_callback) || \
- _curl_callback_compatible((expr), _curl_progress_callback1) || \
- _curl_callback_compatible((expr), _curl_progress_callback2))
-typedef int (_curl_progress_callback1)(void *,
- double, double, double, double);
-typedef int (_curl_progress_callback2)(const void *,
- double, double, double, double);
-
-/* evaluates to true if expr is of type curl_debug_callback or "similar" */
-#define _curl_is_debug_cb(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_debug_callback) || \
- _curl_callback_compatible((expr), _curl_debug_callback1) || \
- _curl_callback_compatible((expr), _curl_debug_callback2) || \
- _curl_callback_compatible((expr), _curl_debug_callback3) || \
- _curl_callback_compatible((expr), _curl_debug_callback4) || \
- _curl_callback_compatible((expr), _curl_debug_callback5) || \
- _curl_callback_compatible((expr), _curl_debug_callback6) || \
- _curl_callback_compatible((expr), _curl_debug_callback7) || \
- _curl_callback_compatible((expr), _curl_debug_callback8))
-typedef int (_curl_debug_callback1) (CURL *,
- curl_infotype, char *, size_t, void *);
-typedef int (_curl_debug_callback2) (CURL *,
- curl_infotype, char *, size_t, const void *);
-typedef int (_curl_debug_callback3) (CURL *,
- curl_infotype, const char *, size_t, void *);
-typedef int (_curl_debug_callback4) (CURL *,
- curl_infotype, const char *, size_t, const void *);
-typedef int (_curl_debug_callback5) (CURL *,
- curl_infotype, unsigned char *, size_t, void *);
-typedef int (_curl_debug_callback6) (CURL *,
- curl_infotype, unsigned char *, size_t, const void *);
-typedef int (_curl_debug_callback7) (CURL *,
- curl_infotype, const unsigned char *, size_t, void *);
-typedef int (_curl_debug_callback8) (CURL *,
- curl_infotype, const unsigned char *, size_t, const void *);
-
-/* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */
-/* this is getting even messier... */
-#define _curl_is_ssl_ctx_cb(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_ssl_ctx_callback) || \
- _curl_callback_compatible((expr), _curl_ssl_ctx_callback1) || \
- _curl_callback_compatible((expr), _curl_ssl_ctx_callback2) || \
- _curl_callback_compatible((expr), _curl_ssl_ctx_callback3) || \
- _curl_callback_compatible((expr), _curl_ssl_ctx_callback4) || \
- _curl_callback_compatible((expr), _curl_ssl_ctx_callback5) || \
- _curl_callback_compatible((expr), _curl_ssl_ctx_callback6) || \
- _curl_callback_compatible((expr), _curl_ssl_ctx_callback7) || \
- _curl_callback_compatible((expr), _curl_ssl_ctx_callback8))
-typedef CURLcode (_curl_ssl_ctx_callback1)(CURL *, void *, void *);
-typedef CURLcode (_curl_ssl_ctx_callback2)(CURL *, void *, const void *);
-typedef CURLcode (_curl_ssl_ctx_callback3)(CURL *, const void *, void *);
-typedef CURLcode (_curl_ssl_ctx_callback4)(CURL *, const void *, const void *);
-#ifdef HEADER_SSL_H
-/* hack: if we included OpenSSL's ssl.h, we know about SSL_CTX
- * this will of course break if we're included before OpenSSL headers...
- */
-typedef CURLcode (_curl_ssl_ctx_callback5)(CURL *, SSL_CTX, void *);
-typedef CURLcode (_curl_ssl_ctx_callback6)(CURL *, SSL_CTX, const void *);
-typedef CURLcode (_curl_ssl_ctx_callback7)(CURL *, const SSL_CTX, void *);
-typedef CURLcode (_curl_ssl_ctx_callback8)(CURL *, const SSL_CTX,
- const void *);
-#else
-typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback5;
-typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback6;
-typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback7;
-typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback8;
-#endif
-
-/* evaluates to true if expr is of type curl_conv_callback or "similar" */
-#define _curl_is_conv_cb(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_conv_callback) || \
- _curl_callback_compatible((expr), _curl_conv_callback1) || \
- _curl_callback_compatible((expr), _curl_conv_callback2) || \
- _curl_callback_compatible((expr), _curl_conv_callback3) || \
- _curl_callback_compatible((expr), _curl_conv_callback4))
-typedef CURLcode (*_curl_conv_callback1)(char *, size_t length);
-typedef CURLcode (*_curl_conv_callback2)(const char *, size_t length);
-typedef CURLcode (*_curl_conv_callback3)(void *, size_t length);
-typedef CURLcode (*_curl_conv_callback4)(const void *, size_t length);
-
-/* evaluates to true if expr is of type curl_seek_callback or "similar" */
-#define _curl_is_seek_cb(expr) \
- (_curl_is_NULL(expr) || \
- __builtin_types_compatible_p(__typeof__(expr), curl_seek_callback) || \
- _curl_callback_compatible((expr), _curl_seek_callback1) || \
- _curl_callback_compatible((expr), _curl_seek_callback2))
-typedef CURLcode (*_curl_seek_callback1)(void *, curl_off_t, int);
-typedef CURLcode (*_curl_seek_callback2)(const void *, curl_off_t, int);
-
-
-#endif /* __CURL_TYPECHECK_GCC_H */
diff --git a/include/gnurl/.gitignore b/include/gnurl/.gitignore
new file mode 100644
index 000000000..555795fae
--- /dev/null
+++ b/include/gnurl/.gitignore
@@ -0,0 +1,3 @@
+curlver.h.dist
+stamp-h2
+stamp-h3
diff --git a/include/gnurl/Makefile.am b/include/gnurl/Makefile.am
new file mode 100644
index 000000000..a7c8b47c5
--- /dev/null
+++ b/include/gnurl/Makefile.am
@@ -0,0 +1,53 @@
+#***************************************************************************
+# _ _ ____ _
+# Project ___| | | | _ \| |
+# / __| | | | |_) | |
+# | (__| |_| | _ <| |___
+# \___|\___/|_| \_\_____|
+#
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+pkginclude_HEADERS = \
+ curl.h curlver.h easy.h mprintf.h stdcheaders.h multi.h \
+ typecheck-gcc.h system.h
+
+pkgincludedir= $(includedir)/gnurl
+
+# curlbuild.h does not exist in the git tree. When the original libcurl
+# source code distribution archive file is created, curlbuild.h.dist is
+# renamed to curlbuild.h and included in the tarball so that it can be
+# used directly on non-configure systems.
+#
+# The distributed curlbuild.h will be overwritten on configure systems
+# when the configure script runs, with one that is suitable and specific
+# to the library being configured and built.
+#
+# curlbuild.h.in is the distributed template file from which the configure
+# script creates curlbuild.h at library configuration time, overwiting the
+# one included in the distribution archive.
+#
+# curlbuild.h.dist is not included in the source code distribution archive.
+
+EXTRA_DIST = curlbuild.h.in
+
+DISTCLEANFILES = curlbuild.h
+
+checksrc:
+ @@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(top_srcdir)/include/gnurl
$(pkginclude_HEADERS)
+
+if CURLDEBUG
+# for debug builds, we scan the sources on all regular make invokes
+all-local: checksrc
+endif
diff --git a/include/gnurl/curl.h b/include/gnurl/curl.h
new file mode 100644
index 000000000..82fb8aeb8
--- /dev/null
+++ b/include/gnurl/curl.h
@@ -0,0 +1,2566 @@
+#ifndef __CURL_CURL_H
+#define __CURL_CURL_H
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/*
+ * If you have libcurl problems, all docs and details are found here:
+ * https://curl.haxx.se/libcurl/
+ *
+ * curl-library mailing list subscription and unsubscription web interface:
+ * https://cool.haxx.se/mailman/listinfo/curl-library/
+ */
+
+#ifdef CURL_NO_OLDIES
+#define CURL_STRICTER
+#endif
+
+#include "curlver.h" /* libcurl version defines */
+#include "system.h" /* determine things run-time */
+
+/*
+ * Define WIN32 when build target is Win32 API
+ */
+
+#if (defined(_WIN32) || defined(__WIN32__)) && \
+ !defined(WIN32) && !defined(__SYMBIAN32__)
+#define WIN32
+#endif
+
+#include <stdio.h>
+#include <limits.h>
+
+#if defined(__FreeBSD__) && (__FreeBSD__ >= 2)
+/* Needed for __FreeBSD_version symbol definition */
+#include <osreldate.h>
+#endif
+
+/* The include stuff here below is mainly for time_t! */
+#include <sys/types.h>
+#include <time.h>
+
+#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__CYGWIN__)
+#if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H) || \
+ defined(__LWIP_OPT_H__) || defined(LWIP_HDR_OPT_H))
+/* The check above prevents the winsock2 inclusion if winsock.h already was
+ included, since they can't co-exist without problems */
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#endif
+#endif
+
+/* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
+ libc5-based Linux systems. Only include it on systems that are known to
+ require it! */
+#if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || \
+ defined(__minix) || defined(__SYMBIAN32__) || defined(__INTEGRITY) || \
+ defined(ANDROID) || defined(__ANDROID__) || defined(__OpenBSD__) || \
+ (defined(__FreeBSD_version) && (__FreeBSD_version < 800000))
+#include <sys/select.h>
+#endif
+
+#if !defined(WIN32) && !defined(_WIN32_WCE)
+#include <sys/socket.h>
+#endif
+
+#if !defined(WIN32) && !defined(__WATCOMC__) && !defined(__VXWORKS__)
+#include <sys/time.h>
+#endif
+
+#ifdef __BEOS__
+#include <support/SupportDefs.h>
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(BUILDING_LIBCURL) || defined(CURL_STRICTER)
+typedef struct Curl_easy CURL;
+typedef struct Curl_share CURLSH;
+#else
+typedef void CURL;
+typedef void CURLSH;
+#endif
+
+/*
+ * libcurl external API function linkage decorations.
+ */
+
+#ifdef CURL_STATICLIB
+# define CURL_EXTERN
+#elif defined(WIN32) || defined(_WIN32) || defined(__SYMBIAN32__)
+# if defined(BUILDING_LIBCURL)
+# define CURL_EXTERN __declspec(dllexport)
+# else
+# define CURL_EXTERN __declspec(dllimport)
+# endif
+#elif defined(BUILDING_LIBCURL) && defined(CURL_HIDDEN_SYMBOLS)
+# define CURL_EXTERN CURL_EXTERN_SYMBOL
+#else
+# define CURL_EXTERN
+#endif
+
+#ifndef curl_socket_typedef
+/* socket typedef */
+#if defined(WIN32) && !defined(__LWIP_OPT_H__) && !defined(LWIP_HDR_OPT_H)
+typedef SOCKET curl_socket_t;
+#define CURL_SOCKET_BAD INVALID_SOCKET
+#else
+typedef int curl_socket_t;
+#define CURL_SOCKET_BAD -1
+#endif
+#define curl_socket_typedef
+#endif /* curl_socket_typedef */
+
+struct curl_httppost {
+ struct curl_httppost *next; /* next entry in the list */
+ char *name; /* pointer to allocated name */
+ long namelength; /* length of name length */
+ char *contents; /* pointer to allocated data contents */
+ long contentslength; /* length of contents field, see also
+ CURL_HTTPPOST_LARGE */
+ char *buffer; /* pointer to allocated buffer contents */
+ long bufferlength; /* length of buffer field */
+ char *contenttype; /* Content-Type */
+ struct curl_slist *contentheader; /* list of extra headers for this form */
+ struct curl_httppost *more; /* if one field name has more than one
+ file, this link should link to following
+ files */
+ long flags; /* as defined below */
+
+/* specified content is a file name */
+#define CURL_HTTPPOST_FILENAME (1<<0)
+/* specified content is a file name */
+#define CURL_HTTPPOST_READFILE (1<<1)
+/* name is only stored pointer do not free in formfree */
+#define CURL_HTTPPOST_PTRNAME (1<<2)
+/* contents is only stored pointer do not free in formfree */
+#define CURL_HTTPPOST_PTRCONTENTS (1<<3)
+/* upload file from buffer */
+#define CURL_HTTPPOST_BUFFER (1<<4)
+/* upload file from pointer contents */
+#define CURL_HTTPPOST_PTRBUFFER (1<<5)
+/* upload file contents by using the regular read callback to get the data and
+ pass the given pointer as custom pointer */
+#define CURL_HTTPPOST_CALLBACK (1<<6)
+/* use size in 'contentlen', added in 7.46.0 */
+#define CURL_HTTPPOST_LARGE (1<<7)
+
+ char *showfilename; /* The file name to show. If not set, the
+ actual file name will be used (if this
+ is a file part) */
+ void *userp; /* custom pointer used for
+ HTTPPOST_CALLBACK posts */
+ curl_off_t contentlen; /* alternative length of contents
+ field. Used if CURL_HTTPPOST_LARGE is
+ set. Added in 7.46.0 */
+};
+
+/* This is the CURLOPT_PROGRESSFUNCTION callback proto. It is now considered
+ deprecated but was the only choice up until 7.31.0 */
+typedef int (*curl_progress_callback)(void *clientp,
+ double dltotal,
+ double dlnow,
+ double ultotal,
+ double ulnow);
+
+/* This is the CURLOPT_XFERINFOFUNCTION callback proto. It was introduced in
+ 7.32.0, it avoids floating point and provides more detailed information. */
+typedef int (*curl_xferinfo_callback)(void *clientp,
+ curl_off_t dltotal,
+ curl_off_t dlnow,
+ curl_off_t ultotal,
+ curl_off_t ulnow);
+
+#ifndef CURL_MAX_READ_SIZE
+ /* The maximum receive buffer size configurable via CURLOPT_BUFFERSIZE. */
+#define CURL_MAX_READ_SIZE 524288
+#endif
+
+#ifndef CURL_MAX_WRITE_SIZE
+ /* Tests have proven that 20K is a very bad buffer size for uploads on
+ Windows, while 16K for some odd reason performed a lot better.
+ We do the ifndef check to allow this value to easier be changed at build
+ time for those who feel adventurous. The practical minimum is about
+ 400 bytes since libcurl uses a buffer of this size as a scratch area
+ (unrelated to network send operations). */
+#define CURL_MAX_WRITE_SIZE 16384
+#endif
+
+#ifndef CURL_MAX_HTTP_HEADER
+/* The only reason to have a max limit for this is to avoid the risk of a bad
+ server feeding libcurl with a never-ending header that will cause reallocs
+ infinitely */
+#define CURL_MAX_HTTP_HEADER (100*1024)
+#endif
+
+/* This is a magic return code for the write callback that, when returned,
+ will signal libcurl to pause receiving on the current transfer. */
+#define CURL_WRITEFUNC_PAUSE 0x10000001
+
+typedef size_t (*curl_write_callback)(char *buffer,
+ size_t size,
+ size_t nitems,
+ void *outstream);
+
+
+
+/* enumeration of file types */
+typedef enum {
+ CURLFILETYPE_FILE = 0,
+ CURLFILETYPE_DIRECTORY,
+ CURLFILETYPE_SYMLINK,
+ CURLFILETYPE_DEVICE_BLOCK,
+ CURLFILETYPE_DEVICE_CHAR,
+ CURLFILETYPE_NAMEDPIPE,
+ CURLFILETYPE_SOCKET,
+ CURLFILETYPE_DOOR, /* is possible only on Sun Solaris now */
+
+ CURLFILETYPE_UNKNOWN /* should never occur */
+} curlfiletype;
+
+#define CURLFINFOFLAG_KNOWN_FILENAME (1<<0)
+#define CURLFINFOFLAG_KNOWN_FILETYPE (1<<1)
+#define CURLFINFOFLAG_KNOWN_TIME (1<<2)
+#define CURLFINFOFLAG_KNOWN_PERM (1<<3)
+#define CURLFINFOFLAG_KNOWN_UID (1<<4)
+#define CURLFINFOFLAG_KNOWN_GID (1<<5)
+#define CURLFINFOFLAG_KNOWN_SIZE (1<<6)
+#define CURLFINFOFLAG_KNOWN_HLINKCOUNT (1<<7)
+
+/* Content of this structure depends on information which is known and is
+ achievable (e.g. by FTP LIST parsing). Please see the url_easy_setopt(3) man
+ page for callbacks returning this structure -- some fields are mandatory,
+ some others are optional. The FLAG field has special meaning. */
+struct curl_fileinfo {
+ char *filename;
+ curlfiletype filetype;
+ time_t time;
+ unsigned int perm;
+ int uid;
+ int gid;
+ curl_off_t size;
+ long int hardlinks;
+
+ struct {
+ /* If some of these fields is not NULL, it is a pointer to b_data. */
+ char *time;
+ char *perm;
+ char *user;
+ char *group;
+ char *target; /* pointer to the target filename of a symlink */
+ } strings;
+
+ unsigned int flags;
+
+ /* used internally */
+ char *b_data;
+ size_t b_size;
+ size_t b_used;
+};
+
+/* return codes for CURLOPT_CHUNK_BGN_FUNCTION */
+#define CURL_CHUNK_BGN_FUNC_OK 0
+#define CURL_CHUNK_BGN_FUNC_FAIL 1 /* tell the lib to end the task */
+#define CURL_CHUNK_BGN_FUNC_SKIP 2 /* skip this chunk over */
+
+/* if splitting of data transfer is enabled, this callback is called before
+ download of an individual chunk started. Note that parameter "remains" works
+ only for FTP wildcard downloading (for now), otherwise is not used */
+typedef long (*curl_chunk_bgn_callback)(const void *transfer_info,
+ void *ptr,
+ int remains);
+
+/* return codes for CURLOPT_CHUNK_END_FUNCTION */
+#define CURL_CHUNK_END_FUNC_OK 0
+#define CURL_CHUNK_END_FUNC_FAIL 1 /* tell the lib to end the task */
+
+/* If splitting of data transfer is enabled this callback is called after
+ download of an individual chunk finished.
+ Note! After this callback was set then it have to be called FOR ALL chunks.
+ Even if downloading of this chunk was skipped in CHUNK_BGN_FUNC.
+ This is the reason why we don't need "transfer_info" parameter in this
+ callback and we are not interested in "remains" parameter too. */
+typedef long (*curl_chunk_end_callback)(void *ptr);
+
+/* return codes for FNMATCHFUNCTION */
+#define CURL_FNMATCHFUNC_MATCH 0 /* string corresponds to the pattern */
+#define CURL_FNMATCHFUNC_NOMATCH 1 /* pattern doesn't match the string */
+#define CURL_FNMATCHFUNC_FAIL 2 /* an error occurred */
+
+/* callback type for wildcard downloading pattern matching. If the
+ string matches the pattern, return CURL_FNMATCHFUNC_MATCH value, etc. */
+typedef int (*curl_fnmatch_callback)(void *ptr,
+ const char *pattern,
+ const char *string);
+
+/* These are the return codes for the seek callbacks */
+#define CURL_SEEKFUNC_OK 0
+#define CURL_SEEKFUNC_FAIL 1 /* fail the entire transfer */
+#define CURL_SEEKFUNC_CANTSEEK 2 /* tell libcurl seeking can't be done, so
+ libcurl might try other means instead */
+typedef int (*curl_seek_callback)(void *instream,
+ curl_off_t offset,
+ int origin); /* 'whence' */
+
+/* This is a return code for the read callback that, when returned, will
+ signal libcurl to immediately abort the current transfer. */
+#define CURL_READFUNC_ABORT 0x10000000
+/* This is a return code for the read callback that, when returned, will
+ signal libcurl to pause sending data on the current transfer. */
+#define CURL_READFUNC_PAUSE 0x10000001
+
+typedef size_t (*curl_read_callback)(char *buffer,
+ size_t size,
+ size_t nitems,
+ void *instream);
+
+typedef enum {
+ CURLSOCKTYPE_IPCXN, /* socket created for a specific IP connection */
+ CURLSOCKTYPE_ACCEPT, /* socket created by accept() call */
+ CURLSOCKTYPE_LAST /* never use */
+} curlsocktype;
+
+/* The return code from the sockopt_callback can signal information back
+ to libcurl: */
+#define CURL_SOCKOPT_OK 0
+#define CURL_SOCKOPT_ERROR 1 /* causes libcurl to abort and return
+ CURLE_ABORTED_BY_CALLBACK */
+#define CURL_SOCKOPT_ALREADY_CONNECTED 2
+
+typedef int (*curl_sockopt_callback)(void *clientp,
+ curl_socket_t curlfd,
+ curlsocktype purpose);
+
+struct curl_sockaddr {
+ int family;
+ int socktype;
+ int protocol;
+ unsigned int addrlen; /* addrlen was a socklen_t type before 7.18.0 but it
+ turned really ugly and painful on the systems that
+ lack this type */
+ struct sockaddr addr;
+};
+
+typedef curl_socket_t
+(*curl_opensocket_callback)(void *clientp,
+ curlsocktype purpose,
+ struct curl_sockaddr *address);
+
+typedef int
+(*curl_closesocket_callback)(void *clientp, curl_socket_t item);
+
+typedef enum {
+ CURLIOE_OK, /* I/O operation successful */
+ CURLIOE_UNKNOWNCMD, /* command was unknown to callback */
+ CURLIOE_FAILRESTART, /* failed to restart the read */
+ CURLIOE_LAST /* never use */
+} curlioerr;
+
+typedef enum {
+ CURLIOCMD_NOP, /* no operation */
+ CURLIOCMD_RESTARTREAD, /* restart the read stream from start */
+ CURLIOCMD_LAST /* never use */
+} curliocmd;
+
+typedef curlioerr (*curl_ioctl_callback)(CURL *handle,
+ int cmd,
+ void *clientp);
+
+#ifndef CURL_DID_MEMORY_FUNC_TYPEDEFS
+/*
+ * The following typedef's are signatures of malloc, free, realloc, strdup and
+ * calloc respectively. Function pointers of these types can be passed to the
+ * curl_global_init_mem() function to set user defined memory management
+ * callback routines.
+ */
+typedef void *(*curl_malloc_callback)(size_t size);
+typedef void (*curl_free_callback)(void *ptr);
+typedef void *(*curl_realloc_callback)(void *ptr, size_t size);
+typedef char *(*curl_strdup_callback)(const char *str);
+typedef void *(*curl_calloc_callback)(size_t nmemb, size_t size);
+
+#define CURL_DID_MEMORY_FUNC_TYPEDEFS
+#endif
+
+/* the kind of data that is passed to information_callback*/
+typedef enum {
+ CURLINFO_TEXT = 0,
+ CURLINFO_HEADER_IN, /* 1 */
+ CURLINFO_HEADER_OUT, /* 2 */
+ CURLINFO_DATA_IN, /* 3 */
+ CURLINFO_DATA_OUT, /* 4 */
+ CURLINFO_SSL_DATA_IN, /* 5 */
+ CURLINFO_SSL_DATA_OUT, /* 6 */
+ CURLINFO_END
+} curl_infotype;
+
+typedef int (*curl_debug_callback)
+ (CURL *handle, /* the handle/transfer this concerns */
+ curl_infotype type, /* what kind of data */
+ char *data, /* points to the data */
+ size_t size, /* size of the data pointed to */
+ void *userptr); /* whatever the user please */
+
+/* All possible error codes from all sorts of curl functions. Future versions
+ may return other values, stay prepared.
+
+ Always add new return codes last. Never *EVER* remove any. The return
+ codes must remain the same!
+ */
+
+typedef enum {
+ CURLE_OK = 0,
+ CURLE_UNSUPPORTED_PROTOCOL, /* 1 */
+ CURLE_FAILED_INIT, /* 2 */
+ CURLE_URL_MALFORMAT, /* 3 */
+ CURLE_NOT_BUILT_IN, /* 4 - [was obsoleted in August 2007 for
+ 7.17.0, reused in April 2011 for 7.21.5] */
+ CURLE_COULDNT_RESOLVE_PROXY, /* 5 */
+ CURLE_COULDNT_RESOLVE_HOST, /* 6 */
+ CURLE_COULDNT_CONNECT, /* 7 */
+ CURLE_WEIRD_SERVER_REPLY, /* 8 */
+ CURLE_REMOTE_ACCESS_DENIED, /* 9 a service was denied by the server
+ due to lack of access - when login fails
+ this is not returned. */
+ CURLE_FTP_ACCEPT_FAILED, /* 10 - [was obsoleted in April 2006 for
+ 7.15.4, reused in Dec 2011 for 7.24.0]*/
+ CURLE_FTP_WEIRD_PASS_REPLY, /* 11 */
+ CURLE_FTP_ACCEPT_TIMEOUT, /* 12 - timeout occurred accepting server
+ [was obsoleted in August 2007 for 7.17.0,
+ reused in Dec 2011 for 7.24.0]*/
+ CURLE_FTP_WEIRD_PASV_REPLY, /* 13 */
+ CURLE_FTP_WEIRD_227_FORMAT, /* 14 */
+ CURLE_FTP_CANT_GET_HOST, /* 15 */
+ CURLE_HTTP2, /* 16 - A problem in the http2 framing layer.
+ [was obsoleted in August 2007 for 7.17.0,
+ reused in July 2014 for 7.38.0] */
+ CURLE_FTP_COULDNT_SET_TYPE, /* 17 */
+ CURLE_PARTIAL_FILE, /* 18 */
+ CURLE_FTP_COULDNT_RETR_FILE, /* 19 */
+ CURLE_OBSOLETE20, /* 20 - NOT USED */
+ CURLE_QUOTE_ERROR, /* 21 - quote command failure */
+ CURLE_HTTP_RETURNED_ERROR, /* 22 */
+ CURLE_WRITE_ERROR, /* 23 */
+ CURLE_OBSOLETE24, /* 24 - NOT USED */
+ CURLE_UPLOAD_FAILED, /* 25 - failed upload "command" */
+ CURLE_READ_ERROR, /* 26 - couldn't open/read from file */
+ CURLE_OUT_OF_MEMORY, /* 27 */
+ /* Note: CURLE_OUT_OF_MEMORY may sometimes indicate a conversion error
+ instead of a memory allocation error if CURL_DOES_CONVERSIONS
+ is defined
+ */
+ CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was reached */
+ CURLE_OBSOLETE29, /* 29 - NOT USED */
+ CURLE_FTP_PORT_FAILED, /* 30 - FTP PORT operation failed */
+ CURLE_FTP_COULDNT_USE_REST, /* 31 - the REST command failed */
+ CURLE_OBSOLETE32, /* 32 - NOT USED */
+ CURLE_RANGE_ERROR, /* 33 - RANGE "command" didn't work */
+ CURLE_HTTP_POST_ERROR, /* 34 */
+ CURLE_SSL_CONNECT_ERROR, /* 35 - wrong when connecting with SSL */
+ CURLE_BAD_DOWNLOAD_RESUME, /* 36 - couldn't resume download */
+ CURLE_FILE_COULDNT_READ_FILE, /* 37 */
+ CURLE_LDAP_CANNOT_BIND, /* 38 */
+ CURLE_LDAP_SEARCH_FAILED, /* 39 */
+ CURLE_OBSOLETE40, /* 40 - NOT USED */
+ CURLE_FUNCTION_NOT_FOUND, /* 41 - NOT USED starting with 7.53.0 */
+ CURLE_ABORTED_BY_CALLBACK, /* 42 */
+ CURLE_BAD_FUNCTION_ARGUMENT, /* 43 */
+ CURLE_OBSOLETE44, /* 44 - NOT USED */
+ CURLE_INTERFACE_FAILED, /* 45 - CURLOPT_INTERFACE failed */
+ CURLE_OBSOLETE46, /* 46 - NOT USED */
+ CURLE_TOO_MANY_REDIRECTS, /* 47 - catch endless re-direct loops */
+ CURLE_UNKNOWN_OPTION, /* 48 - User specified an unknown option */
+ CURLE_TELNET_OPTION_SYNTAX, /* 49 - Malformed telnet option */
+ CURLE_OBSOLETE50, /* 50 - NOT USED */
+ CURLE_PEER_FAILED_VERIFICATION, /* 51 - peer's certificate or fingerprint
+ wasn't verified fine */
+ CURLE_GOT_NOTHING, /* 52 - when this is a specific error */
+ CURLE_SSL_ENGINE_NOTFOUND, /* 53 - SSL crypto engine not found */
+ CURLE_SSL_ENGINE_SETFAILED, /* 54 - can not set SSL crypto engine as
+ default */
+ CURLE_SEND_ERROR, /* 55 - failed sending network data */
+ CURLE_RECV_ERROR, /* 56 - failure in receiving network data */
+ CURLE_OBSOLETE57, /* 57 - NOT IN USE */
+ CURLE_SSL_CERTPROBLEM, /* 58 - problem with the local certificate */
+ CURLE_SSL_CIPHER, /* 59 - couldn't use specified cipher */
+ CURLE_SSL_CACERT, /* 60 - problem with the CA cert (path?) */
+ CURLE_BAD_CONTENT_ENCODING, /* 61 - Unrecognized/bad encoding */
+ CURLE_LDAP_INVALID_URL, /* 62 - Invalid LDAP URL */
+ CURLE_FILESIZE_EXCEEDED, /* 63 - Maximum file size exceeded */
+ CURLE_USE_SSL_FAILED, /* 64 - Requested FTP SSL level failed */
+ CURLE_SEND_FAIL_REWIND, /* 65 - Sending the data requires a rewind
+ that failed */
+ CURLE_SSL_ENGINE_INITFAILED, /* 66 - failed to initialise ENGINE */
+ CURLE_LOGIN_DENIED, /* 67 - user, password or similar was not
+ accepted and we failed to login */
+ CURLE_TFTP_NOTFOUND, /* 68 - file not found on server */
+ CURLE_TFTP_PERM, /* 69 - permission problem on server */
+ CURLE_REMOTE_DISK_FULL, /* 70 - out of disk space on server */
+ CURLE_TFTP_ILLEGAL, /* 71 - Illegal TFTP operation */
+ CURLE_TFTP_UNKNOWNID, /* 72 - Unknown transfer ID */
+ CURLE_REMOTE_FILE_EXISTS, /* 73 - File already exists */
+ CURLE_TFTP_NOSUCHUSER, /* 74 - No such user */
+ CURLE_CONV_FAILED, /* 75 - conversion failed */
+ CURLE_CONV_REQD, /* 76 - caller must register conversion
+ callbacks using curl_easy_setopt options
+ CURLOPT_CONV_FROM_NETWORK_FUNCTION,
+ CURLOPT_CONV_TO_NETWORK_FUNCTION, and
+ CURLOPT_CONV_FROM_UTF8_FUNCTION */
+ CURLE_SSL_CACERT_BADFILE, /* 77 - could not load CACERT file, missing
+ or wrong format */
+ CURLE_REMOTE_FILE_NOT_FOUND, /* 78 - remote file not found */
+ CURLE_SSH, /* 79 - error from the SSH layer, somewhat
+ generic so the error message will be of
+ interest when this has happened */
+
+ CURLE_SSL_SHUTDOWN_FAILED, /* 80 - Failed to shut down the SSL
+ connection */
+ CURLE_AGAIN, /* 81 - socket is not ready for send/recv,
+ wait till it's ready and try again (Added
+ in 7.18.2) */
+ CURLE_SSL_CRL_BADFILE, /* 82 - could not load CRL file, missing or
+ wrong format (Added in 7.19.0) */
+ CURLE_SSL_ISSUER_ERROR, /* 83 - Issuer check failed. (Added in
+ 7.19.0) */
+ CURLE_FTP_PRET_FAILED, /* 84 - a PRET command failed */
+ CURLE_RTSP_CSEQ_ERROR, /* 85 - mismatch of RTSP CSeq numbers */
+ CURLE_RTSP_SESSION_ERROR, /* 86 - mismatch of RTSP Session Ids */
+ CURLE_FTP_BAD_FILE_LIST, /* 87 - unable to parse FTP file list */
+ CURLE_CHUNK_FAILED, /* 88 - chunk callback reported error */
+ CURLE_NO_CONNECTION_AVAILABLE, /* 89 - No connection available, the
+ session will be queued */
+ CURLE_SSL_PINNEDPUBKEYNOTMATCH, /* 90 - specified pinned public key did not
+ match */
+ CURLE_SSL_INVALIDCERTSTATUS, /* 91 - invalid certificate status */
+ CURLE_HTTP2_STREAM, /* 92 - stream error in HTTP/2 framing layer
+ */
+ CURL_LAST /* never use! */
+} CURLcode;
+
+#ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
+ the obsolete stuff removed! */
+
+/* Previously obsolete error code re-used in 7.38.0 */
+#define CURLE_OBSOLETE16 CURLE_HTTP2
+
+/* Previously obsolete error codes re-used in 7.24.0 */
+#define CURLE_OBSOLETE10 CURLE_FTP_ACCEPT_FAILED
+#define CURLE_OBSOLETE12 CURLE_FTP_ACCEPT_TIMEOUT
+
+/* compatibility with older names */
+#define CURLOPT_ENCODING CURLOPT_ACCEPT_ENCODING
+#define CURLE_FTP_WEIRD_SERVER_REPLY CURLE_WEIRD_SERVER_REPLY
+
+/* The following were added in 7.21.5, April 2011 */
+#define CURLE_UNKNOWN_TELNET_OPTION CURLE_UNKNOWN_OPTION
+
+/* The following were added in 7.17.1 */
+/* These are scheduled to disappear by 2009 */
+#define CURLE_SSL_PEER_CERTIFICATE CURLE_PEER_FAILED_VERIFICATION
+
+/* The following were added in 7.17.0 */
+/* These are scheduled to disappear by 2009 */
+#define CURLE_OBSOLETE CURLE_OBSOLETE50 /* no one should be using this! */
+#define CURLE_BAD_PASSWORD_ENTERED CURLE_OBSOLETE46
+#define CURLE_BAD_CALLING_ORDER CURLE_OBSOLETE44
+#define CURLE_FTP_USER_PASSWORD_INCORRECT CURLE_OBSOLETE10
+#define CURLE_FTP_CANT_RECONNECT CURLE_OBSOLETE16
+#define CURLE_FTP_COULDNT_GET_SIZE CURLE_OBSOLETE32
+#define CURLE_FTP_COULDNT_SET_ASCII CURLE_OBSOLETE29
+#define CURLE_FTP_WEIRD_USER_REPLY CURLE_OBSOLETE12
+#define CURLE_FTP_WRITE_ERROR CURLE_OBSOLETE20
+#define CURLE_LIBRARY_NOT_FOUND CURLE_OBSOLETE40
+#define CURLE_MALFORMAT_USER CURLE_OBSOLETE24
+#define CURLE_SHARE_IN_USE CURLE_OBSOLETE57
+#define CURLE_URL_MALFORMAT_USER CURLE_NOT_BUILT_IN
+
+#define CURLE_FTP_ACCESS_DENIED CURLE_REMOTE_ACCESS_DENIED
+#define CURLE_FTP_COULDNT_SET_BINARY CURLE_FTP_COULDNT_SET_TYPE
+#define CURLE_FTP_QUOTE_ERROR CURLE_QUOTE_ERROR
+#define CURLE_TFTP_DISKFULL CURLE_REMOTE_DISK_FULL
+#define CURLE_TFTP_EXISTS CURLE_REMOTE_FILE_EXISTS
+#define CURLE_HTTP_RANGE_ERROR CURLE_RANGE_ERROR
+#define CURLE_FTP_SSL_FAILED CURLE_USE_SSL_FAILED
+
+/* The following were added earlier */
+
+#define CURLE_OPERATION_TIMEOUTED CURLE_OPERATION_TIMEDOUT
+
+#define CURLE_HTTP_NOT_FOUND CURLE_HTTP_RETURNED_ERROR
+#define CURLE_HTTP_PORT_FAILED CURLE_INTERFACE_FAILED
+#define CURLE_FTP_COULDNT_STOR_FILE CURLE_UPLOAD_FAILED
+
+#define CURLE_FTP_PARTIAL_FILE CURLE_PARTIAL_FILE
+#define CURLE_FTP_BAD_DOWNLOAD_RESUME CURLE_BAD_DOWNLOAD_RESUME
+
+/* This was the error code 50 in 7.7.3 and a few earlier versions, this
+ is no longer used by libcurl but is instead #defined here only to not
+ make programs break */
+#define CURLE_ALREADY_COMPLETE 99999
+
+/* Provide defines for really old option names */
+#define CURLOPT_FILE CURLOPT_WRITEDATA /* name changed in 7.9.7 */
+#define CURLOPT_INFILE CURLOPT_READDATA /* name changed in 7.9.7 */
+#define CURLOPT_WRITEHEADER CURLOPT_HEADERDATA
+
+/* Since long deprecated options with no code in the lib that does anything
+ with them. */
+#define CURLOPT_WRITEINFO CURLOPT_OBSOLETE40
+#define CURLOPT_CLOSEPOLICY CURLOPT_OBSOLETE72
+
+#endif /*!CURL_NO_OLDIES*/
+
+/* This prototype applies to all conversion callbacks */
+typedef CURLcode (*curl_conv_callback)(char *buffer, size_t length);
+
+typedef CURLcode (*curl_ssl_ctx_callback)(CURL *curl, /* easy handle */
+ void *ssl_ctx, /* actually an
+ OpenSSL SSL_CTX */
+ void *userptr);
+
+typedef enum {
+ CURLPROXY_HTTP = 0, /* added in 7.10, new in 7.19.4 default is to use
+ CONNECT HTTP/1.1 */
+ CURLPROXY_HTTP_1_0 = 1, /* added in 7.19.4, force to use CONNECT
+ HTTP/1.0 */
+ CURLPROXY_HTTPS = 2, /* added in 7.52.0 */
+ CURLPROXY_SOCKS4 = 4, /* support added in 7.15.2, enum existed already
+ in 7.10 */
+ CURLPROXY_SOCKS5 = 5, /* added in 7.10 */
+ CURLPROXY_SOCKS4A = 6, /* added in 7.18.0 */
+ CURLPROXY_SOCKS5_HOSTNAME = 7 /* Use the SOCKS5 protocol but pass along the
+ host name rather than the IP address. added
+ in 7.18.0 */
+} curl_proxytype; /* this enum was added in 7.10 */
+
+/*
+ * Bitmasks for CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH options:
+ *
+ * CURLAUTH_NONE - No HTTP authentication
+ * CURLAUTH_BASIC - HTTP Basic authentication (default)
+ * CURLAUTH_DIGEST - HTTP Digest authentication
+ * CURLAUTH_NEGOTIATE - HTTP Negotiate (SPNEGO) authentication
+ * CURLAUTH_GSSNEGOTIATE - Alias for CURLAUTH_NEGOTIATE (deprecated)
+ * CURLAUTH_NTLM - HTTP NTLM authentication
+ * CURLAUTH_DIGEST_IE - HTTP Digest authentication with IE flavour
+ * CURLAUTH_NTLM_WB - HTTP NTLM authentication delegated to winbind helper
+ * CURLAUTH_ONLY - Use together with a single other type to force no
+ * authentication or just that single type
+ * CURLAUTH_ANY - All fine types set
+ * CURLAUTH_ANYSAFE - All fine types except Basic
+ */
+
+#define CURLAUTH_NONE ((unsigned long)0)
+#define CURLAUTH_BASIC (((unsigned long)1)<<0)
+#define CURLAUTH_DIGEST (((unsigned long)1)<<1)
+#define CURLAUTH_NEGOTIATE (((unsigned long)1)<<2)
+/* Deprecated since the advent of CURLAUTH_NEGOTIATE */
+#define CURLAUTH_GSSNEGOTIATE CURLAUTH_NEGOTIATE
+/* Used for CURLOPT_SOCKS5_AUTH to stay terminologically correct */
+#define CURLAUTH_GSSAPI CURLAUTH_NEGOTIATE
+#define CURLAUTH_NTLM (((unsigned long)1)<<3)
+#define CURLAUTH_DIGEST_IE (((unsigned long)1)<<4)
+#define CURLAUTH_NTLM_WB (((unsigned long)1)<<5)
+#define CURLAUTH_ONLY (((unsigned long)1)<<31)
+#define CURLAUTH_ANY (~CURLAUTH_DIGEST_IE)
+#define CURLAUTH_ANYSAFE (~(CURLAUTH_BASIC|CURLAUTH_DIGEST_IE))
+
+#define CURLSSH_AUTH_ANY ~0 /* all types supported by the server */
+#define CURLSSH_AUTH_NONE 0 /* none allowed, silly but complete */
+#define CURLSSH_AUTH_PUBLICKEY (1<<0) /* public/private key files */
+#define CURLSSH_AUTH_PASSWORD (1<<1) /* password */
+#define CURLSSH_AUTH_HOST (1<<2) /* host key files */
+#define CURLSSH_AUTH_KEYBOARD (1<<3) /* keyboard interactive */
+#define CURLSSH_AUTH_AGENT (1<<4) /* agent (ssh-agent, pageant...) */
+#define CURLSSH_AUTH_DEFAULT CURLSSH_AUTH_ANY
+
+#define CURLGSSAPI_DELEGATION_NONE 0 /* no delegation (default) */
+#define CURLGSSAPI_DELEGATION_POLICY_FLAG (1<<0) /* if permitted by policy */
+#define CURLGSSAPI_DELEGATION_FLAG (1<<1) /* delegate always */
+
+#define CURL_ERROR_SIZE 256
+
+enum curl_khtype {
+ CURLKHTYPE_UNKNOWN,
+ CURLKHTYPE_RSA1,
+ CURLKHTYPE_RSA,
+ CURLKHTYPE_DSS
+};
+
+struct curl_khkey {
+ const char *key; /* points to a zero-terminated string encoded with base64
+ if len is zero, otherwise to the "raw" data */
+ size_t len;
+ enum curl_khtype keytype;
+};
+
+/* this is the set of return values expected from the curl_sshkeycallback
+ callback */
+enum curl_khstat {
+ CURLKHSTAT_FINE_ADD_TO_FILE,
+ CURLKHSTAT_FINE,
+ CURLKHSTAT_REJECT, /* reject the connection, return an error */
+ CURLKHSTAT_DEFER, /* do not accept it, but we can't answer right now so
+ this causes a CURLE_DEFER error but otherwise the
+ connection will be left intact etc */
+ CURLKHSTAT_LAST /* not for use, only a marker for last-in-list */
+};
+
+/* this is the set of status codes pass in to the callback */
+enum curl_khmatch {
+ CURLKHMATCH_OK, /* match */
+ CURLKHMATCH_MISMATCH, /* host found, key mismatch! */
+ CURLKHMATCH_MISSING, /* no matching host/key found */
+ CURLKHMATCH_LAST /* not for use, only a marker for last-in-list */
+};
+
+typedef int
+ (*curl_sshkeycallback) (CURL *easy, /* easy handle */
+ const struct curl_khkey *knownkey, /* known */
+ const struct curl_khkey *foundkey, /* found */
+ enum curl_khmatch, /* libcurl's view on the keys */
+ void *clientp); /* custom pointer passed from app */
+
+/* parameter for the CURLOPT_USE_SSL option */
+typedef enum {
+ CURLUSESSL_NONE, /* do not attempt to use SSL */
+ CURLUSESSL_TRY, /* try using SSL, proceed anyway otherwise */
+ CURLUSESSL_CONTROL, /* SSL for the control connection or fail */
+ CURLUSESSL_ALL, /* SSL for all communication or fail */
+ CURLUSESSL_LAST /* not an option, never use */
+} curl_usessl;
+
+/* Definition of bits for the CURLOPT_SSL_OPTIONS argument: */
+
+/* - ALLOW_BEAST tells libcurl to allow the BEAST SSL vulnerability in the
+ name of improving interoperability with older servers. Some SSL libraries
+ have introduced work-arounds for this flaw but those work-arounds sometimes
+ make the SSL communication fail. To regain functionality with those broken
+ servers, a user can this way allow the vulnerability back. */
+#define CURLSSLOPT_ALLOW_BEAST (1<<0)
+
+/* - NO_REVOKE tells libcurl to disable certificate revocation checks for those
+ SSL backends where such behavior is present. */
+#define CURLSSLOPT_NO_REVOKE (1<<1)
+
+#ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
+ the obsolete stuff removed! */
+
+/* Backwards compatibility with older names */
+/* These are scheduled to disappear by 2009 */
+
+#define CURLFTPSSL_NONE CURLUSESSL_NONE
+#define CURLFTPSSL_TRY CURLUSESSL_TRY
+#define CURLFTPSSL_CONTROL CURLUSESSL_CONTROL
+#define CURLFTPSSL_ALL CURLUSESSL_ALL
+#define CURLFTPSSL_LAST CURLUSESSL_LAST
+#define curl_ftpssl curl_usessl
+#endif /*!CURL_NO_OLDIES*/
+
+/* parameter for the CURLOPT_FTP_SSL_CCC option */
+typedef enum {
+ CURLFTPSSL_CCC_NONE, /* do not send CCC */
+ CURLFTPSSL_CCC_PASSIVE, /* Let the server initiate the shutdown */
+ CURLFTPSSL_CCC_ACTIVE, /* Initiate the shutdown */
+ CURLFTPSSL_CCC_LAST /* not an option, never use */
+} curl_ftpccc;
+
+/* parameter for the CURLOPT_FTPSSLAUTH option */
+typedef enum {
+ CURLFTPAUTH_DEFAULT, /* let libcurl decide */
+ CURLFTPAUTH_SSL, /* use "AUTH SSL" */
+ CURLFTPAUTH_TLS, /* use "AUTH TLS" */
+ CURLFTPAUTH_LAST /* not an option, never use */
+} curl_ftpauth;
+
+/* parameter for the CURLOPT_FTP_CREATE_MISSING_DIRS option */
+typedef enum {
+ CURLFTP_CREATE_DIR_NONE, /* do NOT create missing dirs! */
+ CURLFTP_CREATE_DIR, /* (FTP/SFTP) if CWD fails, try MKD and then CWD
+ again if MKD succeeded, for SFTP this does
+ similar magic */
+ CURLFTP_CREATE_DIR_RETRY, /* (FTP only) if CWD fails, try MKD and then CWD
+ again even if MKD failed! */
+ CURLFTP_CREATE_DIR_LAST /* not an option, never use */
+} curl_ftpcreatedir;
+
+/* parameter for the CURLOPT_FTP_FILEMETHOD option */
+typedef enum {
+ CURLFTPMETHOD_DEFAULT, /* let libcurl pick */
+ CURLFTPMETHOD_MULTICWD, /* single CWD operation for each path part */
+ CURLFTPMETHOD_NOCWD, /* no CWD at all */
+ CURLFTPMETHOD_SINGLECWD, /* one CWD to full dir, then work on file */
+ CURLFTPMETHOD_LAST /* not an option, never use */
+} curl_ftpmethod;
+
+/* bitmask defines for CURLOPT_HEADEROPT */
+#define CURLHEADER_UNIFIED 0
+#define CURLHEADER_SEPARATE (1<<0)
+
+/* CURLPROTO_ defines are for the CURLOPT_*PROTOCOLS options */
+#define CURLPROTO_HTTP (1<<0)
+#define CURLPROTO_HTTPS (1<<1)
+#define CURLPROTO_FTP (1<<2)
+#define CURLPROTO_FTPS (1<<3)
+#define CURLPROTO_SCP (1<<4)
+#define CURLPROTO_SFTP (1<<5)
+#define CURLPROTO_TELNET (1<<6)
+#define CURLPROTO_LDAP (1<<7)
+#define CURLPROTO_LDAPS (1<<8)
+#define CURLPROTO_DICT (1<<9)
+#define CURLPROTO_FILE (1<<10)
+#define CURLPROTO_TFTP (1<<11)
+#define CURLPROTO_IMAP (1<<12)
+#define CURLPROTO_IMAPS (1<<13)
+#define CURLPROTO_POP3 (1<<14)
+#define CURLPROTO_POP3S (1<<15)
+#define CURLPROTO_SMTP (1<<16)
+#define CURLPROTO_SMTPS (1<<17)
+#define CURLPROTO_RTSP (1<<18)
+#define CURLPROTO_RTMP (1<<19)
+#define CURLPROTO_RTMPT (1<<20)
+#define CURLPROTO_RTMPE (1<<21)
+#define CURLPROTO_RTMPTE (1<<22)
+#define CURLPROTO_RTMPS (1<<23)
+#define CURLPROTO_RTMPTS (1<<24)
+#define CURLPROTO_GOPHER (1<<25)
+#define CURLPROTO_SMB (1<<26)
+#define CURLPROTO_SMBS (1<<27)
+#define CURLPROTO_ALL (~0) /* enable everything */
+
+/* long may be 32 or 64 bits, but we should never depend on anything else
+ but 32 */
+#define CURLOPTTYPE_LONG 0
+#define CURLOPTTYPE_OBJECTPOINT 10000
+#define CURLOPTTYPE_STRINGPOINT 10000
+#define CURLOPTTYPE_FUNCTIONPOINT 20000
+#define CURLOPTTYPE_OFF_T 30000
+
+/* *STRINGPOINT is an alias for OBJECTPOINT to allow tools to extract the
+ string options from the header file */
+
+/* name is uppercase CURLOPT_<name>,
+ type is one of the defined CURLOPTTYPE_<type>
+ number is unique identifier */
+#ifdef CINIT
+#undef CINIT
+#endif
+
+#ifdef CURL_ISOCPP
+#define CINIT(na,t,nu) CURLOPT_ ## na = CURLOPTTYPE_ ## t + nu
+#else
+/* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */
+#define LONG CURLOPTTYPE_LONG
+#define OBJECTPOINT CURLOPTTYPE_OBJECTPOINT
+#define STRINGPOINT CURLOPTTYPE_OBJECTPOINT
+#define FUNCTIONPOINT CURLOPTTYPE_FUNCTIONPOINT
+#define OFF_T CURLOPTTYPE_OFF_T
+#define CINIT(name,type,number) CURLOPT_/**/name = type + number
+#endif
+
+/*
+ * This macro-mania below setups the CURLOPT_[what] enum, to be used with
+ * curl_easy_setopt(). The first argument in the CINIT() macro is the [what]
+ * word.
+ */
+
+typedef enum {
+ /* This is the FILE * or void * the regular output should be written to. */
+ CINIT(WRITEDATA, OBJECTPOINT, 1),
+
+ /* The full URL to get/put */
+ CINIT(URL, STRINGPOINT, 2),
+
+ /* Port number to connect to, if other than default. */
+ CINIT(PORT, LONG, 3),
+
+ /* Name of proxy to use. */
+ CINIT(PROXY, STRINGPOINT, 4),
+
+ /* "user:password;options" to use when fetching. */
+ CINIT(USERPWD, STRINGPOINT, 5),
+
+ /* "user:password" to use with proxy. */
+ CINIT(PROXYUSERPWD, STRINGPOINT, 6),
+
+ /* Range to get, specified as an ASCII string. */
+ CINIT(RANGE, STRINGPOINT, 7),
+
+ /* not used */
+
+ /* Specified file stream to upload from (use as input): */
+ CINIT(READDATA, OBJECTPOINT, 9),
+
+ /* Buffer to receive error messages in, must be at least CURL_ERROR_SIZE
+ * bytes big. If this is not used, error messages go to stderr instead: */
+ CINIT(ERRORBUFFER, OBJECTPOINT, 10),
+
+ /* Function that will be called to store the output (instead of fwrite). The
+ * parameters will use fwrite() syntax, make sure to follow them. */
+ CINIT(WRITEFUNCTION, FUNCTIONPOINT, 11),
+
+ /* Function that will be called to read the input (instead of fread). The
+ * parameters will use fread() syntax, make sure to follow them. */
+ CINIT(READFUNCTION, FUNCTIONPOINT, 12),
+
+ /* Time-out the read operation after this amount of seconds */
+ CINIT(TIMEOUT, LONG, 13),
+
+ /* If the CURLOPT_INFILE is used, this can be used to inform libcurl about
+ * how large the file being sent really is. That allows better error
+ * checking and better verifies that the upload was successful. -1 means
+ * unknown size.
+ *
+ * For large file support, there is also a _LARGE version of the key
+ * which takes an off_t type, allowing platforms with larger off_t
+ * sizes to handle larger files. See below for INFILESIZE_LARGE.
+ */
+ CINIT(INFILESIZE, LONG, 14),
+
+ /* POST static input fields. */
+ CINIT(POSTFIELDS, OBJECTPOINT, 15),
+
+ /* Set the referrer page (needed by some CGIs) */
+ CINIT(REFERER, STRINGPOINT, 16),
+
+ /* Set the FTP PORT string (interface name, named or numerical IP address)
+ Use i.e '-' to use default address. */
+ CINIT(FTPPORT, STRINGPOINT, 17),
+
+ /* Set the User-Agent string (examined by some CGIs) */
+ CINIT(USERAGENT, STRINGPOINT, 18),
+
+ /* If the download receives less than "low speed limit" bytes/second
+ * during "low speed time" seconds, the operations is aborted.
+ * You could i.e if you have a pretty high speed connection, abort if
+ * it is less than 2000 bytes/sec during 20 seconds.
+ */
+
+ /* Set the "low speed limit" */
+ CINIT(LOW_SPEED_LIMIT, LONG, 19),
+
+ /* Set the "low speed time" */
+ CINIT(LOW_SPEED_TIME, LONG, 20),
+
+ /* Set the continuation offset.
+ *
+ * Note there is also a _LARGE version of this key which uses
+ * off_t types, allowing for large file offsets on platforms which
+ * use larger-than-32-bit off_t's. Look below for RESUME_FROM_LARGE.
+ */
+ CINIT(RESUME_FROM, LONG, 21),
+
+ /* Set cookie in request: */
+ CINIT(COOKIE, STRINGPOINT, 22),
+
+ /* This points to a linked list of headers, struct curl_slist kind. This
+ list is also used for RTSP (in spite of its name) */
+ CINIT(HTTPHEADER, OBJECTPOINT, 23),
+
+ /* This points to a linked list of post entries, struct curl_httppost */
+ CINIT(HTTPPOST, OBJECTPOINT, 24),
+
+ /* name of the file keeping your private SSL-certificate */
+ CINIT(SSLCERT, STRINGPOINT, 25),
+
+ /* password for the SSL or SSH private key */
+ CINIT(KEYPASSWD, STRINGPOINT, 26),
+
+ /* send TYPE parameter? */
+ CINIT(CRLF, LONG, 27),
+
+ /* send linked-list of QUOTE commands */
+ CINIT(QUOTE, OBJECTPOINT, 28),
+
+ /* send FILE * or void * to store headers to, if you use a callback it
+ is simply passed to the callback unmodified */
+ CINIT(HEADERDATA, OBJECTPOINT, 29),
+
+ /* point to a file to read the initial cookies from, also enables
+ "cookie awareness" */
+ CINIT(COOKIEFILE, STRINGPOINT, 31),
+
+ /* What version to specifically try to use.
+ See CURL_SSLVERSION defines below. */
+ CINIT(SSLVERSION, LONG, 32),
+
+ /* What kind of HTTP time condition to use, see defines */
+ CINIT(TIMECONDITION, LONG, 33),
+
+ /* Time to use with the above condition. Specified in number of seconds
+ since 1 Jan 1970 */
+ CINIT(TIMEVALUE, LONG, 34),
+
+ /* 35 = OBSOLETE */
+
+ /* Custom request, for customizing the get command like
+ HTTP: DELETE, TRACE and others
+ FTP: to use a different list command
+ */
+ CINIT(CUSTOMREQUEST, STRINGPOINT, 36),
+
+ /* FILE handle to use instead of stderr */
+ CINIT(STDERR, OBJECTPOINT, 37),
+
+ /* 38 is not used */
+
+ /* send linked-list of post-transfer QUOTE commands */
+ CINIT(POSTQUOTE, OBJECTPOINT, 39),
+
+ CINIT(OBSOLETE40, OBJECTPOINT, 40), /* OBSOLETE, do not use! */
+
+ CINIT(VERBOSE, LONG, 41), /* talk a lot */
+ CINIT(HEADER, LONG, 42), /* throw the header out too */
+ CINIT(NOPROGRESS, LONG, 43), /* shut off the progress meter */
+ CINIT(NOBODY, LONG, 44), /* use HEAD to get http document */
+ CINIT(FAILONERROR, LONG, 45), /* no output on http error codes >= 400 */
+ CINIT(UPLOAD, LONG, 46), /* this is an upload */
+ CINIT(POST, LONG, 47), /* HTTP POST method */
+ CINIT(DIRLISTONLY, LONG, 48), /* bare names when listing directories */
+
+ CINIT(APPEND, LONG, 50), /* Append instead of overwrite on upload! */
+
+ /* Specify whether to read the user+password from the .netrc or the URL.
+ * This must be one of the CURL_NETRC_* enums below. */
+ CINIT(NETRC, LONG, 51),
+
+ CINIT(FOLLOWLOCATION, LONG, 52), /* use Location: Luke! */
+
+ CINIT(TRANSFERTEXT, LONG, 53), /* transfer data in text/ASCII format */
+ CINIT(PUT, LONG, 54), /* HTTP PUT */
+
+ /* 55 = OBSOLETE */
+
+ /* DEPRECATED
+ * Function that will be called instead of the internal progress display
+ * function. This function should be defined as the curl_progress_callback
+ * prototype defines. */
+ CINIT(PROGRESSFUNCTION, FUNCTIONPOINT, 56),
+
+ /* Data passed to the CURLOPT_PROGRESSFUNCTION and CURLOPT_XFERINFOFUNCTION
+ callbacks */
+ CINIT(PROGRESSDATA, OBJECTPOINT, 57),
+#define CURLOPT_XFERINFODATA CURLOPT_PROGRESSDATA
+
+ /* We want the referrer field set automatically when following locations */
+ CINIT(AUTOREFERER, LONG, 58),
+
+ /* Port of the proxy, can be set in the proxy string as well with:
+ "[host]:[port]" */
+ CINIT(PROXYPORT, LONG, 59),
+
+ /* size of the POST input data, if strlen() is not good to use */
+ CINIT(POSTFIELDSIZE, LONG, 60),
+
+ /* tunnel non-http operations through a HTTP proxy */
+ CINIT(HTTPPROXYTUNNEL, LONG, 61),
+
+ /* Set the interface string to use as outgoing network interface */
+ CINIT(INTERFACE, STRINGPOINT, 62),
+
+ /* Set the krb4/5 security level, this also enables krb4/5 awareness. This
+ * is a string, 'clear', 'safe', 'confidential' or 'private'. If the string
+ * is set but doesn't match one of these, 'private' will be used. */
+ CINIT(KRBLEVEL, STRINGPOINT, 63),
+
+ /* Set if we should verify the peer in ssl handshake, set 1 to verify. */
+ CINIT(SSL_VERIFYPEER, LONG, 64),
+
+ /* The CApath or CAfile used to validate the peer certificate
+ this option is used only if SSL_VERIFYPEER is true */
+ CINIT(CAINFO, STRINGPOINT, 65),
+
+ /* 66 = OBSOLETE */
+ /* 67 = OBSOLETE */
+
+ /* Maximum number of http redirects to follow */
+ CINIT(MAXREDIRS, LONG, 68),
+
+ /* Pass a long set to 1 to get the date of the requested document (if
+ possible)! Pass a zero to shut it off. */
+ CINIT(FILETIME, LONG, 69),
+
+ /* This points to a linked list of telnet options */
+ CINIT(TELNETOPTIONS, OBJECTPOINT, 70),
+
+ /* Max amount of cached alive connections */
+ CINIT(MAXCONNECTS, LONG, 71),
+
+ CINIT(OBSOLETE72, LONG, 72), /* OBSOLETE, do not use! */
+
+ /* 73 = OBSOLETE */
+
+ /* Set to explicitly use a new connection for the upcoming transfer.
+ Do not use this unless you're absolutely sure of this, as it makes the
+ operation slower and is less friendly for the network. */
+ CINIT(FRESH_CONNECT, LONG, 74),
+
+ /* Set to explicitly forbid the upcoming transfer's connection to be re-used
+ when done. Do not use this unless you're absolutely sure of this, as it
+ makes the operation slower and is less friendly for the network. */
+ CINIT(FORBID_REUSE, LONG, 75),
+
+ /* Set to a file name that contains random data for libcurl to use to
+ seed the random engine when doing SSL connects. */
+ CINIT(RANDOM_FILE, STRINGPOINT, 76),
+
+ /* Set to the Entropy Gathering Daemon socket pathname */
+ CINIT(EGDSOCKET, STRINGPOINT, 77),
+
+ /* Time-out connect operations after this amount of seconds, if connects are
+ OK within this time, then fine... This only aborts the connect phase. */
+ CINIT(CONNECTTIMEOUT, LONG, 78),
+
+ /* Function that will be called to store headers (instead of fwrite). The
+ * parameters will use fwrite() syntax, make sure to follow them. */
+ CINIT(HEADERFUNCTION, FUNCTIONPOINT, 79),
+
+ /* Set this to force the HTTP request to get back to GET. Only really usable
+ if POST, PUT or a custom request have been used first.
+ */
+ CINIT(HTTPGET, LONG, 80),
+
+ /* Set if we should verify the Common name from the peer certificate in ssl
+ * handshake, set 1 to check existence, 2 to ensure that it matches the
+ * provided hostname. */
+ CINIT(SSL_VERIFYHOST, LONG, 81),
+
+ /* Specify which file name to write all known cookies in after completed
+ operation. Set file name to "-" (dash) to make it go to stdout. */
+ CINIT(COOKIEJAR, STRINGPOINT, 82),
+
+ /* Specify which SSL ciphers to use */
+ CINIT(SSL_CIPHER_LIST, STRINGPOINT, 83),
+
+ /* Specify which HTTP version to use! This must be set to one of the
+ CURL_HTTP_VERSION* enums set below. */
+ CINIT(HTTP_VERSION, LONG, 84),
+
+ /* Specifically switch on or off the FTP engine's use of the EPSV command. By
+ default, that one will always be attempted before the more traditional
+ PASV command. */
+ CINIT(FTP_USE_EPSV, LONG, 85),
+
+ /* type of the file keeping your SSL-certificate ("DER", "PEM", "ENG") */
+ CINIT(SSLCERTTYPE, STRINGPOINT, 86),
+
+ /* name of the file keeping your private SSL-key */
+ CINIT(SSLKEY, STRINGPOINT, 87),
+
+ /* type of the file keeping your private SSL-key ("DER", "PEM", "ENG") */
+ CINIT(SSLKEYTYPE, STRINGPOINT, 88),
+
+ /* crypto engine for the SSL-sub system */
+ CINIT(SSLENGINE, STRINGPOINT, 89),
+
+ /* set the crypto engine for the SSL-sub system as default
+ the param has no meaning...
+ */
+ CINIT(SSLENGINE_DEFAULT, LONG, 90),
+
+ /* Non-zero value means to use the global dns cache */
+ CINIT(DNS_USE_GLOBAL_CACHE, LONG, 91), /* DEPRECATED, do not use! */
+
+ /* DNS cache timeout */
+ CINIT(DNS_CACHE_TIMEOUT, LONG, 92),
+
+ /* send linked-list of pre-transfer QUOTE commands */
+ CINIT(PREQUOTE, OBJECTPOINT, 93),
+
+ /* set the debug function */
+ CINIT(DEBUGFUNCTION, FUNCTIONPOINT, 94),
+
+ /* set the data for the debug function */
+ CINIT(DEBUGDATA, OBJECTPOINT, 95),
+
+ /* mark this as start of a cookie session */
+ CINIT(COOKIESESSION, LONG, 96),
+
+ /* The CApath directory used to validate the peer certificate
+ this option is used only if SSL_VERIFYPEER is true */
+ CINIT(CAPATH, STRINGPOINT, 97),
+
+ /* Instruct libcurl to use a smaller receive buffer */
+ CINIT(BUFFERSIZE, LONG, 98),
+
+ /* Instruct libcurl to not use any signal/alarm handlers, even when using
+ timeouts. This option is useful for multi-threaded applications.
+ See libcurl-the-guide for more background information. */
+ CINIT(NOSIGNAL, LONG, 99),
+
+ /* Provide a CURLShare for mutexing non-ts data */
+ CINIT(SHARE, OBJECTPOINT, 100),
+
+ /* indicates type of proxy. accepted values are CURLPROXY_HTTP (default),
+ CURLPROXY_HTTPS, CURLPROXY_SOCKS4, CURLPROXY_SOCKS4A and
+ CURLPROXY_SOCKS5. */
+ CINIT(PROXYTYPE, LONG, 101),
+
+ /* Set the Accept-Encoding string. Use this to tell a server you would like
+ the response to be compressed. Before 7.21.6, this was known as
+ CURLOPT_ENCODING */
+ CINIT(ACCEPT_ENCODING, STRINGPOINT, 102),
+
+ /* Set pointer to private data */
+ CINIT(PRIVATE, OBJECTPOINT, 103),
+
+ /* Set aliases for HTTP 200 in the HTTP Response header */
+ CINIT(HTTP200ALIASES, OBJECTPOINT, 104),
+
+ /* Continue to send authentication (user+password) when following locations,
+ even when hostname changed. This can potentially send off the name
+ and password to whatever host the server decides. */
+ CINIT(UNRESTRICTED_AUTH, LONG, 105),
+
+ /* Specifically switch on or off the FTP engine's use of the EPRT command (
+ it also disables the LPRT attempt). By default, those ones will always be
+ attempted before the good old traditional PORT command. */
+ CINIT(FTP_USE_EPRT, LONG, 106),
+
+ /* Set this to a bitmask value to enable the particular authentications
+ methods you like. Use this in combination with CURLOPT_USERPWD.
+ Note that setting multiple bits may cause extra network round-trips. */
+ CINIT(HTTPAUTH, LONG, 107),
+
+ /* Set the ssl context callback function, currently only for OpenSSL ssl_ctx
+ in second argument. The function must be matching the
+ curl_ssl_ctx_callback proto. */
+ CINIT(SSL_CTX_FUNCTION, FUNCTIONPOINT, 108),
+
+ /* Set the userdata for the ssl context callback function's third
+ argument */
+ CINIT(SSL_CTX_DATA, OBJECTPOINT, 109),
+
+ /* FTP Option that causes missing dirs to be created on the remote server.
+ In 7.19.4 we introduced the convenience enums for this option using the
+ CURLFTP_CREATE_DIR prefix.
+ */
+ CINIT(FTP_CREATE_MISSING_DIRS, LONG, 110),
+
+ /* Set this to a bitmask value to enable the particular authentications
+ methods you like. Use this in combination with CURLOPT_PROXYUSERPWD.
+ Note that setting multiple bits may cause extra network round-trips. */
+ CINIT(PROXYAUTH, LONG, 111),
+
+ /* FTP option that changes the timeout, in seconds, associated with
+ getting a response. This is different from transfer timeout time and
+ essentially places a demand on the FTP server to acknowledge commands
+ in a timely manner. */
+ CINIT(FTP_RESPONSE_TIMEOUT, LONG, 112),
+#define CURLOPT_SERVER_RESPONSE_TIMEOUT CURLOPT_FTP_RESPONSE_TIMEOUT
+
+ /* Set this option to one of the CURL_IPRESOLVE_* defines (see below) to
+ tell libcurl to resolve names to those IP versions only. This only has
+ affect on systems with support for more than one, i.e IPv4 _and_ IPv6. */
+ CINIT(IPRESOLVE, LONG, 113),
+
+ /* Set this option to limit the size of a file that will be downloaded from
+ an HTTP or FTP server.
+
+ Note there is also _LARGE version which adds large file support for
+ platforms which have larger off_t sizes. See MAXFILESIZE_LARGE below. */
+ CINIT(MAXFILESIZE, LONG, 114),
+
+ /* See the comment for INFILESIZE above, but in short, specifies
+ * the size of the file being uploaded. -1 means unknown.
+ */
+ CINIT(INFILESIZE_LARGE, OFF_T, 115),
+
+ /* Sets the continuation offset. There is also a LONG version of this;
+ * look above for RESUME_FROM.
+ */
+ CINIT(RESUME_FROM_LARGE, OFF_T, 116),
+
+ /* Sets the maximum size of data that will be downloaded from
+ * an HTTP or FTP server. See MAXFILESIZE above for the LONG version.
+ */
+ CINIT(MAXFILESIZE_LARGE, OFF_T, 117),
+
+ /* Set this option to the file name of your .netrc file you want libcurl
+ to parse (using the CURLOPT_NETRC option). If not set, libcurl will do
+ a poor attempt to find the user's home directory and check for a .netrc
+ file in there. */
+ CINIT(NETRC_FILE, STRINGPOINT, 118),
+
+ /* Enable SSL/TLS for FTP, pick one of:
+ CURLUSESSL_TRY - try using SSL, proceed anyway otherwise
+ CURLUSESSL_CONTROL - SSL for the control connection or fail
+ CURLUSESSL_ALL - SSL for all communication or fail
+ */
+ CINIT(USE_SSL, LONG, 119),
+
+ /* The _LARGE version of the standard POSTFIELDSIZE option */
+ CINIT(POSTFIELDSIZE_LARGE, OFF_T, 120),
+
+ /* Enable/disable the TCP Nagle algorithm */
+ CINIT(TCP_NODELAY, LONG, 121),
+
+ /* 122 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */
+ /* 123 OBSOLETE. Gone in 7.16.0 */
+ /* 124 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */
+ /* 125 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */
+ /* 126 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */
+ /* 127 OBSOLETE. Gone in 7.16.0 */
+ /* 128 OBSOLETE. Gone in 7.16.0 */
+
+ /* When FTP over SSL/TLS is selected (with CURLOPT_USE_SSL), this option
+ can be used to change libcurl's default action which is to first try
+ "AUTH SSL" and then "AUTH TLS" in this order, and proceed when a OK
+ response has been received.
+
+ Available parameters are:
+ CURLFTPAUTH_DEFAULT - let libcurl decide
+ CURLFTPAUTH_SSL - try "AUTH SSL" first, then TLS
+ CURLFTPAUTH_TLS - try "AUTH TLS" first, then SSL
+ */
+ CINIT(FTPSSLAUTH, LONG, 129),
+
+ CINIT(IOCTLFUNCTION, FUNCTIONPOINT, 130),
+ CINIT(IOCTLDATA, OBJECTPOINT, 131),
+
+ /* 132 OBSOLETE. Gone in 7.16.0 */
+ /* 133 OBSOLETE. Gone in 7.16.0 */
+
+ /* zero terminated string for pass on to the FTP server when asked for
+ "account" info */
+ CINIT(FTP_ACCOUNT, STRINGPOINT, 134),
+
+ /* feed cookie into cookie engine */
+ CINIT(COOKIELIST, STRINGPOINT, 135),
+
+ /* ignore Content-Length */
+ CINIT(IGNORE_CONTENT_LENGTH, LONG, 136),
+
+ /* Set to non-zero to skip the IP address received in a 227 PASV FTP server
+ response. Typically used for FTP-SSL purposes but is not restricted to
+ that. libcurl will then instead use the same IP address it used for the
+ control connection. */
+ CINIT(FTP_SKIP_PASV_IP, LONG, 137),
+
+ /* Select "file method" to use when doing FTP, see the curl_ftpmethod
+ above. */
+ CINIT(FTP_FILEMETHOD, LONG, 138),
+
+ /* Local port number to bind the socket to */
+ CINIT(LOCALPORT, LONG, 139),
+
+ /* Number of ports to try, including the first one set with LOCALPORT.
+ Thus, setting it to 1 will make no additional attempts but the first.
+ */
+ CINIT(LOCALPORTRANGE, LONG, 140),
+
+ /* no transfer, set up connection and let application use the socket by
+ extracting it with CURLINFO_LASTSOCKET */
+ CINIT(CONNECT_ONLY, LONG, 141),
+
+ /* Function that will be called to convert from the
+ network encoding (instead of using the iconv calls in libcurl) */
+ CINIT(CONV_FROM_NETWORK_FUNCTION, FUNCTIONPOINT, 142),
+
+ /* Function that will be called to convert to the
+ network encoding (instead of using the iconv calls in libcurl) */
+ CINIT(CONV_TO_NETWORK_FUNCTION, FUNCTIONPOINT, 143),
+
+ /* Function that will be called to convert from UTF8
+ (instead of using the iconv calls in libcurl)
+ Note that this is used only for SSL certificate processing */
+ CINIT(CONV_FROM_UTF8_FUNCTION, FUNCTIONPOINT, 144),
+
+ /* if the connection proceeds too quickly then need to slow it down */
+ /* limit-rate: maximum number of bytes per second to send or receive */
+ CINIT(MAX_SEND_SPEED_LARGE, OFF_T, 145),
+ CINIT(MAX_RECV_SPEED_LARGE, OFF_T, 146),
+
+ /* Pointer to command string to send if USER/PASS fails. */
+ CINIT(FTP_ALTERNATIVE_TO_USER, STRINGPOINT, 147),
+
+ /* callback function for setting socket options */
+ CINIT(SOCKOPTFUNCTION, FUNCTIONPOINT, 148),
+ CINIT(SOCKOPTDATA, OBJECTPOINT, 149),
+
+ /* set to 0 to disable session ID re-use for this transfer, default is
+ enabled (== 1) */
+ CINIT(SSL_SESSIONID_CACHE, LONG, 150),
+
+ /* allowed SSH authentication methods */
+ CINIT(SSH_AUTH_TYPES, LONG, 151),
+
+ /* Used by scp/sftp to do public/private key authentication */
+ CINIT(SSH_PUBLIC_KEYFILE, STRINGPOINT, 152),
+ CINIT(SSH_PRIVATE_KEYFILE, STRINGPOINT, 153),
+
+ /* Send CCC (Clear Command Channel) after authentication */
+ CINIT(FTP_SSL_CCC, LONG, 154),
+
+ /* Same as TIMEOUT and CONNECTTIMEOUT, but with ms resolution */
+ CINIT(TIMEOUT_MS, LONG, 155),
+ CINIT(CONNECTTIMEOUT_MS, LONG, 156),
+
+ /* set to zero to disable the libcurl's decoding and thus pass the raw body
+ data to the application even when it is encoded/compressed */
+ CINIT(HTTP_TRANSFER_DECODING, LONG, 157),
+ CINIT(HTTP_CONTENT_DECODING, LONG, 158),
+
+ /* Permission used when creating new files and directories on the remote
+ server for protocols that support it, SFTP/SCP/FILE */
+ CINIT(NEW_FILE_PERMS, LONG, 159),
+ CINIT(NEW_DIRECTORY_PERMS, LONG, 160),
+
+ /* Set the behaviour of POST when redirecting. Values must be set to one
+ of CURL_REDIR* defines below. This used to be called CURLOPT_POST301 */
+ CINIT(POSTREDIR, LONG, 161),
+
+ /* used by scp/sftp to verify the host's public key */
+ CINIT(SSH_HOST_PUBLIC_KEY_MD5, STRINGPOINT, 162),
+
+ /* Callback function for opening socket (instead of socket(2)). Optionally,
+ callback is able change the address or refuse to connect returning
+ CURL_SOCKET_BAD. The callback should have type
+ curl_opensocket_callback */
+ CINIT(OPENSOCKETFUNCTION, FUNCTIONPOINT, 163),
+ CINIT(OPENSOCKETDATA, OBJECTPOINT, 164),
+
+ /* POST volatile input fields. */
+ CINIT(COPYPOSTFIELDS, OBJECTPOINT, 165),
+
+ /* set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy */
+ CINIT(PROXY_TRANSFER_MODE, LONG, 166),
+
+ /* Callback function for seeking in the input stream */
+ CINIT(SEEKFUNCTION, FUNCTIONPOINT, 167),
+ CINIT(SEEKDATA, OBJECTPOINT, 168),
+
+ /* CRL file */
+ CINIT(CRLFILE, STRINGPOINT, 169),
+
+ /* Issuer certificate */
+ CINIT(ISSUERCERT, STRINGPOINT, 170),
+
+ /* (IPv6) Address scope */
+ CINIT(ADDRESS_SCOPE, LONG, 171),
+
+ /* Collect certificate chain info and allow it to get retrievable with
+ CURLINFO_CERTINFO after the transfer is complete. */
+ CINIT(CERTINFO, LONG, 172),
+
+ /* "name" and "pwd" to use when fetching. */
+ CINIT(USERNAME, STRINGPOINT, 173),
+ CINIT(PASSWORD, STRINGPOINT, 174),
+
+ /* "name" and "pwd" to use with Proxy when fetching. */
+ CINIT(PROXYUSERNAME, STRINGPOINT, 175),
+ CINIT(PROXYPASSWORD, STRINGPOINT, 176),
+
+ /* Comma separated list of hostnames defining no-proxy zones. These should
+ match both hostnames directly, and hostnames within a domain. For
+ example, local.com will match local.com and www.local.com, but NOT
+ notlocal.com or www.notlocal.com. For compatibility with other
+ implementations of this, .local.com will be considered to be the same as
+ local.com. A single * is the only valid wildcard, and effectively
+ disables the use of proxy. */
+ CINIT(NOPROXY, STRINGPOINT, 177),
+
+ /* block size for TFTP transfers */
+ CINIT(TFTP_BLKSIZE, LONG, 178),
+
+ /* Socks Service */
+ CINIT(SOCKS5_GSSAPI_SERVICE, STRINGPOINT, 179), /* DEPRECATED, do not use! */
+
+ /* Socks Service */
+ CINIT(SOCKS5_GSSAPI_NEC, LONG, 180),
+
+ /* set the bitmask for the protocols that are allowed to be used for the
+ transfer, which thus helps the app which takes URLs from users or other
+ external inputs and want to restrict what protocol(s) to deal
+ with. Defaults to CURLPROTO_ALL. */
+ CINIT(PROTOCOLS, LONG, 181),
+
+ /* set the bitmask for the protocols that libcurl is allowed to follow to,
+ as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs
+ to be set in both bitmasks to be allowed to get redirected to. Defaults
+ to all protocols except FILE and SCP. */
+ CINIT(REDIR_PROTOCOLS, LONG, 182),
+
+ /* set the SSH knownhost file name to use */
+ CINIT(SSH_KNOWNHOSTS, STRINGPOINT, 183),
+
+ /* set the SSH host key callback, must point to a curl_sshkeycallback
+ function */
+ CINIT(SSH_KEYFUNCTION, FUNCTIONPOINT, 184),
+
+ /* set the SSH host key callback custom pointer */
+ CINIT(SSH_KEYDATA, OBJECTPOINT, 185),
+
+ /* set the SMTP mail originator */
+ CINIT(MAIL_FROM, STRINGPOINT, 186),
+
+ /* set the list of SMTP mail receiver(s) */
+ CINIT(MAIL_RCPT, OBJECTPOINT, 187),
+
+ /* FTP: send PRET before PASV */
+ CINIT(FTP_USE_PRET, LONG, 188),
+
+ /* RTSP request method (OPTIONS, SETUP, PLAY, etc...) */
+ CINIT(RTSP_REQUEST, LONG, 189),
+
+ /* The RTSP session identifier */
+ CINIT(RTSP_SESSION_ID, STRINGPOINT, 190),
+
+ /* The RTSP stream URI */
+ CINIT(RTSP_STREAM_URI, STRINGPOINT, 191),
+
+ /* The Transport: header to use in RTSP requests */
+ CINIT(RTSP_TRANSPORT, STRINGPOINT, 192),
+
+ /* Manually initialize the client RTSP CSeq for this handle */
+ CINIT(RTSP_CLIENT_CSEQ, LONG, 193),
+
+ /* Manually initialize the server RTSP CSeq for this handle */
+ CINIT(RTSP_SERVER_CSEQ, LONG, 194),
+
+ /* The stream to pass to INTERLEAVEFUNCTION. */
+ CINIT(INTERLEAVEDATA, OBJECTPOINT, 195),
+
+ /* Let the application define a custom write method for RTP data */
+ CINIT(INTERLEAVEFUNCTION, FUNCTIONPOINT, 196),
+
+ /* Turn on wildcard matching */
+ CINIT(WILDCARDMATCH, LONG, 197),
+
+ /* Directory matching callback called before downloading of an
+ individual file (chunk) started */
+ CINIT(CHUNK_BGN_FUNCTION, FUNCTIONPOINT, 198),
+
+ /* Directory matching callback called after the file (chunk)
+ was downloaded, or skipped */
+ CINIT(CHUNK_END_FUNCTION, FUNCTIONPOINT, 199),
+
+ /* Change match (fnmatch-like) callback for wildcard matching */
+ CINIT(FNMATCH_FUNCTION, FUNCTIONPOINT, 200),
+
+ /* Let the application define custom chunk data pointer */
+ CINIT(CHUNK_DATA, OBJECTPOINT, 201),
+
+ /* FNMATCH_FUNCTION user pointer */
+ CINIT(FNMATCH_DATA, OBJECTPOINT, 202),
+
+ /* send linked-list of name:port:address sets */
+ CINIT(RESOLVE, OBJECTPOINT, 203),
+
+ /* Set a username for authenticated TLS */
+ CINIT(TLSAUTH_USERNAME, STRINGPOINT, 204),
+
+ /* Set a password for authenticated TLS */
+ CINIT(TLSAUTH_PASSWORD, STRINGPOINT, 205),
+
+ /* Set authentication type for authenticated TLS */
+ CINIT(TLSAUTH_TYPE, STRINGPOINT, 206),
+
+ /* Set to 1 to enable the "TE:" header in HTTP requests to ask for
+ compressed transfer-encoded responses. Set to 0 to disable the use of TE:
+ in outgoing requests. The current default is 0, but it might change in a
+ future libcurl release.
+
+ libcurl will ask for the compressed methods it knows of, and if that
+ isn't any, it will not ask for transfer-encoding at all even if this
+ option is set to 1.
+
+ */
+ CINIT(TRANSFER_ENCODING, LONG, 207),
+
+ /* Callback function for closing socket (instead of close(2)). The callback
+ should have type curl_closesocket_callback */
+ CINIT(CLOSESOCKETFUNCTION, FUNCTIONPOINT, 208),
+ CINIT(CLOSESOCKETDATA, OBJECTPOINT, 209),
+
+ /* allow GSSAPI credential delegation */
+ CINIT(GSSAPI_DELEGATION, LONG, 210),
+
+ /* Set the name servers to use for DNS resolution */
+ CINIT(DNS_SERVERS, STRINGPOINT, 211),
+
+ /* Time-out accept operations (currently for FTP only) after this amount
+ of milliseconds. */
+ CINIT(ACCEPTTIMEOUT_MS, LONG, 212),
+
+ /* Set TCP keepalive */
+ CINIT(TCP_KEEPALIVE, LONG, 213),
+
+ /* non-universal keepalive knobs (Linux, AIX, HP-UX, more) */
+ CINIT(TCP_KEEPIDLE, LONG, 214),
+ CINIT(TCP_KEEPINTVL, LONG, 215),
+
+ /* Enable/disable specific SSL features with a bitmask, see CURLSSLOPT_* */
+ CINIT(SSL_OPTIONS, LONG, 216),
+
+ /* Set the SMTP auth originator */
+ CINIT(MAIL_AUTH, STRINGPOINT, 217),
+
+ /* Enable/disable SASL initial response */
+ CINIT(SASL_IR, LONG, 218),
+
+ /* Function that will be called instead of the internal progress display
+ * function. This function should be defined as the curl_xferinfo_callback
+ * prototype defines. (Deprecates CURLOPT_PROGRESSFUNCTION) */
+ CINIT(XFERINFOFUNCTION, FUNCTIONPOINT, 219),
+
+ /* The XOAUTH2 bearer token */
+ CINIT(XOAUTH2_BEARER, STRINGPOINT, 220),
+
+ /* Set the interface string to use as outgoing network
+ * interface for DNS requests.
+ * Only supported by the c-ares DNS backend */
+ CINIT(DNS_INTERFACE, STRINGPOINT, 221),
+
+ /* Set the local IPv4 address to use for outgoing DNS requests.
+ * Only supported by the c-ares DNS backend */
+ CINIT(DNS_LOCAL_IP4, STRINGPOINT, 222),
+
+ /* Set the local IPv4 address to use for outgoing DNS requests.
+ * Only supported by the c-ares DNS backend */
+ CINIT(DNS_LOCAL_IP6, STRINGPOINT, 223),
+
+ /* Set authentication options directly */
+ CINIT(LOGIN_OPTIONS, STRINGPOINT, 224),
+
+ /* Enable/disable TLS NPN extension (http2 over ssl might fail without) */
+ CINIT(SSL_ENABLE_NPN, LONG, 225),
+
+ /* Enable/disable TLS ALPN extension (http2 over ssl might fail without) */
+ CINIT(SSL_ENABLE_ALPN, LONG, 226),
+
+ /* Time to wait for a response to a HTTP request containing an
+ * Expect: 100-continue header before sending the data anyway. */
+ CINIT(EXPECT_100_TIMEOUT_MS, LONG, 227),
+
+ /* This points to a linked list of headers used for proxy requests only,
+ struct curl_slist kind */
+ CINIT(PROXYHEADER, OBJECTPOINT, 228),
+
+ /* Pass in a bitmask of "header options" */
+ CINIT(HEADEROPT, LONG, 229),
+
+ /* The public key in DER form used to validate the peer public key
+ this option is used only if SSL_VERIFYPEER is true */
+ CINIT(PINNEDPUBLICKEY, STRINGPOINT, 230),
+
+ /* Path to Unix domain socket */
+ CINIT(UNIX_SOCKET_PATH, STRINGPOINT, 231),
+
+ /* Set if we should verify the certificate status. */
+ CINIT(SSL_VERIFYSTATUS, LONG, 232),
+
+ /* Set if we should enable TLS false start. */
+ CINIT(SSL_FALSESTART, LONG, 233),
+
+ /* Do not squash dot-dot sequences */
+ CINIT(PATH_AS_IS, LONG, 234),
+
+ /* Proxy Service Name */
+ CINIT(PROXY_SERVICE_NAME, STRINGPOINT, 235),
+
+ /* Service Name */
+ CINIT(SERVICE_NAME, STRINGPOINT, 236),
+
+ /* Wait/don't wait for pipe/mutex to clarify */
+ CINIT(PIPEWAIT, LONG, 237),
+
+ /* Set the protocol used when curl is given a URL without a protocol */
+ CINIT(DEFAULT_PROTOCOL, STRINGPOINT, 238),
+
+ /* Set stream weight, 1 - 256 (default is 16) */
+ CINIT(STREAM_WEIGHT, LONG, 239),
+
+ /* Set stream dependency on another CURL handle */
+ CINIT(STREAM_DEPENDS, OBJECTPOINT, 240),
+
+ /* Set E-xclusive stream dependency on another CURL handle */
+ CINIT(STREAM_DEPENDS_E, OBJECTPOINT, 241),
+
+ /* Do not send any tftp option requests to the server */
+ CINIT(TFTP_NO_OPTIONS, LONG, 242),
+
+ /* Linked-list of host:port:connect-to-host:connect-to-port,
+ overrides the URL's host:port (only for the network layer) */
+ CINIT(CONNECT_TO, OBJECTPOINT, 243),
+
+ /* Set TCP Fast Open */
+ CINIT(TCP_FASTOPEN, LONG, 244),
+
+ /* Continue to send data if the server responds early with an
+ * HTTP status code >= 300 */
+ CINIT(KEEP_SENDING_ON_ERROR, LONG, 245),
+
+ /* The CApath or CAfile used to validate the proxy certificate
+ this option is used only if PROXY_SSL_VERIFYPEER is true */
+ CINIT(PROXY_CAINFO, STRINGPOINT, 246),
+
+ /* The CApath directory used to validate the proxy certificate
+ this option is used only if PROXY_SSL_VERIFYPEER is true */
+ CINIT(PROXY_CAPATH, STRINGPOINT, 247),
+
+ /* Set if we should verify the proxy in ssl handshake,
+ set 1 to verify. */
+ CINIT(PROXY_SSL_VERIFYPEER, LONG, 248),
+
+ /* Set if we should verify the Common name from the proxy certificate in ssl
+ * handshake, set 1 to check existence, 2 to ensure that it matches
+ * the provided hostname. */
+ CINIT(PROXY_SSL_VERIFYHOST, LONG, 249),
+
+ /* What version to specifically try to use for proxy.
+ See CURL_SSLVERSION defines below. */
+ CINIT(PROXY_SSLVERSION, LONG, 250),
+
+ /* Set a username for authenticated TLS for proxy */
+ CINIT(PROXY_TLSAUTH_USERNAME, STRINGPOINT, 251),
+
+ /* Set a password for authenticated TLS for proxy */
+ CINIT(PROXY_TLSAUTH_PASSWORD, STRINGPOINT, 252),
+
+ /* Set authentication type for authenticated TLS for proxy */
+ CINIT(PROXY_TLSAUTH_TYPE, STRINGPOINT, 253),
+
+ /* name of the file keeping your private SSL-certificate for proxy */
+ CINIT(PROXY_SSLCERT, STRINGPOINT, 254),
+
+ /* type of the file keeping your SSL-certificate ("DER", "PEM", "ENG") for
+ proxy */
+ CINIT(PROXY_SSLCERTTYPE, STRINGPOINT, 255),
+
+ /* name of the file keeping your private SSL-key for proxy */
+ CINIT(PROXY_SSLKEY, STRINGPOINT, 256),
+
+ /* type of the file keeping your private SSL-key ("DER", "PEM", "ENG") for
+ proxy */
+ CINIT(PROXY_SSLKEYTYPE, STRINGPOINT, 257),
+
+ /* password for the SSL private key for proxy */
+ CINIT(PROXY_KEYPASSWD, STRINGPOINT, 258),
+
+ /* Specify which SSL ciphers to use for proxy */
+ CINIT(PROXY_SSL_CIPHER_LIST, STRINGPOINT, 259),
+
+ /* CRL file for proxy */
+ CINIT(PROXY_CRLFILE, STRINGPOINT, 260),
+
+ /* Enable/disable specific SSL features with a bitmask for proxy, see
+ CURLSSLOPT_* */
+ CINIT(PROXY_SSL_OPTIONS, LONG, 261),
+
+ /* Name of pre proxy to use. */
+ CINIT(PRE_PROXY, STRINGPOINT, 262),
+
+ /* The public key in DER form used to validate the proxy public key
+ this option is used only if PROXY_SSL_VERIFYPEER is true */
+ CINIT(PROXY_PINNEDPUBLICKEY, STRINGPOINT, 263),
+
+ /* Path to an abstract Unix domain socket */
+ CINIT(ABSTRACT_UNIX_SOCKET, STRINGPOINT, 264),
+
+ /* Suppress proxy CONNECT response headers from user callbacks */
+ CINIT(SUPPRESS_CONNECT_HEADERS, LONG, 265),
+
+ /* The request target, instead of extracted from the URL */
+ CINIT(REQUEST_TARGET, STRINGPOINT, 266),
+
+ /* bitmask of allowed auth methods for connections to SOCKS5 proxies */
+ CINIT(SOCKS5_AUTH, LONG, 267),
+
+ CURLOPT_LASTENTRY /* the last unused */
+} CURLoption;
+
+#ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
+ the obsolete stuff removed! */
+
+/* Backwards compatibility with older names */
+/* These are scheduled to disappear by 2011 */
+
+/* This was added in version 7.19.1 */
+#define CURLOPT_POST301 CURLOPT_POSTREDIR
+
+/* These are scheduled to disappear by 2009 */
+
+/* The following were added in 7.17.0 */
+#define CURLOPT_SSLKEYPASSWD CURLOPT_KEYPASSWD
+#define CURLOPT_FTPAPPEND CURLOPT_APPEND
+#define CURLOPT_FTPLISTONLY CURLOPT_DIRLISTONLY
+#define CURLOPT_FTP_SSL CURLOPT_USE_SSL
+
+/* The following were added earlier */
+
+#define CURLOPT_SSLCERTPASSWD CURLOPT_KEYPASSWD
+#define CURLOPT_KRB4LEVEL CURLOPT_KRBLEVEL
+
+#else
+/* This is set if CURL_NO_OLDIES is defined at compile-time */
+#undef CURLOPT_DNS_USE_GLOBAL_CACHE /* soon obsolete */
+#endif
+
+
+ /* Below here follows defines for the CURLOPT_IPRESOLVE option. If a host
+ name resolves addresses using more than one IP protocol version, this
+ option might be handy to force libcurl to use a specific IP version. */
+#define CURL_IPRESOLVE_WHATEVER 0 /* default, resolves addresses to all IP
+ versions that your system allows */
+#define CURL_IPRESOLVE_V4 1 /* resolve to IPv4 addresses */
+#define CURL_IPRESOLVE_V6 2 /* resolve to IPv6 addresses */
+
+ /* three convenient "aliases" that follow the name scheme better */
+#define CURLOPT_RTSPHEADER CURLOPT_HTTPHEADER
+
+ /* These enums are for use with the CURLOPT_HTTP_VERSION option. */
+enum {
+ CURL_HTTP_VERSION_NONE, /* setting this means we don't care, and that we'd
+ like the library to choose the best possible
+ for us! */
+ CURL_HTTP_VERSION_1_0, /* please use HTTP 1.0 in the request */
+ CURL_HTTP_VERSION_1_1, /* please use HTTP 1.1 in the request */
+ CURL_HTTP_VERSION_2_0, /* please use HTTP 2 in the request */
+ CURL_HTTP_VERSION_2TLS, /* use version 2 for HTTPS, version 1.1 for HTTP */
+ CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE, /* please use HTTP 2 without HTTP/1.1
+ Upgrade */
+
+ CURL_HTTP_VERSION_LAST /* *ILLEGAL* http version */
+};
+
+/* Convenience definition simple because the name of the version is HTTP/2 and
+ not 2.0. The 2_0 version of the enum name was set while the version was
+ still planned to be 2.0 and we stick to it for compatibility. */
+#define CURL_HTTP_VERSION_2 CURL_HTTP_VERSION_2_0
+
+/*
+ * Public API enums for RTSP requests
+ */
+enum {
+ CURL_RTSPREQ_NONE, /* first in list */
+ CURL_RTSPREQ_OPTIONS,
+ CURL_RTSPREQ_DESCRIBE,
+ CURL_RTSPREQ_ANNOUNCE,
+ CURL_RTSPREQ_SETUP,
+ CURL_RTSPREQ_PLAY,
+ CURL_RTSPREQ_PAUSE,
+ CURL_RTSPREQ_TEARDOWN,
+ CURL_RTSPREQ_GET_PARAMETER,
+ CURL_RTSPREQ_SET_PARAMETER,
+ CURL_RTSPREQ_RECORD,
+ CURL_RTSPREQ_RECEIVE,
+ CURL_RTSPREQ_LAST /* last in list */
+};
+
+ /* These enums are for use with the CURLOPT_NETRC option. */
+enum CURL_NETRC_OPTION {
+ CURL_NETRC_IGNORED, /* The .netrc will never be read.
+ * This is the default. */
+ CURL_NETRC_OPTIONAL, /* A user:password in the URL will be preferred
+ * to one in the .netrc. */
+ CURL_NETRC_REQUIRED, /* A user:password in the URL will be ignored.
+ * Unless one is set programmatically, the .netrc
+ * will be queried. */
+ CURL_NETRC_LAST
+};
+
+enum {
+ CURL_SSLVERSION_DEFAULT,
+ CURL_SSLVERSION_TLSv1, /* TLS 1.x */
+ CURL_SSLVERSION_SSLv2,
+ CURL_SSLVERSION_SSLv3,
+ CURL_SSLVERSION_TLSv1_0,
+ CURL_SSLVERSION_TLSv1_1,
+ CURL_SSLVERSION_TLSv1_2,
+ CURL_SSLVERSION_TLSv1_3,
+
+ CURL_SSLVERSION_LAST /* never use, keep last */
+};
+
+enum {
+ CURL_SSLVERSION_MAX_NONE = 0,
+ CURL_SSLVERSION_MAX_DEFAULT = (CURL_SSLVERSION_TLSv1 << 16),
+ CURL_SSLVERSION_MAX_TLSv1_0 = (CURL_SSLVERSION_TLSv1_0 << 16),
+ CURL_SSLVERSION_MAX_TLSv1_1 = (CURL_SSLVERSION_TLSv1_1 << 16),
+ CURL_SSLVERSION_MAX_TLSv1_2 = (CURL_SSLVERSION_TLSv1_2 << 16),
+ CURL_SSLVERSION_MAX_TLSv1_3 = (CURL_SSLVERSION_TLSv1_3 << 16),
+
+ /* never use, keep last */
+ CURL_SSLVERSION_MAX_LAST = (CURL_SSLVERSION_LAST << 16)
+};
+
+enum CURL_TLSAUTH {
+ CURL_TLSAUTH_NONE,
+ CURL_TLSAUTH_SRP,
+ CURL_TLSAUTH_LAST /* never use, keep last */
+};
+
+/* symbols to use with CURLOPT_POSTREDIR.
+ CURL_REDIR_POST_301, CURL_REDIR_POST_302 and CURL_REDIR_POST_303
+ can be bitwise ORed so that CURL_REDIR_POST_301 | CURL_REDIR_POST_302
+ | CURL_REDIR_POST_303 == CURL_REDIR_POST_ALL */
+
+#define CURL_REDIR_GET_ALL 0
+#define CURL_REDIR_POST_301 1
+#define CURL_REDIR_POST_302 2
+#define CURL_REDIR_POST_303 4
+#define CURL_REDIR_POST_ALL \
+ (CURL_REDIR_POST_301|CURL_REDIR_POST_302|CURL_REDIR_POST_303)
+
+typedef enum {
+ CURL_TIMECOND_NONE,
+
+ CURL_TIMECOND_IFMODSINCE,
+ CURL_TIMECOND_IFUNMODSINCE,
+ CURL_TIMECOND_LASTMOD,
+
+ CURL_TIMECOND_LAST
+} curl_TimeCond;
+
+
+/* curl_strequal() and curl_strnequal() are subject for removal in a future
+ libcurl, see lib/README.curlx for details
+
+ !checksrc! disable SPACEBEFOREPAREN 2
+*/
+CURL_EXTERN int (curl_strequal)(const char *s1, const char *s2);
+CURL_EXTERN int (curl_strnequal)(const char *s1, const char *s2, size_t n);
+
+/* name is uppercase CURLFORM_<name> */
+#ifdef CFINIT
+#undef CFINIT
+#endif
+
+#ifdef CURL_ISOCPP
+#define CFINIT(name) CURLFORM_ ## name
+#else
+/* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */
+#define CFINIT(name) CURLFORM_/**/name
+#endif
+
+typedef enum {
+ CFINIT(NOTHING), /********* the first one is unused ************/
+
+ /* */
+ CFINIT(COPYNAME),
+ CFINIT(PTRNAME),
+ CFINIT(NAMELENGTH),
+ CFINIT(COPYCONTENTS),
+ CFINIT(PTRCONTENTS),
+ CFINIT(CONTENTSLENGTH),
+ CFINIT(FILECONTENT),
+ CFINIT(ARRAY),
+ CFINIT(OBSOLETE),
+ CFINIT(FILE),
+
+ CFINIT(BUFFER),
+ CFINIT(BUFFERPTR),
+ CFINIT(BUFFERLENGTH),
+
+ CFINIT(CONTENTTYPE),
+ CFINIT(CONTENTHEADER),
+ CFINIT(FILENAME),
+ CFINIT(END),
+ CFINIT(OBSOLETE2),
+
+ CFINIT(STREAM),
+ CFINIT(CONTENTLEN), /* added in 7.46.0, provide a curl_off_t length */
+
+ CURLFORM_LASTENTRY /* the last unused */
+} CURLformoption;
+
+#undef CFINIT /* done */
+
+/* structure to be used as parameter for CURLFORM_ARRAY */
+struct curl_forms {
+ CURLformoption option;
+ const char *value;
+};
+
+/* use this for multipart formpost building */
+/* Returns code for curl_formadd()
+ *
+ * Returns:
+ * CURL_FORMADD_OK on success
+ * CURL_FORMADD_MEMORY if the FormInfo allocation fails
+ * CURL_FORMADD_OPTION_TWICE if one option is given twice for one Form
+ * CURL_FORMADD_NULL if a null pointer was given for a char
+ * CURL_FORMADD_MEMORY if the allocation of a FormInfo struct failed
+ * CURL_FORMADD_UNKNOWN_OPTION if an unknown option was used
+ * CURL_FORMADD_INCOMPLETE if the some FormInfo is not complete (or error)
+ * CURL_FORMADD_MEMORY if a curl_httppost struct cannot be allocated
+ * CURL_FORMADD_MEMORY if some allocation for string copying failed.
+ * CURL_FORMADD_ILLEGAL_ARRAY if an illegal option is used in an array
+ *
+ ***************************************************************************/
+typedef enum {
+ CURL_FORMADD_OK, /* first, no error */
+
+ CURL_FORMADD_MEMORY,
+ CURL_FORMADD_OPTION_TWICE,
+ CURL_FORMADD_NULL,
+ CURL_FORMADD_UNKNOWN_OPTION,
+ CURL_FORMADD_INCOMPLETE,
+ CURL_FORMADD_ILLEGAL_ARRAY,
+ CURL_FORMADD_DISABLED, /* libcurl was built with this disabled */
+
+ CURL_FORMADD_LAST /* last */
+} CURLFORMcode;
+
+/*
+ * NAME curl_formadd()
+ *
+ * DESCRIPTION
+ *
+ * Pretty advanced function for building multi-part formposts. Each invoke
+ * adds one part that together construct a full post. Then use
+ * CURLOPT_HTTPPOST to send it off to libcurl.
+ */
+CURL_EXTERN CURLFORMcode curl_formadd(struct curl_httppost **httppost,
+ struct curl_httppost **last_post,
+ ...);
+
+/*
+ * callback function for curl_formget()
+ * The void *arg pointer will be the one passed as second argument to
+ * curl_formget().
+ * The character buffer passed to it must not be freed.
+ * Should return the buffer length passed to it as the argument "len" on
+ * success.
+ */
+typedef size_t (*curl_formget_callback)(void *arg, const char *buf,
+ size_t len);
+
+/*
+ * NAME curl_formget()
+ *
+ * DESCRIPTION
+ *
+ * Serialize a curl_httppost struct built with curl_formadd().
+ * Accepts a void pointer as second argument which will be passed to
+ * the curl_formget_callback function.
+ * Returns 0 on success.
+ */
+CURL_EXTERN int curl_formget(struct curl_httppost *form, void *arg,
+ curl_formget_callback append);
+/*
+ * NAME curl_formfree()
+ *
+ * DESCRIPTION
+ *
+ * Free a multipart formpost previously built with curl_formadd().
+ */
+CURL_EXTERN void curl_formfree(struct curl_httppost *form);
+
+/*
+ * NAME curl_getenv()
+ *
+ * DESCRIPTION
+ *
+ * Returns a malloc()'ed string that MUST be curl_free()ed after usage is
+ * complete. DEPRECATED - see lib/README.curlx
+ */
+CURL_EXTERN char *curl_getenv(const char *variable);
+
+/*
+ * NAME curl_version()
+ *
+ * DESCRIPTION
+ *
+ * Returns a static ascii string of the libcurl version.
+ */
+CURL_EXTERN char *curl_version(void);
+
+/*
+ * NAME curl_easy_escape()
+ *
+ * DESCRIPTION
+ *
+ * Escapes URL strings (converts all letters consider illegal in URLs to their
+ * %XX versions). This function returns a new allocated string or NULL if an
+ * error occurred.
+ */
+CURL_EXTERN char *curl_easy_escape(CURL *handle,
+ const char *string,
+ int length);
+
+/* the previous version: */
+CURL_EXTERN char *curl_escape(const char *string,
+ int length);
+
+
+/*
+ * NAME curl_easy_unescape()
+ *
+ * DESCRIPTION
+ *
+ * Unescapes URL encoding in strings (converts all %XX codes to their 8bit
+ * versions). This function returns a new allocated string or NULL if an error
+ * occurred.
+ * Conversion Note: On non-ASCII platforms the ASCII %XX codes are
+ * converted into the host encoding.
+ */
+CURL_EXTERN char *curl_easy_unescape(CURL *handle,
+ const char *string,
+ int length,
+ int *outlength);
+
+/* the previous version */
+CURL_EXTERN char *curl_unescape(const char *string,
+ int length);
+
+/*
+ * NAME curl_free()
+ *
+ * DESCRIPTION
+ *
+ * Provided for de-allocation in the same translation unit that did the
+ * allocation. Added in libcurl 7.10
+ */
+CURL_EXTERN void curl_free(void *p);
+
+/*
+ * NAME curl_global_init()
+ *
+ * DESCRIPTION
+ *
+ * curl_global_init() should be invoked exactly once for each application that
+ * uses libcurl and before any call of other libcurl functions.
+ *
+ * This function is not thread-safe!
+ */
+CURL_EXTERN CURLcode curl_global_init(long flags);
+
+/*
+ * NAME curl_global_init_mem()
+ *
+ * DESCRIPTION
+ *
+ * curl_global_init() or curl_global_init_mem() should be invoked exactly once
+ * for each application that uses libcurl. This function can be used to
+ * initialize libcurl and set user defined memory management callback
+ * functions. Users can implement memory management routines to check for
+ * memory leaks, check for mis-use of the curl library etc. User registered
+ * callback routines with be invoked by this library instead of the system
+ * memory management routines like malloc, free etc.
+ */
+CURL_EXTERN CURLcode curl_global_init_mem(long flags,
+ curl_malloc_callback m,
+ curl_free_callback f,
+ curl_realloc_callback r,
+ curl_strdup_callback s,
+ curl_calloc_callback c);
+
+/*
+ * NAME curl_global_cleanup()
+ *
+ * DESCRIPTION
+ *
+ * curl_global_cleanup() should be invoked exactly once for each application
+ * that uses libcurl
+ */
+CURL_EXTERN void curl_global_cleanup(void);
+
+/* linked-list structure for the CURLOPT_QUOTE option (and other) */
+struct curl_slist {
+ char *data;
+ struct curl_slist *next;
+};
+
+/*
+ * NAME curl_slist_append()
+ *
+ * DESCRIPTION
+ *
+ * Appends a string to a linked list. If no list exists, it will be created
+ * first. Returns the new list, after appending.
+ */
+CURL_EXTERN struct curl_slist *curl_slist_append(struct curl_slist *,
+ const char *);
+
+/*
+ * NAME curl_slist_free_all()
+ *
+ * DESCRIPTION
+ *
+ * free a previously built curl_slist.
+ */
+CURL_EXTERN void curl_slist_free_all(struct curl_slist *);
+
+/*
+ * NAME curl_getdate()
+ *
+ * DESCRIPTION
+ *
+ * Returns the time, in seconds since 1 Jan 1970 of the time string given in
+ * the first argument. The time argument in the second parameter is unused
+ * and should be set to NULL.
+ */
+CURL_EXTERN time_t curl_getdate(const char *p, const time_t *unused);
+
+/* info about the certificate chain, only for OpenSSL builds. Asked
+ for with CURLOPT_CERTINFO / CURLINFO_CERTINFO */
+struct curl_certinfo {
+ int num_of_certs; /* number of certificates with information */
+ struct curl_slist **certinfo; /* for each index in this array, there's a
+ linked list with textual information in the
+ format "name: value" */
+};
+
+/* enum for the different supported SSL backends */
+typedef enum {
+ CURLSSLBACKEND_NONE = 0,
+ CURLSSLBACKEND_OPENSSL = 1,
+ CURLSSLBACKEND_GNUTLS = 2,
+ CURLSSLBACKEND_NSS = 3,
+ CURLSSLBACKEND_OBSOLETE4 = 4, /* Was QSOSSL. */
+ CURLSSLBACKEND_GSKIT = 5,
+ CURLSSLBACKEND_POLARSSL = 6,
+ CURLSSLBACKEND_CYASSL = 7,
+ CURLSSLBACKEND_SCHANNEL = 8,
+ CURLSSLBACKEND_DARWINSSL = 9,
+ CURLSSLBACKEND_AXTLS = 10,
+ CURLSSLBACKEND_MBEDTLS = 11
+} curl_sslbackend;
+
+/* aliases for library clones and renames */
+#define CURLSSLBACKEND_LIBRESSL 1
+#define CURLSSLBACKEND_BORINGSSL 1
+#define CURLSSLBACKEND_WOLFSSL 6
+
+/* Information about the SSL library used and the respective internal SSL
+ handle, which can be used to obtain further information regarding the
+ connection. Asked for with CURLINFO_TLS_SSL_PTR or CURLINFO_TLS_SESSION. */
+struct curl_tlssessioninfo {
+ curl_sslbackend backend;
+ void *internals;
+};
+
+#define CURLINFO_STRING 0x100000
+#define CURLINFO_LONG 0x200000
+#define CURLINFO_DOUBLE 0x300000
+#define CURLINFO_SLIST 0x400000
+#define CURLINFO_PTR 0x400000 /* same as SLIST */
+#define CURLINFO_SOCKET 0x500000
+#define CURLINFO_OFF_T 0x600000
+#define CURLINFO_MASK 0x0fffff
+#define CURLINFO_TYPEMASK 0xf00000
+
+typedef enum {
+ CURLINFO_NONE, /* first, never use this */
+ CURLINFO_EFFECTIVE_URL = CURLINFO_STRING + 1,
+ CURLINFO_RESPONSE_CODE = CURLINFO_LONG + 2,
+ CURLINFO_TOTAL_TIME = CURLINFO_DOUBLE + 3,
+ CURLINFO_NAMELOOKUP_TIME = CURLINFO_DOUBLE + 4,
+ CURLINFO_CONNECT_TIME = CURLINFO_DOUBLE + 5,
+ CURLINFO_PRETRANSFER_TIME = CURLINFO_DOUBLE + 6,
+ CURLINFO_SIZE_UPLOAD = CURLINFO_DOUBLE + 7,
+ CURLINFO_SIZE_UPLOAD_T = CURLINFO_OFF_T + 7,
+ CURLINFO_SIZE_DOWNLOAD = CURLINFO_DOUBLE + 8,
+ CURLINFO_SIZE_DOWNLOAD_T = CURLINFO_OFF_T + 8,
+ CURLINFO_SPEED_DOWNLOAD = CURLINFO_DOUBLE + 9,
+ CURLINFO_SPEED_DOWNLOAD_T = CURLINFO_OFF_T + 9,
+ CURLINFO_SPEED_UPLOAD = CURLINFO_DOUBLE + 10,
+ CURLINFO_SPEED_UPLOAD_T = CURLINFO_OFF_T + 10,
+ CURLINFO_HEADER_SIZE = CURLINFO_LONG + 11,
+ CURLINFO_REQUEST_SIZE = CURLINFO_LONG + 12,
+ CURLINFO_SSL_VERIFYRESULT = CURLINFO_LONG + 13,
+ CURLINFO_FILETIME = CURLINFO_LONG + 14,
+ CURLINFO_CONTENT_LENGTH_DOWNLOAD = CURLINFO_DOUBLE + 15,
+ CURLINFO_CONTENT_LENGTH_DOWNLOAD_T = CURLINFO_OFF_T + 15,
+ CURLINFO_CONTENT_LENGTH_UPLOAD = CURLINFO_DOUBLE + 16,
+ CURLINFO_CONTENT_LENGTH_UPLOAD_T = CURLINFO_OFF_T + 16,
+ CURLINFO_STARTTRANSFER_TIME = CURLINFO_DOUBLE + 17,
+ CURLINFO_CONTENT_TYPE = CURLINFO_STRING + 18,
+ CURLINFO_REDIRECT_TIME = CURLINFO_DOUBLE + 19,
+ CURLINFO_REDIRECT_COUNT = CURLINFO_LONG + 20,
+ CURLINFO_PRIVATE = CURLINFO_STRING + 21,
+ CURLINFO_HTTP_CONNECTCODE = CURLINFO_LONG + 22,
+ CURLINFO_HTTPAUTH_AVAIL = CURLINFO_LONG + 23,
+ CURLINFO_PROXYAUTH_AVAIL = CURLINFO_LONG + 24,
+ CURLINFO_OS_ERRNO = CURLINFO_LONG + 25,
+ CURLINFO_NUM_CONNECTS = CURLINFO_LONG + 26,
+ CURLINFO_SSL_ENGINES = CURLINFO_SLIST + 27,
+ CURLINFO_COOKIELIST = CURLINFO_SLIST + 28,
+ CURLINFO_LASTSOCKET = CURLINFO_LONG + 29,
+ CURLINFO_FTP_ENTRY_PATH = CURLINFO_STRING + 30,
+ CURLINFO_REDIRECT_URL = CURLINFO_STRING + 31,
+ CURLINFO_PRIMARY_IP = CURLINFO_STRING + 32,
+ CURLINFO_APPCONNECT_TIME = CURLINFO_DOUBLE + 33,
+ CURLINFO_CERTINFO = CURLINFO_PTR + 34,
+ CURLINFO_CONDITION_UNMET = CURLINFO_LONG + 35,
+ CURLINFO_RTSP_SESSION_ID = CURLINFO_STRING + 36,
+ CURLINFO_RTSP_CLIENT_CSEQ = CURLINFO_LONG + 37,
+ CURLINFO_RTSP_SERVER_CSEQ = CURLINFO_LONG + 38,
+ CURLINFO_RTSP_CSEQ_RECV = CURLINFO_LONG + 39,
+ CURLINFO_PRIMARY_PORT = CURLINFO_LONG + 40,
+ CURLINFO_LOCAL_IP = CURLINFO_STRING + 41,
+ CURLINFO_LOCAL_PORT = CURLINFO_LONG + 42,
+ CURLINFO_TLS_SESSION = CURLINFO_PTR + 43,
+ CURLINFO_ACTIVESOCKET = CURLINFO_SOCKET + 44,
+ CURLINFO_TLS_SSL_PTR = CURLINFO_PTR + 45,
+ CURLINFO_HTTP_VERSION = CURLINFO_LONG + 46,
+ CURLINFO_PROXY_SSL_VERIFYRESULT = CURLINFO_LONG + 47,
+ CURLINFO_PROTOCOL = CURLINFO_LONG + 48,
+ CURLINFO_SCHEME = CURLINFO_STRING + 49,
+ /* Fill in new entries below here! */
+
+ CURLINFO_LASTONE = 49
+} CURLINFO;
+
+/* CURLINFO_RESPONSE_CODE is the new name for the option previously known as
+ CURLINFO_HTTP_CODE */
+#define CURLINFO_HTTP_CODE CURLINFO_RESPONSE_CODE
+
+typedef enum {
+ CURLCLOSEPOLICY_NONE, /* first, never use this */
+
+ CURLCLOSEPOLICY_OLDEST,
+ CURLCLOSEPOLICY_LEAST_RECENTLY_USED,
+ CURLCLOSEPOLICY_LEAST_TRAFFIC,
+ CURLCLOSEPOLICY_SLOWEST,
+ CURLCLOSEPOLICY_CALLBACK,
+
+ CURLCLOSEPOLICY_LAST /* last, never use this */
+} curl_closepolicy;
+
+#define CURL_GLOBAL_SSL (1<<0)
+#define CURL_GLOBAL_WIN32 (1<<1)
+#define CURL_GLOBAL_ALL (CURL_GLOBAL_SSL|CURL_GLOBAL_WIN32)
+#define CURL_GLOBAL_NOTHING 0
+#define CURL_GLOBAL_DEFAULT CURL_GLOBAL_ALL
+#define CURL_GLOBAL_ACK_EINTR (1<<2)
+
+
+/*****************************************************************************
+ * Setup defines, protos etc for the sharing stuff.
+ */
+
+/* Different data locks for a single share */
+typedef enum {
+ CURL_LOCK_DATA_NONE = 0,
+ /* CURL_LOCK_DATA_SHARE is used internally to say that
+ * the locking is just made to change the internal state of the share
+ * itself.
+ */
+ CURL_LOCK_DATA_SHARE,
+ CURL_LOCK_DATA_COOKIE,
+ CURL_LOCK_DATA_DNS,
+ CURL_LOCK_DATA_SSL_SESSION,
+ CURL_LOCK_DATA_CONNECT,
+ CURL_LOCK_DATA_LAST
+} curl_lock_data;
+
+/* Different lock access types */
+typedef enum {
+ CURL_LOCK_ACCESS_NONE = 0, /* unspecified action */
+ CURL_LOCK_ACCESS_SHARED = 1, /* for read perhaps */
+ CURL_LOCK_ACCESS_SINGLE = 2, /* for write perhaps */
+ CURL_LOCK_ACCESS_LAST /* never use */
+} curl_lock_access;
+
+typedef void (*curl_lock_function)(CURL *handle,
+ curl_lock_data data,
+ curl_lock_access locktype,
+ void *userptr);
+typedef void (*curl_unlock_function)(CURL *handle,
+ curl_lock_data data,
+ void *userptr);
+
+
+typedef enum {
+ CURLSHE_OK, /* all is fine */
+ CURLSHE_BAD_OPTION, /* 1 */
+ CURLSHE_IN_USE, /* 2 */
+ CURLSHE_INVALID, /* 3 */
+ CURLSHE_NOMEM, /* 4 out of memory */
+ CURLSHE_NOT_BUILT_IN, /* 5 feature not present in lib */
+ CURLSHE_LAST /* never use */
+} CURLSHcode;
+
+typedef enum {
+ CURLSHOPT_NONE, /* don't use */
+ CURLSHOPT_SHARE, /* specify a data type to share */
+ CURLSHOPT_UNSHARE, /* specify which data type to stop sharing */
+ CURLSHOPT_LOCKFUNC, /* pass in a 'curl_lock_function' pointer */
+ CURLSHOPT_UNLOCKFUNC, /* pass in a 'curl_unlock_function' pointer */
+ CURLSHOPT_USERDATA, /* pass in a user data pointer used in the lock/unlock
+ callback functions */
+ CURLSHOPT_LAST /* never use */
+} CURLSHoption;
+
+CURL_EXTERN CURLSH *curl_share_init(void);
+CURL_EXTERN CURLSHcode curl_share_setopt(CURLSH *, CURLSHoption option, ...);
+CURL_EXTERN CURLSHcode curl_share_cleanup(CURLSH *);
+
+/****************************************************************************
+ * Structures for querying information about the curl library at runtime.
+ */
+
+typedef enum {
+ CURLVERSION_FIRST,
+ CURLVERSION_SECOND,
+ CURLVERSION_THIRD,
+ CURLVERSION_FOURTH,
+ CURLVERSION_LAST /* never actually use this */
+} CURLversion;
+
+/* The 'CURLVERSION_NOW' is the symbolic name meant to be used by
+ basically all programs ever that want to get version information. It is
+ meant to be a built-in version number for what kind of struct the caller
+ expects. If the struct ever changes, we redefine the NOW to another enum
+ from above. */
+#define CURLVERSION_NOW CURLVERSION_FOURTH
+
+typedef struct {
+ CURLversion age; /* age of the returned struct */
+ const char *version; /* LIBCURL_VERSION */
+ unsigned int version_num; /* LIBCURL_VERSION_NUM */
+ const char *host; /* OS/host/cpu/machine when configured */
+ int features; /* bitmask, see defines below */
+ const char *ssl_version; /* human readable string */
+ long ssl_version_num; /* not used anymore, always 0 */
+ const char *libz_version; /* human readable string */
+ /* protocols is terminated by an entry with a NULL protoname */
+ const char * const *protocols;
+
+ /* The fields below this were added in CURLVERSION_SECOND */
+ const char *ares;
+ int ares_num;
+
+ /* This field was added in CURLVERSION_THIRD */
+ const char *libidn;
+
+ /* These field were added in CURLVERSION_FOURTH */
+
+ /* Same as '_libiconv_version' if built with HAVE_ICONV */
+ int iconv_ver_num;
+
+ const char *libssh_version; /* human readable string */
+
+} curl_version_info_data;
+
+#define CURL_VERSION_IPV6 (1<<0) /* IPv6-enabled */
+#define CURL_VERSION_KERBEROS4 (1<<1) /* Kerberos V4 auth is supported
+ (deprecated) */
+#define CURL_VERSION_SSL (1<<2) /* SSL options are present */
+#define CURL_VERSION_LIBZ (1<<3) /* libz features are present */
+#define CURL_VERSION_NTLM (1<<4) /* NTLM auth is supported */
+#define CURL_VERSION_GSSNEGOTIATE (1<<5) /* Negotiate auth is supported
+ (deprecated) */
+#define CURL_VERSION_DEBUG (1<<6) /* Built with debug capabilities */
+#define CURL_VERSION_ASYNCHDNS (1<<7) /* Asynchronous DNS resolves */
+#define CURL_VERSION_SPNEGO (1<<8) /* SPNEGO auth is supported */
+#define CURL_VERSION_LARGEFILE (1<<9) /* Supports files larger than 2GB */
+#define CURL_VERSION_IDN (1<<10) /* Internationized Domain Names are
+ supported */
+#define CURL_VERSION_SSPI (1<<11) /* Built against Windows SSPI */
+#define CURL_VERSION_CONV (1<<12) /* Character conversions supported */
+#define CURL_VERSION_CURLDEBUG (1<<13) /* Debug memory tracking supported */
+#define CURL_VERSION_TLSAUTH_SRP (1<<14) /* TLS-SRP auth is supported */
+#define CURL_VERSION_NTLM_WB (1<<15) /* NTLM delegation to winbind helper
+ is supported */
+#define CURL_VERSION_HTTP2 (1<<16) /* HTTP2 support built-in */
+#define CURL_VERSION_GSSAPI (1<<17) /* Built against a GSS-API library */
+#define CURL_VERSION_KERBEROS5 (1<<18) /* Kerberos V5 auth is supported */
+#define CURL_VERSION_UNIX_SOCKETS (1<<19) /* Unix domain sockets support */
+#define CURL_VERSION_PSL (1<<20) /* Mozilla's Public Suffix List, used
+ for cookie domain verification */
+#define CURL_VERSION_HTTPS_PROXY (1<<21) /* HTTPS-proxy support built-in */
+
+ /*
+ * NAME curl_version_info()
+ *
+ * DESCRIPTION
+ *
+ * This function returns a pointer to a static copy of the version info
+ * struct. See above.
+ */
+CURL_EXTERN curl_version_info_data *curl_version_info(CURLversion);
+
+/*
+ * NAME curl_easy_strerror()
+ *
+ * DESCRIPTION
+ *
+ * The curl_easy_strerror function may be used to turn a CURLcode value
+ * into the equivalent human readable error string. This is useful
+ * for printing meaningful error messages.
+ */
+CURL_EXTERN const char *curl_easy_strerror(CURLcode);
+
+/*
+ * NAME curl_share_strerror()
+ *
+ * DESCRIPTION
+ *
+ * The curl_share_strerror function may be used to turn a CURLSHcode value
+ * into the equivalent human readable error string. This is useful
+ * for printing meaningful error messages.
+ */
+CURL_EXTERN const char *curl_share_strerror(CURLSHcode);
+
+/*
+ * NAME curl_easy_pause()
+ *
+ * DESCRIPTION
+ *
+ * The curl_easy_pause function pauses or unpauses transfers. Select the new
+ * state by setting the bitmask, use the convenience defines below.
+ *
+ */
+CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int bitmask);
+
+#define CURLPAUSE_RECV (1<<0)
+#define CURLPAUSE_RECV_CONT (0)
+
+#define CURLPAUSE_SEND (1<<2)
+#define CURLPAUSE_SEND_CONT (0)
+
+#define CURLPAUSE_ALL (CURLPAUSE_RECV|CURLPAUSE_SEND)
+#define CURLPAUSE_CONT (CURLPAUSE_RECV_CONT|CURLPAUSE_SEND_CONT)
+
+#ifdef __cplusplus
+}
+#endif
+
+/* unfortunately, the easy.h and multi.h include files need options and info
+ stuff before they can be included! */
+#include "easy.h" /* nothing in curl is fun without the easy stuff */
+#include "multi.h"
+
+/* the typechecker doesn't work in C++ (yet) */
+#if defined(__GNUC__) && defined(__GNUC_MINOR__) && \
+ ((__GNUC__ > 4) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3)) && \
+ !defined(__cplusplus) && !defined(CURL_DISABLE_TYPECHECK)
+#include "typecheck-gcc.h"
+#else
+#if defined(__STDC__) && (__STDC__ >= 1)
+/* This preprocessor magic that replaces a call with the exact same call is
+ only done to make sure application authors pass exactly three arguments
+ to these functions. */
+#define curl_easy_setopt(handle,opt,param) curl_easy_setopt(handle,opt,param)
+#define curl_easy_getinfo(handle,info,arg) curl_easy_getinfo(handle,info,arg)
+#define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
+#define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
+#endif /* __STDC__ >= 1 */
+#endif /* gcc >= 4.3 && !__cplusplus */
+
+#endif /* __CURL_CURL_H */
diff --git a/include/gnurl/curlver.h b/include/gnurl/curlver.h
new file mode 100644
index 000000000..2165d55b1
--- /dev/null
+++ b/include/gnurl/curlver.h
@@ -0,0 +1,77 @@
+#ifndef __CURL_CURLVER_H
+#define __CURL_CURLVER_H
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/* This header file contains nothing but libcurl version info, generated by
+ a script at release-time. This was made its own header file in 7.11.2 */
+
+/* This is the global package copyright */
+#define LIBCURL_COPYRIGHT "1996 - 2017 Daniel Stenberg, <address@hidden>."
+
+/* This is the version number of the libcurl package from which this header
+ file origins: */
+#define LIBCURL_VERSION "7.55.1-DEV"
+
+/* The numeric version number is also available "in parts" by using these
+ defines: */
+#define LIBCURL_VERSION_MAJOR 7
+#define LIBCURL_VERSION_MINOR 55
+#define LIBCURL_VERSION_PATCH 1
+
+/* This is the numeric version of the libcurl version number, meant for easier
+ parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
+ always follow this syntax:
+
+ 0xXXYYZZ
+
+ Where XX, YY and ZZ are the main version, release and patch numbers in
+ hexadecimal (using 8 bits each). All three numbers are always represented
+ using two digits. 1.2 would appear as "0x010200" while version 9.11.7
+ appears as "0x090b07".
+
+ This 6-digit (24 bits) hexadecimal number does not show pre-release number,
+ and it is always a greater number in a more recent release. It makes
+ comparisons with greater than and less than work.
+
+ Note: This define is the full hex number and _does not_ use the
+ CURL_VERSION_BITS() macro since curl's own configure script greps for it
+ and needs it to contain the full number.
+*/
+#define LIBCURL_VERSION_NUM 0x073701
+
+/*
+ * This is the date and time when the full source package was created. The
+ * timestamp is not stored in git, as the timestamp is properly set in the
+ * tarballs by the maketgz script.
+ *
+ * The format of the date follows this template:
+ *
+ * "2007-11-23"
+ */
+#define LIBCURL_TIMESTAMP "[unreleased]"
+
+#define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|z)
+#define CURL_AT_LEAST_VERSION(x,y,z) \
+ (LIBCURL_VERSION_NUM >= CURL_VERSION_BITS(x, y, z))
+
+#endif /* __CURL_CURLVER_H */
diff --git a/include/gnurl/easy.h b/include/gnurl/easy.h
new file mode 100644
index 000000000..752c5049f
--- /dev/null
+++ b/include/gnurl/easy.h
@@ -0,0 +1,102 @@
+#ifndef __CURL_EASY_H
+#define __CURL_EASY_H
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+CURL_EXTERN CURL *curl_easy_init(void);
+CURL_EXTERN CURLcode curl_easy_setopt(CURL *curl, CURLoption option, ...);
+CURL_EXTERN CURLcode curl_easy_perform(CURL *curl);
+CURL_EXTERN void curl_easy_cleanup(CURL *curl);
+
+/*
+ * NAME curl_easy_getinfo()
+ *
+ * DESCRIPTION
+ *
+ * Request internal information from the curl session with this function. The
+ * third argument MUST be a pointer to a long, a pointer to a char * or a
+ * pointer to a double (as the documentation describes elsewhere). The data
+ * pointed to will be filled in accordingly and can be relied upon only if the
+ * function returns CURLE_OK. This function is intended to get used *AFTER* a
+ * performed transfer, all results from this function are undefined until the
+ * transfer is completed.
+ */
+CURL_EXTERN CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...);
+
+
+/*
+ * NAME curl_easy_duphandle()
+ *
+ * DESCRIPTION
+ *
+ * Creates a new curl session handle with the same options set for the handle
+ * passed in. Duplicating a handle could only be a matter of cloning data and
+ * options, internal state info and things like persistent connections cannot
+ * be transferred. It is useful in multithreaded applications when you can run
+ * curl_easy_duphandle() for each new thread to avoid a series of identical
+ * curl_easy_setopt() invokes in every thread.
+ */
+CURL_EXTERN CURL *curl_easy_duphandle(CURL *curl);
+
+/*
+ * NAME curl_easy_reset()
+ *
+ * DESCRIPTION
+ *
+ * Re-initializes a CURL handle to the default values. This puts back the
+ * handle to the same state as it was in when it was just created.
+ *
+ * It does keep: live connections, the Session ID cache, the DNS cache and the
+ * cookies.
+ */
+CURL_EXTERN void curl_easy_reset(CURL *curl);
+
+/*
+ * NAME curl_easy_recv()
+ *
+ * DESCRIPTION
+ *
+ * Receives data from the connected socket. Use after successful
+ * curl_easy_perform() with CURLOPT_CONNECT_ONLY option.
+ */
+CURL_EXTERN CURLcode curl_easy_recv(CURL *curl, void *buffer, size_t buflen,
+ size_t *n);
+
+/*
+ * NAME curl_easy_send()
+ *
+ * DESCRIPTION
+ *
+ * Sends data over the connected socket. Use after successful
+ * curl_easy_perform() with CURLOPT_CONNECT_ONLY option.
+ */
+CURL_EXTERN CURLcode curl_easy_send(CURL *curl, const void *buffer,
+ size_t buflen, size_t *n);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/include/curl/mprintf.h b/include/gnurl/mprintf.h
similarity index 100%
rename from include/curl/mprintf.h
rename to include/gnurl/mprintf.h
diff --git a/include/gnurl/multi.h b/include/gnurl/multi.h
new file mode 100644
index 000000000..46d979853
--- /dev/null
+++ b/include/gnurl/multi.h
@@ -0,0 +1,439 @@
+#ifndef __CURL_MULTI_H
+#define __CURL_MULTI_H
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+/*
+ This is an "external" header file. Don't give away any internals here!
+
+ GOALS
+
+ o Enable a "pull" interface. The application that uses libcurl decides where
+ and when to ask libcurl to get/send data.
+
+ o Enable multiple simultaneous transfers in the same thread without making it
+ complicated for the application.
+
+ o Enable the application to select() on its own file descriptors and curl's
+ file descriptors simultaneous easily.
+
+*/
+
+/*
+ * This header file should not really need to include "curl.h" since curl.h
+ * itself includes this file and we expect user applications to do #include
+ * <gnurl/curl.h> without the need for especially including multi.h.
+ *
+ * For some reason we added this include here at one point, and rather than to
+ * break existing (wrongly written) libcurl applications, we leave it as-is
+ * but with this warning attached.
+ */
+#include "curl.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(BUILDING_LIBCURL) || defined(CURL_STRICTER)
+typedef struct Curl_multi CURLM;
+#else
+typedef void CURLM;
+#endif
+
+typedef enum {
+ CURLM_CALL_MULTI_PERFORM = -1, /* please call curl_multi_perform() or
+ curl_multi_socket*() soon */
+ CURLM_OK,
+ CURLM_BAD_HANDLE, /* the passed-in handle is not a valid CURLM handle */
+ CURLM_BAD_EASY_HANDLE, /* an easy handle was not good/valid */
+ CURLM_OUT_OF_MEMORY, /* if you ever get this, you're in deep sh*t */
+ CURLM_INTERNAL_ERROR, /* this is a libcurl bug */
+ CURLM_BAD_SOCKET, /* the passed in socket argument did not match */
+ CURLM_UNKNOWN_OPTION, /* curl_multi_setopt() with unsupported option */
+ CURLM_ADDED_ALREADY, /* an easy handle already added to a multi handle was
+ attempted to get added - again */
+ CURLM_LAST
+} CURLMcode;
+
+/* just to make code nicer when using curl_multi_socket() you can now check
+ for CURLM_CALL_MULTI_SOCKET too in the same style it works for
+ curl_multi_perform() and CURLM_CALL_MULTI_PERFORM */
+#define CURLM_CALL_MULTI_SOCKET CURLM_CALL_MULTI_PERFORM
+
+/* bitmask bits for CURLMOPT_PIPELINING */
+#define CURLPIPE_NOTHING 0L
+#define CURLPIPE_HTTP1 1L
+#define CURLPIPE_MULTIPLEX 2L
+
+typedef enum {
+ CURLMSG_NONE, /* first, not used */
+ CURLMSG_DONE, /* This easy handle has completed. 'result' contains
+ the CURLcode of the transfer */
+ CURLMSG_LAST /* last, not used */
+} CURLMSG;
+
+struct CURLMsg {
+ CURLMSG msg; /* what this message means */
+ CURL *easy_handle; /* the handle it concerns */
+ union {
+ void *whatever; /* message-specific data */
+ CURLcode result; /* return code for transfer */
+ } data;
+};
+typedef struct CURLMsg CURLMsg;
+
+/* Based on poll(2) structure and values.
+ * We don't use pollfd and POLL* constants explicitly
+ * to cover platforms without poll(). */
+#define CURL_WAIT_POLLIN 0x0001
+#define CURL_WAIT_POLLPRI 0x0002
+#define CURL_WAIT_POLLOUT 0x0004
+
+struct curl_waitfd {
+ curl_socket_t fd;
+ short events;
+ short revents; /* not supported yet */
+};
+
+/*
+ * Name: curl_multi_init()
+ *
+ * Desc: inititalize multi-style curl usage
+ *
+ * Returns: a new CURLM handle to use in all 'curl_multi' functions.
+ */
+CURL_EXTERN CURLM *curl_multi_init(void);
+
+/*
+ * Name: curl_multi_add_handle()
+ *
+ * Desc: add a standard curl handle to the multi stack
+ *
+ * Returns: CURLMcode type, general multi error code.
+ */
+CURL_EXTERN CURLMcode curl_multi_add_handle(CURLM *multi_handle,
+ CURL *curl_handle);
+
+ /*
+ * Name: curl_multi_remove_handle()
+ *
+ * Desc: removes a curl handle from the multi stack again
+ *
+ * Returns: CURLMcode type, general multi error code.
+ */
+CURL_EXTERN CURLMcode curl_multi_remove_handle(CURLM *multi_handle,
+ CURL *curl_handle);
+
+ /*
+ * Name: curl_multi_fdset()
+ *
+ * Desc: Ask curl for its fd_set sets. The app can use these to select() or
+ * poll() on. We want curl_multi_perform() called as soon as one of
+ * them are ready.
+ *
+ * Returns: CURLMcode type, general multi error code.
+ */
+CURL_EXTERN CURLMcode curl_multi_fdset(CURLM *multi_handle,
+ fd_set *read_fd_set,
+ fd_set *write_fd_set,
+ fd_set *exc_fd_set,
+ int *max_fd);
+
+/*
+ * Name: curl_multi_wait()
+ *
+ * Desc: Poll on all fds within a CURLM set as well as any
+ * additional fds passed to the function.
+ *
+ * Returns: CURLMcode type, general multi error code.
+ */
+CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle,
+ struct curl_waitfd extra_fds[],
+ unsigned int extra_nfds,
+ int timeout_ms,
+ int *ret);
+
+ /*
+ * Name: curl_multi_perform()
+ *
+ * Desc: When the app thinks there's data available for curl it calls this
+ * function to read/write whatever there is right now. This returns
+ * as soon as the reads and writes are done. This function does not
+ * require that there actually is data available for reading or that
+ * data can be written, it can be called just in case. It returns
+ * the number of handles that still transfer data in the second
+ * argument's integer-pointer.
+ *
+ * Returns: CURLMcode type, general multi error code. *NOTE* that this only
+ * returns errors etc regarding the whole multi stack. There might
+ * still have occurred problems on invidual transfers even when this
+ * returns OK.
+ */
+CURL_EXTERN CURLMcode curl_multi_perform(CURLM *multi_handle,
+ int *running_handles);
+
+ /*
+ * Name: curl_multi_cleanup()
+ *
+ * Desc: Cleans up and removes a whole multi stack. It does not free or
+ * touch any individual easy handles in any way. We need to define
+ * in what state those handles will be if this function is called
+ * in the middle of a transfer.
+ *
+ * Returns: CURLMcode type, general multi error code.
+ */
+CURL_EXTERN CURLMcode curl_multi_cleanup(CURLM *multi_handle);
+
+/*
+ * Name: curl_multi_info_read()
+ *
+ * Desc: Ask the multi handle if there's any messages/informationals from
+ * the individual transfers. Messages include informationals such as
+ * error code from the transfer or just the fact that a transfer is
+ * completed. More details on these should be written down as well.
+ *
+ * Repeated calls to this function will return a new struct each
+ * time, until a special "end of msgs" struct is returned as a signal
+ * that there is no more to get at this point.
+ *
+ * The data the returned pointer points to will not survive calling
+ * curl_multi_cleanup().
+ *
+ * The 'CURLMsg' struct is meant to be very simple and only contain
+ * very basic information. If more involved information is wanted,
+ * we will provide the particular "transfer handle" in that struct
+ * and that should/could/would be used in subsequent
+ * curl_easy_getinfo() calls (or similar). The point being that we
+ * must never expose complex structs to applications, as then we'll
+ * undoubtably get backwards compatibility problems in the future.
+ *
+ * Returns: A pointer to a filled-in struct, or NULL if it failed or ran out
+ * of structs. It also writes the number of messages left in the
+ * queue (after this read) in the integer the second argument points
+ * to.
+ */
+CURL_EXTERN CURLMsg *curl_multi_info_read(CURLM *multi_handle,
+ int *msgs_in_queue);
+
+/*
+ * Name: curl_multi_strerror()
+ *
+ * Desc: The curl_multi_strerror function may be used to turn a CURLMcode
+ * value into the equivalent human readable error string. This is
+ * useful for printing meaningful error messages.
+ *
+ * Returns: A pointer to a zero-terminated error message.
+ */
+CURL_EXTERN const char *curl_multi_strerror(CURLMcode);
+
+/*
+ * Name: curl_multi_socket() and
+ * curl_multi_socket_all()
+ *
+ * Desc: An alternative version of curl_multi_perform() that allows the
+ * application to pass in one of the file descriptors that have been
+ * detected to have "action" on them and let libcurl perform.
+ * See man page for details.
+ */
+#define CURL_POLL_NONE 0
+#define CURL_POLL_IN 1
+#define CURL_POLL_OUT 2
+#define CURL_POLL_INOUT 3
+#define CURL_POLL_REMOVE 4
+
+#define CURL_SOCKET_TIMEOUT CURL_SOCKET_BAD
+
+#define CURL_CSELECT_IN 0x01
+#define CURL_CSELECT_OUT 0x02
+#define CURL_CSELECT_ERR 0x04
+
+typedef int (*curl_socket_callback)(CURL *easy, /* easy handle */
+ curl_socket_t s, /* socket */
+ int what, /* see above */
+ void *userp, /* private callback
+ pointer */
+ void *socketp); /* private socket
+ pointer */
+/*
+ * Name: curl_multi_timer_callback
+ *
+ * Desc: Called by libcurl whenever the library detects a change in the
+ * maximum number of milliseconds the app is allowed to wait before
+ * curl_multi_socket() or curl_multi_perform() must be called
+ * (to allow libcurl's timed events to take place).
+ *
+ * Returns: The callback should return zero.
+ */
+typedef int (*curl_multi_timer_callback)(CURLM *multi, /* multi handle */
+ long timeout_ms, /* see above */
+ void *userp); /* private callback
+ pointer */
+
+CURL_EXTERN CURLMcode curl_multi_socket(CURLM *multi_handle, curl_socket_t s,
+ int *running_handles);
+
+CURL_EXTERN CURLMcode curl_multi_socket_action(CURLM *multi_handle,
+ curl_socket_t s,
+ int ev_bitmask,
+ int *running_handles);
+
+CURL_EXTERN CURLMcode curl_multi_socket_all(CURLM *multi_handle,
+ int *running_handles);
+
+#ifndef CURL_ALLOW_OLD_MULTI_SOCKET
+/* This macro below was added in 7.16.3 to push users who recompile to use
+ the new curl_multi_socket_action() instead of the old curl_multi_socket()
+*/
+#define curl_multi_socket(x,y,z) curl_multi_socket_action(x,y,0,z)
+#endif
+
+/*
+ * Name: curl_multi_timeout()
+ *
+ * Desc: Returns the maximum number of milliseconds the app is allowed to
+ * wait before curl_multi_socket() or curl_multi_perform() must be
+ * called (to allow libcurl's timed events to take place).
+ *
+ * Returns: CURLM error code.
+ */
+CURL_EXTERN CURLMcode curl_multi_timeout(CURLM *multi_handle,
+ long *milliseconds);
+
+#undef CINIT /* re-using the same name as in curl.h */
+
+#ifdef CURL_ISOCPP
+#define CINIT(name,type,num) CURLMOPT_ ## name = CURLOPTTYPE_ ## type + num
+#else
+/* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */
+#define LONG CURLOPTTYPE_LONG
+#define OBJECTPOINT CURLOPTTYPE_OBJECTPOINT
+#define FUNCTIONPOINT CURLOPTTYPE_FUNCTIONPOINT
+#define OFF_T CURLOPTTYPE_OFF_T
+#define CINIT(name,type,number) CURLMOPT_/**/name = type + number
+#endif
+
+typedef enum {
+ /* This is the socket callback function pointer */
+ CINIT(SOCKETFUNCTION, FUNCTIONPOINT, 1),
+
+ /* This is the argument passed to the socket callback */
+ CINIT(SOCKETDATA, OBJECTPOINT, 2),
+
+ /* set to 1 to enable pipelining for this multi handle */
+ CINIT(PIPELINING, LONG, 3),
+
+ /* This is the timer callback function pointer */
+ CINIT(TIMERFUNCTION, FUNCTIONPOINT, 4),
+
+ /* This is the argument passed to the timer callback */
+ CINIT(TIMERDATA, OBJECTPOINT, 5),
+
+ /* maximum number of entries in the connection cache */
+ CINIT(MAXCONNECTS, LONG, 6),
+
+ /* maximum number of (pipelining) connections to one host */
+ CINIT(MAX_HOST_CONNECTIONS, LONG, 7),
+
+ /* maximum number of requests in a pipeline */
+ CINIT(MAX_PIPELINE_LENGTH, LONG, 8),
+
+ /* a connection with a content-length longer than this
+ will not be considered for pipelining */
+ CINIT(CONTENT_LENGTH_PENALTY_SIZE, OFF_T, 9),
+
+ /* a connection with a chunk length longer than this
+ will not be considered for pipelining */
+ CINIT(CHUNK_LENGTH_PENALTY_SIZE, OFF_T, 10),
+
+ /* a list of site names(+port) that are blacklisted from
+ pipelining */
+ CINIT(PIPELINING_SITE_BL, OBJECTPOINT, 11),
+
+ /* a list of server types that are blacklisted from
+ pipelining */
+ CINIT(PIPELINING_SERVER_BL, OBJECTPOINT, 12),
+
+ /* maximum number of open connections in total */
+ CINIT(MAX_TOTAL_CONNECTIONS, LONG, 13),
+
+ /* This is the server push callback function pointer */
+ CINIT(PUSHFUNCTION, FUNCTIONPOINT, 14),
+
+ /* This is the argument passed to the server push callback */
+ CINIT(PUSHDATA, OBJECTPOINT, 15),
+
+ CURLMOPT_LASTENTRY /* the last unused */
+} CURLMoption;
+
+
+/*
+ * Name: curl_multi_setopt()
+ *
+ * Desc: Sets options for the multi handle.
+ *
+ * Returns: CURLM error code.
+ */
+CURL_EXTERN CURLMcode curl_multi_setopt(CURLM *multi_handle,
+ CURLMoption option, ...);
+
+
+/*
+ * Name: curl_multi_assign()
+ *
+ * Desc: This function sets an association in the multi handle between the
+ * given socket and a private pointer of the application. This is
+ * (only) useful for curl_multi_socket uses.
+ *
+ * Returns: CURLM error code.
+ */
+CURL_EXTERN CURLMcode curl_multi_assign(CURLM *multi_handle,
+ curl_socket_t sockfd, void *sockp);
+
+
+/*
+ * Name: curl_push_callback
+ *
+ * Desc: This callback gets called when a new stream is being pushed by the
+ * server. It approves or denies the new stream.
+ *
+ * Returns: CURL_PUSH_OK or CURL_PUSH_DENY.
+ */
+#define CURL_PUSH_OK 0
+#define CURL_PUSH_DENY 1
+
+struct curl_pushheaders; /* forward declaration only */
+
+CURL_EXTERN char *curl_pushheader_bynum(struct curl_pushheaders *h,
+ size_t num);
+CURL_EXTERN char *curl_pushheader_byname(struct curl_pushheaders *h,
+ const char *name);
+
+typedef int (*curl_push_callback)(CURL *parent,
+ CURL *easy,
+ size_t num_headers,
+ struct curl_pushheaders *headers,
+ void *userp);
+
+#ifdef __cplusplus
+} /* end of extern "C" */
+#endif
+
+#endif
diff --git a/include/gnurl/stdcheaders.h b/include/gnurl/stdcheaders.h
new file mode 100644
index 000000000..027b6f421
--- /dev/null
+++ b/include/gnurl/stdcheaders.h
@@ -0,0 +1,33 @@
+#ifndef __STDC_HEADERS_H
+#define __STDC_HEADERS_H
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#include <sys/types.h>
+
+size_t fread(void *, size_t, size_t, FILE *);
+size_t fwrite(const void *, size_t, size_t, FILE *);
+
+int strcasecmp(const char *, const char *);
+int strncasecmp(const char *, const char *, size_t);
+
+#endif /* __STDC_HEADERS_H */
diff --git a/include/gnurl/system.h b/include/gnurl/system.h
new file mode 100644
index 000000000..95c72d998
--- /dev/null
+++ b/include/gnurl/system.h
@@ -0,0 +1,547 @@
+#ifndef __CURL_SYSTEM_H
+#define __CURL_SYSTEM_H
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/*
+ * Try to keep one section per platform, compiler and architecture, otherwise,
+ * if an existing section is reused for a different one and later on the
+ * original is adjusted, probably the piggybacking one can be adversely
+ * changed.
+ *
+ * In order to differentiate between platforms/compilers/architectures use
+ * only compiler built in predefined preprocessor symbols.
+ *
+ * curl_off_t
+ * ----------
+ *
+ * For any given platform/compiler curl_off_t must be typedef'ed to a 64-bit
+ * wide signed integral data type. The width of this data type must remain
+ * constant and independent of any possible large file support settings.
+ *
+ * As an exception to the above, curl_off_t shall be typedef'ed to a 32-bit
+ * wide signed integral data type if there is no 64-bit type.
+ *
+ * As a general rule, curl_off_t shall not be mapped to off_t. This rule shall
+ * only be violated if off_t is the only 64-bit data type available and the
+ * size of off_t is independent of large file support settings. Keep your
+ * build on the safe side avoiding an off_t gating. If you have a 64-bit
+ * off_t then take for sure that another 64-bit data type exists, dig deeper
+ * and you will find it.
+ *
+ */
+
+#if defined(__DJGPP__) || defined(__GO32__)
+# if defined(__DJGPP__) && (__DJGPP__ > 1)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# else
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__SALFORDC__)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__BORLANDC__)
+# if (__BORLANDC__ < 0x520)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# else
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T __int64
+# define CURL_FORMAT_CURL_OFF_T "I64d"
+# define CURL_FORMAT_CURL_OFF_TU "I64u"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T i64
+# define CURL_SUFFIX_CURL_OFF_TU ui64
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__TURBOC__)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__WATCOMC__)
+# if defined(__386__)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T __int64
+# define CURL_FORMAT_CURL_OFF_T "I64d"
+# define CURL_FORMAT_CURL_OFF_TU "I64u"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T i64
+# define CURL_SUFFIX_CURL_OFF_TU ui64
+# else
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__POCC__)
+# if (__POCC__ < 280)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# elif defined(_MSC_VER)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T __int64
+# define CURL_FORMAT_CURL_OFF_T "I64d"
+# define CURL_FORMAT_CURL_OFF_TU "I64u"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T i64
+# define CURL_SUFFIX_CURL_OFF_TU ui64
+# else
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__LCC__)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__SYMBIAN32__)
+# if defined(__EABI__) /* Treat all ARM compilers equally */
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# elif defined(__CW32__)
+# pragma longlong on
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# elif defined(__VC32__)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T __int64
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T unsigned int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__MWERKS__)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(_WIN32_WCE)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T __int64
+# define CURL_FORMAT_CURL_OFF_T "I64d"
+# define CURL_FORMAT_CURL_OFF_TU "I64u"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T i64
+# define CURL_SUFFIX_CURL_OFF_TU ui64
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__MINGW32__)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "I64d"
+# define CURL_FORMAT_CURL_OFF_TU "I64u"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+# define CURL_PULL_SYS_TYPES_H 1
+# define CURL_PULL_WS2TCPIP_H 1
+
+#elif defined(__VMS)
+# if defined(__VAX)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# else
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T unsigned int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__OS400__)
+# if defined(__ILEC400__)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+# define CURL_PULL_SYS_TYPES_H 1
+# define CURL_PULL_SYS_SOCKET_H 1
+# endif
+
+#elif defined(__MVS__)
+# if defined(__IBMC__) || defined(__IBMCPP__)
+# if defined(_ILP32)
+# define CURL_SIZEOF_LONG 4
+# elif defined(_LP64)
+# define CURL_SIZEOF_LONG 8
+# endif
+# if defined(_LONG_LONG)
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# elif defined(_LP64)
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# else
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+# define CURL_PULL_SYS_TYPES_H 1
+# define CURL_PULL_SYS_SOCKET_H 1
+# endif
+
+#elif defined(__370__)
+# if defined(__IBMC__) || defined(__IBMCPP__)
+# if defined(_ILP32)
+# define CURL_SIZEOF_LONG 4
+# elif defined(_LP64)
+# define CURL_SIZEOF_LONG 8
+# endif
+# if defined(_LONG_LONG)
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# elif defined(_LP64)
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# else
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+# define CURL_PULL_SYS_TYPES_H 1
+# define CURL_PULL_SYS_SOCKET_H 1
+# endif
+
+#elif defined(TPF)
+# define CURL_SIZEOF_LONG 8
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+#elif defined(__TINYC__) /* also known as tcc */
+
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
+# define CURL_PULL_SYS_TYPES_H 1
+# define CURL_PULL_SYS_SOCKET_H 1
+
+#elif defined(__SUNPRO_C) /* Oracle Solaris Studio */
+# if !defined(__LP64) && (defined(__ILP32) || \
+ defined(__i386) || defined(__sparcv8))
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# elif defined(__LP64) || \
+ defined(__amd64) || defined(__sparcv9)
+# define CURL_SIZEOF_LONG 8
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+# define CURL_PULL_SYS_TYPES_H 1
+# define CURL_PULL_SYS_SOCKET_H 1
+
+/* ===================================== */
+/* KEEP MSVC THE PENULTIMATE ENTRY */
+/* ===================================== */
+
+#elif defined(_MSC_VER)
+# if (_MSC_VER >= 900) && (_INTEGRAL_MAX_BITS >= 64)
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T __int64
+# define CURL_FORMAT_CURL_OFF_T "I64d"
+# define CURL_FORMAT_CURL_OFF_TU "I64u"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T i64
+# define CURL_SUFFIX_CURL_OFF_TU ui64
+# else
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+
+/* ===================================== */
+/* KEEP GENERIC GCC THE LAST ENTRY */
+/* ===================================== */
+
+#elif defined(__GNUC__)
+# if !defined(__LP64__) && (defined(__ILP32__) || \
+ defined(__i386__) || defined(__powerpc__) || defined(__arm__) || \
+ defined(__sparc__) || defined(__mips__) || defined(__sh__) || \
+ defined(__XTENSA__) || (defined(__SIZEOF_LONG__) && __SIZEOF_LONG__ ==
4))
+# define CURL_SIZEOF_LONG 4
+# define CURL_TYPEOF_CURL_OFF_T long long
+# define CURL_FORMAT_CURL_OFF_T "lld"
+# define CURL_FORMAT_CURL_OFF_TU "llu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T LL
+# define CURL_SUFFIX_CURL_OFF_TU ULL
+# elif defined(__LP64__) || \
+ defined(__x86_64__) || defined(__ppc64__) || defined(__sparc64__) || \
+ (defined(__SIZEOF_LONG__) && __SIZEOF_LONG__ == 8)
+# define CURL_SIZEOF_LONG 8
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SIZEOF_CURL_OFF_T 8
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# endif
+# define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+# define CURL_PULL_SYS_TYPES_H 1
+# define CURL_PULL_SYS_SOCKET_H 1
+
+#else
+/* generic "safe guess" on old 32 bit style */
+# define CURL_SIZEOF_LONG 4
+# define CURL_SIZEOF_CURL_SOCKLEN_T 4
+# define CURL_SIZEOF_CURL_OFF_T 4
+# define CURL_TYPEOF_CURL_OFF_T long
+# define CURL_FORMAT_CURL_OFF_T "ld"
+# define CURL_FORMAT_CURL_OFF_TU "lu"
+# define CURL_SUFFIX_CURL_OFF_T L
+# define CURL_SUFFIX_CURL_OFF_TU UL
+# define CURL_TYPEOF_CURL_SOCKLEN_T int
+#endif
+
+/* CURL_PULL_WS2TCPIP_H is defined above when inclusion of header file */
+/* ws2tcpip.h is required here to properly make type definitions below. */
+#ifdef CURL_PULL_WS2TCPIP_H
+# include <winsock2.h>
+# include <windows.h>
+# include <ws2tcpip.h>
+#endif
+
+/* CURL_PULL_SYS_TYPES_H is defined above when inclusion of header file */
+/* sys/types.h is required here to properly make type definitions below. */
+#ifdef CURL_PULL_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+
+/* CURL_PULL_SYS_SOCKET_H is defined above when inclusion of header file */
+/* sys/socket.h is required here to properly make type definitions below. */
+#ifdef CURL_PULL_SYS_SOCKET_H
+# include <sys/socket.h>
+#endif
+
+/* Data type definition of curl_socklen_t. */
+#ifdef CURL_TYPEOF_CURL_SOCKLEN_T
+ typedef CURL_TYPEOF_CURL_SOCKLEN_T curl_socklen_t;
+#endif
+
+/* Data type definition of curl_off_t. */
+
+#ifdef CURL_TYPEOF_CURL_OFF_T
+ typedef CURL_TYPEOF_CURL_OFF_T curl_off_t;
+#endif
+
+/*
+ * CURL_ISOCPP and CURL_OFF_T_C definitions are done here in order to allow
+ * these to be visible and exported by the external libcurl interface API,
+ * while also making them visible to the library internals, simply including
+ * curl_setup.h, without actually needing to include curl.h internally.
+ * If some day this section would grow big enough, all this should be moved
+ * to its own header file.
+ */
+
+/*
+ * Figure out if we can use the ## preprocessor operator, which is supported
+ * by ISO/ANSI C and C++. Some compilers support it without setting __STDC__
+ * or __cplusplus so we need to carefully check for them too.
+ */
+
+#if defined(__STDC__) || defined(_MSC_VER) || defined(__cplusplus) || \
+ defined(__HP_aCC) || defined(__BORLANDC__) || defined(__LCC__) || \
+ defined(__POCC__) || defined(__SALFORDC__) || defined(__HIGHC__) || \
+ defined(__ILEC400__)
+ /* This compiler is believed to have an ISO compatible preprocessor */
+#define CURL_ISOCPP
+#else
+ /* This compiler is believed NOT to have an ISO compatible preprocessor */
+#undef CURL_ISOCPP
+#endif
+
+/*
+ * Macros for minimum-width signed and unsigned curl_off_t integer constants.
+ */
+
+#if defined(__BORLANDC__) && (__BORLANDC__ == 0x0551)
+# define __CURL_OFF_T_C_HLPR2(x) x
+# define __CURL_OFF_T_C_HLPR1(x) __CURL_OFF_T_C_HLPR2(x)
+# define CURL_OFF_T_C(Val) __CURL_OFF_T_C_HLPR1(Val) ## \
+ __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_T)
+# define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val) ## \
+ __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_TU)
+#else
+# ifdef CURL_ISOCPP
+# define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val ## Suffix
+# else
+# define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val/**/Suffix
+# endif
+# define __CURL_OFF_T_C_HLPR1(Val,Suffix) __CURL_OFF_T_C_HLPR2(Val,Suffix)
+# define CURL_OFF_T_C(Val) __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_T)
+# define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_TU)
+#endif
+
+#endif /* __CURL_SYSTEM_H */
diff --git a/include/gnurl/typecheck-gcc.h b/include/gnurl/typecheck-gcc.h
new file mode 100644
index 000000000..74548241b
--- /dev/null
+++ b/include/gnurl/typecheck-gcc.h
@@ -0,0 +1,677 @@
+#ifndef __CURL_TYPECHECK_GCC_H
+#define __CURL_TYPECHECK_GCC_H
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/* wraps curl_easy_setopt() with typechecking */
+
+/* To add a new kind of warning, add an
+ * if(_curl_is_sometype_option(_curl_opt))
+ * if(!_curl_is_sometype(value))
+ * _curl_easy_setopt_err_sometype();
+ * block and define _curl_is_sometype_option, _curl_is_sometype and
+ * _curl_easy_setopt_err_sometype below
+ *
+ * NOTE: We use two nested 'if' statements here instead of the && operator, in
+ * order to work around gcc bug #32061. It affects only gcc 4.3.x/4.4.x
+ * when compiling with -Wlogical-op.
+ *
+ * To add an option that uses the same type as an existing option, you'll just
+ * need to extend the appropriate _curl_*_option macro
+ */
+#define curl_easy_setopt(handle, option, value) \
+__extension__ ({ \
+ __typeof__(option) _curl_opt = option; \
+ if(__builtin_constant_p(_curl_opt)) { \
+ if(_curl_is_long_option(_curl_opt)) \
+ if(!_curl_is_long(value)) \
+ _curl_easy_setopt_err_long(); \
+ if(_curl_is_off_t_option(_curl_opt)) \
+ if(!_curl_is_off_t(value)) \
+ _curl_easy_setopt_err_curl_off_t(); \
+ if(_curl_is_string_option(_curl_opt)) \
+ if(!_curl_is_string(value)) \
+ _curl_easy_setopt_err_string(); \
+ if(_curl_is_write_cb_option(_curl_opt)) \
+ if(!_curl_is_write_cb(value)) \
+ _curl_easy_setopt_err_write_callback(); \
+ if((_curl_opt) == CURLOPT_READFUNCTION) \
+ if(!_curl_is_read_cb(value)) \
+ _curl_easy_setopt_err_read_cb(); \
+ if((_curl_opt) == CURLOPT_IOCTLFUNCTION) \
+ if(!_curl_is_ioctl_cb(value)) \
+ _curl_easy_setopt_err_ioctl_cb(); \
+ if((_curl_opt) == CURLOPT_SOCKOPTFUNCTION) \
+ if(!_curl_is_sockopt_cb(value)) \
+ _curl_easy_setopt_err_sockopt_cb(); \
+ if((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION) \
+ if(!_curl_is_opensocket_cb(value)) \
+ _curl_easy_setopt_err_opensocket_cb(); \
+ if((_curl_opt) == CURLOPT_PROGRESSFUNCTION) \
+ if(!_curl_is_progress_cb(value)) \
+ _curl_easy_setopt_err_progress_cb(); \
+ if((_curl_opt) == CURLOPT_DEBUGFUNCTION) \
+ if(!_curl_is_debug_cb(value)) \
+ _curl_easy_setopt_err_debug_cb(); \
+ if((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION) \
+ if(!_curl_is_ssl_ctx_cb(value)) \
+ _curl_easy_setopt_err_ssl_ctx_cb(); \
+ if(_curl_is_conv_cb_option(_curl_opt)) \
+ if(!_curl_is_conv_cb(value)) \
+ _curl_easy_setopt_err_conv_cb(); \
+ if((_curl_opt) == CURLOPT_SEEKFUNCTION) \
+ if(!_curl_is_seek_cb(value)) \
+ _curl_easy_setopt_err_seek_cb(); \
+ if(_curl_is_cb_data_option(_curl_opt)) \
+ if(!_curl_is_cb_data(value)) \
+ _curl_easy_setopt_err_cb_data(); \
+ if((_curl_opt) == CURLOPT_ERRORBUFFER) \
+ if(!_curl_is_error_buffer(value)) \
+ _curl_easy_setopt_err_error_buffer(); \
+ if((_curl_opt) == CURLOPT_STDERR) \
+ if(!_curl_is_FILE(value)) \
+ _curl_easy_setopt_err_FILE(); \
+ if(_curl_is_postfields_option(_curl_opt)) \
+ if(!_curl_is_postfields(value)) \
+ _curl_easy_setopt_err_postfields(); \
+ if((_curl_opt) == CURLOPT_HTTPPOST) \
+ if(!_curl_is_arr((value), struct curl_httppost)) \
+ _curl_easy_setopt_err_curl_httpost(); \
+ if(_curl_is_slist_option(_curl_opt)) \
+ if(!_curl_is_arr((value), struct curl_slist)) \
+ _curl_easy_setopt_err_curl_slist(); \
+ if((_curl_opt) == CURLOPT_SHARE) \
+ if(!_curl_is_ptr((value), CURLSH)) \
+ _curl_easy_setopt_err_CURLSH(); \
+ } \
+ curl_easy_setopt(handle, _curl_opt, value); \
+})
+
+/* wraps curl_easy_getinfo() with typechecking */
+/* FIXME: don't allow const pointers */
+#define curl_easy_getinfo(handle, info, arg) \
+__extension__ ({ \
+ __typeof__(info) _curl_info = info; \
+ if(__builtin_constant_p(_curl_info)) { \
+ if(_curl_is_string_info(_curl_info)) \
+ if(!_curl_is_arr((arg), char *)) \
+ _curl_easy_getinfo_err_string(); \
+ if(_curl_is_long_info(_curl_info)) \
+ if(!_curl_is_arr((arg), long)) \
+ _curl_easy_getinfo_err_long(); \
+ if(_curl_is_double_info(_curl_info)) \
+ if(!_curl_is_arr((arg), double)) \
+ _curl_easy_getinfo_err_double(); \
+ if(_curl_is_slist_info(_curl_info)) \
+ if(!_curl_is_arr((arg), struct curl_slist *)) \
+ _curl_easy_getinfo_err_curl_slist(); \
+ if(_curl_is_tlssessioninfo_info(_curl_info)) \
+ if(!_curl_is_arr((arg), struct curl_tlssessioninfo *)) \
+ _curl_easy_getinfo_err_curl_tlssesssioninfo(); \
+ if(_curl_is_certinfo_info(_curl_info)) \
+ if(!_curl_is_arr((arg), struct curl_certinfo *)) \
+ _curl_easy_getinfo_err_curl_certinfo(); \
+ if(_curl_is_socket_info(_curl_info)) \
+ if(!_curl_is_arr((arg), curl_socket_t)) \
+ _curl_easy_getinfo_err_curl_socket(); \
+ if(_curl_is_off_t_info(_curl_info)) \
+ if(!_curl_is_arr((arg), curl_off_t)) \
+ _curl_easy_getinfo_err_curl_off_t(); \
+ } \
+ curl_easy_getinfo(handle, _curl_info, arg); \
+})
+
+/* TODO: typechecking for curl_share_setopt() and curl_multi_setopt(),
+ * for now just make sure that the functions are called with three
+ * arguments
+ */
+#define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
+#define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
+
+
+/* the actual warnings, triggered by calling the _curl_easy_setopt_err*
+ * functions */
+
+/* To define a new warning, use _CURL_WARNING(identifier, "message") */
+#define _CURL_WARNING(id, message) \
+ static void __attribute__((__warning__(message))) \
+ __attribute__((__unused__)) __attribute__((__noinline__)) \
+ id(void) { __asm__(""); }
+
+_CURL_WARNING(_curl_easy_setopt_err_long,
+ "curl_easy_setopt expects a long argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_curl_off_t,
+ "curl_easy_setopt expects a curl_off_t argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_string,
+ "curl_easy_setopt expects a "
+ "string ('char *' or char[]) argument for this option"
+ )
+_CURL_WARNING(_curl_easy_setopt_err_write_callback,
+ "curl_easy_setopt expects a curl_write_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_read_cb,
+ "curl_easy_setopt expects a curl_read_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_ioctl_cb,
+ "curl_easy_setopt expects a curl_ioctl_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_sockopt_cb,
+ "curl_easy_setopt expects a curl_sockopt_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_opensocket_cb,
+ "curl_easy_setopt expects a "
+ "curl_opensocket_callback argument for this option"
+ )
+_CURL_WARNING(_curl_easy_setopt_err_progress_cb,
+ "curl_easy_setopt expects a curl_progress_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_debug_cb,
+ "curl_easy_setopt expects a curl_debug_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_ssl_ctx_cb,
+ "curl_easy_setopt expects a curl_ssl_ctx_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_conv_cb,
+ "curl_easy_setopt expects a curl_conv_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_seek_cb,
+ "curl_easy_setopt expects a curl_seek_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_cb_data,
+ "curl_easy_setopt expects a "
+ "private data pointer as argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_error_buffer,
+ "curl_easy_setopt expects a "
+ "char buffer of CURL_ERROR_SIZE as argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_FILE,
+ "curl_easy_setopt expects a 'FILE *' argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_postfields,
+ "curl_easy_setopt expects a 'void *' or 'char *' argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_curl_httpost,
+ "curl_easy_setopt expects a 'struct curl_httppost *' "
+ "argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_curl_slist,
+ "curl_easy_setopt expects a 'struct curl_slist *' argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_CURLSH,
+ "curl_easy_setopt expects a CURLSH* argument for this option")
+
+_CURL_WARNING(_curl_easy_getinfo_err_string,
+ "curl_easy_getinfo expects a pointer to 'char *' for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_long,
+ "curl_easy_getinfo expects a pointer to long for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_double,
+ "curl_easy_getinfo expects a pointer to double for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
+ "curl_easy_getinfo expects a pointer to 'struct curl_slist *' for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_curl_tlssesssioninfo,
+ "curl_easy_getinfo expects a pointer to "
+ "'struct curl_tlssessioninfo *' for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_curl_certinfo,
+ "curl_easy_getinfo expects a pointer to "
+ "'struct curl_certinfo *' for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_curl_socket,
+ "curl_easy_getinfo expects a pointer to curl_socket_t for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_curl_off_t,
+ "curl_easy_getinfo expects a pointer to curl_off_t for this info")
+
+/* groups of curl_easy_setops options that take the same type of argument */
+
+/* To add a new option to one of the groups, just add
+ * (option) == CURLOPT_SOMETHING
+ * to the or-expression. If the option takes a long or curl_off_t, you don't
+ * have to do anything
+ */
+
+/* evaluates to true if option takes a long argument */
+#define _curl_is_long_option(option) \
+ (0 < (option) && (option) < CURLOPTTYPE_OBJECTPOINT)
+
+#define _curl_is_off_t_option(option) \
+ ((option) > CURLOPTTYPE_OFF_T)
+
+/* evaluates to true if option takes a char* argument */
+#define _curl_is_string_option(option) \
+ ((option) == CURLOPT_ABSTRACT_UNIX_SOCKET || \
+ (option) == CURLOPT_ACCEPT_ENCODING || \
+ (option) == CURLOPT_CAINFO || \
+ (option) == CURLOPT_CAPATH || \
+ (option) == CURLOPT_COOKIE || \
+ (option) == CURLOPT_COOKIEFILE || \
+ (option) == CURLOPT_COOKIEJAR || \
+ (option) == CURLOPT_COOKIELIST || \
+ (option) == CURLOPT_CRLFILE || \
+ (option) == CURLOPT_CUSTOMREQUEST || \
+ (option) == CURLOPT_DEFAULT_PROTOCOL || \
+ (option) == CURLOPT_DNS_INTERFACE || \
+ (option) == CURLOPT_DNS_LOCAL_IP4 || \
+ (option) == CURLOPT_DNS_LOCAL_IP6 || \
+ (option) == CURLOPT_DNS_SERVERS || \
+ (option) == CURLOPT_EGDSOCKET || \
+ (option) == CURLOPT_FTPPORT || \
+ (option) == CURLOPT_FTP_ACCOUNT || \
+ (option) == CURLOPT_FTP_ALTERNATIVE_TO_USER || \
+ (option) == CURLOPT_INTERFACE || \
+ (option) == CURLOPT_ISSUERCERT || \
+ (option) == CURLOPT_KEYPASSWD || \
+ (option) == CURLOPT_KRBLEVEL || \
+ (option) == CURLOPT_LOGIN_OPTIONS || \
+ (option) == CURLOPT_MAIL_AUTH || \
+ (option) == CURLOPT_MAIL_FROM || \
+ (option) == CURLOPT_NETRC_FILE || \
+ (option) == CURLOPT_NOPROXY || \
+ (option) == CURLOPT_PASSWORD || \
+ (option) == CURLOPT_PINNEDPUBLICKEY || \
+ (option) == CURLOPT_PRE_PROXY || \
+ (option) == CURLOPT_PROXY || \
+ (option) == CURLOPT_PROXYPASSWORD || \
+ (option) == CURLOPT_PROXYUSERNAME || \
+ (option) == CURLOPT_PROXYUSERPWD || \
+ (option) == CURLOPT_PROXY_CAINFO || \
+ (option) == CURLOPT_PROXY_CAPATH || \
+ (option) == CURLOPT_PROXY_CRLFILE || \
+ (option) == CURLOPT_PROXY_KEYPASSWD || \
+ (option) == CURLOPT_PROXY_PINNEDPUBLICKEY || \
+ (option) == CURLOPT_PROXY_SERVICE_NAME || \
+ (option) == CURLOPT_PROXY_SSLCERT || \
+ (option) == CURLOPT_PROXY_SSLCERTTYPE || \
+ (option) == CURLOPT_PROXY_SSLKEY || \
+ (option) == CURLOPT_PROXY_SSLKEYTYPE || \
+ (option) == CURLOPT_PROXY_SSL_CIPHER_LIST || \
+ (option) == CURLOPT_PROXY_TLSAUTH_PASSWORD || \
+ (option) == CURLOPT_PROXY_TLSAUTH_USERNAME || \
+ (option) == CURLOPT_PROXY_TLSAUTH_TYPE || \
+ (option) == CURLOPT_RANDOM_FILE || \
+ (option) == CURLOPT_RANGE || \
+ (option) == CURLOPT_REFERER || \
+ (option) == CURLOPT_RTSP_SESSION_ID || \
+ (option) == CURLOPT_RTSP_STREAM_URI || \
+ (option) == CURLOPT_RTSP_TRANSPORT || \
+ (option) == CURLOPT_SERVICE_NAME || \
+ (option) == CURLOPT_SOCKS5_GSSAPI_SERVICE || \
+ (option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 || \
+ (option) == CURLOPT_SSH_KNOWNHOSTS || \
+ (option) == CURLOPT_SSH_PRIVATE_KEYFILE || \
+ (option) == CURLOPT_SSH_PUBLIC_KEYFILE || \
+ (option) == CURLOPT_SSLCERT || \
+ (option) == CURLOPT_SSLCERTTYPE || \
+ (option) == CURLOPT_SSLENGINE || \
+ (option) == CURLOPT_SSLKEY || \
+ (option) == CURLOPT_SSLKEYTYPE || \
+ (option) == CURLOPT_SSL_CIPHER_LIST || \
+ (option) == CURLOPT_TLSAUTH_PASSWORD || \
+ (option) == CURLOPT_TLSAUTH_TYPE || \
+ (option) == CURLOPT_TLSAUTH_USERNAME || \
+ (option) == CURLOPT_UNIX_SOCKET_PATH || \
+ (option) == CURLOPT_URL || \
+ (option) == CURLOPT_USERAGENT || \
+ (option) == CURLOPT_USERNAME || \
+ (option) == CURLOPT_USERPWD || \
+ (option) == CURLOPT_XOAUTH2_BEARER || \
+ 0)
+
+/* evaluates to true if option takes a curl_write_callback argument */
+#define _curl_is_write_cb_option(option) \
+ ((option) == CURLOPT_HEADERFUNCTION || \
+ (option) == CURLOPT_WRITEFUNCTION)
+
+/* evaluates to true if option takes a curl_conv_callback argument */
+#define _curl_is_conv_cb_option(option) \
+ ((option) == CURLOPT_CONV_TO_NETWORK_FUNCTION || \
+ (option) == CURLOPT_CONV_FROM_NETWORK_FUNCTION || \
+ (option) == CURLOPT_CONV_FROM_UTF8_FUNCTION)
+
+/* evaluates to true if option takes a data argument to pass to a callback */
+#define _curl_is_cb_data_option(option) \
+ ((option) == CURLOPT_CHUNK_DATA || \
+ (option) == CURLOPT_CLOSESOCKETDATA || \
+ (option) == CURLOPT_DEBUGDATA || \
+ (option) == CURLOPT_FNMATCH_DATA || \
+ (option) == CURLOPT_HEADERDATA || \
+ (option) == CURLOPT_INTERLEAVEDATA || \
+ (option) == CURLOPT_IOCTLDATA || \
+ (option) == CURLOPT_OPENSOCKETDATA || \
+ (option) == CURLOPT_PRIVATE || \
+ (option) == CURLOPT_PROGRESSDATA || \
+ (option) == CURLOPT_READDATA || \
+ (option) == CURLOPT_SEEKDATA || \
+ (option) == CURLOPT_SOCKOPTDATA || \
+ (option) == CURLOPT_SSH_KEYDATA || \
+ (option) == CURLOPT_SSL_CTX_DATA || \
+ (option) == CURLOPT_WRITEDATA || \
+ 0)
+
+/* evaluates to true if option takes a POST data argument (void* or char*) */
+#define _curl_is_postfields_option(option) \
+ ((option) == CURLOPT_POSTFIELDS || \
+ (option) == CURLOPT_COPYPOSTFIELDS || \
+ 0)
+
+/* evaluates to true if option takes a struct curl_slist * argument */
+#define _curl_is_slist_option(option) \
+ ((option) == CURLOPT_HTTP200ALIASES || \
+ (option) == CURLOPT_HTTPHEADER || \
+ (option) == CURLOPT_MAIL_RCPT || \
+ (option) == CURLOPT_POSTQUOTE || \
+ (option) == CURLOPT_PREQUOTE || \
+ (option) == CURLOPT_PROXYHEADER || \
+ (option) == CURLOPT_QUOTE || \
+ (option) == CURLOPT_RESOLVE || \
+ (option) == CURLOPT_TELNETOPTIONS || \
+ 0)
+
+/* groups of curl_easy_getinfo infos that take the same type of argument */
+
+/* evaluates to true if info expects a pointer to char * argument */
+#define _curl_is_string_info(info) \
+ (CURLINFO_STRING < (info) && (info) < CURLINFO_LONG)
+
+/* evaluates to true if info expects a pointer to long argument */
+#define _curl_is_long_info(info) \
+ (CURLINFO_LONG < (info) && (info) < CURLINFO_DOUBLE)
+
+/* evaluates to true if info expects a pointer to double argument */
+#define _curl_is_double_info(info) \
+ (CURLINFO_DOUBLE < (info) && (info) < CURLINFO_SLIST)
+
+/* true if info expects a pointer to struct curl_slist * argument */
+#define _curl_is_slist_info(info) \
+ (((info) == CURLINFO_SSL_ENGINES) || ((info) == CURLINFO_COOKIELIST))
+
+/* true if info expects a pointer to struct curl_tlssessioninfo * argument */
+#define _curl_is_tlssessioninfo_info(info) \
+ (((info) == CURLINFO_TLS_SSL_PTR) || ((info) == CURLINFO_TLS_SESSION))
+
+/* true if info expects a pointer to struct curl_certinfo * argument */
+#define _curl_is_certinfo_info(info) ((info) == CURLINFO_CERTINFO)
+
+/* true if info expects a pointer to struct curl_socket_t argument */
+#define _curl_is_socket_info(info) \
+ (CURLINFO_SOCKET < (info) && (info) < CURLINFO_OFF_T)
+
+/* true if info expects a pointer to curl_off_t argument */
+#define _curl_is_off_t_info(info) \
+ (CURLINFO_OFF_T < (info))
+
+
+/* typecheck helpers -- check whether given expression has requested type*/
+
+/* For pointers, you can use the _curl_is_ptr/_curl_is_arr macros,
+ * otherwise define a new macro. Search for __builtin_types_compatible_p
+ * in the GCC manual.
+ * NOTE: these macros MUST NOT EVALUATE their arguments! The argument is
+ * the actual expression passed to the curl_easy_setopt macro. This
+ * means that you can only apply the sizeof and __typeof__ operators, no
+ * == or whatsoever.
+ */
+
+/* XXX: should evaluate to true iff expr is a pointer */
+#define _curl_is_any_ptr(expr) \
+ (sizeof(expr) == sizeof(void *))
+
+/* evaluates to true if expr is NULL */
+/* XXX: must not evaluate expr, so this check is not accurate */
+#define _curl_is_NULL(expr) \
+ (__builtin_types_compatible_p(__typeof__(expr), __typeof__(NULL)))
+
+/* evaluates to true if expr is type*, const type* or NULL */
+#define _curl_is_ptr(expr, type) \
+ (_curl_is_NULL(expr) || \
+ __builtin_types_compatible_p(__typeof__(expr), type *) || \
+ __builtin_types_compatible_p(__typeof__(expr), const type *))
+
+/* evaluates to true if expr is one of type[], type*, NULL or const type* */
+#define _curl_is_arr(expr, type) \
+ (_curl_is_ptr((expr), type) || \
+ __builtin_types_compatible_p(__typeof__(expr), type []))
+
+/* evaluates to true if expr is a string */
+#define _curl_is_string(expr) \
+ (_curl_is_arr((expr), char) || \
+ _curl_is_arr((expr), signed char) || \
+ _curl_is_arr((expr), unsigned char))
+
+/* evaluates to true if expr is a long (no matter the signedness)
+ * XXX: for now, int is also accepted (and therefore short and char, which
+ * are promoted to int when passed to a variadic function) */
+#define _curl_is_long(expr) \
+ (__builtin_types_compatible_p(__typeof__(expr), long) || \
+ __builtin_types_compatible_p(__typeof__(expr), signed long) || \
+ __builtin_types_compatible_p(__typeof__(expr), unsigned long) || \
+ __builtin_types_compatible_p(__typeof__(expr), int) || \
+ __builtin_types_compatible_p(__typeof__(expr), signed int) || \
+ __builtin_types_compatible_p(__typeof__(expr), unsigned int) || \
+ __builtin_types_compatible_p(__typeof__(expr), short) || \
+ __builtin_types_compatible_p(__typeof__(expr), signed short) || \
+ __builtin_types_compatible_p(__typeof__(expr), unsigned short) || \
+ __builtin_types_compatible_p(__typeof__(expr), char) || \
+ __builtin_types_compatible_p(__typeof__(expr), signed char) || \
+ __builtin_types_compatible_p(__typeof__(expr), unsigned char))
+
+/* evaluates to true if expr is of type curl_off_t */
+#define _curl_is_off_t(expr) \
+ (__builtin_types_compatible_p(__typeof__(expr), curl_off_t))
+
+/* evaluates to true if expr is abuffer suitable for CURLOPT_ERRORBUFFER */
+/* XXX: also check size of an char[] array? */
+#define _curl_is_error_buffer(expr) \
+ (_curl_is_NULL(expr) || \
+ __builtin_types_compatible_p(__typeof__(expr), char *) || \
+ __builtin_types_compatible_p(__typeof__(expr), char[]))
+
+/* evaluates to true if expr is of type (const) void* or (const) FILE* */
+#if 0
+#define _curl_is_cb_data(expr) \
+ (_curl_is_ptr((expr), void) || \
+ _curl_is_ptr((expr), FILE))
+#else /* be less strict */
+#define _curl_is_cb_data(expr) \
+ _curl_is_any_ptr(expr)
+#endif
+
+/* evaluates to true if expr is of type FILE* */
+#define _curl_is_FILE(expr) \
+ (_curl_is_NULL(expr) || \
+ (__builtin_types_compatible_p(__typeof__(expr), FILE *)))
+
+/* evaluates to true if expr can be passed as POST data (void* or char*) */
+#define _curl_is_postfields(expr) \
+ (_curl_is_ptr((expr), void) || \
+ _curl_is_arr((expr), char))
+
+/* FIXME: the whole callback checking is messy...
+ * The idea is to tolerate char vs. void and const vs. not const
+ * pointers in arguments at least
+ */
+/* helper: __builtin_types_compatible_p distinguishes between functions and
+ * function pointers, hide it */
+#define _curl_callback_compatible(func, type) \
+ (__builtin_types_compatible_p(__typeof__(func), type) || \
+ __builtin_types_compatible_p(__typeof__(func) *, type))
+
+/* evaluates to true if expr is of type curl_read_callback or "similar" */
+#define _curl_is_read_cb(expr) \
+ (_curl_is_NULL(expr) || \
+ _curl_callback_compatible((expr), __typeof__(fread) *) || \
+ _curl_callback_compatible((expr), curl_read_callback) || \
+ _curl_callback_compatible((expr), _curl_read_callback1) || \
+ _curl_callback_compatible((expr), _curl_read_callback2) || \
+ _curl_callback_compatible((expr), _curl_read_callback3) || \
+ _curl_callback_compatible((expr), _curl_read_callback4) || \
+ _curl_callback_compatible((expr), _curl_read_callback5) || \
+ _curl_callback_compatible((expr), _curl_read_callback6))
+typedef size_t (*_curl_read_callback1)(char *, size_t, size_t, void *);
+typedef size_t (*_curl_read_callback2)(char *, size_t, size_t, const void *);
+typedef size_t (*_curl_read_callback3)(char *, size_t, size_t, FILE *);
+typedef size_t (*_curl_read_callback4)(void *, size_t, size_t, void *);
+typedef size_t (*_curl_read_callback5)(void *, size_t, size_t, const void *);
+typedef size_t (*_curl_read_callback6)(void *, size_t, size_t, FILE *);
+
+/* evaluates to true if expr is of type curl_write_callback or "similar" */
+#define _curl_is_write_cb(expr) \
+ (_curl_is_read_cb(expr) || \
+ _curl_callback_compatible((expr), __typeof__(fwrite) *) || \
+ _curl_callback_compatible((expr), curl_write_callback) || \
+ _curl_callback_compatible((expr), _curl_write_callback1) || \
+ _curl_callback_compatible((expr), _curl_write_callback2) || \
+ _curl_callback_compatible((expr), _curl_write_callback3) || \
+ _curl_callback_compatible((expr), _curl_write_callback4) || \
+ _curl_callback_compatible((expr), _curl_write_callback5) || \
+ _curl_callback_compatible((expr), _curl_write_callback6))
+typedef size_t (*_curl_write_callback1)(const char *, size_t, size_t, void *);
+typedef size_t (*_curl_write_callback2)(const char *, size_t, size_t,
+ const void *);
+typedef size_t (*_curl_write_callback3)(const char *, size_t, size_t, FILE *);
+typedef size_t (*_curl_write_callback4)(const void *, size_t, size_t, void *);
+typedef size_t (*_curl_write_callback5)(const void *, size_t, size_t,
+ const void *);
+typedef size_t (*_curl_write_callback6)(const void *, size_t, size_t, FILE *);
+
+/* evaluates to true if expr is of type curl_ioctl_callback or "similar" */
+#define _curl_is_ioctl_cb(expr) \
+ (_curl_is_NULL(expr) || \
+ _curl_callback_compatible((expr), curl_ioctl_callback) || \
+ _curl_callback_compatible((expr), _curl_ioctl_callback1) || \
+ _curl_callback_compatible((expr), _curl_ioctl_callback2) || \
+ _curl_callback_compatible((expr), _curl_ioctl_callback3) || \
+ _curl_callback_compatible((expr), _curl_ioctl_callback4))
+typedef curlioerr (*_curl_ioctl_callback1)(CURL *, int, void *);
+typedef curlioerr (*_curl_ioctl_callback2)(CURL *, int, const void *);
+typedef curlioerr (*_curl_ioctl_callback3)(CURL *, curliocmd, void *);
+typedef curlioerr (*_curl_ioctl_callback4)(CURL *, curliocmd, const void *);
+
+/* evaluates to true if expr is of type curl_sockopt_callback or "similar" */
+#define _curl_is_sockopt_cb(expr) \
+ (_curl_is_NULL(expr) || \
+ _curl_callback_compatible((expr), curl_sockopt_callback) || \
+ _curl_callback_compatible((expr), _curl_sockopt_callback1) || \
+ _curl_callback_compatible((expr), _curl_sockopt_callback2))
+typedef int (*_curl_sockopt_callback1)(void *, curl_socket_t, curlsocktype);
+typedef int (*_curl_sockopt_callback2)(const void *, curl_socket_t,
+ curlsocktype);
+
+/* evaluates to true if expr is of type curl_opensocket_callback or
+ "similar" */
+#define _curl_is_opensocket_cb(expr) \
+ (_curl_is_NULL(expr) || \
+ _curl_callback_compatible((expr), curl_opensocket_callback) || \
+ _curl_callback_compatible((expr), _curl_opensocket_callback1) || \
+ _curl_callback_compatible((expr), _curl_opensocket_callback2) || \
+ _curl_callback_compatible((expr), _curl_opensocket_callback3) || \
+ _curl_callback_compatible((expr), _curl_opensocket_callback4))
+typedef curl_socket_t (*_curl_opensocket_callback1)
+ (void *, curlsocktype, struct curl_sockaddr *);
+typedef curl_socket_t (*_curl_opensocket_callback2)
+ (void *, curlsocktype, const struct curl_sockaddr *);
+typedef curl_socket_t (*_curl_opensocket_callback3)
+ (const void *, curlsocktype, struct curl_sockaddr *);
+typedef curl_socket_t (*_curl_opensocket_callback4)
+ (const void *, curlsocktype, const struct curl_sockaddr *);
+
+/* evaluates to true if expr is of type curl_progress_callback or "similar" */
+#define _curl_is_progress_cb(expr) \
+ (_curl_is_NULL(expr) || \
+ _curl_callback_compatible((expr), curl_progress_callback) || \
+ _curl_callback_compatible((expr), _curl_progress_callback1) || \
+ _curl_callback_compatible((expr), _curl_progress_callback2))
+typedef int (*_curl_progress_callback1)(void *,
+ double, double, double, double);
+typedef int (*_curl_progress_callback2)(const void *,
+ double, double, double, double);
+
+/* evaluates to true if expr is of type curl_debug_callback or "similar" */
+#define _curl_is_debug_cb(expr) \
+ (_curl_is_NULL(expr) || \
+ _curl_callback_compatible((expr), curl_debug_callback) || \
+ _curl_callback_compatible((expr), _curl_debug_callback1) || \
+ _curl_callback_compatible((expr), _curl_debug_callback2) || \
+ _curl_callback_compatible((expr), _curl_debug_callback3) || \
+ _curl_callback_compatible((expr), _curl_debug_callback4) || \
+ _curl_callback_compatible((expr), _curl_debug_callback5) || \
+ _curl_callback_compatible((expr), _curl_debug_callback6) || \
+ _curl_callback_compatible((expr), _curl_debug_callback7) || \
+ _curl_callback_compatible((expr), _curl_debug_callback8))
+typedef int (*_curl_debug_callback1) (CURL *,
+ curl_infotype, char *, size_t, void *);
+typedef int (*_curl_debug_callback2) (CURL *,
+ curl_infotype, char *, size_t, const void *);
+typedef int (*_curl_debug_callback3) (CURL *,
+ curl_infotype, const char *, size_t, void *);
+typedef int (*_curl_debug_callback4) (CURL *,
+ curl_infotype, const char *, size_t, const void *);
+typedef int (*_curl_debug_callback5) (CURL *,
+ curl_infotype, unsigned char *, size_t, void *);
+typedef int (*_curl_debug_callback6) (CURL *,
+ curl_infotype, unsigned char *, size_t, const void *);
+typedef int (*_curl_debug_callback7) (CURL *,
+ curl_infotype, const unsigned char *, size_t, void *);
+typedef int (*_curl_debug_callback8) (CURL *,
+ curl_infotype, const unsigned char *, size_t, const void *);
+
+/* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */
+/* this is getting even messier... */
+#define _curl_is_ssl_ctx_cb(expr) \
+ (_curl_is_NULL(expr) || \
+ _curl_callback_compatible((expr), curl_ssl_ctx_callback) || \
+ _curl_callback_compatible((expr), _curl_ssl_ctx_callback1) || \
+ _curl_callback_compatible((expr), _curl_ssl_ctx_callback2) || \
+ _curl_callback_compatible((expr), _curl_ssl_ctx_callback3) || \
+ _curl_callback_compatible((expr), _curl_ssl_ctx_callback4) || \
+ _curl_callback_compatible((expr), _curl_ssl_ctx_callback5) || \
+ _curl_callback_compatible((expr), _curl_ssl_ctx_callback6) || \
+ _curl_callback_compatible((expr), _curl_ssl_ctx_callback7) || \
+ _curl_callback_compatible((expr), _curl_ssl_ctx_callback8))
+typedef CURLcode (*_curl_ssl_ctx_callback1)(CURL *, void *, void *);
+typedef CURLcode (*_curl_ssl_ctx_callback2)(CURL *, void *, const void *);
+typedef CURLcode (*_curl_ssl_ctx_callback3)(CURL *, const void *, void *);
+typedef CURLcode (*_curl_ssl_ctx_callback4)(CURL *, const void *,
+ const void *);
+#ifdef HEADER_SSL_H
+/* hack: if we included OpenSSL's ssl.h, we know about SSL_CTX
+ * this will of course break if we're included before OpenSSL headers...
+ */
+typedef CURLcode (*_curl_ssl_ctx_callback5)(CURL *, SSL_CTX, void *);
+typedef CURLcode (*_curl_ssl_ctx_callback6)(CURL *, SSL_CTX, const void *);
+typedef CURLcode (*_curl_ssl_ctx_callback7)(CURL *, const SSL_CTX, void *);
+typedef CURLcode (*_curl_ssl_ctx_callback8)(CURL *, const SSL_CTX,
+ const void *);
+#else
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback5;
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback6;
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback7;
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback8;
+#endif
+
+/* evaluates to true if expr is of type curl_conv_callback or "similar" */
+#define _curl_is_conv_cb(expr) \
+ (_curl_is_NULL(expr) || \
+ _curl_callback_compatible((expr), curl_conv_callback) || \
+ _curl_callback_compatible((expr), _curl_conv_callback1) || \
+ _curl_callback_compatible((expr), _curl_conv_callback2) || \
+ _curl_callback_compatible((expr), _curl_conv_callback3) || \
+ _curl_callback_compatible((expr), _curl_conv_callback4))
+typedef CURLcode (*_curl_conv_callback1)(char *, size_t length);
+typedef CURLcode (*_curl_conv_callback2)(const char *, size_t length);
+typedef CURLcode (*_curl_conv_callback3)(void *, size_t length);
+typedef CURLcode (*_curl_conv_callback4)(const void *, size_t length);
+
+/* evaluates to true if expr is of type curl_seek_callback or "similar" */
+#define _curl_is_seek_cb(expr) \
+ (_curl_is_NULL(expr) || \
+ _curl_callback_compatible((expr), curl_seek_callback) || \
+ _curl_callback_compatible((expr), _curl_seek_callback1) || \
+ _curl_callback_compatible((expr), _curl_seek_callback2))
+typedef CURLcode (*_curl_seek_callback1)(void *, curl_off_t, int);
+typedef CURLcode (*_curl_seek_callback2)(const void *, curl_off_t, int);
+
+
+#endif /* __CURL_TYPECHECK_GCC_H */
diff --git a/lib/.gitattributes b/lib/.gitattributes
new file mode 100644
index 000000000..563eba7fd
--- /dev/null
+++ b/lib/.gitattributes
@@ -0,0 +1 @@
+objnames.inc eol=lf
diff --git a/lib/.gitignore b/lib/.gitignore
index b23f265d7..719fc977f 100644
--- a/lib/.gitignore
+++ b/lib/.gitignore
@@ -4,7 +4,6 @@
*.orig
*.rej
*.res
-Makefile.vc*.dist
TAGS
curl_config.h
curl_config.h.in
diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt
index eb2de6d87..d6c996189 100644
--- a/lib/CMakeLists.txt
+++ b/lib/CMakeLists.txt
@@ -1,7 +1,5 @@
set(LIB_NAME libcurl)
-configure_file(${CURL_SOURCE_DIR}/include/curl/curlbuild.h.cmake
- ${CURL_BINARY_DIR}/include/curl/curlbuild.h)
configure_file(curl_config.h.cmake
${CMAKE_CURRENT_BINARY_DIR}/curl_config.h)
@@ -10,11 +8,11 @@ include(${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake)
list(APPEND HHEADERS
${CMAKE_CURRENT_BINARY_DIR}/curl_config.h
- ${CURL_BINARY_DIR}/include/curl/curlbuild.h
)
if(MSVC)
list(APPEND CSOURCES libcurl.rc)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /wd4127")
endif()
# SET(CSOURCES
@@ -100,6 +98,13 @@ if(WIN32)
if(NOT CURL_STATICLIB)
# Add "_imp" as a suffix before the extension to avoid conflicting with
the statically linked "libcurl.lib"
set_target_properties(${LIB_NAME} PROPERTIES IMPORT_SUFFIX "_imp.lib")
+
+ set_target_properties (${LIB_NAME} PROPERTIES
+ DEBUG_POSTFIX "-d"
+ # Note: no postfix for release variants, let user choose what style of
release he wants
+ # MINSIZEREL_POSTFIX "-z"
+ # RELWITHDEBINFO_POSTFIX "-g"
+ )
endif()
endif()
diff --git a/lib/Makefile.Watcom b/lib/Makefile.Watcom
index cbc54cfc7..77e5a6e0a 100644
--- a/lib/Makefile.Watcom
+++ b/lib/Makefile.Watcom
@@ -6,7 +6,7 @@
# \___|\___/|_| \_\_____|
#
# Copyright (C) 2005 - 2009, Gisle Vanem <address@hidden>.
-# Copyright (C) 2005 - 2015, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 2005 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -81,7 +81,7 @@ RD = rmdir /q /s 2>NUL
SYS_INCL = -I"$(%watcom)/h/nt" -I"$(%watcom)/h"
CFLAGS = -3r -mf -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm &
- -wcd=201 -bt=nt -d+ -dWIN32 -dCURL_WANTS_CA_BUNDLE_ENV &
+ -wcd=201 -bt=nt -d+ -dWIN32 &
-dBUILDING_LIBCURL -I. -I"../include" $(SYS_INCL)
!ifdef %debug
@@ -192,14 +192,13 @@ OBJS4 = $(OBJS3: = ./)
OBJS_STAT = $(OBJS4:./=$(OBJ_STAT)/)
OBJS_DYN = $(OBJS4:./=$(OBJ_DYN)/)
-CURLBUILDH = ../include/curl/curlbuild.h
RESOURCE = $(OBJ_DYN)/libcurl.res
DIRS = $(OBJ_BASE) $(OBJ_BASE)/stat $(OBJ_BASE)/dyn
.c : vauth vtls
-all: $(CURLBUILDH) $(DIRS) $(TARGETS) .SYMBOLIC
+all: $(DIRS) $(TARGETS) .SYMBOLIC
@echo Welcome to libcurl
clean: .SYMBOLIC
@@ -216,9 +215,6 @@ vclean distclean: clean .SYMBOLIC
$(DIRS):
-$(MD) $^@
-$(CURLBUILDH): .EXISTSONLY
- $(CP) address@hidden $^@
-
$(LIBNAME).dll: $(OBJS_DYN) $(RESOURCE) $(__MAKEFILES__)
%create $(LINK_ARG)
@%append $(LINK_ARG) system nt dll
diff --git a/lib/Makefile.am b/lib/Makefile.am
index a1f8f8f00..2aa1bb030 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -23,7 +23,7 @@ AUTOMAKE_OPTIONS = foreign nostdinc
CMAKE_DIST = CMakeLists.txt curl_config.h.cmake
-EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 config-win32.h \
+EXTRA_DIST = Makefile.b32 Makefile.m32 config-win32.h \
config-win32ce.h config-riscos.h config-mac.h curl_config.h.in
\
makefile.dj config-dos.h libgnurl.plist libcurl.rc config-amigaos.h \
makefile.amiga Makefile.netware nwlib.c nwos.c config-win32ce.h \
@@ -48,17 +48,13 @@ CFLAGS += @CURL_CFLAG_EXTRAS@
# being currently built and tested are searched before the library which
# might possibly already be installed in the system.
#
-# $(top_builddir)/include/curl for generated curlbuild.h included from curl.h
-# $(top_builddir)/include for generated curlbuild.h inc. from lib/curl_setup.h
# $(top_srcdir)/include is for libcurl's external include files
# $(top_builddir)/lib is for libcurl's generated lib/curl_config.h file
# $(top_srcdir)/lib for libcurl's lib/curl_setup.h and other "private" files
# $(top_builddir)/ares is for in-tree c-ares's generated ares_build.h file
# $(top_srcdir)/ares is for in-tree c-ares's external include files
-AM_CPPFLAGS = -I$(top_builddir)/include/curl \
- -I$(top_builddir)/include \
- -I$(top_srcdir)/include \
+AM_CPPFLAGS = -I$(top_srcdir)/include \
-I$(top_builddir)/lib \
-I$(top_srcdir)/lib
@@ -106,6 +102,10 @@ libgnurl_la_CPPFLAGS_EXTRA =
libgnurl_la_LDFLAGS_EXTRA =
libgnurl_la_CFLAGS_EXTRA =
address@hidden@
+libgnurl_la_LDFLAGS_EXTRA += $(CODE_COVERAGE_LDFLAGS)
+libgnurl_la_CFLAGS_EXTRA += $(CODE_COVERAGE_CFLAGS)
+
if CURL_LT_SHLIB_USE_VERSION_INFO
libgnurl_la_LDFLAGS_EXTRA += $(VERSIONINFO)
endif
diff --git a/lib/Makefile.b32 b/lib/Makefile.b32
index 481386157..5b5b5fa9f 100644
--- a/lib/Makefile.b32
+++ b/lib/Makefile.b32
@@ -109,7 +109,7 @@ LINKLIB = $(LINKLIB) $(OPENSSL_PATH)\out32\ssleay32.lib
$(OPENSSL_PATH)\out32\l
!include Makefile.inc
# Borland's command line librarian program TLIB version 4.5 is not capable
-# of building a library when any of its objects contains an hypen in its
+# of building a library when any of its objects contains an hyphen in its
# name, due to a command line parsing bug. In order to workaround this, we
# build source files with hyphens in their name as objects with underscores
# using explicit compilation build rules instead of implicit ones.
diff --git a/lib/Makefile.inc b/lib/Makefile.inc
index 0ed998c13..19f58000a 100644
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -40,31 +40,31 @@ LIB_VTLS_HFILES = vtls/openssl.h vtls/vtls.h vtls/gtls.h
\
LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \
cookie.c http.c sendf.c ftp.c url.c dict.c if2ip.c speedcheck.c \
ldap.c version.c getenv.c escape.c mprintf.c telnet.c netrc.c \
- getinfo.c transfer.c strequal.c easy.c security.c curl_fnmatch.c \
+ getinfo.c transfer.c strcase.c easy.c security.c curl_fnmatch.c \
fileinfo.c ftplistparser.c wildcard.c krb5.c memdebug.c http_chunks.c \
strtok.c connect.c llist.c hash.c multi.c content_encoding.c share.c \
http_digest.c md4.c md5.c http_negotiate.c inet_pton.c strtoofft.c \
strerror.c amigaos.c hostasyn.c hostip4.c hostip6.c hostsyn.c \
inet_ntop.c parsedate.c select.c tftp.c splay.c strdup.c socks.c \
- ssh.c rawstr.c curl_addrinfo.c socks_gssapi.c socks_sspi.c \
+ ssh.c curl_addrinfo.c socks_gssapi.c socks_sspi.c \
curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \
pingpong.c rtsp.c curl_threads.c warnless.c hmac.c curl_rtmp.c \
openldap.c curl_gethostname.c gopher.c idn_win32.c \
http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \
- http_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c \
+ http_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c rand.c \
curl_multibyte.c hostcheck.c conncache.c pipeline.c dotdot.c \
x509asn1.c http2.c smb.c curl_endian.c curl_des.c system_win32.c
LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \
formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h if2ip.h \
speedcheck.h urldata.h curl_ldap.h escape.h telnet.h getinfo.h \
- strequal.h curl_sec.h memdebug.h http_chunks.h curl_fnmatch.h \
+ strcase.h curl_sec.h memdebug.h http_chunks.h curl_fnmatch.h \
wildcard.h fileinfo.h ftplistparser.h strtok.h connect.h llist.h \
hash.h content_encoding.h share.h curl_md4.h curl_md5.h http_digest.h \
http_negotiate.h inet_pton.h amigaos.h strtoofft.h strerror.h \
inet_ntop.h curlx.h curl_memory.h curl_setup.h transfer.h select.h \
easyif.h multiif.h parsedate.h tftp.h sockaddr.h splay.h strdup.h \
- socks.h ssh.h curl_base64.h rawstr.h curl_addrinfo.h curl_sspi.h \
+ socks.h ssh.h curl_base64.h curl_addrinfo.h curl_sspi.h \
slist.h nonblock.h curl_memrchr.h imap.h pop3.h smtp.h pingpong.h \
rtsp.h curl_threads.h warnless.h curl_hmac.h curl_rtmp.h \
curl_gethostname.h gopher.h http_proxy.h non-ascii.h asyn.h \
@@ -72,7 +72,7 @@ LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h
progress.h \
curl_sasl.h curl_multibyte.h hostcheck.h conncache.h \
curl_setup_once.h multihandle.h setup-vms.h pipeline.h dotdot.h \
x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h \
- curl_printf.h system_win32.h
+ curl_printf.h system_win32.h rand.h
LIB_RCFILES = libcurl.rc
diff --git a/lib/Makefile.m32 b/lib/Makefile.m32
index 522dbd1df..8e4c70333 100644
--- a/lib/Makefile.m32
+++ b/lib/Makefile.m32
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1999 - 2015, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1999 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -77,7 +77,7 @@ LIBCARES_PATH = $(PROOT)/ares
endif
CC = $(CROSSPREFIX)gcc
-CFLAGS = $(CURL_CFLAG_EXTRAS) -g -O2 -Wall
+CFLAGS = $(CURL_CFLAG_EXTRAS) -g -O2 -Wall -W
CFLAGS += -fno-strict-aliasing
# comment LDFLAGS below to keep debug info
LDFLAGS = $(CURL_LDFLAG_EXTRAS) $(CURL_LDFLAG_EXTRAS_DLL) -s
@@ -250,8 +250,7 @@ ifdef SSL
endif
INCLUDES += -I"$(OPENSSL_INCLUDE)"
CFLAGS += -DUSE_OPENSSL -DHAVE_OPENSSL_ENGINE_H -DHAVE_OPENSSL_PKCS12_H \
- -DHAVE_ENGINE_LOAD_BUILTIN_ENGINES -DOPENSSL_NO_KRB5 \
- -DCURL_WANTS_CA_BUNDLE_ENV
+ -DHAVE_ENGINE_LOAD_BUILTIN_ENGINES -DOPENSSL_NO_KRB5
DLL_LIBS += -L"$(OPENSSL_LIBPATH)" $(OPENSSL_LIBS)
ifdef SRP
ifeq "$(wildcard $(OPENSSL_INCLUDE)/openssl/srp.h)"
"$(OPENSSL_INCLUDE)/openssl/srp.h"
@@ -340,24 +339,17 @@ $(libcurl_dll_LIBRARY): $(libcurl_a_OBJECTS) $(RESOURCE)
$(libcurl_dll_DEPENDENC
-Wl,--output-def,$(@:.dll=.def),--out-implib,$(libcurl_dll_a_LIBRARY)
\
$(libcurl_a_OBJECTS) $(RESOURCE) $(DLL_LIBS)
-%.o: %.c $(PROOT)/include/curl/curlbuild.h
+%.o: %.c
$(CC) $(INCLUDES) $(CFLAGS) -c $< -o $@
%.res: %.rc
$(RC) $(RCFLAGS) -i $< -o $@
clean:
-ifeq "$(wildcard $(PROOT)/include/curl/curlbuild.h.dist)"
"$(PROOT)/include/curl/curlbuild.h.dist"
- @$(call DEL, $(PROOT)/include/curl/curlbuild.h)
-endif
@$(call DEL, $(libcurl_a_OBJECTS) $(RESOURCE))
distclean vclean: clean
@$(call DEL, $(libcurl_a_LIBRARY) $(libcurl_dll_LIBRARY)
$(libcurl_dll_LIBRARY:.dll=.def) $(libcurl_dll_a_LIBRARY))
-$(PROOT)/include/curl/curlbuild.h:
- @echo Creating $@
- @$(call COPY, address@hidden, $@)
-
$(LIBCARES_PATH)/libcares.a:
$(MAKE) -C $(LIBCARES_PATH) -f Makefile.m32
diff --git a/lib/Makefile.netware b/lib/Makefile.netware
index ee7e87ce7..e36e6515f 100644
--- a/lib/Makefile.netware
+++ b/lib/Makefile.netware
@@ -6,7 +6,7 @@
# \___|\___/|_| \_\_____|
#
# Copyright (C) 2004 - 2015, Guenter Knauf, <http://www.gknw.net/phpbb>.
-# Copyright (C) 2001 - 2015, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 2001 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -87,7 +87,7 @@ endif
TARGET = libcurl
VERSION = $(LIBCURL_VERSION)
COPYR = Copyright (C) $(LIBCURL_COPYRIGHT_STR)
-DESCR = cURL libcurl $(LIBCURL_VERSION_STR) ($(LIBARCH)) -
https://curl.haxx.se
+DESCR = curl libcurl $(LIBCURL_VERSION_STR) ($(LIBARCH)) -
https://curl.haxx.se
MTSAFE = YES
STACK = 64000
SCREEN = none
@@ -166,7 +166,7 @@ endif
CFLAGS += -align 4
else
# PRELUDE = $(NDK_CLIB)/imports/clibpre.o
- # to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+ # to avoid the __init_* / __deinit_* whoes don't use prelude from NDK
PRELUDE = "$(MWCW_PATH)/libraries/runtime/prelude.obj"
# CFLAGS += -include "$(MWCW_PATH)/headers/nlm_clib_prefix.h"
CFLAGS += -align 1
@@ -192,7 +192,7 @@ else
endif
else
PRELUDE = $(NDK_CLIB)/imports/clibpre.gcc.o
- # to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+ # to avoid the __init_* / __deinit_* whoes don't use prelude from NDK
# http://www.gknw.net/development/mk_nlm/gcc_pre.zip
# PRELUDE = $(NDK_ROOT)/pre/prelude.o
CFLAGS += -include $(NDKBASE)/nlmconv/genlm.h
@@ -359,13 +359,13 @@ nlm: prebuild $(TARGET).nlm
lib: prebuild $(TARGET).$(LIBEXT)
-prebuild: $(OBJDIR) $(CURL_INC)/curl/curlbuild.h $(OBJDIR)/version.inc
curl_config.h
+prebuild: $(OBJDIR) $(OBJDIR)/version.inc curl_config.h
$(OBJDIR)/%.o: %.c
# @echo Compiling $<
$(CC) $(CFLAGS) -c $< -o $@
-$(OBJDIR)/version.inc: $(CURL_INC)/curl/curlver.h $(OBJDIR)
+$(OBJDIR)/version.inc: $(CURL_INC)/gnurl/curlver.h $(OBJDIR)
@echo Creating $@
@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
@@ -702,7 +702,7 @@ else
@echo $(DL)#define CURL_CA_BUNDLE getenv("CURL_CA_BUNDLE")$(DL) >> $@
endif
-$(EXPORTF): $(CURL_INC)/curl/curl.h $(CURL_INC)/curl/easy.h
$(CURL_INC)/curl/multi.h $(CURL_INC)/curl/mprintf.h
+$(EXPORTF): $(CURL_INC)/gnurl/curl.h $(CURL_INC)/gnurl/easy.h
$(CURL_INC)/gnurl/multi.h $(CURL_INC)/gnurl/mprintf.h
@echo Creating $@
@$(AWK) -f ../packages/NetWare/get_exp.awk $^ > $@
@@ -752,44 +752,6 @@ else
@echo IPv6 support: no
endif
-$(CURL_INC)/curl/curlbuild.h: Makefile.netware FORCE
- @echo Creating $@
- @echo $(DL)/* $@ intended for NetWare target.$(DL) > $@
- @echo $(DL)** Do not edit this file - it is created by make!$(DL) >> $@
- @echo $(DL)** All your changes will be lost!!$(DL) >> $@
- @echo $(DL)*/$(DL) >> $@
- @echo $(DL)#ifndef NETWARE$(DL) >> $@
- @echo $(DL)#error This $(notdir $@) is created for NetWare
platform!$(DL) >> $@
- @echo $(DL)#endif$(DL) >> $@
- @echo $(DL)#ifndef __CURL_CURLBUILD_H$(DL) >> $@
- @echo $(DL)#define __CURL_CURLBUILD_H$(DL) >> $@
-ifeq ($(LIBARCH),LIBC)
- @echo $(DL)#define CURL_SIZEOF_LONG 4$(DL) >> $@
- @echo $(DL)#define CURL_TYPEOF_CURL_SOCKLEN_T unsigned int$(DL) >> $@
- @echo $(DL)#define CURL_SIZEOF_CURL_SOCKLEN_T 4$(DL) >> $@
- @echo $(DL)#define CURL_TYPEOF_CURL_OFF_T long long$(DL) >> $@
- @echo $(DL)#define CURL_FORMAT_CURL_OFF_T "lld"$(DL) >> $@
- @echo $(DL)#define CURL_FORMAT_CURL_OFF_TU "llu"$(DL) >> $@
- @echo $(DL)#define CURL_FORMAT_OFF_T "$(PCT)lld"$(DL) >> $@
- @echo $(DL)#define CURL_SIZEOF_CURL_OFF_T 8$(DL) >> $@
- @echo $(DL)#define CURL_SUFFIX_CURL_OFF_T LL$(DL) >> $@
- @echo $(DL)#define CURL_SUFFIX_CURL_OFF_TU ULL$(DL) >> $@
-else
- @echo $(DL)#define CURL_SIZEOF_LONG 4$(DL) >> $@
- @echo $(DL)#define CURL_TYPEOF_CURL_SOCKLEN_T int$(DL) >> $@
- @echo $(DL)#define CURL_SIZEOF_CURL_SOCKLEN_T 4$(DL) >> $@
- @echo $(DL)#define CURL_TYPEOF_CURL_OFF_T long$(DL) >> $@
- @echo $(DL)#define CURL_FORMAT_CURL_OFF_T "ld"$(DL) >> $@
- @echo $(DL)#define CURL_FORMAT_CURL_OFF_TU "lu"$(DL) >> $@
- @echo $(DL)#define CURL_FORMAT_OFF_T "$(PCT)ld"$(DL) >> $@
- @echo $(DL)#define CURL_SIZEOF_CURL_OFF_T 4$(DL) >> $@
- @echo $(DL)#define CURL_SUFFIX_CURL_OFF_T L$(DL) >> $@
- @echo $(DL)#define CURL_SUFFIX_CURL_OFF_TU UL$(DL) >> $@
-endif
- @echo $(DL)typedef CURL_TYPEOF_CURL_SOCKLEN_T curl_socklen_t;$(DL) >> $@
- @echo $(DL)typedef CURL_TYPEOF_CURL_OFF_T curl_off_t;$(DL) >> $@
- @echo $(DL)#endif /* __CURL_CURLBUILD_H */$(DL) >> $@
-
$(LIBCARES_PATH)/libcares.$(LIBEXT):
$(MAKE) -C $(LIBCARES_PATH) -f Makefile.netware lib
diff --git a/lib/Makefile.vc6 b/lib/Makefile.vc6
deleted file mode 100644
index e783e3ae2..000000000
--- a/lib/Makefile.vc6
+++ /dev/null
@@ -1,691 +0,0 @@
-#***************************************************************************
-# _ _ ____ _
-# Project ___| | | | _ \| |
-# / __| | | | |_) | |
-# | (__| |_| | _ <| |___
-# \___|\___/|_| \_\_____|
-#
-# Copyright (C) 1999 - 2016, Daniel Stenberg, <address@hidden>, et al.
-#
-# This software is licensed as described in the file COPYING, which
-# you should have received as part of this distribution. The terms
-# are also available at https://curl.haxx.se/docs/copyright.html.
-#
-# You may opt to use, copy, modify, merge, publish, distribute and/or sell
-# copies of the Software, and permit persons to whom the Software is
-# furnished to do so, under the terms of the COPYING file.
-#
-# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-# KIND, either express or implied.
-#
-#***************************************************************************
-
-# All files in the Makefile.vc* series are generated automatically from the
-# one made for MSVC version 6. Alas, if you want to do changes to any of the
-# files and send back to the project, edit the version six, make your diff and
-# mail curl-library.
-
-###########################################################################
-#
-# Makefile for building libcurl with MSVC6
-#
-# Usage: see usage message below
-# Should be invoked from \lib directory
-# Edit the paths and desired library name
-# SSL path is only required if you intend compiling
-# with SSL.
-#
-# This make file leaves the result either a .lib or .dll file
-# in the \lib directory. It should be called from the \lib
-# directory.
-#
-# An option would have been to allow the source directory to
-# be specified, but I saw no requirement.
-#
-# Another option would have been to leave the .lib and .dll
-# files in the "cfg" directory, but then the make file
-# in \src would need to be changed.
-#
-##############################################################
-
-# ----------------------------------------------
-# Verify that current subdir is libcurl's 'lib'
-# ----------------------------------------------
-
-!IF ! EXIST(.\curl_addrinfo.c)
-! MESSAGE Can not process this makefile from outside of libcurl's 'lib'
subdirectory.
-! MESSAGE Change to libcurl's 'lib' subdirectory, and try again.
-! ERROR See previous message.
-!ENDIF
-
-# ------------------------------------------------
-# Makefile.msvc.names provides libcurl file names
-# ------------------------------------------------
-
-!INCLUDE ..\winbuild\Makefile.msvc.names
-
-!IFNDEF OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-1.0.2a
-!ENDIF
-
-!IFNDEF LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-1.5.0
-!ENDIF
-
-!IFNDEF ZLIB_PATH
-ZLIB_PATH = ../../zlib-1.2.8
-!ENDIF
-
-!IFNDEF MACHINE
-MACHINE = X86
-!ENDIF
-
-# USE_WINDOWS_SSPI uses windows libraries to allow NTLM authentication
-# without an openssl installation and offers the ability to authenticate
-# using the "current logged in user". Since at least with MSVC6 the sspi.h
-# header is broken it is either required to install the Windows SDK,
-# or to fix sspi.h with adding this define at the beginning of sspi.h:
-# #define FreeCredentialHandle FreeCredentialsHandle
-#
-# If, for some reason the Windows SDK is installed but not installed
-# in the default location, you can specify WINDOWS_SDK_PATH.
-# It can be downloaded from:
-# https://msdn.microsoft.com/windows/bb980924.aspx
-
-# WINDOWS_SSPI = 1
-
-!IFDEF WINDOWS_SSPI
-!IFNDEF WINDOWS_SDK_PATH
-WINDOWS_SDK_PATH = "$(PROGRAMFILES)\Microsoft SDK"
-!ENDIF
-!ENDIF
-
-#############################################################
-## Nothing more to do below this line!
-
-CCNODBG = cl.exe /O2 /DNDEBUG
-CCDEBUG = cl.exe /Od /Gm /Zi /D_DEBUG /GZ
-CFLAGSSSL = /DUSE_OPENSSL /I "$(OPENSSL_PATH)/inc32" /I
"$(OPENSSL_PATH)/inc32/openssl"
-CFLAGSWINSSL = /DUSE_SCHANNEL
-CFLAGSSSH2 = /DUSE_LIBSSH2 /DCURL_DISABLE_LDAP /DHAVE_LIBSSH2
/DHAVE_LIBSSH2_H /DLIBSSH2_WIN32 /DLIBSSH2_LIBRARY /I "$(LIBSSH2_PATH)/include"
-CFLAGSZLIB = /DHAVE_ZLIB_H /DHAVE_ZLIB /DHAVE_LIBZ /I "$(ZLIB_PATH)"
-CFLAGS = /I. /I../include /nologo /W3 /GX /DWIN32 /YX /FD /c
/DBUILDING_LIBCURL /D_BIND_TO_CURRENT_VCLIBS_VERSION=1
-CFLAGSLIB = /DCURL_STATICLIB
-LNKDLL = link.exe /DLL
-LNKLIB = link.exe /lib
-LFLAGS = /nologo /machine:$(MACHINE)
-SSLLIBS = libeay32.lib ssleay32.lib
-WINSSLLIBS = crypt32.lib
-ZLIBLIBSDLL = zdll.lib
-ZLIBLIBS = zlib.lib
-WINLIBS = ws2_32.lib wldap32.lib advapi32.lib
-CFLAGS = $(CFLAGS)
-
-CFGSET = FALSE
-
-!IFDEF WINDOWS_SSPI
-CFLAGS = $(CFLAGS) /DUSE_WINDOWS_SSPI /I$(WINDOWS_SDK_PATH)\include
-!ENDIF
-
-!IFDEF USE_IPV6
-CFLAGS = $(CFLAGS) /DUSE_IPV6
-!ENDIF
-
-!IFDEF USE_IDN
-CFLAGS = $(CFLAGS) /DUSE_WIN32_IDN /DWANT_IDN_PROTOTYPES
-!ENDIF
-
-##############################################################
-# Runtime library configuration
-
-RTLIB = /MD
-RTLIBD = /MDd
-
-!IF "$(RTLIBCFG)" == "static"
-RTLIB = /MT
-RTLIBD = /MTd
-!ENDIF
-
-
-######################
-# release
-
-!IF "$(CFG)" == "release"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-ssl
-
-!IF "$(CFG)" == "release-ssl"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
-LNK = $(LNKLIB) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-winssl
-
-!IF "$(CFG)" == "release-winssl"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-zlib
-
-!IF "$(CFG)" == "release-zlib"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKLIB) $(ZLIBLIBS) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-ssl-zlib
-
-!IF "$(CFG)" == "release-ssl-zlib"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKLIB) $(LFLAGSSSL) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-winssl-zlib
-
-!IF "$(CFG)" == "release-winssl-zlib"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKLIB) $(LFLAGSZLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-ssl-ssh2-zlib
-
-!IF "$(CFG)" == "release-ssl-ssh2-zlib"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
-LFLAGSSSH2 = "/LIBPATH:$(LIBSSH2_PATH)"
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKLIB) $(LFLAGSSSL) $(LFLAGSSSH2) $(LFLAGSZLIB)
/out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSSSH2) $(CFLAGSZLIB)
$(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-ssl-dll
-
-!IF "$(CFG)" == "release-ssl-dll"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK = $(LNKLIB) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL)
/out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-zlib-dll
-
-!IF "$(CFG)" == "release-zlib-dll"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKLIB) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB)
/out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-ssl-dll-zlib-dll
-
-!IF "$(CFG)" == "release-ssl-dll-zlib-dll"
-TARGET = $(LIBCURL_STA_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK = $(LNKLIB) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL)
$(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# release-dll
-
-!IF "$(CFG)" == "release-dll"
-TARGET = $(LIBCURL_DYN_LIB_REL)
-DIROBJ = $(CFG)
-LNK = $(LNKDLL) $(WINLIBS) /out:$(DIROBJ)\$(TARGET)
/IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_REL)
-CC = $(CCNODBG) $(RTLIB)
-CFGSET = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
-!ENDIF
-
-######################
-# release-dll-ssl-dll
-
-!IF "$(CFG)" == "release-dll-ssl-dll"
-TARGET = $(LIBCURL_DYN_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL)
/out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_REL)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL)
-CFGSET = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
-!ENDIF
-
-######################
-# release-dll-zlib-dll
-
-!IF "$(CFG)" == "release-dll-zlib-dll"
-TARGET = $(LIBCURL_DYN_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKDLL) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB)
/out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_REL)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSZLIB)
-CFGSET = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
-!ENDIF
-
-######################
-# release-dll-ssl-dll-zlib-dll
-
-!IF "$(CFG)" == "release-dll-ssl-dll-zlib-dll"
-TARGET = $(LIBCURL_DYN_LIB_REL)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL)
$(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_REL)
-CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSZLIB)
-CFGSET = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
-!ENDIF
-
-######################
-# debug
-
-!IF "$(CFG)" == "debug"
-TARGET = $(LIBCURL_STA_LIB_DBG)
-DIROBJ = $(CFG)
-LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# debug-ssl
-
-!IF "$(CFG)" == "debug-ssl"
-TARGET = $(LIBCURL_STA_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
-LNK = $(LNKLIB) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# debug-zlib
-
-!IF "$(CFG)" == "debug-zlib"
-TARGET = $(LIBCURL_STA_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKLIB) $(ZLIBLIBS) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# debug-ssl-zlib
-
-!IF "$(CFG)" == "debug-ssl-zlib"
-TARGET = $(LIBCURL_STA_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
-LNK = $(LNKLIB) $(ZLIBLIBS) $(LFLAGSSSL) $(LFLAGSZLIB)
/out:$(DIROBJ)\$(TARGET)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# debug-ssl-ssh2-zlib
-
-!IF "$(CFG)" == "debug-ssl-ssh2-zlib"
-TARGET = $(LIBCURL_STA_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LFLAGSSSH2 = "/LIBPATH:$(LIBSSH2_PATH)"
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
-LNK = $(LNKLIB) $(ZLIBLIBS) $(LFLAGSSSL) $(LFLAGSSSH2) $(LFLAGSZLIB)
/out:$(DIROBJ)\$(TARGET)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSSSH2) $(CFLAGSZLIB)
$(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# debug-ssl-dll
-
-!IF "$(CFG)" == "debug-ssl-dll"
-TARGET = $(LIBCURL_STA_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSSSL = /LIBPATH:$(OPENSSL_PATH)\out32dll
-LNK = $(LNKLIB) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL)
/out:$(DIROBJ)\$(TARGET)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# debug-zlib-dll
-
-!IF "$(CFG)" == "debug-zlib-dll"
-TARGET = $(LIBCURL_STA_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKLIB) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB)
/out:$(DIROBJ)\$(TARGET)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# debug-ssl-dll-zlib-dll
-
-!IF "$(CFG)" == "debug-ssl-dll-zlib-dll"
-TARGET = $(LIBCURL_STA_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK = $(LNKLIB) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL)
$(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
-CFGSET = TRUE
-!ENDIF
-
-######################
-# debug-dll
-
-!IF "$(CFG)" == "debug-dll"
-TARGET = $(LIBCURL_DYN_LIB_DBG)
-DIROBJ = $(CFG)
-LNK = $(LNKDLL) $(WINLIBS) /DEBUG /out:$(DIROBJ)\$(TARGET)
/IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_DBG) /PDB:$(DIROBJ)\$(LIBCURL_DYN_LIB_PDB)
-CC = $(CCDEBUG) $(RTLIBD)
-CFGSET = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
-!ENDIF
-
-######################
-# debug-dll-ssl-dll
-
-!IF "$(CFG)" == "debug-dll-ssl-dll"
-TARGET = $(LIBCURL_DYN_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /DEBUG
/out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_DBG)
/PDB:$(DIROBJ)\$(LIBCURL_DYN_LIB_PDB)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL)
-CFGSET = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
-!ENDIF
-
-######################
-# debug-dll-zlib-dll
-
-!IF "$(CFG)" == "debug-dll-zlib-dll"
-TARGET = $(LIBCURL_DYN_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK = $(LNKDLL) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB) /DEBUG
/out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_DBG)
/PDB:$(DIROBJ)\$(LIBCURL_DYN_LIB_PDB)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSZLIB)
-CFGSET = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
-!ENDIF
-
-######################
-# debug-dll-ssl-dll-zlib-dll
-
-!IF "$(CFG)" == "debug-dll-ssl-dll-zlib-dll"
-TARGET = $(LIBCURL_DYN_LIB_DBG)
-DIROBJ = $(CFG)
-LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL)
$(LFLAGSZLIB) /DEBUG /out:$(DIROBJ)\$(TARGET)
/IMPLIB:$(DIROBJ)\$(LIBCURL_IMP_LIB_DBG) /PDB:$(DIROBJ)\$(LIBCURL_DYN_LIB_PDB)
-CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSZLIB)
-CFGSET = TRUE
-RESOURCE = $(DIROBJ)\libcurl.res
-!ENDIF
-
-#######################
-# Usage
-#
-!IF "$(CFGSET)" == "FALSE" && "$(CFG)" != ""
-!MESSAGE Usage: nmake /f makefile.vc6 CFG=<config> <target>
-!MESSAGE where <config> is one of:
-!MESSAGE release - release static library
-!MESSAGE release-ssl - release static library with ssl
-!MESSAGE release-zlib - release static library with zlib
-!MESSAGE release-ssl-zlib - release static library with ssl and
zlib
-!MESSAGE release-ssl-ssh2-zlib - release static library with ssl,
ssh2 and zlib
-!MESSAGE release-ssl-dll - release static library with dynamic
ssl
-!MESSAGE release-zlib-dll - release static library with dynamic
zlib
-!MESSAGE release-ssl-dll-zlib-dll - release static library with dynamic
ssl and dynamic zlib
-!MESSAGE release-dll - release dynamic library
-!MESSAGE release-dll-ssl-dll - release dynamic library with dynamic
ssl
-!MESSAGE release-dll-zlib-dll - release dynamic library with dynamic
zlib
-!MESSAGE release-dll-ssl-dll-zlib-dll - release dynamic library with dynamic
ssl and dynamic zlib
-!MESSAGE debug - debug static library
-!MESSAGE debug-ssl - debug static library with ssl
-!MESSAGE debug-zlib - debug static library with zlib
-!MESSAGE debug-ssl-zlib - debug static library with ssl and
zlib
-!MESSAGE debug-ssl-ssh2-zlib - debug static library with ssl, ssh2
and zlib
-!MESSAGE debug-ssl-dll - debug static library with dynamic ssl
-!MESSAGE debug-zlib-dll - debug static library with dynamic
zlib
-!MESSAGE debug-ssl-dll-zlib-dll - debug static library with dynamic
ssl and dynamic zlib
-!MESSAGE debug-dll - debug dynamic library
-!MESSAGE debug-dll-ssl-dll - debug dynamic library with dynamic
ssl
-!MESSAGE debug-dll-zlib-dll - debug dynamic library with dynamic
zlib1
-!MESSAGE debug-dll-ssl-dll-zlib-dll - debug dynamic library with dynamic
ssl and dynamic zlib
-!MESSAGE <target> can be left blank in which case all is assumed
-!ERROR please choose a valid configuration "$(CFG)"
-!ENDIF
-
-#######################
-# Only the clean target can be used if a config was not provided.
-#
-!IF "$(CFGSET)" == "FALSE"
-clean:
- @-erase /s *.dll 2> NUL
- @-erase /s *.exp 2> NUL
- @-erase /s *.idb 2> NUL
- @-erase /s *.lib 2> NUL
- @-erase /s *.obj 2> NUL
- @-erase /s *.pch 2> NUL
- @-erase /s *.pdb 2> NUL
- @-erase /s *.res 2> NUL
-!ELSE
-# A config was provided, so the library can be built.
-#
-X_OBJS= \
- $(DIROBJ)\amigaos.obj \
- $(DIROBJ)\asyn-ares.obj \
- $(DIROBJ)\asyn-thread.obj \
- $(DIROBJ)\axtls.obj \
- $(DIROBJ)\base64.obj \
- $(DIROBJ)\conncache.obj \
- $(DIROBJ)\connect.obj \
- $(DIROBJ)\content_encoding.obj \
- $(DIROBJ)\cookie.obj \
- $(DIROBJ)\curl_addrinfo.obj \
- $(DIROBJ)\curl_des.obj \
- $(DIROBJ)\curl_endian.obj \
- $(DIROBJ)\curl_fnmatch.obj \
- $(DIROBJ)\curl_gethostname.obj \
- $(DIROBJ)\curl_gssapi.obj \
- $(DIROBJ)\curl_memrchr.obj \
- $(DIROBJ)\curl_multibyte.obj \
- $(DIROBJ)\curl_ntlm_core.obj \
- $(DIROBJ)\curl_ntlm_wb.obj \
- $(DIROBJ)\curl_rtmp.obj \
- $(DIROBJ)\curl_sasl.obj \
- $(DIROBJ)\curl_sspi.obj \
- $(DIROBJ)\curl_threads.obj \
- $(DIROBJ)\cyassl.obj \
- $(DIROBJ)\darwinssl.obj \
- $(DIROBJ)\dict.obj \
- $(DIROBJ)\dotdot.obj \
- $(DIROBJ)\easy.obj \
- $(DIROBJ)\escape.obj \
- $(DIROBJ)\file.obj \
- $(DIROBJ)\fileinfo.obj \
- $(DIROBJ)\formdata.obj \
- $(DIROBJ)\ftp.obj \
- $(DIROBJ)\ftplistparser.obj \
- $(DIROBJ)\getenv.obj \
- $(DIROBJ)\getinfo.obj \
- $(DIROBJ)\gopher.obj \
- $(DIROBJ)\gtls.obj \
- $(DIROBJ)\hash.obj \
- $(DIROBJ)\hmac.obj \
- $(DIROBJ)\hostasyn.obj \
- $(DIROBJ)\hostcheck.obj \
- $(DIROBJ)\hostip.obj \
- $(DIROBJ)\hostip4.obj \
- $(DIROBJ)\hostip6.obj \
- $(DIROBJ)\hostsyn.obj \
- $(DIROBJ)\http.obj \
- $(DIROBJ)\http_chunks.obj \
- $(DIROBJ)\http_digest.obj \
- $(DIROBJ)\http_negotiate.obj \
- $(DIROBJ)\http_ntlm.obj \
- $(DIROBJ)\http_proxy.obj \
- $(DIROBJ)\idn_win32.obj \
- $(DIROBJ)\if2ip.obj \
- $(DIROBJ)\imap.obj \
- $(DIROBJ)\inet_ntop.obj \
- $(DIROBJ)\inet_pton.obj \
- $(DIROBJ)\krb5.obj \
- $(DIROBJ)\ldap.obj \
- $(DIROBJ)\llist.obj \
- $(DIROBJ)\md4.obj \
- $(DIROBJ)\md5.obj \
- $(DIROBJ)\memdebug.obj \
- $(DIROBJ)\mprintf.obj \
- $(DIROBJ)\multi.obj \
- $(DIROBJ)\netrc.obj \
- $(DIROBJ)\non-ascii.obj \
- $(DIROBJ)\nonblock.obj \
- $(DIROBJ)\nss.obj \
- $(DIROBJ)\openldap.obj \
- $(DIROBJ)\parsedate.obj \
- $(DIROBJ)\pingpong.obj \
- $(DIROBJ)\pipeline.obj \
- $(DIROBJ)\polarssl.obj \
- $(DIROBJ)\polarssl_threadlock.obj \
- $(DIROBJ)\pop3.obj \
- $(DIROBJ)\progress.obj \
- $(DIROBJ)\rawstr.obj \
- $(DIROBJ)\rtsp.obj \
- $(DIROBJ)\schannel.obj \
- $(DIROBJ)\security.obj \
- $(DIROBJ)\select.obj \
- $(DIROBJ)\sendf.obj \
- $(DIROBJ)\share.obj \
- $(DIROBJ)\slist.obj \
- $(DIROBJ)\smb.obj \
- $(DIROBJ)\smtp.obj \
- $(DIROBJ)\socks.obj \
- $(DIROBJ)\socks_gssapi.obj \
- $(DIROBJ)\socks_sspi.obj \
- $(DIROBJ)\speedcheck.obj \
- $(DIROBJ)\splay.obj \
- $(DIROBJ)\ssh.obj \
- $(DIROBJ)\system_win32.obj \
- $(DIROBJ)\vauth.obj \
- $(DIROBJ)\cleartext.obj \
- $(DIROBJ)\cram.obj \
- $(DIROBJ)\digest.obj \
- $(DIROBJ)\digest_sspi.obj \
- $(DIROBJ)\krb5_gssapi.obj \
- $(DIROBJ)\krb5_sspi.obj \
- $(DIROBJ)\ntlm.obj \
- $(DIROBJ)\ntlm_sspi.obj \
- $(DIROBJ)\oauth2.obj \
- $(DIROBJ)\spnego_gssapi.obj \
- $(DIROBJ)\spnego_sspi.obj \
- $(DIROBJ)\vtls.obj \
- $(DIROBJ)\openssl.obj \
- $(DIROBJ)\strdup.obj \
- $(DIROBJ)\strequal.obj \
- $(DIROBJ)\strerror.obj \
- $(DIROBJ)\strtok.obj \
- $(DIROBJ)\strtoofft.obj \
- $(DIROBJ)\telnet.obj \
- $(DIROBJ)\tftp.obj \
- $(DIROBJ)\timeval.obj \
- $(DIROBJ)\transfer.obj \
- $(DIROBJ)\url.obj \
- $(DIROBJ)\version.obj \
- $(DIROBJ)\warnless.obj \
- $(DIROBJ)\wildcard.obj \
- $(DIROBJ)\x509asn1.obj \
- $(RESOURCE)
-
-all : $(TARGET)
-
-$(TARGET): $(X_OBJS)
- $(LNK) $(LFLAGS) $(X_OBJS)
- -xcopy $(DIROBJ)\$(LIBCURL_STA_LIB_REL) . /y
- -xcopy $(DIROBJ)\$(LIBCURL_STA_LIB_DBG) . /y
- -xcopy $(DIROBJ)\$(LIBCURL_DYN_LIB_REL) . /y
- -xcopy $(DIROBJ)\$(LIBCURL_DYN_LIB_DBG) . /y
- -xcopy $(DIROBJ)\$(LIBCURL_IMP_LIB_REL) . /y
- -xcopy $(DIROBJ)\$(LIBCURL_IMP_LIB_DBG) . /y
- -xcopy $(DIROBJ)\*.exp . /y
- -xcopy $(DIROBJ)\*.pdb . /y
-
-$(X_OBJS): $(DIROBJ)
-
-$(DIROBJ):
- @if not exist "$(DIROBJ)" mkdir $(DIROBJ)
-
-.SUFFIXES: .c .obj .res
-
-{.\}.c{$(DIROBJ)\}.obj:
- $(CC) $(CFLAGS) /Fo"$@" $<
-
-{.\vauth\}.c{$(DIROBJ)\}.obj:
- $(CC) $(CFLAGS) /Fo"$@" $<
-
-{.\vtls\}.c{$(DIROBJ)\}.obj:
- $(CC) $(CFLAGS) /Fo"$@" $<
-
-debug-dll\libcurl.res \
-debug-dll-ssl-dll\libcurl.res \
-debug-dll-zlib-dll\libcurl.res \
-debug-dll-ssl-dll-zlib-dll\libcurl.res: libcurl.rc
- rc /dDEBUGBUILD=1 /Fo $@ libcurl.rc
-
-release-dll\libcurl.res \
-release-dll-ssl-dll\libcurl.res \
-release-dll-zlib-dll\libcurl.res \
-release-dll-ssl-dll-zlib-dll\libcurl.res: libcurl.rc
- rc /dDEBUGBUILD=0 /Fo $@ libcurl.rc
-!ENDIF # End of case where a config was provided.
diff --git a/lib/amigaos.c b/lib/amigaos.c
index 5591d2220..4f55b30e7 100644
--- a/lib/amigaos.c
+++ b/lib/amigaos.c
@@ -57,7 +57,7 @@ bool Curl_amiga_init()
}
if(SocketBaseTags(SBTM_SETVAL(SBTC_ERRNOPTR(sizeof(errno))), (ULONG) &errno,
- SBTM_SETVAL(SBTC_LOGTAGPTR), (ULONG) "cURL",
+ SBTM_SETVAL(SBTC_LOGTAGPTR), (ULONG) "curl",
TAG_DONE)) {
__request("SocketBaseTags ERROR");
return FALSE;
diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index 2aed94fe1..9b6515cda 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -169,7 +169,7 @@ int Curl_resolver_duphandle(void **to, void *from)
return CURLE_OK;
}
-static void destroy_async_data (struct Curl_async *async);
+static void destroy_async_data(struct Curl_async *async);
/*
* Cancel all possibly still on-going resolves for this connection.
@@ -184,7 +184,7 @@ void Curl_resolver_cancel(struct connectdata *conn)
/*
* destroy_async_data() cleans up async resolver data.
*/
-static void destroy_async_data (struct Curl_async *async)
+static void destroy_async_data(struct Curl_async *async)
{
free(async->hostname);
@@ -232,7 +232,7 @@ int Curl_resolver_getsock(struct connectdata *conn,
milli = (timeout->tv_sec * 1000) + (timeout->tv_usec/1000);
if(milli == 0)
milli += 10;
- Curl_expire_latest(conn->data, milli);
+ Curl_expire(conn->data, milli, EXPIRE_ASYNC_NAME);
return max;
}
@@ -355,17 +355,24 @@ CURLcode Curl_resolver_wait_resolv(struct connectdata
*conn,
CURLcode result = CURLE_OK;
struct Curl_easy *data = conn->data;
long timeout;
- struct timeval now = Curl_tvnow();
+ struct curltime now = Curl_tvnow();
struct Curl_dns_entry *temp_entry;
+ if(entry)
+ *entry = NULL; /* clear on entry */
+
timeout = Curl_timeleft(data, &now, TRUE);
+ if(timeout < 0) {
+ /* already expired! */
+ connclose(conn, "Timed out before name resolve started");
+ return CURLE_OPERATION_TIMEDOUT;
+ }
if(!timeout)
timeout = CURL_TIMEOUT_RESOLVE * 1000; /* default name resolve timeout */
/* Wait for the name resolve query to complete. */
- for(;;) {
+ while(!result) {
struct timeval *tvp, tv, store;
- long timediff;
int itimeout;
int timeout_ms;
@@ -385,28 +392,30 @@ CURLcode Curl_resolver_wait_resolv(struct connectdata
*conn,
timeout_ms = 1000;
waitperform(conn, timeout_ms);
- Curl_resolver_is_resolved(conn, &temp_entry);
+ result = Curl_resolver_is_resolved(conn, &temp_entry);
- if(conn->async.done)
+ if(result || conn->async.done)
break;
- if(Curl_pgrsUpdate(conn)) {
+ if(Curl_pgrsUpdate(conn))
result = CURLE_ABORTED_BY_CALLBACK;
- timeout = -1; /* trigger the cancel below */
- }
else {
- struct timeval now2 = Curl_tvnow();
- timediff = Curl_tvdiff(now2, now); /* spent time */
- timeout -= timediff?timediff:1; /* always deduct at least 1 */
+ struct curltime now2 = Curl_tvnow();
+ time_t timediff = Curl_tvdiff(now2, now); /* spent time */
+ if(timediff <= 0)
+ timeout -= 1; /* always deduct at least 1 */
+ else if(timediff > timeout)
+ timeout = -1;
+ else
+ timeout -= (long)timediff;
now = now2; /* for next loop */
}
-
- if(timeout < 0) {
- /* our timeout, so we cancel the ares operation */
- ares_cancel((ares_channel)data->state.resolver);
- break;
- }
+ if(timeout < 0)
+ result = CURLE_OPERATION_TIMEDOUT;
}
+ if(result)
+ /* failure, so we cancel the ares operation */
+ ares_cancel((ares_channel)data->state.resolver);
/* Operation complete, if the lookup was successful we now have the entry
in the cache. */
diff --git a/lib/asyn-thread.c b/lib/asyn-thread.c
index 7cce01aac..8936b6033 100644
--- a/lib/asyn-thread.c
+++ b/lib/asyn-thread.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,6 +22,11 @@
#include "curl_setup.h"
+/***********************************************************************
+ * Only for threaded name resolves builds
+ **********************************************************************/
+#ifdef CURLRES_THREADED
+
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
@@ -74,11 +79,6 @@
#include "curl_memory.h"
#include "memdebug.h"
-/***********************************************************************
- * Only for threaded name resolves builds
- **********************************************************************/
-#ifdef CURLRES_THREADED
-
/*
* Curl_resolver_global_init()
* Called from curl_global_init() to initialize global resolver environment.
@@ -155,8 +155,8 @@ struct thread_sync_data {
curl_mutex_t * mtx;
int done;
- char * hostname; /* hostname to resolve, Curl_async.hostname
- duplicate */
+ char *hostname; /* hostname to resolve, Curl_async.hostname
+ duplicate */
int port;
int sock_error;
Curl_addrinfo *res;
@@ -169,7 +169,7 @@ struct thread_sync_data {
struct thread_data {
curl_thread_t thread_hnd;
unsigned int poll_interval;
- long interval_end;
+ time_t interval_end;
struct thread_sync_data tsd;
};
@@ -200,7 +200,7 @@ void destroy_thread_sync_data(struct thread_sync_data * tsd)
/* Initialize resolver thread synchronization data */
static
int init_thread_sync_data(struct thread_data * td,
- const char * hostname,
+ const char *hostname,
int port,
const struct addrinfo *hints)
{
@@ -263,7 +263,7 @@ static int getaddrinfo_complete(struct connectdata *conn)
* For builds without ARES, but with ENABLE_IPV6, create a resolver thread
* and wait on it.
*/
-static unsigned int CURL_STDCALL getaddrinfo_thread (void *arg)
+static unsigned int CURL_STDCALL getaddrinfo_thread(void *arg)
{
struct thread_sync_data *tsd = (struct thread_sync_data*)arg;
struct thread_data *td = tsd->td;
@@ -303,7 +303,7 @@ static unsigned int CURL_STDCALL getaddrinfo_thread (void
*arg)
/*
* gethostbyname_thread() resolves a name and then exits.
*/
-static unsigned int CURL_STDCALL gethostbyname_thread (void *arg)
+static unsigned int CURL_STDCALL gethostbyname_thread(void *arg)
{
struct thread_sync_data *tsd = (struct thread_sync_data *)arg;
struct thread_data *td = tsd->td;
@@ -336,7 +336,7 @@ static unsigned int CURL_STDCALL gethostbyname_thread (void
*arg)
/*
* destroy_async_data() cleans up async resolver data and thread handle.
*/
-static void destroy_async_data (struct Curl_async *async)
+static void destroy_async_data(struct Curl_async *async)
{
if(async->os_specific) {
struct thread_data *td = (struct thread_data*) async->os_specific;
@@ -375,14 +375,14 @@ static void destroy_async_data (struct Curl_async *async)
*
* Returns FALSE in case of failure, otherwise TRUE.
*/
-static bool init_resolve_thread (struct connectdata *conn,
- const char *hostname, int port,
- const struct addrinfo *hints)
+static bool init_resolve_thread(struct connectdata *conn,
+ const char *hostname, int port,
+ const struct addrinfo *hints)
{
struct thread_data *td = calloc(1, sizeof(struct thread_data));
int err = RESOLVER_ENOMEM;
- conn->async.os_specific = (void*) td;
+ conn->async.os_specific = (void *)td;
if(!td)
goto err_exit;
@@ -407,9 +407,7 @@ static bool init_resolve_thread (struct connectdata *conn,
#endif
if(!td->thread_hnd) {
-#ifndef _WIN32_WCE
err = errno;
-#endif
goto err_exit;
}
@@ -418,8 +416,7 @@ static bool init_resolve_thread (struct connectdata *conn,
err_exit:
destroy_async_data(&conn->async);
- SET_ERRNO(err);
-
+ errno = err;
return FALSE;
}
@@ -525,7 +522,7 @@ CURLcode Curl_resolver_is_resolved(struct connectdata *conn,
}
else {
/* poll for name lookup done with exponential backoff up to 250ms */
- long elapsed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
+ time_t elapsed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
if(elapsed < 0)
elapsed = 0;
@@ -540,7 +537,7 @@ CURLcode Curl_resolver_is_resolved(struct connectdata *conn,
td->poll_interval = 250;
td->interval_end = elapsed + td->poll_interval;
- Curl_expire(conn->data, td->poll_interval);
+ Curl_expire(conn->data, td->poll_interval, EXPIRE_ASYNC_NAME);
}
return CURLE_OK;
@@ -594,28 +591,29 @@ Curl_addrinfo *Curl_resolver_getaddrinfo(struct
connectdata *conn,
int *waitp)
{
struct addrinfo hints;
- struct in_addr in;
Curl_addrinfo *res;
int error;
char sbuf[12];
int pf = PF_INET;
-#ifdef CURLRES_IPV6
- struct in6_addr in6;
-#endif /* CURLRES_IPV6 */
*waitp = 0; /* default to synchronous response */
#ifndef USE_RESOLVE_ON_IPS
- /* First check if this is an IPv4 address string */
- if(Curl_inet_pton(AF_INET, hostname, &in) > 0)
- /* This is a dotted IP address 123.123.123.123-style */
- return Curl_ip2addr(AF_INET, &in, hostname, port);
-
+ {
+ struct in_addr in;
+ /* First check if this is an IPv4 address string */
+ if(Curl_inet_pton(AF_INET, hostname, &in) > 0)
+ /* This is a dotted IP address 123.123.123.123-style */
+ return Curl_ip2addr(AF_INET, &in, hostname, port);
+ }
#ifdef CURLRES_IPV6
- /* check if this is an IPv6 address string */
- if(Curl_inet_pton(AF_INET6, hostname, &in6) > 0)
- /* This is an IPv6 address literal */
- return Curl_ip2addr(AF_INET6, &in6, hostname, port);
+ {
+ struct in6_addr in6;
+ /* check if this is an IPv6 address string */
+ if(Curl_inet_pton(AF_INET6, hostname, &in6) > 0)
+ /* This is an IPv6 address literal */
+ return Curl_ip2addr(AF_INET6, &in6, hostname, port);
+ }
#endif /* CURLRES_IPV6 */
#endif /* !USE_RESOLVE_ON_IPS */
@@ -654,7 +652,7 @@ Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata
*conn,
/* fall-back to blocking version */
infof(conn->data, "init_resolve_thread() failed for %s; %s\n",
- hostname, Curl_strerror(conn, ERRNO));
+ hostname, Curl_strerror(conn, errno));
error = Curl_getaddrinfo_ex(hostname, sbuf, &hints, &res);
if(error) {
diff --git a/lib/base64.c b/lib/base64.c
index ad254595f..204a2273d 100644
--- a/lib/base64.c
+++ b/lib/base64.c
@@ -190,6 +190,11 @@ static CURLcode base64_encode(const char *table64,
if(!insize)
insize = strlen(indata);
+#if SIZEOF_SIZE_T == 4
+ if(insize > UINT_MAX/4)
+ return CURLE_OUT_OF_MEMORY;
+#endif
+
base64data = output = malloc(insize * 4 / 3 + 4);
if(!output)
return CURLE_OUT_OF_MEMORY;
diff --git a/lib/checksrc.pl b/lib/checksrc.pl
index 83c38b239..2eff3e0cf 100755
--- a/lib/checksrc.pl
+++ b/lib/checksrc.pl
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 2011 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 2011 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -55,7 +55,10 @@ my %warnings = (
'COPYRIGHT' => 'file missing a copyright statement',
'BADCOMMAND' => 'bad !checksrc! instruction',
'UNUSEDIGNORE' => 'a warning ignore was not used',
- 'OPENCOMMENT' => 'file ended with a /* comment still "open"'
+ 'OPENCOMMENT' => 'file ended with a /* comment still "open"',
+ 'ASTERISKSPACE' => 'pointer declared with space after asterisk',
+ 'ASTERISKNOSPACE' => 'pointer declared without space before asterisk',
+ 'ASSIGNWITHINCONDITION' => 'assignment within conditional expression'
);
sub readwhitelist {
@@ -241,6 +244,12 @@ sub checksrc {
}
}
+sub nostrings {
+ my ($str) = @_;
+ $str =~ s/\".*\"//g;
+ return $str;
+}
+
sub scanfile {
my ($file) = @_;
@@ -327,17 +336,35 @@ sub scanfile {
$line, length($1), $file, $l, "\/\/ comment");
}
- # check spaces after for/if/while
- if($l =~ /^(.*)(for|if|while) \(/) {
+ my $nostr = nostrings($l);
+ # check spaces after for/if/while/function call
+ if($nostr =~ /^(.*)(for|if|while| ([a-zA-Z0-9_]+)) \((.)/) {
if($1 =~ / *\#/) {
# this is a #if, treat it differently
}
+ elsif($3 eq "return") {
+ # return must have a space
+ }
+ elsif($4 eq "*") {
+ # (* beginning makes the space OK!
+ }
+ elsif($1 =~ / *typedef/) {
+ # typedefs can use space-paren
+ }
else {
checkwarn("SPACEBEFOREPAREN", $line, length($1)+length($2),
$file, $l,
"$2 with space");
}
}
+ if($nostr =~ /^((.*)(if) *\()(.*)\)/) {
+ my $pos = length($1);
+ if($4 =~ / = /) {
+ checkwarn("ASSIGNWITHINCONDITION",
+ $line, $pos+1, $file, $l,
+ "assignment within conditional expression");
+ }
+ }
# check spaces after open parentheses
if($l =~ /^(.*[a-z])\( /i) {
checkwarn("SPACEAFTERPAREN",
@@ -471,6 +498,31 @@ sub scanfile {
}
}
+ # check for 'char * name'
+ if(($l =~
/(^.*(char|int|long|void|curl_slist|CURL|CURLM|CURLMsg|curl_httppost) *(\*+))
(\w+)/) && ($4 ne "const")) {
+ checkwarn("ASTERISKNOSPACE",
+ $line, length($1), $file, $ol,
+ "no space after declarative asterisk");
+ }
+ # check for 'char*'
+ if(($l =~
/(^.*(char|int|long|void|curl_slist|CURL|CURLM|CURLMsg|curl_httppost|sockaddr_in|FILE)\*)/))
{
+ checkwarn("ASTERISKNOSPACE",
+ $line, length($1)-1, $file, $ol,
+ "no space before asterisk");
+ }
+
+ # check for 'void func() {', but avoid false positives by requiring
+ # both an open and closed parentheses before the open brace
+ if($l =~ /^((\w).*)\{\z/) {
+ my $k = $1;
+ $k =~ s/const *//;
+ $k =~ s/static *//;
+ if($k =~ /\(.*\)/) {
+ checkwarn("BRACEPOS",
+ $line, length($l)-1, $file, $ol,
+ "wrongly placed open brace");
+ }
+ }
$line++;
$prevl = $ol;
}
diff --git a/lib/config-amigaos.h b/lib/config-amigaos.h
index 74f5f5278..31cfc3afc 100644
--- a/lib/config-amigaos.h
+++ b/lib/config-amigaos.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -98,7 +98,7 @@
#define OS "AmigaOS"
#define PACKAGE "curl"
-#define PACKAGE_BUGREPORT "address@hidden"
+#define PACKAGE_BUGREPORT "a suitable mailing list: https://curl.haxx.se/mail/";
#define PACKAGE_NAME "curl"
#define PACKAGE_STRING "curl -"
#define PACKAGE_TARNAME "curl"
diff --git a/lib/config-symbian.h b/lib/config-symbian.h
index 2603a46b4..92983d242 100644
--- a/lib/config-symbian.h
+++ b/lib/config-symbian.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -676,7 +676,7 @@
/*#define RANDOM_FILE "/dev/urandom"*/
#define RECV_TYPE_ARG1 int
-#define RECV_TYPE_ARG2 void*
+#define RECV_TYPE_ARG2 void *
#define RECV_TYPE_ARG3 size_t
#define RECV_TYPE_ARG4 int
#define RECV_TYPE_RETV ssize_t
@@ -692,7 +692,7 @@
#define SEND_TYPE_ARG1 int
#define SEND_QUAL_ARG2 const
-#define SEND_TYPE_ARG2 void*
+#define SEND_TYPE_ARG2 void *
#define SEND_TYPE_ARG3 size_t
#define SEND_TYPE_ARG4 int
#define SEND_TYPE_RETV ssize_t
diff --git a/lib/config-win32.h b/lib/config-win32.h
index af7bb1fb0..4cac859cd 100644
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -493,7 +493,7 @@
#define _CRT_NONSTDC_NO_DEPRECATE 1
#endif
-/* VS2005 and later dafault size for time_t is 64-bit, unless
+/* VS2005 and later default size for time_t is 64-bit, unless
_USE_32BIT_TIME_T has been defined to get a 32-bit time_t. */
#if defined(_MSC_VER) && (_MSC_VER >= 1400)
# ifndef _USE_32BIT_TIME_T
@@ -514,7 +514,7 @@
# define VS2008_MIN_TARGET 0x0500
/* The minimum build target for VS2012 is Vista unless Update 1 is installed
- and the v110_xp toolset is choosen. */
+ and the v110_xp toolset is chosen. */
# if defined(_USING_V110_SDK71_)
# define VS2012_MIN_TARGET 0x0501
# else
@@ -526,7 +526,7 @@
# define VS2008_DEF_TARGET 0x0501
/* VS2012 default build target is Windows Vista unless Update 1 is installed
- and the v110_xp toolset is choosen. */
+ and the v110_xp toolset is chosen. */
# if defined(_USING_V110_SDK71_)
# define VS2012_DEF_TARGET 0x0501
# else
diff --git a/lib/config-win32ce.h b/lib/config-win32ce.h
index 383948576..eb444c585 100644
--- a/lib/config-win32ce.h
+++ b/lib/config-win32ce.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -379,7 +379,7 @@
#define _CRT_NONSTDC_NO_DEPRECATE 1
#endif
-/* VS2005 and later dafault size for time_t is 64-bit, unless */
+/* VS2005 and later default size for time_t is 64-bit, unless */
/* _USE_32BIT_TIME_T has been defined to get a 32-bit time_t. */
#if defined(_MSC_VER) && (_MSC_VER >= 1400)
# ifndef _USE_32BIT_TIME_T
diff --git a/lib/conncache.c b/lib/conncache.c
index 32a70303e..ad5ac41a8 100644
--- a/lib/conncache.c
+++ b/lib/conncache.c
@@ -5,8 +5,8 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2012, 2016, Linus Nielsen Feltzing, <address@hidden>
- * Copyright (C) 2012 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2012 - 2016, Linus Nielsen Feltzing, <address@hidden>
+ * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,14 +23,13 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "url.h"
#include "progress.h"
#include "multiif.h"
#include "sendf.h"
-#include "rawstr.h"
#include "conncache.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@@ -57,11 +56,7 @@ static CURLcode bundle_create(struct Curl_easy *data,
(*cb_ptr)->num_connections = 0;
(*cb_ptr)->multiuse = BUNDLE_UNKNOWN;
- (*cb_ptr)->conn_list = Curl_llist_alloc((curl_llist_dtor) conn_llist_dtor);
- if(!(*cb_ptr)->conn_list) {
- Curl_safefree(*cb_ptr);
- return CURLE_OUT_OF_MEMORY;
- }
+ Curl_llist_init(&(*cb_ptr)->conn_list, (curl_llist_dtor) conn_llist_dtor);
return CURLE_OK;
}
@@ -70,22 +65,18 @@ static void bundle_destroy(struct connectbundle *cb_ptr)
if(!cb_ptr)
return;
- if(cb_ptr->conn_list) {
- Curl_llist_destroy(cb_ptr->conn_list, NULL);
- cb_ptr->conn_list = NULL;
- }
+ Curl_llist_destroy(&cb_ptr->conn_list, NULL);
+
free(cb_ptr);
}
/* Add a connection to a bundle */
static CURLcode bundle_add_conn(struct connectbundle *cb_ptr,
- struct connectdata *conn)
+ struct connectdata *conn)
{
- if(!Curl_llist_insert_next(cb_ptr->conn_list, cb_ptr->conn_list->tail, conn))
- return CURLE_OUT_OF_MEMORY;
-
+ Curl_llist_insert_next(&cb_ptr->conn_list, cb_ptr->conn_list.tail, conn,
+ &conn->bundle_node);
conn->bundle = cb_ptr;
-
cb_ptr->num_connections++;
return CURLE_OK;
}
@@ -96,10 +87,10 @@ static int bundle_remove_conn(struct connectbundle *cb_ptr,
{
struct curl_llist_element *curr;
- curr = cb_ptr->conn_list->head;
+ curr = cb_ptr->conn_list.head;
while(curr) {
if(curr->ptr == conn) {
- Curl_llist_remove(cb_ptr->conn_list, curr, NULL);
+ Curl_llist_remove(&cb_ptr->conn_list, curr, NULL);
cb_ptr->num_connections--;
conn->bundle = NULL;
return 1; /* we removed a handle */
@@ -128,19 +119,25 @@ void Curl_conncache_destroy(struct conncache *connc)
Curl_hash_destroy(&connc->hash);
}
-/* returns an allocated key to find a bundle for this connection */
-static char *hashkey(struct connectdata *conn)
+/* creates a key to find a bundle for this connection */
+static void hashkey(struct connectdata *conn, char *buf,
+ size_t len) /* something like 128 is fine */
{
const char *hostname;
- if(conn->bits.proxy)
- hostname = conn->proxy.name;
+ if(conn->bits.socksproxy)
+ hostname = conn->socks_proxy.host.name;
+ else if(conn->bits.httpproxy)
+ hostname = conn->http_proxy.host.name;
else if(conn->bits.conn_to_host)
hostname = conn->conn_to_host.name;
else
hostname = conn->host.name;
- return aprintf("%s:%d", hostname, conn->port);
+ DEBUGASSERT(len > 32);
+
+ /* put the number first so that the hostname gets cut off if too long */
+ snprintf(buf, len, "%ld%s", conn->port, hostname);
}
/* Look up the bundle with all the connections to the same host this
@@ -150,11 +147,9 @@ struct connectbundle *Curl_conncache_find_bundle(struct
connectdata *conn,
{
struct connectbundle *bundle = NULL;
if(connc) {
- char *key = hashkey(conn);
- if(key) {
- bundle = Curl_hash_pick(&connc->hash, key, strlen(key));
- free(key);
- }
+ char key[128];
+ hashkey(conn, key, sizeof(key));
+ bundle = Curl_hash_pick(&connc->hash, key, strlen(key));
}
return bundle;
@@ -203,21 +198,16 @@ CURLcode Curl_conncache_add_conn(struct conncache *connc,
bundle = Curl_conncache_find_bundle(conn, data->state.conn_cache);
if(!bundle) {
- char *key;
int rc;
+ char key[128];
result = bundle_create(data, &new_bundle);
if(result)
return result;
- key = hashkey(conn);
- if(!key) {
- bundle_destroy(new_bundle);
- return CURLE_OUT_OF_MEMORY;
- }
-
+ hashkey(conn, key, sizeof(key));
rc = conncache_add_bundle(data->state.conn_cache, key, new_bundle);
- free(key);
+
if(!rc) {
bundle_destroy(new_bundle);
return CURLE_OUT_OF_MEMORY;
@@ -291,7 +281,7 @@ void Curl_conncache_foreach(struct conncache *connc,
bundle = he->ptr;
he = Curl_hash_next_element(&iter);
- curr = bundle->conn_list->head;
+ curr = bundle->conn_list.head;
while(curr) {
/* Yes, we need to update curr before calling func(), because func()
might decide to remove the connection */
@@ -320,7 +310,7 @@ Curl_conncache_find_first_connection(struct conncache
*connc)
struct curl_llist_element *curr;
bundle = he->ptr;
- curr = bundle->conn_list->head;
+ curr = bundle->conn_list.head;
if(curr) {
return curr->ptr;
}
diff --git a/lib/conncache.h b/lib/conncache.h
index b1dadf990..14be4e8e7 100644
--- a/lib/conncache.h
+++ b/lib/conncache.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2015 - 2017, Daniel Stenberg, <address@hidden>, et al.
* Copyright (C) 2012 - 2014, Linus Nielsen Feltzing, <address@hidden>
*
* This software is licensed as described in the file COPYING, which
@@ -27,7 +27,7 @@ struct conncache {
struct curl_hash hash;
size_t num_connections;
long next_connection_id;
- struct timeval last_cleanup;
+ struct curltime last_cleanup;
};
#define BUNDLE_NO_MULTIUSE -1
@@ -38,7 +38,7 @@ struct conncache {
struct connectbundle {
int multiuse; /* supports multi-use */
size_t num_connections; /* Number of connections in the bundle */
- struct curl_llist *conn_list; /* The connectdata members of the bundle */
+ struct curl_llist conn_list; /* The connectdata members of the bundle */
};
int Curl_conncache_init(struct conncache *, int size);
diff --git a/lib/connect.c b/lib/connect.c
index 3225d70cf..8d5d32ba6 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -130,9 +130,6 @@ tcpkeepalive(struct Curl_easy *data,
infof(data, "Failed to set SIO_KEEPALIVE_VALS on fd %d: %d\n",
(int)sockfd, WSAGetLastError());
}
-#elif defined(CURL_WINDOWS_APP)
- (void)majorVersion;
- detectOsState = DETECT_OS_VISTA_OR_LATER;
#else
#ifdef TCP_KEEPIDLE
optval = curlx_sltosi(data->set.tcp_keepidle);
@@ -182,13 +179,13 @@ singleipconnect(struct connectdata *conn,
*
* @unittest: 1303
*/
-long Curl_timeleft(struct Curl_easy *data,
- struct timeval *nowp,
- bool duringconnect)
+time_t Curl_timeleft(struct Curl_easy *data,
+ struct curltime *nowp,
+ bool duringconnect)
{
int timeout_set = 0;
- long timeout_ms = duringconnect?DEFAULT_CONNECT_TIMEOUT:0;
- struct timeval now;
+ time_t timeout_ms = duringconnect?DEFAULT_CONNECT_TIMEOUT:0;
+ struct curltime now;
/* if a timeout is set, use the most restrictive one */
@@ -197,7 +194,7 @@ long Curl_timeleft(struct Curl_easy *data,
if(duringconnect && (data->set.connecttimeout > 0))
timeout_set |= 2;
- switch (timeout_set) {
+ switch(timeout_set) {
case 1:
timeout_ms = data->set.timeout;
break;
@@ -604,26 +601,29 @@ void Curl_persistconninfo(struct connectdata *conn)
{
memcpy(conn->data->info.conn_primary_ip, conn->primary_ip, MAX_IPADR_LEN);
memcpy(conn->data->info.conn_local_ip, conn->local_ip, MAX_IPADR_LEN);
+ conn->data->info.conn_scheme = conn->handler->scheme;
+ conn->data->info.conn_protocol = conn->handler->protocol;
conn->data->info.conn_primary_port = conn->primary_port;
conn->data->info.conn_local_port = conn->local_port;
}
-/* retrieves ip address and port from a sockaddr structure */
-static bool getaddressinfo(struct sockaddr* sa, char* addr,
- long* port)
+/* retrieves ip address and port from a sockaddr structure.
+ note it calls Curl_inet_ntop which sets errno on fail, not SOCKERRNO. */
+static bool getaddressinfo(struct sockaddr *sa, char *addr,
+ long *port)
{
unsigned short us_port;
- struct sockaddr_in* si = NULL;
+ struct sockaddr_in *si = NULL;
#ifdef ENABLE_IPV6
- struct sockaddr_in6* si6 = NULL;
+ struct sockaddr_in6 *si6 = NULL;
#endif
#if defined(HAVE_SYS_UN_H) && defined(AF_UNIX)
- struct sockaddr_un* su = NULL;
+ struct sockaddr_un *su = NULL;
#endif
- switch (sa->sa_family) {
+ switch(sa->sa_family) {
case AF_INET:
- si = (struct sockaddr_in*)(void*) sa;
+ si = (struct sockaddr_in *)(void *) sa;
if(Curl_inet_ntop(sa->sa_family, &si->sin_addr,
addr, MAX_IPADR_LEN)) {
us_port = ntohs(si->sin_port);
@@ -633,7 +633,7 @@ static bool getaddressinfo(struct sockaddr* sa, char* addr,
break;
#ifdef ENABLE_IPV6
case AF_INET6:
- si6 = (struct sockaddr_in6*)(void*) sa;
+ si6 = (struct sockaddr_in6 *)(void *) sa;
if(Curl_inet_ntop(sa->sa_family, &si6->sin6_addr,
addr, MAX_IPADR_LEN)) {
us_port = ntohs(si6->sin6_port);
@@ -655,7 +655,7 @@ static bool getaddressinfo(struct sockaddr* sa, char* addr,
addr[0] = '\0';
*port = 0;
-
+ errno = EAFNOSUPPORT;
return FALSE;
}
@@ -673,11 +673,9 @@ void Curl_updateconninfo(struct connectdata *conn,
curl_socket_t sockfd)
return;
if(!conn->bits.reuse && !conn->bits.tcp_fastopen) {
- int error;
-
len = sizeof(struct Curl_sockaddr_storage);
if(getpeername(sockfd, (struct sockaddr*) &ssrem, &len)) {
- error = SOCKERRNO;
+ int error = SOCKERRNO;
failf(data, "getpeername() failed with errno %d: %s",
error, Curl_strerror(conn, error));
return;
@@ -686,7 +684,7 @@ void Curl_updateconninfo(struct connectdata *conn,
curl_socket_t sockfd)
len = sizeof(struct Curl_sockaddr_storage);
memset(&ssloc, 0, sizeof(ssloc));
if(getsockname(sockfd, (struct sockaddr*) &ssloc, &len)) {
- error = SOCKERRNO;
+ int error = SOCKERRNO;
failf(data, "getsockname() failed with errno %d: %s",
error, Curl_strerror(conn, error));
return;
@@ -694,18 +692,16 @@ void Curl_updateconninfo(struct connectdata *conn,
curl_socket_t sockfd)
if(!getaddressinfo((struct sockaddr*)&ssrem,
conn->primary_ip, &conn->primary_port)) {
- error = ERRNO;
failf(data, "ssrem inet_ntop() failed with errno %d: %s",
- error, Curl_strerror(conn, error));
+ errno, Curl_strerror(conn, errno));
return;
}
memcpy(conn->ip_addr_str, conn->primary_ip, MAX_IPADR_LEN);
if(!getaddressinfo((struct sockaddr*)&ssloc,
conn->local_ip, &conn->local_port)) {
- error = ERRNO;
failf(data, "ssloc inet_ntop() failed with errno %d: %s",
- error, Curl_strerror(conn, error));
+ errno, Curl_strerror(conn, errno));
return;
}
@@ -725,9 +721,9 @@ CURLcode Curl_is_connected(struct connectdata *conn,
{
struct Curl_easy *data = conn->data;
CURLcode result = CURLE_OK;
- long allow;
+ time_t allow;
int error = 0;
- struct timeval now;
+ struct curltime now;
int rc;
int i;
@@ -765,7 +761,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
#endif
/* check socket for connect */
- rc = Curl_socket_ready(CURL_SOCKET_BAD, conn->tempsock[i], 0);
+ rc = SOCKET_WRITABLE(conn->tempsock[i], 0);
if(rc == 0) { /* no connection yet */
error = 0;
@@ -811,8 +807,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
return CURLE_OK;
}
- else
- infof(data, "Connection failed\n");
+ infof(data, "Connection failed\n");
}
else if(rc & CURL_CSELECT_ERR)
(void)verifyconnect(conn->tempsock[i], &error);
@@ -846,7 +841,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
if(result) {
/* no more addresses to try */
- const char* hostname;
+ const char *hostname;
/* if the first address family runs out of addresses to try before
the happy eyeball timeout, go ahead and try the next family now */
@@ -856,8 +851,10 @@ CURLcode Curl_is_connected(struct connectdata *conn,
return result;
}
- if(conn->bits.proxy)
- hostname = conn->proxy.name;
+ if(conn->bits.socksproxy)
+ hostname = conn->socks_proxy.host.name;
+ else if(conn->bits.httpproxy)
+ hostname = conn->http_proxy.host.name;
else if(conn->bits.conn_to_host)
hostname = conn->conn_to_host.name;
else
@@ -879,19 +876,6 @@ void Curl_tcpnodelay(struct connectdata *conn,
curl_socket_t sockfd)
curl_socklen_t onoff = (curl_socklen_t) 1;
int level = IPPROTO_TCP;
-#if 0
- /* The use of getprotobyname() is disabled since it isn't thread-safe on
- numerous systems. On these getprotobyname_r() should be used instead, but
- that exists in at least one 4 arg version and one 5 arg version, and
- since the proto number rarely changes anyway we now just use the hard
- coded number. The "proper" fix would need a configure check for the
- correct function much in the same style the gethostbyname_r versions are
- detected. */
- struct protoent *pe = getprotobyname("tcp");
- if(pe)
- level = pe->p_proto;
-#endif
-
#if defined(CURL_DISABLE_VERBOSE_STRINGS)
(void) conn;
#endif
@@ -1008,9 +992,8 @@ static CURLcode singleipconnect(struct connectdata *conn,
if(!getaddressinfo((struct sockaddr*)&addr.sa_addr,
ipaddress, &port)) {
/* malformed address or bug in inet_ntop, try next address */
- error = ERRNO;
failf(data, "sa_addr inet_ntop() failed with errno %d: %s",
- error, Curl_strerror(conn, error));
+ errno, Curl_strerror(conn, errno));
Curl_closesocket(conn, sockfd);
return CURLE_OK;
}
@@ -1070,7 +1053,7 @@ static CURLcode singleipconnect(struct connectdata *conn,
conn->connecttime = Curl_tvnow();
if(conn->num_addr > 1)
- Curl_expire_latest(data, conn->timeoutms_per_addr);
+ Curl_expire(data, conn->timeoutms_per_addr, EXPIRE_DNS_PER_NAME);
/* Connect TCP sockets, bind UDP */
if(!isconnected && (conn->socktype == SOCK_STREAM)) {
@@ -1153,10 +1136,10 @@ CURLcode Curl_connecthost(struct connectdata *conn, /*
context */
const struct Curl_dns_entry *remotehost)
{
struct Curl_easy *data = conn->data;
- struct timeval before = Curl_tvnow();
+ struct curltime before = Curl_tvnow();
CURLcode result = CURLE_COULDNT_CONNECT;
- long timeout_ms = Curl_timeleft(data, &before, TRUE);
+ time_t timeout_ms = Curl_timeleft(data, &before, TRUE);
if(timeout_ms < 0) {
/* a precaution, no need to continue if time already is up */
@@ -1169,7 +1152,7 @@ CURLcode Curl_connecthost(struct connectdata *conn, /*
context */
conn->tempaddr[1] = NULL;
conn->tempsock[0] = CURL_SOCKET_BAD;
conn->tempsock[1] = CURL_SOCKET_BAD;
- Curl_expire(conn->data, HAPPY_EYEBALLS_TIMEOUT);
+ Curl_expire(conn->data, HAPPY_EYEBALLS_TIMEOUT, EXPIRE_HAPPY_EYEBALLS);
/* Max time for the next connection attempt */
conn->timeoutms_per_addr =
@@ -1246,24 +1229,6 @@ curl_socket_t Curl_getconnectinfo(struct Curl_easy *data,
/* only store this if the caller cares for it */
*connp = c;
sockfd = c->sock[FIRSTSOCKET];
- /* we have a socket connected, let's determine if the server shut down */
- /* determine if ssl */
- if(c->ssl[FIRSTSOCKET].use) {
- /* use the SSL context */
- if(!Curl_ssl_check_cxn(c))
- return CURL_SOCKET_BAD; /* FIN received */
- }
-/* Minix 3.1 doesn't support any flags on recv; just assume socket is OK */
-#ifdef MSG_PEEK
- else if(sockfd != CURL_SOCKET_BAD) {
- /* use the socket */
- char buf;
- if(recv((RECV_TYPE_ARG1)sockfd, (RECV_TYPE_ARG2)&buf,
- (RECV_TYPE_ARG3)1, (RECV_TYPE_ARG4)MSG_PEEK) == 0) {
- return CURL_SOCKET_BAD; /* FIN received */
- }
- }
-#endif
}
else
return CURL_SOCKET_BAD;
@@ -1272,6 +1237,33 @@ curl_socket_t Curl_getconnectinfo(struct Curl_easy *data,
}
/*
+ * Check if a connection seems to be alive.
+ */
+bool Curl_connalive(struct connectdata *conn)
+{
+ /* First determine if ssl */
+ if(conn->ssl[FIRSTSOCKET].use) {
+ /* use the SSL context */
+ if(!Curl_ssl_check_cxn(conn))
+ return false; /* FIN received */
+ }
+/* Minix 3.1 doesn't support any flags on recv; just assume socket is OK */
+#ifdef MSG_PEEK
+ else if(conn->sock[FIRSTSOCKET] == CURL_SOCKET_BAD)
+ return false;
+ else {
+ /* use the socket */
+ char buf;
+ if(recv((RECV_TYPE_ARG1)conn->sock[FIRSTSOCKET], (RECV_TYPE_ARG2)&buf,
+ (RECV_TYPE_ARG3)1, (RECV_TYPE_ARG4)MSG_PEEK) == 0) {
+ return false; /* FIN received */
+ }
+ }
+#endif
+ return true;
+}
+
+/*
* Close a socket.
*
* 'conn' can be NULL, beware!
@@ -1376,7 +1368,7 @@ CURLcode Curl_socket(struct connectdata *conn,
*/
void Curl_conncontrol(struct connectdata *conn,
int ctrl /* see defines in header */
-#ifdef DEBUGBUILD
+#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
, const char *reason
#endif
)
@@ -1394,3 +1386,16 @@ void Curl_conncontrol(struct connectdata *conn,
should assign this bit */
}
}
+
+/* Data received can be cached at various levels, so check them all here. */
+bool Curl_conn_data_pending(struct connectdata *conn, int sockindex)
+{
+ int readable;
+
+ if(Curl_ssl_data_pending(conn, sockindex) ||
+ Curl_recv_has_postponed_data(conn, sockindex))
+ return true;
+
+ readable = SOCKET_READABLE(conn->sock[sockindex], 0);
+ return (readable > 0 && (readable & CURL_CSELECT_IN));
+}
diff --git a/lib/connect.h b/lib/connect.h
index a7cbc9bc2..3f05c3978 100644
--- a/lib/connect.h
+++ b/lib/connect.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -35,9 +35,9 @@ CURLcode Curl_connecthost(struct connectdata *conn,
/* generic function that returns how much time there's left to run, according
to the timeouts set */
-long Curl_timeleft(struct Curl_easy *data,
- struct timeval *nowp,
- bool duringconnect);
+time_t Curl_timeleft(struct Curl_easy *data,
+ struct curltime *nowp,
+ bool duringconnect);
#define DEFAULT_CONNECT_TIMEOUT 300000 /* milliseconds == five minutes */
#define HAPPY_EYEBALLS_TIMEOUT 200 /* milliseconds to wait between
@@ -52,6 +52,11 @@ long Curl_timeleft(struct Curl_easy *data,
curl_socket_t Curl_getconnectinfo(struct Curl_easy *data,
struct connectdata **connp);
+/*
+ * Check if a connection seems to be alive.
+ */
+bool Curl_connalive(struct connectdata *conn);
+
#ifdef USE_WINSOCK
/* When you run a program that uses the Windows Sockets API, you may
experience slow performance when you copy data to a TCP server.
@@ -122,19 +127,21 @@ void Curl_tcpnodelay(struct connectdata *conn,
curl_socket_t sockfd);
void Curl_conncontrol(struct connectdata *conn,
int closeit
-#ifdef DEBUGBUILD
+#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
, const char *reason
#endif
);
-#ifdef DEBUGBUILD
+#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
#define streamclose(x,y) Curl_conncontrol(x, CONNCTRL_STREAM, y)
#define connclose(x,y) Curl_conncontrol(x, CONNCTRL_CONNECTION, y)
#define connkeep(x,y) Curl_conncontrol(x, CONNCTRL_KEEP, y)
-#else /* if !CURLDEBUG */
+#else /* if !DEBUGBUILD || CURL_DISABLE_VERBOSE_STRINGS */
#define streamclose(x,y) Curl_conncontrol(x, CONNCTRL_STREAM)
#define connclose(x,y) Curl_conncontrol(x, CONNCTRL_CONNECTION)
#define connkeep(x,y) Curl_conncontrol(x, CONNCTRL_KEEP)
#endif
+bool Curl_conn_data_pending(struct connectdata *conn, int sockindex);
+
#endif /* HEADER_CURL_CONNECT_H */
diff --git a/lib/content_encoding.c b/lib/content_encoding.c
index fa36aca4c..cfec87c57 100644
--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -25,11 +25,11 @@
#ifdef HAVE_LIBZ
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "sendf.h"
#include "content_encoding.h"
+#include "strdup.h"
#include "curl_memory.h"
-
#include "memdebug.h"
/* Comment this out if zlib is always going to be at least ver. 1.2.0.4
@@ -69,11 +69,11 @@ process_zlib_error(struct connectdata *conn, z_stream *z)
{
struct Curl_easy *data = conn->data;
if(z->msg)
- failf (data, "Error while processing content unencoding: %s",
- z->msg);
+ failf(data, "Error while processing content unencoding: %s",
+ z->msg);
else
- failf (data, "Error while processing content unencoding: "
- "Unknown failure within decompression software.");
+ failf(data, "Error while processing content unencoding: "
+ "Unknown failure within decompression software.");
return CURLE_BAD_CONTENT_ENCODING;
}
@@ -130,8 +130,7 @@ inflate_stream(struct connectdata *conn,
free(decomp);
if(inflateEnd(z) == Z_OK)
return exit_zlib(z, &k->zlib_init, result);
- else
- return exit_zlib(z, &k->zlib_init, process_zlib_error(conn, z));
+ return exit_zlib(z, &k->zlib_init, process_zlib_error(conn, z));
}
/* Done with these bytes, exit */
@@ -314,7 +313,7 @@ Curl_unencode_gzip_write(struct connectdata *conn,
#ifndef OLD_ZLIB_SUPPORT
/* Support for old zlib versions is compiled away and we are running with
an old version, so return an error. */
- return exit_zlib(z, &k->zlib_init, CURLE_FUNCTION_NOT_FOUND);
+ return exit_zlib(z, &k->zlib_init, CURLE_WRITE_ERROR);
#else
/* This next mess is to get around the potential case where there isn't
@@ -327,14 +326,14 @@ Curl_unencode_gzip_write(struct connectdata *conn,
* can handle the gzip header themselves.
*/
- switch (k->zlib_init) {
+ switch(k->zlib_init) {
/* Skip over gzip header? */
case ZLIB_INIT:
{
/* Initial call state */
ssize_t hlen;
- switch (check_gzip_header((unsigned char *)k->str, nread, &hlen)) {
+ switch(check_gzip_header((unsigned char *)k->str, nread, &hlen)) {
case GZIP_OK:
z->next_in = (Bytef *)k->str + hlen;
z->avail_in = (uInt)(nread - hlen);
@@ -371,18 +370,15 @@ Curl_unencode_gzip_write(struct connectdata *conn,
{
/* Need more gzip header data state */
ssize_t hlen;
- unsigned char *oldblock = z->next_in;
-
z->avail_in += (uInt)nread;
- z->next_in = realloc(z->next_in, z->avail_in);
+ z->next_in = Curl_saferealloc(z->next_in, z->avail_in);
if(z->next_in == NULL) {
- free(oldblock);
return exit_zlib(z, &k->zlib_init, CURLE_OUT_OF_MEMORY);
}
/* Append the new block of data to the previous one */
memcpy(z->next_in + z->avail_in - nread, k->str, nread);
- switch (check_gzip_header(z->next_in, z->avail_in, &hlen)) {
+ switch(check_gzip_header(z->next_in, z->avail_in, &hlen)) {
case GZIP_OK:
/* This is the zlib stream data */
free(z->next_in);
diff --git a/lib/cookie.c b/lib/cookie.c
index d5a83fd66..6b678aeb8 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -90,13 +90,12 @@ Example set of cookies:
#include "urldata.h"
#include "cookie.h"
-#include "strequal.h"
#include "strtok.h"
#include "sendf.h"
#include "slist.h"
#include "share.h"
#include "strtoofft.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "curl_memrchr.h"
#include "inet_pton.h"
@@ -126,7 +125,7 @@ static bool tailmatch(const char *cooke_domain, const char
*hostname)
if(hostname_len < cookie_domain_len)
return FALSE;
- if(!Curl_raw_equal(cooke_domain, hostname+hostname_len-cookie_domain_len))
+ if(!strcasecompare(cooke_domain, hostname+hostname_len-cookie_domain_len))
return FALSE;
/* A lead char of cookie_domain is not '.'.
@@ -147,12 +146,12 @@ static bool tailmatch(const char *cooke_domain, const
char *hostname)
* matching cookie path and url path
* RFC6265 5.1.4 Paths and Path-Match
*/
-static bool pathmatch(const char* cookie_path, const char* request_uri)
+static bool pathmatch(const char *cookie_path, const char *request_uri)
{
size_t cookie_path_len;
size_t uri_path_len;
- char* uri_path = NULL;
- char* pos;
+ char *uri_path = NULL;
+ char *pos;
bool ret = FALSE;
/* cookie_path must not have last '/' separator. ex: /sample */
@@ -469,9 +468,9 @@ Curl_cookie_add(struct Curl_easy *data,
/* this was a "<name>=" with no content, and we must allow
'secure' and 'httponly' specified this weirdly */
done = TRUE;
- if(Curl_raw_equal("secure", name))
+ if(strcasecompare("secure", name))
co->secure = TRUE;
- else if(Curl_raw_equal("httponly", name))
+ else if(strcasecompare("httponly", name))
co->httponly = TRUE;
else if(sep)
/* there was a '=' so we're not done parsing this field */
@@ -479,7 +478,7 @@ Curl_cookie_add(struct Curl_easy *data,
}
if(done)
;
- else if(Curl_raw_equal("path", name)) {
+ else if(strcasecompare("path", name)) {
strstore(&co->path, whatptr);
if(!co->path) {
badcookie = TRUE; /* out of memory bad */
@@ -491,9 +490,8 @@ Curl_cookie_add(struct Curl_easy *data,
break;
}
}
- else if(Curl_raw_equal("domain", name)) {
+ else if(strcasecompare("domain", name)) {
bool is_ip;
- const char *dotp;
/* Now, we make sure that our host is within the given domain,
or the given domain is not valid and thus cannot be set. */
@@ -501,12 +499,22 @@ Curl_cookie_add(struct Curl_easy *data,
if('.' == whatptr[0])
whatptr++; /* ignore preceding dot */
- is_ip = isip(domain ? domain : whatptr);
+#ifndef USE_LIBPSL
+ /*
+ * Without PSL we don't know when the incoming cookie is set on a
+ * TLD or otherwise "protected" suffix. To reduce risk, we require a
+ * dot OR the exact host name being "localhost".
+ */
+ {
+ const char *dotp;
+ /* check for more dots */
+ dotp = strchr(whatptr, '.');
+ if(!dotp && !strcasecompare("localhost", whatptr))
+ domain=":";
+ }
+#endif
- /* check for more dots */
- dotp = strchr(whatptr, '.');
- if(!dotp)
- domain=":";
+ is_ip = isip(domain ? domain : whatptr);
if(!domain
|| (is_ip && !strcmp(whatptr, domain))
@@ -529,14 +537,14 @@ Curl_cookie_add(struct Curl_easy *data,
whatptr);
}
}
- else if(Curl_raw_equal("version", name)) {
+ else if(strcasecompare("version", name)) {
strstore(&co->version, whatptr);
if(!co->version) {
badcookie = TRUE;
break;
}
}
- else if(Curl_raw_equal("max-age", name)) {
+ else if(strcasecompare("max-age", name)) {
/* Defined in RFC2109:
Optional. The Max-Age attribute defines the lifetime of the
@@ -552,7 +560,7 @@ Curl_cookie_add(struct Curl_easy *data,
break;
}
}
- else if(Curl_raw_equal("expires", name)) {
+ else if(strcasecompare("expires", name)) {
strstore(&co->expirestr, whatptr);
if(!co->expirestr) {
badcookie = TRUE;
@@ -713,7 +721,7 @@ Curl_cookie_add(struct Curl_easy *data,
As far as I can see, it is set to true when the cookie says
.domain.com and to false when the domain is complete www.domain.com
*/
- co->tailmatch = Curl_raw_equal(ptr, "TRUE")?TRUE:FALSE;
+ co->tailmatch = strcasecompare(ptr, "TRUE")?TRUE:FALSE;
break;
case 2:
/* It turns out, that sometimes the file format allows the path
@@ -742,7 +750,7 @@ Curl_cookie_add(struct Curl_easy *data,
fields++; /* add a field and fall down to secure */
/* FALLTHROUGH */
case 3:
- co->secure = Curl_raw_equal(ptr, "TRUE")?TRUE:FALSE;
+ co->secure = strcasecompare(ptr, "TRUE")?TRUE:FALSE;
break;
case 4:
co->expires = curlx_strtoofft(ptr, NULL, 10);
@@ -799,8 +807,8 @@ Curl_cookie_add(struct Curl_easy *data,
/* Check if the domain is a Public Suffix and if yes, ignore the cookie.
This needs a libpsl compiled with builtin data. */
if(domain && co->domain && !isip(co->domain)) {
- if(((psl = psl_builtin()) != NULL)
- && !psl_is_cookie_domain_acceptable(psl, domain, co->domain)) {
+ psl = psl_builtin();
+ if(psl && !psl_is_cookie_domain_acceptable(psl, domain, co->domain)) {
infof(data,
"cookie '%s' dropped, domain '%s' must not set cookies for '%s'\n",
co->name, domain, co->domain);
@@ -813,11 +821,12 @@ Curl_cookie_add(struct Curl_easy *data,
clist = c->cookies;
replace_old = FALSE;
while(clist) {
- if(Curl_raw_equal(clist->name, co->name)) {
+ if(strcasecompare(clist->name, co->name)) {
/* the names are identical */
if(clist->domain && co->domain) {
- if(Curl_raw_equal(clist->domain, co->domain))
+ if(strcasecompare(clist->domain, co->domain) &&
+ (clist->tailmatch == co->tailmatch))
/* The domains are identical */
replace_old=TRUE;
}
@@ -828,7 +837,7 @@ Curl_cookie_add(struct Curl_easy *data,
/* the domains were identical */
if(clist->spath && co->spath) {
- if(Curl_raw_equal(clist->spath, co->spath)) {
+ if(strcasecompare(clist->spath, co->spath)) {
replace_old = TRUE;
}
else
@@ -902,6 +911,34 @@ Curl_cookie_add(struct Curl_easy *data,
return co;
}
+/*
+ * get_line() makes sure to only return complete whole lines that fit in 'len'
+ * bytes and end with a newline.
+ */
+static char *get_line(char *buf, int len, FILE *input)
+{
+ bool partial = FALSE;
+ while(1) {
+ char *b = fgets(buf, len, input);
+ if(b) {
+ size_t rlen = strlen(b);
+ if(rlen && (b[rlen-1] == '\n')) {
+ if(partial) {
+ partial = FALSE;
+ continue;
+ }
+ return b;
+ }
+ /* read a partial, discard the next piece that ends with newline */
+ partial = TRUE;
+ }
+ else
+ break;
+ }
+ return NULL;
+}
+
+
/*****************************************************************************
*
* Curl_cookie_init()
@@ -938,7 +975,7 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
}
c->running = FALSE; /* this is not running, this is init */
- if(file && strequal(file, "-")) {
+ if(file && !strcmp(file, "-")) {
fp = stdin;
fromfile=FALSE;
}
@@ -958,7 +995,7 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
line = malloc(MAX_COOKIE_LINE);
if(!line)
goto fail;
- while(fgets(line, MAX_COOKIE_LINE, fp)) {
+ while(get_line(line, MAX_COOKIE_LINE, fp)) {
if(checkprefix("Set-Cookie:", line)) {
/* This is a cookie line, get it! */
lineptr=&line[11];
@@ -1023,6 +1060,40 @@ static int cookie_sort(const void *p1, const void *p2)
return 0;
}
+#define CLONE(field) \
+ do { \
+ if(src->field) { \
+ d->field = strdup(src->field); \
+ if(!d->field) \
+ goto fail; \
+ } \
+ } while(0)
+
+static struct Cookie *dup_cookie(struct Cookie *src)
+{
+ struct Cookie *d = calloc(sizeof(struct Cookie), 1);
+ if(d) {
+ CLONE(expirestr);
+ CLONE(domain);
+ CLONE(path);
+ CLONE(spath);
+ CLONE(name);
+ CLONE(value);
+ CLONE(maxage);
+ CLONE(version);
+ d->expires = src->expires;
+ d->tailmatch = src->tailmatch;
+ d->secure = src->secure;
+ d->livecookie = src->livecookie;
+ d->httponly = src->httponly;
+ }
+ return d;
+
+ fail:
+ freecookie(d);
+ return NULL;
+}
+
/*****************************************************************************
*
* Curl_cookie_getlist()
@@ -1067,7 +1138,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
/* now check if the domain is correct */
if(!co->domain ||
(co->tailmatch && !is_ip && tailmatch(co->domain, host)) ||
- ((!co->tailmatch || is_ip) && Curl_raw_equal(host, co->domain)) ) {
+ ((!co->tailmatch || is_ip) && strcasecompare(host, co->domain)) ) {
/* the right part of the host matches the domain stuff in the
cookie data */
@@ -1078,11 +1149,8 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
/* and now, we know this is a match and we should create an
entry for the return-linked-list */
- newco = malloc(sizeof(struct Cookie));
+ newco = dup_cookie(co);
if(newco) {
- /* first, copy the whole source cookie: */
- memcpy(newco, co, sizeof(struct Cookie));
-
/* then modify our next */
newco->next = mainco;
@@ -1094,12 +1162,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
else {
fail:
/* failure, clear up the allocated chain and return NULL */
- while(mainco) {
- co = mainco->next;
- free(mainco);
- mainco = co;
- }
-
+ Curl_cookie_freelist(mainco);
return NULL;
}
}
@@ -1151,7 +1214,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
void Curl_cookie_clearall(struct CookieInfo *cookies)
{
if(cookies) {
- Curl_cookie_freelist(cookies->cookies, TRUE);
+ Curl_cookie_freelist(cookies->cookies);
cookies->cookies = NULL;
cookies->numcookies = 0;
}
@@ -1163,21 +1226,14 @@ void Curl_cookie_clearall(struct CookieInfo *cookies)
*
* Free a list of cookies previously returned by Curl_cookie_getlist();
*
- * The 'cookiestoo' argument tells this function whether to just free the
- * list or actually also free all cookies within the list as well.
- *
****************************************************************************/
-void Curl_cookie_freelist(struct Cookie *co, bool cookiestoo)
+void Curl_cookie_freelist(struct Cookie *co)
{
struct Cookie *next;
while(co) {
next = co->next;
- if(cookiestoo)
- freecookie(co);
- else
- free(co); /* we only free the struct since the "members" are all just
- pointed out in the main cookie list! */
+ freecookie(co);
co = next;
}
}
@@ -1232,7 +1288,7 @@ void Curl_cookie_cleanup(struct CookieInfo *c)
{
if(c) {
free(c->filename);
- Curl_cookie_freelist(c->cookies, TRUE);
+ Curl_cookie_freelist(c->cookies);
free(c); /* free the base struct as well */
}
}
@@ -1290,7 +1346,7 @@ static int cookie_output(struct CookieInfo *c, const char
*dumphere)
/* at first, remove expired cookies */
remove_expired(c);
- if(strequal("-", dumphere)) {
+ if(!strcmp("-", dumphere)) {
/* use stdout */
out = stdout;
use_stdout=TRUE;
diff --git a/lib/cookie.h b/lib/cookie.h
index cd7c54a28..41c315a82 100644
--- a/lib/cookie.h
+++ b/lib/cookie.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,7 +23,7 @@
***************************************************************************/
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
struct Cookie {
struct Cookie *next; /* next in the chain */
@@ -82,7 +82,7 @@ struct Cookie *Curl_cookie_add(struct Curl_easy *data,
struct Cookie *Curl_cookie_getlist(struct CookieInfo *, const char *,
const char *, bool);
-void Curl_cookie_freelist(struct Cookie *cookies, bool cookiestoo);
+void Curl_cookie_freelist(struct Cookie *cookies);
void Curl_cookie_clearall(struct CookieInfo *cookies);
void Curl_cookie_clearsess(struct CookieInfo *cookies);
diff --git a/lib/curl_addrinfo.c b/lib/curl_addrinfo.c
index 35eb2ddb9..3da23fda9 100644
--- a/lib/curl_addrinfo.c
+++ b/lib/curl_addrinfo.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
@@ -47,6 +47,8 @@
# define in_addr_t unsigned long
#endif
+#include <stddef.h>
+
#include "curl_addrinfo.h"
#include "inet_pton.h"
#include "warnless.h"
@@ -146,7 +148,8 @@ Curl_getaddrinfo_ex(const char *nodename,
if((size_t)ai->ai_addrlen < ss_size)
continue;
- if((ca = malloc(sizeof(Curl_addrinfo))) == NULL) {
+ ca = malloc(sizeof(Curl_addrinfo));
+ if(!ca) {
error = EAI_MEMORY;
break;
}
@@ -163,7 +166,8 @@ Curl_getaddrinfo_ex(const char *nodename,
ca->ai_canonname = NULL;
ca->ai_next = NULL;
- if((ca->ai_addr = malloc(ss_size)) == NULL) {
+ ca->ai_addr = malloc(ss_size);
+ if(!ca->ai_addr) {
error = EAI_MEMORY;
free(ca);
break;
@@ -171,7 +175,8 @@ Curl_getaddrinfo_ex(const char *nodename,
memcpy(ca->ai_addr, ai->ai_addr, ss_size);
if(ai->ai_canonname != NULL) {
- if((ca->ai_canonname = strdup(ai->ai_canonname)) == NULL) {
+ ca->ai_canonname = strdup(ai->ai_canonname);
+ if(!ca->ai_canonname) {
error = EAI_MEMORY;
free(ca->ai_addr);
free(ca);
@@ -286,21 +291,24 @@ Curl_he2ai(const struct hostent *he, int port)
size_t ss_size;
#ifdef ENABLE_IPV6
if(he->h_addrtype == AF_INET6)
- ss_size = sizeof (struct sockaddr_in6);
+ ss_size = sizeof(struct sockaddr_in6);
else
#endif
- ss_size = sizeof (struct sockaddr_in);
+ ss_size = sizeof(struct sockaddr_in);
- if((ai = calloc(1, sizeof(Curl_addrinfo))) == NULL) {
+ ai = calloc(1, sizeof(Curl_addrinfo));
+ if(!ai) {
result = CURLE_OUT_OF_MEMORY;
break;
}
- if((ai->ai_canonname = strdup(he->h_name)) == NULL) {
+ ai->ai_canonname = strdup(he->h_name);
+ if(!ai->ai_canonname) {
result = CURLE_OUT_OF_MEMORY;
free(ai);
break;
}
- if((ai->ai_addr = calloc(1, ss_size)) == NULL) {
+ ai->ai_addr = calloc(1, ss_size);
+ if(!ai->ai_addr) {
result = CURLE_OUT_OF_MEMORY;
free(ai->ai_canonname);
free(ai);
@@ -325,7 +333,7 @@ Curl_he2ai(const struct hostent *he, int port)
/* leave the rest of the struct filled with zero */
- switch (ai->ai_family) {
+ switch(ai->ai_family) {
case AF_INET:
addr = (void *)ai->ai_addr; /* storage area for this info */
@@ -461,7 +469,7 @@ Curl_addrinfo *Curl_str2addr(char *address, int port)
/* This is a dotted IP address 123.123.123.123-style */
return Curl_ip2addr(AF_INET, &in, address, port);
#ifdef ENABLE_IPV6
- else {
+ {
struct in6_addr in6;
if(Curl_inet_pton(AF_INET6, address, &in6) > 0)
/* This is a dotted IPv6 address ::1-style */
@@ -475,34 +483,48 @@ Curl_addrinfo *Curl_str2addr(char *address, int port)
/**
* Given a path to a Unix domain socket, return a newly allocated Curl_addrinfo
* struct initialized with this path.
+ * Set '*longpath' to TRUE if the error is a too long path.
*/
-Curl_addrinfo *Curl_unix2addr(const char *path)
+Curl_addrinfo *Curl_unix2addr(const char *path, bool *longpath, bool abstract)
{
Curl_addrinfo *ai;
struct sockaddr_un *sa_un;
size_t path_len;
+ *longpath = FALSE;
+
ai = calloc(1, sizeof(Curl_addrinfo));
if(!ai)
return NULL;
- if((ai->ai_addr = calloc(1, sizeof(struct sockaddr_un))) == NULL) {
+ ai->ai_addr = calloc(1, sizeof(struct sockaddr_un));
+ if(!ai->ai_addr) {
free(ai);
return NULL;
}
+
+ sa_un = (void *) ai->ai_addr;
+ sa_un->sun_family = AF_UNIX;
+
/* sun_path must be able to store the NUL-terminated path */
- path_len = strlen(path);
- if(path_len >= sizeof(sa_un->sun_path)) {
+ path_len = strlen(path) + 1;
+ if(path_len > sizeof(sa_un->sun_path)) {
free(ai->ai_addr);
free(ai);
+ *longpath = TRUE;
return NULL;
}
ai->ai_family = AF_UNIX;
ai->ai_socktype = SOCK_STREAM; /* assume reliable transport for HTTP */
- ai->ai_addrlen = (curl_socklen_t) sizeof(struct sockaddr_un);
- sa_un = (void *) ai->ai_addr;
- sa_un->sun_family = AF_UNIX;
- memcpy(sa_un->sun_path, path, path_len + 1); /* copy NUL byte */
+ ai->ai_addrlen = (curl_socklen_t)
+ ((offsetof(struct sockaddr_un, sun_path) + path_len) & 0x7FFFFFFF);
+
+ /* Abstract Unix domain socket have NULL prefix instead of suffix */
+ if(abstract)
+ memcpy(sa_un->sun_path + 1, path, path_len - 1);
+ else
+ memcpy(sa_un->sun_path, path, path_len); /* copy NUL byte */
+
return ai;
}
#endif
@@ -576,7 +598,7 @@ void Curl_addrinfo_set_port(Curl_addrinfo *addrinfo, int
port)
struct sockaddr_in6 *addr6;
#endif
for(ca = addrinfo; ca != NULL; ca = ca->ai_next) {
- switch (ca->ai_family) {
+ switch(ca->ai_family) {
case AF_INET:
addr = (void *)ca->ai_addr; /* storage area for this info */
addr->sin_port = htons((unsigned short)port);
diff --git a/lib/curl_addrinfo.h b/lib/curl_addrinfo.h
index 1a681e61e..8f6f3d106 100644
--- a/lib/curl_addrinfo.h
+++ b/lib/curl_addrinfo.h
@@ -80,7 +80,7 @@ Curl_ip2addr(int af, const void *inaddr, const char
*hostname, int port);
Curl_addrinfo *Curl_str2addr(char *dotted, int port);
#ifdef USE_UNIX_SOCKETS
-Curl_addrinfo *Curl_unix2addr(const char *path);
+Curl_addrinfo *Curl_unix2addr(const char *path, bool *longpath, bool abstract);
#endif
#if defined(CURLDEBUG) && defined(HAVE_GETADDRINFO) && \
diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
index ddcd210de..c1452b3e7 100644
--- a/lib/curl_config.h.cmake
+++ b/lib/curl_config.h.cmake
@@ -4,10 +4,13 @@
#cmakedefine BUILDING_LIBCURL 1
/* Location of default ca bundle */
-#cmakedefine CURL_CA_BUNDLE ${CURL_CA_BUNDLE}
+#cmakedefine CURL_CA_BUNDLE "${CURL_CA_BUNDLE}"
+
+/* define "1" to use built-in ca store of TLS backend */
+#cmakedefine CURL_CA_FALLBACK 1
/* Location of default ca path */
-#cmakedefine CURL_CA_PATH ${CURL_CA_PATH}
+#cmakedefine CURL_CA_PATH "${CURL_CA_PATH}"
/* to disable cookies support */
#cmakedefine CURL_DISABLE_COOKIES 1
@@ -518,6 +521,15 @@
/* Define to 1 if you have the send function. */
#cmakedefine HAVE_SEND 1
+/* Define to 1 if you have the 'fsetxattr' function. */
+#cmakedefine HAVE_FSETXATTR 1
+
+/* fsetxattr() takes 5 args */
+#cmakedefine HAVE_FSETXATTR_5 1
+
+/* fsetxattr() takes 6 args */
+#cmakedefine HAVE_FSETXATTR_6 1
+
/* Define to 1 if you have the <setjmp.h> header file. */
#cmakedefine HAVE_SETJMP_H 1
@@ -918,6 +930,9 @@
/* if PolarSSL is enabled */
#cmakedefine USE_POLARSSL 1
+/* if DarwinSSL is enabled */
+#cmakedefine USE_DARWINSSL 1
+
/* if mbedTLS is enabled */
#cmakedefine USE_MBEDTLS 1
@@ -936,6 +951,9 @@
/* if OpenSSL is in use */
#cmakedefine USE_OPENSSL 1
+/* to enable NGHTTP2 */
+#cmakedefine USE_NGHTTP2 1
+
/* if Unix domain sockets are enabled */
#cmakedefine USE_UNIX_SOCKETS
@@ -954,9 +972,6 @@
/* Version number of package */
#cmakedefine VERSION ${VERSION}
-/* Define to avoid automatic inclusion of winsock.h */
-#cmakedefine WIN32_LEAN_AND_MEAN 1
-
/* Define to 1 if OS is AIX. */
#ifndef _ALL_SOURCE
# undef _ALL_SOURCE
diff --git a/lib/curl_des.c b/lib/curl_des.c
index 421c9f768..b123a00f0 100644
--- a/lib/curl_des.c
+++ b/lib/curl_des.c
@@ -34,7 +34,7 @@
*
* The function is a port of the Java based oddParity() function over at:
*
- * http://davenport.sourceforge.net/ntlm.html
+ * https://davenport.sourceforge.io/ntlm.html
*
* Parameters:
*
diff --git a/lib/curl_endian.c b/lib/curl_endian.c
index 76deca6aa..c25db4956 100644
--- a/lib/curl_endian.c
+++ b/lib/curl_endian.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -37,7 +37,7 @@
*
* Returns the integer.
*/
-unsigned short Curl_read16_le(unsigned char *buf)
+unsigned short Curl_read16_le(const unsigned char *buf)
{
return (unsigned short)(((unsigned short)buf[0]) |
((unsigned short)buf[1] << 8));
@@ -56,50 +56,12 @@ unsigned short Curl_read16_le(unsigned char *buf)
*
* Returns the integer.
*/
-unsigned int Curl_read32_le(unsigned char *buf)
+unsigned int Curl_read32_le(const unsigned char *buf)
{
return ((unsigned int)buf[0]) | ((unsigned int)buf[1] << 8) |
((unsigned int)buf[2] << 16) | ((unsigned int)buf[3] << 24);
}
-#if (CURL_SIZEOF_CURL_OFF_T > 4)
-/*
- * Curl_read64_le()
- *
- * This function converts a 64-bit integer from the little endian format, as
- * used in the incoming package to whatever endian format we're using
- * natively.
- *
- * Parameters:
- *
- * buf [in] - A pointer to a 8 byte buffer.
- *
- * Returns the integer.
- */
-#if defined(HAVE_LONGLONG)
-unsigned long long Curl_read64_le(unsigned char *buf)
-{
- return ((unsigned long long)buf[0]) |
- ((unsigned long long)buf[1] << 8) |
- ((unsigned long long)buf[2] << 16) |
- ((unsigned long long)buf[3] << 24) |
- ((unsigned long long)buf[4] << 32) |
- ((unsigned long long)buf[5] << 40) |
- ((unsigned long long)buf[6] << 48) |
- ((unsigned long long)buf[7] << 56);
-}
-#else
-unsigned __int64 Curl_read64_le(unsigned char *buf)
-{
- return ((unsigned __int64)buf[0]) | ((unsigned __int64)buf[1] << 8) |
- ((unsigned __int64)buf[2] << 16) | ((unsigned __int64)buf[3] << 24) |
- ((unsigned __int64)buf[4] << 32) | ((unsigned __int64)buf[5] << 40) |
- ((unsigned __int64)buf[6] << 48) | ((unsigned __int64)buf[7] << 56);
-}
-#endif
-
-#endif /* CURL_SIZEOF_CURL_OFF_T > 4 */
-
/*
* Curl_read16_be()
*
@@ -113,87 +75,13 @@ unsigned __int64 Curl_read64_le(unsigned char *buf)
*
* Returns the integer.
*/
-unsigned short Curl_read16_be(unsigned char *buf)
+unsigned short Curl_read16_be(const unsigned char *buf)
{
return (unsigned short)(((unsigned short)buf[0] << 8) |
((unsigned short)buf[1]));
}
/*
- * Curl_read32_be()
- *
- * This function converts a 32-bit integer from the big endian format, as
- * used in the incoming package to whatever endian format we're using
- * natively.
- *
- * Parameters:
- *
- * buf [in] - A pointer to a 4 byte buffer.
- *
- * Returns the integer.
- */
-unsigned int Curl_read32_be(unsigned char *buf)
-{
- return ((unsigned int)buf[0] << 24) | ((unsigned int)buf[1] << 16) |
- ((unsigned int)buf[2] << 8) | ((unsigned int)buf[3]);
-}
-
-#if (CURL_SIZEOF_CURL_OFF_T > 4)
-/*
- * Curl_read64_be()
- *
- * This function converts a 64-bit integer from the big endian format, as
- * used in the incoming package to whatever endian format we're using
- * natively.
- *
- * Parameters:
- *
- * buf [in] - A pointer to a 8 byte buffer.
- *
- * Returns the integer.
- */
-#if defined(HAVE_LONGLONG)
-unsigned long long Curl_read64_be(unsigned char *buf)
-{
- return ((unsigned long long)buf[0] << 56) |
- ((unsigned long long)buf[1] << 48) |
- ((unsigned long long)buf[2] << 40) |
- ((unsigned long long)buf[3] << 32) |
- ((unsigned long long)buf[4] << 24) |
- ((unsigned long long)buf[5] << 16) |
- ((unsigned long long)buf[6] << 8) |
- ((unsigned long long)buf[7]);
-}
-#else
-unsigned __int64 Curl_read64_be(unsigned char *buf)
-{
- return ((unsigned __int64)buf[0] << 56) | ((unsigned __int64)buf[1] << 48) |
- ((unsigned __int64)buf[2] << 40) | ((unsigned __int64)buf[3] << 32) |
- ((unsigned __int64)buf[4] << 24) | ((unsigned __int64)buf[5] << 16) |
- ((unsigned __int64)buf[6] << 8) | ((unsigned __int64)buf[7]);
-}
-#endif
-
-#endif /* CURL_SIZEOF_CURL_OFF_T > 4 */
-
-/*
- * Curl_write16_le()
- *
- * This function converts a 16-bit integer from the native endian format,
- * to little endian format ready for sending down the wire.
- *
- * Parameters:
- *
- * value [in] - The 16-bit integer value.
- * buffer [in] - A pointer to the output buffer.
- */
-void Curl_write16_le(const short value, unsigned char *buffer)
-{
- buffer[0] = (char)(value & 0x00FF);
- buffer[1] = (char)((value & 0xFF00) >> 8);
-}
-
-/*
* Curl_write32_le()
*
* This function converts a 32-bit integer from the native endian format,
diff --git a/lib/curl_endian.h b/lib/curl_endian.h
index df8398c8c..4f345a6a2 100644
--- a/lib/curl_endian.h
+++ b/lib/curl_endian.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,37 +23,13 @@
***************************************************************************/
/* Converts a 16-bit integer from little endian */
-unsigned short Curl_read16_le(unsigned char *buf);
+unsigned short Curl_read16_le(const unsigned char *buf);
/* Converts a 32-bit integer from little endian */
-unsigned int Curl_read32_le(unsigned char *buf);
-
-#if (CURL_SIZEOF_CURL_OFF_T > 4)
-/* Converts a 64-bit integer from little endian */
-#if defined(HAVE_LONGLONG)
-unsigned long long Curl_read64_le(unsigned char *buf);
-#else
-unsigned __int64 Curl_read64_le(unsigned char *buf);
-#endif
-#endif
+unsigned int Curl_read32_le(const unsigned char *buf);
/* Converts a 16-bit integer from big endian */
-unsigned short Curl_read16_be(unsigned char *buf);
-
-/* Converts a 32-bit integer from big endian */
-unsigned int Curl_read32_be(unsigned char *buf);
-
-#if (CURL_SIZEOF_CURL_OFF_T > 4)
-/* Converts a 64-bit integer from big endian */
-#if defined(HAVE_LONGLONG)
-unsigned long long Curl_read64_be(unsigned char *buf);
-#else
-unsigned __int64 Curl_read64_be(unsigned char *buf);
-#endif
-#endif
-
-/* Converts a 16-bit integer to little endian */
-void Curl_write16_le(const short value, unsigned char *buffer);
+unsigned short Curl_read16_be(const unsigned char *buf);
/* Converts a 32-bit integer to little endian */
void Curl_write32_le(const int value, unsigned char *buffer);
diff --git a/lib/curl_fnmatch.c b/lib/curl_fnmatch.c
index e8108bb10..e9224ada5 100644
--- a/lib/curl_fnmatch.c
+++ b/lib/curl_fnmatch.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "curl_fnmatch.h"
#include "curl_memory.h"
@@ -145,8 +145,7 @@ static int setcharset(unsigned char **p, unsigned char
*charset)
else if(c == ']') {
if(something_found)
return SETCHARSET_OK;
- else
- something_found = TRUE;
+ something_found = TRUE;
state = CURLFNM_SCHS_RIGHTBR;
charset[c] = 1;
(*p)++;
@@ -244,7 +243,7 @@ static int setcharset(unsigned char **p, unsigned char
*charset)
if(c == ']') {
return SETCHARSET_OK;
}
- else if(c == '\\') {
+ if(c == '\\') {
c = *(++(*p));
if(ISPRINT(c)) {
charset[c] = 1;
@@ -345,8 +344,7 @@ static int loop(const unsigned char *pattern, const
unsigned char *string)
else if(*p == '\0') {
if(*s == '\0')
return CURL_FNMATCH_MATCH;
- else
- return CURL_FNMATCH_NOMATCH;
+ return CURL_FNMATCH_NOMATCH;
}
else if(*p == '\\') {
state = CURLFNM_LOOP_BACKSLASH;
diff --git a/lib/curl_gethostname.c b/lib/curl_gethostname.c
index 2591fd886..8337c72e8 100644
--- a/lib/curl_gethostname.c
+++ b/lib/curl_gethostname.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -48,8 +48,8 @@
* For libcurl static library release builds no overriding takes place.
*/
-int Curl_gethostname(char *name, GETHOSTNAME_TYPE_ARG2 namelen) {
-
+int Curl_gethostname(char *name, GETHOSTNAME_TYPE_ARG2 namelen)
+{
#ifndef HAVE_GETHOSTNAME
/* Allow compilation and return failure when unavailable */
@@ -59,7 +59,7 @@ int Curl_gethostname(char *name, GETHOSTNAME_TYPE_ARG2
namelen) {
#else
int err;
- char* dot;
+ char *dot;
#ifdef DEBUGBUILD
diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c
index bf7c766eb..83f3fa0c4 100644
--- a/lib/curl_gssapi.c
+++ b/lib/curl_gssapi.c
@@ -94,7 +94,7 @@ static size_t display_gss_error(OM_uint32 status, int type,
if(GSS_LOG_BUFFER_LEN > len + status_string.length + 3) {
len += snprintf(buf + len, GSS_LOG_BUFFER_LEN - len,
"%.*s. ", (int)status_string.length,
- (char*)status_string.value);
+ (char *)status_string.value);
}
gss_release_buffer(&min_stat, &status_string);
} while(!GSS_ERROR(maj_stat) && msg_ctx != 0);
diff --git a/lib/curl_hmac.h b/lib/curl_hmac.h
index 41703b42f..756dc9e4c 100644
--- a/lib/curl_hmac.h
+++ b/lib/curl_hmac.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,11 +24,11 @@
#ifndef CURL_DISABLE_CRYPTO_AUTH
-typedef void (* HMAC_hinit_func)(void * context);
-typedef void (* HMAC_hupdate_func)(void * context,
- const unsigned char * data,
+typedef void (* HMAC_hinit_func)(void *context);
+typedef void (* HMAC_hupdate_func)(void *context,
+ const unsigned char *data,
unsigned int len);
-typedef void (* HMAC_hfinal_func)(unsigned char * result, void * context);
+typedef void (* HMAC_hfinal_func)(unsigned char *result, void *context);
/* Per-hash function HMAC parameters. */
@@ -46,21 +46,21 @@ typedef struct {
/* HMAC computation context. */
typedef struct {
- const HMAC_params * hmac_hash; /* Hash function definition. */
- void * hmac_hashctxt1; /* Hash function context 1. */
- void * hmac_hashctxt2; /* Hash function context 2. */
+ const HMAC_params *hmac_hash; /* Hash function definition. */
+ void *hmac_hashctxt1; /* Hash function context 1. */
+ void *hmac_hashctxt2; /* Hash function context 2. */
} HMAC_context;
/* Prototypes. */
-HMAC_context * Curl_HMAC_init(const HMAC_params * hashparams,
- const unsigned char * key,
+HMAC_context * Curl_HMAC_init(const HMAC_params *hashparams,
+ const unsigned char *key,
unsigned int keylen);
-int Curl_HMAC_update(HMAC_context * context,
- const unsigned char * data,
+int Curl_HMAC_update(HMAC_context *context,
+ const unsigned char *data,
unsigned int len);
-int Curl_HMAC_final(HMAC_context * context, unsigned char * result);
+int Curl_HMAC_final(HMAC_context *context, unsigned char *result);
#endif
diff --git a/lib/curl_md4.h b/lib/curl_md4.h
index 8c26d1222..e0690416d 100644
--- a/lib/curl_md4.h
+++ b/lib/curl_md4.h
@@ -24,12 +24,12 @@
#include "curl_setup.h"
-/* NSS and OS/400 crypto library do not provide the MD4 hash algorithm, so
- * that we have a local implementation of it */
-#if defined(USE_NSS) || defined(USE_OS400CRYPTO)
+#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \
+ (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))
void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len);
-#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) */
+#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) ||
+ (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */
#endif /* HEADER_CURL_MD4_H */
diff --git a/lib/curl_memory.h b/lib/curl_memory.h
index 6f792fffd..6d024a743 100644
--- a/lib/curl_memory.h
+++ b/lib/curl_memory.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -70,7 +70,7 @@
*
* Programs and libraries in 'tests' subdirectories have specific
* purposes and needs, and as such each one will use whatever fits
- * best, depending additionally wether it links with libcurl or not.
+ * best, depending additionally whether it links with libcurl or not.
*
* Caveat emptor. Proper curlx_* separation is a work in progress
* the same as CURLX_NO_MEMORY_CALLBACKS usage, some adjustments may
@@ -86,8 +86,8 @@
#ifndef CURL_DID_MEMORY_FUNC_TYPEDEFS /* only if not already done */
/*
* The following memory function replacement typedef's are COPIED from
- * curl/curl.h and MUST match the originals. We copy them to avoid having to
- * include curl/curl.h here. We avoid that include since it includes stdio.h
+ * gnurl/curl.h and MUST match the originals. We copy them to avoid having to
+ * include gnurl/curl.h here. We avoid that include since it includes stdio.h
* and other headers that may get messed up with defines done here.
*/
typedef void *(*curl_malloc_callback)(size_t size);
diff --git a/lib/curl_memrchr.c b/lib/curl_memrchr.c
index c521497b2..629f327ae 100644
--- a/lib/curl_memrchr.c
+++ b/lib/curl_memrchr.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "curl_memrchr.h"
#include "curl_memory.h"
diff --git a/lib/curl_multibyte.c b/lib/curl_multibyte.c
index e78bb5002..3ebd472e0 100644
--- a/lib/curl_multibyte.c
+++ b/lib/curl_multibyte.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#if defined(USE_WIN32_IDN) || ((defined(USE_WINDOWS_SSPI) || \
defined(USE_WIN32_LDAP)) && defined(UNICODE))
diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c
index 4b9da2c2a..aea545295 100644
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@@ -27,7 +27,7 @@
/*
* NTLM details:
*
- * http://davenport.sourceforge.net/ntlm.html
+ * https://davenport.sourceforge.io/ntlm.html
* https://www.innovation.ch/java/ntlm.html
*/
@@ -80,6 +80,9 @@
# include <mbedtls/des.h>
# include <mbedtls/md4.h>
+# if !defined(MBEDTLS_MD4_C)
+# include "curl_md4.h"
+# endif
#elif defined(USE_NSS)
@@ -105,7 +108,7 @@
#include "urldata.h"
#include "non-ascii.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "curl_ntlm_core.h"
#include "curl_md5.h"
#include "curl_hmac.h"
@@ -501,7 +504,7 @@ CURLcode Curl_ntlm_core_mk_lm_hash(struct Curl_easy *data,
return CURLE_OK;
}
-#if USE_NTRESPONSES
+#ifdef USE_NTRESPONSES
static void ascii_to_unicode_le(unsigned char *dest, const char *src,
size_t srclen)
{
@@ -512,14 +515,14 @@ static void ascii_to_unicode_le(unsigned char *dest,
const char *src,
}
}
-#if USE_NTLM_V2 && !defined(USE_WINDOWS_SSPI)
+#if defined(USE_NTLM_V2) && !defined(USE_WINDOWS_SSPI)
static void ascii_uppercase_to_unicode_le(unsigned char *dest,
const char *src, size_t srclen)
{
size_t i;
for(i = 0; i < srclen; i++) {
- dest[2 * i] = (unsigned char)(toupper(src[i]));
+ dest[2 * i] = (unsigned char)(Curl_raw_toupper(src[i]));
dest[2 * i + 1] = '\0';
}
}
@@ -566,12 +569,13 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data,
gcry_md_hd_t MD4pw;
gcry_md_open(&MD4pw, GCRY_MD_MD4, 0);
gcry_md_write(MD4pw, pw, 2 * len);
- memcpy (ntbuffer, gcry_md_read (MD4pw, 0), MD4_DIGEST_LENGTH);
+ memcpy(ntbuffer, gcry_md_read(MD4pw, 0), MD4_DIGEST_LENGTH);
gcry_md_close(MD4pw);
+#elif defined(USE_NSS) || defined(USE_OS400CRYPTO) || \
+ (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))
+ Curl_md4it(ntbuffer, pw, 2 * len);
#elif defined(USE_MBEDTLS)
mbedtls_md4(pw, 2 * len, ntbuffer);
-#elif defined(USE_NSS) || defined(USE_OS400CRYPTO)
- Curl_md4it(ntbuffer, pw, 2 * len);
#elif defined(USE_DARWINSSL)
(void)CC_MD4(pw, (CC_LONG)(2 * len), ntbuffer);
#elif defined(USE_WIN32_CRYPTO)
@@ -597,7 +601,7 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data,
return CURLE_OK;
}
-#if USE_NTLM_V2 && !defined(USE_WINDOWS_SSPI)
+#if defined(USE_NTLM_V2) && !defined(USE_WINDOWS_SSPI)
/* This returns the HMAC MD5 digest */
CURLcode Curl_hmac_md5(const unsigned char *key, unsigned int keylen,
@@ -715,8 +719,10 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char
*ntlmv2hash,
/* Create the BLOB structure */
snprintf((char *)ptr + NTLM_HMAC_MD5_LEN, NTLMv2_BLOB_LEN,
- NTLMv2_BLOB_SIGNATURE
+ "%c%c%c%c" /* NTLMv2_BLOB_SIGNATURE */
"%c%c%c%c", /* Reserved = 0 */
+ NTLMv2_BLOB_SIGNATURE[0], NTLMv2_BLOB_SIGNATURE[1],
+ NTLMv2_BLOB_SIGNATURE[2], NTLMv2_BLOB_SIGNATURE[3],
0, 0, 0, 0);
Curl_write64_le(tw, ptr + 24);
diff --git a/lib/curl_ntlm_core.h b/lib/curl_ntlm_core.h
index c5f90e778..4a83d40bc 100644
--- a/lib/curl_ntlm_core.h
+++ b/lib/curl_ntlm_core.h
@@ -33,31 +33,26 @@
!defined(HEADER_SSL_H) && !defined(HEADER_MD5_H)
# error "curl_ntlm_core.h shall not be included before OpenSSL headers."
# endif
-# ifdef OPENSSL_NO_MD4
-# define USE_NTRESPONSES 0
-# define USE_NTLM2SESSION 0
-# define USE_NTLM_V2 0
-# endif
#endif
-/* Define USE_NTRESPONSES to 1 in order to make the type-3 message include
+/* Define USE_NTRESPONSES in order to make the type-3 message include
* the NT response message. */
-#ifndef USE_NTRESPONSES
-#define USE_NTRESPONSES 1
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_NO_MD4)
+#define USE_NTRESPONSES
#endif
-/* Define USE_NTLM2SESSION to 1 in order to make the type-3 message include the
+/* Define USE_NTLM2SESSION in order to make the type-3 message include the
NTLM2Session response message, requires USE_NTRESPONSES defined to 1 and a
Crypto engine that we have curl_ssl_md5sum() for. */
-#if !defined(USE_NTLM2SESSION) && USE_NTRESPONSES && !defined(USE_WIN32_CRYPTO)
-#define USE_NTLM2SESSION 1
+#if defined(USE_NTRESPONSES) && !defined(USE_WIN32_CRYPTO)
+#define USE_NTLM2SESSION
#endif
-/* Define USE_NTLM_V2 to 1 in order to allow the type-3 message to include the
+/* Define USE_NTLM_V2 in order to allow the type-3 message to include the
LMv2 and NTLMv2 response messages, requires USE_NTRESPONSES defined to 1
and support for 64-bit integers. */
-#if !defined(USE_NTLM_V2) && USE_NTRESPONSES && (CURL_SIZEOF_CURL_OFF_T > 4)
-#define USE_NTLM_V2 1
+#if defined(USE_NTRESPONSES) && (CURL_SIZEOF_CURL_OFF_T > 4)
+#define USE_NTLM_V2
#endif
void Curl_ntlm_core_lm_resp(const unsigned char *keys,
@@ -68,12 +63,12 @@ CURLcode Curl_ntlm_core_mk_lm_hash(struct Curl_easy *data,
const char *password,
unsigned char *lmbuffer /* 21 bytes */);
-#if USE_NTRESPONSES
+#ifdef USE_NTRESPONSES
CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data,
const char *password,
unsigned char *ntbuffer /* 21 bytes */);
-#if USE_NTLM_V2 && !defined(USE_WINDOWS_SSPI)
+#if defined(USE_NTLM_V2) && !defined(USE_WINDOWS_SSPI)
CURLcode Curl_hmac_md5(const unsigned char *key, unsigned int keylen,
const unsigned char *data, unsigned int datalen,
diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c
index afdea16c0..9e9586cc3 100644
--- a/lib/curl_ntlm_wb.c
+++ b/lib/curl_ntlm_wb.c
@@ -28,7 +28,7 @@
/*
* NTLM details:
*
- * http://davenport.sourceforge.net/ntlm.html
+ * https://davenport.sourceforge.io/ntlm.html
* https://www.innovation.ch/java/ntlm.html
*/
@@ -51,6 +51,7 @@
#include "curl_ntlm_wb.h"
#include "url.h"
#include "strerror.h"
+#include "strdup.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
#include "curl_memory.h"
@@ -122,7 +123,6 @@ static CURLcode ntlm_wb_init(struct connectdata *conn,
const char *userp)
struct passwd pw, *pw_res;
char pwbuf[1024];
#endif
- int error;
/* Return if communication with ntlm_auth already set up */
if(conn->ntlm_auth_hlpr_socket != CURL_SOCKET_BAD ||
@@ -156,7 +156,8 @@ static CURLcode ntlm_wb_init(struct connectdata *conn,
const char *userp)
}
slash = strpbrk(username, "\\/");
if(slash) {
- if((domain = strdup(username)) == NULL)
+ domain = strdup(username);
+ if(!domain)
return CURLE_OUT_OF_MEMORY;
slash = domain + (slash - username);
*slash = '\0';
@@ -176,26 +177,23 @@ static CURLcode ntlm_wb_init(struct connectdata *conn,
const char *userp)
ntlm_auth = NTLM_WB_FILE;
if(access(ntlm_auth, X_OK) != 0) {
- error = ERRNO;
failf(conn->data, "Could not access ntlm_auth: %s errno %d: %s",
- ntlm_auth, error, Curl_strerror(conn, error));
+ ntlm_auth, errno, Curl_strerror(conn, errno));
goto done;
}
if(socketpair(AF_UNIX, SOCK_STREAM, 0, sockfds)) {
- error = ERRNO;
failf(conn->data, "Could not open socket pair. errno %d: %s",
- error, Curl_strerror(conn, error));
+ errno, Curl_strerror(conn, errno));
goto done;
}
child_pid = fork();
if(child_pid == -1) {
- error = ERRNO;
sclose(sockfds[0]);
sclose(sockfds[1]);
failf(conn->data, "Could not fork. errno %d: %s",
- error, Curl_strerror(conn, error));
+ errno, Curl_strerror(conn, errno));
goto done;
}
else if(!child_pid) {
@@ -206,16 +204,14 @@ static CURLcode ntlm_wb_init(struct connectdata *conn,
const char *userp)
/* Don't use sclose in the child since it fools the socket leak detector */
sclose_nolog(sockfds[0]);
if(dup2(sockfds[1], STDIN_FILENO) == -1) {
- error = ERRNO;
failf(conn->data, "Could not redirect child stdin. errno %d: %s",
- error, Curl_strerror(conn, error));
+ errno, Curl_strerror(conn, errno));
exit(1);
}
if(dup2(sockfds[1], STDOUT_FILENO) == -1) {
- error = ERRNO;
failf(conn->data, "Could not redirect child stdout. errno %d: %s",
- error, Curl_strerror(conn, error));
+ errno, Curl_strerror(conn, errno));
exit(1);
}
@@ -233,10 +229,9 @@ static CURLcode ntlm_wb_init(struct connectdata *conn,
const char *userp)
"--username", username,
NULL);
- error = ERRNO;
sclose_nolog(sockfds[1]);
failf(conn->data, "Could not execl(). errno %d: %s",
- error, Curl_strerror(conn, error));
+ errno, Curl_strerror(conn, errno));
exit(1);
}
@@ -293,11 +288,10 @@ static CURLcode ntlm_wb_response(struct connectdata *conn,
buf[len_out - 1] = '\0';
break;
}
- newbuf = realloc(buf, len_out + NTLM_BUFSIZE);
- if(!newbuf) {
- free(buf);
+ newbuf = Curl_saferealloc(buf, len_out + NTLM_BUFSIZE);
+ if(!newbuf)
return CURLE_OUT_OF_MEMORY;
- }
+
buf = newbuf;
}
@@ -349,7 +343,7 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
if(proxy) {
allocuserpwd = &conn->allocptr.proxyuserpwd;
- userp = conn->proxyuser;
+ userp = conn->http_proxy.user;
ntlm = &conn->proxyntlm;
authp = &conn->data->state.authproxy;
}
diff --git a/lib/curl_printf.h b/lib/curl_printf.h
index 49857cdb0..c35c0dd84 100644
--- a/lib/curl_printf.h
+++ b/lib/curl_printf.h
@@ -27,7 +27,7 @@
* *rintf() functions.
*/
-#include <curl/mprintf.h>
+#include <gnurl/mprintf.h>
# undef printf
# undef fprintf
diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index 06dd047a4..6df8e7276 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -25,12 +25,13 @@
#ifdef USE_LIBRTMP
+#include "curl_rtmp.h"
#include "urldata.h"
#include "nonblock.h" /* for curlx_nonblock */
#include "progress.h" /* for Curl_pgrsSetUploadSize */
#include "transfer.h"
#include "warnless.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include <librtmp/rtmp.h>
#include "curl_memory.h"
/* The last #include file should be: */
@@ -73,6 +74,7 @@ const struct Curl_handler Curl_handler_rtmp = {
ZERO_NULL, /* perform_getsock */
rtmp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_RTMP, /* defport */
CURLPROTO_RTMP, /* protocol */
PROTOPT_NONE /* flags*/
@@ -93,6 +95,7 @@ const struct Curl_handler Curl_handler_rtmpt = {
ZERO_NULL, /* perform_getsock */
rtmp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_RTMPT, /* defport */
CURLPROTO_RTMPT, /* protocol */
PROTOPT_NONE /* flags*/
@@ -113,6 +116,7 @@ const struct Curl_handler Curl_handler_rtmpe = {
ZERO_NULL, /* perform_getsock */
rtmp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_RTMP, /* defport */
CURLPROTO_RTMPE, /* protocol */
PROTOPT_NONE /* flags*/
@@ -133,6 +137,7 @@ const struct Curl_handler Curl_handler_rtmpte = {
ZERO_NULL, /* perform_getsock */
rtmp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_RTMPT, /* defport */
CURLPROTO_RTMPTE, /* protocol */
PROTOPT_NONE /* flags*/
@@ -153,6 +158,7 @@ const struct Curl_handler Curl_handler_rtmps = {
ZERO_NULL, /* perform_getsock */
rtmp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_RTMPS, /* defport */
CURLPROTO_RTMPS, /* protocol */
PROTOPT_NONE /* flags*/
@@ -173,6 +179,7 @@ const struct Curl_handler Curl_handler_rtmpts = {
ZERO_NULL, /* perform_getsock */
rtmp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_RTMPS, /* defport */
CURLPROTO_RTMPTS, /* protocol */
PROTOPT_NONE /* flags*/
@@ -199,7 +206,7 @@ static CURLcode rtmp_connect(struct connectdata *conn, bool
*done)
RTMP *r = conn->proto.generic;
SET_RCVTIMEO(tv, 10);
- r->m_sb.sb_socket = conn->sock[FIRSTSOCKET];
+ r->m_sb.sb_socket = (int)conn->sock[FIRSTSOCKET];
/* We have to know if it's a write before we send the
* connect request packet
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 65fa52932..bd3b2be9e 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2012 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -31,7 +31,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "curl_base64.h"
@@ -42,8 +42,6 @@
#include "curl_sasl.h"
#include "warnless.h"
#include "strtok.h"
-#include "strequal.h"
-#include "rawstr.h"
#include "sendf.h"
#include "non-ascii.h" /* included for Curl_convert_... prototypes */
/* The last 3 #include files should be in this order */
@@ -52,7 +50,7 @@
#include "memdebug.h"
/* Supported mechanisms */
-const struct {
+static const struct {
const char *name; /* Name */
size_t len; /* Name length */
unsigned int bit; /* Flag bit */
@@ -159,7 +157,7 @@ CURLcode Curl_sasl_parse_url_auth_option(struct SASL *sasl,
sasl->prefmech = SASL_AUTH_NONE;
}
- if(strnequal(value, "*", len))
+ if(!strncmp(value, "*", len))
sasl->prefmech = SASL_AUTH_DEFAULT;
else {
mechbit = Curl_sasl_decode_mech(value, len, &mechlen);
@@ -264,10 +262,13 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct
connectdata *conn,
size_t len = 0;
saslstate state1 = SASL_STOP;
saslstate state2 = SASL_FINAL;
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+ const long int port = SSL_IS_PROXY() ? conn->port : conn->remote_port;
#if defined(USE_KERBEROS5)
- const char* service = data->set.str[STRING_SERVICE_NAME] ?
- data->set.str[STRING_SERVICE_NAME] :
- sasl->params->service;
+ const char *service = data->set.str[STRING_SERVICE_NAME] ?
+ data->set.str[STRING_SERVICE_NAME] :
+ sasl->params->service;
#endif
sasl->force_ir = force_ir; /* Latch for future use */
@@ -343,8 +344,8 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct
connectdata *conn,
if(force_ir || data->set.sasl_ir)
result = Curl_auth_create_oauth_bearer_message(data, conn->user,
- conn->host.name,
- conn->port,
+ hostname,
+ port,
conn->oauth_bearer,
&resp, &len);
}
@@ -410,8 +411,10 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct
connectdata *conn,
struct Curl_easy *data = conn->data;
saslstate newstate = SASL_FINAL;
char *resp = NULL;
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+ const long int port = SSL_IS_PROXY() ? conn->port : conn->remote_port;
#if !defined(CURL_DISABLE_CRYPTO_AUTH)
- char *serverdata;
char *chlg = NULL;
size_t chlglen = 0;
#endif
@@ -420,6 +423,10 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct
connectdata *conn,
data->set.str[STRING_SERVICE_NAME] :
sasl->params->service;
#endif
+#if !defined(CURL_DISABLE_CRYPTO_AUTH) || defined(USE_KERBEROS5) || \
+ defined(USE_NTLM)
+ char *serverdata;
+#endif
size_t len = 0;
*progress = SASL_INPROGRESS;
@@ -544,8 +551,8 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct
connectdata *conn,
/* Create the authorisation message */
if(sasl->authused == SASL_MECH_OAUTHBEARER) {
result = Curl_auth_create_oauth_bearer_message(data, conn->user,
- conn->host.name,
- conn->port,
+ hostname,
+ port,
conn->oauth_bearer,
&resp, &len);
diff --git a/lib/curl_sasl.h b/lib/curl_sasl.h
index 7647a48be..9b780f5d9 100644
--- a/lib/curl_sasl.h
+++ b/lib/curl_sasl.h
@@ -22,7 +22,7 @@
*
***************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
struct Curl_easy;
struct connectdata;
diff --git a/lib/curl_sec.h b/lib/curl_sec.h
index 3f94e1444..7bdde269b 100644
--- a/lib/curl_sec.h
+++ b/lib/curl_sec.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -30,8 +30,8 @@ struct Curl_sec_client_mech {
void (*end)(void *);
int (*check_prot)(void *, int);
int (*overhead)(void *, int, int);
- int (*encode)(void *, const void*, int, int, void**);
- int (*decode)(void *, void*, int, int, struct connectdata *);
+ int (*encode)(void *, const void *, int, int, void **);
+ int (*decode)(void *, void *, int, int, struct connectdata *);
};
#define AUTH_OK 0
@@ -39,11 +39,11 @@ struct Curl_sec_client_mech {
#define AUTH_ERROR 2
#ifdef HAVE_GSSAPI
-int Curl_sec_read_msg (struct connectdata *conn, char *,
- enum protection_level);
-void Curl_sec_end (struct connectdata *);
-CURLcode Curl_sec_login (struct connectdata *);
-int Curl_sec_request_prot (struct connectdata *conn, const char *level);
+int Curl_sec_read_msg(struct connectdata *conn, char *,
+ enum protection_level);
+void Curl_sec_end(struct connectdata *);
+CURLcode Curl_sec_login(struct connectdata *);
+int Curl_sec_request_prot(struct connectdata *conn, const char *level);
extern struct Curl_sec_client_mech Curl_krb5_client_mech;
#endif
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 5d82e339b..faaac8649 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,6 +22,10 @@
*
***************************************************************************/
+#if defined(BUILDING_LIBCURL) && !defined(CURL_NO_OLDIES)
+#define CURL_NO_OLDIES
+#endif
+
/*
* Define WIN32 when build target is Win32 API
*/
@@ -31,6 +35,17 @@
#define WIN32
#endif
+#ifdef WIN32
+/*
+ * Don't include unneeded stuff in Windows headers to avoid compiler
+ * warnings and macro clashes.
+ * Make sure to define this macro before including any Windows headers.
+ */
+# ifndef WIN32_LEAN_AND_MEAN
+# define WIN32_LEAN_AND_MEAN
+# endif
+#endif
+
/*
* Include configuration script results or hand-crafted
* configuration file for platforms which lack config tool.
@@ -124,18 +139,7 @@
/* please, do it beyond the point further indicated in this file. */
/* ================================================================ */
-/*
- * libcurl's external interface definitions are also used internally,
- * and might also include required system header files to define them.
- */
-
-#include <curl/curlbuild.h>
-
-/*
- * Compile time sanity checks must also be done when building the library.
- */
-
-#include <curl/curlrules.h>
+#include <gnurl/curl.h>
/*
* Ensure that no one is using the old SIZEOF_CURL_OFF_T macro
@@ -202,7 +206,7 @@
/* ================================================================ */
/* No system header file shall be included in this file before this */
-/* point. The only allowed ones are those included from curlbuild.h */
+/* point. The only allowed ones are those included from curl/system.h */
/* ================================================================ */
/*
@@ -248,9 +252,6 @@
# if defined(_UNICODE) && !defined(UNICODE)
# define UNICODE
# endif
-# ifndef WIN32_LEAN_AND_MEAN
-# define WIN32_LEAN_AND_MEAN
-# endif
# include <windows.h>
# ifdef HAVE_WINSOCK2_H
# include <winsock2.h>
@@ -467,8 +468,8 @@
# ifdef __minix
/* Minix 3 versions up to at least 3.1.3 are missing these prototypes */
- extern char * strtok_r(char *s, const char *delim, char **last);
- extern struct tm * gmtime_r(const time_t * const timep, struct tm *tmp);
+ extern char *strtok_r(char *s, const char *delim, char **last);
+ extern struct tm *gmtime_r(const time_t * const timep, struct tm *tmp);
# endif
# define DIR_CHAR "/"
@@ -599,10 +600,13 @@ int netware_init(void);
#endif
#endif
-#if defined(HAVE_LIBIDN) && defined(HAVE_TLD_H)
-/* The lib was present and the tld.h header (which is missing in libidn 0.3.X
- but we only work with libidn 0.4.1 or later) */
-#define USE_LIBIDN
+#if defined(HAVE_LIBIDN2) && defined(HAVE_IDN2_H) && !defined(USE_WIN32_IDN)
+/* The lib and header are present */
+#define USE_LIBIDN2
+#endif
+
+#if defined(USE_LIBIDN2) && defined(USE_WIN32_IDN)
+#error "Both libidn2 and WinIDN are enabled, choose one."
#endif
#ifndef SIZEOF_TIME_T
@@ -635,22 +639,21 @@ int netware_init(void);
#if !defined(CURL_DISABLE_NTLM) && !defined(CURL_DISABLE_CRYPTO_AUTH)
#if defined(USE_OPENSSL) || defined(USE_WINDOWS_SSPI) || \
defined(USE_GNUTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) || \
- defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO)
+ defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) || \
+ defined(USE_MBEDTLS)
#define USE_NTLM
-#elif defined(USE_MBEDTLS)
+# if defined(USE_MBEDTLS)
+/* Get definition of MBEDTLS_MD4_C */
# include <mbedtls/md4.h>
-# if defined(MBEDTLS_MD4_C)
-#define USE_NTLM
# endif
#endif
#endif
-/* non-configure builds may define CURL_WANTS_CA_BUNDLE_ENV */
-#if defined(CURL_WANTS_CA_BUNDLE_ENV) && !defined(CURL_CA_BUNDLE)
-#define CURL_CA_BUNDLE getenv("CURL_CA_BUNDLE")
+#ifdef CURL_WANTS_CA_BUNDLE_ENV
+#error "No longer supported. Set CURLOPT_CAINFO at runtime instead."
#endif
/*
diff --git a/lib/curl_setup_once.h b/lib/curl_setup_once.h
index 4da83499a..a5b542c6e 100644
--- a/lib/curl_setup_once.h
+++ b/lib/curl_setup_once.h
@@ -196,7 +196,7 @@ struct timeval {
/* */
#else
#define swrite(x,y,z) (ssize_t)send((SEND_TYPE_ARG1)(x), \
- (SEND_TYPE_ARG2)(y), \
+ (SEND_QUAL_ARG2 SEND_TYPE_ARG2)(y), \
(SEND_TYPE_ARG3)(z), \
(SEND_TYPE_ARG4)(SEND_4TH_ARG))
#endif
@@ -436,20 +436,6 @@ typedef int sig_atomic_t;
/*
- * Macro ERRNO / SET_ERRNO() returns / sets the NOT *socket-related* errno
- * (or equivalent) on this platform to hide platform details to code using it.
- */
-
-#if defined(WIN32) && !defined(USE_LWIPSOCK)
-#define ERRNO ((int)GetLastError())
-#define SET_ERRNO(x) (SetLastError((DWORD)(x)))
-#else
-#define ERRNO (errno)
-#define SET_ERRNO(x) (errno = (x))
-#endif
-
-
-/*
* Portable error number symbolic names defined to Winsock error codes.
*/
diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c
index 11a7120a9..d4a50d927 100644
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -24,7 +24,7 @@
#ifdef USE_WINDOWS_SSPI
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "curl_sspi.h"
#include "curl_multibyte.h"
#include "system_win32.h"
diff --git a/lib/curl_sspi.h b/lib/curl_sspi.h
index 2bbf9477b..694289900 100644
--- a/lib/curl_sspi.h
+++ b/lib/curl_sspi.h
@@ -26,7 +26,7 @@
#ifdef USE_WINDOWS_SSPI
-#include <curl/curl.h>
+#include <gnurl/curl.h>
/*
* When including the following three headers, it is mandatory to define either
diff --git a/lib/curl_threads.c b/lib/curl_threads.c
index c98d8bbad..9259c3f4d 100644
--- a/lib/curl_threads.c
+++ b/lib/curl_threads.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#if defined(USE_THREADS_POSIX)
# ifdef HAVE_PTHREAD_H
@@ -59,7 +59,7 @@ static void *curl_thread_create_thunk(void *arg)
return 0;
}
-curl_thread_t Curl_thread_create(unsigned int (*func) (void*), void *arg)
+curl_thread_t Curl_thread_create(unsigned int (*func) (void *), void *arg)
{
curl_thread_t t = malloc(sizeof(pthread_t));
struct curl_actual_call *ac = malloc(sizeof(struct curl_actual_call));
@@ -100,18 +100,26 @@ int Curl_thread_join(curl_thread_t *hnd)
#elif defined(USE_THREADS_WIN32)
-curl_thread_t Curl_thread_create(unsigned int (CURL_STDCALL *func) (void*),
+/* !checksrc! disable SPACEBEFOREPAREN 1 */
+curl_thread_t Curl_thread_create(unsigned int (CURL_STDCALL *func) (void *),
void *arg)
{
+ curl_thread_t t;
#ifdef _WIN32_WCE
- return CreateThread(NULL, 0, func, arg, 0, NULL);
+ t = CreateThread(NULL, 0, func, arg, 0, NULL);
#else
- curl_thread_t t;
t = (curl_thread_t)_beginthreadex(NULL, 0, func, arg, 0, NULL);
- if((t == 0) || (t == (curl_thread_t)-1L))
+#endif
+ if((t == 0) || (t == LongToHandle(-1L))) {
+#ifdef _WIN32_WCE
+ DWORD gle = GetLastError();
+ errno = ((gle == ERROR_ACCESS_DENIED ||
+ gle == ERROR_NOT_ENOUGH_MEMORY) ?
+ EACCES : EINVAL);
+#endif
return curl_thread_t_null;
+ }
return t;
-#endif
}
void Curl_thread_destroy(curl_thread_t hnd)
diff --git a/lib/curl_threads.h b/lib/curl_threads.h
index 8cbac63a7..9e0d14a30 100644
--- a/lib/curl_threads.h
+++ b/lib/curl_threads.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -50,7 +50,8 @@
#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
-curl_thread_t Curl_thread_create(unsigned int (CURL_STDCALL *func) (void*),
+/* !checksrc! disable SPACEBEFOREPAREN 1 */
+curl_thread_t Curl_thread_create(unsigned int (CURL_STDCALL *func) (void *),
void *arg);
void Curl_thread_destroy(curl_thread_t hnd);
diff --git a/lib/curlx.h b/lib/curlx.h
index 448a34ff3..a261e71f4 100644
--- a/lib/curlx.h
+++ b/lib/curlx.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -29,13 +29,13 @@
* be.
*/
-#include <curl/mprintf.h>
+#include <gnurl/mprintf.h>
/* this is still a public header file that provides the curl_mprintf()
functions while they still are offered publicly. They will be made library-
private one day */
-#include "strequal.h"
-/* "strequal.h" provides the strequal protos */
+#include "strcase.h"
+/* "strcase.h" provides the strcasecompare protos */
#include "strtoofft.h"
/* "strtoofft.h" provides this function: curlx_strtoofft(), returns a
@@ -67,15 +67,12 @@
be removed from a future libcurl official API:
curlx_getenv
curlx_mprintf (and its variations)
- curlx_strequal
- curlx_strnequal
+ curlx_strcasecompare
+ curlx_strncasecompare
*/
#define curlx_getenv curl_getenv
-#define curlx_strequal curl_strequal
-#define curlx_strnequal curl_strnequal
-#define curlx_raw_equal Curl_raw_equal
#define curlx_mvsnprintf curl_mvsnprintf
#define curlx_msnprintf curl_msnprintf
#define curlx_maprintf curl_maprintf
diff --git a/lib/dict.c b/lib/dict.c
index a7b5965bd..af0954855 100644
--- a/lib/dict.c
+++ b/lib/dict.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -49,14 +49,13 @@
#endif
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "transfer.h"
#include "sendf.h"
-
+#include "escape.h"
#include "progress.h"
-#include "strequal.h"
#include "dict.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "curl_memory.h"
/* The last #include file should be: */
#include "memdebug.h"
@@ -86,6 +85,7 @@ const struct Curl_handler Curl_handler_dict = {
ZERO_NULL, /* perform_getsock */
ZERO_NULL, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_DICT, /* defport */
CURLPROTO_DICT, /* protocol */
PROTOPT_NONE | PROTOPT_NOURLQUERY /* flags */
@@ -93,15 +93,15 @@ const struct Curl_handler Curl_handler_dict = {
static char *unescape_word(struct Curl_easy *data, const char *inputbuff)
{
- char *newp;
+ char *newp = NULL;
char *dictp;
char *ptr;
- int len;
+ size_t len;
char ch;
int olen=0;
- newp = curl_easy_unescape(data, inputbuff, 0, &len);
- if(!newp)
+ CURLcode result = Curl_urldecode(data, inputbuff, 0, &newp, &len, FALSE);
+ if(!newp || result)
return NULL;
dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */
@@ -145,9 +145,9 @@ static CURLcode dict_do(struct connectdata *conn, bool
*done)
/* AUTH is missing */
}
- if(Curl_raw_nequal(path, DICT_MATCH, sizeof(DICT_MATCH)-1) ||
- Curl_raw_nequal(path, DICT_MATCH2, sizeof(DICT_MATCH2)-1) ||
- Curl_raw_nequal(path, DICT_MATCH3, sizeof(DICT_MATCH3)-1)) {
+ if(strncasecompare(path, DICT_MATCH, sizeof(DICT_MATCH)-1) ||
+ strncasecompare(path, DICT_MATCH2, sizeof(DICT_MATCH2)-1) ||
+ strncasecompare(path, DICT_MATCH3, sizeof(DICT_MATCH3)-1)) {
word = strchr(path, ':');
if(word) {
@@ -203,9 +203,9 @@ static CURLcode dict_do(struct connectdata *conn, bool
*done)
Curl_setup_transfer(conn, FIRSTSOCKET, -1, FALSE, bytecount,
-1, NULL); /* no upload */
}
- else if(Curl_raw_nequal(path, DICT_DEFINE, sizeof(DICT_DEFINE)-1) ||
- Curl_raw_nequal(path, DICT_DEFINE2, sizeof(DICT_DEFINE2)-1) ||
- Curl_raw_nequal(path, DICT_DEFINE3, sizeof(DICT_DEFINE3)-1)) {
+ else if(strncasecompare(path, DICT_DEFINE, sizeof(DICT_DEFINE)-1) ||
+ strncasecompare(path, DICT_DEFINE2, sizeof(DICT_DEFINE2)-1) ||
+ strncasecompare(path, DICT_DEFINE3, sizeof(DICT_DEFINE3)-1)) {
word = strchr(path, ':');
if(word) {
diff --git a/lib/dotdot.c b/lib/dotdot.c
index ea7c8a04f..818061d9f 100644
--- a/lib/dotdot.c
+++ b/lib/dotdot.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "dotdot.h"
#include "curl_memory.h"
@@ -147,6 +147,7 @@ char *Curl_dedotdotify(const char *input)
else if(!strcmp(".", clone) || !strcmp("..", clone)) {
*clone=0;
+ *out=0;
}
else {
diff --git a/lib/easy.c b/lib/easy.c
index 583de154b..a1fd22b0d 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -50,9 +50,8 @@
#include <sys/param.h>
#endif
-#include "strequal.h"
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "transfer.h"
#include "vtls/vtls.h"
#include "url.h"
@@ -144,28 +143,6 @@ static CURLcode win32_init(void)
return CURLE_OK;
}
-#ifdef USE_LIBIDN
-/*
- * Initialise use of IDNA library.
- * It falls back to ASCII if $CHARSET isn't defined. This doesn't work for
- * idna_to_ascii_lz().
- */
-static void idna_init (void)
-{
-#ifdef WIN32
- char buf[60];
- UINT cp = GetACP();
-
- if(!getenv("CHARSET") && cp > 0) {
- snprintf(buf, sizeof(buf), "CHARSET=cp%u", cp);
- putenv(buf);
- }
-#else
- /* to do? */
-#endif
-}
-#endif /* USE_LIBIDN */
-
/* true globals -- for curl_global_init() and curl_global_cleanup() */
static unsigned int initialized;
static long init_flags;
@@ -202,7 +179,7 @@ curl_wcsdup_callback Curl_cwcsdup =
(curl_wcsdup_callback)_wcsdup;
#endif
#else
/*
- * Symbian OS doesn't support initialization to code in writeable static data.
+ * Symbian OS doesn't support initialization to code in writable static data.
* Initialization will occur in the curl_global_init() call.
*/
curl_malloc_callback Curl_cmalloc;
@@ -217,7 +194,7 @@ curl_calloc_callback Curl_ccalloc;
#endif
/**
- * curl_global_init() globally initializes cURL given a bitwise set of the
+ * curl_global_init() globally initializes curl given a bitwise set of the
* different features of what to initialize.
*/
static CURLcode global_init(long flags, bool memoryfuncs)
@@ -262,10 +239,6 @@ static CURLcode global_init(long flags, bool memoryfuncs)
}
#endif
-#ifdef USE_LIBIDN
- idna_init();
-#endif
-
if(Curl_resolver_global_init()) {
DEBUGF(fprintf(stderr, "Error: resolver_global_init failed\n"));
return CURLE_FAILED_INIT;
@@ -292,7 +265,7 @@ static CURLcode global_init(long flags, bool memoryfuncs)
/**
- * curl_global_init() globally initializes cURL given a bitwise set of the
+ * curl_global_init() globally initializes curl given a bitwise set of the
* different features of what to initialize.
*/
CURLcode curl_global_init(long flags)
@@ -301,7 +274,7 @@ CURLcode curl_global_init(long flags)
}
/*
- * curl_global_init_mem() globally initializes cURL and also registers the
+ * curl_global_init_mem() globally initializes curl and also registers the
* user provided callback routines.
*/
CURLcode curl_global_init_mem(long flags, curl_malloc_callback m,
@@ -333,7 +306,7 @@ CURLcode curl_global_init_mem(long flags,
curl_malloc_callback m,
}
/**
- * curl_global_cleanup() globally cleanups cURL, uses the value of
+ * curl_global_cleanup() globally cleanups curl, uses the value of
* "init_flags" to determine what needs to be cleaned up and what doesn't.
*/
void curl_global_cleanup(void)
@@ -588,7 +561,7 @@ static void events_setup(struct Curl_multi *multi, struct
events *ev)
static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev)
{
bool done = FALSE;
- CURLMcode mcode;
+ CURLMcode mcode = CURLM_OK;
CURLcode result = CURLE_OK;
while(!done) {
@@ -599,8 +572,8 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi,
struct events *ev)
int numfds=0;
int pollrc;
int i;
- struct timeval before;
- struct timeval after;
+ struct curltime before;
+ struct curltime after;
/* populate the fds[] array */
for(m = ev->list, f=&fds[0]; m; m = m->next) {
@@ -642,12 +615,18 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi,
struct events *ev)
}
}
- if(!ev->msbump)
+ if(!ev->msbump) {
/* If nothing updated the timeout, we decrease it by the spent time.
* If it was updated, it has the new timeout time stored already.
*/
- ev->ms += curlx_tvdiff(after, before);
-
+ time_t timediff = curlx_tvdiff(after, before);
+ if(timediff > 0) {
+ if(timediff > ev->ms)
+ ev->ms = 0;
+ else
+ ev->ms -= (long)timediff;
+ }
+ }
}
else
return CURLE_RECV_ERROR;
@@ -674,7 +653,9 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi,
struct events *ev)
*/
static CURLcode easy_events(struct Curl_multi *multi)
{
- struct events evs= {2, FALSE, 0, NULL, 0};
+ /* this struct is made static to allow it to be used after this function
+ returns and curl_multi_remove_handle() is called */
+ static struct events evs= {2, FALSE, 0, NULL, 0};
/* if running event-based, do some further multi inits */
events_setup(multi, &evs);
@@ -691,7 +672,7 @@ static CURLcode easy_transfer(struct Curl_multi *multi)
bool done = FALSE;
CURLMcode mcode = CURLM_OK;
CURLcode result = CURLE_OK;
- struct timeval before;
+ struct curltime before;
int without_fds = 0; /* count number of consecutive returns from
curl_multi_wait() without any filedescriptors */
@@ -704,7 +685,7 @@ static CURLcode easy_transfer(struct Curl_multi *multi)
if(!mcode) {
if(!rc) {
- struct timeval after = curlx_tvnow();
+ struct curltime after = curlx_tvnow();
/* If it returns without any filedescriptor instantly, we need to
avoid busy-looping during periods where it has nothing particular
@@ -800,8 +781,7 @@ static CURLcode easy_perform(struct Curl_easy *data, bool
events)
curl_multi_cleanup(multi);
if(mcode == CURLM_OUT_OF_MEMORY)
return CURLE_OUT_OF_MEMORY;
- else
- return CURLE_FAILED_INIT;
+ return CURLE_FAILED_INIT;
}
sigpipe_ignore(data, &pipe_st);
@@ -897,6 +877,11 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy
*data)
* get setup on-demand in the code, as that would probably decrease
* the likeliness of us forgetting to init a buffer here in the future.
*/
+ outcurl->set.buffer_size = data->set.buffer_size;
+ outcurl->state.buffer = malloc(outcurl->set.buffer_size + 1);
+ if(!outcurl->state.buffer)
+ goto fail;
+
outcurl->state.headerbuff = malloc(HEADERSIZE);
if(!outcurl->state.headerbuff)
goto fail;
@@ -954,6 +939,8 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy
*data)
Curl_convert_setup(outcurl);
+ Curl_initinfo(outcurl);
+
outcurl->magic = CURLEASY_MAGIC_NUMBER;
/* we reach this point and thus we are OK */
@@ -965,6 +952,7 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy
*data)
if(outcurl) {
curl_slist_free_all(outcurl->change.cookielist);
outcurl->change.cookielist = NULL;
+ Curl_safefree(outcurl->state.buffer);
Curl_safefree(outcurl->state.headerbuff);
Curl_safefree(outcurl->change.url);
Curl_safefree(outcurl->change.referer);
@@ -995,8 +983,15 @@ void curl_easy_reset(struct Curl_easy *data)
/* zero out Progress data: */
memset(&data->progress, 0, sizeof(struct Progress));
+ /* zero out PureInfo data: */
+ Curl_initinfo(data);
+
data->progress.flags |= PGRS_HIDE;
data->state.current_speed = -1; /* init to negative == impossible */
+
+ /* zero out authentication data: */
+ memset(&data->state.authhost, 0, sizeof(struct auth));
+ memset(&data->state.authproxy, 0, sizeof(struct auth));
}
/*
@@ -1007,7 +1002,7 @@ void curl_easy_reset(struct Curl_easy *data)
* NOTE: if you have the receiving paused and you call this function to remove
* the pausing, you may get your write callback called at this point.
*
- * Action is a bitmask consisting of CURLPAUSE_* bits in curl/curl.h
+ * Action is a bitmask consisting of CURLPAUSE_* bits in gnurl/curl.h
*/
CURLcode curl_easy_pause(struct Curl_easy *data, int action)
{
@@ -1024,19 +1019,32 @@ CURLcode curl_easy_pause(struct Curl_easy *data, int
action)
/* put it back in the keepon */
k->keepon = newstate;
- if(!(newstate & KEEP_RECV_PAUSE) && data->state.tempwrite) {
- /* we have a buffer for sending that we now seem to be able to deliver
- since the receive pausing is lifted! */
-
- /* get the pointer in local copy since the function may return PAUSE
- again and then we'll get a new copy allocted and stored in
- the tempwrite variables */
- char *tempwrite = data->state.tempwrite;
-
- data->state.tempwrite = NULL;
- result = Curl_client_chop_write(data->easy_conn, data->state.tempwritetype,
- tempwrite, data->state.tempwritesize);
- free(tempwrite);
+ if(!(newstate & KEEP_RECV_PAUSE) && data->state.tempcount) {
+ /* there are buffers for sending that can be delivered as the receive
+ pausing is lifted! */
+ unsigned int i;
+ unsigned int count = data->state.tempcount;
+ struct tempbuf writebuf[3]; /* there can only be three */
+
+ /* copy the structs to allow for immediate re-pausing */
+ for(i=0; i < data->state.tempcount; i++) {
+ writebuf[i] = data->state.tempwrite[i];
+ data->state.tempwrite[i].buf = NULL;
+ }
+ data->state.tempcount = 0;
+
+ for(i=0; i < count; i++) {
+ /* even if one function returns error, this loops through and frees all
+ buffers */
+ if(!result)
+ result = Curl_client_chop_write(data->easy_conn,
+ writebuf[i].type,
+ writebuf[i].buf,
+ writebuf[i].len);
+ free(writebuf[i].buf);
+ }
+ if(result)
+ return result;
}
/* if there's no error and we're not pausing both directions, we want
@@ -1044,7 +1052,7 @@ CURLcode curl_easy_pause(struct Curl_easy *data, int
action)
if(!result &&
((newstate&(KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) !=
(KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) )
- Curl_expire(data, 0); /* get this handle going again */
+ Curl_expire(data, 0, EXPIRE_RUN_NOW); /* get this handle going again */
return result;
}
diff --git a/lib/escape.c b/lib/escape.c
index e61260d7c..0b8b5317f 100644
--- a/lib/escape.c
+++ b/lib/escape.c
@@ -25,12 +25,13 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "warnless.h"
#include "non-ascii.h"
#include "escape.h"
+#include "strdup.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
#include "curl_memory.h"
@@ -42,7 +43,7 @@
*/
static bool Curl_isunreserved(unsigned char in)
{
- switch (in) {
+ switch(in) {
case '0': case '1': case '2': case '3': case '4':
case '5': case '6': case '7': case '8': case '9':
case 'a': case 'b': case 'c': case 'd': case 'e':
@@ -109,14 +110,10 @@ char *curl_easy_escape(struct Curl_easy *data, const char
*string,
newlen += 2; /* the size grows with two, since this'll become a %XX */
if(newlen > alloc) {
alloc *= 2;
- testing_ptr = realloc(ns, alloc);
- if(!testing_ptr) {
- free(ns);
+ testing_ptr = Curl_saferealloc(ns, alloc);
+ if(!testing_ptr)
return NULL;
- }
- else {
- ns = testing_ptr;
- }
+ ns = testing_ptr;
}
result = Curl_convert_to_network(data, &in, 1);
@@ -224,8 +221,14 @@ char *curl_easy_unescape(struct Curl_easy *data, const
char *string,
FALSE);
if(res)
return NULL;
- if(olen)
- *olen = curlx_uztosi(outputlen);
+
+ if(olen) {
+ if(outputlen <= (size_t) INT_MAX)
+ *olen = curlx_uztosi(outputlen);
+ else
+ /* too large to return in an int, fail! */
+ Curl_safefree(str);
+ }
}
return str;
}
diff --git a/lib/file.c b/lib/file.c
index b534ec18d..acca6ec08 100644
--- a/lib/file.c
+++ b/lib/file.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -50,7 +50,7 @@
#include "strtoofft.h"
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "progress.h"
#include "sendf.h"
#include "escape.h"
@@ -108,6 +108,7 @@ const struct Curl_handler Curl_handler_file = {
ZERO_NULL, /* perform_getsock */
file_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
0, /* defport */
CURLPROTO_FILE, /* protocol */
PROTOPT_NONETWORK | PROTOPT_NOURLQUERY /* flags */
@@ -190,14 +191,15 @@ static CURLcode file_connect(struct connectdata *conn,
bool *done)
struct FILEPROTO *file = data->req.protop;
int fd;
#ifdef DOS_FILESYSTEM
- int i;
+ size_t i;
char *actual_path;
#endif
- int real_path_len;
+ size_t real_path_len;
- real_path = curl_easy_unescape(data, data->state.path, 0, &real_path_len);
- if(!real_path)
- return CURLE_OUT_OF_MEMORY;
+ CURLcode result = Curl_urldecode(data, data->state.path, 0, &real_path,
+ &real_path_len, FALSE);
+ if(result)
+ return result;
#ifdef DOS_FILESYSTEM
/* If the first character is a slash, and there's
@@ -310,9 +312,8 @@ static CURLcode file_upload(struct connectdata *conn)
size_t nread;
size_t nwrite;
curl_off_t bytecount = 0;
- struct timeval now = Curl_tvnow();
struct_stat file_stat;
- const char* buf2;
+ const char *buf2;
/*
* Since FILE: doesn't do the full init, we need to provide some extra
@@ -354,13 +355,12 @@ static CURLcode file_upload(struct connectdata *conn)
failf(data, "Can't get the size of %s", file->path);
return CURLE_WRITE_ERROR;
}
- else
- data->state.resume_from = (curl_off_t)file_stat.st_size;
+ data->state.resume_from = (curl_off_t)file_stat.st_size;
}
while(!result) {
int readcount;
- result = Curl_fillreadbuffer(conn, BUFSIZE, &readcount);
+ result = Curl_fillreadbuffer(conn, (int)data->set.buffer_size, &readcount);
if(result)
break;
@@ -399,7 +399,7 @@ static CURLcode file_upload(struct connectdata *conn)
if(Curl_pgrsUpdate(conn))
result = CURLE_ABORTED_BY_CALLBACK;
else
- result = Curl_speedcheck(data, now);
+ result = Curl_speedcheck(data, Curl_tvnow());
}
if(!result && Curl_pgrsUpdate(conn))
result = CURLE_ABORTED_BY_CALLBACK;
@@ -436,7 +436,6 @@ static CURLcode file_do(struct connectdata *conn, bool
*done)
char *buf = data->state.buffer;
curl_off_t bytecount = 0;
int fd;
- struct timeval now = Curl_tvnow();
struct FILEPROTO *file;
*done = TRUE; /* unconditionally */
@@ -475,9 +474,10 @@ static CURLcode file_do(struct connectdata *conn, bool
*done)
time_t filetime;
struct tm buffer;
const struct tm *tm = &buffer;
- snprintf(buf, sizeof(data->state.buffer),
+ char header[80];
+ snprintf(header, sizeof(header),
"Content-Length: %" CURL_FORMAT_CURL_OFF_T "\r\n", expected_size);
- result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0);
+ result = Curl_client_write(conn, CLIENTWRITE_BOTH, header, 0);
if(result)
return result;
@@ -492,7 +492,7 @@ static CURLcode file_do(struct connectdata *conn, bool
*done)
return result;
/* format: "Tue, 15 Nov 1994 12:45:26 GMT" */
- snprintf(buf, BUFSIZE-1,
+ snprintf(header, sizeof(header),
"Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n",
Curl_wkday[tm->tm_wday?tm->tm_wday-1:6],
tm->tm_mday,
@@ -501,7 +501,7 @@ static CURLcode file_do(struct connectdata *conn, bool
*done)
tm->tm_hour,
tm->tm_min,
tm->tm_sec);
- result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0);
+ result = Curl_client_write(conn, CLIENTWRITE_BOTH, header, 0);
if(!result)
/* set the file size to make it available post transfer */
Curl_pgrsSetDownloadSize(data, expected_size);
@@ -518,8 +518,7 @@ static CURLcode file_do(struct connectdata *conn, bool
*done)
failf(data, "Can't get the size of file.");
return CURLE_READ_ERROR;
}
- else
- data->state.resume_from += (curl_off_t)statbuf.st_size;
+ data->state.resume_from += (curl_off_t)statbuf.st_size;
}
if(data->state.resume_from <= expected_size)
@@ -558,12 +557,11 @@ static CURLcode file_do(struct connectdata *conn, bool
*done)
size_t bytestoread;
if(size_known) {
- bytestoread =
- (expected_size < CURL_OFF_T_C(BUFSIZE) - CURL_OFF_T_C(1)) ?
- curlx_sotouz(expected_size) : BUFSIZE - 1;
+ bytestoread = (expected_size < data->set.buffer_size) ?
+ curlx_sotouz(expected_size) : (size_t)data->set.buffer_size;
}
else
- bytestoread = BUFSIZE-1;
+ bytestoread = data->set.buffer_size-1;
nread = read(fd, buf, bytestoread);
@@ -586,7 +584,7 @@ static CURLcode file_do(struct connectdata *conn, bool
*done)
if(Curl_pgrsUpdate(conn))
result = CURLE_ABORTED_BY_CALLBACK;
else
- result = Curl_speedcheck(data, now);
+ result = Curl_speedcheck(data, Curl_tvnow());
}
if(Curl_pgrsUpdate(conn))
result = CURLE_ABORTED_BY_CALLBACK;
diff --git a/lib/fileinfo.c b/lib/fileinfo.c
index 144c65b1d..387298847 100644
--- a/lib/fileinfo.c
+++ b/lib/fileinfo.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2010 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2010 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -28,23 +28,19 @@
/* The last #include file should be: */
#include "memdebug.h"
-struct curl_fileinfo *Curl_fileinfo_alloc(void)
+struct fileinfo *Curl_fileinfo_alloc(void)
{
- struct curl_fileinfo *tmp = malloc(sizeof(struct curl_fileinfo));
- if(!tmp)
- return NULL;
- memset(tmp, 0, sizeof(struct curl_fileinfo));
- return tmp;
+ return calloc(1, sizeof(struct fileinfo));
}
void Curl_fileinfo_dtor(void *user, void *element)
{
- struct curl_fileinfo *finfo = element;
+ struct fileinfo *finfo = element;
(void) user;
if(!finfo)
return;
- Curl_safefree(finfo->b_data);
+ Curl_safefree(finfo->info.b_data);
free(finfo);
}
diff --git a/lib/fileinfo.h b/lib/fileinfo.h
index 5324f1a40..a5ead4685 100644
--- a/lib/fileinfo.h
+++ b/lib/fileinfo.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2010, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2010, 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,12 +22,16 @@
*
***************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
+#include "llist.h"
-struct curl_fileinfo *Curl_fileinfo_alloc(void);
+struct fileinfo {
+ struct curl_fileinfo info;
+ struct curl_llist_element list;
+};
-void Curl_fileinfo_dtor(void *, void *);
+struct fileinfo *Curl_fileinfo_alloc(void);
-struct curl_fileinfo *Curl_fileinfo_dup(const struct curl_fileinfo *src);
+void Curl_fileinfo_dtor(void *, void *);
#endif /* HEADER_CURL_FILEINFO_H */
diff --git a/lib/formdata.c b/lib/formdata.c
index 673759de9..2d7b6b627 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#ifndef CURL_DISABLE_HTTP
@@ -33,9 +33,10 @@
#include "urldata.h" /* for struct Curl_easy */
#include "formdata.h"
#include "vtls/vtls.h"
-#include "strequal.h"
+#include "strcase.h"
#include "sendf.h"
#include "strdup.h"
+#include "rand.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
#include "curl_memory.h"
@@ -47,15 +48,12 @@ static char *Curl_basename(char *path);
#endif
static size_t readfromfile(struct Form *form, char *buffer, size_t size);
-static char *formboundary(struct Curl_easy *data);
+static CURLcode formboundary(struct Curl_easy *data, char *buffer, size_t len);
/* What kind of Content-Type to use on un-specified files with unrecognized
extensions. */
#define HTTPPOST_CONTENTTYPE_DEFAULT "application/octet-stream"
-#define FORM_FILE_SEPARATOR ','
-#define FORM_TYPE_SEPARATOR ';'
-
#define HTTPPOST_PTRNAME CURL_HTTPPOST_PTRNAME
#define HTTPPOST_FILENAME CURL_HTTPPOST_FILENAME
#define HTTPPOST_PTRCONTENTS CURL_HTTPPOST_PTRCONTENTS
@@ -80,7 +78,7 @@ AddHttpPost(char *name, size_t namelength,
char *buffer, size_t bufferlength,
char *contenttype,
long flags,
- struct curl_slist* contentHeader,
+ struct curl_slist *contentHeader,
char *showfilename, char *userp,
struct curl_httppost *parent_post,
struct curl_httppost **httppost,
@@ -98,7 +96,7 @@ AddHttpPost(char *name, size_t namelength,
post->contenttype = contenttype;
post->contentheader = contentHeader;
post->showfilename = showfilename;
- post->userp = userp,
+ post->userp = userp;
post->flags = flags | CURL_HTTPPOST_LARGE;
}
else
@@ -201,9 +199,9 @@ static const char *ContentTypeForFilename(const char
*filename,
if(filename) { /* in case a NULL was passed in */
for(i=0; i<sizeof(ctts)/sizeof(ctts[0]); i++) {
if(strlen(filename) >= strlen(ctts[i].extension)) {
- if(strequal(filename +
- strlen(filename) - strlen(ctts[i].extension),
- ctts[i].extension)) {
+ if(strcasecompare(filename +
+ strlen(filename) - strlen(ctts[i].extension),
+ ctts[i].extension)) {
contenttype = ctts[i].type;
break;
}
@@ -315,7 +313,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
break;
}
- switch (option) {
+ switch(option) {
case CURLFORM_ARRAY:
if(array_state)
/* we don't support an array from within an array */
@@ -341,6 +339,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
#else
current_form->flags |= HTTPPOST_PTRNAME; /* fall through */
#endif
+ /* FALLTHROUGH */
case CURLFORM_COPYNAME:
if(current_form->name)
return_value = CURL_FORMADD_OPTION_TWICE;
@@ -547,9 +546,9 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
{
/* this "cast increases required alignment of target type" but
we consider it OK anyway */
- struct curl_slist* list = array_state?
- (struct curl_slist*)(void*)array_value:
- va_arg(params, struct curl_slist*);
+ struct curl_slist *list = array_state?
+ (struct curl_slist *)(void *)array_value:
+ va_arg(params, struct curl_slist *);
if(current_form->contentheader)
return_value = CURL_FORMADD_OPTION_TWICE;
@@ -628,70 +627,68 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
return_value = CURL_FORMADD_INCOMPLETE;
break;
}
- else {
- if(((form->flags & HTTPPOST_FILENAME) ||
- (form->flags & HTTPPOST_BUFFER)) &&
- !form->contenttype) {
- char *f = form->flags & HTTPPOST_BUFFER?
- form->showfilename : form->value;
-
- /* our contenttype is missing */
- form->contenttype = strdup(ContentTypeForFilename(f, prevtype));
- if(!form->contenttype) {
- return_value = CURL_FORMADD_MEMORY;
- break;
- }
- form->contenttype_alloc = TRUE;
+ if(((form->flags & HTTPPOST_FILENAME) ||
+ (form->flags & HTTPPOST_BUFFER)) &&
+ !form->contenttype) {
+ char *f = form->flags & HTTPPOST_BUFFER?
+ form->showfilename : form->value;
+
+ /* our contenttype is missing */
+ form->contenttype = strdup(ContentTypeForFilename(f, prevtype));
+ if(!form->contenttype) {
+ return_value = CURL_FORMADD_MEMORY;
+ break;
}
- if(!(form->flags & HTTPPOST_PTRNAME) &&
- (form == first_form) ) {
- /* Note that there's small risk that form->name is NULL here if the
- app passed in a bad combo, so we better check for that first. */
- if(form->name) {
- /* copy name (without strdup; possibly contains null characters) */
- form->name = Curl_memdup(form->name, form->namelength?
- form->namelength:
- strlen(form->name)+1);
- }
- if(!form->name) {
- return_value = CURL_FORMADD_MEMORY;
- break;
- }
- form->name_alloc = TRUE;
+ form->contenttype_alloc = TRUE;
+ }
+ if(!(form->flags & HTTPPOST_PTRNAME) &&
+ (form == first_form) ) {
+ /* Note that there's small risk that form->name is NULL here if the
+ app passed in a bad combo, so we better check for that first. */
+ if(form->name) {
+ /* copy name (without strdup; possibly contains null characters) */
+ form->name = Curl_memdup(form->name, form->namelength?
+ form->namelength:
+ strlen(form->name)+1);
+ }
+ if(!form->name) {
+ return_value = CURL_FORMADD_MEMORY;
+ break;
}
- if(!(form->flags & (HTTPPOST_FILENAME | HTTPPOST_READFILE |
- HTTPPOST_PTRCONTENTS | HTTPPOST_PTRBUFFER |
- HTTPPOST_CALLBACK)) && form->value) {
- /* copy value (without strdup; possibly contains null characters) */
- size_t clen = (size_t) form->contentslength;
- if(!clen)
- clen = strlen(form->value)+1;
+ form->name_alloc = TRUE;
+ }
+ if(!(form->flags & (HTTPPOST_FILENAME | HTTPPOST_READFILE |
+ HTTPPOST_PTRCONTENTS | HTTPPOST_PTRBUFFER |
+ HTTPPOST_CALLBACK)) && form->value) {
+ /* copy value (without strdup; possibly contains null characters) */
+ size_t clen = (size_t) form->contentslength;
+ if(!clen)
+ clen = strlen(form->value)+1;
- form->value = Curl_memdup(form->value, clen);
+ form->value = Curl_memdup(form->value, clen);
- if(!form->value) {
- return_value = CURL_FORMADD_MEMORY;
- break;
- }
- form->value_alloc = TRUE;
- }
- post = AddHttpPost(form->name, form->namelength,
- form->value, form->contentslength,
- form->buffer, form->bufferlength,
- form->contenttype, form->flags,
- form->contentheader, form->showfilename,
- form->userp,
- post, httppost,
- last_post);
-
- if(!post) {
+ if(!form->value) {
return_value = CURL_FORMADD_MEMORY;
break;
}
-
- if(form->contenttype)
- prevtype = form->contenttype;
+ form->value_alloc = TRUE;
+ }
+ post = AddHttpPost(form->name, form->namelength,
+ form->value, form->contentslength,
+ form->buffer, form->bufferlength,
+ form->contenttype, form->flags,
+ form->contentheader, form->showfilename,
+ form->userp,
+ post, httppost,
+ last_post);
+
+ if(!post) {
+ return_value = CURL_FORMADD_MEMORY;
+ break;
}
+
+ if(form->contenttype)
+ prevtype = form->contenttype;
}
if(CURL_FORMADD_OK != return_value) {
/* On error, free allocated fields for nodes of the FormInfo linked
@@ -761,8 +758,8 @@ CURLFORMcode curl_formadd(struct curl_httppost **httppost,
* and CD/DVD images should be either a STREAM_LF format or a fixed format.
*
*/
-curl_off_t VmsRealFileSize(const char * name,
- const struct_stat * stat_buf)
+curl_off_t VmsRealFileSize(const char *name,
+ const struct_stat *stat_buf)
{
char buffer[8192];
curl_off_t count;
@@ -791,8 +788,8 @@ curl_off_t VmsRealFileSize(const char * name,
* if not to call a routine to get the correct size.
*
*/
-static curl_off_t VmsSpecialSize(const char * name,
- const struct_stat * stat_buf)
+static curl_off_t VmsSpecialSize(const char *name,
+ const struct_stat *stat_buf)
{
switch(stat_buf->st_fab_rfm) {
case FAB$C_VAR:
@@ -845,16 +842,23 @@ static CURLcode AddFormData(struct FormData **formp,
goto error;
}
#endif
+ if(type != FORM_DATAMEM) {
+ newform->line = malloc((size_t)length+1);
+ if(!newform->line) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto error;
+ }
+ alloc2 = newform->line;
+ memcpy(newform->line, line, (size_t)length);
- newform->line = malloc((size_t)length+1);
- if(!newform->line) {
- result = CURLE_OUT_OF_MEMORY;
- goto error;
+ /* zero terminate for easier debugging */
+ newform->line[(size_t)length]=0;
+ }
+ else {
+ newform->line = (char *)line;
+ type = FORM_DATA; /* in all other aspects this is just FORM_DATA */
}
- alloc2 = newform->line;
- memcpy(newform->line, line, (size_t)length);
newform->length = (size_t)length;
- newform->line[(size_t)length]=0; /* zero terminate for easier debugging */
}
else
/* For callbacks and files we don't have any actual data so we just keep a
@@ -863,13 +867,6 @@ static CURLcode AddFormData(struct FormData **formp,
newform->type = type;
- if(*formp) {
- (*formp)->next = newform;
- *formp = newform;
- }
- else
- *formp = newform;
-
if(size) {
if(type != FORM_FILE)
/* for static content as well as callback data we add the size given
@@ -878,7 +875,7 @@ static CURLcode AddFormData(struct FormData **formp,
else {
/* Since this is a file to be uploaded here, add the size of the actual
file */
- if(!strequal("-", newform->line)) {
+ if(strcmp("-", newform->line)) {
struct_stat file;
if(!stat(newform->line, &file) && !S_ISDIR(file.st_mode))
*size += filesize(newform->line, file);
@@ -889,6 +886,14 @@ static CURLcode AddFormData(struct FormData **formp,
}
}
}
+
+ if(*formp) {
+ (*formp)->next = newform;
+ *formp = newform;
+ }
+ else
+ *formp = newform;
+
return CURLE_OK;
error:
if(newform)
@@ -906,13 +911,21 @@ static CURLcode AddFormDataf(struct FormData **formp,
curl_off_t *size,
const char *fmt, ...)
{
- char s[4096];
+ char *s;
+ CURLcode result;
va_list ap;
va_start(ap, fmt);
- vsnprintf(s, sizeof(s), fmt, ap);
+ s = curl_mvaprintf(fmt, ap);
va_end(ap);
- return AddFormData(formp, FORM_DATA, s, 0, size);
+ if(!s)
+ return CURLE_OUT_OF_MEMORY;
+
+ result = AddFormData(formp, FORM_DATAMEM, s, 0, size);
+ if(result)
+ free(s);
+
+ return result;
}
/*
@@ -932,8 +945,8 @@ void Curl_formclean(struct FormData **form_ptr)
if(form->type <= FORM_CONTENT)
free(form->line); /* free the line */
free(form); /* free the struct */
-
- } while((form = next) != NULL); /* continue */
+ form = next;
+ } while(form); /* continue */
*form_ptr = NULL;
}
@@ -1014,8 +1027,8 @@ void curl_formfree(struct curl_httppost *form)
free(form->contenttype); /* free the content type */
free(form->showfilename); /* free the faked file name */
free(form); /* free the struct */
-
- } while((form = next) != NULL); /* continue */
+ form = next;
+ } while(form); /* continue */
}
#ifndef HAVE_BASENAME
@@ -1146,20 +1159,19 @@ CURLcode Curl_getformdata(struct Curl_easy *data,
struct FormData *firstform;
struct curl_httppost *file;
CURLcode result = CURLE_OK;
-
curl_off_t size = 0; /* support potentially ENORMOUS formposts */
- char *boundary;
- char *fileboundary = NULL;
- struct curl_slist* curList;
+ char fileboundary[42];
+ struct curl_slist *curList;
+ char boundary[42];
*finalform = NULL; /* default form is empty */
if(!post)
return result; /* no input => no output! */
- boundary = formboundary(data);
- if(!boundary)
- return CURLE_OUT_OF_MEMORY;
+ result = formboundary(data, boundary, sizeof(boundary));
+ if(result)
+ return result;
/* Make the first line of the output */
result = AddFormDataf(&form, NULL,
@@ -1169,7 +1181,6 @@ CURLcode Curl_getformdata(struct Curl_easy *data,
boundary);
if(result) {
- free(boundary);
return result;
}
/* we DO NOT include that line in the total size of the POST, since it'll be
@@ -1212,10 +1223,8 @@ CURLcode Curl_getformdata(struct Curl_easy *data,
/* If used, this is a link to more file names, we must then do
the magic to include several files with the same field name */
- free(fileboundary);
- fileboundary = formboundary(data);
- if(!fileboundary) {
- result = CURLE_OUT_OF_MEMORY;
+ result = formboundary(data, fileboundary, sizeof(fileboundary));
+ if(result) {
break;
}
@@ -1289,7 +1298,7 @@ CURLcode Curl_getformdata(struct Curl_easy *data,
/* we should include the contents from the specified file */
FILE *fileread;
- fileread = strequal("-", file->contents)?
+ fileread = !strcmp("-", file->contents)?
stdin:fopen(file->contents, "rb"); /* binary read for win32 */
/*
@@ -1315,7 +1324,7 @@ CURLcode Curl_getformdata(struct Curl_easy *data,
char buffer[512];
while((nread = fread(buffer, 1, sizeof(buffer), fileread)) != 0) {
result = AddFormData(&form, FORM_CONTENT, buffer, nread, &size);
- if(result)
+ if(result || feof(fileread) || ferror(fileread))
break;
}
}
@@ -1357,8 +1366,8 @@ CURLcode Curl_getformdata(struct Curl_easy *data,
if(result)
break;
}
-
- } while((post = post->next) != NULL); /* for each field */
+ post = post->next;
+ } while(post); /* for each field */
/* end-boundary for everything */
if(!result)
@@ -1366,16 +1375,10 @@ CURLcode Curl_getformdata(struct Curl_easy *data,
if(result) {
Curl_formclean(&firstform);
- free(fileboundary);
- free(boundary);
return result;
}
*sizep = size;
-
- free(fileboundary);
- free(boundary);
-
*finalform = firstform;
return result;
@@ -1410,13 +1413,14 @@ int Curl_FormInit(struct Form *form, struct FormData
*formdata)
*
*/
# define fopen_read vmsfopenread
-static FILE * vmsfopenread(const char *file, const char *mode) {
+static FILE * vmsfopenread(const char *file, const char *mode)
+{
struct_stat statbuf;
int result;
result = stat(file, &statbuf);
- switch (statbuf.st_fab_rfm) {
+ switch(statbuf.st_fab_rfm) {
case FAB$C_VAR:
case FAB$C_VFC:
case FAB$C_STMCR:
@@ -1444,8 +1448,7 @@ static size_t readfromfile(struct Form *form, char
*buffer,
if(callback) {
if(form->fread_func == ZERO_NULL)
return 0;
- else
- nread = form->fread_func(buffer, 1, size, form->data->line);
+ nread = form->fread_func(buffer, 1, size, form->data->line);
}
else {
if(!form->fp) {
@@ -1535,7 +1538,7 @@ char *Curl_formpostheader(void *formp, size_t *len)
struct Form *form=(struct Form *)formp;
if(!form->data)
- return 0; /* nothing, ERROR! */
+ return NULL; /* nothing, ERROR! */
header = form->data->line;
*len = form->data->length;
@@ -1549,12 +1552,18 @@ char *Curl_formpostheader(void *formp, size_t *len)
* formboundary() creates a suitable boundary string and returns an allocated
* one.
*/
-static char *formboundary(struct Curl_easy *data)
+static CURLcode formboundary(struct Curl_easy *data,
+ char *buffer, size_t buflen)
{
/* 24 dashes and 16 hexadecimal digits makes 64 bit (18446744073709551615)
combinations */
- return aprintf("------------------------%08x%08x",
- Curl_rand(data), Curl_rand(data));
+ if(buflen < 41)
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+
+ memset(buffer, '-', 24);
+ Curl_rand_hex(data, (unsigned char *)&buffer[24], 17);
+
+ return CURLE_OK;
}
#else /* CURL_DISABLE_HTTP */
diff --git a/lib/formdata.h b/lib/formdata.h
index 6eb7c6c9e..69629f628 100644
--- a/lib/formdata.h
+++ b/lib/formdata.h
@@ -23,6 +23,7 @@
***************************************************************************/
enum formtype {
+ FORM_DATAMEM, /* already allocated FORM_DATA memory */
FORM_DATA, /* form metadata (convert to network encoding if necessary) */
FORM_CONTENT, /* form content (never convert) */
FORM_CALLBACK, /* 'line' points to the custom pointer we pass to the callback
@@ -64,7 +65,7 @@ typedef struct FormInfo {
file name will be used */
bool showfilename_alloc;
char *userp; /* pointer for the read callback */
- struct curl_slist* contentheader;
+ struct curl_slist *contentheader;
struct FormInfo *more;
} FormInfo;
diff --git a/lib/ftp.c b/lib/ftp.c
index 3e8a22be9..eebcade49 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -46,7 +46,7 @@
#define in_addr_t unsigned long
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "sendf.h"
#include "if2ip.h"
@@ -61,7 +61,7 @@
#include "ftplistparser.h"
#include "curl_sec.h"
#include "strtoofft.h"
-#include "strequal.h"
+#include "strcase.h"
#include "vtls/vtls.h"
#include "connect.h"
#include "strerror.h"
@@ -72,7 +72,7 @@
#include "sockaddr.h" /* required for Curl_sockaddr_storage */
#include "multiif.h"
#include "url.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "speedcheck.h"
#include "warnless.h"
#include "http_proxy.h"
@@ -178,10 +178,11 @@ const struct Curl_handler Curl_handler_ftp = {
ZERO_NULL, /* perform_getsock */
ftp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_FTP, /* defport */
CURLPROTO_FTP, /* protocol */
- PROTOPT_DUAL | PROTOPT_CLOSEACTION | PROTOPT_NEEDSPWD
- | PROTOPT_NOURLQUERY /* flags */
+ PROTOPT_DUAL | PROTOPT_CLOSEACTION | PROTOPT_NEEDSPWD |
+ PROTOPT_NOURLQUERY | PROTOPT_PROXY_AS_HTTP /* flags */
};
@@ -205,6 +206,7 @@ const struct Curl_handler Curl_handler_ftps = {
ZERO_NULL, /* perform_getsock */
ftp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_FTPS, /* defport */
CURLPROTO_FTPS, /* protocol */
PROTOPT_SSL | PROTOPT_DUAL | PROTOPT_CLOSEACTION |
@@ -212,59 +214,6 @@ const struct Curl_handler Curl_handler_ftps = {
};
#endif
-#ifndef CURL_DISABLE_HTTP
-/*
- * HTTP-proxyed FTP protocol handler.
- */
-
-static const struct Curl_handler Curl_handler_ftp_proxy = {
- "FTP", /* scheme */
- Curl_http_setup_conn, /* setup_connection */
- Curl_http, /* do_it */
- Curl_http_done, /* done */
- ZERO_NULL, /* do_more */
- ZERO_NULL, /* connect_it */
- ZERO_NULL, /* connecting */
- ZERO_NULL, /* doing */
- ZERO_NULL, /* proto_getsock */
- ZERO_NULL, /* doing_getsock */
- ZERO_NULL, /* domore_getsock */
- ZERO_NULL, /* perform_getsock */
- ZERO_NULL, /* disconnect */
- ZERO_NULL, /* readwrite */
- PORT_FTP, /* defport */
- CURLPROTO_HTTP, /* protocol */
- PROTOPT_NONE /* flags */
-};
-
-
-#ifdef USE_SSL
-/*
- * HTTP-proxyed FTPS protocol handler.
- */
-
-static const struct Curl_handler Curl_handler_ftps_proxy = {
- "FTPS", /* scheme */
- Curl_http_setup_conn, /* setup_connection */
- Curl_http, /* do_it */
- Curl_http_done, /* done */
- ZERO_NULL, /* do_more */
- ZERO_NULL, /* connect_it */
- ZERO_NULL, /* connecting */
- ZERO_NULL, /* doing */
- ZERO_NULL, /* proto_getsock */
- ZERO_NULL, /* doing_getsock */
- ZERO_NULL, /* domore_getsock */
- ZERO_NULL, /* perform_getsock */
- ZERO_NULL, /* disconnect */
- ZERO_NULL, /* readwrite */
- PORT_FTPS, /* defport */
- CURLPROTO_HTTP, /* protocol */
- PROTOPT_NONE /* flags */
-};
-#endif
-#endif
-
static void close_secondarysocket(struct connectdata *conn)
{
if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET]) {
@@ -272,7 +221,6 @@ static void close_secondarysocket(struct connectdata *conn)
conn->sock[SECONDARYSOCKET] = CURL_SOCKET_BAD;
}
conn->bits.tcpconnect[SECONDARYSOCKET] = FALSE;
- conn->tunnel_state[SECONDARYSOCKET] = TUNNEL_INIT;
}
/*
@@ -384,11 +332,11 @@ static CURLcode AcceptServerConnect(struct connectdata
*conn)
* Curl_pgrsTime(..., TIMER_STARTACCEPT);
*
*/
-static long ftp_timeleft_accept(struct Curl_easy *data)
+static time_t ftp_timeleft_accept(struct Curl_easy *data)
{
- long timeout_ms = DEFAULT_ACCEPT_TIMEOUT;
- long other;
- struct timeval now;
+ time_t timeout_ms = DEFAULT_ACCEPT_TIMEOUT;
+ time_t other;
+ struct curltime now;
if(data->set.accepttimeout > 0)
timeout_ms = data->set.accepttimeout;
@@ -430,7 +378,7 @@ static CURLcode ReceivedServerConnect(struct connectdata
*conn, bool *received)
struct ftp_conn *ftpc = &conn->proto.ftpc;
struct pingpong *pp = &ftpc->pp;
int result;
- long timeout_ms;
+ time_t timeout_ms;
ssize_t nread;
int ftpcode;
@@ -455,7 +403,7 @@ static CURLcode ReceivedServerConnect(struct connectdata
*conn, bool *received)
result = Curl_socket_check(ctrl_sock, data_sock, CURL_SOCKET_BAD, 0);
/* see if the connection request is already here */
- switch (result) {
+ switch(result) {
case -1: /* error */
/* let's die here */
failf(data, "Error while waiting for server connect");
@@ -499,7 +447,7 @@ static CURLcode InitiateTransfer(struct connectdata *conn)
struct FTP *ftp = data->req.protop;
CURLcode result = CURLE_OK;
- if(conn->ssl[SECONDARYSOCKET].use) {
+ if(conn->bits.ftp_use_data_ssl) {
/* since we only have a plaintext TCP connection here, we must now
* do the TLS stuff */
infof(data, "Doing the SSL/TLS handshake on the data stream\n");
@@ -547,7 +495,7 @@ static CURLcode InitiateTransfer(struct connectdata *conn)
static CURLcode AllowServerConnect(struct connectdata *conn, bool *connected)
{
struct Curl_easy *data = conn->data;
- long timeout_ms;
+ time_t timeout_ms;
CURLcode result = CURLE_OK;
*connected = FALSE;
@@ -580,10 +528,8 @@ static CURLcode AllowServerConnect(struct connectdata
*conn, bool *connected)
else {
/* Add timeout to multi handle and break out of the loop */
if(!result && *connected == FALSE) {
- if(data->set.accepttimeout > 0)
- Curl_expire(data, data->set.accepttimeout);
- else
- Curl_expire(data, DEFAULT_ACCEPT_TIMEOUT);
+ Curl_expire(data, data->set.accepttimeout > 0 ?
+ data->set.accepttimeout: DEFAULT_ACCEPT_TIMEOUT, 0);
}
}
@@ -687,8 +633,8 @@ CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return
number of bytes read */
* line in a response or continue reading. */
curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
- long timeout; /* timeout in milliseconds */
- long interval_ms;
+ time_t timeout; /* timeout in milliseconds */
+ time_t interval_ms;
struct Curl_easy *data = conn->data;
CURLcode result = CURLE_OK;
struct ftp_conn *ftpc = &conn->proto.ftpc;
@@ -740,8 +686,8 @@ CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return
number of bytes read */
* wait for more data anyway.
*/
}
- else {
- switch (Curl_socket_ready(sockfd, CURL_SOCKET_BAD, interval_ms)) {
+ else if(!Curl_conn_data_pending(conn, FIRSTSOCKET)) {
+ switch(SOCKET_READABLE(sockfd, interval_ms)) {
case -1: /* select() error, stop reading */
failf(data, "FTP response aborted due to select/poll error: %d",
SOCKERRNO);
@@ -916,8 +862,7 @@ static int ftp_domore_getsock(struct connectdata *conn,
curl_socket_t *socks,
return bits;
}
- else
- return Curl_pp_getsock(&conn->proto.ftpc.pp, socks, numsocks);
+ return Curl_pp_getsock(&conn->proto.ftpc.pp, socks, numsocks);
}
/* This is called after the FTP_QUOTE state is passed.
@@ -942,21 +887,24 @@ static CURLcode ftp_state_cwd(struct connectdata *conn)
dir) this then allows for a second try to CWD to it */
ftpc->count3 = (conn->data->set.ftp_create_missing_dirs==2)?1:0;
- if(conn->bits.reuse && ftpc->entrypath) {
+ if((conn->data->set.ftp_filemethod == FTPFILE_NOCWD) && !ftpc->cwdcount)
+ /* No CWD necessary */
+ result = ftp_state_mdtm(conn);
+ else if(conn->bits.reuse && ftpc->entrypath) {
/* This is a re-used connection. Since we change directory to where the
transfer is taking place, we must first get back to the original dir
where we ended up after login: */
- ftpc->count1 = 0; /* we count this as the first path, then we add one
- for all upcoming ones in the ftp->dirs[] array */
+ ftpc->cwdcount = 0; /* we count this as the first path, then we add one
+ for all upcoming ones in the ftp->dirs[] array */
PPSENDF(&conn->proto.ftpc.pp, "CWD %s", ftpc->entrypath);
state(conn, FTP_CWD);
}
else {
if(ftpc->dirdepth) {
- ftpc->count1 = 1;
+ ftpc->cwdcount = 1;
/* issue the first CWD, the rest is sent when the CWD responses are
received... */
- PPSENDF(&conn->proto.ftpc.pp, "CWD %s", ftpc->dirs[ftpc->count1 -1]);
+ PPSENDF(&conn->proto.ftpc.pp, "CWD %s", ftpc->dirs[ftpc->cwdcount -1]);
state(conn, FTP_CWD);
}
else {
@@ -1035,7 +983,8 @@ static CURLcode ftp_state_use_port(struct connectdata
*conn,
if(*string_ftpport == '[') {
/* [ipv6]:port(-range) */
ip_start = string_ftpport + 1;
- if((ip_end = strchr(string_ftpport, ']')) != NULL)
+ ip_end = strchr(string_ftpport, ']');
+ if(ip_end)
strncpy(addr, ip_start, ip_end - ip_start);
}
else
@@ -1043,30 +992,35 @@ static CURLcode ftp_state_use_port(struct connectdata
*conn,
if(*string_ftpport == ':') {
/* :port */
ip_end = string_ftpport;
- }
- else if((ip_end = strchr(string_ftpport, ':')) != NULL) {
- /* either ipv6 or (ipv4|domain|interface):port(-range) */
-#ifdef ENABLE_IPV6
- if(Curl_inet_pton(AF_INET6, string_ftpport, sa6) == 1) {
- /* ipv6 */
- port_min = port_max = 0;
- strcpy(addr, string_ftpport);
- ip_end = NULL; /* this got no port ! */
}
- else
+ else {
+ ip_end = strchr(string_ftpport, ':');
+ if(ip_end) {
+ /* either ipv6 or (ipv4|domain|interface):port(-range) */
+#ifdef ENABLE_IPV6
+ if(Curl_inet_pton(AF_INET6, string_ftpport, sa6) == 1) {
+ /* ipv6 */
+ port_min = port_max = 0;
+ strcpy(addr, string_ftpport);
+ ip_end = NULL; /* this got no port ! */
+ }
+ else
#endif
- /* (ipv4|domain|interface):port(-range) */
- strncpy(addr, string_ftpport, ip_end - ip_start);
- }
- else
- /* ipv4|interface */
- strcpy(addr, string_ftpport);
+ /* (ipv4|domain|interface):port(-range) */
+ strncpy(addr, string_ftpport, ip_end - ip_start);
+ }
+ else
+ /* ipv4|interface */
+ strcpy(addr, string_ftpport);
+ }
/* parse the port */
if(ip_end != NULL) {
- if((port_start = strchr(ip_end, ':')) != NULL) {
+ port_start = strchr(ip_end, ':');
+ if(port_start) {
port_min = curlx_ultous(strtoul(port_start+1, NULL, 10));
- if((port_sep = strchr(port_start, '-')) != NULL) {
+ port_sep = strchr(port_start, '-');
+ if(port_sep) {
port_max = curlx_ultous(strtoul(port_sep + 1, NULL, 10));
}
else
@@ -1203,7 +1157,7 @@ static CURLcode ftp_state_use_port(struct connectdata
*conn,
possibly_non_local = FALSE; /* don't try this again */
continue;
}
- else if(error != EADDRINUSE && error != EACCES) {
+ if(error != EADDRINUSE && error != EACCES) {
failf(data, "bind(port=%hu) failed: %s", port,
Curl_strerror(conn, error) );
Curl_closesocket(conn, portsock);
@@ -1301,7 +1255,7 @@ static CURLcode ftp_state_use_port(struct connectdata
*conn,
}
break;
}
- else if(PORT == fcmd) {
+ if(PORT == fcmd) {
char *source = myhost;
char *dest = tmp;
@@ -1668,31 +1622,30 @@ static CURLcode ftp_state_ul_setup(struct connectdata
*conn,
}
if(seekerr != CURL_SEEKFUNC_OK) {
+ curl_off_t passed=0;
if(seekerr != CURL_SEEKFUNC_CANTSEEK) {
failf(data, "Could not seek stream");
return CURLE_FTP_COULDNT_USE_REST;
}
/* seekerr == CURL_SEEKFUNC_CANTSEEK (can't seek to offset) */
- else {
- curl_off_t passed=0;
- do {
- size_t readthisamountnow =
- (data->state.resume_from - passed > CURL_OFF_T_C(BUFSIZE)) ?
- BUFSIZE : curlx_sotouz(data->state.resume_from - passed);
-
- size_t actuallyread =
- data->state.fread_func(data->state.buffer, 1, readthisamountnow,
- data->state.in);
-
- passed += actuallyread;
- if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
- /* this checks for greater-than only to make sure that the
- CURL_READFUNC_ABORT return code still aborts */
- failf(data, "Failed to read data");
- return CURLE_FTP_COULDNT_USE_REST;
- }
- } while(passed < data->state.resume_from);
- }
+ do {
+ size_t readthisamountnow =
+ (data->state.resume_from - passed > data->set.buffer_size) ?
+ (size_t)data->set.buffer_size :
+ curlx_sotouz(data->state.resume_from - passed);
+
+ size_t actuallyread =
+ data->state.fread_func(data->state.buffer, 1, readthisamountnow,
+ data->state.in);
+
+ passed += actuallyread;
+ if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
+ /* this checks for greater-than only to make sure that the
+ CURL_READFUNC_ABORT return code still aborts */
+ failf(data, "Failed to read data");
+ return CURLE_FTP_COULDNT_USE_REST;
+ }
+ } while(passed < data->state.resume_from);
}
/* now, decrease the size of the read */
if(data->state.infilesize>0) {
@@ -1751,7 +1704,7 @@ static CURLcode ftp_state_quote(struct connectdata *conn,
/*
* This state uses:
* 'count1' to iterate over the commands to send
- * 'count2' to store wether to allow commands to fail
+ * 'count2' to store whether to allow commands to fail
*/
if(init)
@@ -1850,84 +1803,6 @@ static CURLcode ftp_epsv_disable(struct connectdata
*conn)
return result;
}
-/*
- * Perform the necessary magic that needs to be done once the TCP connection
- * to the proxy has completed.
- */
-static CURLcode proxy_magic(struct connectdata *conn,
- char *newhost, unsigned short newport,
- bool *magicdone)
-{
- CURLcode result = CURLE_OK;
- struct Curl_easy *data = conn->data;
-
-#if defined(CURL_DISABLE_PROXY)
- (void) newhost;
- (void) newport;
-#endif
-
- *magicdone = FALSE;
-
- switch(conn->proxytype) {
- case CURLPROXY_SOCKS5:
- case CURLPROXY_SOCKS5_HOSTNAME:
- result = Curl_SOCKS5(conn->proxyuser, conn->proxypasswd, newhost,
- newport, SECONDARYSOCKET, conn);
- *magicdone = TRUE;
- break;
- case CURLPROXY_SOCKS4:
- result = Curl_SOCKS4(conn->proxyuser, newhost, newport,
- SECONDARYSOCKET, conn, FALSE);
- *magicdone = TRUE;
- break;
- case CURLPROXY_SOCKS4A:
- result = Curl_SOCKS4(conn->proxyuser, newhost, newport,
- SECONDARYSOCKET, conn, TRUE);
- *magicdone = TRUE;
- break;
- case CURLPROXY_HTTP:
- case CURLPROXY_HTTP_1_0:
- /* do nothing here. handled later. */
- break;
- default:
- failf(data, "unknown proxytype option given");
- result = CURLE_COULDNT_CONNECT;
- break;
- }
-
- if(conn->bits.tunnel_proxy && conn->bits.httpproxy) {
- /* BLOCKING */
- /* We want "seamless" FTP operations through HTTP proxy tunnel */
-
- /* Curl_proxyCONNECT is based on a pointer to a struct HTTP at the
- * member conn->proto.http; we want FTP through HTTP and we have to
- * change the member temporarily for connecting to the HTTP proxy. After
- * Curl_proxyCONNECT we have to set back the member to the original
- * struct FTP pointer
- */
- struct HTTP http_proxy;
- struct FTP *ftp_save = data->req.protop;
- memset(&http_proxy, 0, sizeof(http_proxy));
- data->req.protop = &http_proxy;
-
- result = Curl_proxyCONNECT(conn, SECONDARYSOCKET, newhost, newport, TRUE);
-
- data->req.protop = ftp_save;
-
- if(result)
- return result;
-
- if(conn->tunnel_state[SECONDARYSOCKET] != TUNNEL_COMPLETE) {
- /* the CONNECT procedure is not complete, the tunnel is not yet up */
- state(conn, FTP_STOP); /* this phase is completed */
- return result;
- }
- else
- *magicdone = TRUE;
- }
-
- return result;
-}
static char *control_address(struct connectdata *conn)
{
@@ -1935,11 +1810,7 @@ static char *control_address(struct connectdata *conn)
If a proxy tunnel is used, returns the original host name instead, because
the effective control connection address is the proxy address,
not the ftp host. */
- if(conn->bits.tunnel_proxy ||
- conn->proxytype == CURLPROXY_SOCKS5 ||
- conn->proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
- conn->proxytype == CURLPROXY_SOCKS4 ||
- conn->proxytype == CURLPROXY_SOCKS4A)
+ if(conn->bits.tunnel_proxy || conn->bits.socksproxy)
return conn->host.name;
return conn->ip_addr_str;
@@ -2063,7 +1934,9 @@ static CURLcode ftp_state_pasv_resp(struct connectdata
*conn,
* here. We don't want to rely on a former host lookup that might've
* expired now, instead we remake the lookup here and now!
*/
- rc = Curl_resolv(conn, conn->proxy.name, (int)conn->port, &addr);
+ const char * const host_name = conn->bits.socksproxy ?
+ conn->socks_proxy.host.name : conn->http_proxy.host.name;
+ rc = Curl_resolv(conn, host_name, (int)conn->port, &addr);
if(rc == CURLRESOLV_PENDING)
/* BLOCKING, ignores the return code but 'addr' will be NULL in
case of failure */
@@ -2073,9 +1946,8 @@ static CURLcode ftp_state_pasv_resp(struct connectdata
*conn,
(unsigned short)conn->port; /* we connect to the proxy's port */
if(!addr) {
- failf(data, "Can't resolve proxy host %s:%hu",
- conn->proxy.name, connectport);
- return CURLE_FTP_CANT_GET_HOST;
+ failf(data, "Can't resolve proxy host %s:%hu", host_name, connectport);
+ return CURLE_COULDNT_RESOLVE_PROXY;
}
}
else {
@@ -2116,6 +1988,13 @@ static CURLcode ftp_state_pasv_resp(struct connectdata
*conn,
ftp_pasv_verbose(conn, addr->addr, ftpc->newhost, connectport);
Curl_resolv_unlock(data, addr); /* we're done using this address */
+
+ Curl_safefree(conn->secondaryhostname);
+ conn->secondary_port = ftpc->newport;
+ conn->secondaryhostname = strdup(ftpc->newhost);
+ if(!conn->secondaryhostname)
+ return CURLE_OUT_OF_MEMORY;
+
conn->bits.do_more = TRUE;
state(conn, FTP_STOP); /* this phase is completed */
@@ -2172,17 +2051,17 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata
*conn,
/* we got a time. Format should be: "YYYYMMDDHHMMSS[.sss]" where the
last .sss part is optional and means fractions of a second */
int year, month, day, hour, minute, second;
- char *buf = data->state.buffer;
- if(6 == sscanf(buf+4, "%04d%02d%02d%02d%02d%02d",
+ if(6 == sscanf(&data->state.buffer[4], "%04d%02d%02d%02d%02d%02d",
&year, &month, &day, &hour, &minute, &second)) {
/* we have a time, reformat it */
+ char timebuf[24];
time_t secs=time(NULL);
- /* using the good old yacc/bison yuck */
- snprintf(buf, sizeof(conn->data->state.buffer),
+
+ snprintf(timebuf, sizeof(timebuf),
"%04d%02d%02d %02d:%02d:%02d GMT",
year, month, day, hour, minute, second);
/* now, convert this into a time() value: */
- data->info.filetime = (long)curl_getdate(buf, &secs);
+ data->info.filetime = (long)curl_getdate(timebuf, &secs);
}
#ifdef CURL_FTP_HTTPSTYLE_HEAD
@@ -2193,6 +2072,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata
*conn,
ftpc->file &&
data->set.get_filetime &&
(data->info.filetime>=0) ) {
+ char headerbuf[128];
time_t filetime = (time_t)data->info.filetime;
struct tm buffer;
const struct tm *tm = &buffer;
@@ -2202,7 +2082,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata
*conn,
return result;
/* format: "Tue, 15 Nov 1994 12:45:26" */
- snprintf(buf, BUFSIZE-1,
+ snprintf(headerbuf, sizeof(headerbuf),
"Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n",
Curl_wkday[tm->tm_wday?tm->tm_wday-1:6],
tm->tm_mday,
@@ -2211,7 +2091,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata
*conn,
tm->tm_hour,
tm->tm_min,
tm->tm_sec);
- result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0);
+ result = Curl_client_write(conn, CLIENTWRITE_BOTH, headerbuf, 0);
if(result)
return result;
} /* end of a ridiculous amount of conditionals */
@@ -2389,9 +2269,10 @@ static CURLcode ftp_state_size_resp(struct connectdata
*conn,
if(instate == FTP_SIZE) {
#ifdef CURL_FTP_HTTPSTYLE_HEAD
if(-1 != filesize) {
- snprintf(buf, sizeof(data->state.buffer),
+ char clbuf[128];
+ snprintf(clbuf, sizeof(clbuf),
"Content-Length: %" CURL_FORMAT_CURL_OFF_T "\r\n", filesize);
- result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0);
+ result = Curl_client_write(conn, CLIENTWRITE_BOTH, clbuf, 0);
if(result)
return result;
}
@@ -2480,8 +2361,7 @@ static CURLcode ftp_state_stor_resp(struct connectdata
*conn,
return CURLE_OK;
}
- else
- return InitiateTransfer(conn);
+ return InitiateTransfer(conn);
}
/* for LIST and RETR responses */
@@ -2492,7 +2372,6 @@ static CURLcode ftp_state_get_resp(struct connectdata
*conn,
CURLcode result = CURLE_OK;
struct Curl_easy *data = conn->data;
struct FTP *ftp = data->req.protop;
- char *buf = data->state.buffer;
if((ftpcode == 150) || (ftpcode == 125)) {
@@ -2536,6 +2415,7 @@ static CURLcode ftp_state_get_resp(struct connectdata
*conn,
*
* Example D above makes this parsing a little tricky */
char *bytes;
+ char *buf = data->state.buffer;
bytes=strstr(buf, " bytes");
if(bytes--) {
long in=(long)(bytes-buf);
@@ -2763,7 +2643,10 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
}
#endif
- if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
+ if(data->set.use_ssl &&
+ (!conn->ssl[FIRSTSOCKET].use ||
+ (conn->bits.proxy_ssl_connected[FIRSTSOCKET] &&
+ !conn->proxy_ssl[FIRSTSOCKET].use))) {
/* We don't have a SSL/TLS connection yet, but FTPS is
requested. Try a FTPS connection now */
@@ -2808,7 +2691,7 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
/* Curl_ssl_connect is BLOCKING */
result = Curl_ssl_connect(conn, FIRSTSOCKET);
if(!result) {
- conn->ssl[SECONDARYSOCKET].use = FALSE; /* clear-text data */
+ conn->bits.ftp_use_data_ssl = FALSE; /* clear-text data */
result = ftp_state_user(conn);
}
}
@@ -2850,7 +2733,7 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
case FTP_PROT:
if(ftpcode/100 == 2)
/* We have enabled SSL for the data connection! */
- conn->ssl[SECONDARYSOCKET].use =
+ conn->bits.ftp_use_data_ssl =
(data->set.use_ssl != CURLUSESSL_CONTROL) ? TRUE : FALSE;
/* FTP servers typically responds with 500 if they decide to reject
our 'P' request */
@@ -2891,6 +2774,7 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
case FTP_PWD:
if(ftpcode == 257) {
char *ptr=&data->state.buffer[4]; /* start on the first letter */
+ const size_t buf_size = data->set.buffer_size;
char *dir;
char *store;
@@ -2908,7 +2792,7 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
*/
/* scan for the first double-quote for non-standard responses */
- while(ptr < &data->state.buffer[sizeof(data->state.buffer)]
+ while(ptr < &data->state.buffer[buf_size]
&& *ptr != '\n' && *ptr != '\0' && *ptr != '"')
ptr++;
@@ -2938,7 +2822,7 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
does not start with a '/'), we probably need some server-dependent
adjustments. For example, this is the case when connecting to
an OS400 FTP server: this server supports two name syntaxes,
- the default one being incompatible with standard pathes. In
+ the default one being incompatible with standard paths. In
addition, this server switches automatically to the regular path
syntax when one is encountered in a command: this results in
having an entrypath in the wrong syntax when later used in CWD.
@@ -2999,7 +2883,7 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
/* Check for special servers here. */
- if(strequal(os, "OS/400")) {
+ if(strcasecompare(os, "OS/400")) {
/* Force OS400 name format 1. */
result = Curl_pp_sendf(&ftpc->pp, "%s", "SITE NAMEFMT 1");
if(result) {
@@ -3012,12 +2896,10 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
state(conn, FTP_NAMEFMT);
break;
}
- else {
- /* Nothing special for the target server. */
- /* remember target server OS */
- Curl_safefree(ftpc->server_os);
- ftpc->server_os = os;
- }
+ /* Nothing special for the target server. */
+ /* remember target server OS */
+ Curl_safefree(ftpc->server_os);
+ ftpc->server_os = os;
}
else {
/* Cannot identify server OS. Continue anyway and cross fingers. */
@@ -3057,10 +2939,10 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
if(ftpcode/100 != 2) {
/* failure to CWD there */
if(conn->data->set.ftp_create_missing_dirs &&
- ftpc->count1 && !ftpc->count2) {
+ ftpc->cwdcount && !ftpc->count2) {
/* try making it */
ftpc->count2++; /* counter to prevent CWD-MKD loops */
- PPSENDF(&ftpc->pp, "MKD %s", ftpc->dirs[ftpc->count1 - 1]);
+ PPSENDF(&ftpc->pp, "MKD %s", ftpc->dirs[ftpc->cwdcount - 1]);
state(conn, FTP_MKD);
}
else {
@@ -3074,9 +2956,9 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
else {
/* success */
ftpc->count2=0;
- if(++ftpc->count1 <= ftpc->dirdepth) {
+ if(++ftpc->cwdcount <= ftpc->dirdepth) {
/* send next CWD */
- PPSENDF(&ftpc->pp, "CWD %s", ftpc->dirs[ftpc->count1 - 1]);
+ PPSENDF(&ftpc->pp, "CWD %s", ftpc->dirs[ftpc->cwdcount - 1]);
}
else {
result = ftp_state_mdtm(conn);
@@ -3094,7 +2976,7 @@ static CURLcode ftp_statemach_act(struct connectdata
*conn)
}
state(conn, FTP_CWD);
/* send CWD */
- PPSENDF(&ftpc->pp, "CWD %s", ftpc->dirs[ftpc->count1 - 1]);
+ PPSENDF(&ftpc->pp, "CWD %s", ftpc->dirs[ftpc->cwdcount - 1]);
break;
case FTP_MDTM:
@@ -3165,7 +3047,7 @@ static CURLcode ftp_multi_statemach(struct connectdata
*conn,
struct ftp_conn *ftpc = &conn->proto.ftpc;
CURLcode result = Curl_pp_statemach(&ftpc->pp, FALSE);
- /* Check for the state outside of the Curl_socket_ready() return code checks
+ /* Check for the state outside of the Curl_socket_check() return code checks
since at times we are in fact already in this state when this function
gets called. */
*done = (ftpc->state == FTP_STOP) ? TRUE : FALSE;
@@ -3250,7 +3132,7 @@ static CURLcode ftp_done(struct connectdata *conn,
CURLcode status,
ssize_t nread;
int ftpcode;
CURLcode result = CURLE_OK;
- char *path;
+ char *path = NULL;
const char *path_to_use = data->state.path;
if(!ftp)
@@ -3278,6 +3160,7 @@ static CURLcode ftp_done(struct connectdata *conn,
CURLcode status,
/* until we cope better with prematurely ended requests, let them
* fallback as if in complete failure */
+ /* FALLTHROUGH */
default: /* by default, an error means the control connection is
wedged and should not be used anymore */
ftpc->ctl_valid = FALSE;
@@ -3298,13 +3181,12 @@ static CURLcode ftp_done(struct connectdata *conn,
CURLcode status,
ftpc->known_filesize = -1;
}
- /* get the "raw" path */
- path = curl_easy_unescape(data, path_to_use, 0, NULL);
- if(!path) {
- /* out of memory, but we can limp along anyway (and should try to
- * since we may already be in the out of memory cleanup path) */
- if(!result)
- result = CURLE_OUT_OF_MEMORY;
+ if(!result)
+ /* get the "raw" path */
+ result = Curl_urldecode(data, path_to_use, 0, &path, NULL, FALSE);
+ if(result) {
+ /* We can limp along anyway (and should try to since we may already be in
+ * the error path) */
ftpc->ctl_valid = FALSE; /* mark control connection as bad */
connclose(conn, "FTP: out of memory!"); /* mark for connection closure */
ftpc->prevpath = NULL; /* no path remembering */
@@ -3622,7 +3504,7 @@ static CURLcode ftp_range(struct connectdata *conn)
" to %" CURL_FORMAT_CURL_OFF_T ", totally %"
CURL_FORMAT_CURL_OFF_T " bytes\n",
from, to, data->req.maxdownload));
- ftpc->dont_check = TRUE; /* dont check for successful transfer */
+ ftpc->dont_check = TRUE; /* don't check for successful transfer */
}
else
data->req.maxdownload = -1;
@@ -3654,10 +3536,10 @@ static CURLcode ftp_do_more(struct connectdata *conn,
int *completep)
/* if the second connection isn't done yet, wait for it */
if(!conn->bits.tcpconnect[SECONDARYSOCKET]) {
- if(conn->tunnel_state[SECONDARYSOCKET] == TUNNEL_CONNECT) {
+ if(Curl_connect_ongoing(conn)) {
/* As we're in TUNNEL_CONNECT state now, we know the proxy name and port
aren't used so we blank their arguments. TODO: make this nicer */
- result = Curl_proxyCONNECT(conn, SECONDARYSOCKET, NULL, 0, FALSE);
+ result = Curl_proxyCONNECT(conn, SECONDARYSOCKET, NULL, 0);
return result;
}
@@ -3667,10 +3549,6 @@ static CURLcode ftp_do_more(struct connectdata *conn,
int *completep)
/* Ready to do more? */
if(connected) {
DEBUGF(infof(data, "DO-MORE connected phase starts\n"));
- if(conn->bits.proxy) {
- infof(data, "Connection to proxy confirmed\n");
- result = proxy_magic(conn, ftpc->newhost, ftpc->newport, &connected);
- }
}
else {
if(result && (ftpc->count1 == 0)) {
@@ -3682,8 +3560,20 @@ static CURLcode ftp_do_more(struct connectdata *conn,
int *completep)
}
}
+ result = Curl_proxy_connect(conn, SECONDARYSOCKET);
+ if(result)
+ return result;
+
+ if(CONNECT_SECONDARYSOCKET_PROXY_SSL())
+ return result;
+
+ if(conn->bits.tunnel_proxy && conn->bits.httpproxy &&
+ Curl_connect_ongoing(conn))
+ return result;
+
+
if(ftpc->state) {
- /* already in a state so skip the intial commands.
+ /* already in a state so skip the initial commands.
They are only done to kickstart the do_more state */
result = ftp_multi_statemach(conn, &complete);
@@ -3856,12 +3746,10 @@ static CURLcode init_wc_data(struct connectdata *conn)
result = ftp_parse_url_path(conn);
return result;
}
- else {
- wildcard->pattern = strdup(last_slash);
- if(!wildcard->pattern)
- return CURLE_OUT_OF_MEMORY;
- last_slash[0] = '\0'; /* cut file from path */
- }
+ wildcard->pattern = strdup(last_slash);
+ if(!wildcard->pattern)
+ return CURLE_OUT_OF_MEMORY;
+ last_slash[0] = '\0'; /* cut file from path */
}
else { /* there is only 'wildcard pattern' or nothing */
if(path[0]) {
@@ -3940,14 +3828,13 @@ static CURLcode wc_statemach(struct connectdata *conn)
struct WildcardData * const wildcard = &(conn->data->wildcard);
CURLcode result = CURLE_OK;
- switch (wildcard->state) {
+ switch(wildcard->state) {
case CURLWC_INIT:
result = init_wc_data(conn);
if(wildcard->state == CURLWC_CLEAN)
/* only listing! */
break;
- else
- wildcard->state = result ? CURLWC_ERROR : CURLWC_MATCHING;
+ wildcard->state = result ? CURLWC_ERROR : CURLWC_MATCHING;
break;
case CURLWC_MATCHING: {
@@ -3965,7 +3852,7 @@ static CURLcode wc_statemach(struct connectdata *conn)
wildcard->state = CURLWC_CLEAN;
return wc_statemach(conn);
}
- else if(wildcard->filelist->size == 0) {
+ if(wildcard->filelist.size == 0) {
/* no corresponding file */
wildcard->state = CURLWC_CLEAN;
return CURLE_REMOTE_FILE_NOT_FOUND;
@@ -3976,7 +3863,7 @@ static CURLcode wc_statemach(struct connectdata *conn)
case CURLWC_DOWNLOADING: {
/* filelist has at least one file, lets get first one */
struct ftp_conn *ftpc = &conn->proto.ftpc;
- struct curl_fileinfo *finfo = wildcard->filelist->head->ptr;
+ struct curl_fileinfo *finfo = wildcard->filelist.head->ptr;
char *tmp_path = aprintf("%s%s", wildcard->path, finfo->filename);
if(!tmp_path)
@@ -3991,7 +3878,7 @@ static CURLcode wc_statemach(struct connectdata *conn)
infof(conn->data, "Wildcard - START of \"%s\"\n", finfo->filename);
if(conn->data->set.chunk_bgn) {
long userresponse = conn->data->set.chunk_bgn(
- finfo, wildcard->customptr, (int)wildcard->filelist->size);
+ finfo, wildcard->customptr, (int)wildcard->filelist.size);
switch(userresponse) {
case CURL_CHUNK_BGN_FUNC_SKIP:
infof(conn->data, "Wildcard - \"%s\" skipped by user\n",
@@ -4016,9 +3903,9 @@ static CURLcode wc_statemach(struct connectdata *conn)
return result;
/* we don't need the Curl_fileinfo of first file anymore */
- Curl_llist_remove(wildcard->filelist, wildcard->filelist->head, NULL);
+ Curl_llist_remove(&wildcard->filelist, wildcard->filelist.head, NULL);
- if(wildcard->filelist->size == 0) { /* remains only one file to down. */
+ if(wildcard->filelist.size == 0) { /* remains only one file to down. */
wildcard->state = CURLWC_CLEAN;
/* after that will be ftp_do called once again and no transfer
will be done because of CURLWC_CLEAN state */
@@ -4029,8 +3916,8 @@ static CURLcode wc_statemach(struct connectdata *conn)
case CURLWC_SKIP: {
if(conn->data->set.chunk_end)
conn->data->set.chunk_end(conn->data->wildcard.customptr);
- Curl_llist_remove(wildcard->filelist, wildcard->filelist->head, NULL);
- wildcard->state = (wildcard->filelist->size == 0) ?
+ Curl_llist_remove(&wildcard->filelist, wildcard->filelist.head, NULL);
+ wildcard->state = (wildcard->filelist.size == 0) ?
CURLWC_CLEAN : CURLWC_DOWNLOADING;
return wc_statemach(conn);
}
@@ -4046,6 +3933,7 @@ static CURLcode wc_statemach(struct connectdata *conn)
case CURLWC_DONE:
case CURLWC_ERROR:
+ case CURLWC_CLEAR:
break;
}
@@ -4091,8 +3979,7 @@ static CURLcode ftp_do(struct connectdata *conn, bool
*done)
}
-CURLcode Curl_ftpsendf(struct connectdata *conn,
- const char *fmt, ...)
+CURLcode Curl_ftpsend(struct connectdata *conn, const char *cmd)
{
ssize_t bytes_written;
#define SBUF_SIZE 1024
@@ -4104,10 +3991,9 @@ CURLcode Curl_ftpsendf(struct connectdata *conn,
enum protection_level data_sec = conn->data_prot;
#endif
- va_list ap;
- va_start(ap, fmt);
- write_len = vsnprintf(s, SBUF_SIZE-3, fmt, ap);
- va_end(ap);
+ write_len = strlen(cmd);
+ if(write_len > (sizeof(s) -3))
+ return CURLE_BAD_FUNCTION_ARGUMENT;
strcpy(&s[write_len], "\r\n"); /* append a trailing CRLF */
write_len +=2;
@@ -4249,8 +4135,8 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
const char *cur_pos;
const char *filename = NULL;
- cur_pos = path_to_use; /* current position in path. point at the begin
- of next path component */
+ cur_pos = path_to_use; /* current position in path. point at the begin of
+ next path component */
ftpc->ctl_valid = FALSE;
ftpc->cwdfail = FALSE;
@@ -4289,6 +4175,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
slash_pos=strrchr(cur_pos, '/');
if(slash_pos || !*cur_pos) {
size_t dirlen = slash_pos-cur_pos;
+ CURLcode result;
ftpc->dirs = calloc(1, sizeof(ftpc->dirs[0]));
if(!ftpc->dirs)
@@ -4297,12 +4184,13 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
if(!dirlen)
dirlen++;
- ftpc->dirs[0] = curl_easy_unescape(conn->data, slash_pos ? cur_pos : "/",
- slash_pos ? curlx_uztosi(dirlen) : 1,
- NULL);
- if(!ftpc->dirs[0]) {
+ result = Curl_urldecode(conn->data, slash_pos ? cur_pos : "/",
+ slash_pos ? dirlen : 1,
+ &ftpc->dirs[0], NULL,
+ FALSE);
+ if(result) {
freedirs(ftpc);
- return CURLE_OUT_OF_MEMORY;
+ return result;
}
ftpc->dirdepth = 1; /* we consider it to be a single dir */
filename = slash_pos ? slash_pos+1 : cur_pos; /* rest is file name */
@@ -4320,7 +4208,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
return CURLE_OUT_OF_MEMORY;
/* we have a special case for listing the root dir only */
- if(strequal(path_to_use, "/")) {
+ if(!strcmp(path_to_use, "/")) {
cur_pos++; /* make it point to the zero byte */
ftpc->dirs[0] = strdup("/");
ftpc->dirdepth++;
@@ -4337,18 +4225,14 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
/* we skip empty path components, like "x//y" since the FTP command
CWD requires a parameter and a non-existent parameter a) doesn't
work on many servers and b) has no effect on the others. */
- int len = curlx_sztosi(slash_pos - cur_pos + absolute_dir);
- ftpc->dirs[ftpc->dirdepth] =
- curl_easy_unescape(conn->data, cur_pos - absolute_dir, len, NULL);
- if(!ftpc->dirs[ftpc->dirdepth]) { /* run out of memory ... */
- failf(data, "no memory");
- freedirs(ftpc);
- return CURLE_OUT_OF_MEMORY;
- }
- if(isBadFtpString(ftpc->dirs[ftpc->dirdepth])) {
- free(ftpc->dirs[ftpc->dirdepth]);
+ size_t len = slash_pos - cur_pos + absolute_dir;
+ CURLcode result =
+ Curl_urldecode(conn->data, cur_pos - absolute_dir, len,
+ &ftpc->dirs[ftpc->dirdepth], NULL,
+ TRUE);
+ if(result) {
freedirs(ftpc);
- return CURLE_URL_MALFORMAT;
+ return result;
}
}
else {
@@ -4384,15 +4268,12 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
} /* switch */
if(filename && *filename) {
- ftpc->file = curl_easy_unescape(conn->data, filename, 0, NULL);
- if(NULL == ftpc->file) {
- freedirs(ftpc);
- failf(data, "no memory");
- return CURLE_OUT_OF_MEMORY;
- }
- if(isBadFtpString(ftpc->file)) {
+ CURLcode result =
+ Curl_urldecode(conn->data, filename, 0, &ftpc->file, NULL, TRUE);
+
+ if(result) {
freedirs(ftpc);
- return CURLE_URL_MALFORMAT;
+ return result;
}
}
else
@@ -4410,16 +4291,18 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
if(ftpc->prevpath) {
/* prevpath is "raw" so we convert the input path before we compare the
strings */
- int dlen;
- char *path = curl_easy_unescape(conn->data, data->state.path, 0, &dlen);
- if(!path) {
+ size_t dlen;
+ char *path;
+ CURLcode result =
+ Curl_urldecode(conn->data, data->state.path, 0, &path, &dlen, FALSE);
+ if(result) {
freedirs(ftpc);
- return CURLE_OUT_OF_MEMORY;
+ return result;
}
- dlen -= ftpc->file?curlx_uztosi(strlen(ftpc->file)):0;
- if((dlen == curlx_uztosi(strlen(ftpc->prevpath))) &&
- strnequal(path, ftpc->prevpath, dlen)) {
+ dlen -= ftpc->file?strlen(ftpc->file):0;
+ if((dlen == strlen(ftpc->prevpath)) &&
+ !strncmp(path, ftpc->prevpath, dlen)) {
infof(data, "Request has same path as previous transfer\n");
ftpc->cwddone = TRUE;
}
@@ -4531,28 +4414,6 @@ static CURLcode ftp_setup_connection(struct connectdata
*conn)
char command;
struct FTP *ftp;
- if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) {
- /* Unless we have asked to tunnel ftp operations through the proxy, we
- switch and use HTTP operations only */
-#ifndef CURL_DISABLE_HTTP
- if(conn->handler == &Curl_handler_ftp)
- conn->handler = &Curl_handler_ftp_proxy;
- else {
-#ifdef USE_SSL
- conn->handler = &Curl_handler_ftps_proxy;
-#else
- failf(data, "FTPS not supported!");
- return CURLE_UNSUPPORTED_PROTOCOL;
-#endif
- }
- /* set it up as a HTTP connection instead */
- return conn->handler->setup_connection(conn);
-#else
- failf(data, "FTP over http proxy requires HTTP support built-in!");
- return CURLE_UNSUPPORTED_PROTOCOL;
-#endif
- }
-
conn->data->req.protop = ftp = malloc(sizeof(struct FTP));
if(NULL == ftp)
return CURLE_OUT_OF_MEMORY;
@@ -4572,7 +4433,7 @@ static CURLcode ftp_setup_connection(struct connectdata
*conn)
command = Curl_raw_toupper(type[6]);
conn->bits.type_set = TRUE;
- switch (command) {
+ switch(command) {
case 'A': /* ASCII mode */
data->set.prefer_ascii = TRUE;
break;
diff --git a/lib/ftp.h b/lib/ftp.h
index 2ed5b434e..9c6c2c8de 100644
--- a/lib/ftp.h
+++ b/lib/ftp.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -31,7 +31,7 @@ extern const struct Curl_handler Curl_handler_ftp;
extern const struct Curl_handler Curl_handler_ftps;
#endif
-CURLcode Curl_ftpsendf(struct connectdata *, const char *fmt, ...);
+CURLcode Curl_ftpsend(struct connectdata *, const char *cmd);
CURLcode Curl_GetFTPResponse(ssize_t *nread, struct connectdata *conn,
int *ftpcode);
#endif /* CURL_DISABLE_FTP */
@@ -130,6 +130,7 @@ struct ftp_conn {
should be FALSE when it gets to Curl_ftp_quit() */
bool cwddone; /* if it has been determined that the proper CWD combo
already has been done */
+ int cwdcount; /* number of CWD commands issued */
bool cwdfail; /* set TRUE if a CWD command fails, as then we must prevent
caching the current directory */
bool wait_data_conn; /* this is set TRUE if data connection is waited */
@@ -143,7 +144,7 @@ struct ftp_conn {
ftpstate state_saved; /* transfer type saved to be reloaded after
data connection is established */
curl_off_t retr_size_saved; /* Size of retrieved file saved */
- char * server_os; /* The target server operating system. */
+ char *server_os; /* The target server operating system. */
curl_off_t known_filesize; /* file size is different from -1, if wildcard
LIST parsing was done and wc_statemach set
it */
diff --git a/lib/ftplistparser.c b/lib/ftplistparser.c
index abbf76e27..6063cee6e 100644
--- a/lib/ftplistparser.c
+++ b/lib/ftplistparser.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -39,13 +39,12 @@
#ifndef CURL_DISABLE_FTP
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "fileinfo.h"
#include "llist.h"
#include "strtoofft.h"
-#include "rawstr.h"
#include "ftp.h"
#include "ftplistparser.h"
#include "curl_fnmatch.h"
@@ -166,7 +165,7 @@ struct ftp_parselist_data {
} state;
CURLcode error;
- struct curl_fileinfo *file_data;
+ struct fileinfo *file_data;
unsigned int item_length;
size_t item_offset;
struct {
@@ -276,14 +275,15 @@ static void PL_ERROR(struct connectdata *conn, CURLcode
err)
}
static CURLcode ftp_pl_insert_finfo(struct connectdata *conn,
- struct curl_fileinfo *finfo)
+ struct fileinfo *infop)
{
curl_fnmatch_callback compare;
struct WildcardData *wc = &conn->data->wildcard;
struct ftp_wc_tmpdata *tmpdata = wc->tmp;
- struct curl_llist *llist = wc->filelist;
+ struct curl_llist *llist = &wc->filelist;
struct ftp_parselist_data *parser = tmpdata->parser;
bool add = TRUE;
+ struct curl_fileinfo *finfo = &infop->info;
/* move finfo pointers to b_data */
char *str = finfo->b_data;
@@ -317,11 +317,7 @@ static CURLcode ftp_pl_insert_finfo(struct connectdata
*conn,
}
if(add) {
- if(!Curl_llist_insert_next(llist, llist->tail, finfo)) {
- Curl_fileinfo_dtor(NULL, finfo);
- tmpdata->parser->file_data = NULL;
- return CURLE_OUT_OF_MEMORY;
- }
+ Curl_llist_insert_next(llist, llist->tail, finfo, &infop->list);
}
else {
Curl_fileinfo_dtor(NULL, finfo);
@@ -338,6 +334,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
struct connectdata *conn = (struct connectdata *)connptr;
struct ftp_wc_tmpdata *tmpdata = conn->data->wildcard.tmp;
struct ftp_parselist_data *parser = tmpdata->parser;
+ struct fileinfo *infop;
struct curl_fileinfo *finfo;
unsigned long i = 0;
CURLcode result;
@@ -367,17 +364,18 @@ size_t Curl_ftp_parselist(char *buffer, size_t size,
size_t nmemb,
parser->error = CURLE_OUT_OF_MEMORY;
return bufflen;
}
- parser->file_data->b_data = malloc(FTP_BUFFER_ALLOCSIZE);
- if(!parser->file_data->b_data) {
+ parser->file_data->info.b_data = malloc(FTP_BUFFER_ALLOCSIZE);
+ if(!parser->file_data->info.b_data) {
PL_ERROR(conn, CURLE_OUT_OF_MEMORY);
return bufflen;
}
- parser->file_data->b_size = FTP_BUFFER_ALLOCSIZE;
+ parser->file_data->info.b_size = FTP_BUFFER_ALLOCSIZE;
parser->item_offset = 0;
parser->item_length = 0;
}
- finfo = parser->file_data;
+ infop = parser->file_data;
+ finfo = &infop->info;
finfo->b_data[finfo->b_used++] = c;
if(finfo->b_used >= finfo->b_size - 1) {
@@ -397,9 +395,9 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
}
}
- switch (parser->os_type) {
+ switch(parser->os_type) {
case OS_TYPE_UNIX:
- switch (parser->state.UNIX.main) {
+ switch(parser->state.UNIX.main) {
case PL_UNIX_TOTALSIZE:
switch(parser->state.UNIX.sub.total_dirsize) {
case PL_UNIX_TOTALSIZE_INIT:
@@ -434,10 +432,8 @@ size_t Curl_ftp_parselist(char *buffer, size_t size,
size_t nmemb,
PL_ERROR(conn, CURLE_FTP_BAD_FILE_LIST);
return bufflen;
}
- else {
- parser->state.UNIX.main = PL_UNIX_FILETYPE;
- finfo->b_used = 0;
- }
+ parser->state.UNIX.main = PL_UNIX_FILETYPE;
+ finfo->b_used = 0;
}
else {
PL_ERROR(conn, CURLE_FTP_BAD_FILE_LIST);
@@ -448,7 +444,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
}
break;
case PL_UNIX_FILETYPE:
- switch (c) {
+ switch(c) {
case '-':
finfo->filetype = CURLFILETYPE_FILE;
break;
@@ -501,8 +497,8 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
PL_ERROR(conn, CURLE_FTP_BAD_FILE_LIST);
return bufflen;
}
- parser->file_data->flags |= CURLFINFOFLAG_KNOWN_PERM;
- parser->file_data->perm = perm;
+ parser->file_data->info.flags |= CURLFINFOFLAG_KNOWN_PERM;
+ parser->file_data->info.perm = perm;
parser->offsets.perm = parser->item_offset;
parser->item_length = 0;
@@ -533,8 +529,8 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
finfo->b_data[parser->item_offset + parser->item_length - 1] = 0;
hlinks = strtol(finfo->b_data + parser->item_offset, &p, 10);
if(p[0] == '\0' && hlinks != LONG_MAX && hlinks != LONG_MIN) {
- parser->file_data->flags |= CURLFINFOFLAG_KNOWN_HLINKCOUNT;
- parser->file_data->hardlinks = hlinks;
+ parser->file_data->info.flags |= CURLFINFOFLAG_KNOWN_HLINKCOUNT;
+ parser->file_data->info.hardlinks = hlinks;
}
parser->item_length = 0;
parser->item_offset = 0;
@@ -616,8 +612,8 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
fsize = curlx_strtoofft(finfo->b_data+parser->item_offset, &p, 10);
if(p[0] == '\0' && fsize != CURL_OFF_T_MAX &&
fsize != CURL_OFF_T_MIN) {
- parser->file_data->flags |= CURLFINFOFLAG_KNOWN_SIZE;
- parser->file_data->size = fsize;
+ parser->file_data->info.flags |= CURLFINFOFLAG_KNOWN_SIZE;
+ parser->file_data->info.size = fsize;
}
parser->item_length = 0;
parser->item_offset = 0;
@@ -734,7 +730,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
finfo->b_data[parser->item_offset + parser->item_length - 1] = 0;
parser->offsets.filename = parser->item_offset;
parser->state.UNIX.main = PL_UNIX_FILETYPE;
- result = ftp_pl_insert_finfo(conn, finfo);
+ result = ftp_pl_insert_finfo(conn, infop);
if(result) {
PL_ERROR(conn, result);
return bufflen;
@@ -746,7 +742,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
finfo->b_data[parser->item_offset + parser->item_length - 1] = 0;
parser->offsets.filename = parser->item_offset;
parser->state.UNIX.main = PL_UNIX_FILETYPE;
- result = ftp_pl_insert_finfo(conn, finfo);
+ result = ftp_pl_insert_finfo(conn, infop);
if(result) {
PL_ERROR(conn, result);
return bufflen;
@@ -841,7 +837,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
else if(c == '\n') {
finfo->b_data[parser->item_offset + parser->item_length - 1] = 0;
parser->offsets.symlink_target = parser->item_offset;
- result = ftp_pl_insert_finfo(conn, finfo);
+ result = ftp_pl_insert_finfo(conn, infop);
if(result) {
PL_ERROR(conn, result);
return bufflen;
@@ -853,7 +849,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
if(c == '\n') {
finfo->b_data[parser->item_offset + parser->item_length - 1] = 0;
parser->offsets.symlink_target = parser->item_offset;
- result = ftp_pl_insert_finfo(conn, finfo);
+ result = ftp_pl_insert_finfo(conn, infop);
if(result) {
PL_ERROR(conn, result);
return bufflen;
@@ -956,10 +952,10 @@ size_t Curl_ftp_parselist(char *buffer, size_t size,
size_t nmemb,
return bufflen;
}
/* correct file type */
- parser->file_data->filetype = CURLFILETYPE_FILE;
+ parser->file_data->info.filetype = CURLFILETYPE_FILE;
}
- parser->file_data->flags |= CURLFINFOFLAG_KNOWN_SIZE;
+ parser->file_data->info.flags |= CURLFINFOFLAG_KNOWN_SIZE;
parser->item_length = 0;
parser->state.NT.main = PL_WINNT_FILENAME;
parser->state.NT.sub.filename = PL_WINNT_FILENAME_PRESPACE;
@@ -968,7 +964,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
}
break;
case PL_WINNT_FILENAME:
- switch (parser->state.NT.sub.filename) {
+ switch(parser->state.NT.sub.filename) {
case PL_WINNT_FILENAME_PRESPACE:
if(c != ' ') {
parser->item_offset = finfo->b_used -1;
@@ -986,7 +982,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
parser->offsets.filename = parser->item_offset;
finfo->b_data[finfo->b_used - 1] = 0;
parser->offsets.filename = parser->item_offset;
- result = ftp_pl_insert_finfo(conn, finfo);
+ result = ftp_pl_insert_finfo(conn, infop);
if(result) {
PL_ERROR(conn, result);
return bufflen;
@@ -998,7 +994,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t
nmemb,
case PL_WINNT_FILENAME_WINEOL:
if(c == '\n') {
parser->offsets.filename = parser->item_offset;
- result = ftp_pl_insert_finfo(conn, finfo);
+ result = ftp_pl_insert_finfo(conn, infop);
if(result) {
PL_ERROR(conn, result);
return bufflen;
diff --git a/lib/getenv.c b/lib/getenv.c
index 89d181de3..6acf70760 100644
--- a/lib/getenv.c
+++ b/lib/getenv.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "curl_memory.h"
#include "memdebug.h"
diff --git a/lib/getinfo.c b/lib/getinfo.c
index 262cd934f..99ba587af 100644
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "getinfo.h"
@@ -36,8 +36,11 @@
#include "memdebug.h"
/*
- * This is supposed to be called in the beginning of a perform() session
- * and should reset all session-info variables
+ * Initialize statistical and informational data.
+ *
+ * This function is called in curl_easy_reset, curl_easy_duphandle and at the
+ * beginning of a perform session. It must reset the session-info variables,
+ * in particular all variables in struct PureInfo.
*/
CURLcode Curl_initinfo(struct Curl_easy *data)
{
@@ -58,23 +61,35 @@ CURLcode Curl_initinfo(struct Curl_easy *data)
info->filetime = -1; /* -1 is an illegal time and thus means unknown */
info->timecond = FALSE;
- free(info->contenttype);
- info->contenttype = NULL;
-
info->header_size = 0;
info->request_size = 0;
+ info->proxyauthavail = 0;
+ info->httpauthavail = 0;
info->numconnects = 0;
+ free(info->contenttype);
+ info->contenttype = NULL;
+
+ free(info->wouldredirect);
+ info->wouldredirect = NULL;
+
info->conn_primary_ip[0] = '\0';
info->conn_local_ip[0] = '\0';
info->conn_primary_port = 0;
info->conn_local_port = 0;
+ info->conn_scheme = 0;
+ info->conn_protocol = 0;
+
+#ifdef USE_SSL
+ Curl_ssl_free_certinfo(data);
+#endif
+
return CURLE_OK;
}
static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info,
- char **param_charp)
+ const char **param_charp)
{
switch(info) {
case CURLINFO_EFFECTIVE_URL:
@@ -111,6 +126,9 @@ static CURLcode getinfo_char(struct Curl_easy *data,
CURLINFO info,
case CURLINFO_RTSP_SESSION_ID:
*param_charp = data->set.str[STRING_RTSP_SESSION_ID];
break;
+ case CURLINFO_SCHEME:
+ *param_charp = data->info.conn_scheme;
+ break;
default:
return CURLE_UNKNOWN_OPTION;
@@ -148,6 +166,9 @@ static CURLcode getinfo_long(struct Curl_easy *data,
CURLINFO info,
case CURLINFO_SSL_VERIFYRESULT:
*param_longp = data->set.ssl.certverifyresult;
break;
+ case CURLINFO_PROXY_SSL_VERIFYRESULT:
+ *param_longp = data->set.proxy_ssl.certverifyresult;
+ break;
case CURLINFO_REDIRECT_COUNT:
*param_longp = data->set.followlocation;
break;
@@ -199,7 +220,7 @@ static CURLcode getinfo_long(struct Curl_easy *data,
CURLINFO info,
*param_longp = data->state.rtsp_CSeq_recv;
break;
case CURLINFO_HTTP_VERSION:
- switch (data->info.httpversion) {
+ switch(data->info.httpversion) {
case 10:
*param_longp = CURL_HTTP_VERSION_1_0;
break;
@@ -214,6 +235,9 @@ static CURLcode getinfo_long(struct Curl_easy *data,
CURLINFO info,
break;
}
break;
+ case CURLINFO_PROTOCOL:
+ *param_longp = data->info.conn_protocol;
+ break;
default:
return CURLE_UNKNOWN_OPTION;
@@ -222,27 +246,60 @@ static CURLcode getinfo_long(struct Curl_easy *data,
CURLINFO info,
return CURLE_OK;
}
+#define DOUBLE_SECS(x) (double)(x)/1000000
+
+static CURLcode getinfo_offt(struct Curl_easy *data, CURLINFO info,
+ curl_off_t *param_offt)
+{
+ switch(info) {
+ case CURLINFO_SIZE_UPLOAD_T:
+ *param_offt = data->progress.uploaded;
+ break;
+ case CURLINFO_SIZE_DOWNLOAD_T:
+ *param_offt = data->progress.downloaded;
+ break;
+ case CURLINFO_SPEED_DOWNLOAD_T:
+ *param_offt = data->progress.dlspeed;
+ break;
+ case CURLINFO_SPEED_UPLOAD_T:
+ *param_offt = data->progress.ulspeed;
+ break;
+ case CURLINFO_CONTENT_LENGTH_DOWNLOAD_T:
+ *param_offt = (data->progress.flags & PGRS_DL_SIZE_KNOWN)?
+ data->progress.size_dl:-1;
+ break;
+ case CURLINFO_CONTENT_LENGTH_UPLOAD_T:
+ *param_offt = (data->progress.flags & PGRS_UL_SIZE_KNOWN)?
+ data->progress.size_ul:-1;
+ break;
+ default:
+ return CURLE_UNKNOWN_OPTION;
+ }
+
+ return CURLE_OK;
+}
+
static CURLcode getinfo_double(struct Curl_easy *data, CURLINFO info,
double *param_doublep)
{
switch(info) {
case CURLINFO_TOTAL_TIME:
- *param_doublep = data->progress.timespent;
+ *param_doublep = DOUBLE_SECS(data->progress.timespent);
break;
case CURLINFO_NAMELOOKUP_TIME:
- *param_doublep = data->progress.t_nslookup;
+ *param_doublep = DOUBLE_SECS(data->progress.t_nslookup);
break;
case CURLINFO_CONNECT_TIME:
- *param_doublep = data->progress.t_connect;
+ *param_doublep = DOUBLE_SECS(data->progress.t_connect);
break;
case CURLINFO_APPCONNECT_TIME:
- *param_doublep = data->progress.t_appconnect;
+ *param_doublep = DOUBLE_SECS(data->progress.t_appconnect);
break;
case CURLINFO_PRETRANSFER_TIME:
- *param_doublep = data->progress.t_pretransfer;
+ *param_doublep = DOUBLE_SECS(data->progress.t_pretransfer);
break;
case CURLINFO_STARTTRANSFER_TIME:
- *param_doublep = data->progress.t_starttransfer;
+ *param_doublep = DOUBLE_SECS(data->progress.t_starttransfer);
break;
case CURLINFO_SIZE_UPLOAD:
*param_doublep = (double)data->progress.uploaded;
@@ -265,7 +322,7 @@ static CURLcode getinfo_double(struct Curl_easy *data,
CURLINFO info,
(double)data->progress.size_ul:-1;
break;
case CURLINFO_REDIRECT_TIME:
- *param_doublep = data->progress.t_redirect;
+ *param_doublep = DOUBLE_SECS(data->progress.t_redirect);
break;
default:
@@ -370,7 +427,8 @@ CURLcode Curl_getinfo(struct Curl_easy *data, CURLINFO
info, ...)
va_list arg;
long *param_longp = NULL;
double *param_doublep = NULL;
- char **param_charp = NULL;
+ curl_off_t *param_offt = NULL;
+ const char **param_charp = NULL;
struct curl_slist **param_slistp = NULL;
curl_socket_t *param_socketp = NULL;
int type;
@@ -384,7 +442,7 @@ CURLcode Curl_getinfo(struct Curl_easy *data, CURLINFO
info, ...)
type = CURLINFO_TYPEMASK & (int)info;
switch(type) {
case CURLINFO_STRING:
- param_charp = va_arg(arg, char **);
+ param_charp = va_arg(arg, const char **);
if(param_charp)
result = getinfo_char(data, info, param_charp);
break;
@@ -398,6 +456,11 @@ CURLcode Curl_getinfo(struct Curl_easy *data, CURLINFO
info, ...)
if(param_doublep)
result = getinfo_double(data, info, param_doublep);
break;
+ case CURLINFO_OFF_T:
+ param_offt = va_arg(arg, curl_off_t *);
+ if(param_offt)
+ result = getinfo_offt(data, info, param_offt);
+ break;
case CURLINFO_SLIST:
param_slistp = va_arg(arg, struct curl_slist **);
if(param_slistp)
diff --git a/lib/gopher.c b/lib/gopher.c
index f1efb6042..19b6d36e2 100644
--- a/lib/gopher.c
+++ b/lib/gopher.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -25,16 +25,14 @@
#ifndef CURL_DISABLE_GOPHER
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "transfer.h"
#include "sendf.h"
-
#include "progress.h"
-#include "strequal.h"
#include "gopher.h"
-#include "rawstr.h"
#include "select.h"
#include "url.h"
+#include "escape.h"
#include "warnless.h"
#include "curl_memory.h"
/* The last #include file should be: */
@@ -67,6 +65,7 @@ const struct Curl_handler Curl_handler_gopher = {
ZERO_NULL, /* perform_getsock */
ZERO_NULL, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_GOPHER, /* defport */
CURLPROTO_GOPHER, /* protocol */
PROTOPT_NONE /* flags */
@@ -80,10 +79,10 @@ static CURLcode gopher_do(struct connectdata *conn, bool
*done)
curl_off_t *bytecount = &data->req.bytecount;
char *path = data->state.path;
- char *sel;
+ char *sel = NULL;
char *sel_org = NULL;
ssize_t amount, k;
- int len;
+ size_t len;
*done = TRUE; /* unconditionally */
@@ -107,9 +106,9 @@ static CURLcode gopher_do(struct connectdata *conn, bool
*done)
newp[i] = '\x09';
/* ... and finally unescape */
- sel = curl_easy_unescape(data, newp, 0, &len);
- if(!sel)
- return CURLE_OUT_OF_MEMORY;
+ result = Curl_urldecode(data, newp, 0, &sel, &len, FALSE);
+ if(result)
+ return result;
sel_org = sel;
}
@@ -121,20 +120,17 @@ static CURLcode gopher_do(struct connectdata *conn, bool
*done)
result = Curl_write(conn, sockfd, sel, k, &amount);
if(!result) { /* Which may not have written it all! */
result = Curl_client_write(conn, CLIENTWRITE_HEADER, sel, amount);
- if(result) {
- free(sel_org);
- return result;
- }
+ if(result)
+ break;
+
k -= amount;
sel += amount;
if(k < 1)
break; /* but it did write it all */
}
- else {
- failf(data, "Failed sending Gopher request");
- free(sel_org);
- return result;
- }
+ else
+ break;
+
/* Don't busyloop. The entire loop thing is a work-around as it causes a
BLOCKING behavior which is a NO-NO. This function should rather be
split up in a do and a doing piece where the pieces that aren't
@@ -144,14 +140,18 @@ static CURLcode gopher_do(struct connectdata *conn, bool
*done)
Wait a while for the socket to be writable. Note that this doesn't
acknowledge the timeout.
*/
- Curl_socket_ready(CURL_SOCKET_BAD, sockfd, 100);
+ if(SOCKET_WRITABLE(sockfd, 100) < 0) {
+ result = CURLE_SEND_ERROR;
+ break;
+ }
}
free(sel_org);
- /* We can use Curl_sendf to send the terminal \r\n relatively safely and
- save allocing another string/doing another _write loop. */
- result = Curl_sendf(sockfd, conn, "\r\n");
+ if(!result)
+ /* We can use Curl_sendf to send the terminal \r\n relatively safely and
+ save allocing another string/doing another _write loop. */
+ result = Curl_sendf(sockfd, conn, "\r\n");
if(result) {
failf(data, "Failed sending Gopher request");
return result;
diff --git a/lib/hash.c b/lib/hash.c
index 937381b65..552022443 100644
--- a/lib/hash.c
+++ b/lib/hash.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "hash.h"
#include "llist.h"
@@ -37,8 +37,6 @@ hash_element_dtor(void *user, void *element)
struct curl_hash *h = (struct curl_hash *) user;
struct curl_hash_element *e = (struct curl_hash_element *) element;
- Curl_safefree(e->key);
-
if(e->ptr) {
h->dtor(e->ptr);
e->ptr = NULL;
@@ -74,54 +72,32 @@ Curl_hash_init(struct curl_hash *h,
h->size = 0;
h->slots = slots;
- h->table = malloc(slots * sizeof(struct curl_llist *));
+ h->table = malloc(slots * sizeof(struct curl_llist));
if(h->table) {
- for(i = 0; i < slots; ++i) {
- h->table[i] = Curl_llist_alloc((curl_llist_dtor) hash_element_dtor);
- if(!h->table[i]) {
- while(i--) {
- Curl_llist_destroy(h->table[i], NULL);
- h->table[i] = NULL;
- }
- free(h->table);
- h->table = NULL;
- h->slots = 0;
- return 1; /* failure */
- }
- }
+ for(i = 0; i < slots; ++i)
+ Curl_llist_init(&h->table[i], (curl_llist_dtor) hash_element_dtor);
return 0; /* fine */
}
- else {
- h->slots = 0;
- return 1; /* failure */
- }
+ h->slots = 0;
+ return 1; /* failure */
}
static struct curl_hash_element *
mk_hash_element(const void *key, size_t key_len, const void *p)
{
- struct curl_hash_element *he = malloc(sizeof(struct curl_hash_element));
-
+ /* allocate the struct plus memory after it to store the key */
+ struct curl_hash_element *he = malloc(sizeof(struct curl_hash_element) +
+ key_len);
if(he) {
- void *dupkey = malloc(key_len);
- if(dupkey) {
- /* copy the key */
- memcpy(dupkey, key, key_len);
-
- he->key = dupkey;
- he->key_len = key_len;
- he->ptr = (void *) p;
- }
- else {
- /* failed to duplicate the key, free memory and fail */
- free(he);
- he = NULL;
- }
+ /* copy the key */
+ memcpy(he->key, key, key_len);
+ he->key_len = key_len;
+ he->ptr = (void *) p;
}
return he;
}
-#define FETCH_LIST(x,y,z) x->table[x->hash_func(y, z, x->slots)]
+#define FETCH_LIST(x,y,z) &x->table[x->hash_func(y, z, x->slots)]
/* Insert the data in the hash. If there already was a match in the hash,
* that data is replaced.
@@ -135,7 +111,7 @@ Curl_hash_add(struct curl_hash *h, void *key, size_t
key_len, void *p)
{
struct curl_hash_element *he;
struct curl_llist_element *le;
- struct curl_llist *l = FETCH_LIST (h, key, key_len);
+ struct curl_llist *l = FETCH_LIST(h, key, key_len);
for(le = l->head; le; le = le->next) {
he = (struct curl_hash_element *) le->ptr;
@@ -148,18 +124,9 @@ Curl_hash_add(struct curl_hash *h, void *key, size_t
key_len, void *p)
he = mk_hash_element(key, key_len, p);
if(he) {
- if(Curl_llist_insert_next(l, l->tail, he)) {
- ++h->size;
- return p; /* return the new entry */
- }
- /*
- * Couldn't insert it, destroy the 'he' element and the key again. We
- * don't call hash_element_dtor() since that would also call the
- * "destructor" for the actual data 'p'. When we fail, we shall not touch
- * that data.
- */
- free(he->key);
- free(he);
+ Curl_llist_insert_next(l, l->tail, he, &he->list);
+ ++h->size;
+ return p; /* return the new entry */
}
return NULL; /* failure */
@@ -243,8 +210,7 @@ Curl_hash_destroy(struct curl_hash *h)
int i;
for(i = 0; i < h->slots; ++i) {
- Curl_llist_destroy(h->table[i], (void *) h);
- h->table[i] = NULL;
+ Curl_llist_destroy(&h->table[i], (void *) h);
}
Curl_safefree(h->table);
@@ -276,7 +242,7 @@ Curl_hash_clean_with_criterium(struct curl_hash *h, void
*user,
return;
for(i = 0; i < h->slots; ++i) {
- list = h->table[i];
+ list = &h->table[i];
le = list->head; /* get first list entry */
while(le) {
struct curl_hash_element *he = le->ptr;
@@ -291,9 +257,9 @@ Curl_hash_clean_with_criterium(struct curl_hash *h, void
*user,
}
}
-size_t Curl_hash_str(void* key, size_t key_length, size_t slots_num)
+size_t Curl_hash_str(void *key, size_t key_length, size_t slots_num)
{
- const char* key_str = (const char *) key;
+ const char *key_str = (const char *) key;
const char *end = key_str + key_length;
unsigned long h = 5381;
@@ -335,8 +301,8 @@ Curl_hash_next_element(struct curl_hash_iterator *iter)
/* If we have reached the end of the list, find the next one */
if(!iter->current_element) {
for(i = iter->slot_index;i < h->slots;i++) {
- if(h->table[i]->head) {
- iter->current_element = h->table[i]->head;
+ if(h->table[i].head) {
+ iter->current_element = h->table[i].head;
iter->slot_index = i+1;
break;
}
@@ -347,10 +313,8 @@ Curl_hash_next_element(struct curl_hash_iterator *iter)
struct curl_hash_element *he = iter->current_element->ptr;
return he;
}
- else {
- iter->current_element = NULL;
- return NULL;
- }
+ iter->current_element = NULL;
+ return NULL;
}
#if 0 /* useful function for debugging hashes and their contents */
diff --git a/lib/hash.h b/lib/hash.h
index 57a17f02a..90a25d1ca 100644
--- a/lib/hash.h
+++ b/lib/hash.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -29,22 +29,22 @@
#include "llist.h"
/* Hash function prototype */
-typedef size_t (*hash_function) (void* key,
+typedef size_t (*hash_function) (void *key,
size_t key_length,
size_t slots_num);
/*
Comparator function prototype. Compares two keys.
*/
-typedef size_t (*comp_function) (void* key1,
+typedef size_t (*comp_function) (void *key1,
size_t key1_len,
- void*key2,
+ void *key2,
size_t key2_len);
typedef void (*curl_hash_dtor)(void *);
struct curl_hash {
- struct curl_llist **table;
+ struct curl_llist *table;
/* Hash function to be used for this hash table */
hash_function hash_func;
@@ -57,9 +57,10 @@ struct curl_hash {
};
struct curl_hash_element {
+ struct curl_llist_element list;
void *ptr;
- char *key;
size_t key_len;
+ char key[1]; /* allocated memory following the struct */
};
struct curl_hash_iterator {
@@ -76,7 +77,7 @@ int Curl_hash_init(struct curl_hash *h,
void *Curl_hash_add(struct curl_hash *h, void *key, size_t key_len, void *p);
int Curl_hash_delete(struct curl_hash *h, void *key, size_t key_len);
-void *Curl_hash_pick(struct curl_hash *, void * key, size_t key_len);
+void *Curl_hash_pick(struct curl_hash *, void *key, size_t key_len);
void Curl_hash_apply(struct curl_hash *h, void *user,
void (*cb)(void *user, void *ptr));
int Curl_hash_count(struct curl_hash *h);
@@ -84,10 +85,9 @@ void Curl_hash_destroy(struct curl_hash *h);
void Curl_hash_clean(struct curl_hash *h);
void Curl_hash_clean_with_criterium(struct curl_hash *h, void *user,
int (*comp)(void *, void *));
-size_t Curl_hash_str(void* key, size_t key_length, size_t slots_num);
-size_t Curl_str_key_compare(void*k1, size_t key1_len, void*k2,
+size_t Curl_hash_str(void *key, size_t key_length, size_t slots_num);
+size_t Curl_str_key_compare(void *k1, size_t key1_len, void *k2,
size_t key2_len);
-
void Curl_hash_start_iterate(struct curl_hash *hash,
struct curl_hash_iterator *iter);
struct curl_hash_element *
diff --git a/lib/hmac.c b/lib/hmac.c
index 3df471585..d7e495e16 100644
--- a/lib/hmac.c
+++ b/lib/hmac.c
@@ -26,7 +26,7 @@
#ifndef CURL_DISABLE_CRYPTO_AUTH
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "curl_hmac.h"
#include "curl_memory.h"
@@ -49,12 +49,12 @@ static const unsigned char hmac_opad = 0x5C;
HMAC_context *
Curl_HMAC_init(const HMAC_params * hashparams,
- const unsigned char * key,
+ const unsigned char *key,
unsigned int keylen)
{
size_t i;
- HMAC_context * ctxt;
- unsigned char * hkey;
+ HMAC_context *ctxt;
+ unsigned char *hkey;
unsigned char b;
/* Create HMAC context. */
@@ -101,7 +101,7 @@ Curl_HMAC_init(const HMAC_params * hashparams,
}
int Curl_HMAC_update(HMAC_context * ctxt,
- const unsigned char * data,
+ const unsigned char *data,
unsigned int len)
{
/* Update first hash calculation. */
@@ -110,7 +110,7 @@ int Curl_HMAC_update(HMAC_context * ctxt,
}
-int Curl_HMAC_final(HMAC_context * ctxt, unsigned char * result)
+int Curl_HMAC_final(HMAC_context *ctxt, unsigned char *result)
{
const HMAC_params * hashparams = ctxt->hmac_hash;
diff --git a/lib/hostcheck.c b/lib/hostcheck.c
index 4db9e6ba8..156091ca8 100644
--- a/lib/hostcheck.c
+++ b/lib/hostcheck.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,10 @@
#include "curl_setup.h"
-#if defined(USE_OPENSSL) || defined(USE_AXTLS) || defined(USE_GSKIT)
+#if defined(USE_OPENSSL) \
+ || defined(USE_AXTLS) \
+ || defined(USE_GSKIT) \
+ || (defined(USE_SCHANNEL) && defined(_WIN32_WCE))
/* these backends use functions from this file */
#ifdef HAVE_NETINET_IN_H
@@ -30,7 +33,7 @@
#endif
#include "hostcheck.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "inet_pton.h"
#include "curl_memory.h"
@@ -77,14 +80,14 @@ static int hostmatch(char *hostname, char *pattern)
pattern_wildcard = strchr(pattern, '*');
if(pattern_wildcard == NULL)
- return Curl_raw_equal(pattern, hostname) ?
+ return strcasecompare(pattern, hostname) ?
CURL_HOST_MATCH : CURL_HOST_NOMATCH;
/* detect IP address as hostname and fail the match if so */
if(Curl_inet_pton(AF_INET, hostname, &ignored) > 0)
return CURL_HOST_NOMATCH;
#ifdef ENABLE_IPV6
- else if(Curl_inet_pton(AF_INET6, hostname, &si6.sin6_addr) > 0)
+ if(Curl_inet_pton(AF_INET6, hostname, &si6.sin6_addr) > 0)
return CURL_HOST_NOMATCH;
#endif
@@ -94,16 +97,16 @@ static int hostmatch(char *hostname, char *pattern)
pattern_label_end = strchr(pattern, '.');
if(pattern_label_end == NULL || strchr(pattern_label_end+1, '.') == NULL ||
pattern_wildcard > pattern_label_end ||
- Curl_raw_nequal(pattern, "xn--", 4)) {
+ strncasecompare(pattern, "xn--", 4)) {
wildcard_enabled = 0;
}
if(!wildcard_enabled)
- return Curl_raw_equal(pattern, hostname) ?
+ return strcasecompare(pattern, hostname) ?
CURL_HOST_MATCH : CURL_HOST_NOMATCH;
hostname_label_end = strchr(hostname, '.');
if(hostname_label_end == NULL ||
- !Curl_raw_equal(pattern_label_end, hostname_label_end))
+ !strcasecompare(pattern_label_end, hostname_label_end))
return CURL_HOST_NOMATCH;
/* The wildcard must match at least one character, so the left-most
@@ -114,8 +117,8 @@ static int hostmatch(char *hostname, char *pattern)
prefixlen = pattern_wildcard - pattern;
suffixlen = pattern_label_end - (pattern_wildcard+1);
- return Curl_raw_nequal(pattern, hostname, prefixlen) &&
- Curl_raw_nequal(pattern_wildcard+1, hostname_label_end - suffixlen,
+ return strncasecompare(pattern, hostname, prefixlen) &&
+ strncasecompare(pattern_wildcard+1, hostname_label_end - suffixlen,
suffixlen) ?
CURL_HOST_MATCH : CURL_HOST_NOMATCH;
}
@@ -144,4 +147,4 @@ int Curl_cert_hostcheck(const char *match_pattern, const
char *hostname)
return res;
}
-#endif /* OPENSSL or AXTLS or GSKIT */
+#endif /* OPENSSL, AXTLS, GSKIT or schannel+wince */
diff --git a/lib/hostcheck.h b/lib/hostcheck.h
index 86e3b96a9..93fe0d049 100644
--- a/lib/hostcheck.h
+++ b/lib/hostcheck.h
@@ -22,7 +22,7 @@
*
***************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#define CURL_HOST_NOMATCH 0
#define CURL_HOST_MATCH 1
diff --git a/lib/hostip.c b/lib/hostip.c
index f2d984164..619ec84b5 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -143,7 +143,7 @@ void Curl_global_host_cache_dtor(void)
}
/*
- * Return # of adresses in a Curl_addrinfo struct
+ * Return # of addresses in a Curl_addrinfo struct
*/
int Curl_num_addresses(const Curl_addrinfo *addr)
{
@@ -172,7 +172,7 @@ Curl_printable_address(const Curl_addrinfo *ai, char *buf,
size_t bufsize)
const struct in6_addr *ipaddr6;
#endif
- switch (ai->ai_family) {
+ switch(ai->ai_family) {
case AF_INET:
sa4 = (const void *)ai->ai_addr;
ipaddr4 = &sa4->sin_addr;
@@ -538,7 +538,6 @@ RETSIGTYPE alarmfunc(int sig)
/* this is for "-ansi -Wall -pedantic" to stop complaining! (rabe) */
(void)sig;
siglongjmp(curl_jmpenv, 1);
- return;
}
#endif /* USE_ALARM_TIMEOUT */
@@ -568,12 +567,12 @@ int Curl_resolv_timeout(struct connectdata *conn,
const char *hostname,
int port,
struct Curl_dns_entry **entry,
- long timeoutms)
+ time_t timeoutms)
{
#ifdef USE_ALARM_TIMEOUT
#ifdef HAVE_SIGACTION
struct sigaction keep_sigact; /* store the old struct here */
- volatile bool keep_copysig = FALSE; /* wether old sigact has been saved */
+ volatile bool keep_copysig = FALSE; /* whether old sigact has been saved */
struct sigaction sigact;
#else
#ifdef HAVE_SIGNAL
@@ -597,17 +596,20 @@ int Curl_resolv_timeout(struct connectdata *conn,
/* Ignore the timeout when signals are disabled */
timeout = 0;
else
- timeout = timeoutms;
+ timeout = (timeoutms > LONG_MAX) ? LONG_MAX : (long)timeoutms;
if(!timeout)
/* USE_ALARM_TIMEOUT defined, but no timeout actually requested */
return Curl_resolv(conn, hostname, port, entry);
- if(timeout < 1000)
+ if(timeout < 1000) {
/* The alarm() function only provides integer second resolution, so if
we want to wait less than one second we must bail out already now. */
+ failf(data,
+ "remaining timeout of %ld too small to resolve via SIGALRM method",
+ timeout);
return CURLRESOLV_TIMEDOUT;
-
+ }
/* This allows us to time-out from the name resolver, as the timeout
will generate a signal and we will siglongjmp() from that here.
This technique has problems (see alarmfunc).
@@ -686,10 +688,11 @@ clean_up:
the time we spent until now! */
if(prev_alarm) {
/* there was an alarm() set before us, now put it back */
- unsigned long elapsed_ms = Curl_tvdiff(Curl_tvnow(), conn->created);
+ unsigned long elapsed_secs = (unsigned long) (Curl_tvdiff(Curl_tvnow(),
+ conn->created) / 1000);
/* the alarm period is counted in even number of seconds */
- unsigned long alarm_set = prev_alarm - elapsed_ms/1000;
+ unsigned long alarm_set = prev_alarm - elapsed_secs;
if(!alarm_set ||
((alarm_set >= 0x80000000) && (prev_alarm < 0x80000000)) ) {
diff --git a/lib/hostip.h b/lib/hostip.h
index 9098ee39d..298eeeee3 100644
--- a/lib/hostip.h
+++ b/lib/hostip.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -87,7 +87,7 @@ int Curl_resolv(struct connectdata *conn, const char
*hostname,
int port, struct Curl_dns_entry **dnsentry);
int Curl_resolv_timeout(struct connectdata *conn, const char *hostname,
int port, struct Curl_dns_entry **dnsentry,
- long timeoutms);
+ time_t timeoutms);
#ifdef CURLRES_IPV6
/*
@@ -130,8 +130,8 @@ int Curl_mk_dnscache(struct curl_hash *hash);
/* prune old entries from the DNS cache */
void Curl_hostcache_prune(struct Curl_easy *data);
-/* Return # of adresses in a Curl_addrinfo struct */
-int Curl_num_addresses (const Curl_addrinfo *addr);
+/* Return # of addresses in a Curl_addrinfo struct */
+int Curl_num_addresses(const Curl_addrinfo *addr);
#if defined(CURLDEBUG) && defined(HAVE_GETNAMEINFO)
int curl_dogetnameinfo(GETNAMEINFO_QUAL_ARG1 GETNAMEINFO_TYPE_ARG1 sa,
@@ -143,7 +143,7 @@ int curl_dogetnameinfo(GETNAMEINFO_QUAL_ARG1
GETNAMEINFO_TYPE_ARG1 sa,
#endif
/* IPv4 threadsafe resolve function used for synch and asynch builds */
-Curl_addrinfo *Curl_ipv4_resolve_r(const char * hostname, int port);
+Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname, int port);
CURLcode Curl_async_resolved(struct connectdata *conn,
bool *protocol_connect);
diff --git a/lib/hostip4.c b/lib/hostip4.c
index 15895d7ce..e459328ac 100644
--- a/lib/hostip4.c
+++ b/lib/hostip4.c
@@ -291,7 +291,7 @@ Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
* gethostbyname() is the preferred one.
*/
else {
- h = gethostbyname((void*)hostname);
+ h = gethostbyname((void *)hostname);
#endif /* HAVE_GETADDRINFO_THREADSAFE || HAVE_GETHOSTBYNAME_R */
}
diff --git a/lib/http.c b/lib/http.c
index e4b9d8b4b..741098e84 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -46,14 +46,13 @@
#endif
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "transfer.h"
#include "sendf.h"
#include "formdata.h"
#include "progress.h"
#include "curl_base64.h"
#include "cookie.h"
-#include "strequal.h"
#include "vauth/vauth.h"
#include "vtls/vtls.h"
#include "http_digest.h"
@@ -68,7 +67,7 @@
#include "parsedate.h" /* for the week day and month names */
#include "strtoofft.h"
#include "multiif.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "content_encoding.h"
#include "http_proxy.h"
#include "warnless.h"
@@ -77,6 +76,7 @@
#include "pipeline.h"
#include "http2.h"
#include "connect.h"
+#include "strdup.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@@ -119,6 +119,7 @@ const struct Curl_handler Curl_handler_http = {
ZERO_NULL, /* perform_getsock */
ZERO_NULL, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_HTTP, /* defport */
CURLPROTO_HTTP, /* protocol */
PROTOPT_CREDSPERREQUEST /* flags */
@@ -143,6 +144,7 @@ const struct Curl_handler Curl_handler_https = {
ZERO_NULL, /* perform_getsock */
ZERO_NULL, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_HTTPS, /* defport */
CURLPROTO_HTTPS, /* protocol */
PROTOPT_SSL | PROTOPT_CREDSPERREQUEST | PROTOPT_ALPN_NPN /* flags */
@@ -182,7 +184,7 @@ char *Curl_checkheaders(const struct connectdata *conn,
struct Curl_easy *data = conn->data;
for(head = data->set.headers;head; head=head->next) {
- if(Curl_raw_nequal(head->data, thisheader, thislen))
+ if(strncasecompare(head->data, thisheader, thislen))
return head->data;
}
@@ -208,7 +210,7 @@ char *Curl_checkProxyheaders(const struct connectdata *conn,
for(head = (conn->bits.proxy && data->set.sep_headers) ?
data->set.proxyheaders : data->set.headers;
head; head=head->next) {
- if(Curl_raw_nequal(head->data, thisheader, thislen))
+ if(strncasecompare(head->data, thisheader, thislen))
return head->data;
}
@@ -285,11 +287,12 @@ static CURLcode http_output_basic(struct connectdata
*conn, bool proxy)
const char *user;
const char *pwd;
CURLcode result;
+ char *out;
if(proxy) {
userp = &conn->allocptr.proxyuserpwd;
- user = conn->proxyuser;
- pwd = conn->proxypasswd;
+ user = conn->http_proxy.user;
+ pwd = conn->http_proxy.passwd;
}
else {
userp = &conn->allocptr.userpwd;
@@ -297,26 +300,32 @@ static CURLcode http_output_basic(struct connectdata
*conn, bool proxy)
pwd = conn->passwd;
}
- snprintf(data->state.buffer, sizeof(data->state.buffer), "%s:%s", user, pwd);
+ out = aprintf("%s:%s", user, pwd);
+ if(!out)
+ return CURLE_OUT_OF_MEMORY;
- result = Curl_base64_encode(data,
- data->state.buffer, strlen(data->state.buffer),
- &authorization, &size);
+ result = Curl_base64_encode(data, out, strlen(out), &authorization, &size);
if(result)
- return result;
+ goto fail;
- if(!authorization)
- return CURLE_REMOTE_ACCESS_DENIED;
+ if(!authorization) {
+ result = CURLE_REMOTE_ACCESS_DENIED;
+ goto fail;
+ }
free(*userp);
*userp = aprintf("%sAuthorization: Basic %s\r\n",
proxy ? "Proxy-" : "",
authorization);
free(authorization);
- if(!*userp)
- return CURLE_OUT_OF_MEMORY;
+ if(!*userp) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto fail;
+ }
- return CURLE_OK;
+ fail:
+ free(out);
+ return result;
}
/* pickoneauth() selects the most favourable authentication method from the
@@ -412,8 +421,6 @@ static CURLcode http_perhapsrewind(struct connectdata *conn)
case HTTPREQ_POST:
if(data->state.infilesize != -1)
expectsend = data->state.infilesize;
- else if(data->set.postfields)
- expectsend = (curl_off_t)strlen(data->set.postfields);
break;
case HTTPREQ_PUT:
if(data->state.infilesize != -1)
@@ -545,8 +552,8 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
}
}
if(http_should_fail(conn)) {
- failf (data, "The requested URL returned error: %d",
- data->req.httpcode);
+ failf(data, "The requested URL returned error: %d",
+ data->req.httpcode);
result = CURLE_HTTP_RETURNED_ERROR;
}
@@ -642,12 +649,12 @@ output_auth_headers(struct connectdata *conn,
if(auth) {
infof(data, "%s auth using %s with user '%s'\n",
proxy ? "Proxy" : "Server", auth,
- proxy ? (conn->proxyuser ? conn->proxyuser : "") :
+ proxy ? (conn->http_proxy.user ? conn->http_proxy.user : "") :
(conn->user ? conn->user : ""));
- authstatus->multi = (!authstatus->done) ? TRUE : FALSE;
+ authstatus->multipass = (!authstatus->done) ? TRUE : FALSE;
}
else
- authstatus->multi = FALSE;
+ authstatus->multipass = FALSE;
return CURLE_OK;
}
@@ -726,7 +733,7 @@ Curl_http_output_auth(struct connectdata *conn,
conn->bits.netrc ||
!data->state.first_host ||
data->set.http_disable_hostname_check_before_authentication ||
- Curl_raw_equal(data->state.first_host, conn->host.name)) {
+ strcasecompare(data->state.first_host, conn->host.name)) {
result = output_auth_headers(conn, authhost, request, path, FALSE);
}
else
@@ -840,9 +847,11 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
bool proxy,
auth += strlen("NTLM");
while(*auth && ISSPACE(*auth))
auth++;
- if(*auth)
- if((conn->challenge_header = strdup(auth)) == NULL)
+ if(*auth) {
+ conn->challenge_header = strdup(auth);
+ if(!conn->challenge_header)
return CURLE_OUT_OF_MEMORY;
+ }
}
}
#endif
@@ -1099,14 +1108,16 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in,
return result;
}
- if((conn->handler->flags & PROTOPT_SSL) && conn->httpversion != 20) {
+ if((conn->handler->flags & PROTOPT_SSL ||
+ conn->http_proxy.proxytype == CURLPROXY_HTTPS)
+ && conn->httpversion != 20) {
/* We never send more than CURL_MAX_WRITE_SIZE bytes in one single chunk
when we speak HTTPS, as if only a fraction of it is sent now, this data
needs to fit into the normal read-callback buffer later on and that
buffer is using this size.
*/
- sendsize = (size > CURL_MAX_WRITE_SIZE) ? CURL_MAX_WRITE_SIZE : size;
+ sendsize = CURLMIN(size, CURL_MAX_WRITE_SIZE);
/* OpenSSL is very picky and we must send the SAME buffer pointer to the
library when we attempt to re-send this buffer. Sending the same data
@@ -1192,8 +1203,7 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in,
This needs FIXing.
*/
return CURLE_SEND_ERROR;
- else
- Curl_pipeline_leave_write(conn);
+ Curl_pipeline_leave_write(conn);
}
}
Curl_add_buffer_free(in);
@@ -1256,14 +1266,13 @@ CURLcode Curl_add_buffer(Curl_send_buffer *in, const
void *inptr, size_t size)
if(in->buffer)
/* we have a buffer, enlarge the existing one */
- new_rb = realloc(in->buffer, new_size);
+ new_rb = Curl_saferealloc(in->buffer, new_size);
else
/* create a new buffer */
new_rb = malloc(new_size);
if(!new_rb) {
/* If we failed, we cleanup the whole buffer and return error */
- Curl_safefree(in->buffer);
free(in);
return CURLE_OUT_OF_MEMORY;
}
@@ -1305,7 +1314,7 @@ Curl_compareheader(const char *headerline, /* line to
check */
const char *start;
const char *end;
- if(!Curl_raw_nequal(headerline, header, hlen))
+ if(!strncasecompare(headerline, header, hlen))
return FALSE; /* doesn't start with header */
/* pass the header */
@@ -1331,7 +1340,7 @@ Curl_compareheader(const char *headerline, /* line to
check */
/* find the content string in the rest of the line */
for(;len>=clen;len--, start++) {
- if(Curl_raw_nequal(start, content, clen))
+ if(strncasecompare(start, content, clen))
return TRUE; /* match! */
}
@@ -1351,15 +1360,22 @@ CURLcode Curl_http_connect(struct connectdata *conn,
bool *done)
connkeep(conn, "HTTP default");
/* the CONNECT procedure might not have been completed */
- result = Curl_proxy_connect(conn);
+ result = Curl_proxy_connect(conn, FIRSTSOCKET);
if(result)
return result;
- if(conn->tunnel_state[FIRSTSOCKET] == TUNNEL_CONNECT)
+ if(conn->bits.proxy_connect_closed)
+ /* this is not an error, just part of the connection negotiation */
+ return CURLE_OK;
+
+ if(CONNECT_FIRSTSOCKET_PROXY_SSL())
+ return CURLE_OK; /* wait for HTTPS proxy SSL initialization to complete */
+
+ if(!Curl_connect_complete(conn))
/* nothing else to do except wait right now - we're not done here. */
return CURLE_OK;
- if(conn->given->flags & PROTOPT_SSL) {
+ if(conn->given->protocol & CURLPROTO_HTTPS) {
/* perform SSL initialization */
result = https_connecting(conn, done);
if(result)
@@ -1397,50 +1413,16 @@ static CURLcode https_connecting(struct connectdata
*conn, bool *done)
return result;
}
-#endif
-#if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
- defined(USE_DARWINSSL) || defined(USE_POLARSSL) || defined(USE_NSS) || \
- defined(USE_MBEDTLS)
-/* This function is for OpenSSL, GnuTLS, darwinssl, schannel and polarssl only.
- It should be made to query the generic SSL layer instead. */
-static int https_getsock(struct connectdata *conn,
- curl_socket_t *socks,
- int numsocks)
-{
- if(conn->handler->flags & PROTOPT_SSL) {
- struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET];
-
- if(!numsocks)
- return GETSOCK_BLANK;
-
- if(connssl->connecting_state == ssl_connect_2_writing) {
- /* write mode */
- socks[0] = conn->sock[FIRSTSOCKET];
- return GETSOCK_WRITESOCK(0);
- }
- else if(connssl->connecting_state == ssl_connect_2_reading) {
- /* read mode */
- socks[0] = conn->sock[FIRSTSOCKET];
- return GETSOCK_READSOCK(0);
- }
- }
-
- return CURLE_OK;
-}
-#else
-#ifdef USE_SSL
static int https_getsock(struct connectdata *conn,
curl_socket_t *socks,
int numsocks)
{
- (void)conn;
- (void)socks;
- (void)numsocks;
+ if(conn->handler->flags & PROTOPT_SSL)
+ return Curl_ssl_getsock(conn, socks, numsocks);
return GETSOCK_BLANK;
}
#endif /* USE_SSL */
-#endif /* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL */
/*
* Curl_http_done() gets called after a single HTTP request has been
@@ -1453,7 +1435,10 @@ CURLcode Curl_http_done(struct connectdata *conn,
struct Curl_easy *data = conn->data;
struct HTTP *http = data->req.protop;
- infof(data, "Curl_http_done: called premature == %d\n", premature);
+ /* Clear multipass flag. If authentication isn't done yet, then it will get
+ * a chance to be set back to true when we output the next auth header */
+ data->state.authhost.multipass = FALSE;
+ data->state.authproxy.multipass = FALSE;
Curl_unencode_cleanup(conn);
@@ -1539,6 +1524,20 @@ static bool use_http_1_1plus(const struct Curl_easy
*data,
(data->set.httpversion >= CURL_HTTP_VERSION_1_1));
}
+static const char *get_http_string(const struct Curl_easy *data,
+ const struct connectdata *conn)
+{
+#ifdef USE_NGHTTP2
+ if(conn->proto.httpc.h2)
+ return "2";
+#endif
+
+ if(use_http_1_1plus(data, conn))
+ return "1.1";
+
+ return "1.0";
+}
+
/* check and possibly add an Expect: header */
static CURLcode expect100(struct Curl_easy *data,
struct connectdata *conn,
@@ -1648,6 +1647,10 @@ CURLcode Curl_add_custom_headers(struct connectdata
*conn,
Connection: */
checkprefix("Connection", headers->data))
;
+ else if((conn->httpversion == 20) &&
+ checkprefix("Transfer-Encoding:", headers->data))
+ /* HTTP/2 doesn't support chunked requests */
+ ;
else {
CURLcode result = Curl_add_bufferf(req_buffer, "%s\r\n",
headers->data);
@@ -1692,9 +1695,10 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data,
Curl_send_buffer *req_buffer)
{
const struct tm *tm;
- char *buf = data->state.buffer;
struct tm keeptime;
CURLcode result;
+ char datestr[80];
+ const char *condp;
if(data->set.timecondition == CURL_TIMECOND_NONE)
/* no condition was asked for */
@@ -1707,6 +1711,21 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data,
}
tm = &keeptime;
+ switch(data->set.timecondition) {
+ default:
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+
+ case CURL_TIMECOND_IFMODSINCE:
+ condp = "If-Modified-Since";
+ break;
+ case CURL_TIMECOND_IFUNMODSINCE:
+ condp = "If-Unmodified-Since";
+ break;
+ case CURL_TIMECOND_LASTMOD:
+ condp = "Last-Modified";
+ break;
+ }
+
/* The If-Modified-Since header family should have their times set in
* GMT as RFC2616 defines: "All HTTP date/time stamps MUST be
* represented in Greenwich Mean Time (GMT), without exception. For the
@@ -1715,8 +1734,9 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data,
*/
/* format: "Tue, 15 Nov 1994 12:45:26 GMT" */
- snprintf(buf, BUFSIZE-1,
- "%s, %02d %s %4d %02d:%02d:%02d GMT",
+ snprintf(datestr, sizeof(datestr),
+ "%s: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n",
+ condp,
Curl_wkday[tm->tm_wday?tm->tm_wday-1:6],
tm->tm_mday,
Curl_month[tm->tm_mon],
@@ -1725,22 +1745,7 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data,
tm->tm_min,
tm->tm_sec);
- switch(data->set.timecondition) {
- default:
- break;
- case CURL_TIMECOND_IFMODSINCE:
- result = Curl_add_bufferf(req_buffer,
- "If-Modified-Since: %s\r\n", buf);
- break;
- case CURL_TIMECOND_IFUNMODSINCE:
- result = Curl_add_bufferf(req_buffer,
- "If-Unmodified-Since: %s\r\n", buf);
- break;
- case CURL_TIMECOND_LASTMOD:
- result = Curl_add_bufferf(req_buffer,
- "Last-Modified: %s\r\n", buf);
- break;
- }
+ result = Curl_add_buffer(req_buffer, datestr, strlen(datestr));
return result;
}
@@ -1848,6 +1853,9 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
case HTTPREQ_PUT:
request = "PUT";
break;
+ case HTTPREQ_OPTIONS:
+ request = "OPTIONS";
+ break;
default: /* this should never happen */
case HTTPREQ_GET:
request = "GET";
@@ -1873,7 +1881,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
if(result)
return result;
- if((data->state.authhost.multi || data->state.authproxy.multi) &&
+ if((data->state.authhost.multipass || data->state.authproxy.multipass) &&
(httpreq != HTTPREQ_GET) &&
(httpreq != HTTPREQ_HEAD)) {
/* Auth is required and we are not authenticated yet. Make a PUT or POST
@@ -1934,47 +1942,42 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
}
#endif
- if(conn->httpversion == 20)
- /* In HTTP2 forbids Transfer-Encoding: chunked */
- ptr = NULL;
+ ptr = Curl_checkheaders(conn, "Transfer-Encoding:");
+ if(ptr) {
+ /* Some kind of TE is requested, check if 'chunked' is chosen */
+ data->req.upload_chunky =
+ Curl_compareheader(ptr, "Transfer-Encoding:", "chunked");
+ }
else {
- ptr = Curl_checkheaders(conn, "Transfer-Encoding:");
- if(ptr) {
- /* Some kind of TE is requested, check if 'chunked' is chosen */
- data->req.upload_chunky =
- Curl_compareheader(ptr, "Transfer-Encoding:", "chunked");
- }
- else {
- if((conn->handler->protocol&PROTO_FAMILY_HTTP) &&
- data->set.upload &&
- (data->state.infilesize == -1)) {
- if(conn->bits.authneg)
- /* don't enable chunked during auth neg */
- ;
- else if(use_http_1_1plus(data, conn)) {
- /* HTTP, upload, unknown file size and not HTTP 1.0 */
- data->req.upload_chunky = TRUE;
- }
- else {
- failf(data, "Chunky upload is not supported by HTTP 1.0");
- return CURLE_UPLOAD_FAILED;
- }
+ if((conn->handler->protocol&PROTO_FAMILY_HTTP) &&
+ data->set.upload &&
+ (data->state.infilesize == -1)) {
+ if(conn->bits.authneg)
+ /* don't enable chunked during auth neg */
+ ;
+ else if(use_http_1_1plus(data, conn)) {
+ /* HTTP, upload, unknown file size and not HTTP 1.0 */
+ data->req.upload_chunky = TRUE;
}
else {
- /* else, no chunky upload */
- data->req.upload_chunky = FALSE;
+ failf(data, "Chunky upload is not supported by HTTP 1.0");
+ return CURLE_UPLOAD_FAILED;
}
-
- if(data->req.upload_chunky)
- te = "Transfer-Encoding: chunked\r\n";
}
+ else {
+ /* else, no chunky upload */
+ data->req.upload_chunky = FALSE;
+ }
+
+ if(data->req.upload_chunky)
+ te = "Transfer-Encoding: chunked\r\n";
}
Curl_safefree(conn->allocptr.host);
ptr = Curl_checkheaders(conn, "Host:");
if(ptr && (!data->state.this_is_a_follow ||
- Curl_raw_equal(data->state.first_host, conn->host.name))) {
+ strcasecompare(data->state.first_host, conn->host.name))) {
#if !defined(CURL_DISABLE_COOKIES)
/* If we have a given custom Host: header, we extract the host name in
order to possibly use it for cookie reasons later on. We only allow the
@@ -2094,7 +2097,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
/* when doing ftp, append ;type=<a|i> if not present */
char *type = strstr(ppath, ";type=");
if(type && type[6] && type[7] == 0) {
- switch (Curl_raw_toupper(type[6])) {
+ switch(Curl_raw_toupper(type[6])) {
case 'A':
case 'D':
case 'I':
@@ -2163,32 +2166,32 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
}
if(seekerr != CURL_SEEKFUNC_OK) {
+ curl_off_t passed=0;
+
if(seekerr != CURL_SEEKFUNC_CANTSEEK) {
failf(data, "Could not seek stream");
return CURLE_READ_ERROR;
}
/* when seekerr == CURL_SEEKFUNC_CANTSEEK (can't seek to offset) */
- else {
- curl_off_t passed=0;
- do {
- size_t readthisamountnow =
- (data->state.resume_from - passed > CURL_OFF_T_C(BUFSIZE)) ?
- BUFSIZE : curlx_sotouz(data->state.resume_from - passed);
-
- size_t actuallyread =
- data->state.fread_func(data->state.buffer, 1, readthisamountnow,
- data->state.in);
-
- passed += actuallyread;
- if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
- /* this checks for greater-than only to make sure that the
- CURL_READFUNC_ABORT return code still aborts */
- failf(data, "Could only read %" CURL_FORMAT_CURL_OFF_T
- " bytes from the input", passed);
- return CURLE_READ_ERROR;
- }
- } while(passed < data->state.resume_from);
- }
+ do {
+ size_t readthisamountnow =
+ (data->state.resume_from - passed > data->set.buffer_size) ?
+ (size_t)data->set.buffer_size :
+ curlx_sotouz(data->state.resume_from - passed);
+
+ size_t actuallyread =
+ data->state.fread_func(data->state.buffer, 1, readthisamountnow,
+ data->state.in);
+
+ passed += actuallyread;
+ if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
+ /* this checks for greater-than only to make sure that the
+ CURL_READFUNC_ABORT return code still aborts */
+ failf(data, "Could only read %" CURL_FORMAT_CURL_OFF_T
+ " bytes from the input", passed);
+ return CURLE_READ_ERROR;
+ }
+ } while(passed < data->state.resume_from);
}
/* now, decrease the size of the read */
@@ -2254,9 +2257,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
}
}
- /* Use 1.1 unless the user specifically asked for 1.0 or the server only
- supports 1.0 */
- httpstring= use_http_1_1plus(data, conn)?"1.1":"1.0";
+ httpstring = get_http_string(data, conn);
/* initialize a dynamic send-buffer */
req_buffer = Curl_add_buffer_init();
@@ -2270,6 +2271,9 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
if(result)
return result;
+ if(data->set.str[STRING_TARGET])
+ ppath = data->set.str[STRING_TARGET];
+
/* url */
if(paste_ftp_userpwd)
result = Curl_add_bufferf(req_buffer, "ftp://%s:address@hidden";,
@@ -2323,20 +2327,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
te
);
- /* clear userpwd to avoid re-using credentials from re-used connections */
+ /* clear userpwd and proxyuserpwd to avoid re-using old credentials
+ * from re-used connections */
Curl_safefree(conn->allocptr.userpwd);
-
- /*
- * Free proxyuserpwd for Negotiate/NTLM. Cannot reuse as it is associated
- * with the connection and shouldn't be repeated over it either.
- */
- switch (data->state.authproxy.picked) {
- case CURLAUTH_NEGOTIATE:
- case CURLAUTH_NTLM:
- case CURLAUTH_NTLM_WB:
- Curl_safefree(conn->allocptr.proxyuserpwd);
- break;
- }
+ Curl_safefree(conn->allocptr.proxyuserpwd);
if(result)
return result;
@@ -2385,7 +2379,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
}
co = co->next; /* next cookie please */
}
- Curl_cookie_freelist(store, FALSE); /* free the cookie list */
+ Curl_cookie_freelist(store);
}
if(addcookies && !result) {
if(!count)
@@ -2530,7 +2524,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
postsize = data->state.infilesize;
if((postsize != -1) && !data->req.upload_chunky &&
- !Curl_checkheaders(conn, "Content-Length:")) {
+ (conn->bits.authneg || !Curl_checkheaders(conn, "Content-Length:"))) {
/* only add Content-Length if not uploading chunked */
result = Curl_add_bufferf(req_buffer,
"Content-Length: %" CURL_FORMAT_CURL_OFF_T
@@ -2571,18 +2565,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
if(conn->bits.authneg)
postsize = 0;
- else {
- /* figure out the size of the postfields */
- postsize = (data->state.infilesize != -1)?
- data->state.infilesize:
- (data->set.postfields? (curl_off_t)strlen(data->set.postfields):-1);
- }
+ else
+ /* the size of the post body */
+ postsize = data->state.infilesize;
/* We only set Content-Length and allow a custom Content-Length if
we don't upload data chunked, as RFC2616 forbids us to set both
kinds of headers (Transfer-Encoding: chunked and Content-Length) */
if((postsize != -1) && !data->req.upload_chunky &&
- !Curl_checkheaders(conn, "Content-Length:")) {
+ (conn->bits.authneg || !Curl_checkheaders(conn, "Content-Length:"))) {
/* we allow replacing this header if not during auth negotiation,
although it isn't very wise to actually set your own */
result = Curl_add_bufferf(req_buffer,
@@ -2609,7 +2600,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
data->state.expect100header =
Curl_compareheader(ptr, "Expect:", "100-continue");
}
- else if(postsize > TINY_INITIAL_POST_SIZE || postsize < 0) {
+ else if(postsize > EXPECT_100_THRESHOLD || postsize < 0) {
result = expect100(data, conn, req_buffer);
if(result)
return result;
@@ -2758,9 +2749,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
data->req.upload_done = TRUE;
data->req.keepon &= ~KEEP_SEND; /* we're done writing */
data->req.exp100 = EXP100_SEND_DATA; /* already sent */
+ Curl_expire_done(data, EXPIRE_100_TIMEOUT);
}
}
+ if((conn->httpversion == 20) && data->req.upload_chunky)
+ /* upload_chunky was set above to set up the request in a chunky fashion,
+ but is disabled here again to avoid that the chunked encoded version is
+ actually used when sending the request body over h2 */
+ data->req.upload_chunky = FALSE;
return result;
}
@@ -2779,7 +2776,7 @@ checkhttpprefix(struct Curl_easy *data,
/* convert from the network encoding using a scratch area */
char *scratch = strdup(s);
if(NULL == scratch) {
- failf (data, "Failed to allocate memory for conversion!");
+ failf(data, "Failed to allocate memory for conversion!");
return FALSE; /* can't return CURLE_OUT_OF_MEMORY so return FALSE */
}
if(CURLE_OK != Curl_convert_from_network(data, scratch, strlen(s)+1)) {
@@ -2817,7 +2814,7 @@ checkrtspprefix(struct Curl_easy *data,
/* convert from the network encoding using a scratch area */
char *scratch = strdup(s);
if(NULL == scratch) {
- failf (data, "Failed to allocate memory for conversion!");
+ failf(data, "Failed to allocate memory for conversion!");
return FALSE; /* can't return CURLE_OUT_OF_MEMORY so return FALSE */
}
if(CURLE_OK != Curl_convert_from_network(data, scratch, strlen(s)+1)) {
@@ -2831,8 +2828,7 @@ checkrtspprefix(struct Curl_easy *data,
#endif /* CURL_DOES_CONVERSIONS */
if(checkprefix("RTSP/", s))
return TRUE;
- else
- return FALSE;
+ return FALSE;
}
#endif /* CURL_DISABLE_RTSP */
@@ -2869,8 +2865,8 @@ static CURLcode header_append(struct Curl_easy *data,
/* The reason to have a max limit for this is to avoid the risk of a bad
server feeding libcurl with a never-ending header that will cause
reallocs infinitely */
- failf (data, "Avoided giant realloc for header (max is %d)!",
- CURL_MAX_HTTP_HEADER);
+ failf(data, "Avoided giant realloc for header (max is %d)!",
+ CURL_MAX_HTTP_HEADER);
return CURLE_OUT_OF_MEMORY;
}
@@ -2878,7 +2874,7 @@ static CURLcode header_append(struct Curl_easy *data,
hbufp_index = k->hbufp - data->state.headerbuff;
newbuff = realloc(data->state.headerbuff, newsize);
if(!newbuff) {
- failf (data, "Failed to alloc memory for big header!");
+ failf(data, "Failed to alloc memory for big header!");
return CURLE_OUT_OF_MEMORY;
}
data->state.headersize=newsize;
@@ -3050,6 +3046,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy
*data,
if(k->exp100 > EXP100_SEND_DATA) {
k->exp100 = EXP100_SEND_DATA;
k->keepon |= KEEP_SEND;
+ Curl_expire_done(data, EXPIRE_100_TIMEOUT);
}
break;
case 101:
@@ -3119,8 +3116,8 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy
*data,
* up and return an error.
*/
if(http_should_fail(conn)) {
- failf (data, "The requested URL returned error: %d",
- k->httpcode);
+ failf(data, "The requested URL returned error: %d",
+ k->httpcode);
return CURLE_HTTP_RETURNED_ERROR;
}
@@ -3176,13 +3173,23 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy
*data,
* request body has been sent we stop sending and mark the
* connection for closure after we've read the entire response.
*/
+ Curl_expire_done(data, EXPIRE_100_TIMEOUT);
if(!k->upload_done) {
- infof(data, "HTTP error before end of send, stop sending\n");
- streamclose(conn, "Stop sending data before everything sent");
- k->upload_done = TRUE;
- k->keepon &= ~KEEP_SEND; /* don't send */
- if(data->state.expect100header)
- k->exp100 = EXP100_FAILED;
+ if(data->set.http_keep_sending_on_error) {
+ infof(data, "HTTP error before end of send, keep sending\n");
+ if(k->exp100 > EXP100_SEND_DATA) {
+ k->exp100 = EXP100_SEND_DATA;
+ k->keepon |= KEEP_SEND;
+ }
+ }
+ else {
+ infof(data, "HTTP error before end of send, stop sending\n");
+ streamclose(conn, "Stop sending data before everything sent");
+ k->upload_done = TRUE;
+ k->keepon &= ~KEEP_SEND; /* don't send */
+ if(data->state.expect100header)
+ k->exp100 = EXP100_FAILED;
+ }
}
break;
@@ -3244,9 +3251,17 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy
*data,
k->maxdownload = k->size;
}
- /* If max download size is *zero* (nothing) we already
- have nothing and can safely return ok now! */
- if(0 == k->maxdownload)
+ /* If max download size is *zero* (nothing) we already have
+ nothing and can safely return ok now! But for HTTP/2, we'd
+ like to call http2_handle_stream_close to properly close a
+ stream. In order to do this, we keep reading until we
+ close the stream. */
+ if(0 == k->maxdownload
+#if defined(USE_NGHTTP2)
+ && !((conn->handler->protocol & PROTO_FAMILY_HTTP) &&
+ conn->httpversion == 20)
+#endif
+ )
*stop_reading = TRUE;
if(*stop_reading) {
@@ -3303,23 +3318,26 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy
*data,
/*
* https://tools.ietf.org/html/rfc7230#section-3.1.2
*
- * The reponse code is always a three-digit number in HTTP as the spec
+ * The response code is always a three-digit number in HTTP as the spec
* says. We try to allow any number here, but we cannot make
* guarantees on future behaviors since it isn't within the protocol.
*/
+ char separator;
nc = sscanf(HEADER1,
- " HTTP/%d.%d %d",
+ " HTTP/%1d.%1d%c%3d",
&httpversion_major,
&conn->httpversion,
+ &separator,
&k->httpcode);
if(nc == 1 && httpversion_major == 2 &&
1 == sscanf(HEADER1, " HTTP/2 %d", &k->httpcode)) {
conn->httpversion = 0;
- nc = 3;
+ nc = 4;
+ separator = ' ';
}
- if(nc==3) {
+ if((nc==4) && (' ' == separator)) {
conn->httpversion += 10 * httpversion_major;
if(k->upgr101 == UPGR101_RECEIVED) {
@@ -3328,7 +3346,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy
*data,
infof(data, "Lying server, not serving HTTP/2\n");
}
}
- else {
+ else if(!nc) {
/* this is the real world, not a Nirvana
NCSA 1.5.x returns this crap when asked for HTTP/1.1
*/
@@ -3346,6 +3364,10 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy
*data,
}
}
}
+ else {
+ failf(data, "Unsupported HTTP version in response\n");
+ return CURLE_UNSUPPORTED_PROTOCOL;
+ }
}
else if(conn->handler->protocol & CURLPROTO_RTSP) {
nc = sscanf(HEADER1,
diff --git a/lib/http.h b/lib/http.h
index 9fb669c9d..c5c7a125d 100644
--- a/lib/http.h
+++ b/lib/http.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -96,7 +96,7 @@ CURLcode Curl_http_perhapsrewind(struct connectdata *conn);
/* If only the PICKNONE bit is set, there has been a round-trip and we
selected to use no auth at all. Ie, we actively select no auth, as opposed
to not having one selected. The other CURLAUTH_* defines are present in the
- public curl/curl.h header. */
+ public gnurl/curl.h header. */
#define CURLAUTH_PICKNONE (1<<30) /* don't use auth */
/* MAX_INITIAL_POST_SIZE indicates the number of bytes that will make the POST
@@ -115,8 +115,13 @@ CURLcode Curl_http_perhapsrewind(struct connectdata *conn);
#define MAX_INITIAL_POST_SIZE (64*1024)
#endif
-#ifndef TINY_INITIAL_POST_SIZE
-#define TINY_INITIAL_POST_SIZE 1024
+/* EXPECT_100_THRESHOLD is the request body size limit for when libcurl will
+ * automatically add an "Expect: 100-continue" header in HTTP requests. When
+ * the size is unknown, it will always add it.
+ *
+ */
+#ifndef EXPECT_100_THRESHOLD
+#define EXPECT_100_THRESHOLD 1024
#endif
#endif /* CURL_DISABLE_HTTP */
@@ -219,6 +224,10 @@ struct http_conn {
/* this is a hash of all individual streams (Curl_easy structs) */
struct h2settings settings;
+
+ /* list of settings that will be sent */
+ nghttp2_settings_entry local_settings[3];
+ size_t local_settings_num;
#else
int unused; /* prevent a compiler warning */
#endif
diff --git a/lib/http2.c b/lib/http2.c
index c2257726a..6b52171f6 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -28,14 +28,15 @@
#include "http2.h"
#include "http.h"
#include "sendf.h"
+#include "select.h"
#include "curl_base64.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "multiif.h"
#include "conncache.h"
#include "url.h"
#include "connect.h"
#include "strtoofft.h"
-
+#include "strdup.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
#include "curl_memory.h"
@@ -59,6 +60,12 @@
#define nghttp2_session_callbacks_set_error_callback(x,y)
#endif
+#if (NGHTTP2_VERSION_NUM >= 0x010c00)
+#define NGHTTP2_HAS_SET_LOCAL_WINDOW_SIZE 1
+#endif
+
+#define HTTP2_HUGE_WINDOW_SIZE (1 << 30)
+
/*
* Curl_http2_init_state() is called when the easy handle is created and
* allows for HTTP/2 specific init of state.
@@ -110,18 +117,11 @@ static int http2_getsock(struct connectdata *conn,
return http2_perform_getsock(conn, sock, numsocks);
}
-static CURLcode http2_disconnect(struct connectdata *conn,
- bool dead_connection)
+/*
+ * http2_stream_free() free HTTP2 stream related data
+ */
+static void http2_stream_free(struct HTTP *http)
{
- struct HTTP *http = conn->data->req.protop;
- struct http_conn *c = &conn->proto.httpc;
- (void)dead_connection;
-
- DEBUGF(infof(conn->data, "HTTP/2 DISCONNECT starts now\n"));
-
- nghttp2_session_del(c->h2);
- Curl_safefree(c->inbuf);
-
if(http) {
Curl_add_buffer_free(http->header_recvbuf);
http->header_recvbuf = NULL; /* clear the pointer */
@@ -133,12 +133,68 @@ static CURLcode http2_disconnect(struct connectdata *conn,
free(http->push_headers);
http->push_headers = NULL;
}
+}
+
+static CURLcode http2_disconnect(struct connectdata *conn,
+ bool dead_connection)
+{
+ struct http_conn *c = &conn->proto.httpc;
+ (void)dead_connection;
+
+ DEBUGF(infof(conn->data, "HTTP/2 DISCONNECT starts now\n"));
+
+ nghttp2_session_del(c->h2);
+ Curl_safefree(c->inbuf);
+ http2_stream_free(conn->data->req.protop);
DEBUGF(infof(conn->data, "HTTP/2 DISCONNECT done\n"));
return CURLE_OK;
}
+/*
+ * The server may send us data at any point (e.g. PING frames). Therefore,
+ * we cannot assume that an HTTP/2 socket is dead just because it is readable.
+ *
+ * Instead, if it is readable, run Curl_connalive() to peek at the socket
+ * and distinguish between closed and data.
+ */
+static bool http2_connisdead(struct connectdata *check)
+{
+ int sval;
+ bool ret_val = TRUE;
+
+ sval = SOCKET_READABLE(check->sock[FIRSTSOCKET], 0);
+ if(sval == 0) {
+ /* timeout */
+ ret_val = FALSE;
+ }
+ else if(sval & CURL_CSELECT_ERR) {
+ /* socket is in an error state */
+ ret_val = TRUE;
+ }
+ else if(sval & CURL_CSELECT_IN) {
+ /* readable with no error. could still be closed */
+ ret_val = !Curl_connalive(check);
+ }
+
+ return ret_val;
+}
+
+
+static unsigned int http2_conncheck(struct connectdata *check,
+ unsigned int checks_to_perform)
+{
+ unsigned int ret_val = CONNRESULT_NONE;
+
+ if(checks_to_perform & CONNCHECK_ISDEAD) {
+ if(http2_connisdead(check))
+ ret_val |= CONNRESULT_DEAD;
+ }
+
+ return ret_val;
+}
+
/* called from Curl_http_setup_conn */
void Curl_http2_setup_req(struct Curl_easy *data)
{
@@ -153,7 +209,7 @@ void Curl_http2_setup_req(struct Curl_easy *data)
http->closed = FALSE;
http->close_handled = FALSE;
http->mem = data->state.buffer;
- http->len = BUFSIZE;
+ http->len = data->set.buffer_size;
http->memlen = 0;
}
@@ -169,7 +225,7 @@ void Curl_http2_setup_conn(struct connectdata *conn)
* but will be used at run-time when the protocol is dynamically switched from
* HTTP to HTTP2.
*/
-const struct Curl_handler Curl_handler_http2 = {
+static const struct Curl_handler Curl_handler_http2 = {
"HTTP", /* scheme */
ZERO_NULL, /* setup_connection */
Curl_http, /* do_it */
@@ -184,12 +240,13 @@ const struct Curl_handler Curl_handler_http2 = {
http2_perform_getsock, /* perform_getsock */
http2_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ http2_conncheck, /* connection_check */
PORT_HTTP, /* defport */
CURLPROTO_HTTP, /* protocol */
PROTOPT_STREAM /* flags */
};
-const struct Curl_handler Curl_handler_http2_ssl = {
+static const struct Curl_handler Curl_handler_http2_ssl = {
"HTTPS", /* scheme */
ZERO_NULL, /* setup_connection */
Curl_http, /* do_it */
@@ -204,6 +261,7 @@ const struct Curl_handler Curl_handler_http2_ssl = {
http2_perform_getsock, /* perform_getsock */
http2_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ http2_conncheck, /* connection_check */
PORT_HTTP, /* defport */
CURLPROTO_HTTPS, /* protocol */
PROTOPT_SSL | PROTOPT_STREAM /* flags */
@@ -223,7 +281,8 @@ int Curl_http2_ver(char *p, size_t len)
https://tools.ietf.org/html/rfc7540#page-77
nghttp2_error_code enums are identical.
*/
-const char *Curl_http2_strerror(uint32_t err) {
+const char *Curl_http2_strerror(uint32_t err)
+{
#ifndef NGHTTP2_HAS_HTTP2_STRERROR
const char *str[] = {
"NO_ERROR", /* 0x0 */
@@ -319,7 +378,7 @@ char *curl_pushheader_byname(struct curl_pushheaders *h,
const char *header)
the middle of header, it could be matched in middle of the value,
this is because we do prefix match.*/
if(!h || !GOOD_EASY_HANDLE(h->data) || !header || !header[0] ||
- Curl_raw_equal(header, ":") || strchr(header + 1, ':'))
+ !strcmp(header, ":") || strchr(header + 1, ':'))
return NULL;
else {
struct HTTP *stream = h->data->req.protop;
@@ -395,6 +454,7 @@ static int push_promise(struct Curl_easy *data,
stream = data->req.protop;
if(!stream) {
failf(data, "Internal NULL stream!\n");
+ (void)Curl_close(newhandle);
rv = 1;
goto fail;
}
@@ -408,9 +468,11 @@ static int push_promise(struct Curl_easy *data,
free(stream->push_headers[i]);
free(stream->push_headers);
stream->push_headers = NULL;
+ stream->push_headers_used = 0;
if(rv) {
/* denied, kill off the new handle again */
+ http2_stream_free(newhandle->req.protop);
(void)Curl_close(newhandle);
goto fail;
}
@@ -425,6 +487,7 @@ static int push_promise(struct Curl_easy *data,
rc = Curl_multi_add_perform(data->multi, newhandle, conn);
if(rc) {
infof(data, "failed to add handle to multi\n");
+ http2_stream_free(newhandle->req.protop);
Curl_close(newhandle);
rv = 1;
goto fail;
@@ -552,7 +615,7 @@ static int on_frame_recv(nghttp2_session *session, const
nghttp2_frame *frame,
/* if we receive data for another handle, wake that up */
if(conn_s->data != data_s)
- Curl_expire(data_s, 0);
+ Curl_expire(data_s, 0, EXPIRE_RUN_NOW);
}
break;
case NGHTTP2_PUSH_PROMISE:
@@ -580,6 +643,9 @@ static int on_invalid_frame_recv(nghttp2_session *session,
{
struct Curl_easy *data_s = NULL;
(void)userp;
+#if !defined(DEBUGBUILD) || defined(CURL_DISABLE_VERBOSE_STRINGS)
+ (void)lib_error_code;
+#endif
data_s = nghttp2_session_get_stream_user_data(session, frame->hd.stream_id);
if(data_s) {
@@ -626,7 +692,7 @@ static int on_data_chunk_recv(nghttp2_session *session,
uint8_t flags,
/* if we receive data for another handle, wake that up */
if(conn->data != data_s)
- Curl_expire(data_s, 0);
+ Curl_expire(data_s, 0, EXPIRE_RUN_NOW);
DEBUGF(infof(data_s, "%zu data received for stream %u "
"(%zu left in buffer %p, total %zu)\n",
@@ -690,6 +756,9 @@ static int on_frame_not_send(nghttp2_session *session,
{
struct Curl_easy *data_s;
(void)userp;
+#if !defined(DEBUGBUILD) || defined(CURL_DISABLE_VERBOSE_STRINGS)
+ (void)lib_error_code;
+#endif
data_s = nghttp2_session_get_stream_user_data(session, frame->hd.stream_id);
if(data_s) {
@@ -761,7 +830,7 @@ static int on_begin_headers(nghttp2_session *session,
/* This is trailer HEADERS started. Allocate buffer for them. */
DEBUGF(infof(data_s, "trailer field started\n"));
- assert(stream->trailer_recvbuf == NULL);
+ DEBUGASSERT(stream->trailer_recvbuf == NULL);
stream->trailer_recvbuf = Curl_add_buffer_init();
if(!stream->trailer_recvbuf) {
@@ -841,10 +910,9 @@ static int on_header(nghttp2_session *session, const
nghttp2_frame *frame,
stream->push_headers_alloc) {
char **headp;
stream->push_headers_alloc *= 2;
- headp = realloc(stream->push_headers,
- stream->push_headers_alloc * sizeof(char *));
+ headp = Curl_saferealloc(stream->push_headers,
+ stream->push_headers_alloc * sizeof(char *));
if(!headp) {
- free(stream->push_headers);
stream->push_headers = NULL;
return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
}
@@ -887,7 +955,7 @@ static int on_header(nghttp2_session *session, const
nghttp2_frame *frame,
Curl_add_buffer(stream->header_recvbuf, " \r\n", 3);
/* if we receive data for another handle, wake that up */
if(conn->data != data_s)
- Curl_expire(data_s, 0);
+ Curl_expire(data_s, 0, EXPIRE_RUN_NOW);
DEBUGF(infof(data_s, "h2 status: HTTP/2 %03d (easy %p)\n",
stream->status_code, data_s));
@@ -903,7 +971,7 @@ static int on_header(nghttp2_session *session, const
nghttp2_frame *frame,
Curl_add_buffer(stream->header_recvbuf, "\r\n", 2);
/* if we receive data for another handle, wake that up */
if(conn->data != data_s)
- Curl_expire(data_s, 0);
+ Curl_expire(data_s, 0, EXPIRE_RUN_NOW);
DEBUGF(infof(data_s, "h2 header: %.*s: %.*s\n", namelen, name, valuelen,
value));
@@ -961,14 +1029,6 @@ static ssize_t data_source_read_callback(nghttp2_session
*session,
return nread;
}
-/*
- * The HTTP2 settings we send in the Upgrade request
- */
-static nghttp2_settings_entry settings[] = {
- { NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, 100 },
- { NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE, NGHTTP2_INITIAL_WINDOW_SIZE },
-};
-
#define H2_BUFSIZE 32768
#ifdef NGHTTP2_HAS_ERROR_CALLBACK
@@ -984,6 +1044,23 @@ static int error_callback(nghttp2_session *session,
}
#endif
+static void populate_settings(struct connectdata *conn,
+ struct http_conn *httpc)
+{
+ nghttp2_settings_entry *iv = httpc->local_settings;
+
+ iv[0].settings_id = NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS;
+ iv[0].value = 100;
+
+ iv[1].settings_id = NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE;
+ iv[1].value = HTTP2_HUGE_WINDOW_SIZE;
+
+ iv[2].settings_id = NGHTTP2_SETTINGS_ENABLE_PUSH;
+ iv[2].value = conn->data->multi->push_cb != NULL;
+
+ httpc->local_settings_num = 3;
+}
+
void Curl_http2_done(struct connectdata *conn, bool premature)
{
struct Curl_easy *data = conn->data;
@@ -1097,16 +1174,14 @@ CURLcode Curl_http2_request_upgrade(Curl_send_buffer
*req,
size_t blen;
struct SingleRequest *k = &conn->data->req;
uint8_t *binsettings = conn->proto.httpc.binsettings;
+ struct http_conn *httpc = &conn->proto.httpc;
- /* As long as we have a fixed set of settings, we don't have to dynamically
- * figure out the base64 strings since it'll always be the same. However,
- * the settings will likely not be fixed every time in the future.
- */
+ populate_settings(conn, httpc);
/* this returns number of bytes it wrote */
binlen = nghttp2_pack_settings_payload(binsettings, H2_BINSETTINGS_LEN,
- settings,
- sizeof(settings)/sizeof(settings[0]));
+ httpc->local_settings,
+ httpc->local_settings_num);
if(!binlen) {
failf(conn->data, "nghttp2 unexpectedly failed on pack_settings_payload");
return CURLE_FAILED_INIT;
@@ -1424,7 +1499,7 @@ static ssize_t http2_recv(struct connectdata *conn, int
sockindex,
infof(data, "%zu data bytes written\n", nread);
if(stream->pauselen == 0) {
DEBUGF(infof(data, "Unpaused by stream %u\n", stream->stream_id));
- assert(httpc->pause_stream_id == stream->stream_id);
+ DEBUGASSERT(httpc->pause_stream_id == stream->stream_id);
httpc->pause_stream_id = 0;
stream->pausedata = NULL;
@@ -1572,6 +1647,72 @@ static ssize_t http2_recv(struct connectdata *conn, int
sockindex,
#define HEADER_OVERFLOW(x) \
(x.namelen > (uint16_t)-1 || x.valuelen > (uint16_t)-1 - x.namelen)
+/*
+ * Check header memory for the token "trailers".
+ * Parse the tokens as separated by comma and surrounded by whitespace.
+ * Returns TRUE if found or FALSE if not.
+ */
+static bool contains_trailers(const char *p, size_t len)
+{
+ const char *end = p + len;
+ for(;;) {
+ for(; p != end && (*p == ' ' || *p == '\t'); ++p)
+ ;
+ if(p == end || (size_t)(end - p) < sizeof("trailers") - 1)
+ return FALSE;
+ if(strncasecompare("trailers", p, sizeof("trailers") - 1)) {
+ p += sizeof("trailers") - 1;
+ for(; p != end && (*p == ' ' || *p == '\t'); ++p)
+ ;
+ if(p == end || *p == ',')
+ return TRUE;
+ }
+ /* skip to next token */
+ for(; p != end && *p != ','; ++p)
+ ;
+ if(p == end)
+ return FALSE;
+ ++p;
+ }
+}
+
+typedef enum {
+ /* Send header to server */
+ HEADERINST_FORWARD,
+ /* Don't send header to server */
+ HEADERINST_IGNORE,
+ /* Discard header, and replace it with "te: trailers" */
+ HEADERINST_TE_TRAILERS
+} header_instruction;
+
+/* Decides how to treat given header field. */
+static header_instruction inspect_header(const char *name, size_t namelen,
+ const char *value, size_t valuelen) {
+ switch(namelen) {
+ case 2:
+ if(!strncasecompare("te", name, namelen))
+ return HEADERINST_FORWARD;
+
+ return contains_trailers(value, valuelen) ?
+ HEADERINST_TE_TRAILERS : HEADERINST_IGNORE;
+ case 7:
+ return strncasecompare("upgrade", name, namelen) ?
+ HEADERINST_IGNORE : HEADERINST_FORWARD;
+ case 10:
+ return (strncasecompare("connection", name, namelen) ||
+ strncasecompare("keep-alive", name, namelen)) ?
+ HEADERINST_IGNORE : HEADERINST_FORWARD;
+ case 16:
+ return strncasecompare("proxy-connection", name, namelen) ?
+ HEADERINST_IGNORE : HEADERINST_FORWARD;
+ case 17:
+ return strncasecompare("transfer-encoding", name, namelen) ?
+ HEADERINST_IGNORE : HEADERINST_FORWARD;
+ default:
+ return HEADERINST_FORWARD;
+ }
+}
+
static ssize_t http2_send(struct connectdata *conn, int sockindex,
const void *mem, size_t len, CURLcode *err)
{
@@ -1587,7 +1728,7 @@ static ssize_t http2_send(struct connectdata *conn, int
sockindex,
size_t nheader;
size_t i;
size_t authority_idx;
- char *hdbuf = (char*)mem;
+ char *hdbuf = (char *)mem;
char *end, *line_end;
nghttp2_data_provider data_prd;
int32_t stream_id;
@@ -1725,7 +1866,6 @@ static ssize_t http2_send(struct connectdata *conn, int
sockindex,
i = 3;
while(i < nheader) {
size_t hlen;
- int skip = 0;
hdbuf = line_end + 2;
@@ -1743,12 +1883,7 @@ static ssize_t http2_send(struct connectdata *conn, int
sockindex,
goto fail;
hlen = end - hdbuf;
- if(hlen == 10 && Curl_raw_nequal("connection", hdbuf, 10)) {
- /* skip Connection: headers! */
- skip = 1;
- --nheader;
- }
- else if(hlen == 4 && Curl_raw_nequal("host", hdbuf, 4)) {
+ if(hlen == 4 && strncasecompare("host", hdbuf, 4)) {
authority_idx = i;
nva[i].name = (unsigned char *)":authority";
nva[i].namelen = strlen((char *)nva[i].name);
@@ -1761,16 +1896,28 @@ static ssize_t http2_send(struct connectdata *conn, int
sockindex,
while(*hdbuf == ' ' || *hdbuf == '\t')
++hdbuf;
end = line_end;
- if(!skip) {
+
+ switch(inspect_header((const char *)nva[i].name, nva[i].namelen, hdbuf,
+ end - hdbuf)) {
+ case HEADERINST_IGNORE:
+ /* skip header fields prohibited by HTTP/2 specification. */
+ --nheader;
+ continue;
+ case HEADERINST_TE_TRAILERS:
+ nva[i].value = (uint8_t*)"trailers";
+ nva[i].valuelen = sizeof("trailers") - 1;
+ break;
+ default:
nva[i].value = (unsigned char *)hdbuf;
nva[i].valuelen = (size_t)(end - hdbuf);
- nva[i].flags = NGHTTP2_NV_FLAG_NONE;
- if(HEADER_OVERFLOW(nva[i])) {
- failf(conn->data, "Failed sending HTTP request: Header overflow");
- goto fail;
- }
- ++i;
}
+
+ nva[i].flags = NGHTTP2_NV_FLAG_NONE;
+ if(HEADER_OVERFLOW(nva[i])) {
+ failf(conn->data, "Failed sending HTTP request: Header overflow");
+ goto fail;
+ }
+ ++i;
}
/* :authority must come before non-pseudo header fields */
@@ -1784,24 +1931,22 @@ static ssize_t http2_send(struct connectdata *conn, int
sockindex,
/* Warn stream may be rejected if cumulative length of headers is too large.
It appears nghttp2 will not send a header frame larger than 64KB. */
+#define MAX_ACC 60000 /* <64KB to account for some overhead */
{
size_t acc = 0;
- const size_t max_acc = 60000; /* <64KB to account for some overhead */
for(i = 0; i < nheader; ++i) {
- if(nva[i].namelen > max_acc - acc)
- break;
- acc += nva[i].namelen;
+ acc += nva[i].namelen + nva[i].valuelen;
- if(nva[i].valuelen > max_acc - acc)
- break;
- acc += nva[i].valuelen;
+ DEBUGF(infof(conn->data, "h2 header: %.*s:%.*s\n",
+ nva[i].namelen, nva[i].name,
+ nva[i].valuelen, nva[i].value));
}
- if(i != nheader) {
+ if(acc > MAX_ACC) {
infof(conn->data, "http2_send: Warning: The cumulative length of all "
- "headers exceeds %zu bytes and that could cause the "
- "stream to be rejected.\n", max_acc);
+ "headers exceeds %zu bytes and that could cause the "
+ "stream to be rejected.\n", MAX_ACC);
}
}
@@ -1955,9 +2100,13 @@ CURLcode Curl_http2_switched(struct connectdata *conn,
conn->data);
}
else {
+ populate_settings(conn, httpc);
+
/* stream ID is unknown at this point */
stream->stream_id = -1;
- rv = nghttp2_submit_settings(httpc->h2, NGHTTP2_FLAG_NONE, NULL, 0);
+ rv = nghttp2_submit_settings(httpc->h2, NGHTTP2_FLAG_NONE,
+ httpc->local_settings,
+ httpc->local_settings_num);
if(rv != 0) {
failf(data, "nghttp2_submit_settings() failed: %s(%d)",
nghttp2_strerror(rv), rv);
@@ -1965,6 +2114,16 @@ CURLcode Curl_http2_switched(struct connectdata *conn,
}
}
+#ifdef NGHTTP2_HAS_SET_LOCAL_WINDOW_SIZE
+ rv = nghttp2_session_set_local_window_size(httpc->h2, NGHTTP2_FLAG_NONE, 0,
+ HTTP2_HUGE_WINDOW_SIZE);
+ if(rv != 0) {
+ failf(data, "nghttp2_session_set_local_window_size() failed: %s(%d)",
+ nghttp2_strerror(rv), rv);
+ return CURLE_HTTP2;
+ }
+#endif
+
/* we are going to copy mem to httpc->inbuf. This is required since
mem is part of buffer pointed by stream->mem, and callbacks
called by nghttp2_session_mem_recv() will write stream specific
@@ -1980,7 +2139,8 @@ CURLcode Curl_http2_switched(struct connectdata *conn,
" after upgrade: len=%zu\n",
nread);
- memcpy(httpc->inbuf, mem, nread);
+ if(nread)
+ memcpy(httpc->inbuf, mem, nread);
httpc->inbuflen = nread;
nproc = nghttp2_session_mem_recv(httpc->h2, (const uint8_t *)httpc->inbuf,
@@ -2020,12 +2180,94 @@ CURLcode Curl_http2_switched(struct connectdata *conn,
return CURLE_OK;
}
+CURLcode Curl_http2_add_child(struct Curl_easy *parent,
+ struct Curl_easy *child,
+ bool exclusive)
+{
+ if(parent) {
+ struct Curl_http2_dep **tail;
+ struct Curl_http2_dep *dep = calloc(1, sizeof(struct Curl_http2_dep));
+ if(!dep)
+ return CURLE_OUT_OF_MEMORY;
+ dep->data = child;
+
+ if(parent->set.stream_dependents && exclusive) {
+ struct Curl_http2_dep *node = parent->set.stream_dependents;
+ while(node) {
+ node->data->set.stream_depends_on = child;
+ node = node->next;
+ }
+
+ tail = &child->set.stream_dependents;
+ while(*tail)
+ tail = &(*tail)->next;
+
+ DEBUGASSERT(!*tail);
+ *tail = parent->set.stream_dependents;
+ parent->set.stream_dependents = 0;
+ }
+
+ tail = &parent->set.stream_dependents;
+ while(*tail) {
+ (*tail)->data->set.stream_depends_e = FALSE;
+ tail = &(*tail)->next;
+ }
+
+ DEBUGASSERT(!*tail);
+ *tail = dep;
+ }
+
+ child->set.stream_depends_on = parent;
+ child->set.stream_depends_e = exclusive;
+ return CURLE_OK;
+}
+
+void Curl_http2_remove_child(struct Curl_easy *parent, struct Curl_easy *child)
+{
+ struct Curl_http2_dep *last = 0;
+ struct Curl_http2_dep *data = parent->set.stream_dependents;
+ DEBUGASSERT(child->set.stream_depends_on == parent);
+
+ while(data && data->data != child) {
+ last = data;
+ data = data->next;
+ }
+
+ DEBUGASSERT(data);
+
+ if(data) {
+ if(last) {
+ last->next = data->next;
+ }
+ else {
+ parent->set.stream_dependents = data->next;
+ }
+ free(data);
+ }
+
+ child->set.stream_depends_on = 0;
+ child->set.stream_depends_e = FALSE;
+}
+
+void Curl_http2_cleanup_dependencies(struct Curl_easy *data)
+{
+ while(data->set.stream_dependents) {
+ struct Curl_easy *tmp = data->set.stream_dependents->data;
+ Curl_http2_remove_child(data, tmp);
+ if(data->set.stream_depends_on)
+ Curl_http2_add_child(data->set.stream_depends_on, tmp, FALSE);
+ }
+
+ if(data->set.stream_depends_on)
+ Curl_http2_remove_child(data->set.stream_depends_on, data);
+}
+
#else /* !USE_NGHTTP2 */
/* Satisfy external references even if http2 is not compiled in. */
#define CURL_DISABLE_TYPECHECK
-#include <curl/curl.h>
+#include <gnurl/curl.h>
char *curl_pushheader_bynum(struct curl_pushheaders *h, size_t num)
{
diff --git a/lib/http2.h b/lib/http2.h
index 891753590..f597c805e 100644
--- a/lib/http2.h
+++ b/lib/http2.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -53,6 +53,12 @@ void Curl_http2_setup_conn(struct connectdata *conn);
void Curl_http2_setup_req(struct Curl_easy *data);
void Curl_http2_done(struct connectdata *conn, bool premature);
CURLcode Curl_http2_done_sending(struct connectdata *conn);
+CURLcode Curl_http2_add_child(struct Curl_easy *parent,
+ struct Curl_easy *child,
+ bool exclusive);
+void Curl_http2_remove_child(struct Curl_easy *parent,
+ struct Curl_easy *child);
+void Curl_http2_cleanup_dependencies(struct Curl_easy *data);
#else /* USE_NGHTTP2 */
#define Curl_http2_init(x) CURLE_UNSUPPORTED_PROTOCOL
#define Curl_http2_send_request(x) CURLE_UNSUPPORTED_PROTOCOL
@@ -65,6 +71,9 @@ CURLcode Curl_http2_done_sending(struct connectdata *conn);
#define Curl_http2_init_userset(x)
#define Curl_http2_done(x,y)
#define Curl_http2_done_sending(x)
+#define Curl_http2_add_child(x, y, z)
+#define Curl_http2_remove_child(x, y)
+#define Curl_http2_cleanup_dependencies(x)
#endif
#endif /* HEADER_CURL_HTTP2_H */
diff --git a/lib/http_chunks.c b/lib/http_chunks.c
index ea171092b..1bdf6974c 100644
--- a/lib/http_chunks.c
+++ b/lib/http_chunks.c
@@ -190,8 +190,8 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
/* Write the data portion available */
#ifdef HAVE_LIBZ
- switch (conn->data->set.http_ce_skip?
- IDENTITY : data->req.auto_decoding) {
+ switch(conn->data->set.http_ce_skip?
+ IDENTITY : data->req.auto_decoding) {
case IDENTITY:
#endif
if(!k->ignorebody) {
@@ -219,10 +219,10 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
break;
default:
- failf (conn->data,
- "Unrecognized content encoding type. "
- "libcurl understands `identity', `deflate' and `gzip' "
- "content encodings.");
+ failf(conn->data,
+ "Unrecognized content encoding type. "
+ "libcurl understands `identity', `deflate' and `gzip' "
+ "content encodings.");
return CHUNKE_BAD_ENCODING;
}
#endif
@@ -360,7 +360,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
const char *Curl_chunked_strerror(CHUNKcode code)
{
- switch (code) {
+ switch(code) {
default:
return "OK";
case CHUNKE_TOO_LONG_HEX:
diff --git a/lib/http_digest.c b/lib/http_digest.c
index 97230e797..e2d865b0a 100644
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@@ -25,7 +25,7 @@
#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_CRYPTO_AUTH)
#include "urldata.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "vauth/vauth.h"
#include "http_digest.h"
/* The last 3 #include files should be in this order */
@@ -74,8 +74,8 @@ CURLcode Curl_output_digest(struct connectdata *conn,
{
CURLcode result;
struct Curl_easy *data = conn->data;
- unsigned char *path;
- char *tmp;
+ unsigned char *path = NULL;
+ char *tmp = NULL;
char *response;
size_t len;
bool have_chlg;
@@ -95,8 +95,8 @@ CURLcode Curl_output_digest(struct connectdata *conn,
if(proxy) {
digest = &data->state.proxydigest;
allocuserpwd = &conn->allocptr.proxyuserpwd;
- userp = conn->proxyuser;
- passwdp = conn->proxypasswd;
+ userp = conn->http_proxy.user;
+ passwdp = conn->http_proxy.passwd;
authp = &data->state.authproxy;
}
else {
@@ -140,12 +140,14 @@ CURLcode Curl_output_digest(struct connectdata *conn,
http://www.fngtps.com/2006/09/http-authentication
*/
- if(authp->iestyle && ((tmp = strchr((char *)uripath, '?')) != NULL)) {
- size_t urilen = tmp - (char *)uripath;
-
- path = (unsigned char *) aprintf("%.*s", urilen, uripath);
+ if(authp->iestyle) {
+ tmp = strchr((char *)uripath, '?');
+ if(tmp) {
+ size_t urilen = tmp - (char *)uripath;
+ path = (unsigned char *) aprintf("%.*s", urilen, uripath);
+ }
}
- else
+ if(!tmp)
path = (unsigned char *) strdup((char *) uripath);
if(!path)
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index c39d6f363..51375e81d 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -26,7 +26,6 @@
#include "urldata.h"
#include "sendf.h"
-#include "rawstr.h"
#include "http_negotiate.h"
#include "vauth/vauth.h"
@@ -38,6 +37,7 @@
CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
const char *header)
{
+ CURLcode result;
struct Curl_easy *data = conn->data;
size_t len;
@@ -51,11 +51,11 @@ CURLcode Curl_input_negotiate(struct connectdata *conn,
bool proxy,
struct negotiatedata *neg_ctx;
if(proxy) {
- userp = conn->proxyuser;
- passwdp = conn->proxypasswd;
+ userp = conn->http_proxy.user;
+ passwdp = conn->http_proxy.passwd;
service = data->set.str[STRING_PROXY_SERVICE_NAME] ?
data->set.str[STRING_PROXY_SERVICE_NAME] : "HTTP";
- host = conn->proxy.name;
+ host = conn->http_proxy.host.name;
neg_ctx = &data->state.proxyneg;
}
else {
@@ -90,8 +90,13 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool
proxy,
}
/* Initilise the security context and decode our challenge */
- return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host,
- header, neg_ctx);
+ result = Curl_auth_decode_spnego_message(data, userp, passwdp, service,
+ host, header, neg_ctx);
+
+ if(result)
+ Curl_auth_spnego_cleanup(neg_ctx);
+
+ return result;
}
CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index 935df25db..8a78bd293 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -27,7 +27,7 @@
/*
* NTLM details:
*
- * http://davenport.sourceforge.net/ntlm.html
+ * https://davenport.sourceforge.io/ntlm.html
* https://www.innovation.ch/java/ntlm.html
*/
@@ -35,7 +35,7 @@
#include "urldata.h"
#include "sendf.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "http_ntlm.h"
#include "curl_ntlm_wb.h"
#include "vauth/vauth.h"
@@ -136,8 +136,8 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, bool
proxy)
if(proxy) {
allocuserpwd = &conn->allocptr.proxyuserpwd;
- userp = conn->proxyuser;
- passwdp = conn->proxypasswd;
+ userp = conn->http_proxy.user;
+ passwdp = conn->http_proxy.passwd;
ntlm = &conn->proxyntlm;
authp = &conn->data->state.authproxy;
}
diff --git a/lib/http_proxy.c b/lib/http_proxy.c
index 082b73ad7..834733960 100644
--- a/lib/http_proxy.c
+++ b/lib/http_proxy.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,28 +22,63 @@
#include "curl_setup.h"
+#include "http_proxy.h"
+
#if !defined(CURL_DISABLE_PROXY) && !defined(CURL_DISABLE_HTTP)
-#include "urldata.h"
-#include <curl/curl.h>
-#include "http_proxy.h"
+#include <gnurl/curl.h>
#include "sendf.h"
#include "http.h"
#include "url.h"
#include "select.h"
-#include "rawstr.h"
#include "progress.h"
#include "non-ascii.h"
#include "connect.h"
#include "curlx.h"
+#include "vtls/vtls.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
#include "curl_memory.h"
#include "memdebug.h"
-CURLcode Curl_proxy_connect(struct connectdata *conn)
+/*
+ * Perform SSL initialization for HTTPS proxy. Sets
+ * proxy_ssl_connected connection bit when complete. Can be
+ * called multiple times.
+ */
+static CURLcode https_proxy_connect(struct connectdata *conn, int sockindex)
{
+#ifdef USE_SSL
+ CURLcode result = CURLE_OK;
+ DEBUGASSERT(conn->http_proxy.proxytype == CURLPROXY_HTTPS);
+ if(!conn->bits.proxy_ssl_connected[sockindex]) {
+ /* perform SSL initialization for this socket */
+ result =
+ Curl_ssl_connect_nonblocking(conn, sockindex,
+ &conn->bits.proxy_ssl_connected[sockindex]);
+ if(result)
+ conn->bits.close = TRUE; /* a failed connection is marked for closure to
+ prevent (bad) re-use or similar */
+ }
+ return result;
+#else
+ (void) conn;
+ (void) sockindex;
+ return CURLE_NOT_BUILT_IN;
+#endif
+}
+
+CURLcode Curl_proxy_connect(struct connectdata *conn, int sockindex)
+{
+ if(conn->http_proxy.proxytype == CURLPROXY_HTTPS) {
+ const CURLcode result = https_proxy_connect(conn, sockindex);
+ if(result)
+ return result;
+ if(!conn->bits.proxy_ssl_connected[sockindex])
+ return result; /* wait for HTTPS proxy SSL initialization to complete */
+ }
+
if(conn->bits.tunnel_proxy && conn->bits.httpproxy) {
#ifndef CURL_DISABLE_PROXY
/* for [protocol] tunneled through HTTP proxy */
@@ -63,22 +98,31 @@ CURLcode Curl_proxy_connect(struct connectdata *conn)
* original pointer
*
* This function might be called several times in the multi interface case
- * if the proxy's CONNTECT response is not instant.
+ * if the proxy's CONNECT response is not instant.
*/
prot_save = conn->data->req.protop;
memset(&http_proxy, 0, sizeof(http_proxy));
conn->data->req.protop = &http_proxy;
connkeep(conn, "HTTP proxy CONNECT");
+
+ /* for the secondary socket (FTP), use the "connect to host"
+ * but ignore the "connect to port" (use the secondary port)
+ */
+
if(conn->bits.conn_to_host)
hostname = conn->conn_to_host.name;
+ else if(sockindex == SECONDARYSOCKET)
+ hostname = conn->secondaryhostname;
else
hostname = conn->host.name;
- if(conn->bits.conn_to_port)
+
+ if(sockindex == SECONDARYSOCKET)
+ remote_port = conn->secondary_port;
+ else if(conn->bits.conn_to_port)
remote_port = conn->conn_to_port;
else
remote_port = conn->remote_port;
- result = Curl_proxyCONNECT(conn, FIRSTSOCKET, hostname,
- remote_port, FALSE);
+ result = Curl_proxyCONNECT(conn, sockindex, hostname, remote_port);
conn->data->req.protop = prot_save;
if(CURLE_OK != result)
return result;
@@ -91,43 +135,73 @@ CURLcode Curl_proxy_connect(struct connectdata *conn)
return CURLE_OK;
}
-/*
- * Curl_proxyCONNECT() requires that we're connected to a HTTP proxy. This
- * function will issue the necessary commands to get a seamless tunnel through
- * this proxy. After that, the socket can be used just as a normal socket.
- *
- * 'blocking' set to TRUE means that this function will do the entire CONNECT
- * + response in a blocking fashion. Should be avoided!
- */
+bool Curl_connect_complete(struct connectdata *conn)
+{
+ return conn->connect_state &&
+ (conn->connect_state->tunnel_state == TUNNEL_COMPLETE);
+}
-CURLcode Curl_proxyCONNECT(struct connectdata *conn,
- int sockindex,
- const char *hostname,
- int remote_port,
- bool blocking)
+bool Curl_connect_ongoing(struct connectdata *conn)
+{
+ return conn->connect_state &&
+ (conn->connect_state->tunnel_state != TUNNEL_COMPLETE);
+}
+
+static CURLcode connect_init(struct connectdata *conn, bool reinit)
+{
+ struct http_connect_state *s;
+ if(!reinit) {
+ DEBUGASSERT(!conn->connect_state);
+ s = calloc(1, sizeof(struct http_connect_state));
+ if(!s)
+ return CURLE_OUT_OF_MEMORY;
+ infof(conn->data, "allocate connect buffer!\n");
+ conn->connect_state = s;
+ }
+ else {
+ DEBUGASSERT(conn->connect_state);
+ s = conn->connect_state;
+ }
+ s->tunnel_state = TUNNEL_INIT;
+ s->keepon=TRUE;
+ s->line_start = s->connect_buffer;
+ s->ptr = s->line_start;
+ s->cl=0;
+ return CURLE_OK;
+}
+
+static void connect_done(struct connectdata *conn)
+{
+ struct http_connect_state *s = conn->connect_state;
+ s->tunnel_state = TUNNEL_COMPLETE;
+ infof(conn->data, "CONNECT phase completed!\n");
+}
+
+static CURLcode CONNECT(struct connectdata *conn,
+ int sockindex,
+ const char *hostname,
+ int remote_port)
{
int subversion=0;
struct Curl_easy *data=conn->data;
struct SingleRequest *k = &data->req;
CURLcode result;
curl_socket_t tunnelsocket = conn->sock[sockindex];
- curl_off_t cl=0;
bool closeConnection = FALSE;
- bool chunked_encoding = FALSE;
- long check;
+ time_t check;
+ struct http_connect_state *s = conn->connect_state;
#define SELECT_OK 0
#define SELECT_ERROR 1
#define SELECT_TIMEOUT 2
- int error = SELECT_OK;
- if(conn->tunnel_state[sockindex] == TUNNEL_COMPLETE)
+ if(Curl_connect_complete(conn))
return CURLE_OK; /* CONNECT is already completed */
conn->bits.proxy_connect_closed = FALSE;
do {
- if(TUNNEL_INIT == conn->tunnel_state[sockindex]) {
+ if(TUNNEL_INIT == s->tunnel_state) {
/* BEGIN CONNECT PHASE */
char *host_port;
Curl_send_buffer *req_buffer;
@@ -159,10 +233,10 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
free(host_port);
if(!result) {
- char *host=(char *)"";
+ char *host = NULL;
const char *proxyconn="";
const char *useragent="";
- const char *http = (conn->proxytype == CURLPROXY_HTTP_1_0) ?
+ const char *http = (conn->http_proxy.proxytype == CURLPROXY_HTTP_1_0) ?
"1.0" : "1.1";
bool ipv6_ip = conn->bits.ipv6_ip;
char *hostheader;
@@ -202,13 +276,13 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
"%s", /* Proxy-Connection */
hostheader,
http,
- host,
+ host?host:"",
conn->allocptr.proxyuserpwd?
conn->allocptr.proxyuserpwd:"",
useragent,
proxyconn);
- if(host && *host)
+ if(host)
free(host);
free(hostheader);
@@ -235,298 +309,260 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
if(result)
return result;
- conn->tunnel_state[sockindex] = TUNNEL_CONNECT;
+ s->tunnel_state = TUNNEL_CONNECT;
+ s->perline = 0;
} /* END CONNECT PHASE */
check = Curl_timeleft(data, NULL, TRUE);
if(check <= 0) {
failf(data, "Proxy CONNECT aborted due to timeout");
- return CURLE_RECV_ERROR;
+ return CURLE_OPERATION_TIMEDOUT;
}
- if(!blocking) {
- if(0 == Curl_socket_ready(tunnelsocket, CURL_SOCKET_BAD, 0))
- /* return so we'll be called again polling-style */
- return CURLE_OK;
- else {
- DEBUGF(infof(data,
- "Read response immediately from proxy CONNECT\n"));
- }
- }
+ if(!Curl_conn_data_pending(conn, sockindex))
+ /* return so we'll be called again polling-style */
+ return CURLE_OK;
/* at this point, the tunnel_connecting phase is over. */
{ /* READING RESPONSE PHASE */
- size_t nread; /* total size read */
- int perline; /* count bytes per line */
- int keepon=TRUE;
- ssize_t gotbytes;
- char *ptr;
- char *line_start;
+ int error = SELECT_OK;
- ptr=data->state.buffer;
- line_start = ptr;
+ while(s->keepon && !error) {
+ ssize_t gotbytes;
- nread=0;
- perline=0;
+ /* make sure we have space to read more data */
+ if(s->ptr >= &s->connect_buffer[CONNECT_BUFFER_SIZE]) {
+ failf(data, "CONNECT response too large!");
+ return CURLE_RECV_ERROR;
+ }
- while((nread<BUFSIZE) && (keepon && !error)) {
+ /* Read one byte at a time to avoid a race condition. Wait at most one
+ second before looping to ensure continuous pgrsUpdates. */
+ result = Curl_read(conn, tunnelsocket, s->ptr, 1, &gotbytes);
+ if(result == CURLE_AGAIN)
+ /* socket buffer drained, return */
+ return CURLE_OK;
- check = Curl_timeleft(data, NULL, TRUE);
- if(check <= 0) {
- failf(data, "Proxy CONNECT aborted due to timeout");
- error = SELECT_TIMEOUT; /* already too little time */
- break;
- }
+ if(Curl_pgrsUpdate(conn))
+ return CURLE_ABORTED_BY_CALLBACK;
- /* loop every second at least, less if the timeout is near */
- switch (Curl_socket_ready(tunnelsocket, CURL_SOCKET_BAD,
- check<1000L?check:1000)) {
- case -1: /* select() error, stop reading */
- error = SELECT_ERROR;
- failf(data, "Proxy CONNECT aborted due to select/poll error");
+ if(result) {
+ s->keepon = FALSE;
break;
- case 0: /* timeout */
+ }
+ else if(gotbytes <= 0) {
+ if(data->set.proxyauth && data->state.authproxy.avail) {
+ /* proxy auth was requested and there was proxy auth available,
+ then deem this as "mere" proxy disconnect */
+ conn->bits.proxy_connect_closed = TRUE;
+ infof(data, "Proxy CONNECT connection closed\n");
+ }
+ else {
+ error = SELECT_ERROR;
+ failf(data, "Proxy CONNECT aborted");
+ }
+ s->keepon = FALSE;
break;
- default:
- DEBUGASSERT(ptr+BUFSIZE-nread <= data->state.buffer+BUFSIZE+1);
- result = Curl_read(conn, tunnelsocket, ptr, BUFSIZE-nread,
- &gotbytes);
- if(result==CURLE_AGAIN)
- continue; /* go loop yourself */
- else if(result)
- keepon = FALSE;
- else if(gotbytes <= 0) {
- keepon = FALSE;
- if(data->set.proxyauth && data->state.authproxy.avail) {
- /* proxy auth was requested and there was proxy auth available,
- then deem this as "mere" proxy disconnect */
- conn->bits.proxy_connect_closed = TRUE;
- infof(data, "Proxy CONNECT connection closed\n");
- }
- else {
- error = SELECT_ERROR;
- failf(data, "Proxy CONNECT aborted");
+ }
+
+
+ if(s->keepon > TRUE) {
+ /* This means we are currently ignoring a response-body */
+
+ s->ptr = s->connect_buffer;
+ if(s->cl) {
+ /* A Content-Length based body: simply count down the counter
+ and make sure to break out of the loop when we're done! */
+ s->cl--;
+ if(s->cl <= 0) {
+ s->keepon = FALSE;
+ s->tunnel_state = TUNNEL_COMPLETE;
+ break;
}
}
else {
- /*
- * We got a whole chunk of data, which can be anything from one
- * byte to a set of lines and possibly just a piece of the last
- * line.
- */
- int i;
-
- nread += gotbytes;
-
- if(keepon > TRUE) {
- /* This means we are currently ignoring a response-body */
-
- nread = 0; /* make next read start over in the read buffer */
- ptr=data->state.buffer;
- if(cl) {
- /* A Content-Length based body: simply count down the counter
- and make sure to break out of the loop when we're done! */
- cl -= gotbytes;
- if(cl<=0) {
- keepon = FALSE;
- break;
- }
+ /* chunked-encoded body, so we need to do the chunked dance
+ properly to know when the end of the body is reached */
+ CHUNKcode r;
+ ssize_t tookcareof = 0;
+
+ /* now parse the chunked piece of data so that we can
+ properly tell when the stream ends */
+ r = Curl_httpchunk_read(conn, s->ptr, 1, &tookcareof);
+ if(r == CHUNKE_STOP) {
+ /* we're done reading chunks! */
+ infof(data, "chunk reading DONE\n");
+ s->keepon = FALSE;
+ /* we did the full CONNECT treatment, go COMPLETE */
+ s->tunnel_state = TUNNEL_COMPLETE;
+ }
+ }
+ continue;
+ }
+
+ s->perline++; /* amount of bytes in this line so far */
+
+ /* if this is not the end of a header line then continue */
+ if(*s->ptr != 0x0a) {
+ s->ptr++;
+ continue;
+ }
+
+ /* convert from the network encoding */
+ result = Curl_convert_from_network(data, line_start, perline);
+ /* Curl_convert_from_network calls failf if unsuccessful */
+ if(result)
+ return result;
+
+ /* output debug if that is requested */
+ if(data->set.verbose)
+ Curl_debug(data, CURLINFO_HEADER_IN,
+ s->line_start, (size_t)s->perline, conn);
+
+ if(!data->set.suppress_connect_headers) {
+ /* send the header to the callback */
+ int writetype = CLIENTWRITE_HEADER;
+ if(data->set.include_header)
+ writetype |= CLIENTWRITE_BODY;
+
+ result = Curl_client_write(conn, writetype,
+ s->line_start, s->perline);
+ if(result)
+ return result;
+ }
+
+ data->info.header_size += (long)s->perline;
+ data->req.headerbytecount += (long)s->perline;
+
+ /* Newlines are CRLF, so the CR is ignored as the line isn't
+ really terminated until the LF comes. Treat a following CR
+ as end-of-headers as well.*/
+
+ if(('\r' == s->line_start[0]) ||
+ ('\n' == s->line_start[0])) {
+ /* end of response-headers from the proxy */
+ s->ptr = s->connect_buffer;
+ if((407 == k->httpcode) && !data->state.authproblem) {
+ /* If we get a 407 response code with content length
+ when we have no auth problem, we must ignore the
+ whole response-body */
+ s->keepon = 2;
+
+ if(s->cl) {
+ infof(data, "Ignore %" CURL_FORMAT_CURL_OFF_T
+ " bytes of response-body\n", s->cl);
+ }
+ else if(s->chunked_encoding) {
+ CHUNKcode r;
+
+ infof(data, "Ignore chunked response-body\n");
+
+ /* We set ignorebody true here since the chunked
+ decoder function will acknowledge that. Pay
+ attention so that this is cleared again when this
+ function returns! */
+ k->ignorebody = TRUE;
+
+ if(s->line_start[1] == '\n') {
+ /* this can only be a LF if the letter at index 0
+ was a CR */
+ s->line_start++;
}
- else {
- /* chunked-encoded body, so we need to do the chunked dance
- properly to know when the end of the body is reached */
- CHUNKcode r;
- ssize_t tookcareof=0;
-
- /* now parse the chunked piece of data so that we can
- properly tell when the stream ends */
- r = Curl_httpchunk_read(conn, ptr, gotbytes, &tookcareof);
- if(r == CHUNKE_STOP) {
- /* we're done reading chunks! */
- infof(data, "chunk reading DONE\n");
- keepon = FALSE;
- /* we did the full CONNECT treatment, go COMPLETE */
- conn->tunnel_state[sockindex] = TUNNEL_COMPLETE;
- }
- else
- infof(data, "Read %zd bytes of chunk, continue\n",
- tookcareof);
+
+ /* now parse the chunked piece of data so that we can
+ properly tell when the stream ends */
+ r = Curl_httpchunk_read(conn, s->line_start + 1, 1, &gotbytes);
+ if(r == CHUNKE_STOP) {
+ /* we're done reading chunks! */
+ infof(data, "chunk reading DONE\n");
+ s->keepon = FALSE;
+ /* we did the full CONNECT treatment, go to COMPLETE */
+ s->tunnel_state = TUNNEL_COMPLETE;
}
}
- else
- for(i = 0; i < gotbytes; ptr++, i++) {
- perline++; /* amount of bytes in this line so far */
- if(*ptr == 0x0a) {
- char letter;
- int writetype;
-
- /* convert from the network encoding */
- result = Curl_convert_from_network(data, line_start,
- perline);
- /* Curl_convert_from_network calls failf if unsuccessful */
- if(result)
- return result;
-
- /* output debug if that is requested */
- if(data->set.verbose)
- Curl_debug(data, CURLINFO_HEADER_IN,
- line_start, (size_t)perline, conn);
-
- /* send the header to the callback */
- writetype = CLIENTWRITE_HEADER;
- if(data->set.include_header)
- writetype |= CLIENTWRITE_BODY;
-
- result = Curl_client_write(conn, writetype, line_start,
- perline);
-
- data->info.header_size += (long)perline;
- data->req.headerbytecount += (long)perline;
-
- if(result)
- return result;
-
- /* Newlines are CRLF, so the CR is ignored as the line isn't
- really terminated until the LF comes. Treat a following CR
- as end-of-headers as well.*/
-
- if(('\r' == line_start[0]) ||
- ('\n' == line_start[0])) {
- /* end of response-headers from the proxy */
- nread = 0; /* make next read start over in the read
- buffer */
- ptr=data->state.buffer;
- if((407 == k->httpcode) && !data->state.authproblem) {
- /* If we get a 407 response code with content length
- when we have no auth problem, we must ignore the
- whole response-body */
- keepon = 2;
-
- if(cl) {
- infof(data, "Ignore %" CURL_FORMAT_CURL_OFF_T
- " bytes of response-body\n", cl);
-
- /* remove the remaining chunk of what we already
- read */
- cl -= (gotbytes - i);
-
- if(cl<=0)
- /* if the whole thing was already read, we are done!
- */
- keepon=FALSE;
- }
- else if(chunked_encoding) {
- CHUNKcode r;
- /* We set ignorebody true here since the chunked
- decoder function will acknowledge that. Pay
- attention so that this is cleared again when this
- function returns! */
- k->ignorebody = TRUE;
- infof(data, "%zd bytes of chunk left\n", gotbytes-i);
-
- if(line_start[1] == '\n') {
- /* this can only be a LF if the letter at index 0
- was a CR */
- line_start++;
- i++;
- }
-
- /* now parse the chunked piece of data so that we can
- properly tell when the stream ends */
- r = Curl_httpchunk_read(conn, line_start+1,
- gotbytes -i, &gotbytes);
- if(r == CHUNKE_STOP) {
- /* we're done reading chunks! */
- infof(data, "chunk reading DONE\n");
- keepon = FALSE;
- /* we did the full CONNECT treatment, go to
- COMPLETE */
- conn->tunnel_state[sockindex] = TUNNEL_COMPLETE;
- }
- else
- infof(data, "Read %zd bytes of chunk, continue\n",
- gotbytes);
- }
- else {
- /* without content-length or chunked encoding, we
- can't keep the connection alive since the close is
- the end signal so we bail out at once instead */
- keepon=FALSE;
- }
- }
- else {
- keepon = FALSE;
- if(200 == data->info.httpproxycode) {
- if(gotbytes - (i+1))
- failf(data, "Proxy CONNECT followed by %zd bytes "
- "of opaque data. Data ignored (known bug #39)",
- gotbytes - (i+1));
- }
- }
- /* we did the full CONNECT treatment, go to COMPLETE */
- conn->tunnel_state[sockindex] = TUNNEL_COMPLETE;
- break; /* breaks out of for-loop, not switch() */
- }
-
- /* keep a backup of the position we are about to blank */
- letter = line_start[perline];
- line_start[perline]=0; /* zero terminate the buffer */
- if((checkprefix("WWW-Authenticate:", line_start) &&
- (401 == k->httpcode)) ||
- (checkprefix("Proxy-authenticate:", line_start) &&
- (407 == k->httpcode))) {
-
- bool proxy = (k->httpcode == 407) ? TRUE : FALSE;
- char *auth = Curl_copy_header_value(line_start);
- if(!auth)
- return CURLE_OUT_OF_MEMORY;
-
- result = Curl_http_input_auth(conn, proxy, auth);
-
- free(auth);
-
- if(result)
- return result;
- }
- else if(checkprefix("Content-Length:", line_start)) {
- cl = curlx_strtoofft(line_start +
- strlen("Content-Length:"), NULL, 10);
- }
- else if(Curl_compareheader(line_start,
- "Connection:", "close"))
- closeConnection = TRUE;
- else if(Curl_compareheader(line_start,
- "Transfer-Encoding:",
- "chunked")) {
- infof(data, "CONNECT responded chunked\n");
- chunked_encoding = TRUE;
- /* init our chunky engine */
- Curl_httpchunk_init(conn);
- }
- else if(Curl_compareheader(line_start,
- "Proxy-Connection:", "close"))
- closeConnection = TRUE;
- else if(2 == sscanf(line_start, "HTTP/1.%d %d",
- &subversion,
- &k->httpcode)) {
- /* store the HTTP code from the proxy */
- data->info.httpproxycode = k->httpcode;
- }
- /* put back the letter we blanked out before */
- line_start[perline]= letter;
-
- perline=0; /* line starts over here */
- line_start = ptr+1; /* this skips the zero byte we wrote */
- }
- }
+ else {
+ /* without content-length or chunked encoding, we
+ can't keep the connection alive since the close is
+ the end signal so we bail out at once instead */
+ s->keepon = FALSE;
+ }
}
- break;
- } /* switch */
- if(Curl_pgrsUpdate(conn))
- return CURLE_ABORTED_BY_CALLBACK;
+ else
+ s->keepon = FALSE;
+ if(!s->cl)
+ /* we did the full CONNECT treatment, go to COMPLETE */
+ s->tunnel_state = TUNNEL_COMPLETE;
+ continue;
+ }
+
+ s->line_start[s->perline] = 0; /* zero terminate the buffer */
+ if((checkprefix("WWW-Authenticate:", s->line_start) &&
+ (401 == k->httpcode)) ||
+ (checkprefix("Proxy-authenticate:", s->line_start) &&
+ (407 == k->httpcode))) {
+
+ bool proxy = (k->httpcode == 407) ? TRUE : FALSE;
+ char *auth = Curl_copy_header_value(s->line_start);
+ if(!auth)
+ return CURLE_OUT_OF_MEMORY;
+
+ result = Curl_http_input_auth(conn, proxy, auth);
+
+ free(auth);
+
+ if(result)
+ return result;
+ }
+ else if(checkprefix("Content-Length:", s->line_start)) {
+ if(k->httpcode/100 == 2) {
+ /* A client MUST ignore any Content-Length or Transfer-Encoding
+ header fields received in a successful response to CONNECT.
+ "Successful" described as: 2xx (Successful). RFC 7231 4.3.6 */
+ infof(data, "Ignoring Content-Length in CONNECT %03d response\n",
+ k->httpcode);
+ }
+ else {
+ s->cl = curlx_strtoofft(s->line_start +
+ strlen("Content-Length:"), NULL, 10);
+ }
+ }
+ else if(Curl_compareheader(s->line_start, "Connection:", "close"))
+ closeConnection = TRUE;
+ else if(checkprefix("Transfer-Encoding:", s->line_start)) {
+ if(k->httpcode/100 == 2) {
+ /* A client MUST ignore any Content-Length or Transfer-Encoding
+ header fields received in a successful response to CONNECT.
+ "Successful" described as: 2xx (Successful). RFC 7231 4.3.6 */
+ infof(data, "Ignoring Transfer-Encoding in "
+ "CONNECT %03d response\n", k->httpcode);
+ }
+ else if(Curl_compareheader(s->line_start,
+ "Transfer-Encoding:", "chunked")) {
+ infof(data, "CONNECT responded chunked\n");
+ s->chunked_encoding = TRUE;
+ /* init our chunky engine */
+ Curl_httpchunk_init(conn);
+ }
+ }
+ else if(Curl_compareheader(s->line_start,
+ "Proxy-Connection:", "close"))
+ closeConnection = TRUE;
+ else if(2 == sscanf(s->line_start, "HTTP/1.%d %d",
+ &subversion,
+ &k->httpcode)) {
+ /* store the HTTP code from the proxy */
+ data->info.httpproxycode = k->httpcode;
+ }
+
+ s->perline = 0; /* line starts over here */
+ s->ptr = s->connect_buffer;
+ s->line_start = s->ptr;
} /* while there's buffer left and loop is requested */
+ if(Curl_pgrsUpdate(conn))
+ return CURLE_ABORTED_BY_CALLBACK;
+
if(error)
return CURLE_RECV_ERROR;
@@ -540,8 +576,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
if(conn->bits.close)
/* the connection has been marked for closure, most likely in the
Curl_http_auth_act() function and thus we can kill it at once
- below
- */
+ below */
closeConnection = TRUE;
}
@@ -556,11 +591,8 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
/* If we are supposed to continue and request a new URL, which basically
* means the HTTP authentication is still going on so if the tunnel
* is complete we start over in INIT state */
- if(data->req.newurl &&
- (TUNNEL_COMPLETE == conn->tunnel_state[sockindex])) {
- conn->tunnel_state[sockindex] = TUNNEL_INIT;
- infof(data, "TUNNEL_STATE switched to: %d\n",
- conn->tunnel_state[sockindex]);
+ if(data->req.newurl && (TUNNEL_COMPLETE == s->tunnel_state)) {
+ connect_init(conn, TRUE); /* reinit */
}
} while(data->req.newurl);
@@ -569,6 +601,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
if(closeConnection && data->req.newurl) {
conn->bits.proxy_connect_closed = TRUE;
infof(data, "Connect me again please\n");
+ connect_done(conn);
}
else {
free(data->req.newurl);
@@ -580,19 +613,17 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
}
/* to back to init state */
- conn->tunnel_state[sockindex] = TUNNEL_INIT;
+ s->tunnel_state = TUNNEL_INIT;
if(conn->bits.proxy_connect_closed)
/* this is not an error, just part of the connection negotiation */
return CURLE_OK;
- else {
- failf(data, "Received HTTP code %d from proxy after CONNECT",
- data->req.httpcode);
- return CURLE_RECV_ERROR;
- }
+ failf(data, "Received HTTP code %d from proxy after CONNECT",
+ data->req.httpcode);
+ return CURLE_RECV_ERROR;
}
- conn->tunnel_state[sockindex] = TUNNEL_COMPLETE;
+ s->tunnel_state = TUNNEL_COMPLETE;
/* If a proxy-authorization header was used for the proxy, then we should
make sure that it isn't accidentally used for the document request
@@ -602,10 +633,52 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
data->state.authproxy.done = TRUE;
- infof (data, "Proxy replied OK to CONNECT request\n");
+ infof(data, "Proxy replied OK to CONNECT request\n");
data->req.ignorebody = FALSE; /* put it (back) to non-ignore state */
conn->bits.rewindaftersend = FALSE; /* make sure this isn't set for the
document request */
return CURLE_OK;
}
+
+void Curl_connect_free(struct Curl_easy *data)
+{
+ struct connectdata *conn = data->easy_conn;
+ struct http_connect_state *s = conn->connect_state;
+ if(s) {
+ free(s);
+ conn->connect_state = NULL;
+ }
+}
+
+/*
+ * Curl_proxyCONNECT() requires that we're connected to a HTTP proxy. This
+ * function will issue the necessary commands to get a seamless tunnel through
+ * this proxy. After that, the socket can be used just as a normal socket.
+ */
+
+CURLcode Curl_proxyCONNECT(struct connectdata *conn,
+ int sockindex,
+ const char *hostname,
+ int remote_port)
+{
+ CURLcode result;
+ if(!conn->connect_state) {
+ result = connect_init(conn, FALSE);
+ if(result)
+ return result;
+ }
+ result = CONNECT(conn, sockindex, hostname, remote_port);
+
+ if(result || Curl_connect_complete(conn))
+ connect_done(conn);
+
+ return result;
+}
+
+#else
+void Curl_connect_free(struct Curl_easy *data)
+{
+ (void)data;
+}
+
#endif /* CURL_DISABLE_PROXY */
diff --git a/lib/http_proxy.h b/lib/http_proxy.h
index fd0433033..e19fa859a 100644
--- a/lib/http_proxy.h
+++ b/lib/http_proxy.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,21 +22,30 @@
*
***************************************************************************/
+#include "curl_setup.h"
+#include "urldata.h"
+
#if !defined(CURL_DISABLE_PROXY) && !defined(CURL_DISABLE_HTTP)
/* ftp can use this as well */
CURLcode Curl_proxyCONNECT(struct connectdata *conn,
int tunnelsocket,
- const char *hostname, int remote_port,
- bool blocking);
+ const char *hostname, int remote_port);
/* Default proxy timeout in milliseconds */
#define PROXY_TIMEOUT (3600*1000)
-CURLcode Curl_proxy_connect(struct connectdata *conn);
+CURLcode Curl_proxy_connect(struct connectdata *conn, int sockindex);
+
+bool Curl_connect_complete(struct connectdata *conn);
+bool Curl_connect_ongoing(struct connectdata *conn);
#else
-#define Curl_proxyCONNECT(x,y,z,w,v) CURLE_NOT_BUILT_IN
-#define Curl_proxy_connect(x) CURLE_OK
+#define Curl_proxyCONNECT(x,y,z,w) CURLE_NOT_BUILT_IN
+#define Curl_proxy_connect(x,y) CURLE_OK
+#define Curl_connect_complete(x) CURLE_OK
+#define Curl_connect_ongoing(x) FALSE
#endif
+void Curl_connect_free(struct Curl_easy *data);
+
#endif /* HEADER_CURL_HTTP_PROXY_H */
diff --git a/lib/if2ip.c b/lib/if2ip.c
index 2f92b2def..a91b6d2ab 100644
--- a/lib/if2ip.c
+++ b/lib/if2ip.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -51,7 +51,7 @@
#endif
#include "inet_ntop.h"
-#include "strequal.h"
+#include "strcase.h"
#include "if2ip.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@@ -68,9 +68,11 @@ unsigned int Curl_ipv6_scope(const struct sockaddr *sa)
#else
if(sa->sa_family == AF_INET6) {
const struct sockaddr_in6 * sa6 = (const struct sockaddr_in6 *)(void *) sa;
- const unsigned char * b = sa6->sin6_addr.s6_addr;
+ const unsigned char *b = sa6->sin6_addr.s6_addr;
unsigned short w = (unsigned short) ((b[0] << 8) | b[1]);
+ if((b[0] & 0xFE) == 0xFC) /* Handle ULAs */
+ return IPV6_SCOPE_UNIQUELOCAL;
switch(w & 0xFFC0) {
case 0xFE80:
return IPV6_SCOPE_LINKLOCAL;
@@ -102,7 +104,7 @@ bool Curl_if_is_interface_name(const char *interf)
if(getifaddrs(&head) >= 0) {
for(iface=head; iface != NULL; iface=iface->ifa_next) {
- if(curl_strequal(iface->ifa_name, interf)) {
+ if(strcasecompare(iface->ifa_name, interf)) {
result = TRUE;
break;
}
@@ -121,18 +123,18 @@ if2ip_result_t Curl_if2ip(int af, unsigned int
remote_scope,
#ifndef ENABLE_IPV6
(void) remote_scope;
-
-#ifndef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
- (void) remote_scope_id;
#endif
+#if !defined(HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID) || \
+ !defined(ENABLE_IPV6)
+ (void) remote_scope_id;
#endif
if(getifaddrs(&head) >= 0) {
for(iface = head; iface != NULL; iface=iface->ifa_next) {
if(iface->ifa_addr != NULL) {
if(iface->ifa_addr->sa_family == af) {
- if(curl_strequal(iface->ifa_name, interf)) {
+ if(strcasecompare(iface->ifa_name, interf)) {
void *addr;
char *ip;
char scope[12] = "";
@@ -180,7 +182,7 @@ if2ip_result_t Curl_if2ip(int af, unsigned int remote_scope,
}
}
else if((res == IF2IP_NOT_FOUND) &&
- curl_strequal(iface->ifa_name, interf)) {
+ strcasecompare(iface->ifa_name, interf)) {
res = IF2IP_AF_NOT_SUPPORTED;
}
}
@@ -239,7 +241,7 @@ if2ip_result_t Curl_if2ip(int af, unsigned int remote_scope,
return IF2IP_NOT_FOUND;
}
- s = (struct sockaddr_in *)&req.ifr_addr;
+ s = (struct sockaddr_in *)(void *)&req.ifr_addr;
memcpy(&in, &s->sin_addr, sizeof(in));
Curl_inet_ntop(s->sin_family, &in, buf, buf_size);
diff --git a/lib/if2ip.h b/lib/if2ip.h
index f3a7ff0b2..a90e66216 100644
--- a/lib/if2ip.h
+++ b/lib/if2ip.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -27,7 +27,8 @@
#define IPV6_SCOPE_GLOBAL 0 /* Global scope. */
#define IPV6_SCOPE_LINKLOCAL 1 /* Link-local scope. */
#define IPV6_SCOPE_SITELOCAL 2 /* Site-local scope (deprecated). */
-#define IPV6_SCOPE_NODELOCAL 3 /* Loopback. */
+#define IPV6_SCOPE_UNIQUELOCAL 3 /* Unique local */
+#define IPV6_SCOPE_NODELOCAL 4 /* Loopback. */
unsigned int Curl_ipv6_scope(const struct sockaddr *sa);
diff --git a/lib/imap.c b/lib/imap.c
index 50a351284..8fa598f88 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -58,7 +58,7 @@
#define in_addr_t unsigned long
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "sendf.h"
#include "hostip.h"
@@ -68,16 +68,15 @@
#include "http.h" /* for HTTP proxy tunnel stuff */
#include "socks.h"
#include "imap.h"
-
#include "strtoofft.h"
-#include "strequal.h"
+#include "strcase.h"
#include "vtls/vtls.h"
#include "connect.h"
#include "strerror.h"
#include "select.h"
#include "multiif.h"
#include "url.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "curl_sasl.h"
#include "warnless.h"
@@ -108,7 +107,7 @@ static CURLcode imap_perform_authenticate(struct
connectdata *conn,
const char *initresp);
static CURLcode imap_continue_authenticate(struct connectdata *conn,
const char *resp);
-static void imap_get_message(char *buffer, char** outptr);
+static void imap_get_message(char *buffer, char **outptr);
/*
* IMAP protocol handler.
@@ -129,9 +128,11 @@ const struct Curl_handler Curl_handler_imap = {
ZERO_NULL, /* perform_getsock */
imap_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_IMAP, /* defport */
CURLPROTO_IMAP, /* protocol */
- PROTOPT_CLOSEACTION /* flags */
+ PROTOPT_CLOSEACTION| /* flags */
+ PROTOPT_URLOPTIONS
};
#ifdef USE_SSL
@@ -154,64 +155,13 @@ const struct Curl_handler Curl_handler_imaps = {
ZERO_NULL, /* perform_getsock */
imap_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_IMAPS, /* defport */
CURLPROTO_IMAPS, /* protocol */
PROTOPT_CLOSEACTION | PROTOPT_SSL /* flags */
};
#endif
-#ifndef CURL_DISABLE_HTTP
-/*
- * HTTP-proxyed IMAP protocol handler.
- */
-
-static const struct Curl_handler Curl_handler_imap_proxy = {
- "IMAP", /* scheme */
- Curl_http_setup_conn, /* setup_connection */
- Curl_http, /* do_it */
- Curl_http_done, /* done */
- ZERO_NULL, /* do_more */
- ZERO_NULL, /* connect_it */
- ZERO_NULL, /* connecting */
- ZERO_NULL, /* doing */
- ZERO_NULL, /* proto_getsock */
- ZERO_NULL, /* doing_getsock */
- ZERO_NULL, /* domore_getsock */
- ZERO_NULL, /* perform_getsock */
- ZERO_NULL, /* disconnect */
- ZERO_NULL, /* readwrite */
- PORT_IMAP, /* defport */
- CURLPROTO_HTTP, /* protocol */
- PROTOPT_NONE /* flags */
-};
-
-#ifdef USE_SSL
-/*
- * HTTP-proxyed IMAPS protocol handler.
- */
-
-static const struct Curl_handler Curl_handler_imaps_proxy = {
- "IMAPS", /* scheme */
- Curl_http_setup_conn, /* setup_connection */
- Curl_http, /* do_it */
- Curl_http_done, /* done */
- ZERO_NULL, /* do_more */
- ZERO_NULL, /* connect_it */
- ZERO_NULL, /* connecting */
- ZERO_NULL, /* doing */
- ZERO_NULL, /* proto_getsock */
- ZERO_NULL, /* doing_getsock */
- ZERO_NULL, /* domore_getsock */
- ZERO_NULL, /* perform_getsock */
- ZERO_NULL, /* disconnect */
- ZERO_NULL, /* readwrite */
- PORT_IMAPS, /* defport */
- CURLPROTO_HTTP, /* protocol */
- PROTOPT_NONE /* flags */
-};
-#endif
-#endif
-
/* SASL parameters for the imap protocol */
static const struct SASLproto saslimap = {
"imap", /* The service name */
@@ -271,7 +221,7 @@ static bool imap_matchresp(const char *line, size_t len,
const char *cmd)
/* Does the command name match and is it followed by a space character or at
the end of line? */
- if(line + cmd_len <= end && Curl_raw_nequal(line, cmd, cmd_len) &&
+ if(line + cmd_len <= end && strncasecompare(line, cmd, cmd_len) &&
(line[cmd_len] == ' ' || line + cmd_len + 2 == end))
return TRUE;
@@ -391,10 +341,10 @@ static bool imap_endofresp(struct connectdata *conn, char
*line, size_t len,
*
* Gets the authentication message from the response buffer.
*/
-static void imap_get_message(char *buffer, char** outptr)
+static void imap_get_message(char *buffer, char **outptr)
{
size_t len = 0;
- char* message = NULL;
+ char *message = NULL;
/* Find the start of the message */
for(message = buffer + 2; *message == ' ' || *message == '\t'; message++)
@@ -953,7 +903,7 @@ static CURLcode imap_state_starttls_resp(struct connectdata
*conn,
if(imapcode != 'O') {
if(data->set.use_ssl != CURLUSESSL_TRY) {
- failf(data, "STARTTLS denied. %c", imapcode);
+ failf(data, "STARTTLS denied");
result = CURLE_USE_SSL_FAILED;
}
else
@@ -1715,31 +1665,6 @@ static CURLcode imap_setup_connection(struct connectdata
*conn)
/* Clear the TLS upgraded flag */
conn->tls_upgraded = FALSE;
-
- /* Set up the proxy if necessary */
- if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) {
- /* Unless we have asked to tunnel IMAP operations through the proxy, we
- switch and use HTTP operations only */
-#ifndef CURL_DISABLE_HTTP
- if(conn->handler == &Curl_handler_imap)
- conn->handler = &Curl_handler_imap_proxy;
- else {
-#ifdef USE_SSL
- conn->handler = &Curl_handler_imaps_proxy;
-#else
- failf(data, "IMAPS not supported!");
- return CURLE_UNSUPPORTED_PROTOCOL;
-#endif
- }
-
- /* set it up as an HTTP connection instead */
- return conn->handler->setup_connection(conn);
-#else
- failf(data, "IMAP over http proxy requires HTTP support built-in!");
- return CURLE_UNSUPPORTED_PROTOCOL;
-#endif
- }
-
data->state.path++; /* don't include the initial slash */
return CURLE_OK;
@@ -1749,7 +1674,7 @@ static CURLcode imap_setup_connection(struct connectdata
*conn)
*
* imap_sendf()
*
- * Sends the formated string as an IMAP command to the server.
+ * Sends the formatted string as an IMAP command to the server.
*
* Designed to never block.
*/
@@ -1935,7 +1860,7 @@ static CURLcode imap_parse_url_options(struct connectdata
*conn)
while(*ptr && *ptr != ';')
ptr++;
- if(strnequal(key, "AUTH=", 5))
+ if(strncasecompare(key, "AUTH=", 5))
result = Curl_sasl_parse_url_auth_option(&imapc->sasl,
value, ptr - value);
else
@@ -2031,28 +1956,28 @@ static CURLcode imap_parse_url_path(struct connectdata
*conn)
PARTIAL) stripping of the trailing slash character if it is present.
Note: Unknown parameters trigger a URL_MALFORMAT error. */
- if(Curl_raw_equal(name, "UIDVALIDITY") && !imap->uidvalidity) {
+ if(strcasecompare(name, "UIDVALIDITY") && !imap->uidvalidity) {
if(valuelen > 0 && value[valuelen - 1] == '/')
value[valuelen - 1] = '\0';
imap->uidvalidity = value;
value = NULL;
}
- else if(Curl_raw_equal(name, "UID") && !imap->uid) {
+ else if(strcasecompare(name, "UID") && !imap->uid) {
if(valuelen > 0 && value[valuelen - 1] == '/')
value[valuelen - 1] = '\0';
imap->uid = value;
value = NULL;
}
- else if(Curl_raw_equal(name, "SECTION") && !imap->section) {
+ else if(strcasecompare(name, "SECTION") && !imap->section) {
if(valuelen > 0 && value[valuelen - 1] == '/')
value[valuelen - 1] = '\0';
imap->section = value;
value = NULL;
}
- else if(Curl_raw_equal(name, "PARTIAL") && !imap->partial) {
+ else if(strcasecompare(name, "PARTIAL") && !imap->partial) {
if(valuelen > 0 && value[valuelen - 1] == '/')
value[valuelen - 1] = '\0';
diff --git a/lib/inet_ntop.c b/lib/inet_ntop.c
index 416005c03..22f08e84d 100644
--- a/lib/inet_ntop.c
+++ b/lib/inet_ntop.c
@@ -63,7 +63,7 @@ static char *inet_ntop4 (const unsigned char *src, char *dst,
size_t size)
len = strlen(tmp);
if(len == 0 || len >= size) {
- SET_ERRNO(ENOSPC);
+ errno = ENOSPC;
return (NULL);
}
strcpy(dst, tmp);
@@ -142,7 +142,7 @@ static char *inet_ntop6 (const unsigned char *src, char
*dst, size_t size)
if(i == 6 && best.base == 0 &&
(best.len == 6 || (best.len == 5 && words[5] == 0xffff))) {
if(!inet_ntop4(src+12, tp, sizeof(tmp) - (tp - tmp))) {
- SET_ERRNO(ENOSPC);
+ errno = ENOSPC;
return (NULL);
}
tp += strlen(tp);
@@ -160,7 +160,7 @@ static char *inet_ntop6 (const unsigned char *src, char
*dst, size_t size)
/* Check for overflow, copy, and we're done.
*/
if((size_t)(tp - tmp) > size) {
- SET_ERRNO(ENOSPC);
+ errno = ENOSPC;
return (NULL);
}
strcpy(dst, tmp);
@@ -177,20 +177,20 @@ static char *inet_ntop6 (const unsigned char *src, char
*dst, size_t size)
*
* On Windows we store the error in the thread errno, not
* in the winsock error code. This is to avoid losing the
- * actual last winsock error. So use macro ERRNO to fetch the
- * errno this function sets when returning NULL, not SOCKERRNO.
+ * actual last winsock error. So when this function returns
+ * NULL, check errno not SOCKERRNO.
*/
char *Curl_inet_ntop(int af, const void *src, char *buf, size_t size)
{
- switch (af) {
+ switch(af) {
case AF_INET:
- return inet_ntop4((const unsigned char*)src, buf, size);
+ return inet_ntop4((const unsigned char *)src, buf, size);
#ifdef ENABLE_IPV6
case AF_INET6:
- return inet_ntop6((const unsigned char*)src, buf, size);
+ return inet_ntop6((const unsigned char *)src, buf, size);
#endif
default:
- SET_ERRNO(EAFNOSUPPORT);
+ errno = EAFNOSUPPORT;
return NULL;
}
}
diff --git a/lib/inet_pton.c b/lib/inet_pton.c
index cf8b88a1d..fef9610d1 100644
--- a/lib/inet_pton.c
+++ b/lib/inet_pton.c
@@ -57,15 +57,15 @@ static int inet_pton6(const char *src, unsigned char
*dst);
* notice:
* On Windows we store the error in the thread errno, not
* in the winsock error code. This is to avoid losing the
- * actual last winsock error. So use macro ERRNO to fetch the
- * errno this function sets when returning (-1), not SOCKERRNO.
+ * actual last winsock error. So when this function returns
+ * -1, check errno not SOCKERRNO.
* author:
* Paul Vixie, 1996.
*/
int
Curl_inet_pton(int af, const char *src, void *dst)
{
- switch (af) {
+ switch(af) {
case AF_INET:
return (inet_pton4(src, (unsigned char *)dst));
#ifdef ENABLE_IPV6
@@ -73,7 +73,7 @@ Curl_inet_pton(int af, const char *src, void *dst)
return (inet_pton6(src, (unsigned char *)dst));
#endif
default:
- SET_ERRNO(EAFNOSUPPORT);
+ errno = EAFNOSUPPORT;
return (-1);
}
/* NOTREACHED */
@@ -103,7 +103,8 @@ inet_pton4(const char *src, unsigned char *dst)
while((ch = *src++) != '\0') {
const char *pch;
- if((pch = strchr(digits, ch)) != NULL) {
+ pch = strchr(digits, ch);
+ if(pch) {
unsigned int val = *tp * 10 + (unsigned int)(pch - digits);
if(saw_digit && *tp == 0)
@@ -169,7 +170,8 @@ inet_pton6(const char *src, unsigned char *dst)
while((ch = *src++) != '\0') {
const char *pch;
- if((pch = strchr((xdigits = xdigits_l), ch)) == NULL)
+ pch = strchr((xdigits = xdigits_l), ch);
+ if(!pch)
pch = strchr((xdigits = xdigits_u), ch);
if(pch != NULL) {
val <<= 4;
diff --git a/lib/inet_pton.h b/lib/inet_pton.h
index 9188d9598..e216f4efa 100644
--- a/lib/inet_pton.h
+++ b/lib/inet_pton.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2005, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -29,6 +29,9 @@ int Curl_inet_pton(int, const char *, void *);
#ifdef HAVE_INET_PTON
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
+#elif defined(HAVE_WS2TCPIP_H)
+/* inet_pton() exists in Vista or later */
+#include <ws2tcpip.h>
#endif
#define Curl_inet_pton(x,y,z) inet_pton(x,y,z)
#endif
diff --git a/lib/krb5.c b/lib/krb5.c
index 87ce8ee6c..69a35979a 100644
--- a/lib/krb5.c
+++ b/lib/krb5.c
@@ -121,7 +121,7 @@ krb5_encode(void *app_data, const void *from, int length,
int level, void **to)
/* NOTE that the cast is safe, neither of the krb5, gnu gss and heimdal
* libraries modify the input buffer in gss_seal()
*/
- dec.value = (void*)from;
+ dec.value = (void *)from;
dec.length = length;
maj = gss_seal(&min, *context,
level == PROT_PRIVATE,
@@ -164,6 +164,7 @@ krb5_auth(void *app_data, struct connectdata *conn)
size_t base64_sz = 0;
struct sockaddr_in **remote_addr =
(struct sockaddr_in **)&conn->ip_addr->ai_addr;
+ char *stringp;
if(getsockname(conn->sock[FIRSTSOCKET],
(struct sockaddr *)&conn->local_addr, &l) < 0)
@@ -182,7 +183,7 @@ krb5_auth(void *app_data, struct connectdata *conn)
for(;;) {
/* this really shouldn't be repeated here, but can't help it */
if(service == srv_host) {
- result = Curl_ftpsendf(conn, "AUTH GSSAPI");
+ result = Curl_ftpsend(conn, "AUTH GSSAPI");
if(result)
return -2;
@@ -193,16 +194,19 @@ krb5_auth(void *app_data, struct connectdata *conn)
return -1;
}
- input_buffer.value = data->state.buffer;
- input_buffer.length = snprintf(input_buffer.value, BUFSIZE,
"address@hidden",
- service, host);
+ stringp = aprintf("address@hidden", service, host);
+ if(!stringp)
+ return -2;
+
+ input_buffer.value = stringp;
+ input_buffer.length = strlen(stringp);
maj = gss_import_name(&min, &input_buffer, GSS_C_NT_HOSTBASED_SERVICE,
&gssname);
+ free(stringp);
if(maj != GSS_S_COMPLETE) {
gss_release_name(&min, &gssname);
if(service == srv_host) {
- Curl_failf(data, "Error importing service name %s",
- input_buffer.value);
+ Curl_failf(data, "Error importing service name address@hidden",
service, host);
return AUTH_ERROR;
}
service = srv_host;
@@ -243,16 +247,22 @@ krb5_auth(void *app_data, struct connectdata *conn)
}
if(output_buffer.length != 0) {
+ char *cmd;
+
result = Curl_base64_encode(data, (char *)output_buffer.value,
output_buffer.length, &p, &base64_sz);
if(result) {
Curl_infof(data, "base64-encoding: %s\n",
curl_easy_strerror(result));
- ret = AUTH_CONTINUE;
+ ret = AUTH_ERROR;
break;
}
- result = Curl_ftpsendf(conn, "ADAT %s", p);
+ cmd = aprintf("ADAT %s", p);
+ if(cmd)
+ result = Curl_ftpsend(conn, cmd);
+ else
+ result = CURLE_OUT_OF_MEMORY;
free(p);
diff --git a/lib/ldap.c b/lib/ldap.c
index a1646279d..9b85a4815 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -64,17 +64,16 @@
#endif
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "sendf.h"
#include "escape.h"
#include "progress.h"
#include "transfer.h"
-#include "strequal.h"
+#include "strcase.h"
#include "strtok.h"
#include "curl_ldap.h"
#include "curl_multibyte.h"
#include "curl_base64.h"
-#include "rawstr.h"
#include "connect.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@@ -110,9 +109,9 @@ typedef struct {
#undef LDAPURLDesc
#define LDAPURLDesc CURL_LDAPURLDesc
-static int _ldap_url_parse (const struct connectdata *conn,
- LDAPURLDesc **ludp);
-static void _ldap_free_urldesc (LDAPURLDesc *ludp);
+static int _ldap_url_parse(const struct connectdata *conn,
+ LDAPURLDesc **ludp);
+static void _ldap_free_urldesc(LDAPURLDesc *ludp);
#undef ldap_free_urldesc
#define ldap_free_urldesc _ldap_free_urldesc
@@ -120,11 +119,11 @@ static void _ldap_free_urldesc (LDAPURLDesc *ludp);
#ifdef DEBUG_LDAP
#define LDAP_TRACE(x) do { \
- _ldap_trace ("%u: ", __LINE__); \
+ _ldap_trace("%u: ", __LINE__); \
_ldap_trace x; \
} WHILE_FALSE
- static void _ldap_trace (const char *fmt, ...);
+ static void _ldap_trace(const char *fmt, ...);
#else
#define LDAP_TRACE(x) Curl_nop_stmt
#endif
@@ -151,6 +150,7 @@ const struct Curl_handler Curl_handler_ldap = {
ZERO_NULL, /* perform_getsock */
ZERO_NULL, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_LDAP, /* defport */
CURLPROTO_LDAP, /* protocol */
PROTOPT_NONE /* flags */
@@ -176,12 +176,87 @@ const struct Curl_handler Curl_handler_ldaps = {
ZERO_NULL, /* perform_getsock */
ZERO_NULL, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_LDAPS, /* defport */
CURLPROTO_LDAPS, /* protocol */
PROTOPT_SSL /* flags */
};
#endif
+#if defined(USE_WIN32_LDAP)
+
+#if defined(USE_WINDOWS_SSPI)
+static int ldap_win_bind_auth(LDAP *server, const char *user,
+ const char *passwd, unsigned long authflags)
+{
+ ULONG method = 0;
+ SEC_WINNT_AUTH_IDENTITY cred = { 0, };
+ int rc = LDAP_AUTH_METHOD_NOT_SUPPORTED;
+
+#if defined(USE_SPNEGO)
+ if(authflags & CURLAUTH_NEGOTIATE) {
+ method = LDAP_AUTH_NEGOTIATE;
+ }
+ else
+#endif
+#if defined(USE_NTLM)
+ if(authflags & CURLAUTH_NTLM) {
+ method = LDAP_AUTH_NTLM;
+ }
+ else
+#endif
+#if !defined(CURL_DISABLE_CRYPTO_AUTH)
+ if(authflags & CURLAUTH_DIGEST) {
+ method = LDAP_AUTH_DIGEST;
+ }
+ else
+#endif
+ {
+ /* required anyway if one of upper preprocessor definitions enabled */
+ }
+
+ if(method && user && passwd) {
+ rc = Curl_create_sspi_identity(user, passwd, &cred);
+ if(!rc) {
+ rc = ldap_bind_s(server, NULL, (TCHAR *)&cred, method);
+ Curl_sspi_free_identity(&cred);
+ }
+ }
+ else {
+ /* proceed with current user credentials */
+ method = LDAP_AUTH_NEGOTIATE;
+ rc = ldap_bind_s(server, NULL, NULL, method);
+ }
+ return rc;
+}
+#endif /* #if defined(USE_WINDOWS_SSPI) */
+
+static int ldap_win_bind(struct connectdata *conn, LDAP *server,
+ const char *user, const char *passwd)
+{
+ int rc = LDAP_INVALID_CREDENTIALS;
+
+ PTCHAR inuser = NULL;
+ PTCHAR inpass = NULL;
+
+ if(user && passwd && (conn->data->set.httpauth & CURLAUTH_BASIC)) {
+ inuser = Curl_convert_UTF8_to_tchar((char *) user);
+ inpass = Curl_convert_UTF8_to_tchar((char *) passwd);
+
+ rc = ldap_simple_bind_s(server, inuser, inpass);
+
+ Curl_unicodefree(inuser);
+ Curl_unicodefree(inpass);
+ }
+#if defined(USE_WINDOWS_SSPI)
+ else {
+ rc = ldap_win_bind_auth(server, user, passwd, conn->data->set.httpauth);
+ }
+#endif
+
+ return rc;
+}
+#endif /* #if defined(USE_WIN32_LDAP) */
static CURLcode Curl_ldap(struct connectdata *conn, bool *done)
{
@@ -203,13 +278,11 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool
*done)
#endif
#if defined(USE_WIN32_LDAP)
TCHAR *host = NULL;
- TCHAR *user = NULL;
- TCHAR *passwd = NULL;
#else
char *host = NULL;
+#endif
char *user = NULL;
char *passwd = NULL;
-#endif
*done = TRUE; /* unconditionally */
infof(data, "LDAP local: LDAP Vendor = %s ; LDAP Version = %d\n",
@@ -240,24 +313,14 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool
*done)
goto quit;
}
-
- if(conn->bits.user_passwd) {
- user = Curl_convert_UTF8_to_tchar(conn->user);
- passwd = Curl_convert_UTF8_to_tchar(conn->passwd);
- if(!user || !passwd) {
- result = CURLE_OUT_OF_MEMORY;
-
- goto quit;
- }
- }
#else
host = conn->host.name;
+#endif
if(conn->bits.user_passwd) {
user = conn->user;
passwd = conn->passwd;
}
-#endif
#ifdef LDAP_OPT_NETWORK_TIMEOUT
ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, &ldap_timeout);
@@ -272,7 +335,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool
*done)
ldap_set_option(server, LDAP_OPT_SSL, LDAP_OPT_ON);
#else
int ldap_option;
- char* ldap_ca = data->set.str[STRING_SSL_CAFILE];
+ char *ldap_ca = conn->ssl_config.CAfile;
#if defined(CURL_HAS_NOVELL_LDAPSDK)
rc = ldapssl_client_init(NULL, NULL);
if(rc != LDAP_SUCCESS) {
@@ -280,11 +343,11 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool
*done)
result = CURLE_SSL_CERTPROBLEM;
goto quit;
}
- if(data->set.ssl.verifypeer) {
+ if(conn->ssl_config.verifypeer) {
/* Novell SDK supports DER or BASE64 files. */
int cert_type = LDAPSSL_CERT_FILETYPE_B64;
- if((data->set.str[STRING_CERT_TYPE]) &&
- (Curl_raw_equal(data->set.str[STRING_CERT_TYPE], "DER")))
+ if((data->set.ssl.cert_type) &&
+ (strcasecompare(data->set.ssl.cert_type, "DER")))
cert_type = LDAPSSL_CERT_FILETYPE_DER;
if(!ldap_ca) {
failf(data, "LDAP local: ERROR %s CA cert not set!",
@@ -322,10 +385,10 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool
*done)
goto quit;
}
#elif defined(LDAP_OPT_X_TLS)
- if(data->set.ssl.verifypeer) {
+ if(conn->ssl_config.verifypeer) {
/* OpenLDAP SDK supports BASE64 files. */
- if((data->set.str[STRING_CERT_TYPE]) &&
- (!Curl_raw_equal(data->set.str[STRING_CERT_TYPE], "PEM"))) {
+ if((data->set.ssl.cert_type) &&
+ (!strcasecompare(data->set.ssl.cert_type, "PEM"))) {
failf(data, "LDAP local: ERROR OpenLDAP only supports PEM cert-type!");
result = CURLE_SSL_CERTPROBLEM;
goto quit;
@@ -403,11 +466,19 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool
*done)
ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
#endif
+#ifdef USE_WIN32_LDAP
+ rc = ldap_win_bind(conn, server, user, passwd);
+#else
rc = ldap_simple_bind_s(server, user, passwd);
+#endif
if(!ldap_ssl && rc != 0) {
ldap_proto = LDAP_VERSION2;
ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
+#ifdef USE_WIN32_LDAP
+ rc = ldap_win_bind(conn, server, user, passwd);
+#else
rc = ldap_simple_bind_s(server, user, passwd);
+#endif
}
if(rc != 0) {
failf(data, "LDAP local: ldap_simple_bind_s %s", ldap_err2string(rc));
@@ -656,7 +727,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool
*done)
quit:
if(ldapmsg) {
ldap_msgfree(ldapmsg);
- LDAP_TRACE (("Received %d entries\n", num));
+ LDAP_TRACE(("Received %d entries\n", num));
}
if(rc == LDAP_SIZELIMIT_EXCEEDED)
infof(data, "There are more than %d entries\n", num);
@@ -670,8 +741,6 @@ quit:
#endif /* HAVE_LDAP_SSL && CURL_HAS_NOVELL_LDAPSDK */
#if defined(USE_WIN32_LDAP)
- Curl_unicodefree(passwd);
- Curl_unicodefree(user);
Curl_unicodefree(host);
#endif
@@ -683,7 +752,7 @@ quit:
}
#ifdef DEBUG_LDAP
-static void _ldap_trace (const char *fmt, ...)
+static void _ldap_trace(const char *fmt, ...)
{
static int do_trace = -1;
va_list args;
@@ -695,9 +764,9 @@ static void _ldap_trace (const char *fmt, ...)
if(!do_trace)
return;
- va_start (args, fmt);
- vfprintf (stderr, fmt, args);
- va_end (args);
+ va_start(args, fmt);
+ vfprintf(stderr, fmt, args);
+ va_end(args);
}
#endif
@@ -706,18 +775,18 @@ static void _ldap_trace (const char *fmt, ...)
/*
* Return scope-value for a scope-string.
*/
-static int str2scope (const char *p)
+static int str2scope(const char *p)
{
- if(strequal(p, "one"))
- return LDAP_SCOPE_ONELEVEL;
- if(strequal(p, "onetree"))
- return LDAP_SCOPE_ONELEVEL;
- if(strequal(p, "base"))
- return LDAP_SCOPE_BASE;
- if(strequal(p, "sub"))
- return LDAP_SCOPE_SUBTREE;
- if(strequal(p, "subtree"))
- return LDAP_SCOPE_SUBTREE;
+ if(strcasecompare(p, "one"))
+ return LDAP_SCOPE_ONELEVEL;
+ if(strcasecompare(p, "onetree"))
+ return LDAP_SCOPE_ONELEVEL;
+ if(strcasecompare(p, "base"))
+ return LDAP_SCOPE_BASE;
+ if(strcasecompare(p, "sub"))
+ return LDAP_SCOPE_SUBTREE;
+ if(strcasecompare(p, "subtree"))
+ return LDAP_SCOPE_SUBTREE;
return (-1);
}
@@ -767,7 +836,7 @@ static bool split_str(char *str, char ***out, size_t *count)
*
* Defined in RFC4516 section 2.
*/
-static int _ldap_url_parse2 (const struct connectdata *conn, LDAPURLDesc *ludp)
+static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp)
{
int rc = LDAP_SUCCESS;
char *path;
@@ -776,9 +845,9 @@ static int _ldap_url_parse2 (const struct connectdata
*conn, LDAPURLDesc *ludp)
size_t i;
if(!conn->data ||
- !conn->data->state.path ||
- conn->data->state.path[0] != '/' ||
- !checkprefix("LDAP", conn->data->change.url))
+ !conn->data->state.path ||
+ conn->data->state.path[0] != '/' ||
+ !checkprefix("LDAP", conn->data->change.url))
return LDAP_INVALID_SYNTAX;
ludp->lud_scope = LDAP_SCOPE_BASE;
@@ -798,12 +867,13 @@ static int _ldap_url_parse2 (const struct connectdata
*conn, LDAPURLDesc *ludp)
if(*p) {
char *dn = p;
char *unescaped;
+ CURLcode result;
- LDAP_TRACE (("DN '%s'\n", dn));
+ LDAP_TRACE(("DN '%s'\n", dn));
/* Unescape the DN */
- unescaped = curl_easy_unescape(conn->data, dn, 0, NULL);
- if(!unescaped) {
+ result = Curl_urldecode(conn->data, dn, 0, &unescaped, NULL, FALSE);
+ if(result) {
rc = LDAP_NO_MEMORY;
goto quit;
@@ -862,12 +932,14 @@ static int _ldap_url_parse2 (const struct connectdata
*conn, LDAPURLDesc *ludp)
for(i = 0; i < count; i++) {
char *unescaped;
+ CURLcode result;
- LDAP_TRACE (("attr[%d] '%s'\n", i, attributes[i]));
+ LDAP_TRACE(("attr[%d] '%s'\n", i, attributes[i]));
/* Unescape the attribute */
- unescaped = curl_easy_unescape(conn->data, attributes[i], 0, NULL);
- if(!unescaped) {
+ result = Curl_urldecode(conn->data, attributes[i], 0, &unescaped, NULL,
+ FALSE);
+ if(result) {
free(attributes);
rc = LDAP_NO_MEMORY;
@@ -915,7 +987,7 @@ static int _ldap_url_parse2 (const struct connectdata
*conn, LDAPURLDesc *ludp)
goto quit;
}
- LDAP_TRACE (("scope %d\n", ludp->lud_scope));
+ LDAP_TRACE(("scope %d\n", ludp->lud_scope));
}
p = q;
@@ -930,12 +1002,13 @@ static int _ldap_url_parse2 (const struct connectdata
*conn, LDAPURLDesc *ludp)
if(*p) {
char *filter = p;
char *unescaped;
+ CURLcode result;
- LDAP_TRACE (("filter '%s'\n", filter));
+ LDAP_TRACE(("filter '%s'\n", filter));
/* Unescape the filter */
- unescaped = curl_easy_unescape(conn->data, filter, 0, NULL);
- if(!unescaped) {
+ result = Curl_urldecode(conn->data, filter, 0, &unescaped, NULL, FALSE);
+ if(result) {
rc = LDAP_NO_MEMORY;
goto quit;
@@ -971,8 +1044,8 @@ quit:
return rc;
}
-static int _ldap_url_parse (const struct connectdata *conn,
- LDAPURLDesc **ludpp)
+static int _ldap_url_parse(const struct connectdata *conn,
+ LDAPURLDesc **ludpp)
{
LDAPURLDesc *ludp = calloc(1, sizeof(*ludp));
int rc;
@@ -981,7 +1054,7 @@ static int _ldap_url_parse (const struct connectdata *conn,
if(!ludp)
return LDAP_NO_MEMORY;
- rc = _ldap_url_parse2 (conn, ludp);
+ rc = _ldap_url_parse2(conn, ludp);
if(rc != LDAP_SUCCESS) {
_ldap_free_urldesc(ludp);
ludp = NULL;
@@ -990,7 +1063,7 @@ static int _ldap_url_parse (const struct connectdata *conn,
return (rc);
}
-static void _ldap_free_urldesc (LDAPURLDesc *ludp)
+static void _ldap_free_urldesc(LDAPURLDesc *ludp)
{
size_t i;
@@ -1006,7 +1079,7 @@ static void _ldap_free_urldesc (LDAPURLDesc *ludp)
free(ludp->lud_attrs);
}
- free (ludp);
+ free(ludp);
}
#endif /* !HAVE_LDAP_URL_PARSE */
#endif /* !CURL_DISABLE_LDAP && !USE_OPENLDAP */
diff --git a/lib/libcurl.def b/lib/libcurl.def
deleted file mode 100644
index e01255725..000000000
--- a/lib/libcurl.def
+++ /dev/null
@@ -1,53 +0,0 @@
-;
-; Definition file for the DLL version of the LIBCURL library from curl
-;
-
-LIBRARY LIBCURL
-
-;DESCRIPTION 'curl libcurl - https://curl.haxx.se'
-
-EXPORTS
- curl_easy_cleanup @ 1 ;
- curl_easy_getinfo @ 2 ;
- curl_easy_init @ 3 ;
- curl_easy_perform @ 4 ;
- curl_easy_setopt @ 5 ;
- curl_escape @ 6 ;
- curl_unescape @ 7;
- curl_formfree @ 9 ;
- curl_getdate @ 10 ;
- curl_getenv @ 11 ;
- curl_global_cleanup @ 12 ;
- curl_global_init @ 13 ;
- curl_slist_append @ 14 ;
- curl_slist_free_all @ 15 ;
- curl_version @ 16 ;
- curl_maprintf @ 17 ;
- curl_mfprintf @ 18 ;
- curl_mprintf @ 19 ;
- curl_msprintf @ 20 ;
- curl_msnprintf @ 21 ;
- curl_mvfprintf @ 22 ;
- curl_strequal @ 23 ;
- curl_strnequal @ 24 ;
- curl_easy_duphandle @ 25 ;
- curl_formadd @ 26 ;
- curl_multi_init @ 27;
- curl_multi_add_handle @ 28;
- curl_multi_remove_handle @ 29;
- curl_multi_fdset @ 30;
- curl_multi_perform @ 31;
- curl_multi_cleanup @ 32;
- curl_multi_info_read @ 33;
- curl_free @ 34;
- curl_version_info @ 35;
- curl_share_init @ 36;
- curl_share_setopt @ 37;
- curl_share_cleanup @ 38;
- curl_global_init_mem @ 39;
- curl_easy_strerror @ 40;
- curl_multi_strerror @ 41;
- curl_share_strerror @ 42;
- curl_easy_reset @ 43;
- curl_mvsnprintf @ 44 ;
-
diff --git a/lib/libcurl.rc b/lib/libcurl.rc
index 50b365dbb..0afccd819 100644
--- a/lib/libcurl.rc
+++ b/lib/libcurl.rc
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -20,7 +20,7 @@
*
***************************************************************************/
#include <winver.h>
-#include "../include/curl/curlver.h"
+#include "../include/gnurl/curlver.h"
LANGUAGE 0x09,0x01
@@ -44,14 +44,14 @@ BEGIN
BEGIN
BLOCK "040904b0"
BEGIN
- VALUE "CompanyName", "The cURL library, https://curl.haxx.se/\0";
+ VALUE "CompanyName", "The curl library, https://curl.haxx.se/\0";
VALUE "FileDescription", "libcurl Shared Library\0"
VALUE "FileVersion", LIBCURL_VERSION "\0"
VALUE "InternalName", "libcurl\0"
VALUE "OriginalFilename", "libcurl.dll\0"
- VALUE "ProductName", "The cURL library\0"
+ VALUE "ProductName", "The curl library\0"
VALUE "ProductVersion", LIBCURL_VERSION "\0"
- VALUE "LegalCopyright", "� " LIBCURL_COPYRIGHT "\0"
+ VALUE "LegalCopyright", "\xa9 " LIBCURL_COPYRIGHT "\0" /* a9:
Copyright symbol */
VALUE "License", "https://curl.haxx.se/docs/copyright.html\0";
END
END
diff --git a/lib/llist.c b/lib/llist.c
index 482aaa041..7fd6637d4 100644
--- a/lib/llist.c
+++ b/lib/llist.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "llist.h"
#include "curl_memory.h"
@@ -33,8 +33,8 @@
/*
* @unittest: 1300
*/
-static void
-llist_init(struct curl_llist *l, curl_llist_dtor dtor)
+void
+Curl_llist_init(struct curl_llist *l, curl_llist_dtor dtor)
{
l->size = 0;
l->dtor = dtor;
@@ -42,20 +42,6 @@ llist_init(struct curl_llist *l, curl_llist_dtor dtor)
l->tail = NULL;
}
-struct curl_llist *
-Curl_llist_alloc(curl_llist_dtor dtor)
-{
- struct curl_llist *list;
-
- list = malloc(sizeof(struct curl_llist));
- if(!list)
- return NULL;
-
- llist_init(list, dtor);
-
- return list;
-}
-
/*
* Curl_llist_insert_next()
*
@@ -63,18 +49,15 @@ Curl_llist_alloc(curl_llist_dtor dtor)
* entry is NULL and the list already has elements, the new one will be
* inserted first in the list.
*
- * Returns: 1 on success and 0 on failure.
+ * The 'ne' argument should be a pointer into the object to store.
*
* @unittest: 1300
*/
-int
+void
Curl_llist_insert_next(struct curl_llist *list, struct curl_llist_element *e,
- const void *p)
+ const void *p,
+ struct curl_llist_element *ne)
{
- struct curl_llist_element *ne = malloc(sizeof(struct curl_llist_element));
- if(!ne)
- return 0;
-
ne->ptr = (void *) p;
if(list->size == 0) {
list->head = ne;
@@ -101,19 +84,18 @@ Curl_llist_insert_next(struct curl_llist *list, struct
curl_llist_element *e,
}
++list->size;
-
- return 1;
}
/*
* @unittest: 1300
*/
-int
+void
Curl_llist_remove(struct curl_llist *list, struct curl_llist_element *e,
void *user)
{
+ void *ptr;
if(e == NULL || list->size == 0)
- return 1;
+ return;
if(e == list->head) {
list->head = e->next;
@@ -131,16 +113,17 @@ Curl_llist_remove(struct curl_llist *list, struct
curl_llist_element *e,
e->next->prev = e->prev;
}
- list->dtor(user, e->ptr);
+ ptr = e->ptr;
e->ptr = NULL;
e->prev = NULL;
e->next = NULL;
- free(e);
--list->size;
- return 1;
+ /* call the dtor() last for when it actually frees the 'e' memory itself */
+ if(list->dtor)
+ list->dtor(user, ptr);
}
void
@@ -149,8 +132,6 @@ Curl_llist_destroy(struct curl_llist *list, void *user)
if(list) {
while(list->size > 0)
Curl_llist_remove(list, list->tail, user);
-
- free(list);
}
}
@@ -163,13 +144,13 @@ Curl_llist_count(struct curl_llist *list)
/*
* @unittest: 1300
*/
-int Curl_llist_move(struct curl_llist *list, struct curl_llist_element *e,
- struct curl_llist *to_list,
- struct curl_llist_element *to_e)
+void Curl_llist_move(struct curl_llist *list, struct curl_llist_element *e,
+ struct curl_llist *to_list,
+ struct curl_llist_element *to_e)
{
/* Remove element from list */
if(e == NULL || list->size == 0)
- return 0;
+ return;
if(e == list->head) {
list->head = e->next;
@@ -209,6 +190,4 @@ int Curl_llist_move(struct curl_llist *list, struct
curl_llist_element *e,
}
++to_list->size;
-
- return 1;
}
diff --git a/lib/llist.h b/lib/llist.h
index 39ff408ee..6b644b99c 100644
--- a/lib/llist.h
+++ b/lib/llist.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -29,7 +29,6 @@ typedef void (*curl_llist_dtor)(void *, void *);
struct curl_llist_element {
void *ptr;
-
struct curl_llist_element *prev;
struct curl_llist_element *next;
};
@@ -37,21 +36,19 @@ struct curl_llist_element {
struct curl_llist {
struct curl_llist_element *head;
struct curl_llist_element *tail;
-
curl_llist_dtor dtor;
-
size_t size;
};
-struct curl_llist *Curl_llist_alloc(curl_llist_dtor);
-int Curl_llist_insert_next(struct curl_llist *, struct curl_llist_element *,
- const void *);
-int Curl_llist_remove(struct curl_llist *, struct curl_llist_element *,
- void *);
+void Curl_llist_init(struct curl_llist *, curl_llist_dtor);
+void Curl_llist_insert_next(struct curl_llist *, struct curl_llist_element *,
+ const void *, struct curl_llist_element *node);
+void Curl_llist_remove(struct curl_llist *, struct curl_llist_element *,
+ void *);
size_t Curl_llist_count(struct curl_llist *);
void Curl_llist_destroy(struct curl_llist *, void *);
-int Curl_llist_move(struct curl_llist *, struct curl_llist_element *,
- struct curl_llist *, struct curl_llist_element *);
+void Curl_llist_move(struct curl_llist *, struct curl_llist_element *,
+ struct curl_llist *, struct curl_llist_element *);
#endif /* HEADER_CURL_LLIST_H */
diff --git a/lib/makefile.dj b/lib/makefile.dj
index 2331afe31..8ab2d575d 100644
--- a/lib/makefile.dj
+++ b/lib/makefile.dj
@@ -6,7 +6,7 @@
# \___|\___/|_| \_\_____|
#
# Copyright (C) 2003 - 2008, Gisle Vanem <address@hidden>.
-# Copyright (C) 2003 - 2015, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 2003 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -26,20 +26,19 @@
#
DEPEND_PREREQ = curl_config.h
-VPATH = vtls
+VPATH = vtls vauth
TOPDIR = ..
include ../packages/DOS/common.dj
include Makefile.inc
+CFLAGS += -DBUILDING_LIBCURL
+
SOURCES = $(sort $(CSOURCES))
OBJECTS = $(addprefix $(OBJ_DIR)/, $(notdir $(SOURCES:.c=.o)))
CURL_LIB = libcurl.a
-# NOTE: if ../include/curl/curlbuild.h is missing, you're probably building
-# this from a git checkout and then you need to run buildconf.bat first.
-
all: $(OBJ_DIR) curl_config.h $(CURL_LIB)
$(CURL_LIB): $(OBJECTS)
diff --git a/lib/md4.c b/lib/md4.c
index 60f73a28b..2bb7dcc25 100644
--- a/lib/md4.c
+++ b/lib/md4.c
@@ -37,9 +37,10 @@
#include "curl_setup.h"
-/* NSS and OS/400 crypto library do not provide the MD4 hash algorithm, so
- * that we have a local implementation of it */
-#if defined(USE_NSS) || defined(USE_OS400CRYPTO)
+/* The NSS, OS/400 and sometimes mbed TLS crypto libraries do not provide the
+ * MD4 hash algorithm, so we have a local implementation of it */
+#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \
+ (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C))
#include "curl_md4.h"
#include "warnless.h"
@@ -89,7 +90,7 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx);
*/
#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
#define SET(n) \
- (*(MD4_u32plus *)&ptr[(n) * 4])
+ (*(MD4_u32plus *)(void *)&ptr[(n) * 4])
#define GET(n) \
SET(n)
#else
@@ -213,7 +214,8 @@ static void MD4_Update(MD4_CTX *ctx, const void *data,
unsigned long size)
unsigned long used, available;
saved_lo = ctx->lo;
- if((ctx->lo = (saved_lo + size) & 0x1fffffff) < saved_lo)
+ ctx->lo = (saved_lo + size) & 0x1fffffff;
+ if(ctx->lo < saved_lo)
ctx->hi++;
ctx->hi += (MD4_u32plus)size >> 29;
@@ -301,4 +303,5 @@ void Curl_md4it(unsigned char *output, const unsigned char
*input, size_t len)
MD4_Update(&ctx, input, curlx_uztoui(len));
MD4_Final(output, &ctx);
}
-#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) */
+#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) ||
+ (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */
diff --git a/lib/md5.c b/lib/md5.c
index f818d3288..a14542a85 100644
--- a/lib/md5.c
+++ b/lib/md5.c
@@ -24,7 +24,7 @@
#ifndef CURL_DISABLE_CRYPTO_AUTH
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "curl_md5.h"
#include "curl_hmac.h"
@@ -45,7 +45,7 @@ static void MD5_Init(MD5_CTX * ctx)
}
static void MD5_Update(MD5_CTX * ctx,
- const unsigned char * input,
+ const unsigned char *input,
unsigned int inputLen)
{
md5_update(ctx, inputLen, input);
@@ -71,7 +71,7 @@ static void MD5_Init(MD5_CTX * ctx)
}
static void MD5_Update(MD5_CTX * ctx,
- const unsigned char * input,
+ const unsigned char *input,
unsigned int inputLen)
{
gcry_md_write(*ctx, input, inputLen);
@@ -260,7 +260,7 @@ static void MD5_Final(unsigned char *result, MD5_CTX *ctx);
*/
#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
#define SET(n) \
- (*(MD5_u32plus *)&ptr[(n) * 4])
+ (*(MD5_u32plus *)(void *)&ptr[(n) * 4])
#define GET(n) \
SET(n)
#else
@@ -402,7 +402,8 @@ static void MD5_Update(MD5_CTX *ctx, const void *data,
unsigned long size)
unsigned long used, available;
saved_lo = ctx->lo;
- if((ctx->lo = (saved_lo + size) & 0x1fffffff) < saved_lo)
+ ctx->lo = (saved_lo + size) & 0x1fffffff;
+ if(ctx->lo < saved_lo)
ctx->hi++;
ctx->hi += (MD5_u32plus)size >> 29;
diff --git a/lib/memdebug.c b/lib/memdebug.c
index ccbf461be..65b20e5d0 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,7 +24,7 @@
#ifdef CURLDEBUG
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
@@ -35,10 +35,6 @@
#include "curl_memory.h"
#include "memdebug.h"
-#ifndef HAVE_ASSERT_H
-# define assert(x) Curl_nop_stmt
-#endif
-
/*
* Until 2011-08-17 libcurl's Memory Tracking feature also performed
* automatic malloc and free filling operations using 0xA5 and 0x13
@@ -90,7 +86,7 @@ struct memdebug {
union {
curl_off_t o;
double d;
- void * p;
+ void *p;
} mem[1];
/* I'm hoping this is the thing with the strictest alignment
* requirements. That also means we waste some space :-( */
@@ -119,7 +115,8 @@ void curl_memdebug(const char *logname)
logfile = stderr;
#ifdef MEMDEBUG_LOG_SYNC
/* Flush the log file after every line so the log isn't lost in a crash */
- setbuf(logfile, (char *)NULL);
+ if(logfile)
+ setbuf(logfile, (char *)NULL);
#endif
}
}
@@ -150,7 +147,7 @@ static bool countcheck(const char *func, int line, const
char *source)
source, line, func);
fflush(logfile); /* because it might crash now */
}
- SET_ERRNO(ENOMEM);
+ errno = ENOMEM;
return TRUE; /* RETURN ERROR! */
}
else
@@ -167,7 +164,7 @@ void *curl_domalloc(size_t wantedsize, int line, const char
*source)
struct memdebug *mem;
size_t size;
- assert(wantedsize != 0);
+ DEBUGASSERT(wantedsize != 0);
if(countcheck("malloc", line, source))
return NULL;
@@ -196,8 +193,8 @@ void *curl_docalloc(size_t wanted_elements, size_t
wanted_size,
struct memdebug *mem;
size_t size, user_size;
- assert(wanted_elements != 0);
- assert(wanted_size != 0);
+ DEBUGASSERT(wanted_elements != 0);
+ DEBUGASSERT(wanted_size != 0);
if(countcheck("calloc", line, source))
return NULL;
@@ -223,7 +220,7 @@ char *curl_dostrdup(const char *str, int line, const char
*source)
char *mem;
size_t len;
- assert(str != NULL);
+ DEBUGASSERT(str != NULL);
if(countcheck("strdup", line, source))
return NULL;
@@ -236,7 +233,7 @@ char *curl_dostrdup(const char *str, int line, const char
*source)
if(source)
curl_memlog("MEM %s:%d strdup(%p) (%zu) = %p\n",
- source, line, (void *)str, len, (void *)mem);
+ source, line, (const void *)str, len, (const void *)mem);
return mem;
}
@@ -247,7 +244,7 @@ wchar_t *curl_dowcsdup(const wchar_t *str, int line, const
char *source)
wchar_t *mem;
size_t wsiz, bsiz;
- assert(str != NULL);
+ DEBUGASSERT(str != NULL);
if(countcheck("wcsdup", line, source))
return NULL;
@@ -276,7 +273,7 @@ void *curl_dorealloc(void *ptr, size_t wantedsize,
size_t size = sizeof(struct memdebug)+wantedsize;
- assert(wantedsize != 0);
+ DEBUGASSERT(wantedsize != 0);
if(countcheck("realloc", line, source))
return NULL;
@@ -445,7 +442,7 @@ int curl_fclose(FILE *file, int line, const char *source)
{
int res;
- assert(file != NULL);
+ DEBUGASSERT(file != NULL);
res=fclose(file);
@@ -458,7 +455,7 @@ int curl_fclose(FILE *file, int line, const char *source)
#define LOGLINE_BUFSIZE 1024
-/* this does the writting to the memory tracking log file */
+/* this does the writing to the memory tracking log file */
void curl_memlog(const char *format, ...)
{
char *buf;
@@ -480,7 +477,7 @@ void curl_memlog(const char *format, ...)
nchars = LOGLINE_BUFSIZE - 1;
if(nchars > 0)
- fwrite(buf, 1, nchars, logfile);
+ fwrite(buf, 1, (size_t)nchars, logfile);
(Curl_cfree)(buf);
}
diff --git a/lib/mk-ca-bundle.pl b/lib/mk-ca-bundle.pl
index 34497230d..cc36c7680 100755
--- a/lib/mk-ca-bundle.pl
+++ b/lib/mk-ca-bundle.pl
@@ -30,11 +30,11 @@
# dependency is the OpenSSL commandline tool for optional text listing.
# Hacked by Guenter Knauf.
#
+use Encode;
use Getopt::Std;
use MIME::Base64;
-use LWP::UserAgent;
use strict;
-use vars qw($opt_b $opt_d $opt_f $opt_h $opt_i $opt_l $opt_m $opt_n $opt_p
$opt_q $opt_s $opt_t $opt_u $opt_v $opt_w);
+use vars qw($opt_b $opt_d $opt_f $opt_h $opt_i $opt_k $opt_l $opt_m $opt_n
$opt_p $opt_q $opt_s $opt_t $opt_u $opt_v $opt_w);
use List::Util;
use Text::Wrap;
my $MOD_SHA = "Digest::SHA";
@@ -43,18 +43,19 @@ if ($@) {
$MOD_SHA = "Digest::SHA::PurePerl";
eval "require $MOD_SHA";
}
+eval "require LWP::UserAgent";
my %urls = (
'nss' =>
-
'http://hg.mozilla.org/projects/nss/raw-file/tip/lib/ckfw/builtins/certdata.txt',
+
'https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ckfw/builtins/certdata.txt',
'central' =>
-
'http://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt',
+
'https://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt',
'aurora' =>
-
'http://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt',
+
'https://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt',
'beta' =>
-
'http://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt',
+
'https://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt',
'release' =>
-
'http://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt',
+
'https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt',
);
$opt_d = 'release';
@@ -62,7 +63,7 @@ $opt_d = 'release';
# If the OpenSSL commandline is not in search path you can configure it here!
my $openssl = 'openssl';
-my $version = '1.26';
+my $version = '1.27';
$opt_w = 76; # default base64 encoded lines length
@@ -109,7 +110,7 @@ my @valid_signature_algorithms = (
$0 =~ address@hidden(/|\\)@@;
$Getopt::Std::STANDARD_HELP_VERSION = 1;
-getopts('bd:fhilmnp:qs:tuvw:');
+getopts('bd:fhiklmnp:qs:tuvw:');
if(!defined($opt_d)) {
# to make plain "-d" use not cause warnings, and actually still work
@@ -117,7 +118,16 @@ if(!defined($opt_d)) {
}
# Use predefined URL or else custom URL specified on command line.
-my $url = ( defined( $urls{$opt_d} ) ) ? $urls{$opt_d} : $opt_d;
+my $url;
+if(defined($urls{$opt_d})) {
+ $url = $urls{$opt_d};
+ if(!$opt_k && $url !~ /^https:\/\//i) {
+ die "The URL for '$opt_d' is not HTTPS. Use -k to override (insecure).\n";
+ }
+}
+else {
+ $url = $opt_d;
+}
my $curl = `curl -V`;
@@ -128,8 +138,8 @@ if ($opt_i) {
print "Operating System Name : $^O\n";
print "Getopt::Std.pm Version : ${Getopt::Std::VERSION}\n";
print "MIME::Base64.pm Version : ${MIME::Base64::VERSION}\n";
- print "LWP::UserAgent.pm Version : ${LWP::UserAgent::VERSION}\n";
- print "LWP.pm Version : ${LWP::VERSION}\n";
+ print "LWP::UserAgent.pm Version : ${LWP::UserAgent::VERSION}\n"
if($LWP::UserAgent::VERSION);
+ print "LWP.pm Version : ${LWP::VERSION}\n"
if($LWP::VERSION);
print "Digest::SHA.pm Version : ${Digest::SHA::VERSION}\n" if
($Digest::SHA::VERSION);
print "Digest::SHA::PurePerl.pm Version :
${Digest::SHA::PurePerl::VERSION}\n" if ($Digest::SHA::PurePerl::VERSION);
print ("=" x 78 . "\n");
@@ -139,7 +149,7 @@ sub warning_message() {
if ( $opt_d =~ m/^risk$/i ) { # Long Form Warning and Exit
print "Warning: Use of this script may pose some risk:\n";
print "\n";
- print " 1) Using http is subject to man in the middle attack of certdata
content\n";
+ print " 1) If you use HTTP URLs they are subject to a man in the middle
attack\n";
print " 2) Default to 'release', but more recent updates may be found in
other trees\n";
print " 3) certdata.txt file format may change, lag time to update this
script\n";
print " 4) Generally unwise to blindly trust CAs without manual review &
verification\n";
@@ -153,13 +163,14 @@ sub warning_message() {
}
sub HELP_MESSAGE() {
- print "Usage:\t${0} [-b] [-d<certdata>] [-f] [-i] [-l] [-n]
[-p<purposes:levels>] [-q] [-s<algorithms>] [-t] [-u] [-v] [-w<l>]
[<outputfile>]\n";
+ print "Usage:\t${0} [-b] [-d<certdata>] [-f] [-i] [-k] [-l] [-n]
[-p<purposes:levels>] [-q] [-s<algorithms>] [-t] [-u] [-v] [-w<l>]
[<outputfile>]\n";
print "\t-b\tbackup an existing version of ca-bundle.crt\n";
print "\t-d\tspecify Mozilla tree to pull certdata.txt or custom URL\n";
print "\t\t Valid names are:\n";
print "\t\t ", join( ", ", map { ( $_ =~ m/$opt_d/ ) ? "$_ (default)" :
"$_" } sort keys %urls ), "\n";
print "\t-f\tforce rebuild even if certdata.txt is current\n";
print "\t-i\tprint version info about used modules\n";
+ print "\t-k\tallow URLs other than HTTPS, enable HTTP fallback (insecure)\n";
print "\t-l\tprint license info about certdata.txt\n";
print "\t-m\tinclude meta data in output\n";
print "\t-n\tno download of certdata.txt (to use existing)\n";
@@ -234,7 +245,8 @@ sub sha256 {
close(FILE);
} else {
# Use OpenSSL command if Perl Digest::SHA modules not available
- $result = (split(/ |\r|\n/,`$openssl dgst -sha256 $_[0]`))[1];
+ $result = `"$openssl" dgst -r -sha256 "$_[0]"`;
+ $result =~ s/^([0-9a-f]{64}) .+/$1/is;
}
return $result;
}
@@ -287,35 +299,68 @@ my $oldhash = oldhash($crt);
report "SHA256 of old file: $oldhash";
-report "Downloading '$txt' ...";
-
-if($curl && !$opt_n) {
- my $https = $url;
- $https =~ s/^http:/https:/;
- report "Get certdata over HTTPS with curl!";
- my $quiet = $opt_q ? "-s" : "";
- my @out = `curl -w %{response_code} $quiet -O $https`;
- if(@out && $out[0] == 200) {
- $fetched = 1;
- } else {
- report "Failed downloading HTTPS with curl, trying HTTP with LWP";
+if(!$opt_n) {
+ report "Downloading $txt ...";
+
+ # If we have an HTTPS URL then use curl
+ if($url =~ /^https:\/\//i) {
+ if($curl) {
+ if($curl =~ /^Protocols:.* https( |$)/m) {
+ report "Get certdata with curl!";
+ my $proto = !$opt_k ? "--proto =https" : "";
+ my $quiet = $opt_q ? "-s" : "";
+ my @out = `curl -w %{response_code} $proto $quiet -o "$txt" "$url"`;
+ if(!$? && @out && $out[0] == 200) {
+ $fetched = 1;
+ report "Downloaded $txt";
+ }
+ else {
+ report "Failed downloading via HTTPS with curl";
+ if(-e $txt && !unlink($txt)) {
+ report "Failed to remove '$txt': $!";
+ }
+ }
+ }
+ else {
+ report "curl lacks https support";
+ }
+ }
+ else {
+ report "curl not found";
+ }
}
-}
-unless ($fetched || ($opt_n and -e $txt)) {
- my $ua = new LWP::UserAgent(agent => "$0/$version");
- $ua->env_proxy();
- $resp = $ua->mirror($url, $txt);
- if ($resp && $resp->code eq '304') {
- report "Not modified";
- exit 0 if -e $crt && !$opt_f;
- } else {
+ # If nothing was fetched then use LWP
+ if(!$fetched) {
+ if($url =~ /^https:\/\//i) {
+ report "Falling back to HTTP";
+ $url =~ s/^https:\/\//http:\/\//i;
+ }
+ if(!$opt_k) {
+ report "URLs other than HTTPS are disabled by default, to enable use -k";
+ exit 1;
+ }
+ report "Get certdata with LWP!";
+ if(!defined(${LWP::UserAgent::VERSION})) {
+ report "LWP is not available (LWP::UserAgent not found)";
+ exit 1;
+ }
+ my $ua = new LWP::UserAgent(agent => "$0/$version");
+ $ua->env_proxy();
+ $resp = $ua->mirror($url, $txt);
+ if($resp && $resp->code eq '304') {
+ report "Not modified";
+ exit 0 if -e $crt && !$opt_f;
+ }
+ else {
$fetched = 1;
- }
- if( !$resp || $resp->code !~ /^(?:200|304)$/ ) {
+ report "Downloaded $txt";
+ }
+ if(!$resp || $resp->code !~ /^(?:200|304)$/) {
report "Unable to download latest data: "
. ($resp? $resp->code . ' - ' . $resp->message : "LWP failed");
exit 1 if -e $crt || ! -r $txt;
+ }
}
}
@@ -349,7 +394,7 @@ print CRT <<EOT;
##
## Bundle of CA Root Certificates
##
-## Certificate data from Mozilla ${datesrc}: ${currentdate}
+## Certificate data from Mozilla ${datesrc}: ${currentdate} GMT
##
## This is a bundle of X.509 certificates of public Certificate Authorities
## (CA). These were automatically extracted from Mozilla's root certificates
@@ -443,7 +488,7 @@ while (<TXT>) {
. "-----END CERTIFICATE-----\n";
print CRT "\n$caname\n";
print CRT @precert if($opt_m);
- my $maxStringLength = length($caname);
+ my $maxStringLength = length(decode('UTF-8', $caname, Encode::FB_CROAK));
if ($opt_t) {
foreach my $key (keys %trust_purposes_by_level) {
my $string = $key . ": " . join(", ",
@{$trust_purposes_by_level{$key}});
@@ -503,5 +548,7 @@ unless( $stdout ) {
}
rename "$crt.~", $crt or die "Failed to rename $crt.~ to $crt: $!\n";
}
-unlink $txt if ($opt_u);
+if($opt_u && -e $txt && !unlink($txt)) {
+ report "Failed to remove $txt: $!\n";
+}
report "Done ($certnum CA certs processed, $skipnum skipped).";
diff --git a/lib/mk-ca-bundle.vbs b/lib/mk-ca-bundle.vbs
index b0d942779..a9b983e9b 100755
--- a/lib/mk-ca-bundle.vbs
+++ b/lib/mk-ca-bundle.vbs
@@ -26,20 +26,36 @@
'* Hacked by Guenter Knauf
'***************************************************************************
Option Explicit
-Const myVersion = "0.3.9"
+Const myVersion = "0.4.0"
-Const myUrl =
"http://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt";
-Const myOpenssl = "openssl.exe"
+Const myUrl =
"https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt";
-Const myCdSavF = FALSE ' Flag: save downloaded data to file certdata.txt
+Const myOpenSSL = "openssl.exe"
+Dim myUseOpenSSL
+myUseOpenSSL = TRUE ' Flag: TRUE to use OpenSSL. If TRUE and is not
+ ' found then a warning is shown before continuing.
+
+Const myCdSavF = TRUE ' Flag: save downloaded data to file certdata.txt
Const myCaBakF = TRUE ' Flag: backup existing ca-bundle certificate
Const myAskLiF = TRUE ' Flag: display certdata.txt license agreement
-Const myAskTiF = TRUE ' Flag: ask to include certificate text info
Const myWrapLe = 76 ' Default length of base64 output lines
+' cert info code doesn't work properly with any recent openssl, leave disabled.
+' Also: we want our certificate output by default to be as similar as possible
+' to mk-ca-bundle.pl and setting this TRUE changes the base64 width to
+' OpenSSL's built-in default width, which is not the same as mk-ca-bundle.pl.
+Const myAskTiF = FALSE ' Flag: ask to include certificate text info
+
+'
'******************* Nothing to configure below! *******************
+'
+Const adTypeBinary = 1
+Const adTypeText = 2
+Const adSaveCreateNotExist = 1
+Const adSaveCreateOverWrite = 2
Dim objShell, objNetwork, objFSO, objHttp
-Dim myBase, mySelf, myFh, myTmpFh, myCdData, myCdFile, myCaFile, myTmpName,
myBakNum, myOptTxt, i
+Dim myBase, mySelf, myStream, myTmpFh, myCdData, myCdFile
+Dim myCaFile, myTmpName, myBakNum, myOptTxt, i
Set objNetwork = WScript.CreateObject("WScript.Network")
Set objShell = WScript.CreateObject("WScript.Shell")
Set objFSO = WScript.CreateObject("Scripting.FileSystemObject")
@@ -47,14 +63,60 @@ Set objHttp =
WScript.CreateObject("WinHttp.WinHttpRequest.5.1")
If objHttp Is Nothing Then Set objHttp =
WScript.CreateObject("WinHttp.WinHttpRequest")
myBase = Left(WScript.ScriptFullName, InstrRev(WScript.ScriptFullName, "\"))
mySelf = Left(WScript.ScriptName, InstrRev(WScript.ScriptName, ".") - 1) & " "
& myVersion
+
myCdFile = Mid(myUrl, InstrRev(myUrl, "/") + 1)
myCaFile = "ca-bundle.crt"
-myTmpName = InputBox("Enter output filename:", mySelf, myCaFile)
-If Not (myTmpName = "") Then
- myCaFile = myTmpName
+myTmpName = InputBox("It will take a minute to download and parse the " & _
+ "certificate data." & _
+ vbLf & vbLf & _
+ "Please enter the output filename:", mySelf, myCaFile)
+If (myTmpName = "") Then
+ WScript.Quit 1
+End If
+myCaFile = myTmpName
+If (myCdFile = "") Then
+ MsgBox("URL does not contain filename!"), vbCritical, mySelf
+ WScript.Quit 1
+End If
+
+' Don't use OpenSSL if it's not present.
+If (myUseOpenSSL = TRUE) Then
+ Dim errnum
+
+ On Error Resume Next
+ Call objShell.Run("""" & myOpenSSL & """ version", 0, TRUE)
+ errnum = Err.Number
+ On Error GoTo 0
+
+ If Not (errnum = 0) Then
+ myUseOpenSSL = FALSE
+ MsgBox("OpenSSL was not found so the certificate bundle will not " & _
+ "include the SHA256 hash of the raw certificate data file " & _
+ "that was used to generate the certificates in the bundle. " & _
+ vbLf & vbLf & _
+ "This does not have any effect on the certificate output, " & _
+ "so this script will continue." & _
+ vbLf & vbLf & _
+ "If you want to set a custom location for OpenSSL or disable " & _
+ "this message then edit the variables at the start of the " & _
+ "script."), vbInformation, mySelf
+ End If
+End If
+
+If (myAskTiF = TRUE) And (myUseOpenSSL = TRUE) Then
+ If (6 = objShell.PopUp("Do you want to include text information about " & _
+ "each certificate?" & vbLf & _
+ "(Requires OpenSSL.exe in the current directory " & _
+ "or search path)",, _
+ mySelf, vbQuestion + vbYesNo + vbDefaultButton2)) Then
+ myOptTxt = TRUE
+ Else
+ myOptTxt = FALSE
+ End If
End If
-' Lets ignore SSL invalid cert errors
-objHttp.Option(4) = 256 + 512 + 4096 + 8192
+
+' Uncomment the line below to ignore SSL invalid cert errors
+' objHttp.Option(4) = 256 + 512 + 4096 + 8192
objHttp.SetTimeouts 0, 5000, 10000, 10000
objHttp.Open "GET", myUrl, FALSE
objHttp.setRequestHeader "User-Agent", WScript.ScriptName & "/" & myVersion
@@ -63,15 +125,13 @@ If Not (objHttp.Status = 200) Then
MsgBox("Failed to download '" & myCdFile & "': " & objHttp.Status & " - " &
objHttp.StatusText), vbCritical, mySelf
WScript.Quit 1
End If
-' Convert data from ResponseBody instead of using ResponseText because of UTF-8
-myCdData = ConvertBinaryData(objHttp.ResponseBody)
-Set objHttp = Nothing
' Write received data to file if enabled
If (myCdSavF = TRUE) Then
- Set myFh = objFSO.OpenTextFile(myCdFile, 2, TRUE)
- myFh.Write myCdData
- myFh.Close
+ Call SaveBinaryData(myCdFile, objHttp.ResponseBody)
End If
+' Convert data from ResponseBody instead of using ResponseText because of UTF-8
+myCdData = ConvertBinaryToUTF8(objHttp.ResponseBody)
+Set objHttp = Nothing
' Backup exitsing ca-bundle certificate file
If (myCaBakF = TRUE) Then
If objFSO.FileExists(myCaFile) Then
@@ -86,15 +146,7 @@ If (myCaBakF = TRUE) Then
myTmpFh.Move myBakFile
End If
End If
-If (myAskTiF = TRUE) Then
- If (6 = objShell.PopUp("Do you want to include text information about each
certificate?" & vbLf & _
- "(requires OpenSSL commandline in current directory or in search
path)",, _
- mySelf, vbQuestion + vbYesNo + vbDefaultButton2)) Then
- myOptTxt = TRUE
- Else
- myOptTxt = FALSE
- End If
-End If
+
' Process the received data
Dim myLines, myPattern, myInsideCert, myInsideLicense, myLicenseText,
myNumCerts, myNumSkipped
Dim myLabel, myOctets, myData, myPem, myRev, myUntrusted, j
@@ -102,23 +154,33 @@ myNumSkipped = 0
myNumCerts = 0
myData = ""
myLines = Split(myCdData, vbLf, -1)
-Set myFh = objFSO.OpenTextFile(myCaFile, 2, TRUE)
-myFh.Write "##" & vbLf
-myFh.Write "## " & myCaFile & " -- Bundle of CA Root Certificates" & vbLf
-myFh.Write "##" & vbLf
-myFh.Write "## Converted at: " & Now & vbLf
-myFh.Write "##" & vbLf
-myFh.Write "## This is a bundle of X.509 certificates of public Certificate
Authorities" & vbLf
-myFh.Write "## (CA). These were automatically extracted from Mozilla's root
certificates" & vbLf
-myFh.Write "## file (certdata.txt). This file can be found in the mozilla
source tree:" & vbLf
-myFh.Write "## '/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt'"
& vbLf
-myFh.Write "##" & vbLf
-myFh.Write "## It contains the certificates in PEM format and therefore" & vbLf
-myFh.Write "## can be directly used with curl / libcurl / php_curl, or with" &
vbLf
-myFh.Write "## an Apache+mod_ssl webserver for SSL client authentication." &
vbLf
-myFh.Write "## Just configure this file as the SSLCACertificateFile." & vbLf
-myFh.Write "##" & vbLf
-myFh.Write vbLf
+Set myStream = CreateObject("ADODB.Stream")
+myStream.Open
+myStream.Type = adTypeText
+myStream.Charset = "utf-8"
+myStream.WriteText "##" & vbLf & _
+ "## Bundle of CA Root Certificates" & vbLf & _
+ "##" & vbLf & _
+ "## Certificate data from Mozilla as of: " & _
+ ConvertDateToString(LocalDateToUTC(Now)) & " GMT" & vbLf & _
+ "##" & vbLf & _
+ "## This is a bundle of X.509 certificates of public Certificate
Authorities" & vbLf & _
+ "## (CA). These were automatically extracted from Mozilla's root
certificates" & vbLf & _
+ "## file (certdata.txt). This file can be found in the mozilla source
tree:" & vbLf & _
+ "## " & myUrl & vbLf & _
+ "##" & vbLf & _
+ "## It contains the certificates in PEM format and therefore" & vbLf & _
+ "## can be directly used with curl / libcurl / php_curl, or with" & vbLf & _
+ "## an Apache+mod_ssl webserver for SSL client authentication." & vbLf & _
+ "## Just configure this file as the SSLCACertificateFile." & vbLf & _
+ "##" & vbLf & _
+ "## Conversion done with mk-ca-bundle.vbs version " & myVersion & "." & vbLf
+If (myCdSavF = TRUE) And (myUseOpenSSL = TRUE) Then
+ myStream.WriteText "## SHA256: " & FileSHA256(myCdFile) & vbLf
+End If
+myStream.WriteText "##" & vbLf & vbLf
+
+myStream.WriteText vbLf
For i = 0 To UBound(myLines)
If InstrRev(myLines(i), "CKA_LABEL ") Then
myPattern = "^CKA_LABEL\s+[A-Z0-9]+\s+""(.+?)"""
@@ -136,13 +198,13 @@ For i = 0 To UBound(myLines)
If (myUntrusted = TRUE) Then
myNumSkipped = myNumSkipped + 1
Else
- myFh.Write myLabel & vbLf
- myFh.Write String(Len(myLabel), "=") & vbLf
+ myStream.WriteText myLabel & vbLf
+ myStream.WriteText String(Len(myLabel), "=") & vbLf
myPem = "-----BEGIN CERTIFICATE-----" & vbLf & _
Base64Encode(myData) & vbLf & _
"-----END CERTIFICATE-----" & vbLf
If (myOptTxt = FALSE) Then
- myFh.Write myPem & vbLf
+ myStream.WriteText myPem & vbLf
Else
Dim myCmd, myRval, myTmpIn, myTmpOut
myTmpIn = objFSO.GetSpecialFolder(2).Path & "\" & objFSO.GetTempName
@@ -150,8 +212,8 @@ For i = 0 To UBound(myLines)
Set myTmpFh = objFSO.OpenTextFile(myTmpIn, 2, TRUE)
myTmpFh.Write myPem
myTmpFh.Close
- myCmd = myOpenssl & " x509 -md5 -fingerprint -text -inform PEM" & _
- " -in " & myTmpIn & " -out " & myTmpOut
+ myCmd = """" & myOpenSSL & """ x509 -md5 -fingerprint -text " & _
+ "-inform PEM -in " & myTmpIn & " -out " & myTmpOut
myRval = objShell.Run (myCmd, 0, TRUE)
objFSO.DeleteFile myTmpIn, TRUE
If Not (myRval = 0) Then
@@ -160,7 +222,7 @@ For i = 0 To UBound(myLines)
WScript.Quit 3
End If
Set myTmpFh = objFSO.OpenTextFile(myTmpOut, 1)
- myFh.Write myTmpFh.ReadAll & vbLf
+ myStream.WriteText myTmpFh.ReadAll & vbLf
myTmpFh.Close
objFSO.DeleteFile myTmpOut, TRUE
End If
@@ -176,7 +238,7 @@ For i = 0 To UBound(myLines)
If InstrRev(myLines(i), "CVS_ID ") Then
myPattern = "^CVS_ID\s+""(.+?)"""
myRev = RegExprFirst(myPattern, myLines(i))
- myFh.Write "# " & myRev & vbLf & vbLf
+ myStream.WriteText "# " & myRev & vbLf & vbLf
End If
If InstrRev(myLines(i), "CKA_VALUE MULTILINE_OCTAL") Then
myInsideCert = TRUE
@@ -187,7 +249,7 @@ For i = 0 To UBound(myLines)
myInsideLicense = TRUE
End If
If (myInsideLicense = TRUE) Then
- myFh.Write myLines(i) & vbLf
+ myStream.WriteText myLines(i) & vbLf
myLicenseText = myLicenseText & Mid(myLines(i), 2) & vbLf
End If
If InstrRev(myLines(i), "***** END LICENSE BLOCK *****") Then
@@ -196,28 +258,54 @@ For i = 0 To UBound(myLines)
If Not (6 = objShell.PopUp(myLicenseText & vbLf & _
"Do you agree to the license shown above (required to proceed)
?",, _
mySelf, vbQuestion + vbYesNo + vbDefaultButton1)) Then
- myFh.Close
+ myStream.Close
objFSO.DeleteFile myCaFile, TRUE
WScript.Quit 2
End If
End If
End If
Next
-myFh.Close
+
+' To stop the UTF-8 BOM from being written the stream has to be copied and
+' then saved as binary.
+Dim myCopy
+Set myCopy = CreateObject("ADODB.Stream")
+myCopy.Type = adTypeBinary
+myCopy.Open
+myStream.Position = 3 ' Skip UTF-8 BOM
+myStream.CopyTo myCopy
+myCopy.SaveToFile myCaFile, adSaveCreateOverWrite
+myCopy.Close
+myStream.Close
+Set myCopy = Nothing
+Set myStream = Nothing
+
+' Done
objShell.PopUp "Done (" & myNumCerts & " CA certs processed, " & myNumSkipped
& _
" untrusted skipped).", 20, mySelf, vbInformation
WScript.Quit 0
-Function ConvertBinaryData(arrBytes)
+Function ConvertBinaryToUTF8(arrBytes)
Dim objStream
Set objStream = CreateObject("ADODB.Stream")
objStream.Open
- objStream.Type = 1
+ objStream.Type = adTypeBinary
objStream.Write arrBytes
objStream.Position = 0
- objStream.Type = 2
- objStream.Charset = "ascii"
- ConvertBinaryData = objStream.ReadText
+ objStream.Type = adTypeText
+ objStream.Charset = "utf-8"
+ ConvertBinaryToUTF8 = objStream.ReadText
+ Set objStream = Nothing
+End Function
+
+Function SaveBinaryData(filename, data)
+ Dim objStream
+ Set objStream = CreateObject("ADODB.Stream")
+ objStream.Type = adTypeBinary
+ objStream.Open
+ objStream.Write data
+ objStream.SaveToFile filename, adSaveCreateOverWrite
+ objStream.Close
Set objStream = Nothing
End Function
@@ -283,4 +371,61 @@ Function MyASC(OneChar)
If OneChar = "" Then MyASC = 0 Else MyASC = Asc(OneChar)
End Function
+' Return the date in the same format as perl to match mk-ca-bundle.pl output:
+' Wed Sep 7 03:12:05 2016
+Function ConvertDateToString(input)
+ Dim output
+ output = WeekDayName(WeekDay(input), TRUE) & " " & _
+ MonthName(Month(input), TRUE) & " "
+ If (Len(Day(input)) = 1) Then
+ output = output & " "
+ End If
+ output = output & _
+ Day(input) & " " & _
+ FormatDateTime(input, vbShortTime) & ":"
+ If (Len(Second(input)) = 1) Then
+ output = output & "0"
+ End If
+ output = output & _
+ Second(input) & " " & _
+ Year(input)
+ ConvertDateToString = output
+End Function
+' Convert local Date to UTC. Microsoft says:
+' Use Win32_ComputerSystem CurrentTimeZone property, because it automatically
+' adjusts the Time Zone bias for daylight saving time; Win32_Time Zone Bias
+' property does not.
+' https://msdn.microsoft.com/en-us/library/windows/desktop/ms696015.aspx
+Function LocalDateToUTC(localdate)
+ Dim item, offset
+ For Each item In GetObject("winmgmts:").InstancesOf("Win32_ComputerSystem")
+ offset = item.CurrentTimeZone ' the offset in minutes
+ Next
+ If (offset < 0) Then
+ LocalDateToUTC = DateAdd("n", ABS(offset), localdate)
+ Else
+ LocalDateToUTC = DateAdd("n", -ABS(offset), localdate)
+ End If
+ 'objShell.PopUp LocalDateToUTC
+End Function
+
+Function FileSHA256(filename)
+ Dim cmd, rval, tmpOut, tmpFh
+ if (myUseOpenSSL = TRUE) Then
+ tmpOut = objFSO.GetSpecialFolder(2).Path & "\" & objFSO.GetTempName
+ cmd = """" & myOpenSSL & """ dgst -r -sha256 -out """ & tmpOut & """ """ &
filename & """"
+ rval = objShell.Run(cmd, 0, TRUE)
+ If Not (rval = 0) Then
+ MsgBox("Failed to get sha256 of """ & filename & """ with OpenSSL
commandline!"), vbCritical, mySelf
+ objFSO.DeleteFile tmpOut, TRUE
+ WScript.Quit 3
+ End If
+ Set tmpFh = objFSO.OpenTextFile(tmpOut, 1)
+ FileSHA256 = RegExprFirst("^([0-9a-f]{64}) .+", tmpFh.ReadAll)
+ tmpFh.Close
+ objFSO.DeleteFile tmpOut, TRUE
+ Else
+ FileSHA256 = ""
+ End If
+End Function
diff --git a/lib/mprintf.c b/lib/mprintf.c
index 73f854bcb..68545bfac 100644
--- a/lib/mprintf.c
+++ b/lib/mprintf.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1999 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1999 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -36,16 +36,12 @@
*/
#include "curl_setup.h"
-#include <curl/mprintf.h>
+#include <gnurl/mprintf.h>
#include "curl_memory.h"
/* The last #include file should be: */
#include "memdebug.h"
-#ifndef SIZEOF_LONG_DOUBLE
-#define SIZEOF_LONG_DOUBLE 0
-#endif
-
/*
* If SIZEOF_SIZE_T has not been defined, default to the size of long.
*/
@@ -92,7 +88,8 @@
# define mp_uintmax_t unsigned long
#endif
-#define BUFFSIZE 256 /* buffer for long-to-str and float-to-str calcs */
+#define BUFFSIZE 326 /* buffer for long-to-str and float-to-str calcs, should
+ fit negative DBL_MAX (317 letters) */
#define MAX_PARAMETERS 128 /* lame static limit */
#ifdef __AMIGA__
@@ -227,10 +224,12 @@ static bool dprintf_IsQualifierNoDollar(const char *fmt)
* Create an index with the type of each parameter entry and its
* value (may vary in size)
*
+ * Returns zero on success.
+ *
******************************************************************/
-static long dprintf_Pass1(const char *format, va_stack_t *vto, char **endpos,
- va_list arglist)
+static int dprintf_Pass1(const char *format, va_stack_t *vto, char **endpos,
+ va_list arglist)
{
char *fmt = (char *)format;
int param_num = 0;
@@ -301,7 +300,6 @@ static long dprintf_Pass1(const char *format, va_stack_t
*vto, char **endpos,
flags |= FLAGS_ALT;
break;
case '.':
- flags |= FLAGS_PREC;
if('*' == *fmt) {
/* The precision is picked from a specified parameter */
@@ -393,6 +391,10 @@ static long dprintf_Pass1(const char *format, va_stack_t
*vto, char **endpos,
i = this_param - 1;
+ if((i < 0) || (i >= MAX_PARAMETERS))
+ /* out of allowed range */
+ return 1;
+
switch (*fmt) {
case 'S':
flags |= FLAGS_ALT;
@@ -496,7 +498,7 @@ static long dprintf_Pass1(const char *format, va_stack_t
*vto, char **endpos,
(mp_intmax_t)va_arg(arglist, int);
}
- switch (vto[i].type) {
+ switch(vto[i].type) {
case FORMAT_STRING:
vto[i].data.str = va_arg(arglist, char *);
break;
@@ -549,7 +551,7 @@ static long dprintf_Pass1(const char *format, va_stack_t
*vto, char **endpos,
}
}
- return max_param;
+ return 0;
}
@@ -587,7 +589,8 @@ static int dprintf_formatf(
char *workend = &work[sizeof(work) - 2];
/* Do the actual %-code parsing */
- dprintf_Pass1(format, vto, endpos, ap_save);
+ if(dprintf_Pass1(format, vto, endpos, ap_save))
+ return -1;
end = &endpos[0]; /* the initial end-position from the list dprintf_Pass1()
created for us */
@@ -607,7 +610,7 @@ static int dprintf_formatf(
int is_neg;
/* Base of a number to be written. */
- long base;
+ unsigned long base;
/* Integral values to be written. */
mp_uintmax_t num;
@@ -685,7 +688,7 @@ static int dprintf_formatf(
is_alt = (p->flags & FLAGS_ALT) ? 1 : 0;
- switch (p->type) {
+ switch(p->type) {
case FORMAT_INT:
num = p->data.num.as_unsigned;
if(p->flags & FLAGS_CHAR) {
@@ -910,12 +913,25 @@ static int dprintf_formatf(
*fptr = 0;
if(width >= 0) {
+ if(width >= (long)sizeof(work))
+ width = sizeof(work)-1;
/* RECURSIVE USAGE */
len = curl_msnprintf(fptr, left, "%ld", width);
fptr += len;
left -= len;
}
if(prec >= 0) {
+ /* for each digit in the integer part, we can have one less
+ precision */
+ size_t maxprec = sizeof(work) - 2;
+ double val = p->data.dnum;
+ while(val >= 10.0) {
+ val /= 10;
+ maxprec--;
+ }
+
+ if(prec > (long)maxprec)
+ prec = (long)maxprec-1;
/* RECURSIVE USAGE */
len = curl_msnprintf(fptr, left, ".%ld", prec);
fptr += len;
@@ -935,7 +951,7 @@ static int dprintf_formatf(
/* NOTE NOTE NOTE!! Not all sprintf implementations return number of
output characters */
(sprintf)(work, formatbuf, p->data.dnum);
-
+ DEBUGASSERT(strlen(work) <= sizeof(work));
for(fptr=work; *fptr; fptr++)
OUTCHAR(*fptr);
}
@@ -992,7 +1008,7 @@ int curl_mvsnprintf(char *buffer, size_t maxlength, const
char *format,
info.max = maxlength;
retcode = dprintf_formatf(&info, addbyter, format, ap_save);
- if(info.max) {
+ if((retcode != -1) && info.max) {
/* we terminate this with a zero byte */
if(info.max == info.length)
/* we're at maximum, scrap the last letter */
@@ -1029,16 +1045,19 @@ static int alloc_addbyter(int output, FILE *data)
infop->len =0;
}
else if(infop->len+1 >= infop->alloc) {
- char *newptr;
+ char *newptr = NULL;
+ size_t newsize = infop->alloc*2;
- newptr = realloc(infop->buffer, infop->alloc*2);
+ /* detect wrap-around or other overflow problems */
+ if(newsize > infop->alloc)
+ newptr = realloc(infop->buffer, newsize);
if(!newptr) {
infop->fail = 1;
return -1; /* fail */
}
infop->buffer = newptr;
- infop->alloc *= 2;
+ infop->alloc = newsize;
}
infop->buffer[ infop->len ] = outc;
@@ -1071,8 +1090,7 @@ char *curl_maprintf(const char *format, ...)
info.buffer[info.len] = 0; /* we terminate this with a zero byte */
return info.buffer;
}
- else
- return strdup("");
+ return strdup("");
}
char *curl_mvaprintf(const char *format, va_list ap_save)
@@ -1096,8 +1114,7 @@ char *curl_mvaprintf(const char *format, va_list ap_save)
info.buffer[info.len] = 0; /* we terminate this with a zero byte */
return info.buffer;
}
- else
- return strdup("");
+ return strdup("");
}
static int storebuffer(int output, FILE *data)
diff --git a/lib/multi.c b/lib/multi.c
index 8e4091687..1f8dfc5ce 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "transfer.h"
@@ -42,6 +42,9 @@
#include "multihandle.h"
#include "pipeline.h"
#include "sigpipe.h"
+#include "vtls/vtls.h"
+#include "connect.h"
+#include "http_proxy.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
#include "curl_memory.h"
@@ -67,7 +70,7 @@ static void singlesocket(struct Curl_multi *multi,
struct Curl_easy *data);
static int update_timer(struct Curl_multi *multi);
-static CURLMcode add_next_timeout(struct timeval now,
+static CURLMcode add_next_timeout(struct curltime now,
struct Curl_multi *multi,
struct Curl_easy *d);
static CURLMcode multi_timeout(struct Curl_multi *multi,
@@ -97,8 +100,6 @@ static const char * const statename[]={
};
#endif
-static void multi_freetimeout(void *a, void *b);
-
/* function pointer called once when switching TO a state */
typedef void (*init_multistate_func)(struct Curl_easy *data);
@@ -114,6 +115,13 @@ static void mstate(struct Curl_easy *data, CURLMstate state
NULL,
NULL,
Curl_init_CONNECT, /* CONNECT */
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ Curl_connect_free /* DO */
/* the rest is NULL too */
};
@@ -278,9 +286,8 @@ static int sh_init(struct curl_hash *hash, int hashsize)
static CURLMcode multi_addmsg(struct Curl_multi *multi,
struct Curl_message *msg)
{
- if(!Curl_llist_insert_next(multi->msglist, multi->msglist->tail, msg))
- return CURLM_OUT_OF_MEMORY;
-
+ Curl_llist_insert_next(&multi->msglist, multi->msglist.tail, msg,
+ &msg->list);
return CURLM_OK;
}
@@ -314,13 +321,8 @@ struct Curl_multi *Curl_multi_handle(int hashsize, /*
socket hash */
if(Curl_conncache_init(&multi->conn_cache, chashsize))
goto error;
- multi->msglist = Curl_llist_alloc(multi_freeamsg);
- if(!multi->msglist)
- goto error;
-
- multi->pending = Curl_llist_alloc(multi_freeamsg);
- if(!multi->pending)
- goto error;
+ Curl_llist_init(&multi->msglist, multi_freeamsg);
+ Curl_llist_init(&multi->pending, multi_freeamsg);
/* allocate a new easy handle to use when closing cached connections */
multi->closure_handle = curl_easy_init();
@@ -343,8 +345,8 @@ struct Curl_multi *Curl_multi_handle(int hashsize, /*
socket hash */
Curl_conncache_destroy(&multi->conn_cache);
Curl_close(multi->closure_handle);
multi->closure_handle = NULL;
- Curl_llist_destroy(multi->msglist, NULL);
- Curl_llist_destroy(multi->pending, NULL);
+ Curl_llist_destroy(&multi->msglist, NULL);
+ Curl_llist_destroy(&multi->pending, NULL);
free(multi);
return NULL;
@@ -359,8 +361,6 @@ struct Curl_multi *curl_multi_init(void)
CURLMcode curl_multi_add_handle(struct Curl_multi *multi,
struct Curl_easy *data)
{
- struct curl_llist *timeoutlist;
-
/* First, make some basic checks that the CURLM handle is a good handle */
if(!GOOD_MULTI_HANDLE(multi))
return CURLM_BAD_HANDLE;
@@ -374,10 +374,8 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi,
if(data->multi)
return CURLM_ADDED_ALREADY;
- /* Allocate and initialize timeout list for easy handle */
- timeoutlist = Curl_llist_alloc(multi_freetimeout);
- if(!timeoutlist)
- return CURLM_OUT_OF_MEMORY;
+ /* Initialize timeout list for this handle */
+ Curl_llist_init(&data->state.timeoutlist, NULL);
/*
* No failure allowed in this function beyond this point. And no
@@ -386,10 +384,6 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi,
* function no matter what.
*/
- /* Make easy handle use timeout list initialized above */
- data->state.timeoutlist = timeoutlist;
- timeoutlist = NULL;
-
/* set the easy handle */
multistate(data, CURLM_STATE_INIT);
@@ -442,7 +436,7 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi,
sockets that time-out or have actions will be dealt with. Since this
handle has no action yet, we make sure it times out to get things to
happen. */
- Curl_expire(data, 0);
+ Curl_expire(data, 0, EXPIRE_RUN_NOW);
/* increase the node-counter */
multi->num_easy++;
@@ -462,6 +456,14 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi,
handle is added */
memset(&multi->timer_lastcall, 0, sizeof(multi->timer_lastcall));
+ /* The closure handle only ever has default timeouts set. To improve the
+ state somewhat we clone the timeouts from each added handle so that the
+ closure handle always has the same timeouts as the most recently added
+ easy handle. */
+ multi->closure_handle->set.timeout = data->set.timeout;
+ multi->closure_handle->set.server_response_timeout =
+ data->set.server_response_timeout;
+
update_timer(multi);
return CURLM_OK;
}
@@ -522,6 +524,7 @@ static CURLcode multi_done(struct connectdata **connp,
CURLcode result;
struct connectdata *conn;
struct Curl_easy *data;
+ unsigned int i;
DEBUGASSERT(*connp);
@@ -569,11 +572,12 @@ static CURLcode multi_done(struct connectdata **connp,
result = CURLE_ABORTED_BY_CALLBACK;
}
- if(conn->send_pipe->size + conn->recv_pipe->size != 0 &&
+ if(conn->send_pipe.size + conn->recv_pipe.size != 0 &&
!data->set.reuse_forbid &&
!conn->bits.close) {
/* Stop if pipeline is not empty and we do not have to close
connection. */
+ data->easy_conn = NULL;
DEBUGF(infof(data, "Connection still in use, no more multi_done now!\n"));
return CURLE_OK;
}
@@ -587,9 +591,11 @@ static CURLcode multi_done(struct connectdata **connp,
}
/* if the transfer was completed in a paused state there can be buffered
- data left to write and then kill */
- free(data->state.tempwrite);
- data->state.tempwrite = NULL;
+ data left to free */
+ for(i=0; i < data->state.tempcount; i++) {
+ free(data->state.tempwrite[i].buf);
+ }
+ data->state.tempcount = 0;
/* if data->set.reuse_forbid is TRUE, it means the libcurl client has
forced us to close this connection. This is ignored for requests taking
@@ -627,7 +633,10 @@ static CURLcode multi_done(struct connectdata **connp,
infof(data, "Connection #%ld to host %s left intact\n",
conn->connection_id,
- conn->bits.httpproxy?conn->proxy.dispname:conn->host.dispname);
+ conn->bits.socksproxy ? conn->socks_proxy.host.dispname :
+ conn->bits.httpproxy ? conn->http_proxy.host.dispname :
+ conn->bits.conn_to_host ? conn->conn_to_host.dispname :
+ conn->host.dispname);
}
else
data->state.lastconnect = NULL;
@@ -681,13 +690,13 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi
*multi,
if(data->easy_conn &&
data->mstate > CURLM_STATE_DO &&
data->mstate < CURLM_STATE_COMPLETED) {
+ /* Set connection owner so that the DONE function closes it. We can
+ safely do this here since connection is killed. */
+ data->easy_conn->data = easy;
/* If the handle is in a pipeline and has started sending off its
request but not received its response yet, we need to close
connection. */
streamclose(data->easy_conn, "Removed with partial response");
- /* Set connection owner so that the DONE function closes it. We can
- safely do this here since connection is killed. */
- data->easy_conn->data = easy;
easy_owns_conn = TRUE;
}
@@ -724,10 +733,7 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi
*multi,
/* destroy the timeout list that is held in the easy handle, do this *after*
multi_done() as that may actually call Curl_expire that uses this */
- if(data->state.timeoutlist) {
- Curl_llist_destroy(data->state.timeoutlist, NULL);
- data->state.timeoutlist = NULL;
- }
+ Curl_llist_destroy(&data->state.timeoutlist, NULL);
/* as this was using a shared connection cache we clear the pointer to that
since we're not part of that multi handle anymore */
@@ -750,11 +756,11 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi
*multi,
/* make sure there's no pending message in the queue sent from this easy
handle */
- for(e = multi->msglist->head; e; e = e->next) {
+ for(e = multi->msglist.head; e; e = e->next) {
struct Curl_message *msg = e->ptr;
if(msg->extmsg.easy_handle == easy) {
- Curl_llist_remove(multi->msglist, e, NULL);
+ Curl_llist_remove(&multi->msglist, e, NULL);
/* there can only be one from this specific handle */
break;
}
@@ -802,6 +808,11 @@ static int waitconnect_getsock(struct connectdata *conn,
if(!numsocks)
return GETSOCK_BLANK;
+#ifdef USE_SSL
+ if(CONNECT_FIRSTSOCKET_PROXY_SSL())
+ return Curl_ssl_getsock(conn, sock, numsocks);
+#endif
+
for(i=0; i<2; i++) {
if(conn->tempsock[i] != CURL_SOCKET_BAD) {
sock[s] = conn->tempsock[i];
@@ -823,7 +834,7 @@ static int waitproxyconnect_getsock(struct connectdata
*conn,
/* when we've sent a CONNECT to a proxy, we should rather wait for the
socket to become readable to be able to get the response headers */
- if(conn->tunnel_state[FIRSTSOCKET] == TUNNEL_CONNECT)
+ if(conn->connect_state)
return GETSOCK_READSOCK(0);
return GETSOCK_WRITESOCK(0);
@@ -940,10 +951,8 @@ CURLMcode curl_multi_fdset(struct Curl_multi *multi,
if(s == CURL_SOCKET_BAD)
/* this socket is unused, break out of loop */
break;
- else {
- if((int)s > this_max_fd)
- this_max_fd = (int)s;
- }
+ if((int)s > this_max_fd)
+ this_max_fd = (int)s;
}
data = data->next; /* check next handle */
@@ -954,6 +963,8 @@ CURLMcode curl_multi_fdset(struct Curl_multi *multi,
return CURLM_OK;
}
+#define NUM_POLLS_ON_STACK 10
+
CURLMcode curl_multi_wait(struct Curl_multi *multi,
struct curl_waitfd extra_fds[],
unsigned int extra_nfds,
@@ -967,8 +978,10 @@ CURLMcode curl_multi_wait(struct Curl_multi *multi,
unsigned int nfds = 0;
unsigned int curlfds;
struct pollfd *ufds = NULL;
+ bool ufds_malloc = FALSE;
long timeout_internal;
int retcode = 0;
+ struct pollfd a_few_on_stack[NUM_POLLS_ON_STACK];
if(!GOOD_MULTI_HANDLE(multi))
return CURLM_BAD_HANDLE;
@@ -1007,10 +1020,19 @@ CURLMcode curl_multi_wait(struct Curl_multi *multi,
curlfds = nfds; /* number of internal file descriptors */
nfds += extra_nfds; /* add the externally provided ones */
- if(nfds || extra_nfds) {
- ufds = malloc(nfds * sizeof(struct pollfd));
- if(!ufds)
- return CURLM_OUT_OF_MEMORY;
+ if(nfds) {
+ if(nfds > NUM_POLLS_ON_STACK) {
+ /* 'nfds' is a 32 bit value and 'struct pollfd' is typically 8 bytes
+ big, so at 2^29 sockets this value might wrap. When a process gets
+ the capability to actually handle over 500 million sockets this
+ calculation needs a integer overflow check. */
+ ufds = malloc(nfds * sizeof(struct pollfd));
+ if(!ufds)
+ return CURLM_OUT_OF_MEMORY;
+ ufds_malloc = TRUE;
+ }
+ else
+ ufds = &a_few_on_stack[0];
}
nfds = 0;
@@ -1088,7 +1110,8 @@ CURLMcode curl_multi_wait(struct Curl_multi *multi,
}
}
- free(ufds);
+ if(ufds_malloc)
+ free(ufds);
if(ret)
*ret = retcode;
return CURLM_OK;
@@ -1278,7 +1301,7 @@ static CURLcode multi_do_more(struct connectdata *conn,
int *complete)
}
static CURLMcode multi_runsingle(struct Curl_multi *multi,
- struct timeval now,
+ struct curltime now,
struct Curl_easy *data)
{
struct Curl_message *msg = NULL;
@@ -1290,7 +1313,9 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
CURLMcode rc;
CURLcode result = CURLE_OK;
struct SingleRequest *k;
- long timeout_ms;
+ time_t timeout_ms;
+ time_t recv_timeout_ms;
+ time_t send_timeout_ms;
int control;
if(!GOOD_EASY_HANDLE(data))
@@ -1416,10 +1441,9 @@ static CURLMcode multi_runsingle(struct Curl_multi
*multi,
multistate(data, CURLM_STATE_CONNECT_PEND);
/* add this handle to the list of connect-pending handles */
- if(!Curl_llist_insert_next(multi->pending, multi->pending->tail, data))
- result = CURLE_OUT_OF_MEMORY;
- else
- result = CURLE_OK;
+ Curl_llist_insert_next(&multi->pending, multi->pending.tail, data,
+ &data->connect_queue);
+ result = CURLE_OK;
break;
}
@@ -1443,7 +1467,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
CURLM_STATE_WAITDO:CURLM_STATE_DO);
else {
#ifndef CURL_DISABLE_HTTP
- if(data->easy_conn->tunnel_state[FIRSTSOCKET] == TUNNEL_CONNECT)
+ if(Curl_connect_ongoing(data->easy_conn))
multistate(data, CURLM_STATE_WAITPROXYCONNECT);
else
#endif
@@ -1461,8 +1485,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
struct connectdata *conn = data->easy_conn;
const char *hostname;
- if(conn->bits.proxy)
- hostname = conn->proxy.name;
+ if(conn->bits.httpproxy)
+ hostname = conn->http_proxy.host.name;
else if(conn->bits.conn_to_host)
hostname = conn->conn_to_host.name;
else
@@ -1508,7 +1532,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
CURLM_STATE_WAITDO:CURLM_STATE_DO);
else {
#ifndef CURL_DISABLE_HTTP
- if(data->easy_conn->tunnel_state[FIRSTSOCKET] == TUNNEL_CONNECT)
+ if(Curl_connect_ongoing(data->easy_conn))
multistate(data, CURLM_STATE_WAITPROXYCONNECT);
else
#endif
@@ -1538,7 +1562,9 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
multistate(data, CURLM_STATE_CONNECT);
}
else if(!result) {
- if(data->easy_conn->tunnel_state[FIRSTSOCKET] == TUNNEL_COMPLETE) {
+ if((data->easy_conn->http_proxy.proxytype != CURLPROXY_HTTPS ||
+ data->easy_conn->bits.proxy_ssl_connected[FIRSTSOCKET]) &&
+ Curl_connect_complete(data->easy_conn)) {
rc = CURLM_CALL_MULTI_PERFORM;
/* initiate protocol connect phase */
multistate(data, CURLM_STATE_SENDPROTOCONNECT);
@@ -1551,6 +1577,14 @@ static CURLMcode multi_runsingle(struct Curl_multi
*multi,
/* awaiting a completion of an asynch TCP connect */
result = Curl_is_connected(data->easy_conn, FIRSTSOCKET, &connected);
if(connected && !result) {
+#ifndef CURL_DISABLE_HTTP
+ if((data->easy_conn->http_proxy.proxytype == CURLPROXY_HTTPS &&
+ !data->easy_conn->bits.proxy_ssl_connected[FIRSTSOCKET]) ||
+ Curl_connect_ongoing(data->easy_conn)) {
+ multistate(data, CURLM_STATE_WAITPROXYCONNECT);
+ break;
+ }
+#endif
rc = CURLM_CALL_MULTI_PERFORM;
multistate(data, data->easy_conn->bits.tunnel_proxy?
CURLM_STATE_WAITPROXYCONNECT:
@@ -1693,20 +1727,18 @@ static CURLMcode multi_runsingle(struct Curl_multi
*multi,
else {
/* Follow failed */
result = drc;
- free(newurl);
}
}
else {
/* done didn't return OK or SEND_ERROR */
result = drc;
- free(newurl);
}
}
else {
/* Have error handler disconnect conn if we can't retry */
stream_error = TRUE;
- free(newurl);
}
+ free(newurl);
}
else {
/* failure detected */
@@ -1800,19 +1832,30 @@ static CURLMcode multi_runsingle(struct Curl_multi
*multi,
else
result = Curl_speedcheck(data, now);
- if(( (data->set.max_send_speed == 0) ||
- (Curl_pgrsLimitWaitTime(data->progress.uploaded,
- data->progress.ul_limit_size,
- data->set.max_send_speed,
- data->progress.ul_limit_start,
- now) <= 0)) &&
- ( (data->set.max_recv_speed == 0) ||
- (Curl_pgrsLimitWaitTime(data->progress.downloaded,
- data->progress.dl_limit_size,
- data->set.max_recv_speed,
- data->progress.dl_limit_start,
- now) <= 0)))
- multistate(data, CURLM_STATE_PERFORM);
+ if(!result) {
+ send_timeout_ms = 0;
+ if(data->set.max_send_speed > 0)
+ send_timeout_ms = Curl_pgrsLimitWaitTime(data->progress.uploaded,
+ data->progress.ul_limit_size,
+ data->set.max_send_speed,
+ data->progress.ul_limit_start,
+ now);
+
+ recv_timeout_ms = 0;
+ if(data->set.max_recv_speed > 0)
+ recv_timeout_ms = Curl_pgrsLimitWaitTime(data->progress.downloaded,
+ data->progress.dl_limit_size,
+ data->set.max_recv_speed,
+ data->progress.dl_limit_start,
+ now);
+
+ if(send_timeout_ms <= 0 && recv_timeout_ms <= 0)
+ multistate(data, CURLM_STATE_PERFORM);
+ else if(send_timeout_ms >= recv_timeout_ms)
+ Curl_expire(data, send_timeout_ms, EXPIRE_TOOFAST);
+ else
+ Curl_expire(data, recv_timeout_ms, EXPIRE_TOOFAST);
+ }
break;
case CURLM_STATE_PERFORM:
@@ -1822,31 +1865,30 @@ static CURLMcode multi_runsingle(struct Curl_multi
*multi,
bool comeback = FALSE;
/* check if over send speed */
- if(data->set.max_send_speed > 0) {
- timeout_ms = Curl_pgrsLimitWaitTime(data->progress.uploaded,
- data->progress.ul_limit_size,
- data->set.max_send_speed,
- data->progress.ul_limit_start,
- now);
- if(timeout_ms > 0) {
- multistate(data, CURLM_STATE_TOOFAST);
- Curl_expire_latest(data, timeout_ms);
- break;
- }
- }
+ send_timeout_ms = 0;
+ if(data->set.max_send_speed > 0)
+ send_timeout_ms = Curl_pgrsLimitWaitTime(data->progress.uploaded,
+ data->progress.ul_limit_size,
+ data->set.max_send_speed,
+ data->progress.ul_limit_start,
+ now);
/* check if over recv speed */
- if(data->set.max_recv_speed > 0) {
- timeout_ms = Curl_pgrsLimitWaitTime(data->progress.downloaded,
- data->progress.dl_limit_size,
- data->set.max_recv_speed,
- data->progress.dl_limit_start,
- now);
- if(timeout_ms > 0) {
- multistate(data, CURLM_STATE_TOOFAST);
- Curl_expire_latest(data, timeout_ms);
- break;
- }
+ recv_timeout_ms = 0;
+ if(data->set.max_recv_speed > 0)
+ recv_timeout_ms = Curl_pgrsLimitWaitTime(data->progress.downloaded,
+ data->progress.dl_limit_size,
+ data->set.max_recv_speed,
+ data->progress.dl_limit_start,
+ now);
+
+ if(send_timeout_ms > 0 || recv_timeout_ms > 0) {
+ multistate(data, CURLM_STATE_TOOFAST);
+ if(send_timeout_ms >= recv_timeout_ms)
+ Curl_expire(data, send_timeout_ms, EXPIRE_TOOFAST);
+ else
+ Curl_expire(data, recv_timeout_ms, EXPIRE_TOOFAST);
+ break;
}
/* read/write data if it is ready to do so */
@@ -1902,11 +1944,11 @@ static CURLMcode multi_runsingle(struct Curl_multi
*multi,
Curl_posttransfer(data);
/* we're no longer receiving */
- Curl_removeHandleFromPipeline(data, data->easy_conn->recv_pipe);
+ Curl_removeHandleFromPipeline(data, &data->easy_conn->recv_pipe);
/* expire the new receiving pipeline head */
- if(data->easy_conn->recv_pipe->head)
- Curl_expire_latest(data->easy_conn->recv_pipe->head->ptr, 0);
+ if(data->easy_conn->recv_pipe.head)
+ Curl_expire(data->easy_conn->recv_pipe.head->ptr, 0, EXPIRE_RUN_NOW);
/* Check if we can move pending requests to send pipe */
Curl_multi_process_pending_handles(multi);
@@ -1930,9 +1972,6 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
if(!result) {
multistate(data, CURLM_STATE_CONNECT);
rc = CURLM_CALL_MULTI_PERFORM;
- newurl = NULL; /* handed over the memory ownership to
- Curl_follow(), make sure we don't free() it
- here */
}
}
}
@@ -1946,9 +1985,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
newurl = data->req.location;
data->req.location = NULL;
result = Curl_follow(data, newurl, FOLLOW_FAKE);
- if(!result)
- newurl = NULL; /* allocation was handed over Curl_follow() */
- else
+ if(result)
stream_error = TRUE;
}
@@ -1971,7 +2008,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
CURLcode res;
/* Remove ourselves from the receive pipeline, if we are there. */
- Curl_removeHandleFromPipeline(data, data->easy_conn->recv_pipe);
+ Curl_removeHandleFromPipeline(data, &data->easy_conn->recv_pipe);
/* Check if we can move pending requests to send pipe */
Curl_multi_process_pending_handles(multi);
@@ -2047,8 +2084,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
/* if this has a connection, unsubscribe from the pipelines */
Curl_pipeline_leave_write(data->easy_conn);
Curl_pipeline_leave_read(data->easy_conn);
- Curl_removeHandleFromPipeline(data, data->easy_conn->send_pipe);
- Curl_removeHandleFromPipeline(data, data->easy_conn->recv_pipe);
+ Curl_removeHandleFromPipeline(data, &data->easy_conn->send_pipe);
+ Curl_removeHandleFromPipeline(data, &data->easy_conn->recv_pipe);
if(stream_error) {
/* Don't attempt to send data over a connection that timed out */
@@ -2109,7 +2146,7 @@ CURLMcode curl_multi_perform(struct Curl_multi *multi,
int *running_handles)
struct Curl_easy *data;
CURLMcode returncode=CURLM_OK;
struct Curl_tree *t;
- struct timeval now = Curl_tvnow();
+ struct curltime now = Curl_tvnow();
if(!GOOD_MULTI_HANDLE(multi))
return CURLM_BAD_HANDLE;
@@ -2168,6 +2205,7 @@ static void close_all_connections(struct Curl_multi
*multi)
conn->data->easy_conn = NULL; /* clear the easy handle's connection
pointer */
/* This will remove the connection from the cache */
+ connclose(conn, "kill all");
(void)Curl_disconnect(conn, FALSE);
sigpipe_restore(&pipe_st);
@@ -2202,8 +2240,8 @@ CURLMcode curl_multi_cleanup(struct Curl_multi *multi)
Curl_hash_destroy(&multi->sockhash);
Curl_conncache_destroy(&multi->conn_cache);
- Curl_llist_destroy(multi->msglist, NULL);
- Curl_llist_destroy(multi->pending, NULL);
+ Curl_llist_destroy(&multi->msglist, NULL);
+ Curl_llist_destroy(&multi->pending, NULL);
/* remove all easy handles */
data = multi->easyp;
@@ -2235,8 +2273,7 @@ CURLMcode curl_multi_cleanup(struct Curl_multi *multi)
return CURLM_OK;
}
- else
- return CURLM_BAD_HANDLE;
+ return CURLM_BAD_HANDLE;
}
/*
@@ -2255,24 +2292,23 @@ CURLMsg *curl_multi_info_read(struct Curl_multi *multi,
int *msgs_in_queue)
*msgs_in_queue = 0; /* default to none */
- if(GOOD_MULTI_HANDLE(multi) && Curl_llist_count(multi->msglist)) {
+ if(GOOD_MULTI_HANDLE(multi) && Curl_llist_count(&multi->msglist)) {
/* there is one or more messages in the list */
struct curl_llist_element *e;
/* extract the head of the list to return */
- e = multi->msglist->head;
+ e = multi->msglist.head;
msg = e->ptr;
/* remove the extracted entry */
- Curl_llist_remove(multi->msglist, e, NULL);
+ Curl_llist_remove(&multi->msglist, e, NULL);
- *msgs_in_queue = curlx_uztosi(Curl_llist_count(multi->msglist));
+ *msgs_in_queue = curlx_uztosi(Curl_llist_count(&multi->msglist));
return &msg->extmsg;
}
- else
- return NULL;
+ return NULL;
}
/*
@@ -2367,7 +2403,7 @@ static void singlesocket(struct Curl_multi *multi,
removed. */
struct connectdata *easy_conn = data->easy_conn;
if(easy_conn) {
- if(easy_conn->recv_pipe && easy_conn->recv_pipe->size > 1) {
+ if(easy_conn->recv_pipe.size > 1) {
/* the handle should not be removed from the pipe yet */
remove_sock_from_hash = FALSE;
@@ -2376,12 +2412,12 @@ static void singlesocket(struct Curl_multi *multi,
isn't already) */
if(entry->easy == data) {
if(Curl_recvpipe_head(data, easy_conn))
- entry->easy = easy_conn->recv_pipe->head->next->ptr;
+ entry->easy = easy_conn->recv_pipe.head->next->ptr;
else
- entry->easy = easy_conn->recv_pipe->head->ptr;
+ entry->easy = easy_conn->recv_pipe.head->ptr;
}
}
- if(easy_conn->send_pipe && easy_conn->send_pipe->size > 1) {
+ if(easy_conn->send_pipe.size > 1) {
/* the handle should not be removed from the pipe yet */
remove_sock_from_hash = FALSE;
@@ -2390,9 +2426,9 @@ static void singlesocket(struct Curl_multi *multi,
isn't already) */
if(entry->easy == data) {
if(Curl_sendpipe_head(data, easy_conn))
- entry->easy = easy_conn->send_pipe->head->next->ptr;
+ entry->easy = easy_conn->send_pipe.head->next->ptr;
else
- entry->easy = easy_conn->send_pipe->head->ptr;
+ entry->easy = easy_conn->send_pipe.head->ptr;
}
}
/* Don't worry about overwriting recv_pipe head with send_pipe_head,
@@ -2448,8 +2484,6 @@ void Curl_multi_closed(struct connectdata *conn,
curl_socket_t s)
}
}
-
-
/*
* add_next_timeout()
*
@@ -2462,20 +2496,23 @@ void Curl_multi_closed(struct connectdata *conn,
curl_socket_t s)
* The splay tree only has each sessionhandle as a single node and the nearest
* timeout is used to sort it on.
*/
-static CURLMcode add_next_timeout(struct timeval now,
+static CURLMcode add_next_timeout(struct curltime now,
struct Curl_multi *multi,
struct Curl_easy *d)
{
- struct timeval *tv = &d->state.expiretime;
- struct curl_llist *list = d->state.timeoutlist;
+ struct curltime *tv = &d->state.expiretime;
+ struct curl_llist *list = &d->state.timeoutlist;
struct curl_llist_element *e;
+ struct time_node *node = NULL;
/* move over the timeout list for this specific handle and remove all
timeouts that are now passed tense and store the next pending
timeout in *tv */
for(e = list->head; e;) {
struct curl_llist_element *n = e->next;
- long diff = curlx_tvdiff(*(struct timeval *)e->ptr, now);
+ time_t diff;
+ node = (struct time_node *)e->ptr;
+ diff = curlx_tvdiff(node->time, now);
if(diff <= 0)
/* remove outdated entry */
Curl_llist_remove(list, e, NULL);
@@ -2493,12 +2530,10 @@ static CURLMcode add_next_timeout(struct timeval now,
}
else {
/* copy the first entry to 'tv' */
- memcpy(tv, e->ptr, sizeof(*tv));
+ memcpy(tv, &node->time, sizeof(*tv));
- /* remove first entry from list */
- Curl_llist_remove(list, e, NULL);
-
- /* insert this node again into the splay */
+ /* Insert this node again into the splay. Keep the timer in the list in
+ case we need to recompute future timers. */
multi->timetree = Curl_splayinsert(*tv, multi->timetree,
&d->state.timenode);
}
@@ -2514,7 +2549,7 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
CURLMcode result = CURLM_OK;
struct Curl_easy *data = NULL;
struct Curl_tree *t;
- struct timeval now = Curl_tvnow();
+ struct curltime now = Curl_tvnow();
if(checkall) {
/* *perform() deals with running_handles on its own */
@@ -2533,7 +2568,7 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
/* or should we fall-through and do the timer-based stuff? */
return result;
}
- else if(s != CURL_SOCKET_TIMEOUT) {
+ if(s != CURL_SOCKET_TIMEOUT) {
struct Curl_sh_entry *entry = sh_getentry(&multi->sockhash, s);
@@ -2558,13 +2593,11 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
head. If we should read from the socket, take the recv_pipe head. */
if(data->easy_conn) {
if((ev_bitmask & CURL_POLL_OUT) &&
- data->easy_conn->send_pipe &&
- data->easy_conn->send_pipe->head)
- data = data->easy_conn->send_pipe->head->ptr;
+ data->easy_conn->send_pipe.head)
+ data = data->easy_conn->send_pipe.head->ptr;
else if((ev_bitmask & CURL_POLL_IN) &&
- data->easy_conn->recv_pipe &&
- data->easy_conn->recv_pipe->head)
- data = data->easy_conn->recv_pipe->head->ptr;
+ data->easy_conn->recv_pipe.head)
+ data = data->easy_conn->recv_pipe.head->ptr;
}
if(data->easy_conn &&
@@ -2742,18 +2775,18 @@ CURLMcode curl_multi_socket_all(struct Curl_multi
*multi, int *running_handles)
static CURLMcode multi_timeout(struct Curl_multi *multi,
long *timeout_ms)
{
- static struct timeval tv_zero = {0, 0};
+ static struct curltime tv_zero = {0, 0};
if(multi->timetree) {
/* we have a tree of expire times */
- struct timeval now = Curl_tvnow();
+ struct curltime now = Curl_tvnow();
/* splay the lowest to the bottom */
multi->timetree = Curl_splay(tv_zero, multi->timetree);
if(Curl_splaycomparekeys(multi->timetree->key, now) > 0) {
/* some time left before expiration */
- *timeout_ms = curlx_tvdiff(multi->timetree->key, now);
+ *timeout_ms = (long)curlx_tvdiff(multi->timetree->key, now);
if(!*timeout_ms)
/*
* Since we only provide millisecond resolution on the returned value
@@ -2798,7 +2831,7 @@ static int update_timer(struct Curl_multi *multi)
return -1;
}
if(timeout_ms < 0) {
- static const struct timeval none={0, 0};
+ static const struct curltime none={0, 0};
if(Curl_splaycomparekeys(none, multi->timer_lastcall)) {
multi->timer_lastcall = none;
/* there's no timeout now but there was one previously, tell the app to
@@ -2821,17 +2854,23 @@ static int update_timer(struct Curl_multi *multi)
}
/*
- * multi_freetimeout()
+ * multi_deltimeout()
*
- * Callback used by the llist system when a single timeout list entry is
- * destroyed.
+ * Remove a given timestamp from the list of timeouts.
*/
-static void multi_freetimeout(void *user, void *entryptr)
+static void
+multi_deltimeout(struct Curl_easy *data, expire_id eid)
{
- (void)user;
-
- /* the entry was plain malloc()'ed */
- free(entryptr);
+ struct curl_llist_element *e;
+ struct curl_llist *timeoutlist = &data->state.timeoutlist;
+ /* find and remove the specific node from the list */
+ for(e = timeoutlist->head; e; e = e->next) {
+ struct time_node *n = (struct time_node *)e->ptr;
+ if(n->eid == eid) {
+ Curl_llist_remove(timeoutlist, e, NULL);
+ return;
+ }
+ }
}
/*
@@ -2842,25 +2881,28 @@ static void multi_freetimeout(void *user, void
*entryptr)
*
*/
static CURLMcode
-multi_addtimeout(struct curl_llist *timeoutlist,
- struct timeval *stamp)
+multi_addtimeout(struct Curl_easy *data,
+ struct curltime *stamp,
+ expire_id eid)
{
struct curl_llist_element *e;
- struct timeval *timedup;
+ struct time_node *node;
struct curl_llist_element *prev = NULL;
+ size_t n;
+ struct curl_llist *timeoutlist = &data->state.timeoutlist;
- timedup = malloc(sizeof(*timedup));
- if(!timedup)
- return CURLM_OUT_OF_MEMORY;
+ node = &data->state.expires[eid];
- /* copy the timestamp */
- memcpy(timedup, stamp, sizeof(*timedup));
+ /* copy the timestamp and id */
+ memcpy(&node->time, stamp, sizeof(*stamp));
+ node->eid = eid; /* also marks it as in use */
- if(Curl_llist_count(timeoutlist)) {
+ n = Curl_llist_count(timeoutlist);
+ if(n) {
/* find the correct spot in the list */
for(e = timeoutlist->head; e; e = e->next) {
- struct timeval *checktime = e->ptr;
- long diff = curlx_tvdiff(*checktime, *timedup);
+ struct time_node *check = (struct time_node *)e->ptr;
+ time_t diff = curlx_tvdiff(check->time, node->time);
if(diff > 0)
break;
prev = e;
@@ -2870,11 +2912,7 @@ multi_addtimeout(struct curl_llist *timeoutlist,
/* else
this is the first timeout on the list */
- if(!Curl_llist_insert_next(timeoutlist, prev, timedup)) {
- free(timedup);
- return CURLM_OUT_OF_MEMORY;
- }
-
+ Curl_llist_insert_next(timeoutlist, prev, node, &node->list);
return CURLM_OK;
}
@@ -2886,44 +2924,51 @@ multi_addtimeout(struct curl_llist *timeoutlist,
*
* The timeout will be added to a queue of timeouts if it defines a moment in
* time that is later than the current head of queue.
+ *
+ * Expire replaces a former timeout using the same id if already set.
*/
-void Curl_expire(struct Curl_easy *data, long milli)
+void Curl_expire(struct Curl_easy *data, time_t milli, expire_id id)
{
struct Curl_multi *multi = data->multi;
- struct timeval *nowp = &data->state.expiretime;
+ struct curltime *nowp = &data->state.expiretime;
int rc;
- struct timeval set;
+ struct curltime set;
/* this is only interesting while there is still an associated multi struct
remaining! */
if(!multi)
return;
+ DEBUGASSERT(id < EXPIRE_LAST);
+
set = Curl_tvnow();
set.tv_sec += milli/1000;
- set.tv_usec += (milli%1000)*1000;
+ set.tv_usec += (unsigned int)(milli%1000)*1000;
if(set.tv_usec >= 1000000) {
set.tv_sec++;
set.tv_usec -= 1000000;
}
+ /* Remove any timer with the same id just in case. */
+ multi_deltimeout(data, id);
+
+ /* Add it to the timer list. It must stay in the list until it has expired
+ in case we need to recompute the minimum timer later. */
+ multi_addtimeout(data, &set, id);
+
if(nowp->tv_sec || nowp->tv_usec) {
/* This means that the struct is added as a node in the splay tree.
Compare if the new time is earlier, and only remove-old/add-new if it
is. */
- long diff = curlx_tvdiff(set, *nowp);
+ time_t diff = curlx_tvdiff(set, *nowp);
+
if(diff > 0) {
- /* the new expire time was later so just add it to the queue
- and get out */
- multi_addtimeout(data->state.timeoutlist, &set);
+ /* The current splay tree entry is sooner than this new expiry time.
+ We don't need to update our splay tree entry. */
return;
}
- /* the new time is newer than the presently set one, so add the current
- to the queue and update the head */
- multi_addtimeout(data->state.timeoutlist, nowp);
-
/* Since this is an updated time, we must remove the previous entry from
the splay tree first and then re-add the new value */
rc = Curl_splayremovebyaddr(multi->timetree,
@@ -2933,6 +2978,8 @@ void Curl_expire(struct Curl_easy *data, long milli)
infof(data, "Internal error removing splay node = %d\n", rc);
}
+ /* Indicate that we are in the splay tree and insert the new timer expiry
+ value since it is our local minimum. */
*nowp = set;
data->state.timenode.payload = data;
multi->timetree = Curl_splayinsert(*nowp, multi->timetree,
@@ -2940,46 +2987,17 @@ void Curl_expire(struct Curl_easy *data, long milli)
}
/*
- * Curl_expire_latest()
+ * Curl_expire_done()
*
- * This is like Curl_expire() but will only add a timeout node to the list of
- * timers if there is no timeout that will expire before the given time.
- *
- * Use this function if the code logic risks calling this function many times
- * or if there's no particular conditional wait in the code for this specific
- * time-out period to expire.
+ * Removes the expire timer. Marks it as done.
*
*/
-void Curl_expire_latest(struct Curl_easy *data, long milli)
+void Curl_expire_done(struct Curl_easy *data, expire_id id)
{
- struct timeval *expire = &data->state.expiretime;
-
- struct timeval set;
-
- set = Curl_tvnow();
- set.tv_sec += milli / 1000;
- set.tv_usec += (milli % 1000) * 1000;
-
- if(set.tv_usec >= 1000000) {
- set.tv_sec++;
- set.tv_usec -= 1000000;
- }
-
- if(expire->tv_sec || expire->tv_usec) {
- /* This means that the struct is added as a node in the splay tree.
- Compare if the new time is earlier, and only remove-old/add-new if it
- is. */
- long diff = curlx_tvdiff(set, *expire);
- if(diff > 0)
- /* the new expire time was later than the top time, so just skip this */
- return;
- }
-
- /* Just add the timeout like normal */
- Curl_expire(data, milli);
+ /* remove the timer, if there */
+ multi_deltimeout(data, id);
}
-
/*
* Curl_expire_clear()
*
@@ -2988,7 +3006,7 @@ void Curl_expire_latest(struct Curl_easy *data, long
milli)
void Curl_expire_clear(struct Curl_easy *data)
{
struct Curl_multi *multi = data->multi;
- struct timeval *nowp = &data->state.expiretime;
+ struct curltime *nowp = &data->state.expiretime;
int rc;
/* this is only interesting while there is still an associated multi struct
@@ -2999,7 +3017,7 @@ void Curl_expire_clear(struct Curl_easy *data)
if(nowp->tv_sec || nowp->tv_usec) {
/* Since this is an cleared time, we must remove the previous entry from
the splay tree */
- struct curl_llist *list = data->state.timeoutlist;
+ struct curl_llist *list = &data->state.timeoutlist;
rc = Curl_splayremovebyaddr(multi->timetree,
&data->state.timenode,
@@ -3008,8 +3026,9 @@ void Curl_expire_clear(struct Curl_easy *data)
infof(data, "Internal error clearing splay node = %d\n", rc);
/* flush the timeout list too */
- while(list->size > 0)
+ while(list->size > 0) {
Curl_llist_remove(list, list->tail, NULL);
+ }
#ifdef DEBUGBUILD
infof(data, "Expire cleared\n");
@@ -3059,17 +3078,17 @@ curl_off_t Curl_multi_chunk_length_penalty_size(struct
Curl_multi *multi)
struct curl_llist *Curl_multi_pipelining_site_bl(struct Curl_multi *multi)
{
- return multi->pipelining_site_bl;
+ return &multi->pipelining_site_bl;
}
struct curl_llist *Curl_multi_pipelining_server_bl(struct Curl_multi *multi)
{
- return multi->pipelining_server_bl;
+ return &multi->pipelining_server_bl;
}
void Curl_multi_process_pending_handles(struct Curl_multi *multi)
{
- struct curl_llist_element *e = multi->pending->head;
+ struct curl_llist_element *e = multi->pending.head;
while(e) {
struct Curl_easy *data = e->ptr;
@@ -3079,10 +3098,10 @@ void Curl_multi_process_pending_handles(struct
Curl_multi *multi)
multistate(data, CURLM_STATE_CONNECT);
/* Remove this node from the list */
- Curl_llist_remove(multi->pending, e, NULL);
+ Curl_llist_remove(&multi->pending, e, NULL);
/* Make sure that the handle will be processed soonish. */
- Curl_expire_latest(data, 0);
+ Curl_expire(data, 0, EXPIRE_RUN_NOW);
}
e = next; /* operate on next handle */
diff --git a/lib/multihandle.h b/lib/multihandle.h
index c56b6aec1..405753947 100644
--- a/lib/multihandle.h
+++ b/lib/multihandle.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -25,6 +25,7 @@
#include "conncache.h"
struct Curl_message {
+ struct curl_llist_element list;
/* the 'CURLMsg' is the part that is visible to the external user */
struct CURLMsg extmsg;
};
@@ -38,7 +39,9 @@ typedef enum {
CURLM_STATE_CONNECT, /* 2 - resolve/connect has been sent off */
CURLM_STATE_WAITRESOLVE, /* 3 - awaiting the resolve to finalize */
CURLM_STATE_WAITCONNECT, /* 4 - awaiting the TCP connect to finalize */
- CURLM_STATE_WAITPROXYCONNECT, /* 5 - awaiting proxy CONNECT to finalize */
+ CURLM_STATE_WAITPROXYCONNECT, /* 5 - awaiting HTTPS proxy SSL initialization
+ to complete and/or proxy CONNECT to
+ finalize */
CURLM_STATE_SENDPROTOCONNECT, /* 6 - initiate protocol connect procedure */
CURLM_STATE_PROTOCONNECT, /* 7 - completing the protocol-specific connect
phase */
@@ -78,10 +81,10 @@ struct Curl_multi {
int num_alive; /* amount of easy handles that are added but have not yet
reached COMPLETE state */
- struct curl_llist *msglist; /* a list of messages from completed transfers */
+ struct curl_llist msglist; /* a list of messages from completed transfers */
- struct curl_llist *pending; /* Curl_easys that are in the
- CURLM_STATE_CONNECT_PEND state */
+ struct curl_llist pending; /* Curl_easys that are in the
+ CURLM_STATE_CONNECT_PEND state */
/* callback function and user data pointer for the *socket() API */
curl_socket_callback socket_cb;
@@ -136,16 +139,16 @@ struct Curl_multi {
bigger than this is not
considered for pipelining */
- struct curl_llist *pipelining_site_bl; /* List of sites that are blacklisted
- from pipelining */
+ struct curl_llist pipelining_site_bl; /* List of sites that are blacklisted
+ from pipelining */
- struct curl_llist *pipelining_server_bl; /* List of server types that are
- blacklisted from pipelining */
+ struct curl_llist pipelining_server_bl; /* List of server types that are
+ blacklisted from pipelining */
/* timer callback and user data pointer for the *socket() API */
curl_multi_timer_callback timer_cb;
void *timer_userp;
- struct timeval timer_lastcall; /* the fixed time for the timeout for the
+ struct curltime timer_lastcall; /* the fixed time for the timeout for the
previous callback */
};
diff --git a/lib/multiif.h b/lib/multiif.h
index eaff496ea..a877571a0 100644
--- a/lib/multiif.h
+++ b/lib/multiif.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -25,9 +25,10 @@
/*
* Prototypes for library-wide functions provided by multi.c
*/
-void Curl_expire(struct Curl_easy *data, long milli);
+
+void Curl_expire(struct Curl_easy *data, time_t milli, expire_id);
void Curl_expire_clear(struct Curl_easy *data);
-void Curl_expire_latest(struct Curl_easy *data, long milli);
+void Curl_expire_done(struct Curl_easy *data, expire_id id);
bool Curl_pipeline_wanted(const struct Curl_multi* multi, int bits);
void Curl_multi_handlePipeBreak(struct Curl_easy *data);
diff --git a/lib/netrc.c b/lib/netrc.c
index 46f427a2b..e7afdbd44 100644
--- a/lib/netrc.c
+++ b/lib/netrc.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -26,12 +26,10 @@
#include <pwd.h>
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "netrc.h"
-
-#include "strequal.h"
#include "strtok.h"
-#include "rawstr.h"
+#include "strcase.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@@ -121,6 +119,9 @@ int Curl_parsenetrc(const char *host,
while(!done && fgets(netrcbuffer, netrcbuffsize, file)) {
tok=strtok_r(netrcbuffer, " \t\n", &tok_buf);
+ if(tok && *tok == '#')
+ /* treat an initial hash as a comment line */
+ continue;
while(!done && tok) {
if((*loginp && **loginp) && (*passwordp && **passwordp)) {
@@ -130,20 +131,20 @@ int Curl_parsenetrc(const char *host,
switch(state) {
case NOTHING:
- if(Curl_raw_equal("machine", tok)) {
+ if(strcasecompare("machine", tok)) {
/* the next tok is the machine name, this is in itself the
delimiter that starts the stuff entered for this machine,
after this we need to search for 'login' and
'password'. */
state=HOSTFOUND;
}
- else if(Curl_raw_equal("default", tok)) {
+ else if(strcasecompare("default", tok)) {
state=HOSTVALID;
retcode=0; /* we did find our host */
}
break;
case HOSTFOUND:
- if(Curl_raw_equal(host, tok)) {
+ if(strcasecompare(host, tok)) {
/* and yes, this is our host! */
state=HOSTVALID;
retcode=0; /* we did find our host */
@@ -156,7 +157,7 @@ int Curl_parsenetrc(const char *host,
/* we are now parsing sub-keywords concerning "our" host */
if(state_login) {
if(specific_login) {
- state_our_login = Curl_raw_equal(*loginp, tok);
+ state_our_login = strcasecompare(*loginp, tok);
}
else {
free(*loginp);
@@ -179,11 +180,11 @@ int Curl_parsenetrc(const char *host,
}
state_password=0;
}
- else if(Curl_raw_equal("login", tok))
+ else if(strcasecompare("login", tok))
state_login=1;
- else if(Curl_raw_equal("password", tok))
+ else if(strcasecompare("password", tok))
state_password=1;
- else if(Curl_raw_equal("machine", tok)) {
+ else if(strcasecompare("machine", tok)) {
/* ok, there's machine here go => */
state = HOSTFOUND;
state_our_login = FALSE;
diff --git a/lib/non-ascii.c b/lib/non-ascii.c
index ed1461807..8fd0437dc 100644
--- a/lib/non-ascii.c
+++ b/lib/non-ascii.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,7 +24,7 @@
#ifdef CURL_DOES_CONVERSIONS
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "non-ascii.h"
#include "formdata.h"
@@ -98,32 +98,29 @@ CURLcode Curl_convert_to_network(struct Curl_easy *data,
/* do the translation ourselves */
char *input_ptr, *output_ptr;
size_t in_bytes, out_bytes, rc;
- int error;
/* open an iconv conversion descriptor if necessary */
if(data->outbound_cd == (iconv_t)-1) {
data->outbound_cd = iconv_open(CURL_ICONV_CODESET_OF_NETWORK,
CURL_ICONV_CODESET_OF_HOST);
if(data->outbound_cd == (iconv_t)-1) {
- error = ERRNO;
failf(data,
"The iconv_open(\"%s\", \"%s\") call failed with errno %i: %s",
CURL_ICONV_CODESET_OF_NETWORK,
CURL_ICONV_CODESET_OF_HOST,
- error, strerror(error));
+ errno, strerror(errno));
return CURLE_CONV_FAILED;
}
}
/* call iconv */
input_ptr = output_ptr = buffer;
in_bytes = out_bytes = length;
- rc = iconv(data->outbound_cd, (const char**)&input_ptr, &in_bytes,
+ rc = iconv(data->outbound_cd, (const char **)&input_ptr, &in_bytes,
&output_ptr, &out_bytes);
if((rc == ICONV_ERROR) || (in_bytes != 0)) {
- error = ERRNO;
failf(data,
"The Curl_convert_to_network iconv call failed with errno %i: %s",
- error, strerror(error));
+ errno, strerror(errno));
return CURLE_CONV_FAILED;
}
#else
@@ -158,19 +155,17 @@ CURLcode Curl_convert_from_network(struct Curl_easy *data,
/* do the translation ourselves */
char *input_ptr, *output_ptr;
size_t in_bytes, out_bytes, rc;
- int error;
/* open an iconv conversion descriptor if necessary */
if(data->inbound_cd == (iconv_t)-1) {
data->inbound_cd = iconv_open(CURL_ICONV_CODESET_OF_HOST,
CURL_ICONV_CODESET_OF_NETWORK);
if(data->inbound_cd == (iconv_t)-1) {
- error = ERRNO;
failf(data,
"The iconv_open(\"%s\", \"%s\") call failed with errno %i: %s",
CURL_ICONV_CODESET_OF_HOST,
CURL_ICONV_CODESET_OF_NETWORK,
- error, strerror(error));
+ errno, strerror(errno));
return CURLE_CONV_FAILED;
}
}
@@ -180,10 +175,9 @@ CURLcode Curl_convert_from_network(struct Curl_easy *data,
rc = iconv(data->inbound_cd, (const char **)&input_ptr, &in_bytes,
&output_ptr, &out_bytes);
if((rc == ICONV_ERROR) || (in_bytes != 0)) {
- error = ERRNO;
failf(data,
"Curl_convert_from_network iconv call failed with errno %i: %s",
- error, strerror(error));
+ errno, strerror(errno));
return CURLE_CONV_FAILED;
}
#else
@@ -219,19 +213,17 @@ CURLcode Curl_convert_from_utf8(struct Curl_easy *data,
const char *input_ptr;
char *output_ptr;
size_t in_bytes, out_bytes, rc;
- int error;
/* open an iconv conversion descriptor if necessary */
if(data->utf8_cd == (iconv_t)-1) {
data->utf8_cd = iconv_open(CURL_ICONV_CODESET_OF_HOST,
CURL_ICONV_CODESET_FOR_UTF8);
if(data->utf8_cd == (iconv_t)-1) {
- error = ERRNO;
failf(data,
"The iconv_open(\"%s\", \"%s\") call failed with errno %i: %s",
CURL_ICONV_CODESET_OF_HOST,
CURL_ICONV_CODESET_FOR_UTF8,
- error, strerror(error));
+ errno, strerror(errno));
return CURLE_CONV_FAILED;
}
}
@@ -241,10 +233,9 @@ CURLcode Curl_convert_from_utf8(struct Curl_easy *data,
rc = iconv(data->utf8_cd, &input_ptr, &in_bytes,
&output_ptr, &out_bytes);
if((rc == ICONV_ERROR) || (in_bytes != 0)) {
- error = ERRNO;
failf(data,
"The Curl_convert_from_utf8 iconv call failed with errno %i: %s",
- error, strerror(error));
+ errno, strerror(errno));
return CURLE_CONV_FAILED;
}
if(output_ptr < input_ptr) {
diff --git a/lib/nonblock.c b/lib/nonblock.c
index b764278a5..5959281e5 100644
--- a/lib/nonblock.c
+++ b/lib/nonblock.c
@@ -58,8 +58,7 @@ int curlx_nonblock(curl_socket_t sockfd, /* operate on
this */
flags = sfcntl(sockfd, F_GETFL, 0);
if(nonblock)
return sfcntl(sockfd, F_SETFL, flags | O_NONBLOCK);
- else
- return sfcntl(sockfd, F_SETFL, flags & (~O_NONBLOCK));
+ return sfcntl(sockfd, F_SETFL, flags & (~O_NONBLOCK));
#elif defined(HAVE_IOCTL_FIONBIO)
diff --git a/lib/nonblock.h b/lib/nonblock.h
index 98cdc25ab..3445752b9 100644
--- a/lib/nonblock.h
+++ b/lib/nonblock.h
@@ -22,7 +22,7 @@
*
***************************************************************************/
-#include <curl/curl.h> /* for curl_socket_t */
+#include <gnurl/curl.h> /* for curl_socket_t */
int curlx_nonblock(curl_socket_t sockfd, /* operate on this */
int nonblock /* TRUE or FALSE */);
diff --git a/lib/nwlib.c b/lib/nwlib.c
index 42b6aa0da..290cbe31f 100644
--- a/lib/nwlib.c
+++ b/lib/nwlib.c
@@ -184,7 +184,8 @@ int GetOrSetUpData(int id, libdata_t **appData,
*/
NXLock(gLibLock);
- if(!(app_data = (libdata_t *) get_app_data(id))) {
+ app_data = (libdata_t *) get_app_data(id);
+ if(!app_data) {
app_data = malloc(sizeof(libdata_t));
if(app_data) {
@@ -259,7 +260,8 @@ int GetOrSetUpData(int id, libdata_t **appData,
err = ENOMEM;
}
- if((err = NXKeySetValue(key, thread_data))) {
+ err = NXKeySetValue(key, thread_data);
+ if(err) {
free(thread_data->twentybytes);
free(thread_data);
thread_data = (libthreaddata_t *) NULL;
@@ -303,14 +305,14 @@ void DisposeThreadData(void *data)
/* For native CLib-based NLM seems we can do a bit more simple. */
#include <nwthread.h>
-int main (void)
+int main(void)
{
/* initialize any globals here... */
/* do this if any global initializing was done
SynchronizeStart();
*/
- ExitThread (TSR_THREAD, 0);
+ ExitThread(TSR_THREAD, 0);
return 0;
}
diff --git a/lib/nwos.c b/lib/nwos.c
index 385f9c8ad..c6c22ccbb 100644
--- a/lib/nwos.c
+++ b/lib/nwos.c
@@ -26,7 +26,7 @@
#ifdef __NOVELL_LIBC__
/* For native LibC-based NLM we need to do nothing. */
-int netware_init (void)
+int netware_init(void)
{
return 0;
}
@@ -45,7 +45,7 @@ NETDB_DEFINE_CONTEXT
#include <arpa/inet.h>
NETINET_DEFINE_CONTEXT
-int netware_init (void)
+int netware_init(void)
{
int rc = 0;
unsigned int myHandle = GetNLMHandle();
@@ -72,13 +72,13 @@ int netware_init (void)
}
/* dummy function to satisfy newer prelude */
-int __init_environment (void)
+int __init_environment(void)
{
return 0;
}
/* dummy function to satisfy newer prelude */
-int __deinit_environment (void)
+int __deinit_environment(void)
{
return 0;
}
diff --git a/lib/objnames.inc b/lib/objnames.inc
index b895528af..6a5b2a837 100644
--- a/lib/objnames.inc
+++ b/lib/objnames.inc
@@ -5,7 +5,7 @@
# * | (__| |_| | _ <| |___
# * \___|\___/|_| \_\_____|
# *
-# * Copyright (C) 2012, Daniel Stenberg, <address@hidden>, et al.
+# * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
# *
# * This software is licensed as described in the file COPYING, which
# * you should have received as part of this distribution. The terms
@@ -36,7 +36,7 @@
# file name that may be longer than 10 characters, or not, into a string
# with at most 10 characters which may be used as an OS/400 object name.
#
-# This function might not be universally usefull, nor we care about it.
+# This function might not be universally useful, nor we care about it.
#
# It is intended to be used with libcurl's (*.c) source file names, so
# dependency on libcurl's source file naming scheme is acceptable and
diff --git a/lib/openldap.c b/lib/openldap.c
index 4b8cfb9c2..1b32d1f22 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -39,7 +39,7 @@
#include <ldap.h>
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "sendf.h"
#include "vtls/vtls.h"
#include "transfer.h"
@@ -85,6 +85,7 @@ const struct Curl_handler Curl_handler_ldap = {
ZERO_NULL, /* perform_getsock */
ldap_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_LDAP, /* defport */
CURLPROTO_LDAP, /* protocol */
PROTOPT_NONE /* flags */
@@ -110,6 +111,7 @@ const struct Curl_handler Curl_handler_ldaps = {
ZERO_NULL, /* perform_getsock */
ldap_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_LDAPS, /* defport */
CURLPROTO_LDAP, /* protocol */
PROTOPT_SSL /* flags */
diff --git a/lib/parsedate.c b/lib/parsedate.c
index dfcf855c8..c39add846 100644
--- a/lib/parsedate.c
+++ b/lib/parsedate.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -79,8 +79,8 @@
#include <limits.h>
#endif
-#include <curl/curl.h>
-#include "rawstr.h"
+#include <gnurl/curl.h>
+#include "strcase.h"
#include "warnless.h"
#include "parsedate.h"
@@ -211,7 +211,7 @@ static int checkday(const char *check, size_t len)
else
what = &Curl_wkday[0];
for(i=0; i<7; i++) {
- if(Curl_raw_equal(check, what[0])) {
+ if(strcasecompare(check, what[0])) {
found=TRUE;
break;
}
@@ -228,7 +228,7 @@ static int checkmonth(const char *check)
what = &Curl_month[0];
for(i=0; i<12; i++) {
- if(Curl_raw_equal(check, what[0])) {
+ if(strcasecompare(check, what[0])) {
found=TRUE;
break;
}
@@ -248,7 +248,7 @@ static int checktz(const char *check)
what = tz;
for(i=0; i< sizeof(tz)/sizeof(tz[0]); i++) {
- if(Curl_raw_equal(check, what->name)) {
+ if(strcasecompare(check, what->name)) {
found=TRUE;
break;
}
@@ -386,15 +386,17 @@ static int parsedate(const char *date, time_t *output)
/* a digit */
int val;
char *end;
+ int len=0;
if((secnum == -1) &&
- (3 == sscanf(date, "%02d:%02d:%02d", &hournum, &minnum, &secnum))) {
+ (3 == sscanf(date, "%02d:%02d:%02d%n",
+ &hournum, &minnum, &secnum, &len))) {
/* time stamp! */
- date += 8;
+ date += len;
}
else if((secnum == -1) &&
- (2 == sscanf(date, "%02d:%02d", &hournum, &minnum))) {
+ (2 == sscanf(date, "%02d:%02d%n", &hournum, &minnum, &len))) {
/* time stamp without seconds */
- date += 5;
+ date += len;
secnum = 0;
}
else {
@@ -402,12 +404,12 @@ static int parsedate(const char *date, time_t *output)
int error;
int old_errno;
- old_errno = ERRNO;
- SET_ERRNO(0);
+ old_errno = errno;
+ errno = 0;
lval = strtol(date, &end, 10);
- error = ERRNO;
- if(error != old_errno)
- SET_ERRNO(old_errno);
+ error = errno;
+ if(errno != old_errno)
+ errno = old_errno;
if(error)
return PARSEDATE_FAIL;
diff --git a/lib/pingpong.c b/lib/pingpong.c
index 92ff84ba3..5ed79b718 100644
--- a/lib/pingpong.c
+++ b/lib/pingpong.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -44,12 +44,12 @@
/* Returns timeout in ms. 0 or negative number means the timeout has already
triggered */
-long Curl_pp_state_timeout(struct pingpong *pp)
+time_t Curl_pp_state_timeout(struct pingpong *pp)
{
struct connectdata *conn = pp->conn;
struct Curl_easy *data=conn->data;
- long timeout_ms; /* in milliseconds */
- long timeout2_ms; /* in milliseconds */
+ time_t timeout_ms; /* in milliseconds */
+ time_t timeout2_ms; /* in milliseconds */
long response_time= (data->set.server_response_timeout)?
data->set.server_response_timeout: pp->response_time;
@@ -83,8 +83,8 @@ CURLcode Curl_pp_statemach(struct pingpong *pp, bool block)
struct connectdata *conn = pp->conn;
curl_socket_t sock = conn->sock[FIRSTSOCKET];
int rc;
- long interval_ms;
- long timeout_ms = Curl_pp_state_timeout(pp);
+ time_t interval_ms;
+ time_t timeout_ms = Curl_pp_state_timeout(pp);
struct Curl_easy *data=conn->data;
CURLcode result = CURLE_OK;
@@ -101,14 +101,17 @@ CURLcode Curl_pp_statemach(struct pingpong *pp, bool
block)
else
interval_ms = 0; /* immediate */
- if(Curl_pp_moredata(pp))
+ if(Curl_ssl_data_pending(conn, FIRSTSOCKET))
+ rc = 1;
+ else if(Curl_pp_moredata(pp))
/* We are receiving and there is data in the cache so just read it */
rc = 1;
else if(!pp->sendleft && Curl_ssl_data_pending(conn, FIRSTSOCKET))
/* We are receiving and there is data ready in the SSL library */
rc = 1;
else
- rc = Curl_socket_ready(pp->sendleft?CURL_SOCKET_BAD:sock, /* reading */
+ rc = Curl_socket_check(pp->sendleft?CURL_SOCKET_BAD:sock, /* reading */
+ CURL_SOCKET_BAD,
pp->sendleft?sock:CURL_SOCKET_BAD, /* writing */
interval_ms);
@@ -149,7 +152,7 @@ void Curl_pp_init(struct pingpong *pp)
*
* Curl_pp_vsendf()
*
- * Send the formated string as a command to a pingpong server. Note that
+ * Send the formatted string as a command to a pingpong server. Note that
* the string should not have any CRLF appended, as this function will
* append the necessary things itself.
*
@@ -236,7 +239,7 @@ CURLcode Curl_pp_vsendf(struct pingpong *pp,
*
* Curl_pp_sendf()
*
- * Send the formated string as a command to a pingpong server. Note that
+ * Send the formatted string as a command to a pingpong server. Note that
* the string should not have any CRLF appended, as this function will
* append the necessary things itself.
*
@@ -283,7 +286,8 @@ CURLcode Curl_pp_readresp(curl_socket_t sockfd,
/* number of bytes in the current line, so far */
perline = (ssize_t)(ptr-pp->linestart_resp);
- while((pp->nread_resp<BUFSIZE) && (keepon && !result)) {
+ while((pp->nread_resp < (size_t)data->set.buffer_size) &&
+ (keepon && !result)) {
if(pp->cache) {
/* we had data in the "cache", copy that instead of doing an actual
@@ -293,7 +297,7 @@ CURLcode Curl_pp_readresp(curl_socket_t sockfd,
* it would have been populated with something of size int to begin
* with, even though its datatype may be larger than an int.
*/
- DEBUGASSERT((ptr+pp->cache_size) <= (buf+BUFSIZE+1));
+ DEBUGASSERT((ptr+pp->cache_size) <= (buf+data->set.buffer_size+1));
memcpy(ptr, pp->cache, pp->cache_size);
gotbytes = (ssize_t)pp->cache_size;
free(pp->cache); /* free the cache */
@@ -305,8 +309,10 @@ CURLcode Curl_pp_readresp(curl_socket_t sockfd,
enum protection_level prot = conn->data_prot;
conn->data_prot = PROT_CLEAR;
#endif
- DEBUGASSERT((ptr+BUFSIZE-pp->nread_resp) <= (buf+BUFSIZE+1));
- result = Curl_read(conn, sockfd, ptr, BUFSIZE-pp->nread_resp,
+ DEBUGASSERT((ptr + data->set.buffer_size - pp->nread_resp) <=
+ (buf + data->set.buffer_size + 1));
+ result = Curl_read(conn, sockfd, ptr,
+ data->set.buffer_size - pp->nread_resp,
&gotbytes);
#ifdef HAVE_GSSAPI
DEBUGASSERT(prot > PROT_NONE && prot < PROT_LAST);
@@ -399,7 +405,7 @@ CURLcode Curl_pp_readresp(curl_socket_t sockfd,
}
else if(keepon) {
- if((perline == gotbytes) && (gotbytes > BUFSIZE/2)) {
+ if((perline == gotbytes) && (gotbytes > data->set.buffer_size/2)) {
/* We got an excessive line without newlines and we need to deal
with it. We keep the first bytes of the line then we throw
away the rest. */
@@ -411,7 +417,7 @@ CURLcode Curl_pp_readresp(curl_socket_t sockfd,
interested in the first piece */
clipamount = 40;
}
- else if(pp->nread_resp > BUFSIZE/2) {
+ else if(pp->nread_resp > (size_t)data->set.buffer_size/2) {
/* We got a large chunk of data and there's potentially still
trailing data to take care of, so we put any such part in the
"cache", clear the buffer to make space and restart. */
diff --git a/lib/pingpong.h b/lib/pingpong.h
index 2f649d5bf..a2c8ff592 100644
--- a/lib/pingpong.h
+++ b/lib/pingpong.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -58,7 +58,7 @@ struct pingpong {
server */
size_t sendleft; /* number of bytes left to send from the sendthis buffer */
size_t sendsize; /* total size of the sendthis buffer */
- struct timeval response; /* set to Curl_tvnow() when a command has been sent
+ struct curltime response; /* set to Curl_tvnow() when a command has been sent
off, used to time-out response reading */
long response_time; /* When no timeout is given, this is the amount of
milliseconds we await for a server response. */
@@ -88,14 +88,14 @@ void Curl_pp_init(struct pingpong *pp);
/* Returns timeout in ms. 0 or negative number means the timeout has already
triggered */
-long Curl_pp_state_timeout(struct pingpong *pp);
+time_t Curl_pp_state_timeout(struct pingpong *pp);
/***********************************************************************
*
* Curl_pp_sendf()
*
- * Send the formated string as a command to a pingpong server. Note that
+ * Send the formatted string as a command to a pingpong server. Note that
* the string should not have any CRLF appended, as this function will
* append the necessary things itself.
*
@@ -108,7 +108,7 @@ CURLcode Curl_pp_sendf(struct pingpong *pp,
*
* Curl_pp_vsendf()
*
- * Send the formated string as a command to a pingpong server. Note that
+ * Send the formatted string as a command to a pingpong server. Note that
* the string should not have any CRLF appended, as this function will
* append the necessary things itself.
*
diff --git a/lib/pipeline.c b/lib/pipeline.c
index bd902d9a3..c0917c79f 100644
--- a/lib/pipeline.c
+++ b/lib/pipeline.c
@@ -6,7 +6,7 @@
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2013, Linus Nielsen Feltzing, <address@hidden>
- * Copyright (C) 2013-2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2013 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,7 +23,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "url.h"
@@ -31,23 +31,22 @@
#include "multiif.h"
#include "pipeline.h"
#include "sendf.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "curl_memory.h"
/* The last #include file should be: */
#include "memdebug.h"
struct site_blacklist_entry {
- char *hostname;
+ struct curl_llist_element list;
unsigned short port;
+ char hostname[1];
};
static void site_blacklist_llist_dtor(void *user, void *element)
{
struct site_blacklist_entry *entry = element;
(void)user;
-
- Curl_safefree(entry->hostname);
free(entry);
}
@@ -69,8 +68,8 @@ bool Curl_pipeline_penalized(struct Curl_easy *data,
curl_off_t recv_size = -2; /* Make it easy to spot in the log */
/* Find the head of the recv pipe, if any */
- if(conn->recv_pipe && conn->recv_pipe->head) {
- struct Curl_easy *recv_handle = conn->recv_pipe->head->ptr;
+ if(conn->recv_pipe.head) {
+ struct Curl_easy *recv_handle = conn->recv_pipe.head->ptr;
recv_size = recv_handle->req.size;
@@ -94,8 +93,8 @@ bool Curl_pipeline_penalized(struct Curl_easy *data,
static CURLcode addHandleToPipeline(struct Curl_easy *data,
struct curl_llist *pipeline)
{
- if(!Curl_llist_insert_next(pipeline, pipeline->tail, data))
- return CURLE_OUT_OF_MEMORY;
+ Curl_llist_insert_next(pipeline, pipeline->tail, data,
+ &data->pipeline_queue);
return CURLE_OK;
}
@@ -103,18 +102,18 @@ static CURLcode addHandleToPipeline(struct Curl_easy
*data,
CURLcode Curl_add_handle_to_pipeline(struct Curl_easy *handle,
struct connectdata *conn)
{
- struct curl_llist_element *sendhead = conn->send_pipe->head;
+ struct curl_llist_element *sendhead = conn->send_pipe.head;
struct curl_llist *pipeline;
CURLcode result;
- pipeline = conn->send_pipe;
+ pipeline = &conn->send_pipe;
result = addHandleToPipeline(handle, pipeline);
- if(pipeline == conn->send_pipe && sendhead != conn->send_pipe->head) {
+ if(pipeline == &conn->send_pipe && sendhead != conn->send_pipe.head) {
/* this is a new one as head, expire it */
Curl_pipeline_leave_write(conn); /* not in use yet */
- Curl_expire(conn->send_pipe->head->ptr, 0);
+ Curl_expire(conn->send_pipe.head->ptr, 0, EXPIRE_RUN_NOW);
}
#if 0 /* enable for pipeline debugging */
@@ -135,21 +134,21 @@ void Curl_move_handle_from_send_to_recv_pipe(struct
Curl_easy *handle,
{
struct curl_llist_element *curr;
- curr = conn->send_pipe->head;
+ curr = conn->send_pipe.head;
while(curr) {
if(curr->ptr == handle) {
- Curl_llist_move(conn->send_pipe, curr,
- conn->recv_pipe, conn->recv_pipe->tail);
+ Curl_llist_move(&conn->send_pipe, curr,
+ &conn->recv_pipe, conn->recv_pipe.tail);
- if(conn->send_pipe->head) {
+ if(conn->send_pipe.head) {
/* Since there's a new easy handle at the start of the send pipeline,
set its timeout value to 1ms to make it trigger instantly */
Curl_pipeline_leave_write(conn); /* not used now */
#ifdef DEBUGBUILD
infof(conn->data, "%p is at send pipe head B!\n",
- (void *)conn->send_pipe->head->ptr);
+ (void *)conn->send_pipe.head->ptr);
#endif
- Curl_expire(conn->send_pipe->head->ptr, 0);
+ Curl_expire(conn->send_pipe.head->ptr, 0, EXPIRE_RUN_NOW);
}
/* The receiver's list is not really interesting here since either this
@@ -177,7 +176,7 @@ bool Curl_pipeline_site_blacklisted(struct Curl_easy
*handle,
struct site_blacklist_entry *site;
site = curr->ptr;
- if(Curl_raw_equal(site->hostname, conn->host.name) &&
+ if(strcasecompare(site->hostname, conn->host.name) &&
site->port == conn->remote_port) {
infof(handle, "Site %s:%d is pipeline blacklisted\n",
conn->host.name, conn->remote_port);
@@ -191,36 +190,28 @@ bool Curl_pipeline_site_blacklisted(struct Curl_easy
*handle,
}
CURLMcode Curl_pipeline_set_site_blacklist(char **sites,
- struct curl_llist **list_ptr)
+ struct curl_llist *list)
{
- struct curl_llist *old_list = *list_ptr;
- struct curl_llist *new_list = NULL;
+ /* Free the old list */
+ if(list->size)
+ Curl_llist_destroy(list, NULL);
if(sites) {
- new_list = Curl_llist_alloc((curl_llist_dtor) site_blacklist_llist_dtor);
- if(!new_list)
- return CURLM_OUT_OF_MEMORY;
+ Curl_llist_init(list, (curl_llist_dtor) site_blacklist_llist_dtor);
/* Parse the URLs and populate the list */
while(*sites) {
- char *hostname;
char *port;
struct site_blacklist_entry *entry;
- hostname = strdup(*sites);
- if(!hostname) {
- Curl_llist_destroy(new_list, NULL);
- return CURLM_OUT_OF_MEMORY;
- }
-
- entry = malloc(sizeof(struct site_blacklist_entry));
+ entry = malloc(sizeof(struct site_blacklist_entry) + strlen(*sites));
if(!entry) {
- free(hostname);
- Curl_llist_destroy(new_list, NULL);
+ Curl_llist_destroy(list, NULL);
return CURLM_OUT_OF_MEMORY;
}
+ strcpy(entry->hostname, *sites);
- port = strchr(hostname, ':');
+ port = strchr(entry->hostname, ':');
if(port) {
*port = '\0';
port++;
@@ -231,51 +222,35 @@ CURLMcode Curl_pipeline_set_site_blacklist(char **sites,
entry->port = 80;
}
- entry->hostname = hostname;
-
- if(!Curl_llist_insert_next(new_list, new_list->tail, entry)) {
- site_blacklist_llist_dtor(NULL, entry);
- Curl_llist_destroy(new_list, NULL);
- return CURLM_OUT_OF_MEMORY;
- }
-
+ Curl_llist_insert_next(list, list->tail, entry, &entry->list);
sites++;
}
}
- /* Free the old list */
- if(old_list) {
- Curl_llist_destroy(old_list, NULL);
- }
-
- /* This might be NULL if sites == NULL, i.e the blacklist is cleared */
- *list_ptr = new_list;
-
return CURLM_OK;
}
+struct blacklist_node {
+ struct curl_llist_element list;
+ char server_name[1];
+};
+
bool Curl_pipeline_server_blacklisted(struct Curl_easy *handle,
char *server_name)
{
if(handle->multi && server_name) {
- struct curl_llist *blacklist =
+ struct curl_llist *list =
Curl_multi_pipelining_server_bl(handle->multi);
- if(blacklist) {
- struct curl_llist_element *curr;
-
- curr = blacklist->head;
- while(curr) {
- char *bl_server_name;
-
- bl_server_name = curr->ptr;
- if(Curl_raw_nequal(bl_server_name, server_name,
- strlen(bl_server_name))) {
- infof(handle, "Server %s is blacklisted\n", server_name);
- return TRUE;
- }
- curr = curr->next;
+ struct curl_llist_element *e = list->head;
+ while(e) {
+ struct blacklist_node *bl = (struct blacklist_node *)e;
+ if(strncasecompare(bl->server_name, server_name,
+ strlen(bl->server_name))) {
+ infof(handle, "Server %s is blacklisted\n", server_name);
+ return TRUE;
}
+ e = e->next;
}
DEBUGF(infof(handle, "Server %s is not blacklisted\n", server_name));
@@ -284,43 +259,32 @@ bool Curl_pipeline_server_blacklisted(struct Curl_easy
*handle,
}
CURLMcode Curl_pipeline_set_server_blacklist(char **servers,
- struct curl_llist **list_ptr)
+ struct curl_llist *list)
{
- struct curl_llist *old_list = *list_ptr;
- struct curl_llist *new_list = NULL;
+ /* Free the old list */
+ if(list->size)
+ Curl_llist_destroy(list, NULL);
if(servers) {
- new_list = Curl_llist_alloc((curl_llist_dtor) server_blacklist_llist_dtor);
- if(!new_list)
- return CURLM_OUT_OF_MEMORY;
+ Curl_llist_init(list, (curl_llist_dtor) server_blacklist_llist_dtor);
/* Parse the URLs and populate the list */
while(*servers) {
- char *server_name;
-
- server_name = strdup(*servers);
- if(!server_name) {
- Curl_llist_destroy(new_list, NULL);
- return CURLM_OUT_OF_MEMORY;
- }
+ struct blacklist_node *n;
+ size_t len = strlen(*servers);
- if(!Curl_llist_insert_next(new_list, new_list->tail, server_name)) {
- Curl_llist_destroy(new_list, NULL);
- Curl_safefree(server_name);
+ n = malloc(sizeof(struct blacklist_node) + len);
+ if(!n) {
+ Curl_llist_destroy(list, NULL);
return CURLM_OUT_OF_MEMORY;
}
+ strcpy(n->server_name, *servers);
+ Curl_llist_insert_next(list, list->tail, n, &n->list);
servers++;
}
}
- /* Free the old list */
- if(old_list) {
- Curl_llist_destroy(old_list, NULL);
- }
-
- /* This might be NULL if sites == NULL, i.e the blacklist is cleared */
- *list_ptr = new_list;
return CURLM_OK;
}
@@ -340,14 +304,14 @@ static bool pipe_head(struct Curl_easy *data,
bool Curl_recvpipe_head(struct Curl_easy *data,
struct connectdata *conn)
{
- return pipe_head(data, conn->recv_pipe);
+ return pipe_head(data, &conn->recv_pipe);
}
/* returns TRUE if the given handle is head of the send pipe */
bool Curl_sendpipe_head(struct Curl_easy *data,
struct connectdata *conn)
{
- return pipe_head(data, conn->send_pipe);
+ return pipe_head(data, &conn->send_pipe);
}
diff --git a/lib/pipeline.h b/lib/pipeline.h
index a64f71025..413ba31a0 100644
--- a/lib/pipeline.h
+++ b/lib/pipeline.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2015 - 2017, Daniel Stenberg, <address@hidden>, et al.
* Copyright (C) 2013 - 2014, Linus Nielsen Feltzing, <address@hidden>
*
* This software is licensed as described in the file COPYING, which
@@ -34,13 +34,13 @@ bool Curl_pipeline_site_blacklisted(struct Curl_easy
*handle,
struct connectdata *conn);
CURLMcode Curl_pipeline_set_site_blacklist(char **sites,
- struct curl_llist **list_ptr);
+ struct curl_llist *list_ptr);
bool Curl_pipeline_server_blacklisted(struct Curl_easy *handle,
char *server_name);
CURLMcode Curl_pipeline_set_server_blacklist(char **servers,
- struct curl_llist **list_ptr);
+ struct curl_llist *list_ptr);
bool Curl_pipeline_checkget_write(struct Curl_easy *data,
struct connectdata *conn);
diff --git a/lib/pop3.c b/lib/pop3.c
index 154e5c38b..c1ba15908 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -60,7 +60,7 @@
#define in_addr_t unsigned long
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "sendf.h"
#include "hostip.h"
@@ -70,16 +70,14 @@
#include "http.h" /* for HTTP proxy tunnel stuff */
#include "socks.h"
#include "pop3.h"
-
#include "strtoofft.h"
-#include "strequal.h"
+#include "strcase.h"
#include "vtls/vtls.h"
#include "connect.h"
#include "strerror.h"
#include "select.h"
#include "multiif.h"
#include "url.h"
-#include "rawstr.h"
#include "curl_sasl.h"
#include "curl_md5.h"
#include "warnless.h"
@@ -106,7 +104,7 @@ static CURLcode pop3_parse_custom_request(struct
connectdata *conn);
static CURLcode pop3_perform_auth(struct connectdata *conn, const char *mech,
const char *initresp);
static CURLcode pop3_continue_auth(struct connectdata *conn, const char *resp);
-static void pop3_get_message(char *buffer, char** outptr);
+static void pop3_get_message(char *buffer, char **outptr);
/*
* POP3 protocol handler.
@@ -127,9 +125,11 @@ const struct Curl_handler Curl_handler_pop3 = {
ZERO_NULL, /* perform_getsock */
pop3_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_POP3, /* defport */
CURLPROTO_POP3, /* protocol */
- PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY /* flags */
+ PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */
+ PROTOPT_URLOPTIONS
};
#ifdef USE_SSL
@@ -152,65 +152,14 @@ const struct Curl_handler Curl_handler_pop3s = {
ZERO_NULL, /* perform_getsock */
pop3_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_POP3S, /* defport */
CURLPROTO_POP3S, /* protocol */
PROTOPT_CLOSEACTION | PROTOPT_SSL
- | PROTOPT_NOURLQUERY /* flags */
+ | PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS /* flags */
};
#endif
-#ifndef CURL_DISABLE_HTTP
-/*
- * HTTP-proxyed POP3 protocol handler.
- */
-
-static const struct Curl_handler Curl_handler_pop3_proxy = {
- "POP3", /* scheme */
- Curl_http_setup_conn, /* setup_connection */
- Curl_http, /* do_it */
- Curl_http_done, /* done */
- ZERO_NULL, /* do_more */
- ZERO_NULL, /* connect_it */
- ZERO_NULL, /* connecting */
- ZERO_NULL, /* doing */
- ZERO_NULL, /* proto_getsock */
- ZERO_NULL, /* doing_getsock */
- ZERO_NULL, /* domore_getsock */
- ZERO_NULL, /* perform_getsock */
- ZERO_NULL, /* disconnect */
- ZERO_NULL, /* readwrite */
- PORT_POP3, /* defport */
- CURLPROTO_HTTP, /* protocol */
- PROTOPT_NONE /* flags */
-};
-
-#ifdef USE_SSL
-/*
- * HTTP-proxyed POP3S protocol handler.
- */
-
-static const struct Curl_handler Curl_handler_pop3s_proxy = {
- "POP3S", /* scheme */
- Curl_http_setup_conn, /* setup_connection */
- Curl_http, /* do_it */
- Curl_http_done, /* done */
- ZERO_NULL, /* do_more */
- ZERO_NULL, /* connect_it */
- ZERO_NULL, /* connecting */
- ZERO_NULL, /* doing */
- ZERO_NULL, /* proto_getsock */
- ZERO_NULL, /* doing_getsock */
- ZERO_NULL, /* domore_getsock */
- ZERO_NULL, /* perform_getsock */
- ZERO_NULL, /* disconnect */
- ZERO_NULL, /* readwrite */
- PORT_POP3S, /* defport */
- CURLPROTO_HTTP, /* protocol */
- PROTOPT_NONE /* flags */
-};
-#endif
-#endif
-
/* SASL parameters for the pop3 protocol */
static const struct SASLproto saslpop3 = {
"pop", /* The service name */
@@ -292,10 +241,10 @@ static bool pop3_endofresp(struct connectdata *conn, char
*line, size_t len,
*
* Gets the authentication message from the response buffer.
*/
-static void pop3_get_message(char *buffer, char** outptr)
+static void pop3_get_message(char *buffer, char **outptr)
{
size_t len = 0;
- char* message = NULL;
+ char *message = NULL;
/* Find the start of the message */
for(message = buffer + 2; *message == ' ' || *message == '\t'; message++)
@@ -801,7 +750,7 @@ static CURLcode pop3_state_starttls_resp(struct connectdata
*conn,
if(pop3code != '+') {
if(data->set.use_ssl != CURLUSESSL_TRY) {
- failf(data, "STARTTLS denied. %c", pop3code);
+ failf(data, "STARTTLS denied");
result = CURLE_USE_SSL_FAILED;
}
else
@@ -1356,31 +1305,6 @@ static CURLcode pop3_setup_connection(struct connectdata
*conn)
/* Clear the TLS upgraded flag */
conn->tls_upgraded = FALSE;
-
- /* Set up the proxy if necessary */
- if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) {
- /* Unless we have asked to tunnel POP3 operations through the proxy, we
- switch and use HTTP operations only */
-#ifndef CURL_DISABLE_HTTP
- if(conn->handler == &Curl_handler_pop3)
- conn->handler = &Curl_handler_pop3_proxy;
- else {
-#ifdef USE_SSL
- conn->handler = &Curl_handler_pop3s_proxy;
-#else
- failf(data, "POP3S not supported!");
- return CURLE_UNSUPPORTED_PROTOCOL;
-#endif
- }
-
- /* set it up as an HTTP connection instead */
- return conn->handler->setup_connection(conn);
-#else
- failf(data, "POP3 over http proxy requires HTTP support built-in!");
- return CURLE_UNSUPPORTED_PROTOCOL;
-#endif
- }
-
data->state.path++; /* don't include the initial slash */
return CURLE_OK;
@@ -1412,11 +1336,11 @@ static CURLcode pop3_parse_url_options(struct
connectdata *conn)
while(*ptr && *ptr != ';')
ptr++;
- if(strnequal(key, "AUTH=", 5)) {
+ if(strncasecompare(key, "AUTH=", 5)) {
result = Curl_sasl_parse_url_auth_option(&pop3c->sasl,
value, ptr - value);
- if(result && strnequal(value, "+APOP", ptr - value)) {
+ if(result && strncasecompare(value, "+APOP", ptr - value)) {
pop3c->preftype = POP3_TYPE_APOP;
pop3c->sasl.prefmech = SASL_AUTH_NONE;
result = CURLE_OK;
@@ -1574,7 +1498,7 @@ CURLcode Curl_pop3_write(struct connectdata *conn, char
*str, size_t nread)
if(prev) {
/* If the partial match was the CRLF and dot then only write the CRLF
as the server would have inserted the dot */
- result = Curl_client_write(conn, CLIENTWRITE_BODY, (char*)POP3_EOB,
+ result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)POP3_EOB,
strip_dot ? prev - 1 : prev);
if(result)
diff --git a/lib/progress.c b/lib/progress.c
index 0f67ef250..740ff2887 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -152,18 +152,22 @@ int Curl_pgrsDone(struct connectdata *conn)
/* reset all times except redirect, and reset the known transfer sizes */
void Curl_pgrsResetTimesSizes(struct Curl_easy *data)
{
- data->progress.t_nslookup = 0.0;
- data->progress.t_connect = 0.0;
- data->progress.t_pretransfer = 0.0;
- data->progress.t_starttransfer = 0.0;
+ data->progress.t_nslookup = 0;
+ data->progress.t_connect = 0;
+ data->progress.t_pretransfer = 0;
+ data->progress.t_starttransfer = 0;
Curl_pgrsSetDownloadSize(data, -1);
Curl_pgrsSetUploadSize(data, -1);
}
+/*
+ * @unittest: 1399
+ */
void Curl_pgrsTime(struct Curl_easy *data, timerid timer)
{
- struct timeval now = Curl_tvnow();
+ struct curltime now = Curl_tvnow();
+ time_t *delta = NULL;
switch(timer) {
default:
@@ -178,38 +182,48 @@ void Curl_pgrsTime(struct Curl_easy *data, timerid timer)
/* This is set at the start of each single fetch */
data->progress.t_startsingle = now;
break;
-
case TIMER_STARTACCEPT:
- data->progress.t_acceptdata = Curl_tvnow();
+ data->progress.t_acceptdata = now;
break;
-
case TIMER_NAMELOOKUP:
- data->progress.t_nslookup =
- Curl_tvdiff_secs(now, data->progress.t_startsingle);
+ delta = &data->progress.t_nslookup;
break;
case TIMER_CONNECT:
- data->progress.t_connect =
- Curl_tvdiff_secs(now, data->progress.t_startsingle);
+ delta = &data->progress.t_connect;
break;
case TIMER_APPCONNECT:
- data->progress.t_appconnect =
- Curl_tvdiff_secs(now, data->progress.t_startsingle);
+ delta = &data->progress.t_appconnect;
break;
case TIMER_PRETRANSFER:
- data->progress.t_pretransfer =
- Curl_tvdiff_secs(now, data->progress.t_startsingle);
+ delta = &data->progress.t_pretransfer;
break;
case TIMER_STARTTRANSFER:
- data->progress.t_starttransfer =
- Curl_tvdiff_secs(now, data->progress.t_startsingle);
- break;
+ delta = &data->progress.t_starttransfer;
+ /* prevent updating t_starttransfer unless:
+ * 1) this is the first time we're setting t_starttransfer
+ * 2) a redirect has occurred since the last time t_starttransfer was set
+ * This prevents repeated invocations of the function from incorrectly
+ * changing the t_starttransfer time.
+ */
+ if (*delta > data->progress.t_redirect) {
+ return;
+ }
+ else {
+ break;
+ }
case TIMER_POSTRANSFER:
/* this is the normal end-of-transfer thing */
break;
case TIMER_REDIRECT:
- data->progress.t_redirect = Curl_tvdiff_secs(now, data->progress.start);
+ data->progress.t_redirect = Curl_tvdiff_us(now, data->progress.start);
break;
}
+ if(delta) {
+ time_t us = Curl_tvdiff_us(now, data->progress.t_startsingle);
+ if(!us)
+ us++; /* make sure at least one microsecond passed */
+ *delta = us;
+ }
}
void Curl_pgrsStartNow(struct Curl_easy *data)
@@ -229,16 +243,16 @@ void Curl_pgrsStartNow(struct Curl_easy *data)
* need to wait until we're back under the speed limit, if needed.
*
* The way it works is by having a "starting point" (time & amount of data
- * transfered by then) used in the speed computation, to be used instead of the
- * start of the transfer.
- * This starting point is regularly moved as transfer goes on, to keep getting
- * accurate values (instead of average over the entire tranfer).
+ * transferred by then) used in the speed computation, to be used instead of
+ * the start of the transfer. This starting point is regularly moved as
+ * transfer goes on, to keep getting accurate values (instead of average over
+ * the entire transfer).
*
- * This function takes the current amount of data transfered, the amount at the
- * starting point, the limit (in bytes/s), the time of the starting point and
- * the current time.
+ * This function takes the current amount of data transferred, the amount at
+ * the starting point, the limit (in bytes/s), the time of the starting point
+ * and the current time.
*
- * Returns -1 if no waiting is needed (not enough data transfered since
+ * Returns -1 if no waiting is needed (not enough data transferred since
* starting point yet), 0 when no waiting is needed but the starting point
* should be reset (to current), or the number of milliseconds to wait to get
* back under the speed limit.
@@ -246,32 +260,34 @@ void Curl_pgrsStartNow(struct Curl_easy *data)
long Curl_pgrsLimitWaitTime(curl_off_t cursize,
curl_off_t startsize,
curl_off_t limit,
- struct timeval start,
- struct timeval now)
+ struct curltime start,
+ struct curltime now)
{
- curl_off_t size = cursize - startsize;
- long minimum, actual;
+ curl_off_t size = cursize - startsize;
+ time_t minimum;
+ time_t actual;
- /* we don't have a starting point yet -- return 0 so it gets (re)set */
- if(start.tv_sec == 0 && start.tv_usec == 0)
- return 0;
+ /* we don't have a starting point yet -- return 0 so it gets (re)set */
+ if(start.tv_sec == 0 && start.tv_usec == 0)
+ return 0;
- /* not enough data yet */
- if(size < limit)
- return -1;
+ /* not enough data yet */
+ if(size < limit)
+ return -1;
- minimum = (long) (CURL_OFF_T_C(1000) * size / limit);
- actual = Curl_tvdiff(now, start);
+ minimum = (time_t) (CURL_OFF_T_C(1000) * size / limit);
+ actual = Curl_tvdiff(now, start);
- if(actual < minimum)
- return minimum - actual;
- else
- return 0;
+ if(actual < minimum)
+ /* this is a conversion on some systems (64bit time_t => 32bit long) */
+ return (long)(minimum - actual);
+
+ return 0;
}
void Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size)
{
- struct timeval now = Curl_tvnow();
+ struct curltime now = Curl_tvnow();
data->progress.downloaded = size;
@@ -289,7 +305,7 @@ void Curl_pgrsSetDownloadCounter(struct Curl_easy *data,
curl_off_t size)
void Curl_pgrsSetUploadCounter(struct Curl_easy *data, curl_off_t size)
{
- struct timeval now = Curl_tvnow();
+ struct curltime now = Curl_tvnow();
data->progress.uploaded = size;
@@ -335,7 +351,7 @@ void Curl_pgrsSetUploadSize(struct Curl_easy *data,
curl_off_t size)
*/
int Curl_pgrsUpdate(struct connectdata *conn)
{
- struct timeval now;
+ struct curltime now;
int result;
char max5[6][10];
curl_off_t dlpercen=0;
@@ -359,32 +375,29 @@ int Curl_pgrsUpdate(struct connectdata *conn)
now = Curl_tvnow(); /* what time is it */
/* The time spent so far (from the start) */
- data->progress.timespent =
- (double)(now.tv_sec - data->progress.start.tv_sec) +
- (double)(now.tv_usec - data->progress.start.tv_usec)/1000000.0;
- timespent = (curl_off_t)data->progress.timespent;
+ data->progress.timespent = Curl_tvdiff_us(now, data->progress.start);
+ timespent = (curl_off_t)data->progress.timespent/1000000; /* seconds */
/* The average download speed this far */
data->progress.dlspeed = (curl_off_t)
- ((double)data->progress.downloaded/
- (data->progress.timespent>0?data->progress.timespent:1));
+ (data->progress.downloaded/
+ (timespent>0?timespent:1));
/* The average upload speed this far */
data->progress.ulspeed = (curl_off_t)
- ((double)data->progress.uploaded/
- (data->progress.timespent>0?data->progress.timespent:1));
+ (data->progress.uploaded/
+ (timespent>0?timespent:1));
/* Calculations done at most once a second, unless end is reached */
- if(data->progress.lastshow != (long)now.tv_sec) {
+ if(data->progress.lastshow != now.tv_sec) {
shownow = TRUE;
data->progress.lastshow = now.tv_sec;
- /* Let's do the "current speed" thing, which should use the fastest
- of the dl/ul speeds. Store the faster speed at entry 'nowindex'. */
+ /* Let's do the "current speed" thing, with the dl + ul speeds
+ combined. Store the speed at entry 'nowindex'. */
data->progress.speeder[ nowindex ] =
- data->progress.downloaded>data->progress.uploaded?
- data->progress.downloaded:data->progress.uploaded;
+ data->progress.downloaded + data->progress.uploaded;
/* remember the exact time for this moment */
data->progress.speeder_time [ nowindex ] = now;
@@ -402,7 +415,7 @@ int Curl_pgrsUpdate(struct connectdata *conn)
/* first of all, we don't do this if there's no counted seconds yet */
if(countindex) {
- long span_ms;
+ time_t span_ms;
/* Get the index position to compare with the 'nowindex' position.
Get the oldest entry possible. While we have less than CURR_TIME
@@ -433,10 +446,9 @@ int Curl_pgrsUpdate(struct connectdata *conn)
}
}
else
- /* the first second we use the main average */
+ /* the first second we use the average */
data->progress.current_speed =
- (data->progress.ulspeed>data->progress.dlspeed)?
- data->progress.ulspeed:data->progress.dlspeed;
+ data->progress.ulspeed + data->progress.dlspeed;
} /* Calculations end */
@@ -454,7 +466,7 @@ int Curl_pgrsUpdate(struct connectdata *conn)
failf(data, "Callback aborted");
return result;
}
- else if(data->set.fprogress) {
+ if(data->set.fprogress) {
/* The older deprecated callback is set, call that */
result= data->set.fprogress(data->set.progress_client,
(double)data->progress.size_dl,
diff --git a/lib/progress.h b/lib/progress.h
index 155ff04fe..ed57e3368 100644
--- a/lib/progress.h
+++ b/lib/progress.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -52,8 +52,8 @@ void Curl_pgrsTime(struct Curl_easy *data, timerid timer);
long Curl_pgrsLimitWaitTime(curl_off_t cursize,
curl_off_t startsize,
curl_off_t limit,
- struct timeval start,
- struct timeval now);
+ struct curltime start,
+ struct curltime now);
/* Don't show progress for sizes smaller than: */
#define LEAST_SIZE_PROGRESS BUFSIZE
diff --git a/lib/rand.c b/lib/rand.c
new file mode 100644
index 000000000..69a8576dd
--- /dev/null
+++ b/lib/rand.c
@@ -0,0 +1,179 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#include "curl_setup.h"
+
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+
+#include <gnurl/curl.h>
+#include "vtls/vtls.h"
+#include "sendf.h"
+#include "rand.h"
+
+/* The last 3 #include files should be in this order */
+#include "curl_printf.h"
+#include "curl_memory.h"
+#include "memdebug.h"
+
+static CURLcode randit(struct Curl_easy *data, unsigned int *rnd)
+{
+ unsigned int r;
+ CURLcode result = CURLE_OK;
+ static unsigned int randseed;
+ static bool seeded = FALSE;
+
+#ifdef CURLDEBUG
+ char *force_entropy = getenv("CURL_ENTROPY");
+ if(force_entropy) {
+ if(!seeded) {
+ unsigned int seed = 0;
+ size_t elen = strlen(force_entropy);
+ size_t clen = sizeof(seed);
+ size_t min = elen < clen ? elen : clen;
+ memcpy((char *)&seed, force_entropy, min);
+ randseed = ntohl(seed);
+ seeded = TRUE;
+ }
+ else
+ randseed++;
+ *rnd = randseed;
+ return CURLE_OK;
+ }
+#endif
+
+ /* data may be NULL! */
+ result = Curl_ssl_random(data, (unsigned char *)rnd, sizeof(*rnd));
+ if(result != CURLE_NOT_BUILT_IN)
+ /* only if there is no random function in the TLS backend do the non crypto
+ version, otherwise return result */
+ return result;
+
+ /* ---- non-cryptographic version following ---- */
+
+#ifdef RANDOM_FILE
+ if(!seeded) {
+ /* if there's a random file to read a seed from, use it */
+ int fd = open(RANDOM_FILE, O_RDONLY);
+ if(fd > -1) {
+ /* read random data into the randseed variable */
+ ssize_t nread = read(fd, &randseed, sizeof(randseed));
+ if(nread == sizeof(randseed))
+ seeded = TRUE;
+ close(fd);
+ }
+ }
+#endif
+
+ if(!seeded) {
+ struct curltime now = curlx_tvnow();
+ infof(data, "WARNING: Using weak random seed\n");
+ randseed += (unsigned int)now.tv_usec + (unsigned int)now.tv_sec;
+ randseed = randseed * 1103515245 + 12345;
+ randseed = randseed * 1103515245 + 12345;
+ randseed = randseed * 1103515245 + 12345;
+ seeded = TRUE;
+ }
+
+ /* Return an unsigned 32-bit pseudo-random number. */
+ r = randseed = randseed * 1103515245 + 12345;
+ *rnd = (r << 16) | ((r >> 16) & 0xFFFF);
+ return CURLE_OK;
+}
+
+/*
+ * Curl_rand() stores 'num' number of random unsigned integers in the buffer
+ * 'rndptr' points to.
+ *
+ * If libcurl is built without TLS support or with a TLS backend that lacks a
+ * proper random API (Gskit, PolarSSL or mbedTLS), this function will use
+ * "weak" random.
+ *
+ * When built *with* TLS support and a backend that offers strong random, it
+ * will return error if it cannot provide strong random values.
+ *
+ * NOTE: 'data' may be passed in as NULL when coming from external API without
+ * easy handle!
+ *
+ */
+
+CURLcode Curl_rand(struct Curl_easy *data, unsigned char *rnd, size_t num)
+{
+ CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
+
+ DEBUGASSERT(num > 0);
+
+ while(num) {
+ unsigned int r;
+ size_t left = num < sizeof(unsigned int) ? num : sizeof(unsigned int);
+
+ result = randit(data, &r);
+ if(result)
+ return result;
+
+ while(left) {
+ *rnd++ = (unsigned char)(r & 0xFF);
+ r >>= 8;
+ --num;
+ --left;
+ }
+ }
+
+ return result;
+}
+
+/*
+ * Curl_rand_hex() fills the 'rnd' buffer with a given 'num' size with random
+ * hexadecimal digits PLUS a zero terminating byte. It must be an odd number
+ * size.
+ */
+
+CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
+ size_t num)
+{
+ CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
+ const char *hex = "0123456789abcdef";
+ unsigned char buffer[128];
+ unsigned char *bufp = buffer;
+ DEBUGASSERT(num > 1);
+
+ if((num/2 >= sizeof(buffer)) || !(num&1))
+ /* make sure it fits in the local buffer and that it is an odd number! */
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+
+ num--; /* save one for zero termination */
+
+ result = Curl_rand(data, buffer, num/2);
+ if(result)
+ return result;
+
+ while(num) {
+ *rnd++ = hex[(*bufp & 0xF0)>>4];
+ *rnd++ = hex[*bufp & 0x0F];
+ bufp++;
+ num -= 2;
+ }
+ *rnd = 0;
+
+ return result;
+}
diff --git a/lib/rand.h b/lib/rand.h
new file mode 100644
index 000000000..c6fae3553
--- /dev/null
+++ b/lib/rand.h
@@ -0,0 +1,47 @@
+#ifndef HEADER_CURL_RAND_H
+#define HEADER_CURL_RAND_H
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/*
+ * Curl_rand() stores 'num' number of random unsigned characters in the buffer
+ * 'rnd' points to.
+ *
+ * If libcurl is built without TLS support or with a TLS backend that lacks a
+ * proper random API (Gskit, PolarSSL or mbedTLS), this function will use
+ * "weak" random.
+ *
+ * When built *with* TLS support and a backend that offers strong random, it
+ * will return error if it cannot provide strong random values.
+ *
+ * NOTE: 'data' may be passed in as NULL when coming from external API without
+ * easy handle!
+ *
+ */
+CURLcode Curl_rand(struct Curl_easy *data, unsigned char *rnd, size_t num);
+
+/* Same as above but outputs only random lowercase hex characters.
+ Does NOT terminate.*/
+CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
+ size_t num);
+
+#endif /* HEADER_CURL_RAND_H */
diff --git a/lib/rawstr.c b/lib/rawstr.c
deleted file mode 100644
index 5665ebd36..000000000
--- a/lib/rawstr.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-#include "curl_setup.h"
-
-#include "rawstr.h"
-
-/* Portable, consistent toupper (remember EBCDIC). Do not use toupper() because
- its behavior is altered by the current locale. */
-char Curl_raw_toupper(char in)
-{
-#if !defined(CURL_DOES_CONVERSIONS)
- if(in >= 'a' && in <= 'z')
- return (char)('A' + in - 'a');
-#else
- switch (in) {
- case 'a':
- return 'A';
- case 'b':
- return 'B';
- case 'c':
- return 'C';
- case 'd':
- return 'D';
- case 'e':
- return 'E';
- case 'f':
- return 'F';
- case 'g':
- return 'G';
- case 'h':
- return 'H';
- case 'i':
- return 'I';
- case 'j':
- return 'J';
- case 'k':
- return 'K';
- case 'l':
- return 'L';
- case 'm':
- return 'M';
- case 'n':
- return 'N';
- case 'o':
- return 'O';
- case 'p':
- return 'P';
- case 'q':
- return 'Q';
- case 'r':
- return 'R';
- case 's':
- return 'S';
- case 't':
- return 'T';
- case 'u':
- return 'U';
- case 'v':
- return 'V';
- case 'w':
- return 'W';
- case 'x':
- return 'X';
- case 'y':
- return 'Y';
- case 'z':
- return 'Z';
- }
-#endif
-
- return in;
-}
-
-/*
- * Curl_raw_equal() is for doing "raw" case insensitive strings. This is meant
- * to be locale independent and only compare strings we know are safe for
- * this. See https://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/ for
- * some further explanation to why this function is necessary.
- *
- * The function is capable of comparing a-z case insensitively even for
- * non-ascii.
- */
-
-int Curl_raw_equal(const char *first, const char *second)
-{
- while(*first && *second) {
- if(Curl_raw_toupper(*first) != Curl_raw_toupper(*second))
- /* get out of the loop as soon as they don't match */
- break;
- first++;
- second++;
- }
- /* we do the comparison here (possibly again), just to make sure that if the
- loop above is skipped because one of the strings reached zero, we must not
- return this as a successful match */
- return (Curl_raw_toupper(*first) == Curl_raw_toupper(*second));
-}
-
-int Curl_raw_nequal(const char *first, const char *second, size_t max)
-{
- while(*first && *second && max) {
- if(Curl_raw_toupper(*first) != Curl_raw_toupper(*second)) {
- break;
- }
- max--;
- first++;
- second++;
- }
- if(0 == max)
- return 1; /* they are equal this far */
-
- return Curl_raw_toupper(*first) == Curl_raw_toupper(*second);
-}
-
-/* Copy an upper case version of the string from src to dest. The
- * strings may overlap. No more than n characters of the string are copied
- * (including any NUL) and the destination string will NOT be
- * NUL-terminated if that limit is reached.
- */
-void Curl_strntoupper(char *dest, const char *src, size_t n)
-{
- if(n < 1)
- return;
-
- do {
- *dest++ = Curl_raw_toupper(*src);
- } while(*src++ && --n);
-}
diff --git a/lib/rawstr.h b/lib/rawstr.h
deleted file mode 100644
index 4af00f14a..000000000
--- a/lib/rawstr.h
+++ /dev/null
@@ -1,47 +0,0 @@
-#ifndef HEADER_CURL_RAWSTR_H
-#define HEADER_CURL_RAWSTR_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-#include <curl/curl.h>
-
-/*
- * Curl_raw_equal() is for doing "raw" case insensitive strings. This is meant
- * to be locale independent and only compare strings we know are safe for
- * this.
- *
- * The function is capable of comparing a-z case insensitively even for
- * non-ascii.
- */
-int Curl_raw_equal(const char *first, const char *second);
-int Curl_raw_nequal(const char *first, const char *second, size_t max);
-
-char Curl_raw_toupper(char in);
-
-/* checkprefix() is a shorter version of the above, used when the first
- argument is zero-byte terminated */
-#define checkprefix(a,b) Curl_raw_nequal(a,b,strlen(a))
-
-void Curl_strntoupper(char *dest, const char *src, size_t n);
-
-#endif /* HEADER_CURL_RAWSTR_H */
-
diff --git a/lib/rtsp.c b/lib/rtsp.c
index ed3fd64c7..8b895ed64 100644
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -25,7 +25,7 @@
#ifndef CURL_DISABLE_RTSP
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "transfer.h"
#include "sendf.h"
#include "multiif.h"
@@ -33,9 +33,10 @@
#include "url.h"
#include "progress.h"
#include "rtsp.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "select.h"
#include "connect.h"
+#include "strdup.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
#include "curl_memory.h"
@@ -80,6 +81,9 @@ static CURLcode rtsp_rtp_readwrite(struct Curl_easy *data,
static CURLcode rtsp_setup_connection(struct connectdata *conn);
+bool rtsp_connisdead(struct connectdata *check);
+static unsigned int rtsp_conncheck(struct connectdata *check,
+ unsigned int checks_to_perform);
/* this returns the socket to wait for in the DO and DOING state for the multi
interface and then we're always _sending_ a request and thus we wait for
@@ -116,6 +120,7 @@ const struct Curl_handler Curl_handler_rtsp = {
ZERO_NULL, /* perform_getsock */
rtsp_disconnect, /* disconnect */
rtsp_rtp_readwrite, /* readwrite */
+ rtsp_conncheck, /* connection_check */
PORT_RTSP, /* defport */
CURLPROTO_RTSP, /* protocol */
PROTOPT_NONE /* flags */
@@ -139,15 +144,15 @@ static CURLcode rtsp_setup_connection(struct connectdata
*conn)
* want to block the application forever while receiving a stream. Therefore,
* we cannot assume that an RTSP socket is dead just because it is readable.
*
- * Instead, if it is readable, run Curl_getconnectinfo() to peek at the socket
+ * Instead, if it is readable, run Curl_connalive() to peek at the socket
* and distinguish between closed and data.
*/
-bool Curl_rtsp_connisdead(struct connectdata *check)
+bool rtsp_connisdead(struct connectdata *check)
{
int sval;
bool ret_val = TRUE;
- sval = Curl_socket_ready(check->sock[FIRSTSOCKET], CURL_SOCKET_BAD, 0);
+ sval = SOCKET_READABLE(check->sock[FIRSTSOCKET], 0);
if(sval == 0) {
/* timeout */
ret_val = FALSE;
@@ -156,17 +161,31 @@ bool Curl_rtsp_connisdead(struct connectdata *check)
/* socket is in an error state */
ret_val = TRUE;
}
- else if((sval & CURL_CSELECT_IN) && check->data) {
- /* readable with no error. could be closed or could be alive but we can
- only check if we have a proper Curl_easy for the connection */
- curl_socket_t connectinfo = Curl_getconnectinfo(check->data, &check);
- if(connectinfo != CURL_SOCKET_BAD)
- ret_val = FALSE;
+ else if(sval & CURL_CSELECT_IN) {
+ /* readable with no error. could still be closed */
+ ret_val = !Curl_connalive(check);
}
return ret_val;
}
+/*
+ * Function to check on various aspects of a connection.
+ */
+static unsigned int rtsp_conncheck(struct connectdata *check,
+ unsigned int checks_to_perform)
+{
+ unsigned int ret_val = CONNRESULT_NONE;
+
+ if(checks_to_perform & CONNCHECK_ISDEAD) {
+ if(rtsp_connisdead(check))
+ ret_val |= CONNRESULT_DEAD;
+ }
+
+ return ret_val;
+}
+
+
static CURLcode rtsp_connect(struct connectdata *conn, bool *done)
{
CURLcode httpStatus;
@@ -218,7 +237,7 @@ static CURLcode rtsp_done(struct connectdata *conn,
CSeq_sent, CSeq_recv);
return CURLE_RTSP_CSEQ_ERROR;
}
- else if(data->set.rtspreq == RTSPREQ_RECEIVE &&
+ if(data->set.rtspreq == RTSPREQ_RECEIVE &&
(conn->proto.rtspc.rtp_channel == -1)) {
infof(data, "Got an RTP Receive with a CSeq of %ld\n", CSeq_recv);
/* TODO CPC: Server -> Client logic here */
@@ -488,7 +507,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool
*done)
* Free userpwd now --- cannot reuse this for Negotiate and possibly NTLM
* with basic and digest, it will be freed anyway by the next request
*/
- Curl_safefree (conn->allocptr.userpwd);
+ Curl_safefree(conn->allocptr.userpwd);
conn->allocptr.userpwd = NULL;
if(result)
@@ -614,9 +633,9 @@ static CURLcode rtsp_rtp_readwrite(struct Curl_easy *data,
if(rtspc->rtp_buf) {
/* There was some leftover data the last time. Merge buffers */
- char *newptr = realloc(rtspc->rtp_buf, rtspc->rtp_bufsize + *nread);
+ char *newptr = Curl_saferealloc(rtspc->rtp_buf,
+ rtspc->rtp_bufsize + *nread);
if(!newptr) {
- Curl_safefree(rtspc->rtp_buf);
rtspc->rtp_buf = NULL;
rtspc->rtp_bufsize = 0;
return CURLE_OUT_OF_MEMORY;
@@ -650,31 +669,29 @@ static CURLcode rtsp_rtp_readwrite(struct Curl_easy *data,
*readmore = TRUE;
break;
}
- else {
- /* We have the full RTP interleaved packet
- * Write out the header including the leading '$' */
- DEBUGF(infof(data, "RTP write channel %d rtp_length %d\n",
- rtspc->rtp_channel, rtp_length));
- result = rtp_client_write(conn, &rtp[0], rtp_length + 4);
- if(result) {
- failf(data, "Got an error writing an RTP packet");
- *readmore = FALSE;
- Curl_safefree(rtspc->rtp_buf);
- rtspc->rtp_buf = NULL;
- rtspc->rtp_bufsize = 0;
- return result;
- }
+ /* We have the full RTP interleaved packet
+ * Write out the header including the leading '$' */
+ DEBUGF(infof(data, "RTP write channel %d rtp_length %d\n",
+ rtspc->rtp_channel, rtp_length));
+ result = rtp_client_write(conn, &rtp[0], rtp_length + 4);
+ if(result) {
+ failf(data, "Got an error writing an RTP packet");
+ *readmore = FALSE;
+ Curl_safefree(rtspc->rtp_buf);
+ rtspc->rtp_buf = NULL;
+ rtspc->rtp_bufsize = 0;
+ return result;
+ }
- /* Move forward in the buffer */
- rtp_dataleft -= rtp_length + 4;
- rtp += rtp_length + 4;
+ /* Move forward in the buffer */
+ rtp_dataleft -= rtp_length + 4;
+ rtp += rtp_length + 4;
- if(data->set.rtspreq == RTSPREQ_RECEIVE) {
- /* If we are in a passive receive, give control back
- * to the app as often as we can.
- */
- k->keepon &= ~KEEP_RECV;
- }
+ if(data->set.rtspreq == RTSPREQ_RECEIVE) {
+ /* If we are in a passive receive, give control back
+ * to the app as often as we can.
+ */
+ k->keepon &= ~KEEP_RECV;
}
}
else {
@@ -705,20 +722,18 @@ static CURLcode rtsp_rtp_readwrite(struct Curl_easy *data,
*nread = 0;
return CURLE_OK;
}
- else {
- /* Fix up k->str to point just after the last RTP packet */
- k->str += *nread - rtp_dataleft;
+ /* Fix up k->str to point just after the last RTP packet */
+ k->str += *nread - rtp_dataleft;
- /* either all of the data has been read or...
- * rtp now points at the next byte to parse
- */
- if(rtp_dataleft > 0)
- DEBUGASSERT(k->str[0] == rtp[0]);
+ /* either all of the data has been read or...
+ * rtp now points at the next byte to parse
+ */
+ if(rtp_dataleft > 0)
+ DEBUGASSERT(k->str[0] == rtp[0]);
- DEBUGASSERT(rtp_dataleft <= *nread); /* sanity check */
+ DEBUGASSERT(rtp_dataleft <= *nread); /* sanity check */
- *nread = rtp_dataleft;
- }
+ *nread = rtp_dataleft;
/* If we get here, we have finished with the leftover/merge buffer */
Curl_safefree(rtspc->rtp_buf);
@@ -736,7 +751,7 @@ CURLcode rtp_client_write(struct connectdata *conn, char
*ptr, size_t len)
curl_write_callback writeit;
if(len == 0) {
- failf (data, "Cannot write a 0 size RTP packet.");
+ failf(data, "Cannot write a 0 size RTP packet.");
return CURLE_WRITE_ERROR;
}
@@ -744,12 +759,12 @@ CURLcode rtp_client_write(struct connectdata *conn, char
*ptr, size_t len)
wrote = writeit(ptr, 1, len, data->set.rtp_out);
if(CURL_WRITEFUNC_PAUSE == wrote) {
- failf (data, "Cannot pause RTP");
+ failf(data, "Cannot pause RTP");
return CURLE_WRITE_ERROR;
}
if(wrote != len) {
- failf (data, "Failed writing RTP data");
+ failf(data, "Failed writing RTP data");
return CURLE_WRITE_ERROR;
}
@@ -799,7 +814,7 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn,
/* If the Session ID is not set, and we find it in a response, then set
* it.
*
- * Allow any non whitespace content, up to the field seperator or end of
+ * Allow any non whitespace content, up to the field separator or end of
* line. RFC 2326 isn't 100% clear on the session ID and for example
* gstreamer does url-encoded session ID's not covered by the standard.
*/
diff --git a/lib/rtsp.h b/lib/rtsp.h
index 5a8d5556f..8375a5317 100644
--- a/lib/rtsp.h
+++ b/lib/rtsp.h
@@ -25,13 +25,11 @@
extern const struct Curl_handler Curl_handler_rtsp;
-bool Curl_rtsp_connisdead(struct connectdata *check);
CURLcode Curl_rtsp_parseheader(struct connectdata *conn, char *header);
#else
/* disabled */
#define Curl_rtsp_parseheader(x,y) CURLE_NOT_BUILT_IN
-#define Curl_rtsp_connisdead(x) TRUE
#endif /* CURL_DISABLE_RTSP */
diff --git a/lib/security.c b/lib/security.c
index a0bcaeaee..f4a876341 100644
--- a/lib/security.c
+++ b/lib/security.c
@@ -60,9 +60,9 @@
#include "curl_sec.h"
#include "ftp.h"
#include "sendf.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "warnless.h"
-
+#include "strdup.h"
/* The last #include file should be: */
#include "memdebug.h"
@@ -88,7 +88,8 @@ name_to_level(const char *name)
/* Convert a protocol |level| to its char representation.
We take an int to catch programming mistakes. */
-static char level_to_char(int level) {
+static char level_to_char(int level)
+{
switch(level) {
case PROT_CLEAR:
return 'C';
@@ -122,7 +123,7 @@ static int ftp_send_command(struct connectdata *conn, const
char *message, ...)
vsnprintf(print_buffer, sizeof(print_buffer), message, args);
va_end(args);
- if(Curl_ftpsendf(conn, print_buffer)) {
+ if(Curl_ftpsend(conn, print_buffer)) {
ftp_code = -1;
}
else {
@@ -192,15 +193,18 @@ static CURLcode read_data(struct connectdata *conn,
struct krb5buffer *buf)
{
int len;
- void* tmp;
+ void *tmp = NULL;
CURLcode result;
result = socket_read(fd, &len, sizeof(len));
if(result)
return result;
- len = ntohl(len);
- tmp = realloc(buf->data, len);
+ if(len) {
+ /* only realloc if there was a length */
+ len = ntohl(len);
+ tmp = Curl_saferealloc(buf->data, len);
+ }
if(tmp == NULL)
return CURLE_OUT_OF_MEMORY;
@@ -219,7 +223,7 @@ buffer_read(struct krb5buffer *buf, void *data, size_t len)
{
if(buf->size - buf->index < len)
len = buf->size - buf->index;
- memcpy(data, (char*)buf->data + buf->index, len);
+ memcpy(data, (char *)buf->data + buf->index, len);
buf->index += len;
return len;
}
@@ -288,7 +292,7 @@ static void do_sec_send(struct connectdata *conn,
curl_socket_t fd,
prot_level = conn->command_prot;
}
bytes = conn->mech->encode(conn->app_data, from, length, prot_level,
- (void**)&buffer);
+ (void **)&buffer);
if(!buffer || bytes <= 0)
return; /* error */
@@ -363,6 +367,10 @@ int Curl_sec_read_msg(struct connectdata *conn, char
*buffer,
size_t decoded_sz = 0;
CURLcode error;
+ if(!conn->mech)
+ /* not inititalized, return error */
+ return -1;
+
DEBUGASSERT(level > PROT_NONE && level < PROT_LAST);
error = Curl_base64_decode(buffer + 4, (unsigned char **)&buf, &decoded_sz);
@@ -408,7 +416,7 @@ int Curl_sec_read_msg(struct connectdata *conn, char
*buffer,
static int sec_set_protection_level(struct connectdata *conn)
{
int code;
- char* pbsz;
+ char *pbsz;
static unsigned int buffer_size = 1 << 20; /* 1048576 */
enum protection_level level = conn->request_data_prot;
diff --git a/lib/select.c b/lib/select.c
index abf55d878..dd2a2c284 100644
--- a/lib/select.c
+++ b/lib/select.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -43,7 +43,7 @@
#include <strings.h> /* bzero() in FD_SET */
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "connect.h"
@@ -51,15 +51,14 @@
#include "warnless.h"
/* Convenience local macros */
-
-#define elapsed_ms (int)curlx_tvdiff(curlx_tvnow(), initial_tv)
+#define ELAPSED_MS() (int)curlx_tvdiff(curlx_tvnow(), initial_tv)
int Curl_ack_eintr = 0;
-#define error_not_EINTR (Curl_ack_eintr || error != EINTR)
+#define ERROR_NOT_EINTR(error) (Curl_ack_eintr || error != EINTR)
/*
* Internal function used for waiting a specific amount of ms
- * in Curl_socket_ready() and Curl_poll() when no file descriptor
+ * in Curl_socket_check() and Curl_poll() when no file descriptor
* is provided to wait on, just being used to delay execution.
* WinSock select() and poll() timeout mechanisms need a valid
* socket descriptor in a not null file descriptor set to work.
@@ -79,7 +78,7 @@ int Curl_wait_ms(int timeout_ms)
#ifndef HAVE_POLL_FINE
struct timeval pending_tv;
#endif
- struct timeval initial_tv;
+ struct curltime initial_tv;
int pending_ms;
int error;
#endif
@@ -109,9 +108,9 @@ int Curl_wait_ms(int timeout_ms)
if(r != -1)
break;
error = SOCKERRNO;
- if(error && error_not_EINTR)
+ if(error && ERROR_NOT_EINTR(error))
break;
- pending_ms = timeout_ms - elapsed_ms;
+ pending_ms = timeout_ms - ELAPSED_MS();
if(pending_ms <= 0) {
r = 0; /* Simulate a "call timed out" case */
break;
@@ -130,7 +129,7 @@ int Curl_wait_ms(int timeout_ms)
* and a file descriptor is too large for FD_SETSIZE.
*
* A negative timeout value makes this function wait indefinitely,
- * unles no valid file descriptor is given, when this happens the
+ * unless no valid file descriptor is given, when this happens the
* negative timeout is ignored and the function times out immediately.
*
* Return values:
@@ -146,7 +145,7 @@ int Curl_wait_ms(int timeout_ms)
int Curl_socket_check(curl_socket_t readfd0, /* two sockets to read from */
curl_socket_t readfd1,
curl_socket_t writefd, /* socket to write to */
- long timeout_ms) /* milliseconds to wait */
+ time_t timeout_ms) /* milliseconds to wait */
{
#ifdef HAVE_POLL_FINE
struct pollfd pfd[3];
@@ -159,12 +158,18 @@ int Curl_socket_check(curl_socket_t readfd0, /* two
sockets to read from */
fd_set fds_err;
curl_socket_t maxfd;
#endif
- struct timeval initial_tv = {0, 0};
+ struct curltime initial_tv = {0, 0};
int pending_ms = 0;
int error;
int r;
int ret;
+#if SIZEOF_TIME_T != SIZEOF_INT
+ /* wrap-around precaution */
+ if(timeout_ms >= INT_MAX)
+ timeout_ms = INT_MAX;
+#endif
+
if((readfd0 == CURL_SOCKET_BAD) && (readfd1 == CURL_SOCKET_BAD) &&
(writefd == CURL_SOCKET_BAD)) {
/* no sockets, just wait */
@@ -213,10 +218,10 @@ int Curl_socket_check(curl_socket_t readfd0, /* two
sockets to read from */
if(r != -1)
break;
error = SOCKERRNO;
- if(error && error_not_EINTR)
+ if(error && ERROR_NOT_EINTR(error))
break;
if(timeout_ms > 0) {
- pending_ms = (int)(timeout_ms - elapsed_ms);
+ pending_ms = (int)(timeout_ms - ELAPSED_MS());
if(pending_ms <= 0) {
r = 0; /* Simulate a "call timed out" case */
break;
@@ -328,10 +333,10 @@ int Curl_socket_check(curl_socket_t readfd0, /* two
sockets to read from */
if(r != -1)
break;
error = SOCKERRNO;
- if(error && error_not_EINTR)
+ if(error && ERROR_NOT_EINTR(error))
break;
if(timeout_ms > 0) {
- pending_ms = timeout_ms - elapsed_ms;
+ pending_ms = (int)(timeout_ms - ELAPSED_MS());
if(pending_ms <= 0) {
r = 0; /* Simulate a "call timed out" case */
break;
@@ -375,7 +380,7 @@ int Curl_socket_check(curl_socket_t readfd0, /* two sockets
to read from */
* select() is used instead. An error is returned if select() is
* being used and a file descriptor is too large for FD_SETSIZE.
* A negative timeout value makes this function wait indefinitely,
- * unles no valid file descriptor is given, when this happens the
+ * unless no valid file descriptor is given, when this happens the
* negative timeout is ignored and the function times out immediately.
*
* Return values:
@@ -393,7 +398,7 @@ int Curl_poll(struct pollfd ufds[], unsigned int nfds, int
timeout_ms)
fd_set fds_err;
curl_socket_t maxfd;
#endif
- struct timeval initial_tv = {0, 0};
+ struct curltime initial_tv = {0, 0};
bool fds_none = TRUE;
unsigned int i;
int pending_ms = 0;
@@ -434,10 +439,10 @@ int Curl_poll(struct pollfd ufds[], unsigned int nfds,
int timeout_ms)
if(r != -1)
break;
error = SOCKERRNO;
- if(error && error_not_EINTR)
+ if(error && ERROR_NOT_EINTR(error))
break;
if(timeout_ms > 0) {
- pending_ms = timeout_ms - elapsed_ms;
+ pending_ms = (int)(timeout_ms - ELAPSED_MS());
if(pending_ms <= 0) {
r = 0; /* Simulate a "call timed out" case */
break;
@@ -521,10 +526,10 @@ int Curl_poll(struct pollfd ufds[], unsigned int nfds,
int timeout_ms)
if(r != -1)
break;
error = SOCKERRNO;
- if(error && error_not_EINTR)
+ if(error && ERROR_NOT_EINTR(error))
break;
if(timeout_ms > 0) {
- pending_ms = timeout_ms - elapsed_ms;
+ pending_ms = timeout_ms - ELAPSED_MS();
if(pending_ms <= 0) {
r = 0; /* Simulate a "call timed out" case */
break;
@@ -566,8 +571,8 @@ int Curl_poll(struct pollfd ufds[], unsigned int nfds, int
timeout_ms)
*
* Return values are the same as select's.
*/
-int tpf_select_libcurl(int maxfds, fd_set* reads, fd_set* writes,
- fd_set* excepts, struct timeval* tv)
+int tpf_select_libcurl(int maxfds, fd_set *reads, fd_set *writes,
+ fd_set *excepts, struct timeval *tv)
{
int rc;
diff --git a/lib/select.h b/lib/select.h
index 695bb69cc..4351786c3 100644
--- a/lib/select.h
+++ b/lib/select.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,10 +24,10 @@
#include "curl_setup.h"
-#ifdef HAVE_SYS_POLL_H
-#include <sys/poll.h>
-#elif defined(HAVE_POLL_H)
+#ifdef HAVE_POLL_H
#include <poll.h>
+#elif defined(HAVE_SYS_POLL_H)
+#include <sys/poll.h>
#endif
/*
@@ -36,7 +36,8 @@
#if !defined(HAVE_STRUCT_POLLFD) && \
!defined(HAVE_SYS_POLL_H) && \
- !defined(HAVE_POLL_H)
+ !defined(HAVE_POLL_H) && \
+ !defined(POLLIN)
#define POLLIN 0x01
#define POLLPRI 0x02
@@ -73,11 +74,12 @@ struct pollfd
int Curl_socket_check(curl_socket_t readfd, curl_socket_t readfd2,
curl_socket_t writefd,
- long timeout_ms);
+ time_t timeout_ms);
-/* provide the former API internally */
-#define Curl_socket_ready(x,y,z) \
- Curl_socket_check(x, CURL_SOCKET_BAD, y, z)
+#define SOCKET_READABLE(x,z) \
+ Curl_socket_check(x, CURL_SOCKET_BAD, CURL_SOCKET_BAD, z)
+#define SOCKET_WRITABLE(x,z) \
+ Curl_socket_check(CURL_SOCKET_BAD, CURL_SOCKET_BAD, x, z)
int Curl_poll(struct pollfd ufds[], unsigned int nfds, int timeout_ms);
diff --git a/lib/sendf.c b/lib/sendf.c
index 210179734..6a472fb47 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "sendf.h"
@@ -33,6 +33,7 @@
#include "non-ascii.h"
#include "strerror.h"
#include "select.h"
+#include "strdup.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@@ -122,6 +123,13 @@ static size_t convert_lineends(struct Curl_easy *data,
#endif /* CURL_DO_LINEEND_CONV */
#ifdef USE_RECV_BEFORE_SEND_WORKAROUND
+bool Curl_recv_has_postponed_data(struct connectdata *conn, int sockindex)
+{
+ struct postponed_data * const psnd = &(conn->postponed[sockindex]);
+ return psnd->buffer && psnd->allocated_size &&
+ psnd->recv_size > psnd->recv_processed;
+}
+
static void pre_receive_plain(struct connectdata *conn, int num)
{
const curl_socket_t sockfd = conn->sock[num];
@@ -141,7 +149,7 @@ static void pre_receive_plain(struct connectdata *conn, int
num)
/* Have some incoming data */
if(!psnd->buffer) {
/* Use buffer double default size for intermediate buffer */
- psnd->allocated_size = 2 * BUFSIZE;
+ psnd->allocated_size = 2 * conn->data->set.buffer_size;
psnd->buffer = malloc(psnd->allocated_size);
psnd->recv_size = 0;
psnd->recv_processed = 0;
@@ -201,6 +209,12 @@ static ssize_t get_pre_recved(struct connectdata *conn,
int num, char *buf,
}
#else /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
/* Use "do-nothing" macros instead of functions when workaround not used */
+bool Curl_recv_has_postponed_data(struct connectdata *conn, int sockindex)
+{
+ (void)conn;
+ (void)sockindex;
+ return false;
+}
#define pre_receive_plain(c,n) do {} WHILE_FALSE
#define get_pre_recved(c,n,b,l) 0
#endif /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
@@ -229,27 +243,26 @@ void Curl_failf(struct Curl_easy *data, const char *fmt,
...)
{
va_list ap;
size_t len;
+ char error[CURL_ERROR_SIZE + 2];
va_start(ap, fmt);
- vsnprintf(data->state.buffer, BUFSIZE, fmt, ap);
+ vsnprintf(error, CURL_ERROR_SIZE, fmt, ap);
+ len = strlen(error);
if(data->set.errorbuffer && !data->state.errorbuf) {
- snprintf(data->set.errorbuffer, CURL_ERROR_SIZE, "%s", data->state.buffer);
+ strcpy(data->set.errorbuffer, error);
data->state.errorbuf = TRUE; /* wrote error string */
}
if(data->set.verbose) {
- len = strlen(data->state.buffer);
- if(len < BUFSIZE - 1) {
- data->state.buffer[len] = '\n';
- data->state.buffer[++len] = '\0';
- }
- Curl_debug(data, CURLINFO_TEXT, data->state.buffer, len, NULL);
+ error[len] = '\n';
+ error[++len] = '\0';
+ Curl_debug(data, CURLINFO_TEXT, error, len, NULL);
}
va_end(ap);
}
-/* Curl_sendf() sends formated data to the server */
+/* Curl_sendf() sends formatted data to the server */
CURLcode Curl_sendf(curl_socket_t sockfd, struct connectdata *conn,
const char *fmt, ...)
{
@@ -461,21 +474,58 @@ static CURLcode pausewrite(struct Curl_easy *data,
we want to send we need to dup it to save a copy for when the sending
is again enabled */
struct SingleRequest *k = &data->req;
- char *dupl = malloc(len);
- if(!dupl)
- return CURLE_OUT_OF_MEMORY;
+ struct UrlState *s = &data->state;
+ char *dupl;
+ unsigned int i;
+ bool newtype = TRUE;
+
+ if(s->tempcount) {
+ for(i=0; i< s->tempcount; i++) {
+ if(s->tempwrite[i].type == type) {
+ /* data for this type exists */
+ newtype = FALSE;
+ break;
+ }
+ }
+ DEBUGASSERT(i < 3);
+ }
+ else
+ i = 0;
+
+ if(!newtype) {
+ /* append new data to old data */
+
+ /* figure out the new size of the data to save */
+ size_t newlen = len + s->tempwrite[i].len;
+ /* allocate the new memory area */
+ char *newptr = realloc(s->tempwrite[i].buf, newlen);
+ if(!newptr)
+ return CURLE_OUT_OF_MEMORY;
+ /* copy the new data to the end of the new area */
+ memcpy(newptr + s->tempwrite[i].len, ptr, len);
+
+ /* update the pointer and the size */
+ s->tempwrite[i].buf = newptr;
+ s->tempwrite[i].len = newlen;
+ }
+ else {
+ dupl = Curl_memdup(ptr, len);
+ if(!dupl)
+ return CURLE_OUT_OF_MEMORY;
- memcpy(dupl, ptr, len);
+ /* store this information in the state struct for later use */
+ s->tempwrite[i].buf = dupl;
+ s->tempwrite[i].len = len;
+ s->tempwrite[i].type = type;
- /* store this information in the state struct for later use */
- data->state.tempwrite = dupl;
- data->state.tempwritesize = len;
- data->state.tempwritetype = type;
+ if(newtype)
+ s->tempcount++;
+ }
/* mark the connection as RECV paused */
k->keepon |= KEEP_RECV_PAUSE;
- DEBUGF(infof(data, "Pausing with %zu bytes in buffer for type %02x\n",
+ DEBUGF(infof(data, "Paused %zu bytes in buffer for type %02x\n",
len, type));
return CURLE_OK;
@@ -488,7 +538,7 @@ static CURLcode pausewrite(struct Curl_easy *data,
*/
CURLcode Curl_client_chop_write(struct connectdata *conn,
int type,
- char * ptr,
+ char *ptr,
size_t len)
{
struct Curl_easy *data = conn->data;
@@ -498,31 +548,10 @@ CURLcode Curl_client_chop_write(struct connectdata *conn,
if(!len)
return CURLE_OK;
- /* If reading is actually paused, we're forced to append this chunk of data
- to the already held data, but only if it is the same type as otherwise it
- can't work and it'll return error instead. */
- if(data->req.keepon & KEEP_RECV_PAUSE) {
- size_t newlen;
- char *newptr;
- if(type != data->state.tempwritetype)
- /* major internal confusion */
- return CURLE_RECV_ERROR;
-
- DEBUGASSERT(data->state.tempwrite);
-
- /* figure out the new size of the data to save */
- newlen = len + data->state.tempwritesize;
- /* allocate the new memory area */
- newptr = realloc(data->state.tempwrite, newlen);
- if(!newptr)
- return CURLE_OUT_OF_MEMORY;
- /* copy the new data to the end of the new area */
- memcpy(newptr + data->state.tempwritesize, ptr, len);
- /* update the pointer and the size */
- data->state.tempwrite = newptr;
- data->state.tempwritesize = newlen;
- return CURLE_OK;
- }
+ /* If reading is paused, append this data to the already held data for this
+ type. */
+ if(data->req.keepon & KEEP_RECV_PAUSE)
+ return pausewrite(data, type, ptr, len);
/* Determine the callback(s) to use. */
if(type & CLIENTWRITE_BODY)
@@ -552,10 +581,9 @@ CURLcode Curl_client_chop_write(struct connectdata *conn,
failf(data, "Write callback asked for PAUSE when not supported!");
return CURLE_WRITE_ERROR;
}
- else
- return pausewrite(data, type, ptr, len);
+ return pausewrite(data, type, ptr, len);
}
- else if(wrote != chunklen) {
+ if(wrote != chunklen) {
failf(data, "Failed writing body (%zu != %zu)", wrote, chunklen);
return CURLE_WRITE_ERROR;
}
@@ -571,7 +599,7 @@ CURLcode Curl_client_chop_write(struct connectdata *conn,
return pausewrite(data, CLIENTWRITE_HEADER, ptr, len);
if(wrote != chunklen) {
- failf (data, "Failed writing header");
+ failf(data, "Failed writing header");
return CURLE_WRITE_ERROR;
}
}
@@ -603,6 +631,8 @@ CURLcode Curl_client_write(struct connectdata *conn,
if(0 == len)
len = strlen(ptr);
+ DEBUGASSERT(type <= 3);
+
/* FTP data may need conversion. */
if((type & CLIENTWRITE_BODY) &&
(conn->handler->protocol & PROTO_FAMILY_FTP) &&
@@ -639,8 +669,7 @@ CURLcode Curl_read_plain(curl_socket_t sockfd,
#endif
if(return_error)
return CURLE_AGAIN;
- else
- return CURLE_RECV_ERROR;
+ return CURLE_RECV_ERROR;
}
/* we only return number of bytes read when we return OK */
@@ -664,9 +693,10 @@ CURLcode Curl_read(struct connectdata *conn, /* connection
data */
ssize_t nread = 0;
size_t bytesfromsocket = 0;
char *buffertofill = NULL;
+ struct Curl_easy *data = conn->data;
/* if HTTP/1 pipelining is both wanted and possible */
- bool pipelining = Curl_pipeline_wanted(conn->data->multi, CURLPIPE_HTTP1) &&
+ bool pipelining = Curl_pipeline_wanted(data->multi, CURLPIPE_HTTP1) &&
(conn->bundle->multiuse == BUNDLE_PIPELINING);
/* Set 'num' to 0 or 1, depending on which socket that has been sent here.
@@ -692,13 +722,11 @@ CURLcode Curl_read(struct connectdata *conn, /*
connection data */
}
/* If we come here, it means that there is no data to read from the buffer,
* so we read from the socket */
- bytesfromsocket = CURLMIN(sizerequested, BUFSIZE * sizeof (char));
+ bytesfromsocket = CURLMIN(sizerequested, MASTERBUF_SIZE);
buffertofill = conn->master_buffer;
}
else {
- bytesfromsocket = CURLMIN((long)sizerequested,
- conn->data->set.buffer_size ?
- conn->data->set.buffer_size : BUFSIZE);
+ bytesfromsocket = CURLMIN(sizerequested, (size_t)data->set.buffer_size);
buffertofill = buf;
}
@@ -723,21 +751,19 @@ static int showit(struct Curl_easy *data, curl_infotype
type,
{
static const char s_infotype[CURLINFO_END][3] = {
"* ", "< ", "> ", "{ ", "} ", "{ ", "} " };
+ int rc = 0;
#ifdef CURL_DOES_CONVERSIONS
- char buf[BUFSIZE+1];
+ char *buf = NULL;
size_t conv_size = 0;
switch(type) {
case CURLINFO_HEADER_OUT:
- /* assume output headers are ASCII */
- /* copy the data into my buffer so the original is unchanged */
- if(size > BUFSIZE) {
- size = BUFSIZE; /* truncate if necessary */
- buf[BUFSIZE] = '\0';
- }
+ buf = Curl_memdup(ptr, size);
+ if(!buf)
+ return 1;
conv_size = size;
- memcpy(buf, ptr, size);
+
/* Special processing is needed for this block if it
* contains both headers and data (separated by CRLFCRLF).
* We want to convert just the headers, leaving the data as-is.
@@ -765,26 +791,29 @@ static int showit(struct Curl_easy *data, curl_infotype
type,
#endif /* CURL_DOES_CONVERSIONS */
if(data->set.fdebug)
- return (*data->set.fdebug)(data, type, ptr, size,
- data->set.debugdata);
-
- switch(type) {
- case CURLINFO_TEXT:
- case CURLINFO_HEADER_OUT:
- case CURLINFO_HEADER_IN:
- fwrite(s_infotype[type], 2, 1, data->set.err);
- fwrite(ptr, size, 1, data->set.err);
+ rc = (*data->set.fdebug)(data, type, ptr, size, data->set.debugdata);
+ else {
+ switch(type) {
+ case CURLINFO_TEXT:
+ case CURLINFO_HEADER_OUT:
+ case CURLINFO_HEADER_IN:
+ fwrite(s_infotype[type], 2, 1, data->set.err);
+ fwrite(ptr, size, 1, data->set.err);
#ifdef CURL_DOES_CONVERSIONS
- if(size != conv_size) {
- /* we had untranslated data so we need an explicit newline */
- fwrite("\n", 1, 1, data->set.err);
- }
+ if(size != conv_size) {
+ /* we had untranslated data so we need an explicit newline */
+ fwrite("\n", 1, 1, data->set.err);
+ }
#endif
- break;
- default: /* nada */
- break;
+ break;
+ default: /* nada */
+ break;
+ }
}
- return 0;
+#ifdef CURL_DOES_CONVERSIONS
+ free(buf);
+#endif
+ return rc;
}
int Curl_debug(struct Curl_easy *data, curl_infotype type,
@@ -796,7 +825,7 @@ int Curl_debug(struct Curl_easy *data, curl_infotype type,
char buffer[160];
const char *t=NULL;
const char *w="Data";
- switch (type) {
+ switch(type) {
case CURLINFO_HEADER_IN:
w = "Header";
/* FALLTHROUGH */
diff --git a/lib/sendf.h b/lib/sendf.h
index a951a0b4f..fbe4f99c8 100644
--- a/lib/sendf.h
+++ b/lib/sendf.h
@@ -56,6 +56,8 @@ CURLcode Curl_client_chop_write(struct connectdata *conn, int
type, char *ptr,
CURLcode Curl_client_write(struct connectdata *conn, int type, char *ptr,
size_t len) WARN_UNUSED_RESULT;
+bool Curl_recv_has_postponed_data(struct connectdata *conn, int sockindex);
+
/* internal read-function, does plain socket only */
CURLcode Curl_read_plain(curl_socket_t sockfd,
char *buf,
diff --git a/lib/setup-os400.h b/lib/setup-os400.h
index e32b72f21..a3c2a7bdc 100644
--- a/lib/setup-os400.h
+++ b/lib/setup-os400.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -41,18 +41,18 @@ typedef unsigned long u_int32_t;
#include <qsoasync.h>
#include <gssapi.h>
-extern int Curl_getaddrinfo_a(const char * nodename,
- const char * servname,
- const struct addrinfo * hints,
- struct addrinfo * * res);
+extern int Curl_getaddrinfo_a(const char *nodename,
+ const char *servname,
+ const struct addrinfo *hints,
+ struct addrinfo **res);
#define getaddrinfo Curl_getaddrinfo_a
-extern int Curl_getnameinfo_a(const struct sockaddr * sa,
- curl_socklen_t salen,
- char * nodename, curl_socklen_t nodenamelen,
- char * servname, curl_socklen_t servnamelen,
- int flags);
+extern int Curl_getnameinfo_a(const struct sockaddr *sa,
+ curl_socklen_t salen,
+ char *nodename, curl_socklen_t nodenamelen,
+ char *servname, curl_socklen_t servnamelen,
+ int flags);
#define getnameinfo Curl_getnameinfo_a
@@ -79,7 +79,7 @@ extern int Curl_gsk_secure_soc_init(gsk_handle
my_session_handle);
extern int Curl_gsk_attribute_set_buffer_a(gsk_handle my_gsk_handle,
GSK_BUF_ID bufID,
- const char * buffer,
+ const char *buffer,
int bufSize);
#define gsk_attribute_set_buffer Curl_gsk_attribute_set_buffer_a
@@ -95,29 +95,29 @@ extern int
Curl_gsk_attribute_set_numeric_value(gsk_handle my_gsk_handle,
extern int Curl_gsk_attribute_set_callback(gsk_handle my_gsk_handle,
GSK_CALLBACK_ID callBackID,
- void * callBackAreaPtr);
+ void *callBackAreaPtr);
#define gsk_attribute_set_callback Curl_gsk_attribute_set_callback
extern int Curl_gsk_attribute_get_buffer_a(gsk_handle my_gsk_handle,
GSK_BUF_ID bufID,
- const char * * buffer,
- int * bufSize);
+ const char **buffer,
+ int *bufSize);
#define gsk_attribute_get_buffer Curl_gsk_attribute_get_buffer_a
extern int Curl_gsk_attribute_get_enum(gsk_handle my_gsk_handle,
GSK_ENUM_ID enumID,
- GSK_ENUM_VALUE * enumValue);
+ GSK_ENUM_VALUE *enumValue);
#define gsk_attribute_get_enum Curl_gsk_attribute_get_enum
extern int Curl_gsk_attribute_get_numeric_value(gsk_handle my_gsk_handle,
GSK_NUM_ID numID,
- int * numValue);
+ int *numValue);
#define gsk_attribute_get_numeric_value Curl_gsk_attribute_get_numeric_value
extern int Curl_gsk_attribute_get_cert_info(gsk_handle my_gsk_handle,
GSK_CERT_ID certID,
- const gsk_cert_data_elem * * certDataElem,
- int * certDataElementCount);
+ const gsk_cert_data_elem **certDataElem,
+ int *certDataElementCount);
#define gsk_attribute_get_cert_info Curl_gsk_attribute_get_cert_info
extern int Curl_gsk_secure_soc_misc(gsk_handle my_session_handle,
@@ -125,13 +125,13 @@ extern int Curl_gsk_secure_soc_misc(gsk_handle
my_session_handle,
#define gsk_secure_soc_misc Curl_gsk_secure_soc_misc
extern int Curl_gsk_secure_soc_read(gsk_handle my_session_handle,
- char * readBuffer,
- int readBufSize, int * amtRead);
+ char *readBuffer,
+ int readBufSize, int *amtRead);
#define gsk_secure_soc_read Curl_gsk_secure_soc_read
extern int Curl_gsk_secure_soc_write(gsk_handle my_session_handle,
- char * writeBuffer,
- int writeBufSize, int * amtWritten);
+ char *writeBuffer,
+ int writeBufSize, int *amtWritten);
#define gsk_secure_soc_write Curl_gsk_secure_soc_write
extern const char * Curl_gsk_strerror_a(int gsk_return_value);
@@ -202,10 +202,10 @@ extern OM_uint32 Curl_gss_delete_sec_context_a(OM_uint32
* minor_status,
extern int Curl_os400_connect(int sd, struct sockaddr * destaddr, int addrlen);
extern int Curl_os400_bind(int sd, struct sockaddr * localaddr, int addrlen);
-extern int Curl_os400_sendto(int sd, char * buffer, int buflen, int flags,
- struct sockaddr * dstaddr, int addrlen);
-extern int Curl_os400_recvfrom(int sd, char * buffer, int buflen, int flags,
- struct sockaddr * fromaddr, int * addrlen);
+extern int Curl_os400_sendto(int sd, char *buffer, int buflen, int flags,
+ struct sockaddr * dstaddr, int addrlen);
+extern int Curl_os400_recvfrom(int sd, char *buffer, int buflen, int flags,
+ struct sockaddr *fromaddr, int *addrlen);
#define connect Curl_os400_connect
#define bind Curl_os400_bind
diff --git a/lib/setup-vms.h b/lib/setup-vms.h
index 4b78e0bf0..6c454aee6 100644
--- a/lib/setup-vms.h
+++ b/lib/setup-vms.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -41,7 +41,7 @@
# endif
#endif
#include <stdlib.h>
- char * decc$getenv(const char * __name);
+char *decc$getenv(const char *__name);
#include <pwd.h>
#include <string.h>
@@ -79,23 +79,24 @@
# if __INITIAL_POINTER_SIZE == 32
/* Translate the path, but only if the path is a VMS file specification */
/* The translation is usually only needed for older versions of VMS */
-static char * vms_translate_path(const char * path) {
-char * unix_path;
-char * test_str;
-
- /* See if the result is in VMS format, if not, we are done */
- /* Assume that this is a PATH, not just some data */
- test_str = strpbrk(path, ":[<^");
- if(test_str == NULL) {
- return (char *)path;
- }
-
- unix_path = decc$translate_vms(path);
-
- if((int)unix_path <= 0) {
- /* We can not translate it, so return the original string */
- return (char *)path;
- }
+static char *vms_translate_path(const char *path)
+{
+ char *unix_path;
+ char *test_str;
+
+ /* See if the result is in VMS format, if not, we are done */
+ /* Assume that this is a PATH, not just some data */
+ test_str = strpbrk(path, ":[<^");
+ if(test_str == NULL) {
+ return (char *)path;
+ }
+
+ unix_path = decc$translate_vms(path);
+
+ if((int)unix_path <= 0) {
+ /* We can not translate it, so return the original string */
+ return (char *)path;
+ }
}
# else
/* VMS translate path is actually not needed on the current 64 bit */
@@ -111,74 +112,74 @@ char * test_str;
# endif
#endif
-static char * vms_getenv(const char * envvar) {
+static char *vms_getenv(const char *envvar)
+{
+ char *result;
+ char *vms_path;
-char * result;
-char * vms_path;
-
- /* first use the DECC getenv() function */
- result = decc$getenv(envvar);
- if(result == NULL) {
- return result;
- }
+ /* first use the DECC getenv() function */
+ result = decc$getenv(envvar);
+ if(result == NULL) {
+ return result;
+ }
- vms_path = result;
- result = vms_translate_path(vms_path);
+ vms_path = result;
+ result = vms_translate_path(vms_path);
- /* note that if you backport this to use VAX C RTL, that the VAX C RTL */
- /* may do a malloc(2048) for each call to getenv(), so you will need */
- /* to add a free(vms_path) */
- /* Do not do a free() for DEC C RTL builds, which should be used for */
- /* VMS 5.5-2 and later, even if using GCC */
+ /* note that if you backport this to use VAX C RTL, that the VAX C RTL */
+ /* may do a malloc(2048) for each call to getenv(), so you will need */
+ /* to add a free(vms_path) */
+ /* Do not do a free() for DEC C RTL builds, which should be used for */
+ /* VMS 5.5-2 and later, even if using GCC */
- return result;
+ return result;
}
static struct passwd vms_passwd_cache;
-static struct passwd * vms_getpwuid(uid_t uid) {
-
-struct passwd * my_passwd;
+static struct passwd * vms_getpwuid(uid_t uid)
+{
+ struct passwd * my_passwd;
/* Hack needed to support 64 bit builds, decc_getpwnam is 32 bit only */
#ifdef __DECC
# if __INITIAL_POINTER_SIZE
-__char_ptr32 unix_path;
+ __char_ptr32 unix_path;
# else
-char * unix_path;
+ char *unix_path;
# endif
#else
-char * unix_path;
+ char *unix_path;
#endif
- my_passwd = decc_getpwuid(uid);
- if(my_passwd == NULL) {
- return my_passwd;
- }
-
- unix_path = vms_translate_path(my_passwd->pw_dir);
-
- if((long)unix_path <= 0) {
- /* We can not translate it, so return the original string */
- return my_passwd;
- }
-
- /* If no changes needed just return it */
- if(unix_path == my_passwd->pw_dir) {
- return my_passwd;
- }
-
- /* Need to copy the structure returned */
- /* Since curl is only using pw_dir, no need to fix up *
- /* the pw_shell when running under Bash */
- vms_passwd_cache.pw_name = my_passwd->pw_name;
- vms_passwd_cache.pw_uid = my_passwd->pw_uid;
- vms_passwd_cache.pw_gid = my_passwd->pw_uid;
- vms_passwd_cache.pw_dir = unix_path;
- vms_passwd_cache.pw_shell = my_passwd->pw_shell;
-
- return &vms_passwd_cache;
+ my_passwd = decc_getpwuid(uid);
+ if(my_passwd == NULL) {
+ return my_passwd;
+ }
+
+ unix_path = vms_translate_path(my_passwd->pw_dir);
+
+ if((long)unix_path <= 0) {
+ /* We can not translate it, so return the original string */
+ return my_passwd;
+ }
+
+ /* If no changes needed just return it */
+ if(unix_path == my_passwd->pw_dir) {
+ return my_passwd;
+ }
+
+ /* Need to copy the structure returned */
+ /* Since curl is only using pw_dir, no need to fix up */
+ /* the pw_shell when running under Bash */
+ vms_passwd_cache.pw_name = my_passwd->pw_name;
+ vms_passwd_cache.pw_uid = my_passwd->pw_uid;
+ vms_passwd_cache.pw_gid = my_passwd->pw_uid;
+ vms_passwd_cache.pw_dir = unix_path;
+ vms_passwd_cache.pw_shell = my_passwd->pw_shell;
+
+ return &vms_passwd_cache;
}
#ifdef __DECC
diff --git a/lib/share.c b/lib/share.c
index 5b3957fcf..3b2f7fdfc 100644
--- a/lib/share.c
+++ b/lib/share.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "share.h"
#include "vtls/vtls.h"
diff --git a/lib/share.h b/lib/share.h
index e689ff2d2..59a4a14f0 100644
--- a/lib/share.h
+++ b/lib/share.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,7 +23,7 @@
***************************************************************************/
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "cookie.h"
#include "urldata.h"
@@ -54,8 +54,8 @@ struct Curl_share {
long sessionage;
};
-CURLSHcode Curl_share_lock (struct Curl_easy *, curl_lock_data,
- curl_lock_access);
-CURLSHcode Curl_share_unlock (struct Curl_easy *, curl_lock_data);
+CURLSHcode Curl_share_lock(struct Curl_easy *, curl_lock_data,
+ curl_lock_access);
+CURLSHcode Curl_share_unlock(struct Curl_easy *, curl_lock_data);
#endif /* HEADER_CURL_SHARE_H */
diff --git a/lib/slist.c b/lib/slist.c
index e5adc0e71..9e5df832b 100644
--- a/lib/slist.c
+++ b/lib/slist.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "slist.h"
diff --git a/lib/smb.c b/lib/smb.c
index 56a38c2f2..13dfd514b 100644
--- a/lib/smb.c
+++ b/lib/smb.c
@@ -6,7 +6,7 @@
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2014, Bill Nagel <address@hidden>, Exacq Technologies
- * Copyright (C) 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2016-2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,8 +23,8 @@
#include "curl_setup.h"
-#if !defined(CURL_DISABLE_SMB) && defined(USE_NTLM) && \
- (CURL_SIZEOF_CURL_OFF_T > 4)
+#if !defined(CURL_DISABLE_SMB) && defined(USE_NTLM) && \
+ (CURL_SIZEOF_CURL_OFF_T > 4)
#if !defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO)
@@ -32,8 +32,12 @@
#ifdef HAVE_PROCESS_H
#include <process.h>
+#ifdef CURL_WINDOWS_APP
+#define getpid GetCurrentProcessId
+#elif !defined(MSDOS)
#define getpid _getpid
#endif
+#endif
#include "smb.h"
#include "urldata.h"
@@ -81,6 +85,7 @@ const struct Curl_handler Curl_handler_smb = {
ZERO_NULL, /* perform_getsock */
smb_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_SMB, /* defport */
CURLPROTO_SMB, /* protocol */
PROTOPT_NONE /* flags */
@@ -105,6 +110,7 @@ const struct Curl_handler Curl_handler_smbs = {
ZERO_NULL, /* perform_getsock */
smb_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_SMBS, /* defport */
CURLPROTO_SMBS, /* protocol */
PROTOPT_SSL /* flags */
@@ -117,18 +123,18 @@ const struct Curl_handler Curl_handler_smbs = {
#define SERVICENAME "?????"
/* Append a string to an SMB message */
-#define MSGCAT(str) \
- strcpy(p, (str)); \
+#define MSGCAT(str) \
+ strcpy(p, (str)); \
p += strlen(str);
/* Append a null-terminated string to an SMB message */
-#define MSGCATNULL(str) \
- strcpy(p, (str)); \
+#define MSGCATNULL(str) \
+ strcpy(p, (str)); \
p += strlen(str) + 1;
/* SMB is mostly little endian */
#if (defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) || \
- defined(__OS400__)
+ defined(__OS400__)
static unsigned short smb_swap16(unsigned short x)
{
return (unsigned short) ((x << 8) | ((x >> 8) & 0xff));
@@ -137,20 +143,20 @@ static unsigned short smb_swap16(unsigned short x)
static unsigned int smb_swap32(unsigned int x)
{
return (x << 24) | ((x << 8) & 0xff0000) | ((x >> 8) & 0xff00) |
- ((x >> 24) & 0xff);
+ ((x >> 24) & 0xff);
}
#ifdef HAVE_LONGLONG
static unsigned long long smb_swap64(unsigned long long x)
{
return ((unsigned long long) smb_swap32((unsigned int) x) << 32) |
- smb_swap32((unsigned int) (x >> 32));
+ smb_swap32((unsigned int) (x >> 32));
}
#else
static unsigned __int64 smb_swap64(unsigned __int64 x)
{
return ((unsigned __int64) smb_swap32((unsigned int) x) << 32) |
- smb_swap32((unsigned int) (x >> 32));
+ smb_swap32((unsigned int) (x >> 32));
}
#endif
#else
@@ -197,7 +203,7 @@ static void conn_state(struct connectdata *conn, enum
smb_conn_state newstate)
if(smb->state != newstate)
infof(conn->data, "SMB conn %p state change from %s to %s\n",
- (void *)smb, names[smb->state], names[newstate]);
+ (void *)smb, names[smb->state], names[newstate]);
#endif
smb->state = newstate;
@@ -223,7 +229,7 @@ static void request_state(struct connectdata *conn,
if(req->state != newstate)
infof(conn->data, "SMB request %p state change from %s to %s\n",
- (void *)req, names[req->state], names[newstate]);
+ (void *)req, names[req->state], names[newstate]);
#endif
req->state = newstate;
@@ -308,8 +314,9 @@ static CURLcode smb_recv_message(struct connectdata *conn,
void **msg)
if(smbc->got < sizeof(unsigned int))
return CURLE_OK;
- nbt_size = Curl_read16_be((unsigned char *)(buf + sizeof(unsigned short))) +
- sizeof(unsigned int);
+ nbt_size = Curl_read16_be((const unsigned char *)
+ (buf + sizeof(unsigned short))) +
+ sizeof(unsigned int);
if(smbc->got < nbt_size)
return CURLE_OK;
@@ -320,7 +327,7 @@ static CURLcode smb_recv_message(struct connectdata *conn,
void **msg)
if(nbt_size >= msg_size + sizeof(unsigned short)) {
/* Add the byte count */
msg_size += sizeof(unsigned short) +
- Curl_read16_le((unsigned char *)&buf[msg_size]);
+ Curl_read16_le((const unsigned char *)&buf[msg_size]);
if(nbt_size < msg_size)
return CURLE_READ_ERROR;
}
@@ -441,7 +448,7 @@ static CURLcode smb_send_setup(struct connectdata *conn)
Curl_ntlm_core_mk_lm_hash(conn->data, conn->passwd, lm_hash);
Curl_ntlm_core_lm_resp(lm_hash, smbc->challenge, lm);
-#if USE_NTRESPONSES
+#ifdef USE_NTRESPONSES
Curl_ntlm_core_mk_nt_hash(conn->data, conn->passwd, nt_hash);
Curl_ntlm_core_lm_resp(nt_hash, smbc->challenge, nt);
#else
@@ -602,8 +609,8 @@ static CURLcode smb_send_and_recv(struct connectdata *conn,
void **msg)
/* Check if there is data in the transfer buffer */
if(!smbc->send_size && smbc->upload_size) {
- int nread = smbc->upload_size > BUFSIZE ? BUFSIZE :
- (int) smbc->upload_size;
+ int nread = smbc->upload_size > UPLOAD_BUFSIZE ? UPLOAD_BUFSIZE :
+ (int) smbc->upload_size;
conn->data->req.upload_fromhere = conn->data->state.uploadbuffer;
result = Curl_fillreadbuffer(conn, nread, &nread);
if(result && result != CURLE_AGAIN)
@@ -673,7 +680,7 @@ static CURLcode smb_connection_state(struct connectdata
*conn, bool *done)
switch(smbc->state) {
case SMB_NEGOTIATE:
- if(h->status) {
+ if(h->status || smbc->got < sizeof(*nrsp) + sizeof(smbc->challenge) - 1) {
connclose(conn, "SMB: negotiation failed");
return CURLE_COULDNT_CONNECT;
}
@@ -708,15 +715,34 @@ static CURLcode smb_connection_state(struct connectdata
*conn, bool *done)
return CURLE_OK;
}
+/*
+ * Convert a timestamp from the Windows world (100 nsec units from
+ * 1 Jan 1601) to Posix time.
+ */
+static void get_posix_time(long *_out, const void *_in)
+{
+#ifdef HAVE_LONGLONG
+ long long timestamp = *(long long *) _in;
+#else
+ unsigned __int64 timestamp = *(unsigned __int64 *) _in;
+#endif
+
+ timestamp -= 116444736000000000ULL;
+ timestamp /= 10000000;
+ *_out = (long) timestamp;
+}
+
static CURLcode smb_request_state(struct connectdata *conn, bool *done)
{
struct smb_request *req = conn->data->req.protop;
struct smb_header *h;
+ struct smb_conn *smbc = &conn->proto.smbc;
enum smb_req_state next_state = SMB_DONE;
unsigned short len;
unsigned short off;
CURLcode result;
void *msg = NULL;
+ const struct smb_nt_create_response *smb_m;
/* Start the request */
if(req->state == SMB_REQUESTING) {
@@ -754,12 +780,13 @@ static CURLcode smb_request_state(struct connectdata
*conn, bool *done)
break;
case SMB_OPEN:
- if(h->status) {
+ if(h->status || smbc->got < sizeof(struct smb_nt_create_response)) {
req->result = CURLE_REMOTE_FILE_NOT_FOUND;
next_state = SMB_TREE_DISCONNECT;
break;
}
- req->fid = smb_swap16(((struct smb_nt_create_response *)msg)->fid);
+ smb_m = (const struct smb_nt_create_response*) msg;
+ req->fid = smb_swap16(smb_m->fid);
conn->data->req.offset = 0;
if(conn->data->set.upload) {
conn->data->req.size = conn->data->state.infilesize;
@@ -767,25 +794,26 @@ static CURLcode smb_request_state(struct connectdata
*conn, bool *done)
next_state = SMB_UPLOAD;
}
else {
- conn->data->req.size =
- smb_swap64(((struct smb_nt_create_response *)msg)->end_of_file);
+ smb_m = (const struct smb_nt_create_response*) msg;
+ conn->data->req.size = smb_swap64(smb_m->end_of_file);
Curl_pgrsSetDownloadSize(conn->data, conn->data->req.size);
+ if(conn->data->set.get_filetime)
+ get_posix_time(&conn->data->info.filetime, &smb_m->last_change_time);
next_state = SMB_DOWNLOAD;
}
break;
case SMB_DOWNLOAD:
- if(h->status) {
+ if(h->status || smbc->got < sizeof(struct smb_header) + 14) {
req->result = CURLE_RECV_ERROR;
next_state = SMB_CLOSE;
break;
}
- len = Curl_read16_le(((unsigned char *) msg) +
+ len = Curl_read16_le(((const unsigned char *) msg) +
sizeof(struct smb_header) + 11);
- off = Curl_read16_le(((unsigned char *) msg) +
+ off = Curl_read16_le(((const unsigned char *) msg) +
sizeof(struct smb_header) + 13);
if(len > 0) {
- struct smb_conn *smbc = &conn->proto.smbc;
if(off + sizeof(unsigned int) + len > smbc->got) {
failf(conn->data, "Invalid input packet");
result = CURLE_RECV_ERROR;
@@ -807,12 +835,12 @@ static CURLcode smb_request_state(struct connectdata
*conn, bool *done)
break;
case SMB_UPLOAD:
- if(h->status) {
+ if(h->status || smbc->got < sizeof(struct smb_header) + 6) {
req->result = CURLE_UPLOAD_FAILED;
next_state = SMB_CLOSE;
break;
}
- len = Curl_read16_le(((unsigned char *) msg) +
+ len = Curl_read16_le(((const unsigned char *) msg) +
sizeof(struct smb_header) + 5);
conn->data->req.bytecount += len;
conn->data->req.offset += len;
diff --git a/lib/smtp.c b/lib/smtp.c
index 98504df79..9f9bd1485 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -59,7 +59,7 @@
#define in_addr_t unsigned long
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "sendf.h"
#include "hostip.h"
@@ -69,16 +69,14 @@
#include "http.h" /* for HTTP proxy tunnel stuff */
#include "socks.h"
#include "smtp.h"
-
#include "strtoofft.h"
-#include "strequal.h"
+#include "strcase.h"
#include "vtls/vtls.h"
#include "connect.h"
#include "strerror.h"
#include "select.h"
#include "multiif.h"
#include "url.h"
-#include "rawstr.h"
#include "curl_gethostname.h"
#include "curl_sasl.h"
#include "warnless.h"
@@ -105,7 +103,7 @@ static CURLcode smtp_parse_custom_request(struct
connectdata *conn);
static CURLcode smtp_perform_auth(struct connectdata *conn, const char *mech,
const char *initresp);
static CURLcode smtp_continue_auth(struct connectdata *conn, const char *resp);
-static void smtp_get_message(char *buffer, char** outptr);
+static void smtp_get_message(char *buffer, char **outptr);
/*
* SMTP protocol handler.
@@ -126,9 +124,11 @@ const struct Curl_handler Curl_handler_smtp = {
ZERO_NULL, /* perform_getsock */
smtp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_SMTP, /* defport */
CURLPROTO_SMTP, /* protocol */
- PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY /* flags */
+ PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */
+ PROTOPT_URLOPTIONS
};
#ifdef USE_SSL
@@ -151,64 +151,13 @@ const struct Curl_handler Curl_handler_smtps = {
ZERO_NULL, /* perform_getsock */
smtp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_SMTPS, /* defport */
CURLPROTO_SMTPS, /* protocol */
PROTOPT_CLOSEACTION | PROTOPT_SSL
- | PROTOPT_NOURLQUERY /* flags */
-};
-#endif
-
-#ifndef CURL_DISABLE_HTTP
-/*
- * HTTP-proxyed SMTP protocol handler.
- */
-
-static const struct Curl_handler Curl_handler_smtp_proxy = {
- "SMTP", /* scheme */
- Curl_http_setup_conn, /* setup_connection */
- Curl_http, /* do_it */
- Curl_http_done, /* done */
- ZERO_NULL, /* do_more */
- ZERO_NULL, /* connect_it */
- ZERO_NULL, /* connecting */
- ZERO_NULL, /* doing */
- ZERO_NULL, /* proto_getsock */
- ZERO_NULL, /* doing_getsock */
- ZERO_NULL, /* domore_getsock */
- ZERO_NULL, /* perform_getsock */
- ZERO_NULL, /* disconnect */
- ZERO_NULL, /* readwrite */
- PORT_SMTP, /* defport */
- CURLPROTO_HTTP, /* protocol */
- PROTOPT_NONE /* flags */
-};
-
-#ifdef USE_SSL
-/*
- * HTTP-proxyed SMTPS protocol handler.
- */
-
-static const struct Curl_handler Curl_handler_smtps_proxy = {
- "SMTPS", /* scheme */
- Curl_http_setup_conn, /* setup_connection */
- Curl_http, /* do_it */
- Curl_http_done, /* done */
- ZERO_NULL, /* do_more */
- ZERO_NULL, /* connect_it */
- ZERO_NULL, /* connecting */
- ZERO_NULL, /* doing */
- ZERO_NULL, /* proto_getsock */
- ZERO_NULL, /* doing_getsock */
- ZERO_NULL, /* domore_getsock */
- ZERO_NULL, /* perform_getsock */
- ZERO_NULL, /* disconnect */
- ZERO_NULL, /* readwrite */
- PORT_SMTPS, /* defport */
- CURLPROTO_HTTP, /* protocol */
- PROTOPT_NONE /* flags */
+ | PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS /* flags */
};
#endif
-#endif
/* SASL parameters for the smtp protocol */
static const struct SASLproto saslsmtp = {
@@ -280,10 +229,10 @@ static bool smtp_endofresp(struct connectdata *conn, char
*line, size_t len,
*
* Gets the authentication message from the response buffer.
*/
-static void smtp_get_message(char *buffer, char** outptr)
+static void smtp_get_message(char *buffer, char **outptr)
{
size_t len = 0;
- char* message = NULL;
+ char *message = NULL;
/* Find the start of the message */
for(message = buffer + 4; *message == ' ' || *message == '\t'; message++)
@@ -694,7 +643,7 @@ static CURLcode smtp_state_starttls_resp(struct connectdata
*conn,
if(smtpcode != 220) {
if(data->set.use_ssl != CURLUSESSL_TRY) {
- failf(data, "STARTTLS denied. %c", smtpcode);
+ failf(data, "STARTTLS denied, code %d", smtpcode);
result = CURLE_USE_SSL_FAILED;
}
else
@@ -1452,30 +1401,6 @@ static CURLcode smtp_setup_connection(struct connectdata
*conn)
/* Clear the TLS upgraded flag */
conn->tls_upgraded = FALSE;
- /* Set up the proxy if necessary */
- if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) {
- /* Unless we have asked to tunnel SMTP operations through the proxy, we
- switch and use HTTP operations only */
-#ifndef CURL_DISABLE_HTTP
- if(conn->handler == &Curl_handler_smtp)
- conn->handler = &Curl_handler_smtp_proxy;
- else {
-#ifdef USE_SSL
- conn->handler = &Curl_handler_smtps_proxy;
-#else
- failf(data, "SMTPS not supported!");
- return CURLE_UNSUPPORTED_PROTOCOL;
-#endif
- }
- /* set it up as a HTTP connection instead */
- return conn->handler->setup_connection(conn);
-
-#else
- failf(data, "SMTP over http proxy requires HTTP support built-in!");
- return CURLE_UNSUPPORTED_PROTOCOL;
-#endif
- }
-
/* Initialise the SMTP layer */
result = smtp_init(conn);
if(result)
@@ -1512,7 +1437,7 @@ static CURLcode smtp_parse_url_options(struct connectdata
*conn)
while(*ptr && *ptr != ';')
ptr++;
- if(strnequal(key, "AUTH=", 5))
+ if(strncasecompare(key, "AUTH=", 5))
result = Curl_sasl_parse_url_auth_option(&smtpc->sasl,
value, ptr - value);
else
@@ -1592,7 +1517,7 @@ CURLcode Curl_smtp_escape_eob(struct connectdata *conn,
const ssize_t nread)
if(!scratch || data->set.crlf) {
oldscratch = scratch;
- scratch = newscratch = malloc(2 * BUFSIZE);
+ scratch = newscratch = malloc(2 * data->set.buffer_size);
if(!newscratch) {
failf(data, "Failed to alloc scratch buffer!");
diff --git a/lib/socks.c b/lib/socks.c
index 1c01a0b93..000cd9c2d 100644
--- a/lib/socks.c
+++ b/lib/socks.c
@@ -33,7 +33,6 @@
#include "urldata.h"
#include "sendf.h"
-#include "strequal.h"
#include "select.h"
#include "connect.h"
#include "timeval.h"
@@ -58,7 +57,7 @@ int Curl_blockread_all(struct connectdata *conn, /*
connection data */
ssize_t nread;
ssize_t allread = 0;
int result;
- long timeleft;
+ time_t timeleft;
*n = 0;
for(;;) {
timeleft = Curl_timeleft(conn->data, NULL, TRUE);
@@ -67,14 +66,14 @@ int Curl_blockread_all(struct connectdata *conn, /*
connection data */
result = CURLE_OPERATION_TIMEDOUT;
break;
}
- if(Curl_socket_ready(sockfd, CURL_SOCKET_BAD, timeleft) <= 0) {
+ if(SOCKET_READABLE(sockfd, timeleft) <= 0) {
result = ~CURLE_OK;
break;
}
result = Curl_read_plain(sockfd, buf, buffersize, &nread);
if(CURLE_AGAIN == result)
continue;
- else if(result)
+ if(result)
break;
if(buffersize == nread) {
@@ -106,13 +105,14 @@ int Curl_blockread_all(struct connectdata *conn, /*
connection data */
* Set protocol4a=true for "SOCKS 4A (Simple Extension to SOCKS 4 Protocol)"
* Nonsupport "Identification Protocol (RFC1413)"
*/
-CURLcode Curl_SOCKS4(const char *proxy_name,
+CURLcode Curl_SOCKS4(const char *proxy_user,
const char *hostname,
int remote_port,
int sockindex,
- struct connectdata *conn,
- bool protocol4a)
+ struct connectdata *conn)
{
+ const bool protocol4a =
+ (conn->socks_proxy.proxytype == CURLPROXY_SOCKS4A) ? TRUE : FALSE;
#define SOCKS4REQLEN 262
unsigned char socksreq[SOCKS4REQLEN]; /* room for SOCKS4 request incl. user
id */
@@ -127,6 +127,10 @@ CURLcode Curl_SOCKS4(const char *proxy_name,
return CURLE_OPERATION_TIMEDOUT;
}
+ if(conn->bits.httpproxy)
+ infof(conn->data, "SOCKS4%s: connecting to HTTP proxy %s port %d\n",
+ protocol4a ? "a" : "", hostname, remote_port);
+
(void)curlx_nonblock(sock, FALSE);
infof(data, "SOCKS4 communication to %s:%d\n", hostname, remote_port);
@@ -175,11 +179,11 @@ CURLcode Curl_SOCKS4(const char *proxy_name,
if(hp->ai_family == AF_INET) {
struct sockaddr_in *saddr_in;
- saddr_in = (struct sockaddr_in*)(void*)hp->ai_addr;
- socksreq[4] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[0];
- socksreq[5] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[1];
- socksreq[6] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[2];
- socksreq[7] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[3];
+ saddr_in = (struct sockaddr_in *)(void *)hp->ai_addr;
+ socksreq[4] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[0];
+ socksreq[5] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[1];
+ socksreq[6] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[2];
+ socksreq[7] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[3];
infof(data, "SOCKS4 connect to IPv4 %s (locally resolved)\n", buf);
}
@@ -202,14 +206,14 @@ CURLcode Curl_SOCKS4(const char *proxy_name,
* This is currently not supporting "Identification Protocol (RFC1413)".
*/
socksreq[8] = 0; /* ensure empty userid is NUL-terminated */
- if(proxy_name) {
- size_t plen = strlen(proxy_name);
+ if(proxy_user) {
+ size_t plen = strlen(proxy_user);
if(plen >= sizeof(socksreq) - 8) {
failf(data, "Too long SOCKS proxy name, can't use!\n");
return CURLE_COULDNT_CONNECT;
}
/* copy the proxy name WITH trailing zero */
- memcpy(socksreq + 8, proxy_name, plen+1);
+ memcpy(socksreq + 8, proxy_user, plen+1);
}
/*
@@ -220,7 +224,7 @@ CURLcode Curl_SOCKS4(const char *proxy_name,
ssize_t written;
ssize_t hostnamelen = 0;
int packetsize = 9 +
- (int)strlen((char*)socksreq + 8); /* size including NUL */
+ (int)strlen((char *)socksreq + 8); /* size including NUL */
/* If SOCKS4a, set special invalid IP address 0.0.0.x */
if(protocol4a) {
@@ -231,7 +235,7 @@ CURLcode Curl_SOCKS4(const char *proxy_name,
/* If still enough room in buffer, also append hostname */
hostnamelen = (ssize_t)strlen(hostname) + 1; /* length including NUL */
if(packetsize + hostnamelen <= SOCKS4REQLEN)
- strcpy((char*)socksreq + packetsize, hostname);
+ strcpy((char *)socksreq + packetsize, hostname);
else
hostnamelen = 0; /* Flag: hostname did not fit in buffer */
}
@@ -346,7 +350,7 @@ CURLcode Curl_SOCKS4(const char *proxy_name,
* This function logs in to a SOCKS5 proxy and sends the specifics to the final
* destination server.
*/
-CURLcode Curl_SOCKS5(const char *proxy_name,
+CURLcode Curl_SOCKS5(const char *proxy_user,
const char *proxy_password,
const char *hostname,
int remote_port,
@@ -371,16 +375,24 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
*/
unsigned char socksreq[600]; /* room for large user/pw (255 max each) */
+ int idx;
ssize_t actualread;
ssize_t written;
int result;
CURLcode code;
curl_socket_t sock = conn->sock[sockindex];
struct Curl_easy *data = conn->data;
- long timeout;
- bool socks5_resolve_local = (conn->proxytype == CURLPROXY_SOCKS5)?TRUE:FALSE;
+ time_t timeout;
+ bool socks5_resolve_local =
+ (conn->socks_proxy.proxytype == CURLPROXY_SOCKS5) ? TRUE : FALSE;
const size_t hostname_len = strlen(hostname);
ssize_t len = 0;
+ const unsigned long auth = data->set.socks5auth;
+ bool allow_gssapi = FALSE;
+
+ if(conn->bits.httpproxy)
+ infof(conn->data, "SOCKS5: connecting to HTTP proxy %s port %d\n",
+ hostname, remote_port);
/* RFC1928 chapter 5 specifies max 255 chars for domain name in packet */
if(!socks5_resolve_local && hostname_len > 255) {
@@ -401,13 +413,13 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
(void)curlx_nonblock(sock, TRUE);
/* wait until socket gets connected */
- result = Curl_socket_ready(CURL_SOCKET_BAD, sock, timeout);
+ result = SOCKET_WRITABLE(sock, timeout);
if(-1 == result) {
failf(conn->data, "SOCKS5: no connection here");
return CURLE_COULDNT_CONNECT;
}
- else if(0 == result) {
+ if(0 == result) {
failf(conn->data, "SOCKS5: connection timeout");
return CURLE_OPERATION_TIMEDOUT;
}
@@ -417,18 +429,29 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
return CURLE_COULDNT_CONNECT;
}
- socksreq[0] = 5; /* version */
+ if(auth & ~(CURLAUTH_BASIC | CURLAUTH_GSSAPI))
+ infof(conn->data,
+ "warning: unsupported value passed to CURLOPT_SOCKS5_AUTH: %lu\n",
+ auth);
+ if(!(auth & CURLAUTH_BASIC))
+ /* disable username/password auth */
+ proxy_user = NULL;
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
- socksreq[1] = (char)(proxy_name ? 3 : 2); /* number of methods (below) */
- socksreq[2] = 0; /* no authentication */
- socksreq[3] = 1; /* GSS-API */
- socksreq[4] = 2; /* username/password */
-#else
- socksreq[1] = (char)(proxy_name ? 2 : 1); /* number of methods (below) */
- socksreq[2] = 0; /* no authentication */
- socksreq[3] = 2; /* username/password */
+ if(auth & CURLAUTH_GSSAPI)
+ allow_gssapi = TRUE;
#endif
+ idx = 0;
+ socksreq[idx++] = 5; /* version */
+ idx++; /* reserve for the number of authentication methods */
+ socksreq[idx++] = 0; /* no authentication */
+ if(allow_gssapi)
+ socksreq[idx++] = 1; /* GSS-API */
+ if(proxy_user)
+ socksreq[idx++] = 2; /* username/password */
+ /* write the number of authentication methods */
+ socksreq[1] = (unsigned char) (idx - 2);
+
(void)curlx_nonblock(sock, FALSE);
infof(data, "SOCKS5 communication to %s:%d\n", hostname, remote_port);
@@ -442,13 +465,13 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
(void)curlx_nonblock(sock, TRUE);
- result = Curl_socket_ready(sock, CURL_SOCKET_BAD, timeout);
+ result = SOCKET_READABLE(sock, timeout);
if(-1 == result) {
failf(conn->data, "SOCKS5 nothing to read");
return CURLE_COULDNT_CONNECT;
}
- else if(0 == result) {
+ if(0 == result) {
failf(conn->data, "SOCKS5 read timeout");
return CURLE_OPERATION_TIMEDOUT;
}
@@ -475,7 +498,7 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
;
}
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
- else if(socksreq[1] == 1) {
+ else if(allow_gssapi && (socksreq[1] == 1)) {
code = Curl_SOCKS5_gssapi_negotiate(sockindex, conn);
if(code) {
failf(data, "Unable to negotiate SOCKS5 GSS-API context.");
@@ -485,13 +508,13 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
#endif
else if(socksreq[1] == 2) {
/* Needs user name and password */
- size_t proxy_name_len, proxy_password_len;
- if(proxy_name && proxy_password) {
- proxy_name_len = strlen(proxy_name);
+ size_t proxy_user_len, proxy_password_len;
+ if(proxy_user && proxy_password) {
+ proxy_user_len = strlen(proxy_user);
proxy_password_len = strlen(proxy_password);
}
else {
- proxy_name_len = 0;
+ proxy_user_len = 0;
proxy_password_len = 0;
}
@@ -504,10 +527,10 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
*/
len = 0;
socksreq[len++] = 1; /* username/pw subnegotiation version */
- socksreq[len++] = (unsigned char) proxy_name_len;
- if(proxy_name && proxy_name_len)
- memcpy(socksreq + len, proxy_name, proxy_name_len);
- len += proxy_name_len;
+ socksreq[len++] = (unsigned char) proxy_user_len;
+ if(proxy_user && proxy_user_len)
+ memcpy(socksreq + len, proxy_user, proxy_user_len);
+ len += proxy_user_len;
socksreq[len++] = (unsigned char) proxy_password_len;
if(proxy_password && proxy_password_len)
memcpy(socksreq + len, proxy_password, proxy_password_len);
@@ -536,17 +559,13 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
}
else {
/* error */
-#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
- if(socksreq[1] == 255) {
-#else
- if(socksreq[1] == 1) {
+ if(!allow_gssapi && (socksreq[1] == 1)) {
failf(data,
"SOCKS5 GSSAPI per-message authentication is not supported.");
return CURLE_COULDNT_CONNECT;
}
- else if(socksreq[1] == 255) {
-#endif
- if(!proxy_name || !*proxy_name) {
+ if(socksreq[1] == 255) {
+ if(!proxy_user || !*proxy_user) {
failf(data,
"No authentication method was acceptable. (It is quite likely"
" that the SOCKS5 server wanted a username/password, since none"
@@ -606,9 +625,9 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
struct sockaddr_in *saddr_in;
socksreq[len++] = 1; /* ATYP: IPv4 = 1 */
- saddr_in = (struct sockaddr_in*)(void*)hp->ai_addr;
+ saddr_in = (struct sockaddr_in *)(void *)hp->ai_addr;
for(i = 0; i < 4; i++) {
- socksreq[len++] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[i];
+ socksreq[len++] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[i];
}
infof(data, "SOCKS5 connect to IPv4 %s (locally resolved)\n", buf);
@@ -618,9 +637,10 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
struct sockaddr_in6 *saddr_in6;
socksreq[len++] = 4; /* ATYP: IPv6 = 4 */
- saddr_in6 = (struct sockaddr_in6*)(void*)hp->ai_addr;
+ saddr_in6 = (struct sockaddr_in6 *)(void *)hp->ai_addr;
for(i = 0; i < 16; i++) {
- socksreq[len++] = ((unsigned char*)&saddr_in6->sin6_addr.s6_addr)[i];
+ socksreq[len++] =
+ ((unsigned char *)&saddr_in6->sin6_addr.s6_addr)[i];
}
infof(data, "SOCKS5 connect to IPv6 %s (locally resolved)\n", buf);
@@ -762,9 +782,7 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
}
return CURLE_COULDNT_CONNECT;
}
- else {
- infof(data, "SOCKS5 request granted.\n");
- }
+ infof(data, "SOCKS5 request granted.\n");
(void)curlx_nonblock(sock, TRUE);
return CURLE_OK; /* Proxy was successful! */
diff --git a/lib/socks.h b/lib/socks.h
index a44ada6be..348707e74 100644
--- a/lib/socks.h
+++ b/lib/socks.h
@@ -25,7 +25,7 @@
#include "curl_setup.h"
#ifdef CURL_DISABLE_PROXY
-#define Curl_SOCKS4(a,b,c,d,e,f) CURLE_NOT_BUILT_IN
+#define Curl_SOCKS4(a,b,c,d,e) CURLE_NOT_BUILT_IN
#define Curl_SOCKS5(a,b,c,d,e,f) CURLE_NOT_BUILT_IN
#else
/*
@@ -49,8 +49,7 @@ CURLcode Curl_SOCKS4(const char *proxy_name,
const char *hostname,
int remote_port,
int sockindex,
- struct connectdata *conn,
- bool protocol4a);
+ struct connectdata *conn);
/*
* This function logs in to a SOCKS5 proxy and sends the specifics to the
diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c
index 369245a61..54d063504 100644
--- a/lib/socks_gssapi.c
+++ b/lib/socks_gssapi.c
@@ -46,7 +46,7 @@ static gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT;
static int check_gss_err(struct Curl_easy *data,
OM_uint32 major_status,
OM_uint32 minor_status,
- const char* function)
+ const char *function)
{
if(GSS_ERROR(major_status)) {
OM_uint32 maj_stat, min_stat;
@@ -65,7 +65,7 @@ static int check_gss_err(struct Curl_easy *data,
&msg_ctx, &status_string);
if(maj_stat == GSS_S_COMPLETE) {
if(sizeof(buf) > len + status_string.length + 1) {
- strcpy(buf+len, (char*) status_string.value);
+ strcpy(buf+len, (char *) status_string.value);
len += status_string.length;
}
gss_release_buffer(&min_stat, &status_string);
@@ -86,7 +86,7 @@ static int check_gss_err(struct Curl_easy *data,
&msg_ctx, &status_string);
if(maj_stat == GSS_S_COMPLETE) {
if(sizeof(buf) > len + status_string.length)
- strcpy(buf+len, (char*) status_string.value);
+ strcpy(buf+len, (char *) status_string.value);
gss_release_buffer(&min_stat, &status_string);
break;
}
@@ -123,6 +123,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
unsigned char socksreq[4]; /* room for GSS-API exchange header only */
const char *serviceptr = data->set.str[STRING_PROXY_SERVICE_NAME] ?
data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd";
+ const size_t serviceptr_length = strlen(serviceptr);
/* GSS-API request looks like
* +----+------+-----+----------------+
@@ -134,22 +135,23 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
/* prepare service name */
if(strchr(serviceptr, '/')) {
- service.value = malloc(strlen(serviceptr));
+ service.length = serviceptr_length;
+ service.value = malloc(service.length);
if(!service.value)
return CURLE_OUT_OF_MEMORY;
- service.length = strlen(serviceptr);
memcpy(service.value, serviceptr, service.length);
gss_major_status = gss_import_name(&gss_minor_status, &service,
(gss_OID) GSS_C_NULL_OID, &server);
}
else {
- service.value = malloc(strlen(serviceptr) +strlen(conn->proxy.name)+2);
+ service.value = malloc(serviceptr_length +
+ strlen(conn->socks_proxy.host.name)+2);
if(!service.value)
return CURLE_OUT_OF_MEMORY;
- service.length = strlen(serviceptr) +strlen(conn->proxy.name)+1;
+ service.length = serviceptr_length + strlen(conn->socks_proxy.host.name)+1;
snprintf(service.value, service.length+1, "address@hidden",
- serviceptr, conn->proxy.name);
+ serviceptr, conn->socks_proxy.host.name);
gss_major_status = gss_import_name(&gss_minor_status, &service,
GSS_C_NT_HOSTBASED_SERVICE, &server);
@@ -290,9 +292,9 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
gss_release_name(&gss_status, &server);
/* Everything is good so far, user was authenticated! */
- gss_major_status = gss_inquire_context (&gss_minor_status, gss_context,
- &gss_client_name, NULL, NULL, NULL,
- NULL, NULL, NULL);
+ gss_major_status = gss_inquire_context(&gss_minor_status, gss_context,
+ &gss_client_name, NULL, NULL, NULL,
+ NULL, NULL, NULL);
if(check_gss_err(data, gss_major_status,
gss_minor_status, "gss_inquire_context")) {
gss_delete_sec_context(&gss_status, &gss_context, NULL);
diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c
index 605349038..edc73ad2e 100644
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -45,7 +45,7 @@
*/
static int check_sspi_err(struct connectdata *conn,
SECURITY_STATUS status,
- const char* function)
+ const char *function)
{
if(status != SEC_E_OK &&
status != SEC_I_COMPLETE_AND_CONTINUE &&
@@ -86,6 +86,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
unsigned char socksreq[4]; /* room for GSS-API exchange header only */
const char *service = data->set.str[STRING_PROXY_SERVICE_NAME] ?
data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd";
+ const size_t service_length = strlen(service);
/* GSS-API request looks like
* +----+------+-----+----------------+
@@ -102,11 +103,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
return CURLE_OUT_OF_MEMORY;
}
else {
- service_name = malloc(strlen(service) + strlen(conn->proxy.name) + 2);
+ service_name = malloc(service_length +
+ strlen(conn->socks_proxy.host.name) + 2);
if(!service_name)
return CURLE_OUT_OF_MEMORY;
- snprintf(service_name, strlen(service) +strlen(conn->proxy.name)+2,
- "%s/%s", service, conn->proxy.name);
+ snprintf(service_name, service_length +
+ strlen(conn->socks_proxy.host.name)+2, "%s/%s",
+ service, conn->socks_proxy.host.name);
}
input_desc.cBuffers = 1;
diff --git a/lib/speedcheck.c b/lib/speedcheck.c
index 13c34af96..4d9eb12e9 100644
--- a/lib/speedcheck.c
+++ b/lib/speedcheck.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "sendf.h"
#include "multiif.h"
@@ -30,45 +30,44 @@
void Curl_speedinit(struct Curl_easy *data)
{
- memset(&data->state.keeps_speed, 0, sizeof(struct timeval));
+ memset(&data->state.keeps_speed, 0, sizeof(struct curltime));
}
+/*
+ * @unittest: 1606
+ */
CURLcode Curl_speedcheck(struct Curl_easy *data,
- struct timeval now)
+ struct curltime now)
{
- if((data->progress.current_speed >= 0) &&
- data->set.low_speed_time &&
- (Curl_tvlong(data->state.keeps_speed) != 0) &&
- (data->progress.current_speed < data->set.low_speed_limit)) {
- long howlong = Curl_tvdiff(now, data->state.keeps_speed);
- long nextcheck = (data->set.low_speed_time * 1000) - howlong;
+ if((data->progress.current_speed >= 0) && data->set.low_speed_time) {
+ if(data->progress.current_speed < data->set.low_speed_limit) {
+ if(!data->state.keeps_speed.tv_sec)
+ /* under the limit at this very moment */
+ data->state.keeps_speed = now;
+ else {
+ /* how long has it been under the limit */
+ time_t howlong = Curl_tvdiff(now, data->state.keeps_speed);
- /* We are now below the "low speed limit". If we are below it
- for "low speed time" seconds we consider that enough reason
- to abort the download. */
- if(nextcheck <= 0) {
- /* we have been this slow for long enough, now die */
- failf(data,
- "Operation too slow. "
- "Less than %ld bytes/sec transferred the last %ld seconds",
- data->set.low_speed_limit,
- data->set.low_speed_time);
- return CURLE_OPERATION_TIMEDOUT;
- }
- else {
- /* wait complete low_speed_time */
- Curl_expire_latest(data, nextcheck);
+ if(howlong >= data->set.low_speed_time * 1000) {
+ /* too long */
+ failf(data,
+ "Operation too slow. "
+ "Less than %ld bytes/sec transferred the last %ld seconds",
+ data->set.low_speed_limit,
+ data->set.low_speed_time);
+ return CURLE_OPERATION_TIMEDOUT;
+ }
+ }
}
+ else
+ /* faster right now */
+ data->state.keeps_speed.tv_sec = 0;
}
- else {
- /* we keep up the required speed all right */
- data->state.keeps_speed = now;
- if(data->set.low_speed_limit)
- /* if there is a low speed limit enabled, we set the expire timer to
- make this connection's speed get checked again no later than when
- this time is up */
- Curl_expire_latest(data, data->set.low_speed_time*1000);
- }
+ if(data->set.low_speed_limit)
+ /* if low speed limit is enabled, set the expire timer to make this
+ connection's speed get checked again in a second */
+ Curl_expire(data, 1000, EXPIRE_SPEEDCHECK);
+
return CURLE_OK;
}
diff --git a/lib/speedcheck.h b/lib/speedcheck.h
index 7dbe3d6d7..5c2dc9a22 100644
--- a/lib/speedcheck.h
+++ b/lib/speedcheck.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2010, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -28,6 +28,6 @@
void Curl_speedinit(struct Curl_easy *data);
CURLcode Curl_speedcheck(struct Curl_easy *data,
- struct timeval now);
+ struct curltime now);
#endif /* HEADER_CURL_SPEEDCHECK_H */
diff --git a/lib/splay.c b/lib/splay.c
index 7aa2e4bac..68ff9c5db 100644
--- a/lib/splay.c
+++ b/lib/splay.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1997 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1997 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -37,7 +37,7 @@
* Splay using the key i (which may or may not be in the tree.) The starting
* root is t.
*/
-struct Curl_tree *Curl_splay(struct timeval i,
+struct Curl_tree *Curl_splay(struct curltime i,
struct Curl_tree *t)
{
struct Curl_tree N, *l, *r, *y;
@@ -97,11 +97,13 @@ struct Curl_tree *Curl_splay(struct timeval i,
*
* @unittest: 1309
*/
-struct Curl_tree *Curl_splayinsert(struct timeval i,
+struct Curl_tree *Curl_splayinsert(struct curltime i,
struct Curl_tree *t,
struct Curl_tree *node)
{
- static const struct timeval KEY_NOTUSED = {-1, -1}; /* will *NEVER* appear */
+ static const struct curltime KEY_NOTUSED = {
+ (time_t)-1, (unsigned int)-1
+ }; /* will *NEVER* appear */
if(node == NULL)
return t;
@@ -110,22 +112,17 @@ struct Curl_tree *Curl_splayinsert(struct timeval i,
t = Curl_splay(i, t);
if(compare(i, t->key)==0) {
/* There already exists a node in the tree with the very same key. Build
- a linked list of nodes. We make the new 'node' struct the new master
- node and make the previous node the first one in the 'same' list. */
+ a doubly-linked circular list of nodes. We add the new 'node' struct
+ to the end of this list. */
- node->same = t;
- node->key = i;
- node->smaller = t->smaller;
- node->larger = t->larger;
+ node->key = KEY_NOTUSED; /* we set the key in the sub node to NOTUSED
+ to quickly identify this node as a subnode */
+ node->samen = t;
+ node->samep = t->samep;
+ t->samep->samen = node;
+ t->samep = node;
- t->smaller = node; /* in the sub node for this same key, we use the
- smaller pointer to point back to the master
- node */
-
- t->key = KEY_NOTUSED; /* and we set the key in the sub node to NOTUSED
- to quickly identify this node as a subnode */
-
- return node; /* new root node */
+ return t; /* the root node always stays the same */
}
}
@@ -145,16 +142,20 @@ struct Curl_tree *Curl_splayinsert(struct timeval i,
}
node->key = i;
- node->same = NULL; /* no identical node (yet) */
+ /* no identical nodes (yet), we are the only one in the list of nodes */
+ node->samen = node;
+ node->samep = node;
return node;
}
/* Finds and deletes the best-fit node from the tree. Return a pointer to the
- resulting tree. best-fit means the node with the given or lower key */
-struct Curl_tree *Curl_splaygetbest(struct timeval i,
+ resulting tree. best-fit means the smallest node if it is not larger than
+ the key */
+struct Curl_tree *Curl_splaygetbest(struct curltime i,
struct Curl_tree *t,
struct Curl_tree **removed)
{
+ static struct curltime tv_zero = {0, 0};
struct Curl_tree *x;
if(!t) {
@@ -162,49 +163,36 @@ struct Curl_tree *Curl_splaygetbest(struct timeval i,
return NULL;
}
- t = Curl_splay(i, t);
+ /* find smallest */
+ t = Curl_splay(tv_zero, t);
if(compare(i, t->key) < 0) {
- /* too big node, try the smaller chain */
- if(t->smaller)
- t=Curl_splay(t->smaller->key, t);
- else {
- /* fail */
- *removed = NULL;
- return t;
- }
+ /* even the smallest is too big */
+ *removed = NULL;
+ return t;
}
- if(compare(i, t->key) >= 0) { /* found it */
- /* FIRST! Check if there is a list with identical keys */
- x = t->same;
- if(x) {
- /* there is, pick one from the list */
+ /* FIRST! Check if there is a list with identical keys */
+ x = t->samen;
+ if(x != t) {
+ /* there is, pick one from the list */
- /* 'x' is the new root node */
+ /* 'x' is the new root node */
- x->key = t->key;
- x->larger = t->larger;
- x->smaller = t->smaller;
-
- *removed = t;
- return x; /* new root */
- }
+ x->key = t->key;
+ x->larger = t->larger;
+ x->smaller = t->smaller;
+ x->samep = t->samep;
+ t->samep->samen = x;
- if(t->smaller == NULL) {
- x = t->larger;
- }
- else {
- x = Curl_splay(i, t->smaller);
- x->larger = t->larger;
- }
*removed = t;
-
- return x;
- }
- else {
- *removed = NULL; /* no match */
- return t; /* It wasn't there */
+ return x; /* new root */
}
+
+ /* we splayed the tree to the smallest element, there is no smaller */
+ x = t->larger;
+ *removed = t;
+
+ return x;
}
@@ -223,7 +211,9 @@ int Curl_splayremovebyaddr(struct Curl_tree *t,
struct Curl_tree *removenode,
struct Curl_tree **newroot)
{
- static const struct timeval KEY_NOTUSED = {-1, -1}; /* will *NEVER* appear */
+ static const struct curltime KEY_NOTUSED = {
+ (time_t)-1, (unsigned int)-1
+ }; /* will *NEVER* appear */
struct Curl_tree *x;
if(!t || !removenode)
@@ -231,19 +221,17 @@ int Curl_splayremovebyaddr(struct Curl_tree *t,
if(compare(KEY_NOTUSED, removenode->key) == 0) {
/* Key set to NOTUSED means it is a subnode within a 'same' linked list
- and thus we can unlink it easily. The 'smaller' link of a subnode
- links to the parent node. */
- if(removenode->smaller == NULL)
+ and thus we can unlink it easily. */
+ if(removenode->samen == removenode)
+ /* A non-subnode should never be set to KEY_NOTUSED */
return 3;
- removenode->smaller->same = removenode->same;
- if(removenode->same)
- removenode->same->smaller = removenode->smaller;
+ removenode->samep->samen = removenode->samen;
+ removenode->samen->samep = removenode->samep;
/* Ensures that double-remove gets caught. */
- removenode->smaller = NULL;
+ removenode->samen = removenode;
- /* voila, we're done! */
*newroot = t; /* return the same root */
return 0;
}
@@ -262,14 +250,16 @@ int Curl_splayremovebyaddr(struct Curl_tree *t,
/* Check if there is a list with identical sizes, as then we're trying to
remove the root node of a list of nodes with identical keys. */
- x = t->same;
- if(x) {
+ x = t->samen;
+ if(x != t) {
/* 'x' is the new root node, we just make it use the root node's
smaller/larger links */
x->key = t->key;
x->larger = t->larger;
x->smaller = t->smaller;
+ x->samep = t->samep;
+ t->samep->samen = x;
}
else {
/* Remove the root node */
diff --git a/lib/splay.h b/lib/splay.h
index 427bfc8eb..0273bad38 100644
--- a/lib/splay.h
+++ b/lib/splay.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1997 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1997 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,29 +22,31 @@
*
***************************************************************************/
#include "curl_setup.h"
+#include "timeval.h"
struct Curl_tree {
struct Curl_tree *smaller; /* smaller node */
struct Curl_tree *larger; /* larger node */
- struct Curl_tree *same; /* points to a node with identical key */
- struct timeval key; /* this node's "sort" key */
+ struct Curl_tree *samen; /* points to the next node with identical key */
+ struct Curl_tree *samep; /* points to the prev node with identical key */
+ struct curltime key; /* this node's "sort" key */
void *payload; /* data the splay code doesn't care about */
};
-struct Curl_tree *Curl_splay(struct timeval i,
+struct Curl_tree *Curl_splay(struct curltime i,
struct Curl_tree *t);
-struct Curl_tree *Curl_splayinsert(struct timeval key,
+struct Curl_tree *Curl_splayinsert(struct curltime key,
struct Curl_tree *t,
struct Curl_tree *newnode);
#if 0
-struct Curl_tree *Curl_splayremove(struct timeval key,
+struct Curl_tree *Curl_splayremove(struct curltime key,
struct Curl_tree *t,
struct Curl_tree **removed);
#endif
-struct Curl_tree *Curl_splaygetbest(struct timeval key,
+struct Curl_tree *Curl_splaygetbest(struct curltime key,
struct Curl_tree *t,
struct Curl_tree **removed);
diff --git a/lib/ssh.c b/lib/ssh.c
index e361df301..3831f71a7 100644
--- a/lib/ssh.c
+++ b/lib/ssh.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -59,7 +59,7 @@
#define in_addr_t unsigned long
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "sendf.h"
#include "hostip.h"
@@ -71,8 +71,8 @@
#include "url.h"
#include "speedcheck.h"
#include "getinfo.h"
-
-#include "strequal.h"
+#include "strdup.h"
+#include "strcase.h"
#include "vtls/vtls.h"
#include "connect.h"
#include "strerror.h"
@@ -113,6 +113,7 @@
libssh2_sftp_symlink_ex((s), (p), curlx_uztoui(strlen(p)), \
(t), (m), LIBSSH2_SFTP_REALPATH)
+
/* Local functions: */
static const char *sftp_libssh2_strerror(int err);
static LIBSSH2_ALLOC_FUNC(my_libssh2_malloc);
@@ -176,6 +177,7 @@ const struct Curl_handler Curl_handler_scp = {
ssh_perform_getsock, /* perform_getsock */
scp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_SSH, /* defport */
CURLPROTO_SCP, /* protocol */
PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION
@@ -202,6 +204,7 @@ const struct Curl_handler Curl_handler_sftp = {
ssh_perform_getsock, /* perform_getsock */
sftp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_SSH, /* defport */
CURLPROTO_SFTP, /* protocol */
PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION
@@ -239,7 +242,7 @@ kbd_callback(const char *name, int name_len, const char
*instruction,
static CURLcode sftp_libssh2_error_to_CURLE(int err)
{
- switch (err) {
+ switch(err) {
case LIBSSH2_FX_OK:
return CURLE_OK;
@@ -271,7 +274,7 @@ static CURLcode sftp_libssh2_error_to_CURLE(int err)
static CURLcode libssh2_session_error_to_CURLE(int err)
{
- switch (err) {
+ switch(err) {
/* Ordered by order of appearance in libssh2.h */
case LIBSSH2_ERROR_NONE:
return CURLE_OK;
@@ -416,12 +419,12 @@ static CURLcode ssh_getworkingpath(struct connectdata
*conn,
struct Curl_easy *data = conn->data;
char *real_path = NULL;
char *working_path;
- int working_path_len;
-
- working_path = curl_easy_unescape(data, data->state.path, 0,
- &working_path_len);
- if(!working_path)
- return CURLE_OUT_OF_MEMORY;
+ size_t working_path_len;
+ CURLcode result =
+ Curl_urldecode(data, data->state.path, 0, &working_path,
+ &working_path_len, FALSE);
+ if(result)
+ return result;
/* Check for /~/, indicating relative to the user's home directory */
if(conn->handler->protocol & CURLPROTO_SCP) {
@@ -676,7 +679,7 @@ static CURLcode ssh_check_fingerprint(struct connectdata
*conn)
* against a known fingerprint, if available.
*/
if(pubkey_md5 && strlen(pubkey_md5) == 32) {
- if(!fingerprint || !strequal(md5buffer, pubkey_md5)) {
+ if(!fingerprint || !strcasecompare(md5buffer, pubkey_md5)) {
if(fingerprint)
failf(data,
"Denied establishing ssh session: mismatch md5 fingerprint. "
@@ -688,14 +691,11 @@ static CURLcode ssh_check_fingerprint(struct connectdata
*conn)
sshc->actualcode = CURLE_PEER_FAILED_VERIFICATION;
return sshc->actualcode;
}
- else {
- infof(data, "MD5 checksum match!\n");
- /* as we already matched, we skip the check for known hosts */
- return CURLE_OK;
- }
+ infof(data, "MD5 checksum match!\n");
+ /* as we already matched, we skip the check for known hosts */
+ return CURLE_OK;
}
- else
- return ssh_knownhost(conn);
+ return ssh_knownhost(conn);
}
/*
@@ -738,7 +738,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn,
bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc) {
+ if(rc) {
failf(data, "Failure establishing ssh session");
state(conn, SSH_SESSION_FREE);
sshc->actualcode = CURLE_FAILED_INIT;
@@ -782,16 +782,14 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
state(conn, SSH_AUTH_DONE);
break;
}
- else if((err = libssh2_session_last_errno(sshc->ssh_session)) ==
- LIBSSH2_ERROR_EAGAIN) {
+ err = libssh2_session_last_errno(sshc->ssh_session);
+ if(err == LIBSSH2_ERROR_EAGAIN)
rc = LIBSSH2_ERROR_EAGAIN;
- break;
- }
else {
state(conn, SSH_SESSION_FREE);
sshc->actualcode = libssh2_session_error_to_CURLE(err);
- break;
}
+ break;
}
infof(data, "SSH authentication methods available: %s\n",
sshc->authlist);
@@ -874,7 +872,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn,
bool *block)
break;
}
- sshc->passphrase = data->set.str[STRING_KEY_PASSWD];
+ sshc->passphrase = data->set.ssl.key_passwd;
if(!sshc->passphrase)
sshc->passphrase = "";
@@ -918,6 +916,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn,
bool *block)
&err_msg, NULL, 0);
infof(data, "SSH public key authentication failed: %s\n", err_msg);
state(conn, SSH_AUTH_PASS_INIT);
+ rc = 0; /* clear rc and continue */
}
break;
@@ -928,6 +927,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn,
bool *block)
}
else {
state(conn, SSH_AUTH_HOST_INIT);
+ rc = 0; /* clear rc and continue */
}
break;
@@ -940,7 +940,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn,
bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc == 0) {
+ if(rc == 0) {
sshc->authed = TRUE;
infof(data, "Initialized password authentication\n");
state(conn, SSH_AUTH_DONE);
@@ -989,6 +989,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn,
bool *block)
if(rc < 0) {
infof(data, "Failure connecting to agent\n");
state(conn, SSH_AUTH_KEY_INIT);
+ rc = 0; /* clear rc and continue */
}
else {
state(conn, SSH_AUTH_AGENT_LIST);
@@ -1008,6 +1009,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc < 0) {
infof(data, "Failure requesting identities to agent\n");
state(conn, SSH_AUTH_KEY_INIT);
+ rc = 0; /* clear rc and continue */
}
else {
state(conn, SSH_AUTH_AGENT);
@@ -1077,7 +1079,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc == 0) {
+ if(rc == 0) {
sshc->authed = TRUE;
infof(data, "Initialized keyboard interactive authentication\n");
}
@@ -1116,21 +1118,19 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
*/
sshc->sftp_session = libssh2_sftp_init(sshc->ssh_session);
if(!sshc->sftp_session) {
+ char *err_msg;
if(libssh2_session_last_errno(sshc->ssh_session) ==
LIBSSH2_ERROR_EAGAIN) {
rc = LIBSSH2_ERROR_EAGAIN;
break;
}
- else {
- char *err_msg;
- (void)libssh2_session_last_error(sshc->ssh_session,
- &err_msg, NULL, 0);
- failf(data, "Failure initializing sftp session: %s", err_msg);
- state(conn, SSH_SESSION_FREE);
- sshc->actualcode = CURLE_FAILED_INIT;
- break;
- }
+ (void)libssh2_session_last_error(sshc->ssh_session,
+ &err_msg, NULL, 0);
+ failf(data, "Failure initializing sftp session: %s", err_msg);
+ state(conn, SSH_SESSION_FREE);
+ sshc->actualcode = CURLE_FAILED_INIT;
+ break;
}
state(conn, SSH_SFTP_REALPATH);
break;
@@ -1147,7 +1147,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc > 0) {
+ if(rc > 0) {
/* It seems that this string is not always NULL terminated */
tempHome[rc] = '\0';
sshc->homedir = strdup(tempHome);
@@ -1233,7 +1233,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
sshc->acceptfail = TRUE;
}
- if(curl_strequal("pwd", cmd)) {
+ if(strcasecompare("pwd", cmd)) {
/* output debug output if that is requested */
char *tmp = aprintf("257 \"%s\" is current directory.\n",
sftp_scp->path);
@@ -1261,7 +1261,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
state(conn, SSH_SFTP_NEXT_QUOTE);
break;
}
- else if(cmd) {
+ if(cmd) {
/*
* the arguments following the command must be separated from the
* command with a space so we can check for it unconditionally
@@ -1297,9 +1297,9 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
* OpenSSH's sftp program and call the appropriate libssh2
* functions.
*/
- if(curl_strnequal(cmd, "chgrp ", 6) ||
- curl_strnequal(cmd, "chmod ", 6) ||
- curl_strnequal(cmd, "chown ", 6) ) {
+ if(strncasecompare(cmd, "chgrp ", 6) ||
+ strncasecompare(cmd, "chmod ", 6) ||
+ strncasecompare(cmd, "chown ", 6) ) {
/* attribute change */
/* sshc->quote_path1 contains the mode to set */
@@ -1321,8 +1321,8 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
state(conn, SSH_SFTP_QUOTE_STAT);
break;
}
- else if(curl_strnequal(cmd, "ln ", 3) ||
- curl_strnequal(cmd, "symlink ", 8)) {
+ if(strncasecompare(cmd, "ln ", 3) ||
+ strncasecompare(cmd, "symlink ", 8)) {
/* symbolic linking */
/* sshc->quote_path1 is the source */
/* get the destination */
@@ -1342,12 +1342,12 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
state(conn, SSH_SFTP_QUOTE_SYMLINK);
break;
}
- else if(curl_strnequal(cmd, "mkdir ", 6)) {
+ else if(strncasecompare(cmd, "mkdir ", 6)) {
/* create dir */
state(conn, SSH_SFTP_QUOTE_MKDIR);
break;
}
- else if(curl_strnequal(cmd, "rename ", 7)) {
+ else if(strncasecompare(cmd, "rename ", 7)) {
/* rename file */
/* first param is the source path */
/* second param is the dest. path */
@@ -1366,17 +1366,17 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
state(conn, SSH_SFTP_QUOTE_RENAME);
break;
}
- else if(curl_strnequal(cmd, "rmdir ", 6)) {
+ else if(strncasecompare(cmd, "rmdir ", 6)) {
/* delete dir */
state(conn, SSH_SFTP_QUOTE_RMDIR);
break;
}
- else if(curl_strnequal(cmd, "rm ", 3)) {
+ else if(strncasecompare(cmd, "rm ", 3)) {
state(conn, SSH_SFTP_QUOTE_UNLINK);
break;
}
#ifdef HAS_STATVFS_SUPPORT
- else if(curl_strnequal(cmd, "statvfs ", 8)) {
+ else if(strncasecompare(cmd, "statvfs ", 8)) {
state(conn, SSH_SFTP_QUOTE_STATVFS);
break;
}
@@ -1431,7 +1431,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
sshc->acceptfail = TRUE;
}
- if(!curl_strnequal(cmd, "chmod", 5)) {
+ if(!strncasecompare(cmd, "chmod", 5)) {
/* Since chown and chgrp only set owner OR group but libssh2 wants to
* set them both at once, we need to obtain the current ownership
* first. This takes an extra protocol round trip.
@@ -1443,7 +1443,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc != 0 && !sshc->acceptfail) { /* get those attributes */
+ if(rc != 0 && !sshc->acceptfail) { /* get those attributes */
err = sftp_libssh2_last_error(sshc->sftp_session);
Curl_safefree(sshc->quote_path1);
Curl_safefree(sshc->quote_path2);
@@ -1457,7 +1457,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
}
/* Now set the new attributes... */
- if(curl_strnequal(cmd, "chgrp", 5)) {
+ if(strncasecompare(cmd, "chgrp", 5)) {
sshc->quote_attrs.gid = strtoul(sshc->quote_path1, NULL, 10);
sshc->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID;
if(sshc->quote_attrs.gid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
@@ -1471,7 +1471,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
break;
}
}
- else if(curl_strnequal(cmd, "chmod", 5)) {
+ else if(strncasecompare(cmd, "chmod", 5)) {
sshc->quote_attrs.permissions = strtoul(sshc->quote_path1, NULL, 8);
sshc->quote_attrs.flags = LIBSSH2_SFTP_ATTR_PERMISSIONS;
/* permissions are octal */
@@ -1486,7 +1486,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
break;
}
}
- else if(curl_strnequal(cmd, "chown", 5)) {
+ else if(strncasecompare(cmd, "chown", 5)) {
sshc->quote_attrs.uid = strtoul(sshc->quote_path1, NULL, 10);
sshc->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID;
if(sshc->quote_attrs.uid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
@@ -1514,7 +1514,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc != 0 && !sshc->acceptfail) {
+ if(rc != 0 && !sshc->acceptfail) {
err = sftp_libssh2_last_error(sshc->sftp_session);
Curl_safefree(sshc->quote_path1);
Curl_safefree(sshc->quote_path2);
@@ -1537,7 +1537,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc != 0 && !sshc->acceptfail) {
+ if(rc != 0 && !sshc->acceptfail) {
err = sftp_libssh2_last_error(sshc->sftp_session);
Curl_safefree(sshc->quote_path1);
Curl_safefree(sshc->quote_path2);
@@ -1558,7 +1558,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc != 0 && !sshc->acceptfail) {
+ if(rc != 0 && !sshc->acceptfail) {
err = sftp_libssh2_last_error(sshc->sftp_session);
Curl_safefree(sshc->quote_path1);
failf(data, "mkdir command failed: %s", sftp_libssh2_strerror(err));
@@ -1582,7 +1582,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc != 0 && !sshc->acceptfail) {
+ if(rc != 0 && !sshc->acceptfail) {
err = sftp_libssh2_last_error(sshc->sftp_session);
Curl_safefree(sshc->quote_path1);
Curl_safefree(sshc->quote_path2);
@@ -1601,7 +1601,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc != 0 && !sshc->acceptfail) {
+ if(rc != 0 && !sshc->acceptfail) {
err = sftp_libssh2_last_error(sshc->sftp_session);
Curl_safefree(sshc->quote_path1);
failf(data, "rmdir command failed: %s", sftp_libssh2_strerror(err));
@@ -1619,7 +1619,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc != 0 && !sshc->acceptfail) {
+ if(rc != 0 && !sshc->acceptfail) {
err = sftp_libssh2_last_error(sshc->sftp_session);
Curl_safefree(sshc->quote_path1);
failf(data, "rm command failed: %s", sftp_libssh2_strerror(err));
@@ -1642,7 +1642,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc != 0 && !sshc->acceptfail) {
+ if(rc != 0 && !sshc->acceptfail) {
err = sftp_libssh2_last_error(sshc->sftp_session);
Curl_safefree(sshc->quote_path1);
failf(data, "statvfs command failed: %s", sftp_libssh2_strerror(err));
@@ -1705,7 +1705,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc == 0) {
+ if(rc == 0) {
data->info.filetime = (long)attrs.mtime;
}
@@ -1743,7 +1743,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc) {
+ if(rc) {
data->state.resume_from = 0;
}
else {
@@ -1778,47 +1778,47 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(LIBSSH2_ERROR_EAGAIN == rc)
break;
- else {
- if(LIBSSH2_ERROR_SFTP_PROTOCOL == rc)
- /* only when there was an SFTP protocol error can we extract
- the sftp error! */
- err = sftp_libssh2_last_error(sshc->sftp_session);
- else
- err = -1; /* not an sftp error at all */
- if(sshc->secondCreateDirs) {
- state(conn, SSH_SFTP_CLOSE);
- sshc->actualcode = err>= LIBSSH2_FX_OK?
- sftp_libssh2_error_to_CURLE(err):CURLE_SSH;
- failf(data, "Creating the dir/file failed: %s",
- sftp_libssh2_strerror(err));
- break;
- }
- else if(((err == LIBSSH2_FX_NO_SUCH_FILE) ||
- (err == LIBSSH2_FX_FAILURE) ||
- (err == LIBSSH2_FX_NO_SUCH_PATH)) &&
- (data->set.ftp_create_missing_dirs &&
- (strlen(sftp_scp->path) > 1))) {
- /* try to create the path remotely */
- sshc->secondCreateDirs = 1;
- state(conn, SSH_SFTP_CREATE_DIRS_INIT);
- break;
- }
+ if(LIBSSH2_ERROR_SFTP_PROTOCOL == rc)
+ /* only when there was an SFTP protocol error can we extract
+ the sftp error! */
+ err = sftp_libssh2_last_error(sshc->sftp_session);
+ else
+ err = -1; /* not an sftp error at all */
+
+ if(sshc->secondCreateDirs) {
state(conn, SSH_SFTP_CLOSE);
sshc->actualcode = err>= LIBSSH2_FX_OK?
sftp_libssh2_error_to_CURLE(err):CURLE_SSH;
- if(!sshc->actualcode) {
- /* Sometimes, for some reason libssh2_sftp_last_error() returns
- zero even though libssh2_sftp_open() failed previously! We need
- to work around that! */
- sshc->actualcode = CURLE_SSH;
- err=-1;
- }
- failf(data, "Upload failed: %s (%d/%d)",
- err>= LIBSSH2_FX_OK?sftp_libssh2_strerror(err):"ssh error",
- err, rc);
+ failf(data, "Creating the dir/file failed: %s",
+ sftp_libssh2_strerror(err));
break;
}
+ if(((err == LIBSSH2_FX_NO_SUCH_FILE) ||
+ (err == LIBSSH2_FX_FAILURE) ||
+ (err == LIBSSH2_FX_NO_SUCH_PATH)) &&
+ (data->set.ftp_create_missing_dirs &&
+ (strlen(sftp_scp->path) > 1))) {
+ /* try to create the path remotely */
+ rc = 0; /* clear rc and continue */
+ sshc->secondCreateDirs = 1;
+ state(conn, SSH_SFTP_CREATE_DIRS_INIT);
+ break;
+ }
+ state(conn, SSH_SFTP_CLOSE);
+ sshc->actualcode = err>= LIBSSH2_FX_OK?
+ sftp_libssh2_error_to_CURLE(err):CURLE_SSH;
+ if(!sshc->actualcode) {
+ /* Sometimes, for some reason libssh2_sftp_last_error() returns
+ zero even though libssh2_sftp_open() failed previously! We need
+ to work around that! */
+ sshc->actualcode = CURLE_SSH;
+ err=-1;
+ }
+ failf(data, "Upload failed: %s (%d/%d)",
+ err>= LIBSSH2_FX_OK?sftp_libssh2_strerror(err):"ssh error",
+ err, rc);
+ break;
}
/* If we have a restart point then we need to seek to the correct
@@ -1831,32 +1831,31 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
}
if(seekerr != CURL_SEEKFUNC_OK) {
+ curl_off_t passed=0;
if(seekerr != CURL_SEEKFUNC_CANTSEEK) {
failf(data, "Could not seek stream");
return CURLE_FTP_COULDNT_USE_REST;
}
/* seekerr == CURL_SEEKFUNC_CANTSEEK (can't seek to offset) */
- else {
- curl_off_t passed=0;
- do {
- size_t readthisamountnow =
- (data->state.resume_from - passed > CURL_OFF_T_C(BUFSIZE)) ?
- BUFSIZE : curlx_sotouz(data->state.resume_from - passed);
-
- size_t actuallyread =
- data->state.fread_func(data->state.buffer, 1,
- readthisamountnow, data->state.in);
-
- passed += actuallyread;
- if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
- /* this checks for greater-than only to make sure that the
- CURL_READFUNC_ABORT return code still aborts */
- failf(data, "Failed to read data");
- return CURLE_FTP_COULDNT_USE_REST;
- }
- } while(passed < data->state.resume_from);
- }
+ do {
+ size_t readthisamountnow =
+ (data->state.resume_from - passed > data->set.buffer_size) ?
+ (size_t)data->set.buffer_size :
+ curlx_sotouz(data->state.resume_from - passed);
+
+ size_t actuallyread =
+ data->state.fread_func(data->state.buffer, 1,
+ readthisamountnow, data->state.in);
+
+ passed += actuallyread;
+ if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
+ /* this checks for greater-than only to make sure that the
+ CURL_READFUNC_ABORT return code still aborts */
+ failf(data, "Failed to read data");
+ return CURLE_FTP_COULDNT_USE_REST;
+ }
+ } while(passed < data->state.resume_from);
}
/* now, decrease the size of the read */
@@ -1895,7 +1894,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
/* since we don't really wait for anything at this point, we want the
state machine to move on as soon as possible so we set a very short
timeout here */
- Curl_expire(data, 0);
+ Curl_expire(data, 0, EXPIRE_RUN_NOW);
state(conn, SSH_STOP);
}
@@ -1921,9 +1920,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
state(conn, SSH_SFTP_CREATE_DIRS_MKDIR);
break;
}
- else {
- state(conn, SSH_SFTP_UPLOAD_INIT);
- }
+ state(conn, SSH_SFTP_UPLOAD_INIT);
break;
case SSH_SFTP_CREATE_DIRS_MKDIR:
@@ -1936,7 +1933,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
}
*sshc->slash_pos = '/';
++sshc->slash_pos;
- if(rc == -1) {
+ if(rc < 0) {
/*
* Abort if failure wasn't that the dir already exists or the
* permission was denied (creation might succeed further down the
@@ -1951,6 +1948,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
sshc->actualcode = result?result:CURLE_SSH;
break;
}
+ rc = 0; /* clear rc and continue */
}
state(conn, SSH_SFTP_CREATE_DIRS);
break;
@@ -1977,22 +1975,22 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
rc = LIBSSH2_ERROR_EAGAIN;
break;
}
- else {
- err = sftp_libssh2_last_error(sshc->sftp_session);
- failf(data, "Could not open directory for reading: %s",
- sftp_libssh2_strerror(err));
- state(conn, SSH_SFTP_CLOSE);
- result = sftp_libssh2_error_to_CURLE(err);
- sshc->actualcode = result?result:CURLE_SSH;
- break;
- }
+ err = sftp_libssh2_last_error(sshc->sftp_session);
+ failf(data, "Could not open directory for reading: %s",
+ sftp_libssh2_strerror(err));
+ state(conn, SSH_SFTP_CLOSE);
+ result = sftp_libssh2_error_to_CURLE(err);
+ sshc->actualcode = result?result:CURLE_SSH;
+ break;
}
- if((sshc->readdir_filename = malloc(PATH_MAX+1)) == NULL) {
+ sshc->readdir_filename = malloc(PATH_MAX+1);
+ if(!sshc->readdir_filename) {
state(conn, SSH_SFTP_CLOSE);
sshc->actualcode = CURLE_OUT_OF_MEMORY;
break;
}
- if((sshc->readdir_longentry = malloc(PATH_MAX+1)) == NULL) {
+ sshc->readdir_longentry = malloc(PATH_MAX+1);
+ if(!sshc->readdir_longentry) {
Curl_safefree(sshc->readdir_filename);
state(conn, SSH_SFTP_CLOSE);
sshc->actualcode = CURLE_OUT_OF_MEMORY;
@@ -2112,9 +2110,10 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
/* get room for the filename and extra output */
sshc->readdir_totalLen += 4 + sshc->readdir_len;
- new_readdir_line = realloc(sshc->readdir_line, sshc->readdir_totalLen);
+ new_readdir_line = Curl_saferealloc(sshc->readdir_line,
+ sshc->readdir_totalLen);
if(!new_readdir_line) {
- Curl_safefree(sshc->readdir_line);
+ sshc->readdir_line = NULL;
Curl_safefree(sshc->readdir_filename);
Curl_safefree(sshc->readdir_longentry);
state(conn, SSH_SFTP_CLOSE);
@@ -2189,15 +2188,13 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
rc = LIBSSH2_ERROR_EAGAIN;
break;
}
- else {
- err = sftp_libssh2_last_error(sshc->sftp_session);
- failf(data, "Could not open remote file for reading: %s",
- sftp_libssh2_strerror(err));
- state(conn, SSH_SFTP_CLOSE);
- result = sftp_libssh2_error_to_CURLE(err);
- sshc->actualcode = result?result:CURLE_SSH;
- break;
- }
+ err = sftp_libssh2_last_error(sshc->sftp_session);
+ failf(data, "Could not open remote file for reading: %s",
+ sftp_libssh2_strerror(err));
+ state(conn, SSH_SFTP_CLOSE);
+ result = sftp_libssh2_error_to_CURLE(err);
+ sshc->actualcode = result?result:CURLE_SSH;
+ break;
}
state(conn, SSH_SFTP_DOWNLOAD_STAT);
break;
@@ -2212,7 +2209,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc ||
+ if(rc ||
!(attrs.flags & LIBSSH2_SFTP_ATTR_SIZE) ||
(attrs.filesize == 0)) {
/*
@@ -2310,18 +2307,17 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
state(conn, SSH_STOP);
break;
}
- else {
- Curl_setup_transfer(conn, FIRSTSOCKET, data->req.size,
- FALSE, NULL, -1, NULL);
+ Curl_setup_transfer(conn, FIRSTSOCKET, data->req.size,
+ FALSE, NULL, -1, NULL);
- /* not set by Curl_setup_transfer to preserve keepon bits */
- conn->writesockfd = conn->sockfd;
+ /* not set by Curl_setup_transfer to preserve keepon bits */
+ conn->writesockfd = conn->sockfd;
+
+ /* we want to use the _receiving_ function even when the socket turns
+ out writableable as the underlying libssh2 recv function will deal
+ with both accordingly */
+ conn->cselect_bits = CURL_CSELECT_IN;
- /* we want to use the _receiving_ function even when the socket turns
- out writableable as the underlying libssh2 recv function will deal
- with both accordingly */
- conn->cselect_bits = CURL_CSELECT_IN;
- }
if(result) {
/* this should never occur; the close state should be entered
at the time the error occurs */
@@ -2339,7 +2335,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc < 0) {
+ if(rc < 0) {
infof(data, "Failed to close libssh2 file\n");
}
sshc->sftp_handle = NULL;
@@ -2373,7 +2369,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc < 0) {
+ if(rc < 0) {
infof(data, "Failed to close libssh2 file\n");
}
sshc->sftp_handle = NULL;
@@ -2383,7 +2379,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc < 0) {
+ if(rc < 0) {
infof(data, "Failed to stop libssh2 sftp subsystem\n");
}
sshc->sftp_session = NULL;
@@ -2428,22 +2424,21 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
SCP_SEND(sshc->ssh_session, sftp_scp->path, data->set.new_file_perms,
data->state.infilesize);
if(!sshc->ssh_channel) {
+ int ssh_err;
+ char *err_msg;
+
if(libssh2_session_last_errno(sshc->ssh_session) ==
LIBSSH2_ERROR_EAGAIN) {
rc = LIBSSH2_ERROR_EAGAIN;
break;
}
- else {
- int ssh_err;
- char *err_msg;
- ssh_err = (int)(libssh2_session_last_error(sshc->ssh_session,
- &err_msg, NULL, 0));
- failf(conn->data, "%s", err_msg);
- state(conn, SSH_SCP_CHANNEL_FREE);
- sshc->actualcode = libssh2_session_error_to_CURLE(ssh_err);
- break;
- }
+ ssh_err = (int)(libssh2_session_last_error(sshc->ssh_session,
+ &err_msg, NULL, 0));
+ failf(conn->data, "%s", err_msg);
+ state(conn, SSH_SCP_CHANNEL_FREE);
+ sshc->actualcode = libssh2_session_error_to_CURLE(ssh_err);
+ break;
}
/* upload data */
@@ -2498,22 +2493,22 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
#endif
if(!sshc->ssh_channel) {
+ int ssh_err;
+ char *err_msg;
+
if(libssh2_session_last_errno(sshc->ssh_session) ==
LIBSSH2_ERROR_EAGAIN) {
rc = LIBSSH2_ERROR_EAGAIN;
break;
}
- else {
- int ssh_err;
- char *err_msg;
- ssh_err = (int)(libssh2_session_last_error(sshc->ssh_session,
- &err_msg, NULL, 0));
- failf(conn->data, "%s", err_msg);
- state(conn, SSH_SCP_CHANNEL_FREE);
- sshc->actualcode = libssh2_session_error_to_CURLE(ssh_err);
- break;
- }
+
+ ssh_err = (int)(libssh2_session_last_error(sshc->ssh_session,
+ &err_msg, NULL, 0));
+ failf(conn->data, "%s", err_msg);
+ state(conn, SSH_SCP_CHANNEL_FREE);
+ sshc->actualcode = libssh2_session_error_to_CURLE(ssh_err);
+ break;
}
/* download data */
@@ -2551,7 +2546,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc) {
+ if(rc) {
infof(data, "Failed to send libssh2 channel EOF\n");
}
}
@@ -2564,7 +2559,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc) {
+ if(rc) {
infof(data, "Failed to get channel EOF: %d\n", rc);
}
}
@@ -2577,7 +2572,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc) {
+ if(rc) {
infof(data, "Channel failed to close: %d\n", rc);
}
}
@@ -2590,7 +2585,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc < 0) {
+ if(rc < 0) {
infof(data, "Failed to free libssh2 scp subsystem\n");
}
sshc->ssh_channel = NULL;
@@ -2612,7 +2607,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc < 0) {
+ if(rc < 0) {
infof(data, "Failed to free libssh2 scp subsystem\n");
}
sshc->ssh_channel = NULL;
@@ -2623,7 +2618,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc < 0) {
+ if(rc < 0) {
infof(data, "Failed to disconnect libssh2 session\n");
}
}
@@ -2648,10 +2643,10 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc < 0) {
+ if(rc < 0) {
infof(data, "Failed to disconnect from libssh2 agent\n");
}
- libssh2_agent_free (sshc->ssh_agent);
+ libssh2_agent_free(sshc->ssh_agent);
sshc->ssh_agent = NULL;
/* NB: there is no need to free identities, they are part of internal
@@ -2666,7 +2661,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if(rc == LIBSSH2_ERROR_EAGAIN) {
break;
}
- else if(rc < 0) {
+ if(rc < 0) {
infof(data, "Failed to free libssh2 session\n");
}
sshc->ssh_session = NULL;
@@ -2788,13 +2783,16 @@ static int ssh_getsock(struct connectdata *conn,
static void ssh_block2waitfor(struct connectdata *conn, bool block)
{
struct ssh_conn *sshc = &conn->proto.sshc;
- int dir;
- if(block && (dir = libssh2_session_block_directions(sshc->ssh_session))) {
- /* translate the libssh2 define bits into our own bit defines */
- conn->waitfor = ((dir&LIBSSH2_SESSION_BLOCK_INBOUND)?KEEP_RECV:0) |
- ((dir&LIBSSH2_SESSION_BLOCK_OUTBOUND)?KEEP_SEND:0);
+ int dir = 0;
+ if(block) {
+ dir = libssh2_session_block_directions(sshc->ssh_session);
+ if(dir) {
+ /* translate the libssh2 define bits into our own bit defines */
+ conn->waitfor = ((dir&LIBSSH2_SESSION_BLOCK_INBOUND)?KEEP_RECV:0) |
+ ((dir&LIBSSH2_SESSION_BLOCK_OUTBOUND)?KEEP_SEND:0);
+ }
}
- else
+ if(!dir)
/* It didn't block or libssh2 didn't reveal in which direction, put back
the original set */
conn->waitfor = sshc->orig_waitfor;
@@ -2820,7 +2818,7 @@ static CURLcode ssh_multi_statemach(struct connectdata
*conn, bool *done)
}
static CURLcode ssh_block_statemach(struct connectdata *conn,
- bool duringconnect)
+ bool disconnect)
{
struct ssh_conn *sshc = &conn->proto.sshc;
CURLcode result = CURLE_OK;
@@ -2828,25 +2826,26 @@ static CURLcode ssh_block_statemach(struct connectdata
*conn,
while((sshc->state != SSH_STOP) && !result) {
bool block;
- long left;
+ time_t left = 1000;
+ struct curltime now = Curl_tvnow();
result = ssh_statemach_act(conn, &block);
if(result)
break;
- if(Curl_pgrsUpdate(conn))
- return CURLE_ABORTED_BY_CALLBACK;
- else {
- struct timeval now = Curl_tvnow();
+ if(!disconnect) {
+ if(Curl_pgrsUpdate(conn))
+ return CURLE_ABORTED_BY_CALLBACK;
+
result = Curl_speedcheck(data, now);
if(result)
break;
- }
- left = Curl_timeleft(data, NULL, duringconnect);
- if(left < 0) {
- failf(data, "Operation timed out");
- return CURLE_OPERATION_TIMEDOUT;
+ left = Curl_timeleft(data, NULL, FALSE);
+ if(left < 0) {
+ failf(data, "Operation timed out");
+ return CURLE_OPERATION_TIMEDOUT;
+ }
}
#ifdef HAVE_LIBSSH2_SESSION_BLOCK_DIRECTION
@@ -2860,8 +2859,8 @@ static CURLcode ssh_block_statemach(struct connectdata
*conn,
if(LIBSSH2_SESSION_BLOCK_OUTBOUND & dir)
fd_write = sock;
/* wait for the socket to become ready */
- Curl_socket_ready(fd_read, fd_write,
- left>1000?1000:left); /* ignore result */
+ (void)Curl_socket_check(fd_read, CURL_SOCKET_BAD, fd_write,
+ left>1000?1000:left); /* ignore result */
}
#endif
@@ -3062,7 +3061,7 @@ static CURLcode scp_disconnect(struct connectdata *conn,
bool dead_connection)
state(conn, SSH_SESSION_DISCONNECT);
- result = ssh_block_statemach(conn, FALSE);
+ result = ssh_block_statemach(conn, TRUE);
}
return result;
@@ -3216,7 +3215,7 @@ static CURLcode sftp_disconnect(struct connectdata *conn,
bool dead_connection)
if(conn->proto.sshc.ssh_session) {
/* only if there's a session still around to use! */
state(conn, SSH_SFTP_SHUTDOWN);
- result = ssh_block_statemach(conn, FALSE);
+ result = ssh_block_statemach(conn, TRUE);
}
DEBUGF(infof(conn->data, "SSH DISCONNECT is done\n"));
@@ -3383,7 +3382,7 @@ get_pathname(const char **cpp, char **path)
static const char *sftp_libssh2_strerror(int err)
{
- switch (err) {
+ switch(err) {
case LIBSSH2_FX_NO_SUCH_FILE:
return "No such file or directory";
diff --git a/lib/strcase.c b/lib/strcase.c
new file mode 100644
index 000000000..c4a06bedb
--- /dev/null
+++ b/lib/strcase.c
@@ -0,0 +1,176 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#include "curl_setup.h"
+
+#include <gnurl/curl.h>
+
+#include "strcase.h"
+
+/* Portable, consistent toupper (remember EBCDIC). Do not use toupper() because
+ its behavior is altered by the current locale. */
+char Curl_raw_toupper(char in)
+{
+#if !defined(CURL_DOES_CONVERSIONS)
+ if(in >= 'a' && in <= 'z')
+ return (char)('A' + in - 'a');
+#else
+ switch(in) {
+ case 'a':
+ return 'A';
+ case 'b':
+ return 'B';
+ case 'c':
+ return 'C';
+ case 'd':
+ return 'D';
+ case 'e':
+ return 'E';
+ case 'f':
+ return 'F';
+ case 'g':
+ return 'G';
+ case 'h':
+ return 'H';
+ case 'i':
+ return 'I';
+ case 'j':
+ return 'J';
+ case 'k':
+ return 'K';
+ case 'l':
+ return 'L';
+ case 'm':
+ return 'M';
+ case 'n':
+ return 'N';
+ case 'o':
+ return 'O';
+ case 'p':
+ return 'P';
+ case 'q':
+ return 'Q';
+ case 'r':
+ return 'R';
+ case 's':
+ return 'S';
+ case 't':
+ return 'T';
+ case 'u':
+ return 'U';
+ case 'v':
+ return 'V';
+ case 'w':
+ return 'W';
+ case 'x':
+ return 'X';
+ case 'y':
+ return 'Y';
+ case 'z':
+ return 'Z';
+ }
+#endif
+
+ return in;
+}
+
+/*
+ * Curl_raw_equal() is for doing "raw" case insensitive strings. This is meant
+ * to be locale independent and only compare strings we know are safe for
+ * this. See https://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/ for
+ * some further explanation to why this function is necessary.
+ *
+ * The function is capable of comparing a-z case insensitively even for
+ * non-ascii.
+ *
+ * @unittest: 1301
+ */
+
+int Curl_strcasecompare(const char *first, const char *second)
+{
+ while(*first && *second) {
+ if(Curl_raw_toupper(*first) != Curl_raw_toupper(*second))
+ /* get out of the loop as soon as they don't match */
+ break;
+ first++;
+ second++;
+ }
+ /* we do the comparison here (possibly again), just to make sure that if the
+ loop above is skipped because one of the strings reached zero, we must not
+ return this as a successful match */
+ return (Curl_raw_toupper(*first) == Curl_raw_toupper(*second));
+}
+
+int Curl_safe_strcasecompare(const char *first, const char *second)
+{
+ if(first && second)
+ /* both pointers point to something then compare them */
+ return Curl_strcasecompare(first, second);
+
+ /* if both pointers are NULL then treat them as equal */
+ return (NULL == first && NULL == second);
+}
+
+/*
+ * @unittest: 1301
+ */
+int Curl_strncasecompare(const char *first, const char *second, size_t max)
+{
+ while(*first && *second && max) {
+ if(Curl_raw_toupper(*first) != Curl_raw_toupper(*second)) {
+ break;
+ }
+ max--;
+ first++;
+ second++;
+ }
+ if(0 == max)
+ return 1; /* they are equal this far */
+
+ return Curl_raw_toupper(*first) == Curl_raw_toupper(*second);
+}
+
+/* Copy an upper case version of the string from src to dest. The
+ * strings may overlap. No more than n characters of the string are copied
+ * (including any NUL) and the destination string will NOT be
+ * NUL-terminated if that limit is reached.
+ */
+void Curl_strntoupper(char *dest, const char *src, size_t n)
+{
+ if(n < 1)
+ return;
+
+ do {
+ *dest++ = Curl_raw_toupper(*src);
+ } while(*src++ && --n);
+}
+
+/* --- public functions --- */
+
+int curl_strequal(const char *first, const char *second)
+{
+ return Curl_strcasecompare(first, second);
+}
+int curl_strnequal(const char *first, const char *second, size_t max)
+{
+ return Curl_strncasecompare(first, second, max);
+}
diff --git a/lib/strcase.h b/lib/strcase.h
new file mode 100644
index 000000000..64615d8fd
--- /dev/null
+++ b/lib/strcase.h
@@ -0,0 +1,51 @@
+#ifndef HEADER_CURL_STRCASE_H
+#define HEADER_CURL_STRCASE_H
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#include <gnurl/curl.h>
+
+/*
+ * Only "raw" case insensitive strings. This is meant to be locale independent
+ * and only compare strings we know are safe for this.
+ *
+ * The function is capable of comparing a-z case insensitively even for
+ * non-ascii.
+ */
+
+#define strcasecompare(a,b) Curl_strcasecompare(a,b)
+#define strncasecompare(a,b,c) Curl_strncasecompare(a,b,c)
+
+int Curl_strcasecompare(const char *first, const char *second);
+int Curl_safe_strcasecompare(const char *first, const char *second);
+int Curl_strncasecompare(const char *first, const char *second, size_t max);
+
+char Curl_raw_toupper(char in);
+
+/* checkprefix() is a shorter version of the above, used when the first
+ argument is zero-byte terminated */
+#define checkprefix(a,b) curl_strnequal(a,b,strlen(a))
+
+void Curl_strntoupper(char *dest, const char *src, size_t n);
+char Curl_raw_toupper(char in);
+
+#endif /* HEADER_CURL_STRCASE_H */
diff --git a/lib/strdup.c b/lib/strdup.c
index 23f554e51..8d6258e81 100644
--- a/lib/strdup.c
+++ b/lib/strdup.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "strdup.h"
#include "curl_memory.h"
@@ -65,9 +65,9 @@ char *curlx_strdup(const char *str)
* Returns the new pointer or NULL on failure.
*
***************************************************************************/
-char *Curl_memdup(const char *src, size_t length)
+void *Curl_memdup(const void *src, size_t length)
{
- char *buffer = malloc(length);
+ void *buffer = malloc(length);
if(!buffer)
return NULL; /* fail */
@@ -75,3 +75,26 @@ char *Curl_memdup(const char *src, size_t length)
return buffer;
}
+
+/***************************************************************************
+ *
+ * Curl_saferealloc(ptr, size)
+ *
+ * Does a normal realloc(), but will free the data pointer if the realloc
+ * fails. If 'size' is zero, it will free the data and return a failure.
+ *
+ * This convenience function is provided and used to help us avoid a common
+ * mistake pattern when we could pass in a zero, catch the NULL return and end
+ * up free'ing the memory twice.
+ *
+ * Returns the new pointer or NULL on failure.
+ *
+ ***************************************************************************/
+void *Curl_saferealloc(void *ptr, size_t size)
+{
+ void *datap = realloc(ptr, size);
+ if(size && !datap)
+ /* only free 'ptr' if size was non-zero */
+ free(ptr);
+ return datap;
+}
diff --git a/lib/strdup.h b/lib/strdup.h
index 4c48ca412..ae3d5d011 100644
--- a/lib/strdup.h
+++ b/lib/strdup.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -26,6 +26,7 @@
#ifndef HAVE_STRDUP
extern char *curlx_strdup(const char *str);
#endif
-char *Curl_memdup(const char *src, size_t buffer_length);
+void *Curl_memdup(const void *src, size_t buffer_length);
+void *Curl_saferealloc(void *ptr, size_t size);
#endif /* HEADER_CURL_STRDUP_H */
diff --git a/lib/strequal.c b/lib/strequal.c
deleted file mode 100644
index 01c378442..000000000
--- a/lib/strequal.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-#include "curl_setup.h"
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#include "strequal.h"
-
-/*
- * @unittest: 1301
- */
-int curl_strequal(const char *first, const char *second)
-{
-#if defined(HAVE_STRCASECMP)
- return !(strcasecmp)(first, second);
-#elif defined(HAVE_STRCMPI)
- return !(strcmpi)(first, second);
-#elif defined(HAVE_STRICMP)
- return !(stricmp)(first, second);
-#else
- while(*first && *second) {
- if(toupper(*first) != toupper(*second)) {
- break;
- }
- first++;
- second++;
- }
- return toupper(*first) == toupper(*second);
-#endif
-}
-
-/*
- * @unittest: 1301
- */
-int curl_strnequal(const char *first, const char *second, size_t max)
-{
-#if defined(HAVE_STRNCASECMP)
- return !strncasecmp(first, second, max);
-#elif defined(HAVE_STRNCMPI)
- return !strncmpi(first, second, max);
-#elif defined(HAVE_STRNICMP)
- return !strnicmp(first, second, max);
-#else
- while(*first && *second && max) {
- if(toupper(*first) != toupper(*second)) {
- break;
- }
- max--;
- first++;
- second++;
- }
- if(0 == max)
- return 1; /* they are equal this far */
-
- return toupper(*first) == toupper(*second);
-#endif
-}
diff --git a/lib/strequal.h b/lib/strequal.h
deleted file mode 100644
index ff56df51f..000000000
--- a/lib/strequal.h
+++ /dev/null
@@ -1,31 +0,0 @@
-#ifndef HEADER_CURL_STREQUAL_H
-#define HEADER_CURL_STREQUAL_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-#include <curl/curl.h>
-
-#define strequal(a,b) curl_strequal(a,b)
-#define strnequal(a,b,c) curl_strnequal(a,b,c)
-
-#endif /* HEADER_CURL_STREQUAL_H */
-
diff --git a/lib/strerror.c b/lib/strerror.c
index 9c58e6b77..42e22ee4e 100644
--- a/lib/strerror.c
+++ b/lib/strerror.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2004 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2004 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -33,10 +33,10 @@
# endif
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
-#ifdef USE_LIBIDN
-#include <idna.h>
+#ifdef USE_LIBIDN2
+#include <idn2.h>
#endif
#ifdef USE_WINDOWS_SSPI
@@ -49,11 +49,15 @@
#include "curl_memory.h"
#include "memdebug.h"
+#if defined(WIN32) || defined(_WIN32_WCE)
+#define PRESERVE_WINDOWS_ERROR_CODE
+#endif
+
const char *
curl_easy_strerror(CURLcode error)
{
#ifndef CURL_DISABLE_VERBOSE_STRINGS
- switch (error) {
+ switch(error) {
case CURLE_OK:
return "No error";
@@ -348,7 +352,7 @@ const char *
curl_multi_strerror(CURLMcode error)
{
#ifndef CURL_DISABLE_VERBOSE_STRINGS
- switch (error) {
+ switch(error) {
case CURLM_CALL_MULTI_PERFORM:
return "Please call curl_multi_perform() soon";
@@ -393,7 +397,7 @@ const char *
curl_share_strerror(CURLSHcode error)
{
#ifndef CURL_DISABLE_VERBOSE_STRINGS
- switch (error) {
+ switch(error) {
case CURLSHE_OK:
return "No error";
@@ -427,15 +431,19 @@ curl_share_strerror(CURLSHcode error)
#ifdef USE_WINSOCK
-/* This function handles most / all (?) Winsock errors cURL is able to produce.
+/* This function handles most / all (?) Winsock errors curl is able to produce.
*/
static const char *
get_winsock_error (int err, char *buf, size_t len)
{
+#ifdef PRESERVE_WINDOWS_ERROR_CODE
+ DWORD old_win_err = GetLastError();
+#endif
+ int old_errno = errno;
const char *p;
#ifndef CURL_DISABLE_VERBOSE_STRINGS
- switch (err) {
+ switch(err) {
case WSAEINTR:
p = "Call interrupted";
break;
@@ -609,8 +617,17 @@ get_winsock_error (int err, char *buf, size_t len)
else
p = "error";
#endif
- strncpy (buf, p, len);
+ strncpy(buf, p, len);
buf [len-1] = '\0';
+
+ if(errno != old_errno)
+ errno = old_errno;
+
+#ifdef PRESERVE_WINDOWS_ERROR_CODE
+ if(old_win_err != GetLastError())
+ SetLastError(old_win_err);
+#endif
+
return buf;
}
#endif /* USE_WINSOCK */
@@ -628,9 +645,12 @@ get_winsock_error (int err, char *buf, size_t len)
*/
const char *Curl_strerror(struct connectdata *conn, int err)
{
+#ifdef PRESERVE_WINDOWS_ERROR_CODE
+ DWORD old_win_err = GetLastError();
+#endif
+ int old_errno = errno;
char *buf, *p;
size_t max;
- int old_errno = ERRNO;
DEBUGASSERT(conn);
DEBUGASSERT(err >= 0);
@@ -715,107 +735,40 @@ const char *Curl_strerror(struct connectdata *conn, int
err)
buf[max] = '\0'; /* make sure the string is zero terminated */
/* strip trailing '\r\n' or '\n'. */
- if((p = strrchr(buf, '\n')) != NULL && (p - buf) >= 2)
- *p = '\0';
- if((p = strrchr(buf, '\r')) != NULL && (p - buf) >= 1)
- *p = '\0';
-
- if(old_errno != ERRNO)
- SET_ERRNO(old_errno);
+ p = strrchr(buf, '\n');
+ if(p && (p - buf) >= 2)
+ *p = '\0';
+ p = strrchr(buf, '\r');
+ if(p && (p - buf) >= 1)
+ *p = '\0';
+
+ if(errno != old_errno)
+ errno = old_errno;
+
+#ifdef PRESERVE_WINDOWS_ERROR_CODE
+ if(old_win_err != GetLastError())
+ SetLastError(old_win_err);
+#endif
return buf;
}
-#ifdef USE_LIBIDN
-/*
- * Return error-string for libidn status as returned from idna_to_ascii_lz().
- */
-const char *Curl_idn_strerror (struct connectdata *conn, int err)
-{
-#ifdef HAVE_IDNA_STRERROR
- (void)conn;
- return idna_strerror((Idna_rc) err);
-#else
- const char *str;
- char *buf;
- size_t max;
-
- DEBUGASSERT(conn);
-
- buf = conn->syserr_buf;
- max = sizeof(conn->syserr_buf)-1;
- *buf = '\0';
-
-#ifndef CURL_DISABLE_VERBOSE_STRINGS
- switch ((Idna_rc)err) {
- case IDNA_SUCCESS:
- str = "No error";
- break;
- case IDNA_STRINGPREP_ERROR:
- str = "Error in string preparation";
- break;
- case IDNA_PUNYCODE_ERROR:
- str = "Error in Punycode operation";
- break;
- case IDNA_CONTAINS_NON_LDH:
- str = "Illegal ASCII characters";
- break;
- case IDNA_CONTAINS_MINUS:
- str = "Contains minus";
- break;
- case IDNA_INVALID_LENGTH:
- str = "Invalid output length";
- break;
- case IDNA_NO_ACE_PREFIX:
- str = "No ACE prefix (\"xn--\")";
- break;
- case IDNA_ROUNDTRIP_VERIFY_ERROR:
- str = "Round trip verify error";
- break;
- case IDNA_CONTAINS_ACE_PREFIX:
- str = "Already have ACE prefix (\"xn--\")";
- break;
- case IDNA_ICONV_ERROR:
- str = "Locale conversion failed";
- break;
- case IDNA_MALLOC_ERROR:
- str = "Allocation failed";
- break;
- case IDNA_DLOPEN_ERROR:
- str = "dlopen() error";
- break;
- default:
- snprintf(buf, max, "error %d", err);
- str = NULL;
- break;
- }
-#else
- if((Idna_rc)err == IDNA_SUCCESS)
- str = "No error";
- else
- str = "Error";
-#endif
- if(str)
- strncpy(buf, str, max);
- buf[max] = '\0';
- return (buf);
-#endif
-}
-#endif /* USE_LIBIDN */
-
#ifdef USE_WINDOWS_SSPI
const char *Curl_sspi_strerror (struct connectdata *conn, int err)
{
+#ifdef PRESERVE_WINDOWS_ERROR_CODE
+ DWORD old_win_err = GetLastError();
+#endif
+ int old_errno = errno;
+ const char *txt;
+ char *outbuf;
+ size_t outmax;
#ifndef CURL_DISABLE_VERBOSE_STRINGS
char txtbuf[80];
char msgbuf[sizeof(conn->syserr_buf)];
char *p, *str, *msg = NULL;
bool msg_formatted = FALSE;
- int old_errno;
#endif
- const char *txt;
- char *outbuf;
- size_t outmax;
DEBUGASSERT(conn);
@@ -825,9 +778,7 @@ const char *Curl_sspi_strerror (struct connectdata *conn,
int err)
#ifndef CURL_DISABLE_VERBOSE_STRINGS
- old_errno = ERRNO;
-
- switch (err) {
+ switch(err) {
case SEC_E_OK:
txt = "No error";
break;
@@ -1112,10 +1063,12 @@ const char *Curl_sspi_strerror (struct connectdata
*conn, int err)
if(msg_formatted) {
msgbuf[sizeof(msgbuf)-1] = '\0';
/* strip trailing '\r\n' or '\n' */
- if((p = strrchr(msgbuf, '\n')) != NULL && (p - msgbuf) >= 2)
- *p = '\0';
- if((p = strrchr(msgbuf, '\r')) != NULL && (p - msgbuf) >= 1)
- *p = '\0';
+ p = strrchr(msgbuf, '\n');
+ if(p && (p - msgbuf) >= 2)
+ *p = '\0';
+ p = strrchr(msgbuf, '\r');
+ if(p && (p - msgbuf) >= 1)
+ *p = '\0';
msg = msgbuf;
}
if(msg)
@@ -1124,9 +1077,6 @@ const char *Curl_sspi_strerror (struct connectdata *conn,
int err)
strncpy(outbuf, str, outmax);
}
- if(old_errno != ERRNO)
- SET_ERRNO(old_errno);
-
#else
if(err == SEC_E_OK)
@@ -1140,6 +1090,14 @@ const char *Curl_sspi_strerror (struct connectdata
*conn, int err)
outbuf[outmax] = '\0';
+ if(errno != old_errno)
+ errno = old_errno;
+
+#ifdef PRESERVE_WINDOWS_ERROR_CODE
+ if(old_win_err != GetLastError())
+ SetLastError(old_win_err);
+#endif
+
return outbuf;
}
#endif /* USE_WINDOWS_SSPI */
diff --git a/lib/strerror.h b/lib/strerror.h
index ae8c96bd4..627273eb2 100644
--- a/lib/strerror.h
+++ b/lib/strerror.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -26,7 +26,7 @@
const char *Curl_strerror (struct connectdata *conn, int err);
-#ifdef USE_LIBIDN
+#ifdef USE_LIBIDN2
const char *Curl_idn_strerror (struct connectdata *conn, int err);
#endif
diff --git a/lib/strtoofft.c b/lib/strtoofft.c
index 6d5d2d5c5..c2adc7280 100644
--- a/lib/strtoofft.c
+++ b/lib/strtoofft.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -29,7 +29,7 @@
*
* In the ISO C standard (IEEE Std 1003.1), there is a strtoimax() function we
* could use in case strtoll() doesn't exist... See
- * http://www.opengroup.org/onlinepubs/009695399/functions/strtoimax.html
+ * https://www.opengroup.org/onlinepubs/009695399/functions/strtoimax.html
*/
#ifdef NEED_CURL_STRTOLL
@@ -132,7 +132,7 @@ curlx_strtoll(const char *nptr, char **endptr, int base)
else
value = CURL_OFF_T_MAX;
- SET_ERRNO(ERANGE);
+ errno = ERANGE;
}
if(endptr)
@@ -165,7 +165,7 @@ static int get_char(char c, int base)
value = c - 'a' + 10;
}
#else
- const char * cp;
+ const char *cp;
int value;
cp = memchr(valchars, c, 10 + 26 + 26);
diff --git a/lib/system_win32.c b/lib/system_win32.c
index effc3f2bc..d292bd6e1 100644
--- a/lib/system_win32.c
+++ b/lib/system_win32.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2016, Steve Holme, <address@hidden>.
+ * Copyright (C) 2016 - 2017, Steve Holme, <address@hidden>.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,7 +24,7 @@
#if defined(WIN32)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "system_win32.h"
/* The last #include files should be: */
@@ -68,7 +68,7 @@ typedef HMODULE (APIENTRY *LOADLIBRARYEX_FN)(LPCTSTR, HANDLE,
DWORD);
*
* majorVersion [in] - The major version number.
* minorVersion [in] - The minor version number.
- * platform [in] - The optional platform identifer.
+ * platform [in] - The optional platform identifier.
* condition [in] - The test condition used to specifier whether we are
* checking a version less then, equal to or greater than
* what is specified in the major and minor version
@@ -83,7 +83,39 @@ bool Curl_verify_windows_version(const unsigned int
majorVersion,
{
bool matched = FALSE;
-#if !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \
+#if defined(CURL_WINDOWS_APP)
+ /* We have no way to determine the Windows version from Windows apps,
+ so let's assume we're running on the target Windows version. */
+ const WORD fullVersion = MAKEWORD(minorVersion, majorVersion);
+ const WORD targetVersion = (WORD)_WIN32_WINNT;
+
+ switch(condition) {
+ case VERSION_LESS_THAN:
+ matched = targetVersion < fullVersion;
+ break;
+
+ case VERSION_LESS_THAN_EQUAL:
+ matched = targetVersion <= fullVersion;
+ break;
+
+ case VERSION_EQUAL:
+ matched = targetVersion == fullVersion;
+ break;
+
+ case VERSION_GREATER_THAN_EQUAL:
+ matched = targetVersion >= fullVersion;
+ break;
+
+ case VERSION_GREATER_THAN:
+ matched = targetVersion > fullVersion;
+ break;
+ }
+
+ if(matched && (platform == PLATFORM_WINDOWS)) {
+ /* we're always running on PLATFORM_WINNT */
+ matched = FALSE;
+ }
+#elif !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \
(_WIN32_WINNT < _WIN32_WINNT_WIN2K)
OSVERSIONINFO osver;
diff --git a/lib/telnet.c b/lib/telnet.c
index cc705cfc6..8ef121fec 100644
--- a/lib/telnet.c
+++ b/lib/telnet.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -45,7 +45,7 @@
#endif
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "transfer.h"
#include "sendf.h"
#include "telnet.h"
@@ -58,8 +58,7 @@
#include "arpa_telnet.h"
#include "select.h"
-#include "strequal.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "warnless.h"
/* The last 3 #include files should be in this order */
@@ -82,17 +81,19 @@
} WHILE_FALSE
#define CURL_SB_GET(x) ((*x->subpointer++)&0xff)
-#define CURL_SB_PEEK(x) ((*x->subpointer)&0xff)
-#define CURL_SB_EOF(x) (x->subpointer >= x->subend)
#define CURL_SB_LEN(x) (x->subend - x->subpointer)
+/* For posterity:
+#define CURL_SB_PEEK(x) ((*x->subpointer)&0xff)
+#define CURL_SB_EOF(x) (x->subpointer >= x->subend) */
+
#ifdef CURL_DISABLE_VERBOSE_STRINGS
#define printoption(a,b,c,d) Curl_nop_stmt
#endif
#ifdef USE_WINSOCK
typedef FARPROC WSOCK2_FUNC;
-static CURLcode check_wsock2 (struct Curl_easy *data);
+static CURLcode check_wsock2(struct Curl_easy *data);
#endif
static
@@ -191,6 +192,7 @@ const struct Curl_handler Curl_handler_telnet = {
ZERO_NULL, /* perform_getsock */
ZERO_NULL, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_TELNET, /* defport */
CURLPROTO_TELNET, /* protocol */
PROTOPT_NONE | PROTOPT_NOURLQUERY /* flags */
@@ -846,7 +848,7 @@ static CURLcode check_telnet_options(struct connectdata
*conn)
option_keyword, option_arg) == 2) {
/* Terminal type */
- if(Curl_raw_equal(option_keyword, "TTYPE")) {
+ if(strcasecompare(option_keyword, "TTYPE")) {
strncpy(tn->subopt_ttype, option_arg, 31);
tn->subopt_ttype[31] = 0; /* String termination */
tn->us_preferred[CURL_TELOPT_TTYPE] = CURL_YES;
@@ -854,7 +856,7 @@ static CURLcode check_telnet_options(struct connectdata
*conn)
}
/* Display variable */
- if(Curl_raw_equal(option_keyword, "XDISPLOC")) {
+ if(strcasecompare(option_keyword, "XDISPLOC")) {
strncpy(tn->subopt_xdisploc, option_arg, 127);
tn->subopt_xdisploc[127] = 0; /* String termination */
tn->us_preferred[CURL_TELOPT_XDISPLOC] = CURL_YES;
@@ -862,7 +864,7 @@ static CURLcode check_telnet_options(struct connectdata
*conn)
}
/* Environment variable */
- if(Curl_raw_equal(option_keyword, "NEW_ENV")) {
+ if(strcasecompare(option_keyword, "NEW_ENV")) {
beg = curl_slist_append(tn->telnet_vars, option_arg);
if(!beg) {
result = CURLE_OUT_OF_MEMORY;
@@ -873,8 +875,8 @@ static CURLcode check_telnet_options(struct connectdata
*conn)
continue;
}
- /* Window Size */
- if(Curl_raw_equal(option_keyword, "WS")) {
+ /* Window Size */
+ if(strcasecompare(option_keyword, "WS")) {
if(sscanf(option_arg, "%hu%*[xX]%hu",
&tn->subopt_wsx, &tn->subopt_wsy) == 2)
tn->us_preferred[CURL_TELOPT_NAWS] = CURL_YES;
@@ -887,7 +889,7 @@ static CURLcode check_telnet_options(struct connectdata
*conn)
}
/* To take care or not of the 8th bit in data exchange */
- if(Curl_raw_equal(option_keyword, "BINARY")) {
+ if(strcasecompare(option_keyword, "BINARY")) {
binary_option=atoi(option_arg);
if(binary_option!=1) {
tn->us_preferred[CURL_TELOPT_BINARY] = CURL_NO;
@@ -897,14 +899,12 @@ static CURLcode check_telnet_options(struct connectdata
*conn)
}
failf(data, "Unknown telnet option %s", head->data);
- result = CURLE_UNKNOWN_TELNET_OPTION;
- break;
- }
- else {
- failf(data, "Syntax error in telnet option: %s", head->data);
- result = CURLE_TELNET_OPTION_SYNTAX;
+ result = CURLE_UNKNOWN_OPTION;
break;
}
+ failf(data, "Syntax error in telnet option: %s", head->data);
+ result = CURLE_TELNET_OPTION_SYNTAX;
+ break;
}
if(result) {
@@ -936,7 +936,7 @@ static void suboption(struct connectdata *conn)
struct TELNET *tn = (struct TELNET *)data->req.protop;
printsub(data, '<', (unsigned char *)tn->subbuffer, CURL_SB_LEN(tn)+2);
- switch (CURL_SB_GET(tn)) {
+ switch(CURL_SB_GET(tn)) {
case CURL_TELOPT_TTYPE:
len = strlen(tn->subopt_ttype) + 4 + 2;
snprintf((char *)temp, sizeof(temp),
@@ -1005,24 +1005,24 @@ static void sendsuboption(struct connectdata *conn, int
option)
ssize_t bytes_written;
int err;
unsigned short x, y;
- unsigned char*uc1, *uc2;
+ unsigned char *uc1, *uc2;
struct Curl_easy *data = conn->data;
struct TELNET *tn = (struct TELNET *)data->req.protop;
- switch (option) {
+ switch(option) {
case CURL_TELOPT_NAWS:
/* We prepare data to be sent */
CURL_SB_CLEAR(tn);
CURL_SB_ACCUM(tn, CURL_IAC);
CURL_SB_ACCUM(tn, CURL_SB);
CURL_SB_ACCUM(tn, CURL_TELOPT_NAWS);
- /* We must deal either with litte or big endien processors */
+ /* We must deal either with litte or big endian processors */
/* Window size must be sent according to the 'network order' */
x=htons(tn->subopt_wsx);
y=htons(tn->subopt_wsy);
- uc1 = (unsigned char*)&x;
- uc2 = (unsigned char*)&y;
+ uc1 = (unsigned char *)&x;
+ uc2 = (unsigned char *)&y;
CURL_SB_ACCUM(tn, uc1[0]);
CURL_SB_ACCUM(tn, uc1[1]);
CURL_SB_ACCUM(tn, uc2[0]);
@@ -1088,7 +1088,7 @@ CURLcode telrcv(struct connectdata *conn,
while(count--) {
c = inbuf[in];
- switch (tn->telrcv_state) {
+ switch(tn->telrcv_state) {
case CURL_TS_CR:
tn->telrcv_state = CURL_TS_DATA;
if(c == '\0') {
@@ -1112,7 +1112,7 @@ CURLcode telrcv(struct connectdata *conn,
case CURL_TS_IAC:
process_iac:
DEBUGASSERT(startwrite < 0);
- switch (c) {
+ switch(c) {
case CURL_WILL:
tn->telrcv_state = CURL_TS_WILL;
break;
@@ -1187,7 +1187,7 @@ CURLcode telrcv(struct connectdata *conn,
* IAC SE was left off, or another option got inserted into the
* suboption are all possibilities. If we assume that the IAC was
* not doubled, and really the IAC SE was left off, we could get
- * into an infinate loop here. So, instead, we terminate the
+ * into an infinite loop here. So, instead, we terminate the
* suboption, and process the partial suboption if we can.
*/
CURL_SB_ACCUM(tn, CURL_IAC);
@@ -1221,43 +1221,63 @@ CURLcode telrcv(struct connectdata *conn,
}
/* Escape and send a telnet data block */
-/* TODO: write large chunks of data instead of one byte at a time */
static CURLcode send_telnet_data(struct connectdata *conn,
char *buffer, ssize_t nread)
{
- unsigned char outbuf[2];
- ssize_t bytes_written, total_written;
- int out_count;
+ ssize_t escapes, i, j, outlen;
+ unsigned char *outbuf = NULL;
CURLcode result = CURLE_OK;
+ ssize_t bytes_written, total_written;
- while(!result && nread--) {
- outbuf[0] = *buffer++;
- out_count = 1;
- if(outbuf[0] == CURL_IAC)
- outbuf[out_count++] = CURL_IAC;
-
- total_written = 0;
- do {
- /* Make sure socket is writable to avoid EWOULDBLOCK condition */
- struct pollfd pfd[1];
- pfd[0].fd = conn->sock[FIRSTSOCKET];
- pfd[0].events = POLLOUT;
- switch (Curl_poll(pfd, 1, -1)) {
- case -1: /* error, abort writing */
- case 0: /* timeout (will never happen) */
- result = CURLE_SEND_ERROR;
- break;
- default: /* write! */
- bytes_written = 0;
- result = Curl_write(conn, conn->sock[FIRSTSOCKET],
- outbuf+total_written, out_count-total_written,
- &bytes_written);
- total_written += bytes_written;
- break;
- }
- /* handle partial write */
- } while(!result && total_written < out_count);
+ /* Determine size of new buffer after escaping */
+ escapes = 0;
+ for(i = 0; i < nread; i++)
+ if((unsigned char)buffer[i] == CURL_IAC)
+ escapes++;
+ outlen = nread + escapes;
+
+ if(outlen == nread)
+ outbuf = (unsigned char *)buffer;
+ else {
+ outbuf = malloc(nread + escapes + 1);
+ if(!outbuf)
+ return CURLE_OUT_OF_MEMORY;
+
+ j = 0;
+ for(i = 0; i < nread; i++) {
+ outbuf[j++] = buffer[i];
+ if((unsigned char)buffer[i] == CURL_IAC)
+ outbuf[j++] = CURL_IAC;
+ }
+ outbuf[j] = '\0';
+ }
+
+ total_written = 0;
+ while(!result && total_written < outlen) {
+ /* Make sure socket is writable to avoid EWOULDBLOCK condition */
+ struct pollfd pfd[1];
+ pfd[0].fd = conn->sock[FIRSTSOCKET];
+ pfd[0].events = POLLOUT;
+ switch(Curl_poll(pfd, 1, -1)) {
+ case -1: /* error, abort writing */
+ case 0: /* timeout (will never happen) */
+ result = CURLE_SEND_ERROR;
+ break;
+ default: /* write! */
+ bytes_written = 0;
+ result = Curl_write(conn, conn->sock[FIRSTSOCKET],
+ outbuf + total_written,
+ outlen - total_written,
+ &bytes_written);
+ total_written += bytes_written;
+ break;
+ }
}
+
+ /* Free malloc copy if escaped */
+ if(outbuf != (unsigned char *)buffer)
+ free(outbuf);
+
return result;
}
@@ -1307,7 +1327,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
curl_off_t total_ul = 0;
#endif
ssize_t nread;
- struct timeval now;
+ struct curltime now;
bool keepon = TRUE;
char *buf = data->state.buffer;
struct TELNET *tn;
@@ -1327,7 +1347,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
#ifdef USE_WINSOCK
/*
** This functionality only works with WinSock >= 2.0. So,
- ** make sure have it.
+ ** make sure we have it.
*/
result = check_wsock2(data);
if(result)
@@ -1337,14 +1357,14 @@ static CURLcode telnet_do(struct connectdata *conn,
bool *done)
/* load ws2_32.dll and get the function pointers we need. */
wsock2 = Curl_load_library(TEXT("WS2_32.DLL"));
if(wsock2 == NULL) {
- failf(data, "failed to load WS2_32.DLL (%d)", ERRNO);
+ failf(data, "failed to load WS2_32.DLL (%u)", GetLastError());
return CURLE_FAILED_INIT;
}
/* Grab a pointer to WSACreateEvent */
create_event_func = GetProcAddress(wsock2, "WSACreateEvent");
if(create_event_func == NULL) {
- failf(data, "failed to find WSACreateEvent function (%d)", ERRNO);
+ failf(data, "failed to find WSACreateEvent function (%u)", GetLastError());
FreeLibrary(wsock2);
return CURLE_FAILED_INIT;
}
@@ -1352,7 +1372,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
/* And WSACloseEvent */
close_event_func = GetProcAddress(wsock2, "WSACloseEvent");
if(close_event_func == NULL) {
- failf(data, "failed to find WSACloseEvent function (%d)", ERRNO);
+ failf(data, "failed to find WSACloseEvent function (%u)", GetLastError());
FreeLibrary(wsock2);
return CURLE_FAILED_INIT;
}
@@ -1360,7 +1380,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
/* And WSAEventSelect */
event_select_func = GetProcAddress(wsock2, "WSAEventSelect");
if(event_select_func == NULL) {
- failf(data, "failed to find WSAEventSelect function (%d)", ERRNO);
+ failf(data, "failed to find WSAEventSelect function (%u)", GetLastError());
FreeLibrary(wsock2);
return CURLE_FAILED_INIT;
}
@@ -1368,7 +1388,8 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
/* And WSAEnumNetworkEvents */
enum_netevents_func = GetProcAddress(wsock2, "WSAEnumNetworkEvents");
if(enum_netevents_func == NULL) {
- failf(data, "failed to find WSAEnumNetworkEvents function (%d)", ERRNO);
+ failf(data, "failed to find WSAEnumNetworkEvents function (%u)",
+ GetLastError());
FreeLibrary(wsock2);
return CURLE_FAILED_INIT;
}
@@ -1417,28 +1438,29 @@ static CURLcode telnet_do(struct connectdata *conn,
bool *done)
/* Keep on listening and act on events */
while(keepon) {
+ const DWORD buf_size = (DWORD)data->set.buffer_size;
waitret = WaitForMultipleObjects(obj_count, objs, FALSE, wait_timeout);
switch(waitret) {
case WAIT_TIMEOUT:
{
for(;;) {
if(data->set.is_fread_set) {
+ size_t n;
/* read from user-supplied method */
- result = (int)data->state.fread_func(buf, 1, BUFSIZE - 1,
- data->state.in);
- if(result == CURL_READFUNC_ABORT) {
+ n = data->state.fread_func(buf, 1, buf_size, data->state.in);
+ if(n == CURL_READFUNC_ABORT) {
keepon = FALSE;
result = CURLE_READ_ERROR;
break;
}
- if(result == CURL_READFUNC_PAUSE)
+ if(n == CURL_READFUNC_PAUSE)
break;
- if(result == 0) /* no bytes */
+ if(n == 0) /* no bytes */
break;
- readfile_read = result; /* fall thru with number of bytes read */
+ readfile_read = (DWORD)n; /* fall thru with number of bytes read */
}
else {
/* read from stdin */
@@ -1452,7 +1474,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
if(!readfile_read)
break;
- if(!ReadFile(stdin_handle, buf, sizeof(data->state.buffer),
+ if(!ReadFile(stdin_handle, buf, buf_size,
&readfile_read, NULL)) {
keepon = FALSE;
result = CURLE_READ_ERROR;
@@ -1471,7 +1493,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
case WAIT_OBJECT_0 + 1:
{
- if(!ReadFile(stdin_handle, buf, sizeof(data->state.buffer),
+ if(!ReadFile(stdin_handle, buf, buf_size,
&readfile_read, NULL)) {
keepon = FALSE;
result = CURLE_READ_ERROR;
@@ -1490,7 +1512,8 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
events.lNetworkEvents = 0;
if(SOCKET_ERROR == enum_netevents_func(sockfd, event_handle, &events)) {
- if((err = SOCKERRNO) != EINPROGRESS) {
+ err = SOCKERRNO;
+ if(err != EINPROGRESS) {
infof(data, "WSAEnumNetworkEvents failed (%d)", err);
keepon = FALSE;
result = CURLE_READ_ERROR;
@@ -1499,7 +1522,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
}
if(events.lNetworkEvents & FD_READ) {
/* read data from network */
- result = Curl_read(conn, sockfd, buf, BUFSIZE - 1, &nread);
+ result = Curl_read(conn, sockfd, buf, data->set.buffer_size, &nread);
/* read would've blocked. Loop again */
if(result == CURLE_AGAIN)
break;
@@ -1559,7 +1582,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
/* We called LoadLibrary, so call FreeLibrary */
if(!FreeLibrary(wsock2))
- infof(data, "FreeLibrary(wsock2) failed (%d)", ERRNO);
+ infof(data, "FreeLibrary(wsock2) failed (%u)", GetLastError());
#else
pfd[0].fd = sockfd;
pfd[0].events = POLLIN;
@@ -1577,7 +1600,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool
*done)
}
while(keepon) {
- switch (Curl_poll(pfd, poll_cnt, interval_ms)) {
+ switch(Curl_poll(pfd, poll_cnt, interval_ms)) {
case -1: /* error, stop reading */
keepon = FALSE;
continue;
@@ -1588,12 +1611,12 @@ static CURLcode telnet_do(struct connectdata *conn,
bool *done)
default: /* read! */
if(pfd[0].revents & POLLIN) {
/* read data from network */
- result = Curl_read(conn, sockfd, buf, BUFSIZE - 1, &nread);
+ result = Curl_read(conn, sockfd, buf, data->set.buffer_size, &nread);
/* read would've blocked. Loop again */
if(result == CURLE_AGAIN)
break;
/* returned not-zero, this an error */
- else if(result) {
+ if(result) {
keepon = FALSE;
break;
}
@@ -1624,12 +1647,12 @@ static CURLcode telnet_do(struct connectdata *conn,
bool *done)
nread = 0;
if(poll_cnt == 2) {
if(pfd[1].revents & POLLIN) { /* read from in file */
- nread = read(pfd[1].fd, buf, BUFSIZE - 1);
+ nread = read(pfd[1].fd, buf, data->set.buffer_size);
}
}
else {
/* read from user-supplied method */
- nread = (int)data->state.fread_func(buf, 1, BUFSIZE - 1,
+ nread = (int)data->state.fread_func(buf, 1, data->set.buffer_size,
data->state.in);
if(nread == CURL_READFUNC_ABORT) {
keepon = FALSE;
diff --git a/lib/tftp.c b/lib/tftp.c
index c97039620..51642c9b9 100644
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -45,7 +45,7 @@
#endif
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "transfer.h"
#include "sendf.h"
#include "tftp.h"
@@ -55,9 +55,10 @@
#include "sockaddr.h" /* required for Curl_sockaddr_storage */
#include "multiif.h"
#include "url.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "speedcheck.h"
#include "select.h"
+#include "escape.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@@ -180,6 +181,7 @@ const struct Curl_handler Curl_handler_tftp = {
ZERO_NULL, /* perform_getsock */
tftp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
PORT_TFTP, /* defport */
CURLPROTO_TFTP, /* protocol */
PROTOPT_NONE | PROTOPT_NOURLQUERY /* flags */
@@ -198,7 +200,7 @@ const struct Curl_handler Curl_handler_tftp = {
static CURLcode tftp_set_timeouts(tftp_state_data_t *state)
{
time_t maxtime, timeout;
- long timeout_ms;
+ time_t timeout_ms;
bool start = (state->state == TFTP_STATE_START) ? TRUE : FALSE;
time(&state->start_time);
@@ -303,7 +305,7 @@ static unsigned short getrpacketblock(const tftp_packet_t
*packet)
static size_t Curl_strnlen(const char *string, size_t maxlen)
{
- const char *end = memchr (string, '\0', maxlen);
+ const char *end = memchr(string, '\0', maxlen);
return end ? (size_t) (end - string) : maxlen;
}
@@ -358,7 +360,7 @@ static CURLcode tftp_parse_option_ack(tftp_state_data_t
*state,
failf(data, "invalid blocksize value in OACK packet");
return CURLE_TFTP_ILLEGAL;
}
- else if(blksize > TFTP_BLKSIZE_MAX) {
+ if(blksize > TFTP_BLKSIZE_MAX) {
failf(data, "%s (%d)", "blksize is larger than max supported",
TFTP_BLKSIZE_MAX);
return CURLE_TFTP_ILLEGAL;
@@ -484,10 +486,15 @@ static CURLcode tftp_send_first(tftp_state_data_t *state,
tftp_event_t event)
/* As RFC3617 describes the separator slash is not actually part of the
file name so we skip the always-present first letter of the path
string. */
- filename = curl_easy_unescape(data, &state->conn->data->state.path[1], 0,
- NULL);
- if(!filename)
- return CURLE_OUT_OF_MEMORY;
+ result = Curl_urldecode(data, &state->conn->data->state.path[1], 0,
+ &filename, NULL, FALSE);
+ if(result)
+ return result;
+
+ if(strlen(filename) > (state->blksize - strlen(mode) - 4)) {
+ failf(data, "TFTP file name too long\n");
+ return CURLE_TFTP_ILLEGAL; /* too long file name field */
+ }
snprintf((char *)state->spacket.data+2,
state->blksize,
@@ -1118,7 +1125,8 @@ static CURLcode tftp_receive_packet(struct connectdata
*conn)
}
else {
/* The event is given by the TFTP packet time */
- state->event = (tftp_event_t)getrpacketevent(&state->rpacket);
+ unsigned short event = getrpacketevent(&state->rpacket);
+ state->event = (tftp_event_t)event;
switch(state->event) {
case TFTP_EVENT_DATA:
@@ -1137,9 +1145,12 @@ static CURLcode tftp_receive_packet(struct connectdata
*conn)
}
break;
case TFTP_EVENT_ERROR:
- state->error = (tftp_error_t)getrpacketblock(&state->rpacket);
+ {
+ unsigned short error = getrpacketblock(&state->rpacket);
+ state->error = (tftp_error_t)error;
infof(data, "%s\n", (const char *)state->rpacket.data+4);
break;
+ }
case TFTP_EVENT_ACK:
break;
case TFTP_EVENT_OACK:
@@ -1188,7 +1199,7 @@ static long tftp_state_timeout(struct connectdata *conn,
tftp_event_t *event)
state->state = TFTP_STATE_FIN;
return 0;
}
- else if(current > state->rx_time+state->retry_time) {
+ if(current > state->rx_time+state->retry_time) {
if(event)
*event = TFTP_EVENT_TIMEOUT;
time(&state->rx_time); /* update even though we received nothing */
@@ -1222,7 +1233,7 @@ static CURLcode tftp_multi_statemach(struct connectdata
*conn, bool *done)
failf(data, "TFTP response timeout");
return CURLE_OPERATION_TIMEDOUT;
}
- else if(event != TFTP_EVENT_NONE) {
+ if(event != TFTP_EVENT_NONE) {
result = tftp_state_machine(state, event);
if(result)
return result;
@@ -1233,7 +1244,7 @@ static CURLcode tftp_multi_statemach(struct connectdata
*conn, bool *done)
}
else {
/* no timeouts to handle, check our socket */
- rc = Curl_socket_ready(state->sockfd, CURL_SOCKET_BAD, 0);
+ rc = SOCKET_READABLE(state->sockfd, 0);
if(rc == -1) {
/* bail out */
@@ -1339,7 +1350,7 @@ static CURLcode tftp_do(struct connectdata *conn, bool
*done)
state = (tftp_state_data_t *)conn->proto.tftpc;
if(!state)
- return CURLE_BAD_CALLING_ORDER;
+ return CURLE_TFTP_ILLEGAL;
result = tftp_perform(conn, done);
@@ -1355,7 +1366,7 @@ static CURLcode tftp_do(struct connectdata *conn, bool
*done)
static CURLcode tftp_setup_connection(struct connectdata * conn)
{
struct Curl_easy *data = conn->data;
- char * type;
+ char *type;
char command;
conn->socktype = SOCK_DGRAM; /* UDP datagram based */
@@ -1371,7 +1382,7 @@ static CURLcode tftp_setup_connection(struct connectdata
* conn)
*type = 0; /* it was in the middle of the hostname */
command = Curl_raw_toupper(type[6]);
- switch (command) {
+ switch(command) {
case 'A': /* ASCII mode */
case 'N': /* NETASCII mode */
data->set.prefer_ascii = TRUE;
diff --git a/lib/timeval.c b/lib/timeval.c
index 629f1c8f0..d7207b3a2 100644
--- a/lib/timeval.c
+++ b/lib/timeval.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,14 +24,14 @@
#if defined(WIN32) && !defined(MSDOS)
-struct timeval curlx_tvnow(void)
+struct curltime curlx_tvnow(void)
{
/*
** GetTickCount() is available on _all_ Windows versions from W95 up
** to nowadays. Returns milliseconds elapsed since last system boot,
** increases monotonically and wraps once 49.7 days have elapsed.
*/
- struct timeval now;
+ struct curltime now;
#if !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_VISTA) || \
(_WIN32_WINNT < _WIN32_WINNT_VISTA)
DWORD milliseconds = GetTickCount();
@@ -39,8 +39,8 @@ struct timeval curlx_tvnow(void)
now.tv_usec = (milliseconds % 1000) * 1000;
#else
ULONGLONG milliseconds = GetTickCount64();
- now.tv_sec = (long) (milliseconds / 1000);
- now.tv_usec = (long) (milliseconds % 1000) * 1000;
+ now.tv_sec = (time_t) (milliseconds / 1000);
+ now.tv_usec = (unsigned int) (milliseconds % 1000) * 1000;
#endif
return now;
@@ -48,7 +48,7 @@ struct timeval curlx_tvnow(void)
#elif defined(HAVE_CLOCK_GETTIME_MONOTONIC)
-struct timeval curlx_tvnow(void)
+struct curltime curlx_tvnow(void)
{
/*
** clock_gettime() is granted to be increased monotonically when the
@@ -58,10 +58,11 @@ struct timeval curlx_tvnow(void)
** system has started up.
*/
struct timeval now;
+ struct curltime cnow;
struct timespec tsnow;
if(0 == clock_gettime(CLOCK_MONOTONIC, &tsnow)) {
- now.tv_sec = tsnow.tv_sec;
- now.tv_usec = tsnow.tv_nsec / 1000;
+ cnow.tv_sec = tsnow.tv_sec;
+ cnow.tv_usec = (unsigned int)(tsnow.tv_nsec / 1000);
}
/*
** Even when the configure process has truly detected monotonic clock
@@ -69,20 +70,23 @@ struct timeval curlx_tvnow(void)
** run-time. When this occurs simply fallback to other time source.
*/
#ifdef HAVE_GETTIMEOFDAY
- else
+ else {
(void)gettimeofday(&now, NULL);
+ cnow.tv_sec = now.tv_sec;
+ cnow.tv_usec = (unsigned int)now.tv_usec;
+ }
#else
else {
- now.tv_sec = (long)time(NULL);
- now.tv_usec = 0;
+ cnow.tv_sec = time(NULL);
+ cnow.tv_usec = 0;
}
#endif
- return now;
+ return cnow;
}
#elif defined(HAVE_GETTIMEOFDAY)
-struct timeval curlx_tvnow(void)
+struct curltime curlx_tvnow(void)
{
/*
** gettimeofday() is not granted to be increased monotonically, due to
@@ -90,19 +94,22 @@ struct timeval curlx_tvnow(void)
** forward or backward in time.
*/
struct timeval now;
+ struct curltime ret;
(void)gettimeofday(&now, NULL);
- return now;
+ ret.tv_sec = now.tv_sec;
+ ret.tv_usec = now.tv_usec;
+ return ret;
}
#else
-struct timeval curlx_tvnow(void)
+struct curltime curlx_tvnow(void)
{
/*
** time() returns the value of time in seconds since the Epoch.
*/
- struct timeval now;
- now.tv_sec = (long)time(NULL);
+ struct curltime now;
+ now.tv_sec = time(NULL);
now.tv_usec = 0;
return now;
}
@@ -115,8 +122,10 @@ struct timeval curlx_tvnow(void)
*
* Returns: the time difference in number of milliseconds. For large diffs it
* returns 0x7fffffff on 32bit time_t systems.
+ *
+ * @unittest: 1323
*/
-long curlx_tvdiff(struct timeval newer, struct timeval older)
+time_t curlx_tvdiff(struct curltime newer, struct curltime older)
{
#if SIZEOF_TIME_T < 8
/* for 32bit time_t systems, add a precaution to avoid overflow for really
@@ -126,25 +135,28 @@ long curlx_tvdiff(struct timeval newer, struct timeval
older)
return 0x7fffffff;
#endif
return (newer.tv_sec-older.tv_sec)*1000+
- (long)(newer.tv_usec-older.tv_usec)/1000;
+ (int)(newer.tv_usec-older.tv_usec)/1000;
}
/*
- * Same as curlx_tvdiff but with full usec resolution.
+ * Make sure that the first argument is the more recent time, as otherwise
+ * we'll get a weird negative time-diff back...
*
- * Returns: the time difference in seconds with subsecond resolution.
+ * Returns: the time difference in number of microseconds. For too large diffs
+ * it returns max value.
*/
-double curlx_tvdiff_secs(struct timeval newer, struct timeval older)
+time_t Curl_tvdiff_us(struct curltime newer, struct curltime older)
{
- if(newer.tv_sec != older.tv_sec)
- return (double)(newer.tv_sec-older.tv_sec)+
- (double)(newer.tv_usec-older.tv_usec)/1000000.0;
- else
- return (double)(newer.tv_usec-older.tv_usec)/1000000.0;
-}
-
-/* return the number of seconds in the given input timeval struct */
-long Curl_tvlong(struct timeval t1)
-{
- return t1.tv_sec;
+ time_t diff = newer.tv_sec-older.tv_sec;
+#if SIZEOF_TIME_T < 8
+ /* for 32bit time_t systems */
+ if(diff >= (0x7fffffff/1000000))
+ return 0x7fffffff;
+#else
+ /* for 64bit time_t systems */
+ if(diff >= (0x7fffffffffffffffLL/1000000))
+ return 0x7fffffffffffffffLL;
+#endif
+ return (newer.tv_sec-older.tv_sec)*1000000+
+ (int)(newer.tv_usec-older.tv_usec);
}
diff --git a/lib/timeval.h b/lib/timeval.h
index 50c31a252..1ee4b3044 100644
--- a/lib/timeval.h
+++ b/lib/timeval.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -29,7 +29,12 @@
#include "curl_setup.h"
-struct timeval curlx_tvnow(void);
+struct curltime {
+ time_t tv_sec; /* seconds */
+ unsigned int tv_usec; /* microseconds */
+};
+
+struct curltime curlx_tvnow(void);
/*
* Make sure that the first argument (t1) is the more recent time and t2 is
@@ -37,22 +42,20 @@ struct timeval curlx_tvnow(void);
*
* Returns: the time difference in number of milliseconds.
*/
-long curlx_tvdiff(struct timeval t1, struct timeval t2);
+time_t curlx_tvdiff(struct curltime t1, struct curltime t2);
/*
- * Same as curlx_tvdiff but with full usec resolution.
+ * Make sure that the first argument (t1) is the more recent time and t2 is
+ * the older time, as otherwise you get a weird negative time-diff back...
*
- * Returns: the time difference in seconds with subsecond resolution.
+ * Returns: the time difference in number of microseconds.
*/
-double curlx_tvdiff_secs(struct timeval t1, struct timeval t2);
-
-long Curl_tvlong(struct timeval t1);
+time_t Curl_tvdiff_us(struct curltime newer, struct curltime older);
/* These two defines below exist to provide the older API for library
internals only. */
#define Curl_tvnow() curlx_tvnow()
#define Curl_tvdiff(x,y) curlx_tvdiff(x,y)
-#define Curl_tvdiff_secs(x,y) curlx_tvdiff_secs(x,y)
#endif /* HEADER_CURL_TIMEVAL_H */
diff --git a/lib/transfer.c b/lib/transfer.c
index 24bdf2155..f09985def 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,10 +21,7 @@
***************************************************************************/
#include "curl_setup.h"
-
#include "strtoofft.h"
-#include "strequal.h"
-#include "rawstr.h"
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
@@ -58,7 +55,7 @@
#endif
#include "urldata.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "netrc.h"
#include "content_encoding.h"
@@ -120,7 +117,8 @@ CURLcode Curl_fillreadbuffer(struct connectdata *conn, int
bytes, int *nreadp)
*nreadp = 0;
return CURLE_ABORTED_BY_CALLBACK;
}
- else if(nread == CURL_READFUNC_PAUSE) {
+ if(nread == CURL_READFUNC_PAUSE) {
+ struct SingleRequest *k = &data->req;
if(conn->handler->flags & PROTOPT_NONETWORK) {
/* protocols that work without network cannot be paused. This is
@@ -129,16 +127,15 @@ CURLcode Curl_fillreadbuffer(struct connectdata *conn,
int bytes, int *nreadp)
failf(data, "Read callback asked for PAUSE when not supported!");
return CURLE_READ_ERROR;
}
- else {
- struct SingleRequest *k = &data->req;
- /* CURL_READFUNC_PAUSE pauses read callbacks that feed socket writes */
- k->keepon |= KEEP_SEND_PAUSE; /* mark socket send as paused */
- if(data->req.upload_chunky) {
+
+ /* CURL_READFUNC_PAUSE pauses read callbacks that feed socket writes */
+ k->keepon |= KEEP_SEND_PAUSE; /* mark socket send as paused */
+ if(data->req.upload_chunky) {
/* Back out the preallocation done above */
- data->req.upload_fromhere -= (8 + 2);
- }
- *nreadp = 0;
+ data->req.upload_fromhere -= (8 + 2);
}
+ *nreadp = 0;
+
return CURLE_OK; /* nothing was read */
}
else if((size_t)nread > buffersize) {
@@ -408,8 +405,7 @@ static CURLcode readwrite_data(struct Curl_easy *data,
/* This is where we loop until we have read everything there is to
read or we get a CURLE_AGAIN */
do {
- size_t buffersize = data->set.buffer_size?
- data->set.buffer_size : BUFSIZE;
+ size_t buffersize = data->set.buffer_size;
size_t bytestoread = buffersize;
if(
@@ -645,7 +641,7 @@ static CURLcode readwrite_data(struct Curl_easy *data,
failf(data, "%s in chunked-encoding", Curl_chunked_strerror(res));
return CURLE_RECV_ERROR;
}
- else if(CHUNKE_STOP == res) {
+ if(CHUNKE_STOP == res) {
size_t dataleft;
/* we're done reading chunks! */
k->keepon &= ~KEEP_RECV; /* read no more */
@@ -684,8 +680,6 @@ static CURLcode readwrite_data(struct Curl_easy *data,
excess = (size_t)(k->bytecount + nread - k->maxdownload);
if(excess > 0 && !k->ignorebody) {
if(Curl_pipeline_wanted(conn->data->multi, CURLPIPE_HTTP1)) {
- /* The 'excess' amount below can't be more than BUFSIZE which
- always will fit in a size_t */
infof(data,
"Rewinding stream by : %zu"
" bytes on url %s (size = %" CURL_FORMAT_CURL_OFF_T
@@ -744,8 +738,8 @@ static CURLcode readwrite_data(struct Curl_easy *data,
Make sure that ALL_CONTENT_ENCODINGS contains all the
encodings handled here. */
#ifdef HAVE_LIBZ
- switch (conn->data->set.http_ce_skip ?
- IDENTITY : k->auto_decoding) {
+ switch(conn->data->set.http_ce_skip ?
+ IDENTITY : k->auto_decoding) {
case IDENTITY:
#endif
/* This is the default when the server sends no
@@ -778,9 +772,9 @@ static CURLcode readwrite_data(struct Curl_easy *data,
break;
default:
- failf (data, "Unrecognized content encoding type. "
- "libcurl understands `identity', `deflate' and `gzip' "
- "content encodings.");
+ failf(data, "Unrecognized content encoding type. "
+ "libcurl understands `identity', `deflate' and `gzip' "
+ "content encodings.");
result = CURLE_BAD_CONTENT_ENCODING;
break;
}
@@ -856,7 +850,6 @@ static CURLcode done_sending(struct connectdata *conn,
*/
static CURLcode readwrite_upload(struct Curl_easy *data,
struct connectdata *conn,
- struct SingleRequest *k,
int *didwhat)
{
ssize_t i, si;
@@ -864,6 +857,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
CURLcode result;
ssize_t nread; /* number of bytes read */
bool sending_http_headers = FALSE;
+ struct SingleRequest *k = &data->req;
if((k->bytecount == 0) && (k->writebytecount == 0))
Curl_pgrsTime(data, TIMER_STARTTRANSFER);
@@ -874,15 +868,15 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
/* only read more data if there's no upload data already
present in the upload buffer */
- if(0 == data->req.upload_present) {
+ if(0 == k->upload_present) {
/* init the "upload from here" pointer */
- data->req.upload_fromhere = k->uploadbuf;
+ k->upload_fromhere = data->state.uploadbuffer;
if(!k->upload_done) {
/* HTTP pollution, this should be written nicer to become more
protocol agnostic. */
int fillcount;
- struct HTTP *http = data->req.protop;
+ struct HTTP *http = k->protop;
if((k->exp100 == EXP100_SENDING_REQUEST) &&
(http->sending == HTTPSEND_BODY)) {
@@ -895,7 +889,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
*didwhat &= ~KEEP_SEND; /* we didn't write anything actually */
/* set a timeout for the multi interface */
- Curl_expire(data, data->set.expect_100_timeout);
+ Curl_expire(data, data->set.expect_100_timeout, EXPIRE_100_TIMEOUT);
break;
}
@@ -908,7 +902,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
sending_http_headers = FALSE;
}
- result = Curl_fillreadbuffer(conn, BUFSIZE, &fillcount);
+ result = Curl_fillreadbuffer(conn, UPLOAD_BUFSIZE, &fillcount);
if(result)
return result;
@@ -921,7 +915,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
/* this is a paused transfer */
break;
}
- else if(nread<=0) {
+ if(nread<=0) {
result = done_sending(conn, k);
if(result)
return result;
@@ -929,7 +923,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
}
/* store number of bytes available for upload */
- data->req.upload_present = nread;
+ k->upload_present = nread;
/* convert LF to CRLF if so asked */
if((!sending_http_headers) && (
@@ -940,7 +934,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
(data->set.crlf))) {
/* Do we need to allocate a scratch buffer? */
if(!data->state.scratch) {
- data->state.scratch = malloc(2 * BUFSIZE);
+ data->state.scratch = malloc(2 * data->set.buffer_size);
if(!data->state.scratch) {
failf(data, "Failed to alloc scratch buffer!");
@@ -955,7 +949,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
* must be used instead of the escape sequences \r & \n.
*/
for(i = 0, si = 0; i < nread; i++, si++) {
- if(data->req.upload_fromhere[i] == 0x0a) {
+ if(k->upload_fromhere[i] == 0x0a) {
data->state.scratch[si++] = 0x0d;
data->state.scratch[si] = 0x0a;
if(!data->set.crlf) {
@@ -966,7 +960,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
}
}
else
- data->state.scratch[si] = data->req.upload_fromhere[i];
+ data->state.scratch[si] = k->upload_fromhere[i];
}
if(si != nread) {
@@ -975,10 +969,10 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
nread = si;
/* upload from the new (replaced) buffer instead */
- data->req.upload_fromhere = data->state.scratch;
+ k->upload_fromhere = data->state.scratch;
/* set the new amount too */
- data->req.upload_present = nread;
+ k->upload_present = nread;
}
}
@@ -989,7 +983,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
return result;
}
#endif /* CURL_DISABLE_SMTP */
- } /* if 0 == data->req.upload_present */
+ } /* if 0 == k->upload_present */
else {
/* We have a partial buffer left from a previous "round". Use
that instead of reading more data */
@@ -997,17 +991,17 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
/* write to socket (send away data) */
result = Curl_write(conn,
- conn->writesockfd, /* socket to send to */
- data->req.upload_fromhere, /* buffer pointer */
- data->req.upload_present, /* buffer size */
- &bytes_written); /* actually sent */
+ conn->writesockfd, /* socket to send to */
+ k->upload_fromhere, /* buffer pointer */
+ k->upload_present, /* buffer size */
+ &bytes_written); /* actually sent */
if(result)
return result;
if(data->set.verbose)
/* show the data before we change the pointer upload_fromhere */
- Curl_debug(data, CURLINFO_DATA_OUT, data->req.upload_fromhere,
+ Curl_debug(data, CURLINFO_DATA_OUT, k->upload_fromhere,
(size_t)bytes_written, conn);
k->writebytecount += bytes_written;
@@ -1018,20 +1012,20 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
infof(data, "We are completely uploaded and fine\n");
}
- if(data->req.upload_present != bytes_written) {
+ if(k->upload_present != bytes_written) {
/* we only wrote a part of the buffer (if anything), deal with it! */
/* store the amount of bytes left in the buffer to write */
- data->req.upload_present -= bytes_written;
+ k->upload_present -= bytes_written;
/* advance the pointer where to find the buffer when the next send
is to happen */
- data->req.upload_fromhere += bytes_written;
+ k->upload_fromhere += bytes_written;
}
else {
/* we've uploaded that buffer now */
- data->req.upload_fromhere = k->uploadbuf;
- data->req.upload_present = 0; /* no more bytes left */
+ k->upload_fromhere = data->state.uploadbuffer;
+ k->upload_present = 0; /* no more bytes left */
if(k->upload_done) {
result = done_sending(conn, k);
@@ -1089,7 +1083,7 @@ CURLcode Curl_readwrite(struct connectdata *conn,
if(!select_res) /* Call for select()/poll() only, if read/write/error
status is not known. */
- select_res = Curl_socket_ready(fd_read, fd_write, 0);
+ select_res = Curl_socket_check(fd_read, CURL_SOCKET_BAD, fd_write, 0);
if(select_res == CURL_CSELECT_ERR) {
failf(data, "select/poll returned error");
@@ -1111,7 +1105,7 @@ CURLcode Curl_readwrite(struct connectdata *conn,
if((k->keepon & KEEP_SEND) && (select_res & CURL_CSELECT_OUT)) {
/* write */
- result = readwrite_upload(data, conn, k, &didwhat);
+ result = readwrite_upload(data, conn, &didwhat);
if(result)
return result;
}
@@ -1140,11 +1134,12 @@ CURLcode Curl_readwrite(struct connectdata *conn,
*/
- long ms = Curl_tvdiff(k->now, k->start100);
+ time_t ms = Curl_tvdiff(k->now, k->start100);
if(ms >= data->set.expect_100_timeout) {
/* we've waited long enough, continue anyway */
k->exp100 = EXP100_SEND_DATA;
k->keepon |= KEEP_SEND;
+ Curl_expire_done(data, EXPIRE_100_TIMEOUT);
infof(data, "Done waiting for 100-continue\n");
}
}
@@ -1189,15 +1184,13 @@ CURLcode Curl_readwrite(struct connectdata *conn,
*/
(k->bytecount != (k->size + data->state.crlf_conversions)) &&
#endif /* CURL_DO_LINEEND_CONV */
- !data->req.newurl) {
+ !k->newurl) {
failf(data, "transfer closed with %" CURL_FORMAT_CURL_OFF_T
- " bytes remaining to read",
- k->size - k->bytecount);
+ " bytes remaining to read", k->size - k->bytecount);
return CURLE_PARTIAL_FILE;
}
- else if(!(data->set.opt_no_body) &&
- k->chunk &&
- (conn->chunk.state != CHUNK_STOP)) {
+ if(!(data->set.opt_no_body) && k->chunk &&
+ (conn->chunk.state != CHUNK_STOP)) {
/*
* In chunked mode, return an error if the connection is closed prior to
* the empty (terminating) chunk is read.
@@ -1295,11 +1288,18 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
failf(data, "No URL set!");
return CURLE_URL_MALFORMAT;
}
+ /* since the URL may have been redirected in a previous use of this handle */
+ if(data->change.url_alloc) {
+ /* the already set URL is allocated, free it first! */
+ Curl_safefree(data->change.url);
+ data->change.url_alloc = FALSE;
+ }
+ data->change.url = data->set.str[STRING_SET_URL];
/* Init the SSL session ID cache here. We do it here since we want to do it
after the *_setopt() calls (that could specify the size of the cache) but
before any transfer takes place. */
- result = Curl_ssl_initsessions(data, data->set.ssl.max_ssl_sessions);
+ result = Curl_ssl_initsessions(data, data->set.general_ssl.max_ssl_sessions);
if(result)
return result;
@@ -1316,8 +1316,11 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
if(data->set.httpreq == HTTPREQ_PUT)
data->state.infilesize = data->set.filesize;
- else
+ else {
data->state.infilesize = data->set.postfieldsize;
+ if(data->set.postfields && (data->state.infilesize == -1))
+ data->state.infilesize = (curl_off_t)strlen(data->set.postfields);
+ }
/* If there is a list of cookie files to read, do it now! */
if(data->change.cookielist)
@@ -1346,10 +1349,10 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
Curl_pgrsStartNow(data);
if(data->set.timeout)
- Curl_expire(data, data->set.timeout);
+ Curl_expire(data, data->set.timeout, EXPIRE_TIMEOUT);
if(data->set.connecttimeout)
- Curl_expire(data, data->set.connecttimeout);
+ Curl_expire(data, data->set.connecttimeout, EXPIRE_CONNECTTIMEOUT);
/* In case the handle is re-used and an authentication method was picked
in the session we need to make sure we only use the one(s) we now
@@ -1359,13 +1362,12 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
if(data->set.wildcardmatch) {
struct WildcardData *wc = &data->wildcard;
- if(!wc->filelist) {
+ if(wc->state < CURLWC_INIT) {
result = Curl_wildcard_init(wc); /* init wildcard structures */
if(result)
return CURLE_OUT_OF_MEMORY;
}
}
-
}
return result;
@@ -1389,16 +1391,56 @@ CURLcode Curl_posttransfer(struct Curl_easy *data)
#ifndef CURL_DISABLE_HTTP
/*
+ * Find the separator at the end of the host name, or the '?' in cases like
+ * http://www.url.com?id=2380
+ */
+static const char *find_host_sep(const char *url)
+{
+ const char *sep;
+ const char *query;
+
+ /* Find the start of the hostname */
+ sep = strstr(url, "//");
+ if(!sep)
+ sep = url;
+ else
+ sep += 2;
+
+ query = strchr(sep, '?');
+ sep = strchr(sep, '/');
+
+ if(!sep)
+ sep = url + strlen(url);
+
+ if(!query)
+ query = url + strlen(url);
+
+ return sep < query ? sep : query;
+}
+
+/*
* strlen_url() returns the length of the given URL if the spaces within the
* URL were properly URL encoded.
+ * URL encoding should be skipped for host names, otherwise IDN resolution
+ * will fail.
*/
-static size_t strlen_url(const char *url)
+static size_t strlen_url(const char *url, bool relative)
{
const unsigned char *ptr;
size_t newlen=0;
bool left=TRUE; /* left side of the ? */
+ const unsigned char *host_sep = (const unsigned char *) url;
+
+ if(!relative)
+ host_sep = (const unsigned char *) find_host_sep(url);
for(ptr=(unsigned char *)url; *ptr; ptr++) {
+
+ if(ptr < host_sep) {
+ ++newlen;
+ continue;
+ }
+
switch(*ptr) {
case '?':
left=FALSE;
@@ -1421,16 +1463,29 @@ static size_t strlen_url(const char *url)
/* strcpy_url() copies a url to a output buffer and URL-encodes the spaces in
* the source URL accordingly.
+ * URL encoding should be skipped for host names, otherwise IDN resolution
+ * will fail.
*/
-static void strcpy_url(char *output, const char *url)
+static void strcpy_url(char *output, const char *url, bool relative)
{
/* we must add this with whitespace-replacing */
bool left=TRUE;
const unsigned char *iptr;
char *optr = output;
+ const unsigned char *host_sep = (const unsigned char *) url;
+
+ if(!relative)
+ host_sep = (const unsigned char *) find_host_sep(url);
+
for(iptr = (unsigned char *)url; /* read from here */
*iptr; /* until zero byte */
iptr++) {
+
+ if(iptr < host_sep) {
+ *optr++ = *iptr;
+ continue;
+ }
+
switch(*iptr) {
case '?':
left=FALSE;
@@ -1486,6 +1541,7 @@ static char *concat_url(const char *base, const char
*relurl)
char *protsep;
char *pathsep;
size_t newlen;
+ bool host_changed = FALSE;
const char *useurl = relurl;
size_t urllen;
@@ -1566,6 +1622,7 @@ static char *concat_url(const char *base, const char
*relurl)
*protsep=0;
useurl = &relurl[2]; /* we keep the slashes from the original, so we
skip the new ones */
+ host_changed = TRUE;
}
else {
/* cut off the original URL from the first slash, or deal with URLs
@@ -1597,7 +1654,7 @@ static char *concat_url(const char *base, const char
*relurl)
letter we replace each space with %20 while it is replaced with '+'
on the right side of the '?' letter.
*/
- newlen = strlen_url(useurl);
+ newlen = strlen_url(useurl, !host_changed);
urllen = strlen(url_clone);
@@ -1619,7 +1676,7 @@ static char *concat_url(const char *base, const char
*relurl)
newest[urllen++]='/';
/* then append the new piece on the right side */
- strcpy_url(&newest[urllen], useurl);
+ strcpy_url(&newest[urllen], useurl, !host_changed);
free(url_clone);
@@ -1632,9 +1689,7 @@ static char *concat_url(const char *base, const char
*relurl)
* as given by the remote server and set up the new URL to request.
*/
CURLcode Curl_follow(struct Curl_easy *data,
- char *newurl, /* this 'newurl' is the Location: string,
- and it must be malloc()ed before passed
- here */
+ char *newurl, /* the Location: string */
followtype type) /* see transfer.h */
{
#ifdef CURL_DISABLE_HTTP
@@ -1647,33 +1702,36 @@ CURLcode Curl_follow(struct Curl_easy *data,
/* Location: redirect */
bool disallowport = FALSE;
+ bool reachedmax = FALSE;
if(type == FOLLOW_REDIR) {
if((data->set.maxredirs != -1) &&
- (data->set.followlocation >= data->set.maxredirs)) {
- failf(data, "Maximum (%ld) redirects followed", data->set.maxredirs);
- return CURLE_TOO_MANY_REDIRECTS;
+ (data->set.followlocation >= data->set.maxredirs)) {
+ reachedmax = TRUE;
+ type = FOLLOW_FAKE; /* switch to fake to store the would-be-redirected
+ to URL */
}
+ else {
+ /* mark the next request as a followed location: */
+ data->state.this_is_a_follow = TRUE;
- /* mark the next request as a followed location: */
- data->state.this_is_a_follow = TRUE;
+ data->set.followlocation++; /* count location-followers */
- data->set.followlocation++; /* count location-followers */
+ if(data->set.http_auto_referer) {
+ /* We are asked to automatically set the previous URL as the referer
+ when we get the next URL. We pick the ->url field, which may or may
+ not be 100% correct */
- if(data->set.http_auto_referer) {
- /* We are asked to automatically set the previous URL as the referer
- when we get the next URL. We pick the ->url field, which may or may
- not be 100% correct */
+ if(data->change.referer_alloc) {
+ Curl_safefree(data->change.referer);
+ data->change.referer_alloc = FALSE;
+ }
- if(data->change.referer_alloc) {
- Curl_safefree(data->change.referer);
- data->change.referer_alloc = FALSE;
+ data->change.referer = strdup(data->change.url);
+ if(!data->change.referer)
+ return CURLE_OUT_OF_MEMORY;
+ data->change.referer_alloc = TRUE; /* yes, free this later */
}
-
- data->change.referer = strdup(data->change.url);
- if(!data->change.referer)
- return CURLE_OUT_OF_MEMORY;
- data->change.referer_alloc = TRUE; /* yes, free this later */
}
}
@@ -1685,14 +1743,13 @@ CURLcode Curl_follow(struct Curl_easy *data,
char *absolute = concat_url(data->change.url, newurl);
if(!absolute)
return CURLE_OUT_OF_MEMORY;
- free(newurl);
newurl = absolute;
}
else {
/* The new URL MAY contain space or high byte values, that means a mighty
stupid redirect URL but we still make an effort to do "right". */
char *newest;
- size_t newlen = strlen_url(newurl);
+ size_t newlen = strlen_url(newurl, FALSE);
/* This is an absolute URL, don't allow the custom port number */
disallowport = TRUE;
@@ -1700,9 +1757,8 @@ CURLcode Curl_follow(struct Curl_easy *data,
newest = malloc(newlen+1); /* get memory for this */
if(!newest)
return CURLE_OUT_OF_MEMORY;
- strcpy_url(newest, newurl); /* create a space-free URL */
- free(newurl); /* that was no good */
+ strcpy_url(newest, newurl, FALSE); /* create a space-free URL */
newurl = newest; /* use this instead now */
}
@@ -1711,6 +1767,11 @@ CURLcode Curl_follow(struct Curl_easy *data,
/* we're only figuring out the new url if we would've followed locations
but now we're done so we can get out! */
data->info.wouldredirect = newurl;
+
+ if(reachedmax) {
+ failf(data, "Maximum (%ld) redirects followed", data->set.maxredirs);
+ return CURLE_TOO_MANY_REDIRECTS;
+ }
return CURLE_OK;
}
@@ -1724,7 +1785,6 @@ CURLcode Curl_follow(struct Curl_easy *data,
data->change.url = newurl;
data->change.url_alloc = TRUE;
- newurl = NULL; /* don't free! */
infof(data, "Issue another request to this URL: '%s'\n", data->change.url);
@@ -1798,7 +1858,7 @@ CURLcode Curl_follow(struct Curl_easy *data,
break;
case 303: /* See Other */
- /* Disable both types of POSTs, unless the user explicitely
+ /* Disable both types of POSTs, unless the user explicitly
asks for POST after POST */
if(data->set.httpreq != HTTPREQ_GET
&& !(data->set.keep_post & CURL_REDIR_POST_303)) {
@@ -1846,12 +1906,17 @@ CURLcode Curl_retry_request(struct connectdata *conn,
return CURLE_OK;
if((data->req.bytecount + data->req.headerbytecount == 0) &&
- conn->bits.reuse &&
- (data->set.rtspreq != RTSPREQ_RECEIVE)) {
- /* We didn't get a single byte when we attempted to re-use a
- connection. This might happen if the connection was left alive when we
- were done using it before, but that was closed when we wanted to use it
- again. Bad luck. Retry the same request on a fresh connect! */
+ conn->bits.reuse &&
+ (!data->set.opt_no_body
+ || (conn->handler->protocol & PROTO_FAMILY_HTTP)) &&
+ (data->set.rtspreq != RTSPREQ_RECEIVE)) {
+ /* We got no data, we attempted to re-use a connection. For HTTP this
+ can be a retry so we try again regardless if we expected a body.
+ For other protocols we only try again only if we expected a body.
+
+ This might happen if the connection was left alive when we were
+ done using it before, but that was closed when we wanted to read from
+ it again. Bad luck. Retry the same request on a fresh connect! */
infof(conn->data, "Connection died, retrying a fresh connect\n");
*url = strdup(conn->data->change.url);
if(!*url)
@@ -1946,7 +2011,7 @@ Curl_setup_transfer(
/* Set a timeout for the multi interface. Add the inaccuracy margin so
that we don't fire slightly too early and get denied to run. */
- Curl_expire(data, data->set.expect_100_timeout);
+ Curl_expire(data, data->set.expect_100_timeout, EXPIRE_100_TIMEOUT);
}
else {
if(data->state.expect100header)
diff --git a/lib/url.c b/lib/url.c
index f355c7a22..acaf913da 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -59,24 +59,13 @@
#include <limits.h>
#endif
-#ifdef USE_LIBIDN
-#include <idna.h>
-#include <tld.h>
-#include <stringprep.h>
-#ifdef HAVE_IDN_FREE_H
-#include <idn-free.h>
-#else
-/* prototype from idn-free.h, not provided by libidn 0.4.5's make install! */
-void idn_free (void *ptr);
-#endif
-#ifndef HAVE_IDN_FREE
-/* if idn_free() was not found in this version of libidn use free() instead */
-#define idn_free(x) (free)(x)
-#endif
+#ifdef USE_LIBIDN2
+#include <idn2.h>
+
#elif defined(USE_WIN32_IDN)
/* prototype for curl_win32_idn_to_ascii() */
bool curl_win32_idn_to_ascii(const char *in, char **out);
-#endif /* USE_LIBIDN */
+#endif /* USE_LIBIDN2 */
#include "urldata.h"
#include "netrc.h"
@@ -88,7 +77,7 @@ bool curl_win32_idn_to_ascii(const char *in, char **out);
#include "sendf.h"
#include "progress.h"
#include "cookie.h"
-#include "strequal.h"
+#include "strcase.h"
#include "strerror.h"
#include "escape.h"
#include "strtok.h"
@@ -100,10 +89,10 @@ bool curl_win32_idn_to_ascii(const char *in, char **out);
#include "multiif.h"
#include "easyif.h"
#include "speedcheck.h"
-#include "rawstr.h"
#include "warnless.h"
#include "non-ascii.h"
#include "inet_pton.h"
+#include "getinfo.h"
/* And now for the protocols */
#include "ftp.h"
@@ -151,6 +140,19 @@ static CURLcode parse_login_details(const char *login,
const size_t len,
char **optionsptr);
static unsigned int get_protocol_family(unsigned int protocol);
+#define READBUFFER_SIZE CURL_MAX_WRITE_SIZE
+#define READBUFFER_MAX CURL_MAX_READ_SIZE
+#define READBUFFER_MIN 1024
+
+/* Some parts of the code (e.g. chunked encoding) assume this buffer has at
+ * more than just a few bytes to play with. Don't let it become too small or
+ * bad things will happen.
+ */
+#if READBUFFER_SIZE < READBUFFER_MIN
+# error READBUFFER_SIZE is too small
+#endif
+
+
/*
* Protocol table.
*/
@@ -272,6 +274,7 @@ static const struct Curl_handler Curl_handler_dummy = {
ZERO_NULL, /* perform_getsock */
ZERO_NULL, /* disconnect */
ZERO_NULL, /* readwrite */
+ ZERO_NULL, /* connection_check */
0, /* defport */
0, /* protocol */
PROTOPT_NONE /* flags */
@@ -422,10 +425,7 @@ CURLcode Curl_close(struct Curl_easy *data)
/* Destroy the timeout list that is held in the easy handle. It is
/normally/ done by curl_multi_remove_handle() but this is "just in
case" */
- if(data->state.timeoutlist) {
- Curl_llist_destroy(data->state.timeoutlist, NULL);
- data->state.timeoutlist = NULL;
- }
+ Curl_llist_destroy(&data->state.timeoutlist, NULL);
data->magic = 0; /* force a clear AFTER the possibly enforced removal from
the multi handle, since that function uses the magic
@@ -463,6 +463,7 @@ CURLcode Curl_close(struct Curl_easy *data)
}
data->change.url = NULL;
+ Curl_safefree(data->state.buffer);
Curl_safefree(data->state.headerbuff);
Curl_flush_cookies(data, 1);
@@ -475,6 +476,7 @@ CURLcode Curl_close(struct Curl_easy *data)
/* this destroys the channel and we cannot use it anymore after this */
Curl_resolver_cleanup(data->state.resolver);
+ Curl_http2_cleanup_dependencies(data);
Curl_convert_close(data);
/* No longer a dirty share, if it exists */
@@ -537,13 +539,16 @@ CURLcode Curl_init_userdefined(struct UserDefined *set)
set->dns_cache_timeout = 60; /* Timeout every 60 seconds by default */
/* Set the default size of the SSL session ID cache */
- set->ssl.max_ssl_sessions = 5;
+ set->general_ssl.max_ssl_sessions = 5;
- set->proxyport = CURL_DEFAULT_PROXY_PORT; /* from url.h */
+ set->proxyport = 0;
set->proxytype = CURLPROXY_HTTP; /* defaults to HTTP proxy */
set->httpauth = CURLAUTH_BASIC; /* defaults to basic */
set->proxyauth = CURLAUTH_BASIC; /* defaults to basic */
+ /* SOCKS5 proxy auth defaults to username/password + GSS-API */
+ set->socks5auth = CURLAUTH_BASIC | CURLAUTH_GSSAPI;
+
/* make libcurl quiet by default: */
set->hide_progress = TRUE; /* CURLOPT_NOPROGRESS changes these */
@@ -551,14 +556,16 @@ CURLcode Curl_init_userdefined(struct UserDefined *set)
* libcurl 7.10 introduced SSL verification *by default*! This needs to be
* switched off unless wanted.
*/
- set->ssl.verifypeer = TRUE;
- set->ssl.verifyhost = TRUE;
+ set->ssl.primary.verifypeer = TRUE;
+ set->ssl.primary.verifyhost = TRUE;
#ifdef USE_TLS_SRP
set->ssl.authtype = CURL_TLSAUTH_NONE;
#endif
set->ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
type */
- set->ssl.sessionid = TRUE; /* session ID caching enabled by default */
+ set->ssl.primary.sessionid = TRUE; /* session ID caching enabled by
+ default */
+ set->proxy_ssl = set->ssl;
set->new_file_perms = 0644; /* Default permissions */
set->new_directory_perms = 0755; /* Default permissions */
@@ -581,12 +588,20 @@ CURLcode Curl_init_userdefined(struct UserDefined *set)
/* This is our preferred CA cert bundle/path since install time */
#if defined(CURL_CA_BUNDLE)
- result = setstropt(&set->str[STRING_SSL_CAFILE], CURL_CA_BUNDLE);
+ result = setstropt(&set->str[STRING_SSL_CAFILE_ORIG], CURL_CA_BUNDLE);
+ if(result)
+ return result;
+
+ result = setstropt(&set->str[STRING_SSL_CAFILE_PROXY], CURL_CA_BUNDLE);
if(result)
return result;
#endif
#if defined(CURL_CA_PATH)
- result = setstropt(&set->str[STRING_SSL_CAPATH], CURL_CA_PATH);
+ result = setstropt(&set->str[STRING_SSL_CAPATH_ORIG], CURL_CA_PATH);
+ if(result)
+ return result;
+
+ result = setstropt(&set->str[STRING_SSL_CAPATH_PROXY], CURL_CA_PATH);
if(result)
return result;
#endif
@@ -609,6 +624,7 @@ CURLcode Curl_init_userdefined(struct UserDefined *set)
set->expect_100_timeout = 1000L; /* Wait for a second by default. */
set->sep_headers = TRUE; /* separated header lists by default */
+ set->buffer_size = READBUFFER_SIZE;
Curl_http2_init_userset(set);
return result;
@@ -646,6 +662,12 @@ CURLcode Curl_open(struct Curl_easy **curl)
/* We do some initial setup here, all those fields that can't be just 0 */
+ data->state.buffer = malloc(READBUFFER_SIZE + 1);
+ if(!data->state.buffer) {
+ DEBUGF(fprintf(stderr, "Error: malloc of buffer failed\n"));
+ result = CURLE_OUT_OF_MEMORY;
+ }
+
data->state.headerbuff = malloc(HEADERSIZE);
if(!data->state.headerbuff) {
DEBUGF(fprintf(stderr, "Error: malloc of headerbuff failed\n"));
@@ -658,14 +680,13 @@ CURLcode Curl_open(struct Curl_easy **curl)
Curl_convert_init(data);
+ Curl_initinfo(data);
+
/* most recent connection is not yet defined */
data->state.lastconnect = NULL;
data->progress.flags |= PGRS_HIDE;
data->state.current_speed = -1; /* init to negative == impossible */
-
- data->wildcard.state = CURLWC_INIT;
- data->wildcard.filelist = NULL;
data->set.fnmatch = ZERO_NULL;
data->set.maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */
@@ -674,6 +695,7 @@ CURLcode Curl_open(struct Curl_easy **curl)
if(result) {
Curl_resolver_cleanup(data->state.resolver);
+ free(data->state.buffer);
free(data->state.headerbuff);
Curl_freeset(data);
free(data);
@@ -685,6 +707,9 @@ CURLcode Curl_open(struct Curl_easy **curl)
return result;
}
+#define C_SSLVERSION_VALUE(x) (x & 0xffff)
+#define C_SSLVERSION_MAX_VALUE(x) (x & 0xffff0000)
+
CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
va_list param)
{
@@ -706,7 +731,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
break;
case CURLOPT_SSL_CIPHER_LIST:
/* set a list of cipher we want to use in the SSL connection */
- result = setstropt(&data->set.str[STRING_SSL_CIPHER_LIST],
+ result = setstropt(&data->set.str[STRING_SSL_CIPHER_LIST_ORIG],
+ va_arg(param, char *));
+ break;
+ case CURLOPT_PROXY_SSL_CIPHER_LIST:
+ /* set a list of cipher we want to use in the SSL connection for proxy */
+ result = setstropt(&data->set.str[STRING_SSL_CIPHER_LIST_PROXY],
va_arg(param, char *));
break;
@@ -782,6 +812,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
*/
data->set.http_fail_on_error = (0 != va_arg(param, long)) ? TRUE : FALSE;
break;
+ case CURLOPT_KEEP_SENDING_ON_ERROR:
+ data->set.http_keep_sending_on_error = (0 != va_arg(param, long)) ?
+ TRUE : FALSE;
+ break;
case CURLOPT_UPLOAD:
case CURLOPT_PUT:
/*
@@ -799,6 +833,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
then this can be changed to HEAD later on) */
data->set.httpreq = HTTPREQ_GET;
break;
+ case CURLOPT_REQUEST_TARGET:
+ result = setstropt(&data->set.str[STRING_TARGET],
+ va_arg(param, char *));
+ break;
case CURLOPT_FILETIME:
/*
* Try to get the file time of the remote document. The time will
@@ -891,7 +929,7 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
case CURLOPT_TIMECONDITION:
/*
* Set HTTP time condition. This must be one of the defines in the
- * curl/curl.h header file.
+ * gnurl/curl.h header file.
*/
data->set.timecondition = (curl_TimeCond)va_arg(param, long);
break;
@@ -908,7 +946,22 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* implementations are lame.
*/
#ifdef USE_SSL
- data->set.ssl.version = va_arg(param, long);
+ arg = va_arg(param, long);
+ data->set.ssl.primary.version = C_SSLVERSION_VALUE(arg);
+ data->set.ssl.primary.version_max = C_SSLVERSION_MAX_VALUE(arg);
+#else
+ result = CURLE_UNKNOWN_OPTION;
+#endif
+ break;
+ case CURLOPT_PROXY_SSLVERSION:
+ /*
+ * Set explicit SSL version to try to connect with for proxy, as some SSL
+ * implementations are lame.
+ */
+#ifdef USE_SSL
+ arg = va_arg(param, long);
+ data->set.proxy_ssl.primary.version = C_SSLVERSION_VALUE(arg);
+ data->set.proxy_ssl.primary.version_max = C_SSLVERSION_MAX_VALUE(arg);
#else
result = CURLE_UNKNOWN_OPTION;
#endif
@@ -978,8 +1031,8 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* CURL_REDIR_POST_ALL - POST is kept as POST after 301, 302 and 303
* other - POST is kept as POST after 301 and 302
*/
- int postRedir = curlx_sltosi(va_arg(param, long));
- data->set.keep_post = postRedir & CURL_REDIR_POST_ALL;
+ arg = va_arg(param, long);
+ data->set.keep_post = arg & CURL_REDIR_POST_ALL;
}
break;
@@ -1015,7 +1068,7 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
(data->set.postfieldsize > (curl_off_t)((size_t)-1))))
result = CURLE_OUT_OF_MEMORY;
else {
- char * p;
+ char *p;
(void) setstropt(&data->set.str[STRING_COPYPOSTFIELDS], NULL);
@@ -1226,23 +1279,23 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
if(argptr == NULL)
break;
- if(Curl_raw_equal(argptr, "ALL")) {
+ if(strcasecompare(argptr, "ALL")) {
/* clear all cookies */
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
Curl_cookie_clearall(data->cookies);
Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
}
- else if(Curl_raw_equal(argptr, "SESS")) {
+ else if(strcasecompare(argptr, "SESS")) {
/* clear session cookies */
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
Curl_cookie_clearsess(data->cookies);
Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
}
- else if(Curl_raw_equal(argptr, "FLUSH")) {
+ else if(strcasecompare(argptr, "FLUSH")) {
/* flush cookies to file, takes care of the locking */
Curl_flush_cookies(data, 0);
}
- else if(Curl_raw_equal(argptr, "RELOAD")) {
+ else if(strcasecompare(argptr, "RELOAD")) {
/* reload cookies from file */
Curl_cookie_loadfiles(data);
break;
@@ -1290,7 +1343,7 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
case CURLOPT_HTTP_VERSION:
/*
* This sets a requested HTTP version to be used. The value is one of
- * the listed enums in curl/curl.h.
+ * the listed enums in gnurl/curl.h.
*/
arg = va_arg(param, long);
#ifndef USE_NGHTTP2
@@ -1442,18 +1495,30 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
case CURLOPT_PROXY:
/*
- * Set proxy server:port to use as HTTP proxy.
+ * Set proxy server:port to use as proxy.
*
- * If the proxy is set to "" we explicitly say that we don't want to use a
- * proxy (even though there might be environment variables saying so).
+ * If the proxy is set to "" (and CURLOPT_SOCKS_PROXY is set to "" or NULL)
+ * we explicitly say that we don't want to use a proxy
+ * (even though there might be environment variables saying so).
*
* Setting it to NULL, means no proxy but allows the environment variables
- * to decide for us.
+ * to decide for us (if CURLOPT_SOCKS_PROXY setting it to NULL).
*/
result = setstropt(&data->set.str[STRING_PROXY],
va_arg(param, char *));
break;
+ case CURLOPT_PRE_PROXY:
+ /*
+ * Set proxy server:port to use as SOCKS proxy.
+ *
+ * If the proxy is set to "" or NULL we explicitly say that we don't want
+ * to use the socks proxy.
+ */
+ result = setstropt(&data->set.str[STRING_PRE_PROXY],
+ va_arg(param, char *));
+ break;
+
case CURLOPT_PROXYTYPE:
/*
* Set proxy type. HTTP/HTTP_1_0/SOCKS4/SOCKS4a/SOCKS5/SOCKS5_HOSTNAME
@@ -1465,7 +1530,7 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
/*
* set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy
*/
- switch (va_arg(param, long)) {
+ switch(va_arg(param, long)) {
case 0:
data->set.proxy_transfer_mode = FALSE;
break;
@@ -1480,6 +1545,11 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
break;
#endif /* CURL_DISABLE_PROXY */
+ case CURLOPT_SOCKS5_AUTH:
+ data->set.socks5auth = va_arg(param, unsigned long);
+ if(data->set.socks5auth & ~(CURLAUTH_BASIC | CURLAUTH_GSSAPI))
+ result = CURLE_NOT_BUILT_IN;
+ break;
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
case CURLOPT_SOCKS5_GSSAPI_NEC:
/*
@@ -1918,35 +1988,70 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
/*
* String that holds file name of the SSL certificate to use
*/
- result = setstropt(&data->set.str[STRING_CERT],
+ result = setstropt(&data->set.str[STRING_CERT_ORIG],
+ va_arg(param, char *));
+ break;
+ case CURLOPT_PROXY_SSLCERT:
+ /*
+ * String that holds file name of the SSL certificate to use for proxy
+ */
+ result = setstropt(&data->set.str[STRING_CERT_PROXY],
va_arg(param, char *));
break;
case CURLOPT_SSLCERTTYPE:
/*
* String that holds file type of the SSL certificate to use
*/
- result = setstropt(&data->set.str[STRING_CERT_TYPE],
+ result = setstropt(&data->set.str[STRING_CERT_TYPE_ORIG],
+ va_arg(param, char *));
+ break;
+ case CURLOPT_PROXY_SSLCERTTYPE:
+ /*
+ * String that holds file type of the SSL certificate to use for proxy
+ */
+ result = setstropt(&data->set.str[STRING_CERT_TYPE_PROXY],
va_arg(param, char *));
break;
case CURLOPT_SSLKEY:
/*
* String that holds file name of the SSL key to use
*/
- result = setstropt(&data->set.str[STRING_KEY],
+ result = setstropt(&data->set.str[STRING_KEY_ORIG],
+ va_arg(param, char *));
+ break;
+ case CURLOPT_PROXY_SSLKEY:
+ /*
+ * String that holds file name of the SSL key to use for proxy
+ */
+ result = setstropt(&data->set.str[STRING_KEY_PROXY],
va_arg(param, char *));
break;
case CURLOPT_SSLKEYTYPE:
/*
* String that holds file type of the SSL key to use
*/
- result = setstropt(&data->set.str[STRING_KEY_TYPE],
+ result = setstropt(&data->set.str[STRING_KEY_TYPE_ORIG],
+ va_arg(param, char *));
+ break;
+ case CURLOPT_PROXY_SSLKEYTYPE:
+ /*
+ * String that holds file type of the SSL key to use for proxy
+ */
+ result = setstropt(&data->set.str[STRING_KEY_TYPE_PROXY],
va_arg(param, char *));
break;
case CURLOPT_KEYPASSWD:
/*
* String that holds the SSL or SSH private key password.
*/
- result = setstropt(&data->set.str[STRING_KEY_PASSWD],
+ result = setstropt(&data->set.str[STRING_KEY_PASSWD_ORIG],
+ va_arg(param, char *));
+ break;
+ case CURLOPT_PROXY_KEYPASSWD:
+ /*
+ * String that holds the SSL private key password for proxy.
+ */
+ result = setstropt(&data->set.str[STRING_KEY_PASSWD_PROXY],
va_arg(param, char *));
break;
case CURLOPT_SSLENGINE:
@@ -1983,13 +2088,19 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
/*
* Set what local port to bind the socket to when performing an operation.
*/
- data->set.localport = curlx_sltous(va_arg(param, long));
+ arg = va_arg(param, long);
+ if((arg < 0) || (arg > 65535))
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ data->set.localport = curlx_sltous(arg);
break;
case CURLOPT_LOCALPORTRANGE:
/*
* Set number of local ports to try, starting with CURLOPT_LOCALPORT.
*/
- data->set.localportrange = curlx_sltosi(va_arg(param, long));
+ arg = va_arg(param, long);
+ if((arg < 0) || (arg > 65535))
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ data->set.localportrange = curlx_sltosi(arg);
break;
case CURLOPT_KRBLEVEL:
/*
@@ -2009,7 +2120,15 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
/*
* Enable peer SSL verifying.
*/
- data->set.ssl.verifypeer = (0 != va_arg(param, long)) ? TRUE : FALSE;
+ data->set.ssl.primary.verifypeer = (0 != va_arg(param, long)) ?
+ TRUE : FALSE;
+ break;
+ case CURLOPT_PROXY_SSL_VERIFYPEER:
+ /*
+ * Enable peer SSL verifying for proxy.
+ */
+ data->set.proxy_ssl.primary.verifypeer =
+ (0 != va_arg(param, long))?TRUE:FALSE;
break;
case CURLOPT_SSL_VERIFYHOST:
/*
@@ -2027,7 +2146,25 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
return CURLE_BAD_FUNCTION_ARGUMENT;
}
- data->set.ssl.verifyhost = (0 != arg) ? TRUE : FALSE;
+ data->set.ssl.primary.verifyhost = (0 != arg) ? TRUE : FALSE;
+ break;
+ case CURLOPT_PROXY_SSL_VERIFYHOST:
+ /*
+ * Enable verification of the host name in the peer certificate for proxy
+ */
+ arg = va_arg(param, long);
+
+ /* Obviously people are not reading documentation and too many thought
+ this argument took a boolean when it wasn't and misused it. We thus ban
+ 1 as a sensible input and we warn about its use. Then we only have the
+ 2 action internally stored as TRUE. */
+
+ if(1 == arg) {
+ failf(data, "CURLOPT_SSL_VERIFYHOST no longer supports 1 as value!");
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ }
+
+ data->set.proxy_ssl.primary.verifyhost = (0 != arg)?TRUE:FALSE;
break;
case CURLOPT_SSL_VERIFYSTATUS:
/*
@@ -2038,7 +2175,8 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
break;
}
- data->set.ssl.verifystatus = (0 != va_arg(param, long)) ? TRUE : FALSE;
+ data->set.ssl.primary.verifystatus = (0 != va_arg(param, long)) ?
+ TRUE : FALSE;
break;
case CURLOPT_SSL_CTX_FUNCTION:
#ifdef have_curlssl_ssl_ctx
@@ -2084,7 +2222,19 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* Set pinned public key for SSL connection.
* Specify file name of the public key in DER format.
*/
- result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY],
+ result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG],
+ va_arg(param, char *));
+#else
+ result = CURLE_NOT_BUILT_IN;
+#endif
+ break;
+ case CURLOPT_PROXY_PINNEDPUBLICKEY:
+#ifdef have_curlssl_pinnedpubkey /* only by supported backends */
+ /*
+ * Set pinned public key for SSL connection.
+ * Specify file name of the public key in DER format.
+ */
+ result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY],
va_arg(param, char *));
#else
result = CURLE_NOT_BUILT_IN;
@@ -2094,7 +2244,15 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
/*
* Set CA info for SSL connection. Specify file name of the CA certificate
*/
- result = setstropt(&data->set.str[STRING_SSL_CAFILE],
+ result = setstropt(&data->set.str[STRING_SSL_CAFILE_ORIG],
+ va_arg(param, char *));
+ break;
+ case CURLOPT_PROXY_CAINFO:
+ /*
+ * Set CA info SSL connection for proxy. Specify file name of the
+ * CA certificate
+ */
+ result = setstropt(&data->set.str[STRING_SSL_CAFILE_PROXY],
va_arg(param, char *));
break;
case CURLOPT_CAPATH:
@@ -2104,7 +2262,20 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* certificates which have been prepared using openssl c_rehash utility.
*/
/* This does not work on windows. */
- result = setstropt(&data->set.str[STRING_SSL_CAPATH],
+ result = setstropt(&data->set.str[STRING_SSL_CAPATH_ORIG],
+ va_arg(param, char *));
+#else
+ result = CURLE_NOT_BUILT_IN;
+#endif
+ break;
+ case CURLOPT_PROXY_CAPATH:
+#ifdef have_curlssl_ca_path /* not supported by all backends */
+ /*
+ * Set CA path info for SSL connection proxy. Specify directory name of the
+ * CA certificates which have been prepared using openssl c_rehash utility.
+ */
+ /* This does not work on windows. */
+ result = setstropt(&data->set.str[STRING_SSL_CAPATH_PROXY],
va_arg(param, char *));
#else
result = CURLE_NOT_BUILT_IN;
@@ -2115,7 +2286,15 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* Set CRL file info for SSL connection. Specify file name of the CRL
* to check certificates revocation
*/
- result = setstropt(&data->set.str[STRING_SSL_CRLFILE],
+ result = setstropt(&data->set.str[STRING_SSL_CRLFILE_ORIG],
+ va_arg(param, char *));
+ break;
+ case CURLOPT_PROXY_CRLFILE:
+ /*
+ * Set CRL file info for SSL connection for proxy. Specify file name of the
+ * CRL to check certificates revocation
+ */
+ result = setstropt(&data->set.str[STRING_SSL_CRLFILE_PROXY],
va_arg(param, char *));
break;
case CURLOPT_ISSUERCERT:
@@ -2123,7 +2302,7 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* Set Issuer certificate file
* to check certificates issuer
*/
- result = setstropt(&data->set.str[STRING_SSL_ISSUERCERT],
+ result = setstropt(&data->set.str[STRING_SSL_ISSUERCERT_ORIG],
va_arg(param, char *));
break;
case CURLOPT_TELNETOPTIONS:
@@ -2138,11 +2317,26 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* The application kindly asks for a differently sized receive buffer.
* If it seems reasonable, we'll use it.
*/
- data->set.buffer_size = va_arg(param, long);
+ arg = va_arg(param, long);
- if((data->set.buffer_size> (BUFSIZE -1)) ||
- (data->set.buffer_size < 1))
- data->set.buffer_size = 0; /* huge internal default */
+ if(arg > READBUFFER_MAX)
+ arg = READBUFFER_MAX;
+ else if(arg < 1)
+ arg = READBUFFER_SIZE;
+ else if(arg < READBUFFER_MIN)
+ arg = READBUFFER_MIN;
+
+ /* Resize if new size */
+ if(arg != data->set.buffer_size) {
+ char *newbuff = realloc(data->state.buffer, arg + 1);
+ if(!newbuff) {
+ DEBUGF(fprintf(stderr, "Error: realloc of buffer failed\n"));
+ result = CURLE_OUT_OF_MEMORY;
+ }
+ else
+ data->state.buffer = newbuff;
+ }
+ data->set.buffer_size = arg;
break;
@@ -2204,7 +2398,7 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
}
#endif /* CURL_DISABLE_HTTP */
if(data->share->sslsession) {
- data->set.ssl.max_ssl_sessions = data->share->max_ssl_sessions;
+ data->set.general_ssl.max_ssl_sessions = data->share->max_ssl_sessions;
data->state.session = data->share->sslsession;
}
Curl_share_unlock(data, CURL_LOCK_DATA_SHARE);
@@ -2239,8 +2433,14 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
case CURLOPT_SSL_OPTIONS:
arg = va_arg(param, long);
- data->set.ssl_enable_beast = !!(arg & CURLSSLOPT_ALLOW_BEAST);
- data->set.ssl_no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
+ data->set.ssl.enable_beast = arg&CURLSSLOPT_ALLOW_BEAST?TRUE:FALSE;
+ data->set.ssl.no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
+ break;
+
+ case CURLOPT_PROXY_SSL_OPTIONS:
+ arg = va_arg(param, long);
+ data->set.proxy_ssl.enable_beast = arg&CURLSSLOPT_ALLOW_BEAST?TRUE:FALSE;
+ data->set.proxy_ssl.no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
break;
#endif
@@ -2336,7 +2536,9 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
break;
case CURLOPT_SSL_SESSIONID_CACHE:
- data->set.ssl.sessionid = (0 != va_arg(param, long)) ? TRUE : FALSE;
+ data->set.ssl.primary.sessionid = (0 != va_arg(param, long)) ?
+ TRUE : FALSE;
+ data->set.proxy_ssl.primary.sessionid = data->set.ssl.primary.sessionid;
break;
#ifdef USE_LIBSSH2
@@ -2427,7 +2629,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* know that an unsigned int will always hold the value so we blindly
* typecast to this type
*/
- data->set.scope_id = curlx_sltoui(va_arg(param, long));
+ arg = va_arg(param, long);
+ if((arg < 0) || (arg > 0xf))
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ data->set.scope_id = curlx_sltoui(arg);
break;
case CURLOPT_PROTOCOLS:
@@ -2603,23 +2808,47 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
break;
#ifdef USE_TLS_SRP
case CURLOPT_TLSAUTH_USERNAME:
- result = setstropt(&data->set.str[STRING_TLSAUTH_USERNAME],
+ result = setstropt(&data->set.str[STRING_TLSAUTH_USERNAME_ORIG],
va_arg(param, char *));
- if(data->set.str[STRING_TLSAUTH_USERNAME] && !data->set.ssl.authtype)
+ if(data->set.str[STRING_TLSAUTH_USERNAME_ORIG] && !data->set.ssl.authtype)
data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
break;
+ case CURLOPT_PROXY_TLSAUTH_USERNAME:
+ result = setstropt(&data->set.str[STRING_TLSAUTH_USERNAME_PROXY],
+ va_arg(param, char *));
+ if(data->set.str[STRING_TLSAUTH_USERNAME_PROXY] &&
+ !data->set.proxy_ssl.authtype)
+ data->set.proxy_ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
+ break;
case CURLOPT_TLSAUTH_PASSWORD:
- result = setstropt(&data->set.str[STRING_TLSAUTH_PASSWORD],
+ result = setstropt(&data->set.str[STRING_TLSAUTH_PASSWORD_ORIG],
va_arg(param, char *));
- if(data->set.str[STRING_TLSAUTH_USERNAME] && !data->set.ssl.authtype)
+ if(data->set.str[STRING_TLSAUTH_USERNAME_ORIG] && !data->set.ssl.authtype)
data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
break;
+ case CURLOPT_PROXY_TLSAUTH_PASSWORD:
+ result = setstropt(&data->set.str[STRING_TLSAUTH_PASSWORD_PROXY],
+ va_arg(param, char *));
+ if(data->set.str[STRING_TLSAUTH_USERNAME_PROXY] &&
+ !data->set.proxy_ssl.authtype)
+ data->set.proxy_ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
+ break;
case CURLOPT_TLSAUTH_TYPE:
- if(strnequal((char *)va_arg(param, char *), "SRP", strlen("SRP")))
+ argptr = va_arg(param, char *);
+ if(!argptr ||
+ strncasecompare(argptr, "SRP", strlen("SRP")))
data->set.ssl.authtype = CURL_TLSAUTH_SRP;
else
data->set.ssl.authtype = CURL_TLSAUTH_NONE;
break;
+ case CURLOPT_PROXY_TLSAUTH_TYPE:
+ argptr = va_arg(param, char *);
+ if(!argptr ||
+ strncasecompare(argptr, "SRP", strlen("SRP")))
+ data->set.proxy_ssl.authtype = CURL_TLSAUTH_SRP;
+ else
+ data->set.proxy_ssl.authtype = CURL_TLSAUTH_NONE;
+ break;
#endif
case CURLOPT_DNS_SERVERS:
result = Curl_set_dns_servers(data, va_arg(param, char *));
@@ -2659,6 +2888,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
#ifdef USE_UNIX_SOCKETS
case CURLOPT_UNIX_SOCKET_PATH:
+ data->set.abstract_unix_socket = FALSE;
+ result = setstropt(&data->set.str[STRING_UNIX_SOCKET_PATH],
+ va_arg(param, char *));
+ break;
+ case CURLOPT_ABSTRACT_UNIX_SOCKET:
+ data->set.abstract_unix_socket = TRUE;
result = setstropt(&data->set.str[STRING_UNIX_SOCKET_PATH],
va_arg(param, char *));
break;
@@ -2686,9 +2921,11 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
return CURLE_NOT_BUILT_IN;
#else
struct Curl_easy *dep = va_arg(param, struct Curl_easy *);
- if(dep && GOOD_EASY_HANDLE(dep)) {
- data->set.stream_depends_on = dep;
- data->set.stream_depends_e = (option == CURLOPT_STREAM_DEPENDS_E);
+ if(!dep || GOOD_EASY_HANDLE(dep)) {
+ if(data->set.stream_depends_on) {
+ Curl_http2_remove_child(data->set.stream_depends_on, data);
+ }
+ Curl_http2_add_child(dep, data, (option == CURLOPT_STREAM_DEPENDS_E));
}
break;
#endif
@@ -2696,6 +2933,9 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
case CURLOPT_CONNECT_TO:
data->set.connect_to = va_arg(param, struct curl_slist *);
break;
+ case CURLOPT_SUPPRESS_CONNECT_HEADERS:
+ data->set.suppress_connect_headers = (0 != va_arg(param, long))?TRUE:FALSE;
+ break;
default:
/* unknown tag and its companion, just ignore: */
result = CURLE_UNKNOWN_OPTION;
@@ -2726,10 +2966,10 @@ static void conn_reset_postponed_data(struct
connectdata *conn, int num)
#endif /* DEBUGBUILD */
}
else {
- DEBUGASSERT (psnd->allocated_size == 0);
- DEBUGASSERT (psnd->recv_size == 0);
- DEBUGASSERT (psnd->recv_processed == 0);
- DEBUGASSERT (psnd->bindsock == CURL_SOCKET_BAD);
+ DEBUGASSERT(psnd->allocated_size == 0);
+ DEBUGASSERT(psnd->recv_size == 0);
+ DEBUGASSERT(psnd->recv_processed == 0);
+ DEBUGASSERT(psnd->bindsock == CURL_SOCKET_BAD);
}
}
@@ -2739,8 +2979,7 @@ static void conn_reset_all_postponed_data(struct
connectdata *conn)
conn_reset_postponed_data(conn, 1);
}
#else /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
-/* Use "do-nothing" macros instead of functions when workaround not used */
-#define conn_reset_postponed_data(c,n) do {} WHILE_FALSE
+/* Use "do-nothing" macro instead of function when workaround not used */
#define conn_reset_all_postponed_data(c) do {} WHILE_FALSE
#endif /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
@@ -2776,8 +3015,10 @@ static void conn_free(struct connectdata *conn)
Curl_safefree(conn->passwd);
Curl_safefree(conn->oauth_bearer);
Curl_safefree(conn->options);
- Curl_safefree(conn->proxyuser);
- Curl_safefree(conn->proxypasswd);
+ Curl_safefree(conn->http_proxy.user);
+ Curl_safefree(conn->socks_proxy.user);
+ Curl_safefree(conn->http_proxy.passwd);
+ Curl_safefree(conn->socks_proxy.passwd);
Curl_safefree(conn->allocptr.proxyuserpwd);
Curl_safefree(conn->allocptr.uagent);
Curl_safefree(conn->allocptr.userpwd);
@@ -2791,19 +3032,24 @@ static void conn_free(struct connectdata *conn)
Curl_safefree(conn->trailer);
Curl_safefree(conn->host.rawalloc); /* host name buffer */
Curl_safefree(conn->conn_to_host.rawalloc); /* host name buffer */
- Curl_safefree(conn->proxy.rawalloc); /* proxy name buffer */
+ Curl_safefree(conn->secondaryhostname);
+ Curl_safefree(conn->http_proxy.host.rawalloc); /* http proxy name buffer */
+ Curl_safefree(conn->socks_proxy.host.rawalloc); /* socks proxy name buffer */
Curl_safefree(conn->master_buffer);
+ Curl_safefree(conn->connect_state);
conn_reset_all_postponed_data(conn);
- Curl_llist_destroy(conn->send_pipe, NULL);
- Curl_llist_destroy(conn->recv_pipe, NULL);
-
- conn->send_pipe = NULL;
- conn->recv_pipe = NULL;
+ Curl_llist_destroy(&conn->send_pipe, NULL);
+ Curl_llist_destroy(&conn->recv_pipe, NULL);
Curl_safefree(conn->localdev);
- Curl_free_ssl_config(&conn->ssl_config);
+ Curl_free_primary_ssl_config(&conn->ssl_config);
+ Curl_free_primary_ssl_config(&conn->proxy_ssl_config);
+
+#ifdef USE_UNIX_SOCKETS
+ Curl_safefree(conn->unix_domain_socket);
+#endif
free(conn); /* free all the connection oriented data */
}
@@ -2835,9 +3081,9 @@ CURLcode Curl_disconnect(struct connectdata *conn, bool
dead_connection)
* are other users of it
*/
if(!conn->bits.close &&
- (conn->send_pipe->size + conn->recv_pipe->size)) {
+ (conn->send_pipe.size + conn->recv_pipe.size)) {
DEBUGF(infof(data, "Curl_disconnect, usecounter: %d\n",
- conn->send_pipe->size + conn->recv_pipe->size));
+ conn->send_pipe.size + conn->recv_pipe.size));
return CURLE_OK;
}
@@ -2863,14 +3109,15 @@ CURLcode Curl_disconnect(struct connectdata *conn, bool
dead_connection)
free_fixed_hostname(&conn->host);
free_fixed_hostname(&conn->conn_to_host);
- free_fixed_hostname(&conn->proxy);
+ free_fixed_hostname(&conn->http_proxy.host);
+ free_fixed_hostname(&conn->socks_proxy.host);
Curl_ssl_close(conn, FIRSTSOCKET);
/* Indicate to all handles on the pipe that we're dead */
if(Curl_pipeline_wanted(data->multi, CURLPIPE_ANY)) {
- signalPipeClose(conn->send_pipe, TRUE);
- signalPipeClose(conn->recv_pipe, TRUE);
+ signalPipeClose(&conn->send_pipe, TRUE);
+ signalPipeClose(&conn->recv_pipe, TRUE);
}
conn_free(conn);
@@ -2888,7 +3135,7 @@ static bool SocketIsDead(curl_socket_t sock)
int sval;
bool ret_val = TRUE;
- sval = Curl_socket_ready(sock, CURL_SOCKET_BAD, 0);
+ sval = SOCKET_READABLE(sock, 0);
if(sval == 0)
/* timeout */
ret_val = FALSE;
@@ -2897,28 +3144,33 @@ static bool SocketIsDead(curl_socket_t sock)
}
/*
- * IsPipeliningPossible() returns TRUE if the options set would allow
- * pipelining/multiplexing and the connection is using a HTTP protocol.
+ * IsPipeliningPossible()
+ *
+ * Return a bitmask with the available pipelining and multiplexing options for
+ * the given requested connection.
*/
-static bool IsPipeliningPossible(const struct Curl_easy *handle,
- const struct connectdata *conn)
+static int IsPipeliningPossible(const struct Curl_easy *handle,
+ const struct connectdata *conn)
{
+ int avail = 0;
+
/* If a HTTP protocol and pipelining is enabled */
- if(conn->handler->protocol & PROTO_FAMILY_HTTP) {
+ if((conn->handler->protocol & PROTO_FAMILY_HTTP) &&
+ (!conn->bits.protoconnstart || !conn->bits.close)) {
if(Curl_pipeline_wanted(handle->multi, CURLPIPE_HTTP1) &&
(handle->set.httpversion != CURL_HTTP_VERSION_1_0) &&
(handle->set.httpreq == HTTPREQ_GET ||
handle->set.httpreq == HTTPREQ_HEAD))
/* didn't ask for HTTP/1.0 and a GET or HEAD */
- return TRUE;
+ avail |= CURLPIPE_HTTP1;
if(Curl_pipeline_wanted(handle->multi, CURLPIPE_MULTIPLEX) &&
(handle->set.httpversion >= CURL_HTTP_VERSION_2))
/* allows HTTP/2 */
- return TRUE;
+ avail |= CURLPIPE_MULTIPLEX;
}
- return FALSE;
+ return avail;
}
int Curl_removeHandleFromPipeline(struct Curl_easy *handle,
@@ -2974,9 +3226,9 @@ void Curl_getoff_all_pipelines(struct Curl_easy *data,
bool send_head = (conn->writechannel_inuse &&
Curl_sendpipe_head(data, conn));
- if(Curl_removeHandleFromPipeline(data, conn->recv_pipe) && recv_head)
+ if(Curl_removeHandleFromPipeline(data, &conn->recv_pipe) && recv_head)
Curl_pipeline_leave_read(conn);
- if(Curl_removeHandleFromPipeline(data, conn->send_pipe) && send_head)
+ if(Curl_removeHandleFromPipeline(data, &conn->send_pipe) && send_head)
Curl_pipeline_leave_write(conn);
}
@@ -3021,9 +3273,9 @@ Curl_oldest_idle_connection(struct Curl_easy *data)
struct curl_hash_iterator iter;
struct curl_llist_element *curr;
struct curl_hash_element *he;
- long highscore=-1;
- long score;
- struct timeval now;
+ time_t highscore=-1;
+ time_t score;
+ struct curltime now;
struct connectdata *conn_candidate = NULL;
struct connectbundle *bundle;
@@ -3037,7 +3289,7 @@ Curl_oldest_idle_connection(struct Curl_easy *data)
bundle = he->ptr;
- curr = bundle->conn_list->head;
+ curr = bundle->conn_list.head;
while(curr) {
conn = curr->ptr;
@@ -3059,6 +3311,19 @@ Curl_oldest_idle_connection(struct Curl_easy *data)
return conn_candidate;
}
+static bool
+proxy_info_matches(const struct proxy_info* data,
+ const struct proxy_info* needle)
+{
+ if((data->proxytype == needle->proxytype) &&
+ (data->port == needle->port) &&
+ Curl_safe_strcasecompare(data->host.name, needle->host.name))
+ return TRUE;
+
+ return FALSE;
+}
+
+
/*
* This function finds the connection in the connection
* bundle that has been unused for the longest time.
@@ -3071,9 +3336,9 @@ find_oldest_idle_connection_in_bundle(struct Curl_easy
*data,
struct connectbundle *bundle)
{
struct curl_llist_element *curr;
- long highscore=-1;
- long score;
- struct timeval now;
+ time_t highscore=-1;
+ time_t score;
+ struct curltime now;
struct connectdata *conn_candidate = NULL;
struct connectdata *conn;
@@ -3081,7 +3346,7 @@ find_oldest_idle_connection_in_bundle(struct Curl_easy
*data,
now = Curl_tvnow();
- curr = bundle->conn_list->head;
+ curr = bundle->conn_list.head;
while(curr) {
conn = curr->ptr;
@@ -3109,17 +3374,25 @@ find_oldest_idle_connection_in_bundle(struct Curl_easy
*data,
static bool disconnect_if_dead(struct connectdata *conn,
struct Curl_easy *data)
{
- size_t pipeLen = conn->send_pipe->size + conn->recv_pipe->size;
+ size_t pipeLen = conn->send_pipe.size + conn->recv_pipe.size;
if(!pipeLen && !conn->inuse) {
/* The check for a dead socket makes sense only if there are no
handles in pipeline and the connection isn't already marked in
use */
bool dead;
- if(conn->handler->protocol & CURLPROTO_RTSP)
- /* RTSP is a special case due to RTP interleaving */
- dead = Curl_rtsp_connisdead(conn);
- else
+
+ if(conn->handler->connection_check) {
+ /* The protocol has a special method for checking the state of the
+ connection. Use it to check if the connection is dead. */
+ unsigned int state;
+
+ state = conn->handler->connection_check(conn, CONNCHECK_ISDEAD);
+ dead = (state & CONNRESULT_DEAD);
+ }
+ else {
+ /* Use the general method for determining the death of a connection */
dead = SocketIsDead(conn->sock[FIRSTSOCKET]);
+ }
if(dead) {
conn->data = data;
@@ -3153,8 +3426,8 @@ static int call_disconnect_if_dead(struct connectdata
*conn,
*/
static void prune_dead_connections(struct Curl_easy *data)
{
- struct timeval now = Curl_tvnow();
- long elapsed = Curl_tvdiff(now, data->state.conn_cache->last_cleanup);
+ struct curltime now = Curl_tvnow();
+ time_t elapsed = Curl_tvdiff(now, data->state.conn_cache->last_cleanup);
if(elapsed >= 1000L) {
Curl_conncache_foreach(data->state.conn_cache, data,
@@ -3192,7 +3465,7 @@ ConnectionExists(struct Curl_easy *data,
struct connectdata *check;
struct connectdata *chosen = 0;
bool foundPendingCandidate = FALSE;
- bool canPipeline = IsPipeliningPossible(data, needle);
+ int canpipe = IsPipeliningPossible(data, needle);
struct connectbundle *bundle;
#ifdef USE_NTLM
@@ -3208,10 +3481,10 @@ ConnectionExists(struct Curl_easy *data,
*force_reuse = FALSE;
*waitpipe = FALSE;
- /* We can't pipe if the site is blacklisted */
- if(canPipeline && Curl_pipeline_site_blacklisted(data, needle)) {
- canPipeline = FALSE;
- }
+ /* We can't pipeline if the site is blacklisted */
+ if((canpipe & CURLPIPE_HTTP1) &&
+ Curl_pipeline_site_blacklisted(data, needle))
+ canpipe &= ~ CURLPIPE_HTTP1;
/* Look up the bundle with all the connections to this
particular host */
@@ -3222,22 +3495,17 @@ ConnectionExists(struct Curl_easy *data,
max_pipeline_length(data->multi):0;
size_t best_pipe_len = max_pipe_len;
struct curl_llist_element *curr;
- const char *hostname;
-
- if(needle->bits.conn_to_host)
- hostname = needle->conn_to_host.name;
- else
- hostname = needle->host.name;
infof(data, "Found bundle for host %s: %p [%s]\n",
- hostname, (void *)bundle,
- (bundle->multiuse== BUNDLE_PIPELINING?
- "can pipeline":
- (bundle->multiuse== BUNDLE_MULTIPLEX?
- "can multiplex":"serially")));
-
- /* We can't pipe if we don't know anything about the server */
- if(canPipeline) {
+ (needle->bits.conn_to_host ? needle->conn_to_host.name :
+ needle->host.name), (void *)bundle,
+ (bundle->multiuse == BUNDLE_PIPELINING ?
+ "can pipeline" :
+ (bundle->multiuse == BUNDLE_MULTIPLEX ?
+ "can multiplex" : "serially")));
+
+ /* We can't pipeline if we don't know anything about the server */
+ if(canpipe) {
if(bundle->multiuse <= BUNDLE_UNKNOWN) {
if((bundle->multiuse == BUNDLE_UNKNOWN) && data->set.pipewait) {
infof(data, "Server doesn't support multi-use yet, wait\n");
@@ -3246,22 +3514,22 @@ ConnectionExists(struct Curl_easy *data,
}
infof(data, "Server doesn't support multi-use (yet)\n");
- canPipeline = FALSE;
+ canpipe = 0;
}
if((bundle->multiuse == BUNDLE_PIPELINING) &&
!Curl_pipeline_wanted(data->multi, CURLPIPE_HTTP1)) {
/* not asked for, switch off */
infof(data, "Could pipeline, but not asked to!\n");
- canPipeline = FALSE;
+ canpipe = 0;
}
else if((bundle->multiuse == BUNDLE_MULTIPLEX) &&
!Curl_pipeline_wanted(data->multi, CURLPIPE_MULTIPLEX)) {
infof(data, "Could multiplex, but not asked to!\n");
- canPipeline = FALSE;
+ canpipe = 0;
}
}
- curr = bundle->conn_list->head;
+ curr = bundle->conn_list.head;
while(curr) {
bool match = FALSE;
size_t pipeLen;
@@ -3276,20 +3544,23 @@ ConnectionExists(struct Curl_easy *data,
if(disconnect_if_dead(check, data))
continue;
- pipeLen = check->send_pipe->size + check->recv_pipe->size;
+ pipeLen = check->send_pipe.size + check->recv_pipe.size;
- if(canPipeline) {
+ if(canpipe) {
+ if(check->bits.protoconnstart && check->bits.close)
+ continue;
if(!check->bits.multiplex) {
- /* If not multiplexing, make sure the pipe has only GET requests */
- struct Curl_easy* sh = gethandleathead(check->send_pipe);
- struct Curl_easy* rh = gethandleathead(check->recv_pipe);
+ /* If not multiplexing, make sure the connection is fine for HTTP/1
+ pipelining */
+ struct Curl_easy* sh = gethandleathead(&check->send_pipe);
+ struct Curl_easy* rh = gethandleathead(&check->recv_pipe);
if(sh) {
- if(!IsPipeliningPossible(sh, check))
+ if(!(IsPipeliningPossible(sh, check) & CURLPIPE_HTTP1))
continue;
}
else if(rh) {
- if(!IsPipeliningPossible(rh, check))
+ if(!(IsPipeliningPossible(rh, check) & CURLPIPE_HTTP1))
continue;
}
}
@@ -3321,7 +3592,7 @@ ConnectionExists(struct Curl_easy *data,
infof(data, "Connection #%ld isn't open enough, can't reuse\n",
check->connection_id);
#ifdef DEBUGBUILD
- if(check->recv_pipe->size > 0) {
+ if(check->recv_pipe.size > 0) {
infof(data,
"BAD! Unconnected #%ld has a non-empty recv pipeline!\n",
check->connection_id);
@@ -3331,6 +3602,19 @@ ConnectionExists(struct Curl_easy *data,
}
}
+#ifdef USE_UNIX_SOCKETS
+ if(needle->unix_domain_socket) {
+ if(!check->unix_domain_socket)
+ continue;
+ if(strcmp(needle->unix_domain_socket, check->unix_domain_socket))
+ continue;
+ if(needle->abstract_unix_socket != check->abstract_unix_socket)
+ continue;
+ }
+ else if(check->unix_domain_socket)
+ continue;
+#endif
+
if((needle->handler->flags&PROTOPT_SSL) !=
(check->handler->flags&PROTOPT_SSL))
/* don't do mixed SSL and non-SSL connections */
@@ -3339,23 +3623,12 @@ ConnectionExists(struct Curl_easy *data,
/* except protocols that have been upgraded via TLS */
continue;
- if(needle->handler->flags&PROTOPT_SSL) {
- if((data->set.ssl.verifypeer != check->verifypeer) ||
- (data->set.ssl.verifyhost != check->verifyhost))
- continue;
- }
-
- if(needle->bits.proxy != check->bits.proxy)
- /* don't do mixed proxy and non-proxy connections */
+ if(needle->bits.httpproxy != check->bits.httpproxy ||
+ needle->bits.socksproxy != check->bits.socksproxy)
continue;
- if(needle->bits.proxy &&
- (needle->proxytype != check->proxytype ||
- needle->bits.httpproxy != check->bits.httpproxy ||
- needle->bits.tunnel_proxy != check->bits.tunnel_proxy ||
- !Curl_raw_equal(needle->proxy.name, check->proxy.name) ||
- needle->port != check->port))
- /* don't mix connections that use different proxies */
+ if(needle->bits.socksproxy && !proxy_info_matches(&needle->socks_proxy,
+ &check->socks_proxy))
continue;
if(needle->bits.conn_to_host != check->bits.conn_to_host)
@@ -3368,7 +3641,34 @@ ConnectionExists(struct Curl_easy *data,
* connections that don't use this feature */
continue;
- if(!canPipeline && check->inuse)
+ if(needle->bits.httpproxy) {
+ if(!proxy_info_matches(&needle->http_proxy, &check->http_proxy))
+ continue;
+
+ if(needle->bits.tunnel_proxy != check->bits.tunnel_proxy)
+ continue;
+
+ if(needle->http_proxy.proxytype == CURLPROXY_HTTPS) {
+ /* use https proxy */
+ if(needle->handler->flags&PROTOPT_SSL) {
+ /* use double layer ssl */
+ if(!Curl_ssl_config_matches(&needle->proxy_ssl_config,
+ &check->proxy_ssl_config))
+ continue;
+ if(check->proxy_ssl[FIRSTSOCKET].state != ssl_connection_complete)
+ continue;
+ }
+ else {
+ if(!Curl_ssl_config_matches(&needle->ssl_config,
+ &check->ssl_config))
+ continue;
+ if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete)
+ continue;
+ }
+ }
+ }
+
+ if(!canpipe && check->inuse)
/* this request can't be pipelined but the checked connection is
already in use so we skip it */
continue;
@@ -3387,35 +3687,35 @@ ConnectionExists(struct Curl_easy *data,
*/
if((check->localport != needle->localport) ||
(check->localportrange != needle->localportrange) ||
- !check->localdev ||
- !needle->localdev ||
- strcmp(check->localdev, needle->localdev))
+ (needle->localdev &&
+ (!check->localdev || strcmp(check->localdev, needle->localdev))))
continue;
}
if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) {
/* This protocol requires credentials per connection,
so verify that we're using the same name and password as well */
- if(!strequal(needle->user, check->user) ||
- !strequal(needle->passwd, check->passwd)) {
+ if(strcmp(needle->user, check->user) ||
+ strcmp(needle->passwd, check->passwd)) {
/* one of them was different */
continue;
}
}
if(!needle->bits.httpproxy || (needle->handler->flags&PROTOPT_SSL) ||
- (needle->bits.httpproxy && needle->bits.tunnel_proxy)) {
+ needle->bits.tunnel_proxy) {
/* The requested connection does not use a HTTP proxy or it uses SSL or
- it is a non-SSL protocol tunneled over the same HTTP proxy name and
- port number */
- if((Curl_raw_equal(needle->handler->scheme, check->handler->scheme) ||
+ it is a non-SSL protocol tunneled or it is a non-SSL protocol which
+ is allowed to be upgraded via TLS */
+
+ if((strcasecompare(needle->handler->scheme, check->handler->scheme) ||
(get_protocol_family(check->handler->protocol) ==
needle->handler->protocol && check->tls_upgraded)) &&
- (!needle->bits.conn_to_host || Curl_raw_equal(
+ (!needle->bits.conn_to_host || strcasecompare(
needle->conn_to_host.name, check->conn_to_host.name)) &&
(!needle->bits.conn_to_port ||
needle->conn_to_port == check->conn_to_port) &&
- Curl_raw_equal(needle->host.name, check->host.name) &&
+ strcasecompare(needle->host.name, check->host.name) &&
needle->remote_port == check->remote_port) {
/* The schemes match or the the protocol family is the same and the
previous connection was TLS upgraded, and the hostname and host
@@ -3431,7 +3731,7 @@ ConnectionExists(struct Curl_easy *data,
check->connection_id));
continue;
}
- else if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete) {
+ if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete) {
foundPendingCandidate = TRUE;
DEBUGF(infof(data,
"Connection #%ld has not started SSL connect, "
@@ -3457,8 +3757,8 @@ ConnectionExists(struct Curl_easy *data,
possible. (Especially we must not reuse the same connection if
partway through a handshake!) */
if(wantNTLMhttp) {
- if(!strequal(needle->user, check->user) ||
- !strequal(needle->passwd, check->passwd))
+ if(strcmp(needle->user, check->user) ||
+ strcmp(needle->passwd, check->passwd))
continue;
}
else if(check->ntlm.state != NTLMSTATE_NONE) {
@@ -3468,12 +3768,13 @@ ConnectionExists(struct Curl_easy *data,
/* Same for Proxy NTLM authentication */
if(wantProxyNTLMhttp) {
- /* Both check->proxyuser and check->proxypasswd can be NULL */
- if(!check->proxyuser || !check->proxypasswd)
+ /* Both check->http_proxy.user and check->http_proxy.passwd can be
+ * NULL */
+ if(!check->http_proxy.user || !check->http_proxy.passwd)
continue;
- if(!strequal(needle->proxyuser, check->proxyuser) ||
- !strequal(needle->proxypasswd, check->proxypasswd))
+ if(strcmp(needle->http_proxy.user, check->http_proxy.user) ||
+ strcmp(needle->http_proxy.passwd, check->http_proxy.passwd))
continue;
}
else if(check->proxyntlm.state != NTLMSTATE_NONE) {
@@ -3498,7 +3799,7 @@ ConnectionExists(struct Curl_easy *data,
continue;
}
#endif
- if(canPipeline) {
+ if(canpipe) {
/* We can pipeline if we want to. Let's continue looking for
the optimal connection to use, i.e the shortest pipe that is not
blacklisted. */
@@ -3577,51 +3878,50 @@ ConnectionExists(struct Curl_easy *data,
Note: this function's sub-functions call failf()
*/
-CURLcode Curl_connected_proxy(struct connectdata *conn,
- int sockindex)
+CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex)
{
- if(!conn->bits.proxy || sockindex)
- /* this magic only works for the primary socket as the secondary is used
- for FTP only and it has FTP specific magic in ftp.c */
- return CURLE_OK;
+ CURLcode result = CURLE_OK;
- switch(conn->proxytype) {
+ if(conn->bits.socksproxy) {
#ifndef CURL_DISABLE_PROXY
- case CURLPROXY_SOCKS5:
- case CURLPROXY_SOCKS5_HOSTNAME:
- return Curl_SOCKS5(conn->proxyuser, conn->proxypasswd,
- conn->bits.conn_to_host ? conn->conn_to_host.name :
- conn->host.name,
- conn->bits.conn_to_port ? conn->conn_to_port :
- conn->remote_port,
- FIRSTSOCKET, conn);
-
- case CURLPROXY_SOCKS4:
- return Curl_SOCKS4(conn->proxyuser,
- conn->bits.conn_to_host ? conn->conn_to_host.name :
- conn->host.name,
- conn->bits.conn_to_port ? conn->conn_to_port :
- conn->remote_port,
- FIRSTSOCKET, conn, FALSE);
-
- case CURLPROXY_SOCKS4A:
- return Curl_SOCKS4(conn->proxyuser,
- conn->bits.conn_to_host ? conn->conn_to_host.name :
- conn->host.name,
- conn->bits.conn_to_port ? conn->conn_to_port :
- conn->remote_port,
- FIRSTSOCKET, conn, TRUE);
+ /* for the secondary socket (FTP), use the "connect to host"
+ * but ignore the "connect to port" (use the secondary port)
+ */
+ const char * const host = conn->bits.httpproxy ?
+ conn->http_proxy.host.name :
+ conn->bits.conn_to_host ?
+ conn->conn_to_host.name :
+ sockindex == SECONDARYSOCKET ?
+ conn->secondaryhostname : conn->host.name;
+ const int port = conn->bits.httpproxy ? (int)conn->http_proxy.port :
+ sockindex == SECONDARYSOCKET ? conn->secondary_port :
+ conn->bits.conn_to_port ? conn->conn_to_port :
+ conn->remote_port;
+ conn->bits.socksproxy_connecting = TRUE;
+ switch(conn->socks_proxy.proxytype) {
+ case CURLPROXY_SOCKS5:
+ case CURLPROXY_SOCKS5_HOSTNAME:
+ result = Curl_SOCKS5(conn->socks_proxy.user, conn->socks_proxy.passwd,
+ host, port, sockindex, conn);
+ break;
+
+ case CURLPROXY_SOCKS4:
+ case CURLPROXY_SOCKS4A:
+ result = Curl_SOCKS4(conn->socks_proxy.user, host, port, sockindex,
+ conn);
+ break;
+ default:
+ failf(conn->data, "unknown proxytype option given");
+ result = CURLE_COULDNT_CONNECT;
+ } /* switch proxytype */
+ conn->bits.socksproxy_connecting = FALSE;
+#else
+ (void)sockindex;
#endif /* CURL_DISABLE_PROXY */
- case CURLPROXY_HTTP:
- case CURLPROXY_HTTP_1_0:
- /* do nothing here. handled later. */
- break;
- default:
- break;
- } /* switch proxytype */
+ }
- return CURLE_OK;
+ return result;
}
/*
@@ -3632,7 +3932,10 @@ void Curl_verboseconnect(struct connectdata *conn)
{
if(conn->data->set.verbose)
infof(conn->data, "Connected to %s (%s) port %ld (#%ld)\n",
- conn->bits.proxy ? conn->proxy.dispname : conn->host.dispname,
+ conn->bits.socksproxy ? conn->socks_proxy.host.dispname :
+ conn->bits.httpproxy ? conn->http_proxy.host.dispname :
+ conn->bits.conn_to_host ? conn->conn_to_host.dispname :
+ conn->host.dispname,
conn->ip_addr_str, conn->port, conn->connection_id);
}
#endif
@@ -3722,12 +4025,16 @@ CURLcode Curl_protocol_connect(struct connectdata *conn,
if(!conn->bits.protoconnstart) {
- result = Curl_proxy_connect(conn);
+ result = Curl_proxy_connect(conn, FIRSTSOCKET);
if(result)
return result;
+ if(CONNECT_FIRSTSOCKET_PROXY_SSL())
+ /* wait for HTTPS proxy SSL initialization to complete */
+ return CURLE_OK;
+
if(conn->bits.tunnel_proxy && conn->bits.httpproxy &&
- (conn->tunnel_state[FIRSTSOCKET] != TUNNEL_COMPLETE))
+ Curl_connect_ongoing(conn))
/* when using an HTTP tunnel proxy, await complete tunnel establishment
before proceeding further. Return CURLE_OK so we'll be called again */
return CURLE_OK;
@@ -3751,11 +4058,11 @@ CURLcode Curl_protocol_connect(struct connectdata *conn,
}
/*
- * Helpers for IDNA convertions.
+ * Helpers for IDNA conversions.
*/
static bool is_ASCII_name(const char *hostname)
{
- const unsigned char *ch = (const unsigned char*)hostname;
+ const unsigned char *ch = (const unsigned char *)hostname;
while(*ch) {
if(*ch++ & 0x80)
@@ -3764,58 +4071,15 @@ static bool is_ASCII_name(const char *hostname)
return TRUE;
}
-#ifdef USE_LIBIDN
-/*
- * Check if characters in hostname is allowed in Top Level Domain.
- */
-static bool tld_check_name(struct Curl_easy *data,
- const char *ace_hostname)
-{
- size_t err_pos;
- char *uc_name = NULL;
- int rc;
-#ifndef CURL_DISABLE_VERBOSE_STRINGS
- const char *tld_errmsg = "<no msg>";
-#else
- (void)data;
-#endif
-
- /* Convert (and downcase) ACE-name back into locale's character set */
- rc = idna_to_unicode_lzlz(ace_hostname, &uc_name, 0);
- if(rc != IDNA_SUCCESS)
- return FALSE;
-
- /* Warning: err_pos receives "the decoded character offset rather than the
- byte position in the string." And as of libidn 1.32 that character offset
- is for UTF-8, even if the passed in string is another locale. */
- rc = tld_check_lz(uc_name, &err_pos, NULL);
-#ifndef CURL_DISABLE_VERBOSE_STRINGS
-#ifdef HAVE_TLD_STRERROR
- if(rc != TLD_SUCCESS)
- tld_errmsg = tld_strerror((Tld_rc)rc);
-#endif
- if(rc != TLD_SUCCESS)
- infof(data, "WARNING: TLD check for %s failed; %s\n",
- uc_name, tld_errmsg);
-#endif /* CURL_DISABLE_VERBOSE_STRINGS */
- if(uc_name)
- idn_free(uc_name);
- if(rc != TLD_SUCCESS)
- return FALSE;
-
- return TRUE;
-}
-#endif
-
/*
* Perform any necessary IDN conversion of hostname
*/
-static void fix_hostname(struct Curl_easy *data,
- struct connectdata *conn, struct hostname *host)
+static void fix_hostname(struct connectdata *conn, struct hostname *host)
{
size_t len;
+ struct Curl_easy *data = conn->data;
-#ifndef USE_LIBIDN
+#ifndef USE_LIBIDN2
(void)data;
(void)conn;
#elif defined(CURL_DISABLE_VERBOSE_STRINGS)
@@ -3833,25 +4097,26 @@ static void fix_hostname(struct Curl_easy *data,
/* Check name for non-ASCII and convert hostname to ACE form if we can */
if(!is_ASCII_name(host->name)) {
-#ifdef USE_LIBIDN
- if(stringprep_check_version(LIBIDN_REQUIRED_VERSION)) {
+#ifdef USE_LIBIDN2
+ if(idn2_check_version(IDN2_VERSION)) {
char *ace_hostname = NULL;
-
- int rc = idna_to_ascii_lz(host->name, &ace_hostname, 0);
- infof(data, "Input domain encoded as `%s'\n",
- stringprep_locale_charset());
- if(rc == IDNA_SUCCESS) {
- /* tld_check_name() displays a warning if the host name contains
- "illegal" characters for this TLD */
- (void)tld_check_name(data, ace_hostname);
-
- host->encalloc = ace_hostname;
+#if IDN2_VERSION_NUMBER >= 0x00140000
+ /* IDN2_NFC_INPUT: Normalize input string using normalization form C.
+ IDN2_NONTRANSITIONAL: Perform Unicode TR46 non-transitional
+ processing. */
+ int flags = IDN2_NFC_INPUT | IDN2_NONTRANSITIONAL;
+#else
+ int flags = IDN2_NFC_INPUT;
+#endif
+ int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags);
+ if(rc == IDN2_OK) {
+ host->encalloc = (char *)ace_hostname;
/* change the name pointer to point to the encoded hostname */
host->name = host->encalloc;
}
else
infof(data, "Failed to convert %s to ACE; %s\n", host->name,
- Curl_idn_strerror(conn, rc));
+ idn2_strerror(rc));
}
#elif defined(USE_WIN32_IDN)
char *ace_hostname = NULL;
@@ -3874,9 +4139,9 @@ static void fix_hostname(struct Curl_easy *data,
*/
static void free_fixed_hostname(struct hostname *host)
{
-#if defined(USE_LIBIDN)
+#if defined(USE_LIBIDN2)
if(host->encalloc) {
- idn_free(host->encalloc); /* must be freed with idn_free() since this was
+ idn2_free(host->encalloc); /* must be freed with idn2_free() since this was
allocated by libidn */
host->encalloc = NULL;
}
@@ -3917,7 +4182,7 @@ static struct connectdata *allocate_conn(struct Curl_easy
*data)
conn->tempsock[1] = CURL_SOCKET_BAD; /* no file descriptor */
conn->connection_id = -1; /* no ID */
conn->port = -1; /* unknown at this point */
- conn->remote_port = -1; /* unknown */
+ conn->remote_port = -1; /* unknown at this point */
#if defined(USE_RECV_BEFORE_SEND_WORKAROUND) && defined(DEBUGBUILD)
conn->postponed[0].bindsock = CURL_SOCKET_BAD; /* no file descriptor */
conn->postponed[1].bindsock = CURL_SOCKET_BAD; /* no file descriptor */
@@ -3934,12 +4199,14 @@ static struct connectdata *allocate_conn(struct
Curl_easy *data)
conn->data = data; /* Setup the association between this connection
and the Curl_easy */
- conn->proxytype = data->set.proxytype; /* type */
+ conn->http_proxy.proxytype = data->set.proxytype;
+ conn->socks_proxy.proxytype = CURLPROXY_SOCKS4;
#ifdef CURL_DISABLE_PROXY
conn->bits.proxy = FALSE;
conn->bits.httpproxy = FALSE;
+ conn->bits.socksproxy = FALSE;
conn->bits.proxy_user_passwd = FALSE;
conn->bits.tunnel_proxy = FALSE;
@@ -3950,11 +4217,20 @@ static struct connectdata *allocate_conn(struct
Curl_easy *data)
conn->bits.proxy = (data->set.str[STRING_PROXY] &&
*data->set.str[STRING_PROXY]) ? TRUE : FALSE;
conn->bits.httpproxy = (conn->bits.proxy &&
- (conn->proxytype == CURLPROXY_HTTP ||
- conn->proxytype == CURLPROXY_HTTP_1_0)) ?
- TRUE : FALSE;
- conn->bits.proxy_user_passwd = (data->set.str[STRING_PROXYUSERNAME]) ?
- TRUE : FALSE;
+ (conn->http_proxy.proxytype == CURLPROXY_HTTP ||
+ conn->http_proxy.proxytype == CURLPROXY_HTTP_1_0 ||
+ conn->http_proxy.proxytype == CURLPROXY_HTTPS)) ?
+ TRUE : FALSE;
+ conn->bits.socksproxy = (conn->bits.proxy &&
+ !conn->bits.httpproxy) ? TRUE : FALSE;
+
+ if(data->set.str[STRING_PRE_PROXY] && *data->set.str[STRING_PRE_PROXY]) {
+ conn->bits.proxy = TRUE;
+ conn->bits.socksproxy = TRUE;
+ }
+
+ conn->bits.proxy_user_passwd =
+ (data->set.str[STRING_PROXYUSERNAME]) ? TRUE : FALSE;
conn->bits.tunnel_proxy = data->set.tunnel_thru_httpproxy;
#endif /* CURL_DISABLE_PROXY */
@@ -3963,8 +4239,13 @@ static struct connectdata *allocate_conn(struct
Curl_easy *data)
conn->bits.ftp_use_epsv = data->set.ftp_use_epsv;
conn->bits.ftp_use_eprt = data->set.ftp_use_eprt;
- conn->verifypeer = data->set.ssl.verifypeer;
- conn->verifyhost = data->set.ssl.verifyhost;
+ conn->ssl_config.verifystatus = data->set.ssl.primary.verifystatus;
+ conn->ssl_config.verifypeer = data->set.ssl.primary.verifypeer;
+ conn->ssl_config.verifyhost = data->set.ssl.primary.verifyhost;
+ conn->proxy_ssl_config.verifystatus =
+ data->set.proxy_ssl.primary.verifystatus;
+ conn->proxy_ssl_config.verifypeer = data->set.proxy_ssl.primary.verifypeer;
+ conn->proxy_ssl_config.verifyhost = data->set.proxy_ssl.primary.verifyhost;
conn->ip_version = data->set.ipver;
@@ -3979,16 +4260,14 @@ static struct connectdata *allocate_conn(struct
Curl_easy *data)
if(Curl_pipeline_wanted(data->multi, CURLPIPE_HTTP1) &&
!conn->master_buffer) {
/* Allocate master_buffer to be used for HTTP/1 pipelining */
- conn->master_buffer = calloc(BUFSIZE, sizeof (char));
+ conn->master_buffer = calloc(MASTERBUF_SIZE, sizeof(char));
if(!conn->master_buffer)
goto error;
}
/* Initialize the pipeline lists */
- conn->send_pipe = Curl_llist_alloc((curl_llist_dtor) llist_dtor);
- conn->recv_pipe = Curl_llist_alloc((curl_llist_dtor) llist_dtor);
- if(!conn->send_pipe || !conn->recv_pipe)
- goto error;
+ Curl_llist_init(&conn->send_pipe, (curl_llist_dtor) llist_dtor);
+ Curl_llist_init(&conn->recv_pipe, (curl_llist_dtor) llist_dtor);
#ifdef HAVE_GSSAPI
conn->data_prot = PROT_CLEAR;
@@ -4011,11 +4290,8 @@ static struct connectdata *allocate_conn(struct
Curl_easy *data)
return conn;
error:
- Curl_llist_destroy(conn->send_pipe, NULL);
- Curl_llist_destroy(conn->recv_pipe, NULL);
-
- conn->send_pipe = NULL;
- conn->recv_pipe = NULL;
+ Curl_llist_destroy(&conn->send_pipe, NULL);
+ Curl_llist_destroy(&conn->recv_pipe, NULL);
free(conn->master_buffer);
free(conn->localdev);
@@ -4034,7 +4310,7 @@ static CURLcode findprotocol(struct Curl_easy *data,
variables based on the URL. Now that the handler may be changed later
when the protocol specific setup function is called. */
for(pp = protocols; (p = *pp) != NULL; pp++) {
- if(Curl_raw_equal(p->scheme, protostr)) {
+ if(strcasecompare(p->scheme, protostr)) {
/* Protocol found in table. Check if allowed */
if(!(data->set.allowed_protocols & p->protocol))
/* nope, get out */
@@ -4078,11 +4354,13 @@ static CURLcode parseurlandfillconn(struct Curl_easy
*data,
char *fragment;
char *path = data->state.path;
char *query;
+ int i;
int rc;
- char protobuf[16] = "";
const char *protop = "";
CURLcode result;
bool rebuild_url = FALSE;
+ bool url_has_scheme = FALSE;
+ char protobuf[16];
*prot_missing = FALSE;
@@ -4101,10 +4379,50 @@ static CURLcode parseurlandfillconn(struct Curl_easy
*data,
* proxy -- and we don't know if we will need to use SSL until we parse the
* url ...
************************************************************/
- if((2 == sscanf(data->change.url, "%15[^:]:%[^\n]",
- protobuf, path)) &&
- Curl_raw_equal(protobuf, "file")) {
- if(path[0] == '/' && path[1] == '/') {
+ if(data->change.url[0] == ':') {
+ failf(data, "Bad URL, colon is first character");
+ return CURLE_URL_MALFORMAT;
+ }
+
+ /* MSDOS/Windows style drive prefix, eg c: in c:foo */
+#define STARTS_WITH_DRIVE_PREFIX(str) \
+ ((('a' <= str[0] && str[0] <= 'z') || \
+ ('A' <= str[0] && str[0] <= 'Z')) && \
+ (str[1] == ':'))
+
+ /* Don't mistake a drive letter for a scheme if the default protocol is file.
+ curld --proto-default file c:/foo/bar.txt */
+ if(STARTS_WITH_DRIVE_PREFIX(data->change.url) &&
+ data->set.str[STRING_DEFAULT_PROTOCOL] &&
+ strcasecompare(data->set.str[STRING_DEFAULT_PROTOCOL], "file")) {
+ ; /* do nothing */
+ }
+ else { /* check for a scheme */
+ for(i = 0; i < 16 && data->change.url[i]; ++i) {
+ if(data->change.url[i] == '/')
+ break;
+ if(data->change.url[i] == ':') {
+ url_has_scheme = TRUE;
+ break;
+ }
+ }
+ }
+
+ /* handle the file: scheme */
+ if((url_has_scheme && strncasecompare(data->change.url, "file:", 5)) ||
+ (!url_has_scheme && data->set.str[STRING_DEFAULT_PROTOCOL] &&
+ strcasecompare(data->set.str[STRING_DEFAULT_PROTOCOL], "file"))) {
+ if(url_has_scheme)
+ rc = sscanf(data->change.url, "%*15[^\n/:]:%[^\n]", path);
+ else
+ rc = sscanf(data->change.url, "%[^\n]", path);
+
+ if(rc != 1) {
+ failf(data, "Bad URL");
+ return CURLE_URL_MALFORMAT;
+ }
+
+ if(url_has_scheme && path[0] == '/' && path[1] == '/') {
/* Allow omitted hostname (e.g. file:/<path>). This is not strictly
* speaking a valid file: URL by RFC 1738, but treating file:/<path> as
* file://localhost/<path> is similar to how other schemes treat missing
@@ -4114,42 +4432,57 @@ static CURLcode parseurlandfillconn(struct Curl_easy
*data,
memory areas overlap! */
memmove(path, path + 2, strlen(path + 2)+1);
}
+
/*
* we deal with file://<host>/<path> differently since it supports no
* hostname other than "localhost" and "127.0.0.1", which is unique among
* the URL protocols specified in RFC 1738
*/
- if(path[0] != '/') {
- /* the URL included a host name, we ignore host names in file:// URLs
- as the standards don't define what to do with them */
- char *ptr=strchr(path, '/');
- if(ptr) {
- /* there was a slash present
+ if(path[0] != '/' && !STARTS_WITH_DRIVE_PREFIX(path)) {
+ /* the URL includes a host name, it must match "localhost" or
+ "127.0.0.1" to be valid */
+ char *ptr;
+ if(!checkprefix("localhost/", path) &&
+ !checkprefix("127.0.0.1/", path)) {
+ failf(data, "Invalid file://hostname/, "
+ "expected localhost or 127.0.0.1 or none");
+ return CURLE_URL_MALFORMAT;
+ }
+ ptr = &path[9]; /* now points to the slash after the host */
- RFC1738 (section 3.1, page 5) says:
+ /* there was a host name and slash present
- The rest of the locator consists of data specific to the scheme,
- and is known as the "url-path". It supplies the details of how the
- specified resource can be accessed. Note that the "/" between the
- host (or port) and the url-path is NOT part of the url-path.
+ RFC1738 (section 3.1, page 5) says:
- As most agents use file://localhost/foo to get '/foo' although the
- slash preceding foo is a separator and not a slash for the path,
- a URL as file://localhost//foo must be valid as well, to refer to
- the same file with an absolute path.
- */
+ The rest of the locator consists of data specific to the scheme,
+ and is known as the "url-path". It supplies the details of how the
+ specified resource can be accessed. Note that the "/" between the
+ host (or port) and the url-path is NOT part of the url-path.
- if(ptr[1] && ('/' == ptr[1]))
- /* if there was two slashes, we skip the first one as that is then
- used truly as a separator */
- ptr++;
+ As most agents use file://localhost/foo to get '/foo' although the
+ slash preceding foo is a separator and not a slash for the path,
+ a URL as file://localhost//foo must be valid as well, to refer to
+ the same file with an absolute path.
+ */
- /* This cannot be made with strcpy, as the memory chunks overlap! */
- memmove(path, ptr, strlen(ptr)+1);
- }
+ if('/' == ptr[1])
+ /* if there was two slashes, we skip the first one as that is then
+ used truly as a separator */
+ ptr++;
+
+ /* This cannot be made with strcpy, as the memory chunks overlap! */
+ memmove(path, ptr, strlen(ptr)+1);
+ }
+
+#if !defined(MSDOS) && !defined(WIN32) && !defined(__CYGWIN__)
+ if(STARTS_WITH_DRIVE_PREFIX(path)) {
+ failf(data, "File drive letters are only accepted in MSDOS/Windows.");
+ return CURLE_URL_MALFORMAT;
}
+#endif
protop = "file"; /* protocol string */
+ *prot_missing = !url_has_scheme;
}
else {
/* clear path */
@@ -4157,7 +4490,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy
*data,
path[0]=0;
rc = sscanf(data->change.url,
- "%15[^\n:]:%3[/]%[^\n/?]%[^\n]",
+ "%15[^\n/:]:%3[/]%[^\n/?#]%[^\n]",
protobuf, slashbuf, conn->host.name, path);
if(2 == rc) {
failf(data, "Bad URL");
@@ -4169,7 +4502,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy
*data,
* The URL was badly formatted, let's try the browser-style _without_
* protocol specified like 'http://'.
*/
- rc = sscanf(data->change.url, "%[^\n/?]%[^\n]", conn->host.name, path);
+ rc = sscanf(data->change.url, "%[^\n/?#]%[^\n]", conn->host.name, path);
if(1 > rc) {
/*
* We couldn't even get this format.
@@ -4274,10 +4607,10 @@ static CURLcode parseurlandfillconn(struct Curl_easy
*data,
}
/* If the URL is malformatted (missing a '/' after hostname before path) we
- * insert a slash here. The only letter except '/' we accept to start a path
- * is '?'.
+ * insert a slash here. The only letters except '/' that can start a path is
+ * '?' and '#' - as controlled by the two sscanf() patterns above.
*/
- if(path[0] == '?') {
+ if(path[0] != '/') {
/* We need this function to deal with overlapping memory areas. We know
that the memory area 'path' points to is 'urllen' bytes big and that
is bigger than the path. Use +1 to move the zero byte too. */
@@ -4313,14 +4646,30 @@ static CURLcode parseurlandfillconn(struct Curl_easy
*data,
size_t plen = strlen(path); /* new path, should be 1 byte longer than
the original */
- size_t urllen = strlen(data->change.url); /* original URL length */
-
size_t prefixlen = strlen(conn->host.name);
- if(!*prot_missing)
- prefixlen += strlen(protop) + strlen("://");
+ if(!*prot_missing) {
+ size_t protolen = strlen(protop);
- reurl = malloc(urllen + 2); /* 2 for zerobyte + slash */
+ if(curl_strnequal(protop, data->change.url, protolen))
+ prefixlen += protolen;
+ else {
+ failf(data, "<url> malformed");
+ return CURLE_URL_MALFORMAT;
+ }
+
+ if(curl_strnequal("://", &data->change.url[protolen], 3))
+ prefixlen += 3;
+ /* only file: is allowed to omit one or both slashes */
+ else if(curl_strnequal("file:", data->change.url, 5))
+ prefixlen += 1 + (data->change.url[5] == '/');
+ else {
+ failf(data, "<url> malformed");
+ return CURLE_URL_MALFORMAT;
+ }
+ }
+
+ reurl = malloc(prefixlen + plen + 1);
if(!reurl)
return CURLE_OUT_OF_MEMORY;
@@ -4342,6 +4691,10 @@ static CURLcode parseurlandfillconn(struct Curl_easy
*data,
data->change.url_alloc = TRUE; /* free this later */
}
+ result = findprotocol(data, conn, protop);
+ if(result)
+ return result;
+
/*
* Parse the login details from the URL and strip them out of
* the host name
@@ -4428,8 +4781,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy
*data,
* conn->host.name is B
* data->state.path is /C
*/
-
- return findprotocol(data, conn, protop);
+ return CURLE_OK;
}
/*
@@ -4528,7 +4880,7 @@ void Curl_free_request_state(struct Curl_easy *data)
* Checks if the host is in the noproxy list. returns true if it matches
* and therefore the proxy should NOT be used.
****************************************************************/
-static bool check_noproxy(const char* name, const char* no_proxy)
+static bool check_noproxy(const char *name, const char *no_proxy)
{
/* no_proxy=domain1.dom,host.domain2.dom
* (a comma-separated list of hosts which should
@@ -4537,13 +4889,13 @@ static bool check_noproxy(const char* name, const char*
no_proxy)
*/
size_t tok_start;
size_t tok_end;
- const char* separator = ", ";
+ const char *separator = ", ";
size_t no_proxy_len;
size_t namelen;
char *endptr;
if(no_proxy && no_proxy[0]) {
- if(Curl_raw_equal("*", no_proxy)) {
+ if(strcasecompare("*", no_proxy)) {
return TRUE;
}
@@ -4581,7 +4933,7 @@ static bool check_noproxy(const char* name, const char*
no_proxy)
if((tok_end - tok_start) <= namelen) {
/* Match the last part of the name to the domain we are checking. */
const char *checkn = name + namelen - (tok_end - tok_start);
- if(Curl_raw_nequal(no_proxy + tok_start, checkn,
+ if(strncasecompare(no_proxy + tok_start, checkn,
tok_end - tok_start)) {
if((tok_end - tok_start) == namelen || *(checkn - 1) == '.') {
/* We either have an exact match, or the previous character is a .
@@ -4598,6 +4950,7 @@ static bool check_noproxy(const char* name, const char*
no_proxy)
return FALSE;
}
+#ifndef CURL_DISABLE_HTTP
/****************************************************************
* Detect what (if any) proxy to use. Remember that this selects a host
* name and is not limited to HTTP proxies only.
@@ -4607,7 +4960,6 @@ static char *detect_proxy(struct connectdata *conn)
{
char *proxy = NULL;
-#ifndef CURL_DISABLE_HTTP
/* If proxy was not specified, we check for default proxy environment
* variables, to enable i.e Lynx compliance:
*
@@ -4625,65 +4977,50 @@ static char *detect_proxy(struct connectdata *conn)
* For compatibility, the all-uppercase versions of these variables are
* checked if the lowercase versions don't exist.
*/
- char *no_proxy=NULL;
char proxy_env[128];
+ const char *protop = conn->handler->scheme;
+ char *envp = proxy_env;
+ char *prox;
- no_proxy=curl_getenv("no_proxy");
- if(!no_proxy)
- no_proxy=curl_getenv("NO_PROXY");
+ /* Now, build <protocol>_proxy and check for such a one to use */
+ while(*protop)
+ *envp++ = (char)tolower((int)*protop++);
- if(!check_noproxy(conn->host.name, no_proxy)) {
- /* It was not listed as without proxy */
- const char *protop = conn->handler->scheme;
- char *envp = proxy_env;
- char *prox;
+ /* append _proxy */
+ strcpy(envp, "_proxy");
- /* Now, build <protocol>_proxy and check for such a one to use */
- while(*protop)
- *envp++ = (char)tolower((int)*protop++);
+ /* read the protocol proxy: */
+ prox=curl_getenv(proxy_env);
- /* append _proxy */
- strcpy(envp, "_proxy");
-
- /* read the protocol proxy: */
+ /*
+ * We don't try the uppercase version of HTTP_PROXY because of
+ * security reasons:
+ *
+ * When curl is used in a webserver application
+ * environment (cgi or php), this environment variable can
+ * be controlled by the web server user by setting the
+ * http header 'Proxy:' to some value.
+ *
+ * This can cause 'internal' http/ftp requests to be
+ * arbitrarily redirected by any external attacker.
+ */
+ if(!prox && !strcasecompare("http_proxy", proxy_env)) {
+ /* There was no lowercase variable, try the uppercase version: */
+ Curl_strntoupper(proxy_env, proxy_env, sizeof(proxy_env));
prox=curl_getenv(proxy_env);
+ }
- /*
- * We don't try the uppercase version of HTTP_PROXY because of
- * security reasons:
- *
- * When curl is used in a webserver application
- * environment (cgi or php), this environment variable can
- * be controlled by the web server user by setting the
- * http header 'Proxy:' to some value.
- *
- * This can cause 'internal' http/ftp requests to be
- * arbitrarily redirected by any external attacker.
- */
- if(!prox && !Curl_raw_equal("http_proxy", proxy_env)) {
- /* There was no lowercase variable, try the uppercase version: */
- Curl_strntoupper(proxy_env, proxy_env, sizeof(proxy_env));
- prox=curl_getenv(proxy_env);
- }
-
- if(prox)
- proxy = prox; /* use this */
- else {
- proxy = curl_getenv("all_proxy"); /* default proxy to use */
- if(!proxy)
- proxy=curl_getenv("ALL_PROXY");
- }
- } /* if(!check_noproxy(conn->host.name, no_proxy)) - it wasn't specified
- non-proxy */
- free(no_proxy);
-
-#else /* !CURL_DISABLE_HTTP */
-
- (void)conn;
-#endif /* CURL_DISABLE_HTTP */
+ if(prox)
+ proxy = prox; /* use this */
+ else {
+ proxy = curl_getenv("all_proxy"); /* default proxy to use */
+ if(!proxy)
+ proxy=curl_getenv("ALL_PROXY");
+ }
return proxy;
}
+#endif /* CURL_DISABLE_HTTP */
/*
* If this is supposed to use a proxy, we need to figure out the proxy
@@ -4691,7 +5028,8 @@ static char *detect_proxy(struct connectdata *conn)
* that may exist registered to the same proxy host.
*/
static CURLcode parse_proxy(struct Curl_easy *data,
- struct connectdata *conn, char *proxy)
+ struct connectdata *conn, char *proxy,
+ curl_proxytype proxytype)
{
char *prox_portno;
char *endofprot;
@@ -4700,6 +5038,10 @@ static CURLcode parse_proxy(struct Curl_easy *data,
char *proxyptr;
char *portptr;
char *atsign;
+ long port = -1;
+ char *proxyuser = NULL;
+ char *proxypasswd = NULL;
+ bool sockstype;
/* We do the proxy host string parsing here. We want the host name and the
* port name. Accept a protocol:// prefix
@@ -4709,14 +5051,16 @@ static CURLcode parse_proxy(struct Curl_easy *data,
endofprot = strstr(proxy, "://");
if(endofprot) {
proxyptr = endofprot+3;
- if(checkprefix("socks5h", proxy))
- conn->proxytype = CURLPROXY_SOCKS5_HOSTNAME;
+ if(checkprefix("https", proxy))
+ proxytype = CURLPROXY_HTTPS;
+ else if(checkprefix("socks5h", proxy))
+ proxytype = CURLPROXY_SOCKS5_HOSTNAME;
else if(checkprefix("socks5", proxy))
- conn->proxytype = CURLPROXY_SOCKS5;
+ proxytype = CURLPROXY_SOCKS5;
else if(checkprefix("socks4a", proxy))
- conn->proxytype = CURLPROXY_SOCKS4A;
+ proxytype = CURLPROXY_SOCKS4A;
else if(checkprefix("socks4", proxy) || checkprefix("socks", proxy))
- conn->proxytype = CURLPROXY_SOCKS4;
+ proxytype = CURLPROXY_SOCKS4;
else if(checkprefix("http:", proxy))
; /* leave it as HTTP or HTTP/1.0 */
else {
@@ -4728,51 +5072,28 @@ static CURLcode parse_proxy(struct Curl_easy *data,
else
proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */
+#ifndef HTTPS_PROXY_SUPPORT
+ if(proxytype == CURLPROXY_HTTPS) {
+ failf(data, "Unsupported proxy \'%s\'"
+ ", libcurl is built without the HTTPS-proxy support.", proxy);
+ return CURLE_NOT_BUILT_IN;
+ }
+#endif
+
+ sockstype = proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
+ proxytype == CURLPROXY_SOCKS5 ||
+ proxytype == CURLPROXY_SOCKS4A ||
+ proxytype == CURLPROXY_SOCKS4;
+
/* Is there a username and password given in this proxy url? */
atsign = strchr(proxyptr, '@');
if(atsign) {
- char *proxyuser = NULL;
- char *proxypasswd = NULL;
CURLcode result =
parse_login_details(proxyptr, atsign - proxyptr,
- &proxyuser, &proxypasswd, NULL);
- if(!result) {
- /* found user and password, rip them out. note that we are
- unescaping them, as there is otherwise no way to have a
- username or password with reserved characters like ':' in
- them. */
- Curl_safefree(conn->proxyuser);
- if(proxyuser && strlen(proxyuser) < MAX_CURL_USER_LENGTH)
- conn->proxyuser = curl_easy_unescape(data, proxyuser, 0, NULL);
- else
- conn->proxyuser = strdup("");
-
- if(!conn->proxyuser)
- result = CURLE_OUT_OF_MEMORY;
- else {
- Curl_safefree(conn->proxypasswd);
- if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
- conn->proxypasswd = curl_easy_unescape(data, proxypasswd, 0, NULL);
- else
- conn->proxypasswd = strdup("");
-
- if(!conn->proxypasswd)
- result = CURLE_OUT_OF_MEMORY;
- }
-
- if(!result) {
- conn->bits.proxy_user_passwd = TRUE; /* enable it */
- atsign++; /* the right side of the @-letter */
-
- proxyptr = atsign; /* now use this instead */
- }
- }
-
- free(proxyuser);
- free(proxypasswd);
-
+ &proxyuser, &proxypasswd, NULL);
if(result)
return result;
+ proxyptr = atsign + 1;
}
/* start scanning for port number at this point */
@@ -4809,7 +5130,7 @@ static CURLcode parse_proxy(struct Curl_easy *data,
prox_portno = strchr(portptr, ':');
if(prox_portno) {
char *endp = NULL;
- long port = 0;
+
*prox_portno = 0x0; /* cut off number from host name */
prox_portno ++;
/* now set the local port number */
@@ -4828,11 +5149,14 @@ static CURLcode parse_proxy(struct Curl_easy *data,
conn->port = port;
}
else {
- if(proxyptr[0]=='/')
+ if(proxyptr[0]=='/') {
/* If the first character in the proxy string is a slash, fail
immediately. The following code will otherwise clear the string which
will lead to code running as if no proxy was set! */
+ Curl_safefree(proxyuser);
+ Curl_safefree(proxypasswd);
return CURLE_COULDNT_RESOLVE_PROXY;
+ }
/* without a port number after the host name, some people seem to use
a slash so we strip everything from the first slash */
@@ -4843,15 +5167,63 @@ static CURLcode parse_proxy(struct Curl_easy *data,
if(data->set.proxyport)
/* None given in the proxy string, then get the default one if it is
given */
- conn->port = data->set.proxyport;
+ port = data->set.proxyport;
+ else {
+ if(proxytype == CURLPROXY_HTTPS)
+ port = CURL_DEFAULT_HTTPS_PROXY_PORT;
+ else
+ port = CURL_DEFAULT_PROXY_PORT;
+ }
}
- /* now, clone the cleaned proxy host name */
- conn->proxy.rawalloc = strdup(proxyptr);
- conn->proxy.name = conn->proxy.rawalloc;
+ if(*proxyptr) {
+ struct proxy_info *proxyinfo =
+ sockstype ? &conn->socks_proxy : &conn->http_proxy;
+ proxyinfo->proxytype = proxytype;
- if(!conn->proxy.rawalloc)
- return CURLE_OUT_OF_MEMORY;
+ if(proxyuser) {
+ /* found user and password, rip them out. note that we are unescaping
+ them, as there is otherwise no way to have a username or password
+ with reserved characters like ':' in them. */
+ Curl_safefree(proxyinfo->user);
+ proxyinfo->user = curl_easy_unescape(data, proxyuser, 0, NULL);
+ Curl_safefree(proxyuser);
+
+ if(!proxyinfo->user) {
+ Curl_safefree(proxypasswd);
+ return CURLE_OUT_OF_MEMORY;
+ }
+
+ Curl_safefree(proxyinfo->passwd);
+ if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
+ proxyinfo->passwd = curl_easy_unescape(data, proxypasswd, 0, NULL);
+ else
+ proxyinfo->passwd = strdup("");
+ Curl_safefree(proxypasswd);
+
+ if(!proxyinfo->passwd)
+ return CURLE_OUT_OF_MEMORY;
+
+ conn->bits.proxy_user_passwd = TRUE; /* enable it */
+ }
+
+ if(port >= 0) {
+ proxyinfo->port = port;
+ if(conn->port < 0 || sockstype || !conn->socks_proxy.host.rawalloc)
+ conn->port = port;
+ }
+
+ /* now, clone the cleaned proxy host name */
+ Curl_safefree(proxyinfo->host.rawalloc);
+ proxyinfo->host.rawalloc = strdup(proxyptr);
+ proxyinfo->host.name = proxyinfo->host.rawalloc;
+
+ if(!proxyinfo->host.rawalloc)
+ return CURLE_OUT_OF_MEMORY;
+ }
+
+ Curl_safefree(proxyuser);
+ Curl_safefree(proxypasswd);
return CURLE_OK;
}
@@ -4864,6 +5236,7 @@ static CURLcode parse_proxy_auth(struct Curl_easy *data,
{
char proxyuser[MAX_CURL_USER_LENGTH]="";
char proxypasswd[MAX_CURL_PASSWORD_LENGTH]="";
+ CURLcode result;
if(data->set.str[STRING_PROXYUSERNAME] != NULL) {
strncpy(proxyuser, data->set.str[STRING_PROXYUSERNAME],
@@ -4876,15 +5249,177 @@ static CURLcode parse_proxy_auth(struct Curl_easy
*data,
proxypasswd[MAX_CURL_PASSWORD_LENGTH-1] = '\0'; /*To be on safe side*/
}
- conn->proxyuser = curl_easy_unescape(data, proxyuser, 0, NULL);
- if(!conn->proxyuser)
- return CURLE_OUT_OF_MEMORY;
+ result = Curl_urldecode(data, proxyuser, 0, &conn->http_proxy.user, NULL,
+ FALSE);
+ if(!result)
+ result = Curl_urldecode(data, proxypasswd, 0, &conn->http_proxy.passwd,
+ NULL, FALSE);
+ return result;
+}
- conn->proxypasswd = curl_easy_unescape(data, proxypasswd, 0, NULL);
- if(!conn->proxypasswd)
- return CURLE_OUT_OF_MEMORY;
+/* create_conn helper to parse and init proxy values. to be called after unix
+ socket init but before any proxy vars are evaluated. */
+static CURLcode create_conn_helper_init_proxy(struct connectdata *conn)
+{
+ char *proxy = NULL;
+ char *socksproxy = NULL;
+ char *no_proxy = NULL;
+ CURLcode result = CURLE_OK;
+ struct Curl_easy *data = conn->data;
- return CURLE_OK;
+ /*************************************************************
+ * Extract the user and password from the authentication string
+ *************************************************************/
+ if(conn->bits.proxy_user_passwd) {
+ result = parse_proxy_auth(data, conn);
+ if(result)
+ goto out;
+ }
+
+ /*************************************************************
+ * Detect what (if any) proxy to use
+ *************************************************************/
+ if(data->set.str[STRING_PROXY]) {
+ proxy = strdup(data->set.str[STRING_PROXY]);
+ /* if global proxy is set, this is it */
+ if(NULL == proxy) {
+ failf(data, "memory shortage");
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
+ }
+
+ if(data->set.str[STRING_PRE_PROXY]) {
+ socksproxy = strdup(data->set.str[STRING_PRE_PROXY]);
+ /* if global socks proxy is set, this is it */
+ if(NULL == socksproxy) {
+ failf(data, "memory shortage");
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
+ }
+
+ no_proxy = curl_getenv("no_proxy");
+ if(!no_proxy)
+ no_proxy = curl_getenv("NO_PROXY");
+
+ if(check_noproxy(conn->host.name, data->set.str[STRING_NOPROXY]) ||
+ (!data->set.str[STRING_NOPROXY] &&
+ check_noproxy(conn->host.name, no_proxy))) {
+ Curl_safefree(proxy);
+ Curl_safefree(socksproxy);
+ }
+ else if(!proxy && !socksproxy)
+#ifndef CURL_DISABLE_HTTP
+ /* if the host is not in the noproxy list, detect proxy. */
+ proxy = detect_proxy(conn);
+#else /* !CURL_DISABLE_HTTP */
+ proxy = NULL;
+#endif /* CURL_DISABLE_HTTP */
+
+ Curl_safefree(no_proxy);
+
+#ifdef USE_UNIX_SOCKETS
+ /* For the time being do not mix proxy and unix domain sockets. See #1274 */
+ if(proxy && conn->unix_domain_socket) {
+ free(proxy);
+ proxy = NULL;
+ }
+#endif
+
+ if(proxy && (!*proxy || (conn->handler->flags & PROTOPT_NONETWORK))) {
+ free(proxy); /* Don't bother with an empty proxy string or if the
+ protocol doesn't work with network */
+ proxy = NULL;
+ }
+ if(socksproxy && (!*socksproxy ||
+ (conn->handler->flags & PROTOPT_NONETWORK))) {
+ free(socksproxy); /* Don't bother with an empty socks proxy string or if
+ the protocol doesn't work with network */
+ socksproxy = NULL;
+ }
+
+ /***********************************************************************
+ * If this is supposed to use a proxy, we need to figure out the proxy host
+ * name, proxy type and port number, so that we can re-use an existing
+ * connection that may exist registered to the same proxy host.
+ ***********************************************************************/
+ if(proxy || socksproxy) {
+ if(proxy) {
+ result = parse_proxy(data, conn, proxy, conn->http_proxy.proxytype);
+ Curl_safefree(proxy); /* parse_proxy copies the proxy string */
+ if(result)
+ goto out;
+ }
+
+ if(socksproxy) {
+ result = parse_proxy(data, conn, socksproxy,
+ conn->socks_proxy.proxytype);
+ /* parse_proxy copies the socks proxy string */
+ Curl_safefree(socksproxy);
+ if(result)
+ goto out;
+ }
+
+ if(conn->http_proxy.host.rawalloc) {
+#ifdef CURL_DISABLE_HTTP
+ /* asking for a HTTP proxy is a bit funny when HTTP is disabled... */
+ result = CURLE_UNSUPPORTED_PROTOCOL;
+ goto out;
+#else
+ /* force this connection's protocol to become HTTP if compatible */
+ if(!(conn->handler->protocol & PROTO_FAMILY_HTTP)) {
+ if((conn->handler->flags & PROTOPT_PROXY_AS_HTTP) &&
+ !conn->bits.tunnel_proxy)
+ conn->handler = &Curl_handler_http;
+ else
+ /* if not converting to HTTP over the proxy, enforce tunneling */
+ conn->bits.tunnel_proxy = TRUE;
+ }
+ conn->bits.httpproxy = TRUE;
+#endif
+ }
+ else {
+ conn->bits.httpproxy = FALSE; /* not a HTTP proxy */
+ conn->bits.tunnel_proxy = FALSE; /* no tunneling if not HTTP */
+ }
+
+ if(conn->socks_proxy.host.rawalloc) {
+ if(!conn->http_proxy.host.rawalloc) {
+ /* once a socks proxy */
+ if(!conn->socks_proxy.user) {
+ conn->socks_proxy.user = conn->http_proxy.user;
+ conn->http_proxy.user = NULL;
+ Curl_safefree(conn->socks_proxy.passwd);
+ conn->socks_proxy.passwd = conn->http_proxy.passwd;
+ conn->http_proxy.passwd = NULL;
+ }
+ }
+ conn->bits.socksproxy = TRUE;
+ }
+ else
+ conn->bits.socksproxy = FALSE; /* not a socks proxy */
+ }
+ else {
+ conn->bits.socksproxy = FALSE;
+ conn->bits.httpproxy = FALSE;
+ }
+ conn->bits.proxy = conn->bits.httpproxy || conn->bits.socksproxy;
+
+ if(!conn->bits.proxy) {
+ /* we aren't using the proxy after all... */
+ conn->bits.proxy = FALSE;
+ conn->bits.httpproxy = FALSE;
+ conn->bits.socksproxy = FALSE;
+ conn->bits.proxy_user_passwd = FALSE;
+ conn->bits.tunnel_proxy = FALSE;
+ }
+
+out:
+
+ free(socksproxy);
+ free(proxy);
+ return result;
}
#endif /* CURL_DISABLE_PROXY */
@@ -4926,6 +5461,7 @@ static CURLcode parse_url_login(struct Curl_easy *data,
DEBUGASSERT(!**user);
DEBUGASSERT(!**passwd);
DEBUGASSERT(!**options);
+ DEBUGASSERT(conn->handler);
if(!ptr)
goto out;
@@ -4944,9 +5480,12 @@ static CURLcode parse_url_login(struct Curl_easy *data,
if(data->set.use_netrc == CURL_NETRC_REQUIRED)
goto out;
- /* We could use the login information in the URL so extract it */
+ /* We could use the login information in the URL so extract it. Only parse
+ options if the handler says we should. */
result = parse_login_details(login, ptr - login - 1,
- &userp, &passwdp, &optionsp);
+ &userp, &passwdp,
+ (conn->handler->flags & PROTOPT_URLOPTIONS)?
+ &optionsp:NULL);
if(result)
goto out;
@@ -4958,9 +5497,8 @@ static CURLcode parse_url_login(struct Curl_easy *data,
conn->bits.user_passwd = TRUE; /* enable user+password */
/* Decode the user */
- newname = curl_easy_unescape(data, userp, 0, NULL);
- if(!newname) {
- result = CURLE_OUT_OF_MEMORY;
+ result = Curl_urldecode(data, userp, 0, &newname, NULL, FALSE);
+ if(result) {
goto out;
}
@@ -4970,9 +5508,9 @@ static CURLcode parse_url_login(struct Curl_easy *data,
if(passwdp) {
/* We have a password in the URL so decode it */
- char *newpasswd = curl_easy_unescape(data, passwdp, 0, NULL);
- if(!newpasswd) {
- result = CURLE_OUT_OF_MEMORY;
+ char *newpasswd;
+ result = Curl_urldecode(data, passwdp, 0, &newpasswd, NULL, FALSE);
+ if(result) {
goto out;
}
@@ -4982,9 +5520,9 @@ static CURLcode parse_url_login(struct Curl_easy *data,
if(optionsp) {
/* We have an options list in the URL so decode it */
- char *newoptions = curl_easy_unescape(data, optionsp, 0, NULL);
- if(!newoptions) {
- result = CURLE_OUT_OF_MEMORY;
+ char *newoptions;
+ result = Curl_urldecode(data, optionsp, 0, &newoptions, NULL, FALSE);
+ if(result) {
goto out;
}
@@ -5177,7 +5715,7 @@ static CURLcode parse_remote_port(struct Curl_easy *data,
}
#endif
- portptr = strrchr(conn->host.name, ':');
+ portptr = strchr(conn->host.name, ':');
}
if(data->set.use_port && data->state.allow_port) {
@@ -5232,15 +5770,21 @@ static CURLcode parse_remote_port(struct Curl_easy
*data,
return CURLE_URL_MALFORMAT;
}
- else if(rest != &portptr[1]) {
+ if(rest[0]) {
+ failf(data, "Port number ended with '%c'", rest[0]);
+ return CURLE_URL_MALFORMAT;
+ }
+
+ if(rest != &portptr[1]) {
*portptr = '\0'; /* cut off the name there */
conn->remote_port = curlx_ultous(port);
}
- else
+ else {
/* Browser behavior adaptation. If there's a colon with no digits after,
just cut off the name there which makes us ignore the colon and just
use the default port. Firefox and Chrome both do that. */
*portptr = '\0';
+ }
}
/* only if remote_port was not already parsed off the URL we use the
@@ -5369,6 +5913,10 @@ static CURLcode parse_connect_to_host_port(struct
Curl_easy *data,
char *portptr;
int port = -1;
+#if defined(CURL_DISABLE_VERBOSE_STRINGS)
+ (void) data;
+#endif
+
*hostname_result = NULL;
*port_result = -1;
@@ -5460,6 +6008,9 @@ static CURLcode parse_connect_to_string(struct Curl_easy
*data,
int host_match = FALSE;
int port_match = FALSE;
+ *host_result = NULL;
+ *port_result = -1;
+
if(*ptr == ':') {
/* an empty hostname always matches */
host_match = TRUE;
@@ -5475,7 +6026,8 @@ static CURLcode parse_connect_to_string(struct Curl_easy
*data,
if(!hostname_to_match)
return CURLE_OUT_OF_MEMORY;
hostname_to_match_len = strlen(hostname_to_match);
- host_match = curl_strnequal(ptr, hostname_to_match, hostname_to_match_len);
+ host_match = strncasecompare(ptr, hostname_to_match,
+ hostname_to_match_len);
free(hostname_to_match);
ptr += hostname_to_match_len;
@@ -5521,28 +6073,25 @@ static CURLcode parse_connect_to_slist(struct Curl_easy
*data,
{
CURLcode result = CURLE_OK;
char *host = NULL;
- int port = 0;
+ int port = -1;
- while(conn_to_host && !host) {
+ while(conn_to_host && !host && port == -1) {
result = parse_connect_to_string(data, conn, conn_to_host->data,
&host, &port);
if(result)
return result;
if(host && *host) {
- bool ipv6host;
conn->conn_to_host.rawalloc = host;
conn->conn_to_host.name = host;
conn->bits.conn_to_host = TRUE;
- ipv6host = strchr(host, ':') != NULL;
- infof(data, "Connecting to hostname: %s%s%s\n",
- ipv6host ? "[" : "", host, ipv6host ? "]" : "");
+ infof(data, "Connecting to hostname: %s\n", host);
}
else {
/* no "connect to host" */
conn->bits.conn_to_host = FALSE;
- free(host);
+ Curl_safefree(host);
}
if(port >= 0) {
@@ -5553,6 +6102,7 @@ static CURLcode parse_connect_to_slist(struct Curl_easy
*data,
else {
/* no "connect to port" */
conn->bits.conn_to_port = FALSE;
+ port = -1;
}
conn_to_host = conn_to_host->next;
@@ -5569,7 +6119,7 @@ static CURLcode resolve_server(struct Curl_easy *data,
bool *async)
{
CURLcode result=CURLE_OK;
- long timeout_ms = Curl_timeleft(data, NULL, TRUE);
+ time_t timeout_ms = Curl_timeleft(data, NULL, TRUE);
/*************************************************************
* Resolve the name of the server or proxy
@@ -5586,32 +6136,37 @@ static CURLcode resolve_server(struct Curl_easy *data,
struct Curl_dns_entry *hostaddr;
#ifdef USE_UNIX_SOCKETS
- if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
+ if(conn->unix_domain_socket) {
/* Unix domain sockets are local. The host gets ignored, just use the
* specified domain socket address. Do not cache "DNS entries". There is
* no DNS involved and we already have the filesystem path available */
- const char *path = data->set.str[STRING_UNIX_SOCKET_PATH];
+ const char *path = conn->unix_domain_socket;
hostaddr = calloc(1, sizeof(struct Curl_dns_entry));
if(!hostaddr)
result = CURLE_OUT_OF_MEMORY;
- else if((hostaddr->addr = Curl_unix2addr(path)) != NULL)
- hostaddr->inuse++;
else {
- /* Long paths are not supported for now */
- if(strlen(path) >= sizeof(((struct sockaddr_un *)0)->sun_path)) {
- failf(data, "Unix socket path too long: '%s'", path);
- result = CURLE_COULDNT_RESOLVE_HOST;
+ bool longpath = FALSE;
+ hostaddr->addr = Curl_unix2addr(path, &longpath,
+ conn->abstract_unix_socket);
+ if(hostaddr->addr)
+ hostaddr->inuse++;
+ else {
+ /* Long paths are not supported for now */
+ if(longpath) {
+ failf(data, "Unix socket path too long: '%s'", path);
+ result = CURLE_COULDNT_RESOLVE_HOST;
+ }
+ else
+ result = CURLE_OUT_OF_MEMORY;
+ free(hostaddr);
+ hostaddr = NULL;
}
- else
- result = CURLE_OUT_OF_MEMORY;
- free(hostaddr);
- hostaddr = NULL;
}
}
else
#endif
- if(!conn->proxy.name || !*conn->proxy.name) {
+ if(!conn->bits.proxy) {
struct hostname *connhost;
if(conn->bits.conn_to_host)
connhost = &conn->conn_to_host;
@@ -5623,7 +6178,7 @@ static CURLcode resolve_server(struct Curl_easy *data,
if(conn->bits.conn_to_port)
conn->port = conn->conn_to_port;
else
- conn->port = conn->remote_port; /* it is the same port */
+ conn->port = conn->remote_port;
/* Resolve target host right on */
rc = Curl_resolv_timeout(conn, connhost->name, (int)conn->port,
@@ -5643,8 +6198,11 @@ static CURLcode resolve_server(struct Curl_easy *data,
else {
/* This is a proxy that hasn't been resolved yet. */
+ struct hostname * const host = conn->bits.socksproxy ?
+ &conn->socks_proxy.host : &conn->http_proxy.host;
+
/* resolve proxy */
- rc = Curl_resolv_timeout(conn, conn->proxy.name, (int)conn->port,
+ rc = Curl_resolv_timeout(conn, host->name, (int)conn->port,
&hostaddr, timeout_ms);
if(rc == CURLRESOLV_PENDING)
@@ -5654,7 +6212,7 @@ static CURLcode resolve_server(struct Curl_easy *data,
result = CURLE_OPERATION_TIMEDOUT;
else if(!hostaddr) {
- failf(data, "Couldn't resolve proxy '%s'", conn->proxy.dispname);
+ failf(data, "Couldn't resolve proxy '%s'", host->dispname);
result = CURLE_COULDNT_RESOLVE_PROXY;
/* don't return yet, we need to clean up the timeout first */
}
@@ -5674,12 +6232,16 @@ static CURLcode resolve_server(struct Curl_easy *data,
static void reuse_conn(struct connectdata *old_conn,
struct connectdata *conn)
{
- free_fixed_hostname(&old_conn->proxy);
- free(old_conn->proxy.rawalloc);
+ free_fixed_hostname(&old_conn->http_proxy.host);
+ free_fixed_hostname(&old_conn->socks_proxy.host);
+
+ free(old_conn->http_proxy.host.rawalloc);
+ free(old_conn->socks_proxy.host.rawalloc);
/* free the SSL config struct from this connection struct as this was
allocated in vain and is targeted for destruction */
- Curl_free_ssl_config(&old_conn->ssl_config);
+ Curl_free_primary_ssl_config(&old_conn->ssl_config);
+ Curl_free_primary_ssl_config(&old_conn->proxy_ssl_config);
conn->data = old_conn->data;
@@ -5699,12 +6261,18 @@ static void reuse_conn(struct connectdata *old_conn,
conn->bits.proxy_user_passwd = old_conn->bits.proxy_user_passwd;
if(conn->bits.proxy_user_passwd) {
/* use the new proxy user name and proxy password though */
- Curl_safefree(conn->proxyuser);
- Curl_safefree(conn->proxypasswd);
- conn->proxyuser = old_conn->proxyuser;
- conn->proxypasswd = old_conn->proxypasswd;
- old_conn->proxyuser = NULL;
- old_conn->proxypasswd = NULL;
+ Curl_safefree(conn->http_proxy.user);
+ Curl_safefree(conn->socks_proxy.user);
+ Curl_safefree(conn->http_proxy.passwd);
+ Curl_safefree(conn->socks_proxy.passwd);
+ conn->http_proxy.user = old_conn->http_proxy.user;
+ conn->socks_proxy.user = old_conn->socks_proxy.user;
+ conn->http_proxy.passwd = old_conn->http_proxy.passwd;
+ conn->socks_proxy.passwd = old_conn->socks_proxy.passwd;
+ old_conn->http_proxy.user = NULL;
+ old_conn->socks_proxy.user = NULL;
+ old_conn->http_proxy.passwd = NULL;
+ old_conn->socks_proxy.passwd = NULL;
}
/* host can change, when doing keepalive with a proxy or if the case is
@@ -5723,24 +6291,26 @@ static void reuse_conn(struct connectdata *old_conn,
Curl_persistconninfo(conn);
conn_reset_all_postponed_data(old_conn); /* free buffers */
- conn_reset_all_postponed_data(conn); /* reset unprocessed data */
/* re-use init */
conn->bits.reuse = TRUE; /* yes, we're re-using here */
Curl_safefree(old_conn->user);
Curl_safefree(old_conn->passwd);
- Curl_safefree(old_conn->proxyuser);
- Curl_safefree(old_conn->proxypasswd);
+ Curl_safefree(old_conn->http_proxy.user);
+ Curl_safefree(old_conn->socks_proxy.user);
+ Curl_safefree(old_conn->http_proxy.passwd);
+ Curl_safefree(old_conn->socks_proxy.passwd);
Curl_safefree(old_conn->localdev);
- Curl_llist_destroy(old_conn->send_pipe, NULL);
- Curl_llist_destroy(old_conn->recv_pipe, NULL);
-
- old_conn->send_pipe = NULL;
- old_conn->recv_pipe = NULL;
+ Curl_llist_destroy(&old_conn->send_pipe, NULL);
+ Curl_llist_destroy(&old_conn->recv_pipe, NULL);
Curl_safefree(old_conn->master_buffer);
+
+#ifdef USE_UNIX_SOCKETS
+ Curl_safefree(old_conn->unix_domain_socket);
+#endif
}
/**
@@ -5771,7 +6341,6 @@ static CURLcode create_conn(struct Curl_easy *data,
char *passwd = NULL;
char *options = NULL;
bool reuse;
- char *proxy = NULL;
bool prot_missing = FALSE;
bool connections_available = TRUE;
bool force_reuse = FALSE;
@@ -5915,95 +6484,24 @@ static CURLcode create_conn(struct Curl_easy *data,
}
}
-#ifndef CURL_DISABLE_PROXY
- /*************************************************************
- * Extract the user and password from the authentication string
- *************************************************************/
- if(conn->bits.proxy_user_passwd) {
- result = parse_proxy_auth(data, conn);
- if(result)
- goto out;
- }
-
- /*************************************************************
- * Detect what (if any) proxy to use
- *************************************************************/
- if(data->set.str[STRING_PROXY]) {
- proxy = strdup(data->set.str[STRING_PROXY]);
- /* if global proxy is set, this is it */
- if(NULL == proxy) {
- failf(data, "memory shortage");
+#ifdef USE_UNIX_SOCKETS
+ if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
+ conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]);
+ if(conn->unix_domain_socket == NULL) {
result = CURLE_OUT_OF_MEMORY;
goto out;
}
- }
-
- if(data->set.str[STRING_NOPROXY] &&
- check_noproxy(conn->host.name, data->set.str[STRING_NOPROXY])) {
- free(proxy); /* proxy is in exception list */
- proxy = NULL;
- }
- else if(!proxy)
- proxy = detect_proxy(conn);
-
-#ifdef USE_UNIX_SOCKETS
- if(proxy && data->set.str[STRING_UNIX_SOCKET_PATH]) {
- free(proxy); /* Unix domain sockets cannot be proxied, so disable it */
- proxy = NULL;
+ conn->abstract_unix_socket = data->set.abstract_unix_socket;
}
#endif
- if(proxy && (!*proxy || (conn->handler->flags & PROTOPT_NONETWORK))) {
- free(proxy); /* Don't bother with an empty proxy string or if the
- protocol doesn't work with network */
- proxy = NULL;
- }
-
- /***********************************************************************
- * If this is supposed to use a proxy, we need to figure out the proxy host
- * name, proxy type and port number, so that we can re-use an existing
- * connection that may exist registered to the same proxy host.
- ***********************************************************************/
- if(proxy) {
- result = parse_proxy(data, conn, proxy);
-
- free(proxy); /* parse_proxy copies the proxy string */
- proxy = NULL;
-
- if(result)
- goto out;
-
- if((conn->proxytype == CURLPROXY_HTTP) ||
- (conn->proxytype == CURLPROXY_HTTP_1_0)) {
-#ifdef CURL_DISABLE_HTTP
- /* asking for a HTTP proxy is a bit funny when HTTP is disabled... */
- result = CURLE_UNSUPPORTED_PROTOCOL;
- goto out;
-#else
- /* force this connection's protocol to become HTTP if not already
- compatible - if it isn't tunneling through */
- if(!(conn->handler->protocol & PROTO_FAMILY_HTTP) &&
- !conn->bits.tunnel_proxy)
- conn->handler = &Curl_handler_http;
-
- conn->bits.httpproxy = TRUE;
+ /* After the unix socket init but before the proxy vars are used, parse and
+ initialize the proxy vars */
+#ifndef CURL_DISABLE_PROXY
+ result = create_conn_helper_init_proxy(conn);
+ if(result)
+ goto out;
#endif
- }
- else {
- conn->bits.httpproxy = FALSE; /* not a HTTP proxy */
- conn->bits.tunnel_proxy = FALSE; /* no tunneling if not HTTP */
- }
- conn->bits.proxy = TRUE;
- }
- else {
- /* we aren't using the proxy after all... */
- conn->bits.proxy = FALSE;
- conn->bits.httpproxy = FALSE;
- conn->bits.proxy_user_passwd = FALSE;
- conn->bits.tunnel_proxy = FALSE;
- }
-
-#endif /* CURL_DISABLE_PROXY */
/*************************************************************
* If the protocol is using SSL and HTTP proxy is used, we set
@@ -6039,18 +6537,20 @@ static CURLcode create_conn(struct Curl_easy *data,
/*************************************************************
* IDN-fix the hostnames
*************************************************************/
- fix_hostname(data, conn, &conn->host);
+ fix_hostname(conn, &conn->host);
if(conn->bits.conn_to_host)
- fix_hostname(data, conn, &conn->conn_to_host);
- if(conn->proxy.name && *conn->proxy.name)
- fix_hostname(data, conn, &conn->proxy);
+ fix_hostname(conn, &conn->conn_to_host);
+ if(conn->bits.httpproxy)
+ fix_hostname(conn, &conn->http_proxy.host);
+ if(conn->bits.socksproxy)
+ fix_hostname(conn, &conn->socks_proxy.host);
/*************************************************************
* Check whether the host and the "connect to host" are equal.
- * Do this after the hostnames have been IDN-fixed .
+ * Do this after the hostnames have been IDN-fixed.
*************************************************************/
if(conn->bits.conn_to_host &&
- Curl_raw_equal(conn->conn_to_host.name, conn->host.name)) {
+ strcasecompare(conn->conn_to_host.name, conn->host.name)) {
conn->bits.conn_to_host = FALSE;
}
@@ -6134,20 +6634,51 @@ static CURLcode create_conn(struct Curl_easy *data,
that will be freed as part of the Curl_easy struct, but all cloned
copies will be separately allocated.
*/
- data->set.ssl.CApath = data->set.str[STRING_SSL_CAPATH];
- data->set.ssl.CAfile = data->set.str[STRING_SSL_CAFILE];
- data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE];
- data->set.ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT];
- data->set.ssl.random_file = data->set.str[STRING_SSL_RANDOM_FILE];
- data->set.ssl.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
- data->set.ssl.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST];
- data->set.ssl.clientcert = data->set.str[STRING_CERT];
+ data->set.ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_ORIG];
+ data->set.proxy_ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_PROXY];
+ data->set.ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_ORIG];
+ data->set.proxy_ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_PROXY];
+ data->set.ssl.primary.random_file = data->set.str[STRING_SSL_RANDOM_FILE];
+ data->set.proxy_ssl.primary.random_file =
+ data->set.str[STRING_SSL_RANDOM_FILE];
+ data->set.ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
+ data->set.proxy_ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
+ data->set.ssl.primary.cipher_list =
+ data->set.str[STRING_SSL_CIPHER_LIST_ORIG];
+ data->set.proxy_ssl.primary.cipher_list =
+ data->set.str[STRING_SSL_CIPHER_LIST_PROXY];
+
+ data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_ORIG];
+ data->set.proxy_ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_PROXY];
+ data->set.ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_ORIG];
+ data->set.proxy_ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_PROXY];
+ data->set.ssl.cert = data->set.str[STRING_CERT_ORIG];
+ data->set.proxy_ssl.cert = data->set.str[STRING_CERT_PROXY];
+ data->set.ssl.cert_type = data->set.str[STRING_CERT_TYPE_ORIG];
+ data->set.proxy_ssl.cert_type = data->set.str[STRING_CERT_TYPE_PROXY];
+ data->set.ssl.key = data->set.str[STRING_KEY_ORIG];
+ data->set.proxy_ssl.key = data->set.str[STRING_KEY_PROXY];
+ data->set.ssl.key_type = data->set.str[STRING_KEY_TYPE_ORIG];
+ data->set.proxy_ssl.key_type = data->set.str[STRING_KEY_TYPE_PROXY];
+ data->set.ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_ORIG];
+ data->set.proxy_ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_PROXY];
+ data->set.ssl.primary.clientcert = data->set.str[STRING_CERT_ORIG];
+ data->set.proxy_ssl.primary.clientcert = data->set.str[STRING_CERT_PROXY];
#ifdef USE_TLS_SRP
- data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME];
- data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD];
+ data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_ORIG];
+ data->set.proxy_ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_PROXY];
+ data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_ORIG];
+ data->set.proxy_ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY];
#endif
- if(!Curl_clone_ssl_config(&data->set.ssl, &conn->ssl_config)) {
+ if(!Curl_clone_primary_ssl_config(&data->set.ssl.primary,
+ &conn->ssl_config)) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
+
+ if(!Curl_clone_primary_ssl_config(&data->set.proxy_ssl.primary,
+ &conn->proxy_ssl_config)) {
result = CURLE_OUT_OF_MEMORY;
goto out;
}
@@ -6172,7 +6703,7 @@ static CURLcode create_conn(struct Curl_easy *data,
/* If we found a reusable connection, we may still want to
open a new connection if we are pipelining. */
if(reuse && !force_reuse && IsPipeliningPossible(data, conn_temp)) {
- size_t pipelen = conn_temp->send_pipe->size + conn_temp->recv_pipe->size;
+ size_t pipelen = conn_temp->send_pipe.size + conn_temp->recv_pipe.size;
if(pipelen > 0) {
infof(data, "Found connection %ld, with requests in the pipe (%zu)\n",
conn_temp->connection_id, pipelen);
@@ -6204,7 +6735,9 @@ static CURLcode create_conn(struct Curl_easy *data,
infof(data, "Re-using existing connection! (#%ld) with %s %s\n",
conn->connection_id,
conn->bits.proxy?"proxy":"host",
- conn->proxy.name?conn->proxy.dispname:conn->host.dispname);
+ conn->socks_proxy.host.name ? conn->socks_proxy.host.dispname :
+ conn->http_proxy.host.name ? conn->http_proxy.host.dispname :
+ conn->host.dispname);
}
else {
/* We have decided that we want a new connection. However, we may not
@@ -6330,12 +6863,11 @@ static CURLcode create_conn(struct Curl_easy *data,
*************************************************************/
result = resolve_server(data, conn, async);
- out:
+out:
free(options);
free(passwd);
free(user);
- free(proxy);
return result;
}
@@ -6439,7 +6971,7 @@ CURLcode Curl_connect(struct Curl_easy *data,
if(!result) {
/* no error */
- if((*in_connect)->send_pipe->size || (*in_connect)->recv_pipe->size)
+ if((*in_connect)->send_pipe.size || (*in_connect)->recv_pipe.size)
/* pipelining */
*protocol_done = TRUE;
else if(!*asyncp) {
@@ -6504,7 +7036,6 @@ CURLcode Curl_init_do(struct Curl_easy *data, struct
connectdata *conn)
k->bytecount = 0;
k->buf = data->state.buffer;
- k->uploadbuf = data->state.uploadbuffer;
k->hbufp = data->state.headerbuff;
k->ignorebody=FALSE;
@@ -6528,7 +7059,7 @@ CURLcode Curl_init_do(struct Curl_easy *data, struct
connectdata *conn)
* Returns the family as a single bit protocol identifier.
*/
-unsigned int get_protocol_family(unsigned int protocol)
+static unsigned int get_protocol_family(unsigned int protocol)
{
unsigned int family;
diff --git a/lib/url.h b/lib/url.h
index 90d9db3c3..f13c8e664 100644
--- a/lib/url.h
+++ b/lib/url.h
@@ -67,6 +67,8 @@ void Curl_getoff_all_pipelines(struct Curl_easy *data,
void Curl_close_connections(struct Curl_easy *data);
#define CURL_DEFAULT_PROXY_PORT 1080 /* default proxy port unless specified */
+#define CURL_DEFAULT_HTTPS_PROXY_PORT 443 /* default https proxy port unless
+ specified */
CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex);
@@ -76,5 +78,16 @@ CURLcode Curl_connected_proxy(struct connectdata *conn, int
sockindex);
void Curl_verboseconnect(struct connectdata *conn);
#endif
+#define CONNECT_PROXY_SSL()\
+ (conn->http_proxy.proxytype == CURLPROXY_HTTPS &&\
+ !conn->bits.proxy_ssl_connected[sockindex])
+
+#define CONNECT_FIRSTSOCKET_PROXY_SSL()\
+ (conn->http_proxy.proxytype == CURLPROXY_HTTPS &&\
+ !conn->bits.proxy_ssl_connected[FIRSTSOCKET])
+
+#define CONNECT_SECONDARYSOCKET_PROXY_SSL()\
+ (conn->http_proxy.proxytype == CURLPROXY_HTTPS &&\
+ !conn->bits.proxy_ssl_connected[SECONDARYSOCKET])
#endif /* HEADER_CURL_URL_H */
diff --git a/lib/urldata.h b/lib/urldata.h
index 3ac050b53..5f61dde33 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -136,8 +136,10 @@
#undef realloc
#endif /* USE_AXTLS */
-#ifdef USE_SCHANNEL
+#if defined(USE_SCHANNEL) || defined(USE_WINDOWS_SSPI)
#include "curl_sspi.h"
+#endif
+#ifdef USE_SCHANNEL
#include <schnlsp.h>
#include <schannel.h>
#endif
@@ -163,7 +165,7 @@
#endif
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "http_chunks.h" /* for the structs and enum stuff */
#include "hostip.h"
@@ -198,9 +200,12 @@
#include <libssh2_sftp.h>
#endif /* HAVE_LIBSSH2_H */
-/* Download buffer size, keep it fairly big for speed reasons */
-#undef BUFSIZE
-#define BUFSIZE CURL_MAX_WRITE_SIZE
+/* The upload buffer size, should not be smaller than CURL_MAX_WRITE_SIZE, as
+ it needs to hold a full buffer as could be sent in a write callback */
+#define UPLOAD_BUFSIZE CURL_MAX_WRITE_SIZE
+
+/* The "master buffer" is for HTTP pipelining */
+#define MASTERBUF_SIZE 16384
/* Initial size of the buffer to store headers in, it'll be enlarged in case
of need. */
@@ -311,11 +316,13 @@ struct ssl_connect_data {
PRFileDesc *handle;
char *client_nickname;
struct Curl_easy *data;
- struct curl_llist *obj_list;
+ struct curl_llist obj_list;
PK11GenericObject *obj_clicert;
#elif defined(USE_GSKIT)
gsk_handle handle;
int iocport;
+ int localfd;
+ int remotefd;
#elif defined(USE_AXTLS)
SSL_CTX* ssl_ctx;
SSL* ssl;
@@ -326,6 +333,11 @@ struct ssl_connect_data {
size_t encdata_length, decdata_length;
size_t encdata_offset, decdata_offset;
unsigned char *encdata_buffer, *decdata_buffer;
+ /* encdata_is_incomplete: if encdata contains only a partial record that
+ can't be decrypted without another Curl_read_plain (that is, status is
+ SEC_E_INCOMPLETE_MESSAGE) then set this true. after Curl_read_plain writes
+ more bytes into encdata then set this back to false. */
+ bool encdata_is_incomplete;
unsigned long req_flags, ret_flags;
CURLcode recv_unrecoverable_err; /* schannel_recv had an unrecoverable err */
bool recv_sspi_close_notify; /* true if connection closed by close_notify */
@@ -341,28 +353,40 @@ struct ssl_connect_data {
#endif
};
-struct ssl_config_data {
+struct ssl_primary_config {
long version; /* what version the client wants to use */
- long certverifyresult; /* result from the certificate verification */
-
+ long version_max; /* max supported version the client wants to use*/
bool verifypeer; /* set TRUE if this is desired */
bool verifyhost; /* set TRUE if CN/SAN must match hostname */
bool verifystatus; /* set TRUE if certificate status must be checked */
char *CApath; /* certificate dir (doesn't work on windows) */
char *CAfile; /* certificate to verify peer against */
- const char *CRLfile; /* CRL to check certificate revocation */
- const char *issuercert;/* optional issuer certificate filename */
char *clientcert;
char *random_file; /* path to file containing "random" data */
char *egdsocket; /* path to file containing the EGD daemon socket */
char *cipher_list; /* list of ciphers to use */
- size_t max_ssl_sessions; /* SSL session id cache size */
+ bool sessionid; /* cache session IDs or not */
+};
+
+struct ssl_config_data {
+ struct ssl_primary_config primary;
+ bool enable_beast; /* especially allow this flaw for interoperability's
+ sake*/
+ bool no_revoke; /* disable SSL certificate revocation checks */
+ long certverifyresult; /* result from the certificate verification */
+ char *CRLfile; /* CRL to check certificate revocation */
+ char *issuercert;/* optional issuer certificate filename */
curl_ssl_ctx_callback fsslctx; /* function to initialize ssl ctx */
void *fsslctxp; /* parameter for call back */
- bool sessionid; /* cache session IDs or not */
bool certinfo; /* gather lots of certificate info */
bool falsestart;
+ char *cert; /* client certificate file name */
+ char *cert_type; /* format for certificate (default: PEM)*/
+ char *key; /* private key file name */
+ char *key_type; /* format for private key (default: PEM) */
+ char *key_passwd; /* plain text private key password */
+
#ifdef USE_TLS_SRP
char *username; /* TLS username (for, e.g., SRP) */
char *password; /* TLS password (for, e.g., SRP) */
@@ -370,16 +394,21 @@ struct ssl_config_data {
#endif
};
+struct ssl_general_config {
+ size_t max_ssl_sessions; /* SSL session id cache size */
+};
+
/* information stored about one single SSL session */
struct curl_ssl_session {
char *name; /* host name for which this ID was used */
char *conn_to_host; /* host name for the connection (may be NULL) */
+ const char *scheme; /* protocol scheme used */
void *sessionid; /* as returned from the SSL layer */
size_t idsize; /* if known, otherwise 0 */
long age; /* just a number, the higher the more recent */
int remote_port; /* remote port */
int conn_to_port; /* remote port for the connection (may be -1) */
- struct ssl_config_data ssl_config; /* setup for this session */
+ struct ssl_primary_config ssl_config; /* setup for this session */
};
/* Struct used for Digest challenge-response authentication */
@@ -387,6 +416,11 @@ struct digestdata {
#if defined(USE_WINDOWS_SSPI)
BYTE *input_token;
size_t input_token_len;
+ CtxtHandle *http_context;
+ /* copy of user/passwd used to make the identity for http_context.
+ either may be NULL. */
+ char *user;
+ char *passwd;
#else
char *nonce;
char *cnonce;
@@ -450,7 +484,7 @@ struct ntlmdata {
#else
unsigned int flags;
unsigned char nonce[8];
- void* target_info; /* TargetInfo received in the ntlm type-2 message */
+ void *target_info; /* TargetInfo received in the ntlm type-2 message */
unsigned int target_info_len;
#endif
};
@@ -496,6 +530,7 @@ struct ConnectBits {
that overrides the port in the URL (remote port) */
bool proxy; /* if set, this transfer is done through a proxy - any type */
bool httpproxy; /* if set, this transfer is done through a http proxy */
+ bool socksproxy; /* if set, this transfer is done through a socks proxy */
bool user_passwd; /* do we use user+password for this connection? */
bool proxy_user_passwd; /* user+password for the proxy? */
bool ipv6_ip; /* we communicate with a remote site specified with pure IPv6
@@ -530,6 +565,7 @@ struct ConnectBits {
bool ftp_use_eprt; /* As set with CURLOPT_FTP_USE_EPRT, but if we find out
EPRT doesn't work we disable it for the forthcoming
requests */
+ bool ftp_use_data_ssl; /* Enabled SSL for the data connection */
bool netrc; /* name+password provided by netrc */
bool userpwd_in_url; /* name+password found in url */
bool stream_was_rewound; /* Indicates that the stream was rewound after a
@@ -546,6 +582,9 @@ struct ConnectBits {
bool tcp_fastopen; /* use TCP Fast Open */
bool tls_enable_npn; /* TLS NPN extension? */
bool tls_enable_alpn; /* TLS ALPN extension? */
+ bool proxy_ssl_connected[2]; /* TRUE when SSL initialization for HTTPS proxy
+ is complete */
+ bool socksproxy_connecting; /* connecting through a socks proxy */
};
struct hostname {
@@ -643,8 +682,8 @@ struct SingleRequest {
100 reply (without a following second response
code) result in a CURLE_GOT_NOTHING error code */
- struct timeval start; /* transfer started at this time */
- struct timeval now; /* current time */
+ struct curltime start; /* transfer started at this time */
+ struct curltime now; /* current time */
bool header; /* incoming data has HTTP header */
enum {
HEADER_NORMAL, /* no bad header at all */
@@ -666,7 +705,7 @@ struct SingleRequest {
Content-Range: header */
int httpcode; /* error code from the 'HTTP/1.? XXX' or
'RTSP/1.? XXX' line */
- struct timeval start100; /* time stamp to wait for the 100 code from */
+ struct curltime start100; /* time stamp to wait for the 100 code from */
enum expect100 exp100; /* expect 100 continue state */
enum upgrade101 upgr101; /* 101 upgrade state */
@@ -686,7 +725,6 @@ struct SingleRequest {
long bodywrites;
char *buf;
- char *uploadbuf;
curl_socket_t maxfd;
int keepon;
@@ -731,7 +769,7 @@ struct SingleRequest {
*/
struct Curl_handler {
- const char * scheme; /* URL scheme name. */
+ const char *scheme; /* URL scheme name. */
/* Complement to setup_connection_internals(). */
CURLcode (*setup_connection)(struct connectdata *);
@@ -795,6 +833,12 @@ struct Curl_handler {
CURLcode (*readwrite)(struct Curl_easy *data, struct connectdata *conn,
ssize_t *nread, bool *readmore);
+ /* This function can perform various checks on the connection. See
+ CONNCHECK_* for more information about the checks that can be performed,
+ and CONNRESULT_* for the results that can be returned. */
+ unsigned int (*connection_check)(struct connectdata *conn,
+ unsigned int checks_to_perform);
+
long defport; /* Default port. */
unsigned int protocol; /* See CURLPROTO_* - this needs to be the single
specific protocol bit */
@@ -819,6 +863,17 @@ struct Curl_handler {
request instead of per connection */
#define PROTOPT_ALPN_NPN (1<<8) /* set ALPN and/or NPN for this */
#define PROTOPT_STREAM (1<<9) /* a protocol with individual logical streams */
+#define PROTOPT_URLOPTIONS (1<<10) /* allow options part in the userinfo field
+ of the URL */
+#define PROTOPT_PROXY_AS_HTTP (1<<11) /* allow this non-HTTP scheme over a
+ HTTP proxy as HTTP proxies may know
+ this protocol and act as a gateway */
+
+#define CONNCHECK_NONE 0 /* No checks */
+#define CONNCHECK_ISDEAD (1<<0) /* Check if the connection is dead. */
+
+#define CONNRESULT_NONE 0 /* No extra information. */
+#define CONNRESULT_DEAD (1<<0) /* The connection is dead. */
/* return the count of bytes sent, or -1 on error */
typedef ssize_t (Curl_send)(struct connectdata *conn, /* connection data */
@@ -848,6 +903,32 @@ struct postponed_data {
};
#endif /* USE_RECV_BEFORE_SEND_WORKAROUND */
+struct proxy_info {
+ struct hostname host;
+ long port;
+ curl_proxytype proxytype; /* what kind of proxy that is in use */
+ char *user; /* proxy user name string, allocated */
+ char *passwd; /* proxy password string, allocated */
+};
+
+#define CONNECT_BUFFER_SIZE 16384
+
+/* struct for HTTP CONNECT state data */
+struct http_connect_state {
+ char connect_buffer[CONNECT_BUFFER_SIZE];
+ int perline; /* count bytes per line */
+ int keepon;
+ char *line_start;
+ char *ptr; /* where to store more data */
+ curl_off_t cl; /* size of content to read and ignore */
+ bool chunked_encoding;
+ enum {
+ TUNNEL_INIT, /* init/default/no tunnel state */
+ TUNNEL_CONNECT, /* CONNECT has been sent off */
+ TUNNEL_COMPLETE /* CONNECT response received completely */
+ } tunnel_state;
+};
+
/*
* The connectdata struct contains all fields and variables that should be
* unique for an entire connection.
@@ -858,6 +939,8 @@ struct connectdata {
connection is used! */
struct Curl_easy *data;
+ struct curl_llist_element bundle_node; /* conncache */
+
/* chunk is for HTTP chunked encoding, but is in the general connectdata
struct only because we can do just about any protocol through a HTTP proxy
and a HTTP proxy may in fact respond using chunked encoding */
@@ -897,14 +980,19 @@ struct connectdata {
int socktype; /* SOCK_STREAM or SOCK_DGRAM */
struct hostname host;
+ char *secondaryhostname; /* secondary socket host name (ftp) */
struct hostname conn_to_host; /* the host to connect to. valid only if
bits.conn_to_host is set */
- struct hostname proxy;
+
+ struct proxy_info socks_proxy;
+ struct proxy_info http_proxy;
long port; /* which port to use locally */
int remote_port; /* the remote port, not the proxy port! */
int conn_to_port; /* the remote port to connect to. valid only if
bits.conn_to_port is set */
+ unsigned short secondary_port; /* secondary socket remote port to connect to
+ (ftp) */
/* 'primary_ip' and 'primary_port' get filled with peer's numerical
ip address and port number whenever an outgoing connection is
@@ -929,15 +1017,11 @@ struct connectdata {
char *oauth_bearer; /* bearer token for OAuth 2.0, allocated */
- char *proxyuser; /* proxy user name string, allocated */
- char *proxypasswd; /* proxy password string, allocated */
- curl_proxytype proxytype; /* what kind of proxy that is in use */
-
int httpversion; /* the HTTP version*10 reported by the server */
int rtspversion; /* the RTSP version*10 reported by the server */
- struct timeval now; /* "current" time */
- struct timeval created; /* creation time */
+ struct curltime now; /* "current" time */
+ struct curltime created; /* creation time */
curl_socket_t sock[2]; /* two sockets, the second is used for the data
transfer when doing FTP */
curl_socket_t tempsock[2]; /* temporary sockets for happy eyeballs */
@@ -950,7 +1034,9 @@ struct connectdata {
struct postponed_data postponed[2]; /* two buffers for two sockets */
#endif /* USE_RECV_BEFORE_SEND_WORKAROUND */
struct ssl_connect_data ssl[2]; /* this is for ssl-stuff */
- struct ssl_config_data ssl_config;
+ struct ssl_connect_data proxy_ssl[2]; /* this is for proxy ssl-stuff */
+ struct ssl_primary_config ssl_config;
+ struct ssl_primary_config proxy_ssl_config;
bool tls_upgraded;
struct ConnectBits bits; /* various state-flags for this connection */
@@ -958,11 +1044,11 @@ struct connectdata {
/* connecttime: when connect() is called on the current IP address. Used to
be able to track when to move on to try next IP - but only when the multi
interface is used. */
- struct timeval connecttime;
+ struct curltime connecttime;
/* The two fields below get set in Curl_connecthost */
int num_addr; /* number of addresses to try to connect to */
- long timeoutms_per_addr; /* how long time in milliseconds to spend on
- trying to connect to each IP address */
+ time_t timeoutms_per_addr; /* how long time in milliseconds to spend on
+ trying to connect to each IP address */
const struct Curl_handler *handler; /* Connection's protocol handler */
const struct Curl_handler *given; /* The protocol first given */
@@ -1015,11 +1101,11 @@ struct connectdata {
handle */
bool writechannel_inuse; /* whether the write channel is in use by an easy
handle */
- struct curl_llist *send_pipe; /* List of handles waiting to
- send on this pipeline */
- struct curl_llist *recv_pipe; /* List of handles waiting to read
- their responses on this pipeline */
- char* master_buffer; /* The master buffer allocated on-demand;
+ struct curl_llist send_pipe; /* List of handles waiting to send on this
+ pipeline */
+ struct curl_llist recv_pipe; /* List of handles waiting to read their
+ responses on this pipeline */
+ char *master_buffer; /* The master buffer allocated on-demand;
used for pipelining. */
size_t read_pos; /* Current read position in the master buffer */
size_t buf_len; /* Length of the buffer?? */
@@ -1040,8 +1126,8 @@ struct connectdata {
/* used for communication with Samba's winbind daemon helper ntlm_auth */
curl_socket_t ntlm_auth_hlpr_socket;
pid_t ntlm_auth_hlpr_pid;
- char* challenge_header;
- char* response_header;
+ char *challenge_header;
+ char *response_header;
#endif
#endif
@@ -1077,9 +1163,6 @@ struct connectdata {
int socks5_gssapi_enctype;
#endif
- bool verifypeer;
- bool verifyhost;
-
/* When this connection is created, store the conditions for the local end
bind. This is stored before the actual bind and before any connection is
made and will serve the purpose of being used for comparison reasons so
@@ -1088,22 +1171,21 @@ struct connectdata {
char *localdev;
unsigned short localport;
int localportrange;
-
- /* tunnel as in tunnel through a HTTP proxy with CONNECT */
- enum {
- TUNNEL_INIT, /* init/default/no tunnel state */
- TUNNEL_CONNECT, /* CONNECT has been sent off */
- TUNNEL_COMPLETE /* CONNECT response received completely */
- } tunnel_state[2]; /* two separate ones to allow FTP */
+ struct http_connect_state *connect_state; /* for HTTP CONNECT */
struct connectbundle *bundle; /* The bundle we are member of */
-
int negnpn; /* APLN or NPN TLS negotiated protocol, CURL_HTTP_VERSION* */
+
+#ifdef USE_UNIX_SOCKETS
+ char *unix_domain_socket;
+ bool abstract_unix_socket;
+#endif
};
/* The end of connectdata. */
/*
* Struct to keep statistical and informational data.
+ * All variables in this struct must be initialized/reset in Curl_initinfo().
*/
struct PureInfo {
int httpcode; /* Recent HTTP, FTP, RTSP or SMTP response code */
@@ -1137,6 +1219,9 @@ struct PureInfo {
char conn_local_ip[MAX_IPADR_LEN];
long conn_local_port;
+ const char *conn_scheme;
+ unsigned int conn_protocol;
+
struct curl_certinfo certs; /* info about the certs, only populated in
OpenSSL builds. Asked for with
CURLOPT_CERTINFO / CURLINFO_CERTINFO */
@@ -1144,8 +1229,8 @@ struct PureInfo {
struct Progress {
- long lastshow; /* time() of the last displayed progress meter or NULL to
- force redraw at next call */
+ time_t lastshow; /* time() of the last displayed progress meter or NULL to
+ force redraw at next call */
curl_off_t size_dl; /* total expected size */
curl_off_t size_ul; /* total expected size */
curl_off_t downloaded; /* transferred so far */
@@ -1157,34 +1242,34 @@ struct Progress {
int width; /* screen width at download start */
int flags; /* see progress.h */
- double timespent;
+ time_t timespent;
curl_off_t dlspeed;
curl_off_t ulspeed;
- double t_nslookup;
- double t_connect;
- double t_appconnect;
- double t_pretransfer;
- double t_starttransfer;
- double t_redirect;
+ time_t t_nslookup;
+ time_t t_connect;
+ time_t t_appconnect;
+ time_t t_pretransfer;
+ time_t t_starttransfer;
+ time_t t_redirect;
- struct timeval start;
- struct timeval t_startsingle;
- struct timeval t_startop;
- struct timeval t_acceptdata;
+ struct curltime start;
+ struct curltime t_startsingle;
+ struct curltime t_startop;
+ struct curltime t_acceptdata;
/* upload speed limit */
- struct timeval ul_limit_start;
+ struct curltime ul_limit_start;
curl_off_t ul_limit_size;
/* download speed limit */
- struct timeval dl_limit_start;
+ struct curltime dl_limit_start;
curl_off_t dl_limit_size;
#define CURR_TIME (5+1) /* 6 entries for 5 seconds */
curl_off_t speeder[ CURR_TIME ];
- struct timeval speeder_time[ CURR_TIME ];
+ struct curltime speeder_time[ CURR_TIME ];
int speeder_c;
};
@@ -1195,6 +1280,7 @@ typedef enum {
HTTPREQ_POST_FORM, /* we make a difference internally */
HTTPREQ_PUT,
HTTPREQ_HEAD,
+ HTTPREQ_OPTIONS,
HTTPREQ_CUSTOM,
HTTPREQ_LAST /* last in list */
} Curl_HttpReq;
@@ -1234,12 +1320,54 @@ struct auth {
this resource */
bool done; /* TRUE when the auth phase is done and ready to do the *actual*
request */
- bool multi; /* TRUE if this is not yet authenticated but within the auth
- multipass negotiation */
+ bool multipass; /* TRUE if this is not yet authenticated but within the
+ auth multipass negotiation */
bool iestyle; /* TRUE if digest should be done IE-style or FALSE if it should
be RFC compliant */
};
+struct Curl_http2_dep {
+ struct Curl_http2_dep *next;
+ struct Curl_easy *data;
+};
+
+/*
+ * This struct is for holding data that was attemped to get sent to the user's
+ * callback but is held due to pausing. One instance per type (BOTH, HEADER,
+ * BODY).
+ */
+struct tempbuf {
+ char *buf; /* allocated buffer to keep data in when a write callback
+ returns to make the connection paused */
+ size_t len; /* size of the 'tempwrite' allocated buffer */
+ int type; /* type of the 'tempwrite' buffer as a bitmask that is used with
+ Curl_client_write() */
+};
+
+/* Timers */
+typedef enum {
+ EXPIRE_100_TIMEOUT,
+ EXPIRE_ASYNC_NAME,
+ EXPIRE_CONNECTTIMEOUT,
+ EXPIRE_DNS_PER_NAME,
+ EXPIRE_HAPPY_EYEBALLS,
+ EXPIRE_MULTI_PENDING,
+ EXPIRE_RUN_NOW,
+ EXPIRE_SPEEDCHECK,
+ EXPIRE_TIMEOUT,
+ EXPIRE_TOOFAST,
+ EXPIRE_LAST /* not an actual timer, used as a marker only */
+} expire_id;
+
+/*
+ * One instance for each timeout an easy handle can set.
+ */
+struct time_node {
+ struct curl_llist_element list;
+ struct curltime time;
+ expire_id eid;
+};
+
struct UrlState {
/* Points to the connection cache */
@@ -1251,16 +1379,16 @@ struct UrlState {
bool multi_owned_by_easy;
/* buffers to store authentication data in, as parsed from input options */
- struct timeval keeps_speed; /* for the progress meter really */
+ struct curltime keeps_speed; /* for the progress meter really */
struct connectdata *lastconnect; /* The last connection, NULL if undefined */
char *headerbuff; /* allocated buffer to store headers in */
size_t headersize; /* size of the allocation */
- char buffer[BUFSIZE+1]; /* download buffer */
- char uploadbuffer[BUFSIZE+1]; /* upload buffer */
- curl_off_t current_speed; /* the ProgressShow() funcion sets this,
+ char *buffer; /* download buffer */
+ char uploadbuffer[UPLOAD_BUFSIZE+1]; /* upload buffer */
+ curl_off_t current_speed; /* the ProgressShow() function sets this,
bytes / second */
bool this_is_a_follow; /* this is a followed Location: request */
@@ -1273,12 +1401,9 @@ struct UrlState {
int first_remote_port; /* remote port of the first (not followed) request */
struct curl_ssl_session *session; /* array of 'max_ssl_sessions' size */
long sessionage; /* number of the most recent session */
- char *tempwrite; /* allocated buffer to keep data in when a write
- callback returns to make the connection paused */
- size_t tempwritesize; /* size of the 'tempwrite' allocated buffer */
- int tempwritetype; /* type of the 'tempwrite' buffer as a bitmask that is
- used with Curl_client_write() */
- char *scratch; /* huge buffer[BUFSIZE*2] when doing upload CRLF replacing */
+ unsigned int tempcount; /* number of entries in use in tempwrite, 0 - 3 */
+ struct tempbuf tempwrite[3]; /* BOTH, HEADER, BODY */
+ char *scratch; /* huge buffer[set.buffer_size*2] for upload CRLF replacing */
bool errorbuf; /* Set to TRUE if the error buffer is already filled in.
This must be set to FALSE every time _easy_perform() is
called. */
@@ -1308,9 +1433,10 @@ struct UrlState {
#if defined(USE_OPENSSL) && defined(HAVE_OPENSSL_ENGINE_H)
ENGINE *engine;
#endif /* USE_OPENSSL */
- struct timeval expiretime; /* set this with Curl_expire() only */
+ struct curltime expiretime; /* set this with Curl_expire() only */
struct Curl_tree timenode; /* for the splay stuff */
- struct curl_llist *timeoutlist; /* list of pending timeouts */
+ struct curl_llist timeoutlist; /* list of pending timeouts */
+ struct time_node expires[EXPIRE_LAST]; /* nodes for each expire type */
/* a place to store the most recently set FTP entrypath */
char *most_recent_ftp_entrypath;
@@ -1400,8 +1526,10 @@ struct DynamicStatic {
struct Curl_multi; /* declared and used only in multi.c */
enum dupstring {
- STRING_CERT, /* client certificate file name */
- STRING_CERT_TYPE, /* format for certificate (default: PEM)*/
+ STRING_CERT_ORIG, /* client certificate file name */
+ STRING_CERT_PROXY, /* client certificate file name */
+ STRING_CERT_TYPE_ORIG, /* format for certificate (default: PEM)*/
+ STRING_CERT_TYPE_PROXY, /* format for certificate (default: PEM)*/
STRING_COOKIE, /* HTTP cookie string to send */
STRING_COOKIEJAR, /* dump all cookies to this file */
STRING_CUSTOMREQUEST, /* HTTP/FTP/RTSP request/method to use */
@@ -1411,25 +1539,35 @@ enum dupstring {
STRING_FTP_ACCOUNT, /* ftp account data */
STRING_FTP_ALTERNATIVE_TO_USER, /* command to send if USER/PASS fails */
STRING_FTPPORT, /* port to send with the FTP PORT command */
- STRING_KEY, /* private key file name */
- STRING_KEY_PASSWD, /* plain text private key password */
- STRING_KEY_TYPE, /* format for private key (default: PEM) */
+ STRING_KEY_ORIG, /* private key file name */
+ STRING_KEY_PROXY, /* private key file name */
+ STRING_KEY_PASSWD_ORIG, /* plain text private key password */
+ STRING_KEY_PASSWD_PROXY, /* plain text private key password */
+ STRING_KEY_TYPE_ORIG, /* format for private key (default: PEM) */
+ STRING_KEY_TYPE_PROXY, /* format for private key (default: PEM) */
STRING_KRB_LEVEL, /* krb security level */
STRING_NETRC_FILE, /* if not NULL, use this instead of trying to find
$HOME/.netrc */
STRING_PROXY, /* proxy to use */
+ STRING_PRE_PROXY, /* pre socks proxy to use */
STRING_SET_RANGE, /* range, if used */
STRING_SET_REFERER, /* custom string for the HTTP referer field */
STRING_SET_URL, /* what original URL to work on */
- STRING_SSL_CAPATH, /* CA directory name (doesn't work on windows) */
- STRING_SSL_CAFILE, /* certificate file to verify peer against */
- STRING_SSL_PINNEDPUBLICKEY, /* public key file to verify peer against */
- STRING_SSL_CIPHER_LIST, /* list of ciphers to use */
+ STRING_SSL_CAPATH_ORIG, /* CA directory name (doesn't work on windows) */
+ STRING_SSL_CAPATH_PROXY, /* CA directory name (doesn't work on windows) */
+ STRING_SSL_CAFILE_ORIG, /* certificate file to verify peer against */
+ STRING_SSL_CAFILE_PROXY, /* certificate file to verify peer against */
+ STRING_SSL_PINNEDPUBLICKEY_ORIG, /* public key file to verify peer against */
+ STRING_SSL_PINNEDPUBLICKEY_PROXY, /* public key file to verify proxy */
+ STRING_SSL_CIPHER_LIST_ORIG, /* list of ciphers to use */
+ STRING_SSL_CIPHER_LIST_PROXY, /* list of ciphers to use */
STRING_SSL_EGDSOCKET, /* path to file containing the EGD daemon socket */
STRING_SSL_RANDOM_FILE, /* path to file containing "random" data */
STRING_USERAGENT, /* User-Agent string */
- STRING_SSL_CRLFILE, /* crl file to check certificate */
- STRING_SSL_ISSUERCERT, /* issuer cert file to check certificate */
+ STRING_SSL_CRLFILE_ORIG, /* crl file to check certificate */
+ STRING_SSL_CRLFILE_PROXY, /* crl file to check certificate */
+ STRING_SSL_ISSUERCERT_ORIG, /* issuer cert file to check certificate */
+ STRING_SSL_ISSUERCERT_PROXY, /* issuer cert file to check certificate */
STRING_USERNAME, /* <username>, if used */
STRING_PASSWORD, /* <password>, if used */
STRING_OPTIONS, /* <options>, if used */
@@ -1457,14 +1595,16 @@ enum dupstring {
STRING_MAIL_AUTH,
#ifdef USE_TLS_SRP
- STRING_TLSAUTH_USERNAME, /* TLS auth <username> */
- STRING_TLSAUTH_PASSWORD, /* TLS auth <password> */
+ STRING_TLSAUTH_USERNAME_ORIG, /* TLS auth <username> */
+ STRING_TLSAUTH_USERNAME_PROXY, /* TLS auth <username> */
+ STRING_TLSAUTH_PASSWORD_ORIG, /* TLS auth <password> */
+ STRING_TLSAUTH_PASSWORD_PROXY, /* TLS auth <password> */
#endif
STRING_BEARER, /* <bearer>, if used */
#ifdef USE_UNIX_SOCKETS
STRING_UNIX_SOCKET_PATH, /* path to Unix socket, if used */
#endif
-
+ STRING_TARGET, /* CURLOPT_REQUEST_TARGET */
/* -- end of zero-terminated strings -- */
STRING_LASTZEROTERMINATED,
@@ -1491,6 +1631,7 @@ struct UserDefined {
long use_port; /* which port to use (when not using default) */
unsigned long httpauth; /* kind of HTTP authentication to use (bitmask) */
unsigned long proxyauth; /* kind of proxy authentication to use (bitmask) */
+ unsigned long socks5auth;/* kind of SOCKS5 authentication to use (bitmask) */
long followlocation; /* as in HTTP Location: */
long maxredirs; /* maximum no. of http(s) redirects to follow, set to -1
for infinity */
@@ -1522,10 +1663,10 @@ struct UserDefined {
curl_opensocket_callback fopensocket; /* function for checking/translating
the address and opening the
socket */
- void* opensocket_client;
+ void *opensocket_client;
curl_closesocket_callback fclosesocket; /* function for closing the
socket */
- void* closesocket_client;
+ void *closesocket_client;
void *seek_client; /* pointer to pass to the seek callback */
/* the 3 curl_conv_callback functions below are used on non-ASCII hosts */
@@ -1575,7 +1716,10 @@ struct UserDefined {
Curl_HttpReq httpreq; /* what kind of HTTP request (if any) is this */
long httpversion; /* when non-zero, a specific HTTP version requested to
be used in the library's request(s) */
+ bool strip_path_slash; /* strip off initial slash from path */
struct ssl_config_data ssl; /* user defined SSL stuff */
+ struct ssl_config_data proxy_ssl; /* user defined SSL stuff for proxy */
+ struct ssl_general_config general_ssl; /* general user defined SSL stuff */
curl_proxytype proxytype; /* what kind of proxy that is in use */
long dns_cache_timeout; /* DNS cache timeout */
long buffer_size; /* size of receive buffer to use */
@@ -1610,6 +1754,7 @@ struct UserDefined {
bool ftp_use_port; /* use the FTP PORT command */
bool hide_progress; /* don't use the progress meter */
bool http_fail_on_error; /* fail on HTTP error codes >= 400 */
+ bool http_keep_sending_on_error; /* for HTTP status codes >= 300 */
bool http_follow_location; /* follow HTTP redirects */
bool http_transfer_encoding; /* request compressed HTTP transfer-encoding */
bool http_disable_hostname_check_before_authentication;
@@ -1639,9 +1784,6 @@ struct UserDefined {
bool ftp_skip_ip; /* skip the IP address the FTP server passes on to
us */
bool connect_only; /* make connection, let application use the socket */
- bool ssl_enable_beast; /* especially allow this flaw for interoperability's
- sake*/
- bool ssl_no_revoke; /* disable SSL certificate revocation checks */
long ssh_auth_types; /* allowed SSH auth types */
bool http_te_skip; /* pass the raw body data to the user, even when
transfer-encoded (chunked, compressed) */
@@ -1688,10 +1830,16 @@ struct UserDefined {
bool pipewait; /* wait for pipe/multiplex status before starting a
new connection */
long expect_100_timeout; /* in milliseconds */
+ bool suppress_connect_headers; /* suppress proxy CONNECT response headers
+ from user callbacks */
struct Curl_easy *stream_depends_on;
bool stream_depends_e; /* set or don't set the Exclusive bit */
int stream_weight;
+
+ struct Curl_http2_dep *stream_dependents;
+
+ bool abstract_unix_socket;
};
struct Names {
@@ -1720,6 +1868,8 @@ struct Curl_easy {
struct Curl_easy *prev;
struct connectdata *easy_conn; /* the "unit's" connection */
+ struct curl_llist_element connect_queue;
+ struct curl_llist_element pipeline_queue;
CURLMstate mstate; /* the handle's state */
CURLcode result; /* previous result */
diff --git a/lib/vauth/cleartext.c b/lib/vauth/cleartext.c
index 4e906bc07..25364579e 100644
--- a/lib/vauth/cleartext.c
+++ b/lib/vauth/cleartext.c
@@ -25,7 +25,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "vauth/vauth.h"
@@ -33,8 +33,6 @@
#include "curl_md5.h"
#include "warnless.h"
#include "strtok.h"
-#include "strequal.h"
-#include "rawstr.h"
#include "sendf.h"
#include "curl_printf.h"
@@ -68,16 +66,27 @@ CURLcode Curl_auth_create_plain_message(struct Curl_easy
*data,
char *plainauth;
size_t ulen;
size_t plen;
+ size_t plainlen;
+ *outlen = 0;
+ *outptr = NULL;
ulen = strlen(userp);
plen = strlen(passwdp);
- plainauth = malloc(2 * ulen + plen + 2);
- if(!plainauth) {
- *outlen = 0;
- *outptr = NULL;
+ /* Compute binary message length, checking for overflows. */
+ plainlen = 2 * ulen;
+ if(plainlen < ulen)
+ return CURLE_OUT_OF_MEMORY;
+ plainlen += plen;
+ if(plainlen < plen)
+ return CURLE_OUT_OF_MEMORY;
+ plainlen += 2;
+ if(plainlen < 2)
+ return CURLE_OUT_OF_MEMORY;
+
+ plainauth = malloc(plainlen);
+ if(!plainauth)
return CURLE_OUT_OF_MEMORY;
- }
/* Calculate the reply */
memcpy(plainauth, userp, ulen);
@@ -87,8 +96,7 @@ CURLcode Curl_auth_create_plain_message(struct Curl_easy
*data,
memcpy(plainauth + 2 * ulen + 2, passwdp, plen);
/* Base64 encode the reply */
- result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr,
- outlen);
+ result = Curl_base64_encode(data, plainauth, plainlen, outptr, outlen);
free(plainauth);
return result;
diff --git a/lib/vauth/cram.c b/lib/vauth/cram.c
index 3074a163a..5d6126cfa 100644
--- a/lib/vauth/cram.c
+++ b/lib/vauth/cram.c
@@ -26,7 +26,7 @@
#if !defined(CURL_DISABLE_CRYPTO_AUTH)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "vauth/vauth.h"
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index f4898404f..0ae736c83 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -26,7 +26,7 @@
#if !defined(CURL_DISABLE_CRYPTO_AUTH)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "vauth/vauth.h"
#include "vauth/digest.h"
@@ -37,9 +37,10 @@
#include "vtls/vtls.h"
#include "warnless.h"
#include "strtok.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "non-ascii.h" /* included for Curl_convert_... prototypes */
#include "curl_printf.h"
+#include "rand.h"
/* The last #include files should be: */
#include "curl_memory.h"
@@ -59,7 +60,7 @@
what ultimately goes over the network.
*/
#define CURL_OUTPUT_DIGEST_CONV(a, b) \
- result = Curl_convert_to_network(a, (char *)b, strlen((const char*)b)); \
+ result = Curl_convert_to_network(a, (char *)b, strlen((const char *)b)); \
if(result) { \
free(b); \
return result; \
@@ -204,7 +205,7 @@ static CURLcode auth_digest_get_qop_values(const char
*options, int *value)
{
char *tmp;
char *token;
- char *tok_buf;
+ char *tok_buf = NULL;
/* Initialise the output */
*value = 0;
@@ -217,11 +218,11 @@ static CURLcode auth_digest_get_qop_values(const char
*options, int *value)
token = strtok_r(tmp, ",", &tok_buf);
while(token != NULL) {
- if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH))
+ if(strcasecompare(token, DIGEST_QOP_VALUE_STRING_AUTH))
*value |= DIGEST_QOP_VALUE_AUTH;
- else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_INT))
+ else if(strcasecompare(token, DIGEST_QOP_VALUE_STRING_AUTH_INT))
*value |= DIGEST_QOP_VALUE_AUTH_INT;
- else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_CONF))
+ else if(strcasecompare(token, DIGEST_QOP_VALUE_STRING_AUTH_CONF))
*value |= DIGEST_QOP_VALUE_AUTH_CONF;
token = strtok_r(NULL, ",", &tok_buf);
@@ -236,7 +237,7 @@ static CURLcode auth_digest_get_qop_values(const char
*options, int *value)
* auth_decode_digest_md5_message()
*
* This is used internally to decode an already encoded DIGEST-MD5 challenge
- * message into the seperate attributes.
+ * message into the separate attributes.
*
* Parameters:
*
@@ -359,13 +360,12 @@ CURLcode Curl_auth_create_digest_md5_message(struct
Curl_easy *data,
char qop_options[64];
int qop_values;
char cnonce[33];
- unsigned int entropy[4];
char nonceCount[] = "00000001";
char method[] = "AUTHENTICATE";
char qop[] = DIGEST_QOP_VALUE_STRING_AUTH;
char *spn = NULL;
- /* Decode the challange message */
+ /* Decode the challenge message */
result = auth_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
realm, sizeof(realm),
algorithm, sizeof(algorithm),
@@ -386,15 +386,10 @@ CURLcode Curl_auth_create_digest_md5_message(struct
Curl_easy *data,
if(!(qop_values & DIGEST_QOP_VALUE_AUTH))
return CURLE_BAD_CONTENT_ENCODING;
- /* Generate 16 bytes of random data */
- entropy[0] = Curl_rand(data);
- entropy[1] = Curl_rand(data);
- entropy[2] = Curl_rand(data);
- entropy[3] = Curl_rand(data);
-
- /* Convert the random data into a 32 byte hex string */
- snprintf(cnonce, sizeof(cnonce), "%08x%08x%08x%08x",
- entropy[0], entropy[1], entropy[2], entropy[3]);
+ /* Generate 32 random hex chars, 32 bytes + 1 zero termination */
+ result = Curl_rand_hex(data, (unsigned char *)cnonce, sizeof(cnonce));
+ if(result)
+ return result;
/* So far so good, now calculate A1 and H(A1) according to RFC 2831 */
ctxt = Curl_MD5_init(Curl_DIGEST_MD5);
@@ -502,7 +497,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct
Curl_easy *data,
/*
* Curl_auth_decode_digest_http_message()
*
- * This is used to decode a HTTP DIGEST challenge message into the seperate
+ * This is used to decode a HTTP DIGEST challenge message into the separate
* attributes.
*
* Parameters:
@@ -538,32 +533,32 @@ CURLcode Curl_auth_decode_digest_http_message(const char
*chlg,
/* Extract a value=content pair */
if(Curl_auth_digest_get_pair(chlg, value, content, &chlg)) {
- if(Curl_raw_equal(value, "nonce")) {
+ if(strcasecompare(value, "nonce")) {
free(digest->nonce);
digest->nonce = strdup(content);
if(!digest->nonce)
return CURLE_OUT_OF_MEMORY;
}
- else if(Curl_raw_equal(value, "stale")) {
- if(Curl_raw_equal(content, "true")) {
+ else if(strcasecompare(value, "stale")) {
+ if(strcasecompare(content, "true")) {
digest->stale = TRUE;
digest->nc = 1; /* we make a new nonce now */
}
}
- else if(Curl_raw_equal(value, "realm")) {
+ else if(strcasecompare(value, "realm")) {
free(digest->realm);
digest->realm = strdup(content);
if(!digest->realm)
return CURLE_OUT_OF_MEMORY;
}
- else if(Curl_raw_equal(value, "opaque")) {
+ else if(strcasecompare(value, "opaque")) {
free(digest->opaque);
digest->opaque = strdup(content);
if(!digest->opaque)
return CURLE_OUT_OF_MEMORY;
}
- else if(Curl_raw_equal(value, "qop")) {
- char *tok_buf;
+ else if(strcasecompare(value, "qop")) {
+ char *tok_buf = NULL;
/* Tokenize the list and choose auth if possible, use a temporary
clone of the buffer since strtok_r() ruins it */
tmp = strdup(content);
@@ -572,10 +567,10 @@ CURLcode Curl_auth_decode_digest_http_message(const char
*chlg,
token = strtok_r(tmp, ",", &tok_buf);
while(token != NULL) {
- if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH)) {
+ if(strcasecompare(token, DIGEST_QOP_VALUE_STRING_AUTH)) {
foundAuth = TRUE;
}
- else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_INT)) {
+ else if(strcasecompare(token, DIGEST_QOP_VALUE_STRING_AUTH_INT)) {
foundAuthInt = TRUE;
}
token = strtok_r(NULL, ",", &tok_buf);
@@ -597,15 +592,15 @@ CURLcode Curl_auth_decode_digest_http_message(const char
*chlg,
return CURLE_OUT_OF_MEMORY;
}
}
- else if(Curl_raw_equal(value, "algorithm")) {
+ else if(strcasecompare(value, "algorithm")) {
free(digest->algorithm);
digest->algorithm = strdup(content);
if(!digest->algorithm)
return CURLE_OUT_OF_MEMORY;
- if(Curl_raw_equal(content, "MD5-sess"))
+ if(strcasecompare(content, "MD5-sess"))
digest->algo = CURLDIGESTALGO_MD5SESS;
- else if(Curl_raw_equal(content, "MD5"))
+ else if(strcasecompare(content, "MD5"))
digest->algo = CURLDIGESTALGO_MD5;
else
return CURLE_BAD_CONTENT_ENCODING;
@@ -684,9 +679,10 @@ CURLcode Curl_auth_create_digest_http_message(struct
Curl_easy *data,
digest->nc = 1;
if(!digest->cnonce) {
- snprintf(cnoncebuf, sizeof(cnoncebuf), "%08x%08x%08x%08x",
- Curl_rand(data), Curl_rand(data),
- Curl_rand(data), Curl_rand(data));
+ result = Curl_rand_hex(data, (unsigned char *)cnoncebuf,
+ sizeof(cnoncebuf));
+ if(result)
+ return result;
result = Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf),
&cnonce, &cnonce_sz);
@@ -744,7 +740,7 @@ CURLcode Curl_auth_create_digest_http_message(struct
Curl_easy *data,
md5this = (unsigned char *) aprintf("%s:%s", request, uripath);
- if(digest->qop && Curl_raw_equal(digest->qop, "auth-int")) {
+ if(digest->qop && strcasecompare(digest->qop, "auth-int")) {
/* We don't support auth-int for PUT or POST at the moment.
TODO: replace md5 of empty string with entity-body for PUT/POST */
unsigned char *md5this2 = (unsigned char *)
@@ -820,7 +816,7 @@ CURLcode Curl_auth_create_digest_http_message(struct
Curl_easy *data,
digest->qop,
request_digest);
- if(Curl_raw_equal(digest->qop, "auth"))
+ if(strcasecompare(digest->qop, "auth"))
digest->nc++; /* The nc (from RFC) has to be a 8 hex digit number 0
padded which tells to the server how many times you are
using the same nonce in the qop=auth mode */
diff --git a/lib/vauth/digest.h b/lib/vauth/digest.h
index 5722dcece..d0ea27778 100644
--- a/lib/vauth/digest.h
+++ b/lib/vauth/digest.h
@@ -22,7 +22,7 @@
*
***************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#if !defined(CURL_DISABLE_CRYPTO_AUTH)
diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index 1cc704d58..3d583e417 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -6,7 +6,7 @@
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2014 - 2016, Steve Holme, <address@hidden>.
- * Copyright (C) 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2015 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -27,7 +27,7 @@
#if defined(USE_WINDOWS_SSPI) && !defined(CURL_DISABLE_CRYPTO_AUTH)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "vauth/vauth.h"
#include "vauth/digest.h"
@@ -37,7 +37,7 @@
#include "curl_multibyte.h"
#include "sendf.h"
#include "strdup.h"
-#include "rawstr.h"
+#include "strcase.h"
/* The last #include files should be: */
#include "curl_memory.h"
@@ -277,7 +277,7 @@ CURLcode Curl_override_sspi_http_realm(const char *chlg,
/* Extract a value=content pair */
if(Curl_auth_digest_get_pair(chlg, value, content, &chlg)) {
- if(Curl_raw_equal(value, "realm")) {
+ if(strcasecompare(value, "realm")) {
/* Setup identity's domain and length */
domain.tchar_ptr = Curl_convert_UTF8_to_tchar((char *) content);
@@ -320,7 +320,7 @@ CURLcode Curl_override_sspi_http_realm(const char *chlg,
/*
* Curl_auth_decode_digest_http_message()
*
- * This is used to decode a HTTP DIGEST challenge message into the seperate
+ * This is used to decode a HTTP DIGEST challenge message into the separate
* attributes.
*
* Parameters:
@@ -335,13 +335,44 @@ CURLcode Curl_auth_decode_digest_http_message(const char
*chlg,
{
size_t chlglen = strlen(chlg);
- /* We had an input token before and we got another one now. This means we
- provided bad credentials in the previous request. */
- if(digest->input_token)
- return CURLE_BAD_CONTENT_ENCODING;
+ /* We had an input token before so if there's another one now that means we
+ provided bad credentials in the previous request or it's stale. */
+ if(digest->input_token) {
+ bool stale = false;
+ const char *p = chlg;
+
+ /* Check for the 'stale' directive */
+ for(;;) {
+ char value[DIGEST_MAX_VALUE_LENGTH];
+ char content[DIGEST_MAX_CONTENT_LENGTH];
+
+ while(*p && ISSPACE(*p))
+ p++;
- /* Simply store the challenge for use later */
- digest->input_token = (BYTE *) Curl_memdup(chlg, chlglen);
+ if(!Curl_auth_digest_get_pair(p, value, content, &p))
+ break;
+
+ if(Curl_strcasecompare(value, "stale")
+ && Curl_strcasecompare(content, "true")) {
+ stale = true;
+ break;
+ }
+
+ while(*p && ISSPACE(*p))
+ p++;
+
+ if(',' == *p)
+ p++;
+ }
+
+ if(stale)
+ Curl_auth_digest_cleanup(digest);
+ else
+ return CURLE_LOGIN_DENIED;
+ }
+
+ /* Store the challenge for use later */
+ digest->input_token = (BYTE *) Curl_memdup(chlg, chlglen + 1);
if(!digest->input_token)
return CURLE_OUT_OF_MEMORY;
@@ -379,21 +410,13 @@ CURLcode Curl_auth_create_digest_http_message(struct
Curl_easy *data,
char **outptr, size_t *outlen)
{
size_t token_max;
- CredHandle credentials;
- CtxtHandle context;
char *resp;
BYTE *output_token;
+ size_t output_token_len = 0;
PSecPkgInfo SecurityPackage;
- SEC_WINNT_AUTH_IDENTITY identity;
- SEC_WINNT_AUTH_IDENTITY *p_identity;
- SecBuffer chlg_buf[3];
- SecBuffer resp_buf;
+ SecBuffer chlg_buf[5];
SecBufferDesc chlg_desc;
- SecBufferDesc resp_desc;
SECURITY_STATUS status;
- unsigned long attrs;
- TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */
- TCHAR *spn;
(void) data;
@@ -408,123 +431,205 @@ CURLcode Curl_auth_create_digest_http_message(struct
Curl_easy *data,
/* Release the package buffer as it is not required anymore */
s_pSecFn->FreeContextBuffer(SecurityPackage);
- if(userp && *userp) {
- /* Populate our identity structure */
- if(Curl_create_sspi_identity(userp, passwdp, &identity))
- return CURLE_OUT_OF_MEMORY;
+ /* Allocate the output buffer according to the max token size as indicated
+ by the security package */
+ output_token = malloc(token_max);
+ if(!output_token) {
+ return CURLE_OUT_OF_MEMORY;
+ }
- /* Populate our identity domain */
- if(Curl_override_sspi_http_realm((const char*) digest->input_token,
- &identity))
- return CURLE_OUT_OF_MEMORY;
+ /* If the user/passwd that was used to make the identity for http_context
+ has changed then delete that context. */
+ if((userp && !digest->user) || (!userp && digest->user) ||
+ (passwdp && !digest->passwd) || (!passwdp && digest->passwd) ||
+ (userp && digest->user && strcmp(userp, digest->user)) ||
+ (passwdp && digest->passwd && strcmp(passwdp, digest->passwd))) {
+ if(digest->http_context) {
+ s_pSecFn->DeleteSecurityContext(digest->http_context);
+ Curl_safefree(digest->http_context);
+ }
+ Curl_safefree(digest->user);
+ Curl_safefree(digest->passwd);
+ }
- /* Allow proper cleanup of the identity structure */
- p_identity = &identity;
+ if(digest->http_context) {
+ chlg_desc.ulVersion = SECBUFFER_VERSION;
+ chlg_desc.cBuffers = 5;
+ chlg_desc.pBuffers = chlg_buf;
+ chlg_buf[0].BufferType = SECBUFFER_TOKEN;
+ chlg_buf[0].pvBuffer = NULL;
+ chlg_buf[0].cbBuffer = 0;
+ chlg_buf[1].BufferType = SECBUFFER_PKG_PARAMS;
+ chlg_buf[1].pvBuffer = (void *) request;
+ chlg_buf[1].cbBuffer = curlx_uztoul(strlen((const char *) request));
+ chlg_buf[2].BufferType = SECBUFFER_PKG_PARAMS;
+ chlg_buf[2].pvBuffer = (void *) uripath;
+ chlg_buf[2].cbBuffer = curlx_uztoul(strlen((const char *) uripath));
+ chlg_buf[3].BufferType = SECBUFFER_PKG_PARAMS;
+ chlg_buf[3].pvBuffer = NULL;
+ chlg_buf[3].cbBuffer = 0;
+ chlg_buf[4].BufferType = SECBUFFER_PADDING;
+ chlg_buf[4].pvBuffer = output_token;
+ chlg_buf[4].cbBuffer = curlx_uztoul(token_max);
+
+ status = s_pSecFn->MakeSignature(digest->http_context, 0, &chlg_desc, 0);
+ if(status == SEC_E_OK)
+ output_token_len = chlg_buf[4].cbBuffer;
+ else { /* delete the context so a new one can be made */
+ infof(data, "digest_sspi: MakeSignature failed, error 0x%08lx\n",
+ (long)status);
+ s_pSecFn->DeleteSecurityContext(digest->http_context);
+ Curl_safefree(digest->http_context);
+ }
}
- else
- /* Use the current Windows user */
- p_identity = NULL;
- /* Acquire our credentials handle */
- status = s_pSecFn->AcquireCredentialsHandle(NULL,
- (TCHAR *) TEXT(SP_NAME_DIGEST),
- SECPKG_CRED_OUTBOUND, NULL,
- p_identity, NULL, NULL,
- &credentials, &expiry);
- if(status != SEC_E_OK) {
- Curl_sspi_free_identity(p_identity);
+ if(!digest->http_context) {
+ CredHandle credentials;
+ SEC_WINNT_AUTH_IDENTITY identity;
+ SEC_WINNT_AUTH_IDENTITY *p_identity;
+ SecBuffer resp_buf;
+ SecBufferDesc resp_desc;
+ unsigned long attrs;
+ TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */
+ TCHAR *spn;
+
+ /* free the copy of user/passwd used to make the previous identity */
+ Curl_safefree(digest->user);
+ Curl_safefree(digest->passwd);
+
+ if(userp && *userp) {
+ /* Populate our identity structure */
+ if(Curl_create_sspi_identity(userp, passwdp, &identity)) {
+ free(output_token);
+ return CURLE_OUT_OF_MEMORY;
+ }
- return CURLE_LOGIN_DENIED;
- }
+ /* Populate our identity domain */
+ if(Curl_override_sspi_http_realm((const char *) digest->input_token,
+ &identity)) {
+ free(output_token);
+ return CURLE_OUT_OF_MEMORY;
+ }
- /* Allocate the output buffer according to the max token size as indicated
- by the security package */
- output_token = malloc(token_max);
- if(!output_token) {
- s_pSecFn->FreeCredentialsHandle(&credentials);
+ /* Allow proper cleanup of the identity structure */
+ p_identity = &identity;
+ }
+ else
+ /* Use the current Windows user */
+ p_identity = NULL;
- Curl_sspi_free_identity(p_identity);
+ if(userp) {
+ digest->user = strdup(userp);
- return CURLE_OUT_OF_MEMORY;
- }
+ if(!digest->user) {
+ free(output_token);
+ return CURLE_OUT_OF_MEMORY;
+ }
+ }
- /* Setup the challenge "input" security buffer if present */
- chlg_desc.ulVersion = SECBUFFER_VERSION;
- chlg_desc.cBuffers = 3;
- chlg_desc.pBuffers = chlg_buf;
- chlg_buf[0].BufferType = SECBUFFER_TOKEN;
- chlg_buf[0].pvBuffer = digest->input_token;
- chlg_buf[0].cbBuffer = curlx_uztoul(digest->input_token_len);
- chlg_buf[1].BufferType = SECBUFFER_PKG_PARAMS;
- chlg_buf[1].pvBuffer = (void *) request;
- chlg_buf[1].cbBuffer = curlx_uztoul(strlen((const char *) request));
- chlg_buf[2].BufferType = SECBUFFER_PKG_PARAMS;
- chlg_buf[2].pvBuffer = NULL;
- chlg_buf[2].cbBuffer = 0;
+ if(passwdp) {
+ digest->passwd = strdup(passwdp);
- /* Setup the response "output" security buffer */
- resp_desc.ulVersion = SECBUFFER_VERSION;
- resp_desc.cBuffers = 1;
- resp_desc.pBuffers = &resp_buf;
- resp_buf.BufferType = SECBUFFER_TOKEN;
- resp_buf.pvBuffer = output_token;
- resp_buf.cbBuffer = curlx_uztoul(token_max);
+ if(!digest->passwd) {
+ free(output_token);
+ Curl_safefree(digest->user);
+ return CURLE_OUT_OF_MEMORY;
+ }
+ }
- spn = Curl_convert_UTF8_to_tchar((char *) uripath);
- if(!spn) {
- s_pSecFn->FreeCredentialsHandle(&credentials);
+ /* Acquire our credentials handle */
+ status = s_pSecFn->AcquireCredentialsHandle(NULL,
+ (TCHAR *) TEXT(SP_NAME_DIGEST),
+ SECPKG_CRED_OUTBOUND, NULL,
+ p_identity, NULL, NULL,
+ &credentials, &expiry);
+ if(status != SEC_E_OK) {
+ Curl_sspi_free_identity(p_identity);
+ free(output_token);
- Curl_sspi_free_identity(p_identity);
- free(output_token);
+ return CURLE_LOGIN_DENIED;
+ }
- return CURLE_OUT_OF_MEMORY;
- }
+ /* Setup the challenge "input" security buffer if present */
+ chlg_desc.ulVersion = SECBUFFER_VERSION;
+ chlg_desc.cBuffers = 3;
+ chlg_desc.pBuffers = chlg_buf;
+ chlg_buf[0].BufferType = SECBUFFER_TOKEN;
+ chlg_buf[0].pvBuffer = digest->input_token;
+ chlg_buf[0].cbBuffer = curlx_uztoul(digest->input_token_len);
+ chlg_buf[1].BufferType = SECBUFFER_PKG_PARAMS;
+ chlg_buf[1].pvBuffer = (void *) request;
+ chlg_buf[1].cbBuffer = curlx_uztoul(strlen((const char *) request));
+ chlg_buf[2].BufferType = SECBUFFER_PKG_PARAMS;
+ chlg_buf[2].pvBuffer = NULL;
+ chlg_buf[2].cbBuffer = 0;
+
+ /* Setup the response "output" security buffer */
+ resp_desc.ulVersion = SECBUFFER_VERSION;
+ resp_desc.cBuffers = 1;
+ resp_desc.pBuffers = &resp_buf;
+ resp_buf.BufferType = SECBUFFER_TOKEN;
+ resp_buf.pvBuffer = output_token;
+ resp_buf.cbBuffer = curlx_uztoul(token_max);
+
+ spn = Curl_convert_UTF8_to_tchar((char *) uripath);
+ if(!spn) {
+ s_pSecFn->FreeCredentialsHandle(&credentials);
+
+ Curl_sspi_free_identity(p_identity);
+ free(output_token);
- /* Generate our reponse message */
- status = s_pSecFn->InitializeSecurityContext(&credentials, NULL,
- spn,
- ISC_REQ_USE_HTTP_STYLE, 0, 0,
- &chlg_desc, 0, &context,
- &resp_desc, &attrs, &expiry);
- Curl_unicodefree(spn);
+ return CURLE_OUT_OF_MEMORY;
+ }
- if(status == SEC_I_COMPLETE_NEEDED ||
- status == SEC_I_COMPLETE_AND_CONTINUE)
- s_pSecFn->CompleteAuthToken(&credentials, &resp_desc);
- else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) {
- s_pSecFn->FreeCredentialsHandle(&credentials);
+ /* Allocate our new context handle */
+ digest->http_context = calloc(1, sizeof(CtxtHandle));
+ if(!digest->http_context)
+ return CURLE_OUT_OF_MEMORY;
- Curl_sspi_free_identity(p_identity);
- free(output_token);
+ /* Generate our response message */
+ status = s_pSecFn->InitializeSecurityContext(&credentials, NULL,
+ spn,
+ ISC_REQ_USE_HTTP_STYLE, 0, 0,
+ &chlg_desc, 0,
+ digest->http_context,
+ &resp_desc, &attrs, &expiry);
+ Curl_unicodefree(spn);
+
+ if(status == SEC_I_COMPLETE_NEEDED ||
+ status == SEC_I_COMPLETE_AND_CONTINUE)
+ s_pSecFn->CompleteAuthToken(&credentials, &resp_desc);
+ else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) {
+ s_pSecFn->FreeCredentialsHandle(&credentials);
+
+ Curl_sspi_free_identity(p_identity);
+ free(output_token);
- return CURLE_OUT_OF_MEMORY;
- }
+ Curl_safefree(digest->http_context);
- resp = malloc(resp_buf.cbBuffer + 1);
- if(!resp) {
- s_pSecFn->DeleteSecurityContext(&context);
- s_pSecFn->FreeCredentialsHandle(&credentials);
+ return CURLE_OUT_OF_MEMORY;
+ }
+
+ output_token_len = resp_buf.cbBuffer;
+ s_pSecFn->FreeCredentialsHandle(&credentials);
Curl_sspi_free_identity(p_identity);
+ }
+
+ resp = malloc(output_token_len + 1);
+ if(!resp) {
free(output_token);
return CURLE_OUT_OF_MEMORY;
}
- /* Copy the generated reponse */
- memcpy(resp, resp_buf.pvBuffer, resp_buf.cbBuffer);
- resp[resp_buf.cbBuffer] = 0x00;
+ /* Copy the generated response */
+ memcpy(resp, output_token, output_token_len);
+ resp[output_token_len] = 0;
/* Return the response */
*outptr = resp;
- *outlen = resp_buf.cbBuffer;
-
- /* Free our handles */
- s_pSecFn->DeleteSecurityContext(&context);
- s_pSecFn->FreeCredentialsHandle(&credentials);
-
- /* Free the identity structure */
- Curl_sspi_free_identity(p_identity);
+ *outlen = output_token_len;
/* Free the response buffer */
free(output_token);
@@ -549,6 +654,16 @@ void Curl_auth_digest_cleanup(struct digestdata *digest)
/* Reset any variables */
digest->input_token_len = 0;
+
+ /* Delete security context */
+ if(digest->http_context) {
+ s_pSecFn->DeleteSecurityContext(digest->http_context);
+ Curl_safefree(digest->http_context);
+ }
+
+ /* Free the copy of user/passwd used to make the identity for http_context */
+ Curl_safefree(digest->user);
+ Curl_safefree(digest->passwd);
}
#endif /* USE_WINDOWS_SSPI && !CURL_DISABLE_CRYPTO_AUTH */
diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c
index c754fae45..bb9a94a4d 100644
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2014 - 2016, Steve Holme, <address@hidden>.
+ * Copyright (C) 2014 - 2017, Steve Holme, <address@hidden>.
* Copyright (C) 2015, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
@@ -27,7 +27,7 @@
#if defined(HAVE_GSSAPI) && defined(USE_KERBEROS5)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "vauth/vauth.h"
#include "curl_sasl.h"
@@ -68,7 +68,7 @@ bool Curl_auth_is_gssapi_supported(void)
* passdwp [in] - The user's password.
* service [in] - The service type such as http, smtp, pop or imap.
* host [in[ - The host name.
- * mutual_auth [in] - Flag specifing whether or not mutual authentication
+ * mutual_auth [in] - Flag specifying whether or not mutual authentication
* is enabled.
* chlg64 [in] - Pointer to the optional base64 encoded challenge
* message.
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 151794e61..afff1dae9 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2014 - 2016, Steve Holme, <address@hidden>.
+ * Copyright (C) 2014 - 2017, Steve Holme, <address@hidden>.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -26,7 +26,7 @@
#if defined(USE_WINDOWS_SSPI) && defined(USE_KERBEROS5)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "vauth/vauth.h"
#include "urldata.h"
@@ -74,7 +74,7 @@ bool Curl_auth_is_gssapi_supported(void)
* passdwp [in] - The user's password.
* service [in] - The service type such as http, smtp, pop or imap.
* host [in] - The host name.
- * mutual_auth [in] - Flag specifing whether or not mutual authentication
+ * mutual_auth [in] - Flag specifying whether or not mutual authentication
* is enabled.
* chlg64 [in] - The optional base64 encoded challenge message.
* krb5 [in/out] - The Kerberos 5 data struct being used and modified.
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index b484a011a..42196455f 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -27,7 +27,7 @@
/*
* NTLM details:
*
- * http://davenport.sourceforge.net/ntlm.html
+ * https://davenport.sourceforge.io/ntlm.html
* https://www.innovation.ch/java/ntlm.html
*/
@@ -41,7 +41,7 @@
#include "curl_gethostname.h"
#include "curl_multibyte.h"
#include "warnless.h"
-
+#include "rand.h"
#include "vtls/vtls.h"
#ifdef USE_NSS
@@ -394,7 +394,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(const char
*userp,
/* Clean up any former leftovers and initialise to defaults */
Curl_auth_ntlm_cleanup(ntlm);
-#if USE_NTRESPONSES && USE_NTLM2SESSION
+#if defined(USE_NTRESPONSES) && defined(USE_NTLM2SESSION)
#define NTLM2FLAG NTLMFLAG_NEGOTIATE_NTLM2_KEY
#else
#define NTLM2FLAG 0
@@ -509,7 +509,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct
Curl_easy *data,
unsigned char ntlmbuf[NTLM_BUFSIZE];
int lmrespoff;
unsigned char lmresp[24]; /* fixed-size */
-#if USE_NTRESPONSES
+#ifdef USE_NTRESPONSES
int ntrespoff;
unsigned int ntresplen = 24;
unsigned char ntresp[24]; /* fixed-size */
@@ -552,14 +552,15 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct
Curl_easy *data,
hostlen = strlen(host);
}
-#if USE_NTRESPONSES && USE_NTLM_V2
+#if defined(USE_NTRESPONSES) && defined(USE_NTLM_V2)
if(ntlm->target_info_len) {
unsigned char ntbuffer[0x18];
- unsigned int entropy[2];
+ unsigned char entropy[8];
unsigned char ntlmv2hash[0x18];
- entropy[0] = Curl_rand(data);
- entropy[1] = Curl_rand(data);
+ result = Curl_rand(data, entropy, 8);
+ if(result)
+ return result;
result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer);
if(result)
@@ -571,15 +572,13 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct
Curl_easy *data,
return result;
/* LMv2 response */
- result = Curl_ntlm_core_mk_lmv2_resp(ntlmv2hash,
- (unsigned char *)&entropy[0],
+ result = Curl_ntlm_core_mk_lmv2_resp(ntlmv2hash, entropy,
&ntlm->nonce[0], lmresp);
if(result)
return result;
/* NTLMv2 response */
- result = Curl_ntlm_core_mk_ntlmv2_resp(ntlmv2hash,
- (unsigned char *)&entropy[0],
+ result = Curl_ntlm_core_mk_ntlmv2_resp(ntlmv2hash, entropy,
ntlm, &ntlmv2resp, &ntresplen);
if(result)
return result;
@@ -589,17 +588,18 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct
Curl_easy *data,
else
#endif
-#if USE_NTRESPONSES && USE_NTLM2SESSION
+#if defined(USE_NTRESPONSES) && defined(USE_NTLM2SESSION)
/* We don't support NTLM2 if we don't have USE_NTRESPONSES */
if(ntlm->flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) {
unsigned char ntbuffer[0x18];
unsigned char tmp[0x18];
unsigned char md5sum[MD5_DIGEST_LENGTH];
- unsigned int entropy[2];
+ unsigned char entropy[8];
/* Need to create 8 bytes random data */
- entropy[0] = Curl_rand(data);
- entropy[1] = Curl_rand(data);
+ result = Curl_rand(data, entropy, 8);
+ if(result)
+ return result;
/* 8 bytes random data as challenge in lmresp */
memcpy(lmresp, entropy, 8);
@@ -628,12 +628,12 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct
Curl_easy *data,
#endif
{
-#if USE_NTRESPONSES
+#ifdef USE_NTRESPONSES
unsigned char ntbuffer[0x18];
#endif
unsigned char lmbuffer[0x18];
-#if USE_NTRESPONSES
+#ifdef USE_NTRESPONSES
result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer);
if(result)
return result;
@@ -649,7 +649,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct
Curl_easy *data,
/* A safer but less compatible alternative is:
* Curl_ntlm_core_lm_resp(ntbuffer, &ntlm->nonce[0], lmresp);
- * See http://davenport.sourceforge.net/ntlm.html#ntlmVersion2 */
+ * See https://davenport.sourceforge.io/ntlm.html#ntlmVersion2 */
}
if(unicode) {
@@ -659,7 +659,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct
Curl_easy *data,
}
lmrespoff = 64; /* size of the message header */
-#if USE_NTRESPONSES
+#ifdef USE_NTRESPONSES
ntrespoff = lmrespoff + 0x18;
domoff = ntrespoff + ntresplen;
#else
@@ -719,7 +719,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct
Curl_easy *data,
SHORTPAIR(lmrespoff),
0x0, 0x0,
-#if USE_NTRESPONSES
+#ifdef USE_NTRESPONSES
SHORTPAIR(ntresplen), /* NT-response length, twice */
SHORTPAIR(ntresplen),
SHORTPAIR(ntrespoff),
@@ -766,7 +766,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct
Curl_easy *data,
ntlm_print_hex(stderr, (char *)&ntlmbuf[lmrespoff], 0x18);
});
-#if USE_NTRESPONSES
+#ifdef USE_NTRESPONSES
if(size < (NTLM_BUFSIZE - ntresplen)) {
DEBUGASSERT(size == (size_t)ntrespoff);
memcpy(&ntlmbuf[size], ptr_ntresp, ntresplen);
diff --git a/lib/vauth/ntlm.h b/lib/vauth/ntlm.h
index b14e7a56a..f906a3c7a 100644
--- a/lib/vauth/ntlm.h
+++ b/lib/vauth/ntlm.h
@@ -32,7 +32,7 @@
/* Stuff only required for curl_ntlm_msgs.c */
#ifdef BUILDING_CURL_NTLM_MSGS_C
-/* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */
+/* Flag bits definitions based on https://davenport.sourceforge.io/ntlm.html */
#define NTLMFLAG_NEGOTIATE_UNICODE (1<<0)
/* Indicates that Unicode strings are supported for use in security buffer
diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c
index c3305176d..227d6de50 100644
--- a/lib/vauth/ntlm_sspi.c
+++ b/lib/vauth/ntlm_sspi.c
@@ -24,7 +24,7 @@
#if defined(USE_WINDOWS_SSPI) && defined(USE_NTLM)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "vauth/vauth.h"
#include "urldata.h"
diff --git a/lib/vauth/oauth2.c b/lib/vauth/oauth2.c
index 6288f89a3..28f64e105 100644
--- a/lib/vauth/oauth2.c
+++ b/lib/vauth/oauth2.c
@@ -24,7 +24,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "vauth/vauth.h"
diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
index 8840db8fd..04d238b9a 100644
--- a/lib/vauth/spnego_gssapi.c
+++ b/lib/vauth/spnego_gssapi.c
@@ -26,7 +26,7 @@
#if defined(HAVE_GSSAPI) && defined(USE_SPNEGO)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "vauth/vauth.h"
#include "urldata.h"
@@ -180,6 +180,10 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy
*data,
return CURLE_OUT_OF_MEMORY;
}
+ /* Free previous token */
+ if(nego->output_token.length && nego->output_token.value)
+ gss_release_buffer(&unused_status, &nego->output_token);
+
nego->output_token = output_token;
return CURLE_OK;
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index 672b43fa4..b1b04aadf 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -26,7 +26,7 @@
#if defined(USE_WINDOWS_SSPI) && defined(USE_SPNEGO)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "vauth/vauth.h"
#include "urldata.h"
@@ -34,6 +34,7 @@
#include "warnless.h"
#include "curl_multibyte.h"
#include "sendf.h"
+#include "strerror.h"
/* The last #include files should be: */
#include "curl_memory.h"
@@ -224,6 +225,8 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy
*data,
free(chlg);
if(GSS_ERROR(nego->status)) {
+ failf(data, "InitializeSecurityContext failed: %s",
+ Curl_sspi_strerror(data->easy_conn, nego->status));
return CURLE_OUT_OF_MEMORY;
}
@@ -264,7 +267,7 @@ CURLcode Curl_auth_create_spnego_message(struct Curl_easy
*data,
/* Base64 encode the already generated response */
result = Curl_base64_encode(data,
- (const char*) nego->output_token,
+ (const char *) nego->output_token,
nego->output_token_length,
outptr, outlen);
diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c
index b995f34e2..9d17ae8c2 100644
--- a/lib/vauth/vauth.c
+++ b/lib/vauth/vauth.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "vauth.h"
#include "curl_multibyte.h"
diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h
index 9d61228c3..24b7d24d8 100644
--- a/lib/vauth/vauth.h
+++ b/lib/vauth/vauth.h
@@ -22,7 +22,7 @@
*
***************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
struct Curl_easy;
diff --git a/lib/version.c b/lib/version.c
index 12924453c..9207c3384 100644
--- a/lib/version.c
+++ b/lib/version.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "vtls/vtls.h"
#include "http2.h"
@@ -36,8 +36,8 @@
# include <ares.h>
#endif
-#ifdef USE_LIBIDN
-#include <stringprep.h>
+#ifdef USE_LIBIDN2
+#include <idn2.h>
#endif
#ifdef USE_LIBPSL
@@ -111,9 +111,9 @@ char *curl_version(void)
left -= len;
ptr += len;
#endif
-#ifdef USE_LIBIDN
- if(stringprep_check_version(LIBIDN_REQUIRED_VERSION)) {
- len = snprintf(ptr, left, " libidn/%s", stringprep_check_version(NULL));
+#ifdef USE_LIBIDN2
+ if(idn2_check_version(IDN2_VERSION)) {
+ len = snprintf(ptr, left, " libidn2/%s", idn2_check_version(NULL));
left -= len;
ptr += len;
}
@@ -324,6 +324,9 @@ static curl_version_info_data version_info = {
#if defined(USE_LIBPSL)
| CURL_VERSION_PSL
#endif
+#if defined(HTTPS_PROXY_SUPPORT)
+ | CURL_VERSION_HTTPS_PROXY
+#endif
,
NULL, /* ssl_version */
0, /* ssl_version_num, this is kept at zero */
@@ -365,10 +368,10 @@ curl_version_info_data *curl_version_info(CURLversion
stamp)
version_info.ares_num = aresnum;
}
#endif
-#ifdef USE_LIBIDN
+#ifdef USE_LIBIDN2
/* This returns a version string if we use the given version or later,
otherwise it returns NULL */
- version_info.libidn = stringprep_check_version(LIBIDN_REQUIRED_VERSION);
+ version_info.libidn = idn2_check_version(IDN2_VERSION);
if(version_info.libidn)
version_info.features |= CURL_VERSION_IDN;
#elif defined(USE_WIN32_IDN)
diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c
index b6c69ad51..f0e376640 100644
--- a/lib/vtls/axtls.c
+++ b/lib/vtls/axtls.c
@@ -6,7 +6,7 @@
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2010, DirecTV, Contact: Eric Hu, <address@hidden>.
- * Copyright (C) 2010 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2010 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -65,7 +65,7 @@ int Curl_axtls_cleanup(void)
static CURLcode map_error_to_curl(int axtls_err)
{
- switch (axtls_err) {
+ switch(axtls_err) {
case SSL_ERROR_NOT_SUPPORTED:
case SSL_ERROR_INVALID_VERSION:
case -70: /* protocol version alert from server */
@@ -121,7 +121,7 @@ static Curl_send axtls_send;
static void free_ssl_structs(struct ssl_connect_data *connssl)
{
if(connssl->ssl) {
- ssl_free (connssl->ssl);
+ ssl_free(connssl->ssl);
connssl->ssl = NULL;
}
if(connssl->ssl_ctx) {
@@ -156,9 +156,15 @@ static CURLcode connect_prep(struct connectdata *conn, int
sockindex)
same connection */
return CURLE_OK;
+ if(SSL_CONN_CONFIG(version_max) != CURL_SSLVERSION_MAX_NONE) {
+ failf(data, "axtls does not support CURL_SSLVERSION_MAX");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+
+
/* axTLS only supports TLSv1 */
/* check to see if we've been told to use an explicit SSL/TLS version */
- switch(data->set.ssl.version) {
+ switch(SSL_CONN_CONFIG(version)) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
break;
@@ -183,17 +189,17 @@ static CURLcode connect_prep(struct connectdata *conn,
int sockindex)
conn->ssl[sockindex].ssl = NULL;
/* Load the trusted CA cert bundle file */
- if(data->set.ssl.CAfile) {
- if(ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CACERT, data->set.ssl.CAfile, NULL)
- != SSL_OK) {
+ if(SSL_CONN_CONFIG(CAfile)) {
+ if(ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CACERT,
+ SSL_CONN_CONFIG(CAfile), NULL) != SSL_OK) {
infof(data, "error reading ca cert file %s \n",
- data->set.ssl.CAfile);
- if(data->set.ssl.verifypeer) {
+ SSL_CONN_CONFIG(CAfile));
+ if(SSL_CONN_CONFIG(verifypeer)) {
return CURLE_SSL_CACERT_BADFILE;
}
}
else
- infof(data, "found certificates in %s\n", data->set.ssl.CAfile);
+ infof(data, "found certificates in %s\n", SSL_CONN_CONFIG(CAfile));
}
/* gtls.c tasks we're skipping for now:
@@ -205,15 +211,15 @@ static CURLcode connect_prep(struct connectdata *conn,
int sockindex)
*/
/* Load client certificate */
- if(data->set.str[STRING_CERT]) {
+ if(SSL_SET_OPTION(cert)) {
i=0;
/* Instead of trying to analyze cert type here, let axTLS try them all. */
while(cert_types[i] != 0) {
ssl_fcn_return = ssl_obj_load(ssl_ctx, cert_types[i],
- data->set.str[STRING_CERT], NULL);
+ SSL_SET_OPTION(cert), NULL);
if(ssl_fcn_return == SSL_OK) {
infof(data, "successfully read cert file %s \n",
- data->set.str[STRING_CERT]);
+ SSL_SET_OPTION(cert));
break;
}
i++;
@@ -221,7 +227,7 @@ static CURLcode connect_prep(struct connectdata *conn, int
sockindex)
/* Tried all cert types, none worked. */
if(cert_types[i] == 0) {
failf(data, "%s is not x509 or pkcs12 format",
- data->set.str[STRING_CERT]);
+ SSL_SET_OPTION(cert));
return CURLE_SSL_CERTPROBLEM;
}
}
@@ -229,15 +235,15 @@ static CURLcode connect_prep(struct connectdata *conn,
int sockindex)
/* Load client key.
If a pkcs12 file successfully loaded a cert, then there's nothing to do
because the key has already been loaded. */
- if(data->set.str[STRING_KEY] && cert_types[i] != SSL_OBJ_PKCS12) {
+ if(SSL_SET_OPTION(key) && cert_types[i] != SSL_OBJ_PKCS12) {
i=0;
/* Instead of trying to analyze key type here, let axTLS try them all. */
while(key_types[i] != 0) {
ssl_fcn_return = ssl_obj_load(ssl_ctx, key_types[i],
- data->set.str[STRING_KEY], NULL);
+ SSL_SET_OPTION(key), NULL);
if(ssl_fcn_return == SSL_OK) {
infof(data, "successfully read key file %s \n",
- data->set.str[STRING_KEY]);
+ SSL_SET_OPTION(key));
break;
}
i++;
@@ -245,7 +251,7 @@ static CURLcode connect_prep(struct connectdata *conn, int
sockindex)
/* Tried all key types, none worked. */
if(key_types[i] == 0) {
failf(data, "Failure: %s is not a supported key file",
- data->set.str[STRING_KEY]);
+ SSL_SET_OPTION(key));
return CURLE_SSL_CONNECT_ERROR;
}
}
@@ -256,23 +262,24 @@ static CURLcode connect_prep(struct connectdata *conn,
int sockindex)
* 2) setting up callbacks. these seem gnutls specific
*/
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
const uint8_t *ssl_sessionid;
size_t ssl_idsize;
/* In axTLS, handshaking happens inside ssl_client_new. */
Curl_ssl_sessionid_lock(conn);
- if(!Curl_ssl_getsessionid(conn, (void **) &ssl_sessionid, &ssl_idsize)) {
+ if(!Curl_ssl_getsessionid(conn, (void **) &ssl_sessionid, &ssl_idsize,
+ sockindex)) {
/* we got a session id, use it! */
- infof (data, "SSL re-using session ID\n");
+ infof(data, "SSL re-using session ID\n");
ssl = ssl_client_new(ssl_ctx, conn->sock[sockindex],
- ssl_sessionid, (uint8_t)ssl_idsize);
+ ssl_sessionid, (uint8_t)ssl_idsize, NULL);
}
Curl_ssl_sessionid_unlock(conn);
}
if(!ssl)
- ssl = ssl_client_new(ssl_ctx, conn->sock[sockindex], NULL, 0);
+ ssl = ssl_client_new(ssl_ctx, conn->sock[sockindex], NULL, 0, NULL);
conn->ssl[sockindex].ssl = ssl;
return CURLE_OK;
@@ -291,13 +298,17 @@ static CURLcode connect_finish(struct connectdata *conn,
int sockindex)
const char *dns_altname;
int8_t found_subject_alt_names = 0;
int8_t found_subject_alt_name_matching_conn = 0;
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+ const char * const dispname = SSL_IS_PROXY() ?
+ conn->http_proxy.host.dispname : conn->host.dispname;
/* Here, gtls.c gets the peer certificates and fails out depending on
* settings in "data." axTLS api doesn't have get cert chain fcn, so omit?
*/
/* Verify server's certificate */
- if(data->set.ssl.verifypeer) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
if(ssl_verify_cert(ssl) != SSL_OK) {
Curl_axtls_close(conn, sockindex);
failf(data, "server cert verify failed");
@@ -328,8 +339,8 @@ static CURLcode connect_finish(struct connectdata *conn,
int sockindex)
found_subject_alt_names = 1;
infof(data, "\tComparing subject alt name DNS with hostname: %s <-> %s\n",
- dns_altname, conn->host.name);
- if(Curl_cert_hostcheck(dns_altname, conn->host.name)) {
+ dns_altname, hostname);
+ if(Curl_cert_hostcheck(dns_altname, hostname)) {
found_subject_alt_name_matching_conn = 1;
break;
}
@@ -337,23 +348,21 @@ static CURLcode connect_finish(struct connectdata *conn,
int sockindex)
/* RFC2818 checks */
if(found_subject_alt_names && !found_subject_alt_name_matching_conn) {
- if(data->set.ssl.verifyhost) {
+ if(SSL_CONN_CONFIG(verifyhost)) {
/* Break connection ! */
Curl_axtls_close(conn, sockindex);
- failf(data, "\tsubjectAltName(s) do not match %s\n",
- conn->host.dispname);
+ failf(data, "\tsubjectAltName(s) do not match %s\n", dispname);
return CURLE_PEER_FAILED_VERIFICATION;
}
else
- infof(data, "\tsubjectAltName(s) do not match %s\n",
- conn->host.dispname);
+ infof(data, "\tsubjectAltName(s) do not match %s\n", dispname);
}
else if(found_subject_alt_names == 0) {
/* Per RFC2818, when no Subject Alt Names were available, examine the peer
CN as a legacy fallback */
peer_CN = ssl_get_cert_dn(ssl, SSL_X509_CERT_COMMON_NAME);
if(peer_CN == NULL) {
- if(data->set.ssl.verifyhost) {
+ if(SSL_CONN_CONFIG(verifyhost)) {
Curl_axtls_close(conn, sockindex);
failf(data, "unable to obtain common name from peer certificate");
return CURLE_PEER_FAILED_VERIFICATION;
@@ -362,17 +371,17 @@ static CURLcode connect_finish(struct connectdata *conn,
int sockindex)
infof(data, "unable to obtain common name from peer certificate");
}
else {
- if(!Curl_cert_hostcheck((const char *)peer_CN, conn->host.name)) {
- if(data->set.ssl.verifyhost) {
+ if(!Curl_cert_hostcheck((const char *)peer_CN, hostname)) {
+ if(SSL_CONN_CONFIG(verifyhost)) {
/* Break connection ! */
Curl_axtls_close(conn, sockindex);
failf(data, "\tcommon name \"%s\" does not match \"%s\"\n",
- peer_CN, conn->host.dispname);
+ peer_CN, dispname);
return CURLE_PEER_FAILED_VERIFICATION;
}
else
infof(data, "\tcommon name \"%s\" does not match \"%s\"\n",
- peer_CN, conn->host.dispname);
+ peer_CN, dispname);
}
}
}
@@ -383,13 +392,13 @@ static CURLcode connect_finish(struct connectdata *conn,
int sockindex)
conn->send[sockindex] = axtls_send;
/* Put our freshly minted SSL session in cache */
- if(conn->ssl_config.sessionid) {
- const uint8_t *ssl_sessionid = ssl_get_session_id_size(ssl);
- size_t ssl_idsize = ssl_get_session_id(ssl);
+ if(SSL_SET_OPTION(primary.sessionid)) {
+ const uint8_t *ssl_sessionid = ssl_get_session_id(ssl);
+ size_t ssl_idsize = ssl_get_session_id_size(ssl);
Curl_ssl_sessionid_lock(conn);
- if(Curl_ssl_addsessionid(conn, (void *) ssl_sessionid, ssl_idsize)
- != CURLE_OK)
- infof (data, "failed to add session to cache\n");
+ if(Curl_ssl_addsessionid(conn, (void *) ssl_sessionid, ssl_idsize,
+ sockindex) != CURLE_OK)
+ infof(data, "failed to add session to cache\n");
Curl_ssl_sessionid_unlock(conn);
}
@@ -437,7 +446,7 @@ CURLcode Curl_axtls_connect_nonblocking(
return CURLE_OK;
}
}
- infof (conn->data, "handshake completed successfully\n");
+ infof(conn->data, "handshake completed successfully\n");
conn->ssl[sockindex].connecting_state = ssl_connect_3;
}
@@ -503,7 +512,7 @@ Curl_axtls_connect(struct connectdata *conn,
/* TODO: avoid polling */
Curl_wait_ms(10);
}
- infof (conn->data, "handshake completed successfully\n");
+ infof(conn->data, "handshake completed successfully\n");
conn_step = connect_finish(conn, sockindex);
if(conn_step != CURLE_OK) {
@@ -579,8 +588,7 @@ int Curl_axtls_shutdown(struct connectdata *conn, int
sockindex)
*/
if(connssl->ssl) {
- int what = Curl_socket_ready(conn->sock[sockindex],
- CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);
+ int what = SOCKET_READABLE(conn->sock[sockindex], SSL_SHUTDOWN_TIMEOUT);
if(what > 0) {
/* Something to read, let's do it and hope that it is the close
notify alert from the server. buf is managed internally by
@@ -678,9 +686,9 @@ size_t Curl_axtls_version(char *buffer, size_t size)
return snprintf(buffer, size, "axTLS/%s", ssl_version());
}
-int Curl_axtls_random(struct Curl_easy *data,
- unsigned char *entropy,
- size_t length)
+CURLcode Curl_axtls_random(struct Curl_easy *data,
+ unsigned char *entropy,
+ size_t length)
{
static bool ssl_seeded = FALSE;
(void)data;
@@ -692,7 +700,7 @@ int Curl_axtls_random(struct Curl_easy *data,
RNG_initialize();
}
get_random((int)length, entropy);
- return 0;
+ return CURLE_OK;
}
#endif /* USE_AXTLS */
diff --git a/lib/vtls/axtls.h b/lib/vtls/axtls.h
index b16d051aa..4e5994666 100644
--- a/lib/vtls/axtls.h
+++ b/lib/vtls/axtls.h
@@ -8,7 +8,7 @@
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2010, DirecTV, Contact: Eric Hu <address@hidden>
- * Copyright (C) 2010 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2010 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,7 +24,7 @@
***************************************************************************/
#ifdef USE_AXTLS
-#include "curl/curl.h"
+#include "gnurl/curl.h"
#include "urldata.h"
int Curl_axtls_init(void);
@@ -42,9 +42,9 @@ void Curl_axtls_session_free(void *ptr);
size_t Curl_axtls_version(char *buffer, size_t size);
int Curl_axtls_shutdown(struct connectdata *conn, int sockindex);
int Curl_axtls_check_cxn(struct connectdata *conn);
-int Curl_axtls_random(struct Curl_easy *data,
- unsigned char *entropy,
- size_t length);
+CURLcode Curl_axtls_random(struct Curl_easy *data,
+ unsigned char *entropy,
+ size_t length);
/* Set the API backend definition to axTLS */
#define CURL_SSL_BACKEND CURLSSLBACKEND_AXTLS
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 7994b3eab..01bfdabd1 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -44,6 +44,38 @@ and that's a problem since options.h hasn't been included
yet. */
#include <cyassl/options.h>
#endif
+/* To determine what functions are available we rely on one or both of:
+ - the user's options.h generated by CyaSSL/wolfSSL
+ - the symbols detected by curl's configure
+ Since they are markedly different from one another, and one or the other may
+ not be available, we do some checking below to bring things in sync. */
+
+/* HAVE_ALPN is wolfSSL's build time symbol for enabling ALPN in options.h. */
+#ifndef HAVE_ALPN
+#ifdef HAVE_WOLFSSL_USEALPN
+#define HAVE_ALPN
+#endif
+#endif
+
+/* WOLFSSL_ALLOW_SSLV3 is wolfSSL's build time symbol for enabling SSLv3 in
+ options.h, but is only seen in >= 3.6.6 since that's when they started
+ disabling SSLv3 by default. */
+#ifndef WOLFSSL_ALLOW_SSLV3
+#if (LIBCYASSL_VERSION_HEX < 0x03006006) || \
+ defined(HAVE_WOLFSSLV3_CLIENT_METHOD)
+#define WOLFSSL_ALLOW_SSLV3
+#endif
+#endif
+
+/* HAVE_SUPPORTED_CURVES is wolfSSL's build time symbol for enabling the ECC
+ supported curve extension in options.h. Note ECC is enabled separately. */
+#ifndef HAVE_SUPPORTED_CURVES
+#if defined(HAVE_CYASSL_CTX_USESUPPORTEDCURVE) || \
+ defined(HAVE_WOLFSSL_CTX_USESUPPORTEDCURVE)
+#define HAVE_SUPPORTED_CURVES
+#endif
+#endif
+
#ifdef HAVE_LIMITS_H
#include <limits.h>
#endif
@@ -55,7 +87,7 @@ and that's a problem since options.h hasn't been included
yet. */
#include "parsedate.h"
#include "connect.h" /* for the connect timeout */
#include "select.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "x509asn1.h"
#include "curl_printf.h"
@@ -78,38 +110,6 @@ and that's a problem since options.h hasn't been included
yet. */
#define CYASSL_MAX_ERROR_SZ 80
#endif
-/* To determine what functions are available we rely on one or both of:
- - the user's options.h generated by CyaSSL/wolfSSL
- - the symbols detected by curl's configure
- Since they are markedly different from one another, and one or the other may
- not be available, we do some checking below to bring things in sync. */
-
-/* HAVE_ALPN is wolfSSL's build time symbol for enabling ALPN in options.h. */
-#ifndef HAVE_ALPN
-#ifdef HAVE_WOLFSSL_USEALPN
-#define HAVE_ALPN
-#endif
-#endif
-
-/* WOLFSSL_ALLOW_SSLV3 is wolfSSL's build time symbol for enabling SSLv3 in
- options.h, but is only seen in >= 3.6.6 since that's when they started
- disabling SSLv3 by default. */
-#ifndef WOLFSSL_ALLOW_SSLV3
-#if (LIBCYASSL_VERSION_HEX < 0x03006006) || \
- defined(HAVE_WOLFSSLV3_CLIENT_METHOD)
-#define WOLFSSL_ALLOW_SSLV3
-#endif
-#endif
-
-/* HAVE_SUPPORTED_CURVES is wolfSSL's build time symbol for enabling the ECC
- supported curve extension in options.h. Note ECC is enabled separately. */
-#ifndef HAVE_SUPPORTED_CURVES
-#if defined(HAVE_CYASSL_CTX_USESUPPORTEDCURVE) || \
- defined(HAVE_WOLFSSL_CTX_USESUPPORTEDCURVE)
-#define HAVE_SUPPORTED_CURVES
-#endif
-#endif
-
static Curl_recv cyassl_recv;
static Curl_send cyassl_send;
@@ -118,9 +118,9 @@ static int do_file_type(const char *type)
{
if(!type || !type[0])
return SSL_FILETYPE_PEM;
- if(Curl_raw_equal(type, "PEM"))
+ if(strcasecompare(type, "PEM"))
return SSL_FILETYPE_PEM;
- if(Curl_raw_equal(type, "DER"))
+ if(strcasecompare(type, "DER"))
return SSL_FILETYPE_ASN1;
return -1;
}
@@ -134,6 +134,7 @@ cyassl_connect_step1(struct connectdata *conn,
int sockindex)
{
char error_buffer[CYASSL_MAX_ERROR_SZ];
+ char *ciphers;
struct Curl_easy *data = conn->data;
struct ssl_connect_data* conssl = &conn->ssl[sockindex];
SSL_METHOD* req_method = NULL;
@@ -148,8 +149,13 @@ cyassl_connect_step1(struct connectdata *conn,
if(conssl->state == ssl_connection_complete)
return CURLE_OK;
+ if(SSL_CONN_CONFIG(version_max) != CURL_SSLVERSION_MAX_NONE) {
+ failf(data, "CyaSSL does not support to set maximum SSL/TLS version");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+
/* check to see if we've been told to use an explicit SSL/TLS version */
- switch(data->set.ssl.version) {
+ switch(SSL_CONN_CONFIG(version)) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
#if LIBCYASSL_VERSION_HEX >= 0x03003000 /* >= 3.3.0 */
@@ -174,12 +180,15 @@ cyassl_connect_step1(struct connectdata *conn,
req_method = TLSv1_2_client_method();
use_sni(TRUE);
break;
+ case CURL_SSLVERSION_TLSv1_3:
+ failf(data, "CyaSSL: TLS 1.3 is not yet supported");
+ return CURLE_SSL_CONNECT_ERROR;
case CURL_SSLVERSION_SSLv3:
#ifdef WOLFSSL_ALLOW_SSLV3
req_method = SSLv3_client_method();
use_sni(FALSE);
#else
- failf(data, "No support for SSLv3");
+ failf(data, "CyaSSL does not support SSLv3");
return CURLE_NOT_BUILT_IN;
#endif
break;
@@ -205,7 +214,7 @@ cyassl_connect_step1(struct connectdata *conn,
return CURLE_OUT_OF_MEMORY;
}
- switch(data->set.ssl.version) {
+ switch(SSL_CONN_CONFIG(version)) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
#if LIBCYASSL_VERSION_HEX > 0x03004006 /* > 3.4.6 */
@@ -226,20 +235,29 @@ cyassl_connect_step1(struct connectdata *conn,
break;
}
+ ciphers = SSL_CONN_CONFIG(cipher_list);
+ if(ciphers) {
+ if(!SSL_CTX_set_cipher_list(conssl->ctx, ciphers)) {
+ failf(data, "failed setting cipher list: %s", ciphers);
+ return CURLE_SSL_CIPHER;
+ }
+ infof(data, "Cipher selection: %s\n", ciphers);
+ }
+
#ifndef NO_FILESYSTEM
/* load trusted cacert */
- if(data->set.str[STRING_SSL_CAFILE]) {
+ if(SSL_CONN_CONFIG(CAfile)) {
if(1 != SSL_CTX_load_verify_locations(conssl->ctx,
- data->set.str[STRING_SSL_CAFILE],
- data->set.str[STRING_SSL_CAPATH])) {
- if(data->set.ssl.verifypeer) {
+ SSL_CONN_CONFIG(CAfile),
+ SSL_CONN_CONFIG(CApath))) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
/* Fail if we insist on successfully verifying the server. */
failf(data, "error setting certificate verify locations:\n"
" CAfile: %s\n CApath: %s",
- data->set.str[STRING_SSL_CAFILE]?
- data->set.str[STRING_SSL_CAFILE]: "none",
- data->set.str[STRING_SSL_CAPATH]?
- data->set.str[STRING_SSL_CAPATH] : "none");
+ SSL_CONN_CONFIG(CAfile)?
+ SSL_CONN_CONFIG(CAfile): "none",
+ SSL_CONN_CONFIG(CApath)?
+ SSL_CONN_CONFIG(CApath) : "none");
return CURLE_SSL_CACERT_BADFILE;
}
else {
@@ -256,25 +274,25 @@ cyassl_connect_step1(struct connectdata *conn,
infof(data,
" CAfile: %s\n"
" CApath: %s\n",
- data->set.str[STRING_SSL_CAFILE] ? data->set.str[STRING_SSL_CAFILE]:
+ SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile):
"none",
- data->set.str[STRING_SSL_CAPATH] ? data->set.str[STRING_SSL_CAPATH]:
+ SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath):
"none");
}
/* Load the client certificate, and private key */
- if(data->set.str[STRING_CERT] && data->set.str[STRING_KEY]) {
- int file_type = do_file_type(data->set.str[STRING_CERT_TYPE]);
+ if(SSL_SET_OPTION(cert) && SSL_SET_OPTION(key)) {
+ int file_type = do_file_type(SSL_SET_OPTION(cert_type));
- if(SSL_CTX_use_certificate_file(conssl->ctx, data->set.str[STRING_CERT],
+ if(SSL_CTX_use_certificate_file(conssl->ctx, SSL_SET_OPTION(cert),
file_type) != 1) {
failf(data, "unable to use client certificate (no key or wrong pass"
" phrase?)");
return CURLE_SSL_CONNECT_ERROR;
}
- file_type = do_file_type(data->set.str[STRING_KEY_TYPE]);
- if(SSL_CTX_use_PrivateKey_file(conssl->ctx, data->set.str[STRING_KEY],
+ file_type = do_file_type(SSL_SET_OPTION(key_type));
+ if(SSL_CTX_use_PrivateKey_file(conssl->ctx, SSL_SET_OPTION(key),
file_type) != 1) {
failf(data, "unable to set private key");
return CURLE_SSL_CONNECT_ERROR;
@@ -287,7 +305,8 @@ cyassl_connect_step1(struct connectdata *conn,
* anyway. In the latter case the result of the verification is checked with
* SSL_get_verify_result() below. */
SSL_CTX_set_verify(conssl->ctx,
- data->set.ssl.verifypeer?SSL_VERIFY_PEER:SSL_VERIFY_NONE,
+ SSL_CONN_CONFIG(verifypeer)?SSL_VERIFY_PEER:
+ SSL_VERIFY_NONE,
NULL);
#ifdef HAVE_SNI
@@ -296,13 +315,15 @@ cyassl_connect_step1(struct connectdata *conn,
#ifdef ENABLE_IPV6
struct in6_addr addr6;
#endif
- size_t hostname_len = strlen(conn->host.name);
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+ size_t hostname_len = strlen(hostname);
if((hostname_len < USHRT_MAX) &&
- (0 == Curl_inet_pton(AF_INET, conn->host.name, &addr4)) &&
+ (0 == Curl_inet_pton(AF_INET, hostname, &addr4)) &&
#ifdef ENABLE_IPV6
- (0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr6)) &&
+ (0 == Curl_inet_pton(AF_INET6, hostname, &addr6)) &&
#endif
- (CyaSSL_CTX_UseSNI(conssl->ctx, CYASSL_SNI_HOST_NAME, conn->host.name,
+ (CyaSSL_CTX_UseSNI(conssl->ctx, CYASSL_SNI_HOST_NAME, hostname,
(unsigned short)hostname_len) != 1)) {
infof(data, "WARNING: failed to configure server name indication (SNI) "
"TLS extension\n");
@@ -331,7 +352,7 @@ cyassl_connect_step1(struct connectdata *conn,
}
}
#ifdef NO_FILESYSTEM
- else if(data->set.ssl.verifypeer) {
+ else if(SSL_CONN_CONFIG(verifypeer)) {
failf(data, "SSL: Certificates couldn't be loaded because CyaSSL was built"
" with \"no filesystem\". Either disable peer verification"
" (insecure) or if you are building an application with libcurl you"
@@ -377,11 +398,11 @@ cyassl_connect_step1(struct connectdata *conn,
#endif /* HAVE_ALPN */
/* Check if there's a cached ID we can/should use here! */
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
void *ssl_sessionid = NULL;
Curl_ssl_sessionid_lock(conn);
- if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL)) {
+ if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL, sockindex)) {
/* we got a session id, use it! */
if(!SSL_set_session(conssl->handle, ssl_sessionid)) {
Curl_ssl_sessionid_unlock(conn);
@@ -391,7 +412,7 @@ cyassl_connect_step1(struct connectdata *conn,
return CURLE_SSL_CONNECT_ERROR;
}
/* Informational message */
- infof (data, "SSL re-using session ID\n");
+ infof(data, "SSL re-using session ID\n");
}
Curl_ssl_sessionid_unlock(conn);
}
@@ -414,13 +435,20 @@ cyassl_connect_step2(struct connectdata *conn,
int ret = -1;
struct Curl_easy *data = conn->data;
struct ssl_connect_data* conssl = &conn->ssl[sockindex];
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+ const char * const dispname = SSL_IS_PROXY() ?
+ conn->http_proxy.host.dispname : conn->host.dispname;
+ const char * const pinnedpubkey = SSL_IS_PROXY() ?
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
conn->recv[sockindex] = cyassl_recv;
conn->send[sockindex] = cyassl_send;
/* Enable RFC2818 checks */
- if(data->set.ssl.verifyhost) {
- ret = CyaSSL_check_domain_name(conssl->handle, conn->host.name);
+ if(SSL_CONN_CONFIG(verifyhost)) {
+ ret = CyaSSL_check_domain_name(conssl->handle, hostname);
if(ret == SSL_FAILURE)
return CURLE_OUT_OF_MEMORY;
}
@@ -444,31 +472,31 @@ cyassl_connect_step2(struct connectdata *conn,
else if(DOMAIN_NAME_MISMATCH == detail) {
#if 1
failf(data, "\tsubject alt name(s) or common name do not match \"%s\"\n",
- conn->host.dispname);
+ dispname);
return CURLE_PEER_FAILED_VERIFICATION;
#else
/* When the CyaSSL_check_domain_name() is used and you desire to continue
- * on a DOMAIN_NAME_MISMATCH, i.e. 'data->set.ssl.verifyhost == 0',
+ * on a DOMAIN_NAME_MISMATCH, i.e. 'conn->ssl_config.verifyhost == 0',
* CyaSSL version 2.4.0 will fail with an INCOMPLETE_DATA error. The only
* way to do this is currently to switch the CyaSSL_check_domain_name()
- * in and out based on the 'data->set.ssl.verifyhost' value. */
- if(data->set.ssl.verifyhost) {
+ * in and out based on the 'conn->ssl_config.verifyhost' value. */
+ if(SSL_CONN_CONFIG(verifyhost)) {
failf(data,
"\tsubject alt name(s) or common name do not match \"%s\"\n",
- conn->host.dispname);
+ dispname);
return CURLE_PEER_FAILED_VERIFICATION;
}
else {
infof(data,
"\tsubject alt name(s) and/or common name do not match \"%s\"\n",
- conn->host.dispname);
+ dispname);
return CURLE_OK;
}
#endif
}
#if LIBCYASSL_VERSION_HEX >= 0x02007000 /* 2.7.0 */
else if(ASN_NO_SIGNER_E == detail) {
- if(data->set.ssl.verifypeer) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
failf(data, "\tCA signer not available for verification\n");
return CURLE_SSL_CACERT_BADFILE;
}
@@ -487,7 +515,7 @@ cyassl_connect_step2(struct connectdata *conn,
}
}
- if(data->set.str[STRING_SSL_PINNEDPUBLICKEY]) {
+ if(pinnedpubkey) {
#ifdef KEEP_PEER_CERT
X509 *x509;
const char *x509_der;
@@ -509,7 +537,8 @@ cyassl_connect_step2(struct connectdata *conn,
}
memset(&x509_parsed, 0, sizeof x509_parsed);
- Curl_parseX509(&x509_parsed, x509_der, x509_der + x509_der_len);
+ if(Curl_parseX509(&x509_parsed, x509_der, x509_der + x509_der_len))
+ return CURLE_SSL_PINNEDPUBKEYNOTMATCH;
pubkey = &x509_parsed.subjectPublicKeyInfo;
if(!pubkey->header || pubkey->end <= pubkey->header) {
@@ -518,7 +547,7 @@ cyassl_connect_step2(struct connectdata *conn,
}
result = Curl_pin_peer_pubkey(data,
- data->set.str[STRING_SSL_PINNEDPUBLICKEY],
+ pinnedpubkey,
(const unsigned char *)pubkey->header,
(size_t)(pubkey->end - pubkey->header));
if(result) {
@@ -567,7 +596,13 @@ cyassl_connect_step2(struct connectdata *conn,
#endif /* HAVE_ALPN */
conssl->connecting_state = ssl_connect_3;
+#if (LIBCYASSL_VERSION_HEX >= 0x03009010)
+ infof(data, "SSL connection using %s / %s\n",
+ wolfSSL_get_version(conssl->handle),
+ wolfSSL_get_cipher_name(conssl->handle));
+#else
infof(data, "SSL connected\n");
+#endif
return CURLE_OK;
}
@@ -583,7 +618,7 @@ cyassl_connect_step3(struct connectdata *conn,
DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
bool incache;
SSL_SESSION *our_ssl_sessionid;
void *old_ssl_sessionid = NULL;
@@ -591,7 +626,8 @@ cyassl_connect_step3(struct connectdata *conn,
our_ssl_sessionid = SSL_get_session(connssl->handle);
Curl_ssl_sessionid_lock(conn);
- incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL));
+ incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL,
+ sockindex));
if(incache) {
if(old_ssl_sessionid != our_ssl_sessionid) {
infof(data, "old SSL session ID is stale, removing\n");
@@ -602,7 +638,7 @@ cyassl_connect_step3(struct connectdata *conn,
if(!incache) {
result = Curl_ssl_addsessionid(conn, our_ssl_sessionid,
- 0 /* unknown size */);
+ 0 /* unknown size */, sockindex);
if(result) {
Curl_ssl_sessionid_unlock(conn);
failf(data, "failed to store ssl session");
@@ -654,11 +690,11 @@ void Curl_cyassl_close(struct connectdata *conn, int
sockindex)
if(conssl->handle) {
(void)SSL_shutdown(conssl->handle);
- SSL_free (conssl->handle);
+ SSL_free(conssl->handle);
conssl->handle = NULL;
}
if(conssl->ctx) {
- SSL_CTX_free (conssl->ctx);
+ SSL_CTX_free(conssl->ctx);
conssl->ctx = NULL;
}
}
@@ -705,7 +741,9 @@ void Curl_cyassl_session_free(void *ptr)
size_t Curl_cyassl_version(char *buffer, size_t size)
{
-#ifdef WOLFSSL_VERSION
+#if LIBCYASSL_VERSION_HEX >= 0x03006000
+ return snprintf(buffer, size, "wolfSSL/%s", wolfSSL_lib_version());
+#elif defined(WOLFSSL_VERSION)
return snprintf(buffer, size, "wolfSSL/%s", WOLFSSL_VERSION);
#elif defined(CYASSL_VERSION)
return snprintf(buffer, size, "CyaSSL/%s", CYASSL_VERSION);
@@ -740,7 +778,7 @@ int Curl_cyassl_shutdown(struct connectdata *conn, int
sockindex)
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
if(connssl->handle) {
- SSL_free (connssl->handle);
+ SSL_free(connssl->handle);
connssl->handle = NULL;
}
return retval;
@@ -757,7 +795,7 @@ cyassl_connect_common(struct connectdata *conn,
struct Curl_easy *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
curl_socket_t sockfd = conn->sock[sockindex];
- long timeout_ms;
+ time_t timeout_ms;
int what;
/* check if the connection has already been established */
@@ -803,7 +841,8 @@ cyassl_connect_common(struct connectdata *conn,
curl_socket_t readfd = ssl_connect_2_reading==
connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
- what = Curl_socket_ready(readfd, writefd, nonblocking?0:timeout_ms);
+ what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
+ nonblocking?0:timeout_ms);
if(what < 0) {
/* fatal error */
failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
@@ -885,19 +924,19 @@ Curl_cyassl_connect(struct connectdata *conn,
return CURLE_OK;
}
-int Curl_cyassl_random(struct Curl_easy *data,
- unsigned char *entropy,
- size_t length)
+CURLcode Curl_cyassl_random(struct Curl_easy *data,
+ unsigned char *entropy,
+ size_t length)
{
RNG rng;
(void)data;
if(InitRng(&rng))
- return 1;
+ return CURLE_FAILED_INIT;
if(length > UINT_MAX)
- return 1;
+ return CURLE_FAILED_INIT;
if(RNG_GenerateBlock(&rng, entropy, (unsigned)length))
- return 1;
- return 0;
+ return CURLE_FAILED_INIT;
+ return CURLE_OK;
}
void Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */
diff --git a/lib/vtls/cyassl.h b/lib/vtls/cyassl.h
index 508dfaaf0..f47719e4e 100644
--- a/lib/vtls/cyassl.h
+++ b/lib/vtls/cyassl.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -51,15 +51,15 @@ int Curl_cyassl_init(void);
CURLcode Curl_cyassl_connect_nonblocking(struct connectdata *conn,
int sockindex,
bool *done);
-int Curl_cyassl_random(struct Curl_easy *data,
- unsigned char *entropy,
- size_t length);
+CURLcode Curl_cyassl_random(struct Curl_easy *data,
+ unsigned char *entropy,
+ size_t length);
void Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */
size_t tmplen,
unsigned char *sha256sum, /* output */
size_t unused);
-/* Set the API backend definition to Schannel */
+/* Set the API backend definition to CyaSSL */
#define CURL_SSL_BACKEND CURLSSLBACKEND_CYASSL
/* this backend supports CURLOPT_SSL_CTX_* */
diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index 90119dd50..6f9c6012e 100644
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -6,7 +6,7 @@
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2012 - 2014, Nick Zitzmann, <address@hidden>.
- * Copyright (C) 2012 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -34,6 +34,11 @@
#ifdef USE_DARWINSSL
+#ifdef __clang__
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wtautological-pointer-compare"
+#endif /* __clang__ */
+
#ifdef HAVE_LIMITS_H
#include <limits.h>
#endif
@@ -113,6 +118,36 @@
#define ioErr -36
#define paramErr -50
+#ifdef DARWIN_SSL_PINNEDPUBKEY
+/* both new and old APIs return rsa keys missing the spki header (not DER) */
+static const unsigned char rsa4096SpkiHeader[] = {
+ 0x30, 0x82, 0x02, 0x22, 0x30, 0x0d,
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
+ 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
+ 0x00, 0x03, 0x82, 0x02, 0x0f, 0x00};
+
+static const unsigned char rsa2048SpkiHeader[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d,
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
+ 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
+ 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00};
+#ifdef DARWIN_SSL_PINNEDPUBKEY_V1
+/* the *new* version doesn't return DER encoded ecdsa certs like the old... */
+static const unsigned char ecDsaSecp256r1SpkiHeader[] = {
+ 0x30, 0x59, 0x30, 0x13, 0x06, 0x07,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
+ 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48,
+ 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
+ 0x42, 0x00};
+
+static const unsigned char ecDsaSecp384r1SpkiHeader[] = {
+ 0x30, 0x76, 0x30, 0x10, 0x06, 0x07,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
+ 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04,
+ 0x00, 0x22, 0x03, 0x62, 0x00};
+#endif /* DARWIN_SSL_PINNEDPUBKEY_V1 */
+#endif /* DARWIN_SSL_PINNEDPUBKEY */
+
/* The following two functions were ripped from Apple sample code,
* with some modifications: */
static OSStatus SocketRead(SSLConnectionRef connection,
@@ -197,7 +232,7 @@ static OSStatus SocketWrite(SSLConnectionRef connection,
do {
length = write(sock,
- (char*)dataPtr + bytesSent,
+ (char *)dataPtr + bytesSent,
dataLen - bytesSent);
} while((length > 0) &&
( (bytesSent += length) < dataLen) );
@@ -219,8 +254,10 @@ static OSStatus SocketWrite(SSLConnectionRef connection,
return ortn;
}
-CF_INLINE const char *SSLCipherNameForNumber(SSLCipherSuite cipher) {
- switch (cipher) {
+#ifndef CURL_DISABLE_VERBOSE_STRINGS
+CF_INLINE const char *SSLCipherNameForNumber(SSLCipherSuite cipher)
+{
+ switch(cipher) {
/* SSL version 3.0 */
case SSL_RSA_WITH_NULL_MD5:
return "SSL_RSA_WITH_NULL_MD5";
@@ -364,7 +401,8 @@ CF_INLINE const char *SSLCipherNameForNumber(SSLCipherSuite
cipher) {
return "SSL_NULL_WITH_NULL_NULL";
}
-CF_INLINE const char *TLSCipherNameForNumber(SSLCipherSuite cipher) {
+CF_INLINE const char *TLSCipherNameForNumber(SSLCipherSuite cipher)
+{
switch(cipher) {
/* TLS 1.0 with AES (RFC 3268) */
case TLS_RSA_WITH_AES_128_CBC_SHA:
@@ -774,6 +812,7 @@ CF_INLINE const char *TLSCipherNameForNumber(SSLCipherSuite
cipher) {
}
return "TLS_NULL_WITH_NULL_NULL";
}
+#endif /* !CURL_DISABLE_VERBOSE_STRINGS */
#if CURL_BUILD_MAC
CF_INLINE void GetDarwinVersionNumber(int *major, int *minor)
@@ -885,12 +924,17 @@ static OSStatus CopyIdentityWithLabel(char *label,
OSStatus status = errSecItemNotFound;
#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
+ CFArrayRef keys_list;
+ CFIndex keys_list_count;
+ CFIndex i;
+ CFStringRef common_name;
+
/* SecItemCopyMatching() was introduced in iOS and Snow Leopard.
kSecClassIdentity was introduced in Lion. If both exist, let's use them
to find the certificate. */
if(SecItemCopyMatching != NULL && kSecClassIdentity != NULL) {
- CFTypeRef keys[4];
- CFTypeRef values[4];
+ CFTypeRef keys[5];
+ CFTypeRef values[5];
CFDictionaryRef query_dict;
CFStringRef label_cf = CFStringCreateWithCString(NULL, label,
kCFStringEncodingUTF8);
@@ -900,27 +944,66 @@ static OSStatus CopyIdentityWithLabel(char *label,
keys[0] = kSecClass;
values[1] = kCFBooleanTrue; /* we want a reference */
keys[1] = kSecReturnRef;
- values[2] = kSecMatchLimitOne; /* one is enough, thanks */
+ values[2] = kSecMatchLimitAll; /* kSecMatchLimitOne would be better if the
+ * label matching below worked correctly */
keys[2] = kSecMatchLimit;
/* identity searches need a SecPolicyRef in order to work */
- values[3] = SecPolicyCreateSSL(false, label_cf);
+ values[3] = SecPolicyCreateSSL(false, NULL);
keys[3] = kSecMatchPolicy;
+ /* match the name of the certificate (doesn't work in macOS 10.12.1) */
+ values[4] = label_cf;
+ keys[4] = kSecAttrLabel;
query_dict = CFDictionaryCreate(NULL, (const void **)keys,
- (const void **)values, 4L,
- &kCFCopyStringDictionaryKeyCallBacks,
- &kCFTypeDictionaryValueCallBacks);
+ (const void **)values, 5L,
+ &kCFCopyStringDictionaryKeyCallBacks,
+ &kCFTypeDictionaryValueCallBacks);
CFRelease(values[3]);
- CFRelease(label_cf);
/* Do we have a match? */
- status = SecItemCopyMatching(query_dict, (CFTypeRef *)out_cert_and_key);
+ status = SecItemCopyMatching(query_dict, (CFTypeRef *) &keys_list);
+
+ /* Because kSecAttrLabel matching doesn't work with kSecClassIdentity,
+ * we need to find the correct identity ourselves */
+ if(status == noErr) {
+ keys_list_count = CFArrayGetCount(keys_list);
+ *out_cert_and_key = NULL;
+ status = 1;
+ for(i=0; i<keys_list_count; i++) {
+ OSStatus err = noErr;
+ SecCertificateRef cert = NULL;
+ SecIdentityRef identity =
+ (SecIdentityRef) CFArrayGetValueAtIndex(keys_list, i);
+ err = SecIdentityCopyCertificate(identity, &cert);
+ if(err == noErr) {
+#if CURL_BUILD_IOS
+ common_name = SecCertificateCopySubjectSummary(cert);
+#elif CURL_BUILD_MAC_10_7
+ SecCertificateCopyCommonName(cert, &common_name);
+#endif
+ if(CFStringCompare(common_name, label_cf, 0) == kCFCompareEqualTo) {
+ CFRelease(cert);
+ CFRelease(common_name);
+ CFRetain(identity);
+ *out_cert_and_key = identity;
+ status = noErr;
+ break;
+ }
+ CFRelease(common_name);
+ }
+ CFRelease(cert);
+ }
+ }
+
+ if(keys_list)
+ CFRelease(keys_list);
CFRelease(query_dict);
+ CFRelease(label_cf);
}
else {
#if CURL_SUPPORT_MAC_10_6
/* On Leopard and Snow Leopard, fall back to SecKeychainSearch. */
status = CopyIdentityWithLabelOldSchool(label, out_cert_and_key);
-#endif /* CURL_SUPPORT_MAC_10_7 */
+#endif /* CURL_SUPPORT_MAC_10_6 */
}
#elif CURL_SUPPORT_MAC_10_6
/* For developers building on older cats, we have no choice but to fall back
@@ -996,12 +1079,122 @@ CF_INLINE bool is_file(const char *filename)
return false;
}
+#if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
+static CURLcode darwinssl_version_from_curl(SSLProtocol *darwinver,
+ long ssl_version)
+{
+ switch(ssl_version) {
+ case CURL_SSLVERSION_TLSv1_0:
+ *darwinver = kTLSProtocol1;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_1:
+ *darwinver = kTLSProtocol11;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_2:
+ *darwinver = kTLSProtocol12;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_3:
+ break;
+ }
+ return CURLE_SSL_CONNECT_ERROR;
+}
+#endif
+
+static CURLcode
+set_ssl_version_min_max(struct connectdata *conn, int sockindex)
+{
+ struct Curl_easy *data = conn->data;
+ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ long ssl_version = SSL_CONN_CONFIG(version);
+ long ssl_version_max = SSL_CONN_CONFIG(version_max);
+
+ switch(ssl_version) {
+ case CURL_SSLVERSION_DEFAULT:
+ case CURL_SSLVERSION_TLSv1:
+ ssl_version = CURL_SSLVERSION_TLSv1_0;
+ ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
+ break;
+ }
+
+ switch(ssl_version_max) {
+ case CURL_SSLVERSION_MAX_NONE:
+ ssl_version_max = ssl_version << 16;
+ break;
+ case CURL_SSLVERSION_MAX_DEFAULT:
+ ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
+ break;
+ }
+
+#if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
+ if(SSLSetProtocolVersionMax != NULL) {
+ SSLProtocol darwin_ver_min = kTLSProtocol1;
+ SSLProtocol darwin_ver_max = kTLSProtocol1;
+ CURLcode result = darwinssl_version_from_curl(&darwin_ver_min,
+ ssl_version);
+ if(result) {
+ failf(data, "unsupported min version passed via CURLOPT_SSLVERSION");
+ return result;
+ }
+ result = darwinssl_version_from_curl(&darwin_ver_max,
+ ssl_version_max >> 16);
+ if(result) {
+ failf(data, "unsupported max version passed via CURLOPT_SSLVERSION");
+ return result;
+ }
+
+ (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, darwin_ver_min);
+ (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, darwin_ver_max);
+ return result;
+ }
+ else {
+#if CURL_SUPPORT_MAC_10_8
+ long i = ssl_version;
+ (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
+ kSSLProtocolAll,
+ false);
+ for(; i <= (ssl_version_max >> 16); i++) {
+ switch(i) {
+ case CURL_SSLVERSION_TLSv1_0:
+ (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
+ kTLSProtocol1,
+ true);
+ break;
+ case CURL_SSLVERSION_TLSv1_1:
+ (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
+ kTLSProtocol11,
+ true);
+ break;
+ case CURL_SSLVERSION_TLSv1_2:
+ (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
+ kTLSProtocol12,
+ true);
+ break;
+ case CURL_SSLVERSION_TLSv1_3:
+ failf(data, "DarwinSSL: TLS 1.3 is not yet supported");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ }
+ return CURLE_OK;
+#endif /* CURL_SUPPORT_MAC_10_8 */
+ }
+#endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
+ failf(data, "DarwinSSL: cannot set SSL protocol");
+ return CURLE_SSL_CONNECT_ERROR;
+}
+
+
static CURLcode darwinssl_connect_step1(struct connectdata *conn,
int sockindex)
{
struct Curl_easy *data = conn->data;
curl_socket_t sockfd = conn->sock[sockindex];
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ const char * const ssl_cafile = SSL_CONN_CONFIG(CAfile);
+ const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
+ char * const ssl_cert = SSL_SET_OPTION(cert);
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+ const long int port = SSL_IS_PROXY() ? conn->port : conn->remote_port;
#ifdef ENABLE_IPV6
struct in6_addr addr;
#else
@@ -1052,40 +1245,41 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
/* check to see if we've been told to use an explicit SSL/TLS version */
#if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
if(SSLSetProtocolVersionMax != NULL) {
- switch(data->set.ssl.version) {
- default:
- case CURL_SSLVERSION_DEFAULT:
- case CURL_SSLVERSION_TLSv1:
- (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1);
- (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12);
- break;
- case CURL_SSLVERSION_TLSv1_0:
- (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1);
- (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol1);
- break;
- case CURL_SSLVERSION_TLSv1_1:
- (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol11);
- (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol11);
- break;
- case CURL_SSLVERSION_TLSv1_2:
- (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol12);
- (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12);
- break;
- case CURL_SSLVERSION_SSLv3:
- err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol3);
- if(err != noErr) {
- failf(data, "Your version of the OS does not support SSLv3");
- return CURLE_SSL_CONNECT_ERROR;
- }
- (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol3);
+ switch(conn->ssl_config.version) {
+ case CURL_SSLVERSION_DEFAULT:
+ case CURL_SSLVERSION_TLSv1:
+ (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1);
+ (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12);
+ break;
+ case CURL_SSLVERSION_TLSv1_0:
+ case CURL_SSLVERSION_TLSv1_1:
+ case CURL_SSLVERSION_TLSv1_2:
+ case CURL_SSLVERSION_TLSv1_3:
+ {
+ CURLcode result = set_ssl_version_min_max(conn, sockindex);
+ if(result != CURLE_OK)
+ return result;
break;
- case CURL_SSLVERSION_SSLv2:
- err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol2);
- if(err != noErr) {
- failf(data, "Your version of the OS does not support SSLv2");
- return CURLE_SSL_CONNECT_ERROR;
- }
- (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol2);
+ }
+ case CURL_SSLVERSION_SSLv3:
+ err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol3);
+ if(err != noErr) {
+ failf(data, "Your version of the OS does not support SSLv3");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol3);
+ break;
+ case CURL_SSLVERSION_SSLv2:
+ err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol2);
+ if(err != noErr) {
+ failf(data, "Your version of the OS does not support SSLv2");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol2);
+ break;
+ default:
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
+ return CURLE_SSL_CONNECT_ERROR;
}
}
else {
@@ -1093,123 +1287,130 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
(void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
kSSLProtocolAll,
false);
- switch (data->set.ssl.version) {
- default:
- case CURL_SSLVERSION_DEFAULT:
- case CURL_SSLVERSION_TLSv1:
- (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kTLSProtocol1,
- true);
- (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kTLSProtocol11,
- true);
- (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kTLSProtocol12,
- true);
- break;
- case CURL_SSLVERSION_TLSv1_0:
- (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kTLSProtocol1,
- true);
- break;
- case CURL_SSLVERSION_TLSv1_1:
- (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kTLSProtocol11,
- true);
- break;
- case CURL_SSLVERSION_TLSv1_2:
- (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kTLSProtocol12,
- true);
- break;
- case CURL_SSLVERSION_SSLv3:
- err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kSSLProtocol3,
- true);
- if(err != noErr) {
- failf(data, "Your version of the OS does not support SSLv3");
- return CURLE_SSL_CONNECT_ERROR;
- }
- break;
- case CURL_SSLVERSION_SSLv2:
- err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kSSLProtocol2,
- true);
- if(err != noErr) {
- failf(data, "Your version of the OS does not support SSLv2");
- return CURLE_SSL_CONNECT_ERROR;
- }
- break;
- }
-#endif /* CURL_SUPPORT_MAC_10_8 */
- }
-#else
- (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, kSSLProtocolAll, false);
- switch(data->set.ssl.version) {
- default:
+ switch(conn->ssl_config.version) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
- case CURL_SSLVERSION_TLSv1_0:
(void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
kTLSProtocol1,
true);
+ (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
+ kTLSProtocol11,
+ true);
+ (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
+ kTLSProtocol12,
+ true);
break;
+ case CURL_SSLVERSION_TLSv1_0:
case CURL_SSLVERSION_TLSv1_1:
- failf(data, "Your version of the OS does not support TLSv1.1");
- return CURLE_SSL_CONNECT_ERROR;
case CURL_SSLVERSION_TLSv1_2:
- failf(data, "Your version of the OS does not support TLSv1.2");
- return CURLE_SSL_CONNECT_ERROR;
- case CURL_SSLVERSION_SSLv2:
+ case CURL_SSLVERSION_TLSv1_3:
+ {
+ CURLcode result = set_ssl_version_min_max(conn, sockindex);
+ if(result != CURLE_OK)
+ return result;
+ break;
+ }
+ case CURL_SSLVERSION_SSLv3:
err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kSSLProtocol2,
+ kSSLProtocol3,
true);
if(err != noErr) {
- failf(data, "Your version of the OS does not support SSLv2");
+ failf(data, "Your version of the OS does not support SSLv3");
return CURLE_SSL_CONNECT_ERROR;
}
break;
- case CURL_SSLVERSION_SSLv3:
+ case CURL_SSLVERSION_SSLv2:
err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
- kSSLProtocol3,
+ kSSLProtocol2,
true);
if(err != noErr) {
- failf(data, "Your version of the OS does not support SSLv3");
+ failf(data, "Your version of the OS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
}
break;
+ default:
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+#endif /* CURL_SUPPORT_MAC_10_8 */
+ }
+#else
+ if(conn->ssl_config.version_max != CURL_SSLVERSION_MAX_NONE) {
+ failf(data, "Your version of the OS does not support to set maximum"
+ " SSL/TLS version");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, kSSLProtocolAll, false);
+ switch(conn->ssl_config.version) {
+ case CURL_SSLVERSION_DEFAULT:
+ case CURL_SSLVERSION_TLSv1:
+ case CURL_SSLVERSION_TLSv1_0:
+ (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
+ kTLSProtocol1,
+ true);
+ break;
+ case CURL_SSLVERSION_TLSv1_1:
+ failf(data, "Your version of the OS does not support TLSv1.1");
+ return CURLE_SSL_CONNECT_ERROR;
+ case CURL_SSLVERSION_TLSv1_2:
+ failf(data, "Your version of the OS does not support TLSv1.2");
+ return CURLE_SSL_CONNECT_ERROR;
+ case CURL_SSLVERSION_TLSv1_3:
+ failf(data, "Your version of the OS does not support TLSv1.3");
+ return CURLE_SSL_CONNECT_ERROR;
+ case CURL_SSLVERSION_SSLv2:
+ err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
+ kSSLProtocol2,
+ true);
+ if(err != noErr) {
+ failf(data, "Your version of the OS does not support SSLv2");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ break;
+ case CURL_SSLVERSION_SSLv3:
+ err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
+ kSSLProtocol3,
+ true);
+ if(err != noErr) {
+ failf(data, "Your version of the OS does not support SSLv3");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ break;
+ default:
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
+ return CURLE_SSL_CONNECT_ERROR;
}
#endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
- if(data->set.str[STRING_KEY]) {
+ if(SSL_SET_OPTION(key)) {
infof(data, "WARNING: SSL: CURLOPT_SSLKEY is ignored by Secure "
- "Transport. The private key must be in the Keychain.\n");
+ "Transport. The private key must be in the Keychain.\n");
}
- if(data->set.str[STRING_CERT]) {
+ if(ssl_cert) {
SecIdentityRef cert_and_key = NULL;
- bool is_cert_file = is_file(data->set.str[STRING_CERT]);
+ bool is_cert_file = is_file(ssl_cert);
/* User wants to authenticate with a client cert. Look for it:
If we detect that this is a file on disk, then let's load it.
Otherwise, assume that the user wants to use an identity loaded
from the Keychain. */
if(is_cert_file) {
- if(!data->set.str[STRING_CERT_TYPE])
+ if(!SSL_SET_OPTION(cert_type))
infof(data, "WARNING: SSL: Certificate type not set, assuming "
"PKCS#12 format.\n");
- else if(strncmp(data->set.str[STRING_CERT_TYPE], "P12",
- strlen(data->set.str[STRING_CERT_TYPE])) != 0)
+ else if(strncmp(SSL_SET_OPTION(cert_type), "P12",
+ strlen(SSL_SET_OPTION(cert_type))) != 0)
infof(data, "WARNING: SSL: The Security framework only supports "
"loading identities that are in PKCS#12 format.\n");
- err = CopyIdentityFromPKCS12File(data->set.str[STRING_CERT],
- data->set.str[STRING_KEY_PASSWD], &cert_and_key);
+ err = CopyIdentityFromPKCS12File(ssl_cert,
+ SSL_SET_OPTION(key_passwd), &cert_and_key);
}
else
- err = CopyIdentityWithLabel(data->set.str[STRING_CERT], &cert_and_key);
+ err = CopyIdentityWithLabel(ssl_cert, &cert_and_key);
- if(err == noErr) {
+ if(err == noErr && cert_and_key) {
SecCertificateRef cert = NULL;
CFTypeRef certs_c[1];
CFArrayRef certs;
@@ -1246,27 +1447,27 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
}
else {
switch(err) {
- case errSecAuthFailed: case -25264: /* errSecPkcs12VerifyFailure */
- failf(data, "SSL: Incorrect password for the certificate \"%s\" "
- "and its private key.", data->set.str[STRING_CERT]);
- break;
- case -26275: /* errSecDecode */ case -25257: /* errSecUnknownFormat */
- failf(data, "SSL: Couldn't make sense of the data in the "
- "certificate \"%s\" and its private key.",
- data->set.str[STRING_CERT]);
- break;
- case -25260: /* errSecPassphraseRequired */
- failf(data, "SSL The certificate \"%s\" requires a password.",
- data->set.str[STRING_CERT]);
- break;
- case errSecItemNotFound:
- failf(data, "SSL: Can't find the certificate \"%s\" and its private "
- "key in the Keychain.", data->set.str[STRING_CERT]);
- break;
- default:
- failf(data, "SSL: Can't load the certificate \"%s\" and its private "
- "key: OSStatus %d", data->set.str[STRING_CERT], err);
- break;
+ case errSecAuthFailed: case -25264: /* errSecPkcs12VerifyFailure */
+ failf(data, "SSL: Incorrect password for the certificate \"%s\" "
+ "and its private key.", ssl_cert);
+ break;
+ case -26275: /* errSecDecode */ case -25257: /* errSecUnknownFormat */
+ failf(data, "SSL: Couldn't make sense of the data in the "
+ "certificate \"%s\" and its private key.",
+ ssl_cert);
+ break;
+ case -25260: /* errSecPassphraseRequired */
+ failf(data, "SSL The certificate \"%s\" requires a password.",
+ ssl_cert);
+ break;
+ case errSecItemNotFound:
+ failf(data, "SSL: Can't find the certificate \"%s\" and its private "
+ "key in the Keychain.", ssl_cert);
+ break;
+ default:
+ failf(data, "SSL: Can't load the certificate \"%s\" and its private "
+ "key: OSStatus %d", ssl_cert, err);
+ break;
}
return CURLE_SSL_CERTPROBLEM;
}
@@ -1297,8 +1498,7 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
#else
if(SSLSetSessionOption != NULL) {
#endif /* CURL_BUILD_MAC */
- bool break_on_auth = !data->set.ssl.verifypeer ||
- data->set.str[STRING_SSL_CAFILE];
+ bool break_on_auth = !conn->ssl_config.verifypeer || ssl_cafile;
err = SSLSetSessionOption(connssl->ssl_ctx,
kSSLSessionOptionBreakOnServerAuth,
break_on_auth);
@@ -1310,7 +1510,7 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
else {
#if CURL_SUPPORT_MAC_10_8
err = SSLSetEnableCertVerify(connssl->ssl_ctx,
- data->set.ssl.verifypeer?true:false);
+ conn->ssl_config.verifypeer?true:false);
if(err != noErr) {
failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err);
return CURLE_SSL_CONNECT_ERROR;
@@ -1319,49 +1519,46 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
}
#else
err = SSLSetEnableCertVerify(connssl->ssl_ctx,
- data->set.ssl.verifypeer?true:false);
+ conn->ssl_config.verifypeer?true:false);
if(err != noErr) {
failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err);
return CURLE_SSL_CONNECT_ERROR;
}
#endif /* CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS */
- if(data->set.str[STRING_SSL_CAFILE]) {
- bool is_cert_file = is_file(data->set.str[STRING_SSL_CAFILE]);
+ if(ssl_cafile && verifypeer) {
+ bool is_cert_file = is_file(ssl_cafile);
if(!is_cert_file) {
- failf(data, "SSL: can't load CA certificate file %s",
- data->set.str[STRING_SSL_CAFILE]);
+ failf(data, "SSL: can't load CA certificate file %s", ssl_cafile);
return CURLE_SSL_CACERT_BADFILE;
}
- if(!data->set.ssl.verifypeer) {
- failf(data, "SSL: CA certificate set, but certificate verification "
- "is disabled");
- return CURLE_SSL_CONNECT_ERROR;
- }
}
/* Configure hostname check. SNI is used if available.
* Both hostname check and SNI require SSLSetPeerDomainName().
* Also: the verifyhost setting influences SNI usage */
- if(data->set.ssl.verifyhost) {
- err = SSLSetPeerDomainName(connssl->ssl_ctx, conn->host.name,
- strlen(conn->host.name));
+ if(conn->ssl_config.verifyhost) {
+ err = SSLSetPeerDomainName(connssl->ssl_ctx, hostname,
+ strlen(hostname));
if(err != noErr) {
infof(data, "WARNING: SSL: SSLSetPeerDomainName() failed: OSStatus %d\n",
err);
}
- if((Curl_inet_pton(AF_INET, conn->host.name, &addr))
+ if((Curl_inet_pton(AF_INET, hostname, &addr))
#ifdef ENABLE_IPV6
- || (Curl_inet_pton(AF_INET6, conn->host.name, &addr))
+ || (Curl_inet_pton(AF_INET6, hostname, &addr))
#endif
) {
- infof(data, "WARNING: using IP address, SNI is being disabled by "
- "the OS.\n");
+ infof(data, "WARNING: using IP address, SNI is being disabled by "
+ "the OS.\n");
}
}
+ else {
+ infof(data, "WARNING: disabling hostname validation also disables SNI.\n");
+ }
/* Disable cipher suites that ST supports but are not safe. These ciphers
are unlikely to be used in any case since ST gives other ciphers a much
@@ -1382,7 +1579,7 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
running in an affected version of OS X. */
if(darwinver_maj == 12 && darwinver_min <= 3 &&
all_ciphers[i] >= 0xC001 && all_ciphers[i] <= 0xC032) {
- continue;
+ continue;
}
#endif /* CURL_BUILD_MAC */
switch(all_ciphers[i]) {
@@ -1438,6 +1635,16 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
/* Disable IDEA: */
case SSL_RSA_WITH_IDEA_CBC_SHA:
case SSL_RSA_WITH_IDEA_CBC_MD5:
+ /* Disable RC4: */
+ case SSL_RSA_WITH_RC4_128_MD5:
+ case SSL_RSA_WITH_RC4_128_SHA:
+ case 0xC002: /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA */
+ case 0xC007: /* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA*/
+ case 0xC00C: /* TLS_ECDH_RSA_WITH_RC4_128_SHA */
+ case 0xC011: /* TLS_ECDHE_RSA_WITH_RC4_128_SHA */
+ case 0x008A: /* TLS_PSK_WITH_RC4_128_SHA */
+ case 0x008E: /* TLS_DHE_PSK_WITH_RC4_128_SHA */
+ case 0x0092: /* TLS_RSA_PSK_WITH_RC4_128_SHA */
break;
default: /* enable everything else */
allowed_ciphers[allowed_ciphers_count++] = all_ciphers[i];
@@ -1464,21 +1671,22 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
/* We want to enable 1/n-1 when using a CBC cipher unless the user
specifically doesn't want us doing that: */
if(SSLSetSessionOption != NULL) {
+ /* TODO s/data->set.ssl.enable_beast/SSL_SET_OPTION(enable_beast)/g */
SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionSendOneByteRecord,
- !data->set.ssl_enable_beast);
+ !data->set.ssl.enable_beast);
SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionFalseStart,
data->set.ssl.falsestart); /* false start support */
}
#endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */
/* Check if there's a cached ID we can/should use here! */
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
char *ssl_sessionid;
size_t ssl_sessionid_len;
Curl_ssl_sessionid_lock(conn);
if(!Curl_ssl_getsessionid(conn, (void **)&ssl_sessionid,
- &ssl_sessionid_len)) {
+ &ssl_sessionid_len, sockindex)) {
/* we got a session id, use it! */
err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len);
Curl_ssl_sessionid_unlock(conn);
@@ -1494,9 +1702,8 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
else {
CURLcode result;
ssl_sessionid =
- aprintf("%s:%d:%d:%s:%hu", data->set.str[STRING_SSL_CAFILE],
- data->set.ssl.verifypeer, data->set.ssl.verifyhost,
- conn->host.name, conn->remote_port);
+ aprintf("%s:%d:%d:%s:%hu", ssl_cafile,
+ verifypeer, SSL_CONN_CONFIG(verifyhost), hostname, port);
ssl_sessionid_len = strlen(ssl_sessionid);
err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len);
@@ -1506,7 +1713,8 @@ static CURLcode darwinssl_connect_step1(struct
connectdata *conn,
return CURLE_SSL_CONNECT_ERROR;
}
- result = Curl_ssl_addsessionid(conn, ssl_sessionid, ssl_sessionid_len);
+ result = Curl_ssl_addsessionid(conn, ssl_sessionid, ssl_sessionid_len,
+ sockindex);
Curl_ssl_sessionid_unlock(conn);
if(result) {
failf(data, "failed to store ssl session");
@@ -1810,7 +2018,7 @@ static int verify_cert(const char *cafile, struct
Curl_easy *data,
return sslerr_to_curlerr(data, ret);
}
- switch (trust_eval) {
+ switch(trust_eval) {
case kSecTrustResultUnspecified:
case kSecTrustResultProceed:
return CURLE_OK;
@@ -1824,6 +2032,113 @@ static int verify_cert(const char *cafile, struct
Curl_easy *data,
}
}
+#ifdef DARWIN_SSL_PINNEDPUBKEY
+static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data,
+ SSLContextRef ctx,
+ const char *pinnedpubkey)
+{ /* Scratch */
+ size_t pubkeylen, realpubkeylen, spkiHeaderLength = 24;
+ unsigned char *pubkey = NULL, *realpubkey = NULL;
+ const unsigned char *spkiHeader = NULL;
+ CFDataRef publicKeyBits = NULL;
+
+ /* Result is returned to caller */
+ CURLcode result = CURLE_SSL_PINNEDPUBKEYNOTMATCH;
+
+ /* if a path wasn't specified, don't pin */
+ if(!pinnedpubkey)
+ return CURLE_OK;
+
+
+ if(!ctx)
+ return result;
+
+ do {
+ SecTrustRef trust;
+ OSStatus ret = SSLCopyPeerTrust(ctx, &trust);
+ if(ret != noErr || trust == NULL)
+ break;
+
+ SecKeyRef keyRef = SecTrustCopyPublicKey(trust);
+ CFRelease(trust);
+ if(keyRef == NULL)
+ break;
+
+#ifdef DARWIN_SSL_PINNEDPUBKEY_V1
+
+ publicKeyBits = SecKeyCopyExternalRepresentation(keyRef, NULL);
+ CFRelease(keyRef);
+ if(publicKeyBits == NULL)
+ break;
+
+#elif DARWIN_SSL_PINNEDPUBKEY_V2
+
+ OSStatus success = SecItemExport(keyRef, kSecFormatOpenSSL, 0, NULL,
+ &publicKeyBits);
+ CFRelease(keyRef);
+ if(success != errSecSuccess || publicKeyBits == NULL)
+ break;
+
+#endif /* DARWIN_SSL_PINNEDPUBKEY_V2 */
+
+ pubkeylen = CFDataGetLength(publicKeyBits);
+ pubkey = (unsigned char *)CFDataGetBytePtr(publicKeyBits);
+
+ switch(pubkeylen) {
+ case 526:
+ /* 4096 bit RSA pubkeylen == 526 */
+ spkiHeader = rsa4096SpkiHeader;
+ break;
+ case 270:
+ /* 2048 bit RSA pubkeylen == 270 */
+ spkiHeader = rsa2048SpkiHeader;
+ break;
+#ifdef DARWIN_SSL_PINNEDPUBKEY_V1
+ case 65:
+ /* ecDSA secp256r1 pubkeylen == 65 */
+ spkiHeader = ecDsaSecp256r1SpkiHeader;
+ spkiHeaderLength = 26;
+ break;
+ case 97:
+ /* ecDSA secp384r1 pubkeylen == 97 */
+ spkiHeader = ecDsaSecp384r1SpkiHeader;
+ spkiHeaderLength = 23;
+ break;
+ default:
+ infof(data, "SSL: unhandled public key length: %d\n", pubkeylen);
+#elif DARWIN_SSL_PINNEDPUBKEY_V2
+ default:
+ /* ecDSA secp256r1 pubkeylen == 91 header already included?
+ * ecDSA secp384r1 header already included too
+ * we assume rest of algorithms do same, so do nothing
+ */
+ result = Curl_pin_peer_pubkey(data, pinnedpubkey, pubkey,
+ pubkeylen);
+#endif /* DARWIN_SSL_PINNEDPUBKEY_V2 */
+ continue; /* break from loop */
+ }
+
+ realpubkeylen = pubkeylen + spkiHeaderLength;
+ realpubkey = malloc(realpubkeylen);
+ if(!realpubkey)
+ break;
+
+ memcpy(realpubkey, spkiHeader, spkiHeaderLength);
+ memcpy(realpubkey + spkiHeaderLength, pubkey, pubkeylen);
+
+ result = Curl_pin_peer_pubkey(data, pinnedpubkey, realpubkey,
+ realpubkeylen);
+
+ } while(0);
+
+ Curl_safefree(realpubkey);
+ if(publicKeyBits != NULL)
+ CFRelease(publicKeyBits);
+
+ return result;
+}
+#endif /* DARWIN_SSL_PINNEDPUBKEY */
+
static CURLcode
darwinssl_connect_step2(struct connectdata *conn, int sockindex)
{
@@ -1832,6 +2147,8 @@ darwinssl_connect_step2(struct connectdata *conn, int
sockindex)
OSStatus err;
SSLCipherSuite cipher;
SSLProtocol protocol = 0;
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
DEBUGASSERT(ssl_connect_2 == connssl->connecting_state
|| ssl_connect_2_reading == connssl->connecting_state
@@ -1841,7 +2158,7 @@ darwinssl_connect_step2(struct connectdata *conn, int
sockindex)
err = SSLHandshake(connssl->ssl_ctx);
if(err != noErr) {
- switch (err) {
+ switch(err) {
case errSSLWouldBlock: /* they're not done with us yet */
connssl->connecting_state = connssl->ssl_direction ?
ssl_connect_2_writing : ssl_connect_2_reading;
@@ -1850,8 +2167,8 @@ darwinssl_connect_step2(struct connectdata *conn, int
sockindex)
/* The below is errSSLServerAuthCompleted; it's not defined in
Leopard's headers */
case -9841:
- if(data->set.str[STRING_SSL_CAFILE]) {
- int res = verify_cert(data->set.str[STRING_SSL_CAFILE], data,
+ if(SSL_CONN_CONFIG(CAfile) && SSL_CONN_CONFIG(verifypeer)) {
+ int res = verify_cert(SSL_CONN_CONFIG(CAfile), data,
connssl->ssl_ctx);
if(res != CURLE_OK)
return res;
@@ -1920,7 +2237,7 @@ darwinssl_connect_step2(struct connectdata *conn, int
sockindex)
return CURLE_SSL_CONNECT_ERROR;
default:
failf(data, "Unknown SSL protocol error in connection to %s:%d",
- conn->host.name, err);
+ hostname, err);
return CURLE_SSL_CONNECT_ERROR;
}
}
@@ -1928,10 +2245,21 @@ darwinssl_connect_step2(struct connectdata *conn, int
sockindex)
/* we have been connected fine, we're not waiting for anything else. */
connssl->connecting_state = ssl_connect_3;
+#ifdef DARWIN_SSL_PINNEDPUBKEY
+ if(data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]) {
+ CURLcode result = pkp_pin_peer_pubkey(data, connssl->ssl_ctx,
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]);
+ if(result) {
+ failf(data, "SSL: public key does not match pinned public key!");
+ return result;
+ }
+ }
+#endif /* DARWIN_SSL_PINNEDPUBKEY */
+
/* Informational message */
(void)SSLGetNegotiatedCipher(connssl->ssl_ctx, &cipher);
(void)SSLGetNegotiatedProtocolVersion(connssl->ssl_ctx, &protocol);
- switch (protocol) {
+ switch(protocol) {
case kSSLProtocol2:
infof(data, "SSL 2.0 connection using %s\n",
SSLCipherNameForNumber(cipher));
@@ -1963,9 +2291,11 @@ darwinssl_connect_step2(struct connectdata *conn, int
sockindex)
}
}
-static CURLcode
-darwinssl_connect_step3(struct connectdata *conn,
- int sockindex)
+#ifndef CURL_DISABLE_VERBOSE_STRINGS
+/* This should be called during step3 of the connection at the earliest */
+static void
+show_verbose_server_cert(struct connectdata *conn,
+ int sockindex)
{
struct Curl_easy *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
@@ -1977,9 +2307,9 @@ darwinssl_connect_step3(struct connectdata *conn,
CFIndex i, count;
SecTrustRef trust = NULL;
- /* There is no step 3!
- * Well, okay, if verbose mode is on, let's print the details of the
- * server certificates. */
+ if(!connssl->ssl_ctx)
+ return;
+
#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
#if CURL_BUILD_IOS
#pragma unused(server_certs)
@@ -2076,6 +2406,23 @@ darwinssl_connect_step3(struct connectdata *conn,
CFRelease(server_certs);
}
#endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */
+}
+#endif /* !CURL_DISABLE_VERBOSE_STRINGS */
+
+static CURLcode
+darwinssl_connect_step3(struct connectdata *conn,
+ int sockindex)
+{
+ struct Curl_easy *data = conn->data;
+ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+
+ /* There is no step 3!
+ * Well, okay, if verbose mode is on, let's print the details of the
+ * server certificates. */
+#ifndef CURL_DISABLE_VERBOSE_STRINGS
+ if(data->set.verbose)
+ show_verbose_server_cert(conn, sockindex);
+#endif
connssl->connecting_state = ssl_connect_done;
return CURLE_OK;
@@ -2140,7 +2487,8 @@ darwinssl_connect_common(struct connectdata *conn,
curl_socket_t readfd = ssl_connect_2_reading ==
connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
- what = Curl_socket_ready(readfd, writefd, nonblocking?0:timeout_ms);
+ what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
+ nonblocking?0:timeout_ms);
if(what < 0) {
/* fatal error */
failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
@@ -2262,8 +2610,7 @@ int Curl_darwinssl_shutdown(struct connectdata *conn, int
sockindex)
rc = 0;
- what = Curl_socket_ready(conn->sock[sockindex],
- CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);
+ what = SOCKET_READABLE(conn->sock[sockindex], SSL_SHUTDOWN_TIMEOUT);
for(;;) {
if(what < 0) {
@@ -2291,7 +2638,7 @@ int Curl_darwinssl_shutdown(struct connectdata *conn, int
sockindex)
if(nread <= 0)
break;
- what = Curl_socket_ready(conn->sock[sockindex], CURL_SOCKET_BAD, 0);
+ what = SOCKET_READABLE(conn->sock[sockindex], 0);
}
return rc;
@@ -2353,8 +2700,8 @@ bool Curl_darwinssl_data_pending(const struct connectdata
*conn,
return false;
}
-int Curl_darwinssl_random(unsigned char *entropy,
- size_t length)
+CURLcode Curl_darwinssl_random(unsigned char *entropy,
+ size_t length)
{
/* arc4random_buf() isn't available on cats older than Lion, so let's
do this manually for the benefit of the older cats. */
@@ -2368,7 +2715,7 @@ int Curl_darwinssl_random(unsigned char *entropy,
random_number >>= 8;
}
i = random_number = 0;
- return 0;
+ return CURLE_OK;
}
void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */
@@ -2380,7 +2727,17 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input
*/
(void)CC_MD5(tmp, (CC_LONG)tmplen, md5sum);
}
-bool Curl_darwinssl_false_start(void) {
+void Curl_darwinssl_sha256sum(unsigned char *tmp, /* input */
+ size_t tmplen,
+ unsigned char *sha256sum, /* output */
+ size_t sha256len)
+{
+ assert(sha256len >= SHA256_DIGEST_LENGTH);
+ (void)CC_SHA256(tmp, (CC_LONG)tmplen, sha256sum);
+}
+
+bool Curl_darwinssl_false_start(void)
+{
#if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
if(SSLSetSessionOption != NULL)
return TRUE;
@@ -2417,7 +2774,7 @@ static ssize_t darwinssl_send(struct connectdata *conn,
if(connssl->ssl_write_buffered_length) {
/* Write the buffered data: */
err = SSLWrite(connssl->ssl_ctx, NULL, 0UL, &processed);
- switch (err) {
+ switch(err) {
case noErr:
/* processed is always going to be 0 because we didn't write to
the buffer, so return how much was written to the socket */
@@ -2437,7 +2794,7 @@ static ssize_t darwinssl_send(struct connectdata *conn,
/* We've got new data to write: */
err = SSLWrite(connssl->ssl_ctx, mem, len, &processed);
if(err != noErr) {
- switch (err) {
+ switch(err) {
case errSSLWouldBlock:
/* Data was buffered but not sent, we have to tell the caller
to try sending again, and remember how much was buffered */
@@ -2466,7 +2823,7 @@ static ssize_t darwinssl_recv(struct connectdata *conn,
OSStatus err = SSLRead(connssl->ssl_ctx, buf, buffersize, &processed);
if(err != noErr) {
- switch (err) {
+ switch(err) {
case errSSLWouldBlock: /* return how much we read (if anything) */
if(processed)
return (ssize_t)processed;
@@ -2494,4 +2851,8 @@ static ssize_t darwinssl_recv(struct connectdata *conn,
return (ssize_t)processed;
}
+#ifdef __clang__
+#pragma clang diagnostic pop
+#endif
+
#endif /* USE_DARWINSSL */
diff --git a/lib/vtls/darwinssl.h b/lib/vtls/darwinssl.h
index 8b185b67f..13e78515a 100644
--- a/lib/vtls/darwinssl.h
+++ b/lib/vtls/darwinssl.h
@@ -8,7 +8,7 @@
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2012 - 2014, Nick Zitzmann, <address@hidden>.
- * Copyright (C) 2012 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -42,17 +42,40 @@ int Curl_darwinssl_check_cxn(struct connectdata *conn);
bool Curl_darwinssl_data_pending(const struct connectdata *conn,
int connindex);
-int Curl_darwinssl_random(unsigned char *entropy,
- size_t length);
+CURLcode Curl_darwinssl_random(unsigned char *entropy,
+ size_t length);
void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */
size_t tmplen,
unsigned char *md5sum, /* output */
size_t md5len);
+void Curl_darwinssl_sha256sum(unsigned char *tmp, /* input */
+ size_t tmplen,
+ unsigned char *sha256sum, /* output */
+ size_t sha256len);
bool Curl_darwinssl_false_start(void);
/* Set the API backend definition to SecureTransport */
#define CURL_SSL_BACKEND CURLSSLBACKEND_DARWINSSL
+/* pinned public key support tests */
+
+/* version 1 supports macOS 10.12+ and iOS 10+ */
+#if ((TARGET_OS_IPHONE && __IPHONE_OS_VERSION_MIN_REQUIRED >= 100000) || \
+ (!TARGET_OS_IPHONE && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200))
+#define DARWIN_SSL_PINNEDPUBKEY_V1 1
+#endif
+
+/* version 2 supports MacOSX 10.7+ */
+#if (!TARGET_OS_IPHONE && __MAC_OS_X_VERSION_MIN_REQUIRED >= 1070)
+#define DARWIN_SSL_PINNEDPUBKEY_V2 1
+#endif
+
+#if defined(DARWIN_SSL_PINNEDPUBKEY_V1) || defined(DARWIN_SSL_PINNEDPUBKEY_V2)
+/* this backend supports CURLOPT_PINNEDPUBLICKEY */
+#define DARWIN_SSL_PINNEDPUBKEY 1
+#define have_curlssl_pinnedpubkey 1
+#endif /* DARWIN_SSL_PINNEDPUBKEY */
+
/* API setup for SecureTransport */
#define curlssl_init() (1)
#define curlssl_cleanup() Curl_nop_stmt
@@ -70,6 +93,8 @@ bool Curl_darwinssl_false_start(void);
#define curlssl_data_pending(x,y) Curl_darwinssl_data_pending(x, y)
#define curlssl_random(x,y,z) ((void)x, Curl_darwinssl_random(y,z))
#define curlssl_md5sum(a,b,c,d) Curl_darwinssl_md5sum(a,b,c,d)
+#define curlssl_sha256sum(a,b,c,d) \
+ Curl_darwinssl_sha256sum((unsigned char *)a, b, c, d)
#define curlssl_false_start() Curl_darwinssl_false_start()
#endif /* USE_DARWINSSL */
diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c
index 55a55ef56..565f10f07 100644
--- a/lib/vtls/gskit.c
+++ b/lib/vtls/gskit.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -65,14 +65,14 @@
# include <limits.h>
#endif
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
#include "sendf.h"
#include "gskit.h"
#include "vtls.h"
#include "connect.h" /* for the connect timeout */
#include "select.h"
-#include "strequal.h"
+#include "strcase.h"
#include "x509asn1.h"
#include "curl_printf.h"
@@ -81,6 +81,10 @@
#include "memdebug.h"
+/* Directions. */
+#define SOS_READ 0x01
+#define SOS_WRITE 0x02
+
/* SSL version flags. */
#define CURL_GSKPROTO_SSLV2 0
#define CURL_GSKPROTO_SSLV2_MASK (1 << CURL_GSKPROTO_SSLV2)
@@ -151,7 +155,7 @@ static const gskit_cipher ciphertable[] = {
static bool is_separator(char c)
{
/* Return whether character is a cipher list separator. */
- switch (c) {
+ switch(c) {
case ' ':
case '\t':
case ':':
@@ -167,7 +171,7 @@ static CURLcode gskit_status(struct Curl_easy *data, int rc,
const char *procname, CURLcode defcode)
{
/* Process GSKit status and map it to a CURLcode. */
- switch (rc) {
+ switch(rc) {
case GSK_OK:
case GSK_OS400_ASYNCHRONOUS_SOC_INIT:
return CURLE_OK;
@@ -190,7 +194,7 @@ static CURLcode gskit_status(struct Curl_easy *data, int rc,
case GSK_OS400_ERROR_NOT_REGISTERED:
break;
case GSK_ERROR_IO:
- switch (errno) {
+ switch(errno) {
case ENOMEM:
return CURLE_OUT_OF_MEMORY;
default:
@@ -211,7 +215,7 @@ static CURLcode set_enum(struct Curl_easy *data, gsk_handle
h,
{
int rc = gsk_attribute_set_enum(h, id, value);
- switch (rc) {
+ switch(rc) {
case GSK_OK:
return CURLE_OK;
case GSK_ERROR_IO:
@@ -233,7 +237,7 @@ static CURLcode set_buffer(struct Curl_easy *data,
gsk_handle h,
{
int rc = gsk_attribute_set_buffer(h, id, buffer, 0);
- switch (rc) {
+ switch(rc) {
case GSK_OK:
return CURLE_OK;
case GSK_ERROR_IO:
@@ -255,7 +259,7 @@ static CURLcode set_numeric(struct Curl_easy *data,
{
int rc = gsk_attribute_set_numeric_value(h, id, value);
- switch (rc) {
+ switch(rc) {
case GSK_OK:
return CURLE_OK;
case GSK_ERROR_IO:
@@ -275,7 +279,7 @@ static CURLcode set_callback(struct Curl_easy *data,
{
int rc = gsk_attribute_set_callback(h, id, info);
- switch (rc) {
+ switch(rc) {
case GSK_OK:
return CURLE_OK;
case GSK_ERROR_IO:
@@ -289,10 +293,11 @@ static CURLcode set_callback(struct Curl_easy *data,
}
-static CURLcode set_ciphers(struct Curl_easy *data,
+static CURLcode set_ciphers(struct connectdata *conn,
gsk_handle h, unsigned int *protoflags)
{
- const char *cipherlist = data->set.str[STRING_SSL_CIPHER_LIST];
+ struct Curl_easy *data = conn->data;
+ const char *cipherlist = SSL_CONN_CONFIG(cipher_list);
const char *clp;
const gskit_cipher *ctp;
int i;
@@ -315,7 +320,7 @@ static CURLcode set_ciphers(struct Curl_easy *data,
/* We allocate GSKit buffers of the same size as the input string: since
GSKit tokens are always shorter than their cipher names, allocated buffers
- will always be large enough to accomodate the result. */
+ will always be large enough to accommodate the result. */
l = strlen(cipherlist) + 1;
memset((char *) ciphers, 0, sizeof ciphers);
for(i = 0; i < CURL_GSKPROTO_LAST; i++) {
@@ -340,7 +345,7 @@ static CURLcode set_ciphers(struct Curl_easy *data,
break;
/* Search the cipher in our table. */
for(ctp = ciphertable; ctp->name; ctp++)
- if(strnequal(ctp->name, clp, l) && !ctp->name[l])
+ if(strncasecompare(ctp->name, clp, l) && !ctp->name[l])
break;
if(!ctp->name) {
failf(data, "Unknown cipher %.*s", l, clp);
@@ -448,7 +453,7 @@ static CURLcode init_environment(struct Curl_easy *data,
/* Creates the GSKit environment. */
rc = gsk_environment_open(&h);
- switch (rc) {
+ switch(rc) {
case GSK_OK:
break;
case GSK_INSUFFICIENT_STORAGE:
@@ -500,17 +505,195 @@ static void close_async_handshake(struct
ssl_connect_data *connssl)
connssl->iocport = -1;
}
+/* SSL over SSL
+ * Problems:
+ * 1) GSKit can only perform SSL on an AF_INET or AF_INET6 stream socket. To
+ * pipe an SSL stream into another, it is therefore needed to have a pair
+ * of such communicating sockets and handle the pipelining explicitly.
+ * 2) OS/400 socketpair() is only implemented for domain AF_UNIX, thus cannot
+ * be used to produce the pipeline.
+ * The solution is to simulate socketpair() for AF_INET with low-level API
+ * listen(), bind() and connect().
+ */
+
+static int
+inetsocketpair(int sv[2])
+{
+ int lfd; /* Listening socket. */
+ int sfd; /* Server socket. */
+ int cfd; /* Client socket. */
+ int len;
+ struct sockaddr_in addr1;
+ struct sockaddr_in addr2;
+
+ /* Create listening socket on a local dynamic port. */
+ lfd = socket(AF_INET, SOCK_STREAM, 0);
+ if(lfd < 0)
+ return -1;
+ memset((char *) &addr1, 0, sizeof addr1);
+ addr1.sin_family = AF_INET;
+ addr1.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+ addr1.sin_port = 0;
+ if(bind(lfd, (struct sockaddr *) &addr1, sizeof addr1) ||
+ listen(lfd, 2) < 0) {
+ close(lfd);
+ return -1;
+ }
+
+ /* Get the allocated port. */
+ len = sizeof addr1;
+ if(getsockname(lfd, (struct sockaddr *) &addr1, &len) < 0) {
+ close(lfd);
+ return -1;
+ }
+
+ /* Create the client socket. */
+ cfd = socket(AF_INET, SOCK_STREAM, 0);
+ if(cfd < 0) {
+ close(lfd);
+ return -1;
+ }
+
+ /* Request unblocking connection to the listening socket. */
+ curlx_nonblock(cfd, TRUE);
+ if(connect(cfd, (struct sockaddr *) &addr1, sizeof addr1) < 0 &&
+ errno != EINPROGRESS) {
+ close(lfd);
+ close(cfd);
+ return -1;
+ }
+
+ /* Get the client dynamic port for intrusion check below. */
+ len = sizeof addr2;
+ if(getsockname(cfd, (struct sockaddr *) &addr2, &len) < 0) {
+ close(lfd);
+ close(cfd);
+ return -1;
+ }
+
+ /* Accept the incoming connection and get the server socket. */
+ curlx_nonblock(lfd, TRUE);
+ for(;;) {
+ len = sizeof addr1;
+ sfd = accept(lfd, (struct sockaddr *) &addr1, &len);
+ if(sfd < 0) {
+ close(lfd);
+ close(cfd);
+ return -1;
+ }
+
+ /* Check for possible intrusion from an external process. */
+ if(addr1.sin_addr.s_addr == addr2.sin_addr.s_addr &&
+ addr1.sin_port == addr2.sin_port)
+ break;
+
+ /* Intrusion: reject incoming connection. */
+ close(sfd);
+ }
+
+ /* Done, return sockets and succeed. */
+ close(lfd);
+ curlx_nonblock(cfd, FALSE);
+ sv[0] = cfd;
+ sv[1] = sfd;
+ return 0;
+}
+
+static int pipe_ssloverssl(struct connectdata *conn, int sockindex,
+ int directions)
+{
+ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ struct ssl_connect_data *connproxyssl = &conn->proxy_ssl[sockindex];
+ fd_set fds_read;
+ fd_set fds_write;
+ int n;
+ int m;
+ int i;
+ int ret = 0;
+ struct timeval tv = {0, 0};
+ char buf[CURL_MAX_WRITE_SIZE];
+
+ if(!connssl->use || !connproxyssl->use)
+ return 0; /* No SSL over SSL: OK. */
+
+ FD_ZERO(&fds_read);
+ FD_ZERO(&fds_write);
+ n = -1;
+ if(directions & SOS_READ) {
+ FD_SET(connssl->remotefd, &fds_write);
+ n = connssl->remotefd;
+ }
+ if(directions & SOS_WRITE) {
+ FD_SET(connssl->remotefd, &fds_read);
+ n = connssl->remotefd;
+ FD_SET(conn->sock[sockindex], &fds_write);
+ if(n < conn->sock[sockindex])
+ n = conn->sock[sockindex];
+ }
+ i = select(n + 1, &fds_read, &fds_write, NULL, &tv);
+ if(i < 0)
+ return -1; /* Select error. */
+
+ if(FD_ISSET(connssl->remotefd, &fds_write)) {
+ /* Try getting data from HTTPS proxy and pipe it upstream. */
+ n = 0;
+ i = gsk_secure_soc_read(connproxyssl->handle, buf, sizeof buf, &n);
+ switch(i) {
+ case GSK_OK:
+ if(n) {
+ i = write(connssl->remotefd, buf, n);
+ if(i < 0)
+ return -1;
+ ret = 1;
+ }
+ break;
+ case GSK_OS400_ERROR_TIMED_OUT:
+ case GSK_WOULD_BLOCK:
+ break;
+ default:
+ return -1;
+ }
+ }
+
+ if(FD_ISSET(connssl->remotefd, &fds_read) &&
+ FD_ISSET(conn->sock[sockindex], &fds_write)) {
+ /* Pipe data to HTTPS proxy. */
+ n = read(connssl->remotefd, buf, sizeof buf);
+ if(n < 0)
+ return -1;
+ if(n) {
+ i = gsk_secure_soc_write(connproxyssl->handle, buf, n, &m);
+ if(i != GSK_OK || n != m)
+ return -1;
+ ret = 1;
+ }
+ }
+
+ return ret; /* OK */
+}
+
-static void close_one(struct ssl_connect_data *conn,
- struct Curl_easy *data)
+static void close_one(struct ssl_connect_data *connssl,
+ struct connectdata *conn, int sockindex)
{
- if(conn->handle) {
- gskit_status(data, gsk_secure_soc_close(&conn->handle),
+ if(connssl->handle) {
+ gskit_status(conn->data, gsk_secure_soc_close(&connssl->handle),
"gsk_secure_soc_close()", 0);
- conn->handle = (gsk_handle) NULL;
+ /* Last chance to drain output. */
+ while(pipe_ssloverssl(conn, sockindex, SOS_WRITE) > 0)
+ ;
+ connssl->handle = (gsk_handle) NULL;
+ if(connssl->localfd >= 0) {
+ close(connssl->localfd);
+ connssl->localfd = -1;
+ }
+ if(connssl->remotefd >= 0) {
+ close(connssl->remotefd);
+ connssl->remotefd = -1;
+ }
}
- if(conn->iocport >= 0)
- close_async_handshake(conn);
+ if(connssl->iocport >= 0)
+ close_async_handshake(connssl);
}
@@ -518,13 +701,18 @@ static ssize_t gskit_send(struct connectdata *conn, int
sockindex,
const void *mem, size_t len, CURLcode *curlcode)
{
struct Curl_easy *data = conn->data;
- CURLcode cc;
+ CURLcode cc = CURLE_SEND_ERROR;
int written;
- cc = gskit_status(data,
- gsk_secure_soc_write(conn->ssl[sockindex].handle,
- (char *) mem, (int) len, &written),
- "gsk_secure_soc_write()", CURLE_SEND_ERROR);
+ if(pipe_ssloverssl(conn, sockindex, SOS_WRITE) >= 0) {
+ cc = gskit_status(data,
+ gsk_secure_soc_write(conn->ssl[sockindex].handle,
+ (char *) mem, (int) len, &written),
+ "gsk_secure_soc_write()", CURLE_SEND_ERROR);
+ if(cc == CURLE_OK)
+ if(pipe_ssloverssl(conn, sockindex, SOS_WRITE) < 0)
+ cc = CURLE_SEND_ERROR;
+ }
if(cc != CURLE_OK) {
*curlcode = cc;
written = -1;
@@ -539,19 +727,61 @@ static ssize_t gskit_recv(struct connectdata *conn, int
num, char *buf,
struct Curl_easy *data = conn->data;
int buffsize;
int nread;
- CURLcode cc;
+ CURLcode cc = CURLE_RECV_ERROR;
- buffsize = buffersize > (size_t) INT_MAX? INT_MAX: (int) buffersize;
- cc = gskit_status(data, gsk_secure_soc_read(conn->ssl[num].handle,
- buf, buffsize, &nread),
- "gsk_secure_soc_read()", CURLE_RECV_ERROR);
- if(cc != CURLE_OK) {
+ if(pipe_ssloverssl(conn, num, SOS_READ) >= 0) {
+ buffsize = buffersize > (size_t) INT_MAX? INT_MAX: (int) buffersize;
+ cc = gskit_status(data, gsk_secure_soc_read(conn->ssl[num].handle,
+ buf, buffsize, &nread),
+ "gsk_secure_soc_read()", CURLE_RECV_ERROR);
+ }
+ switch(cc) {
+ case CURLE_OK:
+ break;
+ case CURLE_OPERATION_TIMEDOUT:
+ cc = CURLE_AGAIN;
+ default:
*curlcode = cc;
nread = -1;
+ break;
}
return (ssize_t) nread;
}
+static CURLcode
+set_ssl_version_min_max(unsigned int *protoflags, struct connectdata *conn)
+{
+ struct Curl_easy *data = conn->data;
+ long ssl_version = SSL_CONN_CONFIG(version);
+ long ssl_version_max = SSL_CONN_CONFIG(version_max);
+ long i = ssl_version;
+ switch(ssl_version_max) {
+ case CURL_SSLVERSION_MAX_NONE:
+ ssl_version_max = ssl_version;
+ break;
+ case CURL_SSLVERSION_MAX_DEFAULT:
+ ssl_version_max = CURL_SSLVERSION_TLSv1_2;
+ break;
+ }
+ for(; i <= (ssl_version_max >> 16); ++i) {
+ switch(i) {
+ case CURL_SSLVERSION_TLSv1_0:
+ *protoflags |= CURL_GSKPROTO_TLSV10_MASK;
+ break;
+ case CURL_SSLVERSION_TLSv1_1:
+ *protoflags |= CURL_GSKPROTO_TLSV11_MASK;
+ break;
+ case CURL_SSLVERSION_TLSv1_2:
+ *protoflags |= CURL_GSKPROTO_TLSV11_MASK;
+ break;
+ case CURL_SSLVERSION_TLSv1_3:
+ failf(data, "GSKit: TLS 1.3 is not yet supported");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ }
+
+ return CURLE_OK;
+}
static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex)
{
@@ -560,18 +790,26 @@ static CURLcode gskit_connect_step1(struct connectdata
*conn, int sockindex)
gsk_handle envir;
CURLcode result;
int rc;
- char *keyringfile;
- char *keyringpwd;
- char *keyringlabel;
- char *sni;
- unsigned int protoflags;
+ const char * const keyringfile = SSL_CONN_CONFIG(CAfile);
+ const char * const keyringpwd = SSL_SET_OPTION(key_passwd);
+ const char * const keyringlabel = SSL_SET_OPTION(cert);
+ const long int ssl_version = SSL_CONN_CONFIG(version);
+ const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
+ const char * const hostname = SSL_IS_PROXY()? conn->http_proxy.host.name:
+ conn->host.name;
+ const char *sni;
+ unsigned int protoflags = 0;
long timeout;
Qso_OverlappedIO_t commarea;
+ int sockpair[2];
+ static const int sobufsize = CURL_MAX_WRITE_SIZE;
/* Create SSL environment, start (preferably asynchronous) handshake. */
connssl->handle = (gsk_handle) NULL;
connssl->iocport = -1;
+ connssl->localfd = -1;
+ connssl->remotefd = -1;
/* GSKit supports two ways of specifying an SSL context: either by
* application identifier (that should have been defined at the system
@@ -586,9 +824,6 @@ static CURLcode gskit_connect_step1(struct connectdata
*conn, int sockindex)
* application identifier mode is tried first, as recommended in IBM doc.
*/
- keyringfile = data->set.str[STRING_SSL_CAFILE];
- keyringpwd = data->set.str[STRING_KEY_PASSWD];
- keyringlabel = data->set.str[STRING_CERT];
envir = (gsk_handle) NULL;
if(keyringlabel && *keyringlabel && !keyringpwd &&
@@ -613,32 +848,51 @@ static CURLcode gskit_connect_step1(struct connectdata
*conn, int sockindex)
if(result)
return result;
+ /* Establish a pipelining socket pair for SSL over SSL. */
+ if(conn->proxy_ssl[sockindex].use) {
+ if(inetsocketpair(sockpair))
+ return CURLE_SSL_CONNECT_ERROR;
+ connssl->localfd = sockpair[0];
+ connssl->remotefd = sockpair[1];
+ setsockopt(connssl->localfd, SOL_SOCKET, SO_RCVBUF,
+ (void *) sobufsize, sizeof sobufsize);
+ setsockopt(connssl->remotefd, SOL_SOCKET, SO_RCVBUF,
+ (void *) sobufsize, sizeof sobufsize);
+ setsockopt(connssl->localfd, SOL_SOCKET, SO_SNDBUF,
+ (void *) sobufsize, sizeof sobufsize);
+ setsockopt(connssl->remotefd, SOL_SOCKET, SO_SNDBUF,
+ (void *) sobufsize, sizeof sobufsize);
+ curlx_nonblock(connssl->localfd, TRUE);
+ curlx_nonblock(connssl->remotefd, TRUE);
+ }
+
/* Determine which SSL/TLS version should be enabled. */
- protoflags = CURL_GSKPROTO_TLSV10_MASK | CURL_GSKPROTO_TLSV11_MASK |
- CURL_GSKPROTO_TLSV12_MASK;
- sni = conn->host.name;
- switch (data->set.ssl.version) {
+ sni = hostname;
+ switch(ssl_version) {
case CURL_SSLVERSION_SSLv2:
protoflags = CURL_GSKPROTO_SSLV2_MASK;
- sni = (char *) NULL;
+ sni = NULL;
break;
case CURL_SSLVERSION_SSLv3:
protoflags = CURL_GSKPROTO_SSLV3_MASK;
- sni = (char *) NULL;
+ sni = NULL;
break;
+ case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
protoflags = CURL_GSKPROTO_TLSV10_MASK |
CURL_GSKPROTO_TLSV11_MASK | CURL_GSKPROTO_TLSV12_MASK;
break;
case CURL_SSLVERSION_TLSv1_0:
- protoflags = CURL_GSKPROTO_TLSV10_MASK;
- break;
case CURL_SSLVERSION_TLSv1_1:
- protoflags = CURL_GSKPROTO_TLSV11_MASK;
- break;
case CURL_SSLVERSION_TLSv1_2:
- protoflags = CURL_GSKPROTO_TLSV12_MASK;
+ case CURL_SSLVERSION_TLSv1_3:
+ result = set_ssl_version_min_max(&protoflags, conn);
+ if(result != CURLE_OK)
+ return result;
break;
+ default:
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
+ return CURLE_SSL_CONNECT_ERROR;
}
/* Process SNI. Ignore if not supported (on OS400 < V7R1). */
@@ -661,9 +915,12 @@ static CURLcode gskit_connect_step1(struct connectdata
*conn, int sockindex)
(timeout + 999) / 1000);
}
if(!result)
- result = set_numeric(data, connssl->handle, GSK_FD, conn->sock[sockindex]);
+ result = set_numeric(data, connssl->handle, GSK_OS400_READ_TIMEOUT, 1);
if(!result)
- result = set_ciphers(data, connssl->handle, &protoflags);
+ result = set_numeric(data, connssl->handle, GSK_FD, connssl->localfd >= 0?
+ connssl->localfd: conn->sock[sockindex]);
+ if(!result)
+ result = set_ciphers(conn, connssl->handle, &protoflags);
if(!protoflags) {
failf(data, "No SSL protocol/cipher combination enabled");
result = CURLE_SSL_CIPHER;
@@ -706,7 +963,7 @@ static CURLcode gskit_connect_step1(struct connectdata
*conn, int sockindex)
}
if(!result)
result = set_enum(data, connssl->handle, GSK_SERVER_AUTH_TYPE,
- data->set.ssl.verifypeer? GSK_SERVER_AUTH_FULL:
+ verifypeer? GSK_SERVER_AUTH_FULL:
GSK_SERVER_AUTH_PASSTHRU, FALSE);
if(!result) {
@@ -730,6 +987,10 @@ static CURLcode gskit_connect_step1(struct connectdata
*conn, int sockindex)
else if(errno != ENOBUFS)
result = gskit_status(data, GSK_ERROR_IO,
"QsoCreateIOCompletionPort()", 0);
+ else if(conn->proxy_ssl[sockindex].use) {
+ /* Cannot pipeline while handshaking synchronously. */
+ result = CURLE_SSL_CONNECT_ERROR;
+ }
else {
/* No more completion port available. Use synchronous IO. */
result = gskit_status(data, gsk_secure_soc_init(connssl->handle),
@@ -742,7 +1003,7 @@ static CURLcode gskit_connect_step1(struct connectdata
*conn, int sockindex)
}
/* Error: rollback. */
- close_one(connssl, data);
+ close_one(connssl, conn, sockindex);
return result;
}
@@ -765,7 +1026,7 @@ static CURLcode gskit_connect_step2(struct connectdata
*conn, int sockindex,
timeout_ms = 0;
stmv.tv_sec = timeout_ms / 1000;
stmv.tv_usec = (timeout_ms - stmv.tv_sec * 1000) * 1000;
- switch (QsoWaitForIOCompletion(connssl->iocport, &cstat, &stmv)) {
+ switch(QsoWaitForIOCompletion(connssl->iocport, &cstat, &stmv)) {
case 1: /* Operation complete. */
break;
case -1: /* An error occurred: handshake still in progress. */
@@ -822,7 +1083,7 @@ static CURLcode gskit_connect_step3(struct connectdata
*conn, int sockindex)
infof(data, "Server certificate:\n");
p = cdev;
for(i = 0; i++ < cdec; p++)
- switch (p->cert_data_id) {
+ switch(p->cert_data_id) {
case CERT_BODY_DER:
cert = p->cert_data_p;
certend = cert + cdev->cert_data_l;
@@ -865,14 +1126,14 @@ static CURLcode gskit_connect_step3(struct connectdata
*conn, int sockindex)
}
/* Check pinned public key. */
- ptr = data->set.str[STRING_SSL_PINNEDPUBLICKEY];
+ ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
if(!result && ptr) {
curl_X509certificate x509;
curl_asn1Element *p;
- if(!cert)
+ if(Curl_parseX509(&x509, cert, certend))
return CURLE_SSL_PINNEDPUBKEYNOTMATCH;
- Curl_parseX509(&x509, cert, certend);
p = &x509.subjectPublicKeyInfo;
result = Curl_pin_peer_pubkey(data, ptr, p->header, p->end - p->header);
if(result) {
@@ -913,6 +1174,11 @@ static CURLcode gskit_connect_common(struct connectdata
*conn, int sockindex,
result = gskit_connect_step1(conn, sockindex);
}
+ /* Handle handshake pipelining. */
+ if(!result)
+ if(pipe_ssloverssl(conn, sockindex, SOS_READ | SOS_WRITE) < 0)
+ result = CURLE_SSL_CONNECT_ERROR;
+
/* Step 2: check if handshake is over. */
if(!result && connssl->connecting_state == ssl_connect_2) {
/* check allowed time left */
@@ -927,12 +1193,17 @@ static CURLcode gskit_connect_common(struct connectdata
*conn, int sockindex,
result = gskit_connect_step2(conn, sockindex, nonblocking);
}
+ /* Handle handshake pipelining. */
+ if(!result)
+ if(pipe_ssloverssl(conn, sockindex, SOS_READ | SOS_WRITE) < 0)
+ result = CURLE_SSL_CONNECT_ERROR;
+
/* Step 3: gather certificate info, verify host. */
if(!result && connssl->connecting_state == ssl_connect_3)
result = gskit_connect_step3(conn, sockindex);
if(result)
- close_one(connssl, data);
+ close_one(connssl, conn, sockindex);
else if(connssl->connecting_state == ssl_connect_done) {
connssl->state = ssl_connection_complete;
connssl->connecting_state = ssl_connect_1;
@@ -976,11 +1247,8 @@ CURLcode Curl_gskit_connect(struct connectdata *conn, int
sockindex)
void Curl_gskit_close(struct connectdata *conn, int sockindex)
{
- struct Curl_easy *data = conn->data;
- struct ssl_connect_data *connssl = &conn->ssl[sockindex];
-
- if(connssl->use)
- close_one(connssl, data);
+ close_one(&conn->ssl[sockindex], conn, sockindex);
+ close_one(&conn->proxy_ssl[sockindex], conn, sockindex);
}
@@ -999,10 +1267,10 @@ int Curl_gskit_shutdown(struct connectdata *conn, int
sockindex)
if(data->set.ftp_ccc != CURLFTPSSL_CCC_ACTIVE)
return 0;
- close_one(connssl, data);
+ close_one(connssl, conn, sockindex);
rc = 0;
- what = Curl_socket_ready(conn->sock[sockindex],
- CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);
+ what = SOCKET_READABLE(conn->sock[sockindex],
+ SSL_SHUTDOWN_TIMEOUT);
for(;;) {
if(what < 0) {
@@ -1031,7 +1299,7 @@ int Curl_gskit_shutdown(struct connectdata *conn, int
sockindex)
if(nread <= 0)
break;
- what = Curl_socket_ready(conn->sock[sockindex], CURL_SOCKET_BAD, 0);
+ what = SOCKET_READABLE(conn->sock[sockindex], 0);
}
return rc;
diff --git a/lib/vtls/gskit.h b/lib/vtls/gskit.h
index 41483cba6..229759217 100644
--- a/lib/vtls/gskit.h
+++ b/lib/vtls/gskit.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -41,6 +41,9 @@ int Curl_gskit_shutdown(struct connectdata *conn, int
sockindex);
size_t Curl_gskit_version(char *buffer, size_t size);
int Curl_gskit_check_cxn(struct connectdata *cxn);
+/* Support HTTPS-proxy */
+/* TODO: add '#define HTTPS_PROXY_SUPPORT 1' and fix test #1014 (if need) */
+
/* Set the API backend definition to GSKit */
#define CURL_SSL_BACKEND CURLSSLBACKEND_GSKIT
@@ -64,7 +67,7 @@ int Curl_gskit_check_cxn(struct connectdata *cxn);
#define curlssl_version Curl_gskit_version
#define curlssl_check_cxn(x) Curl_gskit_check_cxn(x)
#define curlssl_data_pending(x,y) 0
-#define curlssl_random(x,y,z) -1
+#define curlssl_random(x,y,z) (x=x, y=y, z=z, CURLE_NOT_BUILT_IN)
#endif /* USE_GSKIT */
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 1c3e6b151..d55f995e8 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -52,7 +52,7 @@
#include "parsedate.h"
#include "connect.h" /* for the connect timeout */
#include "select.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "warnless.h"
#include "x509asn1.h"
#include "curl_printf.h"
@@ -60,15 +60,13 @@
/* The last #include file should be: */
#include "memdebug.h"
-/*
- Some hackish cast macros based on:
- https://developer.gnome.org/glib/unstable/glib-Type-Conversion-Macros.html
-*/
-#ifndef GNUTLS_POINTER_TO_INT_CAST
-#define GNUTLS_POINTER_TO_INT_CAST(p) ((int) (long) (p))
+#ifndef GNUTLS_POINTER_TO_SOCKET_CAST
+#define GNUTLS_POINTER_TO_SOCKET_CAST(p) \
+ ((curl_socket_t) ((char *)(p) - (char *)NULL))
#endif
-#ifndef GNUTLS_INT_TO_POINTER_CAST
-#define GNUTLS_INT_TO_POINTER_CAST(i) ((void*) (long) (i))
+#ifndef GNUTLS_SOCKET_TO_POINTER_CAST
+#define GNUTLS_SOCKET_TO_POINTER_CAST(s) \
+ ((void *) ((char *)NULL + (s)))
#endif
/* Enable GnuTLS debugging by defining GTLSDEBUG */
@@ -92,11 +90,11 @@ static bool gtls_inited = FALSE;
# define GNUTLS_MAPS_WINSOCK_ERRORS 1
# endif
-# if (GNUTLS_VERSION_NUMBER >= 0x030200)
+# if HAVE_GNUTLS_ALPN_SET_PROTOCOLS
# define HAS_ALPN
# endif
-# if (GNUTLS_VERSION_NUMBER >= 0x03020d)
+# if HAVE_GNUTLS_OCSP_REQ_INIT
# define HAS_OCSP
# endif
@@ -153,7 +151,7 @@ static int gtls_mapped_sockerrno(void)
static ssize_t Curl_gtls_push(void *s, const void *buf, size_t len)
{
- ssize_t ret = swrite(GNUTLS_POINTER_TO_INT_CAST(s), buf, len);
+ ssize_t ret = swrite(GNUTLS_POINTER_TO_SOCKET_CAST(s), buf, len);
#if defined(USE_WINSOCK) && !defined(GNUTLS_MAPS_WINSOCK_ERRORS)
if(ret < 0)
gnutls_transport_set_global_errno(gtls_mapped_sockerrno());
@@ -163,7 +161,7 @@ static ssize_t Curl_gtls_push(void *s, const void *buf,
size_t len)
static ssize_t Curl_gtls_pull(void *s, void *buf, size_t len)
{
- ssize_t ret = sread(GNUTLS_POINTER_TO_INT_CAST(s), buf, len);
+ ssize_t ret = sread(GNUTLS_POINTER_TO_SOCKET_CAST(s), buf, len);
#if defined(USE_WINSOCK) && !defined(GNUTLS_MAPS_WINSOCK_ERRORS)
if(ret < 0)
gnutls_transport_set_global_errno(gtls_mapped_sockerrno());
@@ -171,6 +169,16 @@ static ssize_t Curl_gtls_pull(void *s, void *buf, size_t
len)
return ret;
}
+static ssize_t Curl_gtls_push_ssl(void *s, const void *buf, size_t len)
+{
+ return gnutls_record_send((gnutls_session_t) s, buf, len);
+}
+
+static ssize_t Curl_gtls_pull_ssl(void *s, void *buf, size_t len)
+{
+ return gnutls_record_recv((gnutls_session_t) s, buf, len);
+}
+
/* Curl_gtls_init()
*
* Global GnuTLS init, called from Curl_ssl_init(). This calls functions that
@@ -201,18 +209,20 @@ int Curl_gtls_cleanup(void)
return 1;
}
+#ifndef CURL_DISABLE_VERBOSE_STRINGS
static void showtime(struct Curl_easy *data,
const char *text,
time_t stamp)
{
struct tm buffer;
const struct tm *tm = &buffer;
+ char str[96];
CURLcode result = Curl_gmtime(stamp, &buffer);
if(result)
return;
- snprintf(data->state.buffer,
- BUFSIZE,
+ snprintf(str,
+ sizeof(str),
"\t %s: %s, %02d %s %4d %02d:%02d:%02d GMT",
text,
Curl_wkday[tm->tm_wday?tm->tm_wday-1:6],
@@ -222,17 +232,19 @@ static void showtime(struct Curl_easy *data,
tm->tm_hour,
tm->tm_min,
tm->tm_sec);
- infof(data, "%s\n", data->state.buffer);
+ infof(data, "%s\n", str);
}
+#endif
-static gnutls_datum_t load_file (const char *file)
+static gnutls_datum_t load_file(const char *file)
{
FILE *f;
gnutls_datum_t loaded_file = { NULL, 0 };
long filelen;
void *ptr;
- if(!(f = fopen(file, "rb")))
+ f = fopen(file, "rb");
+ if(!f)
return loaded_file;
if(fseek(f, 0, SEEK_END) != 0
|| (filelen = ftell(f)) < 0
@@ -251,7 +263,8 @@ out:
return loaded_file;
}
-static void unload_file(gnutls_datum_t data) {
+static void unload_file(gnutls_datum_t data)
+{
free(data.data);
}
@@ -266,7 +279,7 @@ static CURLcode handshake(struct connectdata *conn,
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
gnutls_session_t session = conn->ssl[sockindex].session;
curl_socket_t sockfd = conn->sock[sockindex];
- long timeout_ms;
+ time_t timeout_ms;
int rc;
int what;
@@ -289,7 +302,7 @@ static CURLcode handshake(struct connectdata *conn,
curl_socket_t readfd = ssl_connect_2_reading==
connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
- what = Curl_socket_ready(readfd, writefd,
+ what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
nonblocking?0:
timeout_ms?timeout_ms:1000);
if(what < 0) {
@@ -302,7 +315,7 @@ static CURLcode handshake(struct connectdata *conn,
return CURLE_OK;
else if(timeout_ms) {
/* timeout */
- failf(data, "SSL connection timeout at %ld", timeout_ms);
+ failf(data, "SSL connection timeout at %ld", (long)timeout_ms);
return CURLE_OPERATION_TIMEDOUT;
}
}
@@ -356,21 +369,119 @@ static gnutls_x509_crt_fmt_t do_file_type(const char
*type)
{
if(!type || !type[0])
return GNUTLS_X509_FMT_PEM;
- if(Curl_raw_equal(type, "PEM"))
+ if(strcasecompare(type, "PEM"))
return GNUTLS_X509_FMT_PEM;
- if(Curl_raw_equal(type, "DER"))
+ if(strcasecompare(type, "DER"))
return GNUTLS_X509_FMT_DER;
return -1;
}
+#ifndef USE_GNUTLS_PRIORITY_SET_DIRECT
+static CURLcode
+set_ssl_version_min_max(int *list, size_t list_size, struct connectdata *conn)
+{
+ struct Curl_easy *data = conn->data;
+ long ssl_version = SSL_CONN_CONFIG(version);
+ long ssl_version_max = SSL_CONN_CONFIG(version_max);
+ long i = ssl_version;
+ long protocol_priority_idx = 0;
+
+ switch(ssl_version_max) {
+ case CURL_SSLVERSION_MAX_NONE:
+ ssl_version_max = ssl_version << 16;
+ break;
+ case CURL_SSLVERSION_MAX_DEFAULT:
+ ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
+ break;
+ }
+
+ for(; i <= (ssl_version_max >> 16) &&
+ protocol_priority_idx < list_size; ++i) {
+ switch(i) {
+ case CURL_SSLVERSION_TLSv1_0:
+ protocol_priority[protocol_priority_idx++] = GNUTLS_TLS1_0;
+ break;
+ case CURL_SSLVERSION_TLSv1_1:
+ protocol_priority[protocol_priority_idx++] = GNUTLS_TLS1_1;
+ break;
+ case CURL_SSLVERSION_TLSv1_2:
+ protocol_priority[protocol_priority_idx++] = GNUTLS_TLS1_2;
+ break;
+ case CURL_SSLVERSION_TLSv1_3:
+ failf(data, "GnuTLS: TLS 1.3 is not yet supported");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ }
+ return CURLE_OK;
+}
+#else
+#define GNUTLS_CIPHERS "NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509"
+/* If GnuTLS was compiled without support for SRP it will error out if SRP is
+ requested in the priority string, so treat it specially
+ */
+#define GNUTLS_SRP "+SRP"
+
+static CURLcode
+set_ssl_version_min_max(const char **prioritylist, struct connectdata *conn)
+{
+ struct Curl_easy *data = conn->data;
+ long ssl_version = SSL_CONN_CONFIG(version);
+ long ssl_version_max = SSL_CONN_CONFIG(version_max);
+ if(ssl_version == CURL_SSLVERSION_TLSv1_3 ||
+ ssl_version_max == CURL_SSLVERSION_MAX_TLSv1_3) {
+ failf(data, "GnuTLS: TLS 1.3 is not yet supported");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ if(ssl_version_max == CURL_SSLVERSION_MAX_NONE) {
+ ssl_version_max = ssl_version << 16;
+ }
+ switch(ssl_version | ssl_version_max) {
+ case CURL_SSLVERSION_TLSv1_0 | CURL_SSLVERSION_MAX_TLSv1_0:
+ *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
+ "+VERS-TLS1.0:" GNUTLS_SRP;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_0 | CURL_SSLVERSION_MAX_TLSv1_1:
+ *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
+ "+VERS-TLS1.0:+VERS-TLS1.1:" GNUTLS_SRP;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_0 | CURL_SSLVERSION_MAX_TLSv1_2:
+ case CURL_SSLVERSION_TLSv1_0 | CURL_SSLVERSION_MAX_DEFAULT:
+ *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
+ "+VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2:" GNUTLS_SRP;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_1 | CURL_SSLVERSION_MAX_TLSv1_1:
+ *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
+ "+VERS-TLS1.1:" GNUTLS_SRP;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_1 | CURL_SSLVERSION_MAX_TLSv1_2:
+ case CURL_SSLVERSION_TLSv1_1 | CURL_SSLVERSION_MAX_DEFAULT:
+ *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
+ "+VERS-TLS1.1:+VERS-TLS1.2:" GNUTLS_SRP;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_2 | CURL_SSLVERSION_MAX_TLSv1_2:
+ case CURL_SSLVERSION_TLSv1_2 | CURL_SSLVERSION_MAX_DEFAULT:
+ *prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
+ "+VERS-TLS1.2:" GNUTLS_SRP;
+ return CURLE_OK;
+ }
+
+ failf(data, "GnuTLS: cannot set ssl protocol");
+ return CURLE_SSL_CONNECT_ERROR;
+}
+#endif
+
static CURLcode
gtls_connect_step1(struct connectdata *conn,
int sockindex)
{
struct Curl_easy *data = conn->data;
+ unsigned int init_flags;
gnutls_session_t session;
int rc;
bool sni = TRUE; /* default is SNI enabled */
+ void *transport_ptr = NULL;
+ gnutls_push_func gnutls_transport_push = NULL;
+ gnutls_pull_func gnutls_transport_pull = NULL;
#ifdef ENABLE_IPV6
struct in6_addr addr;
#else
@@ -390,17 +501,15 @@ gtls_connect_step1(struct connectdata *conn,
GNUTLS_CIPHER_3DES_CBC,
};
static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
- static int protocol_priority[] = { 0, 0, 0, 0 };
+ int protocol_priority[] = { 0, 0, 0, 0 };
#else
-#define GNUTLS_CIPHERS "NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509"
-/* If GnuTLS was compiled without support for SRP it will error out if SRP is
- requested in the priority string, so treat it specially
- */
-#define GNUTLS_SRP "+SRP"
- const char* prioritylist;
+ const char *prioritylist;
const char *err = NULL;
#endif
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+
if(conn->ssl[sockindex].state == ssl_connection_complete)
/* to make us tolerant against being called more than once for the
same connection */
@@ -409,12 +518,11 @@ gtls_connect_step1(struct connectdata *conn,
if(!gtls_inited)
Curl_gtls_init();
- /* GnuTLS only supports SSLv3 and TLSv1 */
- if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
+ if(SSL_CONN_CONFIG(version) == CURL_SSLVERSION_SSLv2) {
failf(data, "GnuTLS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
}
- else if(data->set.ssl.version == CURL_SSLVERSION_SSLv3)
+ else if(SSL_CONN_CONFIG(version) == CURL_SSLVERSION_SSLv3)
sni = FALSE; /* SSLv3 has no SNI */
/* allocate a cred struct */
@@ -425,8 +533,8 @@ gtls_connect_step1(struct connectdata *conn,
}
#ifdef USE_TLS_SRP
- if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
- infof(data, "Using TLS-SRP username: %s\n", data->set.ssl.username);
+ if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) {
+ infof(data, "Using TLS-SRP username: %s\n", SSL_SET_OPTION(username));
rc = gnutls_srp_allocate_client_credentials(
&conn->ssl[sockindex].srp_client_cred);
@@ -438,8 +546,8 @@ gtls_connect_step1(struct connectdata *conn,
rc = gnutls_srp_set_client_credentials(conn->ssl[sockindex].
srp_client_cred,
- data->set.ssl.username,
- data->set.ssl.password);
+ SSL_SET_OPTION(username),
+ SSL_SET_OPTION(password));
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_srp_set_client_cred() failed: %s",
gnutls_strerror(rc));
@@ -448,68 +556,75 @@ gtls_connect_step1(struct connectdata *conn,
}
#endif
- if(data->set.ssl.CAfile) {
+ if(SSL_CONN_CONFIG(CAfile)) {
/* set the trusted CA cert bundle file */
gnutls_certificate_set_verify_flags(conn->ssl[sockindex].cred,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
rc = gnutls_certificate_set_x509_trust_file(conn->ssl[sockindex].cred,
- data->set.ssl.CAfile,
+ SSL_CONN_CONFIG(CAfile),
GNUTLS_X509_FMT_PEM);
if(rc < 0) {
infof(data, "error reading ca cert file %s (%s)\n",
- data->set.ssl.CAfile, gnutls_strerror(rc));
- if(data->set.ssl.verifypeer)
+ SSL_CONN_CONFIG(CAfile), gnutls_strerror(rc));
+ if(SSL_CONN_CONFIG(verifypeer))
return CURLE_SSL_CACERT_BADFILE;
}
else
- infof(data, "found %d certificates in %s\n",
- rc, data->set.ssl.CAfile);
+ infof(data, "found %d certificates in %s\n", rc,
+ SSL_CONN_CONFIG(CAfile));
}
#ifdef HAS_CAPATH
- if(data->set.ssl.CApath) {
+ if(SSL_CONN_CONFIG(CApath)) {
/* set the trusted CA cert directory */
rc = gnutls_certificate_set_x509_trust_dir(conn->ssl[sockindex].cred,
- data->set.ssl.CApath,
- GNUTLS_X509_FMT_PEM);
+ SSL_CONN_CONFIG(CApath),
+ GNUTLS_X509_FMT_PEM);
if(rc < 0) {
infof(data, "error reading ca cert file %s (%s)\n",
- data->set.ssl.CAfile, gnutls_strerror(rc));
- if(data->set.ssl.verifypeer)
+ SSL_CONN_CONFIG(CApath), gnutls_strerror(rc));
+ if(SSL_CONN_CONFIG(verifypeer))
return CURLE_SSL_CACERT_BADFILE;
}
else
infof(data, "found %d certificates in %s\n",
- rc, data->set.ssl.CApath);
+ rc, SSL_CONN_CONFIG(CApath));
}
#endif
#ifdef CURL_CA_FALLBACK
/* use system ca certificate store as fallback */
- if(data->set.ssl.verifypeer &&
- !(data->set.ssl.CAfile || data->set.ssl.CApath)) {
+ if(SSL_CONN_CONFIG(verifypeer) &&
+ !(SSL_CONN_CONFIG(CAfile) || SSL_CONN_CONFIG(CApath))) {
gnutls_certificate_set_x509_system_trust(conn->ssl[sockindex].cred);
}
#endif
- if(data->set.ssl.CRLfile) {
+ if(SSL_SET_OPTION(CRLfile)) {
/* set the CRL list file */
rc = gnutls_certificate_set_x509_crl_file(conn->ssl[sockindex].cred,
- data->set.ssl.CRLfile,
+ SSL_SET_OPTION(CRLfile),
GNUTLS_X509_FMT_PEM);
if(rc < 0) {
failf(data, "error reading crl file %s (%s)",
- data->set.ssl.CRLfile, gnutls_strerror(rc));
+ SSL_SET_OPTION(CRLfile), gnutls_strerror(rc));
return CURLE_SSL_CRL_BADFILE;
}
else
infof(data, "found %d CRL in %s\n",
- rc, data->set.ssl.CRLfile);
+ rc, SSL_SET_OPTION(CRLfile));
}
/* Initialize TLS session as a client */
- rc = gnutls_init(&conn->ssl[sockindex].session, GNUTLS_CLIENT);
+ init_flags = GNUTLS_CLIENT;
+
+#if defined(GNUTLS_NO_TICKETS)
+ /* Disable TLS session tickets */
+ init_flags |= GNUTLS_NO_TICKETS;
+#endif
+
+ rc = gnutls_init(&conn->ssl[sockindex].session, init_flags);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_init() failed: %d", rc);
return CURLE_SSL_CONNECT_ERROR;
@@ -518,13 +633,13 @@ gtls_connect_step1(struct connectdata *conn,
/* convenient assign */
session = conn->ssl[sockindex].session;
- if((0 == Curl_inet_pton(AF_INET, conn->host.name, &addr)) &&
+ if((0 == Curl_inet_pton(AF_INET, hostname, &addr)) &&
#ifdef ENABLE_IPV6
- (0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr)) &&
+ (0 == Curl_inet_pton(AF_INET6, hostname, &addr)) &&
#endif
sni &&
- (gnutls_server_name_set(session, GNUTLS_NAME_DNS, conn->host.name,
- strlen(conn->host.name)) < 0))
+ (gnutls_server_name_set(session, GNUTLS_NAME_DNS, hostname,
+ strlen(hostname)) < 0))
infof(data, "WARNING: failed to configure server name indication (SNI) "
"TLS extension\n");
@@ -545,13 +660,13 @@ gtls_connect_step1(struct connectdata *conn,
if(rc != GNUTLS_E_SUCCESS)
return CURLE_SSL_CONNECT_ERROR;
- if(data->set.ssl.cipher_list != NULL) {
+ if(SSL_CONN_CONFIG(cipher_list) != NULL) {
failf(data, "can't pass a custom cipher list to older GnuTLS"
" versions");
return CURLE_SSL_CONNECT_ERROR;
}
- switch (data->set.ssl.version) {
+ switch(SSL_CONN_CONFIG(version)) {
case CURL_SSLVERSION_SSLv3:
protocol_priority[0] = GNUTLS_SSL3;
break;
@@ -562,19 +677,22 @@ gtls_connect_step1(struct connectdata *conn,
protocol_priority[2] = GNUTLS_TLS1_2;
break;
case CURL_SSLVERSION_TLSv1_0:
- protocol_priority[0] = GNUTLS_TLS1_0;
- break;
case CURL_SSLVERSION_TLSv1_1:
- protocol_priority[0] = GNUTLS_TLS1_1;
- break;
case CURL_SSLVERSION_TLSv1_2:
- protocol_priority[0] = GNUTLS_TLS1_2;
- break;
- case CURL_SSLVERSION_SSLv2:
- default:
+ case CURL_SSLVERSION_TLSv1_3:
+ {
+ CURLcode result = set_ssl_version_min_max(protocol_priority,
+ sizeof(protocol_priority)/sizeof(protocol_priority[0]), conn);
+ if(result != CURLE_OK)
+ return result;
+ break;
+ }
+ case CURL_SSLVERSION_SSLv2:
failf(data, "GnuTLS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
- break;
+ default:
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
+ return CURLE_SSL_CONNECT_ERROR;
}
rc = gnutls_protocol_set_priority(session, protocol_priority);
if(rc != GNUTLS_E_SUCCESS) {
@@ -586,7 +704,7 @@ gtls_connect_step1(struct connectdata *conn,
/* Ensure +SRP comes at the *end* of all relevant strings so that it can be
* removed if a run-time error indicates that SRP is not supported by this
* GnuTLS version */
- switch (data->set.ssl.version) {
+ switch(SSL_CONN_CONFIG(version)) {
case CURL_SSLVERSION_SSLv3:
prioritylist = GNUTLS_CIPHERS ":-VERS-TLS-ALL:+VERS-SSL3.0";
sni = false;
@@ -596,22 +714,21 @@ gtls_connect_step1(struct connectdata *conn,
prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:" GNUTLS_SRP;
break;
case CURL_SSLVERSION_TLSv1_0:
- prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
- "+VERS-TLS1.0:" GNUTLS_SRP;
- break;
case CURL_SSLVERSION_TLSv1_1:
- prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
- "+VERS-TLS1.1:" GNUTLS_SRP;
- break;
case CURL_SSLVERSION_TLSv1_2:
- prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
- "+VERS-TLS1.2:" GNUTLS_SRP;
- break;
+ case CURL_SSLVERSION_TLSv1_3:
+ {
+ CURLcode result = set_ssl_version_min_max(&prioritylist, conn);
+ if(result != CURLE_OK)
+ return result;
+ break;
+ }
case CURL_SSLVERSION_SSLv2:
- default:
failf(data, "GnuTLS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
- break;
+ default:
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
+ return CURLE_SSL_CONNECT_ERROR;
}
rc = gnutls_priority_set_direct(session, prioritylist, &err);
if((rc == GNUTLS_E_INVALID_REQUEST) && err) {
@@ -644,7 +761,8 @@ gtls_connect_step1(struct connectdata *conn,
gnutls_datum_t protocols[2];
#ifdef USE_NGHTTP2
- if(data->set.httpversion >= CURL_HTTP_VERSION_2) {
+ if(data->set.httpversion >= CURL_HTTP_VERSION_2 &&
+ (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) {
protocols[cur].data = (unsigned char *)NGHTTP2_PROTO_VERSION_ID;
protocols[cur].size = NGHTTP2_PROTO_VERSION_ID_LEN;
cur++;
@@ -661,8 +779,8 @@ gtls_connect_step1(struct connectdata *conn,
}
#endif
- if(data->set.str[STRING_CERT]) {
- if(data->set.str[STRING_KEY_PASSWD]) {
+ if(SSL_SET_OPTION(cert)) {
+ if(SSL_SET_OPTION(key_passwd)) {
#if HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2
const unsigned int supported_key_encryption_algorithms =
GNUTLS_PKCS_USE_PKCS12_3DES | GNUTLS_PKCS_USE_PKCS12_ARCFOUR |
@@ -671,11 +789,11 @@ gtls_connect_step1(struct connectdata *conn,
GNUTLS_PKCS_USE_PBES2_AES_256;
rc = gnutls_certificate_set_x509_key_file2(
conn->ssl[sockindex].cred,
- data->set.str[STRING_CERT],
- data->set.str[STRING_KEY] ?
- data->set.str[STRING_KEY] : data->set.str[STRING_CERT],
- do_file_type(data->set.str[STRING_CERT_TYPE]),
- data->set.str[STRING_KEY_PASSWD],
+ SSL_SET_OPTION(cert),
+ SSL_SET_OPTION(key) ?
+ SSL_SET_OPTION(key) : SSL_SET_OPTION(cert),
+ do_file_type(SSL_SET_OPTION(cert_type)),
+ SSL_SET_OPTION(key_passwd),
supported_key_encryption_algorithms);
if(rc != GNUTLS_E_SUCCESS) {
failf(data,
@@ -689,15 +807,14 @@ gtls_connect_step1(struct connectdata *conn,
#endif
}
else {
- rc = gnutls_certificate_set_x509_key_file(
+ if(gnutls_certificate_set_x509_key_file(
conn->ssl[sockindex].cred,
- data->set.str[STRING_CERT],
- data->set.str[STRING_KEY] ?
- data->set.str[STRING_KEY] : data->set.str[STRING_CERT],
- do_file_type(data->set.str[STRING_CERT_TYPE]) );
- if(rc != GNUTLS_E_SUCCESS) {
- failf(data, "error reading X.509 key or certificate file: %s",
- gnutls_strerror(rc));
+ SSL_SET_OPTION(cert),
+ SSL_SET_OPTION(key) ?
+ SSL_SET_OPTION(key) : SSL_SET_OPTION(cert),
+ do_file_type(SSL_SET_OPTION(cert_type)) ) !=
+ GNUTLS_E_SUCCESS) {
+ failf(data, "error reading X.509 key or certificate file");
return CURLE_SSL_CONNECT_ERROR;
}
}
@@ -705,7 +822,7 @@ gtls_connect_step1(struct connectdata *conn,
#ifdef USE_TLS_SRP
/* put the credentials to the current session */
- if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
+ if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) {
rc = gnutls_credentials_set(session, GNUTLS_CRD_SRP,
conn->ssl[sockindex].srp_client_cred);
if(rc != GNUTLS_E_SUCCESS) {
@@ -724,19 +841,30 @@ gtls_connect_step1(struct connectdata *conn,
}
}
- /* set the connection handle (file descriptor for the socket) */
- gnutls_transport_set_ptr(session,
- GNUTLS_INT_TO_POINTER_CAST(conn->sock[sockindex]));
+ if(conn->proxy_ssl[sockindex].use) {
+ transport_ptr = conn->proxy_ssl[sockindex].session;
+ gnutls_transport_push = Curl_gtls_push_ssl;
+ gnutls_transport_pull = Curl_gtls_pull_ssl;
+ }
+ else {
+ /* file descriptor for the socket */
+ transport_ptr = GNUTLS_SOCKET_TO_POINTER_CAST(conn->sock[sockindex]);
+ gnutls_transport_push = Curl_gtls_push;
+ gnutls_transport_pull = Curl_gtls_pull;
+ }
+
+ /* set the connection handle */
+ gnutls_transport_set_ptr(session, transport_ptr);
/* register callback functions to send and receive data. */
- gnutls_transport_set_push_function(session, Curl_gtls_push);
- gnutls_transport_set_pull_function(session, Curl_gtls_pull);
+ gnutls_transport_set_push_function(session, gnutls_transport_push);
+ gnutls_transport_set_pull_function(session, gnutls_transport_pull);
/* lowat must be set to zero when using custom push and pull functions. */
gnutls_transport_set_lowat(session, 0);
#ifdef HAS_OCSP
- if(data->set.ssl.verifystatus) {
+ if(SSL_CONN_CONFIG(verifystatus)) {
rc = gnutls_ocsp_status_request_enable_client(session, NULL, 0, NULL);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_ocsp_status_request_enable_client() failed: %d", rc);
@@ -747,17 +875,17 @@ gtls_connect_step1(struct connectdata *conn,
/* This might be a reconnect, so we check for a session ID in the cache
to speed up things */
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
void *ssl_sessionid;
size_t ssl_idsize;
Curl_ssl_sessionid_lock(conn);
- if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, &ssl_idsize)) {
+ if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, &ssl_idsize, sockindex)) {
/* we got a session id, use it! */
gnutls_session_set_data(session, ssl_sessionid, ssl_idsize);
/* Informational message */
- infof (data, "SSL re-using session ID\n");
+ infof(data, "SSL re-using session ID\n");
}
Curl_ssl_sessionid_unlock(conn);
}
@@ -836,8 +964,6 @@ gtls_connect_step3(struct connectdata *conn,
gnutls_datum_t issuerp;
char certbuf[256] = ""; /* big enough? */
size_t size;
- unsigned int algo;
- unsigned int bits;
time_t certclock;
const char *ptr;
struct Curl_easy *data = conn->data;
@@ -847,8 +973,13 @@ gtls_connect_step3(struct connectdata *conn,
gnutls_datum_t proto;
#endif
CURLcode result = CURLE_OK;
-
+#ifndef CURL_DISABLE_VERBOSE_STRINGS
+ unsigned int algo;
+ unsigned int bits;
gnutls_protocol_t version = gnutls_protocol_get_version(session);
+#endif
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
/* the name of the cipher suite used, e.g. ECDHE_RSA_AES_256_GCM_SHA384. */
ptr = gnutls_cipher_suite_get_name(gnutls_kx_get(session),
@@ -866,13 +997,13 @@ gtls_connect_step3(struct connectdata *conn,
chainp = gnutls_certificate_get_peers(session, &cert_list_size);
if(!chainp) {
- if(data->set.ssl.verifypeer ||
- data->set.ssl.verifyhost ||
- data->set.ssl.issuercert) {
+ if(SSL_CONN_CONFIG(verifypeer) ||
+ SSL_CONN_CONFIG(verifyhost) ||
+ SSL_SET_OPTION(issuercert)) {
#ifdef USE_TLS_SRP
- if(data->set.ssl.authtype == CURL_TLSAUTH_SRP
- && data->set.ssl.username != NULL
- && !data->set.ssl.verifypeer
+ if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP
+ && SSL_SET_OPTION(username) != NULL
+ && !SSL_CONN_CONFIG(verifypeer)
&& gnutls_cipher_get(session)) {
/* no peer cert, but auth is ok if we have SRP user and cipher and no
peer verify */
@@ -905,7 +1036,7 @@ gtls_connect_step3(struct connectdata *conn,
}
}
- if(data->set.ssl.verifypeer) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
/* This function will try to verify the peer's certificate and return its
status (trusted, invalid etc.). The value of status should be one or
more of the gnutls_certificate_status_t enumerated elements bitwise
@@ -921,10 +1052,11 @@ gtls_connect_step3(struct connectdata *conn,
/* verify_status is a bitmask of gnutls_certificate_status bits */
if(verify_status & GNUTLS_CERT_INVALID) {
- if(data->set.ssl.verifypeer) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
failf(data, "server certificate verification failed. CAfile: %s "
- "CRLfile: %s", data->set.ssl.CAfile?data->set.ssl.CAfile:"none",
- data->set.ssl.CRLfile?data->set.ssl.CRLfile:"none");
+ "CRLfile: %s", SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile):
+ "none",
+ SSL_SET_OPTION(CRLfile)?SSL_SET_OPTION(CRLfile):"none");
return CURLE_SSL_CACERT;
}
else
@@ -937,7 +1069,7 @@ gtls_connect_step3(struct connectdata *conn,
infof(data, "\t server certificate verification SKIPPED\n");
#ifdef HAS_OCSP
- if(data->set.ssl.verifystatus) {
+ if(SSL_CONN_CONFIG(verifystatus)) {
if(gnutls_ocsp_status_request_is_checked(session, 0) == 0) {
gnutls_datum_t status_request;
gnutls_ocsp_resp_t ocsp_resp;
@@ -1049,21 +1181,21 @@ gtls_connect_step3(struct connectdata *conn,
gnutls_x509_crt_t format */
gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER);
- if(data->set.ssl.issuercert) {
+ if(SSL_SET_OPTION(issuercert)) {
gnutls_x509_crt_init(&x509_issuer);
- issuerp = load_file(data->set.ssl.issuercert);
+ issuerp = load_file(SSL_SET_OPTION(issuercert));
gnutls_x509_crt_import(x509_issuer, &issuerp, GNUTLS_X509_FMT_PEM);
rc = gnutls_x509_crt_check_issuer(x509_cert, x509_issuer);
gnutls_x509_crt_deinit(x509_issuer);
unload_file(issuerp);
if(rc <= 0) {
failf(data, "server certificate issuer check failed (IssuerCert: %s)",
- data->set.ssl.issuercert?data->set.ssl.issuercert:"none");
+ SSL_SET_OPTION(issuercert)?SSL_SET_OPTION(issuercert):"none");
gnutls_x509_crt_deinit(x509_cert);
return CURLE_SSL_ISSUER_ERROR;
}
infof(data, "\t server certificate issuer check OK (Issuer Cert: %s)\n",
- data->set.ssl.issuercert?data->set.ssl.issuercert:"none");
+ SSL_SET_OPTION(issuercert)?SSL_SET_OPTION(issuercert):"none");
}
size=sizeof(certbuf);
@@ -1082,7 +1214,7 @@ gtls_connect_step3(struct connectdata *conn,
in RFC2818 (HTTPS), which takes into account wildcards, and the subject
alternative name PKIX extension. Returns non zero on success, and zero on
failure. */
- rc = gnutls_x509_crt_check_hostname(x509_cert, conn->host.name);
+ rc = gnutls_x509_crt_check_hostname(x509_cert, hostname);
#if GNUTLS_VERSION_NUMBER < 0x030306
/* Before 3.3.6, gnutls_x509_crt_check_hostname() didn't check IP
addresses. */
@@ -1098,10 +1230,10 @@ gtls_connect_step3(struct connectdata *conn,
int i;
int ret = 0;
- if(Curl_inet_pton(AF_INET, conn->host.name, addrbuf) > 0)
+ if(Curl_inet_pton(AF_INET, hostname, addrbuf) > 0)
addrlen = 4;
#ifdef ENABLE_IPV6
- else if(Curl_inet_pton(AF_INET6, conn->host.name, addrbuf) > 0)
+ else if(Curl_inet_pton(AF_INET6, hostname, addrbuf) > 0)
addrlen = 16;
#endif
@@ -1126,15 +1258,18 @@ gtls_connect_step3(struct connectdata *conn,
}
#endif
if(!rc) {
- if(data->set.ssl.verifyhost) {
+ const char * const dispname = SSL_IS_PROXY() ?
+ conn->http_proxy.host.dispname : conn->host.dispname;
+
+ if(SSL_CONN_CONFIG(verifyhost)) {
failf(data, "SSL: certificate subject name (%s) does not match "
- "target host name '%s'", certbuf, conn->host.dispname);
+ "target host name '%s'", certbuf, dispname);
gnutls_x509_crt_deinit(x509_cert);
return CURLE_PEER_FAILED_VERIFICATION;
}
else
infof(data, "\t common name: %s (does not match '%s')\n",
- certbuf, conn->host.dispname);
+ certbuf, dispname);
}
else
infof(data, "\t common name: %s (matched)\n", certbuf);
@@ -1143,7 +1278,7 @@ gtls_connect_step3(struct connectdata *conn,
certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
if(certclock == (time_t)-1) {
- if(data->set.ssl.verifypeer) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
failf(data, "server cert expiration date verify failed");
gnutls_x509_crt_deinit(x509_cert);
return CURLE_SSL_CONNECT_ERROR;
@@ -1153,7 +1288,7 @@ gtls_connect_step3(struct connectdata *conn,
}
else {
if(certclock < time(NULL)) {
- if(data->set.ssl.verifypeer) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
failf(data, "server certificate expiration date has passed.");
gnutls_x509_crt_deinit(x509_cert);
return CURLE_PEER_FAILED_VERIFICATION;
@@ -1168,7 +1303,7 @@ gtls_connect_step3(struct connectdata *conn,
certclock = gnutls_x509_crt_get_activation_time(x509_cert);
if(certclock == (time_t)-1) {
- if(data->set.ssl.verifypeer) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
failf(data, "server cert activation date verify failed");
gnutls_x509_crt_deinit(x509_cert);
return CURLE_SSL_CONNECT_ERROR;
@@ -1178,7 +1313,7 @@ gtls_connect_step3(struct connectdata *conn,
}
else {
if(certclock > time(NULL)) {
- if(data->set.ssl.verifypeer) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
failf(data, "server certificate not activated yet.");
gnutls_x509_crt_deinit(x509_cert);
return CURLE_PEER_FAILED_VERIFICATION;
@@ -1190,7 +1325,8 @@ gtls_connect_step3(struct connectdata *conn,
infof(data, "\t server certificate activation date OK\n");
}
- ptr = data->set.str[STRING_SSL_PINNEDPUBLICKEY];
+ ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
if(ptr) {
result = pkp_pin_peer_pubkey(data, x509_cert, ptr);
if(result != CURLE_OK) {
@@ -1210,6 +1346,7 @@ gtls_connect_step3(struct connectdata *conn,
*/
+#ifndef CURL_DISABLE_VERBOSE_STRINGS
/* public key algorithm's parameters */
algo = gnutls_x509_crt_get_pk_algorithm(x509_cert, &bits);
infof(data, "\t certificate public key: %s\n",
@@ -1234,12 +1371,13 @@ gtls_connect_step3(struct connectdata *conn,
gnutls_x509_crt_get_issuer_dn(x509_cert, certbuf, &size);
infof(data, "\t issuer: %s\n", certbuf);
- gnutls_x509_crt_deinit(x509_cert);
-
/* compression algorithm (if any) */
ptr = gnutls_compression_get_name(gnutls_compression_get(session));
/* the *_get_name() says "NULL" if GNUTLS_COMP_NULL is returned */
infof(data, "\t compression: %s\n", ptr);
+#endif
+
+ gnutls_x509_crt_deinit(x509_cert);
#ifdef HAS_ALPN
if(conn->bits.tls_enable_alpn) {
@@ -1270,7 +1408,7 @@ gtls_connect_step3(struct connectdata *conn,
conn->recv[sockindex] = gtls_recv;
conn->send[sockindex] = gtls_send;
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
/* we always unconditionally get the session id here, as even if we
already got it from the cache and asked to use it in the connection, it
might've been rejected and then a new one is in use now and we need to
@@ -1289,7 +1427,8 @@ gtls_connect_step3(struct connectdata *conn,
gnutls_session_get_data(session, connect_sessionid, &connect_idsize);
Curl_ssl_sessionid_lock(conn);
- incache = !(Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL));
+ incache = !(Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL,
+ sockindex));
if(incache) {
/* there was one before in the cache, so instead of risking that the
previous one was rejected, we just kill that and store the new */
@@ -1297,7 +1436,8 @@ gtls_connect_step3(struct connectdata *conn,
}
/* store this session id */
- result = Curl_ssl_addsessionid(conn, connect_sessionid, connect_idsize);
+ result = Curl_ssl_addsessionid(conn, connect_sessionid, connect_idsize,
+ sockindex);
Curl_ssl_sessionid_unlock(conn);
if(result) {
free(connect_sessionid);
@@ -1332,7 +1472,7 @@ gtls_connect_common(struct connectdata *conn,
/* Initiate the connection, if not already done */
if(ssl_connect_1==connssl->connecting_state) {
- rc = gtls_connect_step1 (conn, sockindex);
+ rc = gtls_connect_step1(conn, sockindex);
if(rc)
return rc;
}
@@ -1379,6 +1519,20 @@ Curl_gtls_connect(struct connectdata *conn,
return CURLE_OK;
}
+bool Curl_gtls_data_pending(const struct connectdata *conn, int connindex)
+{
+ bool res = FALSE;
+ if(conn->ssl[connindex].session &&
+ 0 != gnutls_record_check_pending(conn->ssl[connindex].session))
+ res = TRUE;
+
+ if(conn->proxy_ssl[connindex].session &&
+ 0 != gnutls_record_check_pending(conn->proxy_ssl[connindex].session))
+ res = TRUE;
+
+ return res;
+}
+
static ssize_t gtls_send(struct connectdata *conn,
int sockindex,
const void *mem,
@@ -1398,29 +1552,29 @@ static ssize_t gtls_send(struct connectdata *conn,
return rc;
}
-static void close_one(struct connectdata *conn,
- int idx)
+static void close_one(struct ssl_connect_data *ssl)
{
- if(conn->ssl[idx].session) {
- gnutls_bye(conn->ssl[idx].session, GNUTLS_SHUT_RDWR);
- gnutls_deinit(conn->ssl[idx].session);
- conn->ssl[idx].session = NULL;
+ if(ssl->session) {
+ gnutls_bye(ssl->session, GNUTLS_SHUT_RDWR);
+ gnutls_deinit(ssl->session);
+ ssl->session = NULL;
}
- if(conn->ssl[idx].cred) {
- gnutls_certificate_free_credentials(conn->ssl[idx].cred);
- conn->ssl[idx].cred = NULL;
+ if(ssl->cred) {
+ gnutls_certificate_free_credentials(ssl->cred);
+ ssl->cred = NULL;
}
#ifdef USE_TLS_SRP
- if(conn->ssl[idx].srp_client_cred) {
- gnutls_srp_free_client_credentials(conn->ssl[idx].srp_client_cred);
- conn->ssl[idx].srp_client_cred = NULL;
+ if(ssl->srp_client_cred) {
+ gnutls_srp_free_client_credentials(ssl->srp_client_cred);
+ ssl->srp_client_cred = NULL;
}
#endif
}
void Curl_gtls_close(struct connectdata *conn, int sockindex)
{
- close_one(conn, sockindex);
+ close_one(&conn->ssl[sockindex]);
+ close_one(&conn->proxy_ssl[sockindex]);
}
/*
@@ -1445,8 +1599,8 @@ int Curl_gtls_shutdown(struct connectdata *conn, int
sockindex)
if(conn->ssl[sockindex].session) {
while(!done) {
- int what = Curl_socket_ready(conn->sock[sockindex],
- CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);
+ int what = SOCKET_READABLE(conn->sock[sockindex],
+ SSL_SHUTDOWN_TIMEOUT);
if(what > 0) {
/* Something to read, let's do it and hope that it is the close
notify alert from the server */
@@ -1486,8 +1640,8 @@ int Curl_gtls_shutdown(struct connectdata *conn, int
sockindex)
gnutls_certificate_free_credentials(conn->ssl[sockindex].cred);
#ifdef USE_TLS_SRP
- if(data->set.ssl.authtype == CURL_TLSAUTH_SRP
- && data->set.ssl.username != NULL)
+ if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP
+ && SSL_SET_OPTION(username) != NULL)
gnutls_srp_free_client_credentials(conn->ssl[sockindex].srp_client_cred);
#endif
@@ -1568,19 +1722,21 @@ static int Curl_gtls_seed(struct Curl_easy *data)
#endif
/* data might be NULL! */
-int Curl_gtls_random(struct Curl_easy *data,
- unsigned char *entropy,
- size_t length)
+CURLcode Curl_gtls_random(struct Curl_easy *data,
+ unsigned char *entropy,
+ size_t length)
{
#if defined(USE_GNUTLS_NETTLE)
+ int rc;
(void)data;
- gnutls_rnd(GNUTLS_RND_RANDOM, entropy, length);
+ rc = gnutls_rnd(GNUTLS_RND_RANDOM, entropy, length);
+ return rc?CURLE_FAILED_INIT:CURLE_OK;
#elif defined(USE_GNUTLS)
if(data)
Curl_gtls_seed(data); /* Initiate the seed if not already done */
gcry_randomize(entropy, length, GCRY_STRONG_RANDOM);
#endif
- return 0;
+ return CURLE_OK;
}
void Curl_gtls_md5sum(unsigned char *tmp, /* input */
@@ -1597,7 +1753,7 @@ void Curl_gtls_md5sum(unsigned char *tmp, /* input */
gcry_md_hd_t MD5pw;
gcry_md_open(&MD5pw, GCRY_MD_MD5, 0);
gcry_md_write(MD5pw, tmp, tmplen);
- memcpy(md5sum, gcry_md_read (MD5pw, 0), md5len);
+ memcpy(md5sum, gcry_md_read(MD5pw, 0), md5len);
gcry_md_close(MD5pw);
#endif
}
@@ -1616,7 +1772,7 @@ void Curl_gtls_sha256sum(const unsigned char *tmp, /*
input */
gcry_md_hd_t SHA256pw;
gcry_md_open(&SHA256pw, GCRY_MD_SHA256, 0);
gcry_md_write(SHA256pw, tmp, tmplen);
- memcpy(sha256sum, gcry_md_read (SHA256pw, 0), sha256len);
+ memcpy(sha256sum, gcry_md_read(SHA256pw, 0), sha256len);
gcry_md_close(SHA256pw);
#endif
}
diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h
index e0a95a7cc..462c04853 100644
--- a/lib/vtls/gtls.h
+++ b/lib/vtls/gtls.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -34,6 +34,8 @@ CURLcode Curl_gtls_connect(struct connectdata *conn, int
sockindex);
CURLcode Curl_gtls_connect_nonblocking(struct connectdata *conn,
int sockindex,
bool *done);
+bool Curl_gtls_data_pending(const struct connectdata *conn,
+ int connindex);
/* close a SSL connection */
void Curl_gtls_close(struct connectdata *conn, int sockindex);
@@ -41,9 +43,9 @@ void Curl_gtls_close(struct connectdata *conn, int sockindex);
void Curl_gtls_session_free(void *ptr);
size_t Curl_gtls_version(char *buffer, size_t size);
int Curl_gtls_shutdown(struct connectdata *conn, int sockindex);
-int Curl_gtls_random(struct Curl_easy *data,
- unsigned char *entropy,
- size_t length);
+CURLcode Curl_gtls_random(struct Curl_easy *data,
+ unsigned char *entropy,
+ size_t length);
void Curl_gtls_md5sum(unsigned char *tmp, /* input */
size_t tmplen,
unsigned char *md5sum, /* output */
@@ -55,6 +57,9 @@ void Curl_gtls_sha256sum(const unsigned char *tmp, /* input */
bool Curl_gtls_cert_status_request(void);
+/* Support HTTPS-proxy */
+#define HTTPS_PROXY_SUPPORT 1
+
/* Set the API backend definition to GnuTLS */
#define CURL_SSL_BACKEND CURLSSLBACKEND_GNUTLS
@@ -81,7 +86,7 @@ bool Curl_gtls_cert_status_request(void);
#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
#define curlssl_version Curl_gtls_version
#define curlssl_check_cxn(x) ((void)x, -1)
-#define curlssl_data_pending(x,y) ((void)x, (void)y, 0)
+#define curlssl_data_pending(x,y) Curl_gtls_data_pending(x,y)
#define curlssl_random(x,y,z) Curl_gtls_random(x,y,z)
#define curlssl_md5sum(a,b,c,d) Curl_gtls_md5sum(a,b,c,d)
#define curlssl_sha256sum(a,b,c,d) Curl_gtls_sha256sum(a,b,c,d)
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index c04fc0385..037babe38 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -6,7 +6,7 @@
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2010 - 2011, Hoi-Ho Chan, <address@hidden>
- * Copyright (C) 2012 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -31,11 +31,15 @@
#ifdef USE_MBEDTLS
+#include <mbedtls/version.h>
+#if MBEDTLS_VERSION_NUMBER >= 0x02040000
+#include <mbedtls/net_sockets.h>
+#else
#include <mbedtls/net.h>
+#endif
#include <mbedtls/ssl.h>
#include <mbedtls/certs.h>
#include <mbedtls/x509.h>
-#include <mbedtls/version.h>
#include <mbedtls/error.h>
#include <mbedtls/entropy.h>
@@ -50,7 +54,6 @@
#include "parsedate.h"
#include "connect.h" /* for the connect timeout */
#include "select.h"
-#include "rawstr.h"
#include "polarssl_threadlock.h"
/* The last 3 #include files should be in this order */
@@ -64,7 +67,7 @@
#endif
#if defined(THREADING_SUPPORT)
-static mbedtls_entropy_context entropy;
+static mbedtls_entropy_context ts_entropy;
static int entropy_init_initialized = 0;
@@ -128,7 +131,7 @@ static void mbed_debug(void *context, int level, const char
*f_name,
/*
* profile
*/
-const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_fr =
+static const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_fr =
{
/* Hashes from SHA-1 and above */
MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1) |
@@ -154,29 +157,101 @@ const mbedtls_x509_crt_profile
mbedtls_x509_crt_profile_fr =
static Curl_recv mbed_recv;
static Curl_send mbed_send;
+static CURLcode mbedtls_version_from_curl(int *mbedver, long version)
+{
+ switch(version) {
+ case CURL_SSLVERSION_TLSv1_0:
+ *mbedver = MBEDTLS_SSL_MINOR_VERSION_1;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_1:
+ *mbedver = MBEDTLS_SSL_MINOR_VERSION_2;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_2:
+ *mbedver = MBEDTLS_SSL_MINOR_VERSION_3;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_3:
+ break;
+ }
+ return CURLE_SSL_CONNECT_ERROR;
+}
+
+static CURLcode
+set_ssl_version_min_max(struct connectdata *conn, int sockindex)
+{
+ struct Curl_easy *data = conn->data;
+ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ int mbedtls_ver_min = MBEDTLS_SSL_MINOR_VERSION_1;
+ int mbedtls_ver_max = MBEDTLS_SSL_MINOR_VERSION_1;
+ long ssl_version = SSL_CONN_CONFIG(version);
+ long ssl_version_max = SSL_CONN_CONFIG(version_max);
+ CURLcode result = CURLE_OK;
+
+ switch(ssl_version) {
+ case CURL_SSLVERSION_DEFAULT:
+ case CURL_SSLVERSION_TLSv1:
+ ssl_version = CURL_SSLVERSION_TLSv1_0;
+ ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
+ break;
+ }
+
+ switch(ssl_version_max) {
+ case CURL_SSLVERSION_MAX_NONE:
+ ssl_version_max = ssl_version << 16;
+ break;
+ case CURL_SSLVERSION_MAX_DEFAULT:
+ ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
+ break;
+ }
+
+ result = mbedtls_version_from_curl(&mbedtls_ver_min, ssl_version);
+ if(result) {
+ failf(data, "unsupported min version passed via CURLOPT_SSLVERSION");
+ return result;
+ }
+ result = mbedtls_version_from_curl(&mbedtls_ver_max, ssl_version_max >> 16);
+ if(result) {
+ failf(data, "unsupported max version passed via CURLOPT_SSLVERSION");
+ return result;
+ }
+
+ mbedtls_ssl_conf_min_version(&connssl->config, MBEDTLS_SSL_MAJOR_VERSION_3,
+ mbedtls_ver_min);
+ mbedtls_ssl_conf_max_version(&connssl->config, MBEDTLS_SSL_MAJOR_VERSION_3,
+ mbedtls_ver_max);
+
+ return result;
+}
+
static CURLcode
mbed_connect_step1(struct connectdata *conn,
int sockindex)
{
struct Curl_easy *data = conn->data;
struct ssl_connect_data* connssl = &conn->ssl[sockindex];
-
+ const char * const ssl_cafile = SSL_CONN_CONFIG(CAfile);
+ const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
+ const char * const ssl_capath = SSL_CONN_CONFIG(CApath);
+ char * const ssl_cert = SSL_SET_OPTION(cert);
+ const char * const ssl_crlfile = SSL_SET_OPTION(CRLfile);
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+ const long int port = SSL_IS_PROXY() ? conn->port : conn->remote_port;
int ret = -1;
char errorbuf[128];
errorbuf[0]=0;
/* mbedTLS only supports SSLv3 and TLSv1 */
- if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
+ if(SSL_CONN_CONFIG(version) == CURL_SSLVERSION_SSLv2) {
failf(data, "mbedTLS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
}
#ifdef THREADING_SUPPORT
- entropy_init_mutex(&entropy);
+ entropy_init_mutex(&ts_entropy);
mbedtls_ctr_drbg_init(&connssl->ctr_drbg);
ret = mbedtls_ctr_drbg_seed(&connssl->ctr_drbg, entropy_func_mutex,
- &entropy, NULL, 0);
+ &ts_entropy, NULL, 0);
if(ret) {
#ifdef MBEDTLS_ERROR_C
mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
@@ -202,34 +277,32 @@ mbed_connect_step1(struct connectdata *conn,
/* Load the trusted CA */
mbedtls_x509_crt_init(&connssl->cacert);
- if(data->set.str[STRING_SSL_CAFILE]) {
- ret = mbedtls_x509_crt_parse_file(&connssl->cacert,
- data->set.str[STRING_SSL_CAFILE]);
+ if(ssl_cafile) {
+ ret = mbedtls_x509_crt_parse_file(&connssl->cacert, ssl_cafile);
if(ret<0) {
#ifdef MBEDTLS_ERROR_C
mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
#endif /* MBEDTLS_ERROR_C */
failf(data, "Error reading ca cert file %s - mbedTLS: (-0x%04X) %s",
- data->set.str[STRING_SSL_CAFILE], -ret, errorbuf);
+ ssl_cafile, -ret, errorbuf);
- if(data->set.ssl.verifypeer)
+ if(verifypeer)
return CURLE_SSL_CACERT_BADFILE;
}
}
- if(data->set.str[STRING_SSL_CAPATH]) {
- ret = mbedtls_x509_crt_parse_path(&connssl->cacert,
- data->set.str[STRING_SSL_CAPATH]);
+ if(ssl_capath) {
+ ret = mbedtls_x509_crt_parse_path(&connssl->cacert, ssl_capath);
if(ret<0) {
#ifdef MBEDTLS_ERROR_C
mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
#endif /* MBEDTLS_ERROR_C */
failf(data, "Error reading ca cert path %s - mbedTLS: (-0x%04X) %s",
- data->set.str[STRING_SSL_CAPATH], -ret, errorbuf);
+ ssl_capath, -ret, errorbuf);
- if(data->set.ssl.verifypeer)
+ if(verifypeer)
return CURLE_SSL_CACERT_BADFILE;
}
}
@@ -237,16 +310,15 @@ mbed_connect_step1(struct connectdata *conn,
/* Load the client certificate */
mbedtls_x509_crt_init(&connssl->clicert);
- if(data->set.str[STRING_CERT]) {
- ret = mbedtls_x509_crt_parse_file(&connssl->clicert,
- data->set.str[STRING_CERT]);
+ if(ssl_cert) {
+ ret = mbedtls_x509_crt_parse_file(&connssl->clicert, ssl_cert);
if(ret) {
#ifdef MBEDTLS_ERROR_C
mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
#endif /* MBEDTLS_ERROR_C */
failf(data, "Error reading client cert file %s - mbedTLS: (-0x%04X) %s",
- data->set.str[STRING_CERT], -ret, errorbuf);
+ ssl_cert, -ret, errorbuf);
return CURLE_SSL_CERTPROBLEM;
}
@@ -255,9 +327,9 @@ mbed_connect_step1(struct connectdata *conn,
/* Load the client private key */
mbedtls_pk_init(&connssl->pk);
- if(data->set.str[STRING_KEY]) {
- ret = mbedtls_pk_parse_keyfile(&connssl->pk, data->set.str[STRING_KEY],
- data->set.str[STRING_KEY_PASSWD]);
+ if(SSL_SET_OPTION(key)) {
+ ret = mbedtls_pk_parse_keyfile(&connssl->pk, SSL_SET_OPTION(key),
+ SSL_SET_OPTION(key_passwd));
if(ret == 0 && !mbedtls_pk_can_do(&connssl->pk, MBEDTLS_PK_RSA))
ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
@@ -266,7 +338,7 @@ mbed_connect_step1(struct connectdata *conn,
mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
#endif /* MBEDTLS_ERROR_C */
failf(data, "Error reading private key %s - mbedTLS: (-0x%04X) %s",
- data->set.str[STRING_KEY], -ret, errorbuf);
+ SSL_SET_OPTION(key), -ret, errorbuf);
return CURLE_SSL_CERTPROBLEM;
}
@@ -275,23 +347,21 @@ mbed_connect_step1(struct connectdata *conn,
/* Load the CRL */
mbedtls_x509_crl_init(&connssl->crl);
- if(data->set.str[STRING_SSL_CRLFILE]) {
- ret = mbedtls_x509_crl_parse_file(&connssl->crl,
- data->set.str[STRING_SSL_CRLFILE]);
+ if(ssl_crlfile) {
+ ret = mbedtls_x509_crl_parse_file(&connssl->crl, ssl_crlfile);
if(ret) {
#ifdef MBEDTLS_ERROR_C
mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
#endif /* MBEDTLS_ERROR_C */
failf(data, "Error reading CRL file %s - mbedTLS: (-0x%04X) %s",
- data->set.str[STRING_SSL_CRLFILE], -ret, errorbuf);
+ ssl_crlfile, -ret, errorbuf);
return CURLE_SSL_CRL_BADFILE;
}
}
- infof(data, "mbedTLS: Connecting to %s:%d\n",
- conn->host.name, conn->remote_port);
+ infof(data, "mbedTLS: Connecting to %s:%d\n", hostname, port);
mbedtls_ssl_config_init(&connssl->config);
@@ -313,7 +383,7 @@ mbed_connect_step1(struct connectdata *conn,
mbedtls_ssl_conf_cert_profile(&connssl->config,
&mbedtls_x509_crt_profile_fr);
- switch(data->set.ssl.version) {
+ switch(SSL_CONN_CONFIG(version)) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
mbedtls_ssl_conf_min_version(&connssl->config, MBEDTLS_SSL_MAJOR_VERSION_3,
@@ -328,28 +398,17 @@ mbed_connect_step1(struct connectdata *conn,
infof(data, "mbedTLS: Set SSL version to SSLv3\n");
break;
case CURL_SSLVERSION_TLSv1_0:
- mbedtls_ssl_conf_min_version(&connssl->config, MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_1);
- mbedtls_ssl_conf_max_version(&connssl->config, MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_1);
- infof(data, "mbedTLS: Set SSL version to TLS 1.0\n");
- break;
case CURL_SSLVERSION_TLSv1_1:
- mbedtls_ssl_conf_min_version(&connssl->config, MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_2);
- mbedtls_ssl_conf_max_version(&connssl->config, MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_2);
- infof(data, "mbedTLS: Set SSL version to TLS 1.1\n");
- break;
case CURL_SSLVERSION_TLSv1_2:
- mbedtls_ssl_conf_min_version(&connssl->config, MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_3);
- mbedtls_ssl_conf_max_version(&connssl->config, MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_3);
- infof(data, "mbedTLS: Set SSL version to TLS 1.2\n");
- break;
+ case CURL_SSLVERSION_TLSv1_3:
+ {
+ CURLcode result = set_ssl_version_min_max(conn, sockindex);
+ if(result != CURLE_OK)
+ return result;
+ break;
+ }
default:
- failf(data, "mbedTLS: Unsupported SSL protocol version");
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
return CURLE_SSL_CONNECT_ERROR;
}
@@ -365,12 +424,22 @@ mbed_connect_step1(struct connectdata *conn,
mbedtls_ssl_conf_ciphersuites(&connssl->config,
mbedtls_ssl_list_ciphersuites());
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+ mbedtls_ssl_conf_renegotiation(&connssl->config,
+ MBEDTLS_SSL_RENEGOTIATION_ENABLED);
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+ mbedtls_ssl_conf_session_tickets(&connssl->config,
+ MBEDTLS_SSL_SESSION_TICKETS_DISABLED);
+#endif
+
/* Check if there's a cached ID we can/should use here! */
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
void *old_session = NULL;
Curl_ssl_sessionid_lock(conn);
- if(!Curl_ssl_getsessionid(conn, &old_session, NULL)) {
+ if(!Curl_ssl_getsessionid(conn, &old_session, NULL, sockindex)) {
ret = mbedtls_ssl_set_session(&connssl->ssl, old_session);
if(ret) {
Curl_ssl_sessionid_unlock(conn);
@@ -386,11 +455,11 @@ mbed_connect_step1(struct connectdata *conn,
&connssl->cacert,
&connssl->crl);
- if(data->set.str[STRING_KEY]) {
+ if(SSL_SET_OPTION(key)) {
mbedtls_ssl_conf_own_cert(&connssl->config,
&connssl->clicert, &connssl->pk);
}
- if(mbedtls_ssl_set_hostname(&connssl->ssl, conn->host.name)) {
+ if(mbedtls_ssl_set_hostname(&connssl->ssl, hostname)) {
/* mbedtls_ssl_set_hostname() sets the name to use in CN/SAN checks *and*
the name to set in the SNI extension. So even if curl connects to a
host specified as an IP address, this function must be used. */
@@ -431,6 +500,16 @@ mbed_connect_step1(struct connectdata *conn,
mbedtls_debug_set_threshold(4);
#endif
+ /* give application a chance to interfere with mbedTLS set up. */
+ if(data->set.ssl.fsslctx) {
+ ret = (*data->set.ssl.fsslctx)(data, &connssl->config,
+ data->set.ssl.fsslctxp);
+ if(ret) {
+ failf(data, "error signaled by ssl ctx callback");
+ return ret;
+ }
+ }
+
connssl->connecting_state = ssl_connect_2;
return CURLE_OK;
@@ -444,9 +523,12 @@ mbed_connect_step2(struct connectdata *conn,
struct Curl_easy *data = conn->data;
struct ssl_connect_data* connssl = &conn->ssl[sockindex];
const mbedtls_x509_crt *peercert;
+ const char * const pinnedpubkey = SSL_IS_PROXY() ?
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
#ifdef HAS_ALPN
- const char* next_protocol;
+ const char *next_protocol;
#endif
char errorbuf[128];
@@ -480,7 +562,7 @@ mbed_connect_step2(struct connectdata *conn,
ret = mbedtls_ssl_get_verify_result(&conn->ssl[sockindex].ssl);
- if(ret && data->set.ssl.verifypeer) {
+ if(ret && SSL_CONN_CONFIG(verifypeer)) {
if(ret & MBEDTLS_X509_BADCERT_EXPIRED)
failf(data, "Cert verify failed: BADCERT_EXPIRED");
@@ -515,7 +597,7 @@ mbed_connect_step2(struct connectdata *conn,
free(buffer);
}
- if(data->set.str[STRING_SSL_PINNEDPUBLICKEY]) {
+ if(pinnedpubkey) {
int size;
CURLcode result;
mbedtls_x509_crt *p;
@@ -554,7 +636,7 @@ mbed_connect_step2(struct connectdata *conn,
/* mbedtls_pk_write_pubkey_der writes data at the end of the buffer. */
result = Curl_pin_peer_pubkey(data,
- data->set.str[STRING_SSL_PINNEDPUBLICKEY],
+ pinnedpubkey,
&pubkey[PUB_DER_MAX_BYTES - size], size);
if(result) {
mbedtls_x509_crt_free(p);
@@ -607,7 +689,7 @@ mbed_connect_step3(struct connectdata *conn,
DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
int ret;
mbedtls_ssl_session *our_ssl_sessionid;
void *old_ssl_sessionid = NULL;
@@ -620,16 +702,17 @@ mbed_connect_step3(struct connectdata *conn,
ret = mbedtls_ssl_get_session(&connssl->ssl, our_ssl_sessionid);
if(ret) {
+ free(our_ssl_sessionid);
failf(data, "mbedtls_ssl_get_session returned -0x%x", -ret);
return CURLE_SSL_CONNECT_ERROR;
}
/* If there's already a matching session in the cache, delete it */
Curl_ssl_sessionid_lock(conn);
- if(!Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL))
+ if(!Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL, sockindex))
Curl_ssl_delsessionid(conn, old_ssl_sessionid);
- retcode = Curl_ssl_addsessionid(conn, our_ssl_sessionid, 0);
+ retcode = Curl_ssl_addsessionid(conn, our_ssl_sessionid, 0, sockindex);
Curl_ssl_sessionid_unlock(conn);
if(retcode) {
free(our_ssl_sessionid);
@@ -718,6 +801,55 @@ size_t Curl_mbedtls_version(char *buffer, size_t size)
(version>>16)&0xff, (version>>8)&0xff);
}
+CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
+ size_t length)
+{
+#if defined(MBEDTLS_CTR_DRBG_C)
+ int ret = -1;
+ char errorbuf[128];
+ mbedtls_entropy_context ctr_entropy;
+ mbedtls_ctr_drbg_context ctr_drbg;
+ mbedtls_entropy_init(&ctr_entropy);
+ mbedtls_ctr_drbg_init(&ctr_drbg);
+ errorbuf[0]=0;
+
+ ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+ &ctr_entropy, NULL, 0);
+
+ if(ret) {
+#ifdef MBEDTLS_ERROR_C
+ mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
+#endif /* MBEDTLS_ERROR_C */
+ failf(data, "Failed - mbedTLS: ctr_drbg_seed returned (-0x%04X) %s\n",
+ -ret, errorbuf);
+ }
+ else {
+ ret = mbedtls_ctr_drbg_random(&ctr_drbg, entropy, length);
+
+ if(ret) {
+#ifdef MBEDTLS_ERROR_C
+ mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
+#endif /* MBEDTLS_ERROR_C */
+ failf(data, "mbedTLS: ctr_drbg_init returned (-0x%04X) %s\n",
+ -ret, errorbuf);
+ }
+ }
+
+ mbedtls_ctr_drbg_free(&ctr_drbg);
+ mbedtls_entropy_free(&ctr_entropy);
+
+ return ret == 0 ? CURLE_OK : CURLE_FAILED_INIT;
+#elif defined(MBEDTLS_HAVEGE_C)
+ mbedtls_havege_state hs;
+ mbedtls_havege_init(&hs);
+ mbedtls_havege_random(&hs, entropy, length);
+ mbedtls_havege_free(&hs);
+ return CURLE_OK;
+#else
+ return CURLE_NOT_BUILT_IN;
+#endif
+}
+
static CURLcode
mbed_connect_common(struct connectdata *conn,
int sockindex,
@@ -773,7 +905,8 @@ mbed_connect_common(struct connectdata *conn,
curl_socket_t readfd = ssl_connect_2_reading==
connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
- what = Curl_socket_ready(readfd, writefd, nonblocking ? 0 : timeout_ms);
+ what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
+ nonblocking ? 0 : timeout_ms);
if(what < 0) {
/* fatal error */
failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
@@ -871,9 +1004,7 @@ void Curl_mbedtls_cleanup(void)
int Curl_mbedtls_data_pending(const struct connectdata *conn, int sockindex)
{
- mbedtls_ssl_context *ssl =
- (mbedtls_ssl_context *)&conn->ssl[sockindex].ssl;
- return ssl->in_msglen != 0;
+ return mbedtls_ssl_get_bytes_avail(&conn->ssl[sockindex].ssl) != 0;
}
#endif /* USE_MBEDTLS */
diff --git a/lib/vtls/mbedtls.h b/lib/vtls/mbedtls.h
index 1021d5461..71d17a491 100644
--- a/lib/vtls/mbedtls.h
+++ b/lib/vtls/mbedtls.h
@@ -50,9 +50,15 @@ void Curl_mbedtls_session_free(void *ptr);
size_t Curl_mbedtls_version(char *buffer, size_t size);
int Curl_mbedtls_shutdown(struct connectdata *conn, int sockindex);
+CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
+ size_t length);
+
/* this backends supports CURLOPT_PINNEDPUBLICKEY */
#define have_curlssl_pinnedpubkey 1
+/* this backend supports CURLOPT_SSL_CTX_* */
+#define have_curlssl_ssl_ctx 1
+
/* API setup for mbedTLS */
#define curlssl_init() Curl_mbedtls_init()
#define curlssl_cleanup() Curl_mbedtls_cleanup()
@@ -70,11 +76,7 @@ int Curl_mbedtls_shutdown(struct connectdata *conn, int
sockindex);
#define curlssl_data_pending(x,y) Curl_mbedtls_data_pending(x, y)
#define CURL_SSL_BACKEND CURLSSLBACKEND_MBEDTLS
#define curlssl_sha256sum(a,b,c,d) mbedtls_sha256(a,b,c,0)
-
-/* This might cause libcurl to use a weeker random!
- TODO: implement proper use of Polarssl's CTR-DRBG or HMAC-DRBG and use that
-*/
-#define curlssl_random(x,y,z) (x=x, y=y, z=z, CURLE_NOT_BUILT_IN)
+#define curlssl_random(x,y,z) Curl_mbedtls_random(x, y, z)
#endif /* USE_MBEDTLS */
#endif /* HEADER_CURL_MBEDTLS_H */
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 8a4249cba..d1711d6a1 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -34,7 +34,7 @@
#include "formdata.h" /* for the boundary function */
#include "url.h" /* for the ssl config check function */
#include "connect.h"
-#include "strequal.h"
+#include "strcase.h"
#include "select.h"
#include "vtls.h"
#include "llist.h"
@@ -56,7 +56,8 @@
#include <base64.h>
#include <cert.h>
#include <prerror.h>
-#include <keyhi.h> /* for SECKEY_DestroyPublicKey() */
+#include <keyhi.h> /* for SECKEY_DestroyPublicKey() */
+#include <private/pprio.h> /* for PR_ImportTCPSocket */
#define NSSVERNUM ((NSS_VMAJOR<<16)|(NSS_VMINOR<<8)|NSS_VPATCH)
@@ -64,7 +65,7 @@
#include <ocsp.h>
#endif
-#include "rawstr.h"
+#include "strcase.h"
#include "warnless.h"
#include "x509asn1.h"
@@ -77,14 +78,20 @@
/* enough to fit the string "PEM Token #[0|1]" */
#define SLOTSIZE 13
-PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd);
static PRLock *nss_initlock = NULL;
static PRLock *nss_crllock = NULL;
static PRLock *nss_findslot_lock = NULL;
-static struct curl_llist *nss_crl_list = NULL;
+static PRLock *nss_trustload_lock = NULL;
+static struct curl_llist nss_crl_list;
static NSSInitContext *nss_context = NULL;
static volatile int initialized = 0;
+/* type used to wrap pointers as list nodes */
+struct ptr_list_wrap {
+ void *ptr;
+ struct curl_llist_element node;
+};
+
typedef struct {
const char *name;
int num;
@@ -149,7 +156,7 @@ static const cipher_s cipherlist[] = {
{"ecdh_rsa_3des_sha", TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA},
{"ecdh_rsa_aes_128_sha", TLS_ECDH_RSA_WITH_AES_128_CBC_SHA},
{"ecdh_rsa_aes_256_sha", TLS_ECDH_RSA_WITH_AES_256_CBC_SHA},
- {"echde_rsa_null", TLS_ECDHE_RSA_WITH_NULL_SHA},
+ {"ecdhe_rsa_null", TLS_ECDHE_RSA_WITH_NULL_SHA},
{"ecdhe_rsa_rc4_128_sha", TLS_ECDHE_RSA_WITH_RC4_128_SHA},
{"ecdhe_rsa_3des_sha", TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA},
{"ecdhe_rsa_aes_128_sha", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
@@ -179,16 +186,38 @@ static const cipher_s cipherlist[] = {
{"ecdhe_rsa_aes_128_gcm_sha_256", TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
{"ecdh_rsa_aes_128_gcm_sha_256", TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256},
#endif
+#ifdef TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ /* cipher suites using SHA384 */
+ {"rsa_aes_256_gcm_sha_384", TLS_RSA_WITH_AES_256_GCM_SHA384},
+ {"dhe_rsa_aes_256_gcm_sha_384", TLS_DHE_RSA_WITH_AES_256_GCM_SHA384},
+ {"dhe_dss_aes_256_gcm_sha_384", TLS_DHE_DSS_WITH_AES_256_GCM_SHA384},
+ {"ecdhe_ecdsa_aes_256_sha_384", TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384},
+ {"ecdhe_rsa_aes_256_sha_384", TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384},
+ {"ecdhe_ecdsa_aes_256_gcm_sha_384", TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384},
+ {"ecdhe_rsa_aes_256_gcm_sha_384", TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384},
+#endif
+#ifdef TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ /* chacha20-poly1305 cipher suites */
+ {"ecdhe_rsa_chacha20_poly1305_sha_256",
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
+ {"ecdhe_ecdsa_chacha20_poly1305_sha_256",
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256},
+ {"dhe_rsa_chacha20_poly1305_sha_256",
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
+#endif
};
-static const char* pem_library = "libnsspem.so";
-static SECMODModule* mod = NULL;
+static const char *pem_library = "libnsspem.so";
+static SECMODModule *pem_module = NULL;
+
+static const char *trust_library = "libnssckbi.so";
+static SECMODModule *trust_module = NULL;
/* NSPR I/O layer we use to detect blocking direction during SSL handshake */
static PRDescIdentity nspr_io_identity = PR_INVALID_IO_LAYER;
static PRIOMethods nspr_io_methods;
-static const char* nss_error_to_name(PRErrorCode code)
+static const char *nss_error_to_name(PRErrorCode code)
{
const char *name = PR_ErrorToName(code);
if(name)
@@ -235,14 +264,15 @@ static SECStatus set_ciphers(struct Curl_easy *data,
PRFileDesc * model,
while((*cipher) && (ISSPACE(*cipher)))
++cipher;
- if((cipher_list = strchr(cipher, ','))) {
+ cipher_list = strchr(cipher, ',');
+ if(cipher_list) {
*cipher_list++ = '\0';
}
found = PR_FALSE;
for(i=0; i<NUM_OF_CIPHERS; i++) {
- if(Curl_raw_equal(cipher, cipherlist[i].name)) {
+ if(strcasecompare(cipher, cipherlist[i].name)) {
cipher_state[i] = PR_TRUE;
found = PR_TRUE;
break;
@@ -318,9 +348,8 @@ static int is_file(const char *filename)
* should be later deallocated using free(). If the OOM failure occurs, we
* return NULL, too.
*/
-static char* dup_nickname(struct Curl_easy *data, enum dupstring cert_kind)
+static char *dup_nickname(struct Curl_easy *data, const char *str)
{
- const char *str = data->set.str[cert_kind];
const char *n;
if(!is_file(str))
@@ -346,12 +375,24 @@ static char* dup_nickname(struct Curl_easy *data, enum
dupstring cert_kind)
static PK11SlotInfo* nss_find_slot_by_name(const char *slot_name)
{
PK11SlotInfo *slot;
- PR_Lock(nss_initlock);
+ PR_Lock(nss_findslot_lock);
slot = PK11_FindSlotByName(slot_name);
- PR_Unlock(nss_initlock);
+ PR_Unlock(nss_findslot_lock);
return slot;
}
+/* wrap 'ptr' as list node and tail-insert into 'list' */
+static CURLcode insert_wrapped_ptr(struct curl_llist *list, void *ptr)
+{
+ struct ptr_list_wrap *wrap = malloc(sizeof *wrap);
+ if(!wrap)
+ return CURLE_OUT_OF_MEMORY;
+
+ wrap->ptr = ptr;
+ Curl_llist_insert_next(list, list->tail, wrap, &wrap->node);
+ return CURLE_OK;
+}
+
/* Call PK11_CreateGenericObject() with the given obj_class and filename. If
* the call succeeds, append the object handle to the list of objects so that
* the object can be destroyed in Curl_nss_close(). */
@@ -382,7 +423,7 @@ static CURLcode nss_create_object(struct ssl_connect_data
*ssl,
PK11_SETATTRS(attrs, attr_cnt, CKA_CLASS, &obj_class, sizeof(obj_class));
PK11_SETATTRS(attrs, attr_cnt, CKA_TOKEN, &cktrue, sizeof(CK_BBOOL));
PK11_SETATTRS(attrs, attr_cnt, CKA_LABEL, (unsigned char *)filename,
- strlen(filename) + 1);
+ (CK_ULONG)strlen(filename) + 1);
if(CKO_CERTIFICATE == obj_class) {
CK_BBOOL *pval = (cacert) ? (&cktrue) : (&ckfalse);
@@ -394,7 +435,7 @@ static CURLcode nss_create_object(struct ssl_connect_data
*ssl,
if(!obj)
return result;
- if(!Curl_llist_insert_next(ssl->obj_list, ssl->obj_list->tail, obj)) {
+ if(insert_wrapped_ptr(&ssl->obj_list, obj) != CURLE_OK) {
PK11_DestroyGenericObject(obj);
return CURLE_OUT_OF_MEMORY;
}
@@ -411,17 +452,21 @@ static CURLcode nss_create_object(struct ssl_connect_data
*ssl,
* NSS objects in Curl_nss_close() */
static void nss_destroy_object(void *user, void *ptr)
{
- PK11GenericObject *obj = (PK11GenericObject *)ptr;
+ struct ptr_list_wrap *wrap = (struct ptr_list_wrap *) ptr;
+ PK11GenericObject *obj = (PK11GenericObject *) wrap->ptr;
(void) user;
PK11_DestroyGenericObject(obj);
+ free(wrap);
}
/* same as nss_destroy_object() but for CRL items */
static void nss_destroy_crl_item(void *user, void *ptr)
{
- SECItem *crl_der = (SECItem *)ptr;
+ struct ptr_list_wrap *wrap = (struct ptr_list_wrap *) ptr;
+ SECItem *crl_der = (SECItem *) wrap->ptr;
(void) user;
SECITEM_FreeItem(crl_der, PR_TRUE);
+ free(wrap);
}
static CURLcode nss_load_cert(struct ssl_connect_data *ssl,
@@ -477,7 +522,7 @@ static CURLcode nss_cache_crl(SECItem *crl_der)
PR_Lock(nss_crllock);
/* store the CRL item so that we can free it in Curl_nss_cleanup() */
- if(!Curl_llist_insert_next(nss_crl_list, nss_crl_list->tail, crl_der)) {
+ if(insert_wrapped_ptr(&nss_crl_list, crl_der) != CURLE_OK) {
SECITEM_FreeItem(crl_der, PR_TRUE);
PR_Unlock(nss_crllock);
return CURLE_OUT_OF_MEMORY;
@@ -495,7 +540,7 @@ static CURLcode nss_cache_crl(SECItem *crl_der)
return CURLE_OK;
}
-static CURLcode nss_load_crl(const char* crlfilename)
+static CURLcode nss_load_crl(const char *crlfilename)
{
PRFileDesc *infile;
PRFileInfo info;
@@ -521,7 +566,7 @@ static CURLcode nss_load_crl(const char* crlfilename)
goto fail;
/* place a trailing zero right after the visible data */
- body = (char*)filedata.data;
+ body = (char *)filedata.data;
body[--filedata.len] = '\0';
body = strstr(body, "-----BEGIN");
@@ -562,10 +607,11 @@ fail:
static CURLcode nss_load_key(struct connectdata *conn, int sockindex,
char *key_file)
{
- PK11SlotInfo *slot;
+ PK11SlotInfo *slot, *tmp;
SECStatus status;
CURLcode result;
struct ssl_connect_data *ssl = conn->ssl;
+ struct Curl_easy *data = conn->data;
(void)sockindex; /* unused */
@@ -580,11 +626,12 @@ static CURLcode nss_load_key(struct connectdata *conn,
int sockindex,
return CURLE_SSL_CERTPROBLEM;
/* This will force the token to be seen as re-inserted */
- SECMOD_WaitForAnyTokenEvent(mod, 0, 0);
+ tmp = SECMOD_WaitForAnyTokenEvent(pem_module, 0, 0);
+ if(tmp)
+ PK11_FreeSlot(tmp);
PK11_IsPresent(slot);
- status = PK11_Authenticate(slot, PR_TRUE,
- conn->data->set.str[STRING_KEY_PASSWD]);
+ status = PK11_Authenticate(slot, PR_TRUE, SSL_SET_OPTION(key_passwd));
PK11_FreeSlot(slot);
return (SECSuccess == status) ? CURLE_OK : CURLE_SSL_CERTPROBLEM;
@@ -645,7 +692,7 @@ static CURLcode cert_stuff(struct connectdata *conn, int
sockindex,
return CURLE_OK;
}
-static char * nss_get_password(PK11SlotInfo * slot, PRBool retry, void *arg)
+static char *nss_get_password(PK11SlotInfo *slot, PRBool retry, void *arg)
{
(void)slot; /* unused */
@@ -663,7 +710,7 @@ static SECStatus nss_auth_cert_hook(void *arg, PRFileDesc
*fd, PRBool checksig,
struct connectdata *conn = (struct connectdata *)arg;
#ifdef SSL_ENABLE_OCSP_STAPLING
- if(conn->data->set.ssl.verifystatus) {
+ if(SSL_CONN_CONFIG(verifystatus)) {
SECStatus cacheResult;
const SECItemArray *csa = SSL_PeerStapledOCSPResponses(fd);
@@ -689,7 +736,7 @@ static SECStatus nss_auth_cert_hook(void *arg, PRFileDesc
*fd, PRBool checksig,
}
#endif
- if(!conn->data->set.ssl.verifypeer) {
+ if(!SSL_CONN_CONFIG(verifypeer)) {
infof(conn->data, "skipping SSL peer certificate verification\n");
return SECSuccess;
}
@@ -715,6 +762,11 @@ static void HandshakeCallback(PRFileDesc *sock, void *arg)
if(SSL_GetNextProto(sock, &state, buf, &buflen, buflenmax) == SECSuccess) {
switch(state) {
+#if NSSVERNUM >= 0x031a00 /* 3.26.0 */
+ /* used by NSS internally to implement 0-RTT */
+ case SSL_NEXT_PROTO_EARLY_VALUE:
+ /* fall through! */
+#endif
case SSL_NEXT_PROTO_NO_SUPPORT:
case SSL_NEXT_PROTO_NO_OVERLAP:
infof(conn->data, "ALPN/NPN, server did not agree to a protocol\n");
@@ -909,9 +961,12 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc
*sock)
CERTCertificate *cert;
/* remember the cert verification result */
- data->set.ssl.certverifyresult = err;
+ if(SSL_IS_PROXY())
+ data->set.proxy_ssl.certverifyresult = err;
+ else
+ data->set.ssl.certverifyresult = err;
- if(err == SSL_ERROR_BAD_CERT_DOMAIN && !data->set.ssl.verifyhost)
+ if(err == SSL_ERROR_BAD_CERT_DOMAIN && !SSL_CONN_CONFIG(verifyhost))
/* we are asked not to verify the host name */
return SECSuccess;
@@ -1151,6 +1206,50 @@ static PRStatus nspr_io_close(PRFileDesc *fd)
return close_fn(fd);
}
+/* load a PKCS #11 module */
+static CURLcode nss_load_module(SECMODModule **pmod, const char *library,
+ const char *name)
+{
+ char *config_string;
+ SECMODModule *module = *pmod;
+ if(module)
+ /* already loaded */
+ return CURLE_OK;
+
+ config_string = aprintf("library=%s name=%s", library, name);
+ if(!config_string)
+ return CURLE_OUT_OF_MEMORY;
+
+ module = SECMOD_LoadUserModule(config_string, NULL, PR_FALSE);
+ free(config_string);
+
+ if(module && module->loaded) {
+ /* loaded successfully */
+ *pmod = module;
+ return CURLE_OK;
+ }
+
+ if(module)
+ SECMOD_DestroyModule(module);
+ return CURLE_FAILED_INIT;
+}
+
+/* unload a PKCS #11 module */
+static void nss_unload_module(SECMODModule **pmod)
+{
+ SECMODModule *module = *pmod;
+ if(!module)
+ /* not loaded */
+ return;
+
+ if(SECMOD_UnloadUserModule(module) != SECSuccess)
+ /* unload failed */
+ return;
+
+ SECMOD_DestroyModule(module);
+ *pmod = NULL;
+}
+
/* data might be NULL */
static CURLcode nss_init_core(struct Curl_easy *data, const char *cert_dir)
{
@@ -1200,9 +1299,7 @@ static CURLcode nss_init(struct Curl_easy *data)
return CURLE_OK;
/* list of all CRL items we need to destroy in Curl_nss_cleanup() */
- nss_crl_list = Curl_llist_alloc(nss_destroy_crl_item);
- if(!nss_crl_list)
- return CURLE_OUT_OF_MEMORY;
+ Curl_llist_init(&nss_crl_list, nss_destroy_crl_item);
/* First we check if $SSL_DIR points to a valid dir */
cert_dir = getenv("SSL_DIR");
@@ -1262,6 +1359,7 @@ int Curl_nss_init(void)
nss_initlock = PR_NewLock();
nss_crllock = PR_NewLock();
nss_findslot_lock = PR_NewLock();
+ nss_trustload_lock = PR_NewLock();
}
/* We will actually initialize NSS later */
@@ -1300,23 +1398,21 @@ void Curl_nss_cleanup(void)
* the certificates. */
SSL_ClearSessionCache();
- if(mod && SECSuccess == SECMOD_UnloadUserModule(mod)) {
- SECMOD_DestroyModule(mod);
- mod = NULL;
- }
+ nss_unload_module(&pem_module);
+ nss_unload_module(&trust_module);
NSS_ShutdownContext(nss_context);
nss_context = NULL;
}
/* destroy all CRL items */
- Curl_llist_destroy(nss_crl_list, NULL);
- nss_crl_list = NULL;
+ Curl_llist_destroy(&nss_crl_list, NULL);
PR_Unlock(nss_initlock);
PR_DestroyLock(nss_initlock);
PR_DestroyLock(nss_crllock);
PR_DestroyLock(nss_findslot_lock);
+ PR_DestroyLock(nss_trustload_lock);
nss_initlock = NULL;
initialized = 0;
@@ -1348,36 +1444,54 @@ Curl_nss_check_cxn(struct connectdata *conn)
return -1; /* connection status unknown */
}
+static void nss_close(struct ssl_connect_data *connssl)
+{
+ /* before the cleanup, check whether we are using a client certificate */
+ const bool client_cert = (connssl->client_nickname != NULL)
+ || (connssl->obj_clicert != NULL);
+
+ free(connssl->client_nickname);
+ connssl->client_nickname = NULL;
+
+ /* destroy all NSS objects in order to avoid failure of NSS shutdown */
+ Curl_llist_destroy(&connssl->obj_list, NULL);
+ connssl->obj_clicert = NULL;
+
+ if(connssl->handle) {
+ if(client_cert)
+ /* A server might require different authentication based on the
+ * particular path being requested by the client. To support this
+ * scenario, we must ensure that a connection will never reuse the
+ * authentication data from a previous connection. */
+ SSL_InvalidateSession(connssl->handle);
+
+ PR_Close(connssl->handle);
+ connssl->handle = NULL;
+ }
+}
+
/*
* This function is called when an SSL connection is closed.
*/
void Curl_nss_close(struct connectdata *conn, int sockindex)
{
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ struct ssl_connect_data *connssl_proxy = &conn->proxy_ssl[sockindex];
- if(connssl->handle) {
+ if(connssl->handle || connssl_proxy->handle) {
/* NSS closes the socket we previously handed to it, so we must mark it
as closed to avoid double close */
fake_sclose(conn->sock[sockindex]);
conn->sock[sockindex] = CURL_SOCKET_BAD;
+ }
- if((connssl->client_nickname != NULL) || (connssl->obj_clicert != NULL))
- /* A server might require different authentication based on the
- * particular path being requested by the client. To support this
- * scenario, we must ensure that a connection will never reuse the
- * authentication data from a previous connection. */
- SSL_InvalidateSession(connssl->handle);
-
- free(connssl->client_nickname);
- connssl->client_nickname = NULL;
- /* destroy all NSS objects in order to avoid failure of NSS shutdown */
- Curl_llist_destroy(connssl->obj_list, NULL);
- connssl->obj_list = NULL;
- connssl->obj_clicert = NULL;
+ if(connssl->handle)
+ /* nss_close(connssl) will transitively close also connssl_proxy->handle
+ if both are used. Clear it to avoid a double close leading to crash. */
+ connssl_proxy->handle = NULL;
- PR_Close(connssl->handle);
- connssl->handle = NULL;
- }
+ nss_close(connssl);
+ nss_close(connssl_proxy);
}
/* return true if NSS can provide error code (and possibly msg) for the
@@ -1418,14 +1532,46 @@ static CURLcode nss_load_ca_certificates(struct
connectdata *conn,
int sockindex)
{
struct Curl_easy *data = conn->data;
- const char *cafile = data->set.ssl.CAfile;
- const char *capath = data->set.ssl.CApath;
+ const char *cafile = SSL_CONN_CONFIG(CAfile);
+ const char *capath = SSL_CONN_CONFIG(CApath);
+ bool use_trust_module;
+ CURLcode result = CURLE_OK;
- if(cafile) {
- CURLcode result = nss_load_cert(&conn->ssl[sockindex], cafile, PR_TRUE);
- if(result)
- return result;
+ /* treat empty string as unset */
+ if(cafile && !cafile[0])
+ cafile = NULL;
+ if(capath && !capath[0])
+ capath = NULL;
+
+ infof(data, " CAfile: %s\n CApath: %s\n",
+ cafile ? cafile : "none",
+ capath ? capath : "none");
+
+ /* load libnssckbi.so if no other trust roots were specified */
+ use_trust_module = !cafile && !capath;
+
+ PR_Lock(nss_trustload_lock);
+ if(use_trust_module && !trust_module) {
+ /* libnssckbi.so needed but not yet loaded --> load it! */
+ result = nss_load_module(&trust_module, trust_library, "trust");
+ infof(data, "%s %s\n", (result) ? "failed to load" : "loaded",
+ trust_library);
+ if(result == CURLE_FAILED_INIT)
+ /* make the error non-fatal if we are not going to verify peer */
+ result = CURLE_SSL_CACERT_BADFILE;
+ }
+ else if(!use_trust_module && trust_module) {
+ /* libnssckbi.so not needed but already loaded --> unload it! */
+ infof(data, "unloading %s\n", trust_library);
+ nss_unload_module(&trust_module);
}
+ PR_Unlock(nss_trustload_lock);
+
+ if(cafile)
+ result = nss_load_cert(&conn->ssl[sockindex], cafile, PR_TRUE);
+
+ if(result)
+ return result;
if(capath) {
struct_stat st;
@@ -1459,64 +1605,111 @@ static CURLcode nss_load_ca_certificates(struct
connectdata *conn,
infof(data, "warning: CURLOPT_CAPATH not a directory (%s)\n", capath);
}
- infof(data, " CAfile: %s\n CApath: %s\n",
- cafile ? cafile : "none",
- capath ? capath : "none");
-
return CURLE_OK;
}
-static CURLcode nss_init_sslver(SSLVersionRange *sslver,
- struct Curl_easy *data)
+static CURLcode nss_sslver_from_curl(PRUint16 *nssver, long version)
{
- switch(data->set.ssl.version) {
- default:
- case CURL_SSLVERSION_DEFAULT:
+ switch(version) {
case CURL_SSLVERSION_TLSv1:
- sslver->min = SSL_LIBRARY_VERSION_TLS_1_0;
+ /* TODO: set sslver->max to SSL_LIBRARY_VERSION_TLS_1_3 once stable */
#ifdef SSL_LIBRARY_VERSION_TLS_1_2
- sslver->max = SSL_LIBRARY_VERSION_TLS_1_2;
+ *nssver = SSL_LIBRARY_VERSION_TLS_1_2;
#elif defined SSL_LIBRARY_VERSION_TLS_1_1
- sslver->max = SSL_LIBRARY_VERSION_TLS_1_1;
+ *nssver = SSL_LIBRARY_VERSION_TLS_1_1;
#else
- sslver->max = SSL_LIBRARY_VERSION_TLS_1_0;
+ *nssver = SSL_LIBRARY_VERSION_TLS_1_0;
#endif
return CURLE_OK;
case CURL_SSLVERSION_SSLv2:
- sslver->min = SSL_LIBRARY_VERSION_2;
- sslver->max = SSL_LIBRARY_VERSION_2;
+ *nssver = SSL_LIBRARY_VERSION_2;
return CURLE_OK;
case CURL_SSLVERSION_SSLv3:
- sslver->min = SSL_LIBRARY_VERSION_3_0;
- sslver->max = SSL_LIBRARY_VERSION_3_0;
+ *nssver = SSL_LIBRARY_VERSION_3_0;
return CURLE_OK;
case CURL_SSLVERSION_TLSv1_0:
- sslver->min = SSL_LIBRARY_VERSION_TLS_1_0;
- sslver->max = SSL_LIBRARY_VERSION_TLS_1_0;
+ *nssver = SSL_LIBRARY_VERSION_TLS_1_0;
return CURLE_OK;
case CURL_SSLVERSION_TLSv1_1:
#ifdef SSL_LIBRARY_VERSION_TLS_1_1
- sslver->min = SSL_LIBRARY_VERSION_TLS_1_1;
- sslver->max = SSL_LIBRARY_VERSION_TLS_1_1;
+ *nssver = SSL_LIBRARY_VERSION_TLS_1_1;
return CURLE_OK;
+#else
+ return CURLE_SSL_CONNECT_ERROR;
#endif
- break;
case CURL_SSLVERSION_TLSv1_2:
#ifdef SSL_LIBRARY_VERSION_TLS_1_2
- sslver->min = SSL_LIBRARY_VERSION_TLS_1_2;
- sslver->max = SSL_LIBRARY_VERSION_TLS_1_2;
+ *nssver = SSL_LIBRARY_VERSION_TLS_1_2;
return CURLE_OK;
+#else
+ return CURLE_SSL_CONNECT_ERROR;
#endif
+
+ case CURL_SSLVERSION_TLSv1_3:
+#ifdef SSL_LIBRARY_VERSION_TLS_1_3
+ *nssver = SSL_LIBRARY_VERSION_TLS_1_3;
+ return CURLE_OK;
+#else
+ return CURLE_SSL_CONNECT_ERROR;
+#endif
+
+ default:
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+}
+
+static CURLcode nss_init_sslver(SSLVersionRange *sslver,
+ struct Curl_easy *data,
+ struct connectdata *conn)
+{
+ CURLcode result;
+ const long min = SSL_CONN_CONFIG(version);
+ const long max = SSL_CONN_CONFIG(version_max);
+
+ /* map CURL_SSLVERSION_DEFAULT to NSS default */
+ if(min == CURL_SSLVERSION_DEFAULT || max == CURL_SSLVERSION_MAX_DEFAULT) {
+ /* map CURL_SSLVERSION_DEFAULT to NSS default */
+ if(SSL_VersionRangeGetDefault(ssl_variant_stream, sslver) != SECSuccess)
+ return CURLE_SSL_CONNECT_ERROR;
+ /* ... but make sure we use at least TLSv1.0 according to libcurl API */
+ if(sslver->min < SSL_LIBRARY_VERSION_TLS_1_0)
+ sslver->min = SSL_LIBRARY_VERSION_TLS_1_0;
+ }
+
+ switch(min) {
+ case CURL_SSLVERSION_DEFAULT:
+ break;
+ case CURL_SSLVERSION_TLSv1:
+ sslver->min = SSL_LIBRARY_VERSION_TLS_1_0;
+ break;
+ default:
+ result = nss_sslver_from_curl(&sslver->min, min);
+ if(result) {
+ failf(data, "unsupported min version passed via CURLOPT_SSLVERSION");
+ return result;
+ }
+ if(max == CURL_SSLVERSION_MAX_NONE)
+ sslver->max = sslver->min;
+ }
+
+ switch(max) {
+ case CURL_SSLVERSION_MAX_NONE:
+ case CURL_SSLVERSION_MAX_DEFAULT:
break;
+ default:
+ result = nss_sslver_from_curl(&sslver->max, max >> 16);
+ if(result) {
+ failf(data, "unsupported max version passed via CURLOPT_SSLVERSION");
+ return result;
+ }
}
- failf(data, "TLS minor version cannot be set");
- return CURLE_SSL_CONNECT_ERROR;
+ return CURLE_OK;
}
static CURLcode nss_fail_connect(struct ssl_connect_data *connssl,
@@ -1539,19 +1732,19 @@ static CURLcode nss_fail_connect(struct
ssl_connect_data *connssl,
}
/* cleanup on connection failure */
- Curl_llist_destroy(connssl->obj_list, NULL);
- connssl->obj_list = NULL;
+ Curl_llist_destroy(&connssl->obj_list, NULL);
return curlerr;
}
-/* Switch the SSL socket into non-blocking mode. */
-static CURLcode nss_set_nonblock(struct ssl_connect_data *connssl,
- struct Curl_easy *data)
+/* Switch the SSL socket into blocking or non-blocking mode. */
+static CURLcode nss_set_blocking(struct ssl_connect_data *connssl,
+ struct Curl_easy *data,
+ bool blocking)
{
static PRSocketOptionData sock_opt;
sock_opt.option = PR_SockOpt_Nonblocking;
- sock_opt.value.non_blocking = PR_TRUE;
+ sock_opt.value.non_blocking = !blocking;
if(PR_SetSocketOption(connssl->handle, &sock_opt) != PR_SUCCESS)
return nss_fail_connect(connssl, data, CURLE_SSL_CONNECT_ERROR);
@@ -1570,6 +1763,7 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
curl_socket_t sockfd = conn->sock[sockindex];
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
CURLcode result;
+ bool second_layer = FALSE;
SSLVersionRange sslver = {
SSL_LIBRARY_VERSION_TLS_1_0, /* min */
@@ -1579,9 +1773,7 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
connssl->data = data;
/* list of all NSS objects we need to destroy in Curl_nss_close() */
- connssl->obj_list = Curl_llist_alloc(nss_destroy_object);
- if(!connssl->obj_list)
- return CURLE_OUT_OF_MEMORY;
+ Curl_llist_init(&connssl->obj_list, nss_destroy_object);
/* FIXME. NSS doesn't support multiple databases open at the same time. */
PR_Lock(nss_initlock);
@@ -1591,29 +1783,17 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
goto error;
}
- result = CURLE_SSL_CONNECT_ERROR;
-
- if(!mod) {
- char *configstring = aprintf("library=%s name=PEM", pem_library);
- if(!configstring) {
- PR_Unlock(nss_initlock);
- goto error;
- }
- mod = SECMOD_LoadUserModule(configstring, NULL, PR_FALSE);
- free(configstring);
-
- if(!mod || !mod->loaded) {
- if(mod) {
- SECMOD_DestroyModule(mod);
- mod = NULL;
- }
- infof(data, "WARNING: failed to load NSS PEM library %s. Using "
- "OpenSSL PEM certificates will not work.\n", pem_library);
- }
- }
-
PK11_SetPasswordFunc(nss_get_password);
+
+ result = nss_load_module(&pem_module, pem_library, "PEM");
PR_Unlock(nss_initlock);
+ if(result == CURLE_FAILED_INIT)
+ infof(data, "WARNING: failed to load NSS PEM library %s. Using "
+ "OpenSSL PEM certificates will not work.\n", pem_library);
+ else if(result)
+ goto error;
+
+ result = CURLE_SSL_CONNECT_ERROR;
model = PR_NewTCPSocket();
if(!model)
@@ -1628,18 +1808,18 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
goto error;
/* do not use SSL cache if disabled or we are not going to verify peer */
- ssl_no_cache = (conn->ssl_config.sessionid && data->set.ssl.verifypeer) ?
- PR_FALSE : PR_TRUE;
+ ssl_no_cache = (SSL_SET_OPTION(primary.sessionid)
+ && SSL_CONN_CONFIG(verifypeer)) ? PR_FALSE : PR_TRUE;
if(SSL_OptionSet(model, SSL_NO_CACHE, ssl_no_cache) != SECSuccess)
goto error;
/* enable/disable the requested SSL version(s) */
- if(nss_init_sslver(&sslver, data) != CURLE_OK)
+ if(nss_init_sslver(&sslver, data, conn) != CURLE_OK)
goto error;
if(SSL_VersionRangeSet(model, &sslver) != SECSuccess)
goto error;
- ssl_cbc_random_iv = !data->set.ssl_enable_beast;
+ ssl_cbc_random_iv = !SSL_SET_OPTION(enable_beast);
#ifdef SSL_CBC_RANDOM_IV
/* unless the user explicitly asks to allow the protocol vulnerability, we
use the work-around */
@@ -1651,14 +1831,14 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
infof(data, "warning: support for SSL_CBC_RANDOM_IV not compiled in\n");
#endif
- if(data->set.ssl.cipher_list) {
- if(set_ciphers(data, model, data->set.ssl.cipher_list) != SECSuccess) {
+ if(SSL_CONN_CONFIG(cipher_list)) {
+ if(set_ciphers(data, model, SSL_CONN_CONFIG(cipher_list)) != SECSuccess) {
result = CURLE_SSL_CIPHER;
goto error;
}
}
- if(!data->set.ssl.verifypeer && data->set.ssl.verifyhost)
+ if(!SSL_CONN_CONFIG(verifypeer) && SSL_CONN_CONFIG(verifyhost))
infof(data, "warning: ignoring value of ssl.verifyhost\n");
/* bypass the default SSL_AuthCertificate() hook in case we do not want to
@@ -1666,39 +1846,47 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
if(SSL_AuthCertificateHook(model, nss_auth_cert_hook, conn) != SECSuccess)
goto error;
- data->set.ssl.certverifyresult=0; /* not checked yet */
+ /* not checked yet */
+ if(SSL_IS_PROXY())
+ data->set.proxy_ssl.certverifyresult = 0;
+ else
+ data->set.ssl.certverifyresult = 0;
+
if(SSL_BadCertHook(model, BadCertHandler, conn) != SECSuccess)
goto error;
if(SSL_HandshakeCallback(model, HandshakeCallback, conn) != SECSuccess)
goto error;
- if(data->set.ssl.verifypeer) {
+ {
const CURLcode rv = nss_load_ca_certificates(conn, sockindex);
- if(rv) {
+ if((rv == CURLE_SSL_CACERT_BADFILE) && !SSL_CONN_CONFIG(verifypeer))
+ /* not a fatal error because we are not going to verify the peer */
+ infof(data, "warning: CA certificates failed to load\n");
+ else if(rv) {
result = rv;
goto error;
}
}
- if(data->set.ssl.CRLfile) {
- const CURLcode rv = nss_load_crl(data->set.ssl.CRLfile);
+ if(SSL_SET_OPTION(CRLfile)) {
+ const CURLcode rv = nss_load_crl(SSL_SET_OPTION(CRLfile));
if(rv) {
result = rv;
goto error;
}
- infof(data, " CRLfile: %s\n", data->set.ssl.CRLfile);
+ infof(data, " CRLfile: %s\n", SSL_SET_OPTION(CRLfile));
}
- if(data->set.str[STRING_CERT]) {
- char *nickname = dup_nickname(data, STRING_CERT);
+ if(SSL_SET_OPTION(cert)) {
+ char *nickname = dup_nickname(data, SSL_SET_OPTION(cert));
if(nickname) {
/* we are not going to use libnsspem.so to read the client cert */
connssl->obj_clicert = NULL;
}
else {
- CURLcode rv = cert_stuff(conn, sockindex, data->set.str[STRING_CERT],
- data->set.str[STRING_KEY]);
+ CURLcode rv = cert_stuff(conn, sockindex, SSL_SET_OPTION(cert),
+ SSL_SET_OPTION(key));
if(rv) {
/* failf() is already done in cert_stuff() */
result = rv;
@@ -1718,15 +1906,24 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
goto error;
}
- /* wrap OS file descriptor by NSPR's file descriptor abstraction */
- nspr_io = PR_ImportTCPSocket(sockfd);
- if(!nspr_io)
- goto error;
+ if(conn->proxy_ssl[sockindex].use) {
+ DEBUGASSERT(ssl_connection_complete == conn->proxy_ssl[sockindex].state);
+ DEBUGASSERT(conn->proxy_ssl[sockindex].handle != NULL);
+ nspr_io = conn->proxy_ssl[sockindex].handle;
+ second_layer = TRUE;
+ }
+ else {
+ /* wrap OS file descriptor by NSPR's file descriptor abstraction */
+ nspr_io = PR_ImportTCPSocket(sockfd);
+ if(!nspr_io)
+ goto error;
+ }
/* create our own NSPR I/O layer */
nspr_io_stub = PR_CreateIOLayerStub(nspr_io_identity, &nspr_io_methods);
if(!nspr_io_stub) {
- PR_Close(nspr_io);
+ if(!second_layer)
+ PR_Close(nspr_io);
goto error;
}
@@ -1735,7 +1932,8 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
/* push our new layer to the NSPR I/O stack */
if(PR_PushIOLayer(nspr_io, PR_TOP_IO_LAYER, nspr_io_stub) != PR_SUCCESS) {
- PR_Close(nspr_io);
+ if(!second_layer)
+ PR_Close(nspr_io);
PR_Close(nspr_io_stub);
goto error;
}
@@ -1743,7 +1941,8 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
/* import our model socket onto the current I/O stack */
connssl->handle = SSL_ImportFD(model, nspr_io);
if(!connssl->handle) {
- PR_Close(nspr_io);
+ if(!second_layer)
+ PR_Close(nspr_io);
goto error;
}
@@ -1751,12 +1950,12 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
model = NULL;
/* This is the password associated with the cert that we're using */
- if(data->set.str[STRING_KEY_PASSWD]) {
- SSL_SetPKCS11PinArg(connssl->handle, data->set.str[STRING_KEY_PASSWD]);
+ if(SSL_SET_OPTION(key_passwd)) {
+ SSL_SetPKCS11PinArg(connssl->handle, SSL_SET_OPTION(key_passwd));
}
#ifdef SSL_ENABLE_OCSP_STAPLING
- if(data->set.ssl.verifystatus) {
+ if(SSL_CONN_CONFIG(verifystatus)) {
if(SSL_OptionSet(connssl->handle, SSL_ENABLE_OCSP_STAPLING, PR_TRUE)
!= SECSuccess)
goto error;
@@ -1793,7 +1992,8 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
unsigned char protocols[128];
#ifdef USE_NGHTTP2
- if(data->set.httpversion >= CURL_HTTP_VERSION_2) {
+ if(data->set.httpversion >= CURL_HTTP_VERSION_2 &&
+ (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) {
protocols[cur++] = NGHTTP2_PROTO_VERSION_ID_LEN;
memcpy(&protocols[cur], NGHTTP2_PROTO_VERSION_ID,
NGHTTP2_PROTO_VERSION_ID_LEN);
@@ -1816,11 +2016,14 @@ static CURLcode nss_setup_connect(struct connectdata
*conn, int sockindex)
goto error;
/* propagate hostname to the TLS layer */
- if(SSL_SetURL(connssl->handle, conn->host.name) != SECSuccess)
+ if(SSL_SetURL(connssl->handle, SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name) != SECSuccess)
goto error;
/* prevent NSS from re-using the session for a different hostname */
- if(SSL_SetSockPeerID(connssl->handle, conn->host.name) != SECSuccess)
+ if(SSL_SetSockPeerID(connssl->handle, SSL_IS_PROXY() ?
+ conn->http_proxy.host.name : conn->host.name)
+ != SECSuccess)
goto error;
return CURLE_OK;
@@ -1838,10 +2041,16 @@ static CURLcode nss_do_connect(struct connectdata
*conn, int sockindex)
struct Curl_easy *data = conn->data;
CURLcode result = CURLE_SSL_CONNECT_ERROR;
PRUint32 timeout;
+ long * const certverifyresult = SSL_IS_PROXY() ?
+ &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult;
+ const char * const pinnedpubkey = SSL_IS_PROXY() ?
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
+
/* check timeout situation */
- const long time_left = Curl_timeleft(data, NULL, TRUE);
- if(time_left < 0L) {
+ const time_t time_left = Curl_timeleft(data, NULL, TRUE);
+ if(time_left < 0) {
failf(data, "timed out before SSL handshake");
result = CURLE_OPERATION_TIMEDOUT;
goto error;
@@ -1853,9 +2062,9 @@ static CURLcode nss_do_connect(struct connectdata *conn,
int sockindex)
if(PR_GetError() == PR_WOULD_BLOCK_ERROR)
/* blocking direction is updated by nss_update_connecting_state() */
return CURLE_AGAIN;
- else if(conn->data->set.ssl.certverifyresult == SSL_ERROR_BAD_CERT_DOMAIN)
+ else if(*certverifyresult == SSL_ERROR_BAD_CERT_DOMAIN)
result = CURLE_PEER_FAILED_VERIFICATION;
- else if(conn->data->set.ssl.certverifyresult!=0)
+ else if(*certverifyresult != 0)
result = CURLE_SSL_CACERT;
goto error;
}
@@ -1864,11 +2073,11 @@ static CURLcode nss_do_connect(struct connectdata
*conn, int sockindex)
if(result)
goto error;
- if(data->set.str[STRING_SSL_ISSUERCERT]) {
+ if(SSL_SET_OPTION(issuercert)) {
SECStatus ret = SECFailure;
- char *nickname = dup_nickname(data, STRING_SSL_ISSUERCERT);
+ char *nickname = dup_nickname(data, SSL_SET_OPTION(issuercert));
if(nickname) {
- /* we support only nicknames in case of STRING_SSL_ISSUERCERT for now */
+ /* we support only nicknames in case of issuercert for now */
ret = check_issuer_cert(connssl->handle, nickname);
free(nickname);
}
@@ -1883,7 +2092,7 @@ static CURLcode nss_do_connect(struct connectdata *conn,
int sockindex)
}
}
- result = cmp_peer_pubkey(connssl, data->set.str[STRING_SSL_PINNEDPUBLICKEY]);
+ result = cmp_peer_pubkey(connssl, pinnedpubkey);
if(result)
/* status already printed */
goto error;
@@ -1902,8 +2111,11 @@ static CURLcode nss_connect_common(struct connectdata
*conn, int sockindex,
const bool blocking = (done == NULL);
CURLcode result;
- if(connssl->state == ssl_connection_complete)
+ if(connssl->state == ssl_connection_complete) {
+ if(!blocking)
+ *done = TRUE;
return CURLE_OK;
+ }
if(connssl->connecting_state == ssl_connect_1) {
result = nss_setup_connect(conn, sockindex);
@@ -1911,16 +2123,14 @@ static CURLcode nss_connect_common(struct connectdata
*conn, int sockindex,
/* we do not expect CURLE_AGAIN from nss_setup_connect() */
return result;
- if(!blocking) {
- /* in non-blocking mode, set NSS non-blocking mode before handshake */
- result = nss_set_nonblock(connssl, data);
- if(result)
- return result;
- }
-
connssl->connecting_state = ssl_connect_2;
}
+ /* enable/disable blocking mode before handshake */
+ result = nss_set_blocking(connssl, data, blocking);
+ if(result)
+ return result;
+
result = nss_do_connect(conn, sockindex);
switch(result) {
case CURLE_OK:
@@ -1936,7 +2146,7 @@ static CURLcode nss_connect_common(struct connectdata
*conn, int sockindex,
if(blocking) {
/* in blocking mode, set NSS non-blocking mode _after_ SSL handshake */
- result = nss_set_nonblock(connssl, data);
+ result = nss_set_blocking(connssl, data, /* blocking */ FALSE);
if(result)
return result;
}
@@ -1971,8 +2181,14 @@ static ssize_t nss_send(struct connectdata *conn, /*
connection data */
size_t len, /* amount to write */
CURLcode *curlcode)
{
- ssize_t rc = PR_Send(conn->ssl[sockindex].handle, mem, (int)len, 0,
- PR_INTERVAL_NO_WAIT);
+ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ ssize_t rc;
+
+ /* The SelectClientCert() hook uses this for infof() and failf() but the
+ handle stored in nss_setup_connect() could have already been freed. */
+ connssl->data = conn->data;
+
+ rc = PR_Send(connssl->handle, mem, (int)len, 0, PR_INTERVAL_NO_WAIT);
if(rc < 0) {
PRInt32 err = PR_GetError();
if(err == PR_WOULD_BLOCK_ERROR)
@@ -1996,14 +2212,21 @@ static ssize_t nss_send(struct connectdata *conn, /*
connection data */
return rc; /* number of bytes */
}
-static ssize_t nss_recv(struct connectdata * conn, /* connection data */
- int num, /* socketindex */
+static ssize_t nss_recv(struct connectdata *conn, /* connection data */
+ int sockindex, /* socketindex */
char *buf, /* store read data here */
size_t buffersize, /* max amount to read */
CURLcode *curlcode)
{
- ssize_t nread = PR_Recv(conn->ssl[num].handle, buf, (int)buffersize, 0,
- PR_INTERVAL_NO_WAIT);
+ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ ssize_t nread;
+
+ /* The SelectClientCert() hook uses this for infof() and failf() but the
+ handle stored in nss_setup_connect() could have already been freed. */
+ connssl->data = conn->data;
+
+ nread = PR_Recv(connssl->handle, buf, (int)buffersize, 0,
+ PR_INTERVAL_NO_WAIT);
if(nread < 0) {
/* failed SSL read */
PRInt32 err = PR_GetError();
@@ -2042,17 +2265,17 @@ int Curl_nss_seed(struct Curl_easy *data)
}
/* data might be NULL */
-int Curl_nss_random(struct Curl_easy *data,
- unsigned char *entropy,
- size_t length)
+CURLcode Curl_nss_random(struct Curl_easy *data,
+ unsigned char *entropy,
+ size_t length)
{
Curl_nss_seed(data); /* Initiate the seed if not already done */
if(SECSuccess != PK11_GenerateRandom(entropy, curlx_uztosi(length)))
/* signal a failure */
- return -1;
+ return CURLE_FAILED_INIT;
- return 0;
+ return CURLE_OK;
}
void Curl_nss_md5sum(unsigned char *tmp, /* input */
@@ -2090,7 +2313,8 @@ bool Curl_nss_cert_status_request(void)
#endif
}
-bool Curl_nss_false_start(void) {
+bool Curl_nss_false_start(void)
+{
#if NSSVERNUM >= 0x030f04 /* 3.15.4 */
return TRUE;
#else
diff --git a/lib/vtls/nssg.h b/lib/vtls/nssg.h
index ac67e6ab7..8c46929ff 100644
--- a/lib/vtls/nssg.h
+++ b/lib/vtls/nssg.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -47,9 +47,9 @@ int Curl_nss_seed(struct Curl_easy *data);
/* initialize NSS library if not already */
CURLcode Curl_nss_force_init(struct Curl_easy *data);
-int Curl_nss_random(struct Curl_easy *data,
- unsigned char *entropy,
- size_t length);
+CURLcode Curl_nss_random(struct Curl_easy *data,
+ unsigned char *entropy,
+ size_t length);
void Curl_nss_md5sum(unsigned char *tmp, /* input */
size_t tmplen,
@@ -65,6 +65,9 @@ bool Curl_nss_cert_status_request(void);
bool Curl_nss_false_start(void);
+/* Support HTTPS-proxy */
+#define HTTPS_PROXY_SUPPORT 1
+
/* Set the API backend definition to NSS */
#define CURL_SSL_BACKEND CURLSSLBACKEND_NSS
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 0a46f9d43..8c1d5a8e5 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -46,17 +46,18 @@
#include "openssl.h"
#include "connect.h"
#include "slist.h"
-#include "strequal.h"
#include "select.h"
#include "vtls.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "hostcheck.h"
#include "curl_printf.h"
#include <openssl/ssl.h>
#include <openssl/rand.h>
#include <openssl/x509v3.h>
+#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
+#endif
#include <openssl/dh.h>
#include <openssl/err.h>
#include <openssl/md5.h>
@@ -110,16 +111,22 @@
#define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
#define CONST_EXTS const
-#define CONST_ASN1_BIT_STRING const
+#define HAVE_ERR_REMOVE_THREAD_STATE_DEPRECATED 1
#else
/* For OpenSSL before 1.1.0 */
#define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
#define X509_get0_notBefore(x) X509_get_notBefore(x)
#define X509_get0_notAfter(x) X509_get_notAfter(x)
#define CONST_EXTS /* nope */
-#define CONST_ASN1_BIT_STRING /* nope */
+#ifdef LIBRESSL_VERSION_NUMBER
+static unsigned long OpenSSL_version_num(void)
+{
+ return LIBRESSL_VERSION_NUMBER;
+}
+#else
#define OpenSSL_version_num() SSLeay()
#endif
+#endif
#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \
!defined(LIBRESSL_VERSION_NUMBER)
@@ -149,10 +156,56 @@
* Number of bytes to read from the random number seed file. This must be
* a finite value (because some entropy "files" like /dev/urandom have
* an infinite length), but must be large enough to provide enough
- * entopy to properly seed OpenSSL's PRNG.
+ * entropy to properly seed OpenSSL's PRNG.
*/
#define RAND_LOAD_LENGTH 1024
+static const char *SSL_ERROR_to_str(int err)
+{
+ switch(err) {
+ case SSL_ERROR_NONE:
+ return "SSL_ERROR_NONE";
+ case SSL_ERROR_SSL:
+ return "SSL_ERROR_SSL";
+ case SSL_ERROR_WANT_READ:
+ return "SSL_ERROR_WANT_READ";
+ case SSL_ERROR_WANT_WRITE:
+ return "SSL_ERROR_WANT_WRITE";
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ return "SSL_ERROR_WANT_X509_LOOKUP";
+ case SSL_ERROR_SYSCALL:
+ return "SSL_ERROR_SYSCALL";
+ case SSL_ERROR_ZERO_RETURN:
+ return "SSL_ERROR_ZERO_RETURN";
+ case SSL_ERROR_WANT_CONNECT:
+ return "SSL_ERROR_WANT_CONNECT";
+ case SSL_ERROR_WANT_ACCEPT:
+ return "SSL_ERROR_WANT_ACCEPT";
+#if defined(SSL_ERROR_WANT_ASYNC)
+ case SSL_ERROR_WANT_ASYNC:
+ return "SSL_ERROR_WANT_ASYNC";
+#endif
+#if defined(SSL_ERROR_WANT_ASYNC_JOB)
+ case SSL_ERROR_WANT_ASYNC_JOB:
+ return "SSL_ERROR_WANT_ASYNC_JOB";
+#endif
+#if defined(SSL_ERROR_WANT_EARLY)
+ case SSL_ERROR_WANT_EARLY:
+ return "SSL_ERROR_WANT_EARLY";
+#endif
+ default:
+ return "SSL_ERROR unknown";
+ }
+}
+
+/* Return error string for last OpenSSL error
+ */
+static char *ossl_strerror(unsigned long error, char *buf, size_t size)
+{
+ ERR_error_string_n(error, buf, size);
+ return buf;
+}
+
static int passwd_callback(char *buf, int num, int encrypting,
void *global_passwd)
{
@@ -169,49 +222,43 @@ static int passwd_callback(char *buf, int num, int
encrypting,
}
/*
- * rand_enough() is a function that returns TRUE if we have seeded the random
- * engine properly. We use some preprocessor magic to provide a seed_enough()
- * macro to use, just to prevent a compiler warning on this function if we
- * pass in an argument that is never used.
+ * rand_enough() returns TRUE if we have seeded the random engine properly.
*/
-
-#ifdef HAVE_RAND_STATUS
-#define seed_enough(x) rand_enough()
static bool rand_enough(void)
{
return (0 != RAND_status()) ? TRUE : FALSE;
}
-#else
-#define seed_enough(x) rand_enough(x)
-static bool rand_enough(int nread)
-{
- /* this is a very silly decision to make */
- return (nread > 500) ? TRUE : FALSE;
-}
-#endif
-static int ossl_seed(struct Curl_easy *data)
+static CURLcode Curl_ossl_seed(struct Curl_easy *data)
{
- char *buf = data->state.buffer; /* point to the big buffer */
- int nread=0;
+ /* we have the "SSL is seeded" boolean static to prevent multiple
+ time-consuming seedings in vain */
+ static bool ssl_seeded = FALSE;
+ char fname[256];
- /* Q: should we add support for a random file name as a libcurl option?
- A: Yes, it is here */
+ if(ssl_seeded)
+ return CURLE_OK;
+
+ if(rand_enough()) {
+ /* OpenSSL 1.1.0+ will return here */
+ ssl_seeded = TRUE;
+ return CURLE_OK;
+ }
#ifndef RANDOM_FILE
/* if RANDOM_FILE isn't defined, we only perform this if an option tells
us to! */
- if(data->set.ssl.random_file)
+ if(data->set.str[STRING_SSL_RANDOM_FILE])
#define RANDOM_FILE "" /* doesn't matter won't be used */
#endif
{
/* let the option override the define */
- nread += RAND_load_file((data->set.str[STRING_SSL_RANDOM_FILE]?
- data->set.str[STRING_SSL_RANDOM_FILE]:
- RANDOM_FILE),
- RAND_LOAD_LENGTH);
- if(seed_enough(nread))
- return nread;
+ RAND_load_file((data->set.str[STRING_SSL_RANDOM_FILE]?
+ data->set.str[STRING_SSL_RANDOM_FILE]:
+ RANDOM_FILE),
+ RAND_LOAD_LENGTH);
+ if(rand_enough())
+ return CURLE_OK;
}
#if defined(HAVE_RAND_EGD)
@@ -229,47 +276,47 @@ static int ossl_seed(struct Curl_easy *data)
int ret = RAND_egd(data->set.str[STRING_SSL_EGDSOCKET]?
data->set.str[STRING_SSL_EGDSOCKET]:EGD_SOCKET);
if(-1 != ret) {
- nread += ret;
- if(seed_enough(nread))
- return nread;
+ if(rand_enough())
+ return CURLE_OK;
}
}
#endif
- /* If we get here, it means we need to seed the PRNG using a "silly"
- approach! */
+ /* fallback to a custom seeding of the PRNG using a hash based on a current
+ time */
do {
unsigned char randb[64];
- int len = sizeof(randb);
- RAND_bytes(randb, len);
- RAND_add(randb, len, (len >> 1));
- } while(!RAND_status());
+ size_t len = sizeof(randb);
+ size_t i, i_max;
+ for(i = 0, i_max = len / sizeof(struct curltime); i < i_max; ++i) {
+ struct curltime tv = curlx_tvnow();
+ Curl_wait_ms(1);
+ tv.tv_sec *= i + 1;
+ tv.tv_usec *= (unsigned int)i + 2;
+ tv.tv_sec ^= ((curlx_tvnow().tv_sec + curlx_tvnow().tv_usec) *
+ (i + 3)) << 8;
+ tv.tv_usec ^= (unsigned int) ((curlx_tvnow().tv_sec +
+ curlx_tvnow().tv_usec) *
+ (i + 4)) << 16;
+ memcpy(&randb[i * sizeof(struct curltime)], &tv,
+ sizeof(struct curltime));
+ }
+ RAND_add(randb, (int)len, (double)len/2);
+ } while(!rand_enough());
/* generates a default path for the random seed file */
- buf[0]=0; /* blank it first */
- RAND_file_name(buf, BUFSIZE);
- if(buf[0]) {
+ fname[0]=0; /* blank it first */
+ RAND_file_name(fname, sizeof(fname));
+ if(fname[0]) {
/* we got a file name to try */
- nread += RAND_load_file(buf, RAND_LOAD_LENGTH);
- if(seed_enough(nread))
- return nread;
+ RAND_load_file(fname, RAND_LOAD_LENGTH);
+ if(rand_enough())
+ return CURLE_OK;
}
infof(data, "libcurl is now using a weak random seed!\n");
- return nread;
-}
-
-static void Curl_ossl_seed(struct Curl_easy *data)
-{
- /* we have the "SSL is seeded" boolean static to prevent multiple
- time-consuming seedings in vain */
- static bool ssl_seeded = FALSE;
-
- if(!ssl_seeded || data->set.str[STRING_SSL_RANDOM_FILE] ||
- data->set.str[STRING_SSL_EGDSOCKET]) {
- ossl_seed(data);
- ssl_seeded = TRUE;
- }
+ return (rand_enough() ? CURLE_OK :
+ CURLE_SSL_CONNECT_ERROR /* confusing error code */);
}
#ifndef SSL_FILETYPE_ENGINE
@@ -282,13 +329,13 @@ static int do_file_type(const char *type)
{
if(!type || !type[0])
return SSL_FILETYPE_PEM;
- if(Curl_raw_equal(type, "PEM"))
+ if(strcasecompare(type, "PEM"))
return SSL_FILETYPE_PEM;
- if(Curl_raw_equal(type, "DER"))
+ if(strcasecompare(type, "DER"))
return SSL_FILETYPE_ASN1;
- if(Curl_raw_equal(type, "ENG"))
+ if(strcasecompare(type, "ENG"))
return SSL_FILETYPE_ENGINE;
- if(Curl_raw_equal(type, "P12"))
+ if(strcasecompare(type, "P12"))
return SSL_FILETYPE_PKCS12;
return -1;
}
@@ -305,7 +352,7 @@ static int ssl_ui_reader(UI *ui, UI_STRING *uis)
switch(UI_get_string_type(uis)) {
case UIT_PROMPT:
case UIT_VERIFY:
- password = (const char*)UI_get0_user_data(ui);
+ password = (const char *)UI_get0_user_data(ui);
if(password && (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD)) {
UI_set_result(ui, uis, password);
return 1;
@@ -341,9 +388,11 @@ int cert_stuff(struct connectdata *conn,
char *cert_file,
const char *cert_type,
char *key_file,
- const char *key_type)
+ const char *key_type,
+ char *key_passwd)
{
struct Curl_easy *data = conn->data;
+ char error_buffer[256];
int file_type = do_file_type(cert_type);
@@ -352,10 +401,9 @@ int cert_stuff(struct connectdata *conn,
X509 *x509;
int cert_done = 0;
- if(data->set.str[STRING_KEY_PASSWD]) {
+ if(key_passwd) {
/* set the password in the callback userdata */
- SSL_CTX_set_default_passwd_cb_userdata(ctx,
- data->set.str[STRING_KEY_PASSWD]);
+ SSL_CTX_set_default_passwd_cb_userdata(ctx, key_passwd);
/* Set passwd callback: */
SSL_CTX_set_default_passwd_cb(ctx, passwd_callback);
}
@@ -370,7 +418,8 @@ int cert_stuff(struct connectdata *conn,
"could not load PEM client certificate, " OSSL_PACKAGE
" error %s, "
"(no key found, wrong pass phrase, or wrong file format?)",
- ERR_error_string(ERR_get_error(), NULL) );
+ ossl_strerror(ERR_get_error(), error_buffer,
+ sizeof(error_buffer)) );
return 0;
}
break;
@@ -386,7 +435,8 @@ int cert_stuff(struct connectdata *conn,
"could not load ASN1 client certificate, " OSSL_PACKAGE
" error %s, "
"(no key found, wrong pass phrase, or wrong file format?)",
- ERR_error_string(ERR_get_error(), NULL) );
+ ossl_strerror(ERR_get_error(), error_buffer,
+ sizeof(error_buffer)) );
return 0;
}
break;
@@ -415,7 +465,8 @@ int cert_stuff(struct connectdata *conn,
0, ¶ms, NULL, 1)) {
failf(data, "ssl engine cannot load client cert with id"
" '%s' [%s]", cert_file,
- ERR_error_string(ERR_get_error(), NULL));
+ ossl_strerror(ERR_get_error(), error_buffer,
+ sizeof(error_buffer)));
return 0;
}
@@ -466,12 +517,13 @@ int cert_stuff(struct connectdata *conn,
PKCS12_PBE_add();
- if(!PKCS12_parse(p12, data->set.str[STRING_KEY_PASSWD], &pri, &x509,
+ if(!PKCS12_parse(p12, key_passwd, &pri, &x509,
&ca)) {
failf(data,
"could not parse PKCS12 file, check password, " OSSL_PACKAGE
" error %s",
- ERR_error_string(ERR_get_error(), NULL) );
+ ossl_strerror(ERR_get_error(), error_buffer,
+ sizeof(error_buffer)) );
PKCS12_free(p12);
return 0;
}
@@ -482,7 +534,8 @@ int cert_stuff(struct connectdata *conn,
failf(data,
"could not load PKCS12 client certificate, " OSSL_PACKAGE
" error %s",
- ERR_error_string(ERR_get_error(), NULL) );
+ ossl_strerror(ERR_get_error(), error_buffer,
+ sizeof(error_buffer)) );
goto fail;
}
@@ -503,21 +556,19 @@ int cert_stuff(struct connectdata *conn,
/*
* Note that sk_X509_pop() is used below to make sure the cert is
* removed from the stack properly before getting passed to
- * SSL_CTX_add_extra_chain_cert(). Previously we used
- * sk_X509_value() instead, but then we'd clean it in the subsequent
- * sk_X509_pop_free() call.
+ * SSL_CTX_add_extra_chain_cert(), which takes ownership. Previously
+ * we used sk_X509_value() instead, but then we'd clean it in the
+ * subsequent sk_X509_pop_free() call.
*/
X509 *x = sk_X509_pop(ca);
- if(!SSL_CTX_add_extra_chain_cert(ctx, x)) {
+ if(!SSL_CTX_add_client_CA(ctx, x)) {
X509_free(x);
- failf(data, "cannot add certificate to certificate chain");
+ failf(data, "cannot add certificate to client CA list");
goto fail;
}
- /* SSL_CTX_add_client_CA() seems to work with either sk_* function,
- * presumably because it duplicates what we pass to it.
- */
- if(!SSL_CTX_add_client_CA(ctx, x)) {
- failf(data, "cannot add certificate to client CA list");
+ if(!SSL_CTX_add_extra_chain_cert(ctx, x)) {
+ X509_free(x);
+ failf(data, "cannot add certificate to certificate chain");
goto fail;
}
}
@@ -551,6 +602,7 @@ int cert_stuff(struct connectdata *conn,
if(!key_file)
/* cert & key can only be in PEM case in the same file */
key_file=cert_file;
+ /* FALLTHROUGH */
case SSL_FILETYPE_ASN1:
if(SSL_CTX_use_PrivateKey_file(ctx, key_file, file_type) != 1) {
failf(data, "unable to set private key file: '%s' type %s",
@@ -564,7 +616,7 @@ int cert_stuff(struct connectdata *conn,
EVP_PKEY *priv_key = NULL;
if(data->state.engine) {
UI_METHOD *ui_method =
- UI_create_method((char *)"cURL user interface");
+ UI_create_method((char *)"curl user interface");
if(!ui_method) {
failf(data, "unable do create " OSSL_PACKAGE
" user-interface method");
@@ -578,7 +630,7 @@ int cert_stuff(struct connectdata *conn,
priv_key = (EVP_PKEY *)
ENGINE_load_private_key(data->state.engine, key_file,
ui_method,
- data->set.str[STRING_KEY_PASSWD]);
+ key_passwd);
UI_destroy_method(ui_method);
if(!priv_key) {
failf(data, "failed to load private key from crypto engine");
@@ -674,17 +726,6 @@ static int x509_name_oneline(X509_NAME *a, char *buf,
size_t size)
#endif
}
-/* Return error string for last OpenSSL error
- */
-static char *ossl_strerror(unsigned long error, char *buf, size_t size)
-{
- /* OpenSSL 0.9.6 and later has a function named
- ERR_error_string_n() that takes the size of the buffer as a
- third argument */
- ERR_error_string_n(error, buf, size);
- return buf;
-}
-
/**
* Global SSL init
*
@@ -748,11 +789,6 @@ void Curl_ossl_cleanup(void)
ENGINE_cleanup();
#endif
-#ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA
- /* Free OpenSSL ex_data table */
- CRYPTO_cleanup_all_ex_data();
-#endif
-
/* Free OpenSSL error strings */
ERR_free_strings();
@@ -791,7 +827,7 @@ int Curl_ossl_check_cxn(struct connectdata *conn)
(RECV_TYPE_ARG3)1, (RECV_TYPE_ARG4)MSG_PEEK);
if(nread == 0)
return 0; /* connection has been closed */
- else if(nread == 1)
+ if(nread == 1)
return 1; /* connection still in place */
else if(nread == -1) {
int err = SOCKERRNO;
@@ -914,27 +950,31 @@ struct curl_slist *Curl_ossl_engines_list(struct
Curl_easy *data)
}
-/*
- * This function is called when an SSL connection is closed.
- */
-void Curl_ossl_close(struct connectdata *conn, int sockindex)
+static void ossl_close(struct ssl_connect_data *connssl)
{
- struct ssl_connect_data *connssl = &conn->ssl[sockindex];
-
if(connssl->handle) {
(void)SSL_shutdown(connssl->handle);
SSL_set_connect_state(connssl->handle);
- SSL_free (connssl->handle);
+ SSL_free(connssl->handle);
connssl->handle = NULL;
}
if(connssl->ctx) {
- SSL_CTX_free (connssl->ctx);
+ SSL_CTX_free(connssl->ctx);
connssl->ctx = NULL;
}
}
/*
+ * This function is called when an SSL connection is closed.
+ */
+void Curl_ossl_close(struct connectdata *conn, int sockindex)
+{
+ ossl_close(&conn->ssl[sockindex]);
+ ossl_close(&conn->proxy_ssl[sockindex]);
+}
+
+/*
* This function is called to shut down the SSL layer but keep the
* socket open (CCC - Clear Command Channel)
*/
@@ -962,8 +1002,8 @@ int Curl_ossl_shutdown(struct connectdata *conn, int
sockindex)
if(connssl->handle) {
buffsize = (int)sizeof(buf);
while(!done) {
- int what = Curl_socket_ready(conn->sock[sockindex],
- CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);
+ int what = SOCKET_READABLE(conn->sock[sockindex],
+ SSL_SHUTDOWN_TIMEOUT);
if(what > 0) {
ERR_clear_error();
@@ -992,8 +1032,10 @@ int Curl_ossl_shutdown(struct connectdata *conn, int
sockindex)
default:
/* openssl/ssl.h says "look at error stack/return value/errno" */
sslerror = ERR_get_error();
- failf(conn->data, OSSL_PACKAGE " SSL read: %s, errno %d",
- ossl_strerror(sslerror, buf, sizeof(buf)),
+ failf(conn->data, OSSL_PACKAGE " SSL_read on shutdown: %s, errno %d",
+ (sslerror ?
+ ossl_strerror(sslerror, buf, sizeof(buf)) :
+ SSL_ERROR_to_str(err)),
SOCKERRNO);
done = 1;
break;
@@ -1029,7 +1071,7 @@ int Curl_ossl_shutdown(struct connectdata *conn, int
sockindex)
#endif
}
- SSL_free (connssl->handle);
+ SSL_free(connssl->handle);
connssl->handle = NULL;
}
return retval;
@@ -1056,6 +1098,14 @@ void Curl_ossl_close_all(struct Curl_easy *data)
#else
(void)data;
#endif
+#if !defined(HAVE_ERR_REMOVE_THREAD_STATE_DEPRECATED) && \
+ defined(HAVE_ERR_REMOVE_THREAD_STATE)
+ /* OpenSSL 1.0.1 and 1.0.2 build an error queue that is stored per-thread
+ so we need to clean it here in case the thread will be killed. All OpenSSL
+ code should extract the error in association with the error so clearing
+ this queue here should be harmless at worst. */
+ ERR_remove_thread_state(NULL);
+#endif
}
/* ====================================================== */
@@ -1097,16 +1147,20 @@ static CURLcode verifyhost(struct connectdata *conn,
X509 *server_cert)
CURLcode result = CURLE_OK;
bool dNSName = FALSE; /* if a dNSName field exists in the cert */
bool iPAddress = FALSE; /* if a iPAddress field exists in the cert */
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+ const char * const dispname = SSL_IS_PROXY() ?
+ conn->http_proxy.host.dispname : conn->host.dispname;
#ifdef ENABLE_IPV6
if(conn->bits.ipv6_ip &&
- Curl_inet_pton(AF_INET6, conn->host.name, &addr)) {
+ Curl_inet_pton(AF_INET6, hostname, &addr)) {
target = GEN_IPADD;
addrlen = sizeof(struct in6_addr);
}
else
#endif
- if(Curl_inet_pton(AF_INET, conn->host.name, &addr)) {
+ if(Curl_inet_pton(AF_INET, hostname, &addr)) {
target = GEN_IPADD;
addrlen = sizeof(struct in_addr);
}
@@ -1155,11 +1209,11 @@ static CURLcode verifyhost(struct connectdata *conn,
X509 *server_cert)
if((altlen == strlen(altptr)) &&
/* if this isn't true, there was an embedded zero in the name
string and we cannot match it. */
- Curl_cert_hostcheck(altptr, conn->host.name)) {
+ Curl_cert_hostcheck(altptr, hostname)) {
dnsmatched = TRUE;
infof(data,
" subjectAltName: host \"%s\" matched cert's \"%s\"\n",
- conn->host.dispname, altptr);
+ dispname, altptr);
}
break;
@@ -1170,7 +1224,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509
*server_cert)
ipmatched = TRUE;
infof(data,
" subjectAltName: host \"%s\" matched cert's IP address!\n",
- conn->host.dispname);
+ dispname);
}
break;
}
@@ -1186,9 +1240,9 @@ static CURLcode verifyhost(struct connectdata *conn, X509
*server_cert)
/* an alternative name matched */
;
else if(dNSName || iPAddress) {
- infof(data, " subjectAltName does not match %s\n", conn->host.dispname);
+ infof(data, " subjectAltName does not match %s\n", dispname);
failf(data, "SSL: no alternative certificate subject name matches "
- "target host name '%s'", conn->host.dispname);
+ "target host name '%s'", dispname);
result = CURLE_PEER_FAILED_VERIFICATION;
}
else {
@@ -1262,9 +1316,9 @@ static CURLcode verifyhost(struct connectdata *conn, X509
*server_cert)
"SSL: unable to obtain common name from peer certificate");
result = CURLE_PEER_FAILED_VERIFICATION;
}
- else if(!Curl_cert_hostcheck((const char *)peer_CN, conn->host.name)) {
+ else if(!Curl_cert_hostcheck((const char *)peer_CN, hostname)) {
failf(data, "SSL: certificate subject name '%s' does not match "
- "target host name '%s'", peer_CN, conn->host.dispname);
+ "target host name '%s'", peer_CN, dispname);
result = CURLE_PEER_FAILED_VERIFICATION;
}
else {
@@ -1326,7 +1380,8 @@ static CURLcode verifystatus(struct connectdata *conn,
st = SSL_CTX_get_cert_store(connssl->ctx);
#if ((OPENSSL_VERSION_NUMBER <= 0x1000201fL) /* Fixed after 1.0.2a */ || \
- defined(LIBRESSL_VERSION_NUMBER))
+ (defined(LIBRESSL_VERSION_NUMBER) && \
+ LIBRESSL_VERSION_NUMBER <= 0x2040200fL))
/* The authorized responder cert in the OCSP response MUST be signed by the
peer cert's issuer (see RFC6960 section 4.2.2.2). If that's a root cert,
no problem, but if it's an intermediate cert OpenSSL has a bug where it
@@ -1415,7 +1470,7 @@ static const char *ssl_msg_type(int ssl_ver, int msg)
{
#ifdef SSL2_VERSION_MAJOR
if(ssl_ver == SSL2_VERSION_MAJOR) {
- switch (msg) {
+ switch(msg) {
case SSL2_MT_ERROR:
return "Error";
case SSL2_MT_CLIENT_HELLO:
@@ -1439,7 +1494,7 @@ static const char *ssl_msg_type(int ssl_ver, int msg)
else
#endif
if(ssl_ver == SSL3_VERSION_MAJOR) {
- switch (msg) {
+ switch(msg) {
case SSL3_MT_HELLO_REQUEST:
return "Hello request";
case SSL3_MT_CLIENT_HELLO:
@@ -1539,6 +1594,11 @@ static void ssl_tls_trace(int direction, int ssl_ver,
int content_type,
verstr = "TLSv1.2";
break;
#endif
+#ifdef TLS1_3_VERSION
+ case TLS1_3_VERSION:
+ verstr = "TLSv1.3";
+ break;
+#endif
case 0:
break;
default:
@@ -1561,7 +1621,7 @@ static void ssl_tls_trace(int direction, int ssl_ver, int
content_type,
else
tls_rt_name = "";
- msg_type = *(char*)buf;
+ msg_type = *(char *)buf;
msg_name = ssl_msg_type(ssl_ver, msg_type);
txt_len = snprintf(ssl_buf, sizeof(ssl_buf), "%s (%s), %s, %s (%d):\n",
@@ -1603,7 +1663,7 @@ static void ssl_tls_trace(int direction, int ssl_ver, int
content_type,
#ifdef HAS_NPN
/*
- * in is a list of lenght prefixed strings. this function has to select
+ * in is a list of length prefixed strings. this function has to select
* the protocol we want to use from the list and write its string into out.
*/
@@ -1667,6 +1727,10 @@ get_ssl_version_txt(SSL *ssl)
return "";
switch(SSL_version(ssl)) {
+#ifdef TLS1_3_VERSION
+ case TLS1_3_VERSION:
+ return "TLSv1.3";
+#endif
#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
case TLS1_2_VERSION:
return "TLSv1.2";
@@ -1683,6 +1747,86 @@ get_ssl_version_txt(SSL *ssl)
return "unknown";
}
+static CURLcode
+set_ssl_version_min_max(long *ctx_options, struct connectdata *conn,
+ int sockindex)
+{
+#if (OPENSSL_VERSION_NUMBER < 0x1000100FL) || !defined(TLS1_3_VERSION)
+ /* convoluted #if condition just to avoid compiler warnings on unused
+ variable */
+ struct Curl_easy *data = conn->data;
+#endif
+ long ssl_version = SSL_CONN_CONFIG(version);
+ long ssl_version_max = SSL_CONN_CONFIG(version_max);
+
+ if(ssl_version_max == CURL_SSLVERSION_MAX_NONE) {
+ ssl_version_max = ssl_version << 16;
+ }
+
+ switch(ssl_version) {
+ case CURL_SSLVERSION_TLSv1_3:
+#ifdef TLS1_3_VERSION
+ {
+ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ SSL_CTX_set_max_proto_version(connssl->ctx, TLS1_3_VERSION);
+ *ctx_options |= SSL_OP_NO_TLSv1_2;
+ }
+#else
+ (void)sockindex;
+ failf(data, OSSL_PACKAGE " was built without TLS 1.3 support");
+ return CURLE_NOT_BUILT_IN;
+#endif
+ /* FALLTHROUGH */
+ case CURL_SSLVERSION_TLSv1_2:
+#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
+ *ctx_options |= SSL_OP_NO_TLSv1_1;
+#else
+ failf(data, OSSL_PACKAGE " was built without TLS 1.2 support");
+ return CURLE_NOT_BUILT_IN;
+#endif
+ /* FALLTHROUGH */
+ case CURL_SSLVERSION_TLSv1_1:
+#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
+ *ctx_options |= SSL_OP_NO_TLSv1;
+#else
+ failf(data, OSSL_PACKAGE " was built without TLS 1.1 support");
+ return CURLE_NOT_BUILT_IN;
+#endif
+ /* FALLTHROUGH */
+ case CURL_SSLVERSION_TLSv1_0:
+ *ctx_options |= SSL_OP_NO_SSLv2;
+ *ctx_options |= SSL_OP_NO_SSLv3;
+ break;
+ }
+
+ switch(ssl_version_max) {
+ case CURL_SSLVERSION_MAX_TLSv1_0:
+#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
+ *ctx_options |= SSL_OP_NO_TLSv1_1;
+#endif
+ /* FALLTHROUGH */
+ case CURL_SSLVERSION_MAX_TLSv1_1:
+#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
+ *ctx_options |= SSL_OP_NO_TLSv1_2;
+#endif
+ /* FALLTHROUGH */
+ case CURL_SSLVERSION_MAX_TLSv1_2:
+ case CURL_SSLVERSION_MAX_DEFAULT:
+#ifdef TLS1_3_VERSION
+ *ctx_options |= SSL_OP_NO_TLSv1_3;
+#endif
+ break;
+ case CURL_SSLVERSION_MAX_TLSv1_3:
+#ifdef TLS1_3_VERSION
+ break;
+#else
+ failf(data, OSSL_PACKAGE " was built without TLS 1.3 support");
+ return CURLE_NOT_BUILT_IN;
+#endif
+ }
+ return CURLE_OK;
+}
+
static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
{
CURLcode result = CURLE_OK;
@@ -1692,32 +1836,49 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
X509_LOOKUP *lookup = NULL;
curl_socket_t sockfd = conn->sock[sockindex];
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
- long ctx_options;
+ long ctx_options = 0;
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
bool sni;
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
#ifdef ENABLE_IPV6
struct in6_addr addr;
#else
struct in_addr addr;
#endif
#endif
+ long * const certverifyresult = SSL_IS_PROXY() ?
+ &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult;
+ const long int ssl_version = SSL_CONN_CONFIG(version);
+#ifdef USE_TLS_SRP
+ const enum CURL_TLSAUTH ssl_authtype = SSL_SET_OPTION(authtype);
+#endif
+ char * const ssl_cert = SSL_SET_OPTION(cert);
+ const char * const ssl_cert_type = SSL_SET_OPTION(cert_type);
+ const char * const ssl_cafile = SSL_CONN_CONFIG(CAfile);
+ const char * const ssl_capath = SSL_CONN_CONFIG(CApath);
+ const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
+ const char * const ssl_crlfile = SSL_SET_OPTION(CRLfile);
+ char error_buffer[256];
DEBUGASSERT(ssl_connect_1 == connssl->connecting_state);
/* Make funny stuff to get random input */
- Curl_ossl_seed(data);
+ result = Curl_ossl_seed(data);
+ if(result)
+ return result;
- data->set.ssl.certverifyresult = !X509_V_OK;
+ *certverifyresult = !X509_V_OK;
/* check to see if we've been told to use an explicit SSL/TLS version */
- switch(data->set.ssl.version) {
- default:
+ switch(ssl_version) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
case CURL_SSLVERSION_TLSv1_0:
case CURL_SSLVERSION_TLSv1_1:
case CURL_SSLVERSION_TLSv1_2:
+ case CURL_SSLVERSION_TLSv1_3:
/* it will be handled later with the context options */
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
!defined(LIBRESSL_VERSION_NUMBER)
@@ -1733,7 +1894,7 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
return CURLE_NOT_BUILT_IN;
#else
#ifdef USE_TLS_SRP
- if(data->set.ssl.authtype == CURL_TLSAUTH_SRP)
+ if(ssl_authtype == CURL_TLSAUTH_SRP)
return CURLE_SSL_CONNECT_ERROR;
#endif
req_method = SSLv2_client_method();
@@ -1746,13 +1907,16 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
return CURLE_NOT_BUILT_IN;
#else
#ifdef USE_TLS_SRP
- if(data->set.ssl.authtype == CURL_TLSAUTH_SRP)
+ if(ssl_authtype == CURL_TLSAUTH_SRP)
return CURLE_SSL_CONNECT_ERROR;
#endif
req_method = SSLv3_client_method();
use_sni(FALSE);
break;
#endif
+ default:
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
+ return CURLE_SSL_CONNECT_ERROR;
}
if(connssl->ctx)
@@ -1761,7 +1925,7 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
if(!connssl->ctx) {
failf(data, "SSL: couldn't create a context: %s",
- ERR_error_string(ERR_peek_error(), NULL));
+ ossl_strerror(ERR_peek_error(), error_buffer, sizeof(error_buffer)));
return CURLE_OUT_OF_MEMORY;
}
@@ -1831,14 +1995,14 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
/* unless the user explicitly ask to allow the protocol vulnerability we
use the work-around */
- if(!conn->data->set.ssl_enable_beast)
+ if(!SSL_SET_OPTION(enable_beast))
ctx_options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
#endif
- switch(data->set.ssl.version) {
+ switch(ssl_version) {
case CURL_SSLVERSION_SSLv3:
#ifdef USE_TLS_SRP
- if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
+ if(ssl_authtype == CURL_TLSAUTH_SRP) {
infof(data, "Set version TLSv1.x for SRP authorisation\n");
}
#endif
@@ -1847,6 +2011,9 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
ctx_options |= SSL_OP_NO_TLSv1_1;
ctx_options |= SSL_OP_NO_TLSv1_2;
+#ifdef TLS1_3_VERSION
+ ctx_options |= SSL_OP_NO_TLSv1_3;
+#endif
#endif
break;
@@ -1857,43 +2024,33 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
break;
case CURL_SSLVERSION_TLSv1_0:
- ctx_options |= SSL_OP_NO_SSLv2;
- ctx_options |= SSL_OP_NO_SSLv3;
-#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
- ctx_options |= SSL_OP_NO_TLSv1_1;
- ctx_options |= SSL_OP_NO_TLSv1_2;
-#endif
- break;
-
-#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
case CURL_SSLVERSION_TLSv1_1:
- ctx_options |= SSL_OP_NO_SSLv2;
- ctx_options |= SSL_OP_NO_SSLv3;
- ctx_options |= SSL_OP_NO_TLSv1;
- ctx_options |= SSL_OP_NO_TLSv1_2;
- break;
-
case CURL_SSLVERSION_TLSv1_2:
- ctx_options |= SSL_OP_NO_SSLv2;
- ctx_options |= SSL_OP_NO_SSLv3;
- ctx_options |= SSL_OP_NO_TLSv1;
- ctx_options |= SSL_OP_NO_TLSv1_1;
+ case CURL_SSLVERSION_TLSv1_3:
+ result = set_ssl_version_min_max(&ctx_options, conn, sockindex);
+ if(result != CURLE_OK)
+ return result;
break;
-#endif
-#ifndef OPENSSL_NO_SSL2
case CURL_SSLVERSION_SSLv2:
+#ifndef OPENSSL_NO_SSL2
ctx_options |= SSL_OP_NO_SSLv3;
ctx_options |= SSL_OP_NO_TLSv1;
#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
ctx_options |= SSL_OP_NO_TLSv1_1;
ctx_options |= SSL_OP_NO_TLSv1_2;
+#ifdef TLS1_3_VERSION
+ ctx_options |= SSL_OP_NO_TLSv1_3;
+#endif
#endif
break;
+#else
+ failf(data, OSSL_PACKAGE " was built without SSLv2 support");
+ return CURLE_NOT_BUILT_IN;
#endif
default:
- failf(data, "Unsupported SSL protocol version");
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
return CURLE_SSL_CONNECT_ERROR;
}
@@ -1910,7 +2067,8 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
unsigned char protocols[128];
#ifdef USE_NGHTTP2
- if(data->set.httpversion >= CURL_HTTP_VERSION_2) {
+ if(data->set.httpversion >= CURL_HTTP_VERSION_2 &&
+ (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) {
protocols[cur++] = NGHTTP2_PROTO_VERSION_ID_LEN;
memcpy(&protocols[cur], NGHTTP2_PROTO_VERSION_ID,
@@ -1932,19 +2090,16 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
}
#endif
- if(data->set.str[STRING_CERT] || data->set.str[STRING_CERT_TYPE]) {
- if(!cert_stuff(conn,
- connssl->ctx,
- data->set.str[STRING_CERT],
- data->set.str[STRING_CERT_TYPE],
- data->set.str[STRING_KEY],
- data->set.str[STRING_KEY_TYPE])) {
+ if(ssl_cert || ssl_cert_type) {
+ if(!cert_stuff(conn, connssl->ctx, ssl_cert, ssl_cert_type,
+ SSL_SET_OPTION(key), SSL_SET_OPTION(key_type),
+ SSL_SET_OPTION(key_passwd))) {
/* failf() is already done in cert_stuff() */
return CURLE_SSL_CERTPROBLEM;
}
}
- ciphers = data->set.str[STRING_SSL_CIPHER_LIST];
+ ciphers = SSL_CONN_CONFIG(cipher_list);
if(!ciphers)
ciphers = (char *)DEFAULT_CIPHER_SELECTION;
if(!SSL_CTX_set_cipher_list(connssl->ctx, ciphers)) {
@@ -1954,18 +2109,20 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
infof(data, "Cipher selection: %s\n", ciphers);
#ifdef USE_TLS_SRP
- if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
- infof(data, "Using TLS-SRP username: %s\n", data->set.ssl.username);
+ if(ssl_authtype == CURL_TLSAUTH_SRP) {
+ char * const ssl_username = SSL_SET_OPTION(username);
+
+ infof(data, "Using TLS-SRP username: %s\n", ssl_username);
- if(!SSL_CTX_set_srp_username(connssl->ctx, data->set.ssl.username)) {
+ if(!SSL_CTX_set_srp_username(connssl->ctx, ssl_username)) {
failf(data, "Unable to set SRP user name");
return CURLE_BAD_FUNCTION_ARGUMENT;
}
- if(!SSL_CTX_set_srp_password(connssl->ctx, data->set.ssl.password)) {
+ if(!SSL_CTX_set_srp_password(connssl->ctx, SSL_SET_OPTION(password))) {
failf(data, "failed setting SRP password");
return CURLE_BAD_FUNCTION_ARGUMENT;
}
- if(!data->set.str[STRING_SSL_CIPHER_LIST]) {
+ if(!SSL_CONN_CONFIG(cipher_list)) {
infof(data, "Setting cipher list SRP\n");
if(!SSL_CTX_set_cipher_list(connssl->ctx, "SRP")) {
@@ -1975,28 +2132,23 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
}
}
#endif
- if(data->set.str[STRING_SSL_CAFILE] || data->set.str[STRING_SSL_CAPATH]) {
+
+ if(ssl_cafile || ssl_capath) {
/* tell SSL where to find CA certificates that are used to verify
the servers certificate. */
- if(!SSL_CTX_load_verify_locations(connssl->ctx,
- data->set.str[STRING_SSL_CAFILE],
- data->set.str[STRING_SSL_CAPATH])) {
- if(data->set.ssl.verifypeer) {
+ if(!SSL_CTX_load_verify_locations(connssl->ctx, ssl_cafile, ssl_capath)) {
+ if(verifypeer) {
/* Fail if we insist on successfully verifying the server. */
failf(data, "error setting certificate verify locations:\n"
" CAfile: %s\n CApath: %s",
- data->set.str[STRING_SSL_CAFILE]?
- data->set.str[STRING_SSL_CAFILE]: "none",
- data->set.str[STRING_SSL_CAPATH]?
- data->set.str[STRING_SSL_CAPATH] : "none");
+ ssl_cafile ? ssl_cafile : "none",
+ ssl_capath ? ssl_capath : "none");
return CURLE_SSL_CACERT_BADFILE;
}
- else {
- /* Just continue with a warning if no strict certificate verification
- is required. */
- infof(data, "error setting certificate verify locations,"
- " continuing anyway:\n");
- }
+ /* Just continue with a warning if no strict certificate verification
+ is required. */
+ infof(data, "error setting certificate verify locations,"
+ " continuing anyway:\n");
}
else {
/* Everything is fine. */
@@ -2005,40 +2157,33 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
infof(data,
" CAfile: %s\n"
" CApath: %s\n",
- data->set.str[STRING_SSL_CAFILE] ? data->set.str[STRING_SSL_CAFILE]:
- "none",
- data->set.str[STRING_SSL_CAPATH] ? data->set.str[STRING_SSL_CAPATH]:
- "none");
+ ssl_cafile ? ssl_cafile : "none",
+ ssl_capath ? ssl_capath : "none");
}
#ifdef CURL_CA_FALLBACK
- else if(data->set.ssl.verifypeer) {
+ else if(verifypeer) {
/* verfying the peer without any CA certificates won't
work so use openssl's built in default as fallback */
SSL_CTX_set_default_verify_paths(connssl->ctx);
}
#endif
- if(data->set.str[STRING_SSL_CRLFILE]) {
+ if(ssl_crlfile) {
/* tell SSL where to find CRL file that is used to check certificate
* revocation */
lookup=X509_STORE_add_lookup(SSL_CTX_get_cert_store(connssl->ctx),
X509_LOOKUP_file());
if(!lookup ||
- (!X509_load_crl_file(lookup, data->set.str[STRING_SSL_CRLFILE],
- X509_FILETYPE_PEM)) ) {
- failf(data, "error loading CRL file: %s",
- data->set.str[STRING_SSL_CRLFILE]);
+ (!X509_load_crl_file(lookup, ssl_crlfile, X509_FILETYPE_PEM)) ) {
+ failf(data, "error loading CRL file: %s", ssl_crlfile);
return CURLE_SSL_CRL_BADFILE;
}
- else {
- /* Everything is fine. */
- infof(data, "successfully load CRL file:\n");
- X509_STORE_set_flags(SSL_CTX_get_cert_store(connssl->ctx),
- X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
- }
- infof(data,
- " CRLfile: %s\n", data->set.str[STRING_SSL_CRLFILE] ?
- data->set.str[STRING_SSL_CRLFILE]: "none");
+ /* Everything is fine. */
+ infof(data, "successfully load CRL file:\n");
+ X509_STORE_set_flags(SSL_CTX_get_cert_store(connssl->ctx),
+ X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
+
+ infof(data, " CRLfile: %s\n", ssl_crlfile);
}
/* Try building a chain using issuers in the trusted store first to avoid
@@ -2049,7 +2194,7 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
*/
#if defined(X509_V_FLAG_TRUSTED_FIRST) && !defined(X509_V_FLAG_NO_ALT_CHAINS)
- if(data->set.ssl.verifypeer) {
+ if(verifypeer) {
X509_STORE_set_flags(SSL_CTX_get_cert_store(connssl->ctx),
X509_V_FLAG_TRUSTED_FIRST);
}
@@ -2060,8 +2205,7 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
* anyway. In the latter case the result of the verification is checked with
* SSL_get_verify_result() below. */
SSL_CTX_set_verify(connssl->ctx,
- data->set.ssl.verifypeer?SSL_VERIFY_PEER:SSL_VERIFY_NONE,
- NULL);
+ verifypeer ? SSL_VERIFY_PEER : SSL_VERIFY_NONE, NULL);
/* give application a chance to interfere with SSL set up. */
if(data->set.ssl.fsslctx) {
@@ -2084,48 +2228,56 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
#if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \
!defined(OPENSSL_NO_OCSP)
- if(data->set.ssl.verifystatus)
+ if(SSL_CONN_CONFIG(verifystatus))
SSL_set_tlsext_status_type(connssl->handle, TLSEXT_STATUSTYPE_ocsp);
#endif
SSL_set_connect_state(connssl->handle);
connssl->server_cert = 0x0;
-
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
- if((0 == Curl_inet_pton(AF_INET, conn->host.name, &addr)) &&
+ if((0 == Curl_inet_pton(AF_INET, hostname, &addr)) &&
#ifdef ENABLE_IPV6
- (0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr)) &&
+ (0 == Curl_inet_pton(AF_INET6, hostname, &addr)) &&
#endif
sni &&
- !SSL_set_tlsext_host_name(connssl->handle, conn->host.name))
+ !SSL_set_tlsext_host_name(connssl->handle, hostname))
infof(data, "WARNING: failed to configure server name indication (SNI) "
"TLS extension\n");
#endif
/* Check if there's a cached ID we can/should use here! */
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
void *ssl_sessionid = NULL;
Curl_ssl_sessionid_lock(conn);
- if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL)) {
+ if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL, sockindex)) {
/* we got a session id, use it! */
if(!SSL_set_session(connssl->handle, ssl_sessionid)) {
Curl_ssl_sessionid_unlock(conn);
failf(data, "SSL: SSL_set_session failed: %s",
- ERR_error_string(ERR_get_error(), NULL));
+ ossl_strerror(ERR_get_error(), error_buffer,
+ sizeof(error_buffer)));
return CURLE_SSL_CONNECT_ERROR;
}
/* Informational message */
- infof (data, "SSL re-using session ID\n");
+ infof(data, "SSL re-using session ID\n");
}
Curl_ssl_sessionid_unlock(conn);
}
- /* pass the raw socket into the SSL layers */
- if(!SSL_set_fd(connssl->handle, (int)sockfd)) {
+ if(conn->proxy_ssl[sockindex].use) {
+ BIO *const bio = BIO_new(BIO_f_ssl());
+ DEBUGASSERT(ssl_connection_complete == conn->proxy_ssl[sockindex].state);
+ DEBUGASSERT(conn->proxy_ssl[sockindex].handle != NULL);
+ DEBUGASSERT(bio != NULL);
+ BIO_set_ssl(bio, conn->proxy_ssl[sockindex].handle, FALSE);
+ SSL_set_bio(connssl->handle, bio, bio);
+ }
+ else if(!SSL_set_fd(connssl->handle, (int)sockfd)) {
+ /* pass the raw socket into the SSL layers */
failf(data, "SSL: SSL_set_fd failed: %s",
- ERR_error_string(ERR_get_error(), NULL));
+ ossl_strerror(ERR_get_error(), error_buffer, sizeof(error_buffer)));
return CURLE_SSL_CONNECT_ERROR;
}
@@ -2139,9 +2291,11 @@ static CURLcode ossl_connect_step2(struct connectdata
*conn, int sockindex)
struct Curl_easy *data = conn->data;
int err;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ long * const certverifyresult = SSL_IS_PROXY() ?
+ &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult;
DEBUGASSERT(ssl_connect_2 == connssl->connecting_state
- || ssl_connect_2_reading == connssl->connecting_state
- || ssl_connect_2_writing == connssl->connecting_state);
+ || ssl_connect_2_reading == connssl->connecting_state
+ || ssl_connect_2_writing == connssl->connecting_state);
ERR_clear_error();
@@ -2157,15 +2311,14 @@ static CURLcode ossl_connect_step2(struct connectdata
*conn, int sockindex)
connssl->connecting_state = ssl_connect_2_reading;
return CURLE_OK;
}
- else if(SSL_ERROR_WANT_WRITE == detail) {
+ if(SSL_ERROR_WANT_WRITE == detail) {
connssl->connecting_state = ssl_connect_2_writing;
return CURLE_OK;
}
else {
/* untreated error */
unsigned long errdetail;
- char error_buffer[256]=""; /* OpenSSL documents that this must be at
- least 256 bytes long. */
+ char error_buffer[256]="";
CURLcode result;
long lerr;
int lib;
@@ -2188,7 +2341,7 @@ static CURLcode ossl_connect_step2(struct connectdata
*conn, int sockindex)
lerr = SSL_get_verify_result(connssl->handle);
if(lerr != X509_V_OK) {
- data->set.ssl.certverifyresult = lerr;
+ *certverifyresult = lerr;
snprintf(error_buffer, sizeof(error_buffer),
"SSL certificate problem: %s",
X509_verify_cert_error_string(lerr));
@@ -2210,8 +2363,11 @@ static CURLcode ossl_connect_step2(struct connectdata
*conn, int sockindex)
* the SO_ERROR is also lost.
*/
if(CURLE_SSL_CONNECT_ERROR == result && errdetail == 0) {
- failf(data, "Unknown SSL protocol error in connection to %s:%ld ",
- conn->host.name, conn->remote_port);
+ const char * const hostname = SSL_IS_PROXY() ?
+ conn->http_proxy.host.name : conn->host.name;
+ const long int port = SSL_IS_PROXY() ? conn->port : conn->remote_port;
+ failf(data, OSSL_PACKAGE " SSL_connect: %s in connection to %s:%ld ",
+ SSL_ERROR_to_str(detail), hostname, port);
return result;
}
@@ -2235,7 +2391,7 @@ static CURLcode ossl_connect_step2(struct connectdata
*conn, int sockindex)
* negotiated
*/
if(conn->bits.tls_enable_alpn) {
- const unsigned char* neg_protocol;
+ const unsigned char *neg_protocol;
unsigned int len;
SSL_get0_alpn_selected(connssl->handle, &neg_protocol, &len);
if(len != 0) {
@@ -2266,7 +2422,8 @@ static int asn1_object_dump(ASN1_OBJECT *a, char *buf,
size_t len)
{
int i, ilen;
- if((ilen = (int)len) < 0)
+ ilen = (int)len;
+ if(ilen < 0)
return 1; /* buffer too big */
i = i2t_ASN1_OBJECT(buf, ilen, a);
@@ -2402,7 +2559,7 @@ static CURLcode get_cert_chain(struct connectdata *conn,
EVP_PKEY *pubkey=NULL;
int j;
char *ptr;
- CONST_ASN1_BIT_STRING ASN1_BIT_STRING *psig = NULL;
+ const ASN1_BIT_STRING *psig = NULL;
X509_NAME_print_ex(mem, X509_get_subject_name(x), 0, XN_FLAG_ONELINE);
push_certinfo("Subject", i);
@@ -2483,44 +2640,25 @@ static CURLcode get_cert_chain(struct connectdata *conn,
{
const BIGNUM *n;
const BIGNUM *e;
- const BIGNUM *d;
- const BIGNUM *p;
- const BIGNUM *q;
- const BIGNUM *dmp1;
- const BIGNUM *dmq1;
- const BIGNUM *iqmp;
- RSA_get0_key(rsa, &n, &e, &d);
- RSA_get0_factors(rsa, &p, &q);
- RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
+ RSA_get0_key(rsa, &n, &e, NULL);
BN_print(mem, n);
push_certinfo("RSA Public Key", i);
print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i);
- print_pubkey_BN(rsa, d, i);
- print_pubkey_BN(rsa, p, i);
- print_pubkey_BN(rsa, q, i);
- print_pubkey_BN(rsa, dmp1, i);
- print_pubkey_BN(rsa, dmq1, i);
- print_pubkey_BN(rsa, iqmp, i);
}
#else
BIO_printf(mem, "%d", BN_num_bits(rsa->n));
push_certinfo("RSA Public Key", i);
print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i);
- print_pubkey_BN(rsa, d, i);
- print_pubkey_BN(rsa, p, i);
- print_pubkey_BN(rsa, q, i);
- print_pubkey_BN(rsa, dmp1, i);
- print_pubkey_BN(rsa, dmq1, i);
- print_pubkey_BN(rsa, iqmp, i);
#endif
break;
}
case EVP_PKEY_DSA:
{
+#ifndef OPENSSL_NO_DSA
DSA *dsa;
#ifdef HAVE_OPAQUE_EVP_PKEY
dsa = EVP_PKEY_get0_DSA(pubkey);
@@ -2532,25 +2670,23 @@ static CURLcode get_cert_chain(struct connectdata *conn,
const BIGNUM *p;
const BIGNUM *q;
const BIGNUM *g;
- const BIGNUM *priv_key;
const BIGNUM *pub_key;
DSA_get0_pqg(dsa, &p, &q, &g);
- DSA_get0_key(dsa, &pub_key, &priv_key);
+ DSA_get0_key(dsa, &pub_key, NULL);
print_pubkey_BN(dsa, p, i);
print_pubkey_BN(dsa, q, i);
print_pubkey_BN(dsa, g, i);
- print_pubkey_BN(dsa, priv_key, i);
print_pubkey_BN(dsa, pub_key, i);
}
#else
print_pubkey_BN(dsa, p, i);
print_pubkey_BN(dsa, q, i);
print_pubkey_BN(dsa, g, i);
- print_pubkey_BN(dsa, priv_key, i);
print_pubkey_BN(dsa, pub_key, i);
#endif
+#endif /* !OPENSSL_NO_DSA */
break;
}
case EVP_PKEY_DH:
@@ -2566,20 +2702,17 @@ static CURLcode get_cert_chain(struct connectdata *conn,
const BIGNUM *p;
const BIGNUM *q;
const BIGNUM *g;
- const BIGNUM *priv_key;
const BIGNUM *pub_key;
DH_get0_pqg(dh, &p, &q, &g);
- DH_get0_key(dh, &pub_key, &priv_key);
+ DH_get0_key(dh, &pub_key, NULL);
print_pubkey_BN(dh, p, i);
print_pubkey_BN(dh, q, i);
print_pubkey_BN(dh, g, i);
- print_pubkey_BN(dh, priv_key, i);
print_pubkey_BN(dh, pub_key, i);
}
#else
print_pubkey_BN(dh, p, i);
print_pubkey_BN(dh, g, i);
- print_pubkey_BN(dh, priv_key, i);
print_pubkey_BN(dh, pub_key, i);
#endif
break;
@@ -2686,8 +2819,10 @@ static CURLcode servercert(struct connectdata *conn,
struct Curl_easy *data = conn->data;
X509 *issuer;
FILE *fp;
- char *buffer = data->state.buffer;
+ char buffer[2048];
const char *ptr;
+ long * const certverifyresult = SSL_IS_PROXY() ?
+ &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult;
BIO *mem = BIO_new(BIO_s_mem());
if(data->set.ssl.certinfo)
@@ -2696,6 +2831,7 @@ static CURLcode servercert(struct connectdata *conn,
connssl->server_cert = SSL_get_peer_certificate(connssl->handle);
if(!connssl->server_cert) {
+ BIO_free(mem);
if(!strict)
return CURLE_OK;
@@ -2703,10 +2839,10 @@ static CURLcode servercert(struct connectdata *conn,
return CURLE_PEER_FAILED_VERIFICATION;
}
- infof(data, "Server certificate:\n");
+ infof(data, "%s certificate:\n", SSL_IS_PROXY() ? "Proxy" : "Server");
rc = x509_name_oneline(X509_get_subject_name(connssl->server_cert),
- buffer, BUFSIZE);
+ buffer, sizeof(buffer));
infof(data, " subject: %s\n", rc?"[NONE]":buffer);
ASN1_TIME_print(mem, X509_get0_notBefore(connssl->server_cert));
@@ -2721,7 +2857,7 @@ static CURLcode servercert(struct connectdata *conn,
BIO_free(mem);
- if(data->set.ssl.verifyhost) {
+ if(SSL_CONN_CONFIG(verifyhost)) {
result = verifyhost(conn, connssl->server_cert);
if(result) {
X509_free(connssl->server_cert);
@@ -2731,7 +2867,7 @@ static CURLcode servercert(struct connectdata *conn,
}
rc = x509_name_oneline(X509_get_issuer_name(connssl->server_cert),
- buffer, BUFSIZE);
+ buffer, sizeof(buffer));
if(rc) {
if(strict)
failf(data, "SSL: couldn't get X509-issuer name!");
@@ -2744,12 +2880,12 @@ static CURLcode servercert(struct connectdata *conn,
deallocating the certificate. */
/* e.g. match issuer name with provided issuer certificate */
- if(data->set.str[STRING_SSL_ISSUERCERT]) {
- fp = fopen(data->set.str[STRING_SSL_ISSUERCERT], FOPEN_READTEXT);
+ if(SSL_SET_OPTION(issuercert)) {
+ fp = fopen(SSL_SET_OPTION(issuercert), FOPEN_READTEXT);
if(!fp) {
if(strict)
failf(data, "SSL: Unable to open issuer cert (%s)",
- data->set.str[STRING_SSL_ISSUERCERT]);
+ SSL_SET_OPTION(issuercert));
X509_free(connssl->server_cert);
connssl->server_cert = NULL;
return CURLE_SSL_ISSUER_ERROR;
@@ -2759,7 +2895,7 @@ static CURLcode servercert(struct connectdata *conn,
if(!issuer) {
if(strict)
failf(data, "SSL: Unable to read issuer cert (%s)",
- data->set.str[STRING_SSL_ISSUERCERT]);
+ SSL_SET_OPTION(issuercert));
X509_free(connssl->server_cert);
X509_free(issuer);
fclose(fp);
@@ -2771,7 +2907,7 @@ static CURLcode servercert(struct connectdata *conn,
if(X509_check_issued(issuer, connssl->server_cert) != X509_V_OK) {
if(strict)
failf(data, "SSL: Certificate issuer check failed (%s)",
- data->set.str[STRING_SSL_ISSUERCERT]);
+ SSL_SET_OPTION(issuercert));
X509_free(connssl->server_cert);
X509_free(issuer);
connssl->server_cert = NULL;
@@ -2779,15 +2915,14 @@ static CURLcode servercert(struct connectdata *conn,
}
infof(data, " SSL certificate issuer check ok (%s)\n",
- data->set.str[STRING_SSL_ISSUERCERT]);
+ SSL_SET_OPTION(issuercert));
X509_free(issuer);
}
- lerr = data->set.ssl.certverifyresult =
- SSL_get_verify_result(connssl->handle);
+ lerr = *certverifyresult = SSL_get_verify_result(connssl->handle);
- if(data->set.ssl.certverifyresult != X509_V_OK) {
- if(data->set.ssl.verifypeer) {
+ if(*certverifyresult != X509_V_OK) {
+ if(SSL_CONN_CONFIG(verifypeer)) {
/* We probably never reach this, because SSL_connect() will fail
and we return earlier if verifypeer is set? */
if(strict)
@@ -2806,7 +2941,7 @@ static CURLcode servercert(struct connectdata *conn,
#if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \
!defined(OPENSSL_NO_OCSP)
- if(data->set.ssl.verifystatus) {
+ if(SSL_CONN_CONFIG(verifystatus)) {
result = verifystatus(conn, connssl);
if(result) {
X509_free(connssl->server_cert);
@@ -2820,7 +2955,8 @@ static CURLcode servercert(struct connectdata *conn,
/* when not strict, we don't bother about the verify cert problems */
result = CURLE_OK;
- ptr = data->set.str[STRING_SSL_PINNEDPUBLICKEY];
+ ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
if(!result && ptr) {
result = pkp_pin_peer_pubkey(data, connssl->server_cert, ptr);
if(result)
@@ -2842,7 +2978,7 @@ static CURLcode ossl_connect_step3(struct connectdata
*conn, int sockindex)
DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
bool incache;
SSL_SESSION *our_ssl_sessionid;
void *old_ssl_sessionid = NULL;
@@ -2854,7 +2990,8 @@ static CURLcode ossl_connect_step3(struct connectdata
*conn, int sockindex)
regardless of its state. */
Curl_ssl_sessionid_lock(conn);
- incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL));
+ incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL,
+ sockindex));
if(incache) {
if(old_ssl_sessionid != our_ssl_sessionid) {
infof(data, "old SSL session ID is stale, removing\n");
@@ -2865,7 +3002,7 @@ static CURLcode ossl_connect_step3(struct connectdata
*conn, int sockindex)
if(!incache) {
result = Curl_ssl_addsessionid(conn, our_ssl_sessionid,
- 0 /* unknown size */);
+ 0 /* unknown size */, sockindex);
if(result) {
Curl_ssl_sessionid_unlock(conn);
failf(data, "failed to store ssl session");
@@ -2889,8 +3026,8 @@ static CURLcode ossl_connect_step3(struct connectdata
*conn, int sockindex)
* operations.
*/
- result = servercert(conn, connssl,
- (data->set.ssl.verifypeer || data->set.ssl.verifyhost));
+ result = servercert(conn, connssl, (SSL_CONN_CONFIG(verifypeer) ||
+ SSL_CONN_CONFIG(verifyhost)));
if(!result)
connssl->connecting_state = ssl_connect_done;
@@ -2910,7 +3047,7 @@ static CURLcode ossl_connect_common(struct connectdata
*conn,
struct Curl_easy *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
curl_socket_t sockfd = conn->sock[sockindex];
- long timeout_ms;
+ time_t timeout_ms;
int what;
/* check if the connection has already been established */
@@ -2956,22 +3093,21 @@ static CURLcode ossl_connect_common(struct connectdata
*conn,
curl_socket_t readfd = ssl_connect_2_reading==
connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
- what = Curl_socket_ready(readfd, writefd, nonblocking?0:timeout_ms);
+ what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
+ nonblocking?0:timeout_ms);
if(what < 0) {
/* fatal error */
failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
return CURLE_SSL_CONNECT_ERROR;
}
- else if(0 == what) {
+ if(0 == what) {
if(nonblocking) {
*done = FALSE;
return CURLE_OK;
}
- else {
- /* timeout */
- failf(data, "SSL connection timeout");
- return CURLE_OPERATION_TIMEDOUT;
- }
+ /* timeout */
+ failf(data, "SSL connection timeout");
+ return CURLE_OPERATION_TIMEDOUT;
}
/* socket is readable or writable */
}
@@ -3037,9 +3173,11 @@ bool Curl_ossl_data_pending(const struct connectdata
*conn, int connindex)
{
if(conn->ssl[connindex].handle)
/* SSL is in use */
- return (0 != SSL_pending(conn->ssl[connindex].handle)) ? TRUE : FALSE;
- else
- return FALSE;
+ return (0 != SSL_pending(conn->ssl[connindex].handle) ||
+ (conn->proxy_ssl[connindex].handle &&
+ 0 != SSL_pending(conn->proxy_ssl[connindex].handle))) ?
+ TRUE : FALSE;
+ return FALSE;
}
static ssize_t ossl_send(struct connectdata *conn,
@@ -3051,8 +3189,7 @@ static ssize_t ossl_send(struct connectdata *conn,
/* SSL_write() is said to return 'int' while write() and send() returns
'size_t' */
int err;
- char error_buffer[256]; /* OpenSSL documents that this must be at least 256
- bytes long. */
+ char error_buffer[256];
unsigned long sslerror;
int memlen;
int rc;
@@ -3082,13 +3219,24 @@ static ssize_t ossl_send(struct connectdata *conn,
/* A failure in the SSL library occurred, usually a protocol error.
The OpenSSL error queue contains more information on the error. */
sslerror = ERR_get_error();
- failf(conn->data, "SSL_write() error: %s",
- ossl_strerror(sslerror, error_buffer, sizeof(error_buffer)));
+ if(ERR_GET_LIB(sslerror) == ERR_LIB_SSL &&
+ ERR_GET_REASON(sslerror) == SSL_R_BIO_NOT_SET &&
+ conn->ssl[sockindex].state == ssl_connection_complete &&
+ conn->proxy_ssl[sockindex].state == ssl_connection_complete) {
+ char ver[120];
+ Curl_ossl_version(ver, 120);
+ failf(conn->data, "Error: %s does not support double SSL tunneling.",
+ ver);
+ }
+ else
+ failf(conn->data, "SSL_write() error: %s",
+ ossl_strerror(sslerror, error_buffer, sizeof(error_buffer)));
*curlcode = CURLE_SEND_ERROR;
return -1;
}
/* a true error */
- failf(conn->data, "SSL_write() return error %d", err);
+ failf(conn->data, OSSL_PACKAGE " SSL_write: %s, errno %d",
+ SSL_ERROR_to_str(err), SOCKERRNO);
*curlcode = CURLE_SEND_ERROR;
return -1;
}
@@ -3102,8 +3250,7 @@ static ssize_t ossl_recv(struct connectdata *conn, /*
connection data */
size_t buffersize, /* max amount to read */
CURLcode *curlcode)
{
- char error_buffer[256]; /* OpenSSL documents that this must be at
- least 256 bytes long. */
+ char error_buffer[256];
unsigned long sslerror;
ssize_t nread;
int buffsize;
@@ -3133,8 +3280,10 @@ static ssize_t ossl_recv(struct connectdata *conn, /*
connection data */
if((nread < 0) || sslerror) {
/* If the return code was negative or there actually is an error in the
queue */
- failf(conn->data, "SSL read: %s, errno %d",
- ossl_strerror(sslerror, error_buffer, sizeof(error_buffer)),
+ failf(conn->data, OSSL_PACKAGE " SSL_read: %s, errno %d",
+ (sslerror ?
+ ossl_strerror(sslerror, error_buffer, sizeof(error_buffer)) :
+ SSL_ERROR_to_str(err)),
SOCKERRNO);
*curlcode = CURLE_RECV_ERROR;
return -1;
@@ -3167,7 +3316,7 @@ size_t Curl_ossl_version(char *buffer, size_t size)
sub[0] = 'z';
}
else {
- sub[0]=(char)(((ssleay_value>>4)&0xff) + 'a' -1);
+ sub[0] = (char) (minor_ver + 'a' - 1);
}
}
else
@@ -3184,14 +3333,21 @@ size_t Curl_ossl_version(char *buffer, size_t size)
}
/* can be called with data == NULL */
-int Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,
- size_t length)
+CURLcode Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,
+ size_t length)
{
+ int rc;
if(data) {
- Curl_ossl_seed(data); /* Initiate the seed if not already done */
+ if(Curl_ossl_seed(data)) /* Initiate the seed if not already done */
+ return CURLE_FAILED_INIT; /* couldn't seed for some reason */
+ }
+ else {
+ if(!rand_enough())
+ return CURLE_FAILED_INIT;
}
- RAND_bytes(entropy, curlx_uztosi(length));
- return 0; /* 0 as in no problem */
+ /* RAND_bytes() returns 1 on success, 0 otherwise. */
+ rc = RAND_bytes(entropy, curlx_uztosi(length));
+ return (rc == 1 ? CURLE_OK : CURLE_FAILED_INIT);
}
void Curl_ossl_md5sum(unsigned char *tmp, /* input */
diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h
index ee18e710f..b9648d514 100644
--- a/lib/vtls/openssl.h
+++ b/lib/vtls/openssl.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -66,8 +66,8 @@ bool Curl_ossl_data_pending(const struct connectdata *conn,
int connindex);
/* return 0 if a find random is filled in */
-int Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,
- size_t length);
+CURLcode Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,
+ size_t length);
void Curl_ossl_md5sum(unsigned char *tmp, /* input */
size_t tmplen,
unsigned char *md5sum /* output */,
@@ -79,6 +79,9 @@ void Curl_ossl_sha256sum(const unsigned char *tmp, /* input */
bool Curl_ossl_cert_status_request(void);
+/* Support HTTPS-proxy */
+#define HTTPS_PROXY_SUPPORT 1
+
/* Set the API backend definition to OpenSSL */
#define CURL_SSL_BACKEND CURLSSLBACKEND_OPENSSL
diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index d33f54801..669091cb5 100644
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -54,7 +54,7 @@
#include "parsedate.h"
#include "connect.h" /* for the connect timeout */
#include "select.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "polarssl_threadlock.h"
#include "curl_printf.h"
#include "curl_memory.h"
@@ -75,6 +75,11 @@
#define THREADING_SUPPORT
#endif
+#ifndef POLARSSL_ERROR_C
+#define error_strerror(x,y,z)
+#endif /* POLARSSL_ERROR_C */
+
+
#if defined(THREADING_SUPPORT)
static entropy_context entropy;
@@ -96,13 +101,13 @@ static void entropy_init_mutex(entropy_context *ctx)
/* start of entropy_func_mutex() */
static int entropy_func_mutex(void *data, unsigned char *output, size_t len)
{
- int ret;
- /* lock 1 = entropy_func_mutex() */
- Curl_polarsslthreadlock_lock_function(1);
- ret = entropy_func(data, output, len);
- Curl_polarsslthreadlock_unlock_function(1);
+ int ret;
+ /* lock 1 = entropy_func_mutex() */
+ Curl_polarsslthreadlock_lock_function(1);
+ ret = entropy_func(data, output, len);
+ Curl_polarsslthreadlock_unlock_function(1);
- return ret;
+ return ret;
}
/* end of entropy_func_mutex() */
@@ -135,87 +140,135 @@ static void polarssl_debug(void *context, int level,
const char *line)
static Curl_recv polarssl_recv;
static Curl_send polarssl_send;
+static CURLcode polarssl_version_from_curl(int *polarver, long ssl_version)
+{
+ switch(ssl_version) {
+ case CURL_SSLVERSION_TLSv1_0:
+ *polarver = SSL_MINOR_VERSION_1;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_1:
+ *polarver = SSL_MINOR_VERSION_2;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_2:
+ *polarver = SSL_MINOR_VERSION_3;
+ return CURLE_OK;
+ case CURL_SSLVERSION_TLSv1_3:
+ break;
+ }
+ return CURLE_SSL_CONNECT_ERROR;
+}
static CURLcode
-polarssl_connect_step1(struct connectdata *conn,
- int sockindex)
+set_ssl_version_min_max(struct connectdata *conn, int sockindex)
{
struct Curl_easy *data = conn->data;
struct ssl_connect_data* connssl = &conn->ssl[sockindex];
+ long ssl_version = SSL_CONN_CONFIG(version);
+ long ssl_version_max = SSL_CONN_CONFIG(version_max);
+ int ssl_min_ver = SSL_MINOR_VERSION_1;
+ int ssl_max_ver = SSL_MINOR_VERSION_1;
+ CURLcode result = CURLE_OK;
+
+ switch(ssl_version) {
+ case CURL_SSLVERSION_DEFAULT:
+ case CURL_SSLVERSION_TLSv1:
+ ssl_version = CURL_SSLVERSION_TLSv1_0;
+ ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
+ break;
+ }
+
+ switch(ssl_version_max) {
+ case CURL_SSLVERSION_MAX_NONE:
+ ssl_version_max = ssl_version << 16;
+ break;
+ case CURL_SSLVERSION_MAX_DEFAULT:
+ ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
+ break;
+ }
+
+ result = polarssl_version_from_curl(&ssl_min_ver, ssl_version);
+ if(result) {
+ failf(data, "unsupported min version passed via CURLOPT_SSLVERSION");
+ return result;
+ }
+ result = polarssl_version_from_curl(&ssl_max_ver, ssl_version_max >> 16);
+ if(result) {
+ failf(data, "unsupported max version passed via CURLOPT_SSLVERSION");
+ return result;
+ }
+
+ ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3, ssl_min_ver);
+ ssl_set_max_version(&connssl->ssl, SSL_MAJOR_VERSION_3, ssl_max_ver);
+
+ return result;
+}
- bool sni = TRUE; /* default is SNI enabled */
+static CURLcode
+polarssl_connect_step1(struct connectdata *conn,
+ int sockindex)
+{
+ struct Curl_easy *data = conn->data;
+ struct ssl_connect_data* connssl = &conn->ssl[sockindex];
+ const char *capath = SSL_CONN_CONFIG(CApath);
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+ const long int port = SSL_IS_PROXY() ? conn->port : conn->remote_port;
int ret = -1;
-#ifdef ENABLE_IPV6
- struct in6_addr addr;
-#else
- struct in_addr addr;
-#endif
char errorbuf[128];
errorbuf[0]=0;
/* PolarSSL only supports SSLv3 and TLSv1 */
- if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
+ if(SSL_CONN_CONFIG(version) == CURL_SSLVERSION_SSLv2) {
failf(data, "PolarSSL does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
}
- else if(data->set.ssl.version == CURL_SSLVERSION_SSLv3)
- sni = FALSE; /* SSLv3 has no SNI */
#ifdef THREADING_SUPPORT
entropy_init_mutex(&entropy);
if((ret = ctr_drbg_init(&connssl->ctr_drbg, entropy_func_mutex, &entropy,
NULL, 0)) != 0) {
-#ifdef POLARSSL_ERROR_C
- error_strerror(ret, errorbuf, sizeof(errorbuf));
-#endif /* POLARSSL_ERROR_C */
- failf(data, "Failed - PolarSSL: ctr_drbg_init returned (-0x%04X) %s\n",
- -ret, errorbuf);
+ error_strerror(ret, errorbuf, sizeof(errorbuf));
+ failf(data, "Failed - PolarSSL: ctr_drbg_init returned (-0x%04X) %s\n",
+ -ret, errorbuf);
}
#else
entropy_init(&connssl->entropy);
if((ret = ctr_drbg_init(&connssl->ctr_drbg, entropy_func, &connssl->entropy,
NULL, 0)) != 0) {
-#ifdef POLARSSL_ERROR_C
- error_strerror(ret, errorbuf, sizeof(errorbuf));
-#endif /* POLARSSL_ERROR_C */
- failf(data, "Failed - PolarSSL: ctr_drbg_init returned (-0x%04X) %s\n",
- -ret, errorbuf);
+ error_strerror(ret, errorbuf, sizeof(errorbuf));
+ failf(data, "Failed - PolarSSL: ctr_drbg_init returned (-0x%04X) %s\n",
+ -ret, errorbuf);
}
#endif /* THREADING_SUPPORT */
/* Load the trusted CA */
memset(&connssl->cacert, 0, sizeof(x509_crt));
- if(data->set.str[STRING_SSL_CAFILE]) {
+ if(SSL_CONN_CONFIG(CAfile)) {
ret = x509_crt_parse_file(&connssl->cacert,
- data->set.str[STRING_SSL_CAFILE]);
+ SSL_CONN_CONFIG(CAfile));
if(ret<0) {
-#ifdef POLARSSL_ERROR_C
error_strerror(ret, errorbuf, sizeof(errorbuf));
-#endif /* POLARSSL_ERROR_C */
failf(data, "Error reading ca cert file %s - PolarSSL: (-0x%04X) %s",
- data->set.str[STRING_SSL_CAFILE], -ret, errorbuf);
+ SSL_CONN_CONFIG(CAfile), -ret, errorbuf);
- if(data->set.ssl.verifypeer)
+ if(SSL_CONN_CONFIG(verifypeer))
return CURLE_SSL_CACERT_BADFILE;
}
}
- if(data->set.str[STRING_SSL_CAPATH]) {
- ret = x509_crt_parse_path(&connssl->cacert,
- data->set.str[STRING_SSL_CAPATH]);
+ if(capath) {
+ ret = x509_crt_parse_path(&connssl->cacert, capath);
if(ret<0) {
-#ifdef POLARSSL_ERROR_C
error_strerror(ret, errorbuf, sizeof(errorbuf));
-#endif /* POLARSSL_ERROR_C */
failf(data, "Error reading ca cert path %s - PolarSSL: (-0x%04X) %s",
- data->set.str[STRING_SSL_CAPATH], -ret, errorbuf);
+ capath, -ret, errorbuf);
- if(data->set.ssl.verifypeer)
+ if(SSL_CONN_CONFIG(verifypeer))
return CURLE_SSL_CACERT_BADFILE;
}
}
@@ -223,27 +276,25 @@ polarssl_connect_step1(struct connectdata *conn,
/* Load the client certificate */
memset(&connssl->clicert, 0, sizeof(x509_crt));
- if(data->set.str[STRING_CERT]) {
+ if(SSL_SET_OPTION(cert)) {
ret = x509_crt_parse_file(&connssl->clicert,
- data->set.str[STRING_CERT]);
+ SSL_SET_OPTION(cert));
if(ret) {
-#ifdef POLARSSL_ERROR_C
error_strerror(ret, errorbuf, sizeof(errorbuf));
-#endif /* POLARSSL_ERROR_C */
failf(data, "Error reading client cert file %s - PolarSSL: (-0x%04X) %s",
- data->set.str[STRING_CERT], -ret, errorbuf);
+ SSL_SET_OPTION(cert), -ret, errorbuf);
return CURLE_SSL_CERTPROBLEM;
}
}
/* Load the client private key */
- if(data->set.str[STRING_KEY]) {
+ if(SSL_SET_OPTION(key)) {
pk_context pk;
pk_init(&pk);
- ret = pk_parse_keyfile(&pk, data->set.str[STRING_KEY],
- data->set.str[STRING_KEY_PASSWD]);
+ ret = pk_parse_keyfile(&pk, SSL_SET_OPTION(key),
+ SSL_SET_OPTION(key_passwd));
if(ret == 0 && !pk_can_do(&pk, POLARSSL_PK_RSA))
ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
if(ret == 0)
@@ -253,11 +304,9 @@ polarssl_connect_step1(struct connectdata *conn,
pk_free(&pk);
if(ret) {
-#ifdef POLARSSL_ERROR_C
error_strerror(ret, errorbuf, sizeof(errorbuf));
-#endif /* POLARSSL_ERROR_C */
failf(data, "Error reading private key %s - PolarSSL: (-0x%04X) %s",
- data->set.str[STRING_KEY], -ret, errorbuf);
+ SSL_SET_OPTION(key), -ret, errorbuf);
return CURLE_SSL_CERTPROBLEM;
}
@@ -266,31 +315,27 @@ polarssl_connect_step1(struct connectdata *conn,
/* Load the CRL */
memset(&connssl->crl, 0, sizeof(x509_crl));
- if(data->set.str[STRING_SSL_CRLFILE]) {
+ if(SSL_SET_OPTION(CRLfile)) {
ret = x509_crl_parse_file(&connssl->crl,
- data->set.str[STRING_SSL_CRLFILE]);
+ SSL_SET_OPTION(CRLfile));
if(ret) {
-#ifdef POLARSSL_ERROR_C
error_strerror(ret, errorbuf, sizeof(errorbuf));
-#endif /* POLARSSL_ERROR_C */
failf(data, "Error reading CRL file %s - PolarSSL: (-0x%04X) %s",
- data->set.str[STRING_SSL_CRLFILE], -ret, errorbuf);
+ SSL_SET_OPTION(CRLfile), -ret, errorbuf);
return CURLE_SSL_CRL_BADFILE;
}
}
- infof(data, "PolarSSL: Connecting to %s:%d\n",
- conn->host.name, conn->remote_port);
+ infof(data, "PolarSSL: Connecting to %s:%d\n", hostname, port);
if(ssl_init(&connssl->ssl)) {
failf(data, "PolarSSL: ssl_init failed");
return CURLE_SSL_CONNECT_ERROR;
}
- switch(data->set.ssl.version) {
- default:
+ switch(SSL_CONN_CONFIG(version)) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
@@ -304,26 +349,18 @@ polarssl_connect_step1(struct connectdata *conn,
infof(data, "PolarSSL: Forced min. SSL Version to be SSLv3\n");
break;
case CURL_SSLVERSION_TLSv1_0:
- ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
- SSL_MINOR_VERSION_1);
- ssl_set_max_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
- SSL_MINOR_VERSION_1);
- infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.0\n");
- break;
case CURL_SSLVERSION_TLSv1_1:
- ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
- SSL_MINOR_VERSION_2);
- ssl_set_max_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
- SSL_MINOR_VERSION_2);
- infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.1\n");
- break;
case CURL_SSLVERSION_TLSv1_2:
- ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
- SSL_MINOR_VERSION_3);
- ssl_set_max_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
- SSL_MINOR_VERSION_3);
- infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.2\n");
- break;
+ case CURL_SSLVERSION_TLSv1_3:
+ {
+ CURLcode result = set_ssl_version_min_max(conn, sockindex);
+ if(result != CURLE_OK)
+ return result;
+ break;
+ }
+ default:
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
+ return CURLE_SSL_CONNECT_ERROR;
}
ssl_set_endpoint(&connssl->ssl, SSL_IS_CLIENT);
@@ -338,30 +375,31 @@ polarssl_connect_step1(struct connectdata *conn,
ssl_set_ciphersuites(&connssl->ssl, ssl_list_ciphersuites());
/* Check if there's a cached ID we can/should use here! */
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
void *old_session = NULL;
Curl_ssl_sessionid_lock(conn);
- if(!Curl_ssl_getsessionid(conn, &old_session, NULL)) {
+ if(!Curl_ssl_getsessionid(conn, &old_session, NULL, sockindex)) {
ret = ssl_set_session(&connssl->ssl, old_session);
- Curl_ssl_sessionid_unlock(conn);
if(ret) {
+ Curl_ssl_sessionid_unlock(conn);
failf(data, "ssl_set_session returned -0x%x", -ret);
return CURLE_SSL_CONNECT_ERROR;
}
infof(data, "PolarSSL re-using session\n");
}
+ Curl_ssl_sessionid_unlock(conn);
}
ssl_set_ca_chain(&connssl->ssl,
&connssl->cacert,
&connssl->crl,
- conn->host.name);
+ hostname);
ssl_set_own_cert_rsa(&connssl->ssl,
&connssl->clicert, &connssl->rsa);
- if(ssl_set_hostname(&connssl->ssl, conn->host.name)) {
+ if(ssl_set_hostname(&connssl->ssl, hostname)) {
/* ssl_set_hostname() sets the name to use in CN/SAN checks *and* the name
to set in the SNI extension. So even if curl connects to a host
specified as an IP address, this function must be used. */
@@ -371,7 +409,7 @@ polarssl_connect_step1(struct connectdata *conn,
#ifdef HAS_ALPN
if(conn->bits.tls_enable_alpn) {
- static const char* protocols[3];
+ static const char *protocols[3];
int cur = 0;
#ifdef USE_NGHTTP2
@@ -401,12 +439,16 @@ polarssl_connect_step1(struct connectdata *conn,
static CURLcode
polarssl_connect_step2(struct connectdata *conn,
- int sockindex)
+ int sockindex)
{
int ret;
struct Curl_easy *data = conn->data;
struct ssl_connect_data* connssl = &conn->ssl[sockindex];
char buffer[1024];
+ const char * const pinnedpubkey = SSL_IS_PROXY() ?
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
+
char errorbuf[128];
errorbuf[0] = 0;
@@ -429,9 +471,7 @@ polarssl_connect_step2(struct connectdata *conn,
return CURLE_OK;
default:
-#ifdef POLARSSL_ERROR_C
error_strerror(ret, errorbuf, sizeof(errorbuf));
-#endif /* POLARSSL_ERROR_C */
failf(data, "ssl_handshake returned - PolarSSL: (-0x%04X) %s",
-ret, errorbuf);
return CURLE_SSL_CONNECT_ERROR;
@@ -442,7 +482,7 @@ polarssl_connect_step2(struct connectdata *conn,
ret = ssl_get_verify_result(&conn->ssl[sockindex].ssl);
- if(ret && data->set.ssl.verifypeer) {
+ if(ret && SSL_CONN_CONFIG(verifypeer)) {
if(ret & BADCERT_EXPIRED)
failf(data, "Cert verify failed: BADCERT_EXPIRED");
@@ -470,7 +510,7 @@ polarssl_connect_step2(struct connectdata *conn,
}
/* adapted from mbedtls.c */
- if(data->set.str[STRING_SSL_PINNEDPUBLICKEY]) {
+ if(pinnedpubkey) {
int size;
CURLcode result;
x509_crt *p;
@@ -512,7 +552,7 @@ polarssl_connect_step2(struct connectdata *conn,
/* pk_write_pubkey_der writes data at the end of the buffer. */
result = Curl_pin_peer_pubkey(data,
- data->set.str[STRING_SSL_PINNEDPUBLICKEY],
+ pinnedpubkey,
&pubkey[PUB_DER_MAX_BYTES - size], size);
if(result) {
x509_crt_free(p);
@@ -538,9 +578,9 @@ polarssl_connect_step2(struct connectdata *conn,
}
else
#endif
- if(!strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) {
- conn->negnpn = CURL_HTTP_VERSION_1_1;
- }
+ if(!strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) {
+ conn->negnpn = CURL_HTTP_VERSION_1_1;
+ }
}
else
infof(data, "ALPN, server did not agree to a protocol\n");
@@ -555,7 +595,7 @@ polarssl_connect_step2(struct connectdata *conn,
static CURLcode
polarssl_connect_step3(struct connectdata *conn,
- int sockindex)
+ int sockindex)
{
CURLcode retcode = CURLE_OK;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
@@ -563,7 +603,7 @@ polarssl_connect_step3(struct connectdata *conn,
DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
int ret;
ssl_session *our_ssl_sessionid;
void *old_ssl_sessionid = NULL;
@@ -572,7 +612,7 @@ polarssl_connect_step3(struct connectdata *conn,
if(!our_ssl_sessionid)
return CURLE_OUT_OF_MEMORY;
- ssl_session_init(our_ssl_sessionid);
+ memset(our_ssl_sessionid, 0, sizeof(ssl_session));
ret = ssl_get_session(&connssl->ssl, our_ssl_sessionid);
if(ret) {
@@ -582,10 +622,10 @@ polarssl_connect_step3(struct connectdata *conn,
/* If there's already a matching session in the cache, delete it */
Curl_ssl_sessionid_lock(conn);
- if(!Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL))
+ if(!Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL, sockindex))
Curl_ssl_delsessionid(conn, old_ssl_sessionid);
- retcode = Curl_ssl_addsessionid(conn, our_ssl_sessionid, 0);
+ retcode = Curl_ssl_addsessionid(conn, our_ssl_sessionid, 0, sockindex);
Curl_ssl_sessionid_unlock(conn);
if(retcode) {
free(our_ssl_sessionid);
@@ -727,7 +767,8 @@ polarssl_connect_common(struct connectdata *conn,
curl_socket_t readfd = ssl_connect_2_reading==
connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
- what = Curl_socket_ready(readfd, writefd, nonblocking?0:timeout_ms);
+ what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
+ nonblocking?0:timeout_ms);
if(what < 0) {
/* fatal error */
failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
@@ -786,8 +827,8 @@ polarssl_connect_common(struct connectdata *conn,
CURLcode
Curl_polarssl_connect_nonblocking(struct connectdata *conn,
- int sockindex,
- bool *done)
+ int sockindex,
+ bool *done)
{
return polarssl_connect_common(conn, sockindex, TRUE, done);
}
@@ -795,7 +836,7 @@ Curl_polarssl_connect_nonblocking(struct connectdata *conn,
CURLcode
Curl_polarssl_connect(struct connectdata *conn,
- int sockindex)
+ int sockindex)
{
CURLcode result;
bool done = FALSE;
@@ -823,4 +864,10 @@ void Curl_polarssl_cleanup(void)
(void)Curl_polarsslthreadlock_thread_cleanup();
}
+
+int Curl_polarssl_data_pending(const struct connectdata *conn, int sockindex)
+{
+ return ssl_get_bytes_avail(&conn->ssl[sockindex].ssl) != 0;
+}
+
#endif /* USE_POLARSSL */
diff --git a/lib/vtls/polarssl.h b/lib/vtls/polarssl.h
index 7098b24a4..47af7b417 100644
--- a/lib/vtls/polarssl.h
+++ b/lib/vtls/polarssl.h
@@ -31,6 +31,7 @@
/* Called on first use PolarSSL, setup threading if supported */
int Curl_polarssl_init(void);
void Curl_polarssl_cleanup(void);
+int Curl_polarssl_data_pending(const struct connectdata *conn, int sockindex);
CURLcode Curl_polarssl_connect(struct connectdata *conn, int sockindex);
@@ -69,7 +70,7 @@ int Curl_polarssl_shutdown(struct connectdata *conn, int
sockindex);
#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
#define curlssl_version Curl_polarssl_version
#define curlssl_check_cxn(x) ((void)x, -1)
-#define curlssl_data_pending(x,y) ((void)x, (void)y, 0)
+#define curlssl_data_pending(x,y) Curl_polarssl_data_pending(x, y)
#define curlssl_sha256sum(a,b,c,d) sha256(a,b,c,0)
/* This might cause libcurl to use a weeker random!
diff --git a/lib/vtls/polarssl_threadlock.c b/lib/vtls/polarssl_threadlock.c
index 3b0ebf886..b1eb7b746 100644
--- a/lib/vtls/polarssl_threadlock.c
+++ b/lib/vtls/polarssl_threadlock.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2013-2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2013-2016, Daniel Stenberg, <address@hidden>, et al.
* Copyright (C) 2010, 2011, Hoi-Ho Chan, <address@hidden>
*
* This software is licensed as described in the file COPYING, which
@@ -52,7 +52,7 @@ int Curl_polarsslthreadlock_thread_setup(void)
int i;
int ret;
- mutex_buf = malloc(NUMT * sizeof(POLARSSL_MUTEX_T));
+ mutex_buf = calloc(NUMT * sizeof(POLARSSL_MUTEX_T), 1);
if(!mutex_buf)
return 0; /* error, no number of threads defined */
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 511bd11ee..94603018b 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -7,7 +7,7 @@
*
* Copyright (C) 2012 - 2016, Marc Hoersken, <address@hidden>
* Copyright (C) 2012, Mark Salisbury, <address@hidden>
- * Copyright (C) 2012 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -59,6 +59,7 @@
#include "x509asn1.h"
#include "curl_printf.h"
#include "system_win32.h"
+#include "hostcheck.h"
/* The last #include file should be: */
#include "curl_memory.h"
@@ -102,6 +103,41 @@ static void InitSecBufferDesc(SecBufferDesc *desc,
SecBuffer *BufArr,
}
static CURLcode
+set_ssl_version_min_max(SCHANNEL_CRED *schannel_cred, struct connectdata *conn)
+{
+ struct Curl_easy *data = conn->data;
+ long ssl_version = SSL_CONN_CONFIG(version);
+ long ssl_version_max = SSL_CONN_CONFIG(version_max);
+ long i = ssl_version;
+
+ switch(ssl_version_max) {
+ case CURL_SSLVERSION_MAX_NONE:
+ ssl_version_max = ssl_version << 16;
+ break;
+ case CURL_SSLVERSION_MAX_DEFAULT:
+ ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
+ break;
+ }
+ for(; i <= (ssl_version_max >> 16); ++i) {
+ switch(i) {
+ case CURL_SSLVERSION_TLSv1_0:
+ schannel_cred->grbitEnabledProtocols |= SP_PROT_TLS1_0_CLIENT;
+ break;
+ case CURL_SSLVERSION_TLSv1_1:
+ schannel_cred->grbitEnabledProtocols |= SP_PROT_TLS1_1_CLIENT;
+ break;
+ case CURL_SSLVERSION_TLSv1_2:
+ schannel_cred->grbitEnabledProtocols |= SP_PROT_TLS1_2_CLIENT;
+ break;
+ case CURL_SSLVERSION_TLSv1_3:
+ failf(data, "Schannel: TLS 1.3 is not yet supported");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+ }
+ return CURLE_OK;
+}
+
+static CURLcode
schannel_connect_step1(struct connectdata *conn, int sockindex)
{
ssize_t written = -1;
@@ -123,9 +159,19 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
#endif
TCHAR *host_name;
CURLcode result;
+ char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
infof(data, "schannel: SSL/TLS connection with %s port %hu (step 1/3)\n",
- conn->host.name, conn->remote_port);
+ hostname, conn->remote_port);
+
+ if(Curl_verify_windows_version(5, 1, PLATFORM_WINNT,
+ VERSION_LESS_THAN_EQUAL)) {
+ /* SChannel in Windows XP (OS version 5.1) uses legacy handshakes and
+ algorithms that may not be supported by all servers. */
+ infof(data, "schannel: WinSSL version is old and may not be able to "
+ "connect to some servers due to lack of SNI, algorithms, etc.\n");
+ }
#ifdef HAS_ALPN
/* ALPN is only supported on Windows 8.1 / Server 2012 R2 and above.
@@ -142,9 +188,9 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
connssl->cred = NULL;
/* check for an existing re-usable credential handle */
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
Curl_ssl_sessionid_lock(conn);
- if(!Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL)) {
+ if(!Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL, sockindex)) {
connssl->cred = old_cred;
infof(data, "schannel: re-using existing credential handle\n");
@@ -161,7 +207,7 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
memset(&schannel_cred, 0, sizeof(schannel_cred));
schannel_cred.dwVersion = SCHANNEL_CRED_VERSION;
- if(data->set.ssl.verifypeer) {
+ if(conn->ssl_config.verifypeer) {
#ifdef _WIN32_WCE
/* certificate validation on CE doesn't seem to work right; we'll
do it following a more manual process. */
@@ -170,13 +216,14 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
SCH_CRED_IGNORE_REVOCATION_OFFLINE;
#else
schannel_cred.dwFlags = SCH_CRED_AUTO_CRED_VALIDATION;
- if(data->set.ssl_no_revoke)
+ /* TODO s/data->set.ssl.no_revoke/SSL_SET_OPTION(no_revoke)/g */
+ if(data->set.ssl.no_revoke)
schannel_cred.dwFlags |= SCH_CRED_IGNORE_NO_REVOCATION_CHECK |
SCH_CRED_IGNORE_REVOCATION_OFFLINE;
else
schannel_cred.dwFlags |= SCH_CRED_REVOCATION_CHECK_CHAIN;
#endif
- if(data->set.ssl_no_revoke)
+ if(data->set.ssl.no_revoke)
infof(data, "schannel: disabled server certificate revocation "
"checks\n");
else
@@ -189,15 +236,14 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
infof(data, "schannel: disabled server certificate revocation checks\n");
}
- if(!data->set.ssl.verifyhost) {
+ if(!conn->ssl_config.verifyhost) {
schannel_cred.dwFlags |= SCH_CRED_NO_SERVERNAME_CHECK;
infof(data, "schannel: verifyhost setting prevents Schannel from "
"comparing the supplied target name with the subject "
- "names in server certificates. Also disables SNI.\n");
+ "names in server certificates.\n");
}
- switch(data->set.ssl.version) {
- default:
+ switch(conn->ssl_config.version) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
schannel_cred.grbitEnabledProtocols = SP_PROT_TLS1_0_CLIENT |
@@ -205,20 +251,24 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
SP_PROT_TLS1_2_CLIENT;
break;
case CURL_SSLVERSION_TLSv1_0:
- schannel_cred.grbitEnabledProtocols = SP_PROT_TLS1_0_CLIENT;
- break;
case CURL_SSLVERSION_TLSv1_1:
- schannel_cred.grbitEnabledProtocols = SP_PROT_TLS1_1_CLIENT;
- break;
case CURL_SSLVERSION_TLSv1_2:
- schannel_cred.grbitEnabledProtocols = SP_PROT_TLS1_2_CLIENT;
- break;
+ case CURL_SSLVERSION_TLSv1_3:
+ {
+ result = set_ssl_version_min_max(&schannel_cred, conn);
+ if(result != CURLE_OK)
+ return result;
+ break;
+ }
case CURL_SSLVERSION_SSLv3:
schannel_cred.grbitEnabledProtocols = SP_PROT_SSL3_CLIENT;
break;
case CURL_SSLVERSION_SSLv2:
schannel_cred.grbitEnabledProtocols = SP_PROT_SSL2_CLIENT;
break;
+ default:
+ failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
+ return CURLE_SSL_CONNECT_ERROR;
}
/* allocate memory for the re-usable credential handle */
@@ -253,9 +303,9 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
}
/* Warn if SNI is disabled due to use of an IP address */
- if(Curl_inet_pton(AF_INET, conn->host.name, &addr)
+ if(Curl_inet_pton(AF_INET, hostname, &addr)
#ifdef ENABLE_IPV6
- || Curl_inet_pton(AF_INET6, conn->host.name, &addr6)
+ || Curl_inet_pton(AF_INET6, hostname, &addr6)
#endif
) {
infof(data, "schannel: using IP address, SNI is not supported by OS.\n");
@@ -265,17 +315,17 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
if(connssl->use_alpn) {
int cur = 0;
int list_start_index = 0;
- unsigned int* extension_len = NULL;
+ unsigned int *extension_len = NULL;
unsigned short* list_len = NULL;
/* The first four bytes will be an unsigned int indicating number
of bytes of data in the rest of the the buffer. */
- extension_len = (unsigned int*)(&alpn_buffer[cur]);
+ extension_len = (unsigned int *)(&alpn_buffer[cur]);
cur += sizeof(unsigned int);
/* The next four bytes are an indicator that this buffer will contain
ALPN data, as opposed to NPN, for example. */
- *(unsigned int*)&alpn_buffer[cur] =
+ *(unsigned int *)&alpn_buffer[cur] =
SecApplicationProtocolNegotiationExt_ALPN;
cur += sizeof(unsigned int);
@@ -333,7 +383,7 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
}
memset(connssl->ctxt, 0, sizeof(struct curl_schannel_ctxt));
- host_name = Curl_convert_UTF8_to_tchar(conn->host.name);
+ host_name = Curl_convert_UTF8_to_tchar(hostname);
if(!host_name)
return CURLE_OUT_OF_MEMORY;
@@ -382,6 +432,7 @@ schannel_connect_step1(struct connectdata *conn, int
sockindex)
connssl->recv_unrecoverable_err = CURLE_OK;
connssl->recv_sspi_close_notify = false;
connssl->recv_connection_closed = false;
+ connssl->encdata_is_incomplete = false;
/* continue to second handshake step */
connssl->connecting_state = ssl_connect_2;
@@ -406,11 +457,13 @@ schannel_connect_step2(struct connectdata *conn, int
sockindex)
TCHAR *host_name;
CURLcode result;
bool doread;
+ char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
doread = (connssl->connecting_state != ssl_connect_2_writing) ? TRUE : FALSE;
infof(data, "schannel: SSL/TLS connection with %s port %hu (step 2/3)\n",
- conn->host.name, conn->remote_port);
+ hostname, conn->remote_port);
if(!connssl->cred || !connssl->ctxt)
return CURLE_SSL_CONNECT_ERROR;
@@ -428,6 +481,7 @@ schannel_connect_step2(struct connectdata *conn, int
sockindex)
/* buffer to store previously received and encrypted data */
if(connssl->encdata_buffer == NULL) {
+ connssl->encdata_is_incomplete = false;
connssl->encdata_offset = 0;
connssl->encdata_length = CURL_SCHANNEL_BUFFER_INIT_SIZE;
connssl->encdata_buffer = malloc(connssl->encdata_length);
@@ -480,6 +534,8 @@ schannel_connect_step2(struct connectdata *conn, int
sockindex)
/* increase encrypted data buffer offset */
connssl->encdata_offset += nread;
+ connssl->encdata_is_incomplete = false;
+ infof(data, "schannel: encrypted data got %zd\n", nread);
}
infof(data, "schannel: encrypted data buffer: offset %zu length %zu\n",
@@ -506,7 +562,7 @@ schannel_connect_step2(struct connectdata *conn, int
sockindex)
memcpy(inbuf[0].pvBuffer, connssl->encdata_buffer,
connssl->encdata_offset);
- host_name = Curl_convert_UTF8_to_tchar(conn->host.name);
+ host_name = Curl_convert_UTF8_to_tchar(hostname);
if(!host_name)
return CURLE_OUT_OF_MEMORY;
@@ -524,6 +580,7 @@ schannel_connect_step2(struct connectdata *conn, int
sockindex)
/* check if the handshake was incomplete */
if(sspi_status == SEC_E_INCOMPLETE_MESSAGE) {
+ connssl->encdata_is_incomplete = true;
connssl->connecting_state = ssl_connect_2_reading;
infof(data, "schannel: received incomplete message, need more data\n");
return CURLE_OK;
@@ -573,7 +630,8 @@ schannel_connect_step2(struct connectdata *conn, int
sockindex)
else
failf(data, "schannel: next InitializeSecurityContext failed: %s",
Curl_sspi_strerror(conn, sspi_status));
- return CURLE_SSL_CONNECT_ERROR;
+ return sspi_status == SEC_E_UNTRUSTED_ROOT ?
+ CURLE_SSL_CACERT_BADFILE : CURLE_SSL_CONNECT_ERROR;
}
/* check if there was additional remaining encrypted data */
@@ -623,7 +681,7 @@ schannel_connect_step2(struct connectdata *conn, int
sockindex)
#ifdef _WIN32_WCE
/* Windows CE doesn't do any server certificate validation.
We have to do it manually. */
- if(data->set.ssl.verifypeer)
+ if(conn->ssl_config.verifypeer)
return verify_certificate(conn, sockindex);
#endif
@@ -638,6 +696,10 @@ schannel_connect_step3(struct connectdata *conn, int
sockindex)
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
SECURITY_STATUS sspi_status = SEC_E_OK;
CERT_CONTEXT *ccert_context = NULL;
+#ifndef CURL_DISABLE_VERBOSE_STRINGS
+ const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+#endif
#ifdef HAS_ALPN
SecPkgContext_ApplicationProtocol alpn_result;
#endif
@@ -645,7 +707,7 @@ schannel_connect_step3(struct connectdata *conn, int
sockindex)
DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
infof(data, "schannel: SSL/TLS connection with %s port %hu (step 3/3)\n",
- conn->host.name, conn->remote_port);
+ hostname, conn->remote_port);
if(!connssl->cred)
return CURLE_SSL_CONNECT_ERROR;
@@ -701,12 +763,13 @@ schannel_connect_step3(struct connectdata *conn, int
sockindex)
#endif
/* save the current session data for possible re-use */
- if(conn->ssl_config.sessionid) {
+ if(SSL_SET_OPTION(primary.sessionid)) {
bool incache;
struct curl_schannel_cred *old_cred = NULL;
Curl_ssl_sessionid_lock(conn);
- incache = !(Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL));
+ incache = !(Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL,
+ sockindex));
if(incache) {
if(old_cred != connssl->cred) {
infof(data, "schannel: old credential handle is stale, removing\n");
@@ -717,7 +780,8 @@ schannel_connect_step3(struct connectdata *conn, int
sockindex)
}
if(!incache) {
result = Curl_ssl_addsessionid(conn, (void *)connssl->cred,
- sizeof(struct curl_schannel_cred));
+ sizeof(struct curl_schannel_cred),
+ sockindex);
if(result) {
Curl_ssl_sessionid_unlock(conn);
failf(data, "schannel: failed to store credential handle");
@@ -769,7 +833,7 @@ schannel_connect_common(struct connectdata *conn, int
sockindex,
struct Curl_easy *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
curl_socket_t sockfd = conn->sock[sockindex];
- long timeout_ms;
+ time_t timeout_ms;
int what;
/* check if the connection has already been established */
@@ -815,7 +879,8 @@ schannel_connect_common(struct connectdata *conn, int
sockindex,
curl_socket_t readfd = ssl_connect_2_reading ==
connssl->connecting_state ? sockfd : CURL_SOCKET_BAD;
- what = Curl_socket_ready(readfd, writefd, nonblocking ? 0 : timeout_ms);
+ what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
+ nonblocking ? 0 : timeout_ms);
if(what < 0) {
/* fatal error */
failf(data, "select/poll on SSL/TLS socket, errno: %d", SOCKERRNO);
@@ -956,7 +1021,7 @@ schannel_send(struct connectdata *conn, int sockindex,
/* send entire message or fail */
while(len > (size_t)written) {
ssize_t this_write;
- long timeleft;
+ time_t timeleft;
int what;
this_write = 0;
@@ -971,8 +1036,7 @@ schannel_send(struct connectdata *conn, int sockindex,
break;
}
- what = Curl_socket_ready(CURL_SOCKET_BAD, conn->sock[sockindex],
- timeleft);
+ what = SOCKET_WRITABLE(conn->sock[sockindex], timeleft);
if(what < 0) {
/* fatal error */
failf(conn->data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
@@ -1119,6 +1183,7 @@ schannel_recv(struct connectdata *conn, int sockindex,
}
else if(nread > 0) {
connssl->encdata_offset += (size_t)nread;
+ connssl->encdata_is_incomplete = false;
infof(data, "schannel: encrypted data got %zd\n", nread);
}
}
@@ -1255,6 +1320,7 @@ schannel_recv(struct connectdata *conn, int sockindex,
}
}
else if(sspi_status == SEC_E_INCOMPLETE_MESSAGE) {
+ connssl->encdata_is_incomplete = true;
if(!*err)
*err = CURLE_AGAIN;
infof(data, "schannel: failed to decrypt data, need more data\n");
@@ -1356,8 +1422,8 @@ bool Curl_schannel_data_pending(const struct connectdata
*conn, int sockindex)
const struct ssl_connect_data *connssl = &conn->ssl[sockindex];
if(connssl->use) /* SSL/TLS is in use */
- return (connssl->encdata_offset > 0 ||
- connssl->decdata_offset > 0) ? TRUE : FALSE;
+ return (connssl->decdata_offset > 0 ||
+ (connssl->encdata_offset > 0 && !connssl->encdata_is_incomplete));
else
return FALSE;
}
@@ -1376,9 +1442,11 @@ int Curl_schannel_shutdown(struct connectdata *conn, int
sockindex)
*/
struct Curl_easy *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
infof(data, "schannel: shutting down SSL/TLS connection with %s port %hu\n",
- conn->host.name, conn->remote_port);
+ hostname, conn->remote_port);
if(connssl->cred && connssl->ctxt) {
SecBufferDesc BuffDesc;
@@ -1400,7 +1468,7 @@ int Curl_schannel_shutdown(struct connectdata *conn, int
sockindex)
failf(data, "schannel: ApplyControlToken failure: %s",
Curl_sspi_strerror(conn, sspi_status));
- host_name = Curl_convert_UTF8_to_tchar(conn->host.name);
+ host_name = Curl_convert_UTF8_to_tchar(hostname);
if(!host_name)
return CURLE_OUT_OF_MEMORY;
@@ -1458,6 +1526,7 @@ int Curl_schannel_shutdown(struct connectdata *conn, int
sockindex)
Curl_safefree(connssl->encdata_buffer);
connssl->encdata_length = 0;
connssl->encdata_offset = 0;
+ connssl->encdata_is_incomplete = false;
}
/* free internal buffer for received decrypted data */
@@ -1499,21 +1568,21 @@ size_t Curl_schannel_version(char *buffer, size_t size)
return size;
}
-int Curl_schannel_random(unsigned char *entropy, size_t length)
+CURLcode Curl_schannel_random(unsigned char *entropy, size_t length)
{
HCRYPTPROV hCryptProv = 0;
if(!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
- return 1;
+ return CURLE_FAILED_INIT;
if(!CryptGenRandom(hCryptProv, (DWORD)length, entropy)) {
CryptReleaseContext(hCryptProv, 0UL);
- return 1;
+ return CURLE_FAILED_INIT;
}
CryptReleaseContext(hCryptProv, 0UL);
- return 0;
+ return CURLE_OK;
}
#ifdef _WIN32_WCE
@@ -1525,6 +1594,9 @@ static CURLcode verify_certificate(struct connectdata
*conn, int sockindex)
CURLcode result = CURLE_OK;
CERT_CONTEXT *pCertContextServer = NULL;
const CERT_CHAIN_CONTEXT *pChainContext = NULL;
+ const char * const conn_hostname = SSL_IS_PROXY() ?
+ conn->http_proxy.host.name :
+ conn->host.name;
status = s_pSecFn->QueryContextAttributes(&connssl->ctxt->ctxt_handle,
SECPKG_ATTR_REMOTE_CERT_CONTEXT,
@@ -1546,7 +1618,7 @@ static CURLcode verify_certificate(struct connectdata
*conn, int sockindex)
NULL,
pCertContextServer->hCertStore,
&ChainPara,
- (data->set.ssl_no_revoke ? 0 :
+ (data->set.ssl.no_revoke ? 0 :
CERT_CHAIN_REVOCATION_CHECK_CHAIN),
NULL,
&pChainContext)) {
@@ -1582,15 +1654,10 @@ static CURLcode verify_certificate(struct connectdata
*conn, int sockindex)
}
if(result == CURLE_OK) {
- if(data->set.ssl.verifyhost) {
- TCHAR cert_hostname_buff[128];
- xcharp_u hostname;
- xcharp_u cert_hostname;
+ if(conn->ssl_config.verifyhost) {
+ TCHAR cert_hostname_buff[256];
DWORD len;
- cert_hostname.const_tchar_ptr = cert_hostname_buff;
- hostname.tchar_ptr = Curl_convert_UTF8_to_tchar(conn->host.name);
-
/* TODO: Fix this for certificates with multiple alternative names.
Right now we're only asking for the first preferred alternative name.
Instead we'd need to do all via CERT_NAME_SEARCH_ALL_NAMES_FLAG
@@ -1601,31 +1668,50 @@ static CURLcode verify_certificate(struct connectdata
*conn, int sockindex)
*/
len = CertGetNameString(pCertContextServer,
CERT_NAME_DNS_TYPE,
- 0,
+ CERT_NAME_DISABLE_IE4_UTF8_FLAG,
NULL,
- cert_hostname.tchar_ptr,
- 128);
- if(len > 0 && *cert_hostname.tchar_ptr == '*') {
- /* this is a wildcard cert. try matching the last len - 1 chars */
- int hostname_len = strlen(conn->host.name);
- cert_hostname.tchar_ptr++;
- if(_tcsicmp(cert_hostname.const_tchar_ptr,
- hostname.const_tchar_ptr + hostname_len - len + 2) != 0)
- result = CURLE_PEER_FAILED_VERIFICATION;
+ cert_hostname_buff,
+ 256);
+ if(len > 0) {
+ const char *cert_hostname;
+
+ /* Comparing the cert name and the connection hostname encoded as UTF-8
+ * is acceptable since both values are assumed to use ASCII
+ * (or some equivalent) encoding
+ */
+ cert_hostname = Curl_convert_tchar_to_UTF8(cert_hostname_buff);
+ if(!cert_hostname) {
+ result = CURLE_OUT_OF_MEMORY;
+ }
+ else{
+ int match_result;
+
+ match_result = Curl_cert_hostcheck(cert_hostname, conn->host.name);
+ if(match_result == CURL_HOST_MATCH) {
+ infof(data,
+ "schannel: connection hostname (%s) validated "
+ "against certificate name (%s)\n",
+ conn->host.name,
+ cert_hostname);
+ result = CURLE_OK;
+ }
+ else{
+ failf(data,
+ "schannel: connection hostname (%s) "
+ "does not match certificate name (%s)",
+ conn->host.name,
+ cert_hostname);
+ result = CURLE_PEER_FAILED_VERIFICATION;
+ }
+ Curl_unicodefree(cert_hostname);
+ }
}
- else if(len == 0 || _tcsicmp(hostname.const_tchar_ptr,
- cert_hostname.const_tchar_ptr) != 0) {
+ else {
+ failf(data,
+ "schannel: CertGetNameString did not provide any "
+ "certificate name information");
result = CURLE_PEER_FAILED_VERIFICATION;
}
- if(result == CURLE_PEER_FAILED_VERIFICATION) {
- char *_cert_hostname;
- _cert_hostname = Curl_convert_tchar_to_UTF8(cert_hostname.tchar_ptr);
- failf(data, "schannel: CertGetNameString() certificate hostname "
- "(%s) did not match connection (%s)",
- _cert_hostname, conn->host.name);
- Curl_unicodefree(_cert_hostname);
- }
- Curl_unicodefree(hostname.tchar_ptr);
}
}
diff --git a/lib/vtls/schannel.h b/lib/vtls/schannel.h
index 8a4991ec8..8627c63c9 100644
--- a/lib/vtls/schannel.h
+++ b/lib/vtls/schannel.h
@@ -8,7 +8,7 @@
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2012, Marc Hoersken, <address@hidden>, et al.
- * Copyright (C) 2012 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -92,7 +92,7 @@ int Curl_schannel_init(void);
void Curl_schannel_cleanup(void);
size_t Curl_schannel_version(char *buffer, size_t size);
-int Curl_schannel_random(unsigned char *entropy, size_t length);
+CURLcode Curl_schannel_random(unsigned char *entropy, size_t length);
/* Set the API backend definition to Schannel */
#define CURL_SSL_BACKEND CURLSSLBACKEND_SCHANNEL
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index fe69306de..d5d0971c4 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -61,10 +61,11 @@
#include "vtls.h" /* generic SSL protos etc */
#include "slist.h"
#include "sendf.h"
-#include "rawstr.h"
+#include "strcase.h"
#include "url.h"
#include "progress.h"
#include "share.h"
+#include "multiif.h"
#include "timeval.h"
#include "curl_md5.h"
#include "warnless.h"
@@ -80,94 +81,54 @@
(data->share->specifier & \
(1<<CURL_LOCK_DATA_SSL_SESSION)))
-static bool safe_strequal(char* str1, char* str2)
-{
- if(str1 && str2)
- /* both pointers point to something then compare them */
- return (0 != Curl_raw_equal(str1, str2)) ? TRUE : FALSE;
- else
- /* if both pointers are NULL then treat them as equal */
- return (!str1 && !str2) ? TRUE : FALSE;
-}
+#define CLONE_STRING(var) \
+ if(source->var) { \
+ dest->var = strdup(source->var); \
+ if(!dest->var) \
+ return FALSE; \
+ } \
+ else \
+ dest->var = NULL;
bool
-Curl_ssl_config_matches(struct ssl_config_data* data,
- struct ssl_config_data* needle)
+Curl_ssl_config_matches(struct ssl_primary_config* data,
+ struct ssl_primary_config* needle)
{
if((data->version == needle->version) &&
+ (data->version_max == needle->version_max) &&
(data->verifypeer == needle->verifypeer) &&
(data->verifyhost == needle->verifyhost) &&
- safe_strequal(data->CApath, needle->CApath) &&
- safe_strequal(data->CAfile, needle->CAfile) &&
- safe_strequal(data->clientcert, needle->clientcert) &&
- safe_strequal(data->cipher_list, needle->cipher_list))
+ Curl_safe_strcasecompare(data->CApath, needle->CApath) &&
+ Curl_safe_strcasecompare(data->CAfile, needle->CAfile) &&
+ Curl_safe_strcasecompare(data->clientcert, needle->clientcert) &&
+ Curl_safe_strcasecompare(data->cipher_list, needle->cipher_list))
return TRUE;
return FALSE;
}
bool
-Curl_clone_ssl_config(struct ssl_config_data *source,
- struct ssl_config_data *dest)
+Curl_clone_primary_ssl_config(struct ssl_primary_config *source,
+ struct ssl_primary_config *dest)
{
- dest->sessionid = source->sessionid;
dest->verifyhost = source->verifyhost;
dest->verifypeer = source->verifypeer;
dest->version = source->version;
+ dest->version_max = source->version_max;
- if(source->CAfile) {
- dest->CAfile = strdup(source->CAfile);
- if(!dest->CAfile)
- return FALSE;
- }
- else
- dest->CAfile = NULL;
-
- if(source->CApath) {
- dest->CApath = strdup(source->CApath);
- if(!dest->CApath)
- return FALSE;
- }
- else
- dest->CApath = NULL;
-
- if(source->cipher_list) {
- dest->cipher_list = strdup(source->cipher_list);
- if(!dest->cipher_list)
- return FALSE;
- }
- else
- dest->cipher_list = NULL;
-
- if(source->egdsocket) {
- dest->egdsocket = strdup(source->egdsocket);
- if(!dest->egdsocket)
- return FALSE;
- }
- else
- dest->egdsocket = NULL;
-
- if(source->random_file) {
- dest->random_file = strdup(source->random_file);
- if(!dest->random_file)
- return FALSE;
- }
- else
- dest->random_file = NULL;
-
- if(source->clientcert) {
- dest->clientcert = strdup(source->clientcert);
- if(!dest->clientcert)
- return FALSE;
- dest->sessionid = FALSE;
- }
- else
- dest->clientcert = NULL;
+ CLONE_STRING(CAfile);
+ CLONE_STRING(CApath);
+ CLONE_STRING(cipher_list);
+ CLONE_STRING(egdsocket);
+ CLONE_STRING(random_file);
+ CLONE_STRING(clientcert);
+ /* Disable dest sessionid cache if a client cert is used, CVE-2016-5419. */
+ dest->sessionid = (dest->clientcert ? false : source->sessionid);
return TRUE;
}
-void Curl_free_ssl_config(struct ssl_config_data* sslc)
+void Curl_free_primary_ssl_config(struct ssl_primary_config* sslc)
{
Curl_safefree(sslc->CAfile);
Curl_safefree(sslc->CApath);
@@ -177,77 +138,6 @@ void Curl_free_ssl_config(struct ssl_config_data* sslc)
Curl_safefree(sslc->clientcert);
}
-
-/*
- * Curl_rand() returns a random unsigned integer, 32bit.
- *
- * This non-SSL function is put here only because this file is the only one
- * with knowledge of what the underlying SSL libraries provide in terms of
- * randomizers.
- *
- * NOTE: 'data' may be passed in as NULL when coming from external API without
- * easy handle!
- *
- */
-
-unsigned int Curl_rand(struct Curl_easy *data)
-{
- unsigned int r = 0;
- static unsigned int randseed;
- static bool seeded = FALSE;
-
-#ifdef CURLDEBUG
- char *force_entropy = getenv("CURL_ENTROPY");
- if(force_entropy) {
- if(!seeded) {
- size_t elen = strlen(force_entropy);
- size_t clen = sizeof(randseed);
- size_t min = elen < clen ? elen : clen;
- memcpy((char *)&randseed, force_entropy, min);
- seeded = TRUE;
- }
- else
- randseed++;
- return randseed;
- }
-#endif
-
- /* data may be NULL! */
- if(!Curl_ssl_random(data, (unsigned char *)&r, sizeof(r)))
- return r;
-
- /* If Curl_ssl_random() returns non-zero it couldn't offer randomness and we
- instead perform a "best effort" */
-
-#ifdef RANDOM_FILE
- if(!seeded) {
- /* if there's a random file to read a seed from, use it */
- int fd = open(RANDOM_FILE, O_RDONLY);
- if(fd > -1) {
- /* read random data into the randseed variable */
- ssize_t nread = read(fd, &randseed, sizeof(randseed));
- if(nread == sizeof(randseed))
- seeded = TRUE;
- close(fd);
- }
- }
-#endif
-
- if(!seeded) {
- struct timeval now = curlx_tvnow();
- infof(data, "WARNING: Using weak random seed\n");
- randseed += (unsigned int)now.tv_usec + (unsigned int)now.tv_sec;
- randseed = randseed * 1103515245 + 12345;
- randseed = randseed * 1103515245 + 12345;
- randseed = randseed * 1103515245 + 12345;
- seeded = TRUE;
- }
-
- /* Return an unsigned 32-bit pseudo-random number. */
- r = randseed = randseed * 1103515245 + 12345;
- return (r << 16) | ((r >> 16) & 0xFFFF);
-}
-
int Curl_ssl_backend(void)
{
return (int)CURL_SSL_BACKEND;
@@ -288,19 +178,54 @@ void Curl_ssl_cleanup(void)
static bool ssl_prefs_check(struct Curl_easy *data)
{
/* check for CURLOPT_SSLVERSION invalid parameter value */
- if((data->set.ssl.version < 0)
- || (data->set.ssl.version >= CURL_SSLVERSION_LAST)) {
+ const long sslver = data->set.ssl.primary.version;
+ if((sslver < 0) || (sslver >= CURL_SSLVERSION_LAST)) {
failf(data, "Unrecognized parameter value passed via CURLOPT_SSLVERSION");
return FALSE;
}
+
+ switch(data->set.ssl.primary.version_max) {
+ case CURL_SSLVERSION_MAX_NONE:
+ case CURL_SSLVERSION_MAX_DEFAULT:
+ break;
+
+ default:
+ if((data->set.ssl.primary.version_max >> 16) < sslver) {
+ failf(data, "CURL_SSLVERSION_MAX incompatible with CURL_SSLVERSION");
+ return FALSE;
+ }
+ }
+
return TRUE;
}
+static CURLcode
+ssl_connect_init_proxy(struct connectdata *conn, int sockindex)
+{
+ DEBUGASSERT(conn->bits.proxy_ssl_connected[sockindex]);
+ if(ssl_connection_complete == conn->ssl[sockindex].state &&
+ !conn->proxy_ssl[sockindex].use) {
+#if defined(HTTPS_PROXY_SUPPORT)
+ conn->proxy_ssl[sockindex] = conn->ssl[sockindex];
+ memset(&conn->ssl[sockindex], 0, sizeof(conn->ssl[sockindex]));
+#else
+ return CURLE_NOT_BUILT_IN;
+#endif
+ }
+ return CURLE_OK;
+}
+
CURLcode
Curl_ssl_connect(struct connectdata *conn, int sockindex)
{
CURLcode result;
+ if(conn->bits.proxy_ssl_connected[sockindex]) {
+ result = ssl_connect_init_proxy(conn, sockindex);
+ if(result)
+ return result;
+ }
+
if(!ssl_prefs_check(conn->data))
return CURLE_SSL_CONNECT_ERROR;
@@ -321,6 +246,11 @@ Curl_ssl_connect_nonblocking(struct connectdata *conn, int
sockindex,
bool *done)
{
CURLcode result;
+ if(conn->bits.proxy_ssl_connected[sockindex]) {
+ result = ssl_connect_init_proxy(conn, sockindex);
+ if(result)
+ return result;
+ }
if(!ssl_prefs_check(conn->data))
return CURLE_SSL_CONNECT_ERROR;
@@ -363,7 +293,8 @@ void Curl_ssl_sessionid_unlock(struct connectdata *conn)
*/
bool Curl_ssl_getsessionid(struct connectdata *conn,
void **ssl_sessionid,
- size_t *idsize) /* set 0 if unknown */
+ size_t *idsize, /* set 0 if unknown */
+ int sockindex)
{
struct curl_ssl_session *check;
struct Curl_easy *data = conn->data;
@@ -371,11 +302,18 @@ bool Curl_ssl_getsessionid(struct connectdata *conn,
long *general_age;
bool no_match = TRUE;
+ const bool isProxy = CONNECT_PROXY_SSL();
+ struct ssl_primary_config * const ssl_config = isProxy ?
+ &conn->proxy_ssl_config :
+ &conn->ssl_config;
+ const char * const name = isProxy ? conn->http_proxy.host.name :
+ conn->host.name;
+ int port = isProxy ? (int)conn->port : conn->remote_port;
*ssl_sessionid = NULL;
- DEBUGASSERT(conn->ssl_config.sessionid);
+ DEBUGASSERT(SSL_SET_OPTION(primary.sessionid));
- if(!conn->ssl_config.sessionid)
+ if(!SSL_SET_OPTION(primary.sessionid))
/* session ID re-use is disabled */
return TRUE;
@@ -385,20 +323,21 @@ bool Curl_ssl_getsessionid(struct connectdata *conn,
else
general_age = &data->state.sessionage;
- for(i = 0; i < data->set.ssl.max_ssl_sessions; i++) {
+ for(i = 0; i < data->set.general_ssl.max_ssl_sessions; i++) {
check = &data->state.session[i];
if(!check->sessionid)
/* not session ID means blank entry */
continue;
- if(Curl_raw_equal(conn->host.name, check->name) &&
+ if(strcasecompare(name, check->name) &&
((!conn->bits.conn_to_host && !check->conn_to_host) ||
- (conn->bits.conn_to_host && check->conn_to_host &&
- Curl_raw_equal(conn->conn_to_host.name, check->conn_to_host))) &&
+ (conn->bits.conn_to_host && check->conn_to_host &&
+ strcasecompare(conn->conn_to_host.name, check->conn_to_host))) &&
((!conn->bits.conn_to_port && check->conn_to_port == -1) ||
- (conn->bits.conn_to_port && check->conn_to_port != -1 &&
- conn->conn_to_port == check->conn_to_port)) &&
- (conn->remote_port == check->remote_port) &&
- Curl_ssl_config_matches(&conn->ssl_config, &check->ssl_config)) {
+ (conn->bits.conn_to_port && check->conn_to_port != -1 &&
+ conn->conn_to_port == check->conn_to_port)) &&
+ (port == check->remote_port) &&
+ strcasecompare(conn->handler->scheme, check->scheme) &&
+ Curl_ssl_config_matches(ssl_config, &check->ssl_config)) {
/* yes, we have a session ID! */
(*general_age)++; /* increase general age */
check->age = *general_age; /* set this as used in this age */
@@ -427,7 +366,7 @@ void Curl_ssl_kill_session(struct curl_ssl_session *session)
session->sessionid = NULL;
session->age = 0; /* fresh */
- Curl_free_ssl_config(&session->ssl_config);
+ Curl_free_primary_ssl_config(&session->ssl_config);
Curl_safefree(session->name);
Curl_safefree(session->conn_to_host);
@@ -442,7 +381,7 @@ void Curl_ssl_delsessionid(struct connectdata *conn, void
*ssl_sessionid)
size_t i;
struct Curl_easy *data=conn->data;
- for(i = 0; i < data->set.ssl.max_ssl_sessions; i++) {
+ for(i = 0; i < data->set.general_ssl.max_ssl_sessions; i++) {
struct curl_ssl_session *check = &data->state.session[i];
if(check->sessionid == ssl_sessionid) {
@@ -460,7 +399,8 @@ void Curl_ssl_delsessionid(struct connectdata *conn, void
*ssl_sessionid)
*/
CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
void *ssl_sessionid,
- size_t idsize)
+ size_t idsize,
+ int sockindex)
{
size_t i;
struct Curl_easy *data=conn->data; /* the mother of all structs */
@@ -470,10 +410,14 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
char *clone_conn_to_host;
int conn_to_port;
long *general_age;
+ const bool isProxy = CONNECT_PROXY_SSL();
+ struct ssl_primary_config * const ssl_config = isProxy ?
+ &conn->proxy_ssl_config :
+ &conn->ssl_config;
- DEBUGASSERT(conn->ssl_config.sessionid);
+ DEBUGASSERT(SSL_SET_OPTION(primary.sessionid));
- clone_host = strdup(conn->host.name);
+ clone_host = strdup(isProxy ? conn->http_proxy.host.name : conn->host.name);
if(!clone_host)
return CURLE_OUT_OF_MEMORY; /* bail out */
@@ -504,14 +448,14 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
}
/* find an empty slot for us, or find the oldest */
- for(i = 1; (i < data->set.ssl.max_ssl_sessions) &&
+ for(i = 1; (i < data->set.general_ssl.max_ssl_sessions) &&
data->state.session[i].sessionid; i++) {
if(data->state.session[i].age < oldest_age) {
oldest_age = data->state.session[i].age;
store = &data->state.session[i];
}
}
- if(i == data->set.ssl.max_ssl_sessions)
+ if(i == data->set.general_ssl.max_ssl_sessions)
/* cache is full, we must "kill" the oldest entry! */
Curl_ssl_kill_session(store);
else
@@ -521,15 +465,17 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
store->sessionid = ssl_sessionid;
store->idsize = idsize;
store->age = *general_age; /* set current age */
- /* free it if there's one already present */
+ /* free it if there's one already present */
free(store->name);
free(store->conn_to_host);
store->name = clone_host; /* clone host name */
store->conn_to_host = clone_conn_to_host; /* clone connect to host name */
store->conn_to_port = conn_to_port; /* connect to port number */
- store->remote_port = conn->remote_port; /* port number */
+ /* port number */
+ store->remote_port = isProxy ? (int)conn->port : conn->remote_port;
+ store->scheme = conn->handler->scheme;
- if(!Curl_clone_ssl_config(&conn->ssl_config, &store->ssl_config)) {
+ if(!Curl_clone_primary_ssl_config(ssl_config, &store->ssl_config)) {
store->sessionid = NULL; /* let caller free sessionid */
free(clone_host);
free(clone_conn_to_host);
@@ -545,7 +491,7 @@ void Curl_ssl_close_all(struct Curl_easy *data)
size_t i;
/* kill the session ID cache if not shared */
if(data->state.session && !SSLSESSION_SHARED(data)) {
- for(i = 0; i < data->set.ssl.max_ssl_sessions; i++)
+ for(i = 0; i < data->set.general_ssl.max_ssl_sessions; i++)
/* the single-killer function handles empty table slots */
Curl_ssl_kill_session(&data->state.session[i]);
@@ -556,6 +502,43 @@ void Curl_ssl_close_all(struct Curl_easy *data)
curlssl_close_all(data);
}
+#if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
+ defined(USE_DARWINSSL) || defined(USE_POLARSSL) || defined(USE_NSS) || \
+ defined(USE_MBEDTLS)
+int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks,
+ int numsocks)
+{
+ struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET];
+
+ if(!numsocks)
+ return GETSOCK_BLANK;
+
+ if(connssl->connecting_state == ssl_connect_2_writing) {
+ /* write mode */
+ socks[0] = conn->sock[FIRSTSOCKET];
+ return GETSOCK_WRITESOCK(0);
+ }
+ if(connssl->connecting_state == ssl_connect_2_reading) {
+ /* read mode */
+ socks[0] = conn->sock[FIRSTSOCKET];
+ return GETSOCK_READSOCK(0);
+ }
+
+ return GETSOCK_BLANK;
+}
+#else
+int Curl_ssl_getsock(struct connectdata *conn,
+ curl_socket_t *socks,
+ int numsocks)
+{
+ (void)conn;
+ (void)socks;
+ (void)numsocks;
+ return GETSOCK_BLANK;
+}
+/* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */
+#endif
+
void Curl_ssl_close(struct connectdata *conn, int sockindex)
{
DEBUGASSERT((sockindex <= 1) && (sockindex >= -1));
@@ -613,7 +596,7 @@ CURLcode Curl_ssl_initsessions(struct Curl_easy *data,
size_t amount)
return CURLE_OUT_OF_MEMORY;
/* store the info in the SSL section */
- data->set.ssl.max_ssl_sessions = amount;
+ data->set.general_ssl.max_ssl_sessions = amount;
data->state.session = session;
data->state.sessionage = 1; /* this is brand new */
return CURLE_OK;
@@ -689,9 +672,9 @@ CURLcode Curl_ssl_push_certinfo_len(struct Curl_easy *data,
const char *value,
size_t valuelen)
{
- struct curl_certinfo * ci = &data->info.certs;
- char * output;
- struct curl_slist * nl;
+ struct curl_certinfo *ci = &data->info.certs;
+ char *output;
+ struct curl_slist *nl;
CURLcode result = CURLE_OK;
size_t labellen = strlen(label);
size_t outlen = labellen + 1 + valuelen + 1; /* label:value\0 */
@@ -734,9 +717,9 @@ CURLcode Curl_ssl_push_certinfo(struct Curl_easy *data,
return Curl_ssl_push_certinfo_len(data, certnum, label, value, valuelen);
}
-int Curl_ssl_random(struct Curl_easy *data,
- unsigned char *entropy,
- size_t length)
+CURLcode Curl_ssl_random(struct Curl_easy *data,
+ unsigned char *entropy,
+ size_t length)
{
return curlssl_random(data, entropy, length);
}
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index a41ecc325..2aabeda20 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -50,13 +50,24 @@
#define ALPN_HTTP_1_1_LENGTH 8
#define ALPN_HTTP_1_1 "http/1.1"
-bool Curl_ssl_config_matches(struct ssl_config_data* data,
- struct ssl_config_data* needle);
-bool Curl_clone_ssl_config(struct ssl_config_data* source,
- struct ssl_config_data* dest);
-void Curl_free_ssl_config(struct ssl_config_data* sslc);
-
-unsigned int Curl_rand(struct Curl_easy *);
+/* set of helper macros for the backends to access the correct fields. For the
+ proxy or for the remote host - to properly support HTTPS proxy */
+
+#define SSL_IS_PROXY() (CURLPROXY_HTTPS == conn->http_proxy.proxytype && \
+ ssl_connection_complete != conn->proxy_ssl[conn->sock[SECONDARYSOCKET] == \
+ CURL_SOCKET_BAD ? FIRSTSOCKET : SECONDARYSOCKET].state)
+#define SSL_SET_OPTION(var) (SSL_IS_PROXY() ? data->set.proxy_ssl.var : \
+ data->set.ssl.var)
+#define SSL_CONN_CONFIG(var) (SSL_IS_PROXY() ? \
+ conn->proxy_ssl_config.var : conn->ssl_config.var)
+
+bool Curl_ssl_config_matches(struct ssl_primary_config* data,
+ struct ssl_primary_config* needle);
+bool Curl_clone_primary_ssl_config(struct ssl_primary_config *source,
+ struct ssl_primary_config *dest);
+void Curl_free_primary_ssl_config(struct ssl_primary_config* sslc);
+int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks,
+ int numsocks);
int Curl_ssl_backend(void);
@@ -87,12 +98,12 @@ int Curl_ssl_check_cxn(struct connectdata *conn);
/* Certificate information list handling. */
void Curl_ssl_free_certinfo(struct Curl_easy *data);
-CURLcode Curl_ssl_init_certinfo(struct Curl_easy * data, int num);
-CURLcode Curl_ssl_push_certinfo_len(struct Curl_easy * data, int certnum,
- const char * label, const char * value,
+CURLcode Curl_ssl_init_certinfo(struct Curl_easy *data, int num);
+CURLcode Curl_ssl_push_certinfo_len(struct Curl_easy *data, int certnum,
+ const char *label, const char *value,
size_t valuelen);
-CURLcode Curl_ssl_push_certinfo(struct Curl_easy * data, int certnum,
- const char * label, const char * value);
+CURLcode Curl_ssl_push_certinfo(struct Curl_easy *data, int certnum,
+ const char *label, const char *value);
/* Functions to be used by SSL library adaptation functions */
@@ -116,7 +127,8 @@ void Curl_ssl_sessionid_unlock(struct connectdata *conn);
*/
bool Curl_ssl_getsessionid(struct connectdata *conn,
void **ssl_sessionid,
- size_t *idsize); /* set 0 if unknown */
+ size_t *idsize, /* set 0 if unknown */
+ int sockindex);
/* add a new session ID
* Sessionid mutex must be locked (see Curl_ssl_sessionid_lock).
* Caller must ensure that it has properly shared ownership of this sessionid
@@ -124,7 +136,8 @@ bool Curl_ssl_getsessionid(struct connectdata *conn,
*/
CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
void *ssl_sessionid,
- size_t idsize);
+ size_t idsize,
+ int sockindex);
/* Kill a single session ID entry in the cache
* Sessionid mutex must be locked (see Curl_ssl_sessionid_lock).
* This will call engine-specific curlssl_session_free function, which must
@@ -140,10 +153,9 @@ void Curl_ssl_kill_session(struct curl_ssl_session
*session);
*/
void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid);
-/* get N random bytes into the buffer, return 0 if a find random is filled
- in */
-int Curl_ssl_random(struct Curl_easy *data, unsigned char *buffer,
- size_t length);
+/* get N random bytes into the buffer */
+CURLcode Curl_ssl_random(struct Curl_easy *data, unsigned char *buffer,
+ size_t length);
CURLcode Curl_ssl_md5sum(unsigned char *tmp, /* input */
size_t tmplen,
unsigned char *md5sum, /* output */
diff --git a/lib/warnless.c b/lib/warnless.c
index 0c4472e4a..fb085c86d 100644
--- a/lib/warnless.c
+++ b/lib/warnless.c
@@ -183,12 +183,15 @@ curl_off_t curlx_uztoso(size_t uznum)
#ifdef __INTEL_COMPILER
# pragma warning(push)
# pragma warning(disable:810) /* conversion may lose significant bits */
+#elif defined(_MSC_VER)
+# pragma warning(push)
+# pragma warning(disable:4310) /* cast truncates constant value */
#endif
DEBUGASSERT(uznum <= (size_t) CURL_MASK_SCOFFT);
return (curl_off_t)(uznum & (size_t) CURL_MASK_SCOFFT);
-#ifdef __INTEL_COMPILER
+#if defined(__INTEL_COMPILER) || defined(_MSC_VER)
# pragma warning(pop)
#endif
}
diff --git a/lib/warnless.h b/lib/warnless.h
index ab6d29998..5905cb7e3 100644
--- a/lib/warnless.h
+++ b/lib/warnless.h
@@ -23,7 +23,7 @@
***************************************************************************/
#ifdef USE_WINSOCK
-#include <curl/curl.h> /* for curl_socket_t */
+#include <gnurl/curl.h> /* for curl_socket_t */
#endif
unsigned short curlx_ultous(unsigned long ulnum);
diff --git a/lib/wildcard.c b/lib/wildcard.c
index dbbe45f6f..af45c79bd 100644
--- a/lib/wildcard.c
+++ b/lib/wildcard.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -32,13 +32,9 @@
CURLcode Curl_wildcard_init(struct WildcardData *wc)
{
- DEBUGASSERT(wc->filelist == NULL);
- /* now allocate only wc->filelist, everything else
- will be allocated if it is needed. */
- wc->filelist = Curl_llist_alloc(Curl_fileinfo_dtor);
- if(!wc->filelist) {;
- return CURLE_OUT_OF_MEMORY;
- }
+ Curl_llist_init(&wc->filelist, Curl_fileinfo_dtor);
+ wc->state = CURLWC_INIT;
+
return CURLE_OK;
}
@@ -54,10 +50,8 @@ void Curl_wildcard_dtor(struct WildcardData *wc)
}
DEBUGASSERT(wc->tmp == NULL);
- if(wc->filelist) {
- Curl_llist_destroy(wc->filelist, NULL);
- wc->filelist = NULL;
- }
+ Curl_llist_destroy(&wc->filelist, NULL);
+
free(wc->path);
wc->path = NULL;
diff --git a/lib/wildcard.h b/lib/wildcard.h
index 7f61cd173..89d965ccf 100644
--- a/lib/wildcard.h
+++ b/lib/wildcard.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2010 - 2013, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2010 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,11 +22,14 @@
*
***************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
+
+#include "llist.h"
/* list of wildcard process states */
typedef enum {
- CURLWC_INIT = 0,
+ CURLWC_CLEAR = 0,
+ CURLWC_INIT = 1,
CURLWC_MATCHING, /* library is trying to get list of addresses for
downloading */
CURLWC_DOWNLOADING,
@@ -44,7 +47,7 @@ struct WildcardData {
curl_wildcard_states state;
char *path; /* path to the directory, where we trying wildcard-match */
char *pattern; /* wildcard pattern */
- struct curl_llist *filelist; /* llist with struct Curl_fileinfo */
+ struct curl_llist filelist; /* llist with struct Curl_fileinfo */
void *tmp; /* pointer to protocol specific temporary data */
curl_wildcard_tmp_dtor tmp_dtor;
void *customptr; /* for CURLOPT_CHUNK_DATA pointer */
diff --git a/lib/x509asn1.c b/lib/x509asn1.c
index e17bcd92d..aabf6e8c7 100644
--- a/lib/x509asn1.c
+++ b/lib/x509asn1.c
@@ -25,9 +25,9 @@
#if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) || \
defined(USE_CYASSL) || defined(USE_SCHANNEL)
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "urldata.h"
-#include "strequal.h"
+#include "strcase.h"
#include "hostcheck.h"
#include "vtls/vtls.h"
#include "sendf.h"
@@ -40,6 +40,9 @@
#include "curl_memory.h"
#include "memdebug.h"
+/* For overflow checks. */
+#define CURL_SIZE_T_MAX ((size_t)-1)
+
/* ASN.1 OIDs. */
static const char cnOID[] = "2.5.4.3"; /* Common name. */
@@ -105,8 +108,8 @@ static const curl_OID OIDtable[] = {
*/
-const char * Curl_getASN1Element(curl_asn1Element * elem,
- const char * beg, const char * end)
+const char *Curl_getASN1Element(curl_asn1Element *elem,
+ const char *beg, const char *end)
{
unsigned char b;
unsigned long len;
@@ -116,8 +119,8 @@ const char * Curl_getASN1Element(curl_asn1Element * elem,
ending at `end'.
Returns a pointer in source string after the parsed element, or NULL
if an error occurs. */
-
- if(beg >= end || !*beg)
+ if(!beg || !end || beg >= end || !*beg ||
+ (size_t)(end - beg) > CURL_ASN1_MAX)
return (const char *) NULL;
/* Process header byte. */
@@ -152,7 +155,7 @@ const char * Curl_getASN1Element(curl_asn1Element * elem,
elem->end = beg;
return beg + 1;
}
- else if(beg + b > end)
+ else if((unsigned)b > (size_t)(end - beg))
return (const char *) NULL; /* Does not fit in source. */
else {
/* Get long length. */
@@ -163,28 +166,28 @@ const char * Curl_getASN1Element(curl_asn1Element * elem,
len = (len << 8) | (unsigned char) *beg++;
} while(--b);
}
- if((unsigned long) (end - beg) < len)
+ if(len > (size_t)(end - beg))
return (const char *) NULL; /* Element data does not fit in source. */
elem->beg = beg;
elem->end = beg + len;
return elem->end;
}
-static const curl_OID * searchOID(const char * oid)
+static const curl_OID * searchOID(const char *oid)
{
- const curl_OID * op;
+ const curl_OID *op;
/* Search the null terminated OID or OID identifier in local table.
Return the table entry pointer or NULL if not found. */
for(op = OIDtable; op->numoid; op++)
- if(!strcmp(op->numoid, oid) || curl_strequal(op->textoid, oid))
+ if(!strcmp(op->numoid, oid) || strcasecompare(op->textoid, oid))
return op;
return (const curl_OID *) NULL;
}
-static const char * bool2str(const char * beg, const char * end)
+static const char *bool2str(const char *beg, const char *end)
{
/* Convert an ASN.1 Boolean value into its string representation.
Return the dynamically allocated string, or NULL if source is not an
@@ -195,22 +198,24 @@ static const char * bool2str(const char * beg, const char
* end)
return strdup(*beg? "TRUE": "FALSE");
}
-static const char * octet2str(const char * beg, const char * end)
+static const char *octet2str(const char *beg, const char *end)
{
size_t n = end - beg;
- char * buf;
+ char *buf = NULL;
/* Convert an ASN.1 octet string to a printable string.
Return the dynamically allocated string, or NULL if an error occurs. */
- buf = malloc(3 * n + 1);
- if(buf)
- for(n = 0; beg < end; n += 3)
- snprintf(buf + n, 4, "%02x:", *(const unsigned char *) beg++);
+ if(n <= (CURL_SIZE_T_MAX - 1) / 3) {
+ buf = malloc(3 * n + 1);
+ if(buf)
+ for(n = 0; beg < end; n += 3)
+ snprintf(buf + n, 4, "%02x:", *(const unsigned char *) beg++);
+ }
return buf;
}
-static const char * bit2str(const char * beg, const char * end)
+static const char *bit2str(const char *beg, const char *end)
{
/* Convert an ASN.1 bit string to a printable string.
Return the dynamically allocated string, or NULL if an error occurs. */
@@ -220,7 +225,7 @@ static const char * bit2str(const char * beg, const char *
end)
return octet2str(beg, end);
}
-static const char * int2str(const char * beg, const char * end)
+static const char *int2str(const char *beg, const char *end)
{
long val = 0;
size_t n = end - beg;
@@ -246,14 +251,14 @@ static const char * int2str(const char * beg, const char
* end)
}
static ssize_t
-utf8asn1str(char * * to, int type, const char * from, const char * end)
+utf8asn1str(char **to, int type, const char *from, const char *end)
{
size_t inlength = end - from;
int size = 1;
size_t outlength;
int charsize;
unsigned int wc;
- char * buf;
+ char *buf;
/* Perform a lazy conversion from an ASN.1 typed string to UTF8. Allocate the
destination buffer dynamically. The allocation size will normally be too
@@ -262,7 +267,7 @@ utf8asn1str(char * * to, int type, const char * from, const
char * end)
string length. */
*to = (char *) NULL;
- switch (type) {
+ switch(type) {
case CURL_ASN1_BMP_STRING:
size = 2;
break;
@@ -282,6 +287,8 @@ utf8asn1str(char * * to, int type, const char * from, const
char * end)
if(inlength % size)
return -1; /* Length inconsistent with character size. */
+ if(inlength / size > (CURL_SIZE_T_MAX - 1) / 4)
+ return -1; /* Too big. */
buf = malloc(4 * (inlength / size) + 1);
if(!buf)
return -1; /* Not enough memory. */
@@ -295,7 +302,7 @@ utf8asn1str(char * * to, int type, const char * from, const
char * end)
else {
for(outlength = 0; from < end;) {
wc = 0;
- switch (size) {
+ switch(size) {
case 4:
wc = (wc << 8) | *(const unsigned char *) from++;
wc = (wc << 8) | *(const unsigned char *) from++;
@@ -335,9 +342,9 @@ utf8asn1str(char * * to, int type, const char * from, const
char * end)
return outlength;
}
-static const char * string2str(int type, const char * beg, const char * end)
+static const char *string2str(int type, const char *beg, const char *end)
{
- char * buf;
+ char *buf;
/* Convert an ASN.1 String into its UTF-8 string representation.
Return the dynamically allocated string, or NULL if an error occurs. */
@@ -347,7 +354,7 @@ static const char * string2str(int type, const char * beg,
const char * end)
return buf;
}
-static int encodeUint(char * buf, int n, unsigned int x)
+static int encodeUint(char *buf, int n, unsigned int x)
{
int i = 0;
unsigned int y = x / 10;
@@ -367,7 +374,7 @@ static int encodeUint(char * buf, int n, unsigned int x)
return i;
}
-static int encodeOID(char * buf, int n, const char * beg, const char * end)
+static int encodeOID(char *buf, int n, const char *beg, const char *end)
{
int i = 0;
unsigned int x;
@@ -406,9 +413,9 @@ static int encodeOID(char * buf, int n, const char * beg,
const char * end)
return i;
}
-static const char * OID2str(const char * beg, const char * end, bool symbolic)
+static const char *OID2str(const char *beg, const char *end, bool symbolic)
{
- char * buf = (char *) NULL;
+ char *buf = (char *) NULL;
const curl_OID * op;
int n;
@@ -436,14 +443,14 @@ static const char * OID2str(const char * beg, const char
* end, bool symbolic)
return buf;
}
-static const char * GTime2str(const char * beg, const char * end)
+static const char *GTime2str(const char *beg, const char *end)
{
- const char * tzp;
- const char * fracp;
+ const char *tzp;
+ const char *fracp;
char sec1, sec2;
size_t fracl;
size_t tzl;
- const char * sep = "";
+ const char *sep = "";
/* Convert an ASN.1 Generalized time to a printable string.
Return the dynamically allocated string, or NULL if an error occurs. */
@@ -453,12 +460,13 @@ static const char * GTime2str(const char * beg, const
char * end)
/* Get seconds digits. */
sec1 = '0';
- switch (fracp - beg - 12) {
+ switch(fracp - beg - 12) {
case 0:
sec2 = '0';
break;
case 2:
sec1 = fracp[-2];
+ /* FALLTHROUGH */
case 1:
sec2 = fracp[-1];
break;
@@ -499,11 +507,11 @@ static const char * GTime2str(const char * beg, const
char * end)
sep, tzl, tzp);
}
-static const char * UTime2str(const char * beg, const char * end)
+static const char *UTime2str(const char *beg, const char *end)
{
- const char * tzp;
+ const char *tzp;
size_t tzl;
- const char * sec;
+ const char *sec;
/* Convert an ASN.1 UTC time to a printable string.
Return the dynamically allocated string, or NULL if an error occurs. */
@@ -512,7 +520,7 @@ static const char * UTime2str(const char * beg, const char
* end)
;
/* Get the seconds. */
sec = beg + 10;
- switch (tzp - sec) {
+ switch(tzp - sec) {
case 0:
sec = "00";
case 2:
@@ -538,7 +546,7 @@ static const char * UTime2str(const char * beg, const char
* end)
tzl, tzp);
}
-const char * Curl_ASN1tostr(curl_asn1Element * elem, int type)
+const char *Curl_ASN1tostr(curl_asn1Element *elem, int type)
{
/* Convert an ASN.1 element to a printable string.
Return the dynamically allocated string, or NULL if an error occurs. */
@@ -549,7 +557,7 @@ const char * Curl_ASN1tostr(curl_asn1Element * elem, int
type)
if(!type)
type = elem->tag; /* Type not forced: use element tag as type. */
- switch (type) {
+ switch(type) {
case CURL_ASN1_BOOLEAN:
return bool2str(elem->beg, elem->end);
case CURL_ASN1_INTEGER:
@@ -581,17 +589,17 @@ const char * Curl_ASN1tostr(curl_asn1Element * elem, int
type)
return (const char *) NULL; /* Unsupported. */
}
-static ssize_t encodeDN(char * buf, size_t n, curl_asn1Element * dn)
+static ssize_t encodeDN(char *buf, size_t n, curl_asn1Element *dn)
{
curl_asn1Element rdn;
curl_asn1Element atv;
curl_asn1Element oid;
curl_asn1Element value;
size_t l = 0;
- const char * p1;
- const char * p2;
- const char * p3;
- const char * str;
+ const char *p1;
+ const char *p2;
+ const char *p3;
+ const char *str;
/* ASCII encode distinguished name at `dn' into the `n'-byte buffer at `buf'.
Return the total string length, even if larger than `n'. */
@@ -647,9 +655,9 @@ static ssize_t encodeDN(char * buf, size_t n,
curl_asn1Element * dn)
return l;
}
-const char * Curl_DNtostr(curl_asn1Element * dn)
+const char *Curl_DNtostr(curl_asn1Element *dn)
{
- char * buf = (char *) NULL;
+ char *buf = (char *) NULL;
ssize_t n = encodeDN(buf, 0, dn);
/* Convert an ASN.1 distinguished name into a printable string.
@@ -669,12 +677,12 @@ const char * Curl_DNtostr(curl_asn1Element * dn)
* X509 parser.
*/
-void Curl_parseX509(curl_X509certificate * cert,
- const char * beg, const char * end)
+int Curl_parseX509(curl_X509certificate *cert,
+ const char *beg, const char *end)
{
curl_asn1Element elem;
curl_asn1Element tbsCertificate;
- const char * ccp;
+ const char *ccp;
static const char defaultVersion = 0; /* v1. */
/* ASN.1 parse an X509 certificate into structure subfields.
@@ -686,7 +694,8 @@ void Curl_parseX509(curl_X509certificate * cert,
cert->certificate.end = end;
/* Get the sequence content. */
- Curl_getASN1Element(&elem, beg, end);
+ if(!Curl_getASN1Element(&elem, beg, end))
+ return -1; /* Invalid bounds/size. */
beg = elem.beg;
end = elem.end;
@@ -749,9 +758,10 @@ void Curl_parseX509(curl_X509certificate * cert,
}
if(elem.tag == 3)
Curl_getASN1Element(&cert->extensions, elem.beg, elem.end);
+ return 0;
}
-static size_t copySubstring(char * to, const char * from)
+static size_t copySubstring(char *to, const char *from)
{
size_t i;
@@ -768,8 +778,8 @@ static size_t copySubstring(char * to, const char * from)
return i;
}
-static const char * dumpAlgo(curl_asn1Element * param,
- const char * beg, const char * end)
+static const char *dumpAlgo(curl_asn1Element *param,
+ const char *beg, const char *end)
{
curl_asn1Element oid;
@@ -784,10 +794,10 @@ static const char * dumpAlgo(curl_asn1Element * param,
return OID2str(oid.beg, oid.end, TRUE);
}
-static void do_pubkey_field(struct Curl_easy * data, int certnum,
- const char * label, curl_asn1Element * elem)
+static void do_pubkey_field(struct Curl_easy *data, int certnum,
+ const char *label, curl_asn1Element *elem)
{
- const char * output;
+ const char *output;
/* Generate a certificate information record for the public key. */
@@ -801,14 +811,14 @@ static void do_pubkey_field(struct Curl_easy * data, int
certnum,
}
}
-static void do_pubkey(struct Curl_easy * data, int certnum,
- const char * algo, curl_asn1Element * param,
- curl_asn1Element * pubkey)
+static void do_pubkey(struct Curl_easy *data, int certnum,
+ const char *algo, curl_asn1Element *param,
+ curl_asn1Element *pubkey)
{
curl_asn1Element elem;
curl_asn1Element pk;
- const char * p;
- const char * q;
+ const char *p;
+ const char *q;
unsigned long len;
unsigned int i;
@@ -817,7 +827,7 @@ static void do_pubkey(struct Curl_easy * data, int certnum,
/* Get the public key (single element). */
Curl_getASN1Element(&pk, pubkey->beg + 1, pubkey->end);
- if(curl_strequal(algo, "rsaEncryption")) {
+ if(strcasecompare(algo, "rsaEncryption")) {
p = Curl_getASN1Element(&elem, pk.beg, pk.end);
/* Compute key length. */
for(q = elem.beg; !*q && q < elem.end; q++)
@@ -842,7 +852,7 @@ static void do_pubkey(struct Curl_easy * data, int certnum,
Curl_getASN1Element(&elem, p, pk.end);
do_pubkey_field(data, certnum, "rsa(e)", &elem);
}
- else if(curl_strequal(algo, "dsa")) {
+ else if(strcasecompare(algo, "dsa")) {
p = Curl_getASN1Element(&elem, param->beg, param->end);
do_pubkey_field(data, certnum, "dsa(p)", &elem);
p = Curl_getASN1Element(&elem, p, param->end);
@@ -851,7 +861,7 @@ static void do_pubkey(struct Curl_easy * data, int certnum,
do_pubkey_field(data, certnum, "dsa(g)", &elem);
do_pubkey_field(data, certnum, "dsa(pub_key)", &pk);
}
- else if(curl_strequal(algo, "dhpublicnumber")) {
+ else if(strcasecompare(algo, "dhpublicnumber")) {
p = Curl_getASN1Element(&elem, param->beg, param->end);
do_pubkey_field(data, certnum, "dh(p)", &elem);
Curl_getASN1Element(&elem, param->beg, param->end);
@@ -859,24 +869,24 @@ static void do_pubkey(struct Curl_easy * data, int
certnum,
do_pubkey_field(data, certnum, "dh(pub_key)", &pk);
}
#if 0 /* Patent-encumbered. */
- else if(curl_strequal(algo, "ecPublicKey")) {
+ else if(strcasecompare(algo, "ecPublicKey")) {
/* Left TODO. */
}
#endif
}
-CURLcode Curl_extract_certinfo(struct connectdata * conn,
+CURLcode Curl_extract_certinfo(struct connectdata *conn,
int certnum,
- const char * beg,
- const char * end)
+ const char *beg,
+ const char *end)
{
curl_X509certificate cert;
- struct Curl_easy * data = conn->data;
+ struct Curl_easy *data = conn->data;
curl_asn1Element param;
- const char * ccp;
- char * cp1;
+ const char *ccp;
+ char *cp1;
size_t cl1;
- char * cp2;
+ char *cp2;
CURLcode result;
unsigned long version;
size_t i;
@@ -889,7 +899,8 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn,
/* Prepare the certificate information for curl_easy_getinfo(). */
/* Extract the certificate ASN.1 elements. */
- Curl_parseX509(&cert, beg, end);
+ if(Curl_parseX509(&cert, beg, end))
+ return CURLE_OUT_OF_MEMORY;
/* Subject. */
ccp = Curl_DNtostr(&cert.subject);
@@ -1029,12 +1040,12 @@ CURLcode Curl_extract_certinfo(struct connectdata *
conn,
#if defined(USE_GSKIT)
-static const char * checkOID(const char * beg, const char * end,
- const char * oid)
+static const char *checkOID(const char *beg, const char *end,
+ const char *oid)
{
curl_asn1Element e;
- const char * ccp;
- const char * p;
+ const char *ccp;
+ const char *p;
bool matched;
/* Check if first ASN.1 element at `beg' is the given OID.
@@ -1053,21 +1064,26 @@ static const char * checkOID(const char * beg, const
char * end,
return matched? ccp: (const char *) NULL;
}
-CURLcode Curl_verifyhost(struct connectdata * conn,
- const char * beg, const char * end)
+CURLcode Curl_verifyhost(struct connectdata *conn,
+ const char *beg, const char *end)
{
- struct Curl_easy * data = conn->data;
+ struct Curl_easy *data = conn->data;
curl_X509certificate cert;
curl_asn1Element dn;
curl_asn1Element elem;
curl_asn1Element ext;
curl_asn1Element name;
- const char * p;
- const char * q;
- char * dnsname;
+ const char *p;
+ const char *q;
+ char *dnsname;
int matched = -1;
size_t addrlen = (size_t) -1;
ssize_t len;
+ const char * const hostname = SSL_IS_PROXY()? conn->http_proxy.host.name:
+ conn->host.name;
+ const char * const dispname = SSL_IS_PROXY()?
+ conn->http_proxy.host.dispname:
+ conn->host.dispname;
#ifdef ENABLE_IPV6
struct in6_addr addr;
#else
@@ -1077,20 +1093,19 @@ CURLcode Curl_verifyhost(struct connectdata * conn,
/* Verify that connection server matches info in X509 certificate at
`beg'..`end'. */
- if(!data->set.ssl.verifyhost)
+ if(!SSL_CONN_CONFIG(verifyhost))
return CURLE_OK;
- if(!beg)
+ if(Curl_parseX509(&cert, beg, end))
return CURLE_PEER_FAILED_VERIFICATION;
- Curl_parseX509(&cert, beg, end);
/* Get the server IP address. */
#ifdef ENABLE_IPV6
- if(conn->bits.ipv6_ip && Curl_inet_pton(AF_INET6, conn->host.name, &addr))
+ if(conn->bits.ipv6_ip && Curl_inet_pton(AF_INET6, hostname, &addr))
addrlen = sizeof(struct in6_addr);
else
#endif
- if(Curl_inet_pton(AF_INET, conn->host.name, &addr))
+ if(Curl_inet_pton(AF_INET, hostname, &addr))
addrlen = sizeof(struct in_addr);
/* Process extensions. */
@@ -1108,12 +1123,12 @@ CURLcode Curl_verifyhost(struct connectdata * conn,
/* Check all GeneralNames. */
for(q = elem.beg; matched != 1 && q < elem.end;) {
q = Curl_getASN1Element(&name, q, elem.end);
- switch (name.tag) {
+ switch(name.tag) {
case 2: /* DNS name. */
len = utf8asn1str(&dnsname, CURL_ASN1_IA5_STRING,
name.beg, name.end);
if(len > 0 && (size_t)len == strlen(dnsname))
- matched = Curl_cert_hostcheck(dnsname, conn->host.name);
+ matched = Curl_cert_hostcheck(dnsname, hostname);
else
matched = 0;
free(dnsname);
@@ -1128,15 +1143,15 @@ CURLcode Curl_verifyhost(struct connectdata * conn,
}
}
- switch (matched) {
+ switch(matched) {
case 1:
/* an alternative name matched the server hostname */
- infof(data, "\t subjectAltName: %s matched\n", conn->host.dispname);
+ infof(data, "\t subjectAltName: %s matched\n", dispname);
return CURLE_OK;
case 0:
/* an alternative name field existed, but didn't match and then
we MUST fail */
- infof(data, "\t subjectAltName does not match %s\n", conn->host.dispname);
+ infof(data, "\t subjectAltName does not match %s\n", dispname);
return CURLE_PEER_FAILED_VERIFICATION;
}
@@ -1168,14 +1183,14 @@ CURLcode Curl_verifyhost(struct connectdata * conn,
}
if(strlen(dnsname) != (size_t) len) /* Nul byte in string ? */
failf(data, "SSL: illegal cert name field");
- else if(Curl_cert_hostcheck((const char *) dnsname, conn->host.name)) {
+ else if(Curl_cert_hostcheck((const char *) dnsname, hostname)) {
infof(data, "\t common name: %s (matched)\n", dnsname);
free(dnsname);
return CURLE_OK;
}
else
failf(data, "SSL: certificate subject name '%s' does not match "
- "target host name '%s'", dnsname, conn->host.dispname);
+ "target host name '%s'", dnsname, dispname);
free(dnsname);
}
diff --git a/lib/x509asn1.h b/lib/x509asn1.h
index 0f2b9304f..ce4029792 100644
--- a/lib/x509asn1.h
+++ b/lib/x509asn1.h
@@ -8,7 +8,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -34,6 +34,9 @@
* Constants.
*/
+/* Largest supported ASN.1 structure. */
+#define CURL_ASN1_MAX ((size_t) 0x40000) /* 256K */
+
/* ASN.1 classes. */
#define CURL_ASN1_UNIVERSAL 0
#define CURL_ASN1_APPLICATION 1
@@ -117,16 +120,15 @@ typedef struct {
* Prototypes.
*/
-const char * Curl_getASN1Element(curl_asn1Element * elem,
- const char * beg, const char * end);
-const char * Curl_ASN1tostr(curl_asn1Element * elem, int type);
-const char * Curl_DNtostr(curl_asn1Element * dn);
-void Curl_parseX509(curl_X509certificate * cert,
- const char * beg, const char * end);
-CURLcode Curl_extract_certinfo(struct connectdata * conn, int certnum,
- const char * beg, const char * end);
-CURLcode Curl_verifyhost(struct connectdata * conn,
- const char * beg, const char * end);
-
+const char *Curl_getASN1Element(curl_asn1Element *elem,
+ const char *beg, const char *end);
+const char *Curl_ASN1tostr(curl_asn1Element *elem, int type);
+const char *Curl_DNtostr(curl_asn1Element *dn);
+int Curl_parseX509(curl_X509certificate *cert,
+ const char *beg, const char *end);
+CURLcode Curl_extract_certinfo(struct connectdata *conn, int certnum,
+ const char *beg, const char *end);
+CURLcode Curl_verifyhost(struct connectdata *conn,
+ const char *beg, const char *end);
#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL or USE_SCHANNEL */
#endif /* HEADER_CURL_X509ASN1_H */
diff --git a/m4/ax_code_coverage.m4 b/m4/ax_code_coverage.m4
new file mode 100644
index 000000000..6484f0332
--- /dev/null
+++ b/m4/ax_code_coverage.m4
@@ -0,0 +1,264 @@
+# ===========================================================================
+# https://www.gnu.org/software/autoconf-archive/ax_code_coverage.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+# AX_CODE_COVERAGE()
+#
+# DESCRIPTION
+#
+# Defines CODE_COVERAGE_CPPFLAGS, CODE_COVERAGE_CFLAGS,
+# CODE_COVERAGE_CXXFLAGS and CODE_COVERAGE_LIBS which should be included
+# in the CPPFLAGS, CFLAGS CXXFLAGS and LIBS/LIBADD variables of every
+# build target (program or library) which should be built with code
+# coverage support. Also defines CODE_COVERAGE_RULES which should be
+# substituted in your Makefile; and $enable_code_coverage which can be
+# used in subsequent configure output. CODE_COVERAGE_ENABLED is defined
+# and substituted, and corresponds to the value of the
+# --enable-code-coverage option, which defaults to being disabled.
+#
+# Test also for gcov program and create GCOV variable that could be
+# substituted.
+#
+# Note that all optimization flags in CFLAGS must be disabled when code
+# coverage is enabled.
+#
+# Usage example:
+#
+# configure.ac:
+#
+# AX_CODE_COVERAGE
+#
+# Makefile.am:
+#
+# @CODE_COVERAGE_RULES@
+# my_program_LIBS = ... $(CODE_COVERAGE_LIBS) ...
+# my_program_CPPFLAGS = ... $(CODE_COVERAGE_CPPFLAGS) ...
+# my_program_CFLAGS = ... $(CODE_COVERAGE_CFLAGS) ...
+# my_program_CXXFLAGS = ... $(CODE_COVERAGE_CXXFLAGS) ...
+#
+# This results in a "check-code-coverage" rule being added to any
+# Makefile.am which includes "@CODE_COVERAGE_RULES@" (assuming the module
+# has been configured with --enable-code-coverage). Running `make
+# check-code-coverage` in that directory will run the module's test suite
+# (`make check`) and build a code coverage report detailing the code which
+# was touched, then print the URI for the report.
+#
+# In earlier versions of this macro, CODE_COVERAGE_LDFLAGS was defined
+# instead of CODE_COVERAGE_LIBS. They are both still defined, but use of
+# CODE_COVERAGE_LIBS is preferred for clarity; CODE_COVERAGE_LDFLAGS is
+# deprecated. They have the same value.
+#
+# This code was derived from Makefile.decl in GLib, originally licenced
+# under LGPLv2.1+.
+#
+# LICENSE
+#
+# Copyright (c) 2012, 2016 Philip Withnall
+# Copyright (c) 2012 Xan Lopez
+# Copyright (c) 2012 Christian Persch
+# Copyright (c) 2012 Paolo Borelli
+# Copyright (c) 2012 Dan Winship
+# Copyright (c) 2015 Bastien ROUCARIES
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or (at
+# your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser
+# General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+#serial 25
+
+AC_DEFUN([AX_CODE_COVERAGE],[
+ dnl Check for --enable-code-coverage
+ AC_REQUIRE([AC_PROG_SED])
+
+ # allow to override gcov location
+ AC_ARG_WITH([gcov],
+ [AS_HELP_STRING([--with-gcov[=GCOV]], [use given GCOV for coverage
(GCOV=gcov).])],
+ [_AX_CODE_COVERAGE_GCOV_PROG_WITH=$with_gcov],
+ [_AX_CODE_COVERAGE_GCOV_PROG_WITH=gcov])
+
+ AC_MSG_CHECKING([whether to build with code coverage support])
+ AC_ARG_ENABLE([code-coverage],
+ AS_HELP_STRING([--enable-code-coverage],
+ [Whether to enable code coverage support]),,
+ enable_code_coverage=no)
+
+ AM_CONDITIONAL([CODE_COVERAGE_ENABLED], [test x$enable_code_coverage =
xyes])
+ AC_SUBST([CODE_COVERAGE_ENABLED], [$enable_code_coverage])
+ AC_MSG_RESULT($enable_code_coverage)
+
+ AS_IF([ test "$enable_code_coverage" = "yes" ], [
+ # check for gcov
+ AC_CHECK_TOOL([GCOV],
+ [$_AX_CODE_COVERAGE_GCOV_PROG_WITH],
+ [:])
+ AS_IF([test "X$GCOV" = "X:"],
+ [AC_MSG_ERROR([gcov is needed to do coverage])])
+ AC_SUBST([GCOV])
+
+ dnl Check if gcc is being used
+ AS_IF([ test "$GCC" = "no" ], [
+ AC_MSG_ERROR([not compiling with gcc, which is required
for gcov code coverage])
+ ])
+
+ AC_CHECK_PROG([LCOV], [lcov], [lcov])
+ AC_CHECK_PROG([GENHTML], [genhtml], [genhtml])
+
+ AS_IF([ test -z "$LCOV" ], [
+ AC_MSG_ERROR([To enable code coverage reporting you
must have lcov installed])
+ ])
+
+ AS_IF([ test -z "$GENHTML" ], [
+ AC_MSG_ERROR([Could not find genhtml from the lcov
package])
+ ])
+
+ dnl Build the code coverage flags
+ dnl Define CODE_COVERAGE_LDFLAGS for backwards compatibility
+ CODE_COVERAGE_CPPFLAGS="-DNDEBUG"
+ CODE_COVERAGE_CFLAGS="-O0 -g -fprofile-arcs -ftest-coverage"
+ CODE_COVERAGE_CXXFLAGS="-O0 -g -fprofile-arcs -ftest-coverage"
+ CODE_COVERAGE_LIBS="-lgcov"
+ CODE_COVERAGE_LDFLAGS="$CODE_COVERAGE_LIBS"
+
+ AC_SUBST([CODE_COVERAGE_CPPFLAGS])
+ AC_SUBST([CODE_COVERAGE_CFLAGS])
+ AC_SUBST([CODE_COVERAGE_CXXFLAGS])
+ AC_SUBST([CODE_COVERAGE_LIBS])
+ AC_SUBST([CODE_COVERAGE_LDFLAGS])
+
+ [CODE_COVERAGE_RULES_CHECK='
+ -$(A''M_V_at)$(MAKE) $(AM_MAKEFLAGS) -k check
+ $(A''M_V_at)$(MAKE) $(AM_MAKEFLAGS) code-coverage-capture
+']
+ [CODE_COVERAGE_RULES_CAPTURE='
+ $(code_coverage_v_lcov_cap)$(LCOV) $(code_coverage_quiet) $(addprefix
--directory ,$(CODE_COVERAGE_DIRECTORY)) --capture --output-file
"$(CODE_COVERAGE_OUTPUT_FILE).tmp" --test-name "$(call
code_coverage_sanitize,$(PACKAGE_NAME)-$(PACKAGE_VERSION))" --no-checksum
--compat-libtool $(CODE_COVERAGE_LCOV_SHOPTS) $(CODE_COVERAGE_LCOV_OPTIONS)
+ $(code_coverage_v_lcov_ign)$(LCOV) $(code_coverage_quiet) $(addprefix
--directory ,$(CODE_COVERAGE_DIRECTORY)) --remove
"$(CODE_COVERAGE_OUTPUT_FILE).tmp" "/tmp/*" $(CODE_COVERAGE_IGNORE_PATTERN)
--output-file "$(CODE_COVERAGE_OUTPUT_FILE)" $(CODE_COVERAGE_LCOV_SHOPTS)
$(CODE_COVERAGE_LCOV_RMOPTS)
+ address@hidden -f $(CODE_COVERAGE_OUTPUT_FILE).tmp
+ $(code_coverage_v_genhtml)LANG=C $(GENHTML) $(code_coverage_quiet)
$(addprefix --prefix ,$(CODE_COVERAGE_DIRECTORY)) --output-directory
"$(CODE_COVERAGE_OUTPUT_DIRECTORY)" --title "$(PACKAGE_NAME)-$(PACKAGE_VERSION)
Code Coverage" --legend --show-details "$(CODE_COVERAGE_OUTPUT_FILE)"
$(CODE_COVERAGE_GENHTML_OPTIONS)
+ @echo
"file://$(abs_builddir)/$(CODE_COVERAGE_OUTPUT_DIRECTORY)/index.html"
+']
+ [CODE_COVERAGE_RULES_CLEAN='
+clean: code-coverage-clean
+distclean: code-coverage-clean
+code-coverage-clean:
+ -$(LCOV) --directory $(top_builddir) -z
+ -rm -rf $(CODE_COVERAGE_OUTPUT_FILE) $(CODE_COVERAGE_OUTPUT_FILE).tmp
$(CODE_COVERAGE_OUTPUT_DIRECTORY)
+ -find . \( -name "*.gcda" -o -name "*.gcno" -o -name "*.gcov" \) -delete
+']
+ ], [
+ [CODE_COVERAGE_RULES_CHECK='
+ @echo "Need to reconfigure with --enable-code-coverage"
+']
+ CODE_COVERAGE_RULES_CAPTURE="$CODE_COVERAGE_RULES_CHECK"
+ CODE_COVERAGE_RULES_CLEAN=''
+ ])
+
+[CODE_COVERAGE_RULES='
+# Code coverage
+#
+# Optional:
+# - CODE_COVERAGE_DIRECTORY: Top-level directory for code coverage reporting.
+# Multiple directories may be specified, separated by whitespace.
+# (Default: $(top_builddir))
+# - CODE_COVERAGE_OUTPUT_FILE: Filename and path for the .info file generated
+# by lcov for code coverage. (Default:
+# $(PACKAGE_NAME)-$(PACKAGE_VERSION)-coverage.info)
+# - CODE_COVERAGE_OUTPUT_DIRECTORY: Directory for generated code coverage
+# reports to be created. (Default:
+# $(PACKAGE_NAME)-$(PACKAGE_VERSION)-coverage)
+# - CODE_COVERAGE_BRANCH_COVERAGE: Set to 1 to enforce branch coverage,
+# set to 0 to disable it and leave empty to stay with the default.
+# (Default: empty)
+# - CODE_COVERAGE_LCOV_SHOPTS_DEFAULT: Extra options shared between both lcov
+# instances. (Default: based on $CODE_COVERAGE_BRANCH_COVERAGE)
+# - CODE_COVERAGE_LCOV_SHOPTS: Extra options to shared between both lcov
+# instances. (Default: $CODE_COVERAGE_LCOV_SHOPTS_DEFAULT)
+# - CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH: --gcov-tool pathtogcov
+# - CODE_COVERAGE_LCOV_OPTIONS_DEFAULT: Extra options to pass to the
+# collecting lcov instance. (Default: $CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH)
+# - CODE_COVERAGE_LCOV_OPTIONS: Extra options to pass to the collecting lcov
+# instance. (Default: $CODE_COVERAGE_LCOV_OPTIONS_DEFAULT)
+# - CODE_COVERAGE_LCOV_RMOPTS_DEFAULT: Extra options to pass to the filtering
+# lcov instance. (Default: empty)
+# - CODE_COVERAGE_LCOV_RMOPTS: Extra options to pass to the filtering lcov
+# instance. (Default: $CODE_COVERAGE_LCOV_RMOPTS_DEFAULT)
+# - CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT: Extra options to pass to the
+# genhtml instance. (Default: based on $CODE_COVERAGE_BRANCH_COVERAGE)
+# - CODE_COVERAGE_GENHTML_OPTIONS: Extra options to pass to the genhtml
+# instance. (Default: $CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT)
+# - CODE_COVERAGE_IGNORE_PATTERN: Extra glob pattern of files to ignore
+#
+# The generated report will be titled using the $(PACKAGE_NAME) and
+# $(PACKAGE_VERSION). In order to add the current git hash to the title,
+# use the git-version-gen script, available online.
+
+# Optional variables
+CODE_COVERAGE_DIRECTORY ?= $(top_builddir)
+CODE_COVERAGE_OUTPUT_FILE ?= $(PACKAGE_NAME)-$(PACKAGE_VERSION)-coverage.info
+CODE_COVERAGE_OUTPUT_DIRECTORY ?= $(PACKAGE_NAME)-$(PACKAGE_VERSION)-coverage
+CODE_COVERAGE_BRANCH_COVERAGE ?=
+CODE_COVERAGE_LCOV_SHOPTS_DEFAULT ?= $(if $(CODE_COVERAGE_BRANCH_COVERAGE),\
+--rc lcov_branch_coverage=$(CODE_COVERAGE_BRANCH_COVERAGE))
+CODE_COVERAGE_LCOV_SHOPTS ?= $(CODE_COVERAGE_LCOV_SHOPTS_DEFAULT)
+CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH ?= --gcov-tool "$(GCOV)"
+CODE_COVERAGE_LCOV_OPTIONS_DEFAULT ?= $(CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH)
+CODE_COVERAGE_LCOV_OPTIONS ?= $(CODE_COVERAGE_LCOV_OPTIONS_DEFAULT)
+CODE_COVERAGE_LCOV_RMOPTS_DEFAULT ?=
+CODE_COVERAGE_LCOV_RMOPTS ?= $(CODE_COVERAGE_LCOV_RMOPTS_DEFAULT)
+CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT ?=\
+$(if $(CODE_COVERAGE_BRANCH_COVERAGE),\
+--rc genhtml_branch_coverage=$(CODE_COVERAGE_BRANCH_COVERAGE))
+CODE_COVERAGE_GENHTML_OPTIONS ?= $(CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT)
+CODE_COVERAGE_IGNORE_PATTERN ?=
+
+GITIGNOREFILES ?=
+GITIGNOREFILES += $(CODE_COVERAGE_OUTPUT_FILE)
$(CODE_COVERAGE_OUTPUT_DIRECTORY)
+
+code_coverage_v_lcov_cap = $(code_coverage_v_lcov_cap_$(V))
+code_coverage_v_lcov_cap_ = $(code_coverage_v_lcov_cap_$(AM_DEFAULT_VERBOSITY))
+code_coverage_v_lcov_cap_0 = @echo " LCOV --capture"\
+ $(CODE_COVERAGE_OUTPUT_FILE);
+code_coverage_v_lcov_ign = $(code_coverage_v_lcov_ign_$(V))
+code_coverage_v_lcov_ign_ = $(code_coverage_v_lcov_ign_$(AM_DEFAULT_VERBOSITY))
+code_coverage_v_lcov_ign_0 = @echo " LCOV --remove /tmp/*"\
+ $(CODE_COVERAGE_IGNORE_PATTERN);
+code_coverage_v_genhtml = $(code_coverage_v_genhtml_$(V))
+code_coverage_v_genhtml_ = $(code_coverage_v_genhtml_$(AM_DEFAULT_VERBOSITY))
+code_coverage_v_genhtml_0 = @echo " GEN " $(CODE_COVERAGE_OUTPUT_DIRECTORY);
+code_coverage_quiet = $(code_coverage_quiet_$(V))
+code_coverage_quiet_ = $(code_coverage_quiet_$(AM_DEFAULT_VERBOSITY))
+code_coverage_quiet_0 = --quiet
+
+# sanitizes the test-name: replaces with underscores: dashes and dots
+code_coverage_sanitize = $(subst -,_,$(subst .,_,$(1)))
+
+# Use recursive makes in order to ignore errors during check
+check-code-coverage:'"$CODE_COVERAGE_RULES_CHECK"'
+
+# Capture code coverage data
+code-coverage-capture:
code-coverage-capture-hook'"$CODE_COVERAGE_RULES_CAPTURE"'
+
+# Hook rule executed before code-coverage-capture, overridable by the user
+code-coverage-capture-hook:
+
+'"$CODE_COVERAGE_RULES_CLEAN"'
+
+A''M_DISTCHECK_CONFIGURE_FLAGS ?=
+A''M_DISTCHECK_CONFIGURE_FLAGS += --disable-code-coverage
+
+.PHONY: check-code-coverage code-coverage-capture code-coverage-capture-hook
code-coverage-clean
+']
+
+ AC_SUBST([CODE_COVERAGE_RULES])
+ m4_ifdef([_AM_SUBST_NOTMAKE],
[_AM_SUBST_NOTMAKE([CODE_COVERAGE_RULES])])
+])
diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4
index 6ecd3237b..3c87efa09 100644
--- a/m4/curl-compilers.m4
+++ b/m4/curl-compilers.m4
@@ -64,7 +64,7 @@ AC_DEFUN([CURL_CHECK_COMPILER], [
***
*** Whatever settings are present in CFLAGS will be used for this run.
***
-*** If you wish to help the cURL project to better support your compiler
+*** If you wish to help the curl project to better support your compiler
*** you can report this and the required info on the libcurl development
*** mailing list: https://cool.haxx.se/mailman/listinfo/curl-library/
***
@@ -84,7 +84,16 @@ AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [
if test "$curl_cv_have_def___clang__" = "yes"; then
AC_MSG_RESULT([yes])
compiler_id="CLANG"
- clangver=`$CC -dumpversion`
+ fullclangver=`$CC -v 2>&1 | grep version`
+ clangver=`echo $fullclangver | grep "based on LLVM " | "$SED" 's/.*(based
on LLVM \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*)/\1/'`
+ if test -z "$clangver"; then
+ if echo $fullclangver | grep "Apple LLVM version " >/dev/null; then
+ dnl Starting with XCode 7 / clang 3.7, Apple clang won't tell its
upstream version
+ clangver=`3.7`
+ else
+ clangver=`echo $fullclangver | "$SED" 's/.*version
\(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*/\1/'`
+ fi
+ fi
clangvhi=`echo $clangver | cut -d . -f1`
clangvlo=`echo $clangver | cut -d . -f2`
compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null`
@@ -158,7 +167,7 @@ AC_DEFUN([CURL_CHECK_COMPILER_GNU_C], [
flags_dbg_all="$flags_dbg_all -gvms"
flags_dbg_yes="-g"
flags_dbg_off=""
- flags_opt_all="-O -O0 -O1 -O2 -O3 -Os"
+ flags_opt_all="-O -O0 -O1 -O2 -O3 -Os -Og -Ofast"
flags_opt_yes="-O2"
flags_opt_off="-O0"
CURL_CHECK_DEF([_WIN32], [], [silent])
@@ -577,8 +586,11 @@ AC_DEFUN([CURL_SET_COMPILER_BASIC_OPTS], [
#
GNU_C)
#
- dnl Placeholder
- tmp_CFLAGS="$tmp_CFLAGS"
+ dnl turn implicit-function-declaration warning into error,
+ dnl at least gcc 2.95 and later support this
+ if test "$compiler_num" -ge "295"; then
+ tmp_CFLAGS="$tmp_CFLAGS -Werror-implicit-function-declaration"
+ fi
;;
#
HP_UX_C)
@@ -878,6 +890,39 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
if test "$compiler_num" -ge "101"; then
tmp_CFLAGS="$tmp_CFLAGS -Wunused"
fi
+ #
+ dnl Only clang 2.8 or later
+ if test "$compiler_num" -ge "208"; then
+ tmp_CFLAGS="$tmp_CFLAGS -Wvla"
+ fi
+ #
+ dnl Only clang 2.9 or later
+ if test "$compiler_num" -ge "209"; then
+ tmp_CFLAGS="$tmp_CFLAGS -Wshift-sign-overflow"
+ fi
+ #
+ dnl Only clang 3.2 or later
+ if test "$compiler_num" -ge "302"; then
+ case $host_os in
+ cygwin* | mingw*)
+ dnl skip missing-variable-declarations warnings for cygwin and
+ dnl mingw because the libtool wrapper executable causes them
+ ;;
+ *)
+ tmp_CFLAGS="$tmp_CFLAGS -Wmissing-variable-declarations"
+ ;;
+ esac
+ fi
+ #
+ dnl Only clang 3.6 or later
+ if test "$compiler_num" -ge "306"; then
+ tmp_CFLAGS="$tmp_CFLAGS -Wdouble-promotion"
+ fi
+ #
+ dnl Only clang 3.9 or later
+ if test "$compiler_num" -ge "309"; then
+ tmp_CFLAGS="$tmp_CFLAGS -Wcomma"
+ fi
fi
;;
#
@@ -989,6 +1034,11 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
fi
fi
#
+ dnl Only gcc 4.6 or later
+ if test "$compiler_num" -ge "406"; then
+ tmp_CFLAGS="$tmp_CFLAGS -Wdouble-promotion"
+ fi
+ #
fi
#
dnl Do not issue warnings for code in system include paths.
diff --git a/m4/curl-confopts.m4 b/m4/curl-confopts.m4
index 69b9a1431..d77a884d5 100644
--- a/m4/curl-confopts.m4
+++ b/m4/curl-confopts.m4
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2013, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -37,12 +37,12 @@ AC_HELP_STRING([--enable-threaded-resolver],[Enable
threaded resolver])
AC_HELP_STRING([--disable-threaded-resolver],[Disable threaded resolver]),
OPT_THRES=$enableval)
case "$OPT_THRES" in
- yes)
- dnl --enable-threaded-resolver option used
- want_thres="yes"
- ;;
*)
dnl configure option not specified
+ want_thres="yes"
+ ;;
+ no)
+ dnl --disable-threaded-resolver option used
want_thres="no"
;;
esac
@@ -346,10 +346,6 @@ AC_DEFUN([CURL_CHECK_OPTION_RT], [
AC_MSG_RESULT([no])
;;
esac
- dnl TODO: may require mutual exclusion
- if test "$dontwant_rt" = "yes" && test "$want_thres" = "yes" ; then
- AC_MSG_ERROR([options --disable-rt and --enable-thread-resolver are
mutually exclusive, at most one can be selected.])
- fi
])
@@ -520,8 +516,8 @@ AC_DEFUN([CURL_CHECK_LIB_ARES], [
fi
fi
#
- CPPFLAGS="$ares_CPPFLAGS $clean_CPPFLAGS"
- LDFLAGS="$ares_LDFLAGS $clean_LDFLAGS"
+ CPPFLAGS="$clean_CPPFLAGS $ares_CPPFLAGS"
+ LDFLAGS="$clean_LDFLAGS $ares_LDFLAGS"
LIBS="$ares_LIBS $clean_LIBS"
#
if test "$embedded_ares" != "yes"; then
diff --git a/m4/curl-functions.m4 b/m4/curl-functions.m4
index ee7a2521c..dde7fe2ea 100644
--- a/m4/curl-functions.m4
+++ b/m4/curl-functions.m4
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2013, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -4739,12 +4739,15 @@ AC_DEFUN([CURL_CHECK_FUNC_POLL], [
tst_allow_poll="unknown"
#
case $host_os in
- darwin[[123456789]].*|darwin10.*|darwin11.*|darwin12.*|interix*)
+ darwin*|interix*)
dnl poll() does not work on these platforms
dnl Interix: "does provide poll(), but the implementing developer must
dnl have been in a bad mood, because poll() only works on the /proc
dnl filesystem here"
+ dnl macOS: poll() first didn't exist, then was broken until fixed in 10.9
+ dnl only to break again in 10.12.
curl_disallow_poll="yes"
+ tst_compi_poll="no"
;;
esac
#
@@ -4803,11 +4806,27 @@ AC_DEFUN([CURL_CHECK_FUNC_POLL], [
AC_LANG_PROGRAM([[
$curl_includes_stdlib
$curl_includes_poll
+ $curl_includes_time
]],[[
+ /* detect the original poll() breakage */
if(0 != poll(0, 0, 10))
exit(1); /* fail */
- else
- exit(0);
+ else {
+ /* detect the 10.12 poll() breakage */
+ struct timeval before, after;
+ int rc;
+ size_t us;
+
+ gettimeofday(&before, NULL);
+ rc = poll(NULL, 0, 500);
+ gettimeofday(&after, NULL);
+
+ us = (after.tv_sec - before.tv_sec) * 1000000 +
+ (after.tv_usec - before.tv_usec);
+
+ if(us < 400000)
+ exit(1);
+ }
]])
],[
AC_MSG_RESULT([yes])
diff --git a/m4/curl-override.m4 b/m4/curl-override.m4
index a35d3b2f1..b27cb6111 100644
--- a/m4/curl-override.m4
+++ b/m4/curl-override.m4
@@ -21,7 +21,7 @@ dnl -------------------------------------------------
dnl This is done to prevent compiler warning
dnl 'function declaration isn't a prototype'
dnl in function main. This requires at least
-dnl a c89 compiler and does not suport K&R.
+dnl a c89 compiler and does not support K&R.
m4_define([AC_LANG_PROGRAM(C)],
[$1
diff --git a/m4/xc-lt-iface.m4 b/m4/xc-lt-iface.m4
index 82aaafae6..ec903f575 100644
--- a/m4/xc-lt-iface.m4
+++ b/m4/xc-lt-iface.m4
@@ -112,7 +112,7 @@ esac
# of non-PIC compiled objects will fail with following linker error
# "relocation R_X86_64_32 can not be used when making a shared object"
# is to build PIC objects even for static libraries. This behavior may
-# be overriden using 'configure --disable-shared --without-pic'.
+# be overridden using 'configure --disable-shared --without-pic'.
#
if test "x$xc_lt_want_with_pic" = 'xdefault'; then
@@ -171,7 +171,7 @@ dnl _XC_CHECK_LT_BUILD_LIBRARIES
dnl -------------------------------------------------
dnl Private macro.
dnl
-dnl Checks wether libtool shared and static libraries
+dnl Checks whether libtool shared and static libraries
dnl are finally built depending on user input, default
dnl behavior and knowledge that libtool has about host
dnl characteristics.
@@ -306,7 +306,7 @@ dnl _XC_CHECK_LT_BUILD_WITH_PIC
dnl -------------------------------------------------
dnl Private macro.
dnl
-dnl Checks wether libtool shared and static libraries
+dnl Checks whether libtool shared and static libraries
dnl would be built with PIC depending on user input,
dnl default behavior and knowledge that libtool has
dnl about host characteristics.
@@ -317,7 +317,7 @@ dnl xc_lt_build_static_with_pic
m4_define([_XC_CHECK_LT_BUILD_WITH_PIC],
[dnl
#
-# Find out wether libtool libraries would be built wit PIC
+# Find out whether libtool libraries would be built wit PIC
#
case "x$pic_mode" in @%:@ ((((
@@ -352,7 +352,7 @@ dnl _XC_CHECK_LT_BUILD_SINGLE_VERSION
dnl -------------------------------------------------
dnl Private macro.
dnl
-dnl Checks wether a libtool shared or static library
+dnl Checks whether a libtool shared or static library
dnl is finally built exclusively without the other.
dnl Results stored in following shell variables:
dnl xc_lt_build_shared_only
diff --git a/m4/zz50-xc-ovr.m4 b/m4/zz50-xc-ovr.m4
index 7e9ae592e..de0c84310 100644
--- a/m4/zz50-xc-ovr.m4
+++ b/m4/zz50-xc-ovr.m4
@@ -31,7 +31,7 @@ dnl file may override those provided in other files.
dnl Override some language related macros
dnl -------------------------------------------------
dnl This is done to prevent Libtool 1.5.X from doing
-dnl unnecesary C++, Fortran and Java tests when only
+dnl unnecessary C++, Fortran and Java tests when only
dnl using C language and reduce resulting configure
dnl script by nearly 300 Kb.
diff --git a/maketgz b/maketgz
index 2573e2be9..83cd4e7fb 100755
--- a/maketgz
+++ b/maketgz
@@ -9,7 +9,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -31,6 +31,11 @@ if [ -z "$version" ]; then
exit
fi
+if [ "xonly" = "x$2" ]; then
+ echo "Setup version number only!"
+ only=1
+fi
+
libversion="$version"
# we make curl the same version as libcurl
@@ -40,33 +45,57 @@ major=`echo $libversion |cut -d. -f1 | sed -e "s/[^0-9]//g"`
minor=`echo $libversion |cut -d. -f2 | sed -e "s/[^0-9]//g"`
patch=`echo $libversion |cut -d. -f3 | cut -d- -f1 | sed -e "s/[^0-9]//g"`
+if test -z "$patch"; then
+ echo "invalid version number? needs to be z.y.z"
+ exit
+fi
+
+#
+# As a precaution, remove all *.dist files that may be lying around, to reduce
+# the risk of old leftovers getting shipped. The root 'Makefile.dist' is the
+# exception.
+echo "removing all old *.dist files"
+find . -name "*.dist" -a ! -name Makefile.dist -exec rm {} \;
+
numeric=`perl -e 'printf("%02x%02x%02x\n", '"$major, $minor, $patch);"`
-HEADER=include/curl/curlver.h
+HEADER=include/gnurl/curlver.h
CHEADER=src/tool_version.h
+PLIST=lib/libcurl.plist
+
+if test -z "$only"; then
+ ext=".dist"
+ # when not setting up version numbers locally
+ for a in $HEADER $CHEADER $PLIST; do
+ cp $a "$a$ext"
+ done
+ HEADER="$HEADER$ext"
+ CHEADER="$CHEADER$ext"
+ PLIST="$PLIST$ext"
+fi
-# requires a date command that knows -u for UTC time zone
-datestamp=`LC_TIME=C date -u`
+# requires a date command that knows + for format
+datestamp=`date +"%F"`
# Replace version number in header file:
-sed -e 's/^#define LIBCURL_VERSION .*/#define LIBCURL_VERSION
"'$libversion'"/g' \
+sed -i -e 's/^#define LIBCURL_VERSION .*/#define LIBCURL_VERSION
"'$libversion'"/g' \
-e 's/^#define LIBCURL_VERSION_NUM .*/#define LIBCURL_VERSION_NUM
0x'$numeric'/g' \
-e 's/^#define LIBCURL_VERSION_MAJOR .*/#define LIBCURL_VERSION_MAJOR
'$major'/g' \
-e 's/^#define LIBCURL_VERSION_MINOR .*/#define LIBCURL_VERSION_MINOR
'$minor'/g' \
-e 's/^#define LIBCURL_VERSION_PATCH .*/#define LIBCURL_VERSION_PATCH
'$patch'/g' \
-e "s/^#define LIBCURL_TIMESTAMP .*/#define LIBCURL_TIMESTAMP
\"$datestamp\"/g" \
- $HEADER >$HEADER.dist
+ $HEADER
# Replace version number in header file:
-sed 's/#define CURL_VERSION .*/#define CURL_VERSION "'$curlversion'"/g'
$CHEADER >$CHEADER.dist
+sed -i 's/#define CURL_VERSION .*/#define CURL_VERSION "'$curlversion'"/g'
$CHEADER
-# Generate VC7, VC8, VC9, VC10, VC11, VC12 and VC14 versions from the VC6
-# Makefile versions
-for ver in vc7 vc8 vc9 vc10 vc11 vc12 vc14; do
- make -f Makefile.dist $ver
- mv src/Makefile.$ver src/Makefile.$ver.dist
- mv lib/Makefile.$ver lib/Makefile.$ver.dist
-done
+# Replace version number in plist file:
+sed -i "s/7\.12\.3/$libversion/g" $PLIST
+
+if test -n "$only"; then
+ # done!
+ exit;
+fi
# Replace version number in plist file:
PLIST=lib/libgnurl.plist
@@ -115,16 +144,18 @@ fi
############################################################################
#
-# Make sure we have updated HTML versions of all man pages:
+# Modify the man pages to display the version number and date.
#
-echo "make html"
-make -s html
-# And the PDF versions
-echo "make pdf"
-make -s pdf
+echo "update man pages"
+./scripts/updatemanpages.pl $version
-# And the IDE files
+# make the generated file newer than the man page
+touch src/tool_hugehelp.c
+
+############################################################################
+#
+# Update the IDE files
echo "make vc-ide"
make -s vc-ide
@@ -151,12 +182,12 @@ gzip -dc $targz | bzip2 --best > $bzip2
############################################################################
#
-# Now make an lzma archive from the tar.gz original
+# Now make an xz archive from the tar.gz original
#
-lzma="gnurl-$version.tar.lzma"
-echo "Generating $lzma"
-gzip -dc $targz | lzma --best - > $lzma
+xz="gnurl-$version.tar.xz"
+echo "Generating $xz"
+gzip -dc $targz | xz -6e - > $xz
############################################################################
#
@@ -182,7 +213,7 @@ makezip
echo "------------------"
echo "maketgz report:"
echo ""
-ls -l $targz $bzip2 $zip $lzma
+ls -l $targz $bzip2 $zip $xz
echo "Run this:"
-echo "gpg -b -a $targz && gpg -b -a $bzip2 && gpg -b -a $zip && gpg -b -a
$lzma"
+echo "gpg -b -a $targz && gpg -b -a $bzip2 && gpg -b -a $zip && gpg -b -a $xz"
diff --git a/packages/AIX/RPM/README b/packages/AIX/RPM/README
index 790beb80e..51615ad4c 100644
--- a/packages/AIX/RPM/README
+++ b/packages/AIX/RPM/README
@@ -29,5 +29,5 @@ Default is to build with ssl support.
Lastly, the spec file expects the Curl source distribution file to be
in .tar.bz2 format.
-The nifty cURL header of this README is a ripoff of the vms/readme file.
+The nifty curl header of this README is a ripoff of the vms/readme file.
diff --git a/packages/AIX/RPM/curl.spec.in b/packages/AIX/RPM/curl.spec.in
index c64a0b759..634fc71a0 100644
--- a/packages/AIX/RPM/curl.spec.in
+++ b/packages/AIX/RPM/curl.spec.in
@@ -36,7 +36,7 @@ Note: this version is compiled without SSL support.
%endif
%package devel
-Summary: Development files for the curl libary
+Summary: Development files for the curl library
Group: Development/Libraries
%if %{SSL} == 1
Requires: openssl >= 0.9.5
diff --git a/packages/Android/Android.mk b/packages/Android/Android.mk
index 301ab9e7c..72f5e231f 100644
--- a/packages/Android/Android.mk
+++ b/packages/Android/Android.mk
@@ -59,9 +59,8 @@ common_CFLAGS := -Wpointer-arith -Wwrite-strings -Wunused
-Winline -Wnested-exte
include $(CLEAR_VARS)
include $(LOCAL_PATH)/lib/Makefile.inc
CURL_HEADERS := \
- curlbuild.h \
curl.h \
- curlrules.h \
+ system.h \
curlver.h \
easy.h \
mprintf.h \
diff --git a/packages/DOS/common.dj b/packages/DOS/common.dj
index 85b611c49..e069ce68a 100644
--- a/packages/DOS/common.dj
+++ b/packages/DOS/common.dj
@@ -1,7 +1,7 @@
#
# Common defines for curl (djgpp/Watt-32)
#
-# Assumes you've unpacked cURL with long-file names
+# Assumes you've unpacked curl with long-file names
# I.e use "set LFN=y" before untaring on Win9x/XP.
# Requires sed, yacc, rm and the usual stuff.
#
diff --git a/packages/EPM/curl.list.in b/packages/EPM/curl.list.in
index 00f05fb1d..0311bc726 100644
--- a/packages/EPM/curl.list.in
+++ b/packages/EPM/curl.list.in
@@ -16,7 +16,7 @@ address@hidden@
%vendor Daniel Stenberg, <address@hidden>
%license ${srcdir}/MITX.txt
%readme ${srcdir}/README
-%description Curl is a command line tool for transfering data specified
+%description Curl is a command line tool for transferring data specified
%description with URL syntax
%version @VERSION@
%packager Giuseppe "Cowo" Corbelli <address@hidden>
@@ -52,9 +52,9 @@ f 0755 cowo pppusers ${libdir}/libcurl.la
./lib/.libs/libcurl.la
f 0644 cowo pppusers ${libdir}/libcurl.a ./lib/.libs/libcurl.a
f 0755 cowo pppusers ${bindir}/curl ./src/curl
f 0755 cowo pppusers ${bindir}/curl ./src/.libs/curl
-f 0644 cowo pppusers ${includedir}/curl/curl.h ./include/curl/curl.h
-f 0644 cowo pppusers ${includedir}/curl/easy.h ./include/curl/easy.h
-f 0644 cowo pppusers ${includedir}/curl/mprintf.h ./include/curl/mprintf.h
-f 0644 cowo pppusers ${includedir}/curl/stdcheaders.h
./include/curl/stdcheaders.h
-f 0644 cowo pppusers ${includedir}/curl/types.h ./include/curl/types.h
+f 0644 cowo pppusers ${includedir}/gnurl/curl.h ./include/gnurl/curl.h
+f 0644 cowo pppusers ${includedir}/gnurl/easy.h ./include/gnurl/easy.h
+f 0644 cowo pppusers ${includedir}/gnurl/mprintf.h ./include/gnurl/mprintf.h
+f 0644 cowo pppusers ${includedir}/gnurl/stdcheaders.h
./include/gnurl/stdcheaders.h
+f 0644 cowo pppusers ${includedir}/gnurl/types.h ./include/gnurl/types.h
f 0755 cowo pppusers ${bindir}/curl-config ./curl-config
diff --git a/packages/OS400/README.OS400 b/packages/OS400/README.OS400
index 24cf39e64..552a3cb77 100644
--- a/packages/OS400/README.OS400
+++ b/packages/OS400/README.OS400
@@ -63,6 +63,7 @@ designer. CCSID 0 can be used to select the current job's
CCSID.
_ curl_easy_setopt_ccsid()
Variable arguments are a string pointer and a CCSID (unsigned int) for
options:
+ CURLOPT_ABSTRACT_UNIX_SOCKET
CURLOPT_CAINFO
CURLOPT_CAPATH
CURLOPT_COOKIE
@@ -76,25 +77,39 @@ options:
CURLOPT_DNS_SERVERS
CURLOPT_EGDSOCKET
CURLOPT_ENCODING
+ CURLOPT_FTPPORT
CURLOPT_FTP_ACCOUNT
CURLOPT_FTP_ALTERNATIVE_TO_USER
- CURLOPT_FTPPORT
CURLOPT_INTERFACE
CURLOPT_ISSUERCERT
CURLOPT_KEYPASSWD
CURLOPT_KRBLEVEL
CURLOPT_LOGIN_OPTIONS
- CURLOPT_MAIL_FROM
CURLOPT_MAIL_AUTH
+ CURLOPT_MAIL_FROM
CURLOPT_NETRC_FILE
CURLOPT_NOPROXY
CURLOPT_PASSWORD
CURLOPT_PINNEDPUBLICKEY
+ CURLOPT_PRE_PROXY
CURLOPT_PROXY
CURLOPT_PROXYPASSWORD
CURLOPT_PROXYUSERNAME
CURLOPT_PROXYUSERPWD
+ CURLOPT_PROXY_CAINFO
+ CURLOPT_PROXY_CAPATH
+ CURLOPT_PROXY_CRLFILE
+ CURLOPT_PROXY_KEYPASSWD
+ CURLOPT_PROXY_PINNEDPUBLICKEY
CURLOPT_PROXY_SERVICE_NAME
+ CURLOPT_PROXY_SSLCERT
+ CURLOPT_PROXY_SSLCERTTYPE
+ CURLOPT_PROXY_SSLKEY
+ CURLOPT_PROXY_SSLKEYTYPE
+ CURLOPT_PROXY_SSL_CIPHER_LIST
+ CURLOPT_PROXY_TLSAUTH_PASSWORD
+ CURLOPT_PROXY_TLSAUTH_TYPE
+ CURLOPT_PROXY_TLSAUTH_USERNAME
CURLOPT_RANDOM_FILE
CURLOPT_RANGE
CURLOPT_REFERER
@@ -109,10 +124,10 @@ options:
CURLOPT_SSH_PUBLIC_KEYFILE
CURLOPT_SSLCERT
CURLOPT_SSLCERTTYPE
- CURLOPT_SSL_CIPHER_LIST
CURLOPT_SSLENGINE
CURLOPT_SSLKEY
CURLOPT_SSLKEYTYPE
+ CURLOPT_SSL_CIPHER_LIST
CURLOPT_TLSAUTH_PASSWORD
CURLOPT_TLSAUTH_TYPE
CURLOPT_TLSAUTH_USERNAME
@@ -160,6 +175,7 @@ use:
CURLINFO_PRIMARY_IP
CURLINFO_RTSP_SESSION_ID
CURLINFO_LOCAL_IP
+ CURLINFO_SCHEME
Likewise, the following options are followed by a struct curl_slist * * and a
CCSID.
CURLINFO_SSL_ENGINES
@@ -260,7 +276,7 @@ _ CURL.INC member in file H. This defines everything needed
by an ILE/RPG
program using libcurl.
_ LIBxxx modules and programs. Although the test environment is not supported
on OS/400, the libcurl test programs are compiled for manual tests.
-_ IFS directory /curl/include/curl containg the C header files for IFS source
+_ IFS directory /curl/include/curl containing the C header files for IFS source
C/C++ compilation and curl.inc.rpgle for IFS source ILE/RPG compilation.
diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c
index 3b08bef7d..de2c9cc01 100644
--- a/packages/OS400/ccsidcurl.c
+++ b/packages/OS400/ccsidcurl.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -615,7 +615,7 @@ curl_easy_getinfo_ccsid(CURL * curl, CURLINFO info, ...)
struct curl_certinfo * cipf;
struct curl_certinfo * cipt;
- /* WARNING: unlike curl_easy_get_info(), the strings returned by this
+ /* WARNING: unlike curl_easy_getinfo(), the strings returned by this
procedure have to be free'ed. */
data = (struct Curl_easy *) curl;
@@ -797,7 +797,7 @@ curl_formadd_ccsid(struct curl_httppost * * httppost,
unsigned int contentccsid;
unsigned int nameccsid;
- /* A single curl_formadd() call cannot be splitted in several calls to deal
+ /* A single curl_formadd() call cannot be split in several calls to deal
with all parameters: the original parameters are thus copied to a local
curl_forms array and converted to ASCII when needed.
CURLFORM_PTRNAME is processed as if it were CURLFORM_COPYNAME.
@@ -1135,6 +1135,7 @@ curl_easy_setopt_ccsid(CURL * curl, CURLoption tag, ...)
switch (tag) {
+ case CURLOPT_ABSTRACT_UNIX_SOCKET:
case CURLOPT_CAINFO:
case CURLOPT_CAPATH:
case CURLOPT_COOKIE:
@@ -1147,25 +1148,39 @@ curl_easy_setopt_ccsid(CURL * curl, CURLoption tag, ...)
case CURLOPT_DNS_SERVERS:
case CURLOPT_EGDSOCKET:
case CURLOPT_ENCODING:
+ case CURLOPT_FTPPORT:
case CURLOPT_FTP_ACCOUNT:
case CURLOPT_FTP_ALTERNATIVE_TO_USER:
- case CURLOPT_FTPPORT:
case CURLOPT_INTERFACE:
case CURLOPT_ISSUERCERT:
case CURLOPT_KEYPASSWD:
case CURLOPT_KRBLEVEL:
case CURLOPT_LOGIN_OPTIONS:
- case CURLOPT_MAIL_FROM:
case CURLOPT_MAIL_AUTH:
+ case CURLOPT_MAIL_FROM:
case CURLOPT_NETRC_FILE:
case CURLOPT_NOPROXY:
case CURLOPT_PASSWORD:
case CURLOPT_PINNEDPUBLICKEY:
+ case CURLOPT_PRE_PROXY:
case CURLOPT_PROXY:
case CURLOPT_PROXYPASSWORD:
case CURLOPT_PROXYUSERNAME:
case CURLOPT_PROXYUSERPWD:
+ case CURLOPT_PROXY_CAINFO:
+ case CURLOPT_PROXY_CAPATH:
+ case CURLOPT_PROXY_CRLFILE:
+ case CURLOPT_PROXY_KEYPASSWD:
+ case CURLOPT_PROXY_PINNEDPUBLICKEY:
case CURLOPT_PROXY_SERVICE_NAME:
+ case CURLOPT_PROXY_SSLCERT:
+ case CURLOPT_PROXY_SSLCERTTYPE:
+ case CURLOPT_PROXY_SSLKEY:
+ case CURLOPT_PROXY_SSLKEYTYPE:
+ case CURLOPT_PROXY_SSL_CIPHER_LIST:
+ case CURLOPT_PROXY_TLSAUTH_PASSWORD:
+ case CURLOPT_PROXY_TLSAUTH_TYPE:
+ case CURLOPT_PROXY_TLSAUTH_USERNAME:
case CURLOPT_RANDOM_FILE:
case CURLOPT_RANGE:
case CURLOPT_REFERER:
@@ -1180,10 +1195,10 @@ curl_easy_setopt_ccsid(CURL * curl, CURLoption tag, ...)
case CURLOPT_SSH_PUBLIC_KEYFILE:
case CURLOPT_SSLCERT:
case CURLOPT_SSLCERTTYPE:
- case CURLOPT_SSL_CIPHER_LIST:
case CURLOPT_SSLENGINE:
case CURLOPT_SSLKEY:
case CURLOPT_SSLKEYTYPE:
+ case CURLOPT_SSL_CIPHER_LIST:
case CURLOPT_TLSAUTH_PASSWORD:
case CURLOPT_TLSAUTH_TYPE:
case CURLOPT_TLSAUTH_USERNAME:
diff --git a/packages/OS400/curl.inc.in b/packages/OS400/curl.inc.in
index 486f655e9..e4d2d30ca 100644
--- a/packages/OS400/curl.inc.in
+++ b/packages/OS400/curl.inc.in
@@ -127,6 +127,8 @@
d c X'00080000'
d CURL_VERSION_PSL...
d c X'00100000'
+ d CURL_VERSION_HTTPS_PROXY...
+ d c X'00200000'
*
d CURL_HTTPPOST_FILENAME...
d c X'00000001'
@@ -258,6 +260,18 @@
d c 5
d CURL_SSLVERSION_TLSv1_2...
d c 6
+ d CURL_SSLVERSION_TLSv1_3...
+ d c 7
+ d CURL_SSLVERSION_MAX_DEFAULT...
+ d c X'00010000'
+ d CURL_SSLVERSION_MAX_TLSv1_0...
+ d c X'00040000'
+ d CURL_SSLVERSION_MAX_TLSv1_1...
+ d c X'00050000'
+ d CURL_SSLVERSION_MAX_TLSv1_2...
+ d c X'00060000'
+ d CURL_SSLVERSION_MAX_TLSv1_3...
+ d c X'00070000'
*
d CURL_TLSAUTH_NONE...
d c 0
@@ -655,6 +669,8 @@
d c 0
d CURLPROXY_HTTP_1_0...
d c 1
+ d CURLPROXY_HTTPS...
+ d c 2
d CURLPROXY_SOCKS4...
d c 4
d CURLPROXY_SOCKS5...
@@ -1254,6 +1270,48 @@
d c 10243
d CURLOPT_TCP_FASTOPEN...
d c 00244
+ d CURLOPT_KEEP_SENDING_ON_ERROR...
+ d c 00245
+ d CURLOPT_PROXY_CAINFO...
+ d c 10246
+ d CURLOPT_PROXY_CAPATH...
+ d c 10247
+ d CURLOPT_PROXY_SSL_VERIFYPEER...
+ d c 00248
+ d CURLOPT_PROXY_SSL_VERIFYHOST...
+ d c 00249
+ d CURLOPT_PROXY_SSLVERSION...
+ d c 00250
+ d CURLOPT_PROXY_TLSAUTH_USERNAME...
+ d c 10251
+ d CURLOPT_PROXY_TLSAUTH_PASSWORD...
+ d c 10252
+ d CURLOPT_PROXY_TLSAUTH_TYPE...
+ d c 10253
+ d CURLOPT_PROXY_SSLCERT...
+ d c 10254
+ d CURLOPT_PROXY_SSLCERTTYPE...
+ d c 10255
+ d CURLOPT_PROXY_SSLKEY...
+ d c 10256
+ d CURLOPT_PROXY_SSLKEYTYPE...
+ d c 10257
+ d CURLOPT_PROXY_KEYPASSWD...
+ d c 10258
+ d CURLOPT_PROXY_SSL_CIPHER_LIST...
+ d c 10259
+ d CURLOPT_PROXY_CRLFILE...
+ d c 10260
+ d CURLOPT_PROXY_SSL_OPTIONS...
+ d c 00261
+ d CURLOPT_PRE_PROXY...
+ d c 10262
+ d CURLOPT_PROXY_PINNEDPUBLICKEY...
+ d c 10263
+ d CURLOPT_ABSTRACT_UNIX_SOCKET...
+ d c 10264
+ d CURLOPT_SUPPRESS_CONNECT_HEADERS...
+ d c 00265
*
/if not defined(CURL_NO_OLDIES)
d CURLOPT_FILE c 10001
@@ -1440,6 +1498,12 @@
d c X'0040002D'
d CURLINFO_HTTP_VERSION...
CURLINFO_LONG + 46
d c X'0020002E'
+ d CURLINFO_PROXY_SSL_VERIFYRESULT...
CURLINFO_LONG + 47
+ d c X'0020002F'
+ d CURLINFO_PROTOCOL...
CURLINFO_LONG + 48
+ d c X'00200030'
+ d CURLINFO_SCHEME...
CURLINFO_STRING + 49
+ d c X'00100031'
*
d CURLINFO_HTTP_CODE...
Old ...RESPONSE_CODE
d c X'00200002'
diff --git a/packages/OS400/initscript.sh b/packages/OS400/initscript.sh
index a13d651bc..c9932c49b 100644
--- a/packages/OS400/initscript.sh
+++ b/packages/OS400/initscript.sh
@@ -73,22 +73,22 @@ setenv LIBSSH2_BNDDIR 'LIBSSH2_A' # LIBSSH2
binding directory.
# Need to get the version definitions.
LIBCURL_VERSION=`grep '^#define *LIBCURL_VERSION ' \
- "${TOPDIR}/include/curl/curlver.h" |
+ "${TOPDIR}/include/gnurl/curlver.h" |
sed 's/.*"\(.*\)".*/\1/'`
LIBCURL_VERSION_MAJOR=`grep '^#define *LIBCURL_VERSION_MAJOR ' \
- "${TOPDIR}/include/curl/curlver.h" |
+ "${TOPDIR}/include/gnurl/curlver.h" |
sed 's/^#define *LIBCURL_VERSION_MAJOR *\([^ ]*\).*/\1/'`
LIBCURL_VERSION_MINOR=`grep '^#define *LIBCURL_VERSION_MINOR ' \
- "${TOPDIR}/include/curl/curlver.h" |
+ "${TOPDIR}/include/gnurl/curlver.h" |
sed 's/^#define *LIBCURL_VERSION_MINOR *\([^ ]*\).*/\1/'`
LIBCURL_VERSION_PATCH=`grep '^#define *LIBCURL_VERSION_PATCH ' \
- "${TOPDIR}/include/curl/curlver.h" |
+ "${TOPDIR}/include/gnurl/curlver.h" |
sed 's/^#define *LIBCURL_VERSION_PATCH *\([^ ]*\).*/\1/'`
LIBCURL_VERSION_NUM=`grep '^#define *LIBCURL_VERSION_NUM ' \
- "${TOPDIR}/include/curl/curlver.h" |
+ "${TOPDIR}/include/gnurl/curlver.h" |
sed 's/^#define *LIBCURL_VERSION_NUM *0x\([^ ]*\).*/\1/'`
LIBCURL_TIMESTAMP=`grep '^#define *LIBCURL_TIMESTAMP ' \
- "${TOPDIR}/include/curl/curlver.h" |
+ "${TOPDIR}/include/gnurl/curlver.h" |
sed 's/.*"\(.*\)".*/\1/'`
export LIBCURL_VERSION
export LIBCURL_VERSION_MAJOR LIBCURL_VERSION_MINOR LIBCURL_VERSION_PATCH
@@ -190,7 +190,7 @@ make_module()
CMD="${CMD} SYSIFCOPT(*IFS64IO) OPTION(*INCDIRFIRST)"
CMD="${CMD} LOCALETYPE(*LOCALE) FLAG(10)"
CMD="${CMD} INCDIR('/qibm/proddata/qadrt/include'"
- CMD="${CMD} '${TOPDIR}/include/curl' '${TOPDIR}/include' '${SRCDIR}'"
+ CMD="${CMD} '${TOPDIR}/include/gnurl' '${TOPDIR}/include' '${SRCDIR}'"
CMD="${CMD} '${TOPDIR}/packages/OS400'"
if [ "${WITH_ZLIB}" != "0" ]
diff --git a/packages/OS400/make-include.sh b/packages/OS400/make-include.sh
index ad72cf4a7..3c50d2d5f 100644
--- a/packages/OS400/make-include.sh
+++ b/packages/OS400/make-include.sh
@@ -8,15 +8,6 @@ SCRIPTDIR=`dirname "${0}"`
cd "${TOPDIR}/include"
-# Produce the curlbuild.h header file if not yet in distribution (CVS).
-
-if action_needed curl/curlbuild.h
-then if action_needed curl/curlbuild.h curl/curlbuild.h.dist
- then cp -p curl/curlbuild.h.dist curl/curlbuild.h
- fi
-fi
-
-
# Create the OS/400 source program file for the header files.
SRCPF="${LIBIFSNAME}/H.FILE"
diff --git a/packages/OS400/os400sys.c b/packages/OS400/os400sys.c
index 89837bdc1..8ae635e43 100644
--- a/packages/OS400/os400sys.c
+++ b/packages/OS400/os400sys.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,7 +23,7 @@
/* OS/400 additional support. */
-#include "curlbuild.h"
+#include <curl/curl.h>
#include "config-os400.h" /* Not curl_setup.h: we only need some defines. */
#include <sys/types.h>
diff --git a/packages/Symbian/group/curl.mmp b/packages/Symbian/group/curl.mmp
index 28498ce7b..4b304a3d9 100644
--- a/packages/Symbian/group/curl.mmp
+++ b/packages/Symbian/group/curl.mmp
@@ -1,5 +1,5 @@
//
-// cURL network retrieval client
+// curl network retrieval client
//
TARGET curl.exe
@@ -49,7 +49,7 @@ SOURCE \
SOURCEPATH ../../../lib
SOURCE \
- rawstr.c nonblock.c
+ strcase.c nonblock.c
USERINCLUDE ../../../src ../../../lib ../../../include/curl
diff --git a/packages/Symbian/group/libcurl.mmp
b/packages/Symbian/group/libcurl.mmp
index f74b19b53..6388bbd73 100644
--- a/packages/Symbian/group/libcurl.mmp
+++ b/packages/Symbian/group/libcurl.mmp
@@ -1,5 +1,5 @@
//
-// libcurl.dll cURL network retrieval client library
+// libcurl.dll curl network retrieval client library
//
// Build-time options (uncomment these to enable)
@@ -31,7 +31,7 @@ SOURCE \
http_negotiate.c inet_pton.c strtoofft.c strerror.c amigaos.c \
hostasyn.c hostip4.c hostip6.c hostsyn.c inet_ntop.c parsedate.c \
select.c vtls/gtls.c vtls/vtls.c tftp.c splay.c strdup.c socks.c \
- ssh.c vtls/nss.c rawstr.c curl_addrinfo.c socks_gssapi.c \
+ ssh.c vtls/nss.c strcase.c curl_addrinfo.c socks_gssapi.c \
socks_sspi.c curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c \
pop3.c smtp.c pingpong.c rtsp.c curl_threads.c warnless.c hmac.c \
vtls/polarssl.c curl_rtmp.c openldap.c curl_gethostname.c gopher.c \
diff --git a/packages/Symbian/readme.txt b/packages/Symbian/readme.txt
index 57b899f91..d6312fbe3 100644
--- a/packages/Symbian/readme.txt
+++ b/packages/Symbian/readme.txt
@@ -70,7 +70,7 @@ P.I.P.S. causes a USER:87 panic if certain timeouts much
longer than
half an hour are selected.
LDAP, SCP or SFTP methods are not supported due to lack of support for
-the dependent libaries on Symbian.
+the dependent libraries on Symbian.
gzip and deflate decompression is supported when the appropriate macro
is uncommented in the libcurl.mmp file.
diff --git a/packages/Win32/README b/packages/Win32/README
index eb5d0a6a5..b37b57532 100644
--- a/packages/Win32/README
+++ b/packages/Win32/README
@@ -20,7 +20,7 @@ marker, you'll want to rejoin the pieces to be all on one
line in the batch
file). Call any of these batch files - after compiling the curl binaries -
with a single parameter specifying the name of the archive file to be created.
-It is implicitely assumed that all of the binary files (curl.exe, libcurl.a,
+It is implicitly assumed that all of the binary files (curl.exe, libcurl.a,
etc) have previously been copied to the main directory of the curl source
package (the directory where the main README resides), because that is where
they should end up in the zip archive. The archive should *not* be built with
diff --git a/packages/Win32/cygwin/README b/packages/Win32/cygwin/README
index a0811de76..9a61341de 100644
--- a/packages/Win32/cygwin/README
+++ b/packages/Win32/cygwin/README
@@ -12,7 +12,7 @@ Dependencies:
- Cygwin
- OpenSSL 0.9.6b-2+ (*)
- (*) cURL can be built without SSL support, see below for details
+ (*) curl can be built without SSL support, see below for details
Canonical Homepage and Downloads:
@@ -40,8 +40,8 @@ Build Instructions (to recompile from the cygwin source
tarball):
(**) LibTool 1.4.2 had a bug related to cygwin's use of ".exe" extensions,
such that "make install" blew up at curl.exe. See this URL for details:
- http://mail.gnu.org/pipermail/libtool/2001-September/005549.html
- The copy of ltmain.sh that is distributed with cURL includes this patch.
+ https://lists.gnu.org/archive/html/libtool/2001-09/msg00101.html
+ The copy of ltmain.sh that is distributed with curl includes this patch.
As of curl 7.9.1, the official source compiles (under Cygwin) and tests
100% cleanly OOTB (Out Of The Box)
@@ -100,9 +100,9 @@ Packaging Instructions:
requires: cygwin openssl
@ curl-devel
- sdesc: "(lib)cURL headers, static libraries, developer docs and samples"
+ sdesc: "(lib)curl headers, static libraries, developer docs and samples"
ldesc: "curl-devel is the developer-oriented (non-run-time) parts
- of the cURL package. It includes header files, static libraries,
+ of the curl package. It includes header files, static libraries,
example source code snippets, and the libcurl man pages."
category: Web Libs Devel
requires: cygwin openssl curl
@@ -110,5 +110,5 @@ Packaging Instructions:
Cygwin port maintained by:
Kevin Roth <kproth @ users . sourceforge . net>
- Questions about cURL should be directed to address@hidden
+ Questions about curl should be directed to address@hidden
Questions about this cygwin package go to address@hidden
diff --git a/packages/vms/clean_gnv_curl.com b/packages/vms/clean_gnv_curl.com
index 24ecb11e7..67b9d9db6 100644
--- a/packages/vms/clean_gnv_curl.com
+++ b/packages/vms/clean_gnv_curl.com
@@ -11,7 +11,7 @@ $!
$! This should be run with no parameters after the gnv_curl_configure.sh
$! script is run.
$!
-$! Paramter P1: REALCLEAN
+$! Parameter P1: REALCLEAN
$! This removes all build products and brings the environment back to
$! the point where the gnv_curl_configure.sh procedure needs to be run again.
$!
@@ -105,9 +105,6 @@ $!
$ file = "lcl_root:[...]*.lai"
$ if f$search(file) .nes. "" then delete 'file';*
$!
-$ file = "lcl_root:[.include.curl]curlbuild.h_old"
-$ if f$search(file) .nes. "" then delete 'file';*
-$!
$ file = "lcl_root:[.packages.vms]curl-*_original_src.bck"
$ if f$search(file) .nes. "" then delete 'file';*
$!
@@ -166,9 +163,6 @@ $!
$ file = "lcl_root:[]config.h"
$ if f$search(file) .nes. "" then delete 'file';*
$!
-$ file = "lcl_root:[.include.curl]curlbuild.h"
-$ if f$search(file) .nes. "" then delete 'file';*
-$!
$ file = "lcl_root:[.src]config.h"
$ if f$search(file) .nes. "" then delete 'file';*
$!
diff --git a/packages/vms/curl_gnv_build_steps.txt
b/packages/vms/curl_gnv_build_steps.txt
index 83534c002..3420aae73 100644
--- a/packages/vms/curl_gnv_build_steps.txt
+++ b/packages/vms/curl_gnv_build_steps.txt
@@ -235,7 +235,7 @@ branding the PCSI kit based on who is making the kit.
Since at this time curl does not need this alias procedure, the steps
to automatically build it are not included here.
- While newer versions of PCSI can support ODS-5 filenames, not all verions
+ While newer versions of PCSI can support ODS-5 filenames, not all
versions
of PCSI on systems that have ODS-5 filenames do. So as a post install
step, the PCSI kit built by these steps does a rename to the correct
case as a post install step.
diff --git a/packages/vms/generate_vax_transfer.com
b/packages/vms/generate_vax_transfer.com
index 115db8a8c..92391f92e 100644
--- a/packages/vms/generate_vax_transfer.com
+++ b/packages/vms/generate_vax_transfer.com
@@ -219,7 +219,7 @@ $deck
; The first for upper case which matches the tradition method of generating
; VAX transfer vectors.
;
-; The second is the exact case for compatibilty with open source C programs
+; The second is the exact case for compatibility with open source C programs
; that expect exact case symbols in images. These are separated because a
; previous kit had only upper case symbols.
;
diff --git a/packages/vms/gnv_link_curl.com b/packages/vms/gnv_link_curl.com
index b7e608386..64b0aa87e 100644
--- a/packages/vms/gnv_link_curl.com
+++ b/packages/vms/gnv_link_curl.com
@@ -262,7 +262,7 @@ version or a compatible later version.
For Alpha and IA64 platforms, see the url below to register to get the
download URL. The kit will be HP 1.4-467 or later.
- http://h71000.www7.hp.com/openvms/products/ssl/ssl.html
+ https://h41379.www4.hpe.com/openvms/products/ssl/ssl.html
For VAX, use the same registration, but remove the kit name from any of the
download URLs provided and put in CPQ-VAXVMS-SSL-V0101-B-1.PCSI-DCX_VAXEXE
@@ -416,7 +416,7 @@ $ link'ldebug'/exe=[.src]curl.exe/dsf=[.src]curl.dsf -
[.src]curl-tool_urlglob.o, [.src]curl-tool_util.o, -
[.src]curl-tool_vms.o, [.src]curl-tool_writeenv.o, -
[.src]curl-tool_writeout.o, [.src]curl-tool_xattr.o, -
- [.src]curl-strtoofft.o, [.src]curl-strdup.o, [.src]curl-rawstr.o, -
+ [.src]curl-strtoofft.o, [.src]curl-strdup.o, [.src]curl-strcase.o, -
[.src]curl-nonblock.o, gnv_packages_vms:curlmsg.obj,-
sys$input:/opt
gnv$libcurl/share
@@ -428,7 +428,7 @@ $ curl_dsf = "[.src]curl.dsf"
$ curl_main = "[.packages.vms.''arch_name']tool_main.obj"
$ curl_src = "[.packages.vms.''arch_name']curlsrc.olb"
$ curl_lib = "[.packages.vms.''arch_name']curllib.olb"
-$ rawstr = "rawstr"
+$ strcase = "strcase"
$ nonblock = "nonblock"
$ warnless = "warnless"
$!
@@ -436,7 +436,7 @@ $! Extended parse style requires special quoting
$!
$ if (arch_name .nes. "VAX") .and. (parse_style .eqs. "EXTENDED")
$ then
-$ rawstr = """rawstr"""
+$ strcase = """strcase"""
$ nonblock = """nonblock"""
$ warnless = """warnless"""
$ endif
@@ -446,7 +446,7 @@ $ define/user gnv$libcurl 'gnv_libcurl_share'
$ link'ldebug'/exe='curl_exe'/dsf='curl_dsf' -
'curl_main','curl_src'/lib, -
'curl_lib'/library/include=-
- ('rawstr','nonblock','warnless'),-
+ ('strcase','nonblock','warnless'),-
gnv_packages_vms:curlmsg.obj,-
sys$input:/opt
gnv$libcurl/share
diff --git a/packages/vms/pcsi_gnv_curl_file_list.txt
b/packages/vms/pcsi_gnv_curl_file_list.txt
index ab5b633dc..07539b2cd 100644
--- a/packages/vms/pcsi_gnv_curl_file_list.txt
+++ b/packages/vms/pcsi_gnv_curl_file_list.txt
@@ -58,8 +58,7 @@
[gnv.usr.bin]curl-config.
[gnv.usr.bin]gnv$curl.exe
[gnv.usr.include.curl]curl.h
-[gnv.usr.include.curl]curlbuild.h
-[gnv.usr.include.curl]curlrules.h
+[gnv.usr.include.curl]system.h
[gnv.usr.include.curl]curlver.h
[gnv.usr.include.curl]easy.h
[gnv.usr.include.curl]mprintf.h
diff --git a/packages/vms/readme b/packages/vms/readme
index 1b2458053..ddfac747a 100644
--- a/packages/vms/readme
+++ b/packages/vms/readme
@@ -83,13 +83,13 @@ curl_startup.com A procedure run at VMS startup to
install the
libcurl shared image and to set up the needed
logical names.
-curlmsg.h C header defining cURL status code macros.
+curlmsg.h C header defining curl status code macros.
curlmsg.msg Error message source for curlmsg.h and curlmsg.sdl.
-curlmsg.sdl SDL source defining cURL status code constants.
+curlmsg.sdl SDL source defining curl status code constants.
-curlmsg_vms.h Mapping of cURL status codes to VMS-form codes.
+curlmsg_vms.h Mapping of curl status codes to VMS-form codes.
generate_config_vms_h_curl.com
DCL procedure to generate the curl specific
@@ -115,9 +115,9 @@ gnv_link_curl.com Links the libcurl shared image and
then links a curl
macro32_exactcase.patch The patch file needed to modify VAX Macro32 to be
case sensitive and case preserving.
-Makefile.am cURL kit file list for this directory.
+Makefile.am curl kit file list for this directory.
-Makefile.in cURL kit makefile source for this directory.
+Makefile.in curl kit makefile source for this directory.
make_gnv_curl_install.sh
Script to do a make install using GNV after running
@@ -218,7 +218,7 @@ allow interrupted downloads to be continued.
The libcurl file module still does not understand VMS file types and requires
-the input files to be in STREAM_LF to work propery.
+the input files to be in STREAM_LF to work property.
The test suites are not supported as of 7.11.0.
diff --git a/packages/vms/stage_curl_install.com
b/packages/vms/stage_curl_install.com
index 0dccdd6af..84540d739 100644
--- a/packages/vms/stage_curl_install.com
+++ b/packages/vms/stage_curl_install.com
@@ -11,8 +11,6 @@ $! [usr.bin]curl-config.
$! [usr.lib]gnv$libcurl.exe
$! [usr.bin]curl. hard link for [usr.bin]gnv$curl.exe
$! [usr.include.curl]curl.h
-$! [usr.include.curl]curlbuild.h
-$! [usr.include.curl]curlrules.h
$! [usr.include.curl]curlver.h
$! [usr.include.curl]easy.h
$! [usr.include.curl]mprintf.h
@@ -132,10 +130,8 @@ $!
$ if remove_files .eq. 0
$ then
$ copy [--.include.curl]curl.h 'new_gnu'[usr.include.curl]curl.h
-$ copy [--.include.curl]curlbuild.h -
- 'new_gnu'[usr.include.curl]curlbuild.h
-$ copy [--.include.curl]curlrules.h -
- 'new_gnu'[usr.include.curl]curlrules.h
+$ copy [--.include.curl]system.h -
+ 'new_gnu'[usr.include.curl]system.h
$ copy [--.include.curl]curlver.h -
'new_gnu'[usr.include.curl]curlver.h
$ copy [--.include.curl]easy.h -
diff --git a/packages/vms/vms_eco_level.h b/packages/vms/vms_eco_level.h
index 435340775..354875bbb 100644
--- a/packages/vms/vms_eco_level.h
+++ b/packages/vms/vms_eco_level.h
@@ -19,7 +19,7 @@
*/
/* This file should be incremented for each ECO that is kit */
-/* for a specific cURL x.y-z release. */
+/* for a specific curl x.y-z release. */
/* When any part of x.y-z is incremented, the ECO should be set back to 0 */
#ifndef _VMS_ECO_LEVEL_H
diff --git a/projects/Windows/.gitattributes b/projects/Windows/.gitattributes
new file mode 100644
index 000000000..391fd002c
--- /dev/null
+++ b/projects/Windows/.gitattributes
@@ -0,0 +1 @@
+*.sln eol=crlf
diff --git a/projects/checksrc.bat b/projects/checksrc.bat
index 5c83aabf9..3c38f50e6 100644
--- a/projects/checksrc.bat
+++ b/projects/checksrc.bat
@@ -104,7 +104,7 @@ rem
***************************************************************************
rem Check the lib directory
if exist %SRC_DIR%\lib (
for /f "delims=" %%i in ('dir "%SRC_DIR%\lib\*.c.*" /b 2^>NUL') do @perl
"%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\lib" "%%i"
- for /f "delims=" %%i in ('dir "%SRC_DIR%\lib\*.h.*" /b 2^>NUL') do @perl
"%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\lib" -Wcurl_config.h.cmake "%%i"
+ for /f "delims=" %%i in ('dir "%SRC_DIR%\lib\*.h.*" /b 2^>NUL') do @perl
"%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\lib" -Wcurl_config.h.cmake
-Wcurl_config.h.in -Wcurl_config.h "%%i"
)
rem Check the lib\vauth directory
diff --git a/projects/generate.bat b/projects/generate.bat
index 8209a5dd6..fbe3a9233 100644
--- a/projects/generate.bat
+++ b/projects/generate.bat
@@ -264,19 +264,18 @@ rem
for /f "delims=" %%r in ('dir /b ..\src\*.rc') do call :element %1 src
"%%r" %3
) else if "!var!" == "CURL_SRC_X_C_FILES" (
call :element %1 lib "strtoofft.c" %3
- call :element %1 lib "rawstr.c" %3
call :element %1 lib "nonblock.c" %3
call :element %1 lib "warnless.c" %3
) else if "!var!" == "CURL_SRC_X_H_FILES" (
call :element %1 lib "config-win32.h" %3
call :element %1 lib "curl_setup.h" %3
call :element %1 lib "strtoofft.h" %3
- call :element %1 lib "rawstr.h" %3
call :element %1 lib "nonblock.h" %3
call :element %1 lib "warnless.h" %3
) else if "!var!" == "CURL_LIB_C_FILES" (
for /f "delims=" %%c in ('dir /b ..\lib\*.c') do call :element %1 lib
"%%c" %3
) else if "!var!" == "CURL_LIB_H_FILES" (
+ for /f "delims=" %%h in ('dir /b ..\include\curl\*.h') do call :element
%1 include\curl "%%h" %3
for /f "delims=" %%h in ('dir /b ..\lib\*.h') do call :element %1 lib
"%%h" %3
) else if "!var!" == "CURL_LIB_RC_FILES" (
for /f "delims=" %%r in ('dir /b ..\lib\*.rc') do call :element %1 lib
"%%r" %3
diff --git a/projects/wolfssl_options.h b/projects/wolfssl_options.h
index 04752b811..f6af47cab 100644
--- a/projects/wolfssl_options.h
+++ b/projects/wolfssl_options.h
@@ -5,8 +5,8 @@ To remedy this issue for libcurl I've generated this options
file that
build-wolfssl will copy to the wolfSSL include directories and will result in
maximum compatibility.
-These are the configure options that were used to build wolfSSL v3.9.0 in mingw
-and generate the options in this file:
+These are the configure options that were used to build wolfSSL v3.11.0 in
+mingw and generate the options in this file:
C_EXTRA_FLAGS="\
-Wno-attributes \
@@ -17,12 +17,15 @@ C_EXTRA_FLAGS="\
-DWOLFSSL_STATIC_RSA \
" \
./configure --prefix=/usr/local \
+ --disable-jobserver \
--enable-aesgcm \
--enable-alpn \
--enable-certgen \
+ --enable-des3 \
--enable-dh \
--enable-dsa \
--enable-ecc \
+ --enable-eccshamir \
--enable-fastmath \
--enable-opensslextra \
--enable-ripemd \
@@ -93,6 +96,37 @@ extern "C" {
#undef OPENSSL_EXTRA
#define OPENSSL_EXTRA
+/*
+The commented out defines below are the equivalent of --enable-tls13.
+Uncomment them to build wolfSSL with TLS 1.3 support as of v3.11.1-tls13-beta.
+This is for experimenting only, afaict TLS 1.3 support doesn't appear to be
+functioning correctly yet. https://github.com/wolfSSL/wolfssl/pull/943
+
+#undef WC_RSA_PSS
+#define WC_RSA_PSS
+
+#undef WOLFSSL_TLS13
+#define WOLFSSL_TLS13
+
+#undef HAVE_TLS_EXTENSIONS
+#define HAVE_TLS_EXTENSIONS
+
+#undef HAVE_FFDHE_2048
+#define HAVE_FFDHE_2048
+
+#undef HAVE_HKDF
+#define HAVE_HKDF
+*/
+
+#undef TFM_TIMING_RESISTANT
+#define TFM_TIMING_RESISTANT
+
+#undef ECC_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+
+#undef WC_RSA_BLINDING
+#define WC_RSA_BLINDING
+
#undef HAVE_AESGCM
#define HAVE_AESGCM
@@ -162,6 +196,9 @@ extern "C" {
#undef HAVE_SUPPORTED_CURVES
#define HAVE_SUPPORTED_CURVES
+#undef HAVE_EXTENDED_MASTER
+#define HAVE_EXTENDED_MASTER
+
#undef WOLFSSL_TEST_CERT
#define WOLFSSL_TEST_CERT
@@ -174,6 +211,9 @@ extern "C" {
#undef USE_FAST_MATH
#define USE_FAST_MATH
+#undef WC_NO_ASYNC_THREADING
+#define WC_NO_ASYNC_THREADING
+
#ifdef __cplusplus
}
diff --git a/scripts/contributors.sh b/scripts/contributors.sh
index d62baade6..fcaaff878 100755
--- a/scripts/contributors.sh
+++ b/scripts/contributors.sh
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 2013-2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 2013-2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -47,6 +47,7 @@ fi
git log $start..HEAD | \
egrep -ai '(^Author|^Commit|by):' | \
cut -d: -f2- | \
+cut '-d(' -f1 | \
cut '-d<' -f1 | \
tr , '\012' | \
sed 's/ and /\n/' | \
diff --git a/scripts/contrithanks.sh b/scripts/contrithanks.sh
index 6ca7e832e..4d6d47a80 100755
--- a/scripts/contrithanks.sh
+++ b/scripts/contrithanks.sh
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 2013-2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 2013-2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -38,6 +38,7 @@ cat ./docs/THANKS
git log $start..HEAD | \
egrep -ai '(^Author|^Commit|by):' | \
cut -d: -f2- | \
+cut '-d(' -f1 | \
cut '-d<' -f1 | \
tr , '\012' | \
sed 's/ and /\n/' | \
diff --git a/scripts/coverage.sh b/scripts/coverage.sh
new file mode 100755
index 000000000..86cd7a122
--- /dev/null
+++ b/scripts/coverage.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+./buildconf
+mkdir -p cvr
+cd cvr
+../configure --disable-shared --enable-debug --enable-maintainer-mode
--enable-code-coverage
+make -sj
+# the regular test run
+make TFLAGS=-n test-nonflaky
+# make all allocs/file operations fail
+#make TFLAGS=-n test-torture
+# do everything event-based
+make TFLAGS=-n test-event
+lcov -d . -c -o cov.lcov
+genhtml cov.lcov --output-directory coverage --title "curl code coverage"
+tar -cjf curl-coverage.tar.bz2 coverage
diff --git a/scripts/installcheck.sh b/scripts/installcheck.sh
new file mode 100644
index 000000000..b26ba60f6
--- /dev/null
+++ b/scripts/installcheck.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+PREFIX=$1
+
+# Run this script in the root of the git clone. Point out the install prefix
+# where 'make install' has already installed curl.
+
+if test -z "$1"; then
+ echo "scripts/installcheck.sh [PREFIX]"
+ exit
+fi
+
+diff -u <(find docs/libcurl/ -name "*.3" -printf "%f\n" | grep -v template|
sort) <(find $PREFIX/share/man/ -name "*.3" -printf "%f\n" | sort)
+
+if test "$?" -ne "0"; then
+ echo "ERROR: installed libcurl docs mismatch"
+ exit 2
+fi
+
+diff -u <(find include/ -name "*.h" -printf "%f\n" | sort) <(find
$PREFIX/include/ -name "*.h" -printf "%f\n" | sort)
+
+if test "$?" -ne "0"; then
+ echo "ERROR: installed include files mismatch"
+ exit 1
+fi
+
+echo "installcheck: installed libcurl docs and include files look good"
diff --git a/scripts/updatemanpages.pl b/scripts/updatemanpages.pl
new file mode 100755
index 000000000..6a58dbd42
--- /dev/null
+++ b/scripts/updatemanpages.pl
@@ -0,0 +1,355 @@
+#!/usr/bin/perl
+#***************************************************************************
+# _ _ ____ _
+# Project ___| | | | _ \| |
+# / __| | | | |_) | |
+# | (__| |_| | _ <| |___
+# \___|\___/|_| \_\_____|
+#
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+
+# Update man pages.
+
+use strict;
+use warnings;
+use Tie::File;
+
+# Data from the command line.
+
+my $curlver = $ARGV[0];
+my $curldate = $ARGV[1];
+
+# Directories and extensions.
+
+my @dirlist = ("docs/", "docs/libcurl/", "docs/libcurl/opts/", "tests/");
+my @extlist = (".1", ".3");
+my @excludelist = ("mk-ca-bundle.1", "template.3");
+
+# Subroutines
+
+sub printargs{
+ # Print arguments and exit.
+
+ print "usage: updatemanpages.pl <version> <date>\n";
+ exit;
+}
+
+sub getthline{
+ # Process file looking for .TH section.
+
+ my $filename = shift;
+ my $file_handle;
+ my $file_line;
+
+ # Open the file.
+
+ open($file_handle, $filename);
+
+ # Look for the .TH section, process it into an array,
+ # modify it and write to file.
+
+ tie(my @file_data, 'Tie::File', $filename);
+ foreach my $file_data_line(@file_data) {
+ if($file_data_line =~ /^.TH/) {
+ $file_line = $file_data_line;
+ last;
+ }
+ }
+
+ # Close the file.
+
+ close($file_handle);
+ return $file_line;
+}
+
+sub extractth{
+ # Extract .TH section as an array.
+
+ my $input = shift;
+
+ # Split the line into an array.
+
+ my @tharray;
+ my $inputsize = length($input);
+ my $inputcurrent = "";
+ my $quotemode = 0;
+
+ for(my $inputseek = 0; $inputseek < $inputsize; $inputseek++) {
+
+ if(substr($input, $inputseek, 1) eq " " && $quotemode eq 0) {
+ push(@tharray, $inputcurrent);
+ $inputcurrent = "";
+ next;
+ }
+
+ $inputcurrent = $inputcurrent . substr($input, $inputseek, 1);
+
+ if(substr($input, $inputseek, 1) eq "\"") {
+ if($quotemode eq 0) {
+ $quotemode = 1;
+ }
+ else {
+ $quotemode = 0;
+ }
+ }
+ }
+
+ if($inputcurrent ne "") {
+ push(@tharray, $inputcurrent);
+ }
+
+ return @tharray;
+}
+
+sub getdate{
+ # Get the date from the .TH section.
+
+ my $filename = shift;
+ my $thline;
+ my @tharray;
+ my $date = "";
+
+ $thline = getthline($filename);
+
+ # Return nothing if there is no .TH section found.
+
+ if(!$thline || $thline eq "") {
+ return "";
+ }
+
+ @tharray = extractth($thline);
+
+ # Remove the quotes at the start and end.
+
+ $date = substr($tharray[3], 1, -1);
+ return $date;
+}
+
+sub processth{
+ # Process .TH section.
+
+ my $input = shift;
+ my $date = shift;
+
+ # Split the line into an array.
+
+ my @tharray = extractth($input);
+
+ # Alter the date.
+
+ my $itemdate = "\"";
+ $itemdate .= $date;
+ $itemdate .= "\"";
+ $tharray[3] = $itemdate;
+
+ # Alter the item version.
+
+ my $itemver = $tharray[4];
+ my $itemname = "";
+
+ for(my $itemnameseek = 1;
+ $itemnameseek < length($itemver);
+ $itemnameseek++) {
+ if(substr($itemver, $itemnameseek, 1) eq " " ||
+ substr($itemver, $itemnameseek, 1) eq "\"") {
+ last;
+ }
+ $itemname .= substr($itemver, $itemnameseek, 1);
+ }
+
+ $itemver = "\"";
+ $itemver .= $itemname;
+ $itemver .= " ";
+ $itemver .= $curlver;
+ $itemver .= "\"";
+
+ $tharray[4] = $itemver;
+
+ my $thoutput = "";
+
+ foreach my $thvalue (@tharray) {
+ $thoutput .= $thvalue;
+ $thoutput .= " ";
+ }
+ $thoutput =~ s/\s+$//;
+ $thoutput .= "\n";
+
+ # Return updated string.
+
+ return $thoutput;
+}
+
+sub processfile{
+ # Process file looking for .TH section.
+
+ my $filename = shift;
+ my $date = shift;
+ my $file_handle;
+ my $file_dist_handle;
+ my $filename_dist;
+
+ # Open a handle for the original file and a second file handle
+ # for the dist file.
+
+ $filename_dist = $filename . ".dist";
+
+ open($file_handle, $filename);
+ open($file_dist_handle, ">" . $filename_dist);
+
+ # Look for the .TH section, process it into an array,
+ # modify it and write to file.
+
+ tie(my @file_data, 'Tie::File', $filename);
+ foreach my $file_data_line (@file_data) {
+ if($file_data_line =~ /^.TH/) {
+ my $file_dist_line = processth($file_data_line, $date);
+ print $file_dist_handle $file_dist_line . "\n";
+ }
+ else {
+ print $file_dist_handle $file_data_line . "\n";
+ }
+ }
+
+ # Close the file.
+
+ close($file_handle);
+ close($file_dist_handle);
+}
+
+# Check that $curlver is set, otherwise print arguments and exit.
+
+if(!$curlver) {
+ printargs();
+}
+
+# check to see that the git command works, it requires git 2.6 something
+my $gitcheck = `git log -1 --date="format:%B %d, %Y" $dirlist[0] 2>/dev/null`;
+if(length($gitcheck) < 1) {
+ print "git version too old or $dirlist[0] is a bad argument\n";
+ exit;
+}
+
+# Look in each directory.
+
+my $dir_handle;
+
+foreach my $dirname (@dirlist) {
+ foreach my $extname (@extlist) {
+ # Go through the directory looking for files ending with
+ # the current extension.
+
+ opendir($dir_handle, $dirname);
+ my @filelist = grep(/.$extname$/i, readdir($dir_handle));
+
+ foreach my $file (@filelist) {
+ # Skip if file is in exclude list.
+
+ if(grep(/^$file$/, @excludelist)) {
+ next;
+ }
+
+ # Load the file and get the date.
+
+ my $filedate;
+
+ # Check if dist version exists and load date from that
+ # file if it does.
+
+ if(-e ($dirname . $file . ".dist")) {
+ $filedate = getdate(($dirname . $file . ".dist"));
+ }
+ else {
+ $filedate = getdate(($dirname . $file));
+ }
+
+ # Skip if value is empty.
+
+ if(!$filedate || $filedate eq "") {
+ next;
+ }
+
+ # Check the man page in the git repository.
+
+ my $repodata = `LC_TIME=C git log -1 --date="format:%B %d, %Y" \\
+ --since="$filedate" $dirname$file | grep ^Date:`;
+
+ # If there is output then update the man page
+ # with the new date/version.
+
+ # Process the file if there is output.
+
+ if($repodata) {
+ my $thisdate;
+ if(!$curldate) {
+ if($repodata =~ /^Date: +(.*)/) {
+ $thisdate = $1;
+ }
+ else {
+ print STDERR "Warning: " . ($dirname . $file) . ": found no " .
+ "date\n";
+ }
+ }
+ else {
+ $thisdate = $curldate;
+ }
+ processfile(($dirname . $file), $thisdate);
+ print $dirname . $file . " page updated to $thisdate\n";
+ }
+ }
+ closedir($dir_handle);
+ }
+}
+
+__END__
+
+=pod
+
+=head1 updatemanpages.pl
+
+Updates the man pages with the version number and optional date. If the date
+isn't provided, the last modified date from git is used.
+
+=head2 USAGE
+
+updatemanpages.pl version [date]
+
+=head3 version
+
+Specifies version (required)
+
+=head3 date
+
+Specifies date (optional)
+
+=head2 SETTINGS
+
+=head3 @dirlist
+
+Specifies the list of directories to look for files in.
+
+=head3 @extlist
+
+Specifies the list of files with extensions to process.
+
+=head3 @excludelist
+
+Specifies the list of files to not process.
+
+=head2 NOTES
+
+This script is used during maketgz.
+
+=cut
diff --git a/src/.gitignore b/src/.gitignore
index 77e8909f2..0f6fcd47c 100644
--- a/src/.gitignore
+++ b/src/.gitignore
@@ -1,7 +1,6 @@
*.a
*.nlm
*.res
-Makefile.vc*.dist
config-win32.h
curl
curl_config.h
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index cfcefb396..6e50d82ad 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -1,7 +1,6 @@
set(EXE_NAME curl)
if(USE_MANUAL)
- find_package(Perl REQUIRED)
# Use the C locale to ensure that only ASCII characters appear in the
# embedded text. NROFF and MANOPT are set in the parent CMakeLists.txt
add_custom_command(
@@ -9,18 +8,19 @@ if(USE_MANUAL)
COMMAND ${CMAKE_COMMAND} -E echo "#include \"tool_setup.h\"" >
tool_hugehelp.c
COMMAND ${CMAKE_COMMAND} -E echo "#ifndef HAVE_LIBZ" >> tool_hugehelp.c
COMMAND env LC_ALL=C "${NROFF}" ${NROFF_MANOPT}
- "${CURL_SOURCE_DIR}/docs/curl.1" |
- "${PERL}" "${CMAKE_CURRENT_SOURCE_DIR}/mkhelp.pl"
+ "${CURL_BINARY_DIR}/docs/curl.1" |
+ "${PERL_EXECUTABLE}" "${CMAKE_CURRENT_SOURCE_DIR}/mkhelp.pl"
"${CURL_SOURCE_DIR}/docs/MANUAL" >> tool_hugehelp.c
COMMAND ${CMAKE_COMMAND} -E echo "#else" >> tool_hugehelp.c
COMMAND env LC_ALL=C "${NROFF}" ${NROFF_MANOPT}
- "${CURL_SOURCE_DIR}/docs/curl.1" |
- "${PERL}" "${CMAKE_CURRENT_SOURCE_DIR}/mkhelp.pl" -c
+ "${CURL_BINARY_DIR}/docs/curl.1" |
+ "${PERL_EXECUTABLE}" "${CMAKE_CURRENT_SOURCE_DIR}/mkhelp.pl" -c
"${CURL_SOURCE_DIR}/docs/MANUAL" >> tool_hugehelp.c
COMMAND ${CMAKE_COMMAND} -E echo "#endif /* HAVE_LIBZ */" >>
tool_hugehelp.c
DEPENDS
"${CURL_SOURCE_DIR}/docs/MANUAL"
- "${CURL_SOURCE_DIR}/docs/curl.1"
+ generate-curl.1
+ "${CURL_BINARY_DIR}/docs/curl.1"
"${CMAKE_CURRENT_SOURCE_DIR}/mkhelp.pl"
"${CMAKE_CURRENT_SOURCE_DIR}/tool_hugehelp.h"
VERBATIM)
@@ -49,19 +49,19 @@ add_executable(
${CURL_FILES}
)
-source_group("cURLX source files" FILES ${CURLX_CFILES})
-source_group("cURL source files" FILES ${CURL_CFILES})
-source_group("cURL header files" FILES ${CURL_HFILES})
+source_group("curlX source files" FILES ${CURLX_CFILES})
+source_group("curl source files" FILES ${CURL_CFILES})
+source_group("curl header files" FILES ${CURL_HFILES})
include_directories(
${CURL_SOURCE_DIR}/lib # To be able to reach "curl_setup_once.h"
${CURL_BINARY_DIR}/lib # To be able to reach "curl_config.h"
- ${CURL_BINARY_DIR}/include # To be able to reach "curl/curlbuild.h"
+ ${CURL_BINARY_DIR}/include # To be able to reach "gnurl/curl.h"
# This is needed as tool_hugehelp.c is generated in the binary dir
${CURL_SOURCE_DIR}/src # To be able to reach "tool_hugehelp.h"
)
-#Build cURL executable
+#Build curl executable
target_link_libraries( ${EXE_NAME} libcurl ${CURL_LIBS})
################################################################################
diff --git a/src/Makefile.Watcom b/src/Makefile.Watcom
index c310beb72..67e542d7a 100644
--- a/src/Makefile.Watcom
+++ b/src/Makefile.Watcom
@@ -22,7 +22,7 @@
#***************************************************************************
#
-# Watcom / OpenWatcom / Win32 makefile for cURL.
+# Watcom / OpenWatcom / Win32 makefile for curl.
#
.ERASE
@@ -156,7 +156,7 @@ RESOURCE = $(OBJ_DIR)/curl.res
DIRS = $(OBJ_DIR)
all: tool_hugehelp.c $(DIRS) $(TARGETS) .SYMBOLIC
- @echo Welcome to cURL
+ @echo Welcome to curl
clean: .SYMBOLIC
-rm -f $(OBJS)
diff --git a/src/Makefile.am b/src/Makefile.am
index d964ae1ed..63df6ddc3 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -29,17 +29,13 @@ AUTOMAKE_OPTIONS = foreign nostdinc
# being currently built and tested are searched before the library which
# might possibly already be installed in the system.
#
-# $(top_builddir)/include/curl for generated curlbuild.h included from curl.h
-# $(top_builddir)/include for generated curlbuild.h inc. from lib/curl_setup.h
# $(top_srcdir)/include is for libcurl's external include files
# $(top_builddir)/lib is for libcurl's generated lib/curl_config.h file
# $(top_builddir)/src is for curl's generated src/curl_config.h file
# $(top_srcdir)/lib for libcurl's lib/curl_setup.h and other "borrowed" files
# $(top_srcdir)/src is for curl's src/tool_setup.h and "curl-private" files
-AM_CPPFLAGS = -I$(top_builddir)/include/curl \
- -I$(top_builddir)/include \
- -I$(top_srcdir)/include \
+AM_CPPFLAGS = -I$(top_srcdir)/include \
-I$(top_builddir)/lib \
-I$(top_builddir)/src \
-I$(top_srcdir)/lib \
@@ -47,6 +43,8 @@ AM_CPPFLAGS = -I$(top_builddir)/include/curl \
bin_PROGRAMS = gnurl
+SUBDIRS = ../docs
+
if USE_CPPFLAG_CURL_STATICLIB
AM_CPPFLAGS += -DCURL_STATICLIB
endif
@@ -70,7 +68,10 @@ endif
gnurl_LDFLAGS = @LIBMETALINK_LDFLAGS@
gnurl_CPPFLAGS = $(AM_CPPFLAGS) $(LIBMETALINK_CPPFLAGS)
-gnurl_DEPENDENCIES = $(top_builddir)/lib/libgnurl.la
+
address@hidden@
+gnurl_LDFLAGS += $(CODE_COVERAGE_LDFLAGS)
+CFLAGS += $(CODE_COVERAGE_CFLAGS)
# if unit tests are enabled, build a static library to link them with
if BUILD_UNITTESTS
@@ -82,18 +83,20 @@ libcurltool_la_LDFLAGS = -static $(LINKFLAGS)
libcurltool_la_SOURCES = $(gnurl_SOURCES)
endif
-BUILT_SOURCES = tool_hugehelp.c
CLEANFILES = tool_hugehelp.c
# Use the C locale to ensure that only ASCII characters appear in the
# embedded text.
NROFF=env LC_ALL=C @NROFF@ @MANOPT@ # figured out by the configure script
-EXTRA_DIST = mkhelp.pl makefile.dj Makefile.vc6 Makefile.b32 \
+EXTRA_DIST = mkhelp.pl makefile.dj Makefile.b32 \
Makefile.m32 macos/curl.mcp.xml.sit.hqx macos/MACINSTALL.TXT \
macos/src/curl_GUSIConfig.cpp macos/src/macos_main.cpp makefile.amiga \
curl.rc Makefile.netware Makefile.inc Makefile.Watcom CMakeLists.txt
-MANPAGE=$(top_srcdir)/docs/gnurl.1
+# Use absolute directory to disable VPATH
+MANPAGE=$(abs_top_builddir)/docs/gnurl.1
+
+>>>>>>> Patchset for gnURL microfork:
README=$(top_srcdir)/docs/MANUAL
MKHELP=$(top_srcdir)/src/mkhelp.pl
HUGE=tool_hugehelp.c
@@ -101,10 +104,13 @@ HUGE=tool_hugehelp.c
if USE_MANUAL
# Here are the stuff to create a built-in manual
+$(MANPAGE):
+ cd $(top_builddir)/docs && $(MAKE)
+
if HAVE_LIBZ
# This generates the tool_hugehelp.c file in both uncompressed and
-# compressed formats
-$(HUGE): $(README) $(MANPAGE) mkhelp.pl
+# compressed formats.
+$(HUGE): $(MANPAGE) $(README) $(MKHELP)
echo '#include "tool_setup.h"' > $(HUGE)
echo '#ifndef HAVE_LIBZ' >> $(HUGE)
$(NROFF) $(MANPAGE) | $(PERL) $(MKHELP) $(README) >> $(HUGE)
@@ -113,7 +119,7 @@ $(HUGE): $(README) $(MANPAGE) mkhelp.pl
echo '#endif /* HAVE_LIBZ */' >> $(HUGE)
else # HAVE_LIBZ
# This generates the tool_hugehelp.c file uncompressed only
-$(HUGE): $(README) $(MANPAGE) mkhelp.pl
+$(HUGE): $(MANPAGE) $(README) $(MKHELP)
echo '#include "tool_setup.h"' > $(HUGE)
$(NROFF) $(MANPAGE) | $(PERL) $(MKHELP) $(README) >> $(HUGE)
endif
diff --git a/src/Makefile.inc b/src/Makefile.inc
index 1aa153c8c..5074f8fc6 100644
--- a/src/Makefile.inc
+++ b/src/Makefile.inc
@@ -11,14 +11,12 @@
# the official API, but we re-use the code here to avoid duplication.
CURLX_CFILES = \
../lib/strtoofft.c \
- ../lib/rawstr.c \
../lib/nonblock.c \
../lib/warnless.c
CURLX_HFILES = \
../lib/curl_setup.h \
../lib/strtoofft.h \
- ../lib/rawstr.h \
../lib/nonblock.h \
../lib/warnless.h
@@ -60,7 +58,6 @@ CURL_CFILES = \
tool_urlglob.c \
tool_util.c \
tool_vms.c \
- tool_writeenv.c \
tool_writeout.c \
tool_xattr.c
@@ -105,7 +102,6 @@ CURL_HFILES = \
tool_util.h \
tool_version.h \
tool_vms.h \
- tool_writeenv.h \
tool_writeout.h \
tool_xattr.h
diff --git a/src/Makefile.m32 b/src/Makefile.m32
index 0c98135bb..22e11e8e0 100644
--- a/src/Makefile.m32
+++ b/src/Makefile.m32
@@ -89,7 +89,7 @@ LIBCARES_PATH = $(PROOT)/ares
endif
CC = $(CROSSPREFIX)gcc
-CFLAGS = $(CURL_CFLAG_EXTRAS) -g -O2 -Wall
+CFLAGS = $(CURL_CFLAG_EXTRAS) -g -O2 -Wall -W
CFLAGS += -fno-strict-aliasing
# comment LDFLAGS below to keep debug info
LDFLAGS = $(CURL_LDFLAG_EXTRAS) $(CURL_LDFLAG_EXTRAS_EXE) -s
diff --git a/src/Makefile.netware b/src/Makefile.netware
index 51fa2637f..975551e0a 100644
--- a/src/Makefile.netware
+++ b/src/Makefile.netware
@@ -102,7 +102,7 @@ endif
TARGET = curl
VERSION = $(LIBCURL_VERSION)
COPYR = Copyright (C) $(LIBCURL_COPYRIGHT_STR)
-DESCR = cURL $(LIBCURL_VERSION_STR) ($(LIBARCH)) - https://curl.haxx.se
+DESCR = curl $(LIBCURL_VERSION_STR) ($(LIBARCH)) - https://curl.haxx.se
MTSAFE = YES
STACK = 64000
SCREEN = $(TARGET) commandline utility
@@ -395,7 +395,7 @@ $(OBJDIR)/%.o: %.c
# @echo Compiling $<
$(CC) $(CFLAGS) -c $< -o $@
-$(OBJDIR)/version.inc: $(CURL_INC)/curl/curlver.h $(OBJDIR)
+$(OBJDIR)/version.inc: $(CURL_INC)/gnurl/curlver.h $(OBJDIR)
@echo Creating $@
@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
diff --git a/src/Makefile.vc6 b/src/Makefile.vc6
deleted file mode 100644
index ff82a4df8..000000000
--- a/src/Makefile.vc6
+++ /dev/null
@@ -1,550 +0,0 @@
-#***************************************************************************
-# _ _ ____ _
-# Project ___| | | | _ \| |
-# / __| | | | |_) | |
-# | (__| |_| | _ <| |___
-# \___|\___/|_| \_\_____|
-#
-# Copyright (C) 1999 - 2016, Daniel Stenberg, <address@hidden>, et al.
-#
-# This software is licensed as described in the file COPYING, which
-# you should have received as part of this distribution. The terms
-# are also available at https://curl.haxx.se/docs/copyright.html.
-#
-# You may opt to use, copy, modify, merge, publish, distribute and/or sell
-# copies of the Software, and permit persons to whom the Software is
-# furnished to do so, under the terms of the COPYING file.
-#
-# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-# KIND, either express or implied.
-#
-#***************************************************************************
-
-# All files in the Makefile.vc* series are generated automatically from the
-# one made for MSVC version 6. Alas, if you want to do changes to any of the
-# files and send back to the project, edit the version six, make your diff and
-# mail curl-users.
-
-#############################################################
-#
-## Makefile for building curl.exe with MSVC6
-## Use: nmake -f makefile.vc6 [release | debug] [CFG=release-ssl]
-## (default is release)
-## "nmake -f makefile.vc6 CFG=release-ssl" statically links OpenSSL
-## into curl.exe producing a standalone SSL-enabled executable.
-##
-#
-#############################################################
-
-PROGRAM_NAME = curl.exe
-
-# -------------------------------------------
-# Verify that current subdir is curl's 'src'
-# -------------------------------------------
-
-!IF ! EXIST(.\tool_main.c)
-! MESSAGE Can not process this makefile from outside of curl's 'src'
subdirectory.
-! MESSAGE Change to curl's 'src' subdirectory, and try again.
-! ERROR See previous message.
-!ENDIF
-
-# ------------------------------------------------
-# Makefile.msvc.names provides libcurl file names
-# ------------------------------------------------
-
-!INCLUDE ..\winbuild\Makefile.msvc.names
-
-
-!IFNDEF OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-1.0.2a
-!ENDIF
-
-!IFNDEF ZLIB_PATH
-ZLIB_PATH = ../../zlib-1.2.8
-!ENDIF
-
-!IFNDEF MACHINE
-MACHINE = X86
-!ENDIF
-
-# USE_WINDOWS_SSPI uses windows libraries to allow NTLM authentication
-# without an openssl installation and offers the ability to authenticate
-# using the "current logged in user". Since at least with MSVC6 the sspi.h
-# header is broken it is either required to install the Windows SDK,
-# or to fix sspi.h with adding this define at the beginning of sspi.h:
-# #define FreeCredentialHandle FreeCredentialsHandle
-#
-# If, for some reason the Windows SDK is installed but not installed
-# in the default location, you can specify WINDOWS_SDK_PATH.
-# It can be downloaded from:
-# https://msdn.microsoft.com/windows/bb980924.aspx
-
-# WINDOWS_SSPI = 1
-
-!IFDEF WINDOWS_SSPI
-!IFNDEF WINDOWS_SDK_PATH
-WINDOWS_SDK_PATH = "$(PROGRAMFILES)\Microsoft SDK"
-!ENDIF
-!ENDIF
-
-########################################################
-## Nothing more to do below this line!
-
-ZLIB_CFLAGS = /DHAVE_ZLIB_H /DHAVE_ZLIB /DHAVE_LIBZ /I "$(ZLIB_PATH)"
-ZLIB_LFLAGS = "/LIBPATH:$(ZLIB_PATH)"
-ZLIB_LIBS = zlib.lib
-ZLIB_IMP_LIBS = zdll.lib
-
-SSL_CFLAGS = /DUSE_OPENSSL
-SSL_LFLAGS = /LIBPATH:"$(OPENSSL_PATH)/out32"
-SSL_IMP_LFLAGS = /LIBPATH:"$(OPENSSL_PATH)/out32dll"
-SSL_LIBS = libeay32.lib ssleay32.lib gdi32.lib user32.lib
-WINLIBS = ws2_32.lib wldap32.lib advapi32.lib
-
-WINSSL_CFLAGS = /DUSE_SCHANNEL
-#WINSSL_LIBS = gdi32.lib user32.lib
-
-!IFDEF USE_IDN
-WINLIBS = $(WINLIBS) normaliz.lib
-!ENDIF
-
-# Runtime library configuration
-RTLIB = /MD
-RTLIBD = /MDd
-
-!IF "$(RTLIBCFG)" == "static"
-RTLIB = /MT
-RTLIBD = /MTd
-!ENDIF
-
-## Release
-CCR = cl.exe $(RTLIB) /O2 /DNDEBUG
-LINKR = link.exe /incremental:no /libpath:"../lib"
-RCR = rc.exe /dDEBUGBUILD=0
-
-## Debug
-CCD = cl.exe $(RTLIBD) /Gm /ZI /Od /D_DEBUG /GZ
-LINKD = link.exe /incremental:yes /debug /libpath:"../lib"
-RCD = rc.exe /dDEBUGBUILD=1
-
-CFLAGS = /I../lib /I../include /nologo /W3 /GX /DWIN32 /YX /FD /c
/D_BIND_TO_CURRENT_VCLIBS_VERSION=1
-LFLAGS = /nologo /out:$(PROGRAM_NAME) /subsystem:console /machine:$(MACHINE)
-RESFLAGS = /i../include
-
-# This manifest thing is for VC8, enabled by the maketgz script that
-# builds the VC8 version of this makefile. Left commented out in the VC6
-# version!
-#MANIFESTTOOL = mt -manifest $(PROGRAM_NAME).manifest
-outputresource:$(PROGRAM_NAME);1
-
-!IFDEF WINDOWS_SSPI
-CFLAGS = $(CFLAGS) /DUSE_WINDOWS_SSPI /I$(WINDOWS_SDK_PATH)\include
-!ENDIF
-
-RELEASE_OBJS= \
- nonblockr.obj \
- rawstrr.obj \
- strtoofftr.obj \
- warnless.obj \
- slist_wc.obj \
- tool_binmoder.obj \
- tool_bnamer.obj \
- tool_cb_dbgr.obj \
- tool_cb_hdrr.obj \
- tool_cb_prgr.obj \
- tool_cb_rear.obj \
- tool_cb_seer.obj \
- tool_cb_wrtr.obj \
- tool_cfgabler.obj \
- tool_convertr.obj \
- tool_dirhier.obj \
- tool_doswinr.obj \
- tool_easysrcr.obj \
- tool_formparser.obj \
- tool_getparamr.obj \
- tool_getpassr.obj \
- tool_helpr.obj \
- tool_helpersr.obj \
- tool_homedirr.obj \
- tool_hugehelpr.obj \
- tool_libinfor.obj \
- tool_mainr.obj \
- tool_metalinkr.obj \
- tool_mfilesr.obj \
- tool_msgsr.obj \
- tool_operater.obj \
- tool_operhlpr.obj \
- tool_panykeyr.obj \
- tool_paramhlpr.obj \
- tool_parsecfgr.obj \
- tool_setoptr.obj \
- tool_sleepr.obj \
- tool_urlglobr.obj \
- tool_utilr.obj \
- tool_vmsr.obj \
- tool_writeenvr.obj \
- tool_writeoutr.obj \
- tool_xattrr.obj \
- curlr.res
-
-DEBUG_OBJS= \
- nonblockd.obj \
- rawstrd.obj \
- strtoofftd.obj \
- warnlessd.obj \
- slist_wcd.obj \
- tool_binmoded.obj \
- tool_bnamed.obj \
- tool_cb_dbgd.obj \
- tool_cb_hdrd.obj \
- tool_cb_prgd.obj \
- tool_cb_read.obj \
- tool_cb_seed.obj \
- tool_cb_wrtd.obj \
- tool_cfgabled.obj \
- tool_convertd.obj \
- tool_dirhied.obj \
- tool_doswind.obj \
- tool_easysrcd.obj \
- tool_formparsed.obj \
- tool_getparamd.obj \
- tool_getpassd.obj \
- tool_helpd.obj \
- tool_helpersd.obj \
- tool_homedird.obj \
- tool_hugehelpd.obj \
- tool_libinfod.obj \
- tool_maind.obj \
- tool_metalinkd.obj \
- tool_mfilesd.obj \
- tool_msgsd.obj \
- tool_operated.obj \
- tool_operhlpd.obj \
- tool_panykeyd.obj \
- tool_paramhlpd.obj \
- tool_parsecfgd.obj \
- tool_setoptd.obj \
- tool_sleepd.obj \
- tool_urlglobd.obj \
- tool_utild.obj \
- tool_vmsd.obj \
- tool_writeenvd.obj \
- tool_writeoutd.obj \
- tool_xattrd.obj \
- curld.res
-
-#################################################
-# If CFG not specified, use static libs
-
-CFLAGS = $(CFLAGS) /DCURL_STATICLIB
-LINKLIBS = $(LIBCURL_STA_LIB_REL)
-LINKLIBS_DEBUG = $(LIBCURL_STA_LIB_DBG)
-
-#################################################
-# release dynamic library
-
-!IF "$(CFG)" == "release-dll"
-LINKLIBS = $(LIBCURL_IMP_LIB_REL)
-LINKLIBS_DEBUG = $(LIBCURL_IMP_LIB_DBG)
-!ENDIF
-
-#################################################
-# release static library with zlib
-
-!IF "$(CFG)" == "release-zlib"
-CFLAGS = $(CFLAGS) $(ZLIB_CFLAGS) /DCURL_STATICLIB
-LINKLIBS = $(LIBCURL_STA_LIB_REL) $(ZLIB_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_STA_LIB_DBG) $(ZLIB_LIBS)
-LFLAGS = $(LFLAGS) $(ZLIB_LFLAGS)
-!ENDIF
-
-#################################################
-# release static library with ssl
-
-!IF "$(CFG)" == "release-ssl"
-CFLAGS = $(CFLAGS) $(SSL_CFLAGS) /DCURL_STATICLIB
-LINKLIBS = $(LIBCURL_STA_LIB_REL) $(SSL_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_STA_LIB_DBG) $(SSL_LIBS)
-LFLAGS = $(LFLAGS) $(SSL_LFLAGS)
-!ENDIF
-
-#################################################
-# release dynamic library with dynamic ssl
-
-!IF "$(CFG)" == "release-dll-ssl-dll"
-CFLAGS = $(CFLAGS) $(SSL_CFLAGS)
-LINKLIBS = $(LIBCURL_IMP_LIB_REL) $(SSL_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_IMP_LIB_DBG) $(SSL_LIBS)
-LFLAGS = $(LFLAGS) $(SSL_IMP_LFLAGS)
-!ENDIF
-
-#################################################
-# release static library with ssl and zlib
-
-!IF "$(CFG)" == "release-ssl-zlib"
-CFLAGS = $(CFLAGS) $(SSL_CFLAGS) $(ZLIB_CFLAGS) /DCURL_STATICLIB
-LINKLIBS = $(LIBCURL_STA_LIB_REL) $(SSL_LIBS) $(ZLIB_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_STA_LIB_DBG) $(SSL_LIBS) $(ZLIB_LIBS)
-LFLAGS = $(LFLAGS) $(SSL_LFLAGS) $(ZLIB_LFLAGS)
-!ENDIF
-
-#################################################
-# release static library with winssl and zlib
-
-!IF "$(CFG)" == "release-winssl-zlib"
-CFLAGS = $(CFLAGS) $(WINSSL_CFLAGS) $(ZLIB_CFLAGS) /DCURL_STATICLIB
-LINKLIBS = $(LIBCURL_STA_LIB_REL) $(WINSSL_LIBS) $(ZLIB_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_STA_LIB_DBG) $(WINSSL_LIBS) $(ZLIB_LIBS)
-LFLAGS = $(LFLAGS) $(WINSSL_LFLAGS) $(ZLIB_LFLAGS)
-!ENDIF
-
-#################################################
-# release static library with dynamic ssl
-
-!IF "$(CFG)" == "release-ssl-dll"
-CFLAGS = $(CFLAGS) $(SSL_CFLAGS) /DCURL_STATICLIB
-LINKLIBS = $(LIBCURL_STA_LIB_REL) $(SSL_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_STA_LIB_DBG) $(SSL_LIBS)
-LFLAGS = $(LFLAGS) $(SSL_IMP_LFLAGS)
-!ENDIF
-
-#################################################
-# release static library with dynamic zlib
-
-!IF "$(CFG)" == "release-zlib-dll"
-CFLAGS = $(CFLAGS) $(ZLIB_CFLAGS) /DCURL_STATICLIB
-LINKLIBS = $(LIBCURL_STA_LIB_REL) $(ZLIB_IMP_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_STA_LIB_DBG) $(ZLIB_IMP_LIBS)
-LFLAGS = $(LFLAGS) $(ZLIB_LFLAGS)
-!ENDIF
-
-#################################################
-# release dynamic library with dynamic zlib
-
-!IF "$(CFG)" == "release-dll-zlib-dll"
-CFLAGS = $(CFLAGS) $(ZLIB_CFLAGS)
-LINKLIBS = $(LIBCURL_IMP_LIB_REL) $(ZLIB_IMP_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_IMP_LIB_DBG) $(ZLIB_IMP_LIBS)
-LFLAGS = $(LFLAGS) $(ZLIB_LFLAGS)
-!ENDIF
-
-#################################################
-# release static library with dynamic ssl and dynamic zlib
-
-!IF "$(CFG)" == "release-ssl-dll-zlib-dll"
-CFLAGS = $(CFLAGS) $(SSL_CFLAGS) $(ZLIB_CFLAGS) /DCURL_STATICLIB
-LINKLIBS = $(LIBCURL_STA_LIB_REL) $(SSL_LIBS) $(ZLIB_IMP_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_STA_LIB_DBG) $(SSL_LIBS) $(ZLIB_IMP_LIBS)
-LFLAGS = $(LFLAGS) $(SSL_IMP_LFLAGS) $(ZLIB_LFLAGS)
-!ENDIF
-
-#################################################
-# release dynamic library with dynamic ssl and dynamic zlib
-
-!IF "$(CFG)" == "release-dll-ssl-dll-zlib-dll"
-CFLAGS = $(CFLAGS) $(SSL_CFLAGS) $(ZLIB_CFLAGS)
-LINKLIBS = $(LIBCURL_IMP_LIB_REL) $(SSL_LIBS) $(ZLIB_IMP_LIBS)
-LINKLIBS_DEBUG = $(LIBCURL_IMP_LIB_DBG) $(SSL_LIBS) $(ZLIB_IMP_LIBS)
-LFLAGS = $(LFLAGS) $(SSL_IMP_LFLAGS) $(ZLIB_LFLAGS)
-!ENDIF
-
-LINKLIBS = $(LINKLIBS) $(WINLIBS)
-LINKLIBS_DEBUG = $(LINKLIBS_DEBUG) $(WINLIBS)
-
-all : release
-
-release: $(RELEASE_OBJS)
- $(LINKR) $(LFLAGS) $(LINKLIBS) $(RELEASE_OBJS)
- $(MANIFESTTOOL)
-
-debug: $(DEBUG_OBJS)
- $(LINKD) $(LFLAGS) $(LINKLIBS_DEBUG) $(DEBUG_OBJS)
- $(MANIFESTTOOL)
-
-## Release
-nonblockr.obj: ../lib/nonblock.c
- $(CCR) $(CFLAGS) /Fo"$@" ../lib/nonblock.c
-rawstrr.obj: ../lib/rawstr.c
- $(CCR) $(CFLAGS) /Fo"$@" ../lib/rawstr.c
-strtoofftr.obj: ../lib/strtoofft.c
- $(CCR) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c
-warnless.obj: ../lib/warnless.c
- $(CCR) $(CFLAGS) /Fo"$@" ../lib/warnless.c
-slist_wc.obj: slist_wc.c
- $(CCR) $(CFLAGS) /Fo"$@" slist_wc.c
-tool_binmoder.obj: tool_binmode.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_binmode.c
-tool_bnamer.obj: tool_bname.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_bname.c
-tool_cb_dbgr.obj: tool_cb_dbg.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_cb_dbg.c
-tool_cb_hdrr.obj: tool_cb_hdr.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_cb_hdr.c
-tool_cb_prgr.obj: tool_cb_prg.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_cb_prg.c
-tool_cb_rear.obj: tool_cb_rea.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_cb_rea.c
-tool_cb_seer.obj: tool_cb_see.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_cb_see.c
-tool_cb_wrtr.obj: tool_cb_wrt.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_cb_wrt.c
-tool_cfgabler.obj: tool_cfgable.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_cfgable.c
-tool_convertr.obj: tool_convert.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_convert.c
-tool_dirhier.obj: tool_dirhie.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_dirhie.c
-tool_doswinr.obj: tool_doswin.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_doswin.c
-tool_easysrcr.obj: tool_easysrc.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_easysrc.c
-tool_formparser.obj: tool_formparse.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_formparse.c
-tool_getparamr.obj: tool_getparam.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_getparam.c
-tool_getpassr.obj: tool_getpass.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_getpass.c
-tool_helpr.obj: tool_help.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_help.c
-tool_helpersr.obj: tool_helpers.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_helpers.c
-tool_homedirr.obj: tool_homedir.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_homedir.c
-tool_hugehelpr.obj: tool_hugehelp.c
- $(CCR) $(CFLAGS) /Zm200 /Fo"$@" tool_hugehelp.c
-tool_libinfor.obj: tool_libinfo.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_libinfo.c
-tool_mainr.obj: tool_main.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_main.c
-tool_metalinkr.obj: tool_metalink.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_metalink.c
-tool_mfilesr.obj: tool_mfiles.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_mfiles.c
-tool_msgsr.obj: tool_msgs.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_msgs.c
-tool_operater.obj: tool_operate.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_operate.c
-tool_operhlpr.obj: tool_operhlp.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_operhlp.c
-tool_panykeyr.obj: tool_panykey.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_panykey.c
-tool_paramhlpr.obj: tool_paramhlp.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_paramhlp.c
-tool_parsecfgr.obj: tool_parsecfg.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_parsecfg.c
-tool_setoptr.obj: tool_setopt.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_setopt.c
-tool_sleepr.obj: tool_sleep.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_sleep.c
-tool_urlglobr.obj: tool_urlglob.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_urlglob.c
-tool_utilr.obj: tool_util.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_util.c
-tool_vmsr.obj: tool_vms.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_vms.c
-tool_writeenvr.obj: tool_writeenv.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_writeenv.c
-tool_writeoutr.obj: tool_writeout.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_writeout.c
-tool_xattrr.obj: tool_xattr.c
- $(CCR) $(CFLAGS) /Fo"$@" tool_xattr.c
-curlr.res : curl.rc
- $(RCR) $(RESFLAGS) /Fo"$@" curl.rc
-
-## Debug
-nonblockd.obj: ../lib/nonblock.c
- $(CCD) $(CFLAGS) /Fo"$@" ../lib/nonblock.c
-rawstrd.obj: ../lib/rawstr.c
- $(CCD) $(CFLAGS) /Fo"$@" ../lib/rawstr.c
-strtoofftd.obj: ../lib/strtoofft.c
- $(CCD) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c
-warnlessd.obj: ../lib/warnless.c
- $(CCD) $(CFLAGS) /Fo"$@" ../lib/warnless.c
-slist_wcd.obj: slist_wc.c
- $(CCD) $(CFLAGS) /Fo"$@" slist_wc.c
-tool_binmoded.obj: tool_binmode.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_binmode.c
-tool_bnamed.obj: tool_bname.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_bname.c
-tool_cb_dbgd.obj: tool_cb_dbg.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_cb_dbg.c
-tool_cb_hdrd.obj: tool_cb_hdr.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_cb_hdr.c
-tool_cb_prgd.obj: tool_cb_prg.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_cb_prg.c
-tool_cb_read.obj: tool_cb_rea.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_cb_rea.c
-tool_cb_seed.obj: tool_cb_see.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_cb_see.c
-tool_cb_wrtd.obj: tool_cb_wrt.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_cb_wrt.c
-tool_cfgabled.obj: tool_cfgable.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_cfgable.c
-tool_convertd.obj: tool_convert.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_convert.c
-tool_dirhied.obj: tool_dirhie.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_dirhie.c
-tool_doswind.obj: tool_doswin.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_doswin.c
-tool_easysrcd.obj: tool_easysrc.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_easysrc.c
-tool_formparsed.obj: tool_formparse.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_formparse.c
-tool_getparamd.obj: tool_getparam.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_getparam.c
-tool_getpassd.obj: tool_getpass.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_getpass.c
-tool_helpd.obj: tool_help.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_help.c
-tool_helpersd.obj: tool_helpers.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_helpers.c
-tool_homedird.obj: tool_homedir.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_homedir.c
-tool_hugehelpd.obj: tool_hugehelp.c
- $(CCD) $(CFLAGS) /Zm200 /Fo"$@" tool_hugehelp.c
-tool_libinfod.obj: tool_libinfo.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_libinfo.c
-tool_maind.obj: tool_main.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_main.c
-tool_metalinkd.obj: tool_metalink.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_metalink.c
-tool_mfilesd.obj: tool_mfiles.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_mfiles.c
-tool_msgsd.obj: tool_msgs.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_msgs.c
-tool_operated.obj: tool_operate.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_operate.c
-tool_operhlpd.obj: tool_operhlp.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_operhlp.c
-tool_panykeyd.obj: tool_panykey.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_panykey.c
-tool_paramhlpd.obj: tool_paramhlp.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_paramhlp.c
-tool_parsecfgd.obj: tool_parsecfg.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_parsecfg.c
-tool_setoptd.obj: tool_setopt.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_setopt.c
-tool_sleepd.obj: tool_sleep.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_sleep.c
-tool_urlglobd.obj: tool_urlglob.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_urlglob.c
-tool_utild.obj: tool_util.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_util.c
-tool_vmsd.obj: tool_vms.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_vms.c
-tool_writeenvd.obj: tool_writeenv.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_writeenv.c
-tool_writeoutd.obj: tool_writeout.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_writeout.c
-tool_xattrd.obj: tool_xattr.c
- $(CCD) $(CFLAGS) /Fo"$@" tool_xattr.c
-curld.res : curl.rc
- $(RCD) $(RESFLAGS) /Fo"$@" curl.rc
-
-clean:
- @-erase $(PROGRAM_NAME) 2> NUL
- @-erase $(RELEASE_OBJS) 2> NUL
- @-erase $(DEBUG_OBJS) 2> NUL
- @-erase *.idb 2> NUL
- @-erase *.pdb 2> NUL
- @-erase *.pch 2> NUL
- @-erase *.ilk 2> NUL
diff --git a/src/curl.rc b/src/curl.rc
index 30ae44493..5f49d2236 100644
--- a/src/curl.rc
+++ b/src/curl.rc
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -44,14 +44,14 @@ BEGIN
BEGIN
BLOCK "040904b0"
BEGIN
- VALUE "CompanyName", "cURL, https://curl.haxx.se/\0";
- VALUE "FileDescription", "The cURL executable\0"
+ VALUE "CompanyName", "curl, https://curl.haxx.se/\0";
+ VALUE "FileDescription", "The curl executable\0"
VALUE "FileVersion", CURL_VERSION "\0"
VALUE "InternalName", "curl\0"
VALUE "OriginalFilename", "curl.exe\0"
- VALUE "ProductName", "The cURL executable\0"
+ VALUE "ProductName", "The curl executable\0"
VALUE "ProductVersion", CURL_VERSION "\0"
- VALUE "LegalCopyright", "� " CURL_COPYRIGHT "\0"
+ VALUE "LegalCopyright", "\xa9 " CURL_COPYRIGHT "\0" /* a9: Copyright
symbol */
VALUE "License", "https://curl.haxx.se/docs/copyright.html\0";
END
END
diff --git a/src/macos/MACINSTALL.TXT b/src/macos/MACINSTALL.TXT
index 1839ef205..2bab9fd3d 100644
--- a/src/macos/MACINSTALL.TXT
+++ b/src/macos/MACINSTALL.TXT
@@ -1 +1 @@
-MACOS (not MACOS X)
===================
This is the first attempt at porting cURL to MacOS.
http, ftp, dict and telnet seems to work fine, other protocols and advanced
features have not been all tested.
This port is heavily based on the GUSI library from Matthias Neeracher.
GUSI (Grand Unified Socket Interface) is a POSIX/Pthreads/Sockets library
bringing some of the comforts of UNIX 98 to traditional MacOS.
The latest GUSI release can be downloaded from sourceforge
at <http://sourceforge.net/projects/gusi/>
I have also written a few functions to help port Unix applications to MacOS.
These functions are part of the GUSI Extra library that can be downloaded at
<http://perso.wanadoo.fr/ela/resources.html#gusiextra>
OpenSSL support is still experimental but I hope to deliver a version
including SSL soon.
cURL for MacOS requires using the CodeWarrior compiler from Metrowerks.
First download GUSI, GUSI Extra and cURL. Access paths have been setup so that
GUSI, GUSI Extra and cUR
L directories should have the same parent directory.
Follow the instructions in GUSI Extra "readme.txt" mainly the ones related to
SIOUX and GUSI patches. If you do not apply these patches curl will not behave
correctly.
In the 'curl/src/macos' directory, decode "curl.mcp.xml.sit.hqx" (This is a
stuffit binhexed file)
>From the CodeWarrior IDE, import 'curl/src/macos/curl.xml', adjust the access
paths if required. Then you should be able to build:
- the libcurl libraries for PPC and 68K.
- the curl application (also available for PPC and 68K) which is the command
line version of cURL.
If the file "tool_hugehelp.c" is missing rename "curl/src/tool_hugehelp.c.cvs"
to "tool_hugehelp.c" and make sure its file type is 'TEXT'
+MACOS (not MACOS X)
===================
This is the first attempt at porting curl to MacOS.
http, ftp, dict and telnet seems to work fine, other protocols and advanced
features have not been all tested.
This port is heavily based on the GUSI library from Matthias Neeracher.
GUSI (Grand Unified Socket Interface) is a POSIX/Pthreads/Sockets library
bringing some of the comforts of UNIX 98 to traditional MacOS.
The latest GUSI release can be downloaded from sourceforge
at <https://sourceforge.net/projects/gusi/>
I have also written a few functions to help port Unix applications to MacOS.
These functions are part of the GUSI Extra library that can be downloaded at
<http://perso.wanadoo.fr/ela/resources.html#gusiextra>
OpenSSL support is still experimental but I hope to deliver a version
including SSL soon.
curl for MacOS requires using the CodeWarrior compiler from Metrowerks.
First download GUSI, GUSI Extra and curl. Access paths have been setup so that
GUSI, GUSI Extra and cu
rl directories should have the same parent directory.
Follow the instructions in GUSI Extra "readme.txt" mainly the ones related to
SIOUX and GUSI patches. If you do not apply these patches curl will not behave
correctly.
In the 'curl/src/macos' directory, decode "curl.mcp.xml.sit.hqx" (This is a
stuffit binhexed file)
>From the CodeWarrior IDE, import 'curl/src/macos/curl.xml', adjust the access
paths if required. Then you should be able to build:
- the libcurl libraries for PPC and 68K.
- the curl application (also available for PPC and 68K) which is the command
line version of curl.
If the file "tool_hugehelp.c" is missing rename "curl/src/tool_hugehelp.c.cvs"
to "tool_hugehelp.c" and make sure its file type is 'TEXT'
diff --git a/src/makefile.amiga b/src/makefile.amiga
index 25449a6dc..9f3748b1a 100644
--- a/src/makefile.amiga
+++ b/src/makefile.amiga
@@ -1,5 +1,5 @@
#
-# $VER: cURL Makefile for AmigaOS ...
+# $VER: curl Makefile for AmigaOS ...
#
# change the follow to where you have the AmiTCP SDK v4.3 includes:
@@ -19,12 +19,12 @@ include Makefile.inc
OBJS = $(CURL_CFILES:.c=.o) $(CURLX_CFILES:.c=.o)
all: tool_hugehelp.c $(OBJS)
- $(CC) $(CFLAGS) -o cURL $(OBJS) $(LIBS) -Wl,-Map,cURL.map,--cref
+ $(CC) $(CFLAGS) -o curl $(OBJS) $(LIBS) -Wl,-Map,curl.map,--cref
tool_hugehelp.c: $(README) $(MANPAGE) mkhelp.pl
rm -f tool_hugehelp.c
/bin/nroff -man $(MANPAGE) | /bin/perl $(MKHELP) -c $(README) >
tool_hugehelp.c
install:
- $(INSTALL) -c cURL /c/cURL
+ $(INSTALL) -c curl /c/curl
diff --git a/src/makefile.dj b/src/makefile.dj
index 6a6c8f95f..fbd2d3738 100644
--- a/src/makefile.dj
+++ b/src/makefile.dj
@@ -53,13 +53,11 @@ endif
EX_LIBS += $(WATT32_ROOT)/lib/libwatt.a
-CFLAGS += -DUSE_ENVIRONMENT
-
PROGRAM = curl.exe
OBJECTS += $(addprefix $(OBJ_DIR)/, $(CSOURCES:.c=.o))
all: $(OBJ_DIR) $(PROGRAM)
- @echo Welcome to cURL
+ @echo Welcome to curl
$(PROGRAM): $(OBJECTS) ../lib/libcurl.a
$(CC) -o $@ $^ $(LDFLAGS) $(EX_LIBS)
diff --git a/src/mkhelp.pl b/src/mkhelp.pl
old mode 100644
new mode 100755
index 74a4b82e2..270daa20a
--- a/src/mkhelp.pl
+++ b/src/mkhelp.pl
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl
+#!/usr/bin/env perl
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
@@ -36,7 +36,7 @@ if($ARGV[0] eq "-c") {
my $README = $ARGV[0];
if($README eq "") {
- print "usage: mkreadme.pl [-c] <README> < manpage\n";
+ print "usage: mkhelp.pl [-c] <README> < manpage\n";
exit;
}
@@ -102,39 +102,6 @@ while(<READ>) {
}
close(READ);
-# if compressed
-if($c) {
- my @test = `gzip --version 2>&1`;
- if($test[0] =~ /gzip/) {
- open(GZIP, ">dumpit") ||
- die "can't create the dumpit file, try without -c";
- binmode GZIP;
- for(@out) {
- print GZIP $_;
- $gzip += length($_);
- }
- close(GZIP);
-
- system("gzip --best --no-name dumpit");
-
- open(GZIP, "<dumpit.gz") ||
- die "can't read the dumpit.gz file, try without -c";
- binmode GZIP;
- while(<GZIP>) {
- push @gzip, $_;
- $gzipped += length($_);
- }
- close(GZIP);
-
- unlink("dumpit.gz");
- }
- else {
- # no gzip, no compression!
- undef $c;
- print STDERR "MEEEP: Couldn't find gzip, disable compression\n";
- }
-}
-
$now = localtime;
print <<HEAD
/*
@@ -146,27 +113,44 @@ print <<HEAD
HEAD
;
if($c) {
+ # If compression requested, check that the Gzip module is available
+ # or else disable compression
+ $c = eval
+ {
+ require IO::Compress::Gzip;
+ IO::Compress::Gzip->import();
+ 1;
+ };
+ print STDERR "Warning: compression requested but Gzip is not available\n"
if (!$c)
+}
+
+if($c)
+{
+ my $content = join("", @out);
+ my $gzippedContent;
+ IO::Compress::Gzip::gzip(
+ \$content, \$gzippedContent, Level => 9, TextFlag => 1, Time=>0) or
die "gzip failed:";
+ $gzip = length($content);
+ $gzipped = length($gzippedContent);
+
print <<HEAD
#include <zlib.h>
#include "memdebug.h" /* keep this as LAST include */
static const unsigned char hugehelpgz[] = {
/* This mumbo-jumbo is the huge help text compressed with gzip.
- Thanks to this operation, the size of this data shrunk from $gzip
+ Thanks to this operation, the size of this data shrank from $gzip
to $gzipped bytes. You can disable the use of compressed help
texts by NOT passing -c to the mkhelp.pl tool. */
HEAD
;
+
my $c=0;
print " ";
- for(@gzip) {
- my @all=split(//, $_);
- for(@all) {
- my $num=ord($_);
- printf(" 0x%02x,", 0+$num);
- if(++$c>11) {
- print "\n ";
- $c=0;
- }
+ for(split(//, $gzippedContent)) {
+ my $num=ord($_);
+ printf(" 0x%02x,", 0+$num);
+ if(!(++$c % 12)) {
+ print "\n ";
}
}
print "\n};\n";
diff --git a/src/tool_cb_dbg.c b/src/tool_cb_dbg.c
index 97a5c92d3..b4fbe0bb9 100644
--- a/src/tool_cb_dbg.c
+++ b/src/tool_cb_dbg.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -26,6 +26,7 @@
#include "curlx.h"
#include "tool_cfgable.h"
+#include "tool_convert.h"
#include "tool_msgs.h"
#include "tool_cb_dbg.h"
#include "tool_util.h"
@@ -41,7 +42,7 @@ static void dump(const char *timebuf, const char *text,
*/
int tool_debug_cb(CURL *handle, curl_infotype type,
- unsigned char *data, size_t size,
+ char *data, size_t size,
void *userdata)
{
struct OperationConfig *operation = userdata;
@@ -73,9 +74,9 @@ int tool_debug_cb(CURL *handle, curl_infotype type,
if(!config->trace_stream) {
/* open for append */
- if(curlx_strequal("-", config->trace_dump))
+ if(!strcmp("-", config->trace_dump))
config->trace_stream = stdout;
- else if(curlx_strequal("%", config->trace_dump))
+ else if(!strcmp("%", config->trace_dump))
/* Ok, this is somewhat hackish but we do it undocumented for now */
config->trace_stream = config->errors; /* aka stderr */
else {
@@ -171,7 +172,8 @@ int tool_debug_cb(CURL *handle, curl_infotype type,
if(memcmp(&data[i], "\r\n\r\n", 4) == 0) {
/* dump everything through the CRLFCRLF as a sent header */
text = "=> Send header";
- dump(timebuf, text, output, data, i + 4, config->tracetype, type);
+ dump(timebuf, text, output, (unsigned char *)data, i + 4,
+ config->tracetype, type);
data += i + 3;
size -= i + 4;
type = CURLINFO_DATA_OUT;
@@ -182,9 +184,10 @@ int tool_debug_cb(CURL *handle, curl_infotype type,
}
#endif /* CURL_DOES_CONVERSIONS */
- switch (type) {
+ switch(type) {
case CURLINFO_TEXT:
fprintf(output, "%s== Info: %s", timebuf, data);
+ /* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
@@ -208,7 +211,8 @@ int tool_debug_cb(CURL *handle, curl_infotype type,
break;
}
- dump(timebuf, text, output, data, size, config->tracetype, type);
+ dump(timebuf, text, output, (unsigned char *) data, size, config->tracetype,
+ type);
return 0;
}
diff --git a/src/tool_cb_dbg.h b/src/tool_cb_dbg.h
index 7ac15cf9b..c1cbc8073 100644
--- a/src/tool_cb_dbg.h
+++ b/src/tool_cb_dbg.h
@@ -28,7 +28,7 @@
*/
int tool_debug_cb(CURL *handle, curl_infotype type,
- unsigned char *data, size_t size,
+ char *data, size_t size,
void *userdata);
#endif /* HEADER_CURL_TOOL_CB_DBG_H */
diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c
index f7d835562..0e13eec50 100644
--- a/src/tool_cb_hdr.c
+++ b/src/tool_cb_hdr.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
***************************************************************************/
#include "tool_setup.h"
-#include "rawstr.h"
+#include "strcase.h"
#define ENABLE_CURLX_PRINTF
/* use our own printf() functions */
@@ -40,14 +40,14 @@ static char *parse_filename(const char *ptr, size_t len);
** callback for CURLOPT_HEADERFUNCTION
*/
-size_t tool_header_cb(void *ptr, size_t size, size_t nmemb, void *userdata)
+size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
{
struct HdrCbData *hdrcbdata = userdata;
struct OutStruct *outs = hdrcbdata->outs;
struct OutStruct *heads = hdrcbdata->heads;
const char *str = ptr;
const size_t cb = size * nmemb;
- const char *end = (char*)ptr + cb;
+ const char *end = (char *)ptr + cb;
char *url = NULL;
/*
@@ -56,7 +56,7 @@ size_t tool_header_cb(void *ptr, size_t size, size_t nmemb,
void *userdata)
* it does not match then it fails with CURLE_WRITE_ERROR. So at this
* point returning a value different from sz*nmemb indicates failure.
*/
- size_t failure = (size * nmemb) ? 0 : 1;
+ size_t failure = (size && nmemb) ? 0 : 1;
if(!heads->config)
return failure;
@@ -128,8 +128,7 @@ size_t tool_header_cb(void *ptr, size_t size, size_t nmemb,
void *userdata)
hdrcbdata->honor_cd_filename = FALSE;
break;
}
- else
- return failure;
+ return failure;
}
}
@@ -215,7 +214,7 @@ static char *parse_filename(const char *ptr, size_t len)
}
#endif /* MSDOS || WIN32 */
- /* in case we built debug enabled, we allow an evironment variable
+ /* in case we built debug enabled, we allow an environment variable
* named CURL_TESTDIR to prefix the given file name to put it into a
* specific directory
*/
diff --git a/src/tool_cb_hdr.h b/src/tool_cb_hdr.h
index bb54bbb88..32032e980 100644
--- a/src/tool_cb_hdr.h
+++ b/src/tool_cb_hdr.h
@@ -48,7 +48,7 @@ struct HdrCbData {
** callback for CURLOPT_HEADERFUNCTION
*/
-size_t tool_header_cb(void *ptr, size_t size, size_t nmemb, void *userdata);
+size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata);
#endif /* HEADER_CURL_TOOL_CB_HDR_H */
diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c
index eae80fe12..d4ecb3cef 100644
--- a/src/tool_cb_prg.c
+++ b/src/tool_cb_prg.c
@@ -83,7 +83,7 @@ int tool_progress_cb(void *clientp,
}
else if(point != bar->prev) {
frac = (double)point / (double)total;
- percent = frac * 100.0f;
+ percent = frac * 100.0;
barwidth = bar->width - 7;
num = (int) (((double)barwidth) * frac);
if(num > MAX_BARLENGTH)
diff --git a/src/tool_cb_wrt.c b/src/tool_cb_wrt.c
index 041345762..6716ba5cd 100644
--- a/src/tool_cb_wrt.c
+++ b/src/tool_cb_wrt.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -72,11 +72,13 @@ bool tool_create_output_file(struct OutStruct *outs)
** callback for CURLOPT_WRITEFUNCTION
*/
-size_t tool_write_cb(void *buffer, size_t sz, size_t nmemb, void *userdata)
+size_t tool_write_cb(char *buffer, size_t sz, size_t nmemb, void *userdata)
{
size_t rc;
struct OutStruct *outs = userdata;
struct OperationConfig *config = outs->config;
+ size_t bytes = sz * nmemb;
+ bool is_tty = config->global->isatty;
/*
* Once that libcurl has called back tool_write_cb() the returned value
@@ -84,21 +86,26 @@ size_t tool_write_cb(void *buffer, size_t sz, size_t nmemb,
void *userdata)
* it does not match then it fails with CURLE_WRITE_ERROR. So at this
* point returning a value different from sz*nmemb indicates failure.
*/
- const size_t failure = (sz * nmemb) ? 0 : 1;
-
- if(!config)
- return failure;
+ const size_t failure = bytes ? 0 : 1;
#ifdef DEBUGBUILD
+ {
+ char *tty = curlx_getenv("CURL_ISATTY");
+ if(tty) {
+ is_tty = TRUE;
+ curl_free(tty);
+ }
+ }
+
if(config->include_headers) {
- if(sz * nmemb > (size_t)CURL_MAX_HTTP_HEADER) {
+ if(bytes > (size_t)CURL_MAX_HTTP_HEADER) {
warnf(config->global, "Header data size exceeds single call write "
"limit!\n");
return failure;
}
}
else {
- if(sz * nmemb > (size_t)CURL_MAX_WRITE_SIZE) {
+ if(bytes > (size_t)CURL_MAX_WRITE_SIZE) {
warnf(config->global, "Data size exceeds single call write limit!\n");
return failure;
}
@@ -137,11 +144,22 @@ size_t tool_write_cb(void *buffer, size_t sz, size_t
nmemb, void *userdata)
if(!outs->stream && !tool_create_output_file(outs))
return failure;
+ if(is_tty && (outs->bytes < 2000) && !config->terminal_binary_ok) {
+ /* binary output to terminal? */
+ if(memchr(buffer, 0, bytes)) {
+ warnf(config->global, "Binary output can mess up your terminal. "
+ "Use \"--output -\" to tell curl to output it to your terminal "
+ "anyway, or consider \"--output <FILE>\" to save to a file.\n");
+ config->synthetic_error = ERR_BINARY_TERMINAL;
+ return failure;
+ }
+ }
+
rc = fwrite(buffer, sz, nmemb, outs->stream);
- if((sz * nmemb) == rc)
+ if(bytes == rc)
/* we added this amount of data to the output */
- outs->bytes += (sz * nmemb);
+ outs->bytes += bytes;
if(config->readbusy) {
config->readbusy = FALSE;
diff --git a/src/tool_cb_wrt.h b/src/tool_cb_wrt.h
index fc60be0fc..4ccbf3a5f 100644
--- a/src/tool_cb_wrt.h
+++ b/src/tool_cb_wrt.h
@@ -27,7 +27,7 @@
** callback for CURLOPT_WRITEFUNCTION
*/
-size_t tool_write_cb(void *buffer, size_t sz, size_t nmemb, void *userdata);
+size_t tool_write_cb(char *buffer, size_t sz, size_t nmemb, void *userdata);
/* create a local file for writing, return TRUE on success */
bool tool_create_output_file(struct OutStruct *outs);
diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c
index 567123b82..675e88b45 100644
--- a/src/tool_cfgable.c
+++ b/src/tool_cfgable.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -68,6 +68,9 @@ static void free_config_fields(struct OperationConfig *config)
Curl_safefree(config->tls_username);
Curl_safefree(config->tls_password);
Curl_safefree(config->tls_authtype);
+ Curl_safefree(config->proxy_tls_username);
+ Curl_safefree(config->proxy_tls_password);
+ Curl_safefree(config->proxy_tls_authtype);
Curl_safefree(config->proxyuserpwd);
Curl_safefree(config->proxy);
@@ -99,19 +102,28 @@ static void free_config_fields(struct OperationConfig
*config)
config->url_out = NULL;
Curl_safefree(config->cipher_list);
+ Curl_safefree(config->proxy_cipher_list);
Curl_safefree(config->cert);
+ Curl_safefree(config->proxy_cert);
Curl_safefree(config->cert_type);
+ Curl_safefree(config->proxy_cert_type);
Curl_safefree(config->cacert);
+ Curl_safefree(config->proxy_cacert);
Curl_safefree(config->capath);
+ Curl_safefree(config->proxy_capath);
Curl_safefree(config->crlfile);
Curl_safefree(config->pinnedpubkey);
+ Curl_safefree(config->proxy_crlfile);
Curl_safefree(config->key);
+ Curl_safefree(config->proxy_key);
Curl_safefree(config->key_type);
+ Curl_safefree(config->proxy_key_type);
Curl_safefree(config->key_passwd);
+ Curl_safefree(config->proxy_key_passwd);
Curl_safefree(config->pubkey);
Curl_safefree(config->hostpubmd5);
Curl_safefree(config->engine);
-
+ Curl_safefree(config->request_target);
Curl_safefree(config->customrequest);
Curl_safefree(config->krblevel);
@@ -138,7 +150,7 @@ static void free_config_fields(struct OperationConfig
*config)
curl_slist_free_all(config->resolve);
curl_slist_free_all(config->connect_to);
- Curl_safefree(config->socksproxy);
+ Curl_safefree(config->preproxy);
Curl_safefree(config->proxy_service_name);
Curl_safefree(config->service_name);
diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index aa98fced5..254805c8c 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -27,6 +27,12 @@
#include "tool_metalink.h"
+typedef enum {
+ ERR_NONE,
+ ERR_BINARY_TERMINAL = 1, /* binary to terminal detected */
+ ERR_LAST
+} curl_error;
+
struct GlobalConfig;
struct OperationConfig {
@@ -78,6 +84,9 @@ struct OperationConfig {
char *tls_username;
char *tls_password;
char *tls_authtype;
+ char *proxy_tls_username;
+ char *proxy_tls_password;
+ char *proxy_tls_authtype;
char *proxyuserpwd;
char *proxy;
int proxyver; /* set to CURLPROXY_HTTP* define */
@@ -106,27 +115,40 @@ struct OperationConfig {
struct getout *url_get; /* point to the node to fill in URL */
struct getout *url_out; /* point to the node to fill in outfile */
char *cipher_list;
+ char *proxy_cipher_list;
char *cert;
+ char *proxy_cert;
char *cert_type;
+ char *proxy_cert_type;
char *cacert;
+ char *proxy_cacert;
char *capath;
+ char *proxy_capath;
char *crlfile;
+ char *proxy_crlfile;
char *pinnedpubkey;
char *key;
+ char *proxy_key;
char *key_type;
+ char *proxy_key_type;
char *key_passwd;
+ char *proxy_key_passwd;
char *pubkey;
char *hostpubmd5;
char *engine;
bool crlf;
char *customrequest;
char *krblevel;
+ char *request_target;
long httpversion;
bool nobuffer;
bool readbusy; /* set when reading input returns EAGAIN */
bool globoff;
bool use_httpget;
bool insecure_ok; /* set TRUE to allow insecure SSL connects */
+ bool proxy_insecure_ok; /* set TRUE to allow insecure SSL connects
+ for proxy */
+ bool terminal_binary_ok;
bool verifystatus;
bool create_dirs;
bool ftp_create_dirs;
@@ -137,11 +159,12 @@ struct OperationConfig {
bool proxybasic;
bool proxyanyauth;
char *writeout; /* %-styled format string to output */
- bool writeenv; /* write results to environment, if available */
struct curl_slist *quote;
struct curl_slist *postquote;
struct curl_slist *prequote;
long ssl_version;
+ long ssl_version_max;
+ long proxy_ssl_version;
long ip_version;
curl_TimeCond timecond;
time_t condtime;
@@ -163,11 +186,10 @@ struct OperationConfig {
bool ftp_ssl_control;
bool ftp_ssl_ccc;
int ftp_ssl_ccc_mode;
-
- char *socksproxy; /* set to server string */
- int socksver; /* set to CURLPROXY_SOCKS* define */
+ char *preproxy;
int socks5_gssapi_nec; /* The NEC reference server does not protect the
encryption type exchange */
+ unsigned long socks5_auth;/* auth bitmask for socks5 proxies */
char *proxy_service_name; /* set authentication service name for HTTP and
SOCKS5 proxies */
char *service_name; /* set authentication service name for DIGEST-MD5,
@@ -176,6 +198,7 @@ struct OperationConfig {
bool tcp_nodelay;
bool tcp_fastopen;
long req_retry; /* number of retries */
+ bool retry_connrefused; /* set connection refused as a transient error */
long retry_delay; /* delay between retries (in seconds) */
long retry_maxtime; /* maximum time to keep retrying */
@@ -201,7 +224,10 @@ struct OperationConfig {
bool xattr; /* store metadata in extended attributes */
long gssapi_delegation;
bool ssl_allow_beast; /* allow this SSL vulnerability */
+ bool proxy_ssl_allow_beast; /* allow this SSL vulnerability for proxy*/
+
bool ssl_no_revoke; /* disable SSL certificate revocation checks */
+ /*bool proxy_ssl_no_revoke; */
bool use_metalink; /* process given URLs as metalink XML file */
metalinkfile *metalinkfile_list; /* point to the first node */
@@ -213,9 +239,14 @@ struct OperationConfig {
bool nonpn; /* enable/disable TLS NPN extension */
bool noalpn; /* enable/disable TLS ALPN extension */
char *unix_socket_path; /* path to Unix domain socket */
+ bool abstract_unix_socket; /* path to an abstract Unix domain socket */
bool falsestart;
bool path_as_is;
double expect100timeout;
+ bool suppress_connect_headers; /* suppress proxy CONNECT response headers
+ from user callbacks */
+ curl_error synthetic_error; /* if non-zero, it overrides any libcurl
+ error */
struct GlobalConfig *global;
struct OperationConfig *prev;
struct OperationConfig *next; /* Always last in the struct */
@@ -238,7 +269,7 @@ struct GlobalConfig {
bool tracetime; /* include timestamp? */
int progressmode; /* CURL_PROGRESS_BAR / CURL_PROGRESS_STATS */
char *libcurl; /* Output libcurl code to this file name */
-
+ bool fail_early; /* exit on first transfer error */
struct OperationConfig *first;
struct OperationConfig *current;
struct OperationConfig *last; /* Always last in the struct */
diff --git a/src/tool_dirhie.c b/src/tool_dirhie.c
index 23bb2cb42..1d7359205 100644
--- a/src/tool_dirhie.c
+++ b/src/tool_dirhie.c
@@ -50,7 +50,7 @@
static void show_dir_errno(FILE *errors, const char *name)
{
- switch(ERRNO) {
+ switch(errno) {
#ifdef EACCES
case EACCES:
fprintf(errors, "You don't have permission to create %s.\n", name);
diff --git a/src/tool_doswin.c b/src/tool_doswin.c
index aed657a6a..91299986a 100644
--- a/src/tool_doswin.c
+++ b/src/tool_doswin.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -431,7 +431,7 @@ SANITIZEcode msdosify(char **const sanitized, const char
*file_name,
*d = 'x';
}
else {
- memcpy (d, "plus", 4);
+ memcpy(d, "plus", 4);
d += 3;
}
}
@@ -615,7 +615,7 @@ SANITIZEcode rename_if_reserved_dos_device_name(char
**const sanitized,
char **__crt0_glob_function(char *arg)
{
(void)arg;
- return (char**)0;
+ return (char **)0;
}
#endif /* MSDOS && (__DJGPP__ || __GO32__) */
@@ -646,24 +646,18 @@ CURLcode FindWin32CACert(struct OperationConfig *config,
if(curlinfo->features & CURL_VERSION_SSL) {
DWORD res_len;
- DWORD buf_tchar_size = PATH_MAX + 1;
- DWORD buf_bytes_size = sizeof(TCHAR) * buf_tchar_size;
+ char buf[PATH_MAX];
char *ptr = NULL;
- char *buf = malloc(buf_bytes_size);
- if(!buf)
- return CURLE_OUT_OF_MEMORY;
buf[0] = '\0';
- res_len = SearchPathA(NULL, bundle_file, NULL, buf_tchar_size, buf, &ptr);
+ res_len = SearchPathA(NULL, bundle_file, NULL, PATH_MAX, buf, &ptr);
if(res_len > 0) {
Curl_safefree(config->cacert);
config->cacert = strdup(buf);
if(!config->cacert)
result = CURLE_OUT_OF_MEMORY;
}
-
- Curl_safefree(buf);
}
return result;
diff --git a/src/tool_easysrc.c b/src/tool_easysrc.c
index c2dccf9fb..e3c9d1aa1 100644
--- a/src/tool_easysrc.c
+++ b/src/tool_easysrc.c
@@ -50,7 +50,7 @@ static const char *const srchead[]={
" * All curl_easy_setopt() options are documented at:",
" * https://curl.haxx.se/libcurl/c/curl_easy_setopt.html";,
" ************************************************************************/",
- "#include <curl/curl.h>",
+ "#include <gnurl/curl.h>",
"",
"int main(int argc, char *argv[])",
"{",
diff --git a/src/tool_formparse.c b/src/tool_formparse.c
index de30c5264..952377c49 100644
--- a/src/tool_formparse.c
+++ b/src/tool_formparse.c
@@ -21,13 +21,14 @@
***************************************************************************/
#include "tool_setup.h"
-#include "rawstr.h"
+#include "strcase.h"
#define ENABLE_CURLX_PRINTF
/* use our own printf() functions */
#include "curlx.h"
#include "tool_cfgable.h"
+#include "tool_convert.h"
#include "tool_mfiles.h"
#include "tool_msgs.h"
#include "tool_formparse.h"
@@ -153,7 +154,7 @@ int formparse(struct OperationConfig *config,
char type_major[128] = "";
char type_minor[128] = "";
char *contp;
- const char *type = NULL;
+ char *type = NULL;
char *sep;
if((1 == sscanf(input, "%255[^=]=", name)) &&
@@ -214,7 +215,7 @@ int formparse(struct OperationConfig *config,
}
/* now point beyond the content-type specifier */
- sep = (char *)type + strlen(type_major)+strlen(type_minor)+1;
+ sep = type + strlen(type_major)+strlen(type_minor)+1;
/* there's a semicolon following - we check if it is a filename
specified and if not we simply assume that it is text that
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index e49acf803..b7ee519b3 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
***************************************************************************/
#include "tool_setup.h"
-#include "rawstr.h"
+#include "strcase.h"
#define ENABLE_CURLX_PRINTF
/* use our own printf() functions */
@@ -30,6 +30,7 @@
#include "tool_binmode.h"
#include "tool_cfgable.h"
#include "tool_cb_prg.h"
+#include "tool_convert.h"
#include "tool_formparse.h"
#include "tool_getparam.h"
#include "tool_helpers.h"
@@ -60,223 +61,250 @@
struct LongShort {
const char *letter; /* short name option */
const char *lname; /* long name option */
- bool extraparam; /* whether it takes an additional argument */
+ enum {
+ ARG_NONE, /* stand-alone but not a boolean */
+ ARG_BOOL, /* accepts a --no-[name] prefix */
+ ARG_STRING /* requires an argument */
+ } desc;
};
static const struct LongShort aliases[]= {
/* 'letter' strings with more than one character have *no* short option to
mention. */
- {"*@", "url", TRUE},
- {"*4", "dns-ipv4-addr", TRUE},
- {"*6", "dns-ipv6-addr", TRUE},
- {"*a", "random-file", TRUE},
- {"*b", "egd-file", TRUE},
- {"*B", "oauth2-bearer", TRUE},
- {"*c", "connect-timeout", TRUE},
- {"*d", "ciphers", TRUE},
- {"*D", "dns-interface", TRUE},
- {"*e", "disable-epsv", FALSE},
- {"*E", "epsv", FALSE},
+ {"*@", "url", ARG_STRING},
+ {"*4", "dns-ipv4-addr", ARG_STRING},
+ {"*6", "dns-ipv6-addr", ARG_STRING},
+ {"*a", "random-file", ARG_STRING},
+ {"*b", "egd-file", ARG_STRING},
+ {"*B", "oauth2-bearer", ARG_STRING},
+ {"*c", "connect-timeout", ARG_STRING},
+ {"*d", "ciphers", ARG_STRING},
+ {"*D", "dns-interface", ARG_STRING},
+ {"*e", "disable-epsv", ARG_BOOL},
+ {"*E", "epsv", ARG_BOOL},
/* 'epsv' made like this to make --no-epsv and --epsv to work
although --disable-epsv is the documented option */
-#ifdef USE_ENVIRONMENT
- {"*f", "environment", FALSE},
-#endif
- {"*F", "dns-servers", TRUE},
- {"*g", "trace", TRUE},
- {"*G", "npn", FALSE},
- {"*h", "trace-ascii", TRUE},
- {"*H", "alpn", FALSE},
- {"*i", "limit-rate", TRUE},
- {"*j", "compressed", FALSE},
- {"*J", "tr-encoding", FALSE},
- {"*k", "digest", FALSE},
- {"*l", "negotiate", FALSE},
- {"*m", "ntlm", FALSE},
- {"*M", "ntlm-wb", FALSE},
- {"*n", "basic", FALSE},
- {"*o", "anyauth", FALSE},
+ {"*F", "dns-servers", ARG_STRING},
+ {"*g", "trace", ARG_STRING},
+ {"*G", "npn", ARG_BOOL},
+ {"*h", "trace-ascii", ARG_STRING},
+ {"*H", "alpn", ARG_BOOL},
+ {"*i", "limit-rate", ARG_STRING},
+ {"*j", "compressed", ARG_BOOL},
+ {"*J", "tr-encoding", ARG_BOOL},
+ {"*k", "digest", ARG_BOOL},
+ {"*l", "negotiate", ARG_BOOL},
+ {"*m", "ntlm", ARG_BOOL},
+ {"*M", "ntlm-wb", ARG_BOOL},
+ {"*n", "basic", ARG_BOOL},
+ {"*o", "anyauth", ARG_BOOL},
#ifdef USE_WATT32
- {"*p", "wdebug", FALSE},
+ {"*p", "wdebug", ARG_BOOL},
#endif
- {"*q", "ftp-create-dirs", FALSE},
- {"*r", "create-dirs", FALSE},
- {"*s", "max-redirs", TRUE},
- {"*t", "proxy-ntlm", FALSE},
- {"*u", "crlf", FALSE},
- {"*v", "stderr", TRUE},
- {"*w", "interface", TRUE},
- {"*x", "krb", TRUE},
- {"*x", "krb4", TRUE},
+ {"*q", "ftp-create-dirs", ARG_BOOL},
+ {"*r", "create-dirs", ARG_BOOL},
+ {"*s", "max-redirs", ARG_STRING},
+ {"*t", "proxy-ntlm", ARG_BOOL},
+ {"*u", "crlf", ARG_BOOL},
+ {"*v", "stderr", ARG_STRING},
+ {"*w", "interface", ARG_STRING},
+ {"*x", "krb", ARG_STRING},
+ {"*x", "krb4", ARG_STRING},
/* 'krb4' is the previous name */
- {"*y", "max-filesize", TRUE},
- {"*z", "disable-eprt", FALSE},
- {"*Z", "eprt", FALSE},
+ {"*y", "max-filesize", ARG_STRING},
+ {"*z", "disable-eprt", ARG_BOOL},
+ {"*Z", "eprt", ARG_BOOL},
/* 'eprt' made like this to make --no-eprt and --eprt to work
although --disable-eprt is the documented option */
- {"*~", "xattr", FALSE},
- {"$a", "ftp-ssl", FALSE},
+ {"*~", "xattr", ARG_BOOL},
+ {"$a", "ftp-ssl", ARG_BOOL},
/* 'ftp-ssl' deprecated name since 7.20.0 */
- {"$a", "ssl", FALSE},
+ {"$a", "ssl", ARG_BOOL},
/* 'ssl' new option name in 7.20.0, previously this was ftp-ssl */
- {"$b", "ftp-pasv", FALSE},
- {"$c", "socks5", TRUE},
- {"$d", "tcp-nodelay", FALSE},
- {"$e", "proxy-digest", FALSE},
- {"$f", "proxy-basic", FALSE},
- {"$g", "retry", TRUE},
- {"$h", "retry-delay", TRUE},
- {"$i", "retry-max-time", TRUE},
- {"$k", "proxy-negotiate", FALSE},
- {"$m", "ftp-account", TRUE},
- {"$n", "proxy-anyauth", FALSE},
- {"$o", "trace-time", FALSE},
- {"$p", "ignore-content-length", FALSE},
- {"$q", "ftp-skip-pasv-ip", FALSE},
- {"$r", "ftp-method", TRUE},
- {"$s", "local-port", TRUE},
- {"$t", "socks4", TRUE},
- {"$T", "socks4a", TRUE},
- {"$u", "ftp-alternative-to-user", TRUE},
- {"$v", "ftp-ssl-reqd", FALSE},
+ {"$b", "ftp-pasv", ARG_BOOL},
+ {"$c", "socks5", ARG_STRING},
+ {"$d", "tcp-nodelay", ARG_BOOL},
+ {"$e", "proxy-digest", ARG_BOOL},
+ {"$f", "proxy-basic", ARG_BOOL},
+ {"$g", "retry", ARG_STRING},
+ {"$V", "retry-connrefused", ARG_BOOL},
+ {"$h", "retry-delay", ARG_STRING},
+ {"$i", "retry-max-time", ARG_STRING},
+ {"$k", "proxy-negotiate", ARG_BOOL},
+ {"$m", "ftp-account", ARG_STRING},
+ {"$n", "proxy-anyauth", ARG_BOOL},
+ {"$o", "trace-time", ARG_BOOL},
+ {"$p", "ignore-content-length", ARG_BOOL},
+ {"$q", "ftp-skip-pasv-ip", ARG_BOOL},
+ {"$r", "ftp-method", ARG_STRING},
+ {"$s", "local-port", ARG_STRING},
+ {"$t", "socks4", ARG_STRING},
+ {"$T", "socks4a", ARG_STRING},
+ {"$u", "ftp-alternative-to-user", ARG_STRING},
+ {"$v", "ftp-ssl-reqd", ARG_BOOL},
/* 'ftp-ssl-reqd' deprecated name since 7.20.0 */
- {"$v", "ssl-reqd", FALSE},
+ {"$v", "ssl-reqd", ARG_BOOL},
/* 'ssl-reqd' new in 7.20.0, previously this was ftp-ssl-reqd */
- {"$w", "sessionid", FALSE},
+ {"$w", "sessionid", ARG_BOOL},
/* 'sessionid' listed as --no-sessionid in the help */
- {"$x", "ftp-ssl-control", FALSE},
- {"$y", "ftp-ssl-ccc", FALSE},
- {"$j", "ftp-ssl-ccc-mode", TRUE},
- {"$z", "libcurl", TRUE},
- {"$#", "raw", FALSE},
- {"$0", "post301", FALSE},
- {"$1", "keepalive", FALSE},
+ {"$x", "ftp-ssl-control", ARG_BOOL},
+ {"$y", "ftp-ssl-ccc", ARG_BOOL},
+ {"$j", "ftp-ssl-ccc-mode", ARG_STRING},
+ {"$z", "libcurl", ARG_STRING},
+ {"$#", "raw", ARG_BOOL},
+ {"$0", "post301", ARG_BOOL},
+ {"$1", "keepalive", ARG_BOOL},
/* 'keepalive' listed as --no-keepalive in the help */
- {"$2", "socks5-hostname", TRUE},
- {"$3", "keepalive-time", TRUE},
- {"$4", "post302", FALSE},
- {"$5", "noproxy", TRUE},
- {"$7", "socks5-gssapi-nec", FALSE},
- {"$8", "proxy1.0", TRUE},
- {"$9", "tftp-blksize", TRUE},
- {"$A", "mail-from", TRUE},
- {"$B", "mail-rcpt", TRUE},
- {"$C", "ftp-pret", FALSE},
- {"$D", "proto", TRUE},
- {"$E", "proto-redir", TRUE},
- {"$F", "resolve", TRUE},
- {"$G", "delegation", TRUE},
- {"$H", "mail-auth", TRUE},
- {"$I", "post303", FALSE},
- {"$J", "metalink", FALSE},
- {"$K", "sasl-ir", FALSE},
- {"$L", "test-event", FALSE},
- {"$M", "unix-socket", TRUE},
- {"$N", "path-as-is", FALSE},
- {"$O", "socks5-gssapi-service", TRUE},
+ {"$2", "socks5-hostname", ARG_STRING},
+ {"$3", "keepalive-time", ARG_STRING},
+ {"$4", "post302", ARG_BOOL},
+ {"$5", "noproxy", ARG_STRING},
+ {"$7", "socks5-gssapi-nec", ARG_BOOL},
+ {"$8", "proxy1.0", ARG_STRING},
+ {"$9", "tftp-blksize", ARG_STRING},
+ {"$A", "mail-from", ARG_STRING},
+ {"$B", "mail-rcpt", ARG_STRING},
+ {"$C", "ftp-pret", ARG_BOOL},
+ {"$D", "proto", ARG_STRING},
+ {"$E", "proto-redir", ARG_STRING},
+ {"$F", "resolve", ARG_STRING},
+ {"$G", "delegation", ARG_STRING},
+ {"$H", "mail-auth", ARG_STRING},
+ {"$I", "post303", ARG_BOOL},
+ {"$J", "metalink", ARG_BOOL},
+ {"$K", "sasl-ir", ARG_BOOL},
+ {"$L", "test-event", ARG_BOOL},
+ {"$M", "unix-socket", ARG_STRING},
+ {"$N", "path-as-is", ARG_BOOL},
+ {"$O", "socks5-gssapi-service", ARG_STRING},
/* 'socks5-gssapi-service' merged with'proxy-service-name' and
deprecated since 7.49.0 */
- {"$O", "proxy-service-name", TRUE},
- {"$P", "service-name", TRUE},
- {"$Q", "proto-default", TRUE},
- {"$R", "expect100-timeout", TRUE},
- {"$S", "tftp-no-options", FALSE},
- {"$U", "connect-to", TRUE},
- {"0", "http1.0", FALSE},
- {"01", "http1.1", FALSE},
- {"02", "http2", FALSE},
- {"03", "http2-prior-knowledge", FALSE},
- {"1", "tlsv1", FALSE},
- {"10", "tlsv1.0", FALSE},
- {"11", "tlsv1.1", FALSE},
- {"12", "tlsv1.2", FALSE},
- {"2", "sslv2", FALSE},
- {"3", "sslv3", FALSE},
- {"4", "ipv4", FALSE},
- {"6", "ipv6", FALSE},
- {"a", "append", FALSE},
- {"A", "user-agent", TRUE},
- {"b", "cookie", TRUE},
- {"B", "use-ascii", FALSE},
- {"c", "cookie-jar", TRUE},
- {"C", "continue-at", TRUE},
- {"d", "data", TRUE},
- {"dr", "data-raw", TRUE},
- {"da", "data-ascii", TRUE},
- {"db", "data-binary", TRUE},
- {"de", "data-urlencode", TRUE},
- {"D", "dump-header", TRUE},
- {"e", "referer", TRUE},
- {"E", "cert", TRUE},
- {"Ea", "cacert", TRUE},
- {"Eb", "cert-type", TRUE},
- {"Ec", "key", TRUE},
- {"Ed", "key-type", TRUE},
- {"Ee", "pass", TRUE},
- {"Ef", "engine", TRUE},
- {"Eg", "capath", TRUE},
- {"Eh", "pubkey", TRUE},
- {"Ei", "hostpubmd5", TRUE},
- {"Ej", "crlfile", TRUE},
- {"Ek", "tlsuser", TRUE},
- {"El", "tlspassword", TRUE},
- {"Em", "tlsauthtype", TRUE},
- {"En", "ssl-allow-beast", FALSE},
- {"Eo", "login-options", TRUE},
- {"Ep", "pinnedpubkey", TRUE},
- {"Eq", "cert-status", FALSE},
- {"Er", "false-start", FALSE},
- {"Es", "ssl-no-revoke", FALSE},
- {"Et", "tcp-fastopen", FALSE},
- {"f", "fail", FALSE},
- {"F", "form", TRUE},
- {"Fs", "form-string", TRUE},
- {"g", "globoff", FALSE},
- {"G", "get", FALSE},
- {"h", "help", FALSE},
- {"H", "header", TRUE},
- {"Hp", "proxy-header", TRUE},
- {"i", "include", FALSE},
- {"I", "head", FALSE},
- {"j", "junk-session-cookies", FALSE},
- {"J", "remote-header-name", FALSE},
- {"k", "insecure", FALSE},
- {"K", "config", TRUE},
- {"l", "list-only", FALSE},
- {"L", "location", FALSE},
- {"Lt", "location-trusted", FALSE},
- {"m", "max-time", TRUE},
- {"M", "manual", FALSE},
- {"n", "netrc", FALSE},
- {"no", "netrc-optional", FALSE},
- {"ne", "netrc-file", TRUE},
- {"N", "buffer", FALSE},
+ {"$O", "proxy-service-name", ARG_STRING},
+ {"$P", "service-name", ARG_STRING},
+ {"$Q", "proto-default", ARG_STRING},
+ {"$R", "expect100-timeout", ARG_STRING},
+ {"$S", "tftp-no-options", ARG_BOOL},
+ {"$U", "connect-to", ARG_STRING},
+ {"$W", "abstract-unix-socket", ARG_STRING},
+ {"$X", "tls-max", ARG_STRING},
+ {"$Y", "suppress-connect-headers", ARG_BOOL},
+ {"0", "http1.0", ARG_NONE},
+ {"01", "http1.1", ARG_NONE},
+ {"02", "http2", ARG_NONE},
+ {"03", "http2-prior-knowledge", ARG_NONE},
+ {"1", "tlsv1", ARG_NONE},
+ {"10", "tlsv1.0", ARG_NONE},
+ {"11", "tlsv1.1", ARG_NONE},
+ {"12", "tlsv1.2", ARG_NONE},
+ {"13", "tlsv1.3", ARG_NONE},
+ {"2", "sslv2", ARG_NONE},
+ {"3", "sslv3", ARG_NONE},
+ {"4", "ipv4", ARG_NONE},
+ {"6", "ipv6", ARG_NONE},
+ {"a", "append", ARG_BOOL},
+ {"A", "user-agent", ARG_STRING},
+ {"b", "cookie", ARG_STRING},
+ {"B", "use-ascii", ARG_BOOL},
+ {"c", "cookie-jar", ARG_STRING},
+ {"C", "continue-at", ARG_STRING},
+ {"d", "data", ARG_STRING},
+ {"dr", "data-raw", ARG_STRING},
+ {"da", "data-ascii", ARG_STRING},
+ {"db", "data-binary", ARG_STRING},
+ {"de", "data-urlencode", ARG_STRING},
+ {"D", "dump-header", ARG_STRING},
+ {"e", "referer", ARG_STRING},
+ {"E", "cert", ARG_STRING},
+ {"Ea", "cacert", ARG_STRING},
+ {"Eb", "cert-type", ARG_STRING},
+ {"Ec", "key", ARG_STRING},
+ {"Ed", "key-type", ARG_STRING},
+ {"Ee", "pass", ARG_STRING},
+ {"Ef", "engine", ARG_STRING},
+ {"Eg", "capath", ARG_STRING},
+ {"Eh", "pubkey", ARG_STRING},
+ {"Ei", "hostpubmd5", ARG_STRING},
+ {"Ej", "crlfile", ARG_STRING},
+ {"Ek", "tlsuser", ARG_STRING},
+ {"El", "tlspassword", ARG_STRING},
+ {"Em", "tlsauthtype", ARG_STRING},
+ {"En", "ssl-allow-beast", ARG_BOOL},
+ {"Eo", "login-options", ARG_STRING},
+ {"Ep", "pinnedpubkey", ARG_STRING},
+ {"Eq", "cert-status", ARG_BOOL},
+ {"Er", "false-start", ARG_BOOL},
+ {"Es", "ssl-no-revoke", ARG_BOOL},
+ {"Et", "tcp-fastopen", ARG_BOOL},
+ {"Eu", "proxy-tlsuser", ARG_STRING},
+ {"Ev", "proxy-tlspassword", ARG_STRING},
+ {"Ew", "proxy-tlsauthtype", ARG_STRING},
+ {"Ex", "proxy-cert", ARG_STRING},
+ {"Ey", "proxy-cert-type", ARG_STRING},
+ {"Ez", "proxy-key", ARG_STRING},
+ {"E0", "proxy-key-type", ARG_STRING},
+ {"E1", "proxy-pass", ARG_STRING},
+ {"E2", "proxy-ciphers", ARG_STRING},
+ {"E3", "proxy-crlfile", ARG_STRING},
+ {"E4", "proxy-ssl-allow-beast", ARG_BOOL},
+ {"E5", "login-options", ARG_STRING},
+ {"E6", "proxy-cacert", ARG_STRING},
+ {"E7", "proxy-capath", ARG_STRING},
+ {"E8", "proxy-insecure", ARG_BOOL},
+ {"E9", "proxy-tlsv1", ARG_NONE},
+ {"EA", "socks5-basic", ARG_BOOL},
+ {"EB", "socks5-gssapi", ARG_BOOL},
+ {"f", "fail", ARG_BOOL},
+ {"fa", "fail-early", ARG_BOOL},
+ {"F", "form", ARG_STRING},
+ {"Fs", "form-string", ARG_STRING},
+ {"g", "globoff", ARG_BOOL},
+ {"G", "get", ARG_NONE},
+ {"Ga", "request-target", ARG_STRING},
+ {"h", "help", ARG_BOOL},
+ {"H", "header", ARG_STRING},
+ {"Hp", "proxy-header", ARG_STRING},
+ {"i", "include", ARG_BOOL},
+ {"I", "head", ARG_BOOL},
+ {"j", "junk-session-cookies", ARG_BOOL},
+ {"J", "remote-header-name", ARG_BOOL},
+ {"k", "insecure", ARG_BOOL},
+ {"K", "config", ARG_STRING},
+ {"l", "list-only", ARG_BOOL},
+ {"L", "location", ARG_BOOL},
+ {"Lt", "location-trusted", ARG_BOOL},
+ {"m", "max-time", ARG_STRING},
+ {"M", "manual", ARG_BOOL},
+ {"n", "netrc", ARG_BOOL},
+ {"no", "netrc-optional", ARG_BOOL},
+ {"ne", "netrc-file", ARG_STRING},
+ {"N", "buffer", ARG_BOOL},
/* 'buffer' listed as --no-buffer in the help */
- {"o", "output", TRUE},
- {"O", "remote-name", FALSE},
- {"Oa", "remote-name-all", FALSE},
- {"p", "proxytunnel", FALSE},
- {"P", "ftp-port", TRUE},
- {"q", "disable", FALSE},
- {"Q", "quote", TRUE},
- {"r", "range", TRUE},
- {"R", "remote-time", FALSE},
- {"s", "silent", FALSE},
- {"S", "show-error", FALSE},
- {"t", "telnet-option", TRUE},
- {"T", "upload-file", TRUE},
- {"u", "user", TRUE},
- {"U", "proxy-user", TRUE},
- {"v", "verbose", FALSE},
- {"V", "version", FALSE},
- {"w", "write-out", TRUE},
- {"x", "proxy", TRUE},
- {"X", "request", TRUE},
- {"Y", "speed-limit", TRUE},
- {"y", "speed-time", TRUE},
- {"z", "time-cond", TRUE},
- {"#", "progress-bar", FALSE},
- {":", "next", FALSE},
+ {"o", "output", ARG_STRING},
+ {"O", "remote-name", ARG_NONE},
+ {"Oa", "remote-name-all", ARG_BOOL},
+ {"p", "proxytunnel", ARG_BOOL},
+ {"P", "ftp-port", ARG_STRING},
+ {"q", "disable", ARG_BOOL},
+ {"Q", "quote", ARG_STRING},
+ {"r", "range", ARG_STRING},
+ {"R", "remote-time", ARG_BOOL},
+ {"s", "silent", ARG_BOOL},
+ {"S", "show-error", ARG_BOOL},
+ {"t", "telnet-option", ARG_STRING},
+ {"T", "upload-file", ARG_STRING},
+ {"u", "user", ARG_STRING},
+ {"U", "proxy-user", ARG_STRING},
+ {"v", "verbose", ARG_BOOL},
+ {"V", "version", ARG_BOOL},
+ {"w", "write-out", ARG_STRING},
+ {"x", "proxy", ARG_STRING},
+ {"xa", "preproxy", ARG_STRING},
+ {"X", "request", ARG_STRING},
+ {"Y", "speed-limit", ARG_STRING},
+ {"y", "speed-time", ARG_STRING},
+ {"z", "time-cond", ARG_STRING},
+ {"#", "progress-bar", ARG_BOOL},
+ {":", "next", ARG_NONE},
};
/* Split the argument of -E to 'certname' and 'passphrase' separated by colon.
@@ -381,10 +409,24 @@ done:
*certname_place = '\0';
}
-ParameterError getparameter(char *flag, /* f or -long-flag */
- char *nextarg, /* NULL if unset */
- bool *usedarg, /* set to TRUE if the arg
- has been used */
+static void
+GetFileAndPassword(char *nextarg, char **file, char **password)
+{
+ char *certname, *passphrase;
+ parse_cert_parameter(nextarg, &certname, &passphrase);
+ Curl_safefree(*file);
+ *file = certname;
+ if(passphrase) {
+ Curl_safefree(*password);
+ *password = passphrase;
+ }
+ cleanarg(nextarg);
+}
+
+ParameterError getparameter(const char *flag, /* f or -long-flag */
+ char *nextarg, /* NULL if unset */
+ bool *usedarg, /* set to TRUE if the arg
+ has been used */
struct GlobalConfig *global,
struct OperationConfig *config)
{
@@ -401,11 +443,12 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
bool toggle = TRUE; /* how to switch boolean options, on or off. Controlled
by using --OPTION or --no-OPTION */
+ *usedarg = FALSE; /* default is that we don't use the arg */
if(('-' != flag[0]) ||
(('-' == flag[0]) && ('-' == flag[1]))) {
/* this should be a long name */
- char *word = ('-' == flag[0]) ? flag+2 : flag;
+ const char *word = ('-' == flag[0]) ? flag+2 : flag;
size_t fnam = strlen(word);
int numhits = 0;
@@ -416,10 +459,10 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
}
for(j = 0; j < sizeof(aliases)/sizeof(aliases[0]); j++) {
- if(curlx_strnequal(aliases[j].lname, word, fnam)) {
+ if(curl_strnequal(aliases[j].lname, word, fnam)) {
longopt = TRUE;
numhits++;
- if(curlx_raw_equal(aliases[j].lname, word)) {
+ if(curl_strequal(aliases[j].lname, word)) {
parse = aliases[j].letter;
hit = j;
numhits = 1; /* a single unique hit */
@@ -454,7 +497,6 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
letter = parse[0];
subletter = parse[1];
}
- *usedarg = FALSE; /* default is that we don't use the arg */
if(hit < 0) {
for(j = 0; j < sizeof(aliases)/sizeof(aliases[0]); j++) {
@@ -468,7 +510,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
}
}
- if(aliases[hit].extraparam) {
+ if(aliases[hit].desc == ARG_STRING) {
/* this option requires an extra parameter */
if(!longopt && parse[1]) {
nextarg = (char *)&parse[1]; /* this is the actual extra parameter */
@@ -479,6 +521,8 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
else
*usedarg = TRUE; /* mark it as used */
}
+ else if((aliases[hit].desc == ARG_NONE) && !toggle)
+ return PARAM_NO_PREFIX;
switch(letter) {
case '*': /* options without a short option */
@@ -501,7 +545,8 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
GetStr(&config->oauth_bearer, nextarg);
break;
case 'c': /* connect-timeout */
- err = str2udouble(&config->connecttimeout, nextarg);
+ err = str2udouble(&config->connecttimeout, nextarg,
+ LONG_MAX/1000);
if(err)
return err;
break;
@@ -518,11 +563,6 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
case 'E': /* --epsv */
config->disable_epsv = (!toggle)?TRUE:FALSE;
break;
-#ifdef USE_ENVIRONMENT
- case 'f':
- config->writeenv = toggle;
- break;
-#endif
case 'F': /* --dns-servers */
/* IP addrs of DNS servers */
GetStr(&config->dns_servers, nextarg);
@@ -724,7 +764,11 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
case '@': /* the URL! */
{
struct getout *url;
- if(config->url_get || ((config->url_get = config->url_list) != NULL)) {
+
+ if(!config->url_get)
+ config->url_get = config->url_list;
+
+ if(config->url_get) {
/* there's a node here, if it already is filled-in continue to find
an "empty" node */
while(config->url_get && (config->url_get->flags & GETOUT_URL))
@@ -742,17 +786,16 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
if(!url)
return PARAM_NO_MEM;
- else {
- /* fill in the URL */
- GetStr(&url->url, nextarg);
- url->flags |= GETOUT_URL;
- }
+
+ /* fill in the URL */
+ GetStr(&url->url, nextarg);
+ url->flags |= GETOUT_URL;
}
}
break;
case '$': /* more options without a short option */
switch(subletter) {
- case 'a': /* --ftp-ssl */
+ case 'a': /* --ssl */
if(toggle && !(curlinfo->features & CURL_VERSION_SSL))
return PARAM_LIBCURL_DOESNT_SUPPORT;
config->ftp_ssl = toggle;
@@ -762,21 +805,21 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
break;
case 'c': /* --socks5 specifies a socks5 proxy to use, and resolves
the name locally and passes on the resolved address */
- GetStr(&config->socksproxy, nextarg);
- config->socksver = CURLPROXY_SOCKS5;
+ GetStr(&config->proxy, nextarg);
+ config->proxyver = CURLPROXY_SOCKS5;
break;
case 't': /* --socks4 specifies a socks4 proxy to use */
- GetStr(&config->socksproxy, nextarg);
- config->socksver = CURLPROXY_SOCKS4;
+ GetStr(&config->proxy, nextarg);
+ config->proxyver = CURLPROXY_SOCKS4;
break;
case 'T': /* --socks4a specifies a socks4a proxy to use */
- GetStr(&config->socksproxy, nextarg);
- config->socksver = CURLPROXY_SOCKS4A;
+ GetStr(&config->proxy, nextarg);
+ config->proxyver = CURLPROXY_SOCKS4A;
break;
case '2': /* --socks5-hostname specifies a socks5 proxy and enables name
resolving with the proxy */
- GetStr(&config->socksproxy, nextarg);
- config->socksver = CURLPROXY_SOCKS5_HOSTNAME;
+ GetStr(&config->proxy, nextarg);
+ config->proxyver = CURLPROXY_SOCKS5_HOSTNAME;
break;
case 'd': /* --tcp-nodelay option */
config->tcp_nodelay = toggle;
@@ -792,6 +835,9 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
if(err)
return err;
break;
+ case 'V': /* --retry-connrefused */
+ config->retry_connrefused = toggle;
+ break;
case 'h': /* --retry-delay */
err = str2unum(&config->retry_delay, nextarg);
if(err)
@@ -834,7 +880,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
&config->localportrange);
if(!rc)
return PARAM_BAD_USE;
- else if(rc == 1)
+ if(rc == 1)
config->localportrange = 1; /* default number of ports to try */
else {
config->localportrange -= config->localport;
@@ -847,7 +893,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
case 'u': /* --ftp-alternative-to-user */
GetStr(&config->ftp_alternative_to_user, nextarg);
break;
- case 'v': /* --ftp-ssl-reqd */
+ case 'v': /* --ssl-reqd */
if(toggle && !(curlinfo->features & CURL_VERSION_SSL))
return PARAM_LIBCURL_DOESNT_SUPPORT;
config->ftp_ssl_reqd = toggle;
@@ -983,6 +1029,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
#endif
break;
case 'M': /* --unix-socket */
+ config->abstract_unix_socket = FALSE;
GetStr(&config->unix_socket_path, nextarg);
break;
case 'N': /* --path-as-is */
@@ -1001,7 +1048,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
return err;
break;
case 'R': /* --expect100-timeout */
- err = str2udouble(&config->expect100timeout, nextarg);
+ err = str2udouble(&config->expect100timeout, nextarg, LONG_MAX/1000);
if(err)
return err;
break;
@@ -1013,6 +1060,18 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
if(err)
return err;
break;
+ case 'W': /* --abstract-unix-socket */
+ config->abstract_unix_socket = TRUE;
+ GetStr(&config->unix_socket_path, nextarg);
+ break;
+ case 'X': /* --tls-max */
+ err = str2tls_max(&config->ssl_version_max, nextarg);
+ if(err)
+ return err;
+ break;
+ case 'Y': /* --suppress-connect-headers */
+ config->suppress_connect_headers = toggle;
+ break;
}
break;
case '#': /* --progress-bar */
@@ -1061,6 +1120,10 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
/* TLS version 1.2 */
config->ssl_version = CURL_SSLVERSION_TLSv1_2;
break;
+ case '3':
+ /* TLS version 1.3 */
+ config->ssl_version = CURL_SSLVERSION_TLSv1_3;
+ break;
}
break;
case '2':
@@ -1109,7 +1172,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
break;
case 'C':
/* This makes us continue an ftp transfer at given position */
- if(!curlx_strequal(nextarg, "-")) {
+ if(strcmp(nextarg, "-")) {
err = str2offset(&config->resume_from, nextarg);
if(err)
return err;
@@ -1153,7 +1216,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
}
if('@' == is_file) {
/* a '@' letter, it means that a file name or - (stdin) follows */
- if(curlx_strequal("-", p)) {
+ if(!strcmp("-", p)) {
file = stdin;
set_binmode(stdin);
}
@@ -1218,7 +1281,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
or - (stdin) follows */
nextarg++; /* pass the @ */
- if(curlx_strequal("-", nextarg)) {
+ if(!strcmp("-", nextarg)) {
file = stdin;
if(subletter == 'b') /* forced data-binary */
set_binmode(stdin);
@@ -1324,6 +1387,9 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
break;
case 'E':
switch(subletter) {
+ case '\0': /* certificate file */
+ GetFileAndPassword(nextarg, &config->cert, &config->key_passwd);
+ break;
case 'a': /* CA info PEM file */
/* CA info PEM file */
GetStr(&config->cacert, nextarg);
@@ -1343,7 +1409,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
break;
case 'f': /* crypto engine */
GetStr(&config->engine, nextarg);
- if(config->engine && curlx_raw_equal(config->engine, "list"))
+ if(config->engine && curl_strequal(config->engine, "list"))
return PARAM_ENGINES_REQUESTED;
break;
case 'g': /* CA info PEM file */
@@ -1377,7 +1443,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
case 'm': /* TLS authentication type */
if(curlinfo->features & CURL_VERSION_TLSAUTH_SRP) {
GetStr(&config->tls_authtype, nextarg);
- if(!strequal(config->tls_authtype, "SRP"))
+ if(!curl_strequal(config->tls_authtype, "SRP"))
return PARAM_LIBCURL_DOESNT_SUPPORT; /* only support TLS-SRP */
}
else
@@ -1414,23 +1480,118 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
config->tcp_fastopen = TRUE;
break;
- default: /* certificate file */
- {
- char *certname, *passphrase;
- parse_cert_parameter(nextarg, &certname, &passphrase);
- Curl_safefree(config->cert);
- config->cert = certname;
- if(passphrase) {
- Curl_safefree(config->key_passwd);
- config->key_passwd = passphrase;
+ case 'u': /* TLS username for proxy */
+ if(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)
+ GetStr(&config->proxy_tls_username, nextarg);
+ else
+ return PARAM_LIBCURL_DOESNT_SUPPORT;
+ break;
+
+ case 'v': /* TLS password for proxy */
+ if(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)
+ GetStr(&config->proxy_tls_password, nextarg);
+ else
+ return PARAM_LIBCURL_DOESNT_SUPPORT;
+ break;
+
+ case 'w': /* TLS authentication type for proxy */
+ if(curlinfo->features & CURL_VERSION_TLSAUTH_SRP) {
+ GetStr(&config->proxy_tls_authtype, nextarg);
+ if(!curl_strequal(config->proxy_tls_authtype, "SRP"))
+ return PARAM_LIBCURL_DOESNT_SUPPORT; /* only support TLS-SRP */
}
+ else
+ return PARAM_LIBCURL_DOESNT_SUPPORT;
+ break;
+
+ case 'x': /* certificate file for proxy */
+ GetFileAndPassword(nextarg, &config->proxy_cert,
+ &config->proxy_key_passwd);
+ break;
+
+ case 'y': /* cert file type for proxy */
+ GetStr(&config->proxy_cert_type, nextarg);
+ break;
+
+ case 'z': /* private key file for proxy */
+ GetStr(&config->proxy_key, nextarg);
+ break;
+
+ case '0': /* private key file type for proxy */
+ GetStr(&config->proxy_key_type, nextarg);
+ break;
+
+ case '1': /* private key passphrase for proxy */
+ GetStr(&config->proxy_key_passwd, nextarg);
cleanarg(nextarg);
- }
+ break;
+
+ case '2': /* ciphers for proxy */
+ GetStr(&config->proxy_cipher_list, nextarg);
+ break;
+
+ case '3': /* CRL info PEM file for proxy */
+ /* CRL file */
+ GetStr(&config->proxy_crlfile, nextarg);
+ break;
+
+ case '4': /* no empty SSL fragments for proxy */
+ if(curlinfo->features & CURL_VERSION_SSL)
+ config->proxy_ssl_allow_beast = toggle;
+ break;
+
+ case '5': /* --login-options */
+ GetStr(&config->login_options, nextarg);
+ break;
+
+ case '6': /* CA info PEM file for proxy */
+ /* CA info PEM file */
+ GetStr(&config->proxy_cacert, nextarg);
+ break;
+
+ case '7': /* CA info PEM file for proxy */
+ /* CA cert directory */
+ GetStr(&config->proxy_capath, nextarg);
+ break;
+
+ case '8': /* allow insecure SSL connects for proxy */
+ config->proxy_insecure_ok = toggle;
+ break;
+
+ case '9': /* --proxy-tlsv1 */
+ /* TLS version 1 for proxy */
+ config->proxy_ssl_version = CURL_SSLVERSION_TLSv1;
+ break;
+
+ case 'A':
+ /* --socks5-basic */
+ if(toggle)
+ config->socks5_auth |= CURLAUTH_BASIC;
+ else
+ config->socks5_auth &= ~CURLAUTH_BASIC;
+ break;
+
+ case 'B':
+ /* --socks5-gssapi */
+ if(toggle)
+ config->socks5_auth |= CURLAUTH_GSSAPI;
+ else
+ config->socks5_auth &= ~CURLAUTH_GSSAPI;
+ break;
+
+ default: /* unknown flag */
+ return PARAM_OPTION_UNKNOWN;
}
break;
case 'f':
- /* fail hard on errors */
- config->failonerror = toggle;
+ switch(subletter) {
+ case 'a': /* --fail-early */
+ global->fail_early = toggle;
+ break;
+ default:
+ /* fail hard on errors */
+ config->failonerror = toggle;
+ }
break;
case 'F':
/* "form data" simulation, this is a little advanced so lets do our best
@@ -1450,7 +1611,11 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
break;
case 'G': /* HTTP GET */
- config->use_httpget = TRUE;
+ if(subletter == 'a') { /* --request-target */
+ GetStr(&config->request_target, nextarg);
+ }
+ else
+ config->use_httpget = TRUE;
break;
case 'h': /* h for help */
@@ -1461,12 +1626,45 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
break;
case 'H':
/* A custom header to append to a list */
- if(subletter == 'p') /* --proxy-header */
- err = add2list(&config->proxyheaders, nextarg);
- else
- err = add2list(&config->headers, nextarg);
- if(err)
- return err;
+ if(nextarg[0] == '@') {
+ /* read many headers from a file or stdin */
+ char *string;
+ size_t len;
+ bool use_stdin = !strcmp(&nextarg[1], "-");
+ FILE *file = use_stdin?stdin:fopen(&nextarg[1], FOPEN_READTEXT);
+ if(!file)
+ warnf(global, "Failed to open %s!\n", &nextarg[1]);
+ else {
+ err = file2memory(&string, &len, file);
+ if(!err) {
+ /* Allow strtok() here since this isn't used threaded */
+ /* !checksrc! disable BANNEDFUNC 2 */
+ char *h = strtok(string, "\r\n");
+ while(h) {
+ if(subletter == 'p') /* --proxy-header */
+ err = add2list(&config->proxyheaders, h);
+ else
+ err = add2list(&config->headers, h);
+ if(err)
+ break;
+ h = strtok(NULL, "\r\n");
+ }
+ free(string);
+ }
+ if(!use_stdin)
+ fclose(file);
+ if(err)
+ return err;
+ }
+ }
+ else {
+ if(subletter == 'p') /* --proxy-header */
+ err = add2list(&config->proxyheaders, nextarg);
+ else
+ err = add2list(&config->headers, nextarg);
+ if(err)
+ return err;
+ }
break;
case 'i':
config->include_headers = toggle; /* include the headers as well in the
@@ -1506,7 +1704,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
break;
case 'L':
config->followlocation = toggle; /* Follow Location: HTTP headers */
- switch (subletter) {
+ switch(subletter) {
case 't':
/* Continue to send authentication (user+password) when following
* locations, even when hostname changed */
@@ -1516,7 +1714,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
break;
case 'm':
/* specified max time */
- err = str2udouble(&config->timeout, nextarg);
+ err = str2udouble(&config->timeout, nextarg, LONG_MAX/1000);
if(err)
return err;
break;
@@ -1565,7 +1763,9 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
/* output file */
{
struct getout *url;
- if(config->url_out || ((config->url_out = config->url_list) != NULL)) {
+ if(!config->url_out)
+ config->url_out = config->url_list;
+ if(config->url_out) {
/* there's a node here, if it already is filled-in continue to find
an "empty" node */
while(config->url_out && (config->url_out->flags & GETOUT_OUTFILE))
@@ -1583,21 +1783,20 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
if(!url)
return PARAM_NO_MEM;
+
+ /* fill in the outfile */
+ if('o' == letter) {
+ GetStr(&url->outfile, nextarg);
+ url->flags &= ~GETOUT_USEREMOTE; /* switch off */
+ }
else {
- /* fill in the outfile */
- if('o' == letter) {
- GetStr(&url->outfile, nextarg);
+ url->outfile = NULL; /* leave it */
+ if(toggle)
+ url->flags |= GETOUT_USEREMOTE; /* switch on */
+ else
url->flags &= ~GETOUT_USEREMOTE; /* switch off */
- }
- else {
- url->outfile = NULL; /* leave it */
- if(toggle)
- url->flags |= GETOUT_USEREMOTE; /* switch on */
- else
- url->flags &= ~GETOUT_USEREMOTE; /* switch off */
- }
- url->flags |= GETOUT_OUTFILE;
}
+ url->flags |= GETOUT_OUTFILE;
}
break;
case 'P':
@@ -1702,7 +1901,9 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
/* we are uploading */
{
struct getout *url;
- if(config->url_out || ((config->url_out = config->url_list) != NULL)) {
+ if(!config->url_out)
+ config->url_out = config->url_list;
+ if(config->url_out) {
/* there's a node here, if it already is filled-in continue to find
an "empty" node */
while(config->url_out && (config->url_out->flags & GETOUT_UPLOAD))
@@ -1720,14 +1921,13 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
if(!url)
return PARAM_NO_MEM;
+
+ url->flags |= GETOUT_UPLOAD; /* mark -T used */
+ if(!*nextarg)
+ url->flags |= GETOUT_NOUPLOAD;
else {
- url->flags |= GETOUT_UPLOAD; /* mark -T used */
- if(!*nextarg)
- url->flags |= GETOUT_NOUPLOAD;
- else {
- /* "-" equals stdin, but keep the string around for now */
- GetStr(&url->infile, nextarg);
- }
+ /* "-" equals stdin, but keep the string around for now */
+ GetStr(&url->infile, nextarg);
}
}
break;
@@ -1770,7 +1970,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
FILE *file;
const char *fname;
nextarg++; /* pass the @ */
- if(curlx_strequal("-", nextarg)) {
+ if(!strcmp("-", nextarg)) {
fname = "<stdin>";
file = stdin;
}
@@ -1790,9 +1990,16 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
GetStr(&config->writeout, nextarg);
break;
case 'x':
- /* proxy */
- GetStr(&config->proxy, nextarg);
- config->proxyver = CURLPROXY_HTTP;
+ switch(subletter) {
+ case 'a': /* --preproxy */
+ GetStr(&config->preproxy, nextarg);
+ break;
+ default:
+ /* --proxy */
+ GetStr(&config->proxy, nextarg);
+ config->proxyver = CURLPROXY_HTTP;
+ break;
+ }
break;
case 'X':
/* set custom request */
@@ -1843,7 +2050,7 @@ ParameterError getparameter(char *flag, /* f or
-long-flag */
/* failed, remove time condition */
config->timecond = CURL_TIMECOND_NONE;
warnf(global,
- "Illegal date format for -z, --timecond (and not "
+ "Illegal date format for -z, --time-cond (and not "
"a file name). Disabling time condition. "
"See curl_getdate(3) for valid date syntax.\n");
}
@@ -1880,7 +2087,7 @@ ParameterError parse_args(struct GlobalConfig *config,
int argc,
bool passarg;
char *flag = argv[i];
- if(curlx_strequal("--", argv[i]))
+ if(!strcmp("--", argv[i]))
/* This indicates the end of the flags and thus enables the
following (URL) argument to start with -. */
stillflags = FALSE;
@@ -1936,7 +2143,7 @@ ParameterError parse_args(struct GlobalConfig *config,
int argc,
result != PARAM_ENGINES_REQUESTED) {
const char *reason = param2text(result);
- if(orig_opt && !curlx_strequal(":", orig_opt))
+ if(orig_opt && strcmp(":", orig_opt))
helpf(config->errors, "option %s: %s\n", orig_opt, reason);
else
helpf(config->errors, "%s\n", reason);
diff --git a/src/tool_getparam.h b/src/tool_getparam.h
index 0c85c6904..2148e4091 100644
--- a/src/tool_getparam.h
+++ b/src/tool_getparam.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -40,13 +40,15 @@ typedef enum {
PARAM_LIBCURL_UNSUPPORTED_PROTOCOL,
PARAM_NO_MEM,
PARAM_NEXT_OPERATION,
+ PARAM_NO_PREFIX,
+ PARAM_NUMBER_TOO_LARGE,
PARAM_LAST
} ParameterError;
struct GlobalConfig;
struct OperationConfig;
-ParameterError getparameter(char *flag, char *nextarg, bool *usedarg,
+ParameterError getparameter(const char *flag, char *nextarg, bool *usedarg,
struct GlobalConfig *global,
struct OperationConfig *operation);
diff --git a/src/tool_getpass.c b/src/tool_getpass.c
index 8e3e5fa86..e5e2d6dc1 100644
--- a/src/tool_getpass.c
+++ b/src/tool_getpass.c
@@ -207,18 +207,16 @@ static bool ttyecho(bool enable, int fd)
#endif
return TRUE; /* disabled */
}
- else {
- /* re-enable echo, assumes we disabled it before (and set the structs we
- now use to reset the terminal status) */
+ /* re-enable echo, assumes we disabled it before (and set the structs we
+ now use to reset the terminal status) */
#ifdef HAVE_TERMIOS_H
- tcsetattr(fd, TCSAFLUSH, &withecho);
+ tcsetattr(fd, TCSAFLUSH, &withecho);
#elif defined(HAVE_TERMIO_H)
- ioctl(fd, TCSETA, &withecho);
+ ioctl(fd, TCSETA, &withecho);
#else
- return FALSE; /* not enabled */
+ return FALSE; /* not enabled */
#endif
- return TRUE; /* enabled */
- }
+ return TRUE; /* enabled */
}
char *getpass_r(const char *prompt, /* prompt to display */
diff --git a/src/tool_getpass.h b/src/tool_getpass.h
index 95dd77935..f639596fc 100644
--- a/src/tool_getpass.h
+++ b/src/tool_getpass.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -30,7 +30,7 @@
/*
* Returning NULL will abort the continued operation!
*/
-char* getpass_r(const char *prompt, char* buffer, size_t buflen);
+char *getpass_r(const char *prompt, char *buffer, size_t buflen);
#endif
#endif /* HEADER_CURL_TOOL_GETPASS_H */
diff --git a/src/tool_help.c b/src/tool_help.c
index fb428c9ca..42dc77959 100644
--- a/src/tool_help.c
+++ b/src/tool_help.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -33,227 +33,440 @@
#endif
/*
- * A few of these source lines are >80 columns wide, but that's only because
- * breaking the strings narrower makes this chunk look even worse!
- *
- * Starting with 7.18.0, this list of command line options is sorted based
- * on the long option name. It is not done automatically, although a command
- * line like the following can help out:
- *
- * curl --help | cut -c5- | grep "^-" | sort
+ * The help output is generated with the following command
+ ---------------------------------------------------------
+
+ cd $srcroot/docs/cmdline-opts
+ ./gen.pl listhelp
*/
-static const char *const helptext[] = {
- "Usage: curl [options...] <url>",
- "Options: (H) means HTTP/HTTPS only, (F) means FTP only",
- " --anyauth Pick \"any\" authentication method (H)",
- " -a, --append Append to target file when uploading (F/SFTP)",
- " --basic Use HTTP Basic Authentication (H)",
- " --cacert FILE CA certificate to verify peer against (SSL)",
- " --capath DIR CA directory to verify peer against (SSL)",
- " -E, --cert CERT[:PASSWD] Client certificate file and password (SSL)",
- " --cert-status Verify the status of the server certificate (SSL)",
- " --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL)",
- " --ciphers LIST SSL ciphers to use (SSL)",
- " --compressed Request compressed response (using deflate or gzip)",
- " -K, --config FILE Read config from FILE",
- " --connect-timeout SECONDS Maximum time allowed for connection",
- " --connect-to HOST1:PORT1:HOST2:PORT2 Connect to host (network level)",
- " -C, --continue-at OFFSET Resumed transfer OFFSET",
- " -b, --cookie STRING/FILE Read cookies from STRING/FILE (H)",
- " -c, --cookie-jar FILE Write cookies to FILE after operation (H)",
- " --create-dirs Create necessary local directory hierarchy",
- " --crlf Convert LF to CRLF in upload",
- " --crlfile FILE Get a CRL list in PEM format from the given file",
- " -d, --data DATA HTTP POST data (H)",
- " --data-raw DATA HTTP POST data, '@' allowed (H)",
- " --data-ascii DATA HTTP POST ASCII data (H)",
- " --data-binary DATA HTTP POST binary data (H)",
- " --data-urlencode DATA HTTP POST data url encoded (H)",
- " --delegation STRING GSS-API delegation permission",
- " --digest Use HTTP Digest Authentication (H)",
- " --disable-eprt Inhibit using EPRT or LPRT (F)",
- " --disable-epsv Inhibit using EPSV (F)",
- " --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2",
- " --dns-interface Interface to use for DNS requests",
- " --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation",
- " --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation",
- " -D, --dump-header FILE Write the headers to FILE",
- " --egd-file FILE EGD socket path for random data (SSL)",
- " --engine ENGINE Crypto engine (use \"--engine list\" for list) (SSL)",
-#ifdef USE_ENVIRONMENT
- " --environment Write results to environment variables (RISC OS)",
-#endif
- " --expect100-timeout SECONDS How long to wait for 100-continue (H)",
- " -f, --fail Fail silently (no output at all) on HTTP errors (H)",
- " --false-start Enable TLS False Start.",
- " -F, --form CONTENT Specify HTTP multipart POST data (H)",
- " --form-string STRING Specify HTTP multipart POST data (H)",
- " --ftp-account DATA Account data string (F)",
- " --ftp-alternative-to-user COMMAND "
- "String to replace \"USER [name]\" (F)",
- " --ftp-create-dirs Create the remote dirs if not present (F)",
- " --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F)",
- " --ftp-pasv Use PASV/EPSV instead of PORT (F)",
- " -P, --ftp-port ADR Use PORT with given address instead of PASV (F)",
- " --ftp-skip-pasv-ip Skip the IP address for PASV (F)\n"
- " --ftp-pret Send PRET before PASV (for drftpd) (F)",
- " --ftp-ssl-ccc Send CCC after authenticating (F)",
- " --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F)",
- " --ftp-ssl-control Require SSL/TLS for FTP login, "
- "clear for transfer (F)",
- " -G, --get Send the -d data with a HTTP GET (H)",
- " -g, --globoff Disable URL sequences and ranges using {} and []",
- " -H, --header LINE Pass custom header LINE to server (H)",
- " -I, --head Show document info only",
- " -h, --help This help text",
- " --hostpubmd5 MD5 "
- "Hex-encoded MD5 string of the host public key. (SSH)",
- " -0, --http1.0 Use HTTP 1.0 (H)",
- " --http1.1 Use HTTP 1.1 (H)",
- " --http2 Use HTTP 2 (H)",
- " --http2-prior-knowledge Use HTTP 2 without HTTP/1.1 Upgrade (H)",
- " --ignore-content-length Ignore the HTTP Content-Length header",
- " -i, --include Include protocol headers in the output (H/F)",
- " -k, --insecure Allow connections to SSL sites without certs (H)",
- " --interface INTERFACE Use network INTERFACE (or address)",
- " -4, --ipv4 Resolve name to IPv4 address",
- " -6, --ipv6 Resolve name to IPv6 address",
- " -j, --junk-session-cookies Ignore session cookies read from file (H)",
- " --keepalive-time SECONDS Wait SECONDS between keepalive probes",
- " --key KEY Private key file name (SSL/SSH)",
- " --key-type TYPE Private key file type (DER/PEM/ENG) (SSL)",
- " --krb LEVEL Enable Kerberos with security LEVEL (F)",
-#ifndef CURL_DISABLE_LIBCURL_OPTION
- " --libcurl FILE Dump libcurl equivalent code of this command line",
-#endif
- " --limit-rate RATE Limit transfer speed to RATE",
- " -l, --list-only List only mode (F/POP3)",
- " --local-port RANGE Force use of RANGE for local port numbers",
- " -L, --location Follow redirects (H)",
- " --location-trusted "
- "Like '--location', and send auth to other hosts (H)",
- " --login-options OPTIONS Server login options (IMAP, POP3, SMTP)",
- " -M, --manual Display the full manual",
- " --mail-from FROM Mail from this address (SMTP)",
- " --mail-rcpt TO Mail to this/these addresses (SMTP)",
- " --mail-auth AUTH Originator address of the original email (SMTP)",
- " --max-filesize BYTES Maximum file size to download (H/F)",
- " --max-redirs NUM Maximum number of redirects allowed (H)",
- " -m, --max-time SECONDS Maximum time allowed for the transfer",
- " --metalink Process given URLs as metalink XML file",
- " --negotiate Use HTTP Negotiate (SPNEGO) authentication (H)",
- " -n, --netrc Must read .netrc for user name and password",
- " --netrc-optional Use either .netrc or URL; overrides -n",
- " --netrc-file FILE Specify FILE for netrc",
- " -:, --next "
- "Allows the following URL to use a separate set of options",
- " --no-alpn Disable the ALPN TLS extension (H)",
- " -N, --no-buffer Disable buffering of the output stream",
- " --no-keepalive Disable keepalive use on the connection",
- " --no-npn Disable the NPN TLS extension (H)",
- " --no-sessionid Disable SSL session-ID reusing (SSL)",
- " --noproxy List of hosts which do not use proxy",
- " --ntlm Use HTTP NTLM authentication (H)",
- " --ntlm-wb Use HTTP NTLM authentication with winbind (H)",
- " --oauth2-bearer TOKEN OAuth 2 Bearer Token (IMAP, POP3, SMTP)",
- " -o, --output FILE Write to FILE instead of stdout",
- " --pass PASS Pass phrase for the private key (SSL/SSH)",
- " --path-as-is Do not squash .. sequences in URL path",
- " --pinnedpubkey FILE/HASHES Public key to verify peer against (SSL)",
- " --post301 "
- "Do not switch to GET after following a 301 redirect (H)",
- " --post302 "
- "Do not switch to GET after following a 302 redirect (H)",
- " --post303 "
- "Do not switch to GET after following a 303 redirect (H)",
- " -#, --progress-bar Display transfer progress as a progress bar",
- " --proto PROTOCOLS Enable/disable PROTOCOLS",
- " --proto-default PROTOCOL Use PROTOCOL for any URL missing a scheme",
- " --proto-redir PROTOCOLS Enable/disable PROTOCOLS on redirect",
- " -x, --proxy [PROTOCOL://]HOST[:PORT] Use proxy on given port",
- " --proxy-anyauth Pick \"any\" proxy authentication method (H)",
- " --proxy-basic Use Basic authentication on the proxy (H)",
- " --proxy-digest Use Digest authentication on the proxy (H)",
- " --proxy-negotiate "
- "Use HTTP Negotiate (SPNEGO) authentication on the proxy (H)",
- " --proxy-ntlm Use NTLM authentication on the proxy (H)",
- " --proxy-header LINE Pass custom header LINE to proxy (H)",
- " --proxy-service-name NAME SPNEGO proxy service name",
- " --service-name NAME SPNEGO service name",
- " -U, --proxy-user USER[:PASSWORD] Proxy user and password",
- " --proxy1.0 HOST[:PORT] Use HTTP/1.0 proxy on given port",
- " -p, --proxytunnel Operate through a HTTP proxy tunnel (using CONNECT)",
- " --pubkey KEY Public key file name (SSH)",
- " -Q, --quote CMD Send command(s) to server before transfer (F/SFTP)",
- " --random-file FILE File for reading random data from (SSL)",
- " -r, --range RANGE Retrieve only the bytes within RANGE",
- " --raw Do HTTP \"raw\"; no transfer decoding (H)",
- " -e, --referer Referer URL (H)",
- " -J, --remote-header-name Use the header-provided filename (H)",
- " -O, --remote-name Write output to a file named as the remote file",
- " --remote-name-all Use the remote file name for all URLs",
- " -R, --remote-time Set the remote file's time on the local output",
- " -X, --request COMMAND Specify request command to use",
- " --resolve HOST:PORT:ADDRESS Force resolve of HOST:PORT to ADDRESS",
- " --retry NUM "
- "Retry request NUM times if transient problems occur",
- " --retry-delay SECONDS Wait SECONDS between retries",
- " --retry-max-time SECONDS Retry only within this period",
- " --sasl-ir Enable initial response in SASL authentication",
- " -S, --show-error "
- "Show error. With -s, make curl show errors when they occur",
- " -s, --silent Silent mode (don't output anything)",
- " --socks4 HOST[:PORT] SOCKS4 proxy on given host + port",
- " --socks4a HOST[:PORT] SOCKS4a proxy on given host + port",
- " --socks5 HOST[:PORT] SOCKS5 proxy on given host + port",
- " --socks5-hostname HOST[:PORT] "
- "SOCKS5 proxy, pass host name to proxy",
- " --socks5-gssapi-service NAME SOCKS5 proxy service name for GSS-API",
- " --socks5-gssapi-nec Compatibility with NEC SOCKS5 server",
- " -Y, --speed-limit RATE "
- "Stop transfers below RATE for 'speed-time' secs",
- " -y, --speed-time SECONDS "
- "Trigger 'speed-limit' abort after SECONDS (default: 30)",
- " --ssl Try SSL/TLS (FTP, IMAP, POP3, SMTP)",
- " --ssl-reqd Require SSL/TLS (FTP, IMAP, POP3, SMTP)",
- " -2, --sslv2 Use SSLv2 (SSL)",
- " -3, --sslv3 Use SSLv3 (SSL)",
- " --ssl-allow-beast Allow security flaw to improve interop (SSL)",
- " --ssl-no-revoke Disable cert revocation checks (WinSSL)",
- " --stderr FILE Where to redirect stderr (use \"-\" for stdout)",
- " --tcp-nodelay Use the TCP_NODELAY option",
- " --tcp-fastopen Use TCP Fast Open",
- " -t, --telnet-option OPT=VAL Set telnet option",
- " --tftp-blksize VALUE Set TFTP BLKSIZE option (must be >512)",
- " --tftp-no-options Do not send TFTP options requests",
- " -z, --time-cond TIME Transfer based on a time condition",
- " -1, --tlsv1 Use >= TLSv1 (SSL)",
- " --tlsv1.0 Use TLSv1.0 (SSL)",
- " --tlsv1.1 Use TLSv1.1 (SSL)",
- " --tlsv1.2 Use TLSv1.2 (SSL)",
- " --trace FILE Write a debug trace to FILE",
- " --trace-ascii FILE Like --trace, but without hex output",
- " --trace-time Add time stamps to trace/verbose output",
- " --tr-encoding Request compressed transfer encoding (H)",
- " -T, --upload-file FILE Transfer FILE to destination",
- " --url URL URL to work with",
- " -B, --use-ascii Use ASCII/text transfer",
- " -u, --user USER[:PASSWORD] Server user and password",
- " --tlsuser USER TLS username",
- " --tlspassword STRING TLS password",
- " --tlsauthtype STRING TLS authentication type (default: SRP)",
- " --unix-socket FILE Connect through this Unix domain socket",
- " -A, --user-agent STRING Send User-Agent STRING to server (H)",
- " -v, --verbose Make the operation more talkative",
- " -V, --version Show version number and quit",
-#ifdef USE_WATT32
- " --wdebug Turn on Watt-32 debugging",
-#endif
- " -w, --write-out FORMAT Use output FORMAT after completion",
- " --xattr Store metadata in extended file attributes",
- " -q, --disable Disable .curlrc (must be first parameter)",
- NULL
+struct helptxt {
+ const char *opt;
+ const char *desc;
+};
+
+static const struct helptxt helptext[] = {
+ {" --abstract-unix-socket <path>",
+ "Connect via abstract Unix domain socket"},
+ {" --anyauth",
+ "Pick any authentication method"},
+ {"-a, --append",
+ "Append to target file when uploading"},
+ {" --basic",
+ "Use HTTP Basic Authentication"},
+ {" --cacert <CA certificate>",
+ "CA certificate to verify peer against"},
+ {" --capath <dir>",
+ "CA directory to verify peer against"},
+ {"-E, --cert <certificate[:password]>",
+ "Client certificate file and password"},
+ {" --cert-status",
+ "Verify the status of the server certificate"},
+ {" --cert-type <type>",
+ "Certificate file type (DER/PEM/ENG)"},
+ {" --ciphers <list of ciphers>",
+ "SSL ciphers to use"},
+ {" --compressed",
+ "Request compressed response"},
+ {"-K, --config <file>",
+ "Read config from a file"},
+ {" --connect-timeout <seconds>",
+ "Maximum time allowed for connection"},
+ {" --connect-to <HOST1:PORT1:HOST2:PORT2>",
+ "Connect to host"},
+ {"-C, --continue-at <offset>",
+ "Resumed transfer offset"},
+ {"-b, --cookie <data>",
+ "Send cookies from string/file"},
+ {"-c, --cookie-jar <filename>",
+ "Write cookies to <filename> after operation"},
+ {" --create-dirs",
+ "Create necessary local directory hierarchy"},
+ {" --crlf",
+ "Convert LF to CRLF in upload"},
+ {" --crlfile <file>",
+ "Get a CRL list in PEM format from the given file"},
+ {"-d, --data <data>",
+ "HTTP POST data"},
+ {" --data-ascii <data>",
+ "HTTP POST ASCII data"},
+ {" --data-binary <data>",
+ "HTTP POST binary data"},
+ {" --data-raw <data>",
+ "HTTP POST data, '@' allowed"},
+ {" --data-urlencode <data>",
+ "HTTP POST data url encoded"},
+ {" --delegation <LEVEL>",
+ "GSS-API delegation permission"},
+ {" --digest",
+ "Use HTTP Digest Authentication"},
+ {"-q, --disable",
+ "Disable .curlrc"},
+ {" --disable-eprt",
+ "Inhibit using EPRT or LPRT"},
+ {" --disable-epsv",
+ "Inhibit using EPSV"},
+ {" --dns-interface <interface>",
+ "Interface to use for DNS requests"},
+ {" --dns-ipv4-addr <address>",
+ "IPv4 address to use for DNS requests"},
+ {" --dns-ipv6-addr <address>",
+ "IPv6 address to use for DNS requests"},
+ {" --dns-servers <addresses>",
+ "DNS server addrs to use"},
+ {"-D, --dump-header <filename>",
+ "Write the received headers to <filename>"},
+ {" --egd-file <file>",
+ "EGD socket path for random data"},
+ {" --engine <name>",
+ "Crypto engine to use"},
+ {" --expect100-timeout <seconds>",
+ "How long to wait for 100-continue"},
+ {"-f, --fail",
+ "Fail silently (no output at all) on HTTP errors"},
+ {" --fail-early",
+ "Fail on first transfer error, do not continue"},
+ {" --false-start",
+ "Enable TLS False Start"},
+ {"-F, --form <name=content>",
+ "Specify HTTP multipart POST data"},
+ {" --form-string <name=string>",
+ "Specify HTTP multipart POST data"},
+ {" --ftp-account <data>",
+ "Account data string"},
+ {" --ftp-alternative-to-user <command>",
+ "String to replace USER [name]"},
+ {" --ftp-create-dirs",
+ "Create the remote dirs if not present"},
+ {" --ftp-method <method>",
+ "Control CWD usage"},
+ {" --ftp-pasv",
+ "Use PASV/EPSV instead of PORT"},
+ {"-P, --ftp-port <address>",
+ "Use PORT instead of PASV"},
+ {" --ftp-pret",
+ "Send PRET before PASV"},
+ {" --ftp-skip-pasv-ip",
+ "Skip the IP address for PASV"},
+ {" --ftp-ssl-ccc",
+ "Send CCC after authenticating"},
+ {" --ftp-ssl-ccc-mode <active/passive>",
+ "Set CCC mode"},
+ {" --ftp-ssl-control",
+ "Require SSL/TLS for FTP login, clear for transfer"},
+ {"-G, --get",
+ "Put the post data in the URL and use GET"},
+ {"-g, --globoff",
+ "Disable URL sequences and ranges using {} and []"},
+ {"-I, --head",
+ "Show document info only"},
+ {"-H, --header <header/@file>",
+ "Pass custom header(s) to server"},
+ {"-h, --help",
+ "This help text"},
+ {" --hostpubmd5 <md5>",
+ "Acceptable MD5 hash of the host public key"},
+ {"-0, --http1.0",
+ "Use HTTP 1.0"},
+ {" --http1.1",
+ "Use HTTP 1.1"},
+ {" --http2",
+ "Use HTTP 2"},
+ {" --http2-prior-knowledge",
+ "Use HTTP 2 without HTTP/1.1 Upgrade"},
+ {" --ignore-content-length",
+ "Ignore the size of the remote resource"},
+ {"-i, --include",
+ "Include protocol response headers in the output"},
+ {"-k, --insecure",
+ "Allow insecure server connections when using SSL"},
+ {" --interface <name>",
+ "Use network INTERFACE (or address)"},
+ {"-4, --ipv4",
+ "Resolve names to IPv4 addresses"},
+ {"-6, --ipv6",
+ "Resolve names to IPv6 addresses"},
+ {"-j, --junk-session-cookies",
+ "Ignore session cookies read from file"},
+ {" --keepalive-time <seconds>",
+ "Interval time for keepalive probes"},
+ {" --key <key>",
+ "Private key file name"},
+ {" --key-type <type>",
+ "Private key file type (DER/PEM/ENG)"},
+ {" --krb <level>",
+ "Enable Kerberos with security <level>"},
+ {" --libcurl <file>",
+ "Dump libcurl equivalent code of this command line"},
+ {" --limit-rate <speed>",
+ "Limit transfer speed to RATE"},
+ {"-l, --list-only",
+ "List only mode"},
+ {" --local-port <num/range>",
+ "Force use of RANGE for local port numbers"},
+ {"-L, --location",
+ "Follow redirects"},
+ {" --location-trusted",
+ "Like --location, and send auth to other hosts"},
+ {" --login-options <options>",
+ "Server login options"},
+ {" --mail-auth <address>",
+ "Originator address of the original email"},
+ {" --mail-from <address>",
+ "Mail from this address"},
+ {" --mail-rcpt <address>",
+ "Mail from this address"},
+ {"-M, --manual",
+ "Display the full manual"},
+ {" --max-filesize <bytes>",
+ "Maximum file size to download"},
+ {" --max-redirs <num>",
+ "Maximum number of redirects allowed"},
+ {"-m, --max-time <time>",
+ "Maximum time allowed for the transfer"},
+ {" --metalink",
+ "Process given URLs as metalink XML file"},
+ {" --negotiate",
+ "Use HTTP Negotiate (SPNEGO) authentication"},
+ {"-n, --netrc",
+ "Must read .netrc for user name and password"},
+ {" --netrc-file <filename>",
+ "Specify FILE for netrc"},
+ {" --netrc-optional",
+ "Use either .netrc or URL"},
+ {"-:, --next",
+ "Make next URL use its separate set of options"},
+ {" --no-alpn",
+ "Disable the ALPN TLS extension"},
+ {"-N, --no-buffer",
+ "Disable buffering of the output stream"},
+ {" --no-keepalive",
+ "Disable TCP keepalive on the connection"},
+ {" --no-npn",
+ "Disable the NPN TLS extension"},
+ {" --no-sessionid",
+ "Disable SSL session-ID reusing"},
+ {" --noproxy <no-proxy-list>",
+ "List of hosts which do not use proxy"},
+ {" --ntlm",
+ "Use HTTP NTLM authentication"},
+ {" --ntlm-wb",
+ "Use HTTP NTLM authentication with winbind"},
+ {" --oauth2-bearer <token>",
+ "OAuth 2 Bearer Token"},
+ {"-o, --output <file>",
+ "Write to file instead of stdout"},
+ {" --pass <phrase>",
+ "Pass phrase for the private key"},
+ {" --path-as-is",
+ "Do not squash .. sequences in URL path"},
+ {" --pinnedpubkey <hashes>",
+ "FILE/HASHES Public key to verify peer against"},
+ {" --post301",
+ "Do not switch to GET after following a 301"},
+ {" --post302",
+ "Do not switch to GET after following a 302"},
+ {" --post303",
+ "Do not switch to GET after following a 303"},
+ {" --preproxy [protocol://]host[:port]",
+ "Use this proxy first"},
+ {"-#, --progress-bar",
+ "Display transfer progress as a bar"},
+ {" --proto <protocols>",
+ "Enable/disable PROTOCOLS"},
+ {" --proto-default <protocol>",
+ "Use PROTOCOL for any URL missing a scheme"},
+ {" --proto-redir <protocols>",
+ "Enable/disable PROTOCOLS on redirect"},
+ {"-x, --proxy [protocol://]host[:port]",
+ "Use this proxy"},
+ {" --proxy-anyauth",
+ "Pick any proxy authentication method"},
+ {" --proxy-basic",
+ "Use Basic authentication on the proxy"},
+ {" --proxy-cacert <file>",
+ "CA certificate to verify peer against for proxy"},
+ {" --proxy-capath <dir>",
+ "CA directory to verify peer against for proxy"},
+ {" --proxy-cert <cert[:passwd]>",
+ "Set client certificate for proxy"},
+ {" --proxy-cert-type <type>",
+ "Client certificate type for HTTS proxy"},
+ {" --proxy-ciphers <list>",
+ "SSL ciphers to use for proxy"},
+ {" --proxy-crlfile <file>",
+ "Set a CRL list for proxy"},
+ {" --proxy-digest",
+ "Use Digest authentication on the proxy"},
+ {" --proxy-header <header/@file>",
+ "Pass custom header(s) to proxy"},
+ {" --proxy-insecure",
+ "Do HTTPS proxy connections without verifying the proxy"},
+ {" --proxy-key <key>",
+ "Private key for HTTPS proxy"},
+ {" --proxy-key-type <type>",
+ "Private key file type for proxy"},
+ {" --proxy-negotiate",
+ "Use HTTP Negotiate (SPNEGO) authentication on the proxy"},
+ {" --proxy-ntlm",
+ "Use NTLM authentication on the proxy"},
+ {" --proxy-pass <phrase>",
+ "Pass phrase for the private key for HTTPS proxy"},
+ {" --proxy-service-name <name>",
+ "SPNEGO proxy service name"},
+ {" --proxy-ssl-allow-beast",
+ "Allow security flaw for interop for HTTPS proxy"},
+ {" --proxy-tlsauthtype <type>",
+ "TLS authentication type for HTTPS proxy"},
+ {" --proxy-tlspassword <string>",
+ "TLS password for HTTPS proxy"},
+ {" --proxy-tlsuser <name>",
+ "TLS username for HTTPS proxy"},
+ {" --proxy-tlsv1",
+ "Use TLSv1 for HTTPS proxy"},
+ {"-U, --proxy-user <user:password>",
+ "Proxy user and password"},
+ {" --proxy1.0 <host[:port]>",
+ "Use HTTP/1.0 proxy on given port"},
+ {"-p, --proxytunnel",
+ "Operate through a HTTP proxy tunnel (using CONNECT)"},
+ {" --pubkey <key>",
+ "SSH Public key file name"},
+ {"-Q, --quote",
+ "Send command(s) to server before transfer"},
+ {" --random-file <file>",
+ "File for reading random data from"},
+ {"-r, --range <range>",
+ "Retrieve only the bytes within RANGE"},
+ {" --raw",
+ "Do HTTP \"raw\"; no transfer decoding"},
+ {"-e, --referer <URL>",
+ "Referrer URL"},
+ {"-J, --remote-header-name",
+ "Use the header-provided filename"},
+ {"-O, --remote-name",
+ "Write output to a file named as the remote file"},
+ {" --remote-name-all",
+ "Use the remote file name for all URLs"},
+ {"-R, --remote-time",
+ "Set the remote file's time on the local output"},
+ {"-X, --request <command>",
+ "Specify request command to use"},
+ {" --request-target",
+ "Specify the target for this request"},
+ {" --resolve <host:port:address>",
+ "Resolve the host+port to this address"},
+ {" --retry <num>",
+ "Retry request if transient problems occur"},
+ {" --retry-connrefused",
+ "Retry on connection refused (use with --retry)"},
+ {" --retry-delay <seconds>",
+ "Wait time between retries"},
+ {" --retry-max-time <seconds>",
+ "Retry only within this period"},
+ {" --sasl-ir",
+ "Enable initial response in SASL authentication"},
+ {" --service-name <name>",
+ "SPNEGO service name"},
+ {"-S, --show-error",
+ "Show error even when -s is used"},
+ {"-s, --silent",
+ "Silent mode"},
+ {" --socks4 <host[:port]>",
+ "SOCKS4 proxy on given host + port"},
+ {" --socks4a <host[:port]>",
+ "SOCKS4a proxy on given host + port"},
+ {" --socks5 <host[:port]>",
+ "SOCKS5 proxy on given host + port"},
+ {" --socks5-basic",
+ "Enable username/password auth for SOCKS5 proxies"},
+ {" --socks5-gssapi",
+ "Enable GSS-API auth for SOCKS5 proxies"},
+ {" --socks5-gssapi-nec",
+ "Compatibility with NEC SOCKS5 server"},
+ {" --socks5-gssapi-service <name>",
+ "SOCKS5 proxy service name for GSS-API"},
+ {" --socks5-hostname <host[:port]>",
+ "SOCKS5 proxy, pass host name to proxy"},
+ {"-Y, --speed-limit <speed>",
+ "Stop transfers slower than this"},
+ {"-y, --speed-time <seconds>",
+ "Trigger 'speed-limit' abort after this time"},
+ {" --ssl",
+ "Try SSL/TLS"},
+ {" --ssl-allow-beast",
+ "Allow security flaw to improve interop"},
+ {" --ssl-no-revoke",
+ "Disable cert revocation checks (WinSSL)"},
+ {" --ssl-reqd",
+ "Require SSL/TLS"},
+ {"-2, --sslv2",
+ "Use SSLv2"},
+ {"-3, --sslv3",
+ "Use SSLv3"},
+ {" --stderr",
+ "Where to redirect stderr"},
+ {" --suppress-connect-headers",
+ "Suppress proxy CONNECT response headers"},
+ {" --tcp-fastopen",
+ "Use TCP Fast Open"},
+ {" --tcp-nodelay",
+ "Use the TCP_NODELAY option"},
+ {"-t, --telnet-option <opt=val>",
+ "Set telnet option"},
+ {" --tftp-blksize <value>",
+ "Set TFTP BLKSIZE option"},
+ {" --tftp-no-options",
+ "Do not send any TFTP options"},
+ {"-z, --time-cond <time>",
+ "Transfer based on a time condition"},
+ {" --tls-max <VERSION>",
+ "Use TLSv1.0 or greater"},
+ {" --tlsauthtype <type>",
+ "TLS authentication type"},
+ {" --tlspassword",
+ "TLS password"},
+ {" --tlsuser <name>",
+ "TLS user name"},
+ {"-1, --tlsv1",
+ "Use TLSv1.0 or greater"},
+ {" --tlsv1.0",
+ "Use TLSv1.0"},
+ {" --tlsv1.1",
+ "Use TLSv1.1"},
+ {" --tlsv1.2",
+ "Use TLSv1.2"},
+ {" --tlsv1.3",
+ "Use TLSv1.3"},
+ {" --tr-encoding",
+ "Request compressed transfer encoding"},
+ {" --trace <file>",
+ "Write a debug trace to FILE"},
+ {" --trace-ascii <file>",
+ "Like --trace, but without hex output"},
+ {" --trace-time",
+ "Add time stamps to trace/verbose output"},
+ {" --unix-socket <path>",
+ "Connect through this Unix domain socket"},
+ {"-T, --upload-file <file>",
+ "Transfer local FILE to destination"},
+ {" --url <url>",
+ "URL to work with"},
+ {"-B, --use-ascii",
+ "Use ASCII/text transfer"},
+ {"-u, --user <user:password>",
+ "Server user and password"},
+ {"-A, --user-agent <name>",
+ "Send User-Agent <name> to server"},
+ {"-v, --verbose",
+ "Make the operation more talkative"},
+ {"-V, --version",
+ "Show version number and quit"},
+ {"-w, --write-out <format>",
+ "Use output FORMAT after completion"},
+ {" --xattr",
+ "Store metadata in extended file attributes"},
+ { NULL, NULL }
};
#ifdef NETWARE
@@ -288,13 +501,15 @@ static const struct feat feats[] = {
{"TLS-SRP", CURL_VERSION_TLSAUTH_SRP},
{"HTTP2", CURL_VERSION_HTTP2},
{"UnixSockets", CURL_VERSION_UNIX_SOCKETS},
+ {"HTTPS-proxy", CURL_VERSION_HTTPS_PROXY}
};
void tool_help(void)
{
int i;
- for(i = 0; helptext[i]; i++) {
- puts(helptext[i]);
+ puts("Usage: curl [options...] <url>");
+ for(i = 0; helptext[i].opt; i++) {
+ printf(" %-19s %s\n", helptext[i].opt, helptext[i].desc);
#ifdef PRINT_LINES_PAUSE
if(i && ((i % PRINT_LINES_PAUSE) == 0))
tool_pressanykey();
@@ -307,6 +522,12 @@ void tool_version_info(void)
const char *const *proto;
printf(CURL_ID "%s\n", curl_version());
+#ifdef CURL_PATCHSTAMP
+ printf("Release-Date: %s, security patched: %s\n",
+ LIBCURL_TIMESTAMP, CURL_PATCHSTAMP);
+#else
+ printf("Release-Date: %s\n", LIBCURL_TIMESTAMP);
+#endif
if(curlinfo->protocols) {
printf("Protocols: ");
for(proto = curlinfo->protocols; *proto; ++proto) {
diff --git a/src/tool_helpers.c b/src/tool_helpers.c
index 14bc7668c..b3a9516a8 100644
--- a/src/tool_helpers.c
+++ b/src/tool_helpers.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
***************************************************************************/
#include "tool_setup.h"
-#include "rawstr.h"
+#include "strcase.h"
#define ENABLE_CURLX_PRINTF
/* use our own printf() functions */
@@ -62,6 +62,10 @@ const char *param2text(int res)
return "a specified protocol is unsupported by libcurl";
case PARAM_NO_MEM:
return "out of memory";
+ case PARAM_NO_PREFIX:
+ return "the given option can't be reversed with a --no- prefix";
+ case PARAM_NUMBER_TOO_LARGE:
+ return "too large number";
default:
return "unknown error";
}
diff --git a/src/tool_homedir.c b/src/tool_homedir.c
index ccf04b596..483553d59 100644
--- a/src/tool_homedir.c
+++ b/src/tool_homedir.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -39,14 +39,14 @@ static char *GetEnv(const char *variable, char do_expand)
/* Don't use getenv(); it doesn't find variable added after program was
* started. Don't accept truncated results (i.e. rc >= sizeof(buf1)). */
- rc = GetEnvironmentVariable(variable, buf1, sizeof(buf1));
+ rc = GetEnvironmentVariableA(variable, buf1, sizeof(buf1));
if(rc > 0 && rc < sizeof(buf1)) {
env = buf1;
variable = buf1;
}
if(do_expand && strchr(variable, '%')) {
/* buf2 == variable if not expanded */
- rc = ExpandEnvironmentStrings (variable, buf2, sizeof(buf2));
+ rc = ExpandEnvironmentStringsA(variable, buf2, sizeof(buf2));
if(rc > 0 && rc < sizeof(buf2) &&
!strchr(buf2, '%')) /* no vars still unexpanded */
env = buf2;
diff --git a/src/tool_hugehelp.c.cvs b/src/tool_hugehelp.c.cvs
index 2499a4836..6ec5e9149 100644
--- a/src/tool_hugehelp.c.cvs
+++ b/src/tool_hugehelp.c.cvs
@@ -25,5 +25,5 @@
void hugehelp(void)
{
- puts ( "This is a silly replacement for the actual file.");
+ puts("This is a silly replacement for the actual file.");
}
diff --git a/src/tool_libinfo.c b/src/tool_libinfo.c
index 5db85480e..d2bf7fb93 100644
--- a/src/tool_libinfo.c
+++ b/src/tool_libinfo.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
***************************************************************************/
#include "tool_setup.h"
-#include "rawstr.h"
+#include "strcase.h"
#define ENABLE_CURLX_PRINTF
/* use our own printf() functions */
@@ -89,7 +89,7 @@ CURLcode get_libcurl_info(void)
if(curlinfo->protocols) {
for(proto = curlinfo->protocols; *proto; proto++) {
for(p = possibly_built_in; p->proto_name; p++) {
- if(curlx_raw_equal(*proto, p->proto_name)) {
+ if(curl_strequal(*proto, p->proto_name)) {
built_in_protos |= p->proto_pattern;
break;
}
diff --git a/src/tool_main.c b/src/tool_main.c
index 7e742ffca..089a317d4 100644
--- a/src/tool_main.c
+++ b/src/tool_main.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
diff --git a/src/tool_metalink.c b/src/tool_metalink.c
index 9a6465e67..3f66c7470 100644
--- a/src/tool_metalink.c
+++ b/src/tool_metalink.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,6 +24,7 @@
#ifdef USE_METALINK
#include <sys/stat.h>
+#include <stdlib.h>
#ifdef HAVE_FCNTL_H
# include <fcntl.h>
@@ -92,8 +93,6 @@ struct win32_crypto_hash {
# error "Can't compile METALINK support without a crypto library."
#endif
-#include "rawstr.h"
-
#define ENABLE_CURLX_PRINTF
/* use our own printf() functions */
#include "curlx.h"
@@ -563,18 +562,13 @@ int Curl_digest_final(digest_context *context, unsigned
char *result)
static unsigned char hex_to_uint(const char *s)
{
- int v[2];
- int i;
- for(i = 0; i < 2; ++i) {
- v[i] = Curl_raw_toupper(s[i]);
- if('0' <= v[i] && v[i] <= '9') {
- v[i] -= '0';
- }
- else if('A' <= v[i] && v[i] <= 'Z') {
- v[i] -= 'A'-10;
- }
- }
- return (unsigned char)((v[0] << 4) | v[1]);
+ char buf[3];
+ unsigned long val;
+ buf[0] = s[0];
+ buf[1] = s[1];
+ buf[2] = 0;
+ val = strtoul(buf, NULL, 16);
+ return (unsigned char)(val&0xff);
}
/*
@@ -747,7 +741,7 @@ static metalinkfile *new_metalinkfile(metalink_file_t
*fileinfo)
++digest_alias) {
metalink_checksum_t **p;
for(p = fileinfo->checksums; *p; ++p) {
- if(Curl_raw_equal(digest_alias->alias_name, (*p)->type) &&
+ if(curl_strequal(digest_alias->alias_name, (*p)->type) &&
check_hex_digest((*p)->hash, digest_alias->digest_def)) {
f->checksum =
new_metalink_checksum_from_hex_digest(digest_alias->digest_def,
@@ -777,10 +771,10 @@ static metalinkfile *new_metalinkfile(metalink_file_t
*fileinfo)
metainfo file URL may be appeared in fileinfo->metaurls.
*/
if((*p)->type == NULL ||
- Curl_raw_equal((*p)->type, "http") ||
- Curl_raw_equal((*p)->type, "https") ||
- Curl_raw_equal((*p)->type, "ftp") ||
- Curl_raw_equal((*p)->type, "ftps")) {
+ curl_strequal((*p)->type, "http") ||
+ curl_strequal((*p)->type, "https") ||
+ curl_strequal((*p)->type, "ftp") ||
+ curl_strequal((*p)->type, "ftps")) {
res = new_metalink_resource((*p)->url);
tail->next = res;
tail = res;
@@ -818,7 +812,7 @@ int parse_metalink(struct OperationConfig *config, struct
OutStruct *outs,
if(!(*files)->resources) {
fprintf(config->global->errors, "Metalink: parsing (%s) WARNING "
"(missing or invalid resource)\n",
- metalink_url, (*files)->name);
+ metalink_url);
continue;
}
if(config->url_get ||
@@ -881,7 +875,7 @@ size_t metalink_write_cb(void *buffer, size_t sz, size_t
nmemb,
* it does not match then it fails with CURLE_WRITE_ERROR. So at this
* point returning a value different from sz*nmemb indicates failure.
*/
- const size_t failure = (sz * nmemb) ? 0 : 1;
+ const size_t failure = (sz && nmemb) ? 0 : 1;
if(!config)
return failure;
@@ -906,7 +900,7 @@ static int check_content_type(const char *content_type,
const char *media_type)
if(!*ptr) {
return 0;
}
- return Curl_raw_nequal(ptr, media_type, media_type_len) &&
+ return curl_strnequal(ptr, media_type, media_type_len) &&
(*(ptr+media_type_len) == '\0' || *(ptr+media_type_len) == ' ' ||
*(ptr+media_type_len) == '\t' || *(ptr+media_type_len) == ';');
}
diff --git a/src/tool_msgs.c b/src/tool_msgs.c
index 1454903ad..d06708a18 100644
--- a/src/tool_msgs.c
+++ b/src/tool_msgs.c
@@ -38,7 +38,7 @@ static void voutf(struct GlobalConfig *config,
const char *fmt,
va_list ap)
{
- size_t width = (79 - (int)strlen(prefix));
+ size_t width = (79 - strlen(prefix));
if(!config->mute) {
size_t len;
char *ptr;
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 97bb87b3d..1e8d0073c 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -35,15 +35,11 @@
# include <locale.h>
#endif
-#ifdef HAVE_NETINET_TCP_H
-# include <netinet/tcp.h>
-#endif
-
#ifdef __VMS
# include <fabdef.h>
#endif
-#include "rawstr.h"
+#include "strcase.h"
#define ENABLE_CURLX_PRINTF
/* use our own printf() functions */
@@ -75,7 +71,6 @@
#include "tool_sleep.h"
#include "tool_urlglob.h"
#include "tool_util.h"
-#include "tool_writeenv.h"
#include "tool_writeout.h"
#include "tool_xattr.h"
#include "tool_vms.h"
@@ -143,8 +138,8 @@ static bool is_fatal_error(CURLcode code)
* and CD/DVD images should be either a STREAM_LF format or a fixed format.
*
*/
-static curl_off_t vms_realfilesize(const char * name,
- const struct_stat * stat_buf)
+static curl_off_t vms_realfilesize(const char *name,
+ const struct_stat *stat_buf)
{
char buffer[8192];
curl_off_t count;
@@ -174,8 +169,8 @@ static curl_off_t vms_realfilesize(const char * name,
* if not to call a routine to get the correct size.
*
*/
-static curl_off_t VmsSpecialSize(const char * name,
- const struct_stat * stat_buf)
+static curl_off_t VmsSpecialSize(const char *name,
+ const struct_stat *stat_buf)
{
switch(stat_buf->st_fab_rfm) {
case FAB$C_VAR:
@@ -188,6 +183,81 @@ static curl_off_t VmsSpecialSize(const char * name,
}
#endif /* __VMS */
+#if defined(HAVE_UTIME) || \
+ (defined(WIN32) && (CURL_SIZEOF_CURL_OFF_T >= 8))
+static void setfiletime(long filetime, const char *filename,
+ FILE *error_stream)
+{
+ if(filetime >= 0) {
+/* Windows utime() may attempt to adjust our unix gmt 'filetime' by a daylight
+ saving time offset and since it's GMT that is bad behavior. When we have
+ access to a 64-bit type we can bypass utime and set the times directly. */
+#if defined(WIN32) && (CURL_SIZEOF_CURL_OFF_T >= 8)
+ HANDLE hfile;
+
+#if (CURL_SIZEOF_LONG >= 8)
+ /* 910670515199 is the maximum unix filetime that can be used as a
+ Windows FILETIME without overflow: 30827-12-31T23:59:59. */
+ if(filetime > CURL_OFF_T_C(910670515199)) {
+ fprintf(error_stream,
+ "Failed to set filetime %ld on outfile: overflow\n",
+ filetime);
+ return;
+ }
+#endif /* CURL_SIZEOF_LONG >= 8 */
+
+ hfile = CreateFileA(filename, FILE_WRITE_ATTRIBUTES,
+ (FILE_SHARE_READ | FILE_SHARE_WRITE |
+ FILE_SHARE_DELETE),
+ NULL, OPEN_EXISTING, 0, NULL);
+ if(hfile != INVALID_HANDLE_VALUE) {
+ curl_off_t converted = ((curl_off_t)filetime * 10000000) +
+ CURL_OFF_T_C(116444736000000000);
+ FILETIME ft;
+ ft.dwLowDateTime = (DWORD)(converted & 0xFFFFFFFF);
+ ft.dwHighDateTime = (DWORD)(converted >> 32);
+ if(!SetFileTime(hfile, NULL, &ft, &ft)) {
+ fprintf(error_stream,
+ "Failed to set filetime %ld on outfile: "
+ "SetFileTime failed: GetLastError %u\n",
+ filetime, GetLastError());
+ }
+ CloseHandle(hfile);
+ }
+ else {
+ fprintf(error_stream,
+ "Failed to set filetime %ld on outfile: "
+ "CreateFile failed: GetLastError %u\n",
+ filetime, GetLastError());
+ }
+
+#elif defined(HAVE_UTIMES)
+ struct timeval times[2];
+ times[0].tv_sec = times[1].tv_sec = filetime;
+ times[0].tv_usec = times[1].tv_usec = 0;
+ if(utimes(filename, times)) {
+ fprintf(error_stream,
+ "Failed to set filetime %ld on outfile: errno %d\n",
+ filetime, errno);
+ }
+
+#elif defined(HAVE_UTIME)
+ struct utimbuf times;
+ times.actime = (time_t)filetime;
+ times.modtime = (time_t)filetime;
+ if(utime(filename, ×)) {
+ fprintf(error_stream,
+ "Failed to set filetime %ld on outfile: errno %d\n",
+ filetime, errno);
+ }
+#endif
+ }
+}
+#endif /* defined(HAVE_UTIME) || \
+ (defined(WIN32) && (CURL_SIZEOF_CURL_OFF_T >= 8)) */
+
+#define BUFFER_SIZE (100*1024)
+
static CURLcode operate_do(struct GlobalConfig *global,
struct OperationConfig *config)
{
@@ -321,7 +391,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
/* Single header file for all URLs */
if(config->headerfile) {
/* open file for output: */
- if(!curlx_strequal(config->headerfile, "-")) {
+ if(strcmp(config->headerfile, "-")) {
FILE *newfile = fopen(config->headerfile, "wb");
if(!newfile) {
warnf(config->global, "Failed to open %s\n", config->headerfile);
@@ -464,7 +534,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
urlnum = 1; /* without globbing, this is a single URL */
/* if multiple files extracted to stdout, insert separators! */
- separator= ((!outfiles || curlx_strequal(outfiles, "-")) && urlnum > 1);
+ separator= ((!outfiles || !strcmp(outfiles, "-")) && urlnum > 1);
/* Here's looping around each globbed URL */
for(li = 0 ; li < urlnum; li++) {
@@ -534,7 +604,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
}
if(((urlnode->flags&GETOUT_USEREMOTE) ||
- (outfile && !curlx_strequal("-", outfile))) &&
+ (outfile && strcmp("-", outfile))) &&
(metalink || !config->use_metalink)) {
/*
@@ -653,7 +723,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
infd = -1;
if(stat(uploadfile, &fileinfo) == 0) {
fileinfo.st_size = VmsSpecialSize(uploadfile, &fileinfo);
- switch (fileinfo.st_fab_rfm) {
+ switch(fileinfo.st_fab_rfm) {
case FAB$C_VAR:
case FAB$C_VFC:
case FAB$C_STMCR:
@@ -715,7 +785,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
DEBUGASSERT(infd == STDIN_FILENO);
set_binmode(stdin);
- if(curlx_strequal(uploadfile, ".")) {
+ if(!strcmp(uploadfile, ".")) {
if(curlx_nonblock((curl_socket_t)infd, TRUE) < 0)
warnf(config->global,
"fcntl failed on fd=%d: %s\n", infd, strerror(errno));
@@ -792,6 +862,9 @@ static CURLcode operate_do(struct GlobalConfig *global,
set_binmode(stdout);
}
+ /* explicitly passed to stdout means okaying binary gunk */
+ config->terminal_binary_ok = (outfile && !strcmp(outfile, "-"));
+
if(!config->tcp_nodelay)
my_setopt(curl, CURLOPT_TCP_NODELAY, 0L);
@@ -800,6 +873,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
/* where to store */
my_setopt(curl, CURLOPT_WRITEDATA, &outs);
+ my_setopt(curl, CURLOPT_INTERLEAVEDATA, &outs);
if(metalink || !config->use_metalink)
/* what call to write */
my_setopt(curl, CURLOPT_WRITEFUNCTION, tool_write_cb);
@@ -829,10 +903,12 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt(curl, CURLOPT_SEEKDATA, &input);
my_setopt(curl, CURLOPT_SEEKFUNCTION, tool_seek_cb);
- if(config->recvpersecond)
- /* tell libcurl to use a smaller sized buffer as it allows us to
- make better sleeps! 7.9.9 stuff! */
+ if(config->recvpersecond &&
+ (config->recvpersecond < BUFFER_SIZE))
+ /* use a smaller sized buffer for better sleeps */
my_setopt(curl, CURLOPT_BUFFERSIZE, (long)config->recvpersecond);
+ else
+ my_setopt(curl, CURLOPT_BUFFERSIZE, (long)BUFFER_SIZE);
/* size of uploaded file: */
if(uploadfilesize != -1)
@@ -857,20 +933,18 @@ static CURLcode operate_do(struct GlobalConfig *global,
/* TODO: Make this a run-time check instead of compile-time one. */
my_setopt_str(curl, CURLOPT_PROXY, config->proxy);
+ /* new in libcurl 7.5 */
+ if(config->proxy)
+ my_setopt_enum(curl, CURLOPT_PROXYTYPE, config->proxyver);
+
my_setopt_str(curl, CURLOPT_PROXYUSERPWD, config->proxyuserpwd);
/* new in libcurl 7.3 */
my_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, config->proxytunnel?1L:0L);
- /* new in libcurl 7.5 */
- if(config->proxy)
- my_setopt_enum(curl, CURLOPT_PROXYTYPE, (long)config->proxyver);
-
- /* new in libcurl 7.10 */
- if(config->socksproxy) {
- my_setopt_str(curl, CURLOPT_PROXY, config->socksproxy);
- my_setopt_enum(curl, CURLOPT_PROXYTYPE, (long)config->socksver);
- }
+ /* new in libcurl 7.52.0 */
+ if(config->preproxy)
+ my_setopt_str(curl, CURLOPT_PRE_PROXY, config->preproxy);
/* new in libcurl 7.10.6 */
if(config->proxyanyauth)
@@ -891,10 +965,14 @@ static CURLcode operate_do(struct GlobalConfig *global,
/* new in libcurl 7.19.4 */
my_setopt_str(curl, CURLOPT_NOPROXY, config->noproxy);
+
+ my_setopt(curl, CURLOPT_SUPPRESS_CONNECT_HEADERS,
+ config->suppress_connect_headers?1L:0L);
}
-#endif
+#endif /* !CURL_DISABLE_PROXY */
my_setopt(curl, CURLOPT_FAILONERROR, config->failonerror?1L:0L);
+ my_setopt(curl, CURLOPT_REQUEST_TARGET, config->request_target);
my_setopt(curl, CURLOPT_UPLOAD, uploadfile?1L:0L);
my_setopt(curl, CURLOPT_DIRLISTONLY, config->dirlistonly?1L:0L);
my_setopt(curl, CURLOPT_APPEND, config->ftp_append?1L:0L);
@@ -999,6 +1077,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt(curl, CURLOPT_RESUME_FROM_LARGE, CURL_OFF_T_C(0));
my_setopt_str(curl, CURLOPT_KEYPASSWD, config->key_passwd);
+ my_setopt_str(curl, CURLOPT_PROXY_KEYPASSWD, config->proxy_key_passwd);
if(built_in_protos & (CURLPROTO_SCP|CURLPROTO_SFTP)) {
@@ -1016,6 +1095,9 @@ static CURLcode operate_do(struct GlobalConfig *global,
if(config->cacert)
my_setopt_str(curl, CURLOPT_CAINFO, config->cacert);
+ if(config->proxy_cacert)
+ my_setopt_str(curl, CURLOPT_PROXY_CAINFO, config->proxy_cacert);
+
if(config->capath) {
result = res_setopt_str(curl, CURLOPT_CAPATH, config->capath);
if(result == CURLE_NOT_BUILT_IN) {
@@ -1026,17 +1108,44 @@ static CURLcode operate_do(struct GlobalConfig *global,
else if(result)
goto show_error;
}
+ /* For the time being if --proxy-capath is not set then we use the
+ --capath value for it, if any. See #1257 */
+ if(config->proxy_capath || config->capath) {
+ result = res_setopt_str(curl, CURLOPT_PROXY_CAPATH,
+ (config->proxy_capath ?
+ config->proxy_capath :
+ config->capath));
+ if(result == CURLE_NOT_BUILT_IN) {
+ if(config->proxy_capath) {
+ warnf(config->global,
+ "ignoring --proxy-capath, not supported by libcurl\n");
+ }
+ }
+ else if(result)
+ goto show_error;
+ }
+
if(config->crlfile)
my_setopt_str(curl, CURLOPT_CRLFILE, config->crlfile);
+ if(config->proxy_crlfile)
+ my_setopt_str(curl, CURLOPT_PROXY_CRLFILE, config->proxy_crlfile);
+ else if(config->crlfile) /* CURLOPT_PROXY_CRLFILE default is crlfile */
+ my_setopt_str(curl, CURLOPT_PROXY_CRLFILE, config->crlfile);
if(config->pinnedpubkey)
my_setopt_str(curl, CURLOPT_PINNEDPUBLICKEY, config->pinnedpubkey);
if(curlinfo->features & CURL_VERSION_SSL) {
my_setopt_str(curl, CURLOPT_SSLCERT, config->cert);
+ my_setopt_str(curl, CURLOPT_PROXY_SSLCERT, config->proxy_cert);
my_setopt_str(curl, CURLOPT_SSLCERTTYPE, config->cert_type);
+ my_setopt_str(curl, CURLOPT_PROXY_SSLCERTTYPE,
+ config->proxy_cert_type);
my_setopt_str(curl, CURLOPT_SSLKEY, config->key);
+ my_setopt_str(curl, CURLOPT_PROXY_SSLKEY, config->proxy_key);
my_setopt_str(curl, CURLOPT_SSLKEYTYPE, config->key_type);
+ my_setopt_str(curl, CURLOPT_PROXY_SSLKEYTYPE,
+ config->proxy_key_type);
if(config->insecure_ok) {
my_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
@@ -1047,6 +1156,13 @@ static CURLcode operate_do(struct GlobalConfig *global,
/* libcurl default is strict verifyhost -> 2L */
/* my_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2L); */
}
+ if(config->proxy_insecure_ok) {
+ my_setopt(curl, CURLOPT_PROXY_SSL_VERIFYPEER, 0L);
+ my_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 0L);
+ }
+ else {
+ my_setopt(curl, CURLOPT_PROXY_SSL_VERIFYPEER, 1L);
+ }
if(config->verifystatus)
my_setopt(curl, CURLOPT_SSL_VERIFYSTATUS, 1L);
@@ -1054,7 +1170,10 @@ static CURLcode operate_do(struct GlobalConfig *global,
if(config->falsestart)
my_setopt(curl, CURLOPT_SSL_FALSESTART, 1L);
- my_setopt_enum(curl, CURLOPT_SSLVERSION, config->ssl_version);
+ my_setopt_enum(curl, CURLOPT_SSLVERSION,
+ config->ssl_version | config->ssl_version_max);
+ my_setopt_enum(curl, CURLOPT_PROXY_SSLVERSION,
+ config->proxy_ssl_version);
}
if(config->path_as_is)
my_setopt(curl, CURLOPT_PATH_AS_IS, 1L);
@@ -1156,6 +1275,10 @@ static CURLcode operate_do(struct GlobalConfig *global,
if(config->cipher_list)
my_setopt_str(curl, CURLOPT_SSL_CIPHER_LIST, config->cipher_list);
+ if(config->proxy_cipher_list)
+ my_setopt_str(curl, CURLOPT_PROXY_SSL_CIPHER_LIST,
+ config->proxy_cipher_list);
+
/* new in libcurl 7.9.2: */
if(config->disable_epsv)
/* disable it */
@@ -1177,7 +1300,6 @@ static CURLcode operate_do(struct GlobalConfig *global,
result = res_setopt_str(curl, CURLOPT_SSLENGINE, config->engine);
if(result)
goto show_error;
- my_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1L);
}
/* new in curl 7.10.7, extended in 7.19.4. Modified to use
@@ -1221,6 +1343,11 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_NEC,
config->socks5_gssapi_nec);
+ /* new in curl 7.55.0 */
+ if(config->socks5_auth)
+ my_setopt_bitmask(curl, CURLOPT_SOCKS5_AUTH,
+ (long)config->socks5_auth);
+
/* new in curl 7.43.0 */
if(config->proxy_service_name)
my_setopt_str(curl, CURLOPT_PROXY_SERVICE_NAME,
@@ -1325,6 +1452,15 @@ static CURLcode operate_do(struct GlobalConfig *global,
if(config->tls_authtype)
my_setopt_str(curl, CURLOPT_TLSAUTH_TYPE,
config->tls_authtype);
+ if(config->proxy_tls_username)
+ my_setopt_str(curl, CURLOPT_PROXY_TLSAUTH_USERNAME,
+ config->proxy_tls_username);
+ if(config->proxy_tls_password)
+ my_setopt_str(curl, CURLOPT_PROXY_TLSAUTH_PASSWORD,
+ config->proxy_tls_password);
+ if(config->proxy_tls_authtype)
+ my_setopt_str(curl, CURLOPT_PROXY_TLSAUTH_TYPE,
+ config->proxy_tls_authtype);
}
/* new in 7.22.0 */
@@ -1340,6 +1476,10 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt_bitmask(curl, CURLOPT_SSL_OPTIONS, mask);
}
+ if(config->proxy_ssl_allow_beast)
+ my_setopt(curl, CURLOPT_PROXY_SSL_OPTIONS,
+ (long)CURLSSLOPT_ALLOW_BEAST);
+
if(config->mail_auth)
my_setopt_str(curl, CURLOPT_MAIL_AUTH, config->mail_auth);
@@ -1355,11 +1495,17 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt(curl, CURLOPT_SSL_ENABLE_ALPN, 0L);
}
- /* new in 7.40.0 */
- if(config->unix_socket_path)
- my_setopt_str(curl, CURLOPT_UNIX_SOCKET_PATH,
- config->unix_socket_path);
-
+ /* new in 7.40.0, abstract support added in 7.53.0 */
+ if(config->unix_socket_path) {
+ if(config->abstract_unix_socket) {
+ my_setopt_str(curl, CURLOPT_ABSTRACT_UNIX_SOCKET,
+ config->unix_socket_path);
+ }
+ else {
+ my_setopt_str(curl, CURLOPT_UNIX_SOCKET_PATH,
+ config->unix_socket_path);
+ }
+ }
/* new in 7.45.0 */
if(config->proto_default)
my_setopt_str(curl, CURLOPT_DEFAULT_PROTOCOL, config->proto_default);
@@ -1441,6 +1587,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
enum {
RETRY_NO,
RETRY_TIMEOUT,
+ RETRY_CONNREFUSED,
RETRY_HTTP,
RETRY_FTP,
RETRY_LAST /* not used */
@@ -1452,6 +1599,13 @@ static CURLcode operate_do(struct GlobalConfig *global,
(CURLE_FTP_ACCEPT_TIMEOUT == result))
/* retry timeout always */
retry = RETRY_TIMEOUT;
+ else if(config->retry_connrefused &&
+ (CURLE_COULDNT_CONNECT == result)) {
+ long oserrno;
+ curl_easy_getinfo(curl, CURLINFO_OS_ERRNO, &oserrno);
+ if(ECONNREFUSED == oserrno)
+ retry = RETRY_CONNREFUSED;
+ }
else if((CURLE_OK == result) ||
(config->failonerror &&
(CURLE_HTTP_RETURNED_ERROR == result))) {
@@ -1499,7 +1653,11 @@ static CURLcode operate_do(struct GlobalConfig *global,
if(retry) {
static const char * const m[]={
- NULL, "timeout", "HTTP error", "FTP error"
+ NULL,
+ "timeout",
+ "connection refused",
+ "HTTP error",
+ "FTP error"
};
warnf(config->global, "Transient problem: %s "
@@ -1559,14 +1717,14 @@ static CURLcode operate_do(struct GlobalConfig *global,
char *effective_url = NULL;
curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &effective_url);
if(effective_url &&
- curlx_strnequal(effective_url, "http", 4)) {
+ curl_strnequal(effective_url, "http", 4)) {
/* This was HTTP(S) */
curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response);
if(response != 200 && response != 206) {
metalink_next_res = 1;
fprintf(global->errors,
"Metalink: fetching (%s) from (%s) FAILED "
- "(HTTP status code %d)\n",
+ "(HTTP status code %ld)\n",
mlfile->filename, this_url, response);
}
}
@@ -1598,9 +1756,6 @@ static CURLcode operate_do(struct GlobalConfig *global,
if(config->writeout)
ourWriteOut(curl, &outs, config->writeout);
- if(config->writeenv)
- ourWriteEnv(curl);
-
/*
** Code within this loop may jump directly here to label 'show_error'
** in order to display an error message for CURLcode stored in 'res'
@@ -1618,12 +1773,19 @@ static CURLcode operate_do(struct GlobalConfig *global,
}
else
#endif
- if(result && global->showerror) {
+ if(config->synthetic_error) {
+ ;
+ }
+ else if(result && global->showerror) {
fprintf(global->errors, "curl: (%d) %s\n", result, (errorbuffer[0]) ?
errorbuffer : curl_easy_strerror(result));
if(result == CURLE_SSL_CACERT)
- fprintf(global->errors, "%s%s",
- CURL_CA_CERT_ERRORMSG1, CURL_CA_CERT_ERRORMSG2);
+ fprintf(global->errors, "%s%s%s",
+ CURL_CA_CERT_ERRORMSG1, CURL_CA_CERT_ERRORMSG2,
+ ((curlinfo->features & CURL_VERSION_HTTPS_PROXY) ?
+ "HTTPS-proxy has similar options --proxy-cacert "
+ "and --proxy-insecure.\n" :
+ ""));
}
/* Fall through comment to 'quit_urls' label */
@@ -1677,20 +1839,18 @@ static CURLcode operate_do(struct GlobalConfig *global,
}
#endif
-#ifdef HAVE_UTIME
+#if defined(HAVE_UTIME) || \
+ (defined(WIN32) && (CURL_SIZEOF_CURL_OFF_T >= 8))
/* File time can only be set _after_ the file has been closed */
if(!result && config->remote_time && outs.s_isreg && outs.filename) {
/* Ask libcurl if we got a remote file time */
long filetime = -1;
curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime);
- if(filetime >= 0) {
- struct utimbuf times;
- times.actime = (time_t)filetime;
- times.modtime = (time_t)filetime;
- utime(outs.filename, ×); /* set the time we got */
- }
+ if(filetime >= 0)
+ setfiletime(filetime, outs.filename, config->global->errors);
}
-#endif
+#endif /* defined(HAVE_UTIME) || \
+ (defined(WIN32) && (CURL_SIZEOF_CURL_OFF_T >= 8)) */
#ifdef USE_METALINK
if(!metalink && config->use_metalink && result == CURLE_OK) {
@@ -1793,9 +1953,9 @@ static CURLcode operate_do(struct GlobalConfig *global,
urlnode->flags = 0;
/*
- ** Bail out upon critical errors
+ ** Bail out upon critical errors or --fail-early
*/
- if(is_fatal_error(result))
+ if(is_fatal_error(result) || (result && global->fail_early))
goto quit_curl;
} /* for-loop through all URLs */
@@ -1842,8 +2002,8 @@ CURLcode operate(struct GlobalConfig *config, int argc,
argv_item_t argv[])
/* Parse .curlrc if necessary */
if((argc == 1) ||
- (!curlx_strequal(argv[1], "-q") &&
- !curlx_strequal(argv[1], "--disable"))) {
+ (!curl_strequal(argv[1], "-q") &&
+ !curl_strequal(argv[1], "--disable"))) {
parseconfig(NULL, config); /* ignore possible failure */
/* If we had no arguments then make sure a url was specified in .curlrc */
@@ -1904,6 +2064,9 @@ CURLcode operate(struct GlobalConfig *config, int argc,
argv_item_t argv[])
result = operate_do(config, config->current);
config->current = config->current->next;
+
+ if(config->current && config->current->easy)
+ curl_easy_reset(config->current->easy);
}
#ifndef CURL_DISABLE_LIBCURL_OPTION
diff --git a/src/tool_operhlp.c b/src/tool_operhlp.c
index b43dc9548..21b5ffe77 100644
--- a/src/tool_operhlp.c
+++ b/src/tool_operhlp.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2014, 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
***************************************************************************/
#include "tool_setup.h"
-#include "rawstr.h"
+#include "strcase.h"
#define ENABLE_CURLX_PRINTF
/* use our own printf() functions */
@@ -63,8 +63,8 @@ bool output_expected(const char *url, const char *uploadfile)
bool stdin_upload(const char *uploadfile)
{
- return (curlx_strequal(uploadfile, "-") ||
- curlx_strequal(uploadfile, ".")) ? TRUE : FALSE;
+ return (!strcmp(uploadfile, "-") ||
+ !strcmp(uploadfile, ".")) ? TRUE : FALSE;
}
/*
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
index 820d872bc..85c5e79a7 100644
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
***************************************************************************/
#include "tool_setup.h"
-#include "rawstr.h"
+#include "strcase.h"
#define ENABLE_CURLX_PRINTF
/* use our own printf() functions */
@@ -66,12 +66,15 @@ ParameterError file2string(char **bufp, FILE *file)
if(file) {
while(fgets(buffer, sizeof(buffer), file)) {
- if((ptr = strchr(buffer, '\r')) != NULL)
+ ptr = strchr(buffer, '\r');
+ if(ptr)
*ptr = '\0';
- if((ptr = strchr(buffer, '\n')) != NULL)
+ ptr = strchr(buffer, '\n');
+ if(ptr)
*ptr = '\0';
buflen = strlen(buffer);
- if((ptr = realloc(string, stringlen+buflen+1)) == NULL) {
+ ptr = realloc(string, stringlen+buflen+1);
+ if(!ptr) {
Curl_safefree(string);
return PARAM_NO_MEM;
}
@@ -102,7 +105,8 @@ ParameterError file2memory(char **bufp, size_t *size, FILE
*file)
}
alloc *= 2;
/* allocate an extra char, reserved space, for null termination */
- if((newbuf = realloc(buffer, alloc+1)) == NULL) {
+ newbuf = realloc(buffer, alloc+1);
+ if(!newbuf) {
Curl_safefree(buffer);
return PARAM_NO_MEM;
}
@@ -115,7 +119,8 @@ ParameterError file2memory(char **bufp, size_t *size, FILE
*file)
buffer[nused] = '\0';
/* free trailing slack space, if possible */
if(alloc != nused) {
- if((newbuf = realloc(buffer, nused+1)) == NULL) {
+ newbuf = realloc(buffer, nused+1);
+ if(!newbuf) {
Curl_safefree(buffer);
return PARAM_NO_MEM;
}
@@ -159,7 +164,11 @@ ParameterError str2num(long *val, const char *str)
{
if(str) {
char *endptr;
- long num = strtol(str, &endptr, 10);
+ long num;
+ errno = 0;
+ num = strtol(str, &endptr, 10);
+ if(errno == ERANGE)
+ return PARAM_NUMBER_TOO_LARGE;
if((endptr != str) && (endptr == str + strlen(str))) {
*val = num;
return PARAM_OK; /* Ok */
@@ -192,16 +201,27 @@ ParameterError str2unum(long *val, const char *str)
* Parse the string and write the double in the given address. Return PARAM_OK
* on success, otherwise a parameter specific error enum.
*
+ * The 'max' argument is the maximum value allowed, as the numbers are often
+ * multiplied when later used.
+ *
* Since this function gets called with the 'nextarg' pointer from within the
* getparameter a lot, we must check it for NULL before accessing the str
* data.
*/
-ParameterError str2double(double *val, const char *str)
+static ParameterError str2double(double *val, const char *str, long max)
{
if(str) {
char *endptr;
- double num = strtod(str, &endptr);
+ double num;
+ errno = 0;
+ num = strtod(str, &endptr);
+ if(errno == ERANGE)
+ return PARAM_NUMBER_TOO_LARGE;
+ if(num > max) {
+ /* too large */
+ return PARAM_NUMBER_TOO_LARGE;
+ }
if((endptr != str) && (endptr == str + strlen(str))) {
*val = num;
return PARAM_OK; /* Ok */
@@ -214,14 +234,17 @@ ParameterError str2double(double *val, const char *str)
* Parse the string and write the double in the given address. Return PARAM_OK
* on success, otherwise a parameter error enum. ONLY ACCEPTS POSITIVE NUMBERS!
*
+ * The 'max' argument is the maximum value allowed, as the numbers are often
+ * multiplied when later used.
+ *
* Since this function gets called with the 'nextarg' pointer from within the
* getparameter a lot, we must check it for NULL before accessing the str
* data.
*/
-ParameterError str2udouble(double *val, const char *str)
+ParameterError str2udouble(double *val, const char *str, long max)
{
- ParameterError result = str2double(val, str);
+ ParameterError result = str2double(val, str, max);
if(result != PARAM_OK)
return result;
if(*val < 0)
@@ -312,8 +335,8 @@ long proto2num(struct OperationConfig *config, long *val,
const char *str)
}
for(pp=protos; pp->name; pp++) {
- if(curlx_raw_equal(token, pp->name)) {
- switch (action) {
+ if(curl_strequal(token, pp->name)) {
+ switch(action) {
case deny:
*val &= ~(pp->bit);
break;
@@ -355,7 +378,7 @@ int check_protocol(const char *str)
if(!str)
return PARAM_REQUIRES_PARAMETER;
for(pp = curlinfo->protocols; *pp; pp++) {
- if(curlx_raw_equal(*pp, str))
+ if(curl_strequal(*pp, str))
return PARAM_OK;
}
return PARAM_LIBCURL_UNSUPPORTED_PROTOCOL;
@@ -378,12 +401,13 @@ ParameterError str2offset(curl_off_t *val, const char
*str)
#if(CURL_SIZEOF_CURL_OFF_T > CURL_SIZEOF_LONG)
*val = curlx_strtoofft(str, &endptr, 0);
- if((*val == CURL_OFF_T_MAX || *val == CURL_OFF_T_MIN) && (ERRNO == ERANGE))
- return PARAM_BAD_NUMERIC;
+ if((*val == CURL_OFF_T_MAX || *val == CURL_OFF_T_MIN) && (errno == ERANGE))
+ return PARAM_NUMBER_TOO_LARGE;
#else
+ errno = 0;
*val = strtol(str, &endptr, 0);
- if((*val == LONG_MIN || *val == LONG_MAX) && ERRNO == ERANGE)
- return PARAM_BAD_NUMERIC;
+ if((*val == LONG_MIN || *val == LONG_MAX) && errno == ERANGE)
+ return PARAM_NUMBER_TOO_LARGE;
#endif
if((endptr != str) && (endptr == str + strlen(str)))
return PARAM_OK;
@@ -466,11 +490,11 @@ ParameterError add2list(struct curl_slist **list, const
char *ptr)
int ftpfilemethod(struct OperationConfig *config, const char *str)
{
- if(curlx_raw_equal("singlecwd", str))
+ if(curl_strequal("singlecwd", str))
return CURLFTPMETHOD_SINGLECWD;
- if(curlx_raw_equal("nocwd", str))
+ if(curl_strequal("nocwd", str))
return CURLFTPMETHOD_NOCWD;
- if(curlx_raw_equal("multicwd", str))
+ if(curl_strequal("multicwd", str))
return CURLFTPMETHOD_MULTICWD;
warnf(config->global, "unrecognized ftp file method '%s', using default\n",
@@ -481,9 +505,9 @@ int ftpfilemethod(struct OperationConfig *config, const
char *str)
int ftpcccmethod(struct OperationConfig *config, const char *str)
{
- if(curlx_raw_equal("passive", str))
+ if(curl_strequal("passive", str))
return CURLFTPSSL_CCC_PASSIVE;
- if(curlx_raw_equal("active", str))
+ if(curl_strequal("active", str))
return CURLFTPSSL_CCC_ACTIVE;
warnf(config->global, "unrecognized ftp CCC method '%s', using default\n",
@@ -494,11 +518,11 @@ int ftpcccmethod(struct OperationConfig *config, const
char *str)
long delegation(struct OperationConfig *config, char *str)
{
- if(curlx_raw_equal("none", str))
+ if(curl_strequal("none", str))
return CURLGSSAPI_DELEGATION_NONE;
- if(curlx_raw_equal("policy", str))
+ if(curl_strequal("policy", str))
return CURLGSSAPI_DELEGATION_POLICY_FLAG;
- if(curlx_raw_equal("always", str))
+ if(curl_strequal("always", str))
return CURLGSSAPI_DELEGATION_FLAG;
warnf(config->global, "unrecognized delegation method '%s', using none\n",
@@ -545,3 +569,36 @@ CURLcode get_args(struct OperationConfig *config, const
size_t i)
return result;
}
+
+/*
+ * Parse the string and modify ssl_version in the val argument. Return PARAM_OK
+ * on success, otherwise a parameter error enum. ONLY ACCEPTS POSITIVE NUMBERS!
+ *
+ * Since this function gets called with the 'nextarg' pointer from within the
+ * getparameter a lot, we must check it for NULL before accessing the str
+ * data.
+ */
+
+ParameterError str2tls_max(long *val, const char *str)
+{
+ static struct s_tls_max {
+ const char *tls_max_str;
+ long tls_max;
+ } const tls_max_array[] = {
+ { "default", CURL_SSLVERSION_MAX_DEFAULT },
+ { "1.0", CURL_SSLVERSION_MAX_TLSv1_0 },
+ { "1.1", CURL_SSLVERSION_MAX_TLSv1_1 },
+ { "1.2", CURL_SSLVERSION_MAX_TLSv1_2 },
+ { "1.3", CURL_SSLVERSION_MAX_TLSv1_3 }
+ };
+ size_t i = 0;
+ if(!str)
+ return PARAM_REQUIRES_PARAMETER;
+ for(i = 0; i < sizeof(tls_max_array)/sizeof(tls_max_array[0]); i++) {
+ if(!strcmp(str, tls_max_array[i].tls_max_str)) {
+ *val = tls_max_array[i].tls_max;
+ return PARAM_OK;
+ }
+ }
+ return PARAM_BAD_USE;
+}
diff --git a/src/tool_paramhlp.h b/src/tool_paramhlp.h
index 89a99b2bb..854f52256 100644
--- a/src/tool_paramhlp.h
+++ b/src/tool_paramhlp.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -33,8 +33,7 @@ void cleanarg(char *str);
ParameterError str2num(long *val, const char *str);
ParameterError str2unum(long *val, const char *str);
-ParameterError str2double(double *val, const char *str);
-ParameterError str2udouble(double *val, const char *str);
+ParameterError str2udouble(double *val, const char *str, long max);
long proto2num(struct OperationConfig *config, long *val, const char *str);
@@ -52,4 +51,6 @@ int ftpcccmethod(struct OperationConfig *config, const char
*str);
long delegation(struct OperationConfig *config, char *str);
+ParameterError str2tls_max(long *val, const char *str);
+
#endif /* HEADER_CURL_TOOL_PARAMHLP_H */
diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c
index d9454c23a..93814f454 100644
--- a/src/tool_parsecfg.c
+++ b/src/tool_parsecfg.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -49,7 +49,7 @@ int parseconfig(const char *filename, struct GlobalConfig
*global)
int res;
FILE *file;
char filebuffer[512];
- bool usedarg;
+ bool usedarg = FALSE;
char *home;
int rc = 0;
struct OperationConfig *operation = global->first;
@@ -79,7 +79,7 @@ int parseconfig(const char *filename, struct GlobalConfig
*global)
* already declared via inclusions done in setup header file.
* We assume that we are using the ASCII version here.
*/
- int n = GetModuleFileName(0, filebuffer, sizeof(filebuffer));
+ int n = GetModuleFileNameA(0, filebuffer, sizeof(filebuffer));
if(n > 0 && n < (int)sizeof(filebuffer)) {
/* We got a valid filename - get the directory part */
char *lastdirchar = strrchr(filebuffer, '\\');
@@ -209,14 +209,10 @@ int parseconfig(const char *filename, struct GlobalConfig
*global)
filename, lineno, option);
}
}
- }
-
- if(!*param) {
- /* do this so getparameter can check for required parameters.
- Otherwise it always thinks there's a parameter. */
- if(alloced_param)
- Curl_safefree(param);
- param = NULL;
+ if(!*param)
+ /* do this so getparameter can check for required parameters.
+ Otherwise it always thinks there's a parameter. */
+ param = NULL;
}
#ifdef DEBUG_CONFIG
@@ -224,7 +220,7 @@ int parseconfig(const char *filename, struct GlobalConfig
*global)
#endif
res = getparameter(option, param, &usedarg, global, operation);
- if(param && *param && !usedarg)
+ if(!res && param && *param && !usedarg)
/* we passed in a parameter that wasn't used! */
res = PARAM_GOT_EXTRA_PARAMETER;
@@ -257,7 +253,7 @@ int parseconfig(const char *filename, struct GlobalConfig
*global)
if(res != PARAM_OK && res != PARAM_NEXT_OPERATION) {
/* the help request isn't really an error */
if(!strcmp(filename, "-")) {
- filename = (char *)"<stdin>";
+ filename = "<stdin>";
}
if(res != PARAM_HELP_REQUESTED &&
res != PARAM_MANUAL_REQUESTED &&
diff --git a/src/tool_setopt.c b/src/tool_setopt.c
index c854225e4..694d3ffa5 100644
--- a/src/tool_setopt.c
+++ b/src/tool_setopt.c
@@ -45,6 +45,15 @@
const NameValue setopt_nv_CURLPROXY[] = {
NV(CURLPROXY_HTTP),
NV(CURLPROXY_HTTP_1_0),
+ NV(CURLPROXY_HTTPS),
+ NV(CURLPROXY_SOCKS4),
+ NV(CURLPROXY_SOCKS5),
+ NV(CURLPROXY_SOCKS4A),
+ NV(CURLPROXY_SOCKS5_HOSTNAME),
+ NVEND,
+};
+
+const NameValue setopt_nv_CURL_SOCKS_PROXY[] = {
NV(CURLPROXY_SOCKS4),
NV(CURLPROXY_SOCKS5),
NV(CURLPROXY_SOCKS4A),
@@ -83,6 +92,7 @@ const NameValue setopt_nv_CURL_SSLVERSION[] = {
NV(CURL_SSLVERSION_TLSv1_0),
NV(CURL_SSLVERSION_TLSv1_1),
NV(CURL_SSLVERSION_TLSv1_2),
+ NV(CURL_SSLVERSION_TLSv1_3),
NVEND,
};
@@ -158,6 +168,9 @@ static const NameValue setopt_nv_CURLNONZERODEFAULTS[] = {
NV1(CURLOPT_SSL_ENABLE_NPN, 1),
NV1(CURLOPT_SSL_ENABLE_ALPN, 1),
NV1(CURLOPT_TCP_NODELAY, 1),
+ NV1(CURLOPT_PROXY_SSL_VERIFYPEER, 1),
+ NV1(CURLOPT_PROXY_SSL_VERIFYHOST, 1),
+ NV1(CURLOPT_SOCKS5_AUTH, 1),
NVEND
};
diff --git a/src/tool_setopt.h b/src/tool_setopt.h
index 7cd38751c..da67deeb6 100644
--- a/src/tool_setopt.h
+++ b/src/tool_setopt.h
@@ -47,6 +47,7 @@ typedef struct {
} NameValueUnsigned;
extern const NameValue setopt_nv_CURLPROXY[];
+extern const NameValue setopt_nv_CURL_SOCKS_PROXY[];
extern const NameValue setopt_nv_CURL_HTTP_VERSION[];
extern const NameValue setopt_nv_CURL_SSLVERSION[];
extern const NameValue setopt_nv_CURL_TIMECOND[];
@@ -61,6 +62,7 @@ extern const NameValueUnsigned setopt_nv_CURLAUTH[];
#define setopt_nv_CURLOPT_HTTP_VERSION setopt_nv_CURL_HTTP_VERSION
#define setopt_nv_CURLOPT_HTTPAUTH setopt_nv_CURLAUTH
#define setopt_nv_CURLOPT_SSLVERSION setopt_nv_CURL_SSLVERSION
+#define setopt_nv_CURLOPT_PROXY_SSLVERSION setopt_nv_CURL_SSLVERSION
#define setopt_nv_CURLOPT_TIMECONDITION setopt_nv_CURL_TIMECOND
#define setopt_nv_CURLOPT_FTP_SSL_CCC setopt_nv_CURLFTPSSL_CCC
#define setopt_nv_CURLOPT_USE_SSL setopt_nv_CURLUSESSL
@@ -70,6 +72,7 @@ extern const NameValueUnsigned setopt_nv_CURLAUTH[];
#define setopt_nv_CURLOPT_REDIR_PROTOCOLS setopt_nv_CURLPROTO
#define setopt_nv_CURLOPT_PROXYTYPE setopt_nv_CURLPROXY
#define setopt_nv_CURLOPT_PROXYAUTH setopt_nv_CURLAUTH
+#define setopt_nv_CURLOPT_SOCKS5_AUTH setopt_nv_CURLAUTH
/* Intercept setopt calls for --libcurl */
diff --git a/src/tool_setup.h b/src/tool_setup.h
index 90b01d7e9..2b2b9527b 100644
--- a/src/tool_setup.h
+++ b/src/tool_setup.h
@@ -39,7 +39,7 @@
* curl tool certainly uses libcurl's external interface.
*/
-#include <curl/curl.h> /* external interface */
+#include <gnurl/curl.h> /* external interface */
/*
* Platform specific stuff.
diff --git a/src/tool_sleep.c b/src/tool_sleep.c
index d878512ac..a63d85ffb 100644
--- a/src/tool_sleep.c
+++ b/src/tool_sleep.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -25,10 +25,10 @@
# include <sys/select.h>
#endif
-#ifdef HAVE_SYS_POLL_H
-# include <sys/poll.h>
-#elif defined(HAVE_POLL_H)
+#ifdef HAVE_POLL_H
# include <poll.h>
+#elif defined(HAVE_SYS_POLL_H)
+# include <sys/poll.h>
#endif
#ifdef MSDOS
@@ -51,7 +51,7 @@ void tool_go_sleep(long ms)
struct timeval timeout;
timeout.tv_sec = ms / 1000L;
ms = ms % 1000L;
- timeout.tv_usec = ms * 1000L;
+ timeout.tv_usec = (int)ms * 1000;
select(0, NULL, NULL, NULL, &timeout);
#endif
}
diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
index a357b8b56..d56dcd912 100644
--- a/src/tool_urlglob.c
+++ b/src/tool_urlglob.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -44,7 +44,7 @@ static CURLcode glob_fixed(URLGlob *glob, char *fixed, size_t
len)
pat->content.Set.ptr_s = 0;
pat->globindex = -1;
- pat->content.Set.elements = malloc(sizeof(char*));
+ pat->content.Set.elements = malloc(sizeof(char *));
if(!pat->content.Set.elements)
return GLOBERROR("out of memory", 0, CURLE_OUT_OF_MEMORY);
@@ -66,6 +66,10 @@ static CURLcode glob_fixed(URLGlob *glob, char *fixed,
size_t len)
static int multiply(unsigned long *amount, long with)
{
unsigned long sum = *amount * with;
+ if(!with) {
+ *amount = 0;
+ return 0;
+ }
if(sum/with != *amount)
return 1; /* didn't fit, bail out */
*amount = sum;
@@ -118,14 +122,14 @@ static CURLcode glob_set(URLGlob *glob, char **patternp,
*buf = '\0';
if(pat->content.Set.elements) {
char **new_arr = realloc(pat->content.Set.elements,
- (pat->content.Set.size + 1) * sizeof(char*));
+ (pat->content.Set.size + 1) * sizeof(char *));
if(!new_arr)
return GLOBERROR("out of memory", 0, CURLE_OUT_OF_MEMORY);
pat->content.Set.elements = new_arr;
}
else
- pat->content.Set.elements = malloc(sizeof(char*));
+ pat->content.Set.elements = malloc(sizeof(char *));
if(!pat->content.Set.elements)
return GLOBERROR("out of memory", 0, CURLE_OUT_OF_MEMORY);
@@ -188,44 +192,48 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
/* character range detected */
char min_c;
char max_c;
- int step=1;
+ char end_c;
+ unsigned long step = 1;
pat->type = UPTCharRange;
- rc = sscanf(pattern, "%c-%c", &min_c, &max_c);
+ rc = sscanf(pattern, "%c-%c%c", &min_c, &max_c, &end_c);
- if((rc == 2) && (pattern[3] == ':')) {
- char *endp;
- unsigned long lstep;
- errno = 0;
- lstep = strtoul(&pattern[4], &endp, 10);
- if(errno || (*endp != ']'))
- step = -1;
- else {
- pattern = endp+1;
- step = (int)lstep;
- if(step > (max_c - min_c))
- step = -1;
+ if(rc == 3) {
+ if(end_c == ':') {
+ char *endp;
+ errno = 0;
+ step = strtoul(&pattern[4], &endp, 10);
+ if(errno || &pattern[4] == endp || *endp != ']')
+ step = 0;
+ else
+ pattern = endp+1;
}
+ else if(end_c != ']')
+ /* then this is wrong */
+ rc = 0;
+ else
+ /* end_c == ']' */
+ pattern += 4;
}
- else
- pattern += 4;
*posp += (pattern - *patternp);
- if((rc != 2) || (min_c >= max_c) || ((max_c - min_c) > ('z' - 'a')) ||
- (step <= 0) )
+ if(rc != 3 || !step || step > (unsigned)INT_MAX ||
+ (min_c == max_c && step != 1) ||
+ (min_c != max_c && (min_c > max_c || step > (unsigned)(max_c - min_c) ||
+ (max_c - min_c) > ('z' - 'a'))))
/* the pattern is not well-formed */
return GLOBERROR("bad range", *posp, CURLE_URL_MALFORMAT);
/* if there was a ":[num]" thing, use that as step or else use 1 */
- pat->content.CharRange.step = step;
+ pat->content.CharRange.step = (int)step;
pat->content.CharRange.ptr_c = pat->content.CharRange.min_c = min_c;
pat->content.CharRange.max_c = max_c;
- if(multiply(amount, (pat->content.CharRange.max_c -
+ if(multiply(amount, ((pat->content.CharRange.max_c -
pat->content.CharRange.min_c) /
- pat->content.CharRange.step + 1) )
+ pat->content.CharRange.step + 1)))
return GLOBERROR("range overflow", *posp, CURLE_URL_MALFORMAT);
}
else if(ISDIGIT(*pattern)) {
@@ -257,9 +265,18 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
endp = NULL;
else {
pattern = endp+1;
+ while(*pattern && ISBLANK(*pattern))
+ pattern++;
+ if(!ISDIGIT(*pattern)) {
+ endp = NULL;
+ goto fail;
+ }
errno = 0;
max_n = strtoul(pattern, &endp, 10);
- if(errno || (*endp == ':')) {
+ if(errno)
+ /* overflow */
+ endp = NULL;
+ else if(*endp == ':') {
pattern = endp+1;
errno = 0;
step_n = strtoul(pattern, &endp, 10);
@@ -277,9 +294,12 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
}
}
+ fail:
*posp += (pattern - *patternp);
- if(!endp || (min_n > max_n) || (step_n > (max_n - min_n)) || !step_n)
+ if(!endp || !step_n ||
+ (min_n == max_n && step_n != 1) ||
+ (min_n != max_n && (min_n > max_n || step_n > (max_n - min_n))))
/* the pattern is not well-formed */
return GLOBERROR("bad range", *posp, CURLE_URL_MALFORMAT);
@@ -289,9 +309,9 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
pat->content.NumRange.max_n = max_n;
pat->content.NumRange.step = step_n;
- if(multiply(amount, (pat->content.NumRange.max_n -
- pat->content.NumRange.min_n) /
- pat->content.NumRange.step + 1) )
+ if(multiply(amount, ((pat->content.NumRange.max_n -
+ pat->content.NumRange.min_n) /
+ pat->content.NumRange.step + 1)))
return GLOBERROR("range overflow", *posp, CURLE_URL_MALFORMAT);
}
else
@@ -407,7 +427,7 @@ static CURLcode glob_parse(URLGlob *glob, char *pattern,
return res;
}
-CURLcode glob_url(URLGlob** glob, char* url, unsigned long *urlnum,
+CURLcode glob_url(URLGlob **glob, char *url, unsigned long *urlnum,
FILE *error)
{
/*
@@ -424,6 +444,7 @@ CURLcode glob_url(URLGlob** glob, char* url, unsigned long
*urlnum,
glob_buffer = malloc(strlen(url) + 1);
if(!glob_buffer)
return CURLE_OUT_OF_MEMORY;
+ glob_buffer[0]=0;
glob_expand = calloc(1, sizeof(URLGlob));
if(!glob_expand) {
@@ -501,7 +522,7 @@ CURLcode glob_next_url(char **globbed, URLGlob *glob)
for(i = 0; carry && (i < glob->size); i++) {
carry = FALSE;
pat = &glob->pattern[glob->size - 1 - i];
- switch (pat->type) {
+ switch(pat->type) {
case UPTSet:
if((pat->content.Set.elements) &&
(++pat->content.Set.ptr_s == pat->content.Set.size)) {
@@ -541,20 +562,25 @@ CURLcode glob_next_url(char **globbed, URLGlob *glob)
switch(pat->type) {
case UPTSet:
if(pat->content.Set.elements) {
- len = strlen(pat->content.Set.elements[pat->content.Set.ptr_s]);
snprintf(buf, buflen, "%s",
pat->content.Set.elements[pat->content.Set.ptr_s]);
+ len = strlen(buf);
buf += len;
buflen -= len;
}
break;
case UPTCharRange:
- *buf++ = pat->content.CharRange.ptr_c;
+ if(buflen) {
+ *buf++ = pat->content.CharRange.ptr_c;
+ *buf = '\0';
+ buflen--;
+ }
break;
case UPTNumRange:
- len = snprintf(buf, buflen, "%0*ld",
- pat->content.NumRange.padlength,
- pat->content.NumRange.ptr_n);
+ snprintf(buf, buflen, "%0*ld",
+ pat->content.NumRange.padlength,
+ pat->content.NumRange.ptr_n);
+ len = strlen(buf);
buf += len;
buflen -= len;
break;
@@ -563,7 +589,6 @@ CURLcode glob_next_url(char **globbed, URLGlob *glob)
return CURLE_FAILED_INIT;
}
}
- *buf = '\0';
*globbed = strdup(glob->glob_buffer);
if(!*globbed)
@@ -612,7 +637,7 @@ CURLcode glob_match_url(char **result, char *filename,
URLGlob *glob)
}
if(pat) {
- switch (pat->type) {
+ switch(pat->type) {
case UPTSet:
if(pat->content.Set.elements) {
appendthis = pat->content.Set.elements[pat->content.Set.ptr_s];
@@ -627,7 +652,7 @@ CURLcode glob_match_url(char **result, char *filename,
URLGlob *glob)
appendlen = 1;
break;
case UPTNumRange:
- snprintf(numbuf, sizeof(numbuf), "%0*d",
+ snprintf(numbuf, sizeof(numbuf), "%0*lu",
pat->content.NumRange.padlength,
pat->content.NumRange.ptr_n);
appendthis = numbuf;
diff --git a/src/tool_urlglob.h b/src/tool_urlglob.h
index c3be948f8..82d9d46d6 100644
--- a/src/tool_urlglob.h
+++ b/src/tool_urlglob.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -68,9 +68,9 @@ typedef struct {
size_t pos; /* column position of error or 0 */
} URLGlob;
-CURLcode glob_url(URLGlob**, char*, unsigned long *, FILE *);
+CURLcode glob_url(URLGlob**, char *, unsigned long *, FILE *);
CURLcode glob_next_url(char **, URLGlob *);
-CURLcode glob_match_url(char **, char*, URLGlob *);
+CURLcode glob_match_url(char **, char *, URLGlob *);
void glob_cleanup(URLGlob* glob);
#endif /* HEADER_CURL_TOOL_URLGLOB_H */
diff --git a/src/tool_util.c b/src/tool_util.c
index 8af15ff0c..875411e3b 100644
--- a/src/tool_util.c
+++ b/src/tool_util.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -27,7 +27,7 @@
#if defined(WIN32) && !defined(MSDOS)
-struct timeval tool_tvnow(void)
+struct timeval tvnow(void)
{
/*
** GetTickCount() is available on _all_ Windows versions from W95 up
@@ -52,7 +52,7 @@ struct timeval tool_tvnow(void)
#elif defined(HAVE_CLOCK_GETTIME_MONOTONIC)
-struct timeval tool_tvnow(void)
+struct timeval tvnow(void)
{
/*
** clock_gettime() is granted to be increased monotonically when the
@@ -86,7 +86,7 @@ struct timeval tool_tvnow(void)
#elif defined(HAVE_GETTIMEOFDAY)
-struct timeval tool_tvnow(void)
+struct timeval tvnow(void)
{
/*
** gettimeofday() is not granted to be increased monotonically, due to
@@ -100,7 +100,7 @@ struct timeval tool_tvnow(void)
#else
-struct timeval tool_tvnow(void)
+struct timeval tvnow(void)
{
/*
** time() returns the value of time in seconds since the Epoch.
@@ -119,29 +119,8 @@ struct timeval tool_tvnow(void)
*
* Returns: the time difference in number of milliseconds.
*/
-long tool_tvdiff(struct timeval newer, struct timeval older)
+long tvdiff(struct timeval newer, struct timeval older)
{
- return (newer.tv_sec-older.tv_sec)*1000+
- (newer.tv_usec-older.tv_usec)/1000;
+ return (long)(newer.tv_sec-older.tv_sec)*1000+
+ (long)(newer.tv_usec-older.tv_usec)/1000;
}
-
-/*
- * Same as tool_tvdiff but with full usec resolution.
- *
- * Returns: the time difference in seconds with subsecond resolution.
- */
-double tool_tvdiff_secs(struct timeval newer, struct timeval older)
-{
- if(newer.tv_sec != older.tv_sec)
- return (double)(newer.tv_sec-older.tv_sec)+
- (double)(newer.tv_usec-older.tv_usec)/1000000.0;
- else
- return (double)(newer.tv_usec-older.tv_usec)/1000000.0;
-}
-
-/* return the number of seconds in the given input timeval struct */
-long tool_tvlong(struct timeval t1)
-{
- return t1.tv_sec;
-}
-
diff --git a/src/tool_util.h b/src/tool_util.h
index 8f72d6261..fda1e61bf 100644
--- a/src/tool_util.h
+++ b/src/tool_util.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,7 +23,7 @@
***************************************************************************/
#include "tool_setup.h"
-struct timeval tool_tvnow(void);
+struct timeval tvnow(void);
/*
* Make sure that the first argument (t1) is the more recent time and t2 is
@@ -31,26 +31,7 @@ struct timeval tool_tvnow(void);
*
* Returns: the time difference in number of milliseconds.
*/
-long tool_tvdiff(struct timeval t1, struct timeval t2);
-
-/*
- * Same as tool_tvdiff but with full usec resolution.
- *
- * Returns: the time difference in seconds with subsecond resolution.
- */
-double tool_tvdiff_secs(struct timeval t1, struct timeval t2);
-
-long tool_tvlong(struct timeval t1);
-
-#undef tvnow
-#undef tvdiff
-#undef tvdiff_secs
-#undef tvlong
-
-#define tvnow() tool_tvnow()
-#define tvdiff(a,b) tool_tvdiff((a), (b))
-#define tvdiff_secs(a,b) tool_tvdiff_secs((a), (b))
-#define tvlong(a) tool_tvlong((a))
+long tvdiff(struct timeval t1, struct timeval t2);
#endif /* HEADER_CURL_TOOL_UTIL_H */
diff --git a/src/tool_version.h b/src/tool_version.h
index 04f45671e..b18a852ea 100644
--- a/src/tool_version.h
+++ b/src/tool_version.h
@@ -21,7 +21,7 @@
* KIND, either express or implied.
*
***************************************************************************/
-#include <curl/curlver.h>
+#include <gnurl/curlver.h>
#define CURL_NAME "curl"
#define CURL_COPYRIGHT LIBCURL_COPYRIGHT
diff --git a/src/tool_writeenv.c b/src/tool_writeenv.c
deleted file mode 100644
index c1bfcbe2f..000000000
--- a/src/tool_writeenv.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-#include "tool_setup.h"
-
-#ifdef USE_ENVIRONMENT
-
-#ifdef __riscos__
-# include <kernel.h>
-#endif
-
-#include <curl/mprintf.h>
-#include "tool_writeenv.h"
-#include "memdebug.h" /* keep this as LAST include */
-
-static const struct
-{
- const char * name;
- CURLINFO id;
- enum {
- writeenv_NONE,
- writeenv_DOUBLE,
- writeenv_LONG,
- writeenv_STRING
- } type;
-} variables[14] =
-{
- {"curl_url_effective", CURLINFO_EFFECTIVE_URL, writeenv_STRING},
- {"curl_http_code", CURLINFO_RESPONSE_CODE, writeenv_LONG},
- {"curl_time_total", CURLINFO_TOTAL_TIME, writeenv_DOUBLE},
- {"curl_time_namelookup", CURLINFO_NAMELOOKUP_TIME, writeenv_DOUBLE},
- {"curl_time_connect", CURLINFO_CONNECT_TIME, writeenv_DOUBLE},
- {"curl_time_pretransfer", CURLINFO_PRETRANSFER_TIME, writeenv_DOUBLE},
- {"curl_time_starttransfer", CURLINFO_STARTTRANSFER_TIME, writeenv_DOUBLE},
- {"curl_size_header", CURLINFO_HEADER_SIZE, writeenv_LONG},
- {"curl_size_request", CURLINFO_REQUEST_SIZE, writeenv_LONG},
- {"curl_size_download", CURLINFO_SIZE_DOWNLOAD, writeenv_DOUBLE},
- {"curl_size_upload", CURLINFO_SIZE_UPLOAD, writeenv_DOUBLE},
- {"curl_speed_download", CURLINFO_SPEED_DOWNLOAD, writeenv_DOUBLE},
- {"curl_speed_upload", CURLINFO_SPEED_UPLOAD, writeenv_DOUBLE},
- {NULL, 0, writeenv_NONE}
- };
-
-static void internalSetEnv(const char * name, char * value)
-{
- /* Add your OS-specific code here. */
-#ifdef __riscos__
- _kernel_setenv(name, value);
-#elif defined (CURLDEBUG)
- curl_memlog("ENV %s = %s\n", name, value);
-#endif
- return;
-}
-
-void ourWriteEnv(CURL *curl)
-{
- unsigned int i;
- char *string, numtext[10];
- long longinfo;
- double doubleinfo;
-
- for(i=0; variables[i].name; i++) {
- switch (variables[i].type) {
- case writeenv_STRING:
- if(curl_easy_getinfo(curl, variables[i].id, &string) == CURLE_OK)
- internalSetEnv(variables[i].name, string);
- else
- internalSetEnv(variables[i].name, NULL);
- break;
-
- case writeenv_LONG:
- if(curl_easy_getinfo(curl, variables[i].id, &longinfo) == CURLE_OK) {
- curl_msprintf(numtext, "%5ld", longinfo);
- internalSetEnv(variables[i].name, numtext);
- }
- else
- internalSetEnv(variables[i].name, NULL);
- break;
- case writeenv_DOUBLE:
- if(curl_easy_getinfo(curl, variables[i].id, &doubleinfo) == CURLE_OK) {
- curl_msprintf(numtext, "%6.2f", doubleinfo);
- internalSetEnv(variables[i].name, numtext);
- }
- else
- internalSetEnv(variables[i].name, NULL);
- break;
- default:
- break;
- }
- }
-
- return;
-}
-
-#endif
diff --git a/src/tool_writeenv.h b/src/tool_writeenv.h
deleted file mode 100644
index 55daf4889..000000000
--- a/src/tool_writeenv.h
+++ /dev/null
@@ -1,35 +0,0 @@
-#ifndef HEADER_CURL_TOOL_WRITEENV_H
-#define HEADER_CURL_TOOL_WRITEENV_H
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-#include "tool_setup.h"
-
-#ifdef USE_ENVIRONMENT
-
-void ourWriteEnv(CURL *curl);
-
-#else
-# define ourWriteEnv(x) Curl_nop_stmt
-#endif
-
-#endif /* HEADER_CURL_TOOL_WRITEENV_H */
-
diff --git a/src/tool_writeout.c b/src/tool_writeout.c
index 6e94afe42..5d92bd278 100644
--- a/src/tool_writeout.c
+++ b/src/tool_writeout.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -52,12 +52,14 @@ typedef enum {
VAR_FTP_ENTRY_PATH,
VAR_REDIRECT_URL,
VAR_SSL_VERIFY_RESULT,
+ VAR_PROXY_SSL_VERIFY_RESULT,
VAR_EFFECTIVE_FILENAME,
VAR_PRIMARY_IP,
VAR_PRIMARY_PORT,
VAR_LOCAL_IP,
VAR_LOCAL_PORT,
VAR_HTTP_VERSION,
+ VAR_SCHEME,
VAR_NUM_OF_VARS /* must be the last */
} replaceid;
@@ -91,12 +93,14 @@ static const struct variable replacements[]={
{"ftp_entry_path", VAR_FTP_ENTRY_PATH},
{"redirect_url", VAR_REDIRECT_URL},
{"ssl_verify_result", VAR_SSL_VERIFY_RESULT},
+ {"proxy_ssl_verify_result", VAR_PROXY_SSL_VERIFY_RESULT},
{"filename_effective", VAR_EFFECTIVE_FILENAME},
{"remote_ip", VAR_PRIMARY_IP},
{"remote_port", VAR_PRIMARY_PORT},
{"local_ip", VAR_LOCAL_IP},
{"local_port", VAR_LOCAL_PORT},
{"http_version", VAR_HTTP_VERSION},
+ {"scheme", VAR_SCHEME},
{NULL, VAR_NONE}
};
@@ -109,7 +113,7 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs, const
char *writeinfo)
double doubleinfo;
while(ptr && *ptr) {
- if('%' == *ptr) {
+ if('%' == *ptr && ptr[1]) {
if('%' == ptr[1]) {
/* an escaped %-letter */
fputc('%', stream);
@@ -120,9 +124,14 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs, const
char *writeinfo)
char *end;
char keepit;
int i;
- if(('{' == ptr[1]) && ((end = strchr(ptr, '}')) != NULL)) {
+ if('{' == ptr[1]) {
bool match = FALSE;
+ end = strchr(ptr, '}');
ptr += 2; /* pass the % and the { */
+ if(!end) {
+ fputs("%{", stream);
+ continue;
+ }
keepit = *end;
*end = 0; /* zero terminate */
for(i = 0; replacements[i].name; i++) {
@@ -170,41 +179,41 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs,
const char *writeinfo)
if(CURLE_OK ==
curl_easy_getinfo(curl, CURLINFO_REDIRECT_TIME,
&doubleinfo))
- fprintf(stream, "%.3f", doubleinfo);
+ fprintf(stream, "%.6f", doubleinfo);
break;
case VAR_TOTAL_TIME:
if(CURLE_OK ==
curl_easy_getinfo(curl, CURLINFO_TOTAL_TIME, &doubleinfo))
- fprintf(stream, "%.3f", doubleinfo);
+ fprintf(stream, "%.6f", doubleinfo);
break;
case VAR_NAMELOOKUP_TIME:
if(CURLE_OK ==
curl_easy_getinfo(curl, CURLINFO_NAMELOOKUP_TIME,
&doubleinfo))
- fprintf(stream, "%.3f", doubleinfo);
+ fprintf(stream, "%.6f", doubleinfo);
break;
case VAR_CONNECT_TIME:
if(CURLE_OK ==
curl_easy_getinfo(curl, CURLINFO_CONNECT_TIME, &doubleinfo))
- fprintf(stream, "%.3f", doubleinfo);
+ fprintf(stream, "%.6f", doubleinfo);
break;
case VAR_APPCONNECT_TIME:
if(CURLE_OK ==
curl_easy_getinfo(curl, CURLINFO_APPCONNECT_TIME,
&doubleinfo))
- fprintf(stream, "%.3f", doubleinfo);
+ fprintf(stream, "%.6f", doubleinfo);
break;
case VAR_PRETRANSFER_TIME:
if(CURLE_OK ==
curl_easy_getinfo(curl, CURLINFO_PRETRANSFER_TIME,
&doubleinfo))
- fprintf(stream, "%.3f", doubleinfo);
+ fprintf(stream, "%.6f", doubleinfo);
break;
case VAR_STARTTRANSFER_TIME:
if(CURLE_OK ==
curl_easy_getinfo(curl, CURLINFO_STARTTRANSFER_TIME,
&doubleinfo))
- fprintf(stream, "%.3f", doubleinfo);
+ fprintf(stream, "%.6f", doubleinfo);
break;
case VAR_SIZE_UPLOAD:
if(CURLE_OK ==
@@ -252,6 +261,12 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs, const
char *writeinfo)
&longinfo))
fprintf(stream, "%ld", longinfo);
break;
+ case VAR_PROXY_SSL_VERIFY_RESULT:
+ if(CURLE_OK ==
+ curl_easy_getinfo(curl, CURLINFO_PROXY_SSL_VERIFYRESULT,
+ &longinfo))
+ fprintf(stream, "%ld", longinfo);
+ break;
case VAR_EFFECTIVE_FILENAME:
if(outs->filename)
fprintf(stream, "%s", outs->filename);
@@ -285,7 +300,7 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs, const
char *writeinfo)
curl_easy_getinfo(curl, CURLINFO_HTTP_VERSION,
&longinfo)) {
const char *version = "0";
- switch (longinfo) {
+ switch(longinfo) {
case CURL_HTTP_VERSION_1_0:
version = "1.0";
break;
@@ -300,6 +315,12 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs, const
char *writeinfo)
fprintf(stream, version);
}
break;
+ case VAR_SCHEME:
+ if(CURLE_OK ==
+ curl_easy_getinfo(curl, CURLINFO_SCHEME,
+ &stringp))
+ fprintf(stream, "%s", stringp);
+ break;
default:
break;
}
@@ -320,7 +341,7 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs, const
char *writeinfo)
}
}
}
- else if('\\' == *ptr) {
+ else if('\\' == *ptr && ptr[1]) {
switch(ptr[1]) {
case 'r':
fputc('\r', stream);
diff --git a/src/tool_xattr.c b/src/tool_xattr.c
index f49fd5718..92b99db60 100644
--- a/src/tool_xattr.c
+++ b/src/tool_xattr.c
@@ -42,7 +42,7 @@ static const struct xattr_mapping {
CURLINFO info;
} mappings[] = {
/* mappings proposed by
- * http://freedesktop.org/wiki/CommonExtendedAttributes
+ * https://freedesktop.org/wiki/CommonExtendedAttributes/
*/
{ "user.xdg.origin.url", CURLINFO_EFFECTIVE_URL },
{ "user.mime_type", CURLINFO_CONTENT_TYPE },
diff --git a/tests/.gitignore b/tests/.gitignore
index dc45f03a8..fbbc16485 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -1,4 +1,5 @@
*pid
+*.1.dist
configurehelp.pm
curl_client_key
curl_client_key.pub
@@ -9,9 +10,10 @@ curl_sftp_cmds
curl_sftp_config
curl_ssh_config
curl_sshd_config
+ftps_stunnel.conf
+https_stunnel.conf
log
runtests.html
runtests.pdf
-stunnel.conf
testcurl.html
testcurl.pdf
diff --git a/tests/FILEFORMAT b/tests/FILEFORMAT
index 04a6daeb7..75e561ae8 100644
--- a/tests/FILEFORMAT
+++ b/tests/FILEFORMAT
@@ -86,11 +86,18 @@ The connect section is used instead of the 'data' for all
CONNECT
requests. The remainder of the rules for the data section then apply but with
a connect prefix.
</connect>
-<datacheck [nonewline="yes"]>
+<datacheck [mode="text"] [nonewline="yes"]>
if the data is sent but this is what should be checked afterwards. If
'nonewline' is set, we will cut off the trailing newline of this given data
-before comparing with the one actually received by the client
+before comparing with the one actually received by the client.
+
+Use the mode="text" attribute if the output is in text mode on platforms that
+have a text/binary difference.
</datacheck>
+<datacheckNUM [nonewline="yes"] [mode="text"]>
+The contents of numbered datacheck sections are appended to the non-numbered
+one.
+</datacheckNUM>
<size>
number to return on a ftp SIZE command (set to -1 to make this command fail)
</size>
@@ -176,6 +183,7 @@ ftp-ipv6
ftps
http
http-ipv6
+http-pipe
http-proxy
http-unix
https
@@ -231,6 +239,7 @@ SSLpinning
SSPI
TLS-SRP
TrackMemory
+threaded-resolver
unittest
unix-sockets
WinSSL
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 585d0171d..3d1848992 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -22,14 +22,22 @@
HTMLPAGES = testcurl.html runtests.html
PDFPAGES = testcurl.pdf runtests.pdf
+MANDISTPAGES = runtests.1.dist testcurl.1.dist
+
+# the path to the impacket python lib used for SMB tests
+IMP = python_dependencies/impacket
+SMBDEPS = $(IMP)/__init__.py $(IMP)/nmb.py $(IMP)/nt_errors.py \
+ $(IMP)/ntlm.py $(IMP)/smb.py $(IMP)/smb3.py $(IMP)/smb3structs.py \
+ $(IMP)/smbserver.py $(IMP)/spnego.py $(IMP)/structure.py \
+ $(IMP)/uuid.py $(IMP)/version.py smbserver.py curl_test_data.py
EXTRA_DIST = ftpserver.pl httpserver.pl secureserver.pl runtests.pl getpart.pm
\
FILEFORMAT README stunnel.pem memanalyze.pl testcurl.pl valgrind.pm ftp.pm \
sshserver.pl sshhelp.pm pathhelp.pm testcurl.1 runtests.1 \
- $(HTMLPAGES) $(PDFPAGES) \
serverhelp.pm tftpserver.pl rtspserver.pl directories.pm symbol-scan.pl \
CMakeLists.txt mem-include-scan.pl valgrind.supp http_pipe.py extern-scan.pl \
- manpage-scan.pl nroff-scan.pl http2-server.pl
+ manpage-scan.pl nroff-scan.pl http2-server.pl dictserver.py \
+ negtelnetserver.py $(SMBDEPS)
DISTCLEANFILES = configurehelp.pm
@@ -45,11 +53,11 @@ DIST_UNIT = unit
endif
SUBDIRS = certs data server libtest $(BUILD_UNIT)
-DIST_SUBDIRS = $(SUBDIRS) $(DIST_UNIT)
+DIST_SUBDIRS = $(SUBDIRS) $(DIST_UNIT) fuzz
PERLFLAGS = -I$(srcdir)
-CLEANFILES = .http.pid .https.pid .ftp.pid .ftps.pid
+CLEANFILES = .http.pid .https.pid .ftp.pid .ftps.pid $(MANDISTPAGES)
MAN2HTML= roffit $< >$@
@@ -64,6 +72,10 @@ TEST_Q = -a -s
TEST_AM = -a -am
TEST_F = -a -p -r
TEST_T = -a -t
+TEST_E = -a -e
+
+# !flaky means that it'll skip all tests using the flaky keyword
+TEST_NF = -a -p -r !flaky
endif
# make sure that PERL is pointing to an executable
@@ -71,19 +83,25 @@ perlcheck:
@if ! test -x "$(PERL)"; then echo "No perl!"; exit 2; fi
test: perlcheck all
- $(TEST)
+ $(TEST) $(TFLAGS)
quiet-test: perlcheck all
- $(TEST) $(TEST_Q)
+ $(TEST) $(TEST_Q) $(TFLAGS)
am-test: perlcheck all
- $(TEST) $(TEST_AM)
+ $(TEST) $(TEST_AM) $(TFLAGS)
full-test: perlcheck all
- $(TEST) $(TEST_F)
+ $(TEST) $(TEST_F) $(TFLAGS)
+
+nonflaky-test: perlcheck all
+ $(TEST) $(TEST_NF) $(TFLAGS)
torture-test: perlcheck all
- $(TEST) $(TEST_T)
+ $(TEST) $(TEST_T) $(TFLAGS)
+
+event-test: perlcheck all
+ $(TEST) $(TEST_E) $(TFLAGS)
.1.html:
$(MAN2HTML)
@@ -99,3 +117,8 @@ checksrc:
cd libtest && $(MAKE) checksrc
cd unit && $(MAKE) checksrc
cd server && $(MAKE) checksrc
+
+if CURLDEBUG
+# for debug builds, we scan the sources on all regular make invokes
+all-local: checksrc
+endif
diff --git a/tests/README b/tests/README
index 834be63a5..16a8f06e1 100644
--- a/tests/README
+++ b/tests/README
@@ -4,7 +4,7 @@
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
-The cURL Test Suite
+The curl Test Suite
1. Running
1.1 Requires to run
@@ -44,6 +44,7 @@ The cURL Test Suite
stunnel (for HTTPS and FTPS tests)
OpenSSH or SunSSH (for SCP, SFTP and SOCKS4/5 tests)
nghttpx (for HTTP/2 tests)
+ nroff (for --manual tests)
1.2 Port numbers used by test servers
@@ -59,14 +60,24 @@ The cURL Test Suite
- TCP/8999 for SCP/SFTP
- TCP/9000 for SOCKS
- TCP/9001 for POP3
- - TCP/9002 for IMAP
- - TCP/9003 for SMTP
- - TCP/9004 for SMTP IPv6
- - TCP/9005 for RTSP
- - TCP/9006 for RTSP IPv6
- - TCP/9007 for GOPHER
- - TCP/9008 for GOPHER IPv6
- - TCP/9008 for HTTPS server with TLS-SRP support
+ - TCP/9002 for POP3 IPv6
+ - TCP/9003 for IMAP
+ - TCP/9004 for IMAP IPv6
+ - TCP/9005 for SMTP
+ - TCP/9006 for SMTP IPv6
+ - TCP/9007 for RTSP
+ - TCP/9008 for RTSP IPv6
+ - TCP/9009 for GOPHER
+ - TCP/9010 for GOPHER IPv6
+ - TCP/9011 for HTTPS server with TLS-SRP support
+ - TCP/9012 for HTTPS IPv6 server with TLS-SRP support
+ - TCP/9013 for HTTP proxy server for CONNECT
+ - TCP/9014 for HTTP pipelining server
+ - TCP/9015 for HTTP/2 server
+ - TCP/9016 for DICT server
+ - TCP/9017 for SMB server
+ - TCP/9018 for SMBS server (reserved)
+ - TCP/9019 for TELNET server with negotiation support
1.3 Test servers
@@ -87,10 +98,10 @@ The cURL Test Suite
1.4 Run
- 'make test'. This builds the test suite support code and invokes the
- 'runtests.pl' perl script to run all the tests. Edit the top variables
- of that script in case you have some specific needs, or run the script
- manually (after the support code has been built).
+ './configure && make && make test'. This builds the test suite support code
+ and invokes the 'runtests.pl' perl script to run all the tests. Edit the top
+ variables of that script in case you have some specific needs, or run the
+ script manually (after the support code has been built).
The script breaks on the first test that doesn't do OK. Use -a to prevent
the script from aborting on the first error. Run the script with -v for more
@@ -164,7 +175,7 @@ The cURL Test Suite
1.8 Logs
- All logs are generated in the logs/ subdirectory (it is emptied first in the
+ All logs are generated in the log/ subdirectory (it is emptied first in the
runtests.pl script). Use runtests.pl -k to force it to keep the temporary
files after the test run since successful runs will clean it up otherwise.
diff --git a/tests/certs/Server-localhost-sv.pem
b/tests/certs/Server-localhost-sv.pem
index 6ef1fd513..a6d9b0350 100644
--- a/tests/certs/Server-localhost-sv.pem
+++ b/tests/certs/Server-localhost-sv.pem
@@ -21,7 +21,7 @@ commonName_value = localhost
[something]
# The key
-# the certficate
+# the certificate
# some dhparam
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQC6X0tpdDGZTfS0typluLcxwTjPNje7XhjjUh9SqlolLwxmiDKw
diff --git a/tests/certs/Server-localhost-sv.prm
b/tests/certs/Server-localhost-sv.prm
index 97e64cec2..50ccfd858 100644
--- a/tests/certs/Server-localhost-sv.prm
+++ b/tests/certs/Server-localhost-sv.prm
@@ -21,5 +21,5 @@ commonName_value = localhost
[something]
# The key
-# the certficate
+# the certificate
# some dhparam
diff --git a/tests/certs/Server-localhost.nn-sv.pem
b/tests/certs/Server-localhost.nn-sv.pem
index b3712f74f..7dfd4e6e2 100644
--- a/tests/certs/Server-localhost.nn-sv.pem
+++ b/tests/certs/Server-localhost.nn-sv.pem
@@ -21,7 +21,7 @@ commonName_value = localhost.nn
[something]
# The key
-# the certficate
+# the certificate
# some dhparam
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQCszBFwdCntewBEisBHA1Cdb1G3yXvdfu4pZ1uRm8fF5p1ZPmsz
diff --git a/tests/certs/Server-localhost.nn-sv.prm
b/tests/certs/Server-localhost.nn-sv.prm
index 399e38a4e..093d47561 100644
--- a/tests/certs/Server-localhost.nn-sv.prm
+++ b/tests/certs/Server-localhost.nn-sv.prm
@@ -21,5 +21,5 @@ commonName_value = localhost.nn
[something]
# The key
-# the certficate
+# the certificate
# some dhparam
diff --git a/tests/certs/scripts/genserv.sh b/tests/certs/scripts/genserv.sh
index e7845c5c1..50bac0116 100755
--- a/tests/certs/scripts/genserv.sh
+++ b/tests/certs/scripts/genserv.sh
@@ -39,7 +39,7 @@ if [ ".$CAPREFIX" = . ] ; then
NOTOK=1
else
if [ ! -f $CAPREFIX-ca.cacert ] ; then
- echo No CA certficate file $CAPREFIX-ca.caert
+ echo No CA certificate file $CAPREFIX-ca.caert
NOTOK=1
fi
if [ ! -f $CAPREFIX-ca.key ] ; then
diff --git a/tests/curl_test_data.py b/tests/curl_test_data.py
new file mode 100755
index 000000000..bfe1287d8
--- /dev/null
+++ b/tests/curl_test_data.py
@@ -0,0 +1,56 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+# Project ___| | | | _ \| |
+# / __| | | | |_) | |
+# | (__| |_| | _ <| |___
+# \___|\___/|_| \_\_____|
+#
+# Copyright (C) 2017, Daniel Stenberg, <address@hidden>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+"""Module for extracting test data from the test data folder"""
+
+from __future__ import (absolute_import, division, print_function,
+ unicode_literals)
+import os
+import xml.etree.ElementTree as ET
+import logging
+
+log = logging.getLogger(__name__)
+
+
+class TestData(object):
+ def __init__(self, data_folder):
+ self.data_folder = data_folder
+
+ def get_test_data(self, test_number):
+ # Create the test file name
+ filename = os.path.join(self.data_folder,
+ "test{0}".format(test_number))
+
+ # The user should handle the exception from failing to find the file.
+ tree = ET.parse(filename)
+
+ # We need the <reply><data> text.
+ reply = tree.find("reply")
+ data = reply.find("data")
+
+ # Return the text contents of the data
+ return data.text
+
+
+if __name__ == '__main__':
+ td = TestData("./data")
+ data = td.get_test_data(1)
+ print(data)
diff --git a/tests/data/DISABLED b/tests/data/DISABLED
index 50544aba7..11d54b463 100644
--- a/tests/data/DISABLED
+++ b/tests/data/DISABLED
@@ -13,6 +13,8 @@
# test 1801 causes problems on Mac OS X and github
# https://github.com/curl/curl/issues/380
1801
-# test 1510 casues problems on the CI on github
+# test 1510 causes problems on the CI on github
# example: https://travis-ci.org/curl/curl/builds/81633600
1510
+# Pipelining test that is causing false positives a little too often
+1903
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index cb74f0b90..103036040 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -68,7 +68,7 @@ test518 test519 test520 test521 test522 test523 test524
test525 test526 \
test527 test528 test529 test530 test531 test532 test533 test534 test535 \
test536 test537 test538 test539 test540 test541 test542 test543 test544 \
test545 test546 test547 test548 test549 test550 test551 test552 test553 \
-test554 test555 test556 test557 test558 test560 test561 test562 \
+test554 test555 test556 test557 test558 test559 test560 test561 test562 \
test563 test564 test565 test566 test567 test568 test569 test570 test571 \
test572 test573 test574 test575 test576 test578 test579 test580 \
test581 test582 test583 test584 test585 test586 test587 test588 \
@@ -80,7 +80,7 @@ test626 test627 test628 test629 test630 test631 test632
test633 test634 \
test635 test636 test637 test638 test639 test640 test641 \
\
test700 test701 test702 test703 test704 test705 test706 test707 test708 \
-test709 test710 test711 test712 \
+test709 test710 test711 test712 test713 test714 test715 \
\
test800 test801 test802 test803 test804 test805 test806 test807 test808 \
test809 test810 test811 test812 test813 test814 test815 test816 test817 \
@@ -120,18 +120,23 @@ test1112 test1113 test1114 test1115 test1116 test1117
test1118 test1119 \
test1120 test1121 test1122 test1123 test1124 test1125 test1126 test1127 \
test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \
test1136 test1137 test1138 test1140 test1141 test1142 test1143 \
-test1144 \
+test1144 test1145 test1146 test1147 test1148 \
test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \
test1216 test1217 test1218 test1219 \
test1220 test1221 test1222 test1223 test1224 test1225 test1226 test1227 \
test1228 test1229 test1230 test1231 test1232 test1233 test1234 test1235 \
test1236 test1237 test1238 test1239 test1240 test1241 test1242 test1243 \
-test1244 \
+test1244 test1245 test1246 test1247 test1248 test1249 test1250 test1251 \
+test1252 test1253 test1254 test1255 test1256 test1257 test1258 test1259 \
+test1260 test1261 test1262 \
\
+test1280 test1281 test1282 test1283 test1284 test1285 test1286 test1287 \
+test1288 test1289 \
+test1298 test1299 \
test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 \
test1308 test1309 test1310 test1311 test1312 test1313 test1314 test1315 \
-test1316 test1317 test1318 test1319 test1320 test1321 test1322 \
+test1316 test1317 test1318 test1319 test1320 test1321 test1322 test1323 \
test1325 test1326 test1327 test1328 test1329 test1330 test1331 \
test1332 test1333 test1334 test1335 test1336 test1337 test1338 test1339 \
test1340 test1341 test1342 test1343 test1344 test1345 test1346 test1347 \
@@ -141,24 +146,27 @@ test1364 test1365 test1366 test1367 test1368 test1369
test1370 test1371 \
test1372 test1373 test1374 test1375 test1376 test1377 test1378 test1379 \
test1380 test1381 test1382 test1383 test1384 test1385 test1386 test1387 \
test1388 test1389 test1390 test1391 test1392 test1393 test1394 test1395 \
-test1396 test1397 test1398 \
+test1396 test1397 test1398 test1399 \
\
test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 \
test1408 test1409 test1410 test1411 test1412 test1413 test1414 test1415 \
test1416 test1417 test1418 test1419 test1420 test1421 test1422 test1423 \
-test1424 \
+test1424 test1425 test1426 test1427 \
test1428 test1429 test1430 test1431 test1432 test1433 test1434 test1435 \
-test1436 test1437 \
-\
+test1436 test1437 test1438 test1439 test1440 test1441 test1442 test1443 \
+test1444 test1445 test1446 test1447 test1448 test1450 test1451 \
+test1452 \
test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
test1516 test1517 \
\
-test1520 \
-\
-test1525 test1526 test1527 test1528 test1529 test1530 test1531 \
+test1520 test1521 \
\
-test1600 test1601 test1602 test1603 test1604 test1605 \
+test1525 test1526 test1527 test1528 test1529 test1530 test1531 test1532 \
+test1533 test1534 test1535 test1536 test1537 test1538 \
+test1540 \
+test1550 test1551 \
+test1600 test1601 test1602 test1603 test1604 test1605 test1606 \
\
test1700 test1701 test1702 \
\
@@ -172,4 +180,4 @@ test2016 test2017 test2018 test2019 test2020 test2021
test2022 test2023 \
test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \
test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039 \
test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 \
-test2048 test2049 test2050 test2051 test2052
+test2048 test2049 test2050 test2051 test2052 test2053 test2054 test2055
diff --git a/tests/data/test1 b/tests/data/test1
index b88273514..7c0e1602a 100644
--- a/tests/data/test1
+++ b/tests/data/test1
@@ -8,7 +8,7 @@ HTTP GET
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test1007 b/tests/data/test1007
index 6baf221eb..db2717ae3 100644
--- a/tests/data/test1007
+++ b/tests/data/test1007
@@ -17,7 +17,7 @@ tftp
TFTP send with invalid permission on server
</name>
<command>
--T log/test1007.txt tftp://%HOSTIP:%TFTPPORT//invalid-file --trace-ascii
log/traceit
+-T log/test1007.txt tftp://%HOSTIP:%TFTPPORT//invalid-file
</command>
<file name="log/test1007.txt">
This data will not be sent
diff --git a/tests/data/test1008 b/tests/data/test1008
index bcc503e5a..0bc413105 100644
--- a/tests/data/test1008
+++ b/tests/data/test1008
@@ -6,6 +6,7 @@ HTTP GET
HTTP CONNECT
HTTP proxy
HTTP proxy NTLM auth
+chunked Transfer-Encoding
</keywords>
</info>
@@ -118,7 +119,7 @@ Proxy-Connection: Keep-Alive
CONNECT test.remote.example.com.1008:%HTTPPORT HTTP/1.1
Host: test.remote.example.com.1008:%HTTPPORT
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
Proxy-Connection: Keep-Alive
GET /path/10080002 HTTP/1.1
diff --git a/tests/data/test1010 b/tests/data/test1010
index a51d68ab3..b2083af7b 100644
--- a/tests/data/test1010
+++ b/tests/data/test1010
@@ -36,7 +36,7 @@ ftp
FTP dir list nocwd
</name>
<command>
-ftp://%HOSTIP:%FTPPORT//list/this/path/1010/ --ftp-method nocwd
+ftp://%HOSTIP:%FTPPORT//list/this/path/1010/
ftp://%HOSTIP:%FTPPORT//list/this/path/1010/ --ftp-method nocwd
</command>
</client>
@@ -50,6 +50,8 @@ PWD
EPSV
TYPE A
LIST /list/this/path/1010/
+EPSV
+LIST /list/this/path/1010/
QUIT
</protocol>
</verify>
diff --git a/tests/data/test1021 b/tests/data/test1021
index 3ac9e12e6..85845a5ba 100644
--- a/tests/data/test1021
+++ b/tests/data/test1021
@@ -15,7 +15,7 @@ HTTP proxy NTLM auth
<connect>
HTTP/1.1 407 Authorization Required to proxy me my dear swsclose
Proxy-Authenticate: NTLM
-Content-Length: 21
+Content-Length: 16
Connection: close
data to discard
@@ -27,7 +27,7 @@ HTTP/1.1 407 Authorization Required to proxy me my dear
Proxy-Authenticate: NTLM
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
Content-Length: 28
-And you should ignore this data.
+27 bytes and newline to ign
</connect1001>
# This is supposed to be returned when the server gets the second
@@ -62,7 +62,7 @@ Nice proxy auth sir!
<datacheck>
HTTP/1.1 407 Authorization Required to proxy me my dear swsclose
Proxy-Authenticate: NTLM
-Content-Length: 21
+Content-Length: 16
Connection: close
HTTP/1.1 407 Authorization Required to proxy me my dear
@@ -128,7 +128,7 @@ Proxy-Connection: Keep-Alive
CONNECT test.remote.example.com.1021:%HTTPPORT HTTP/1.1
Host: test.remote.example.com.1021:%HTTPPORT
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
Proxy-Connection: Keep-Alive
GET /path/10210002 HTTP/1.1
diff --git a/tests/data/test1034 b/tests/data/test1034
index c47574051..6c1beb671 100644
--- a/tests/data/test1034
+++ b/tests/data/test1034
@@ -6,6 +6,7 @@ HTTP GET
HTTP proxy
IDN
FAILURE
+config file
</keywords>
</info>
@@ -32,16 +33,23 @@ http
idn
</features>
<setenv>
-CHARSET=UTF-8
+LC_ALL=
+LC_CTYPE=en_US.UTF-8
</setenv>
+<precheck>
+perl -MI18N::Langinfo=langinfo,CODESET -e 'die "Needs a UTF-8 locale" if
(lc(langinfo(CODESET())) ne "utf-8");'
+</precheck>
<name>
HTTP over proxy with malformatted IDN host name
</name>
# This host name contains an invalid UTF-8 byte sequence that can't be
# converted into an IDN name
+<stdin>
+url = "http://invalid-utf8-�.local/page/1034";
+</stdin>
<command>
-http://invalid-utf8-�.local/page/1034 -x %HOSTIP:%HTTPPORT
+-K - -x %HOSTIP:%HTTPPORT
</command>
</client>
diff --git a/tests/data/test1035 b/tests/data/test1035
index 20b434c34..033a48a72 100644
--- a/tests/data/test1035
+++ b/tests/data/test1035
@@ -32,13 +32,17 @@ http
idn
</features>
<setenv>
-CHARSET=ISO8859-1
+LC_ALL=
+LC_CTYPE=en_US.UTF-8
</setenv>
+<precheck>
+perl -MI18N::Langinfo=langinfo,CODESET -e 'die "Needs a UTF-8 locale" if
(lc(langinfo(CODESET())) ne "utf-8");'
+</precheck>
<name>
HTTP over proxy with too long IDN host name
</name>
<command>
-http://too-long-IDN-name-c�rl-r�les-la-la-la-dee-da-flooby-nooby.local/page/1035
-x %HOSTIP:%HTTPPORT
+http://too-long-IDN-name-cürl-rüles-la-la-la-dee-da-flooby-nooby.local/page/1035
-x %HOSTIP:%HTTPPORT
</command>
</client>
@@ -49,8 +53,8 @@ http://too-long-IDN-name-c
^User-Agent:.*
</strip>
<protocol>
-GET
http://too-long-IDN-name-c�rl-r�les-la-la-la-dee-da-flooby-nooby.local/page/1035
HTTP/1.1
-Host: too-long-IDN-name-c�rl-r�les-la-la-la-dee-da-flooby-nooby.local
+GET
http://too-long-IDN-name-cürl-rüles-la-la-la-dee-da-flooby-nooby.local/page/1035
HTTP/1.1
+Host: too-long-IDN-name-cürl-rüles-la-la-la-dee-da-flooby-nooby.local
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test1049 b/tests/data/test1049
index 60f41366d..de18bee3b 100644
--- a/tests/data/test1049
+++ b/tests/data/test1049
@@ -28,7 +28,7 @@ tftp
TFTP retrieve with localhost --interface
</name>
<command>
-tftp://%HOSTIP:%TFTPPORT//1049 --trace-ascii log/traceit --interface %CLIENTIP
+tftp://%HOSTIP:%TFTPPORT//1049 --interface %CLIENTIP
</command>
</client>
diff --git a/tests/data/test1060 b/tests/data/test1060
index e4aea6589..14fc7e53c 100644
--- a/tests/data/test1060
+++ b/tests/data/test1060
@@ -839,7 +839,6 @@ daniel
HTTP/1.1 200 OK swsbounce
Server: no
-Nice proxy auth sir!
</connect1000>
<datacheck>
diff --git a/tests/data/test1061 b/tests/data/test1061
index a55a27295..c481d39c4 100644
--- a/tests/data/test1061
+++ b/tests/data/test1061
@@ -844,7 +844,6 @@ daniel
HTTP/1.1 200 OK swsbounce
Server: no
-Nice proxy auth sir!
</connect1000>
<datacheck>
diff --git a/tests/data/test1063 b/tests/data/test1063
index cc07e6bfc..2979094dc 100644
--- a/tests/data/test1063
+++ b/tests/data/test1063
@@ -41,7 +41,5 @@ Invalid large X- range on a file://
<errorcode>
36
</errorcode>
-<stdout>
-</stdout>
</verify>
</testcase>
diff --git a/tests/data/test1068 b/tests/data/test1068
index ff26d78c6..f9bfec90f 100644
--- a/tests/data/test1068
+++ b/tests/data/test1068
@@ -4,6 +4,7 @@
<keywords>
HTTP
HTTP PUT
+chunked Transfer-Encoding
</keywords>
</info>
diff --git a/tests/data/test1093 b/tests/data/test1093
index 2087c8278..da2d83cd4 100644
--- a/tests/data/test1093
+++ b/tests/data/test1093
@@ -28,7 +28,7 @@ tftp
TFTP retrieve with mode=i
</name>
<command>
-"tftp://%HOSTIP:%TFTPPORT//1093;mode=i"; --use-ascii --trace-ascii log/traceit
+"tftp://%HOSTIP:%TFTPPORT//1093;mode=i"; --use-ascii
</command>
</client>
diff --git a/tests/data/test1094 b/tests/data/test1094
index 913172260..c7b09caae 100644
--- a/tests/data/test1094
+++ b/tests/data/test1094
@@ -34,7 +34,7 @@ tftp
TFTP retrieve with mode=netascii
</name>
<command>
-"tftp://%HOSTIP:%TFTPPORT//1094;mode=netascii"; --trace-ascii log/traceit
+"tftp://%HOSTIP:%TFTPPORT//1094;mode=netascii";
</command>
</client>
diff --git a/tests/data/test1097 b/tests/data/test1097
index 3b733a55a..7512a2e7d 100644
--- a/tests/data/test1097
+++ b/tests/data/test1097
@@ -15,27 +15,25 @@ HTTP proxy NTLM auth
HTTP/1.1 200 We are fine and cool
Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2
Content-Length: 27
-
+
This is all fine and dandy
</data>
+# This is the CONNECT response
<connect1001>
HTTP/1.1 200 We are fine and cool
Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2
-Content-Length: 27
-
-This is all fine and dandy
+
</connect1001>
<datacheck>
HTTP/1.1 200 We are fine and cool
Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2
-Content-Length: 27
-
+
HTTP/1.1 200 We are fine and cool
Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2
Content-Length: 27
-
+
This is all fine and dandy
</datacheck>
</reply>
diff --git a/tests/data/test1099 b/tests/data/test1099
index 7aacc11d0..4a33189ec 100644
--- a/tests/data/test1099
+++ b/tests/data/test1099
@@ -23,7 +23,7 @@ tftp
TFTP get first a non-existing file then an existing
</name>
<command>
-tftp://%HOSTIP:%TFTPPORT/an/invalid-file tftp://%HOSTIP:%TFTPPORT//1099
--trace-ascii log/traceit
+tftp://%HOSTIP:%TFTPPORT/an/invalid-file tftp://%HOSTIP:%TFTPPORT//1099
</command>
</client>
diff --git a/tests/data/test1100 b/tests/data/test1100
index cd6169181..2e8d761a9 100644
--- a/tests/data/test1100
+++ b/tests/data/test1100
@@ -102,7 +102,7 @@ Content-Type: application/x-www-form-urlencoded
POST /1100 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
Content-Length: 18
diff --git a/tests/data/test1104 b/tests/data/test1104
index 21efe3c15..102d52282 100644
--- a/tests/data/test1104
+++ b/tests/data/test1104
@@ -59,7 +59,7 @@ http
HTTP cookie expiry date at Jan 1 00:00:00 GMT 1970
</name>
<command>
-http://%HOSTIP:%HTTPPORT/want/1104 -L -x %HOSTIP:%HTTPPORT -c log/cookies.jar
+http://%HOSTIP:%HTTPPORT/want/1104 -L -x %HOSTIP:%HTTPPORT -c
log/cookies1104.jar
</command>
</client>
diff --git a/tests/data/test1105 b/tests/data/test1105
index 76ac4500a..4b5e0c836 100644
--- a/tests/data/test1105
+++ b/tests/data/test1105
@@ -35,7 +35,7 @@ HTTP with cookie parser and header recording
"http://%HOSTIP:%HTTPPORT/we/want/1105?parm1=this*that/other/thing&parm2=foobar/1105";
-c log/cookie1105.txt -d "userid=myname&password=mypassword"
</command>
<precheck>
-perl -e 'if ("%HOSTIP" !~ /127\.0\.0\.1$/) {print "Test only works for HOSTIP
127.0.0.1"; exit(1)}'
+perl -e "print 'Test requires default test server host' if ( '%HOSTIP' ne
'127.0.0.1' );"
</precheck>
</client>
diff --git a/tests/data/test1109 b/tests/data/test1109
index c18ae46c6..b68b5a22f 100644
--- a/tests/data/test1109
+++ b/tests/data/test1109
@@ -8,7 +8,7 @@ CURLOPT_URL
</info>
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Content-Length: 6
diff --git a/tests/data/test1110 b/tests/data/test1110
index 90ffc41e3..94cfe9105 100644
--- a/tests/data/test1110
+++ b/tests/data/test1110
@@ -9,7 +9,7 @@ CURLOPT_URL
</info>
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Content-Length: 6
diff --git a/tests/data/test1111 b/tests/data/test1111
index 77b78f75d..d9db12c7f 100644
--- a/tests/data/test1111
+++ b/tests/data/test1111
@@ -9,7 +9,7 @@ CURLOPT_URL
</info>
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Content-Length: 6
diff --git a/tests/data/test1135 b/tests/data/test1135
index 960aade8d..f7c6a7ae2 100644
--- a/tests/data/test1135
+++ b/tests/data/test1135
@@ -58,7 +58,7 @@ CURL_EXTERN CURLcode curl_easy_setopt(CURL *curl, CURLoption
option, ...);
CURL_EXTERN CURLcode curl_easy_perform(CURL *curl);
CURL_EXTERN void curl_easy_cleanup(CURL *curl);
CURL_EXTERN CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...);
-CURL_EXTERN CURL* curl_easy_duphandle(CURL *curl);
+CURL_EXTERN CURL *curl_easy_duphandle(CURL *curl);
CURL_EXTERN void curl_easy_reset(CURL *curl);
CURL_EXTERN CURLcode curl_easy_recv(CURL *curl, void *buffer, size_t buflen,
CURL_EXTERN CURLcode curl_easy_send(CURL *curl, const void *buffer,
diff --git a/tests/data/test1145 b/tests/data/test1145
new file mode 100644
index 000000000..287bebfcc
--- /dev/null
+++ b/tests/data/test1145
@@ -0,0 +1,40 @@
+<testcase>
+<info>
+<keywords>
+FILE
+</keywords>
+</info>
+
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+file
+</server>
+<name>
+file:// bad host
+</name>
+# This command should not succeed since we only accept
+# file:/// file://localhost/ file://127.0.0.1/
+<command>
+file://bad-host%PWD/log/test1145.txt
+</command>
+<file name="log/test1145.txt">
+foo
+ bar
+bar
+ foo
+moo
+</file>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+# CURLE_URL_MALFORMAT is error code 3
+<errorcode>
+3
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1146 b/tests/data/test1146
new file mode 100644
index 000000000..43f33b793
--- /dev/null
+++ b/tests/data/test1146
@@ -0,0 +1,45 @@
+<testcase>
+<info>
+<keywords>
+FILE
+--proto-default
+</keywords>
+</info>
+
+<reply>
+<data>
+foo
+ bar
+bar
+ foo
+moo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+file
+</server>
+<name>
+--proto-default file
+</name>
+<command>
+--proto-default file %PWD/log/test1146.txt
+</command>
+<file name="log/test1146.txt">
+foo
+ bar
+bar
+ foo
+moo
+</file>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<errorcode>
+0
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1147 b/tests/data/test1147
new file mode 100644
index 000000000..faad8999e
--- /dev/null
+++ b/tests/data/test1147
@@ -0,0 +1,64 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+-H
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 6
+Connection: close
+Content-Type: text/html
+Funny-head: yesyes
+
+-foo-
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+Get -H headers from a file
+ </name>
+<file name="log/heads1147.txt">
+One: 1
+Two: 2
+no-colon
+
+ And A Funny One : wohoo
+User-Agent:
+</file>
+ <command>
+http://%HOSTIP:%HTTPPORT/1147 -H @log/heads1147.txt
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+GET /1147 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+One: 1
+Two: 2
+ And A Funny One : wohoo
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1148 b/tests/data/test1148
new file mode 100644
index 000000000..52f6c7eb1
--- /dev/null
+++ b/tests/data/test1148
@@ -0,0 +1,57 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+progressbar
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 60
+Connection: close
+Content-Type: text/html
+Funny-head: yesyes
+
+zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+progress-bar
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/1148 -# --stderr log/stderrlog1148
+</command>
+</client>
+
+#
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1148 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<file name="log/stderrlog1148">
+
######################################################################## 100.0%
+</file>
+</verify>
+</testcase>
diff --git a/tests/data/test1205 b/tests/data/test1205
index 6d7bb7b03..7e4a882c7 100644
--- a/tests/data/test1205
+++ b/tests/data/test1205
@@ -8,7 +8,7 @@ HTTP GET
#
# Server-side
-<reply name="1205">
+<reply>
<data>
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test1215 b/tests/data/test1215
index f8c52a9a1..262910ad9 100644
--- a/tests/data/test1215
+++ b/tests/data/test1215
@@ -96,7 +96,7 @@ Proxy-Connection: Keep-Alive
GET http://%HOSTIP:%HTTPPORT/1215 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.30.0-DEV
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test1230 b/tests/data/test1230
index 3c1d3d448..ca2f6c67d 100644
--- a/tests/data/test1230
+++ b/tests/data/test1230
@@ -23,14 +23,12 @@ mooooooo
<connect>
HTTP/1.1 200 welcome dear
Date: Thu, 09 Nov 2010 14:49:00 GMT
-Content-Length: 0
</connect>
<datacheck>
HTTP/1.1 200 welcome dear
Date: Thu, 09 Nov 2010 14:49:00 GMT
-Content-Length: 0
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test1231 b/tests/data/test1231
index 16533a851..61998d1c3 100644
--- a/tests/data/test1231
+++ b/tests/data/test1231
@@ -9,7 +9,7 @@ dotdot removal
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Content-Length: 6
diff --git a/tests/data/test1232 b/tests/data/test1232
index ead43365f..d0659f126 100644
--- a/tests/data/test1232
+++ b/tests/data/test1232
@@ -11,7 +11,7 @@ dotdot removal
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Content-Length: 6
diff --git a/tests/data/test1238 b/tests/data/test1238
index 4c976c776..a0eef417d 100644
--- a/tests/data/test1238
+++ b/tests/data/test1238
@@ -10,7 +10,7 @@ TFTP RRQ
# Server-side
<reply>
<servercmd>
-writedelay: 1
+writedelay: 2
</servercmd>
# ~1200 bytes (so that they don't fit in two 512 byte chunks)
<data nocheck="yes">
diff --git a/tests/data/test1242 b/tests/data/test1242
index c8bc3d4ac..80111eba5 100644
--- a/tests/data/test1242
+++ b/tests/data/test1242
@@ -27,7 +27,7 @@ tftp
TFTP retrieve without TFTP options requests
</name>
<command>
-tftp://%HOSTIP:%TFTPPORT//1242 --tftp-no-options --trace-ascii log/traceit
+tftp://%HOSTIP:%TFTPPORT//1242 --tftp-no-options
</command>
</client>
diff --git a/tests/data/test1243 b/tests/data/test1243
index 0303a5de4..8a89af055 100644
--- a/tests/data/test1243
+++ b/tests/data/test1243
@@ -16,7 +16,7 @@ tftp
TFTP send without TFTP options requests
</name>
<command>
--T log/test1243.txt tftp://%HOSTIP:%TFTPPORT// --tftp-no-options --trace-ascii
log/traceit
+-T log/test1243.txt tftp://%HOSTIP:%TFTPPORT// --tftp-no-options
</command>
<file name="log/test1243.txt">
a chunk of
diff --git a/tests/data/test1245 b/tests/data/test1245
new file mode 100644
index 000000000..851d78d3b
--- /dev/null
+++ b/tests/data/test1245
@@ -0,0 +1,63 @@
+<testcase>
+<info>
+<keywords>
+FTP
+HTTP
+HTTP GET
+--proto
+--proto-redir
+followlocation
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 301 OK swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 0
+Location: ftp://127.0.0.1:8992/1245
+Connection: close
+
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+ftp
+</server>
+<name>
+--proto deny must override --proto-redir allow
+</name>
+<command>
+--location --proto +all,-ftp --proto-redir -all,+ftp
http://%HOSTIP:%HTTPPORT/1245
+</command>
+# The data section doesn't do variable substitution, so we must assert this
+<precheck>
+perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%FTPPORT' ne '8992' );"
+</precheck>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1245 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+# 1 - Protocol ftp not supported or disabled in libcurl
+<errorcode>
+1
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1246 b/tests/data/test1246
new file mode 100644
index 000000000..65659292d
--- /dev/null
+++ b/tests/data/test1246
@@ -0,0 +1,64 @@
+<testcase>
+<info>
+# verify URL with hostname ending in pound sign
+<keywords>
+HTTP
+HTTP GET
+HTTP proxy
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Content-Length: 6
+Connection: close
+
+-foo-
+</data>
+
+<data1>
+HTTP/1.1 200 OK
+Content-Length: 7
+Connection: close
+
+-cool-
+</data1>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+URL with '#' at end of host name instead of '/'
+ </name>
+ <command>
+--proxy http://%HOSTIP:%HTTPPORT
http://test.remote.haxx.se.1246:address@hidden/tricked.html
no-scheme-url.com.1246:address@hidden/again.html
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://test.remote.haxx.se.1246:%HTTPPORT/ HTTP/1.1
+Host: test.remote.haxx.se.1246:%HTTPPORT
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+GET http://no-scheme-url.com.1246:%HTTPPORT/ HTTP/1.1
+Host: no-scheme-url.com.1246:%HTTPPORT
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1247 b/tests/data/test1247
new file mode 100644
index 000000000..48c5ccdf4
--- /dev/null
+++ b/tests/data/test1247
@@ -0,0 +1,38 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+--fail-early
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+ <name>
+--fail-early
+ </name>
+ <command>
+--fail-early h1234://%HOSTIP:%HTTPPORT/1247 http://%HOSTIP:%HTTPPORT/1247
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+# Protocol "h1234" not supported or disabled in libcurl
+<errorcode>
+1
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1248 b/tests/data/test1248
new file mode 100644
index 000000000..28e7a8527
--- /dev/null
+++ b/tests/data/test1248
@@ -0,0 +1,49 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+noproxy
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Access a non-proxied host with using the combination of --proxy option and
--noproxy option
+</name>
+<command>
+http://user:address@hidden:%HTTPPORT/1248 --proxy http://dummy:%PROXYPORT/
--noproxy %HOSTIP --max-time 5
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1248 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic dXNlcjpzZWNyZXQ=
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1249 b/tests/data/test1249
new file mode 100644
index 000000000..ab5614068
--- /dev/null
+++ b/tests/data/test1249
@@ -0,0 +1,52 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+NO_PROXY
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Access a non-proxied host with using the combination of --proxy option and
NO_PROXY env var
+</name>
+<setenv>
+NO_PROXY=%HOSTIP
+</setenv>
+<command>
+http://user:address@hidden:%HTTPPORT/1249 --proxy http://dummy:%PROXYPORT/
--max-time 5
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1249 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic dXNlcjpzZWNyZXQ=
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1250 b/tests/data/test1250
new file mode 100644
index 000000000..bf67b7fe7
--- /dev/null
+++ b/tests/data/test1250
@@ -0,0 +1,53 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+http_proxy
+noproxy
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Access a non-proxied host with using the combination of http_proxy env var and
--noproxy option
+</name>
+<setenv>
+http_proxy=http://dummy:%PROXYPORT/
+</setenv>
+<command>
+http://user:address@hidden:%HTTPPORT/1250 --noproxy %HOSTIP --max-time 5
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1250 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic dXNlcjpzZWNyZXQ=
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1251 b/tests/data/test1251
new file mode 100644
index 000000000..f37a685e8
--- /dev/null
+++ b/tests/data/test1251
@@ -0,0 +1,54 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+http_proxy
+NO_PROXY
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Access a non-proxied host with using the combination of http_proxy env var and
NO_PROXY env var
+</name>
+<setenv>
+http_proxy=http://dummy:%PROXYPORT/
+NO_PROXY=%HOSTIP
+</setenv>
+<command>
+http://user:address@hidden:%HTTPPORT/1251 --max-time 5
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1251 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic dXNlcjpzZWNyZXQ=
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1252 b/tests/data/test1252
new file mode 100644
index 000000000..cbaef48b7
--- /dev/null
+++ b/tests/data/test1252
@@ -0,0 +1,52 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+NO_PROXY
+noproxy
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Under condition using --proxy, override NO_PROXY by --nproxy and access target
URL directly
+</name>
+<setenv>
+NO_PROXY=example.com
+</setenv>
+<command>
+http://%HOSTIP:%HTTPPORT/1252 --proxy http://%HOSTIP:%HTTPPORT --noproxy
%HOSTIP
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1252 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1253 b/tests/data/test1253
new file mode 100644
index 000000000..74002994b
--- /dev/null
+++ b/tests/data/test1253
@@ -0,0 +1,53 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+NO_PROXY
+noproxy
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Under condition using --proxy, override NO_PROXY by --nproxy and access target
URL through proxy
+</name>
+<setenv>
+NO_PROXY=example.com
+</setenv>
+<command>
+http://somewhere.example.com/1253 --proxy http://%HOSTIP:%HTTPPORT --noproxy
%HOSTIP
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://somewhere.example.com/1253 HTTP/1.1
+Host: somewhere.example.com
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1254 b/tests/data/test1254
new file mode 100644
index 000000000..817b9342b
--- /dev/null
+++ b/tests/data/test1254
@@ -0,0 +1,53 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+NO_PROXY
+noproxy
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Under condition using --proxy, override NO_PROXY by --nproxy and access target
URL through proxy
+</name>
+<setenv>
+NO_PROXY=example.com
+</setenv>
+<command>
+http://somewhere.example.com/1254 --proxy http://%HOSTIP:%HTTPPORT --noproxy ""
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://somewhere.example.com/1254 HTTP/1.1
+Host: somewhere.example.com
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1255 b/tests/data/test1255
new file mode 100644
index 000000000..d82310f67
--- /dev/null
+++ b/tests/data/test1255
@@ -0,0 +1,53 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+NO_PROXY
+noproxy
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Under condition using http_proxy, override NO_PROXY by --nproxy and access
target URL directly
+</name>
+<setenv>
+http_proxy=http://%HOSTIP:%HTTPPORT
+NO_PROXY=example.com
+</setenv>
+<command>
+http://%HOSTIP:%HTTPPORT/1255 --noproxy %HOSTIP
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1255 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1256 b/tests/data/test1256
new file mode 100644
index 000000000..09c59f4ff
--- /dev/null
+++ b/tests/data/test1256
@@ -0,0 +1,54 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+NO_PROXY
+noproxy
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Under condition using http_proxy, override NO_PROXY by --nproxy and access
target URL through proxy
+</name>
+<setenv>
+http_proxy=http://%HOSTIP:%HTTPPORT
+NO_PROXY=example.com
+</setenv>
+<command>
+http://somewhere.example.com/1256 --noproxy %HOSTIP
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://somewhere.example.com/1256 HTTP/1.1
+Host: somewhere.example.com
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1257 b/tests/data/test1257
new file mode 100644
index 000000000..6b7e93736
--- /dev/null
+++ b/tests/data/test1257
@@ -0,0 +1,54 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP proxy
+NO_PROXY
+noproxy
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+
+foo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Under condition using http_proxy, override NO_PROXY by --nproxy and access
target URL through proxy
+</name>
+<setenv>
+http_proxy=http://%HOSTIP:%HTTPPORT
+NO_PROXY=example.com
+</setenv>
+<command>
+http://somewhere.example.com/1257 --noproxy ""
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://somewhere.example.com/1257 HTTP/1.1
+Host: somewhere.example.com
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1258 b/tests/data/test1258
new file mode 100644
index 000000000..6fa88e16e
--- /dev/null
+++ b/tests/data/test1258
@@ -0,0 +1,54 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP replaced headers
+cookies
+httponly
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.0 200 OK swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Type: text/html
+Set-Cookie: I-am=here; domain=localhost;
+
+boo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP, use cookies with localhost
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/we/want/1258
http://%HOSTIP:%HTTPPORT/we/want?hoge=fuga -b non-existing -H "Host: localhost"
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /we/want/1258 HTTP/1.1
+Host: localhost
+Accept: */*
+
+GET /we/want?hoge=fuga HTTP/1.1
+Host: localhost
+Accept: */*
+Cookie: I-am=here
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1259 b/tests/data/test1259
new file mode 100644
index 000000000..bad4ee25e
--- /dev/null
+++ b/tests/data/test1259
@@ -0,0 +1,47 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.0 200 OK swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Type: text/html
+Set-Cookie: I-am=here; domain=localhost;
+
+boo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP URL with semicolon in password
+ </name>
+ <command>
+"http://user:pass;address@hidden:%HTTPPORT/we/want/1259";
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /we/want/1259 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic dXNlcjpwYXNzO3dvcmQ=
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1260 b/tests/data/test1260
new file mode 100644
index 000000000..1d86ecd4e
--- /dev/null
+++ b/tests/data/test1260
@@ -0,0 +1,36 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+none
+</server>
+<features>
+http
+</features>
+ <name>
+HTTP URL with rubbish after port number
+ </name>
+ <command>
+-g "http://[%HOSTIP]:%HTTPPORT:80/we/want/1260";
"http://%HOSTIP:%HTTPPORT:80/we/want/1260";
"http://address@hidden:address@hidden";
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+# CURLE_URL_MALFORMAT == 3
+<errorcode>
+3
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1261 b/tests/data/test1261
new file mode 100644
index 000000000..7f887994e
--- /dev/null
+++ b/tests/data/test1261
@@ -0,0 +1,61 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+redirect_url
+followlocation
+--write-out
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.1 301 This is a weirdo text message swsclose
+Location: data/10290002.txt?coolsite=yes
+Content-Length: 62
+Connection: close
+
+This server reply is for testing a simple Location: following
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+'redirect_url' with --location and --max-redir
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/we/want/our/1261 -w '%{redirect_url}\n' --location
--max-redir 0
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /we/want/our/1261 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+# CURLE_TOO_MANY_REDIRECTS
+<errorcode>
+47
+</errorcode>
+<stdout>
+HTTP/1.1 301 This is a weirdo text message swsclose
+Location: data/10290002.txt?coolsite=yes
+Content-Length: 62
+Connection: close
+
+http://%HOSTIP:%HTTPPORT/we/want/our/data/10290002.txt?coolsite=yes
+</stdout>
+</verify>
+</testcase>
diff --git a/tests/data/test1262 b/tests/data/test1262
new file mode 100644
index 000000000..4b08a2cf2
--- /dev/null
+++ b/tests/data/test1262
@@ -0,0 +1,40 @@
+# similar to test 139 but with a reversed time condition
+<testcase>
+<info>
+<keywords>
+FTP
+RETR
+-z
+</keywords>
+</info>
+# Server-side
+<reply>
+<mdtm>
+213 20030409102659
+</mdtm>
+</reply>
+
+# Client-side
+<client>
+<server>
+ftp
+</server>
+ <name>
+FTP request and denied to download an older file with -z
+ </name>
+ <command>
+ftp://%HOSTIP:%FTPPORT/blalbla/1262 -z "-1 jan 2001"
+</command>
+</client>
+
+<verify>
+<protocol>
+USER anonymous
+PASS address@hidden
+PWD
+CWD blalbla
+MDTM 1262
+QUIT
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1280 b/tests/data/test1280
new file mode 100644
index 000000000..15c1e2fd1
--- /dev/null
+++ b/tests/data/test1280
@@ -0,0 +1,58 @@
+<testcase>
+<info>
+<keywords>
+globbing
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 6
+Connection: close
+
+bytes
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+simple [a-d] globbing
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/[a-d]/1280
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /a/1280 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /b/1280 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /c/1280 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /d/1280 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1281 b/tests/data/test1281
new file mode 100644
index 000000000..661b3c851
--- /dev/null
+++ b/tests/data/test1281
@@ -0,0 +1,38 @@
+<testcase>
+<info>
+<keywords>
+URL
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+none
+</server>
+<features>
+http
+</features>
+ <name>
+reject non-numerical port number in URL
+ </name>
+ <command>
+http://%HOSTIP:alpha/beta/1281
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+# 3 == CURLE_URL_MALFORMAT
+<errorcode>
+3
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1282 b/tests/data/test1282
new file mode 100644
index 000000000..197356c6b
--- /dev/null
+++ b/tests/data/test1282
@@ -0,0 +1,45 @@
+<testcase>
+<info>
+<keywords>
+FTP
+PASV
+RETR
+</keywords>
+</info>
+# Server-side
+<reply>
+<servercmd>
+REPLY PASS 633 XXXXXXXX\x00\x00XXXXXXXX
+</servercmd>
+</reply>
+
+# Client-side
+<client>
+<server>
+ftp
+</server>
+<features>
+GSS-API
+</features>
+ <name>
+FTP with 633 response before gss initialized
+ </name>
+ <command>
+ftp://%HOSTIP:%FTPPORT/1282
+</command>
+
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS address@hidden
+</protocol>
+
+# 67 == CURLE_LOGIN_DENIED
+<errorcode>
+67
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1283 b/tests/data/test1283
new file mode 100644
index 000000000..ac275e92e
--- /dev/null
+++ b/tests/data/test1283
@@ -0,0 +1,57 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+globbing
+[] range
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 6
+Connection: close
+
+bytes
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+globbing range with same start and stop
+</name>
+<command option="no-output">
+http://%HOSTIP:%HTTPPORT/[a-a][1-1][b-b:1][2-2:1]/1283 -o
"log/outfile1283_#1#2#3#4.dump"
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /a1b2/1283 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<file name="log/outfile1283_a1b2.dump">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 6
+Connection: close
+
+bytes
+</file>
+</verify>
+</testcase>
diff --git a/tests/data/test1284 b/tests/data/test1284
new file mode 100644
index 000000000..8437a4082
--- /dev/null
+++ b/tests/data/test1284
@@ -0,0 +1,89 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP POST
+HTTP Digest auth
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data>
+<data1000>
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+#
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+<name>
+HTTP POST --digest with user-specified Content-Length header
+</name>
+# This test is to ensure 'Content-Length: 0' is sent while negotiating auth
+# even when there is a user-specified Content-Length header.
+# https://github.com/curl/curl/pull/1242
+<command>
+-H "Content-Length: 11" -u auser:apasswd --digest -d "junkelijunk"
http://%HOSTIP:%HTTPPORT/1284
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol nonewline="yes">
+POST /1284 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 0
+Content-Type: application/x-www-form-urlencoded
+
+POST /1284 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144",
uri="/1284", response="5763079608de439072861a59ac733515"
+Accept: */*
+Content-Length: 11
+Content-Type: application/x-www-form-urlencoded
+
+junkelijunk
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1285 b/tests/data/test1285
new file mode 100644
index 000000000..16c66238a
--- /dev/null
+++ b/tests/data/test1285
@@ -0,0 +1,97 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP PUT
+HTTP Digest auth
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data>
+<data1000>
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</data1000>
+
+<datacheck>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 200 A OK
+Server: Microsoft-IIS/6.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 3
+
+ok
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+#
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+<name>
+HTTP PUT --digest with user-specified Content-Length header
+</name>
+# This test is to ensure 'Content-Length: 0' is sent while negotiating auth
+# even when there is a user-specified Content-Length header.
+# https://github.com/curl/curl/pull/1242
+<command>
+-H "Content-Length: 85" -u auser:apasswd --digest -T log/put1285
http://%HOSTIP:%HTTPPORT/1285
+</command>
+<file name="log/put1285">
+This is data we upload with PUT
+a second line
+line three
+four is the number of lines
+</file>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+PUT /1285 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 0
+
+PUT /1285 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144",
uri="/1285", response="dc185587d5e8391b347eef194c2a3cd6"
+Accept: */*
+Content-Length: 85
+Expect: 100-continue
+
+This is data we upload with PUT
+a second line
+line three
+four is the number of lines
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1286 b/tests/data/test1286
new file mode 100644
index 000000000..41782cb0f
--- /dev/null
+++ b/tests/data/test1286
@@ -0,0 +1,110 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+followlocation
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data>
+<data1000>
+HTTP/1.1 302 Thanks for this, but we want to redir you!
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Location: /12860001
+Content-Length: 0
+
+</data1000>
+<data1001>
+HTTP/1.1 404 Not Found
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</data1001>
+
+<datacheck>
+HTTP/1.1 401 authentication please swsbounce
+Server: Microsoft-IIS/6.0
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+HTTP/1.1 302 Thanks for this, but we want to redir you!
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Location: /12860001
+Content-Length: 0
+
+HTTP/1.1 404 Not Found
+Server: Microsoft-IIS/5.0
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 0
+
+</datacheck>
+
+</reply>
+
+# Client-side
+<client>
+#
+<server>
+http
+</server>
+<features>
+crypto
+</features>
+<name>
+HTTP GET --digest increasing nonce-count
+</name>
+# This test is to ensure the nonce-count (nc) increases
+# https://github.com/curl/curl/pull/1251
+<command>
+-u auser:apasswd --location --digest http://%HOSTIP:%HTTPPORT/1286
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+# Reorder the fields in 'Authorization: Digest' header.
+# Since regular and SSPI digest auth header fields may not have the same order
+# or whitespace we homogenize so that both may be tested. Also:
+# - Remove the unique value from cnonce if in RFC format
+# - Remove the unique value from response if in RFC format
+# - Remove quotes from qop="auth" used by SSPI
+# The if statement is one line because runtests evaluates one line at a time.
+<strippart>
+if(s/^(Authorization: Digest )([^\r\n]+)(\r?\n)$//) { $_ = $1 . join(', ', map
{ s/^(cnonce=)"[a-zA-Z0-9+\/=]+"$/$1REMOVED/;
s/^(response=)"[a-f0-9]{32}"$/$1REMOVED/; s/^qop="auth"$/qop=auth/; $_ } sort
split(/, */, $2)) . $3; }
+</strippart>
+<protocol>
+GET /1286 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /1286 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest cnonce=REMOVED, nc=00000001, nonce="1053604144",
qop=auth, realm="testrealm", response=REMOVED, uri="/1286", username="auser"
+Accept: */*
+
+GET /12860001 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest cnonce=REMOVED, nc=00000002, nonce="1053604144",
qop=auth, realm="testrealm", response=REMOVED, uri="/12860001", username="auser"
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1287 b/tests/data/test1287
new file mode 100644
index 000000000..46c292497
--- /dev/null
+++ b/tests/data/test1287
@@ -0,0 +1,91 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP CONNECT
+proxytunnel
+verbose logs
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Content-Length: 9
+
+contents
+</data>
+
+# The purpose of this test is to make sure curl ignores headers
+# Content-Length and Transfer-Encoding in a successful CONNECT 2xx reply.
+<connect>
+HTTP/1.1 200 Mighty fine indeed
+Content-Length: 123
+Transfer-Encoding: chunked
+
+</connect>
+
+<datacheck>
+HTTP/1.1 200 Mighty fine indeed
+Content-Length: 123
+Transfer-Encoding: chunked
+
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Content-Length: 9
+
+contents
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+http-proxy
+</server>
+<name>
+HTTP over proxy-tunnel ignore TE and CL in CONNECT 2xx responses
+</name>
+<command>
+-v --proxytunnel -x %HOSTIP:%PROXYPORT
http://test.1287:%HTTPPORT/we/want/that/page/1287
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<proxy>
+CONNECT test.1287:%HTTPPORT HTTP/1.1
+Host: test.1287:%HTTPPORT
+Proxy-Connection: Keep-Alive
+
+</proxy>
+<protocol>
+GET /we/want/that/page/1287 HTTP/1.1
+Host: test.1287:%HTTPPORT
+Accept: */*
+
+</protocol>
+<file name="log/stderr1287" mode="text">
+* Ignoring Content-Length in CONNECT 200 response
+* Ignoring Transfer-Encoding in CONNECT 200 response
+</file>
+<stripfile>
+s/^.*(?=\* Ignoring (?:Content-Length|Transfer-Encoding) )// or $_ = ''
+</stripfile>
+</verify>
+</testcase>
diff --git a/tests/data/test1288 b/tests/data/test1288
new file mode 100644
index 000000000..543aa3d6e
--- /dev/null
+++ b/tests/data/test1288
@@ -0,0 +1,96 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP CONNECT
+HTTP proxy
+proxytunnel
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<connect>
+HTTP/1.1 200 Mighty fine indeed
+Server: test tunnel 2000
+
+</connect>
+
+<data nocheck="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Type: text/html
+Funny-head: yesyes
+Content-Length: 9
+Connection: keep-alive
+
+contents
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+http-proxy
+</server>
+<name>
+Suppress proxy CONNECT response headers
+</name>
+<command>
+--proxytunnel --suppress-connect-headers --dump-header - --include --write-out
"\nCONNECT CODE: %{http_connect}\nRECEIVED HEADER BYTE TOTAL: %{size_header}\n"
--proxy %HOSTIP:%PROXYPORT http://%HOSTIP.1288:%HTTPPORT/we/want/that/page/1288
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<proxy>
+CONNECT %HOSTIP.1288:%HTTPPORT HTTP/1.1
+Host: %HOSTIP.1288:%HTTPPORT
+Proxy-Connection: Keep-Alive
+
+</proxy>
+<protocol>
+GET /we/want/that/page/1288 HTTP/1.1
+Host: %HOSTIP.1288:%HTTPPORT
+Accept: */*
+
+</protocol>
+
+# This test is structured to test all the expectations of
+# --suppress-connect-headers, which are:
+# Must suppress in --include and --dump-header
+# Must not suppress in --verbose and --trace
+# Must not suppress in statistics (eg received header byte total)
+<stdout>
+HTTP/1.1 200 OK
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Server: test-server/fake
+Content-Type: text/html
+Content-Type: text/html
+Funny-head: yesyes
+Funny-head: yesyes
+Content-Length: 9
+Content-Length: 9
+Connection: keep-alive
+Connection: keep-alive
+
+
+contents
+
+CONNECT CODE: 200
+RECEIVED HEADER BYTE TOTAL: 231
+</stdout>
+</verify>
+</testcase>
diff --git a/tests/data/test1289 b/tests/data/test1289
new file mode 100644
index 000000000..d679cc0bc
--- /dev/null
+++ b/tests/data/test1289
@@ -0,0 +1,35 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+globbing
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+globbing with overflow and bad syntxx
+</name>
+<command>
+http://ur%20[0-60000000000000000000
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+# curl: (3) [globbing] bad range in column
+<errorcode>
+3
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1298 b/tests/data/test1298
new file mode 100644
index 000000000..061a4e1e0
--- /dev/null
+++ b/tests/data/test1298
@@ -0,0 +1,56 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+--request-target
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 0
+Connection: close
+Content-Type: text/html
+Funny-head: yesyes
+
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP GET special path with --request-target
+ </name>
+ <command>
+--request-target "XXX" "http://%HOSTIP:%HTTPPORT/"; -H "Testno: 1298"
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET XXX HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Testno: 1298
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1299 b/tests/data/test1299
new file mode 100644
index 000000000..5ed92da5c
--- /dev/null
+++ b/tests/data/test1299
@@ -0,0 +1,55 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+--request-target
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 0
+Connection: close
+Content-Type: text/html
+Funny-head: yesyes
+
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+Send "OPTIONS *" with --request-target
+ </name>
+ <command>
+--request-target "*" -X OPTIONS http://%HOSTIP:%HTTPPORT/ -H "Testno: 1299"
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+OPTIONS * HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Testno: 1299
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test130 b/tests/data/test130
index 6e6d9c164..85892f1ee 100644
--- a/tests/data/test130
+++ b/tests/data/test130
@@ -41,6 +41,7 @@ FTP (optional .netrc; no user/pass) dir list PASV
</command>
<file name="log/netrc130" >
# the following two lines were created while testing curl
+# machine %HOSTIP login user1 password commented
machine %HOSTIP login user1 password passwd1
machine %HOSTIP login user2 password passwd2
default login userdef password passwddef
diff --git a/tests/data/test1301 b/tests/data/test1301
index 4b6fac8b8..8506c0005 100644
--- a/tests/data/test1301
+++ b/tests/data/test1301
@@ -2,7 +2,7 @@
<info>
<keywords>
unittest
-curl_strequal
+curl_strcasecompare
</keywords>
</info>
@@ -16,7 +16,7 @@ none
unittest
</features>
<name>
-curl_strequal unit tests
+curl_strcasecompare unit tests
</name>
<tool>
unit1301
diff --git a/tests/data/test1309 b/tests/data/test1309
index c2f67ff10..0e0cad1e8 100644
--- a/tests/data/test1309
+++ b/tests/data/test1309
@@ -1451,6 +1451,117 @@ remove pointer 5, payload 659
Tree look:
0.177[0]
remove pointer 6, payload 177
+Removing nodes not larger than 0
+removed payload 0[0]
+Removing nodes not larger than 100
+removed payload 39[0]
+removed payload 49[0]
+removed payload 49[1]
+removed payload 59[0]
+removed payload 59[1]
+removed payload 59[2]
+removed payload 98[0]
+removed payload 98[1]
+removed payload 98[2]
+Removing nodes not larger than 200
+removed payload 108[0]
+removed payload 118[0]
+removed payload 118[1]
+removed payload 157[0]
+removed payload 157[1]
+removed payload 167[0]
+removed payload 167[1]
+removed payload 167[2]
+removed payload 177[0]
+Removing nodes not larger than 300
+removed payload 216[0]
+removed payload 226[0]
+removed payload 226[1]
+removed payload 236[0]
+removed payload 236[1]
+removed payload 236[2]
+removed payload 275[0]
+removed payload 275[1]
+removed payload 275[2]
+removed payload 285[0]
+removed payload 295[0]
+removed payload 295[1]
+Removing nodes not larger than 400
+removed payload 334[0]
+removed payload 334[1]
+removed payload 344[0]
+removed payload 344[1]
+removed payload 344[2]
+removed payload 354[0]
+removed payload 393[0]
+Removing nodes not larger than 500
+removed payload 403[0]
+removed payload 403[1]
+removed payload 413[0]
+removed payload 413[1]
+removed payload 413[2]
+removed payload 462[0]
+removed payload 472[0]
+removed payload 472[1]
+Removing nodes not larger than 600
+removed payload 521[0]
+removed payload 521[1]
+removed payload 521[2]
+removed payload 531[0]
+removed payload 541[0]
+removed payload 541[1]
+removed payload 580[0]
+removed payload 580[1]
+removed payload 590[0]
+removed payload 590[1]
+removed payload 590[2]
+removed payload 600[0]
+Removing nodes not larger than 700
+removed payload 639[0]
+removed payload 649[0]
+removed payload 649[1]
+removed payload 659[0]
+removed payload 659[1]
+removed payload 659[2]
+removed payload 698[0]
+removed payload 698[1]
+removed payload 698[2]
+Removing nodes not larger than 800
+removed payload 708[0]
+removed payload 718[0]
+removed payload 718[1]
+removed payload 757[0]
+removed payload 757[1]
+removed payload 767[0]
+removed payload 767[1]
+removed payload 767[2]
+removed payload 777[0]
+Removing nodes not larger than 900
+removed payload 816[0]
+removed payload 826[0]
+removed payload 826[1]
+removed payload 836[0]
+removed payload 836[1]
+removed payload 836[2]
+removed payload 875[0]
+removed payload 875[1]
+removed payload 875[2]
+removed payload 885[0]
+removed payload 895[0]
+removed payload 895[1]
+Removing nodes not larger than 1000
+removed payload 934[0]
+removed payload 934[1]
+removed payload 944[0]
+removed payload 944[1]
+removed payload 944[2]
+removed payload 954[0]
+Removing nodes not larger than 1100
+removed payload 1003[0]
+removed payload 1003[1]
+removed payload 1013[0]
+removed payload 1013[1]
+removed payload 1013[2]
</stdout>
</verify>
diff --git a/tests/data/test1323 b/tests/data/test1323
new file mode 100644
index 000000000..c5e598cc4
--- /dev/null
+++ b/tests/data/test1323
@@ -0,0 +1,32 @@
+<testcase>
+<info>
+<keywords>
+unittest
+curlx_tvdiff
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+<name>
+curlx_tvdiff
+</name>
+<tool>
+unit1323
+</tool>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+</verify>
+</testcase>
diff --git a/tests/data/test1333 b/tests/data/test1333
index a2ea30143..50ca42a29 100644
--- a/tests/data/test1333
+++ b/tests/data/test1333
@@ -3,6 +3,7 @@
<keywords>
HTTP
HTTP GET
+chunked Transfer-Encoding
</keywords>
</info>
diff --git a/tests/data/test1399 b/tests/data/test1399
new file mode 100644
index 000000000..fe3879df1
--- /dev/null
+++ b/tests/data/test1399
@@ -0,0 +1,26 @@
+<testcase>
+<info>
+<keywords>
+unittest
+Curl_pgrsTime
+</keywords>
+</info>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+<features>
+unittest
+</features>
+ <name>
+Curl_pgrsTime unit tests
+ </name>
+<tool>
+unit1399
+</tool>
+</client>
+
+</testcase>
diff --git a/tests/data/test1400 b/tests/data/test1400
index 0ee737021..194c99c85 100644
--- a/tests/data/test1400
+++ b/tests/data/test1400
@@ -27,6 +27,9 @@ http
<name>
--libcurl for simple HTTP GET
</name>
+<setenv>
+SSL_CERT_FILE=
+</setenv>
<command>
http://%HOSTIP:%HTTPPORT/we/want/1400 --libcurl log/test1400.c
</command>
@@ -57,7 +60,7 @@ $_ = '' if /CURLOPT_HTTP_VERSION/
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
int main(int argc, char *argv[])
{
@@ -65,6 +68,7 @@ int main(int argc, char *argv[])
CURL *hnd;
hnd = curl_easy_init();
+ curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/1400";);
curl_easy_setopt(hnd, CURLOPT_HEADER, 1L);
curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
@@ -77,6 +81,7 @@ int main(int argc, char *argv[])
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
+ CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
diff --git a/tests/data/test1401 b/tests/data/test1401
index 602b09acc..deb1b5ed8 100644
--- a/tests/data/test1401
+++ b/tests/data/test1401
@@ -31,6 +31,9 @@ http
<name>
--libcurl for GET with various options
</name>
+<setenv>
+SSL_CERT_FILE=
+</setenv>
<command>
http://%HOSTIP:%HTTPPORT/we/want/1401 --libcurl log/test1401.c --basic -u
fake:user -H "X-Files: Mulder" -H "X-Men: cyclops, iceman" -A MyUA -b
chocolate=chip --proto "=http,ftp,file"
</command>
@@ -64,7 +67,7 @@ $_ = '' if /CURLOPT_HTTP_VERSION/
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
int main(int argc, char *argv[])
{
@@ -77,6 +80,7 @@ int main(int argc, char *argv[])
slist1 = curl_slist_append(slist1, "X-Men: cyclops, iceman");
hnd = curl_easy_init();
+ curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/1401";);
curl_easy_setopt(hnd, CURLOPT_HEADER, 1L);
curl_easy_setopt(hnd, CURLOPT_USERPWD, "fake:user");
@@ -96,6 +100,7 @@ int main(int argc, char *argv[])
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
+ CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
@@ -121,7 +126,5 @@ int main(int argc, char *argv[])
}
/**** End of sample code ****/
</file>
-<stdout>
-</stdout>
</verify>
</testcase>
diff --git a/tests/data/test1402 b/tests/data/test1402
index 0c2199e3b..8fece3afe 100644
--- a/tests/data/test1402
+++ b/tests/data/test1402
@@ -28,6 +28,9 @@ http
<name>
--libcurl for simple POST
</name>
+<setenv>
+SSL_CERT_FILE=
+</setenv>
<command>
http://%HOSTIP:%HTTPPORT/we/want/1402 --libcurl log/test1402.c -d "foo=bar" -d
"baz=quux"
</command>
@@ -62,7 +65,7 @@ $_ = '' if /CURLOPT_HTTP_VERSION/
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
int main(int argc, char *argv[])
{
@@ -70,6 +73,7 @@ int main(int argc, char *argv[])
CURL *hnd;
hnd = curl_easy_init();
+ curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/1402";);
curl_easy_setopt(hnd, CURLOPT_HEADER, 1L);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "foo=bar&baz=quux");
@@ -84,6 +88,7 @@ int main(int argc, char *argv[])
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
+ CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
@@ -107,7 +112,5 @@ int main(int argc, char *argv[])
}
/**** End of sample code ****/
</file>
-<stdout>
-</stdout>
</verify>
</testcase>
diff --git a/tests/data/test1403 b/tests/data/test1403
index 98f238f9d..8e20fafdf 100644
--- a/tests/data/test1403
+++ b/tests/data/test1403
@@ -28,6 +28,9 @@ http
<name>
--libcurl for GET with query
</name>
+<setenv>
+SSL_CERT_FILE=
+</setenv>
<command>
http://%HOSTIP:%HTTPPORT/we/want/1403 --libcurl log/test1403.c -G -d "foo=bar"
-d "baz=quux"
</command>
@@ -59,7 +62,7 @@ $_ = '' if /CURLOPT_HTTP_VERSION/
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
int main(int argc, char *argv[])
{
@@ -67,6 +70,7 @@ int main(int argc, char *argv[])
CURL *hnd;
hnd = curl_easy_init();
+ curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
curl_easy_setopt(hnd, CURLOPT_URL,
"http://%HOSTIP:%HTTPPORT/we/want/1403?foo=bar&baz=quux";);
curl_easy_setopt(hnd, CURLOPT_HEADER, 1L);
curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
@@ -79,6 +83,7 @@ int main(int argc, char *argv[])
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
+ CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
@@ -102,7 +107,5 @@ int main(int argc, char *argv[])
}
/**** End of sample code ****/
</file>
-<stdout>
-</stdout>
</verify>
</testcase>
diff --git a/tests/data/test1404 b/tests/data/test1404
index a159e49d4..4265bf882 100644
--- a/tests/data/test1404
+++ b/tests/data/test1404
@@ -29,6 +29,9 @@ http
<name>
--libcurl for HTTP RFC1867-type formposting - -F with three files, one with
explicit type
</name>
+<setenv>
+SSL_CERT_FILE=
+</setenv>
<command>
http://%HOSTIP:%HTTPPORT/we/want/1404 -F name=value -F
'address@hidden/test1404.txt,log/test1404.txt;type=magic/content,log/test1404.txt'
--libcurl log/test1404.c
</command>
@@ -94,7 +97,7 @@ $_ = '' if /CURLOPT_HTTP_VERSION/
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
int main(int argc, char *argv[])
{
@@ -120,6 +123,7 @@ int main(int argc, char *argv[])
CURLFORM_END);
hnd = curl_easy_init();
+ curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/1404";);
curl_easy_setopt(hnd, CURLOPT_HEADER, 1L);
curl_easy_setopt(hnd, CURLOPT_HTTPPOST, post1);
@@ -133,6 +137,7 @@ int main(int argc, char *argv[])
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
+ CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
diff --git a/tests/data/test1405 b/tests/data/test1405
index f223954cf..50bfeb21a 100644
--- a/tests/data/test1405
+++ b/tests/data/test1405
@@ -32,6 +32,9 @@ ftp
<name>
--libcurl for FTP with quote ops
</name>
+<setenv>
+SSL_CERT_FILE=
+</setenv>
<command>
ftp://%HOSTIP:%FTPPORT/1405 -Q "NOOP 1" -Q "+NOOP 2" -Q "-NOOP 3" -Q "*FAIL"
-Q "+*FAIL HARD" --libcurl log/test1405.c
</command>
@@ -60,7 +63,7 @@ QUIT
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
int main(int argc, char *argv[])
{
@@ -80,6 +83,7 @@ int main(int argc, char *argv[])
slist3 = curl_slist_append(slist3, "*FAIL HARD");
hnd = curl_easy_init();
+ curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
curl_easy_setopt(hnd, CURLOPT_URL, "ftp://%HOSTIP:%FTPPORT/1405";);
curl_easy_setopt(hnd, CURLOPT_HEADER, 1L);
curl_easy_setopt(hnd, CURLOPT_QUOTE, slist1);
@@ -93,6 +97,7 @@ int main(int argc, char *argv[])
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
+ CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
diff --git a/tests/data/test1406 b/tests/data/test1406
index c7e4cd41c..680f6a25e 100644
--- a/tests/data/test1406
+++ b/tests/data/test1406
@@ -25,6 +25,9 @@ smtp
<name>
--libcurl for SMTP
</name>
+<setenv>
+SSL_CERT_FILE=
+</setenv>
<file name="log/test1406.eml">
From: different
To: another
@@ -59,7 +62,7 @@ body
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
int main(int argc, char *argv[])
{
@@ -72,12 +75,11 @@ int main(int argc, char *argv[])
slist1 = curl_slist_append(slist1, "address@hidden");
hnd = curl_easy_init();
+ curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, (curl_off_t)38);
curl_easy_setopt(hnd, CURLOPT_URL, "smtp://%HOSTIP:%SMTPPORT/1406");
curl_easy_setopt(hnd, CURLOPT_HEADER, 1L);
curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L);
- curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
- curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
curl_easy_setopt(hnd, CURLOPT_MAIL_FROM, "address@hidden");
@@ -88,6 +90,7 @@ int main(int argc, char *argv[])
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
+ CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
@@ -114,10 +117,9 @@ int main(int argc, char *argv[])
/**** End of sample code ****/
</file>
<stripfile>
-# curl's default user-agent varies with version, libraries etc.
-s/(USERAGENT, \")[^\"]+/${1}stripped/
-# CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
-# configurations - just ignore them
+# These options vary with configurations - just ignore them
+$_ = '' if /CURLOPT_USERAGENT/
+$_ = '' if /CURLOPT_MAXREDIRS/
$_ = '' if /CURLOPT_SSL_VERIFYPEER/
$_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
$_ = '' if /CURLOPT_HTTP_VERSION/
diff --git a/tests/data/test1407 b/tests/data/test1407
index 8f8cb2aa9..bb4c4f128 100644
--- a/tests/data/test1407
+++ b/tests/data/test1407
@@ -26,7 +26,10 @@ pop3
<name>
--libcurl for POP3 LIST one message
</name>
- <command>
+<setenv>
+SSL_CERT_FILE=
+</setenv>
+<command>
pop3://%HOSTIP:%POP3PORT/1407 -l -u user:secret --libcurl log/test1407.c
</command>
</client>
@@ -46,7 +49,7 @@ QUIT
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
int main(int argc, char *argv[])
{
@@ -54,12 +57,11 @@ int main(int argc, char *argv[])
CURL *hnd;
hnd = curl_easy_init();
+ curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
curl_easy_setopt(hnd, CURLOPT_URL, "pop3://%HOSTIP:%POP3PORT/1407");
curl_easy_setopt(hnd, CURLOPT_HEADER, 1L);
curl_easy_setopt(hnd, CURLOPT_DIRLISTONLY, 1L);
curl_easy_setopt(hnd, CURLOPT_USERPWD, "user:secret");
- curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
- curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
@@ -68,6 +70,7 @@ int main(int argc, char *argv[])
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
+ CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
@@ -92,10 +95,9 @@ int main(int argc, char *argv[])
/**** End of sample code ****/
</file>
<stripfile>
-# curl's default user-agent varies with version, libraries etc.
-s/(USERAGENT, \")[^\"]+/${1}stripped/
-# CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
-# configurations - just ignore them
+# These options vary with configurations - just ignore them
+$_ = '' if /CURLOPT_USERAGENT/
+$_ = '' if /CURLOPT_MAXREDIRS/
$_ = '' if /CURLOPT_SSL_VERIFYPEER/
$_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
$_ = '' if /CURLOPT_HTTP_VERSION/
diff --git a/tests/data/test1420 b/tests/data/test1420
index 7a868062e..1c98d2c28 100644
--- a/tests/data/test1420
+++ b/tests/data/test1420
@@ -32,7 +32,10 @@ imap
<name>
--libcurl for IMAP FETCH message
</name>
- <command>
+<setenv>
+SSL_CERT_FILE=
+</setenv>
+<command>
'imap://%HOSTIP:%IMAPPORT/1420/;UID=1' -u user:secret --libcurl log/test1420.c
</command>
</client>
@@ -52,7 +55,7 @@ A005 LOGOUT
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
-#include <curl/curl.h>
+#include <gnurl/curl.h>
int main(int argc, char *argv[])
{
@@ -60,11 +63,10 @@ int main(int argc, char *argv[])
CURL *hnd;
hnd = curl_easy_init();
+ curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
curl_easy_setopt(hnd, CURLOPT_URL, "imap://%HOSTIP:%IMAPPORT/1420/;UID=1");
curl_easy_setopt(hnd, CURLOPT_HEADER, 1L);
curl_easy_setopt(hnd, CURLOPT_USERPWD, "user:secret");
- curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
- curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
@@ -73,6 +75,7 @@ int main(int argc, char *argv[])
them yourself.
CURLOPT_WRITEDATA set to a objectpointer
+ CURLOPT_INTERLEAVEDATA set to a objectpointer
CURLOPT_WRITEFUNCTION set to a functionpointer
CURLOPT_READDATA set to a objectpointer
CURLOPT_READFUNCTION set to a functionpointer
@@ -97,10 +100,9 @@ int main(int argc, char *argv[])
/**** End of sample code ****/
</file>
<stripfile>
-# curl's default user-agent varies with version, libraries etc.
-s/(USERAGENT, \")[^\"]+/${1}stripped/
-# CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
-# configurations - just ignore them
+# These options vary with configurations - just ignore them
+$_ = '' if /CURLOPT_USERAGENT/
+$_ = '' if /CURLOPT_MAXREDIRS/
$_ = '' if /CURLOPT_SSL_VERIFYPEER/
$_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
$_ = '' if /CURLOPT_HTTP_VERSION/
diff --git a/tests/data/test1425 b/tests/data/test1425
new file mode 100644
index 000000000..0044c69d5
Binary files /dev/null and b/tests/data/test1425 differ
diff --git a/tests/data/test1426 b/tests/data/test1426
new file mode 100644
index 000000000..dd6a8d117
Binary files /dev/null and b/tests/data/test1426 differ
diff --git a/tests/data/test1427 b/tests/data/test1427
new file mode 100644
index 000000000..03cab4b93
--- /dev/null
+++ b/tests/data/test1427
@@ -0,0 +1,29 @@
+<testcase>
+<info>
+<keywords>
+integer overflow
+</keywords>
+</info>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+ <name>
+too large -m timeout value
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/1427 -m 184467440737095510
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<errorcode>
+2
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1429 b/tests/data/test1429
index da09dca48..114dc0dba 100644
--- a/tests/data/test1429
+++ b/tests/data/test1429
@@ -31,7 +31,7 @@ http
</server>
<name>
-HTTP GET with 4-digit reponse code
+HTTP GET with 4-digit response code
</name>
<command>
http://%HOSTIP:%HTTPPORT/1429 --write-out '%{response_code}'
@@ -54,7 +54,7 @@ Content-Type: text/html
Funny-head: yesyes
-foo-
-1234
+123
</stdout>
<strip>
^User-Agent:.*
diff --git a/tests/data/test1430 b/tests/data/test1430
index c5f65cfc8..e3c9b1d60 100644
--- a/tests/data/test1430
+++ b/tests/data/test1430
@@ -30,7 +30,7 @@ Funny-head: yesyes
http
</server>
<name>
-HTTP GET with negative reponse code
+HTTP GET with negative response code
</name>
<command>
http://%HOSTIP:%HTTPPORT/1430
diff --git a/tests/data/test1431 b/tests/data/test1431
index 4ea33edc2..bec3ebbde 100644
--- a/tests/data/test1431
+++ b/tests/data/test1431
@@ -30,7 +30,7 @@ Funny-head: yesyes
http
</server>
<name>
-HTTP GET with single-digit reponse code
+HTTP GET with single-digit response code
</name>
<command>
http://%HOSTIP:%HTTPPORT/1431
diff --git a/tests/data/test1432 b/tests/data/test1432
index eb1d0c2ad..7f41c65be 100644
--- a/tests/data/test1432
+++ b/tests/data/test1432
@@ -31,7 +31,7 @@ http
</server>
<name>
-HTTP GET with 100-digit reponse code and survive
+HTTP GET with 100-digit response code and survive
</name>
<command>
http://%HOSTIP:%HTTPPORT/1432
diff --git a/tests/data/test1433 b/tests/data/test1433
index 8634db2c4..a159daff3 100644
--- a/tests/data/test1433
+++ b/tests/data/test1433
@@ -34,28 +34,13 @@ http
HTTP GET with 100-digit subversion number in response
</name>
<command>
-http://%HOSTIP:%HTTPPORT/1433 --write-out '%{response_code}'
+http://%HOSTIP:%HTTPPORT/1433
</command>
</client>
#
# Verify data after the test has been "shot"
<verify>
-<stdout nonewline="yes">
-HTTP/1.0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789
200 OK
-Date: Thu, 09 Nov 2010 14:49:00 GMT
-Server: test-server/fake
-Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
-ETag: "21025-dc7-39462498"
-Accept-Ranges: bytes
-Content-Length: 6
-Connection: close
-Content-Type: text/html
-Funny-head: yesyes
-
--foo-
-200
-</stdout>
<strip>
^User-Agent:.*
</strip>
@@ -65,5 +50,8 @@ Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
+<errorcode>
+1
+</errorcode>
</verify>
</testcase>
diff --git a/tests/data/test1438 b/tests/data/test1438
new file mode 100644
index 000000000..8aaedb71e
--- /dev/null
+++ b/tests/data/test1438
@@ -0,0 +1,58 @@
+<testcase>
+<info>
+<keywords>
+protocol
+--write-out
+</keywords>
+</info>
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 9
+Connection: close
+Content-Type: text/plain
+
+testdata
+</data>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+
+<name>
+Check if %{scheme} returns HTTP
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/1438 --write-out '%{scheme}'
+</command>
+</client>
+
+# Verify data
+<verify>
+<stdout nonewline="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 9
+Connection: close
+Content-Type: text/plain
+
+testdata
+HTTP
+</stdout>
+<protocol>
+GET /1438 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<strip>
+^User-Agent:.*
+</strip>
+</verify>
+</testcase>
diff --git a/tests/data/test1439 b/tests/data/test1439
new file mode 100644
index 000000000..cb906adbc
--- /dev/null
+++ b/tests/data/test1439
@@ -0,0 +1,58 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+--write-out
+</keywords>
+</info>
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 9
+Connection: close
+Content-Type: text/plain
+
+testdata
+</data>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+
+<name>
+Check if %{scheme} returns HTTP
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/1439 --write-out '%{http_version}'
+</command>
+</client>
+
+# Verify data
+<verify>
+<stdout nonewline="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 9
+Connection: close
+Content-Type: text/plain
+
+testdata
+1.1
+</stdout>
+<protocol>
+GET /1439 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<strip>
+^User-Agent:.*
+</strip>
+</verify>
+</testcase>
diff --git a/tests/data/test1440 b/tests/data/test1440
new file mode 100644
index 000000000..e87cafb08
--- /dev/null
+++ b/tests/data/test1440
@@ -0,0 +1,35 @@
+<testcase>
+<info>
+<keywords>
+--write-out
+FILE
+</keywords>
+</info>
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+file
+</server>
+
+<name>
+Check --write-out with trailing %{
+</name>
+<command>
+file://localhost/%PWD/log/non-existent-file.txt --write-out '%{'
+</command>
+</client>
+
+# Verify data
+<verify>
+<errorcode>
+37
+</errorcode>
+<stdout nonewline="yes">
+%{
+</stdout>
+</verify>
+</testcase>
diff --git a/tests/data/test1441 b/tests/data/test1441
new file mode 100644
index 000000000..8d841df5d
--- /dev/null
+++ b/tests/data/test1441
@@ -0,0 +1,35 @@
+<testcase>
+<info>
+<keywords>
+--write-out
+FILE
+</keywords>
+</info>
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+file
+</server>
+
+<name>
+Check --write-out with trailing %
+</name>
+<command>
+file://localhost/%PWD/log/non-existent-file.txt --write-out '%'
+</command>
+</client>
+
+# Verify data
+<verify>
+<errorcode>
+37
+</errorcode>
+<stdout nonewline="yes">
+%
+</stdout>
+</verify>
+</testcase>
diff --git a/tests/data/test1442 b/tests/data/test1442
new file mode 100644
index 000000000..255a4c9ff
--- /dev/null
+++ b/tests/data/test1442
@@ -0,0 +1,35 @@
+<testcase>
+<info>
+<keywords>
+--write-out
+FILE
+</keywords>
+</info>
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+file
+</server>
+
+<name>
+Check --write-out with trailing \
+</name>
+<command>
+file://localhost/%PWD/log/non-existent-file.txt --write-out '\'
+</command>
+</client>
+
+# Verify data
+<verify>
+<errorcode>
+37
+</errorcode>
+<stdout nonewline="yes">
+\
+</stdout>
+</verify>
+</testcase>
diff --git a/tests/data/test1443 b/tests/data/test1443
new file mode 100644
index 000000000..696886706
--- /dev/null
+++ b/tests/data/test1443
@@ -0,0 +1,68 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+-O
+--remote-time
+</keywords>
+</info>
+
+#
+<reply>
+<data nocheck="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+Content-Length: 6
+Connection: close
+
+12345
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+# This relies on the debug feature to allow us to set a directory
+# in which to store the -O output
+<features>
+debug
+</features>
+<server>
+http
+</server>
+<name>
+HTTP GET with -O and --remote-time
+</name>
+<setenv>
+CURL_TESTDIR=%PWD/log
+</setenv>
+<command option="no-output,no-include">
+http://%HOSTIP:%HTTPPORT/1443 -O --remote-time
+</command>
+# Verify the mtime of the file. The mtime is specifically chosen to be an even
+# number so that it can be represented exactly on a FAT filesystem.
+<postcheck>
+perl -e 'exit((stat("log/1443"))[9] != 960898200)'
+</postcheck>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1443 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<file name="log/1443">
+12345
+</file>
+</verify>
+</testcase>
diff --git a/tests/data/test1444 b/tests/data/test1444
new file mode 100644
index 000000000..7eec21b99
--- /dev/null
+++ b/tests/data/test1444
@@ -0,0 +1,52 @@
+<testcase>
+<info>
+<keywords>
+FTP
+EPSV
+RETR
+--remote-time
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+file data
+</data>
+<mdtm>
+213 20090213233130
+</mdtm>
+</reply>
+
+# Client-side
+<client>
+<server>
+ftp
+</server>
+ <name>
+FTP with --remote-time
+ </name>
+ <command>
+ftp://%HOSTIP:%FTPPORT/1444 --remote-time
+</command>
+# Verify the mtime of the file. The mtime is specifically chosen to be an even
+# number so that it can be represented exactly on a FAT filesystem.
+<postcheck>
+perl -e 'exit((stat("log/curl1444.out"))[9] != 1234567890)'
+</postcheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS address@hidden
+PWD
+MDTM 1444
+EPSV
+TYPE I
+SIZE 1444
+RETR 1444
+QUIT
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1445 b/tests/data/test1445
new file mode 100644
index 000000000..f60483dcd
--- /dev/null
+++ b/tests/data/test1445
@@ -0,0 +1,35 @@
+<testcase>
+<info>
+<keywords>
+FILE
+--remote-time
+</keywords>
+</info>
+
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+file
+</server>
+<precheck>
+perl %SRCDIR/libtest/test613.pl prepare %PWD/log/test1445.dir
+</precheck>
+ <name>
+file:// with --remote-time
+ </name>
+ <command>
+file://localhost/%PWD/log/test1445.dir/plainfile.txt --remote-time
+</command>
+<postcheck>
+perl %SRCDIR/libtest/test613.pl postprocess %PWD/log/test1445.dir && \
+perl -e 'exit((stat("log/curl1445.out"))[9] != 946728000)'
+</postcheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+</verify>
+</testcase>
diff --git a/tests/data/test1446 b/tests/data/test1446
new file mode 100644
index 000000000..7d5ec9fc2
--- /dev/null
+++ b/tests/data/test1446
@@ -0,0 +1,42 @@
+<testcase>
+<info>
+<keywords>
+SFTP
+--remote-time
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+sftp
+</server>
+<precheck>
+perl %SRCDIR/libtest/test613.pl prepare %PWD/log/test1446.dir
+</precheck>
+ <name>
+SFTP with --remote-time
+ </name>
+ <command>
+--key curl_client_key --pubkey curl_client_key.pub -u %USER:
sftp://%HOSTIP:%SSHPORT%PWD/log/test1446.dir/rofile.txt --insecure --remote-time
+</command>
+<postcheck>
+perl %SRCDIR/libtest/test613.pl postprocess %PWD/log/test1446.dir && \
+perl -e 'exit((stat("log/curl1446.out"))[9] != 978264000)'
+</postcheck>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<valgrind>
+disable
+</valgrind>
+</verify>
+</testcase>
diff --git a/tests/data/test1447 b/tests/data/test1447
new file mode 100644
index 000000000..e62cd72f2
--- /dev/null
+++ b/tests/data/test1447
@@ -0,0 +1,38 @@
+<testcase>
+<info>
+<keywords>
+HTTP proxy
+FAILURE
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+<features>
+http
+</features>
+ <name>
+Provide illegal proxy name
+ </name>
+ <command>
+--proxy "http://a:b@/x"; http://%HOSTIP:%HTTPPORT
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+# Couldn't resolve proxy name
+<errorcode>
+5
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1448 b/tests/data/test1448
new file mode 100644
index 000000000..e04f47bde
--- /dev/null
+++ b/tests/data/test1448
@@ -0,0 +1,92 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+IDN
+followlocation
+--write-out
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.1 302 OK swsbounce
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 9
+Content-Type: text/plain
+Location: http://åäö.se:8990/14480001
+
+redirect
+</data>
+<data1 nocheck="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 3
+Content-Type: text/plain; charset=us-ascii
+
+OK
+</data1>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+<features>
+idn
+</features>
+<setenv>
+LC_ALL=
+LC_CTYPE=en_US.UTF-8
+</setenv>
+<precheck>
+perl -MI18N::Langinfo=langinfo,CODESET -e 'die "Needs a UTF-8 locale" if
(lc(langinfo(CODESET())) ne "utf-8");'
+</precheck>
+ <name>
+Redirect following to UTF-8 IDN host name
+ </name>
+
+ <command>
+http://åäö.se:%HTTPPORT/1448 --resolve xn--4cab6c.se:%HTTPPORT:%HOSTIP -L
--connect-to %HOSTIP:8990:%HOSTIP:%HTTPPORT
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1448 HTTP/1.1
+Host: xn--4cab6c.se:%HTTPPORT
+Accept: */*
+
+GET /14480001 HTTP/1.1
+Host: xn--4cab6c.se:%HTTPPORT
+Accept: */*
+
+</protocol>
+
+<stdout>
+HTTP/1.1 302 OK swsbounce
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 9
+Content-Type: text/plain
+Location: http://åäö.se:%HTTPPORT/14480001
+
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 3
+Content-Type: text/plain; charset=us-ascii
+
+OK
+</stdout>
+
+</verify>
+</testcase>
diff --git a/tests/data/test1450 b/tests/data/test1450
new file mode 100644
index 000000000..ca3ac8849
--- /dev/null
+++ b/tests/data/test1450
@@ -0,0 +1,34 @@
+<testcase>
+<info>
+<keywords>
+DICT
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+dict
+</server>
+<features>
+dict
+</features>
+ <name>
+Basic DICT lookup
+ </name>
+ <command>
+dict://%HOSTIP:%DICTPORT/d:basic
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+</verify>
+</testcase>
diff --git a/tests/data/test1451 b/tests/data/test1451
new file mode 100644
index 000000000..0c114e186
--- /dev/null
+++ b/tests/data/test1451
@@ -0,0 +1,36 @@
+<testcase>
+<info>
+<keywords>
+SMB
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>Basic SMB test complete</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+smb
+</server>
+<features>
+smb
+</features>
+ <name>
+Basic SMB request
+ </name>
+ <command>
+-u 'curltest:curltest' smb://%HOSTIP:%SMBPORT/TESTS/1451
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<stdout>Basic SMB test complete</stdout>
+</verify>
+</testcase>
diff --git a/tests/data/test1452 b/tests/data/test1452
new file mode 100755
index 000000000..dbbb7d6c2
--- /dev/null
+++ b/tests/data/test1452
@@ -0,0 +1,41 @@
+<testcase>
+<info>
+<keywords>
+TELNET
+UPLOAD
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+telnet
+</server>
+<features>
+telnet
+</features>
+ <name>
+Basic TELNET negotiation
+ </name>
+<stdin>
+test1452
+</stdin>
+ <command>
+telnet://%HOSTIP:%NEGTELNETPORT --upload-file -
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<stdout>test1452</stdout>
+</verify>
+</testcase>
diff --git a/tests/data/test150 b/tests/data/test150
index 69c5835c6..e19826e32 100644
--- a/tests/data/test150
+++ b/tests/data/test150
@@ -94,7 +94,7 @@ Accept: */*
GET /150 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
diff --git a/tests/data/test1521 b/tests/data/test1521
new file mode 100644
index 000000000..791a50dc8
--- /dev/null
+++ b/tests/data/test1521
@@ -0,0 +1,30 @@
+<testcase>
+<info>
+<keywords>
+curl_easy_setopt
+</keywords>
+</info>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+<tool>
+lib1521
+</tool>
+
+ <name>
+Test all curl_easy_setopt and curl_easy_getinfo options
+ </name>
+ <command>
+unused
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+</verify>
+</testcase>
diff --git a/tests/data/test1525 b/tests/data/test1525
index 0560d5c1a..595da5ea9 100644
--- a/tests/data/test1525
+++ b/tests/data/test1525
@@ -14,7 +14,6 @@ CURLOPT_PROXYHEADER
<reply>
<connect>
HTTP/1.1 200 OK
-Content-Length: 17
</connect>
<data>
@@ -26,7 +25,6 @@ ETag: "21025-dc7-39462498"
</data>
<datacheck>
HTTP/1.1 200 OK
-Content-Length: 17
HTTP/1.1 200 OK swsclose
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test1532 b/tests/data/test1532
new file mode 100644
index 000000000..5b2afc71a
--- /dev/null
+++ b/tests/data/test1532
@@ -0,0 +1,49 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.0 200 OK swsclose
+Content-Length: 0
+
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+# tool is what to use instead of 'curl'
+<tool>
+lib1532
+</tool>
+<name>
+Test CURLINFO_RESPONSE_CODE
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/1532
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+GET /1532 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<errorcode>
+0
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1533 b/tests/data/test1533
new file mode 100644
index 000000000..56518161c
--- /dev/null
+++ b/tests/data/test1533
@@ -0,0 +1,74 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP POST
+CURLOPT_KEEP_SENDING_ON_ERROR
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<servercmd>
+auth_required
+</servercmd>
+<data nocheck="yes">
+HTTP/1.1 401 Authorization Required
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 15
+
+Early Response
+</data>
+</reply>
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+lib1533
+</tool>
+<name>
+HTTP with CURLOPT_KEEP_SENDING_ON_ERROR and an early error response
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/1533
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+# TEST_ERR_SUCCESS is errorcode 120
+<verify>
+<errorcode>
+120
+</errorcode>
+<protocol nonewline="yes">
+POST /1533 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 3
+Content-Type: application/x-www-form-urlencoded
+
+POST /1533 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 3
+Content-Type: application/x-www-form-urlencoded
+
+POST /1533 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 3
+Content-Type: application/x-www-form-urlencoded
+
+aaaPOST /1533 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 3
+Content-Type: application/x-www-form-urlencoded
+
+aaa
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1534 b/tests/data/test1534
new file mode 100644
index 000000000..5ebf57d3a
--- /dev/null
+++ b/tests/data/test1534
@@ -0,0 +1,50 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.0 200 OK swsclose
+Last-Modified: Thu, 01 Jan 1970 00:00:30 GMT
+Content-Length: 0
+
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+# tool is what to use instead of 'curl'
+<tool>
+lib1534
+</tool>
+<name>
+CURLINFO_FILETIME init and reset
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/1534
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+GET /1534 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<errorcode>
+0
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1535 b/tests/data/test1535
new file mode 100644
index 000000000..226190d05
--- /dev/null
+++ b/tests/data/test1535
@@ -0,0 +1,50 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.0 200 OK swsclose
+Last-Modified: Thu, 01 Jan 1970 00:00:30 GMT
+Content-Length: 0
+
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+# tool is what to use instead of 'curl'
+<tool>
+lib1535
+</tool>
+<name>
+Test CURLINFO_RESPONSE_CODE CURLINFO_PROTOCOL
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/1535
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+GET /1535 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<errorcode>
+0
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1536 b/tests/data/test1536
new file mode 100644
index 000000000..a6e5a66cb
--- /dev/null
+++ b/tests/data/test1536
@@ -0,0 +1,50 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.0 200 OK swsclose
+Last-Modified: Thu, 01 Jan 1970 00:00:30 GMT
+Content-Length: 0
+
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+# tool is what to use instead of 'curl'
+<tool>
+lib1536
+</tool>
+<name>
+Test CURLINFO_RESPONSE_CODE CURLINFO_SCHEME
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/1536
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+GET /1536 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<errorcode>
+0
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1537 b/tests/data/test1537
new file mode 100644
index 000000000..33d8ab3d9
--- /dev/null
+++ b/tests/data/test1537
@@ -0,0 +1,45 @@
+<testcase>
+<info>
+<keywords>
+URL escape
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+none
+</server>
+<tool>
+lib1537
+</tool>
+
+<name>
+libcurl URL escape/unescape tests
+</name>
+<command>
+nothing
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<stdout>
+%2F%3A%3B%3C%3D%3E%3F%91%A2%B3%C4%D5%E6%F7
+%2F%3A%3B%3C%3D%3E%3F%91%A2%B3%C4%D5%E6%F7
+outlen == 14
+unescape == original? YES
+[old] outlen == 14
+[old] unescape == original? YES
+escape -1 length: (nil)
+unescape -1 length: (nil) 2017
+</stdout>
+</verify>
+
+</testcase>
diff --git a/tests/data/test1538 b/tests/data/test1538
new file mode 100644
index 000000000..25b39a6f6
--- /dev/null
+++ b/tests/data/test1538
@@ -0,0 +1,149 @@
+<testcase>
+<info>
+<keywords>
+strerror
+verbose logs
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+none
+</server>
+<tool>
+lib1538
+</tool>
+
+<name>
+libcurl strerror API call tests
+</name>
+<command>
+nothing
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<stdout>
+e0: No error
+e1: Unsupported protocol
+e2: Failed initialization
+e3: URL using bad/illegal format or missing URL
+e4: A requested feature, protocol or option was not found built-in in this
libcurl due to a build-time decision.
+e5: Couldn't resolve proxy name
+e6: Couldn't resolve host name
+e7: Couldn't connect to server
+e8: Weird server reply
+e9: Access denied to remote resource
+e10: FTP: The server failed to connect to data port
+e11: FTP: unknown PASS reply
+e12: FTP: Accepting server connect has timed out
+e13: FTP: unknown PASV reply
+e14: FTP: unknown 227 response format
+e15: FTP: can't figure out the host in the PASV response
+e16: Error in the HTTP2 framing layer
+e17: FTP: couldn't set file type
+e18: Transferred a partial file
+e19: FTP: couldn't retrieve (RETR failed) the specified file
+e20: Unknown error
+e21: Quote command returned error
+e22: HTTP response code said error
+e23: Failed writing received data to disk/application
+e24: Unknown error
+e25: Upload failed (at start/before it took off)
+e26: Failed to open/read local data from file/application
+e27: Out of memory
+e28: Timeout was reached
+e29: Unknown error
+e30: FTP: command PORT failed
+e31: FTP: command REST failed
+e32: Unknown error
+e33: Requested range was not delivered by the server
+e34: Internal problem setting up the POST
+e35: SSL connect error
+e36: Couldn't resume download
+e37: Couldn't read a file:// file
+e38: LDAP: cannot bind
+e39: LDAP: search failed
+e40: Unknown error
+e41: A required function in the library was not found
+e42: Operation was aborted by an application callback
+e43: A libcurl function was given a bad argument
+e44: Unknown error
+e45: Failed binding local connection end
+e46: Unknown error
+e47: Number of redirects hit maximum amount
+e48: An unknown option was passed in to libcurl
+e49: Malformed telnet option
+e50: Unknown error
+e51: SSL peer certificate or SSH remote key was not OK
+e52: Server returned nothing (no headers, no data)
+e53: SSL crypto engine not found
+e54: Can not set SSL crypto engine as default
+e55: Failed sending data to the peer
+e56: Failure when receiving data from the peer
+e57: Unknown error
+e58: Problem with the local SSL certificate
+e59: Couldn't use specified SSL cipher
+e60: Peer certificate cannot be authenticated with given CA certificates
+e61: Unrecognized or bad HTTP Content or Transfer-Encoding
+e62: Invalid LDAP URL
+e63: Maximum file size exceeded
+e64: Requested SSL level failed
+e65: Send failed since rewinding of the data stream failed
+e66: Failed to initialise SSL crypto engine
+e67: Login denied
+e68: TFTP: File Not Found
+e69: TFTP: Access Violation
+e70: Disk full or allocation exceeded
+e71: TFTP: Illegal operation
+e72: TFTP: Unknown transfer ID
+e73: Remote file already exists
+e74: TFTP: No such user
+e75: Conversion failed
+e76: Caller must register CURLOPT_CONV_ callback options
+e77: Problem with the SSL CA cert (path? access rights?)
+e78: Remote file not found
+e79: Error in the SSH layer
+e80: Failed to shut down the SSL connection
+e81: Socket not ready for send/recv
+e82: Failed to load CRL file (path? access rights?, format?)
+e83: Issuer check against peer certificate failed
+e84: FTP: The server did not accept the PRET command.
+e85: RTSP CSeq mismatch or invalid CSeq
+e86: RTSP session error
+e87: Unable to parse FTP file list
+e88: Chunk callback failed
+e89: The max connection limit is reached
+e90: SSL public key does not match pinned public key
+e91: SSL server certificate status verification FAILED
+e92: Stream error in the HTTP/2 framing layer
+e93: Unknown error
+m-1: Please call curl_multi_perform() soon
+m0: No error
+m1: Invalid multi handle
+m2: Invalid easy handle
+m3: Out of memory
+m4: Internal error
+m5: Invalid socket argument
+m6: Unknown option
+m7: The easy handle is already added to a multi handle
+m8: Unknown error
+s0: No error
+s1: Unknown share option
+s2: Share currently in use
+s3: Invalid share handle
+s4: Out of memory
+s5: Feature not enabled in this library
+s6: CURLSHcode unknown
+</stdout>
+</verify>
+
+</testcase>
diff --git a/tests/data/test1540 b/tests/data/test1540
new file mode 100644
index 000000000..1c1cf5db5
--- /dev/null
+++ b/tests/data/test1540
@@ -0,0 +1,64 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+CURLPAUSE_RECV
+chunked Transfer-Encoding
+Trailer:
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK swsclose
+Transfer-Encoding: chunked
+Trailer: MyCoolTrailerHeader
+
+4
+data
+5
+d474
+
+0
+MyCoolTrailerHeader: amazingtrailer
+
+</data>
+<datacheck>
+HTTP/1.1 200 OK swsclose
+Transfer-Encoding: chunked
+Trailer: MyCoolTrailerHeader
+
+Got 4 bytes but pausing!
+datad474
+MyCoolTrailerHeader: amazingtrailer
+</datacheck>
+
+</reply>
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+lib1540
+</tool>
+ <name>
+chunked with trailers and pausing the receive
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/1540
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+GET /1540 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test155 b/tests/data/test155
index 46f890fca..b6451ec2e 100644
--- a/tests/data/test155
+++ b/tests/data/test155
@@ -125,7 +125,7 @@ Content-Length: 0
PUT /155 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6
zlib/1.1.3
Accept: */*
Content-Length: 85
diff --git a/tests/data/test1550 b/tests/data/test1550
new file mode 100644
index 000000000..b78756e9a
--- /dev/null
+++ b/tests/data/test1550
@@ -0,0 +1,29 @@
+<testcase>
+<info>
+<keywords>
+multi
+</keywords>
+</info>
+
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+none
+</server>
+# tool is what to use instead of 'curl'
+<tool>
+lib1550
+</tool>
+
+ <name>
+verify setting pipeling blacklisting options
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/1550
+</command>
+</client>
+</testcase>
diff --git a/tests/data/test1551 b/tests/data/test1551
new file mode 100644
index 000000000..507266a85
--- /dev/null
+++ b/tests/data/test1551
@@ -0,0 +1,72 @@
+<testcase>
+<info>
+<keywords>
+multi
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data>
+HTTP/1.1 302 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 6
+Location: /15510002
+
+-foo-
+</data>
+<data2>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 11
+
+redirected
+</data2>
+<datacheck>
+redirected
+redirected
+</datacheck>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+# tool is what to use instead of 'curl'
+<tool>
+lib1551
+</tool>
+
+ <name>
+re-run redirected transfer without setting URL again
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/1551
+</command>
+</client>
+
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1551 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /15510002 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /1551 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /15510002 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1606 b/tests/data/test1606
new file mode 100644
index 000000000..15488d407
--- /dev/null
+++ b/tests/data/test1606
@@ -0,0 +1,26 @@
+<testcase>
+<info>
+<keywords>
+unittest
+speedcheck
+</keywords>
+</info>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+<features>
+unittest
+</features>
+ <name>
+verify speedcheck
+ </name>
+<tool>
+unit1606
+</tool>
+</client>
+
+</testcase>
diff --git a/tests/data/test165 b/tests/data/test165
index ddfe1e9dc..b9a1ed786 100644
--- a/tests/data/test165
+++ b/tests/data/test165
@@ -31,13 +31,17 @@ http
idn
</features>
<setenv>
-CHARSET=ISO8859-1
+LC_ALL=
+LC_CTYPE=en_US.UTF-8
</setenv>
+<precheck>
+perl -MI18N::Langinfo=langinfo,CODESET -e 'die "Needs a UTF-8 locale" if
(lc(langinfo(CODESET())) ne "utf-8");'
+</precheck>
<name>
HTTP over proxy with IDN host name
</name>
<command>
-http://www.���.se/page/165 -x %HOSTIP:%HTTPPORT
+http://www.åäö.se/page/165 -x %HOSTIP:%HTTPPORT http://www.große.de/page/165
</command>
</client>
@@ -53,6 +57,11 @@ Host: www.xn--4cab6c.se
Accept: */*
Proxy-Connection: Keep-Alive
+GET http://www.xn--groe-xna.de/page/165 HTTP/1.1
+Host: www.xn--groe-xna.de
+Accept: */*
+Proxy-Connection: Keep-Alive
+
</protocol>
</verify>
</testcase>
diff --git a/tests/data/test169 b/tests/data/test169
index 73ca9bd20..c1f1b376c 100644
--- a/tests/data/test169
+++ b/tests/data/test169
@@ -112,7 +112,7 @@ Proxy-Connection: Keep-Alive
GET http://data.from.server.requiring.digest.hohoho.com/169 HTTP/1.1
Host: data.from.server.requiring.digest.hohoho.com
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.12.0-CVS (i686-pc-linux-gnu) libcurl/7.12.0-CVS
OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.3
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test1800 b/tests/data/test1800
index 96a6c1461..011018400 100644
--- a/tests/data/test1800
+++ b/tests/data/test1800
@@ -48,7 +48,7 @@ Host: %HOSTIP:%HTTPPORT
Accept: */*
Connection: Upgrade, HTTP2-Settings
Upgrade: %H2CVER
-HTTP2-Settings: AAMAAABkAAQAAP__
+HTTP2-Settings: AAMAAABkAARAAAAAAAIAAAAA
</protocol>
</verify>
diff --git a/tests/data/test1801 b/tests/data/test1801
index 16ee12d42..b827ab51e 100644
--- a/tests/data/test1801
+++ b/tests/data/test1801
@@ -58,7 +58,7 @@ Host: %HOSTIP:%HTTPPORT
Accept: */*
Connection: Upgrade, HTTP2-Settings
Upgrade: %H2CVER
-HTTP2-Settings: AAMAAABkAAQAAP__
+HTTP2-Settings: AAMAAABkAARAAAAAAAIAAAAA
</protocol>
# CURLE_HTTP2: Send failure: Broken pipe
diff --git a/tests/data/test1900 b/tests/data/test1900
index 04c59a826..2e3c93a0d 100644
--- a/tests/data/test1900
+++ b/tests/data/test1900
@@ -42,9 +42,9 @@ lib1900
HTTP GET using pipelining
</name>
<command>
-http://%HOSTIP:%HTTPPIPEPORT/
+http://%HOSTIP:%HTTPPIPEPORT/ log/urls1900.txt
</command>
-<file name="log/urls.txt">
+<file name="log/urls1900.txt">
0 1k.txt
1000 100k.txt
0 1k.txt
diff --git a/tests/data/test1901 b/tests/data/test1901
index 17c04d14e..83cdf7290 100644
--- a/tests/data/test1901
+++ b/tests/data/test1901
@@ -43,9 +43,9 @@ lib1900
HTTP GET using pipelining, blacklisted site
</name>
<command>
-http://%HOSTIP:%HTTPPIPEPORT/
+http://%HOSTIP:%HTTPPIPEPORT/ log/urls1901.txt
</command>
-<file name="log/urls.txt">
+<file name="log/urls1901.txt">
blacklist_site 127.0.0.1:%HTTPPIPEPORT
0 1k.txt
1000 100k.txt
diff --git a/tests/data/test1902 b/tests/data/test1902
index 533ed55a8..3c999316b 100644
--- a/tests/data/test1902
+++ b/tests/data/test1902
@@ -43,9 +43,9 @@ lib1900
HTTP GET using pipelining, broken pipe
</name>
<command>
-http://%HOSTIP:%HTTPPIPEPORT/
+http://%HOSTIP:%HTTPPIPEPORT/ log/urls1902.txt
</command>
-<file name="log/urls.txt">
+<file name="log/urls1902.txt">
0 1k.txt
1000 connection_close.txt
1 1k.txt
diff --git a/tests/data/test1903 b/tests/data/test1903
index c72561838..219ffe11c 100644
--- a/tests/data/test1903
+++ b/tests/data/test1903
@@ -43,9 +43,9 @@ lib1900
HTTP GET using pipelining, penalized on content-length
</name>
<command>
-http://%HOSTIP:%HTTPPIPEPORT/
+http://%HOSTIP:%HTTPPIPEPORT/ log/urls1903.txt
</command>
-<file name="log/urls.txt">
+<file name="log/urls1903.txt">
0 1k.txt
1000 100k.txt
550 alphabet.txt
diff --git a/tests/data/test199 b/tests/data/test199
index 881ee03a0..72675b535 100644
--- a/tests/data/test199
+++ b/tests/data/test199
@@ -8,7 +8,7 @@ globbing
</info>
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test2031 b/tests/data/test2031
index bd5aa0745..23b1a521d 100644
--- a/tests/data/test2031
+++ b/tests/data/test2031
@@ -40,7 +40,7 @@ WWW-Authenticate: NTLM
This is a bad password page!
</data1102>
-<!-- Second request has NTML auth, right password -->
+<!-- Second request has NTLM auth, right password -->
<data200>
HTTP/1.1 401 Need NTLM auth (2)
Server: Microsoft-IIS/5.0
diff --git a/tests/data/test2032 b/tests/data/test2032
index f708665e6..94e1f2332 100644
--- a/tests/data/test2032
+++ b/tests/data/test2032
@@ -5,6 +5,7 @@ HTTP
HTTP GET
HTTP Basic auth
HTTP NTLM auth
+flaky
</keywords>
</info>
# Server-side
@@ -22,7 +23,7 @@ WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data100>
-<!-- NTML auth -->
+<!-- NTLM auth -->
<data200>
HTTP/1.1 401 Need Basic or NTLM auth (2)
Server: Microsoft-IIS/5.0
@@ -54,34 +55,9 @@ Finally, this is the real page!
</data1202>
<datacheck>
-HTTP/1.1 401 Need Basic or NTLM auth
-Server: Microsoft-IIS/5.0
-Content-Type: text/html; charset=iso-8859-1
-Content-Length: 29
-WWW-Authenticate: NTLM
-WWW-Authenticate: Basic realm="testrealm"
-
-This is a bad password page!
-HTTP/1.1 401 Need Basic or NTLM auth
-Server: Microsoft-IIS/5.0
-Content-Type: text/html; charset=iso-8859-1
-Content-Length: 29
-WWW-Authenticate: NTLM
-WWW-Authenticate: Basic realm="testrealm"
-
-This is a bad password page!
-HTTP/1.1 401 NTLM intermediate (2)
-Server: Microsoft-IIS/5.0
-Content-Type: text/html; charset=iso-8859-1
-Content-Length: 33
-WWW-Authenticate: NTLM
TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
-
-HTTP/1.1 200 Things are fine in server land
-Server: Microsoft-IIS/5.0
-Content-Type: text/html; charset=iso-8859-1
-Content-Length: 32
-
-Finally, this is the real page!
+Data connection 0: 228
+Data connection 1: 228
+Data connection 2: 402
</datacheck>
</reply>
diff --git a/tests/data/test2033 b/tests/data/test2033
index 6c41700a6..36d30e7fa 100644
--- a/tests/data/test2033
+++ b/tests/data/test2033
@@ -6,6 +6,7 @@ HTTP GET
HTTP Basic auth
HTTP NTLM auth
pipelining
+flaky
</keywords>
</info>
# Server-side
@@ -23,7 +24,7 @@ WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data100>
-<!-- NTML auth -->
+<!-- NTLM auth -->
<data200>
HTTP/1.1 401 Need Basic or NTLM auth (2)
Server: Microsoft-IIS/5.0
@@ -55,34 +56,9 @@ Finally, this is the real page!
</data1202>
<datacheck>
-HTTP/1.1 401 Need Basic or NTLM auth
-Server: Microsoft-IIS/5.0
-Content-Type: text/html; charset=iso-8859-1
-Content-Length: 29
-WWW-Authenticate: NTLM
-WWW-Authenticate: Basic realm="testrealm"
-
-This is a bad password page!
-HTTP/1.1 401 Need Basic or NTLM auth
-Server: Microsoft-IIS/5.0
-Content-Type: text/html; charset=iso-8859-1
-Content-Length: 29
-WWW-Authenticate: NTLM
-WWW-Authenticate: Basic realm="testrealm"
-
-This is a bad password page!
-HTTP/1.1 401 NTLM intermediate (2)
-Server: Microsoft-IIS/5.0
-Content-Type: text/html; charset=iso-8859-1
-Content-Length: 33
-WWW-Authenticate: NTLM
TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
-
-HTTP/1.1 200 Things are fine in server land
-Server: Microsoft-IIS/5.0
-Content-Type: text/html; charset=iso-8859-1
-Content-Length: 32
-
-Finally, this is the real page!
+Data connection 0: 228
+Data connection 1: 228
+Data connection 2: 402
</datacheck>
</reply>
diff --git a/tests/data/test2046 b/tests/data/test2046
index 133c14d73..dcd202f04 100644
--- a/tests/data/test2046
+++ b/tests/data/test2046
@@ -41,8 +41,12 @@ http
idn
</features>
<setenv>
-CHARSET=UTF-8
+LC_ALL=
+LC_CTYPE=en_US.UTF-8
</setenv>
+<precheck>
+perl -MI18N::Langinfo=langinfo,CODESET -e 'die "Needs a UTF-8 locale" if
(lc(langinfo(CODESET())) ne "utf-8");'
+</precheck>
<name>
Connection re-use with IDN host name
</name>
diff --git a/tests/data/test2047 b/tests/data/test2047
index 442297801..fc140486b 100644
--- a/tests/data/test2047
+++ b/tests/data/test2047
@@ -42,8 +42,12 @@ http
idn
</features>
<setenv>
-CHARSET=UTF-8
+LC_ALL=
+LC_CTYPE=en_US.UTF-8
</setenv>
+<precheck>
+perl -MI18N::Langinfo=langinfo,CODESET -e 'die "Needs a UTF-8 locale" if
(lc(langinfo(CODESET())) ne "utf-8");'
+</precheck>
<name>
Connection re-use with IDN host name over HTTP proxy
</name>
diff --git a/tests/data/test2048 b/tests/data/test2048
index eb2b1df75..787f584ef 100644
--- a/tests/data/test2048
+++ b/tests/data/test2048
@@ -26,7 +26,7 @@ https Server-localhost-sv.pem
pinnedpubkey no-match must fail even when insecure
</name>
<command>
---insecure --cacert %SRCDIR/certs/EdelCurlRoot-ca.crt --pinnedpubkey
%SRCDIR/certs/Server-localhost.nn-sv.pub.der https://localhost:%HTTPSPORT/2034
+--insecure --cacert %SRCDIR/certs/EdelCurlRoot-ca.crt --pinnedpubkey
%SRCDIR/certs/Server-localhost.nn-sv.pub.der https://localhost:%HTTPSPORT/2048
</command>
</client>
diff --git a/tests/data/test2053 b/tests/data/test2053
new file mode 100644
index 000000000..98e78454e
--- /dev/null
+++ b/tests/data/test2053
@@ -0,0 +1,56 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+CURLOPT_CONNECT_TO
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 3
+Content-Type: text/plain
+
+OK
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+Connect to specific host with IP addresses
+ </name>
+
+ <command>
+http://10.0.0.1:8081/2053 --connect-to 10.0.0.1:8081:%HOSTIP:%HTTPPORT --next
http://[fc00::1]:8082/2053 --connect-to [fc00::1]:8082:%HOSTIP:%HTTPPORT
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /2053 HTTP/1.1
+Host: 10.0.0.1:8081
+Accept: */*
+
+GET /2053 HTTP/1.1
+Host: [fc00::1]:8082
+Accept: */*
+
+</protocol>
+
+</verify>
+</testcase>
diff --git a/tests/data/test2054 b/tests/data/test2054
new file mode 100644
index 000000000..2a0b54ebc
--- /dev/null
+++ b/tests/data/test2054
@@ -0,0 +1,64 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+CURLOPT_CONNECT_TO
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 3
+Content-Type: text/plain
+
+OK
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+Connect to specific host: use the first "connect-to" string that matches
+ </name>
+
+ <command>
+http://%HOSTIP:%HTTPPORT/2054 --connect-to foo::bar: --connect-to :123::456
--next http://www.example.com:%HTTPPORT/2054 --connect-to
www.example.com::%HOSTIP: --connect-to www.example.com::foo: --next
http://%HOSTIP:8083/2054 --connect-to :8083::%HTTPPORT --connect-to :8083::123
--next http://www.example.com:8084/2054 --connect-to
www.example.com:8084:%HOSTIP:%HTTPPORT --connect-to www.example.com:8084:foo:123
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /2054 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /2054 HTTP/1.1
+Host: www.example.com:%HTTPPORT
+Accept: */*
+
+GET /2054 HTTP/1.1
+Host: %HOSTIP:8083
+Accept: */*
+
+GET /2054 HTTP/1.1
+Host: www.example.com:8084
+Accept: */*
+
+</protocol>
+
+</verify>
+</testcase>
diff --git a/tests/data/test2055 b/tests/data/test2055
new file mode 100755
index 000000000..cca44942f
--- /dev/null
+++ b/tests/data/test2055
@@ -0,0 +1,80 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP CONNECT
+HTTP proxy
+proxytunnel
+CURLOPT_CONNECT_TO
+SOCKS5
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<connect>
+HTTP/1.1 200 Connection established
+
+</connect>
+
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 3
+Content-Type: text/plain
+
+OK
+</data>
+
+<datacheck>
+HTTP/1.1 200 Connection established
+
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 3
+Content-Type: text/plain
+
+OK
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+http-proxy
+socks5
+</server>
+ <name>
+Connect to specific host via SOCKS proxy and HTTP proxy (switch to tunnel mode
automatically)
+ </name>
+
+ <command>
+http://www.example.com.2055/2055 --connect-to
::connect.example.com.2055:%HTTPPORT -x %HOSTIP:%PROXYPORT --preproxy
socks5://%HOSTIP:%SOCKSPORT
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<proxy>
+CONNECT connect.example.com.2055:%HTTPPORT HTTP/1.1
+Host: connect.example.com.2055:%HTTPPORT
+Proxy-Connection: Keep-Alive
+
+</proxy>
+<protocol>
+GET /2055 HTTP/1.1
+Host: www.example.com.2055
+Accept: */*
+
+</protocol>
+
+</verify>
+</testcase>
diff --git a/tests/data/test207 b/tests/data/test207
index e44385f18..caff81057 100644
--- a/tests/data/test207
+++ b/tests/data/test207
@@ -5,6 +5,7 @@ HTTP
HTTP GET
CURLE_PARTIAL_FILE
FAILURE
+chunked Transfer-Encoding
</keywords>
</info>
#
@@ -37,7 +38,7 @@
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
http
</server>
<name>
-HTTP GET with chunked Transfer-Encoding closed pre-maturely
+HTTP GET with chunked Transfer-Encoding closed prematurely
</name>
<command>
http://%HOSTIP:%HTTPPORT/207
diff --git a/tests/data/test209 b/tests/data/test209
index 961eba1a2..37c9ad223 100644
--- a/tests/data/test209
+++ b/tests/data/test209
@@ -16,6 +16,7 @@ HTTP proxy NTLM auth
<connect1001>
HTTP/1.1 407 Authorization Required to proxy me my dear
Proxy-Authenticate: NTLM
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 33
And you should ignore this data.
</connect1001>
@@ -52,6 +53,7 @@ Nice proxy auth sir!
<datacheck>
HTTP/1.1 407 Authorization Required to proxy me my dear
Proxy-Authenticate: NTLM
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 33
HTTP/1.1 200 Things are fine in proxy land
Server: Microsoft-IIS/5.0
@@ -108,7 +110,7 @@ Proxy-Connection: Keep-Alive
CONNECT test.remote.example.com.209:%HTTPPORT HTTP/1.1
Host: test.remote.example.com.209:%HTTPPORT
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
Proxy-Connection: Keep-Alive
GET /path/2090002 HTTP/1.1
diff --git a/tests/data/test213 b/tests/data/test213
index edbb6a6f3..93aaf64bb 100644
--- a/tests/data/test213
+++ b/tests/data/test213
@@ -16,6 +16,7 @@ HTTP proxy NTLM auth
<connect1001>
HTTP/1.1 407 Authorization Required to proxy me my dear
Proxy-Authenticate: NTLM
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 33
And you should ignore this data.
</connect1001>
@@ -52,6 +53,7 @@ Nice proxy auth sir!
<datacheck>
HTTP/1.1 407 Authorization Required to proxy me my dear
Proxy-Authenticate: NTLM
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
+Content-Length: 33
HTTP/1.1 200 Things are fine in proxy land
Server: Microsoft-IIS/5.0
@@ -108,7 +110,7 @@ Proxy-Connection: Keep-Alive
CONNECT test.remote.example.com.213:%HTTPPORT HTTP/1.0
Host: test.remote.example.com.213:%HTTPPORT
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
Proxy-Connection: Keep-Alive
POST /path/2130002 HTTP/1.1
diff --git a/tests/data/test216 b/tests/data/test216
index 0c4de0a63..404e9c98a 100644
--- a/tests/data/test216
+++ b/tests/data/test216
@@ -18,7 +18,7 @@ ftp
FTP upload two files to the same dir
</name>
<command>
--T log/upload.216 ftp://%HOSTIP:%FTPPORT/a/path/216/ -T log/upload.216
ftp://%HOSTIP:%FTPPORT/a/path/216/%2e%2eanotherup
+-T log/upload.216 ftp://%HOSTIP:%FTPPORT/a/path/216/ -T log/upload.216
ftp://%HOSTIP:%FTPPORT/a/path/216/%2e%2eanotherup.216
</command>
<file name="log/upload.216">
upload this file twice
@@ -38,7 +38,7 @@ EPSV
TYPE I
STOR upload.216
EPSV
-STOR ..anotherup
+STOR ..anotherup.216
QUIT
</protocol>
</verify>
diff --git a/tests/data/test218 b/tests/data/test218
index c201e77a3..138c4b7b1 100644
--- a/tests/data/test218
+++ b/tests/data/test218
@@ -3,6 +3,7 @@
<keywords>
HTTP
HTTP PUT
+chunked Transfer-Encoding
</keywords>
</info>
#
diff --git a/tests/data/test239 b/tests/data/test239
index 6b92f07f7..e8fcb770d 100644
--- a/tests/data/test239
+++ b/tests/data/test239
@@ -89,7 +89,7 @@ Content-Type: application/x-www-form-urlencoded
POST http://%HOSTIP:%HTTPPORT/239 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS
OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test243 b/tests/data/test243
index 3496055d1..5f8529891 100644
--- a/tests/data/test243
+++ b/tests/data/test243
@@ -118,7 +118,7 @@ Content-Type: application/x-www-form-urlencoded
POST http://%HOSTIP:%HTTPPORT/243 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS
OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test256 b/tests/data/test256
index 2b96ecf3d..17ae807d1 100644
--- a/tests/data/test256
+++ b/tests/data/test256
@@ -29,9 +29,9 @@ http
HTTP resume request over proxy with auth without server supporting it
</name>
<command option="no-output">
--x http://%HOSTIP:%HTTPPORT http://%HOSTIP:%HTTPPORT/want/256 -C -
--no-include -o log/fewl.txt -U daniel:stenberg
+-x http://%HOSTIP:%HTTPPORT http://%HOSTIP:%HTTPPORT/want/256 -C -
--no-include -o log/fewl256.txt -U daniel:stenberg
</command>
-<file name="log/fewl.txt">
+<file name="log/fewl256.txt">
This text is here to simulate a partly downloaded file to resume
download on.
</file>
@@ -56,7 +56,7 @@ Proxy-Connection: Keep-Alive
</protocol>
# the download target file must remain untouched
-<file name="log/fewl.txt">
+<file name="log/fewl256.txt">
This text is here to simulate a partly downloaded file to resume
download on.
</file>
diff --git a/tests/data/test265 b/tests/data/test265
index 1a162b808..17176ddd6 100644
--- a/tests/data/test265
+++ b/tests/data/test265
@@ -19,7 +19,7 @@ Proxy-Authenticate: NTLM
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4
Content-Length: 1033
And you should ignore this data.
-QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
[...]
+QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
[...]
</connect1001>
# This is supposed to be returned when the server gets the second
@@ -111,7 +111,7 @@ Proxy-Connection: Keep-Alive
CONNECT test.remote.example.com.265:%HTTPPORT HTTP/1.1
Host: test.remote.example.com.265:%HTTPPORT
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
Proxy-Connection: Keep-Alive
POST /path/2650002 HTTP/1.1
diff --git a/tests/data/test267 b/tests/data/test267
index 7cc8375a5..7a45d122d 100644
--- a/tests/data/test267
+++ b/tests/data/test267
@@ -97,7 +97,7 @@ Content-Type: application/x-www-form-urlencoded
POST /267 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
Header1: yes
diff --git a/tests/data/test271 b/tests/data/test271
index 06d5a8b43..1557fd0f7 100644
--- a/tests/data/test271
+++ b/tests/data/test271
@@ -27,7 +27,7 @@ tftp
TFTP retrieve
</name>
<command>
-tftp://%HOSTIP:%TFTPPORT//271 --trace-ascii log/traceit
+tftp://%HOSTIP:%TFTPPORT//271
</command>
</client>
diff --git a/tests/data/test283 b/tests/data/test283
index 0dc1270fd..201df9f72 100644
--- a/tests/data/test283
+++ b/tests/data/test283
@@ -17,7 +17,7 @@ tftp
TFTP retrieve on invalid file
</name>
<command>
-tftp://%HOSTIP:%TFTPPORT//invalid-file --trace-ascii log/traceit
--tftp-blksize 1024
+tftp://%HOSTIP:%TFTPPORT//invalid-file --tftp-blksize 1024
</command>
</client>
diff --git a/tests/data/test284 b/tests/data/test284
index 954c90260..9b946ecd5 100644
--- a/tests/data/test284
+++ b/tests/data/test284
@@ -51,7 +51,7 @@ tftp
TFTP retrieve of boundary case 512 byte file
</name>
<command>
-tftp://%HOSTIP:%TFTPPORT//284 --trace-ascii log/traceit
+tftp://%HOSTIP:%TFTPPORT//284
</command>
</client>
diff --git a/tests/data/test285 b/tests/data/test285
index d7a4a3900..09bfe3195 100644
--- a/tests/data/test285
+++ b/tests/data/test285
@@ -16,7 +16,7 @@ tftp
TFTP send
</name>
<command>
--T log/test285.txt tftp://%HOSTIP:%TFTPPORT// --trace-ascii log/traceit
+-T log/test285.txt tftp://%HOSTIP:%TFTPPORT//
</command>
<file name="log/test285.txt">
a chunk of
diff --git a/tests/data/test286 b/tests/data/test286
index b909fd3d5..505352a76 100644
--- a/tests/data/test286
+++ b/tests/data/test286
@@ -16,7 +16,7 @@ tftp
TFTP send of boundary case 512 byte file
</name>
<command>
--T log/test286.txt tftp://%HOSTIP:%TFTPPORT// --trace-ascii log/traceit
+-T log/test286.txt tftp://%HOSTIP:%TFTPPORT//
</command>
<file name="log/test286.txt">
A chunk of data which exactly fits into
diff --git a/tests/data/test31 b/tests/data/test31
index 2289d56d7..54e360a46 100644
--- a/tests/data/test31
+++ b/tests/data/test31
@@ -80,7 +80,7 @@ TZ=GMT
http://%HOSTIP:%HTTPPORT/we/want/31 -b none -c log/jar31.txt
</command>
<precheck>
-perl -e 'if ("%HOSTIP" !~ /127\.0\.0\.1$/) {print "Test only works for HOSTIP
127.0.0.1"; exit(1)}'
+perl -e "print 'Test requires default test server host' if ( '%HOSTIP' ne
'127.0.0.1' );"
</precheck>
</client>
diff --git a/tests/data/test38 b/tests/data/test38
index 848150a33..db257f2f8 100644
--- a/tests/data/test38
+++ b/tests/data/test38
@@ -28,9 +28,9 @@ http
HTTP resume request without server supporting it
</name>
<command option="no-output">
-http://%HOSTIP:%HTTPPORT/want/38 -C - --no-include -o log/fewl.txt
+http://%HOSTIP:%HTTPPORT/want/38 -C - --no-include -o log/fewl38.txt
</command>
-<file name="log/fewl.txt">
+<file name="log/fewl38.txt">
This text is here to simulate a partly downloaded file to resume
download on.
</file>
@@ -53,7 +53,7 @@ Accept: */*
</protocol>
# the download target file must remain untouched
-<file name="log/fewl.txt">
+<file name="log/fewl38.txt">
This text is here to simulate a partly downloaded file to resume
download on.
</file>
diff --git a/tests/data/test47 b/tests/data/test47
index 0a6d4da3b..bd779d346 100644
--- a/tests/data/test47
+++ b/tests/data/test47
@@ -8,7 +8,7 @@ HTTP/1.0
</info>
#
# Server-side
-<reply name="47">
+<reply>
<data>
HTTP/1.0 200 OK swsclose
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test500 b/tests/data/test500
index faf3d7271..56a5c9138 100644
--- a/tests/data/test500
+++ b/tests/data/test500
@@ -7,7 +7,7 @@ HTTP GET
</info>
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test501 b/tests/data/test501
index 9c9dcc9e3..674bc43b4 100644
--- a/tests/data/test501
+++ b/tests/data/test501
@@ -6,7 +6,7 @@ missing URL
</info>
#
# Server-side
-<reply name="1">
+<reply>
</reply>
# Client-side
diff --git a/tests/data/test506 b/tests/data/test506
index f1939fe52..40eee2532 100644
--- a/tests/data/test506
+++ b/tests/data/test506
@@ -41,10 +41,12 @@ Content-Type: text/html
Funny-head: yesyes
Set-Cookie: test4=overwritten4; domain=host.foo.com; expires=Sat May 5 GMT
11:56:27 2035
Set-Cookie: test1=overwritten1; domain=foo.com; expires=Thu Mar 3 GMT 11:56:27
2033
+Set-Cookie: test6=six; domain=.www.host.foo.com; expires=Thu Mar 3 GMT
11:56:27 2033
+Set-Cookie: test6=six_more; expires=Thu Mar 3 GMT 11:56:27 2033
Content-Type: text/html
-Content-Length: 32
+Content-Length: 73
-run 3: overwrite cookie 1 and 4
+run 3: overwrite cookie 1 and 4, set cookie 6 with and without tailmatch
</data3>
</reply>
@@ -53,6 +55,11 @@ run 3: overwrite cookie 1 and 4
<server>
http
</server>
+# don't run this with the threaded-resolver since the events might trigger in
+# a different order!
+<features>
+!threaded-resolver
+</features>
<name>
HTTP with shared cookie list (and dns cache)
</name>
@@ -166,24 +173,28 @@ lock: cookie [Pigs in space]: 60
unlock: cookie [Pigs in space]: 61
lock: cookie [Pigs in space]: 62
unlock: cookie [Pigs in space]: 63
-run 3: overwrite cookie 1 and 4
-lock: dns [Pigs in space]: 64
-unlock: dns [Pigs in space]: 65
-CLEANUP
+lock: cookie [Pigs in space]: 64
+unlock: cookie [Pigs in space]: 65
lock: cookie [Pigs in space]: 66
unlock: cookie [Pigs in space]: 67
-lock: share [Pigs in space]: 68
-unlock: share [Pigs in space]: 69
+run 3: overwrite cookie 1 and 4, set cookie 6 with and without tailmatch
+lock: dns [Pigs in space]: 68
+unlock: dns [Pigs in space]: 69
+CLEANUP
+lock: cookie [Pigs in space]: 70
+unlock: cookie [Pigs in space]: 71
+lock: share [Pigs in space]: 72
+unlock: share [Pigs in space]: 73
CURLOPT_SHARE
-lock: share [Pigs in space]: 70
-unlock: share [Pigs in space]: 71
+lock: share [Pigs in space]: 74
+unlock: share [Pigs in space]: 75
CURLOPT_COOKIELIST ALL
-lock: cookie [Pigs in space]: 72
-unlock: cookie [Pigs in space]: 73
+lock: cookie [Pigs in space]: 76
+unlock: cookie [Pigs in space]: 77
CURLOPT_COOKIEJAR
CURLOPT_COOKIELIST RELOAD
-lock: cookie [Pigs in space]: 74
-unlock: cookie [Pigs in space]: 75
+lock: cookie [Pigs in space]: 78
+unlock: cookie [Pigs in space]: 79
loaded cookies:
-----------------
.host.foo.com TRUE / FALSE 1896263787 injected
yes
@@ -192,19 +203,21 @@ loaded cookies:
.foo.com TRUE / FALSE 1896263787 test3 three
.host.foo.com TRUE / FALSE 2061978987 test4
overwritten4
.host.foo.com TRUE / FALSE 1896263787 test5 five
+ .www.host.foo.com TRUE / FALSE 1993463787 test6 six
+ www.host.foo.com FALSE / FALSE 1993463787 test6 six_more
-----------------
try SHARE_CLEANUP...
-lock: share [Pigs in space]: 76
-unlock: share [Pigs in space]: 77
-SHARE_CLEANUP failed, correct
-CLEANUP
-lock: cookie [Pigs in space]: 78
-unlock: cookie [Pigs in space]: 79
lock: share [Pigs in space]: 80
unlock: share [Pigs in space]: 81
+SHARE_CLEANUP failed, correct
+CLEANUP
+lock: cookie [Pigs in space]: 82
+unlock: cookie [Pigs in space]: 83
+lock: share [Pigs in space]: 84
+unlock: share [Pigs in space]: 85
SHARE_CLEANUP
-lock: share [Pigs in space]: 82
-unlock: share [Pigs in space]: 83
+lock: share [Pigs in space]: 86
+unlock: share [Pigs in space]: 87
GLOBAL_CLEANUP
</stdout>
<stderr>
@@ -221,6 +234,8 @@ http://%HOSTIP:%HTTPPORT/506
.foo.com TRUE / FALSE 1896263787 test3 three
.host.foo.com TRUE / FALSE 2061978987 test4 overwritten4
.host.foo.com TRUE / FALSE 1896263787 test5 five
+.www.host.foo.com TRUE / FALSE 1993463787 test6 six
+www.host.foo.com FALSE / FALSE 1993463787 test6 six_more
</file>
</verify>
</testcase>
diff --git a/tests/data/test510 b/tests/data/test510
index 5ba0a7fe9..a7acbe809 100644
--- a/tests/data/test510
+++ b/tests/data/test510
@@ -3,6 +3,7 @@
<keywords>
HTTP
HTTP POST
+chunked Transfer-Encoding
</keywords>
</info>
diff --git a/tests/data/test517 b/tests/data/test517
index c81a45e0a..513634f15 100644
--- a/tests/data/test517
+++ b/tests/data/test517
@@ -116,6 +116,12 @@ nothing
81: 20111323 12:34:56 => -1
82: 20110623 12:34:79 => -1
83: Wed, 31 Dec 2008 23:59:60 GMT => 1230768000
+84: 20110623 12:3 => 1308830580
+85: 20110623 1:3 => 1308790980
+86: 20110623 1:30 => 1308792600
+87: 20110623 12:12:3 => 1308831123
+88: 20110623 01:12:3 => 1308791523
+89: 20110623 01:99:30 => -1
</stdout>
# This test case previously tested an overflow case ("2094 Nov 6 =>
diff --git a/tests/data/test540 b/tests/data/test540
index 8decaea9d..8391cbe78 100644
--- a/tests/data/test540
+++ b/tests/data/test540
@@ -11,6 +11,9 @@ multi
# Server-side
<reply>
+<servercmd>
+connection-monitor
+</servercmd>
# this is returned first since we get no proxy-auth
<data>
@@ -40,6 +43,10 @@ Content-Length: 21
Server: no
Nice proxy auth sir!
+HTTP/1.1 407 Authorization Required to proxy me my dear
+Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345"
+Content-Length: 33
+
HTTP/1.1 200 OK
Content-Length: 21
Server: no
@@ -88,10 +95,16 @@ Proxy-Connection: Keep-Alive
GET http://test.remote.example.com/path/540 HTTP/1.1
Host: custom.set.host.name
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+GET http://test.remote.example.com/path/540 HTTP/1.1
+Host: custom.set.host.name
Proxy-Authorization: Digest username="silly", realm="weirdorealm",
nonce="12345", uri="/path/540", response="ca507dcf189196b6a5374d3233042261"
Accept: */*
Proxy-Connection: Keep-Alive
+[DISCONNECT]
</protocol>
</verify>
</testcase>
diff --git a/tests/data/test547 b/tests/data/test547
index cee22c6f7..841c3ff74 100644
--- a/tests/data/test547
+++ b/tests/data/test547
@@ -122,7 +122,7 @@ Content-Type: application/x-www-form-urlencoded
POST http://test.remote.example.com/path/547 HTTP/1.1
Host: test.remote.example.com
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS
OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test548 b/tests/data/test548
index 34cf5e2ea..9d1f258a6 100644
--- a/tests/data/test548
+++ b/tests/data/test548
@@ -122,7 +122,7 @@ Content-Type: application/x-www-form-urlencoded
POST http://test.remote.example.com/path/548 HTTP/1.1
Host: test.remote.example.com
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS
OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test552 b/tests/data/test552
index b44ca3455..5d1478bd5 100644
Binary files a/tests/data/test552 and b/tests/data/test552 differ
diff --git a/tests/data/test554 b/tests/data/test554
index fdbd1868b..3419e5e0f 100644
--- a/tests/data/test554
+++ b/tests/data/test554
@@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/554
s/^--------------------------[a-z0-9]*/------------------------------/
s/boundary=------------------------[a-z0-9]*/boundary=----------------------------/
</strippart>
-# Note that the stripping above removes 12 bytes from every occurance of the
+# Note that the stripping above removes 12 bytes from every occurrence of the
# boundary string and since 5 of them are in the body contents, we see
# (5*12) == 60 bytes less
<protocol>
diff --git a/tests/data/test555 b/tests/data/test555
index 0f3bb07fc..3aa2ef14a 100644
--- a/tests/data/test555
+++ b/tests/data/test555
@@ -1,6 +1,6 @@
<testcase>
# NOTE: this test case is a duplicate of 547 but the tool is built to use the
-# multi interface instead of easy, but that shouldn't be noticable at all in
+# multi interface instead of easy, but that shouldn't be noticeable at all in
# this file!
<info>
<keywords>
@@ -131,7 +131,7 @@ Content-Type: application/x-www-form-urlencoded
POST http://test.remote.example.com/path/555 HTTP/1.1
Host: test.remote.example.com
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS
OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test556 b/tests/data/test556
index 55c7c91c3..549b9a4a2 100644
--- a/tests/data/test556
+++ b/tests/data/test556
@@ -8,7 +8,7 @@ HTTP GET
<reply>
<data>
-HTTP/1.1 200 OK
+HTTP/1.1 200 OK swsclose
Server: test-server/fake
Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
Content-Length: 6
diff --git a/tests/data/test557 b/tests/data/test557
index 8d0944a1e..ad9350f6e 100644
--- a/tests/data/test557
+++ b/tests/data/test557
@@ -40,6 +40,7 @@ All curl_mprintf() unsigned long tests OK!
All curl_mprintf() signed long tests OK!
All curl_mprintf() curl_off_t tests OK!
All curl_mprintf() strings tests OK!
+All float strings tests OK!
</stdout>
</verify>
diff --git a/tests/data/test558 b/tests/data/test558
index a1ac7d475..27457ff41 100644
--- a/tests/data/test558
+++ b/tests/data/test558
@@ -41,8 +41,8 @@ FD connect.c: sclose()
MEM lib558.c: malloc()
MEM lib558.c: free()
MEM escape.c: malloc()
-MEM escape.c: realloc()
-MEM escape.c: realloc()
+MEM strdup.c: realloc()
+MEM strdup.c: realloc()
MEM escape.c: free()
</file>
<stripfile>
diff --git a/tests/data/test559 b/tests/data/test559
new file mode 100644
index 000000000..f08a5f8f0
--- /dev/null
+++ b/tests/data/test559
@@ -0,0 +1,50 @@
+<testcase>
+<info>
+<keywords>
+CURLOPT_BUFFERSIZE
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 2049
+Connection: close
+Content-Type: text/html
+Silly-header:
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
[...]
+
+ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
[...]
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+# tool is what to use instead of 'curl'
+<tool>
+lib559
+</tool>
+
+<name>
+use tiny CURLOPT_BUFFERSIZE
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/559
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+</verify>
+
+</testcase>
diff --git a/tests/data/test563 b/tests/data/test563
index 785152319..cecbedc21 100644
--- a/tests/data/test563
+++ b/tests/data/test563
@@ -23,8 +23,8 @@ hello
# Client-side
<client>
<server>
-ftp
http
+ftp
</server>
<tool>
lib562
diff --git a/tests/data/test565 b/tests/data/test565
index 6e215a24d..ae8518c76 100644
--- a/tests/data/test565
+++ b/tests/data/test565
@@ -4,6 +4,7 @@
HTTP
HTTP POST
HTTP Digest auth
+chunked Transfer-Encoding
</keywords>
</info>
#
diff --git a/tests/data/test569 b/tests/data/test569
index c4c62a4c3..ea6cd0bb0 100644
--- a/tests/data/test569
+++ b/tests/data/test569
@@ -66,7 +66,7 @@ lib569
RTSP Session ID parsing
</name>
<command>
-rtsp://%HOSTIP:%RTSPPORT/569 log/idfile.txt
+rtsp://%HOSTIP:%RTSPPORT/569 log/idfile569.txt
</command>
</client>
@@ -100,7 +100,7 @@ CSeq: 6
Session: A
</protocol>
-<file name="log/idfile.txt">
+<file name="log/idfile569.txt">
Got Session ID: [00.+1-am-aSe55ion_id\$yes-i-am\$]
Got Session ID: [\$extraspaces]
Got Session ID: [A]
diff --git a/tests/data/test571 b/tests/data/test571
index 5e138cdf9..494ac416b 100644
--- a/tests/data/test571
+++ b/tests/data/test571
@@ -78,7 +78,7 @@ lib571
RTSP RTP Interleaving Test
</name>
<command>
-rtsp://%HOSTIP:%RTSPPORT/571 log/protofile.txt
+rtsp://%HOSTIP:%RTSPPORT/571 log/protofile571.txt
</command>
</client>
@@ -99,7 +99,7 @@ RTP: message size 85, channel 0
RTP: message size 24, channel 1
</stdout>
-<file name="log/protofile.txt">
+<file name="log/protofile571.txt">
$99
</file>
</verify>
diff --git a/tests/data/test578 b/tests/data/test578
index e4ee4ac17..abbe49a3c 100644
--- a/tests/data/test578
+++ b/tests/data/test578
@@ -7,7 +7,7 @@ HTTP POST
</info>
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test59 b/tests/data/test59
index 1924650f5..9c9601778 100644
--- a/tests/data/test59
+++ b/tests/data/test59
@@ -7,7 +7,7 @@ HTTP GET
</info>
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.0 200 OK swsclose
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test590 b/tests/data/test590
index 55ea4f0e9..48144d40c 100644
--- a/tests/data/test590
+++ b/tests/data/test590
@@ -115,7 +115,7 @@ Proxy-Connection: Keep-Alive
GET http://test.remote.example.com/path/590 HTTP/1.1
Host: test.remote.example.com
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAAAgACAPYAAAAIAAgA+AAAAAAAAAAAAAAABoKBAB3Hr6SDn3NDNkgebbaP88ExMjM0MjIzNFIW4N7aYT44bAIg1jt2blUBAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAbWVjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAAAgACAPYAAAAIAAgA+AAAAAAAAAAAAAAABoKBAPfkdFqeIuYPjDr2ZbNxCag0MzIxNTMyMQjxxEdSYaUsgjpD8o53NrMBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAbWVjdXJsaG9zdA==
User-Agent: curl/7.13.2-CVS (i686-pc-linux-gnu) libcurl/7.13.2-CVS
OpenSSL/0.9.7e zlib/1.2.2 libidn/0.5.13
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test599 b/tests/data/test599
index 9ce8b234c..9a6c41264 100644
--- a/tests/data/test599
+++ b/tests/data/test599
@@ -3,6 +3,7 @@
<keywords>
HTTP
HTTP POST
+chunked Transfer-Encoding
</keywords>
</info>
#
diff --git a/tests/data/test60 b/tests/data/test60
index df9eeee15..0dd717f8d 100644
--- a/tests/data/test60
+++ b/tests/data/test60
@@ -3,6 +3,7 @@
<keywords>
HTTP
HTTP PUT
+chunked Transfer-Encoding
</keywords>
</info>
diff --git a/tests/data/test67 b/tests/data/test67
index b3431111c..739b82c2e 100644
--- a/tests/data/test67
+++ b/tests/data/test67
@@ -93,7 +93,7 @@ Accept: */*
GET /67 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
diff --git a/tests/data/test68 b/tests/data/test68
index acd710fea..239da7815 100644
--- a/tests/data/test68
+++ b/tests/data/test68
@@ -92,7 +92,7 @@ Accept: */*
GET /68 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
diff --git a/tests/data/test69 b/tests/data/test69
index 887a4603f..c0503f7fd 100644
--- a/tests/data/test69
+++ b/tests/data/test69
@@ -114,7 +114,7 @@ Accept: */*
GET /69 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
diff --git a/tests/data/test700 b/tests/data/test700
index ce6f894fd..ac63fa59a 100644
--- a/tests/data/test700
+++ b/tests/data/test700
@@ -9,7 +9,7 @@ SOCKS4
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test701 b/tests/data/test701
index 014aca249..799597f38 100644
--- a/tests/data/test701
+++ b/tests/data/test701
@@ -9,7 +9,7 @@ SOCKS5
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test708 b/tests/data/test708
index 716d9aec0..e8bffc365 100644
--- a/tests/data/test708
+++ b/tests/data/test708
@@ -9,7 +9,7 @@ SOCKS4
#
# Server-side
-<reply name="1">
+<reply>
<data>
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test71 b/tests/data/test71
index b71f969e7..341a0033f 100644
--- a/tests/data/test71
+++ b/tests/data/test71
@@ -31,6 +31,7 @@ HTTP and -F upload in config file
-F name=daniel
-F tool=curl
-F address@hidden/test71.txt
+user-agent = ""
</stdin>
<command>
http://%HOSTIP:%HTTPPORT/we/want/71 -K -
@@ -46,11 +47,10 @@ bar
# Verify data after the test has been "shot"
<verify>
<strip>
-^(User-Agent:|Content-Type: multipart/form-data;|------------).*
+^(Content-Type: multipart/form-data;|------------).*
</strip>
<protocol>
POST /we/want/71 HTTP/1.1
-User-Agent: curl/7.10.4 (i686-pc-linux-gnu) libcurl/7.10.4 OpenSSL/0.9.7a ipv6
zlib/1.1.3
Host: %HOSTIP:%HTTPPORT
Accept: */*
Content-Length: 408
diff --git a/tests/data/test712 b/tests/data/test712
index c62e9f2c5..252c9ef0e 100644
--- a/tests/data/test712
+++ b/tests/data/test712
@@ -6,7 +6,6 @@ FTP
PASV
RETR
SOCKS5
-all_proxy
</keywords>
</info>
#
diff --git a/tests/data/test713 b/tests/data/test713
new file mode 100755
index 000000000..bb79994f5
--- /dev/null
+++ b/tests/data/test713
@@ -0,0 +1,49 @@
+<testcase>
+#based off test 712
+<info>
+<keywords>
+FTP
+PASV
+RETR
+SOCKS5
+CURLOPT_CONNECT_TO
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+<data>
+silly content
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+socks5
+</server>
+ <name>
+FTP fetch with --proxy set to socks5:// and with --connect-to
+ </name>
+ <command>
+ftp://ftp.example.com/713 --connect-to ::%HOSTIP:%FTPPORT --proxy
socks5://%HOSTIP:%SOCKSPORT
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS address@hidden
+PWD
+EPSV
+TYPE I
+SIZE 713
+RETR 713
+QUIT
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test714 b/tests/data/test714
new file mode 100755
index 000000000..efec03227
--- /dev/null
+++ b/tests/data/test714
@@ -0,0 +1,67 @@
+<testcase>
+#based off test 712
+<info>
+<keywords>
+FTP
+PASV
+RETR
+HTTP
+HTTP CONNECT
+proxytunnel
+CURLOPT_CONNECT_TO
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+<connect>
+HTTP/1.1 200 Connection established
+
+</connect>
+
+<data nocheck="yes">
+silly content
+</data>
+
+<datacheck>
+HTTP/1.1 200 Connection established
+
+HTTP/1.1 200 Connection established
+
+silly content
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+http-proxy
+</server>
+<features>
+http
+</features>
+ <name>
+FTP fetch with --proxy set to http:// and with --connect-to
+ </name>
+ <command>
+ftp://ftp.example.com.714/714 --connect-to ::connect.example.com.714:%FTPPORT
--proxytunnel --proxy http://%HOSTIP:%PROXYPORT
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS address@hidden
+PWD
+EPSV
+TYPE I
+SIZE 714
+RETR 714
+QUIT
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test715 b/tests/data/test715
new file mode 100755
index 000000000..56936b946
--- /dev/null
+++ b/tests/data/test715
@@ -0,0 +1,69 @@
+<testcase>
+#based off test 712
+<info>
+<keywords>
+FTP
+PASV
+RETR
+HTTP
+HTTP CONNECT
+proxytunnel
+SOCKS5
+CURLOPT_CONNECT_TO
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+<connect>
+HTTP/1.1 200 Connection established
+
+</connect>
+
+<data nocheck="yes">
+silly content
+</data>
+
+<datacheck>
+HTTP/1.1 200 Connection established
+
+HTTP/1.1 200 Connection established
+
+silly content
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+http-proxy
+socks5
+</server>
+<features>
+http
+</features>
+ <name>
+FTP fetch with --preproxy, --proxy and --connect-to
+ </name>
+ <command>
+ftp://ftp.example.com.715/715 --connect-to ::connect.example.com.715:%FTPPORT
--proxytunnel --proxy %HOSTIP:%PROXYPORT --preproxy socks5://%HOSTIP:%SOCKSPORT
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS address@hidden
+PWD
+EPSV
+TYPE I
+SIZE 715
+RETR 715
+QUIT
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test81 b/tests/data/test81
index dc054d293..7483bfb34 100644
--- a/tests/data/test81
+++ b/tests/data/test81
@@ -93,7 +93,7 @@ Proxy-Connection: Keep-Alive
GET http://%HOSTIP:%HTTPPORT/81 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Proxy-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
Proxy-Connection: Keep-Alive
diff --git a/tests/data/test822 b/tests/data/test822
index 65ac43e5c..a6c0407e6 100644
--- a/tests/data/test822
+++ b/tests/data/test822
@@ -14,7 +14,7 @@ SASL AUTH NTLM
AUTH NTLM
REPLY AUTHENTICATE +
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
-REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
A002 OK AUTHENTICATE completed
+REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
A002 OK AUTHENTICATE completed
</servercmd>
<data>
From: address@hidden
@@ -62,7 +62,7 @@ chkhostname curlhost
A001 CAPABILITY
A002 AUTHENTICATE NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
-TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
A003 SELECT 822
A004 FETCH 1 BODY[]
A005 LOGOUT
diff --git a/tests/data/test823 b/tests/data/test823
index 6f8249b1f..25c59ec60 100644
--- a/tests/data/test823
+++ b/tests/data/test823
@@ -14,7 +14,7 @@ RFC2831
<servercmd>
AUTH DIGEST-MD5
REPLY AUTHENTICATE +
cmVhbG09ImN1cmwiLG5vbmNlPSI1MzAwZDE3YTFkNjk1YmQ0MTFlNGNkZjk2Zjk1NDhjMjNjZWQ2MTc1IixhbGdvcml0aG09bWQ1LXNlc3MscW9wPSJhdXRoIg==
-REPLY
dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM0MzMzMjMyMzQzMzMyMzMzNDMzMzIzNCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJpbWFwL2N1cmwiLHJlc3BvbnNlPWJlYjMzYmY2MWFhMDgzNzZmZWE4ZjJkM2MwODliMjFmLHFvcD1hdXRo
+
+REPLY
dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJpbWFwL2N1cmwiLHJlc3BvbnNlPTVlNzk5N2ZhZDZjMzNiZWJmZjk3OWJkY2I4ZmU3MTZiLHFvcD1hdXRo
+
REPLY A002 OK AUTHENTICATE completed
</servercmd>
<data>
@@ -53,7 +53,7 @@ IMAP DIGEST-MD5 authentication
<protocol>
A001 CAPABILITY
A002 AUTHENTICATE DIGEST-MD5
-dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM0MzMzMjMyMzQzMzMyMzMzNDMzMzIzNCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJpbWFwL2N1cmwiLHJlc3BvbnNlPWJlYjMzYmY2MWFhMDgzNzZmZWE4ZjJkM2MwODliMjFmLHFvcD1hdXRo
+dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJpbWFwL2N1cmwiLHJlc3BvbnNlPTVlNzk5N2ZhZDZjMzNiZWJmZjk3OWJkY2I4ZmU3MTZiLHFvcD1hdXRo
A003 SELECT 823
A004 FETCH 1 BODY[]
diff --git a/tests/data/test827 b/tests/data/test827
index 778e76587..5005271e1 100644
--- a/tests/data/test827
+++ b/tests/data/test827
@@ -15,7 +15,7 @@ SASL-IR
AUTH NTLM
CAPA SASL-IR
REPLY AUTHENTICATE +
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
-REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
A002 OK AUTHENTICATE completed
+REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
A002 OK AUTHENTICATE completed
</servercmd>
<data>
From: address@hidden
@@ -62,7 +62,7 @@ chkhostname curlhost
<protocol>
A001 CAPABILITY
A002 AUTHENTICATE NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
-TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
A003 SELECT 827
A004 FETCH 1 BODY[]
A005 LOGOUT
diff --git a/tests/data/test842 b/tests/data/test842
index b98d5a25e..d5aabbca8 100644
--- a/tests/data/test842
+++ b/tests/data/test842
@@ -40,7 +40,7 @@ IMAP OAuth 2.0 (OAUTHBEARER) authentication
<command>
'imap://%HOSTIP:%IMAPPORT/842/;UID=1' -u user --oauth2-bearer mF_9.B5f-4.1JqM
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%IMAPPORT' ne '9003' );"
diff --git a/tests/data/test843 b/tests/data/test843
index 266aaa7c4..a1c31a454 100644
--- a/tests/data/test843
+++ b/tests/data/test843
@@ -41,7 +41,7 @@ IMAP OAuth 2.0 (OAUTHBEARER) authentication with initial
response
<command>
'imap://%HOSTIP:%IMAPPORT/843/;UID=1' -u user --oauth2-bearer mF_9.B5f-4.1JqM
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%IMAPPORT' ne '9003' );"
diff --git a/tests/data/test844 b/tests/data/test844
index 4acd66726..055a9d2f4 100644
--- a/tests/data/test844
+++ b/tests/data/test844
@@ -32,7 +32,7 @@ IMAP OAuth 2.0 (OAUTHBEARER) failure as continuation
<command>
'imap://%HOSTIP:%IMAPPORT/844/;UID=1' -u user --oauth2-bearer mF_9.B5f-4.1JqM
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%IMAPPORT' ne '9003' );"
diff --git a/tests/data/test845 b/tests/data/test845
index 152ab5827..e23b3d69e 100644
--- a/tests/data/test845
+++ b/tests/data/test845
@@ -33,7 +33,7 @@ IMAP OAuth 2.0 (OAUTHBEARER) failure as continuation with
initial response
<command>
'imap://%HOSTIP:%IMAPPORT/845/;UID=1' -u user --oauth2-bearer mF_9.B5f-4.1JqM
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%IMAPPORT' ne '9003' );"
diff --git a/tests/data/test864 b/tests/data/test864
index 9ad98f7ee..ebdebd671 100644
--- a/tests/data/test864
+++ b/tests/data/test864
@@ -11,7 +11,7 @@ APOP
<reply>
<servercmd>
CAPA APOP
-REPLY welcome +OK cURL POP3 server ready to serve <address@hidden>
+REPLY welcome +OK curl POP3 server ready to serve <address@hidden>
</servercmd>
<data>
From: address@hidden
diff --git a/tests/data/test868 b/tests/data/test868
index 591bd5090..30426fb65 100644
--- a/tests/data/test868
+++ b/tests/data/test868
@@ -16,7 +16,7 @@ RFC5034
AUTH NTLM
REPLY AUTH +
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
-REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+OK Login successful
+REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+OK Login successful
</servercmd>
<data>
From: address@hidden
@@ -64,7 +64,7 @@ chkhostname curlhost
CAPA
AUTH NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
-TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
RETR 868
QUIT
</protocol>
diff --git a/tests/data/test869 b/tests/data/test869
index cba33b358..ecc422cab 100644
--- a/tests/data/test869
+++ b/tests/data/test869
@@ -16,7 +16,7 @@ RFC5034
<servercmd>
AUTH DIGEST-MD5
REPLY AUTH +
cmVhbG09ImN1cmwiLG5vbmNlPSI1MzAwZDE3YTFkNjk1YmQ0MTFlNGNkZjk2Zjk1NDhjMjNjZWQ2MTc1IixhbGdvcml0aG09bWQ1LXNlc3MscW9wPSJhdXRoIg==
-REPLY
dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM0MzMzMjMyMzQzMzMyMzMzNDMzMzIzNCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvY3VybCIscmVzcG9uc2U9MDE2MTNmOWEwNTgxODNmYTc2NmFkNWEwOThiNmE3MTUscW9wPWF1dGg=
+
+REPLY
dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvY3VybCIscmVzcG9uc2U9YzNhMGFiZTc5NDYyNTIyNGY5Njg3YTYzMTc3ZmRhNWIscW9wPWF1dGg=
+
REPLY +OK Login successful
</servercmd>
<data>
@@ -55,7 +55,7 @@ pop3://%HOSTIP:%POP3PORT/869 -u user:secret
<protocol>
CAPA
AUTH DIGEST-MD5
-dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM0MzMzMjMyMzQzMzMyMzMzNDMzMzIzNCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvY3VybCIscmVzcG9uc2U9MDE2MTNmOWEwNTgxODNmYTc2NmFkNWEwOThiNmE3MTUscW9wPWF1dGg=
+dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvY3VybCIscmVzcG9uc2U9YzNhMGFiZTc5NDYyNTIyNGY5Njg3YTYzMTc3ZmRhNWIscW9wPWF1dGg=
RETR 869
QUIT
diff --git a/tests/data/test87 b/tests/data/test87
index 5e6aef306..ee5be78cb 100644
--- a/tests/data/test87
+++ b/tests/data/test87
@@ -40,7 +40,7 @@ http
urlglob with out of range -o #[num] usage
</name>
<command option="no-output">
-"http://%HOSTIP:%HTTPPORT/[870001-870002]"; -o "log/dumpit#2.dump"
+"http://%HOSTIP:%HTTPPORT/[870001-870002]"; -o "log/dumpit87-#2.dump"
</command>
</client>
@@ -50,7 +50,7 @@ urlglob with out of range -o #[num] usage
# survives
#
<verify>
-<file name="log/dumpit#2.dump">
+<file name="log/dumpit87-#2.dump">
HTTP/1.1 200 OK
Funny-head: yesyes
Content-Length: 16
diff --git a/tests/data/test873 b/tests/data/test873
index a91b36085..448e8e207 100644
--- a/tests/data/test873
+++ b/tests/data/test873
@@ -16,7 +16,7 @@ RFC5034
<servercmd>
AUTH NTLM
REPLY AUTH +
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
-REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+OK Login successful
+REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+OK Login successful
</servercmd>
<data>
From: address@hidden
@@ -63,7 +63,7 @@ chkhostname curlhost
<protocol>
CAPA
AUTH NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
-TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
RETR 873
QUIT
</protocol>
diff --git a/tests/data/test887 b/tests/data/test887
index b39dc21cc..fed4e3d92 100644
--- a/tests/data/test887
+++ b/tests/data/test887
@@ -42,7 +42,7 @@ POP3 OAuth 2.0 (OAUTHBEARER) authentication
<command>
pop3://%HOSTIP:%POP3PORT/887 -u user --oauth2-bearer mF_9.B5f-4.1JqM
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%POP3PORT' ne '9001' );"
diff --git a/tests/data/test888 b/tests/data/test888
index 1a359df22..c52974f19 100644
--- a/tests/data/test888
+++ b/tests/data/test888
@@ -42,7 +42,7 @@ POP3 OAuth 2.0 (OAUTHBEARER) authentication with initial
response
<command>
pop3://%HOSTIP:%POP3PORT/888 -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%POP3PORT' ne '9001' );"
diff --git a/tests/data/test889 b/tests/data/test889
index 5fbd0ca8a..da26a3729 100644
--- a/tests/data/test889
+++ b/tests/data/test889
@@ -34,7 +34,7 @@ POP3 OAuth 2.0 (OAUTHBEARER) failure as continuation
<command>
pop3://%HOSTIP:%POP3PORT/889 -u user --oauth2-bearer mF_9.B5f-4.1JqM
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%POP3PORT' ne '9001' );"
diff --git a/tests/data/test89 b/tests/data/test89
index c7f69a2b0..1443a9761 100644
--- a/tests/data/test89
+++ b/tests/data/test89
@@ -126,7 +126,7 @@ Accept: */*
GET /89 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
@@ -138,7 +138,7 @@ Accept: */*
GET /you/890010 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBALIBPdoGahtQQ8gQ7TJrKTYzMjM0NDIzNBFnpKw8B1BLcb456sVeozgBAQAAAAAAAACAPtXesZ0BMzIzNDQyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAOv8cm3wOKJ5nhWWScOgdUI2MzIxNzMyMVgNcU0f3zxHeccvitN7zHkBAQAAAAAAAACAPtXesZ0BNjMyMTczMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.8-pre1 (i686-pc-linux-gnu) libcurl/7.10.8-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3 GSS
Accept: */*
diff --git a/tests/data/test890 b/tests/data/test890
index 6392dfa01..30aa0b232 100644
--- a/tests/data/test890
+++ b/tests/data/test890
@@ -34,7 +34,7 @@ POP3 OAuth 2.0 (OAUTHBEARER) failure as continuation with
initial response
<command>
pop3://%HOSTIP:%POP3PORT/890 -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%POP3PORT' ne '9001' );"
diff --git a/tests/data/test90 b/tests/data/test90
index 3b1231a31..f18e3dfa0 100644
--- a/tests/data/test90
+++ b/tests/data/test90
@@ -168,7 +168,7 @@ Accept: */*
GET /90 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
@@ -184,7 +184,7 @@ Accept: */*
GET /you/900010 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBALIBPdoGahtQQ8gQ7TJrKTYzMjM0NDIzNBFnpKw8B1BLcb456sVeozgBAQAAAAAAAACAPtXesZ0BMzIzNDQyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAOv8cm3wOKJ5nhWWScOgdUI2MzIxNzMyMVgNcU0f3zxHeccvitN7zHkBAQAAAAAAAACAPtXesZ0BNjMyMTczMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
User-Agent: curl/7.10.8-pre1 (i686-pc-linux-gnu) libcurl/7.10.8-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3 GSS
Accept: */*
diff --git a/tests/data/test906 b/tests/data/test906
index 3c04d15e0..677456138 100644
--- a/tests/data/test906
+++ b/tests/data/test906
@@ -15,7 +15,7 @@ RFC4954
AUTH NTLM
REPLY AUTH 334 NTLM supported
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 334
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
-REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
235 Authenticated
+REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
235 Authenticated
</servercmd>
</reply>
@@ -57,7 +57,7 @@ chkhostname curlhost
EHLO 906
AUTH NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
-TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
MAIL FROM:<address@hidden>
RCPT TO:<address@hidden>
DATA
diff --git a/tests/data/test907 b/tests/data/test907
index 65c87b40b..c19e1e11e 100644
--- a/tests/data/test907
+++ b/tests/data/test907
@@ -15,7 +15,7 @@ RFC4954
<servercmd>
AUTH DIGEST-MD5
REPLY AUTH 334
cmVhbG09ImN1cmwiLG5vbmNlPSI1MzAwZDE3YTFkNjk1YmQ0MTFlNGNkZjk2Zjk1NDhjMjNjZWQ2MTc1IixhbGdvcml0aG09bWQ1LXNlc3MscW9wPSJhdXRoIg==
-REPLY
dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM0MzMzMjMyMzQzMzMyMzMzNDMzMzIzNCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJzbXRwL2N1cmwiLHJlc3BvbnNlPWJkYmExNzYwOGY4NmMyZjEzYTczMTM1NzdkZjkyMzNkLHFvcD1hdXRo
334
+REPLY
dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJzbXRwL2N1cmwiLHJlc3BvbnNlPTk0M2YxNjk1OWYxY2M2ZjA3ZTZmMDk0ZjVkYmQ0NzNlLHFvcD1hdXRo
334
REPLY 235 Authenticated
</servercmd>
</reply>
@@ -48,7 +48,7 @@ smtp://%HOSTIP:%SMTPPORT/907 --mail-rcpt address@hidden
--mail-from sende
<protocol>
EHLO 907
AUTH DIGEST-MD5
-dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM0MzMzMjMyMzQzMzMyMzMzNDMzMzIzNCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJzbXRwL2N1cmwiLHJlc3BvbnNlPWJkYmExNzYwOGY4NmMyZjEzYTczMTM1NzdkZjkyMzNkLHFvcD1hdXRo
+dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJzbXRwL2N1cmwiLHJlc3BvbnNlPTk0M2YxNjk1OWYxY2M2ZjA3ZTZmMDk0ZjVkYmQ0NzNlLHFvcD1hdXRo
MAIL FROM:<address@hidden>
RCPT TO:<address@hidden>
diff --git a/tests/data/test91 b/tests/data/test91
index 35195ad37..cd281425e 100644
--- a/tests/data/test91
+++ b/tests/data/test91
@@ -115,7 +115,7 @@ Accept: */*
GET /91 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
-Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAgACAD2AAAABgAGAP4AAAAIAAgABAEAAAAAAAAAAAAABoKBAI9byKoy6qyyS+1JCYN1XYoxMjM0MjIzNEYCr85trkciZ2j/7/T8MmUBAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAbXlkb21haW5teXNlbGZjdXJsaG9zdA==
+Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAgACAD2AAAABgAGAP4AAAAIAAgABAEAAAAAAAAAAAAABoKBALJ3z6fQtyQwuFxoPXldKtQ0MzIxNTMyMWnrkzKLCbw9LP1SuH/yJwABAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAbXlkb21haW5teXNlbGZjdXJsaG9zdA==
User-Agent: curl/7.10.6-pre1 (i686-pc-linux-gnu) libcurl/7.10.6-pre1
OpenSSL/0.9.7a ipv6 zlib/1.1.3
Accept: */*
diff --git a/tests/data/test921 b/tests/data/test921
index 91a7c6f4f..e11fe4fbc 100644
--- a/tests/data/test921
+++ b/tests/data/test921
@@ -15,7 +15,7 @@ RFC4954
<servercmd>
AUTH NTLM
REPLY AUTH 334
TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==
-REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
235 Authenticated
+REPLY
TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
235 Authenticated
</servercmd>
</reply>
@@ -56,7 +56,7 @@ chkhostname curlhost
<protocol>
EHLO 921
AUTH NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
-TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAL9LNW5+nkyHZRmyFaL/LJ4xMjM0MjIzNGUCyhgQ9hw6eWAT13EbDa0BAQAAAAAAAACAPtXesZ0BMTIzNDIyMzQAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
+TlRMTVNTUAADAAAAGAAYAEAAAACeAJ4AWAAAAAAAAAD2AAAACAAIAPYAAAAIAAgA/gAAAAAAAAAAAAAABoKBAMOv20GsURsat8gdH/RfnYI0MzIxNTMyMeCdd8AzFZLZ/N1ujmilmCcBAQAAAAAAAACAPtXesZ0BNDMyMTUzMjEAAAAAAgAEAEMAQwABABIARQBMAEkAUwBBAEIARQBUAEgABAAYAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAMALABlAGwAaQBzAGEAYgBlAHQAaAAuAGMAYwAuAGkAYwBlAGQAZQB2AC4AbgB1AAAAAAAAAAAAdGVzdHVzZXJjdXJsaG9zdA==
MAIL FROM:<address@hidden>
RCPT TO:<address@hidden>
DATA
diff --git a/tests/data/test946 b/tests/data/test946
index d34bd914e..da4b924f9 100644
--- a/tests/data/test946
+++ b/tests/data/test946
@@ -35,7 +35,7 @@ mail body
<command>
smtp://%HOSTIP:%SMTPPORT/946 --mail-rcpt address@hidden --mail-from
address@hidden -u user --oauth2-bearer mF_9.B5f-4.1JqM -T -
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%SMTPPORT' ne '9005' );"
diff --git a/tests/data/test947 b/tests/data/test947
index 03648a412..d33a55931 100644
--- a/tests/data/test947
+++ b/tests/data/test947
@@ -35,7 +35,7 @@ mail body
<command>
smtp://%HOSTIP:%SMTPPORT/947 --mail-rcpt address@hidden --mail-from
address@hidden -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir -T -
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%SMTPPORT' ne '9005' );"
diff --git a/tests/data/test948 b/tests/data/test948
index 51bb41ad2..9c1e31deb 100644
--- a/tests/data/test948
+++ b/tests/data/test948
@@ -36,7 +36,7 @@ mail body
<command>
smtp://%HOSTIP:%SMTPPORT/948 --mail-rcpt address@hidden --mail-from
address@hidden -u user --oauth2-bearer mF_9.B5f-4.1JqM -T -
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%SMTPPORT' ne '9005' );"
diff --git a/tests/data/test949 b/tests/data/test949
index f84c42b40..9145d61e9 100644
--- a/tests/data/test949
+++ b/tests/data/test949
@@ -36,7 +36,7 @@ mail body
<command>
smtp://%HOSTIP:%SMTPPORT/949 --mail-rcpt address@hidden --mail-from
address@hidden -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir -T -
</command>
-# The protocol section doesn't support ways of specifing the raw data in the
+# The protocol section doesn't support ways of specifying the raw data in the
# base64 encoded message so we must assert this
<precheck>
perl -e "print 'Test requires default test server host and port' if (
'%HOSTIP' ne '127.0.0.1' || '%SMTPPORT' ne '9005' );"
diff --git a/tests/dictserver.py b/tests/dictserver.py
new file mode 100755
index 000000000..a41a8a0d6
--- /dev/null
+++ b/tests/dictserver.py
@@ -0,0 +1,159 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+""" DICT server """
+
+from __future__ import (absolute_import, division, print_function,
+ unicode_literals)
+import argparse
+import os
+import sys
+import logging
+try: # Python 2
+ import SocketServer as socketserver
+except ImportError: # Python 3
+ import socketserver
+
+
+log = logging.getLogger(__name__)
+HOST = "localhost"
+
+# The strings that indicate the test framework is checking our aliveness
+VERIFIED_REQ = b"verifiedserver"
+VERIFIED_RSP = "WE ROOLZ: {pid}"
+
+
+def dictserver(options):
+ """
+ Starts up a TCP server with a DICT handler and serves DICT requests
+ forever.
+ """
+ if options.pidfile:
+ pid = os.getpid()
+ with open(options.pidfile, "w") as f:
+ f.write("{0}".format(pid))
+
+ local_bind = (HOST, options.port)
+ log.info("[DICT] Listening on %s", local_bind)
+
+ # Need to set the allow_reuse on the class, not on the instance.
+ socketserver.TCPServer.allow_reuse_address = True
+ server = socketserver.TCPServer(local_bind, DictHandler)
+ server.serve_forever()
+
+ return ScriptRC.SUCCESS
+
+
+class DictHandler(socketserver.BaseRequestHandler):
+ """Handler class for DICT connections.
+
+ """
+ def handle(self):
+ """
+ Simple function which responds to all queries with a 552.
+ """
+ try:
+ # First, send a response to allow the server to continue.
+ rsp = "220 dictserver <xnooptions> <address@hidden>\n"
+ self.request.sendall(rsp.encode("utf-8"))
+
+ # Receive the request.
+ data = self.request.recv(1024).strip()
+ log.debug("[DICT] Incoming data: %r", data)
+
+ if VERIFIED_REQ in data:
+ log.debug("[DICT] Received verification request from test "
+ "framework")
+ response_data = VERIFIED_RSP.format(pid=os.getpid())
+ else:
+ log.debug("[DICT] Received normal request")
+ response_data = "No matches"
+
+ # Send back a failure to find.
+ response = "552 {0}\n".format(response_data)
+ log.debug("[DICT] Responding with %r", response)
+ self.request.sendall(response.encode("utf-8"))
+
+ except IOError:
+ log.exception("[DICT] IOError hit during request")
+
+
+def get_options():
+ parser = argparse.ArgumentParser()
+
+ parser.add_argument("--port", action="store", default=9016,
+ type=int, help="port to listen on")
+ parser.add_argument("--verbose", action="store", type=int, default=0,
+ help="verbose output")
+ parser.add_argument("--pidfile", action="store",
+ help="file name for the PID")
+ parser.add_argument("--logfile", action="store",
+ help="file name for the log")
+ parser.add_argument("--srcdir", action="store", help="test directory")
+ parser.add_argument("--id", action="store", help="server ID")
+ parser.add_argument("--ipv4", action="store_true", default=0,
+ help="IPv4 flag")
+
+ return parser.parse_args()
+
+
+def setup_logging(options):
+ """
+ Set up logging from the command line options
+ """
+ root_logger = logging.getLogger()
+ add_stdout = False
+
+ formatter = logging.Formatter("%(asctime)s %(levelname)-5.5s %(message)s")
+
+ # Write out to a logfile
+ if options.logfile:
+ handler = logging.FileHandler(options.logfile, mode="w")
+ handler.setFormatter(formatter)
+ handler.setLevel(logging.DEBUG)
+ root_logger.addHandler(handler)
+ else:
+ # The logfile wasn't specified. Add a stdout logger.
+ add_stdout = True
+
+ if options.verbose:
+ # Add a stdout logger as well in verbose mode
+ root_logger.setLevel(logging.DEBUG)
+ add_stdout = True
+ else:
+ root_logger.setLevel(logging.INFO)
+
+ if add_stdout:
+ stdout_handler = logging.StreamHandler(sys.stdout)
+ stdout_handler.setFormatter(formatter)
+ stdout_handler.setLevel(logging.DEBUG)
+ root_logger.addHandler(stdout_handler)
+
+
+class ScriptRC(object):
+ """Enum for script return codes"""
+ SUCCESS = 0
+ FAILURE = 1
+ EXCEPTION = 2
+
+
+class ScriptException(Exception):
+ pass
+
+
+if __name__ == '__main__':
+ # Get the options from the user.
+ options = get_options()
+
+ # Setup logging using the user options
+ setup_logging(options)
+
+ # Run main script.
+ try:
+ rc = dictserver(options)
+ except Exception as e:
+ log.exception(e)
+ rc = ScriptRC.EXCEPTION
+
+ log.info("[DICT] Returning %d", rc)
+ sys.exit(rc)
diff --git a/tests/extern-scan.pl b/tests/extern-scan.pl
index 7a5c29140..1b22410f5 100755
--- a/tests/extern-scan.pl
+++ b/tests/extern-scan.pl
@@ -30,10 +30,10 @@ use warnings;
my $root=$ARGV[0] || ".";
my @incs = (
- "$root/include/curl/curl.h",
- "$root/include/curl/easy.h",
- "$root/include/curl/mprintf.h",
- "$root/include/curl/multi.h",
+ "$root/include/gnurl/curl.h",
+ "$root/include/gnurl/easy.h",
+ "$root/include/gnurl/mprintf.h",
+ "$root/include/gnurl/multi.h",
);
my $verbose=0;
@@ -49,7 +49,9 @@ sub scanheader {
open H, "<$f" || die;
while(<H>) {
if (/^(CURL_EXTERN.*)/) {
- print "$1\n";
+ my $decl = $1;
+ $decl =~ s/\r$//;
+ print "$decl\n";
}
}
close H;
diff --git a/tests/ftpserver.pl b/tests/ftpserver.pl
index 01a7df865..081298f1b 100755
--- a/tests/ftpserver.pl
+++ b/tests/ftpserver.pl
@@ -609,7 +609,7 @@ sub protocolsetup {
' / __| | | | |_) | | '."\r\n",
' | (__| |_| | _ {| |___ '."\r\n",
' \___|\___/|_| \_\_____|'."\r\n",
- '+OK cURL POP3 server ready to serve '."\r\n")
+ '+OK curl POP3 server ready to serve '."\r\n")
);
}
elsif($proto eq 'imap') {
@@ -643,7 +643,7 @@ sub protocolsetup {
' / __| | | | |_) | | '."\r\n",
' | (__| |_| | _ {| |___ '."\r\n",
' \___|\___/|_| \_\_____|'."\r\n",
- '* OK cURL IMAP server ready to serve'."\r\n")
+ '* OK curl IMAP server ready to serve'."\r\n")
);
}
elsif($proto eq 'smtp') {
@@ -1057,7 +1057,7 @@ sub EXPN_smtp {
}
sub QUIT_smtp {
- sendcontrol "221 cURL $smtp_type server signing off\r\n";
+ sendcontrol "221 curl $smtp_type server signing off\r\n";
return 0;
}
@@ -1605,7 +1605,7 @@ sub NOOP_imap {
}
sub LOGOUT_imap {
- sendcontrol "* BYE cURL IMAP server signing off\r\n";
+ sendcontrol "* BYE curl IMAP server signing off\r\n";
sendcontrol "$cmdid OK LOGOUT completed\r\n";
return 0;
@@ -1941,7 +1941,7 @@ sub QUIT_pop3 {
@deleted = ();
}
- sendcontrol "+OK cURL POP3 server signing off\r\n";
+ sendcontrol "+OK curl POP3 server signing off\r\n";
return 0;
}
diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt
new file mode 100644
index 000000000..aefedf26f
--- /dev/null
+++ b/tests/fuzz/CMakeLists.txt
@@ -0,0 +1 @@
+# FIXME, probably adapt from file in ../unit
diff --git a/tests/fuzz/Makefile.am b/tests/fuzz/Makefile.am
new file mode 100644
index 000000000..0d20d792a
--- /dev/null
+++ b/tests/fuzz/Makefile.am
@@ -0,0 +1,57 @@
+#***************************************************************************
+# _ _ ____ _
+# Project ___| | | | _ \| |
+# / __| | | | |_) | |
+# | (__| |_| | _ <| |___
+# \___|\___/|_| \_\_____|
+#
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+AUTOMAKE_OPTIONS = foreign nostdinc
+
+# Specify our include paths here, and do it relative to $(top_srcdir) and
+# $(top_builddir), to ensure that these paths which belong to the library
+# being currently built and tested are searched before the library which
+# might possibly already be installed in the system.
+#
+# $(top_builddir)/include/curl for generated curlbuild.h included from curl.h
+# $(top_builddir)/include for generated curlbuild.h inc. from lib/curl_setup.h
+# $(top_srcdir)/include is for libcurl's external include files
+# $(top_builddir)/lib is for libcurl's generated lib/curl_config.h file
+# $(top_srcdir)/lib for libcurl's lib/curl_setup.h and other "borrowed" files
+
+AM_CPPFLAGS = -I$(top_builddir)/include/curl \
+ -I$(top_builddir)/include \
+ -I$(top_srcdir)/include \
+ -I$(top_builddir)/lib \
+ -I$(top_srcdir)/lib \
+ -I$(top_srcdir)/tests/fuzz
+
+EXTRA_DIST = Makefile.inc CMakeLists.txt
+
+LIBS = -lpthread -lFuzzer -lstdc++ -lm
+LDFLAGS = -L/usr/lib/llvm-5.0/lib #-L/home/daniel/src/Fuzzer/
+
+LDADD = $(top_builddir)/lib/libcurl.la \
+ @LDFLAGS@ @LIBCURL_LIBS@
+
+# Makefile.inc provides neat definitions
+include Makefile.inc
+
+checksrc:
+ @PERL@ $(top_srcdir)/lib/checksrc.pl $(srcdir)/*.c
+
+noinst_PROGRAMS = $(FUZZPROGS)
+
diff --git a/tests/fuzz/Makefile.inc b/tests/fuzz/Makefile.inc
new file mode 100644
index 000000000..fb6cdb11a
--- /dev/null
+++ b/tests/fuzz/Makefile.inc
@@ -0,0 +1,19 @@
+FUZZPROGS = http11 ftp imap pop3 httpupload http2
+
+http11_SOURCES = curl_fuzzer.c
+http11_CPPFLAGS = $(AM_CPPFLAGS)
+
+ftp_SOURCES = curl_fuzzer.c
+ftp_CPPFLAGS = -DFUZZER_FTP $(AM_CPPFLAGS)
+
+imap_SOURCES = curl_fuzzer.c
+imap_CPPFLAGS = -DFUZZER_IMAP $(AM_CPPFLAGS)
+
+pop3_SOURCES = curl_fuzzer.c
+pop3_CPPFLAGS = -DFUZZER_POP3 $(AM_CPPFLAGS)
+
+httpupload_SOURCES = curl_fuzzer.c
+httpupload_CPPFLAGS = -DFUZZER_HTTP_UPLOAD $(AM_CPPFLAGS)
+
+http2_SOURCES = curl_fuzzer.c
+http2_CPPFLAGS = -DFUZZER_HTTP2 $(AM_CPPFLAGS)
diff --git a/tests/fuzz/README b/tests/fuzz/README
new file mode 100644
index 000000000..459bda46b
--- /dev/null
+++ b/tests/fuzz/README
@@ -0,0 +1,14 @@
+Fuzz tests
+==========
+
+The goal is to add tests for *ALL* protocols supported in libcurl.
+We will need some additional patches in the future, to increase coverage.
+
+Building the fuzz target
+========================
+
+CC=clang-5.0 CFLAGS="-fsanitize=address -fsanitize-address-use-after-scope
-fsanitize-coverage=trace-pc-guard,trace-cmp" ./configure --disable-shared
--enable-debug --enable-maintainer-mode
+make -sj
+
+cd tests/fuzz
+make
diff --git a/tests/fuzz/corpora/ftp/long1.txt b/tests/fuzz/corpora/ftp/long1.txt
new file mode 100644
index 000000000..47a536e38
--- /dev/null
+++ b/tests/fuzz/corpora/ftp/long1.txt
@@ -0,0 +1,8 @@
+200 OK
+200 OK
+215 UNIX Type: L8
+200 OK
+200 OK
+200 OK
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
[...]
+220 OK
diff --git a/tests/fuzz/corpora/http1_1/200_ok.txt
b/tests/fuzz/corpora/http1_1/200_ok.txt
new file mode 100644
index 000000000..ca7ef0b23
--- /dev/null
+++ b/tests/fuzz/corpora/http1_1/200_ok.txt
@@ -0,0 +1,13 @@
+HTTP/1.1 200 OK
+Content-Encoding: gzip
+Accept-Ranges: bytes
+Cache-Control: max-age=604800
+Content-Type: text/html
+Date: Mon, 08 May 2017 19:03:58 GMT
+Etag: "359670651+gzip"
+Expires: Mon, 15 May 2017 19:03:58 GMT
+Last-Modified: Fri, 09 Aug 2013 23:54:35 GMT
+Server: ECS (ewr/15BD)
+X-Cache: HIT
+Content-Length: 606
+
diff --git a/tests/fuzz/corpora/http1_1/404_nf.txt
b/tests/fuzz/corpora/http1_1/404_nf.txt
new file mode 100644
index 000000000..a28311a35
--- /dev/null
+++ b/tests/fuzz/corpora/http1_1/404_nf.txt
@@ -0,0 +1,9 @@
+HTTP/1.1 404 Not Found
+Cache-Control: max-age=604800
+Content-Type: text/html
+Date: Mon, 08 May 2017 19:04:08 GMT
+Expires: Mon, 15 May 2017 19:04:08 GMT
+Server: EOS (lax004/28A3)
+Vary: Accept-Encoding
+Content-Length: 1270
+
diff --git a/tests/fuzz/curl_fuzzer.c b/tests/fuzz/curl_fuzzer.c
new file mode 100644
index 000000000..be70e4dba
--- /dev/null
+++ b/tests/fuzz/curl_fuzzer.c
@@ -0,0 +1,128 @@
+/*
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+*/
+
+#include <errno.h>
+#include <fcntl.h>
+#include <netinet/in.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/select.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include <gnurl/curl.h>
+
+static const void *cur_data;
+static int cur_size = -1;
+static int server_fd = -1;
+static int client_fd = -1;
+static int wrote = 0;
+
+static void fail(const char *why) {
+ perror(why);
+ exit(1);
+}
+
+static curl_socket_t open_sock(void *ctx, curlsocktype purpose,
+ struct curl_sockaddr *address) {
+ if(cur_size == -1) {
+ fail("not fuzzing");
+ }
+ if(server_fd != -1 || client_fd != -1) {
+ fail("already connected");
+ }
+ int fds[2];
+ if(socketpair(AF_UNIX, SOCK_STREAM, 0, fds)) {
+ fail("socketpair");
+ }
+ server_fd = fds[0];
+ client_fd = fds[1];
+ if(write(server_fd, cur_data, cur_size) != cur_size) {
+ fail("write");
+ }
+ if(shutdown(server_fd, SHUT_WR)) {
+ fail("shutdown");
+ }
+ return client_fd;
+}
+
+static int set_opt(void *ctx, curl_socket_t curlfd, curlsocktype purpose) {
+ return CURL_SOCKOPT_ALREADY_CONNECTED;
+}
+
+static size_t write_callback(char *ptr, size_t size, size_t n, void *ctx) {
+ return size * n;
+}
+
+static size_t read_callback(char *buf, size_t size, size_t n, void *ctx) {
+ if(wrote || size * n == 0) {
+ return 0;
+ }
+ wrote = 1;
+ buf[0] = 'a';
+ return 1;
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+ cur_data = Data;
+ cur_size = Size;
+ wrote = 0;
+ CURL *curl = curl_easy_init();
+ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
+ curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
+ curl_easy_setopt(curl, CURLOPT_OPENSOCKETFUNCTION, open_sock);
+ curl_easy_setopt(curl, CURLOPT_SOCKOPTFUNCTION, set_opt);
+#if defined(FUZZER_FTP)
+ curl_easy_setopt(curl, CURLOPT_URL, "ftp://address@hidden/file.txt";);
+#elif defined(FUZZER_IMAP)
+ curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
+ curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
+ curl_easy_setopt(curl, CURLOPT_URL, "imap://localhost");
+#elif defined(FUZZER_POP3)
+ curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
+ curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
+ curl_easy_setopt(curl, CURLOPT_URL, "pop3://localhost");
+#elif defined(FUZZER_HTTP_UPLOAD)
+ curl_easy_setopt(curl, CURLOPT_URL, "http://localhost/";);
+ curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
+ curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
+#elif defined(FUZZER_HTTP2)
+ curl_easy_setopt(curl, CURLOPT_URL, "http://localhost/";);
+ /* use non-TLS HTTP/2 without HTTP/1.1 Upgrade: */
+ curl_easy_setopt(curl, CURLOPT_HTTP_VERSION,
+ CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE);
+#else
+ curl_easy_setopt(curl, CURLOPT_URL, "http://localhost/";);
+ curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
+#endif
+ curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+ close(server_fd);
+ close(client_fd);
+ server_fd = -1;
+ client_fd = -1;
+ cur_data = NULL;
+ cur_size = -1;
+ return 0;
+}
diff --git a/tests/http2-server.pl b/tests/http2-server.pl
index 72ed12e85..086d5aa76 100755
--- a/tests/http2-server.pl
+++ b/tests/http2-server.pl
@@ -28,6 +28,7 @@ my $pidfile = "log/nghttpx.pid";
my $logfile = "log/http2.log";
my $nghttpx = "nghttpx";
my $listenport = 9015;
+my $connect = "127.0.0.1,8990";
#***************************************************************************
# Process command line options
@@ -54,6 +55,13 @@ while(@ARGV) {
shift @ARGV;
}
}
+ elsif($ARGV[0] eq '--connect') {
+ if($ARGV[1]) {
+ $connect = $ARGV[1];
+ $connect =~ s/:/,/;
+ shift @ARGV;
+ }
+ }
elsif($ARGV[0] eq '--logfile') {
if($ARGV[1]) {
$logfile = $ARGV[1];
@@ -66,7 +74,7 @@ while(@ARGV) {
shift @ARGV;
}
-my $cmdline="$nghttpx --backend=127.0.0.1,8990 ".
+my $cmdline="$nghttpx --backend=$connect ".
"--frontend=\"*,$listenport;no-tls\" ".
"--log-level=INFO ".
"--pid-file=$pidfile ".
diff --git a/tests/httpserver.pl b/tests/httpserver.pl
index 0be5667fe..7f6c86a8a 100755
--- a/tests/httpserver.pl
+++ b/tests/httpserver.pl
@@ -38,7 +38,7 @@ my $verbose = 0; # set to 1 for debugging
my $port = 8990; # just a default
my $unix_socket; # location to place a listening Unix socket
my $ipvnum = 4; # default IP version of http server
-my $idnum = 1; # dafault http server instance number
+my $idnum = 1; # default http server instance number
my $proto = 'http'; # protocol the http server speaks
my $pidfile; # http server pid file
my $logfile; # http server log file
diff --git a/tests/libtest/CMakeLists.txt b/tests/libtest/CMakeLists.txt
index a7449c374..db0aed694 100644
--- a/tests/libtest/CMakeLists.txt
+++ b/tests/libtest/CMakeLists.txt
@@ -7,7 +7,8 @@ function(SETUP_TEST TEST_NAME) # ARGN are the files in
the test
include_directories(
${CURL_SOURCE_DIR}/lib # To be able to reach "curl_setup_once.h"
${CURL_BINARY_DIR}/lib # To be able to reach "curl_config.h"
- ${CURL_BINARY_DIR}/include # To be able to reach "curl/curlbuild.h"
+ ${CURL_BINARY_DIR}/include # To be able to reach "gnurl/curl.h"
+ ${CURL_SOURCE_DIR}/tests/libtest # To be able to build generated tests
)
if(USE_ARES)
include_directories(${CARES_INCLUDE_DIR})
@@ -49,7 +50,15 @@ if(NOT WIN32)
endif()
endif()
-# # files used only in some libcurl test programs
+add_custom_command(
+ OUTPUT lib1521.c
+ COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/mk-lib1521.pl <
${CMAKE_SOURCE_DIR}/include/gnurl/curl.h > lib1521.c
+ DEPENDS
+ "${CMAKE_CURRENT_SOURCE_DIR}/mk-lib1521.pl"
+ "${CMAKE_SOURCE_DIR}/include/gnurl/curl.h"
+ VERBATIM)
+
+ # # files used only in some libcurl test programs
# SET(TESTUTIL testutil.c testutil.h)
# # these files are used in every single test program below
diff --git a/tests/libtest/Makefile.am b/tests/libtest/Makefile.am
index be375aa56..6ebad89c8 100644
--- a/tests/libtest/Makefile.am
+++ b/tests/libtest/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -26,8 +26,6 @@ AUTOMAKE_OPTIONS = foreign nostdinc
# being currently built and tested are searched before the library which
# might possibly already be installed in the system.
#
-# $(top_builddir)/include/curl for generated curlbuild.h included from curl.h
-# $(top_builddir)/include for generated curlbuild.h inc. from lib/curl_setup.h
# $(top_srcdir)/include is for libcurl's external include files
# $(top_builddir)/lib is for libcurl's generated lib/curl_config.h file
# $(top_srcdir)/lib for libcurl's lib/curl_setup.h and other "borrowed" files
@@ -35,23 +33,19 @@ AUTOMAKE_OPTIONS = foreign nostdinc
# $(top_srcdir)/ares is for in-tree c-ares's external include files
if USE_EMBEDDED_ARES
-AM_CPPFLAGS = -I$(top_builddir)/include/curl \
- -I$(top_builddir)/include \
- -I$(top_srcdir)/include \
+AM_CPPFLAGS = -I$(top_srcdir)/include \
-I$(top_builddir)/lib \
-I$(top_srcdir)/lib \
-I$(top_builddir)/ares \
-I$(top_srcdir)/ares
else
-AM_CPPFLAGS = -I$(top_builddir)/include/curl \
- -I$(top_builddir)/include \
- -I$(top_srcdir)/include \
+AM_CPPFLAGS = -I$(top_srcdir)/include \
-I$(top_builddir)/lib \
-I$(top_srcdir)/lib
endif
EXTRA_DIST = test75.pl test307.pl test610.pl test613.pl test1013.pl \
-test1022.pl Makefile.inc notexists.pl CMakeLists.txt
+test1022.pl Makefile.inc notexists.pl CMakeLists.txt mk-lib1521.pl
CFLAG_CURL_SYMBOL_HIDING = @CFLAG_CURL_SYMBOL_HIDING@
@@ -66,9 +60,8 @@ SUPPORTFILES_LIBS = $(top_builddir)/lib/libgnurl.la
@CURL_NETWORK_LIBS@ @NSS_LIB
TESTUTIL_LIBS = $(top_builddir)/lib/libgnurl.la @CURL_NETWORK_AND_TIME_LIBS@
@NSS_LIBS@
endif
-# Dependencies (may need to be overriden)
+# Dependencies (may need to be overridden)
LDADD = $(SUPPORTFILES_LIBS)
-DEPENDENCIES = $(top_builddir)/lib/libgnurl.la
# Makefile.inc provides the source defines (TESTUTIL, SUPPORTFILES,
# noinst_PROGRAMS, lib*_SOURCES, and lib*_CFLAGS)
@@ -116,5 +109,11 @@ libhostname_la_SOURCES = sethostname.c sethostname.h
libhostname_la_LIBADD =
libhostname_la_DEPENDENCIES =
+lib1521.c: $(top_srcdir)/tests/libtest/mk-lib1521.pl
$(top_srcdir)/include/gnurl/curl.h
+ @PERL@ $(top_srcdir)/tests/libtest/mk-lib1521.pl <
$(top_srcdir)/include/gnurl/curl.h > lib1521.c
+
checksrc:
@PERL@ $(top_srcdir)/lib/checksrc.pl $(srcdir)/*.c
+
+dist:
+ rm lib1521.c
diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
index 7ae66d797..727582bd0 100644
--- a/tests/libtest/Makefile.inc
+++ b/tests/libtest/Makefile.inc
@@ -17,13 +17,16 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect
\
lib520 lib521 lib523 lib524 lib525 lib526 lib527 lib529 lib530 lib532 \
lib533 lib536 lib537 lib539 lib540 lib541 lib542 lib543 lib544 lib545 \
lib547 lib548 lib549 lib552 lib553 lib554 lib555 lib556 lib557 lib558 \
- lib560 lib562 lib564 lib565 lib566 lib567 lib568 lib569 lib570 \
+ lib559 lib560 lib562 lib564 lib565 lib566 lib567 lib568 lib569 lib570 \
lib571 lib572 lib573 lib574 lib575 lib576 lib578 lib579 lib582 \
lib583 lib585 lib586 lib587 lib590 lib591 lib597 lib598 lib599 \
lib1500 lib1501 lib1502 lib1503 lib1504 lib1505 lib1506 lib1507 lib1508 \
lib1509 lib1510 lib1511 lib1512 lib1513 lib1514 lib1515 lib1517 \
- lib1520 \
- lib1525 lib1526 lib1527 lib1528 lib1529 lib1530 lib1531 \
+ lib1520 lib1521 \
+ lib1525 lib1526 lib1527 lib1528 lib1529 lib1530 lib1531 lib1532 lib1533 \
+ lib1534 lib1535 lib1536 lib1537 lib1538 \
+ lib1540 \
+ lib1550 lib1551 \
lib1900 \
lib2033
@@ -204,6 +207,9 @@ lib557_CPPFLAGS = $(AM_CPPFLAGS)
lib558_SOURCES = lib558.c $(SUPPORTFILES)
lib558_CPPFLAGS = $(AM_CPPFLAGS)
+lib559_SOURCES = lib559.c $(SUPPORTFILES)
+lib559_CPPFLAGS = $(AM_CPPFLAGS)
+
lib560_SOURCES = lib560.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib560_LDADD = $(TESTUTIL_LIBS)
lib560_CPPFLAGS = $(AM_CPPFLAGS)
@@ -363,6 +369,9 @@ lib1517_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1517
lib1520_SOURCES = lib1520.c $(SUPPORTFILES)
lib1520_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1520
+lib1521_SOURCES = lib1521.c $(SUPPORTFILES)
+lib1521_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)
+
lib1525_SOURCES = lib1525.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1525_LDADD = $(TESTUTIL_LIBS)
lib1525_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1525
@@ -391,6 +400,44 @@ lib1531_SOURCES = lib1531.c $(SUPPORTFILES) $(TESTUTIL)
$(WARNLESS)
lib1531_LDADD = $(TESTUTIL_LIBS)
lib1531_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1531
+lib1532_SOURCES = lib1532.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1532_LDADD = $(TESTUTIL_LIBS)
+lib1532_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1532
+
+lib1533_SOURCES = lib1533.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1533_LDADD = $(TESTUTIL_LIBS)
+lib1533_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1533
+
+lib1534_SOURCES = lib1534.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1534_LDADD = $(TESTUTIL_LIBS)
+lib1534_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1534
+
+lib1535_SOURCES = lib1535.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1535_LDADD = $(TESTUTIL_LIBS)
+lib1535_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1535
+
+lib1536_SOURCES = lib1536.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1536_LDADD = $(TESTUTIL_LIBS)
+lib1536_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1536
+
+lib1537_SOURCES = lib1537.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1537_LDADD = $(TESTUTIL_LIBS)
+lib1537_CPPFLAGS = $(AM_CPPFLAGS)
+
+lib1538_SOURCES = lib1538.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1538_LDADD = $(TESTUTIL_LIBS)
+lib1538_CPPFLAGS = $(AM_CPPFLAGS)
+
+lib1540_SOURCES = lib1540.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1540_LDADD = $(TESTUTIL_LIBS)
+lib1540_CPPFLAGS = $(AM_CPPFLAGS)
+
+lib1550_SOURCES = lib1550.c $(SUPPORTFILES)
+lib1550_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1517
+
+lib1551_SOURCES = lib1551.c $(SUPPORTFILES)
+lib1551_CPPFLAGS = $(AM_CPPFLAGS)
+
lib1900_SOURCES = lib1900.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1900_LDADD = $(TESTUTIL_LIBS)
lib1900_CPPFLAGS = $(AM_CPPFLAGS)
diff --git a/tests/libtest/first.c b/tests/libtest/first.c
index 231ae368c..72140e314 100644
--- a/tests/libtest/first.c
+++ b/tests/libtest/first.c
@@ -116,7 +116,7 @@ static void memory_tracking_init(void)
#endif
/* returns a hexdump in a static memory area */
-char *hexdump(unsigned char *buffer, size_t len)
+char *hexdump(const unsigned char *buffer, size_t len)
{
static char dump[200*3+1];
char *p = dump;
diff --git a/tests/libtest/lib1500.c b/tests/libtest/lib1500.c
index f3c495869..73d23a1b7 100644
--- a/tests/libtest/lib1500.c
+++ b/tests/libtest/lib1500.c
@@ -29,8 +29,8 @@
int test(char *URL)
{
- CURL* curls = NULL;
- CURLM* multi = NULL;
+ CURL *curls = NULL;
+ CURLM *multi = NULL;
int still_running;
int i = TEST_ERR_FAILURE;
int res = 0;
diff --git a/tests/libtest/lib1501.c b/tests/libtest/lib1501.c
index cc442b529..8a6ef5172 100644
--- a/tests/libtest/lib1501.c
+++ b/tests/libtest/lib1501.c
@@ -31,22 +31,7 @@
/* 500 milliseconds allowed. An extreme number but lets be really conservative
to allow old and slow machines to run this test too */
-#define MAX_BLOCKED_TIME_US 500000
-
-/* return the number of microseconds between two time stamps */
-static int elapsed(struct timeval *before,
- struct timeval *after)
-{
- ssize_t result;
-
- result = (after->tv_sec - before->tv_sec) * 1000000 +
- after->tv_usec - before->tv_usec;
- if(result < 0)
- result = 0;
-
- return curlx_sztosi(result);
-}
-
+#define MAX_BLOCKED_TIME_MS 500
int test(char *URL)
{
@@ -80,7 +65,7 @@ int test(char *URL)
int maxfd = -99;
struct timeval before;
struct timeval after;
- int e;
+ long e;
timeout.tv_sec = 0;
timeout.tv_usec = 100000L; /* 100 ms */
@@ -105,10 +90,10 @@ int test(char *URL)
abort_on_test_timeout();
after = tutil_tvnow();
- e = elapsed(&before, &after);
- fprintf(stderr, "pong = %d\n", e);
+ e = tutil_tvdiff(after, before);
+ fprintf(stderr, "pong = %ld\n", e);
- if(e > MAX_BLOCKED_TIME_US) {
+ if(e > MAX_BLOCKED_TIME_MS) {
res = 100;
break;
}
diff --git a/tests/libtest/lib1502.c b/tests/libtest/lib1502.c
index e4e1a162a..bd555cbaf 100644
--- a/tests/libtest/lib1502.c
+++ b/tests/libtest/lib1502.c
@@ -41,8 +41,8 @@
int test(char *URL)
{
- CURL* easy = NULL;
- CURLM* multi = NULL;
+ CURL *easy = NULL;
+ CURLM *multi = NULL;
int still_running;
int res = 0;
diff --git a/tests/libtest/lib1507.c b/tests/libtest/lib1507.c
index 5a7994ebd..cd8500195 100644
--- a/tests/libtest/lib1507.c
+++ b/tests/libtest/lib1507.c
@@ -44,23 +44,6 @@ static size_t read_callback(void *ptr, size_t size, size_t
nmemb, void *userp)
return CURL_READFUNC_ABORT;
}
-static struct timeval tvnow(void)
-{
- /*
- ** time() returns the value of time in seconds since the Epoch.
- */
- struct timeval now;
- now.tv_sec = (long)time(NULL);
- now.tv_usec = 0;
- return now;
-}
-
-static long tvdiff(struct timeval newer, struct timeval older)
-{
- return (newer.tv_sec-older.tv_sec)*1000+
- (newer.tv_usec-older.tv_usec)/1000;
-}
-
int test(char *URL)
{
int res = 0;
@@ -68,7 +51,7 @@ int test(char *URL)
CURLM *mcurl = NULL;
int still_running = 1;
struct timeval mp_start;
- struct curl_slist* rcpt_list = NULL;
+ struct curl_slist *rcpt_list = NULL;
curl_global_init(CURL_GLOBAL_DEFAULT);
@@ -93,7 +76,7 @@ int test(char *URL)
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
multi_add_handle(mcurl, curl);
- mp_start = tvnow();
+ mp_start = tutil_tvnow();
/* we start some action by calling perform right away */
curl_multi_perform(mcurl, &still_running);
@@ -137,7 +120,7 @@ int test(char *URL)
rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
- if(tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
+ if(tutil_tvdiff(tutil_tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
fprintf(stderr, "ABORTING TEST, since it seems "
"that it would have run forever.\n");
break;
diff --git a/tests/libtest/lib1509.c b/tests/libtest/lib1509.c
index df428a0d0..ccb668304 100644
--- a/tests/libtest/lib1509.c
+++ b/tests/libtest/lib1509.c
@@ -28,7 +28,7 @@
size_t WriteOutput(void *ptr, size_t size, size_t nmemb, void *stream);
size_t WriteHeader(void *ptr, size_t size, size_t nmemb, void *stream);
-unsigned long realHeaderSize = 0;
+static unsigned long realHeaderSize = 0;
int test(char *URL)
{
diff --git a/tests/libtest/lib1511.c b/tests/libtest/lib1511.c
index bec316711..e1840e76f 100644
--- a/tests/libtest/lib1511.c
+++ b/tests/libtest/lib1511.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -26,7 +26,7 @@
int test(char *URL)
{
long unmet;
- CURL* curl = NULL;
+ CURL *curl = NULL;
int res = 0;
global_init(CURL_GLOBAL_ALL);
diff --git a/tests/libtest/lib1515.c b/tests/libtest/lib1515.c
index 2fd19bb7b..c1499381a 100644
--- a/tests/libtest/lib1515.c
+++ b/tests/libtest/lib1515.c
@@ -95,12 +95,13 @@ static int do_one_request(CURLM *m, char *URL, char
*resolve)
abort_on_test_timeout();
}
- while((msg = curl_multi_info_read(m, &msgs_left))) {
- if(msg->msg == CURLMSG_DONE && msg->easy_handle == curls) {
+ do {
+ msg = curl_multi_info_read(m, &msgs_left);
+ if(msg && msg->msg == CURLMSG_DONE && msg->easy_handle == curls) {
res = msg->data.result;
break;
}
- }
+ } while(msg);
test_cleanup:
@@ -113,7 +114,7 @@ test_cleanup:
int test(char *URL)
{
- CURLM* multi = NULL;
+ CURLM *multi = NULL;
int res = 0;
char *address = libtest_arg2;
char *port = libtest_arg3;
@@ -136,7 +137,8 @@ int test(char *URL)
"http://testserver.example.com:%s/%s%04d";, port, path, i);
/* second request must succeed like the first one */
- if((res = do_one_request(multi, target_url, dns_entry)))
+ res = do_one_request(multi, target_url, dns_entry);
+ if(res)
goto test_cleanup;
if(i < count)
diff --git a/tests/libtest/lib1520.c b/tests/libtest/lib1520.c
index a4ce79b50..4d5b0c88c 100644
--- a/tests/libtest/lib1520.c
+++ b/tests/libtest/lib1520.c
@@ -81,7 +81,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib1525.c b/tests/libtest/lib1525.c
index c58ebeda9..a76494589 100644
--- a/tests/libtest/lib1525.c
+++ b/tests/libtest/lib1525.c
@@ -56,7 +56,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -81,7 +82,7 @@ int test(char *URL)
test_setopt(curl, CURLOPT_WRITEFUNCTION, fwrite);
test_setopt(curl, CURLOPT_READFUNCTION, read_callback);
test_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L);
- test_setopt(curl, CURLOPT_INFILESIZE, strlen(data));
+ test_setopt(curl, CURLOPT_INFILESIZE, (long)strlen(data));
res = curl_easy_perform(curl);
diff --git a/tests/libtest/lib1526.c b/tests/libtest/lib1526.c
index ef66a484d..704ae497d 100644
--- a/tests/libtest/lib1526.c
+++ b/tests/libtest/lib1526.c
@@ -54,7 +54,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -84,7 +85,7 @@ int test(char *URL)
test_setopt(curl, CURLOPT_WRITEFUNCTION, fwrite);
test_setopt(curl, CURLOPT_READFUNCTION, read_callback);
test_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L);
- test_setopt(curl, CURLOPT_INFILESIZE, strlen(data));
+ test_setopt(curl, CURLOPT_INFILESIZE, (long)strlen(data));
res = curl_easy_perform(curl);
diff --git a/tests/libtest/lib1527.c b/tests/libtest/lib1527.c
index f008cf1e4..689839e3d 100644
--- a/tests/libtest/lib1527.c
+++ b/tests/libtest/lib1527.c
@@ -55,7 +55,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -82,7 +83,7 @@ int test(char *URL)
test_setopt(curl, CURLOPT_WRITEFUNCTION, fwrite);
test_setopt(curl, CURLOPT_READFUNCTION, read_callback);
test_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L);
- test_setopt(curl, CURLOPT_INFILESIZE, strlen(data));
+ test_setopt(curl, CURLOPT_INFILESIZE, (long)strlen(data));
test_setopt(curl, CURLOPT_HEADEROPT, CURLHEADER_UNIFIED);
res = curl_easy_perform(curl);
diff --git a/tests/libtest/lib1528.c b/tests/libtest/lib1528.c
index 09af481f4..a130c49af 100644
--- a/tests/libtest/lib1528.c
+++ b/tests/libtest/lib1528.c
@@ -37,7 +37,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib1529.c b/tests/libtest/lib1529.c
index 3333ae698..c63a109b8 100644
--- a/tests/libtest/lib1529.c
+++ b/tests/libtest/lib1529.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -36,7 +36,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib1530.c b/tests/libtest/lib1530.c
index d1ca34c2a..6fc69f251 100644
--- a/tests/libtest/lib1530.c
+++ b/tests/libtest/lib1530.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -46,7 +46,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib1531.c b/tests/libtest/lib1531.c
index b21d06733..287acd6c6 100644
--- a/tests/libtest/lib1531.c
+++ b/tests/libtest/lib1531.c
@@ -27,8 +27,8 @@
#define TEST_HANG_TIMEOUT 60 * 1000
-char const testData[] = ".abc\0xyz";
-off_t const testDataSize = sizeof(testData) - 1;
+static char const testData[] = ".abc\0xyz";
+static off_t const testDataSize = sizeof(testData) - 1;
int test(char *URL)
{
@@ -127,12 +127,13 @@ int test(char *URL)
} while(still_running);
/* See how the transfers went */
- while((msg = curl_multi_info_read(multi_handle, &msgs_left))) {
- if(msg->msg == CURLMSG_DONE) {
+ do {
+ msg = curl_multi_info_read(multi_handle, &msgs_left);
+ if(msg && msg->msg == CURLMSG_DONE) {
printf("HTTP transfer completed with status %d\n", msg->data.result);
break;
}
- }
+ } while(msg);
curl_multi_cleanup(multi_handle);
diff --git a/tests/libtest/lib1532.c b/tests/libtest/lib1532.c
new file mode 100644
index 000000000..4a3ff3245
--- /dev/null
+++ b/tests/libtest/lib1532.c
@@ -0,0 +1,80 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "memdebug.h"
+
+/* Test CURLINFO_RESPONSE_CODE */
+
+int test(char *URL)
+{
+ CURL *curl;
+ long httpcode;
+ int res = CURLE_OK;
+
+ global_init(CURL_GLOBAL_ALL);
+
+ easy_init(curl);
+
+ easy_setopt(curl, CURLOPT_URL, URL);
+
+ res = curl_easy_perform(curl);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_perform() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+
+ res = curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &httpcode);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(httpcode != 200) {
+ fprintf(stderr, "%s:%d unexpected response code %ld\n",
+ __FILE__, __LINE__, httpcode);
+ res = CURLE_HTTP_RETURNED_ERROR;
+ goto test_cleanup;
+ }
+
+ /* Test for a regression of github bug 1017 (response code does not reset) */
+ curl_easy_reset(curl);
+
+ res = curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &httpcode);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(httpcode != 0) {
+ fprintf(stderr, "%s:%d curl_easy_reset failed to zero the response code\n"
+ "possible regression of github bug 1017\n", __FILE__, __LINE__);
+ res = CURLE_HTTP_RETURNED_ERROR;
+ goto test_cleanup;
+ }
+
+test_cleanup:
+ curl_easy_cleanup(curl);
+ curl_global_cleanup();
+ return res;
+}
diff --git a/tests/libtest/lib1533.c b/tests/libtest/lib1533.c
new file mode 100644
index 000000000..ada94b940
--- /dev/null
+++ b/tests/libtest/lib1533.c
@@ -0,0 +1,200 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/*
+ * This test sends data with CURLOPT_KEEP_SENDING_ON_ERROR.
+ * The server responds with an early error response.
+ * The test is successful if the connection can be reused for the next request,
+ * because this implies that the data has been sent completely to the server.
+ */
+
+#include "test.h"
+
+#include "memdebug.h"
+
+struct cb_data {
+ CURL *easy_handle;
+ int response_received;
+ int paused;
+ size_t remaining_bytes;
+};
+
+
+static void reset_data(struct cb_data *data, CURL *curl)
+{
+ data->easy_handle = curl;
+ data->response_received = 0;
+ data->paused = 0;
+ data->remaining_bytes = 3;
+}
+
+
+static size_t read_callback(void *ptr, size_t size, size_t nitems,
+ void *userdata)
+{
+ struct cb_data *data = (struct cb_data *)userdata;
+
+ /* wait until the server has sent all response headers */
+ if(data->response_received) {
+ size_t totalsize = nitems * size;
+
+ size_t bytes_to_send = data->remaining_bytes;
+ if(bytes_to_send > totalsize) {
+ bytes_to_send = totalsize;
+ }
+
+ memset(ptr, 'a', bytes_to_send);
+ data->remaining_bytes -= bytes_to_send;
+
+ return bytes_to_send;
+ }
+ else {
+ data->paused = 1;
+ return CURL_READFUNC_PAUSE;
+ }
+}
+
+
+static size_t write_callback(char *ptr, size_t size, size_t nmemb,
+ void *userdata)
+{
+ struct cb_data *data = (struct cb_data *)userdata;
+ size_t totalsize = nmemb * size;
+
+ /* unused parameter */
+ (void)ptr;
+
+ /* all response headers have been received */
+ data->response_received = 1;
+
+ if(data->paused) {
+ /* continue to send request body data */
+ data->paused = 0;
+ curl_easy_pause(data->easy_handle, CURLPAUSE_CONT);
+ }
+
+ return totalsize;
+}
+
+
+static int perform_and_check_connections(CURL *curl, const char *description,
+ long expected_connections)
+{
+ CURLcode res;
+ long connections = 0;
+
+ res = curl_easy_perform(curl);
+ if(res != CURLE_OK) {
+ fprintf(stderr, "curl_easy_perform() failed\n");
+ return TEST_ERR_MAJOR_BAD;
+ }
+
+ res = curl_easy_getinfo(curl, CURLINFO_NUM_CONNECTS, &connections);
+ if(res != CURLE_OK) {
+ fprintf(stderr, "curl_easy_getinfo() failed\n");
+ return TEST_ERR_MAJOR_BAD;
+ }
+
+ fprintf(stderr, "%s: expected: %ld connections; actual: %ld connections\n",
+ description, expected_connections, connections);
+
+ if(connections != expected_connections) {
+ return TEST_ERR_FAILURE;
+ }
+
+ return TEST_ERR_SUCCESS;
+}
+
+
+int test(char *URL)
+{
+ struct cb_data data;
+ CURL *curl = NULL;
+ CURLcode res = CURLE_FAILED_INIT;
+
+ if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
+ fprintf(stderr, "curl_global_init() failed\n");
+ return TEST_ERR_MAJOR_BAD;
+ }
+
+ curl = curl_easy_init();
+ if(curl == NULL) {
+ fprintf(stderr, "curl_easy_init() failed\n");
+ curl_global_cleanup();
+ return TEST_ERR_MAJOR_BAD;
+ }
+
+ reset_data(&data, curl);
+
+ test_setopt(curl, CURLOPT_URL, URL);
+ test_setopt(curl, CURLOPT_POST, 1L);
+ test_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE,
+ (curl_off_t)data.remaining_bytes);
+ test_setopt(curl, CURLOPT_VERBOSE, 1L);
+ test_setopt(curl, CURLOPT_READFUNCTION, read_callback);
+ test_setopt(curl, CURLOPT_READDATA, &data);
+ test_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
+ test_setopt(curl, CURLOPT_WRITEDATA, &data);
+
+ res = perform_and_check_connections(curl,
+ "First request without CURLOPT_KEEP_SENDING_ON_ERROR", 1);
+ if(res != TEST_ERR_SUCCESS) {
+ goto test_cleanup;
+ }
+
+ reset_data(&data, curl);
+
+ res = perform_and_check_connections(curl,
+ "Second request without CURLOPT_KEEP_SENDING_ON_ERROR", 1);
+ if(res != TEST_ERR_SUCCESS) {
+ goto test_cleanup;
+ }
+
+ test_setopt(curl, CURLOPT_KEEP_SENDING_ON_ERROR, 1L);
+
+ reset_data(&data, curl);
+
+ res = perform_and_check_connections(curl,
+ "First request with CURLOPT_KEEP_SENDING_ON_ERROR", 1);
+ if(res != TEST_ERR_SUCCESS) {
+ goto test_cleanup;
+ }
+
+ reset_data(&data, curl);
+
+ res = perform_and_check_connections(curl,
+ "Second request with CURLOPT_KEEP_SENDING_ON_ERROR", 0);
+ if(res != TEST_ERR_SUCCESS) {
+ goto test_cleanup;
+ }
+
+ res = TEST_ERR_SUCCESS;
+
+test_cleanup:
+
+ curl_easy_cleanup(curl);
+
+ curl_global_cleanup();
+
+ return (int)res;
+}
+
diff --git a/tests/libtest/lib1534.c b/tests/libtest/lib1534.c
new file mode 100644
index 000000000..61e72abb0
--- /dev/null
+++ b/tests/libtest/lib1534.c
@@ -0,0 +1,129 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "memdebug.h"
+
+/* Test CURLINFO_FILETIME */
+
+int test(char *URL)
+{
+ CURL *curl, *dupe = NULL;
+ long filetime;
+ int res = CURLE_OK;
+
+ global_init(CURL_GLOBAL_ALL);
+
+ easy_init(curl);
+
+ /* Test that a filetime is properly initialized on curl_easy_init.
+ */
+
+ res = curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(filetime != -1) {
+ fprintf(stderr, "%s:%d filetime init failed; expected -1 but is %ld\n",
+ __FILE__, __LINE__, filetime);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+ easy_setopt(curl, CURLOPT_URL, URL);
+ easy_setopt(curl, CURLOPT_FILETIME, 1L);
+
+ res = curl_easy_perform(curl);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_perform() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+
+ /* Test that a filetime is properly set after receiving an HTTP resource.
+ */
+
+ res = curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(filetime != 30) {
+ fprintf(stderr, "%s:%d filetime of http resource is incorrect; "
+ "expected 30 but is %ld\n",
+ __FILE__, __LINE__, filetime);
+ res = CURLE_HTTP_RETURNED_ERROR;
+ goto test_cleanup;
+ }
+
+ /* Test that a filetime is properly initialized on curl_easy_duphandle.
+ */
+
+ dupe = curl_easy_duphandle(curl);
+ if(!dupe) {
+ fprintf(stderr, "%s:%d curl_easy_duphandle() failed\n",
+ __FILE__, __LINE__);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+ res = curl_easy_getinfo(dupe, CURLINFO_FILETIME, &filetime);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(filetime != -1) {
+ fprintf(stderr, "%s:%d filetime init failed; expected -1 but is %ld\n",
+ __FILE__, __LINE__, filetime);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+
+ /* Test that a filetime is properly initialized on curl_easy_reset.
+ */
+
+ curl_easy_reset(curl);
+
+ res = curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(filetime != -1) {
+ fprintf(stderr, "%s:%d filetime init failed; expected -1 but is %ld\n",
+ __FILE__, __LINE__, filetime);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+test_cleanup:
+ curl_easy_cleanup(curl);
+ curl_easy_cleanup(dupe);
+ curl_global_cleanup();
+ return res;
+}
diff --git a/tests/libtest/lib1535.c b/tests/libtest/lib1535.c
new file mode 100644
index 000000000..32519f206
--- /dev/null
+++ b/tests/libtest/lib1535.c
@@ -0,0 +1,128 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "memdebug.h"
+
+/* Test CURLINFO_PROTOCOL */
+
+int test(char *URL)
+{
+ CURL *curl, *dupe = NULL;
+ long protocol;
+ int res = CURLE_OK;
+
+ global_init(CURL_GLOBAL_ALL);
+
+ easy_init(curl);
+
+ /* Test that protocol is properly initialized on curl_easy_init.
+ */
+
+ res = curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &protocol);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(protocol != 0) {
+ fprintf(stderr, "%s:%d protocol init failed; expected 0 but is %ld\n",
+ __FILE__, __LINE__, protocol);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+ easy_setopt(curl, CURLOPT_URL, URL);
+
+ res = curl_easy_perform(curl);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_perform() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+
+ /* Test that a protocol is properly set after receiving an HTTP resource.
+ */
+
+ res = curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &protocol);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(protocol != CURLPROTO_HTTP) {
+ fprintf(stderr, "%s:%d protocol of http resource is incorrect; "
+ "expected %ld but is %ld\n",
+ __FILE__, __LINE__, CURLPROTO_HTTP, protocol);
+ res = CURLE_HTTP_RETURNED_ERROR;
+ goto test_cleanup;
+ }
+
+ /* Test that a protocol is properly initialized on curl_easy_duphandle.
+ */
+
+ dupe = curl_easy_duphandle(curl);
+ if(!dupe) {
+ fprintf(stderr, "%s:%d curl_easy_duphandle() failed\n",
+ __FILE__, __LINE__);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+ res = curl_easy_getinfo(dupe, CURLINFO_PROTOCOL, &protocol);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(protocol != 0) {
+ fprintf(stderr, "%s:%d protocol init failed; expected 0 but is %ld\n",
+ __FILE__, __LINE__, protocol);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+
+ /* Test that a protocol is properly initialized on curl_easy_reset.
+ */
+
+ curl_easy_reset(curl);
+
+ res = curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &protocol);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(protocol != 0) {
+ fprintf(stderr, "%s:%d protocol init failed; expected 0 but is %ld\n",
+ __FILE__, __LINE__, protocol);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+test_cleanup:
+ curl_easy_cleanup(curl);
+ curl_easy_cleanup(dupe);
+ curl_global_cleanup();
+ return res;
+}
diff --git a/tests/libtest/lib1536.c b/tests/libtest/lib1536.c
new file mode 100644
index 000000000..7f5b61499
--- /dev/null
+++ b/tests/libtest/lib1536.c
@@ -0,0 +1,129 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "memdebug.h"
+
+/* Test CURLINFO_SCHEME */
+
+int test(char *URL)
+{
+ CURL *curl, *dupe = NULL;
+ char *scheme;
+ int res = CURLE_OK;
+
+ global_init(CURL_GLOBAL_ALL);
+
+ easy_init(curl);
+
+ /* Test that scheme is properly initialized on curl_easy_init.
+ */
+
+ res = curl_easy_getinfo(curl, CURLINFO_SCHEME, &scheme);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(scheme != NULL) {
+ fprintf(stderr, "%s:%d scheme init failed; expected NULL\n",
+ __FILE__, __LINE__);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+ easy_setopt(curl, CURLOPT_URL, URL);
+
+ res = curl_easy_perform(curl);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_perform() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+
+ /* Test that a scheme is properly set after receiving an HTTP resource.
+ */
+
+ res = curl_easy_getinfo(curl, CURLINFO_SCHEME, &scheme);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(memcmp(scheme, "HTTP", 5) != 0) {
+ fprintf(stderr, "%s:%d scheme of http resource is incorrect; "
+ "expected 'HTTP' but is %s\n",
+ __FILE__, __LINE__, CURLPROTO_HTTP,
+ (scheme == NULL ? "NULL" : "invalid"));
+ res = CURLE_HTTP_RETURNED_ERROR;
+ goto test_cleanup;
+ }
+
+ /* Test that a scheme is properly initialized on curl_easy_duphandle.
+ */
+
+ dupe = curl_easy_duphandle(curl);
+ if(!dupe) {
+ fprintf(stderr, "%s:%d curl_easy_duphandle() failed\n",
+ __FILE__, __LINE__);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+ res = curl_easy_getinfo(dupe, CURLINFO_SCHEME, &scheme);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(scheme != 0) {
+ fprintf(stderr, "%s:%d scheme init failed; expected NULL\n",
+ __FILE__, __LINE__);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+
+ /* Test that a scheme is properly initialized on curl_easy_reset.
+ */
+
+ curl_easy_reset(curl);
+
+ res = curl_easy_getinfo(curl, CURLINFO_SCHEME, &scheme);
+ if(res) {
+ fprintf(stderr, "%s:%d curl_easy_getinfo() failed with code %d (%s)\n",
+ __FILE__, __LINE__, res, curl_easy_strerror(res));
+ goto test_cleanup;
+ }
+ if(scheme != 0) {
+ fprintf(stderr, "%s:%d scheme init failed; expected NULL\n",
+ __FILE__, __LINE__);
+ res = CURLE_FAILED_INIT;
+ goto test_cleanup;
+ }
+
+test_cleanup:
+ curl_easy_cleanup(curl);
+ curl_easy_cleanup(dupe);
+ curl_global_cleanup();
+ return res;
+}
diff --git a/tests/libtest/lib1537.c b/tests/libtest/lib1537.c
new file mode 100644
index 000000000..b07d64fc5
--- /dev/null
+++ b/tests/libtest/lib1537.c
@@ -0,0 +1,94 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "memdebug.h"
+
+int test(char *URL)
+{
+ const unsigned char a[] = {0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
+ 0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7};
+ CURLcode res = CURLE_OK;
+ char *ptr = NULL;
+ int asize;
+ int outlen;
+ char *raw;
+
+ (void)URL; /* we don't use this */
+
+ if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
+ fprintf(stderr, "curl_global_init() failed\n");
+ return TEST_ERR_MAJOR_BAD;
+ }
+
+ asize = (int)sizeof(a);
+ ptr = curl_easy_escape(NULL, (char *)a, asize);
+ printf("%s\n", ptr);
+ if(ptr)
+ curl_free(ptr);
+
+ /* deprecated API */
+ ptr = curl_escape((char *)a, asize);
+ printf("%s\n", ptr);
+ if(!ptr) {
+ res = TEST_ERR_MAJOR_BAD;
+ goto test_cleanup;
+ }
+
+ raw = curl_easy_unescape(NULL, ptr, (int)strlen(ptr), &outlen);
+ printf("outlen == %d\n", outlen);
+ printf("unescape == original? %s\n",
+ memcmp(raw, a, outlen) ? "no" : "YES");
+ if(raw)
+ curl_free(raw);
+
+ /* deprecated API */
+ raw = curl_unescape(ptr, (int)strlen(ptr));
+ if(!raw) {
+ res = TEST_ERR_MAJOR_BAD;
+ goto test_cleanup;
+ }
+ outlen = (int)strlen(raw);
+ printf("[old] outlen == %d\n", outlen);
+ printf("[old] unescape == original? %s\n",
+ memcmp(raw, a, outlen) ? "no" : "YES");
+ if(raw)
+ curl_free(raw);
+ if(ptr)
+ curl_free(ptr);
+
+ /* weird input length */
+ ptr = curl_easy_escape(NULL, (char *)a, -1);
+ printf("escape -1 length: %s\n", ptr);
+
+ /* weird input length */
+ outlen = 2017; /* just a value */
+ ptr = curl_easy_unescape(NULL, (char *)"moahahaha", -1, &outlen);
+ printf("unescape -1 length: %s %d\n", ptr, outlen);
+
+test_cleanup:
+ if(ptr)
+ curl_free(ptr);
+ curl_global_cleanup();
+
+ return (int)res;
+}
diff --git a/tests/libtest/lib1538.c b/tests/libtest/lib1538.c
new file mode 100644
index 000000000..e4e16f203
--- /dev/null
+++ b/tests/libtest/lib1538.c
@@ -0,0 +1,51 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "memdebug.h"
+
+int test(char *URL)
+{
+ int res = 0;
+ CURLcode easyret;
+ CURLMcode multiret;
+ CURLSHcode shareret;
+ (void)URL;
+
+ curl_easy_strerror(INT_MAX);
+ curl_multi_strerror(INT_MAX);
+ curl_share_strerror(INT_MAX);
+ curl_easy_strerror(-INT_MAX);
+ curl_multi_strerror(-INT_MAX);
+ curl_share_strerror(-INT_MAX);
+ for(easyret=CURLE_OK; easyret <= CURL_LAST; easyret++) {
+ printf("e%d: %s\n", (int)easyret, curl_easy_strerror(easyret));
+ }
+ for(multiret=CURLM_CALL_MULTI_PERFORM; multiret <= CURLM_LAST; multiret++) {
+ printf("m%d: %s\n", (int)multiret, curl_multi_strerror(multiret));
+ }
+ for(shareret=CURLSHE_OK; shareret <= CURLSHE_LAST; shareret++) {
+ printf("s%d: %s\n", (int)shareret, curl_share_strerror(shareret));
+ }
+
+ return (int)res;
+}
diff --git a/tests/libtest/lib1540.c b/tests/libtest/lib1540.c
new file mode 100644
index 000000000..86ba085ca
--- /dev/null
+++ b/tests/libtest/lib1540.c
@@ -0,0 +1,121 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "testutil.h"
+#include "warnless.h"
+#include "memdebug.h"
+
+struct transfer_status {
+ CURL *easy;
+ int halted;
+ int counter; /* count write callback invokes */
+ int please; /* number of times xferinfo is called while halted */
+};
+
+static int please_continue(void *userp,
+ curl_off_t dltotal,
+ curl_off_t dlnow,
+ curl_off_t ultotal,
+ curl_off_t ulnow)
+{
+ struct transfer_status *st = (struct transfer_status *)userp;
+ (void)dltotal;
+ (void)dlnow;
+ (void)ultotal;
+ (void)ulnow;
+ if(st->halted) {
+ st->please++;
+ if(st->please == 2) {
+ /* waited enough, unpause! */
+ curl_easy_pause(st->easy, CURLPAUSE_CONT);
+ }
+ }
+ fprintf(stderr, "xferinfo: paused %d\n", st->halted);
+ return 0; /* go on */
+}
+
+static size_t header_callback(void *ptr, size_t size, size_t nmemb,
+ void *userp)
+{
+ size_t len = size * nmemb;
+ (void)userp;
+ (void)fwrite(ptr, size, nmemb, stdout);
+ return len;
+}
+
+static size_t write_callback(void *ptr, size_t size, size_t nmemb, void *userp)
+{
+ struct transfer_status *st = (struct transfer_status *)userp;
+ size_t len = size * nmemb;
+ st->counter++;
+ if(st->counter > 1) {
+ /* the first call puts us on pause, so subsequent calls are after
+ unpause */
+ fwrite(ptr, size, nmemb, stdout);
+ return len;
+ }
+ printf("Got %d bytes but pausing!\n", (int)len);
+ st->halted = 1;
+ return CURL_WRITEFUNC_PAUSE;
+}
+
+#define TEST_HANG_TIMEOUT 60 * 1000
+
+int test(char *URL)
+{
+ CURL *curls = NULL;
+ int i = 0;
+ int res = 0;
+ struct transfer_status st;
+
+ start_test_timing();
+
+ memset(&st, 0, sizeof(st));
+
+ global_init(CURL_GLOBAL_ALL);
+
+ easy_init(curls);
+ st.easy = curls; /* to allow callbacks access */
+
+ easy_setopt(curls, CURLOPT_URL, URL);
+ easy_setopt(curls, CURLOPT_WRITEFUNCTION, write_callback);
+ easy_setopt(curls, CURLOPT_WRITEDATA, &st);
+ easy_setopt(curls, CURLOPT_HEADERFUNCTION, header_callback);
+ easy_setopt(curls, CURLOPT_HEADERDATA, &st);
+
+ easy_setopt(curls, CURLOPT_XFERINFOFUNCTION, please_continue);
+ easy_setopt(curls, CURLOPT_XFERINFODATA, &st);
+ easy_setopt(curls, CURLOPT_NOPROGRESS, 0L);
+
+ res = curl_easy_perform(curls);
+
+test_cleanup:
+
+ curl_easy_cleanup(curls);
+ curl_global_cleanup();
+
+ if(res)
+ i = res;
+
+ return i; /* return the final return code */
+}
diff --git a/tests/libtest/lib1550.c b/tests/libtest/lib1550.c
new file mode 100644
index 000000000..5c2fb6f6a
--- /dev/null
+++ b/tests/libtest/lib1550.c
@@ -0,0 +1,39 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "memdebug.h"
+
+#include <gnurl/multi.h>
+
+int test(char *URL)
+{
+ CURLM *handle = curl_multi_init();
+ const char *bl_servers[] = {"Microsoft-IIS/6.0", "nginx/0.8.54", NULL};
+ const char *bl_sites[] = {"curl.haxx.se:443", "example.com:80", NULL};
+ (void)URL; /* unused */
+
+ curl_multi_setopt(handle, CURLMOPT_PIPELINING_SERVER_BL, bl_servers);
+ curl_multi_setopt(handle, CURLMOPT_PIPELINING_SITE_BL, bl_sites);
+ curl_multi_cleanup(handle);
+ return 0;
+}
diff --git a/tests/libtest/lib1551.c b/tests/libtest/lib1551.c
new file mode 100644
index 000000000..e3ff3b313
--- /dev/null
+++ b/tests/libtest/lib1551.c
@@ -0,0 +1,45 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "memdebug.h"
+
+#include <gnurl/multi.h>
+
+int test(char *URL)
+{
+ CURL *curl;
+ CURLcode res = CURLE_OK;
+
+ curl = curl_easy_init();
+ if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, URL);
+ curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+ curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
+ res = curl_easy_perform(curl);
+
+ fprintf(stderr, "****************************** Do it again\n");
+ res = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+ }
+ return (int)res;
+}
diff --git a/tests/libtest/lib1900.c b/tests/libtest/lib1900.c
index 4502fc0d6..cac1dd1d9 100644
--- a/tests/libtest/lib1900.c
+++ b/tests/libtest/lib1900.c
@@ -29,14 +29,14 @@
#define MAX_URLS 200
#define MAX_BLACKLIST 20
-int urltime[MAX_URLS];
-char *urlstring[MAX_URLS];
-CURL *handles[MAX_URLS];
-char *site_blacklist[MAX_BLACKLIST];
-char *server_blacklist[MAX_BLACKLIST];
-int num_handles;
-int blacklist_num_servers;
-int blacklist_num_sites;
+static int urltime[MAX_URLS];
+static char *urlstring[MAX_URLS];
+static CURL *handles[MAX_URLS];
+static char *site_blacklist[MAX_BLACKLIST];
+static char *server_blacklist[MAX_BLACKLIST];
+static int num_handles;
+static int blacklist_num_servers;
+static int blacklist_num_sites;
static size_t
write_callback(void *contents, size_t size, size_t nmemb, void *userp)
@@ -142,7 +142,7 @@ int test(char *URL)
int handlenum = 0;
struct timeval last_handle_add;
- if(parse_url_file("log/urls.txt") <= 0)
+ if(parse_url_file(libtest_arg2) <= 0)
goto test_cleanup;
start_test_timing();
@@ -167,7 +167,6 @@ int test(char *URL)
for(;;) {
struct timeval interval;
struct timeval now;
- long int msnow, mslast;
fd_set rd, wr, exc;
int maxfd = -99;
long timeout;
@@ -177,9 +176,7 @@ int test(char *URL)
if(handlenum < num_handles) {
now = tutil_tvnow();
- msnow = now.tv_sec * 1000 + now.tv_usec / 1000;
- mslast = last_handle_add.tv_sec * 1000 + last_handle_add.tv_usec / 1000;
- if((msnow - mslast) >= urltime[handlenum]) {
+ if(tutil_tvdiff(now, last_handle_add) >= urltime[handlenum]) {
fprintf(stdout, "Adding handle %d\n", handlenum);
setup_handle(URL, m, handlenum);
last_handle_add = now;
@@ -192,8 +189,9 @@ int test(char *URL)
abort_on_test_timeout();
/* See how the transfers went */
- while((msg = curl_multi_info_read(m, &msgs_left))) {
- if(msg->msg == CURLMSG_DONE) {
+ do {
+ msg = curl_multi_info_read(m, &msgs_left);
+ if(msg && msg->msg == CURLMSG_DONE) {
int i, found = 0;
/* Find out which handle this message is about */
@@ -206,7 +204,7 @@ int test(char *URL)
printf("Handle %d Completed with status %d\n", i, msg->data.result);
curl_multi_remove_handle(m, handles[i]);
}
- }
+ } while(msg);
if(handlenum == num_handles && !running) {
break; /* done */
diff --git a/tests/libtest/lib500.c b/tests/libtest/lib500.c
index 43b05982c..d17b24b20 100644
--- a/tests/libtest/lib500.c
+++ b/tests/libtest/lib500.c
@@ -68,7 +68,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib501.c b/tests/libtest/lib501.c
index 2a105f0cd..7a2341246 100644
--- a/tests/libtest/lib501.c
+++ b/tests/libtest/lib501.c
@@ -35,7 +35,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib505.c b/tests/libtest/lib505.c
index 127fde77e..ad5d214c6 100644
--- a/tests/libtest/lib505.c
+++ b/tests/libtest/lib505.c
@@ -42,7 +42,6 @@ int test(char *URL)
int hd;
struct_stat file_info;
struct curl_slist *hl;
- int error;
struct curl_slist *headerlist=NULL;
const char *buf_1 = "RNFR 505";
@@ -55,9 +54,8 @@ int test(char *URL)
hd_src = fopen(libtest_arg2, "rb");
if(NULL == hd_src) {
- error = ERRNO;
fprintf(stderr, "fopen failed with error: %d %s\n",
- error, strerror(error));
+ errno, strerror(errno));
fprintf(stderr, "Error opening file: %s\n", libtest_arg2);
return TEST_ERR_MAJOR_BAD; /* if this happens things are major weird */
}
@@ -66,9 +64,8 @@ int test(char *URL)
hd = fstat(fileno(hd_src), &file_info);
if(hd == -1) {
/* can't open file, bail out */
- error = ERRNO;
fprintf(stderr, "fstat() failed with error: %d %s\n",
- error, strerror(error));
+ errno, strerror(errno));
fprintf(stderr, "ERROR: cannot open file %s\n", libtest_arg2);
fclose(hd_src);
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib506.c b/tests/libtest/lib506.c
index 8de30c20b..d26252b6f 100644
--- a/tests/libtest/lib506.c
+++ b/tests/libtest/lib506.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -33,11 +33,11 @@ struct Tdata {
};
struct userdata {
- char *text;
+ const char *text;
int counter;
};
-int lock[3];
+static int locks[3];
/* lock callback */
static void my_lock(CURL *handle, curl_lock_data data,
@@ -50,7 +50,7 @@ static void my_lock(CURL *handle, curl_lock_data data,
(void)handle;
(void)laccess;
- switch (data) {
+ switch(data) {
case CURL_LOCK_DATA_SHARE:
what = "share";
locknum = 0;
@@ -69,11 +69,11 @@ static void my_lock(CURL *handle, curl_lock_data data,
}
/* detect locking of locked locks */
- if(lock[locknum]) {
+ if(locks[locknum]) {
printf("lock: double locked %s\n", what);
return;
}
- lock[locknum]++;
+ locks[locknum]++;
printf("lock: %-6s [%s]: %d\n", what, user->text, user->counter);
user->counter++;
@@ -86,7 +86,7 @@ static void my_unlock(CURL *handle, curl_lock_data data, void
*useptr)
struct userdata *user = (struct userdata *)useptr;
int locknum;
(void)handle;
- switch (data) {
+ switch(data) {
case CURL_LOCK_DATA_SHARE:
what = "share";
locknum = 0;
@@ -105,11 +105,11 @@ static void my_unlock(CURL *handle, curl_lock_data data,
void *useptr)
}
/* detect unlocking of unlocked locks */
- if(!lock[locknum]) {
+ if(!locks[locknum]) {
printf("unlock: double unlocked %s\n", what);
return;
}
- lock[locknum]--;
+ locks[locknum]--;
printf("unlock: %-6s [%s]: %d\n", what, user->text, user->counter);
user->counter++;
@@ -184,7 +184,7 @@ int test(char *URL)
int i;
struct userdata user;
- user.text = (char *)"Pigs in space";
+ user.text = "Pigs in space";
user.counter = 0;
printf("GLOBAL_INIT\n");
@@ -195,7 +195,8 @@ int test(char *URL)
/* prepare share */
printf("SHARE_INIT\n");
- if((share = curl_share_init()) == NULL) {
+ share = curl_share_init();
+ if(!share) {
fprintf(stderr, "curl_share_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -230,7 +231,8 @@ int test(char *URL)
}
/* initial cookie manipulation */
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_share_cleanup(share);
curl_global_cleanup();
@@ -275,7 +277,8 @@ int test(char *URL)
/* fetch a another one and save cookies */
printf("*** run %d\n", i);
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_share_cleanup(share);
curl_global_cleanup();
@@ -302,7 +305,8 @@ int test(char *URL)
curl_slist_free_all(headers);
/* load cookies */
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_share_cleanup(share);
curl_global_cleanup();
diff --git a/tests/libtest/lib507.c b/tests/libtest/lib507.c
index 74879929b..ebe897ac8 100644
--- a/tests/libtest/lib507.c
+++ b/tests/libtest/lib507.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -29,8 +29,8 @@
int test(char *URL)
{
- CURL* curls = NULL;
- CURLM* multi = NULL;
+ CURL *curls = NULL;
+ CURLM *multi = NULL;
int still_running;
int i = -1;
int res = 0;
diff --git a/tests/libtest/lib508.c b/tests/libtest/lib508.c
index cb60ce1bd..1f6c6838a 100644
--- a/tests/libtest/lib508.c
+++ b/tests/libtest/lib508.c
@@ -62,7 +62,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib509.c b/tests/libtest/lib509.c
index 085a9753e..4f3e072ae 100644
--- a/tests/libtest/lib509.c
+++ b/tests/libtest/lib509.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,7 +23,7 @@
/*
* This test uses these funny custom memory callbacks for the only purpose
- * of verifying that curl_global_init_mem() functionallity is present in
+ * of verifying that curl_global_init_mem() functionality is present in
* libcurl and that it works unconditionally no matter how libcurl is built,
* nothing more.
*
@@ -36,11 +36,11 @@
#include "memdebug.h"
*/
-int seen_malloc = 0;
-int seen_free = 0;
-int seen_realloc = 0;
-int seen_strdup = 0;
-int seen_calloc = 0;
+static int seen_malloc = 0;
+static int seen_free = 0;
+static int seen_realloc = 0;
+static int seen_strdup = 0;
+static int seen_calloc = 0;
void *custom_malloc(size_t size);
void custom_free(void *ptr);
@@ -122,7 +122,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib510.c b/tests/libtest/lib510.c
index cb5296ec3..4c290f1ef 100644
--- a/tests/libtest/lib510.c
+++ b/tests/libtest/lib510.c
@@ -48,6 +48,10 @@ static size_t read_callback(void *ptr, size_t size, size_t
nmemb, void *userp)
if(data) {
size_t len = strlen(data);
+ if(size*nmemb < len) {
+ fprintf(stderr, "read buffer is too small to run test\n");
+ return 0;
+ }
memcpy(ptr, data, len);
pooh->counter++; /* advance pointer */
return len;
@@ -68,7 +72,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib511.c b/tests/libtest/lib511.c
index 0b7ae6f43..2467bf0b0 100644
--- a/tests/libtest/lib511.c
+++ b/tests/libtest/lib511.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib513.c b/tests/libtest/lib513.c
index 58091ef6a..7c34bc4db 100644
--- a/tests/libtest/lib513.c
+++ b/tests/libtest/lib513.c
@@ -42,7 +42,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib514.c b/tests/libtest/lib514.c
index f516d0942..7b33d52f9 100644
--- a/tests/libtest/lib514.c
+++ b/tests/libtest/lib514.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib515.c b/tests/libtest/lib515.c
index d3e6e446a..6fb178720 100644
--- a/tests/libtest/lib515.c
+++ b/tests/libtest/lib515.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib516.c b/tests/libtest/lib516.c
index 9faf262c6..00c54c450 100644
--- a/tests/libtest/lib516.c
+++ b/tests/libtest/lib516.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib517.c b/tests/libtest/lib517.c
index 2f68ebd24..22162ff1e 100644
--- a/tests/libtest/lib517.c
+++ b/tests/libtest/lib517.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -116,6 +116,12 @@ static const char * const dates[]={
"20111323 12:34:56",
"20110623 12:34:79",
"Wed, 31 Dec 2008 23:59:60 GMT", /* leap second */
+ "20110623 12:3",
+ "20110623 1:3",
+ "20110623 1:30",
+ "20110623 12:12:3",
+ "20110623 01:12:3",
+ "20110623 01:99:30",
NULL
};
diff --git a/tests/libtest/lib518.c b/tests/libtest/lib518.c
index e37a7771d..e2dcb440d 100644
--- a/tests/libtest/lib518.c
+++ b/tests/libtest/lib518.c
@@ -86,7 +86,7 @@ static int fopen_works(void)
for(i = 0; i < 3; i++) {
fpa[i] = fopen(DEV_NULL, FOPEN_READTEXT);
if(fpa[i] == NULL) {
- store_errmsg("fopen failed", ERRNO);
+ store_errmsg("fopen failed", errno);
fprintf(stderr, "%s\n", msgbuff);
ret = 0;
break;
@@ -122,7 +122,7 @@ static int rlimit(int keep_open)
/* get initial open file limits */
if(getrlimit(RLIMIT_NOFILE, &rl) != 0) {
- store_errmsg("getrlimit() failed", ERRNO);
+ store_errmsg("getrlimit() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
return -1;
}
@@ -169,7 +169,7 @@ static int rlimit(int keep_open)
rl.rlim_cur = OPEN_MAX;
if(setrlimit(RLIMIT_NOFILE, &rl) != 0) {
/* on failure don't abort just issue a warning */
- store_errmsg("setrlimit() failed", ERRNO);
+ store_errmsg("setrlimit() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
msgbuff[0] = '\0';
}
@@ -180,7 +180,7 @@ static int rlimit(int keep_open)
rl.rlim_cur = rl.rlim_max;
if(setrlimit(RLIMIT_NOFILE, &rl) != 0) {
/* on failure don't abort just issue a warning */
- store_errmsg("setrlimit() failed", ERRNO);
+ store_errmsg("setrlimit() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
msgbuff[0] = '\0';
}
@@ -188,7 +188,7 @@ static int rlimit(int keep_open)
/* get current open file limits */
if(getrlimit(RLIMIT_NOFILE, &rl) != 0) {
- store_errmsg("getrlimit() failed", ERRNO);
+ store_errmsg("getrlimit() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
return -3;
}
@@ -268,7 +268,7 @@ static int rlimit(int keep_open)
}
} while(nitems && !memchunk);
if(!memchunk) {
- store_errmsg("memchunk, malloc() failed", ERRNO);
+ store_errmsg("memchunk, malloc() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
return -5;
}
@@ -303,7 +303,7 @@ static int rlimit(int keep_open)
fd = malloc(sizeof(*fd) * (size_t)(num_open.rlim_max));
if(!fd) {
- store_errmsg("fd, malloc() failed", ERRNO);
+ store_errmsg("fd, malloc() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
free(memchunk);
return -7;
@@ -326,7 +326,7 @@ static int rlimit(int keep_open)
fd[0] = open(DEV_NULL, O_RDONLY);
if(fd[0] < 0) {
snprintf(strbuff, sizeof(strbuff), "opening of %s failed", DEV_NULL);
- store_errmsg(strbuff, ERRNO);
+ store_errmsg(strbuff, errno);
fprintf(stderr, "%s\n", msgbuff);
free(fd);
fd = NULL;
@@ -489,7 +489,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
close_file_descriptors();
curl_global_cleanup();
diff --git a/tests/libtest/lib519.c b/tests/libtest/lib519.c
index 6e3059892..5c55aebe6 100644
--- a/tests/libtest/lib519.c
+++ b/tests/libtest/lib519.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib520.c b/tests/libtest/lib520.c
index b5a71da27..72b0875ed 100644
--- a/tests/libtest/lib520.c
+++ b/tests/libtest/lib520.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib521.c b/tests/libtest/lib521.c
index 40f4def4f..b7efca0be 100644
--- a/tests/libtest/lib521.c
+++ b/tests/libtest/lib521.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib523.c b/tests/libtest/lib523.c
index f3264690d..44aa2e2e9 100644
--- a/tests/libtest/lib523.c
+++ b/tests/libtest/lib523.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib524.c b/tests/libtest/lib524.c
index 3440562b2..08fd34dfc 100644
--- a/tests/libtest/lib524.c
+++ b/tests/libtest/lib524.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib525.c b/tests/libtest/lib525.c
index 4bf259d21..715b7fbe2 100644
--- a/tests/libtest/lib525.c
+++ b/tests/libtest/lib525.c
@@ -35,7 +35,6 @@ int test(char *URL)
CURL *curl = NULL;
FILE *hd_src = NULL;
int hd;
- int error;
struct_stat file_info;
CURLM *m = NULL;
int running;
@@ -55,9 +54,8 @@ int test(char *URL)
hd_src = fopen(libtest_arg2, "rb");
if(NULL == hd_src) {
- error = ERRNO;
fprintf(stderr, "fopen failed with error: %d (%s)\n",
- error, strerror(error));
+ errno, strerror(errno));
fprintf(stderr, "Error opening file: (%s)\n", libtest_arg2);
return TEST_ERR_FOPEN;
}
@@ -66,9 +64,8 @@ int test(char *URL)
hd = fstat(fileno(hd_src), &file_info);
if(hd == -1) {
/* can't open file, bail out */
- error = ERRNO;
fprintf(stderr, "fstat() failed with error: %d (%s)\n",
- error, strerror(error));
+ errno, strerror(errno));
fprintf(stderr, "ERROR: cannot open file (%s)\n", libtest_arg2);
fclose(hd_src);
return TEST_ERR_FSTAT;
diff --git a/tests/libtest/lib526.c b/tests/libtest/lib526.c
index 0ce7ebbe1..522cd7422 100644
--- a/tests/libtest/lib526.c
+++ b/tests/libtest/lib526.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -29,7 +29,7 @@
* controlling the small differences.
*
* - lib526 closes all easy handles after
- * they all have transfered the file over the single connection
+ * they all have transferred the file over the single connection
* - lib527 closes each easy handle after each single transfer.
* - lib532 uses only a single easy handle that is removed, reset and then
* re-added for each transfer
diff --git a/tests/libtest/lib537.c b/tests/libtest/lib537.c
index c1561419a..b5ee2ce5b 100644
--- a/tests/libtest/lib537.c
+++ b/tests/libtest/lib537.c
@@ -87,7 +87,7 @@ static int fopen_works(void)
for(i = 0; i < 3; i++) {
fpa[i] = fopen(DEV_NULL, FOPEN_READTEXT);
if(fpa[i] == NULL) {
- store_errmsg("fopen failed", ERRNO);
+ store_errmsg("fopen failed", errno);
fprintf(stderr, "%s\n", msgbuff);
ret = 0;
break;
@@ -103,7 +103,7 @@ static int fopen_works(void)
static int rlimit(int keep_open)
{
int *tmpfd;
- int nitems, i;
+ rlim_t nitems, i;
int *memchunk = NULL;
char *fmt;
struct rlimit rl;
@@ -123,7 +123,7 @@ static int rlimit(int keep_open)
/* get initial open file limits */
if(getrlimit(RLIMIT_NOFILE, &rl) != 0) {
- store_errmsg("getrlimit() failed", ERRNO);
+ store_errmsg("getrlimit() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
return -1;
}
@@ -164,7 +164,7 @@ static int rlimit(int keep_open)
rl.rlim_cur = OPEN_MAX;
if(setrlimit(RLIMIT_NOFILE, &rl) != 0) {
/* on failure don't abort just issue a warning */
- store_errmsg("setrlimit() failed", ERRNO);
+ store_errmsg("setrlimit() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
msgbuff[0] = '\0';
}
@@ -175,7 +175,7 @@ static int rlimit(int keep_open)
rl.rlim_cur = rl.rlim_max;
if(setrlimit(RLIMIT_NOFILE, &rl) != 0) {
/* on failure don't abort just issue a warning */
- store_errmsg("setrlimit() failed", ERRNO);
+ store_errmsg("setrlimit() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
msgbuff[0] = '\0';
}
@@ -183,7 +183,7 @@ static int rlimit(int keep_open)
/* get current open file limits */
if(getrlimit(RLIMIT_NOFILE, &rl) != 0) {
- store_errmsg("getrlimit() failed", ERRNO);
+ store_errmsg("getrlimit() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
return -3;
}
@@ -232,7 +232,7 @@ static int rlimit(int keep_open)
if(nitems > 0x7fff)
nitems = 0x40000;
do {
- num_open.rlim_max = sizeof(*memchunk) * (size_t)nitems;
+ num_open.rlim_max = sizeof(*memchunk) * nitems;
snprintf(strbuff, sizeof(strbuff), fmt, num_open.rlim_max);
fprintf(stderr, "allocating memchunk %s byte array\n", strbuff);
memchunk = malloc(sizeof(*memchunk) * (size_t)nitems);
@@ -242,7 +242,7 @@ static int rlimit(int keep_open)
}
} while(nitems && !memchunk);
if(!memchunk) {
- store_errmsg("memchunk, malloc() failed", ERRNO);
+ store_errmsg("memchunk, malloc() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
return -4;
}
@@ -297,7 +297,7 @@ static int rlimit(int keep_open)
}
} while(num_open.rlim_max && !fd);
if(!fd) {
- store_errmsg("fd, malloc() failed", ERRNO);
+ store_errmsg("fd, malloc() failed", errno);
fprintf(stderr, "%s\n", msgbuff);
free(memchunk);
return -6;
@@ -320,7 +320,7 @@ static int rlimit(int keep_open)
fd[0] = open(DEV_NULL, O_RDONLY);
if(fd[0] < 0) {
snprintf(strbuff, sizeof(strbuff), "opening of %s failed", DEV_NULL);
- store_errmsg(strbuff, ERRNO);
+ store_errmsg(strbuff, errno);
fprintf(stderr, "%s\n", msgbuff);
free(fd);
fd = NULL;
@@ -491,7 +491,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
close_file_descriptors();
curl_global_cleanup();
diff --git a/tests/libtest/lib539.c b/tests/libtest/lib539.c
index 9f0f8fabf..7c03dd2fd 100644
--- a/tests/libtest/lib539.c
+++ b/tests/libtest/lib539.c
@@ -35,14 +35,15 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
}
/*
- * Begin with cURL set to use a single CWD to the URL's directory.
+ * Begin with curl set to use a single CWD to the URL's directory.
*/
test_setopt(curl, CURLOPT_URL, URL);
test_setopt(curl, CURLOPT_VERBOSE, 1L);
@@ -53,7 +54,7 @@ int test(char *URL)
/*
* Change the FTP_FILEMETHOD option to use full paths rather than a CWD
* command. Alter the URL's path a bit, appending a "./". Use an innocuous
- * QUOTE command, after which cURL will CWD to ftp_conn->entrypath and then
+ * QUOTE command, after which curl will CWD to ftp_conn->entrypath and then
* (on the next call to ftp_statemach_act) find a non-zero ftpconn->dirdepth
* even though no directories are stored in the ftpconn->dirs array (after a
* call to freedirs).
@@ -65,7 +66,7 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- slist = curl_slist_append (NULL, "SYST");
+ slist = curl_slist_append(NULL, "SYST");
if(slist == NULL) {
free(newURL);
curl_easy_cleanup(curl);
diff --git a/tests/libtest/lib540.c b/tests/libtest/lib540.c
index 9b3b5a40e..ac862092f 100644
--- a/tests/libtest/lib540.c
+++ b/tests/libtest/lib540.c
@@ -46,9 +46,9 @@
#define NUM_HANDLES 2
-CURL *eh[NUM_HANDLES];
+static CURL *eh[NUM_HANDLES];
-static int init(int num, CURLM *cm, const char* url, const char* userpwd,
+static int init(int num, CURLM *cm, const char *url, const char *userpwd,
struct curl_slist *headers)
{
int res = 0;
@@ -99,7 +99,7 @@ init_failed:
return res; /* failure */
}
-static int loop(int num, CURLM *cm, const char* url, const char* userpwd,
+static int loop(int num, CURLM *cm, const char *url, const char *userpwd,
struct curl_slist *headers)
{
CURLMsg *msg;
diff --git a/tests/libtest/lib541.c b/tests/libtest/lib541.c
index 604446a2e..94a26a4b7 100644
--- a/tests/libtest/lib541.c
+++ b/tests/libtest/lib541.c
@@ -38,7 +38,6 @@ int test(char *URL)
FILE *hd_src;
int hd;
struct_stat file_info;
- int error;
if(!libtest_arg2) {
fprintf(stderr, "Usage: <url> <file-to-upload>\n");
@@ -47,9 +46,8 @@ int test(char *URL)
hd_src = fopen(libtest_arg2, "rb");
if(NULL == hd_src) {
- error = ERRNO;
fprintf(stderr, "fopen failed with error: %d %s\n",
- error, strerror(error));
+ errno, strerror(errno));
fprintf(stderr, "Error opening file: %s\n", libtest_arg2);
return -2; /* if this happens things are major weird */
}
@@ -58,9 +56,8 @@ int test(char *URL)
hd = fstat(fileno(hd_src), &file_info);
if(hd == -1) {
/* can't open file, bail out */
- error = ERRNO;
fprintf(stderr, "fstat() failed with error: %d %s\n",
- error, strerror(error));
+ errno, strerror(errno));
fprintf(stderr, "ERROR: cannot open file %s\n", libtest_arg2);
fclose(hd_src);
return TEST_ERR_MAJOR_BAD;
@@ -79,7 +76,8 @@ int test(char *URL)
}
/* get a curl handle */
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
fclose(hd_src);
diff --git a/tests/libtest/lib542.c b/tests/libtest/lib542.c
index c82ccd5b7..4016874e1 100644
--- a/tests/libtest/lib542.c
+++ b/tests/libtest/lib542.c
@@ -42,7 +42,8 @@ int test(char *URL)
}
/* get a curl handle */
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib543.c b/tests/libtest/lib543.c
index 8fec052d2..6d2532d12 100644
--- a/tests/libtest/lib543.c
+++ b/tests/libtest/lib543.c
@@ -36,14 +36,15 @@ int test(char *URL)
char *s;
(void)URL;
- if((easy = curl_easy_init()) == NULL) {
+ easy = curl_easy_init();
+ if(!easy) {
fprintf(stderr, "curl_easy_init() failed\n");
return TEST_ERR_MAJOR_BAD;
}
asize = (int)sizeof(a);
- s = curl_easy_escape(easy, (char*)a, asize);
+ s = curl_easy_escape(easy, (char *)a, asize);
if(s)
printf("%s\n", s);
diff --git a/tests/libtest/lib544.c b/tests/libtest/lib544.c
index 4b08a0a76..28eacdaf6 100644
--- a/tests/libtest/lib544.c
+++ b/tests/libtest/lib544.c
@@ -47,7 +47,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib547.c b/tests/libtest/lib547.c
index 4ec42a330..ce967c085 100644
--- a/tests/libtest/lib547.c
+++ b/tests/libtest/lib547.c
@@ -90,7 +90,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib549.c b/tests/libtest/lib549.c
index 137029548..1d832b536 100644
--- a/tests/libtest/lib549.c
+++ b/tests/libtest/lib549.c
@@ -38,7 +38,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib552.c b/tests/libtest/lib552.c
index 9fe4a7168..3a93dafaf 100644
--- a/tests/libtest/lib552.c
+++ b/tests/libtest/lib552.c
@@ -89,9 +89,10 @@ int my_trace(CURL *handle, curl_infotype type,
const char *text;
(void)handle; /* prevent compiler warning */
- switch (type) {
+ switch(type) {
case CURLINFO_TEXT:
fprintf(stderr, "== Info: %s", (char *)data);
+ /* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
@@ -147,11 +148,11 @@ static size_t write_callback(void *ptr, size_t size,
size_t nmemb,
}
-static curlioerr ioctl_callback(CURL * handle, int cmd, void *clientp)
+static curlioerr ioctl_callback(CURL *handle, int cmd, void *clientp)
{
(void)clientp;
if(cmd == CURLIOCMD_RESTARTREAD) {
- printf("APPLICATION: recieved a CURLIOCMD_RESTARTREAD request\n");
+ printf("APPLICATION: received a CURLIOCMD_RESTARTREAD request\n");
printf("APPLICATION: ** REWINDING! **\n");
current_offset = 0;
return CURLIOE_OK;
@@ -172,7 +173,8 @@ int test(char *URL)
config.trace_ascii = 1; /* enable ascii tracing */
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib553.c b/tests/libtest/lib553.c
index 9afaad48f..288f4c1d1 100644
--- a/tests/libtest/lib553.c
+++ b/tests/libtest/lib553.c
@@ -67,7 +67,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib554.c b/tests/libtest/lib554.c
index 803df26d1..083746243 100644
--- a/tests/libtest/lib554.c
+++ b/tests/libtest/lib554.c
@@ -162,7 +162,8 @@ static int once(char *URL, bool oldstyle)
if(formrc)
printf("curl_formadd(4) = %d\n", (int)formrc);
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_formfree(formpost);
curl_global_cleanup();
diff --git a/tests/libtest/lib555.c b/tests/libtest/lib555.c
index e84af87e5..8156a95e7 100644
--- a/tests/libtest/lib555.c
+++ b/tests/libtest/lib555.c
@@ -98,7 +98,7 @@ int test(char *URL)
easy_setopt(curl, CURLOPT_READDATA, &counter);
/* We CANNOT do the POST fine without setting the size (or choose
chunked)! */
- easy_setopt(curl, CURLOPT_POSTFIELDSIZE, strlen(UPLOADTHIS));
+ easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)strlen(UPLOADTHIS));
easy_setopt(curl, CURLOPT_POST, 1L);
#ifdef CURL_DOES_CONVERSIONS
diff --git a/tests/libtest/lib556.c b/tests/libtest/lib556.c
index 527935396..f06c5299c 100644
--- a/tests/libtest/lib556.c
+++ b/tests/libtest/lib556.c
@@ -45,7 +45,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -76,11 +77,10 @@ int test(char *URL)
if(!res) {
/* we assume that sending always work */
- size_t total=0;
do {
/* busy-read like crazy */
- res = curl_easy_recv(curl, buf, 1024, &iolen);
+ res = curl_easy_recv(curl, buf, sizeof(buf), &iolen);
#ifdef TPF
sleep(1); /* avoid ctl-10 dump */
@@ -91,10 +91,12 @@ int test(char *URL)
if(!write(STDOUT_FILENO, buf, iolen))
break;
}
- total += iolen;
- } while(((res == CURLE_OK) || (res == CURLE_AGAIN)) && (total < 129));
+ } while((res == CURLE_OK && iolen != 0) || (res == CURLE_AGAIN));
}
+
+ if(res != CURLE_OK || iolen != 0)
+ return TEST_ERR_FAILURE;
}
test_cleanup:
diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c
index 5bdb8abe0..4a598f22d 100644
--- a/tests/libtest/lib557.c
+++ b/tests/libtest/lib557.c
@@ -26,8 +26,16 @@
*/
#include "test.h"
-#include "memdebug.h"
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
+
+#ifdef HAVE_LOCALE_H
+# include <locale.h> /* for setlocale() */
+#endif
+
+#include "memdebug.h"
#if (CURL_SIZEOF_CURL_OFF_T > CURL_SIZEOF_LONG)
# define MPRNT_SUFFIX_CURL_OFF_T LL
@@ -1345,7 +1353,6 @@ static int test_curl_off_t_formatting(void)
num_cofft_tests = i;
#endif
- /* !checksrc! enable LONGLINE */
for(i=1; i<=num_cofft_tests; i++) {
@@ -1374,17 +1381,32 @@ static int test_curl_off_t_formatting(void)
return failed;
}
-static int string_check(char *buf, const char *buf2)
+static int _string_check(int linenumber, char *buf, const char *buf2)
{
if(strcmp(buf, buf2)) {
/* they shouldn't differ */
- printf("sprintf failed:\nwe '%s'\nsystem: '%s'\n",
- buf, buf2);
+ printf("sprintf line %d failed:\nwe '%s'\nsystem: '%s'\n",
+ linenumber, buf, buf2);
+ return 1;
+ }
+ return 0;
+}
+#define string_check(x,y) _string_check(__LINE__, x, y)
+
+static int _strlen_check(int linenumber, char *buf, size_t len)
+{
+ size_t buflen = strlen(buf);
+ if(len != buflen) {
+ /* they shouldn't differ */
+ printf("sprintf strlen:%d failed:\nwe '%d'\nsystem: '%d'\n",
+ linenumber, buflen, len);
return 1;
}
return 0;
}
+#define strlen_check(x,y) _strlen_check(__LINE__, x, y)
+
/*
* The output strings in this test need to have been verified with a system
* sprintf() before used here.
@@ -1422,11 +1444,236 @@ static int test_string_formatting(void)
return errors;
}
+static int test_weird_arguments(void)
+{
+ int errors = 0;
+ char buf[256];
+ int rc;
+
+ /* MAX_PARAMETERS is 128, try exact 128! */
+ rc = curl_msnprintf(buf, sizeof(buf),
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 1 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 2 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 3 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 4 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 5 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 6 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 7 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 8 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 9 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 10 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 11 */
+ "%d%d%d%d%d%d%d%d" /* 8 */
+ ,
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 1 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 2 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 3 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 4 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 5 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 6 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 7 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 8 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 9 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 10 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 11 */
+ 0, 1, 2, 3, 4, 5, 6, 7); /* 8 */
+
+ if(rc != 128) {
+ printf("curl_mprintf() returned %d and not 128!\n", rc);
+ errors++;
+ }
+
+ errors += string_check(buf,
+ "0123456789" /* 10 */
+ "0123456789" /* 10 1 */
+ "0123456789" /* 10 2 */
+ "0123456789" /* 10 3 */
+ "0123456789" /* 10 4 */
+ "0123456789" /* 10 5 */
+ "0123456789" /* 10 6 */
+ "0123456789" /* 10 7 */
+ "0123456789" /* 10 8 */
+ "0123456789" /* 10 9 */
+ "0123456789" /* 10 10*/
+ "0123456789" /* 10 11 */
+ "01234567" /* 8 */
+ );
+
+ /* MAX_PARAMETERS is 128, try more! */
+ buf[0] = 0;
+ rc = curl_msnprintf(buf, sizeof(buf),
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 1 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 2 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 3 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 4 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 5 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 6 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 7 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 8 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 9 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 10 */
+ "%d%d%d%d%d%d%d%d%d%d" /* 10 11 */
+ "%d%d%d%d%d%d%d%d%d" /* 9 */
+ ,
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 1 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 2 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 3 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 4 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 5 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 6 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 7 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 8 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 9 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 10 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 11 */
+ 0, 1, 2, 3, 4, 5, 6, 7, 8); /* 9 */
+
+ if(rc != -1) {
+ printf("curl_mprintf() returned %d and not -1!\n", rc);
+ errors++;
+ }
+
+ errors += string_check(buf, "");
+
+ if(errors)
+ printf("Some curl_mprintf() weird arguments tests failed!\n");
+
+ return errors;
+}
+
+/* DBL_MAX value from Linux */
+#define MAXIMIZE -1.7976931348623157081452E+308
+
+static int test_float_formatting(void)
+{
+ int errors = 0;
+ char buf[512]; /* larger than max float size */
+ curl_msnprintf(buf, sizeof(buf), "%f", 9.0);
+ errors += string_check(buf, "9.000000");
+
+ curl_msnprintf(buf, sizeof(buf), "%.1f", 9.1);
+ errors += string_check(buf, "9.1");
+
+ curl_msnprintf(buf, sizeof(buf), "%.2f", 9.1);
+ errors += string_check(buf, "9.10");
+
+ curl_msnprintf(buf, sizeof(buf), "%.0f", 9.1);
+ errors += string_check(buf, "9");
+
+ curl_msnprintf(buf, sizeof(buf), "%0f", 9.1);
+ errors += string_check(buf, "9.100000");
+
+ curl_msnprintf(buf, sizeof(buf), "%10f", 9.1);
+ errors += string_check(buf, " 9.100000");
+
+ curl_msnprintf(buf, sizeof(buf), "%10.3f", 9.1);
+ errors += string_check(buf, " 9.100");
+
+ curl_msnprintf(buf, sizeof(buf), "%-10.3f", 9.1);
+ errors += string_check(buf, "9.100 ");
+
+ curl_msnprintf(buf, sizeof(buf), "%-10.3f", 9.123456);
+ errors += string_check(buf, "9.123 ");
+
+ curl_msnprintf(buf, sizeof(buf), "%.-2f", 9.1);
+ errors += string_check(buf, "9.100000");
+
+ curl_msnprintf(buf, sizeof(buf), "%*f", 10, 9.1);
+ errors += string_check(buf, " 9.100000");
+
+ curl_msnprintf(buf, sizeof(buf), "%*f", 3, 9.1);
+ errors += string_check(buf, "9.100000");
+
+ curl_msnprintf(buf, sizeof(buf), "%*f", 6, 9.2987654);
+ errors += string_check(buf, "9.298765");
+
+ curl_msnprintf(buf, sizeof(buf), "%*f", 6, 9.298765);
+ errors += string_check(buf, "9.298765");
+
+ curl_msnprintf(buf, sizeof(buf), "%*f", 6, 9.29876);
+ errors += string_check(buf, "9.298760");
+
+ curl_msnprintf(buf, sizeof(buf), "%.*f", 6, 9.2987654);
+ errors += string_check(buf, "9.298765");
+ curl_msnprintf(buf, sizeof(buf), "%.*f", 5, 9.2987654);
+ errors += string_check(buf, "9.29877");
+ curl_msnprintf(buf, sizeof(buf), "%.*f", 4, 9.2987654);
+ errors += string_check(buf, "9.2988");
+ curl_msnprintf(buf, sizeof(buf), "%.*f", 3, 9.2987654);
+ errors += string_check(buf, "9.299");
+ curl_msnprintf(buf, sizeof(buf), "%.*f", 2, 9.2987654);
+ errors += string_check(buf, "9.30");
+ curl_msnprintf(buf, sizeof(buf), "%.*f", 1, 9.2987654);
+ errors += string_check(buf, "9.3");
+ curl_msnprintf(buf, sizeof(buf), "%.*f", 0, 9.2987654);
+ errors += string_check(buf, "9");
+
+ /* very large precisions easily turn into system specific outputs so we only
+ check the output buffer length here as we know the internal limit */
+
+ curl_msnprintf(buf, sizeof(buf), "%.*f", (1<<30), 9.2987654);
+ errors += strlen_check(buf, 325);
+
+ curl_msnprintf(buf, sizeof(buf), "%10000.10000f", 9.2987654);
+ errors += strlen_check(buf, 325);
+
+ curl_msnprintf(buf, sizeof(buf), "%240.10000f",
+ 123456789123456789123456789.2987654);
+ errors += strlen_check(buf, 325);
+
+ /* check negative when used signed */
+ curl_msnprintf(buf, sizeof(buf), "%*f", INT_MIN, 9.1);
+ errors += string_check(buf, "9.100000");
+
+ /* curl_msnprintf() limits a single float output to 325 bytes maximum
+ width */
+ curl_msnprintf(buf, sizeof(buf), "%*f", (1<<30), 9.1);
+ errors += string_check(buf, "
9.100000");
+ curl_msnprintf(buf, sizeof(buf), "%100000f", 9.1);
+ errors += string_check(buf, "
9.100000");
+
+ curl_msnprintf(buf, sizeof(buf), "%f", MAXIMIZE);
+ errors += strlen_check(buf, 317);
+
+ curl_msnprintf(buf, 2, "%f", MAXIMIZE);
+ errors += strlen_check(buf, 1);
+ curl_msnprintf(buf, 3, "%f", MAXIMIZE);
+ errors += strlen_check(buf, 2);
+ curl_msnprintf(buf, 4, "%f", MAXIMIZE);
+ errors += strlen_check(buf, 3);
+ curl_msnprintf(buf, 5, "%f", MAXIMIZE);
+ errors += strlen_check(buf, 4);
+ curl_msnprintf(buf, 6, "%f", MAXIMIZE);
+ errors += strlen_check(buf, 5);
+
+ if(!errors)
+ printf("All float strings tests OK!\n");
+ else
+ printf("test_float_formatting Failed!\n");
+
+ return errors;
+}
+/* !checksrc! enable LONGLINE */
+
int test(char *URL)
{
int errors = 0;
(void)URL; /* not used */
+#ifdef HAVE_SETLOCALE
+ /*
+ * The test makes assumptions about the numeric locale (specifically,
+ * RADIXCHAR) so set it to a known working (and portable) one.
+ */
+ setlocale(LC_NUMERIC, "C");
+#endif
+
+ errors += test_weird_arguments();
+
errors += test_unsigned_short_formatting();
errors += test_signed_short_formatting();
@@ -1443,6 +1690,8 @@ int test(char *URL)
errors += test_string_formatting();
+ errors += test_float_formatting();
+
if(errors)
return TEST_ERR_MAJOR_BAD;
else
diff --git a/tests/libtest/lib559.c b/tests/libtest/lib559.c
new file mode 100644
index 000000000..8c72dbd0c
--- /dev/null
+++ b/tests/libtest/lib559.c
@@ -0,0 +1,56 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "testtrace.h"
+#include "memdebug.h"
+
+int test(char *URL)
+{
+ CURLcode res;
+ CURL *curl;
+
+ if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
+ fprintf(stderr, "curl_global_init() failed\n");
+ return TEST_ERR_MAJOR_BAD;
+ }
+
+ curl = curl_easy_init();
+ if(!curl) {
+ fprintf(stderr, "curl_easy_init() failed\n");
+ curl_global_cleanup();
+ return TEST_ERR_MAJOR_BAD;
+ }
+
+ test_setopt(curl, CURLOPT_URL, URL);
+ test_setopt(curl, CURLOPT_HEADER, 1L);
+ test_setopt(curl, CURLOPT_BUFFERSIZE, 1L); /* the smallest! */
+
+ res = curl_easy_perform(curl);
+test_cleanup:
+
+ curl_easy_cleanup(curl);
+ curl_global_cleanup();
+
+ return (int)res;
+}
+
diff --git a/tests/libtest/lib562.c b/tests/libtest/lib562.c
index 819b50759..285b9f5d0 100644
--- a/tests/libtest/lib562.c
+++ b/tests/libtest/lib562.c
@@ -46,7 +46,8 @@ int test(char *URL)
}
/* get a curl handle */
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib566.c b/tests/libtest/lib566.c
index 94a91d5dd..ecf8c5530 100644
--- a/tests/libtest/lib566.c
+++ b/tests/libtest/lib566.c
@@ -35,7 +35,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib567.c b/tests/libtest/lib567.c
index 38e0c0b78..f9f55e3c0 100644
--- a/tests/libtest/lib567.c
+++ b/tests/libtest/lib567.c
@@ -37,7 +37,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib568.c b/tests/libtest/lib568.c
index 9b3a07787..0cdef812b 100644
--- a/tests/libtest/lib568.c
+++ b/tests/libtest/lib568.c
@@ -55,7 +55,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -66,7 +67,8 @@ int test(char *URL)
test_setopt(curl, CURLOPT_URL, URL);
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -100,7 +102,8 @@ int test(char *URL)
sdpf = NULL;
/* Make sure we can do a normal request now */
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -115,7 +118,8 @@ int test(char *URL)
/* Now do a POST style one */
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -144,7 +148,8 @@ int test(char *URL)
custom_headers = NULL;
/* Make sure we can do a normal request now */
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
diff --git a/tests/libtest/lib569.c b/tests/libtest/lib569.c
index 55282b69b..d7381d9a2 100644
--- a/tests/libtest/lib569.c
+++ b/tests/libtest/lib569.c
@@ -53,7 +53,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
fclose(idfile);
@@ -77,7 +78,8 @@ int test(char *URL)
/* Go through the various Session IDs */
for(i = 0; i < 3; i++) {
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -96,7 +98,8 @@ int test(char *URL)
fprintf(idfile, "Got Session ID: [%s]\n", rtsp_session_id);
rtsp_session_id = NULL;
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
diff --git a/tests/libtest/lib570.c b/tests/libtest/lib570.c
index 2dc57b761..9d9b5a134 100644
--- a/tests/libtest/lib570.c
+++ b/tests/libtest/lib570.c
@@ -40,7 +40,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -54,7 +55,8 @@ int test(char *URL)
test_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_OPTIONS);
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -74,7 +76,8 @@ int test(char *URL)
"RAW/RAW/UDP;unicast;client_port=3056-3057");
test_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_SETUP);
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -88,7 +91,8 @@ int test(char *URL)
test_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_PLAY);
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
diff --git a/tests/libtest/lib571.c b/tests/libtest/lib571.c
index ad6c366b4..f19b643ff 100644
--- a/tests/libtest/lib571.c
+++ b/tests/libtest/lib571.c
@@ -50,12 +50,13 @@ static const char *RTP_DATA = "$_1234\n\0asdf";
static int rtp_packet_count = 0;
-static size_t rtp_write(void *ptr, size_t size, size_t nmemb, void *stream) {
+static size_t rtp_write(void *ptr, size_t size, size_t nmemb, void *stream)
+{
char *data = (char *)ptr;
int channel = RTP_PKT_CHANNEL(data);
int message_size;
int coded_size = RTP_PKT_LENGTH(data);
- size_t failure = (size * nmemb) ? 0 : 1;
+ size_t failure = (size && nmemb) ? 0 : 1;
int i;
(void)stream;
@@ -117,7 +118,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
fclose(protofile);
curl_global_cleanup();
@@ -125,7 +127,8 @@ int test(char *URL)
}
test_setopt(curl, CURLOPT_URL, URL);
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -146,7 +149,8 @@ int test(char *URL)
goto test_cleanup;
/* This PLAY starts the interleave */
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -160,7 +164,8 @@ int test(char *URL)
goto test_cleanup;
/* The DESCRIBE request will try to consume data after the Content */
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -173,7 +178,8 @@ int test(char *URL)
if(res)
goto test_cleanup;
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
diff --git a/tests/libtest/lib572.c b/tests/libtest/lib572.c
index 3475e8060..47a9da535 100644
--- a/tests/libtest/lib572.c
+++ b/tests/libtest/lib572.c
@@ -55,7 +55,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -69,7 +70,8 @@ int test(char *URL)
test_setopt(curl, CURLOPT_URL, URL);
/* SETUP */
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -83,7 +85,8 @@ int test(char *URL)
if(res)
goto test_cleanup;
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -117,7 +120,8 @@ int test(char *URL)
paramsf = NULL;
/* Heartbeat GET_PARAMETERS */
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -131,7 +135,8 @@ int test(char *URL)
/* POST GET_PARAMETERS */
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
@@ -149,7 +154,8 @@ int test(char *URL)
test_setopt(curl, CURLOPT_POSTFIELDS, NULL);
/* Make sure we can do a normal request now */
- if((stream_uri = suburl(URL, request++)) == NULL) {
+ stream_uri = suburl(URL, request++);
+ if(!stream_uri) {
res = TEST_ERR_MAJOR_BAD;
goto test_cleanup;
}
diff --git a/tests/libtest/lib574.c b/tests/libtest/lib574.c
index 9f9222b39..f4fb850ff 100644
--- a/tests/libtest/lib574.c
+++ b/tests/libtest/lib574.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,8 +23,10 @@
#include "memdebug.h"
-static int new_fnmatch(const char *pattern, const char *string)
+static int new_fnmatch(void *ptr,
+ const char *pattern, const char *string)
{
+ (void)ptr;
(void)pattern;
(void)string;
return CURL_FNMATCHFUNC_MATCH;
@@ -40,7 +42,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib578.c b/tests/libtest/lib578.c
index 5e01d36e0..41b23db34 100644
--- a/tests/libtest/lib578.c
+++ b/tests/libtest/lib578.c
@@ -58,7 +58,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -76,7 +77,7 @@ int test(char *URL)
#endif
/* Set the expected POST size */
- test_setopt(curl, CURLOPT_POSTFIELDSIZE, data_size);
+ test_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)data_size);
test_setopt(curl, CURLOPT_POSTFIELDS, data);
/* we want to use our own progress function */
diff --git a/tests/libtest/lib579.c b/tests/libtest/lib579.c
index aae299ccc..61aa4f5df 100644
--- a/tests/libtest/lib579.c
+++ b/tests/libtest/lib579.c
@@ -97,7 +97,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c
index 444b416ff..f55e5de71 100644
--- a/tests/libtest/lib582.c
+++ b/tests/libtest/lib582.c
@@ -145,10 +145,10 @@ static int curlTimerCallback(CURLM *multi, long
timeout_ms, void *userp)
/**
* Check for curl completion.
*/
-static int checkForCompletion(CURLM* curl, int* success)
+static int checkForCompletion(CURLM *curl, int *success)
{
int numMessages;
- CURLMsg* message;
+ CURLMsg *message;
int result = 0;
*success = 0;
while((message = curl_multi_info_read(curl, &numMessages)) != NULL) {
@@ -174,8 +174,8 @@ static int getMicroSecondTimeout(struct timeval* timeout)
struct timeval now;
ssize_t result;
now = tutil_tvnow();
- result = (timeout->tv_sec - now.tv_sec) * 1000000 +
- timeout->tv_usec - now.tv_usec;
+ result = (ssize_t)((timeout->tv_sec - now.tv_sec) * 1000000 +
+ timeout->tv_usec - now.tv_usec);
if(result < 0)
result = 0;
@@ -228,7 +228,6 @@ int test(char *URL)
CURL *curl = NULL;
FILE *hd_src = NULL;
int hd;
- int error;
struct_stat file_info;
CURLM *m = NULL;
struct ReadWriteSockets sockets = {{NULL, 0, 0}, {NULL, 0, 0}};
@@ -244,9 +243,8 @@ int test(char *URL)
hd_src = fopen(libtest_arg2, "rb");
if(NULL == hd_src) {
- error = ERRNO;
fprintf(stderr, "fopen() failed with error: %d (%s)\n",
- error, strerror(error));
+ errno, strerror(errno));
fprintf(stderr, "Error opening file: (%s)\n", libtest_arg2);
return TEST_ERR_FOPEN;
}
@@ -255,9 +253,8 @@ int test(char *URL)
hd = fstat(fileno(hd_src), &file_info);
if(hd == -1) {
/* can't open file, bail out */
- error = ERRNO;
fprintf(stderr, "fstat() failed with error: %d (%s)\n",
- error, strerror(error));
+ errno, strerror(errno));
fprintf(stderr, "ERROR: cannot open file (%s)\n", libtest_arg2);
fclose(hd_src);
return TEST_ERR_FSTAT;
@@ -320,7 +317,7 @@ int test(char *URL)
tv.tv_usec = 100000;
}
- select_test(maxFd, &readSet, &writeSet, NULL, &tv);
+ select_test((int)maxFd, &readSet, &writeSet, NULL, &tv);
/* Check the sockets for reading / writing */
checkFdSet(m, &sockets.read, &readSet, CURL_CSELECT_IN, "read");
diff --git a/tests/libtest/lib583.c b/tests/libtest/lib583.c
index 9af48d280..f0a088b70 100644
--- a/tests/libtest/lib583.c
+++ b/tests/libtest/lib583.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -33,9 +33,9 @@
int test(char *URL)
{
int stillRunning;
- CURLM* multiHandle = NULL;
- CURL* curl = NULL;
- int res = 0;
+ CURLM *multiHandle = NULL;
+ CURL *curl = NULL;
+ CURLMcode res = CURLM_OK;
global_init(CURL_GLOBAL_ALL);
@@ -65,10 +65,10 @@ int test(char *URL)
fprintf(stderr, "curl_multi_perform() succeeded\n");
fprintf(stderr, "curl_multi_remove_handle()...\n");
- res = (int) curl_multi_remove_handle(multiHandle, curl);
+ res = curl_multi_remove_handle(multiHandle, curl);
if(res)
fprintf(stderr, "curl_multi_remove_handle() failed, "
- "with code %d\n", res);
+ "with code %d\n", (int)res);
else
fprintf(stderr, "curl_multi_remove_handle() succeeded\n");
@@ -80,5 +80,5 @@ test_cleanup:
curl_multi_cleanup(multiHandle);
curl_global_cleanup();
- return res;
+ return (int)res;
}
diff --git a/tests/libtest/lib586.c b/tests/libtest/lib586.c
index eb7cfa0a9..859ef3430 100644
--- a/tests/libtest/lib586.c
+++ b/tests/libtest/lib586.c
@@ -31,7 +31,7 @@ struct Tdata {
};
struct userdata {
- char *text;
+ const char *text;
int counter;
};
@@ -45,7 +45,7 @@ static void my_lock(CURL *handle, curl_lock_data data,
(void)handle;
(void)laccess;
- switch (data) {
+ switch(data) {
case CURL_LOCK_DATA_SHARE:
what = "share";
break;
@@ -72,7 +72,7 @@ static void my_unlock(CURL *handle, curl_lock_data data, void
*useptr)
const char *what;
struct userdata *user = (struct userdata *)useptr;
(void)handle;
- switch ( data) {
+ switch(data) {
case CURL_LOCK_DATA_SHARE:
what = "share";
break;
@@ -101,7 +101,8 @@ static void *fire(void *ptr)
CURL *curl;
int i=0;
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
return NULL;
}
@@ -137,7 +138,7 @@ int test(char *URL)
int i;
struct userdata user;
- user.text = (char *)"Pigs in space";
+ user.text = "Pigs in space";
user.counter = 0;
printf("GLOBAL_INIT\n");
@@ -148,7 +149,8 @@ int test(char *URL)
/* prepare share */
printf("SHARE_INIT\n");
- if((share = curl_share_init()) == NULL) {
+ share = curl_share_init();
+ if(!share) {
fprintf(stderr, "curl_share_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -197,7 +199,8 @@ int test(char *URL)
/* fetch a another one */
printf("*** run %d\n", i);
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_share_cleanup(share);
curl_global_cleanup();
diff --git a/tests/libtest/lib590.c b/tests/libtest/lib590.c
index 7b863cc3f..cc3afdf06 100644
--- a/tests/libtest/lib590.c
+++ b/tests/libtest/lib590.c
@@ -46,7 +46,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib591.c b/tests/libtest/lib591.c
index 7d50f894c..53ede3fcd 100644
--- a/tests/libtest/lib591.c
+++ b/tests/libtest/lib591.c
@@ -44,15 +44,13 @@ int test(char *URL)
int msgs_left;
CURLMsg *msg;
FILE *upload = NULL;
- int error;
start_test_timing();
upload = fopen(libtest_arg3, "rb");
if(!upload) {
- error = ERRNO;
fprintf(stderr, "fopen() failed with error: %d (%s)\n",
- error, strerror(error));
+ errno, strerror(errno));
fprintf(stderr, "Error opening file: (%s)\n", libtest_arg3);
return TEST_ERR_FOPEN;
}
diff --git a/tests/libtest/lib598.c b/tests/libtest/lib598.c
index b107f29d4..c27e60b14 100644
--- a/tests/libtest/lib598.c
+++ b/tests/libtest/lib598.c
@@ -33,7 +33,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib599.c b/tests/libtest/lib599.c
index 1dee0b978..843fb2121 100644
--- a/tests/libtest/lib599.c
+++ b/tests/libtest/lib599.c
@@ -50,7 +50,8 @@ int test(char *URL)
return TEST_ERR_MAJOR_BAD;
}
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/libauthretry.c b/tests/libtest/libauthretry.c
index 994f9de06..e9dc0508b 100644
--- a/tests/libtest/libauthretry.c
+++ b/tests/libtest/libauthretry.c
@@ -25,7 +25,6 @@
*/
#include "test.h"
-#include "strequal.h"
#include "memdebug.h"
static CURLcode send_request(CURL *curl, const char *url, int seq,
@@ -33,7 +32,7 @@ static CURLcode send_request(CURL *curl, const char *url, int
seq,
{
CURLcode res;
size_t len = strlen(url) + 4 + 1;
- char* full_url = malloc(len);
+ char *full_url = malloc(len);
if(!full_url) {
fprintf(stderr, "Not enough memory for full url\n");
return CURLE_OUT_OF_MEMORY;
@@ -72,11 +71,11 @@ static long parse_auth_name(const char *arg)
{
if(!arg)
return CURLAUTH_NONE;
- if(strequal(arg, "basic"))
+ if(curl_strequal(arg, "basic"))
return CURLAUTH_BASIC;
- if(strequal(arg, "digest"))
+ if(curl_strequal(arg, "digest"))
return CURLAUTH_DIGEST;
- if(strequal(arg, "ntlm"))
+ if(curl_strequal(arg, "ntlm"))
return CURLAUTH_NTLM;
return CURLAUTH_NONE;
}
@@ -102,7 +101,8 @@ int test(char *url)
/* Send wrong password, then right password */
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -111,18 +111,16 @@ int test(char *url)
res = send_wrong_password(curl, url, 100, main_auth_scheme);
if(res != CURLE_OK)
goto test_cleanup;
- curl_easy_reset(curl);
res = send_right_password(curl, url, 200, fallback_auth_scheme);
if(res != CURLE_OK)
goto test_cleanup;
- curl_easy_reset(curl);
curl_easy_cleanup(curl);
/* Send wrong password twice, then right password */
-
- if((curl = curl_easy_init()) == NULL) {
+ curl = curl_easy_init();
+ if(!curl) {
fprintf(stderr, "curl_easy_init() failed\n");
curl_global_cleanup();
return TEST_ERR_MAJOR_BAD;
@@ -131,17 +129,14 @@ int test(char *url)
res = send_wrong_password(curl, url, 300, main_auth_scheme);
if(res != CURLE_OK)
goto test_cleanup;
- curl_easy_reset(curl);
res = send_wrong_password(curl, url, 400, fallback_auth_scheme);
if(res != CURLE_OK)
goto test_cleanup;
- curl_easy_reset(curl);
res = send_right_password(curl, url, 500, fallback_auth_scheme);
if(res != CURLE_OK)
goto test_cleanup;
- curl_easy_reset(curl);
test_cleanup:
diff --git a/tests/libtest/libntlmconnect.c b/tests/libtest/libntlmconnect.c
index 736222dc6..ad20e8b8f 100644
--- a/tests/libtest/libntlmconnect.c
+++ b/tests/libtest/libntlmconnect.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2012 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 2012 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -33,30 +33,21 @@
#define TEST_HANG_TIMEOUT 5 * 1000
#define MAX_EASY_HANDLES 3
+static int counter[MAX_EASY_HANDLES];
static CURL *easy[MAX_EASY_HANDLES];
static curl_socket_t sockets[MAX_EASY_HANDLES];
static int res = 0;
-static size_t callback(char* ptr, size_t size, size_t nmemb, void* data)
+static size_t callback(char *ptr, size_t size, size_t nmemb, void *data)
{
ssize_t idx = ((CURL **) data) - easy;
curl_socket_t sock;
long longdata;
CURLcode code;
+ const size_t failure = (size && nmemb) ? 0 : 1;
+ (void)ptr;
- const size_t failure = (size * nmemb) ? 0 : 1;
-
- char *output = malloc(size * nmemb + 1);
- if(!output) {
- fprintf(stderr, "output, malloc() failed\n");
- res = TEST_ERR_MAJOR_BAD;
- return failure;
- }
-
- memcpy(output, ptr, size * nmemb);
- output[size * nmemb] = '\0';
- fprintf(stdout, "%s", output);
- free(output);
+ counter[idx] += (int)(size * nmemb);
/* Get socket being used for this easy handle, otherwise CURL_SOCKET_BAD */
code = curl_easy_getinfo(easy[idx], CURLINFO_LASTSOCKET, &longdata);
@@ -100,11 +91,11 @@ int test(char *url)
{
CURLM *multi = NULL;
int running;
- int i, j;
+ int i;
int num_handles = 0;
enum HandleState state = ReadyForNewHandle;
size_t urllen = strlen(url) + 4 + 1;
- char* full_url = malloc(urllen);
+ char *full_url = malloc(urllen);
start_test_timing();
@@ -182,50 +173,6 @@ int test(char *url)
/* At this point, maxfd is guaranteed to be greater or equal than -1. */
- /* Any socket which is new in fdread is associated with the new handle */
- for(i = 0; i <= maxfd; ++i) {
- bool socket_exists = FALSE;
- curl_socket_t curfd = (curl_socket_t)i;
-
- if(!FD_ISSET(curfd, &fdread)) {
- continue;
- }
-
- /* Check if this socket was already detected for an earlier handle (or
- for this handle, num_handles-1, in the callback */
- for(j = 0; j < num_handles; ++j) {
- if(sockets[j] == curfd) {
- socket_exists = TRUE;
- break;
- }
- }
- if(socket_exists) {
- continue;
- }
-
- if(found_new_socket || state != NeedSocketForNewHandle) {
- fprintf(stderr, "Unexpected new socket\n");
- res = TEST_ERR_MAJOR_BAD;
- goto test_cleanup;
- }
-
- /* Now we know the socket is for the most recent handle, num_handles-1 */
- if(sockets[num_handles-1] != CURL_SOCKET_BAD) {
- /* A socket for this handle was already detected in the callback; if it
- matched socket_exists should be true and we would never get here */
- assert(curfd != sockets[num_handles-1]);
- fprintf(stderr, "Handle %d wrote to socket %d then detected on %d\n",
- num_handles-1, (int)sockets[num_handles-1], (int)curfd);
- res = TEST_ERR_MAJOR_BAD;
- goto test_cleanup;
- }
- else {
- sockets[num_handles-1] = curfd;
- found_new_socket = TRUE;
- /* continue to make sure there's only one new handle */
- }
- }
-
if(state == NeedSocketForNewHandle) {
if(maxfd != -1 && !found_new_socket) {
fprintf(stderr, "Warning: socket did not open immediately for new "
@@ -270,6 +217,7 @@ test_cleanup:
/* proper cleanup sequence - type PB */
for(i = 0; i < MAX_EASY_HANDLES; i++) {
+ printf("Data connection %d: %d\n", i, counter[i]);
curl_multi_remove_handle(multi, easy[i]);
curl_easy_cleanup(easy[i]);
}
diff --git a/tests/libtest/mk-lib1521.pl b/tests/libtest/mk-lib1521.pl
new file mode 100644
index 000000000..a75fad928
--- /dev/null
+++ b/tests/libtest/mk-lib1521.pl
@@ -0,0 +1,303 @@
+#!/usr/bin/env perl
+#***************************************************************************
+# _ _ ____ _
+# Project ___| | | | _ \| |
+# / __| | | | |_) | |
+# | (__| |_| | _ <| |___
+# \___|\___/|_| \_\_____|
+#
+# Copyright (C) 2017, Daniel Stenberg, <address@hidden>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+
+# Usage:
+# perl mk-lib1521.pl < ../../include/gnurl/curl.h > lib1521.c
+
+# minimum and maximum long signed values
+my $minlong = "LONG_MIN";
+my $maxlong = "LONG_MAX";
+# maximum long unsigned value
+my $maxulong = "ULONG_MAX";
+
+print <<HEADER
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \\| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \\___|\\___/|_| \\_\\_____|
+ *
+ * Copyright (C) 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+#include "memdebug.h"
+#include <limits.h>
+
+/* This source code is generated by mk-lib1521.pl ! */
+
+struct data {
+ char *blaha;
+};
+
+#define LO $minlong
+#define HI $maxlong
+#define OFF_LO (curl_off_t) LO
+#define OFF_HI (curl_off_t) $maxulong
+#define OFF_NO (curl_off_t) 0
+
+/* Unexpected error.
+ CURLE_NOT_BUILT_IN - means disabled at build
+ CURLE_UNKNOWN_OPTION - means no such option (anymore?)
+ CURLE_SSL_ENGINE_NOTFOUND - set unkown ssl engine
+ CURLE_UNSUPPORTED_PROTOCOL - set bad HTTP version
+ CURLE_BAD_FUNCTION_ARGUMENT - unsupported value
+ */
+#define UNEX(x) ((x) && \\
+ ((x) != CURLE_NOT_BUILT_IN) && \\
+ ((x) != CURLE_UNKNOWN_OPTION) && \\
+ ((x) != CURLE_SSL_ENGINE_NOTFOUND) && \\
+ ((x) != CURLE_UNSUPPORTED_PROTOCOL) && \\
+ ((x) != CURLE_BAD_FUNCTION_ARGUMENT) )
+
+static size_t writecb(char *buffer, size_t size, size_t nitems,
+ void *outstream)
+{
+ (void)buffer;
+ (void)size;
+ (void)nitems;
+ (void)outstream;
+ return 0;
+}
+
+static size_t readcb(char *buffer,
+ size_t size,
+ size_t nitems,
+ void *instream)
+{
+ (void)buffer;
+ (void)size;
+ (void)nitems;
+ (void)instream;
+ return 0;
+}
+
+static int err(const char *name, CURLcode val, int lineno)
+{
+ printf("CURLOPT_%s returned %d, \\"%s\\" on line %d\\n",
+ name, val, curl_easy_strerror(val), lineno);
+ return (int)val;
+}
+
+static int geterr(const char *name, CURLcode val, int lineno)
+{
+ printf("CURLINFO_%s returned %d, \\"%s\\" on line %d\\n",
+ name, val, curl_easy_strerror(val), lineno);
+ return (int)val;
+}
+
+static curl_progress_callback progresscb;
+static curl_write_callback headercb;
+static curl_debug_callback debugcb;
+static curl_ssl_ctx_callback ssl_ctx_cb;
+static curl_ioctl_callback ioctlcb;
+static curl_sockopt_callback sockoptcb;
+static curl_opensocket_callback opensocketcb;
+static curl_seek_callback seekcb;
+static curl_sshkeycallback ssh_keycb;
+static curl_chunk_bgn_callback chunk_bgn_cb;
+static curl_chunk_end_callback chunk_end_cb;
+static curl_fnmatch_callback fnmatch_cb;
+static curl_closesocket_callback closesocketcb;
+static curl_xferinfo_callback xferinfocb;
+
+int test(char *URL)
+{
+ CURL *curl = NULL;
+ CURL *dep = NULL;
+ CURLSH *share = NULL;
+ char errorbuffer[CURL_ERROR_SIZE];
+ void *conv_from_network_cb = NULL;
+ void *conv_to_network_cb = NULL;
+ void *conv_from_utf8_cb = NULL;
+ void *interleavecb = NULL;
+ char *stringpointerextra=(char *)"moooo";
+ struct curl_slist *slist=NULL;
+ struct curl_httppost *httppost=NULL;
+ FILE *stream = stderr;
+ struct data object;
+ char *charp;
+ long val;
+ curl_off_t oval;
+ double dval;
+ curl_socket_t sockfd;
+ struct curl_certinfo *certinfo;
+ struct curl_tlssessioninfo *tlssession;
+ CURLcode res = CURLE_OK;
+ (void)URL; /* not used */
+ easy_init(dep);
+ easy_init(curl);
+ share = curl_share_init();
+ if(!share) {
+ res = CURLE_OUT_OF_MEMORY;
+ goto test_cleanup;
+ }
+
+HEADER
+ ;
+
+while(<STDIN>) {
+ if($_ =~ /^ CINIT\(([^ ]*), ([^ ]*), (\d*)\)/) {
+ my ($name, $type, $val)=($1, $2, $3);
+ my $w=" ";
+ my $pref = "${w}res = curl_easy_setopt(curl, CURLOPT_$name,";
+ my $i = ' ' x (length($w) + 23);
+ my $check = " if(UNEX(res)) {\n err(\"$name\", res, __LINE__);
goto test_cleanup; }\n";
+ if($type eq "STRINGPOINT") {
+ print "${pref} \"string\");\n$check";
+ print "${pref} NULL);\n$check";
+ }
+ elsif($type eq "LONG") {
+ print "${pref} 0L);\n$check";
+ print "${pref} 22L);\n$check";
+ print "${pref} LO);\n$check";
+ print "${pref} HI);\n$check";
+ }
+ elsif($type eq "OBJECTPOINT") {
+ if($name =~ /DEPENDS/) {
+ print "${pref} dep);\n$check";
+ }
+ elsif($name =~ "SHARE") {
+ print "${pref} share);\n$check";
+ }
+ elsif($name eq "ERRORBUFFER") {
+ print "${pref} errorbuffer);\n$check";
+ }
+ elsif(($name eq "POSTFIELDS") ||
+ ($name eq "COPYPOSTFIELDS")) {
+ # set size to zero to avoid it being "illegal"
+ print " (void)curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE,
0);\n";
+ print "${pref} stringpointerextra);\n$check";
+ }
+ elsif(($name eq "HTTPHEADER") ||
+ ($name eq "POSTQUOTE") ||
+ ($name eq "PREQUOTE") ||
+ ($name eq "HTTP200ALIASES") ||
+ ($name eq "TELNETOPTIONS") ||
+ ($name eq "MAIL_RCPT") ||
+ ($name eq "RESOLVE") ||
+ ($name eq "PROXYHEADER") ||
+ ($name eq "QUOTE")) {
+ print "${pref} slist);\n$check";
+ }
+ elsif($name eq "HTTPPOST") {
+ print "${pref} httppost);\n$check";
+ }
+ elsif($name eq "STDERR") {
+ print "${pref} stream);\n$check";
+ }
+ else {
+ print "${pref} &object);\n$check";
+ }
+ print "${pref} NULL);\n$check";
+ }
+ elsif($type eq "FUNCTIONPOINT") {
+ if($name =~ /([^ ]*)FUNCTION/) {
+ my $l=lc($1);
+ print "${pref}\n$i${l}cb);\n$check";
+ }
+ else {
+ print "${pref} &func);\n$check";
+ }
+ print "${pref} NULL);\n$check";
+ }
+ elsif($type eq "OFF_T") {
+ # play conservative to work with 32bit curl_off_t
+ print "${pref} OFF_NO);\n$check";
+ print "${pref} OFF_HI);\n$check";
+ print "${pref} OFF_LO);\n$check";
+ }
+ else {
+ print STDERR "\n---- $type\n";
+ }
+ }
+ elsif($_ =~ /^ CURLINFO_NONE/) {
+ $infomode = 1;
+ }
+ elsif($infomode &&
+ ($_ =~ /^ CURLINFO_([^ ]*) *= *CURLINFO_([^ ]*)/)) {
+ my ($info, $type)=($1, $2);
+ my $c = " res = curl_easy_getinfo(curl, CURLINFO_$info,";
+ my $check = " if(UNEX(res)) {\n geterr(\"$info\", res, __LINE__);
goto test_cleanup; }\n";
+ if($type eq "STRING") {
+ print "$c &charp);\n$check";
+ }
+ elsif($type eq "LONG") {
+ print "$c &val);\n$check";
+ }
+ elsif($type eq "OFF_T") {
+ print "$c &oval);\n$check";
+ }
+ elsif($type eq "DOUBLE") {
+ print "$c &dval);\n$check";
+ }
+ elsif($type eq "SLIST") {
+ print "$c &slist);\n$check";
+ print " if(slist)\n curl_slist_free_all(slist);\n";
+ }
+ elsif($type eq "SOCKET") {
+ print "$c &sockfd);\n$check";
+ }
+ elsif($type eq "PTR") {
+ if($info eq "CERTINFO") {
+ print "$c &certinfo);\n$check";
+ }
+ elsif(($info eq "TLS_SESSION") ||
+ ($info eq "TLS_SSL_PTR")) {
+ print "$c &tlssession);\n$check";
+ }
+ else {
+ print STDERR "$info/$type is unsupported\n";
+ }
+ }
+ else {
+ print STDERR "$type is unsupported\n";
+ }
+ }
+}
+
+
+print <<FOOTER
+ curl_easy_setopt(curl, 1, 0);
+ res = CURLE_OK;
+test_cleanup:
+ curl_easy_cleanup(curl);
+ curl_easy_cleanup(dep);
+ curl_share_cleanup(share);
+
+ return (int)res;
+}
+FOOTER
+ ;
diff --git a/tests/libtest/test.h b/tests/libtest/test.h
index 9fd33aa72..90735d272 100644
--- a/tests/libtest/test.h
+++ b/tests/libtest/test.h
@@ -20,6 +20,8 @@
*
***************************************************************************/
+/* !checksrc! disable ASSIGNWITHINCONDITION all */
+
/* Now include the curl_setup.h file from libcurl's private libdir (the source
version, but that might include "curl_config.h" from the build dir so we
need both of them in the include path), so that we get good in-depth
@@ -29,7 +31,7 @@
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#ifdef HAVE_SYS_SELECT_H
/* since so many tests use select(), we can just as well include it here */
@@ -65,7 +67,7 @@ extern void wait_ms(int ms); /* wait this many milliseconds */
extern int test(char *URL); /* the actual test function provided by each
individual libXXX.c file */
-extern char *hexdump(unsigned char *buffer, size_t len);
+extern char *hexdump(const unsigned char *buffer, size_t len);
#ifdef UNITTESTS
extern int unitfail;
diff --git a/tests/libtest/test613.pl b/tests/libtest/test613.pl
index b4caaae07..03d09cb5b 100755
--- a/tests/libtest/test613.pl
+++ b/tests/libtest/test613.pl
@@ -30,6 +30,8 @@ if ($ARGV[0] eq "prepare")
binmode FILE;
print FILE "Test file to support curl test suite\n";
close(FILE);
+ # The mtime is specifically chosen to be an even number so that it can be
+ # represented exactly on a FAT filesystem.
utime time, timegm(0,0,12,1,0,100), "plainfile.txt";
chmod 0666, "plainfile.txt";
@@ -37,6 +39,8 @@ if ($ARGV[0] eq "prepare")
binmode FILE;
print FILE "Read-only test file to support curl test suite\n";
close(FILE);
+ # The mtime is specifically chosen to be an even number so that it can be
+ # represented exactly on a FAT filesystem.
utime time, timegm(0,0,12,31,11,100), "rofile.txt";
chmod 0444, "rofile.txt";
diff --git a/tests/libtest/testtrace.c b/tests/libtest/testtrace.c
index 958719f61..62641e15c 100644
--- a/tests/libtest/testtrace.c
+++ b/tests/libtest/testtrace.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -110,9 +110,10 @@ int libtest_debug_cb(CURL *handle, curl_infotype type,
now->tm_hour, now->tm_min, now->tm_sec, (long)tv.tv_usec);
}
- switch (type) {
+ switch(type) {
case CURLINFO_TEXT:
fprintf(stderr, "%s== Info: %s", timestr, (char *)data);
+ /* FALLTHROUGH */
default: /* in case a new one is introduced to shock us */
return 0;
diff --git a/tests/libtest/testutil.c b/tests/libtest/testutil.c
index b9c43de04..78b1a2b65 100644
--- a/tests/libtest/testutil.c
+++ b/tests/libtest/testutil.c
@@ -20,7 +20,7 @@
*
***************************************************************************/
#include "curl_setup.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
#include "testutil.h"
#include "memdebug.h"
@@ -111,10 +111,11 @@ struct timeval tutil_tvnow(void)
*/
long tutil_tvdiff(struct timeval newer, struct timeval older)
{
- return (newer.tv_sec-older.tv_sec)*1000+
- (newer.tv_usec-older.tv_usec)/1000;
+ return (long)(newer.tv_sec-older.tv_sec)*1000+
+ (long)(newer.tv_usec-older.tv_usec)/1000;
}
+
/*
* Same as tutil_tvdiff but with full usec resolution.
*
@@ -125,13 +126,5 @@ double tutil_tvdiff_secs(struct timeval newer, struct
timeval older)
if(newer.tv_sec != older.tv_sec)
return (double)(newer.tv_sec-older.tv_sec)+
(double)(newer.tv_usec-older.tv_usec)/1000000.0;
- else
- return (double)(newer.tv_usec-older.tv_usec)/1000000.0;
-}
-
-/* return the number of seconds in the given input timeval struct */
-long tutil_tvlong(struct timeval t1)
-{
- return t1.tv_sec;
+ return (double)(newer.tv_usec-older.tv_usec)/1000000.0;
}
-
diff --git a/tests/libtest/testutil.h b/tests/libtest/testutil.h
index 0bc5e03b7..f2aeae642 100644
--- a/tests/libtest/testutil.h
+++ b/tests/libtest/testutil.h
@@ -40,8 +40,6 @@ long tutil_tvdiff(struct timeval t1, struct timeval t2);
*/
double tutil_tvdiff_secs(struct timeval t1, struct timeval t2);
-long tutil_tvlong(struct timeval t1);
-
#endif /* HEADER_CURL_LIBTEST_TESTUTIL_H */
diff --git a/tests/manpage-scan.pl b/tests/manpage-scan.pl
index fc6e1e3f0..a9d960727 100644
--- a/tests/manpage-scan.pl
+++ b/tests/manpage-scan.pl
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 2016, 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -39,10 +39,11 @@
use strict;
use warnings;
-# we may get the dir root pointed out
+# we may get the dir roots pointed out
my $root=$ARGV[0] || ".";
+my $buildroot=$ARGV[1] || ".";
my $syms = "$root/docs/libcurl/symbols-in-versions";
-my $curlh = "$root/include/curl/curl.h";
+my $curlh = "$root/include/gnurl/curl.h";
my $errors=0;
# the prepopulated alias list is the CURLINFO_* defines that are used for the
@@ -147,10 +148,10 @@ my %opts = (
'-N, --buffer' => 6,
'--sessionid' => 6,
- # deprecated options do not need to be in curl -h output
- '--krb4' => 4,
- '--ftp-ssl' => 4,
- '--ftp-ssl-reqd' => 4,
+ # deprecated options do not need to be in tool_help.c nor curl.1
+ '--krb4' => 6,
+ '--ftp-ssl' => 6,
+ '--ftp-ssl-reqd' => 6,
# for tests and debug only, can remain hidden
'--test-event' => 6,
@@ -196,7 +197,8 @@ close(R);
#########################################################################
# parse the curl.1 man page, extract all documented command line options
-open(R, "<$root/docs/curl.1") ||
+# The man page may or may not be rebuilt, so check both possible locations
+open(R, "<$buildroot/docs/curl.1") || open(R, "<$root/docs/curl.1") ||
die "no input file";
my @manpage; # store all parsed parameters
while(<R>) {
@@ -230,7 +232,7 @@ my @toolhelp; # store all parsed parameters
while(<R>) {
chomp;
my $l= $_;
- if(/^ \" *(.*)/) {
+ if(/^ \{\" *(.*)/) {
my $str=$1;
my $combo;
if($str =~ /^-(.), --([a-z0-9.-]*)/) {
diff --git a/tests/negtelnetserver.py b/tests/negtelnetserver.py
new file mode 100755
index 000000000..8cfd4093b
--- /dev/null
+++ b/tests/negtelnetserver.py
@@ -0,0 +1,349 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+""" A telnet server which negotiates"""
+
+from __future__ import (absolute_import, division, print_function,
+ unicode_literals)
+import argparse
+import os
+import sys
+import logging
+import struct
+try: # Python 2
+ import SocketServer as socketserver
+except ImportError: # Python 3
+ import socketserver
+
+
+log = logging.getLogger(__name__)
+HOST = "localhost"
+IDENT = "NTEL"
+
+
+# The strings that indicate the test framework is checking our aliveness
+VERIFIED_REQ = b"verifiedserver"
+VERIFIED_RSP = b"WE ROOLZ: {pid}"
+
+
+def telnetserver(options):
+ """
+ Starts up a TCP server with a telnet handler and serves DICT requests
+ forever.
+ """
+ if options.pidfile:
+ pid = os.getpid()
+ with open(options.pidfile, "w") as f:
+ f.write(b"{0}".format(pid))
+
+ local_bind = (HOST, options.port)
+ log.info("Listening on %s", local_bind)
+
+ # Need to set the allow_reuse on the class, not on the instance.
+ socketserver.TCPServer.allow_reuse_address = True
+ server = socketserver.TCPServer(local_bind, NegotiatingTelnetHandler)
+ server.serve_forever()
+
+ return ScriptRC.SUCCESS
+
+
+class NegotiatingTelnetHandler(socketserver.BaseRequestHandler):
+ """Handler class for Telnet connections.
+
+ """
+ def handle(self):
+ """
+ Negotiates options before reading data.
+ """
+ neg = Negotiator(self.request)
+
+ try:
+ # Send some initial negotiations.
+ neg.send_do("NEW_ENVIRON")
+ neg.send_will("NEW_ENVIRON")
+ neg.send_dont("NAWS")
+ neg.send_wont("NAWS")
+
+ # Get the data passed through the negotiator
+ data = neg.recv(1024)
+ log.debug("Incoming data: %r", data)
+
+ if VERIFIED_REQ in data:
+ log.debug("Received verification request from test framework")
+ response_data = VERIFIED_RSP.format(pid=os.getpid())
+ else:
+ log.debug("Received normal request - echoing back")
+ response_data = data.strip()
+
+ if response_data:
+ log.debug("Sending %r", response_data)
+ self.request.sendall(response_data)
+
+ except IOError:
+ log.exception("IOError hit during request")
+
+
+class Negotiator(object):
+ NO_NEG = 0
+ START_NEG = 1
+ WILL = 2
+ WONT = 3
+ DO = 4
+ DONT = 5
+
+ def __init__(self, tcp):
+ self.tcp = tcp
+ self.state = self.NO_NEG
+
+ def recv(self, bytes):
+ """
+ Read bytes from TCP, handling negotiation sequences
+
+ :param bytes: Number of bytes to read
+ :return: a buffer of bytes
+ """
+ buffer = bytearray()
+
+ # If we keep receiving negotiation sequences, we won't fill the buffer.
+ # Keep looping while we can, and until we have something to give back
+ # to the caller.
+ while len(buffer) == 0:
+ data = self.tcp.recv(bytes)
+ if not data:
+ # TCP failed to give us any data. Break out.
+ break
+
+ for byte in data:
+ byte_int = self.byte_to_int(byte)
+
+ if self.state == self.NO_NEG:
+ self.no_neg(byte, byte_int, buffer)
+ elif self.state == self.START_NEG:
+ self.start_neg(byte_int)
+ elif self.state in [self.WILL, self.WONT, self.DO, self.DONT]:
+ self.handle_option(byte_int)
+ else:
+ # Received an unexpected byte. Stop negotiations
+ log.error("Unexpected byte %s in state %s",
+ byte_int,
+ self.state)
+ self.state = self.NO_NEG
+
+ return buffer
+
+ def byte_to_int(self, byte):
+ return struct.unpack(b'B', byte)[0]
+
+ def no_neg(self, byte, byte_int, buffer):
+ # Not negotiating anything thus far. Check to see if we
+ # should.
+ if byte_int == NegTokens.IAC:
+ # Start negotiation
+ log.debug("Starting negotiation (IAC)")
+ self.state = self.START_NEG
+ else:
+ # Just append the incoming byte to the buffer
+ buffer.append(byte)
+
+ def start_neg(self, byte_int):
+ # In a negotiation.
+ log.debug("In negotiation (%s)",
+ NegTokens.from_val(byte_int))
+
+ if byte_int == NegTokens.WILL:
+ # Client is confirming they are willing to do an option
+ log.debug("Client is willing")
+ self.state = self.WILL
+ elif byte_int == NegTokens.WONT:
+ # Client is confirming they are unwilling to do an
+ # option
+ log.debug("Client is unwilling")
+ self.state = self.WONT
+ elif byte_int == NegTokens.DO:
+ # Client is indicating they can do an option
+ log.debug("Client can do")
+ self.state = self.DO
+ elif byte_int == NegTokens.DONT:
+ # Client is indicating they can't do an option
+ log.debug("Client can't do")
+ self.state = self.DONT
+ else:
+ # Received an unexpected byte. Stop negotiations
+ log.error("Unexpected byte %s in state %s",
+ byte_int,
+ self.state)
+ self.state = self.NO_NEG
+
+ def handle_option(self, byte_int):
+ if byte_int in [NegOptions.BINARY,
+ NegOptions.CHARSET,
+ NegOptions.SUPPRESS_GO_AHEAD,
+ NegOptions.NAWS,
+ NegOptions.NEW_ENVIRON]:
+ log.debug("Option: %s", NegOptions.from_val(byte_int))
+
+ # No further negotiation of this option needed. Reset the state.
+ self.state = self.NO_NEG
+
+ else:
+ # Received an unexpected byte. Stop negotiations
+ log.error("Unexpected byte %s in state %s",
+ byte_int,
+ self.state)
+ self.state = self.NO_NEG
+
+ def send_message(self, message):
+ packed_message = self.pack(message)
+ self.tcp.sendall(packed_message)
+
+ def pack(self, arr):
+ return struct.pack(b'{0}B'.format(len(arr)), *arr)
+
+ def send_iac(self, arr):
+ message = [NegTokens.IAC]
+ message.extend(arr)
+ self.send_message(message)
+
+ def send_do(self, option_str):
+ log.debug("Sending DO %s", option_str)
+ self.send_iac([NegTokens.DO, NegOptions.to_val(option_str)])
+
+ def send_dont(self, option_str):
+ log.debug("Sending DONT %s", option_str)
+ self.send_iac([NegTokens.DONT, NegOptions.to_val(option_str)])
+
+ def send_will(self, option_str):
+ log.debug("Sending WILL %s", option_str)
+ self.send_iac([NegTokens.WILL, NegOptions.to_val(option_str)])
+
+ def send_wont(self, option_str):
+ log.debug("Sending WONT %s", option_str)
+ self.send_iac([NegTokens.WONT, NegOptions.to_val(option_str)])
+
+
+class NegBase(object):
+ @classmethod
+ def to_val(cls, name):
+ return getattr(cls, name)
+
+ @classmethod
+ def from_val(cls, val):
+ for k in cls.__dict__.keys():
+ if getattr(cls, k) == val:
+ return k
+
+ return "<unknown>"
+
+
+class NegTokens(NegBase):
+ # The start of a negotiation sequence
+ IAC = 255
+ # Confirm willingness to negotiate
+ WILL = 251
+ # Confirm unwillingness to negotiate
+ WONT = 252
+ # Indicate willingness to negotiate
+ DO = 253
+ # Indicate unwillingness to negotiate
+ DONT = 254
+
+ # The start of sub-negotiation options.
+ SB = 250
+ # The end of sub-negotiation options.
+ SE = 240
+
+
+class NegOptions(NegBase):
+ # Binary Transmission
+ BINARY = 0
+ # Suppress Go Ahead
+ SUPPRESS_GO_AHEAD = 3
+ # NAWS - width and height of client
+ NAWS = 31
+ # NEW-ENVIRON - environment variables on client
+ NEW_ENVIRON = 39
+ # Charset option
+ CHARSET = 42
+
+
+def get_options():
+ parser = argparse.ArgumentParser()
+
+ parser.add_argument("--port", action="store", default=9019,
+ type=int, help="port to listen on")
+ parser.add_argument("--verbose", action="store", type=int, default=0,
+ help="verbose output")
+ parser.add_argument("--pidfile", action="store",
+ help="file name for the PID")
+ parser.add_argument("--logfile", action="store",
+ help="file name for the log")
+ parser.add_argument("--srcdir", action="store", help="test directory")
+ parser.add_argument("--id", action="store", help="server ID")
+ parser.add_argument("--ipv4", action="store_true", default=0,
+ help="IPv4 flag")
+
+ return parser.parse_args()
+
+
+def setup_logging(options):
+ """
+ Set up logging from the command line options
+ """
+ root_logger = logging.getLogger()
+ add_stdout = False
+
+ formatter = logging.Formatter("%(asctime)s %(levelname)-5.5s "
+ "[{ident}] %(message)s"
+ .format(ident=IDENT))
+
+ # Write out to a logfile
+ if options.logfile:
+ handler = logging.FileHandler(options.logfile, mode="w")
+ handler.setFormatter(formatter)
+ handler.setLevel(logging.DEBUG)
+ root_logger.addHandler(handler)
+ else:
+ # The logfile wasn't specified. Add a stdout logger.
+ add_stdout = True
+
+ if options.verbose:
+ # Add a stdout logger as well in verbose mode
+ root_logger.setLevel(logging.DEBUG)
+ add_stdout = True
+ else:
+ root_logger.setLevel(logging.INFO)
+
+ if add_stdout:
+ stdout_handler = logging.StreamHandler(sys.stdout)
+ stdout_handler.setFormatter(formatter)
+ stdout_handler.setLevel(logging.DEBUG)
+ root_logger.addHandler(stdout_handler)
+
+
+class ScriptRC(object):
+ """Enum for script return codes"""
+ SUCCESS = 0
+ FAILURE = 1
+ EXCEPTION = 2
+
+
+class ScriptException(Exception):
+ pass
+
+
+if __name__ == '__main__':
+ # Get the options from the user.
+ options = get_options()
+
+ # Setup logging using the user options
+ setup_logging(options)
+
+ # Run main script.
+ try:
+ rc = telnetserver(options)
+ except Exception as e:
+ log.exception(e)
+ rc = ScriptRC.EXCEPTION
+
+ log.info("Returning %d", rc)
+ sys.exit(rc)
diff --git a/tests/pathhelp.pm b/tests/pathhelp.pm
index 391ef6c25..10a87aaf9 100644
--- a/tests/pathhelp.pm
+++ b/tests/pathhelp.pm
@@ -20,7 +20,7 @@
#
###########################################################################
-# This Perl package helps with path transforming when running cURL tests on
+# This Perl package helps with path transforming when running curl tests on
# Win32 platform with Msys or Cygwin.
# Three main functions 'sys_native_abs_path', 'sys_native_path' and
# 'build_sys_abs_path' autodetect format of given pathnames. Following formats
diff --git a/tests/python_dependencies/impacket/__init__.py
b/tests/python_dependencies/impacket/__init__.py
new file mode 100644
index 000000000..92a5d6bb4
--- /dev/null
+++ b/tests/python_dependencies/impacket/__init__.py
@@ -0,0 +1,25 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+# Author: Alberto Solino (@agsolino)
+#
+
+# Set default logging handler to avoid "No handler found" warnings.
+import logging
+try: # Python 2.7+
+ from logging import NullHandler
+except ImportError:
+ class NullHandler(logging.Handler):
+ def emit(self, record):
+ pass
+
+# All modules inside this library MUST use this logger (impacket)
+# It is up to the library consumer to do whatever is wanted
+# with the logger output. By default it is forwarded to the
+# upstream logger
+
+LOG = logging.getLogger(__name__)
+LOG.addHandler(NullHandler())
diff --git a/tests/python_dependencies/impacket/nmb.py
b/tests/python_dependencies/impacket/nmb.py
new file mode 100644
index 000000000..dc8777e65
--- /dev/null
+++ b/tests/python_dependencies/impacket/nmb.py
@@ -0,0 +1,980 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+
+
+# -*- mode: python; tab-width: 4 -*-
+#
+# Copyright (C) 2001 Michael Teo <address@hidden>
+# nmb.py - NetBIOS library
+#
+# This software is provided 'as-is', without any express or implied warranty.
+# In no event will the author be held liable for any damages arising from the
+# use of this software.
+#
+# Permission is granted to anyone to use this software for any purpose,
+# including commercial applications, and to alter it and redistribute it
+# freely, subject to the following restrictions:
+#
+# 1. The origin of this software must not be misrepresented; you must not
+# claim that you wrote the original software. If you use this software
+# in a product, an acknowledgment in the product documentation would be
+# appreciated but is not required.
+#
+# 2. Altered source versions must be plainly marked as such, and must not be
+# misrepresented as being the original software.
+#
+# 3. This notice cannot be removed or altered from any source distribution.
+#
+# Altered source done by Alberto Solino (@agsolino)
+
+import socket
+import string
+import re
+import select
+import errno
+from random import randint
+from struct import pack, unpack
+import time
+
+from structure import Structure
+
+CVS_REVISION = '$Revision: 526 $'
+
+# Taken from socket module reference
+INADDR_ANY = '0.0.0.0'
+BROADCAST_ADDR = '<broadcast>'
+
+# Default port for NetBIOS name service
+NETBIOS_NS_PORT = 137
+# Default port for NetBIOS session service
+NETBIOS_SESSION_PORT = 139
+
+# Default port for SMB session service
+SMB_SESSION_PORT = 445
+
+# Owner Node Type Constants
+NODE_B = 0x0000
+NODE_P = 0x2000
+NODE_M = 0x4000
+NODE_RESERVED = 0x6000
+NODE_GROUP = 0x8000
+NODE_UNIQUE = 0x0
+
+# Name Type Constants
+TYPE_UNKNOWN = 0x01
+TYPE_WORKSTATION = 0x00
+TYPE_CLIENT = 0x03
+TYPE_SERVER = 0x20
+TYPE_DOMAIN_MASTER = 0x1B
+TYPE_DOMAIN_CONTROLLER = 0x1C
+TYPE_MASTER_BROWSER = 0x1D
+TYPE_BROWSER = 0x1E
+TYPE_NETDDE = 0x1F
+TYPE_STATUS = 0x21
+
+# Opcodes values
+OPCODE_QUERY = 0
+OPCODE_REGISTRATION = 0x5
+OPCODE_RELEASE = 0x6
+OPCODE_WACK = 0x7
+OPCODE_REFRESH = 0x8
+OPCODE_REQUEST = 0
+OPCODE_RESPONSE = 0x10
+
+# NM_FLAGS
+NM_FLAGS_BROADCAST = 0x1
+NM_FLAGS_UNICAST = 0
+NM_FLAGS_RA = 0x8
+NM_FLAGS_RD = 0x10
+NM_FLAGS_TC = 0x20
+NM_FLAGS_AA = 0x40
+
+# QUESTION_TYPE
+QUESTION_TYPE_NB = 0x20 # NetBIOS general Name Service Resource Record
+QUESTION_TYPE_NBSTAT = 0x21 # NetBIOS NODE STATUS Resource Record
+# QUESTION_CLASS
+QUESTION_CLASS_IN = 0x1 # Internet class
+
+# RR_TYPE Resource Record Type code
+RR_TYPE_A = 0x1 # IP address Resource Record
+RR_TYPE_NS = 0x2 # Name Server Resource Record
+RR_TYPE_NULL = 0xA # NULL Resource Record
+RR_TYPE_NB = 0x20 # NetBIOS general Name Service Resource Record
+RR_TYPE_NBSTAT = 0x21 # NetBIOS NODE STATUS Resource Record
+
+# Resource Record Class
+RR_CLASS_IN = 1 # Internet class
+
+# RCODE values
+RCODE_FMT_ERR = 0x1 # Format Error. Request was invalidly formatted.
+RCODE_SRV_ERR = 0x2 # Server failure. Problem with NBNS, cannot
process name.
+RCODE_IMP_ERR = 0x4 # Unsupported request error. Allowable only for
challenging NBNS when gets an Update type
+ # registration request.
+RCODE_RFS_ERR = 0x5 # Refused error. For policy reasons server will
not register this name from this host.
+RCODE_ACT_ERR = 0x6 # Active error. Name is owned by another node.
+RCODE_CFT_ERR = 0x7 # Name in conflict error. A UNIQUE name is owned
by more than one node.
+
+# NAME_FLAGS
+NAME_FLAGS_PRM = 0x0200 # Permanent Name Flag. If one (1) then entry is
for the permanent node name. Flag is zero
+ # (0) for all other names.
+NAME_FLAGS_ACT = 0x0400 # Active Name Flag. All entries have this flag
set to one (1).
+NAME_FLAG_CNF = 0x0800 # Conflict Flag. If one (1) then name on this
node is in conflict.
+NAME_FLAG_DRG = 0x1000 # Deregister Flag. If one (1) then this name is
in the process of being deleted.
+
+NAME_TYPES = { TYPE_UNKNOWN: 'Unknown', TYPE_WORKSTATION: 'Workstation',
TYPE_CLIENT: 'Client',
+ TYPE_SERVER: 'Server', TYPE_MASTER_BROWSER: 'Master Browser',
TYPE_BROWSER: 'Browser Server',
+ TYPE_DOMAIN_MASTER: 'Domain Master' , TYPE_NETDDE: 'NetDDE
Server'}
+# NetBIOS Session Types
+NETBIOS_SESSION_MESSAGE = 0x0
+NETBIOS_SESSION_REQUEST = 0x81
+NETBIOS_SESSION_POSITIVE_RESPONSE = 0x82
+NETBIOS_SESSION_NEGATIVE_RESPONSE = 0x83
+NETBIOS_SESSION_RETARGET_RESPONSE = 0x84
+NETBIOS_SESSION_KEEP_ALIVE = 0x85
+
+
+def strerror(errclass, errcode):
+ if errclass == ERRCLASS_OS:
+ return 'OS Error', str(errcode)
+ elif errclass == ERRCLASS_QUERY:
+ return 'Query Error', QUERY_ERRORS.get(errcode, 'Unknown error')
+ elif errclass == ERRCLASS_SESSION:
+ return 'Session Error', SESSION_ERRORS.get(errcode, 'Unknown error')
+ else:
+ return 'Unknown Error Class', 'Unknown Error'
+
+
+
+class NetBIOSError(Exception): pass
+class NetBIOSTimeout(Exception):
+ def __init__(self, message = 'The NETBIOS connection with the remote host
timed out.'):
+ Exception.__init__(self, message)
+
+class NBResourceRecord:
+ def __init__(self, data = 0):
+ self._data = data
+ try:
+ if self._data:
+ self.rr_name = (re.split('\x00',data))[0]
+ offset = len(self.rr_name)+1
+ self.rr_type = unpack('>H', self._data[offset:offset+2])[0]
+ self.rr_class = unpack('>H', self._data[offset+2: offset+4])[0]
+ self.ttl = unpack('>L',self._data[offset+4:offset+8])[0]
+ self.rdlength = unpack('>H', self._data[offset+8:offset+10])[0]
+ self.rdata = self._data[offset+10:offset+10+self.rdlength]
+ offset = self.rdlength - 2
+ self.unit_id = data[offset:offset+6]
+ else:
+ self.rr_name = ''
+ self.rr_type = 0
+ self.rr_class = 0
+ self.ttl = 0
+ self.rdlength = 0
+ self.rdata = ''
+ self.unit_id = ''
+ except Exception:
+ raise NetBIOSError( 'Wrong packet format ' )
+
+ def set_rr_name(self, name):
+ self.rr_name = name
+ def set_rr_type(self, name):
+ self.rr_type = name
+ def set_rr_class(self,cl):
+ self.rr_class = cl
+ def set_ttl(self,ttl):
+ self.ttl = ttl
+ def set_rdata(self,rdata):
+ self.rdata = rdata
+ self.rdlength = len(rdata)
+ def get_unit_id(self):
+ return self.unit_id
+ def get_rr_name(self):
+ return self.rr_name
+ def get_rr_class(self):
+ return self.rr_class
+ def get_ttl(self):
+ return self.ttl
+ def get_rdlength(self):
+ return self.rdlength
+ def get_rdata(self):
+ return self.rdata
+ def rawData(self):
+ return self.rr_name + pack('!HHLH',self.rr_type, self.rr_class,
self.ttl, self.rdlength) + self.rdata
+
+class NBNodeStatusResponse(NBResourceRecord):
+ def __init__(self, data = 0):
+ NBResourceRecord.__init__(self,data)
+ self.num_names = 0
+ self.node_names = [ ]
+ self.statstics = ''
+ self.mac = '00-00-00-00-00-00'
+ try:
+ if data:
+ self._data = self.get_rdata()
+ self.num_names = unpack('>B',self._data[:1])[0]
+ offset = 1
+ for i in range(0, self.num_names):
+ name = self._data[offset:offset + 15]
+ type,flags = unpack('>BH', self._data[offset + 15: offset
+ 18])
+ offset += 18
+ self.node_names.append(NBNodeEntry(name, type ,flags))
+ self.set_mac_in_hexa(self.get_unit_id())
+ except Exception:
+ raise NetBIOSError( 'Wrong packet format ' )
+
+ def set_mac_in_hexa(self, data):
+ data_aux = ''
+ for d in data:
+ if data_aux == '':
+ data_aux = '%02x' % ord(d)
+ else:
+ data_aux += '-%02x' % ord(d)
+ self.mac = string.upper(data_aux)
+
+ def get_num_names(self):
+ return self.num_names
+ def get_mac(self):
+ return self.mac
+ def set_num_names(self, num):
+ self.num_names = num
+ def get_node_names(self):
+ return self.node_names
+ def add_node_name(self,node_names):
+ self.node_names.append(node_names)
+ self.num_names += 1
+ def rawData(self):
+ res = pack('!B', self.num_names )
+ for i in range(0, self.num_names):
+ res += self.node_names[i].rawData()
+
+class NBPositiveNameQueryResponse(NBResourceRecord):
+ def __init__(self, data = 0):
+ NBResourceRecord.__init__(self, data)
+ self.addr_entries = [ ]
+ if data:
+ self._data = self.get_rdata()
+ _qn_length, qn_name, qn_scope = decode_name(data)
+ self._netbios_name = string.rstrip(qn_name[:-1]) + qn_scope
+ self._name_type = ord(qn_name[-1])
+ self._nb_flags = unpack('!H', self._data[:2])
+ offset = 2
+ while offset<len(self._data):
+ self.addr_entries.append('%d.%d.%d.%d' % unpack('4B',
(self._data[offset:offset+4])))
+ offset += 4
+
+ def get_netbios_name(self):
+ return self._netbios_name
+
+ def get_name_type(self):
+ return self._name_type
+
+ def get_addr_entries(self):
+ return self.addr_entries
+
+class NetBIOSPacket:
+ """ This is a packet as defined in RFC 1002 """
+ def __init__(self, data = 0):
+ self.name_trn_id = 0x0 # Transaction ID for Name Service Transaction.
+ # Requestor places a unique value for each
active
+ # transaction. Responder puts NAME_TRN_ID
value
+ # from request packet in response packet.
+ self.opcode = 0 # Packet type code
+ self.nm_flags = 0 # Flags for operation
+ self.rcode = 0 # Result codes of request.
+ self.qdcount = 0 # Unsigned 16 bit integer specifying the
number of entries in the question section of a Name
+ self.ancount = 0 # Unsigned 16 bit integer specifying the
number of
+ # resource records in the answer section of a
Name
+ # Service packet.
+ self.nscount = 0 # Unsigned 16 bit integer specifying the
number of
+ # resource records in the authority section of
a
+ # Name Service packet.
+ self.arcount = 0 # Unsigned 16 bit integer specifying the
number of
+ # resource records in the additional records
+ # section of a Name Service packeT.
+ self.questions = ''
+ self.answers = ''
+ if data == 0:
+ self._data = ''
+ else:
+ try:
+ self._data = data
+ self.opcode = ord(data[2]) >> 3
+ self.nm_flags = ((ord(data[2]) & 0x3) << 4) | ((ord(data[3]) &
0xf0) >> 4)
+ self.name_trn_id = unpack('>H', self._data[:2])[0]
+ self.rcode = ord(data[3]) & 0x0f
+ self.qdcount = unpack('>H', self._data[4:6])[0]
+ self.ancount = unpack('>H', self._data[6:8])[0]
+ self.nscount = unpack('>H', self._data[8:10])[0]
+ self.arcount = unpack('>H', self._data[10:12])[0]
+ self.answers = self._data[12:]
+ except Exception:
+ raise NetBIOSError( 'Wrong packet format ' )
+
+ def set_opcode(self, opcode):
+ self.opcode = opcode
+ def set_trn_id(self, trn):
+ self.name_trn_id = trn
+ def set_nm_flags(self, nm_flags):
+ self.nm_flags = nm_flags
+ def set_rcode(self, rcode):
+ self.rcode = rcode
+ def addQuestion(self, question, qtype, qclass):
+ self.qdcount += 1
+ self.questions += question + pack('!HH',qtype,qclass)
+ def get_trn_id(self):
+ return self.name_trn_id
+ def get_rcode(self):
+ return self.rcode
+ def get_nm_flags(self):
+ return self.nm_flags
+ def get_opcode(self):
+ return self.opcode
+ def get_qdcount(self):
+ return self.qdcount
+ def get_ancount(self):
+ return self.ancount
+ def get_nscount(self):
+ return self.nscount
+ def get_arcount(self):
+ return self.arcount
+ def rawData(self):
+ secondWord = self.opcode << 11
+ secondWord |= self.nm_flags << 4
+ secondWord |= self.rcode
+ data = pack('!HHHHHH', self.name_trn_id, secondWord , self.qdcount,
self.ancount, self.nscount, self.arcount) + self.questions + self.answers
+ return data
+ def get_answers(self):
+ return self.answers
+
+class NBHostEntry:
+
+ def __init__(self, nbname, nametype, ip):
+ self.__nbname = nbname
+ self.__nametype = nametype
+ self.__ip = ip
+
+ def get_nbname(self):
+ return self.__nbname
+
+ def get_nametype(self):
+ return self.__nametype
+
+ def get_ip(self):
+ return self.__ip
+
+ def __repr__(self):
+ return '<NBHostEntry instance: NBname="' + self.__nbname + '", IP="' +
self.__ip + '">'
+
+class NBNodeEntry:
+
+ def __init__(self, nbname, nametype, flags):
+ self.__nbname = string.ljust(nbname,17)
+ self.__nametype = nametype
+ self.__flags = flags
+ self.__isgroup = flags & 0x8000
+ self.__nodetype = flags & 0x6000
+ self.__deleting = flags & 0x1000
+ self.__isconflict = flags & 0x0800
+ self.__isactive = flags & 0x0400
+ self.__ispermanent = flags & 0x0200
+
+ def get_nbname(self):
+ return self.__nbname
+
+ def get_nametype(self):
+ return self.__nametype
+
+ def is_group(self):
+ return self.__isgroup
+
+ def get_nodetype(self):
+ return self.__nodetype
+
+ def is_deleting(self):
+ return self.__deleting
+
+ def is_conflict(self):
+ return self.__isconflict
+
+ def is_active(self):
+ return self.__isactive
+
+ def is_permanent(self):
+ return self.__ispermanent
+
+ def set_nbname(self, name):
+ self.__nbname = string.ljust(name,17)
+
+ def set_nametype(self, type):
+ self.__nametype = type
+
+ def set_flags(self,flags):
+ self.__flags = flags
+
+ def __repr__(self):
+ s = '<NBNodeEntry instance: NBname="' + self.__nbname + '" NameType="'
+ NAME_TYPES[self.__nametype] + '"'
+ if self.__isactive:
+ s += ' ACTIVE'
+ if self.__isgroup:
+ s += ' GROUP'
+ if self.__isconflict:
+ s += ' CONFLICT'
+ if self.__deleting:
+ s += ' DELETING'
+ return s
+ def rawData(self):
+ return self.__nbname + pack('!BH',self.__nametype, self.__flags)
+
+
+class NetBIOS:
+
+ # Creates a NetBIOS instance without specifying any default NetBIOS domain
nameserver.
+ # All queries will be sent through the servport.
+ def __init__(self, servport = NETBIOS_NS_PORT):
+ self.__servport = NETBIOS_NS_PORT
+ self.__nameserver = None
+ self.__broadcastaddr = BROADCAST_ADDR
+ self.mac = '00-00-00-00-00-00'
+
+ def _setup_connection(self, dstaddr):
+ port = randint(10000, 60000)
+ af, socktype, proto, _canonname, _sa = socket.getaddrinfo(dstaddr,
port, socket.AF_INET, socket.SOCK_DGRAM)[0]
+ s = socket.socket(af, socktype, proto)
+ has_bind = 1
+ for _i in range(0, 10):
+ # We try to bind to a port for 10 tries
+ try:
+ s.bind(( INADDR_ANY, randint(10000, 60000) ))
+ s.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
+ has_bind = 1
+ except socket.error:
+ pass
+ if not has_bind:
+ raise NetBIOSError, ( 'Cannot bind to a good UDP port',
ERRCLASS_OS, errno.EAGAIN )
+ self.__sock = s
+
+ # Set the default NetBIOS domain nameserver.
+ def set_nameserver(self, nameserver):
+ self.__nameserver = nameserver
+
+ # Return the default NetBIOS domain nameserver, or None if none is
specified.
+ def get_nameserver(self):
+ return self.__nameserver
+
+ # Set the broadcast address to be used for query.
+ def set_broadcastaddr(self, broadcastaddr):
+ self.__broadcastaddr = broadcastaddr
+
+ # Return the broadcast address to be used, or BROADCAST_ADDR if default
broadcast address is used.
+ def get_broadcastaddr(self):
+ return self.__broadcastaddr
+
+ # Returns a NBPositiveNameQueryResponse instance containing the host
information for nbname.
+ # If a NetBIOS domain nameserver has been specified, it will be used for
the query.
+ # Otherwise, the query is broadcasted on the broadcast address.
+ def gethostbyname(self, nbname, qtype = TYPE_WORKSTATION, scope = None,
timeout = 1):
+ return self.__queryname(nbname, self.__nameserver, qtype, scope,
timeout)
+
+ # Returns a list of NBNodeEntry instances containing node status
information for nbname.
+ # If destaddr contains an IP address, then this will become an unicast
query on the destaddr.
+ # Raises NetBIOSTimeout if timeout (in secs) is reached.
+ # Raises NetBIOSError for other errors
+ def getnodestatus(self, nbname, destaddr = None, type = TYPE_WORKSTATION,
scope = None, timeout = 1):
+ if destaddr:
+ return self.__querynodestatus(nbname, destaddr, type, scope,
timeout)
+ else:
+ return self.__querynodestatus(nbname, self.__nameserver, type,
scope, timeout)
+
+ def getnetbiosname(self, ip):
+ entries = self.getnodestatus('*',ip)
+ entries = filter(lambda x:x.get_nametype() == TYPE_SERVER, entries)
+ return entries[0].get_nbname().strip()
+
+ def getmacaddress(self):
+ return self.mac
+
+ def __queryname(self, nbname, destaddr, qtype, scope, timeout, retries =
0):
+ self._setup_connection(destaddr)
+ trn_id = randint(1, 32000)
+ p = NetBIOSPacket()
+ p.set_trn_id(trn_id)
+ netbios_name = nbname.upper()
+ qn_label = encode_name(netbios_name, qtype, scope)
+ p.addQuestion(qn_label, QUESTION_TYPE_NB, QUESTION_CLASS_IN)
+ p.set_nm_flags(NM_FLAGS_RD)
+ if not destaddr:
+ p.set_nm_flags(p.get_nm_flags() | NM_FLAGS_BROADCAST)
+ destaddr = self.__broadcastaddr
+ req = p.rawData()
+
+ tries = retries
+ while 1:
+ self.__sock.sendto(req, ( destaddr, self.__servport ))
+ try:
+ ready, _, _ = select.select([ self.__sock.fileno() ], [ ] , [
], timeout)
+ if not ready:
+ if tries:
+ # Retry again until tries == 0
+ tries -= 1
+ else:
+ raise NetBIOSTimeout
+ else:
+ data, _ = self.__sock.recvfrom(65536, 0)
+
+ res = NetBIOSPacket(data)
+ if res.get_trn_id() == p.get_trn_id():
+ if res.get_rcode():
+ if res.get_rcode() == 0x03:
+ return None
+ else:
+ raise NetBIOSError, ( 'Negative name query
response', ERRCLASS_QUERY, res.get_rcode() )
+
+ if res.get_ancount() != 1:
+ raise NetBIOSError( 'Malformed response')
+
+ return NBPositiveNameQueryResponse(res.get_answers())
+ except select.error, ex:
+ if ex[0] != errno.EINTR and ex[0] != errno.EAGAIN:
+ raise NetBIOSError, ( 'Error occurs while waiting for
response', ERRCLASS_OS, ex[0] )
+ raise
+
+
+ def __querynodestatus(self, nbname, destaddr, type, scope, timeout):
+ self._setup_connection(destaddr)
+ trn_id = randint(1, 32000)
+ p = NetBIOSPacket()
+ p.set_trn_id(trn_id)
+ netbios_name = string.upper(nbname)
+ qn_label = encode_name(netbios_name, type, scope)
+ p.addQuestion(qn_label, QUESTION_TYPE_NBSTAT, QUESTION_CLASS_IN)
+
+ if not destaddr:
+ p.set_nm_flags(NM_FLAGS_BROADCAST)
+ destaddr = self.__broadcastaddr
+ req = p.rawData()
+ tries = 3
+ while 1:
+ try:
+ self.__sock.sendto(req, 0, ( destaddr, self.__servport ))
+ ready, _, _ = select.select([ self.__sock.fileno() ], [ ] , [
], timeout)
+ if not ready:
+ if tries:
+ # Retry again until tries == 0
+ tries -= 1
+ else:
+ raise NetBIOSTimeout
+ else:
+ try:
+ data, _ = self.__sock.recvfrom(65536, 0)
+ except Exception, e:
+ raise NetBIOSError, "recvfrom error: %s" % str(e)
+ self.__sock.close()
+ res = NetBIOSPacket(data)
+ if res.get_trn_id() == p.get_trn_id():
+ if res.get_rcode():
+ if res.get_rcode() == 0x03:
+ # I'm just guessing here
+ raise NetBIOSError, "Cannot get data from
server"
+ else:
+ raise NetBIOSError, ( 'Negative name query
response', ERRCLASS_QUERY, res.get_rcode() )
+ answ = NBNodeStatusResponse(res.get_answers())
+ self.mac = answ.get_mac()
+ return answ.get_node_names()
+ except select.error, ex:
+ if ex[0] != errno.EINTR and ex[0] != errno.EAGAIN:
+ raise NetBIOSError, ( 'Error occurs while waiting for
response', ERRCLASS_OS, ex[0] )
+ except socket.error, ex:
+ raise NetBIOSError, 'Connection error: %s' % str(ex)
+
+# Perform first and second level encoding of name as specified in RFC 1001
(Section 4)
+def encode_name(name, type, scope):
+ if name == '*':
+ name += '\0' * 15
+ elif len(name) > 15:
+ name = name[:15] + chr(type)
+ else:
+ name = string.ljust(name, 15) + chr(type)
+
+ encoded_name = chr(len(name) * 2) + re.sub('.', _do_first_level_encoding,
name)
+ if scope:
+ encoded_scope = ''
+ for s in string.split(scope, '.'):
+ encoded_scope = encoded_scope + chr(len(s)) + s
+ return encoded_name + encoded_scope + '\0'
+ else:
+ return encoded_name + '\0'
+
+# Internal method for use in encode_name()
+def _do_first_level_encoding(m):
+ s = ord(m.group(0))
+ return string.uppercase[s >> 4] + string.uppercase[s & 0x0f]
+
+def decode_name(name):
+ name_length = ord(name[0])
+ assert name_length == 32
+
+ decoded_name = re.sub('..', _do_first_level_decoding, name[1:33])
+ if name[33] == '\0':
+ return 34, decoded_name, ''
+ else:
+ decoded_domain = ''
+ offset = 34
+ while 1:
+ domain_length = ord(name[offset])
+ if domain_length == 0:
+ break
+ decoded_domain = '.' + name[offset:offset + domain_length]
+ offset += domain_length
+ return offset + 1, decoded_name, decoded_domain
+
+def _do_first_level_decoding(m):
+ s = m.group(0)
+ return chr(((ord(s[0]) - ord('A')) << 4) | (ord(s[1]) - ord('A')))
+
+
+
+class NetBIOSSessionPacket:
+ def __init__(self, data = 0):
+ self.type = 0x0
+ self.flags = 0x0
+ self.length = 0x0
+ if data == 0:
+ self._trailer = ''
+ else:
+ try:
+ self.type = ord(data[0])
+ if self.type == NETBIOS_SESSION_MESSAGE:
+ self.length = ord(data[1]) << 16 | (unpack('!H',
data[2:4])[0])
+ else:
+ self.flags = ord(data[1])
+ self.length = unpack('!H', data[2:4])[0]
+
+ self._trailer = data[4:]
+ except:
+ raise NetBIOSError( 'Wrong packet format ' )
+
+ def set_type(self, type):
+ self.type = type
+ def get_type(self):
+ return self.type
+ def rawData(self):
+ if self.type == NETBIOS_SESSION_MESSAGE:
+ data = pack('!BBH',self.type,self.length >> 16,self.length &
0xFFFF) + self._trailer
+ else:
+ data = pack('!BBH',self.type,self.flags,self.length) +
self._trailer
+ return data
+ def set_trailer(self,data):
+ self._trailer = data
+ self.length = len(data)
+ def get_length(self):
+ return self.length
+ def get_trailer(self):
+ return self._trailer
+
+class NetBIOSSession:
+ def __init__(self, myname, remote_name, remote_host, remote_type =
TYPE_SERVER, sess_port = NETBIOS_SESSION_PORT, timeout = None, local_type =
TYPE_WORKSTATION, sock = None):
+ if len(myname) > 15:
+ self.__myname = string.upper(myname[:15])
+ else:
+ self.__myname = string.upper(myname)
+ self.__local_type = local_type
+
+ assert remote_name
+ # if destination port SMB_SESSION_PORT and remote name *SMBSERVER,
we're changing it to its IP address
+ # helping solving the client mistake ;)
+ if remote_name == '*SMBSERVER' and sess_port == SMB_SESSION_PORT:
+ remote_name = remote_host
+ # If remote name is *SMBSERVER let's try to query its name.. if can't
be guessed, continue and hope for the best
+ if remote_name == '*SMBSERVER':
+ nb = NetBIOS()
+
+ try:
+ res = nb.getnetbiosname(remote_host)
+ except:
+ res = None
+ pass
+
+ if res is not None:
+ remote_name = res
+
+ if len(remote_name) > 15:
+ self.__remote_name = string.upper(remote_name[:15])
+ else:
+ self.__remote_name = string.upper(remote_name)
+ self.__remote_type = remote_type
+
+ self.__remote_host = remote_host
+
+ if sock is not None:
+ # We are acting as a server
+ self._sock = sock
+ else:
+ self._sock = self._setup_connection((remote_host, sess_port))
+
+ if sess_port == NETBIOS_SESSION_PORT:
+ self._request_session(remote_type, local_type, timeout)
+
+ def get_myname(self):
+ return self.__myname
+
+ def get_mytype(self):
+ return self.__local_type
+
+ def get_remote_host(self):
+ return self.__remote_host
+
+ def get_remote_name(self):
+ return self.__remote_name
+
+ def get_remote_type(self):
+ return self.__remote_type
+
+ def close(self):
+ self._sock.close()
+
+ def get_socket(self):
+ return self._sock
+
+class NetBIOSUDPSessionPacket(Structure):
+ TYPE_DIRECT_UNIQUE = 16
+ TYPE_DIRECT_GROUP = 17
+
+ FLAGS_MORE_FRAGMENTS = 1
+ FLAGS_FIRST_FRAGMENT = 2
+ FLAGS_B_NODE = 0
+
+ structure = (
+ ('Type','B=16'), # Direct Unique Datagram
+ ('Flags','B=2'), # FLAGS_FIRST_FRAGMENT
+ ('ID','<H'),
+ ('_SourceIP','>L'),
+ ('SourceIP','"'),
+ ('SourcePort','>H=138'),
+ ('DataLegth','>H-Data'),
+ ('Offset','>H=0'),
+ ('SourceName','z'),
+ ('DestinationName','z'),
+ ('Data',':'),
+ )
+
+ def getData(self):
+ addr = self['SourceIP'].split('.')
+ addr = [int(x) for x in addr]
+ addr = (((addr[0] << 8) + addr[1] << 8) + addr[2] << 8) + addr[3]
+ self['_SourceIP'] = addr
+ return Structure.getData(self)
+
+ def get_trailer(self):
+ return self['Data']
+
+class NetBIOSUDPSession(NetBIOSSession):
+ def _setup_connection(self, peer):
+ af, socktype, proto, canonname, sa = socket.getaddrinfo(peer[0],
peer[1], 0, socket.SOCK_DGRAM)[0]
+ sock = socket.socket(af, socktype, proto)
+ sock.connect(sa)
+
+ sock = socket.socket(af, socktype, proto)
+ sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+ sock.bind((INADDR_ANY, 138))
+ self.peer = peer
+ return sock
+
+ def _request_session(self, remote_type, local_type, timeout = None):
+ pass
+
+ def next_id(self):
+ if hasattr(self, '__dgram_id'):
+ answer = self.__dgram_id
+ else:
+ self.__dgram_id = randint(1,65535)
+ answer = self.__dgram_id
+ self.__dgram_id += 1
+ return answer
+
+ def send_packet(self, data):
+ # Yes... I know...
+ self._sock.connect(self.peer)
+
+ p = NetBIOSUDPSessionPacket()
+ p['ID'] = self.next_id()
+ p['SourceIP'] = self._sock.getsockname()[0]
+ p['SourceName'] = encode_name(self.get_myname(), self.get_mytype(),
'')[:-1]
+ p['DestinationName'] = encode_name(self.get_remote_name(),
self.get_remote_type(), '')[:-1]
+ p['Data'] = data
+
+ self._sock.sendto(str(p), self.peer)
+ self._sock.close()
+
+ self._sock = self._setup_connection(self.peer)
+
+ def recv_packet(self, timeout = None):
+ # The next loop is a workaround for a bigger problem:
+ # When data reaches higher layers, the lower headers are lost,
+ # and with them, for example, the source IP. Hence, SMB users
+ # can't know where packets are comming from... we need a better
+ # solution, right now, we will filter everything except packets
+ # coming from the remote_host specified in __init__()
+
+ while 1:
+ data, peer = self._sock.recvfrom(8192)
+# print "peer: %r self.peer: %r" % (peer, self.peer)
+ if peer == self.peer: break
+
+ return NetBIOSUDPSessionPacket(data)
+
+class NetBIOSTCPSession(NetBIOSSession):
+ def __init__(self, myname, remote_name, remote_host, remote_type =
TYPE_SERVER, sess_port = NETBIOS_SESSION_PORT, timeout = None, local_type =
TYPE_WORKSTATION, sock = None, select_poll = False):
+ self.__select_poll = select_poll
+ if self.__select_poll:
+ self.read_function = self.polling_read
+ else:
+ self.read_function = self.non_polling_read
+ NetBIOSSession.__init__(self, myname, remote_name, remote_host,
remote_type = remote_type, sess_port = sess_port, timeout = timeout, local_type
= local_type, sock=sock)
+
+
+ def _setup_connection(self, peer):
+ try:
+ af, socktype, proto, canonname, sa = socket.getaddrinfo(peer[0],
peer[1], 0, socket.SOCK_STREAM)[0]
+ sock = socket.socket(af, socktype, proto)
+ sock.connect(sa)
+ except socket.error, e:
+ raise socket.error("Connection error (%s:%s)" % (peer[0],
peer[1]), e)
+ return sock
+
+ def send_packet(self, data):
+ p = NetBIOSSessionPacket()
+ p.set_type(NETBIOS_SESSION_MESSAGE)
+ p.set_trailer(data)
+ self._sock.send(p.rawData())
+
+ def recv_packet(self, timeout = None):
+ data = self.__read(timeout)
+ return NetBIOSSessionPacket(data)
+
+ def _request_session(self, remote_type, local_type, timeout = None):
+ p = NetBIOSSessionPacket()
+ remote_name = encode_name(self.get_remote_name(), remote_type, '')
+ myname = encode_name(self.get_myname(), local_type, '')
+ p.set_type(NETBIOS_SESSION_REQUEST)
+ p.set_trailer(remote_name + myname)
+
+ self._sock.send(p.rawData())
+ while 1:
+ p = self.recv_packet(timeout)
+ if p.get_type() == NETBIOS_SESSION_NEGATIVE_RESPONSE:
+ raise NetBIOSError, ( 'Cannot request session',
ERRCLASS_SESSION, ord(p.get_trailer()[0]) )
+ elif p.get_type() == NETBIOS_SESSION_POSITIVE_RESPONSE:
+ break
+ else:
+ # Ignore all other messages, most probably keepalive messages
+ pass
+
+ def polling_read(self, read_length, timeout):
+ data = ''
+ if timeout is None:
+ timeout = 3600
+
+ time_left = timeout
+ CHUNK_TIME = 0.025
+ bytes_left = read_length
+
+ while bytes_left > 0:
+ try:
+ ready, _, _ = select.select([self._sock.fileno() ], [ ], [ ],
0)
+
+ if not ready:
+ if time_left <= 0:
+ raise NetBIOSTimeout
+ else:
+ time.sleep(CHUNK_TIME)
+ time_left -= CHUNK_TIME
+ continue
+
+ received = self._sock.recv(bytes_left)
+ if len(received) == 0:
+ raise NetBIOSError, ( 'Error while reading from remote',
ERRCLASS_OS, None)
+
+ data = data + received
+ bytes_left = read_length - len(data)
+ except select.error, ex:
+ if ex[0] != errno.EINTR and ex[0] != errno.EAGAIN:
+ raise NetBIOSError, ( 'Error occurs while reading from
remote', ERRCLASS_OS, ex[0] )
+
+ return data
+
+ def non_polling_read(self, read_length, timeout):
+ data = ''
+ bytes_left = read_length
+
+ while bytes_left > 0:
+ try:
+ ready, _, _ = select.select([self._sock.fileno() ], [ ], [ ],
timeout)
+
+ if not ready:
+ raise NetBIOSTimeout
+
+ received = self._sock.recv(bytes_left)
+ if len(received) == 0:
+ raise NetBIOSError, ( 'Error while reading from remote',
ERRCLASS_OS, None)
+
+ data = data + received
+ bytes_left = read_length - len(data)
+ except select.error, ex:
+ if ex[0] != errno.EINTR and ex[0] != errno.EAGAIN:
+ raise NetBIOSError, ( 'Error occurs while reading from
remote', ERRCLASS_OS, ex[0] )
+
+ return data
+
+ def __read(self, timeout = None):
+ data = self.read_function(4, timeout)
+ type, flags, length = unpack('>ccH', data)
+ if ord(type) == NETBIOS_SESSION_MESSAGE:
+ length |= ord(flags) << 16
+ else:
+ if ord(flags) & 0x01:
+ length |= 0x10000
+ data2 = self.read_function(length, timeout)
+
+ return data + data2
+
+ERRCLASS_QUERY = 0x00
+ERRCLASS_SESSION = 0xf0
+ERRCLASS_OS = 0xff
+
+QUERY_ERRORS = { 0x01: 'Request format error. Please file a bug report.',
+ 0x02: 'Internal server error',
+ 0x03: 'Name does not exist',
+ 0x04: 'Unsupported request',
+ 0x05: 'Request refused'
+ }
+
+SESSION_ERRORS = { 0x80: 'Not listening on called name',
+ 0x81: 'Not listening for calling name',
+ 0x82: 'Called name not present',
+ 0x83: 'Sufficient resources',
+ 0x8f: 'Unspecified error'
+ }
+
+def main():
+ def get_netbios_host_by_name(name):
+ n = NetBIOS()
+ n.set_broadcastaddr('255.255.255.255') # To avoid use "<broadcast>" in
socket
+ for qtype in (TYPE_WORKSTATION, TYPE_CLIENT, TYPE_SERVER,
TYPE_DOMAIN_MASTER, TYPE_DOMAIN_CONTROLLER):
+ try:
+ addrs = n.gethostbyname(name, qtype = qtype).get_addr_entries()
+ except NetBIOSTimeout:
+ continue
+ else:
+ return addrs
+ raise Exception("Host not found")
+
+
+ n = get_netbios_host_by_name("some-host")
+ print n
+
+if __name__ == '__main__':
+ main()
diff --git a/tests/python_dependencies/impacket/nt_errors.py
b/tests/python_dependencies/impacket/nt_errors.py
new file mode 100644
index 000000000..cd7ef80ae
--- /dev/null
+++ b/tests/python_dependencies/impacket/nt_errors.py
@@ -0,0 +1,3586 @@
+# Copyright (c) 2003-2016 CORE Security Technologies)
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+# Author: Alberto Solino (@agsolino)
+#
+# Description:
+# NT STATUS Errors from [MS-ERREF]. Ideally all the files
+# should grab the error codes from here (big ToDo)
+#
+
+ERROR_MESSAGES = {
+ 0x00000000: ("STATUS_SUCCESS","The operation completed successfully."),
+ 0x00000001: ("STATUS_WAIT_1","The caller specified WaitAny for
WaitType and one of the dispatcher objects in the Object array has been set to
the signaled state."),
+ 0x00000002: ("STATUS_WAIT_2","The caller specified WaitAny for
WaitType and one of the dispatcher objects in the Object array has been set to
the signaled state."),
+ 0x00000003: ("STATUS_WAIT_3","The caller specified WaitAny for
WaitType and one of the dispatcher objects in the Object array has been set to
the signaled state."),
+ 0x0000003F: ("STATUS_WAIT_63","The caller specified WaitAny for
WaitType and one of the dispatcher objects in the Object array has been set to
the signaled state."),
+ 0x00000080: ("STATUS_ABANDONED","The caller attempted to wait for a
mutex that has been abandoned."),
+ 0x00000080: ("STATUS_ABANDONED_WAIT_0","The caller attempted to wait
for a mutex that has been abandoned."),
+ 0x000000BF: ("STATUS_ABANDONED_WAIT_63","The caller attempted to wait
for a mutex that has been abandoned."),
+ 0x000000C0: ("STATUS_USER_APC","A user-mode APC was delivered before
the given Interval expired."),
+ 0x00000101: ("STATUS_ALERTED","The delay completed because the thread
was alerted."),
+ 0x00000102: ("STATUS_TIMEOUT","The given Timeout interval expired."),
+ 0x00000103: ("STATUS_PENDING","The operation that was requested is
pending completion."),
+ 0x00000104: ("STATUS_REPARSE","A reparse should be performed by the
Object Manager because the name of the file resulted in a symbolic link."),
+ 0x00000105: ("STATUS_MORE_ENTRIES","Returned by enumeration APIs to
indicate more information is available to successive calls."),
+ 0x00000106: ("STATUS_NOT_ALL_ASSIGNED","Indicates not all privileges
or groups that are referenced are assigned to the caller. This allows, for
example, all privileges to be disabled without having to know exactly which
privileges are assigned."),
+ 0x00000107: ("STATUS_SOME_NOT_MAPPED","Some of the information to be
translated has not been translated."),
+ 0x00000108: ("STATUS_OPLOCK_BREAK_IN_PROGRESS","An open/create
operation completed while an opportunistic lock (oplock) break is underway."),
+ 0x00000109: ("STATUS_VOLUME_MOUNTED","A new volume has been mounted by
a file system."),
+ 0x0000010A: ("STATUS_RXACT_COMMITTED","This success level status
indicates that the transaction state already exists for the registry subtree
but that a transaction commit was previously aborted. The commit has now been
completed."),
+ 0x0000010B: ("STATUS_NOTIFY_CLEANUP","Indicates that a notify change
request has been completed due to closing the handle that made the notify
change request."),
+ 0x0000010C: ("STATUS_NOTIFY_ENUM_DIR","Indicates that a notify change
request is being completed and that the information is not being returned in
the caller's buffer. The caller now needs to enumerate the files to find the
changes."),
+ 0x0000010D: ("STATUS_NO_QUOTAS_FOR_ACCOUNT","{No Quotas} No system
quota limits are specifically set for this account."),
+ 0x0000010E: ("STATUS_PRIMARY_TRANSPORT_CONNECT_FAILED","{Connect
Failure on Primary Transport} An attempt was made to connect to the remote
server %hs on the primary transport, but the connection failed. The computer
WAS able to connect on a secondary transport."),
+ 0x00000110: ("STATUS_PAGE_FAULT_TRANSITION","The page fault was a
transition fault."),
+ 0x00000111: ("STATUS_PAGE_FAULT_DEMAND_ZERO","The page fault was a
demand zero fault."),
+ 0x00000112: ("STATUS_PAGE_FAULT_COPY_ON_WRITE","The page fault was a
demand zero fault."),
+ 0x00000113: ("STATUS_PAGE_FAULT_GUARD_PAGE","The page fault was a
demand zero fault."),
+ 0x00000114: ("STATUS_PAGE_FAULT_PAGING_FILE","The page fault was
satisfied by reading from a secondary storage device."),
+ 0x00000115: ("STATUS_CACHE_PAGE_LOCKED","The cached page was locked
during operation."),
+ 0x00000116: ("STATUS_CRASH_DUMP","The crash dump exists in a paging
file."),
+ 0x00000117: ("STATUS_BUFFER_ALL_ZEROS","The specified buffer contains
all zeros."),
+ 0x00000118: ("STATUS_REPARSE_OBJECT","A reparse should be performed by
the Object Manager because the name of the file resulted in a symbolic link."),
+ 0x00000119: ("STATUS_RESOURCE_REQUIREMENTS_CHANGED","The device has
succeeded a query-stop and its resource requirements have changed."),
+ 0x00000120: ("STATUS_TRANSLATION_COMPLETE","The translator has
translated these resources into the global space and no additional translations
should be performed."),
+ 0x00000121: ("STATUS_DS_MEMBERSHIP_EVALUATED_LOCALLY","The directory
service evaluated group memberships locally, because it was unable to contact a
global catalog server."),
+ 0x00000122: ("STATUS_NOTHING_TO_TERMINATE","A process being terminated
has no threads to terminate."),
+ 0x00000123: ("STATUS_PROCESS_NOT_IN_JOB","The specified process is not
part of a job."),
+ 0x00000124: ("STATUS_PROCESS_IN_JOB","The specified process is part of
a job."),
+ 0x00000125: ("STATUS_VOLSNAP_HIBERNATE_READY","{Volume Shadow Copy
Service} The system is now ready for hibernation."),
+ 0x00000126: ("STATUS_FSFILTER_OP_COMPLETED_SUCCESSFULLY","A file
system or file system filter driver has successfully completed an FsFilter
operation."),
+ 0x00000127: ("STATUS_INTERRUPT_VECTOR_ALREADY_CONNECTED","The
specified interrupt vector was already connected."),
+ 0x00000128: ("STATUS_INTERRUPT_STILL_CONNECTED","The specified
interrupt vector is still connected."),
+ 0x00000129: ("STATUS_PROCESS_CLONED","The current process is a cloned
process."),
+ 0x0000012A: ("STATUS_FILE_LOCKED_WITH_ONLY_READERS","The file was
locked and all users of the file can only read."),
+ 0x0000012B: ("STATUS_FILE_LOCKED_WITH_WRITERS","The file was locked
and at least one user of the file can write."),
+ 0x00000202: ("STATUS_RESOURCEMANAGER_READ_ONLY","The specified
ResourceManager made no changes or updates to the resource under this
transaction."),
+ 0x00000367: ("STATUS_WAIT_FOR_OPLOCK","An operation is blocked and
waiting for an oplock."),
+ 0x00010001: ("DBG_EXCEPTION_HANDLED","Debugger handled the
exception."),
+ 0x00010002: ("DBG_CONTINUE","The debugger continued."),
+ 0x001C0001: ("STATUS_FLT_IO_COMPLETE","The IO was completed by a
filter."),
+ 0xC0000467: ("STATUS_FILE_NOT_AVAILABLE","The file is temporarily
unavailable."),
+ 0xC0000721: ("STATUS_CALLBACK_RETURNED_THREAD_AFFINITY","A threadpool
worker thread entered a callback at thread affinity %p and exited at affinity
%p. This is unexpected, indicating that the callback missed restoring the
priority."),
+ 0x40000000: ("STATUS_OBJECT_NAME_EXISTS","{Object Exists} An attempt
was made to create an object but the object name already exists."),
+ 0x40000001: ("STATUS_THREAD_WAS_SUSPENDED","{Thread Suspended} A
thread termination occurred while the thread was suspended. The thread resumed,
and termination proceeded."),
+ 0x40000002: ("STATUS_WORKING_SET_LIMIT_RANGE","{Working Set Range
Error} An attempt was made to set the working set minimum or maximum to values
that are outside the allowable range."),
+ 0x40000003: ("STATUS_IMAGE_NOT_AT_BASE","{Image Relocated} An image
file could not be mapped at the address that is specified in the image file.
Local fixes must be performed on this image."),
+ 0x40000004: ("STATUS_RXACT_STATE_CREATED","This informational level
status indicates that a specified registry subtree transaction state did not
yet exist and had to be created."),
+ 0x40000005: ("STATUS_SEGMENT_NOTIFICATION","{Segment Load} A virtual
DOS machine (VDM) is loading, unloading, or moving an MS-DOS or Win16 program
segment image. An exception is raised so that a debugger can load, unload, or
track symbols and breakpoints within these 16-bit segments."),
+ 0x40000006: ("STATUS_LOCAL_USER_SESSION_KEY","{Local Session Key} A
user session key was requested for a local remote procedure call (RPC)
connection. The session key that is returned is a constant value and not unique
to this connection."),
+ 0x40000007: ("STATUS_BAD_CURRENT_DIRECTORY","{Invalid Current
Directory} The process cannot switch to the startup current directory %hs.
Select OK to set the current directory to %hs, or select CANCEL to exit."),
+ 0x40000008: ("STATUS_SERIAL_MORE_WRITES","{Serial IOCTL Complete} A
serial I/O operation was completed by another write to a serial port. (The
IOCTL_SERIAL_XOFF_COUNTER reached zero.)"),
+ 0x40000009: ("STATUS_REGISTRY_RECOVERED","{Registry Recovery} One of
the files that contains the system registry data had to be recovered by using a
log or alternate copy. The recovery was successful."),
+ 0x4000000A: ("STATUS_FT_READ_RECOVERY_FROM_BACKUP","{Redundant Read}
To satisfy a read request, the Windows NT fault-tolerant file system
successfully read the requested data from a redundant copy. This was done
because the file system encountered a failure on a member of the fault-tolerant
volume but was unable to reassign the failing area of the device."),
+ 0x4000000B: ("STATUS_FT_WRITE_RECOVERY","{Redundant Write} To satisfy
a write request, the Windows NT fault-tolerant file system successfully wrote a
redundant copy of the information. This was done because the file system
encountered a failure on a member of the fault-tolerant volume but was unable
to reassign the failing area of the device."),
+ 0x4000000C: ("STATUS_SERIAL_COUNTER_TIMEOUT","{Serial IOCTL Timeout} A
serial I/O operation completed because the time-out period expired. (The
IOCTL_SERIAL_XOFF_COUNTER had not reached zero.)"),
+ 0x4000000D: ("STATUS_NULL_LM_PASSWORD","{Password Too Complex} The
Windows password is too complex to be converted to a LAN Manager password. The
LAN Manager password that returned is a NULL string."),
+ 0x4000000E: ("STATUS_IMAGE_MACHINE_TYPE_MISMATCH","{Machine Type
Mismatch} The image file %hs is valid but is for a machine type other than the
current machine. Select OK to continue, or CANCEL to fail the DLL load."),
+ 0x4000000F: ("STATUS_RECEIVE_PARTIAL","{Partial Data Received} The
network transport returned partial data to its client. The remaining data will
be sent later."),
+ 0x40000010: ("STATUS_RECEIVE_EXPEDITED","{Expedited Data Received} The
network transport returned data to its client that was marked as expedited by
the remote system."),
+ 0x40000011: ("STATUS_RECEIVE_PARTIAL_EXPEDITED","{Partial Expedited
Data Received} The network transport returned partial data to its client and
this data was marked as expedited by the remote system. The remaining data will
be sent later."),
+ 0x40000012: ("STATUS_EVENT_DONE","{TDI Event Done} The TDI indication
has completed successfully."),
+ 0x40000013: ("STATUS_EVENT_PENDING","{TDI Event Pending} The TDI
indication has entered the pending state."),
+ 0x40000014: ("STATUS_CHECKING_FILE_SYSTEM","Checking file system on
%wZ."),
+ 0x40000015: ("STATUS_FATAL_APP_EXIT","{Fatal Application Exit} %hs"),
+ 0x40000016: ("STATUS_PREDEFINED_HANDLE","The specified registry key is
referenced by a predefined handle."),
+ 0x40000017: ("STATUS_WAS_UNLOCKED","{Page Unlocked} The page
protection of a locked page was changed to 'No Access' and the page was
unlocked from memory and from the process."),
+ 0x40000018: ("STATUS_SERVICE_NOTIFICATION","%hs"),
+ 0x40000019: ("STATUS_WAS_LOCKED","{Page Locked} One of the pages to
lock was already locked."),
+ 0x4000001A: ("STATUS_LOG_HARD_ERROR","Application popup: %1 : %2"),
+ 0x4000001B: ("STATUS_ALREADY_WIN32","A Win32 process already exists."),
+ 0x4000001C: ("STATUS_WX86_UNSIMULATE","An exception status code that
is used by the Win32 x86 emulation subsystem."),
+ 0x4000001D: ("STATUS_WX86_CONTINUE","An exception status code that is
used by the Win32 x86 emulation subsystem."),
+ 0x4000001E: ("STATUS_WX86_SINGLE_STEP","An exception status code that
is used by the Win32 x86 emulation subsystem."),
+ 0x4000001F: ("STATUS_WX86_BREAKPOINT","An exception status code that
is used by the Win32 x86 emulation subsystem."),
+ 0x40000020: ("STATUS_WX86_EXCEPTION_CONTINUE","An exception status
code that is used by the Win32 x86 emulation subsystem."),
+ 0x40000021: ("STATUS_WX86_EXCEPTION_LASTCHANCE","An exception status
code that is used by the Win32 x86 emulation subsystem."),
+ 0x40000022: ("STATUS_WX86_EXCEPTION_CHAIN","An exception status code
that is used by the Win32 x86 emulation subsystem."),
+ 0x40000023: ("STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE","{Machine Type
Mismatch} The image file %hs is valid but is for a machine type other than the
current machine."),
+ 0x40000024: ("STATUS_NO_YIELD_PERFORMED","A yield execution was
performed and no thread was available to run."),
+ 0x40000025: ("STATUS_TIMER_RESUME_IGNORED","The resume flag to a timer
API was ignored."),
+ 0x40000026: ("STATUS_ARBITRATION_UNHANDLED","The arbiter has deferred
arbitration of these resources to its parent."),
+ 0x40000027: ("STATUS_CARDBUS_NOT_SUPPORTED","The device has detected a
CardBus card in its slot."),
+ 0x40000028: ("STATUS_WX86_CREATEWX86TIB","An exception status code
that is used by the Win32 x86 emulation subsystem."),
+ 0x40000029: ("STATUS_MP_PROCESSOR_MISMATCH","The CPUs in this
multiprocessor system are not all the same revision level. To use all
processors, the operating system restricts itself to the features of the least
capable processor in the system. If problems occur with this system, contact
the CPU manufacturer to see if this mix of processors is supported."),
+ 0x4000002A: ("STATUS_HIBERNATED","The system was put into
hibernation."),
+ 0x4000002B: ("STATUS_RESUME_HIBERNATION","The system was resumed from
hibernation."),
+ 0x4000002C: ("STATUS_FIRMWARE_UPDATED","Windows has detected that the
system firmware (BIOS) was updated [previous firmware date = %2, current
firmware date %3]."),
+ 0x4000002D: ("STATUS_DRIVERS_LEAKING_LOCKED_PAGES","A device driver is
leaking locked I/O pages and is causing system degradation. The system has
automatically enabled the tracking code to try and catch the culprit."),
+ 0x4000002E: ("STATUS_MESSAGE_RETRIEVED","The ALPC message being
canceled has already been retrieved from the queue on the other side."),
+ 0x4000002F: ("STATUS_SYSTEM_POWERSTATE_TRANSITION","The system power
state is transitioning from %2 to %3."),
+ 0x40000030: ("STATUS_ALPC_CHECK_COMPLETION_LIST","The receive
operation was successful. Check the ALPC completion list for the received
message."),
+ 0x40000031: ("STATUS_SYSTEM_POWERSTATE_COMPLEX_TRANSITION","The system
power state is transitioning from %2 to %3 but could enter %4."),
+ 0x40000032: ("STATUS_ACCESS_AUDIT_BY_POLICY","Access to %1 is
monitored by policy rule %2."),
+ 0x40000033: ("STATUS_ABANDON_HIBERFILE","A valid hibernation file has
been invalidated and should be abandoned."),
+ 0x40000034: ("STATUS_BIZRULES_NOT_ENABLED","Business rule scripts are
disabled for the calling application."),
+ 0x40000294: ("STATUS_WAKE_SYSTEM","The system has awoken."),
+ 0x40000370: ("STATUS_DS_SHUTTING_DOWN","The directory service is
shutting down."),
+ 0x40010001: ("DBG_REPLY_LATER","Debugger will reply later."),
+ 0x40010002: ("DBG_UNABLE_TO_PROVIDE_HANDLE","Debugger cannot provide a
handle."),
+ 0x40010003: ("DBG_TERMINATE_THREAD","Debugger terminated the thread."),
+ 0x40010004: ("DBG_TERMINATE_PROCESS","Debugger terminated the
process."),
+ 0x40010005: ("DBG_CONTROL_C","Debugger obtained control of C."),
+ 0x40010006: ("DBG_PRINTEXCEPTION_C","Debugger printed an exception on
control C."),
+ 0x40010007: ("DBG_RIPEXCEPTION","Debugger received a RIP exception."),
+ 0x40010008: ("DBG_CONTROL_BREAK","Debugger received a control break."),
+ 0x40010009: ("DBG_COMMAND_EXCEPTION","Debugger command communication
exception."),
+ 0x40020056: ("RPC_NT_UUID_LOCAL_ONLY","A UUID that is valid only on
this computer has been allocated."),
+ 0x400200AF: ("RPC_NT_SEND_INCOMPLETE","Some data remains to be sent in
the request buffer."),
+ 0x400A0004: ("STATUS_CTX_CDM_CONNECT","The Client Drive Mapping
Service has connected on Terminal Connection."),
+ 0x400A0005: ("STATUS_CTX_CDM_DISCONNECT","The Client Drive Mapping
Service has disconnected on Terminal Connection."),
+ 0x4015000D: ("STATUS_SXS_RELEASE_ACTIVATION_CONTEXT","A kernel mode
component is releasing a reference on an activation context."),
+ 0x40190034: ("STATUS_RECOVERY_NOT_NEEDED","The transactional resource
manager is already consistent. Recovery is not needed."),
+ 0x40190035: ("STATUS_RM_ALREADY_STARTED","The transactional resource
manager has already been started."),
+ 0x401A000C: ("STATUS_LOG_NO_RESTART","The log service encountered a
log stream with no restart area."),
+ 0x401B00EC: ("STATUS_VIDEO_DRIVER_DEBUG_REPORT_REQUEST","{Display
Driver Recovered From Failure} The %hs display driver has detected a failure
and recovered from it. Some graphical operations may have failed. The next time
you restart the machine, a dialog box appears, giving you an opportunity to
upload data about this failure to Microsoft."),
+ 0x401E000A: ("STATUS_GRAPHICS_PARTIAL_DATA_POPULATED","The specified
buffer is not big enough to contain the entire requested dataset. Partial data
is populated up to the size of the buffer. The caller needs to provide a buffer
of the size as specified in the partially populated buffer's content (interface
specific)."),
+ 0x401E0117: ("STATUS_GRAPHICS_DRIVER_MISMATCH","The kernel driver
detected a version mismatch between it and the user mode driver."),
+ 0x401E0307: ("STATUS_GRAPHICS_MODE_NOT_PINNED","No mode is pinned on
the specified VidPN source/target."),
+ 0x401E031E: ("STATUS_GRAPHICS_NO_PREFERRED_MODE","The specified mode
set does not specify a preference for one of its modes."),
+ 0x401E034B: ("STATUS_GRAPHICS_DATASET_IS_EMPTY","The specified dataset
(for example, mode set, frequency range set, descriptor set, or topology) is
empty."),
+ 0x401E034C: ("STATUS_GRAPHICS_NO_MORE_ELEMENTS_IN_DATASET","The
specified dataset (for example, mode set, frequency range set, descriptor set,
or topology) does not contain any more elements."),
+ 0x401E0351:
("STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_PINNED","The
specified content transformation is not pinned on the specified VidPN present
path."),
+ 0x401E042F: ("STATUS_GRAPHICS_UNKNOWN_CHILD_STATUS","The child device
presence was not reliably detected."),
+ 0x401E0437: ("STATUS_GRAPHICS_LEADLINK_START_DEFERRED","Starting the
lead adapter in a linked configuration has been temporarily deferred."),
+ 0x401E0439: ("STATUS_GRAPHICS_POLLING_TOO_FREQUENTLY","The display
adapter is being polled for children too frequently at the same polling
level."),
+ 0x401E043A: ("STATUS_GRAPHICS_START_DEFERRED","Starting the adapter
has been temporarily deferred."),
+ 0x40230001: ("STATUS_NDIS_INDICATION_REQUIRED","The request will be
completed later by an NDIS status indication."),
+ 0x80000001: ("STATUS_GUARD_PAGE_VIOLATION","{EXCEPTION} Guard Page
Exception A page of memory that marks the end of a data structure, such as a
stack or an array, has been accessed."),
+ 0x80000002: ("STATUS_DATATYPE_MISALIGNMENT","{EXCEPTION} Alignment
Fault A data type misalignment was detected in a load or store instruction."),
+ 0x80000003: ("STATUS_BREAKPOINT","{EXCEPTION} Breakpoint A breakpoint
has been reached."),
+ 0x80000004: ("STATUS_SINGLE_STEP","{EXCEPTION} Single Step A single
step or trace operation has just been completed."),
+ 0x80000005: ("STATUS_BUFFER_OVERFLOW","{Buffer Overflow} The data was
too large to fit into the specified buffer."),
+ 0x80000006: ("STATUS_NO_MORE_FILES","{No More Files} No more files
were found which match the file specification."),
+ 0x80000007: ("STATUS_WAKE_SYSTEM_DEBUGGER","{Kernel Debugger Awakened}
The system debugger was awakened by an interrupt."),
+ 0x8000000A: ("STATUS_HANDLES_CLOSED","{Handles Closed} Handles to
objects have been automatically closed because of the requested operation."),
+ 0x8000000B: ("STATUS_NO_INHERITANCE","{Non-Inheritable ACL} An access
control list (ACL) contains no components that can be inherited."),
+ 0x8000000C: ("STATUS_GUID_SUBSTITUTION_MADE","{GUID Substitution}
During the translation of a globally unique identifier (GUID) to a Windows
security ID (SID), no administratively defined GUID prefix was found. A
substitute prefix was used, which will not compromise system security. However,
this may provide a more restrictive access than intended."),
+ 0x8000000D: ("STATUS_PARTIAL_COPY","Because of protection conflicts,
not all the requested bytes could be copied."),
+ 0x8000000E: ("STATUS_DEVICE_PAPER_EMPTY","{Out of Paper} The printer
is out of paper."),
+ 0x8000000F: ("STATUS_DEVICE_POWERED_OFF","{Device Power Is Off} The
printer power has been turned off."),
+ 0x80000010: ("STATUS_DEVICE_OFF_LINE","{Device Offline} The printer
has been taken offline."),
+ 0x80000011: ("STATUS_DEVICE_BUSY","{Device Busy} The device is
currently busy."),
+ 0x80000012: ("STATUS_NO_MORE_EAS","{No More EAs} No more extended
attributes (EAs) were found for the file."),
+ 0x80000013: ("STATUS_INVALID_EA_NAME","{Illegal EA} The specified
extended attribute (EA) name contains at least one illegal character."),
+ 0x80000014: ("STATUS_EA_LIST_INCONSISTENT","{Inconsistent EA List} The
extended attribute (EA) list is inconsistent."),
+ 0x80000015: ("STATUS_INVALID_EA_FLAG","{Invalid EA Flag} An invalid
extended attribute (EA) flag was set."),
+ 0x80000016: ("STATUS_VERIFY_REQUIRED","{Verifying Disk} The media has
changed and a verify operation is in progress; therefore, no reads or writes
may be performed to the device, except those that are used in the verify
operation."),
+ 0x80000017: ("STATUS_EXTRANEOUS_INFORMATION","{Too Much Information}
The specified access control list (ACL) contained more information than was
expected."),
+ 0x80000018: ("STATUS_RXACT_COMMIT_NECESSARY","This warning level
status indicates that the transaction state already exists for the registry
subtree, but that a transaction commit was previously aborted. The commit has
NOT been completed but has not been rolled back either; therefore, it may still
be committed, if needed."),
+ 0x8000001A: ("STATUS_NO_MORE_ENTRIES","{No More Entries} No more
entries are available from an enumeration operation."),
+ 0x8000001B: ("STATUS_FILEMARK_DETECTED","{Filemark Found} A filemark
was detected."),
+ 0x8000001C: ("STATUS_MEDIA_CHANGED","{Media Changed} The media may
have changed."),
+ 0x8000001D: ("STATUS_BUS_RESET","{I/O Bus Reset} An I/O bus reset was
detected."),
+ 0x8000001E: ("STATUS_END_OF_MEDIA","{End of Media} The end of the
media was encountered."),
+ 0x8000001F: ("STATUS_BEGINNING_OF_MEDIA","The beginning of a tape or
partition has been detected."),
+ 0x80000020: ("STATUS_MEDIA_CHECK","{Media Changed} The media may have
changed."),
+ 0x80000021: ("STATUS_SETMARK_DETECTED","A tape access reached a set
mark."),
+ 0x80000022: ("STATUS_NO_DATA_DETECTED","During a tape access, the end
of the data written is reached."),
+ 0x80000023: ("STATUS_REDIRECTOR_HAS_OPEN_HANDLES","The redirector is
in use and cannot be unloaded."),
+ 0x80000024: ("STATUS_SERVER_HAS_OPEN_HANDLES","The server is in use
and cannot be unloaded."),
+ 0x80000025: ("STATUS_ALREADY_DISCONNECTED","The specified connection
has already been disconnected."),
+ 0x80000026: ("STATUS_LONGJUMP","A long jump has been executed."),
+ 0x80000027: ("STATUS_CLEANER_CARTRIDGE_INSTALLED","A cleaner cartridge
is present in the tape library."),
+ 0x80000028: ("STATUS_PLUGPLAY_QUERY_VETOED","The Plug and Play query
operation was not successful."),
+ 0x80000029: ("STATUS_UNWIND_CONSOLIDATE","A frame consolidation has
been executed."),
+ 0x8000002A: ("STATUS_REGISTRY_HIVE_RECOVERED","{Registry Hive
Recovered} The registry hive (file): %hs was corrupted and it has been
recovered. Some data might have been lost."),
+ 0x8000002B: ("STATUS_DLL_MIGHT_BE_INSECURE","The application is
attempting to run executable code from the module %hs. This may be insecure. An
alternative, %hs, is available. Should the application use the secure module
%hs?"),
+ 0x8000002C: ("STATUS_DLL_MIGHT_BE_INCOMPATIBLE","The application is
loading executable code from the module %hs. This is secure but may be
incompatible with previous releases of the operating system. An alternative,
%hs, is available. Should the application use the secure module %hs?"),
+ 0x8000002D: ("STATUS_STOPPED_ON_SYMLINK","The create operation stopped
after reaching a symbolic link."),
+ 0x80000288: ("STATUS_DEVICE_REQUIRES_CLEANING","The device has
indicated that cleaning is necessary."),
+ 0x80000289: ("STATUS_DEVICE_DOOR_OPEN","The device has indicated that
its door is open. Further operations require it closed and secured."),
+ 0x80000803: ("STATUS_DATA_LOST_REPAIR","Windows discovered a
corruption in the file %hs. This file has now been repaired. Check if any data
in the file was lost because of the corruption."),
+ 0x80010001: ("DBG_EXCEPTION_NOT_HANDLED","Debugger did not handle the
exception."),
+ 0x80130001: ("STATUS_CLUSTER_NODE_ALREADY_UP","The cluster node is
already up."),
+ 0x80130002: ("STATUS_CLUSTER_NODE_ALREADY_DOWN","The cluster node is
already down."),
+ 0x80130003: ("STATUS_CLUSTER_NETWORK_ALREADY_ONLINE","The cluster
network is already online."),
+ 0x80130004: ("STATUS_CLUSTER_NETWORK_ALREADY_OFFLINE","The cluster
network is already offline."),
+ 0x80130005: ("STATUS_CLUSTER_NODE_ALREADY_MEMBER","The cluster node is
already a member of the cluster."),
+ 0x80190009: ("STATUS_COULD_NOT_RESIZE_LOG","The log could not be set
to the requested size."),
+ 0x80190029: ("STATUS_NO_TXF_METADATA","There is no transaction
metadata on the file."),
+ 0x80190031: ("STATUS_CANT_RECOVER_WITH_HANDLE_OPEN","The file cannot
be recovered because there is a handle still open on it."),
+ 0x80190041: ("STATUS_TXF_METADATA_ALREADY_PRESENT","Transaction
metadata is already present on this file and cannot be superseded."),
+ 0x80190042: ("STATUS_TRANSACTION_SCOPE_CALLBACKS_NOT_SET","A
transaction scope could not be entered because the scope handler has not been
initialized."),
+ 0x801B00EB:
("STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD_RECOVERED","{Display Driver Stopped
Responding and recovered} The %hs display driver has stopped working normally.
The recovery had been performed."),
+ 0x801C0001: ("STATUS_FLT_BUFFER_TOO_SMALL","{Buffer too small} The
buffer is too small to contain the entry. No information has been written to
the buffer."),
+ 0x80210001: ("STATUS_FVE_PARTIAL_METADATA","Volume metadata read or
write is incomplete."),
+ 0x80210002: ("STATUS_FVE_TRANSIENT_STATE","BitLocker encryption keys
were ignored because the volume was in a transient state."),
+ 0xC0000001: ("STATUS_UNSUCCESSFUL","{Operation Failed} The requested
operation was unsuccessful."),
+ 0xC0000002: ("STATUS_NOT_IMPLEMENTED","{Not Implemented} The requested
operation is not implemented."),
+ 0xC0000003: ("STATUS_INVALID_INFO_CLASS","{Invalid Parameter} The
specified information class is not a valid information class for the specified
object."),
+ 0xC0000004: ("STATUS_INFO_LENGTH_MISMATCH","The specified information
record length does not match the length that is required for the specified
information class."),
+ 0xC0000005: ("STATUS_ACCESS_VIOLATION","The instruction at 0x%08lx
referenced memory at 0x%08lx. The memory could not be %s."),
+ 0xC0000006: ("STATUS_IN_PAGE_ERROR","The instruction at 0x%08lx
referenced memory at 0x%08lx. The required data was not placed into memory
because of an I/O error status of 0x%08lx."),
+ 0xC0000007: ("STATUS_PAGEFILE_QUOTA","The page file quota for the
process has been exhausted."),
+ 0xC0000008: ("STATUS_INVALID_HANDLE","An invalid HANDLE was
specified."),
+ 0xC0000009: ("STATUS_BAD_INITIAL_STACK","An invalid initial stack was
specified in a call to NtCreateThread."),
+ 0xC000000A: ("STATUS_BAD_INITIAL_PC","An invalid initial start address
was specified in a call to NtCreateThread."),
+ 0xC000000B: ("STATUS_INVALID_CID","An invalid client ID was
specified."),
+ 0xC000000C: ("STATUS_TIMER_NOT_CANCELED","An attempt was made to
cancel or set a timer that has an associated APC and the specified thread is
not the thread that originally set the timer with an associated APC routine."),
+ 0xC000000D: ("STATUS_INVALID_PARAMETER","An invalid parameter was
passed to a service or function."),
+ 0xC000000E: ("STATUS_NO_SUCH_DEVICE","A device that does not exist was
specified."),
+ 0xC000000F: ("STATUS_NO_SUCH_FILE","{File Not Found} The file %hs does
not exist."),
+ 0xC0000010: ("STATUS_INVALID_DEVICE_REQUEST","The specified request is
not a valid operation for the target device."),
+ 0xC0000011: ("STATUS_END_OF_FILE","The end-of-file marker has been
reached. There is no valid data in the file beyond this marker."),
+ 0xC0000012: ("STATUS_WRONG_VOLUME","{Wrong Volume} The wrong volume is
in the drive. Insert volume %hs into drive %hs."),
+ 0xC0000013: ("STATUS_NO_MEDIA_IN_DEVICE","{No Disk} There is no disk
in the drive. Insert a disk into drive %hs."),
+ 0xC0000014: ("STATUS_UNRECOGNIZED_MEDIA","{Unknown Disk Format} The
disk in drive %hs is not formatted properly. Check the disk, and reformat it,
if needed."),
+ 0xC0000015: ("STATUS_NONEXISTENT_SECTOR","{Sector Not Found} The
specified sector does not exist."),
+ 0xC0000016: ("STATUS_MORE_PROCESSING_REQUIRED","{Still Busy} The
specified I/O request packet (IRP) cannot be disposed of because the I/O
operation is not complete."),
+ 0xC0000017: ("STATUS_NO_MEMORY","{Not Enough Quota} Not enough virtual
memory or paging file quota is available to complete the specified operation."),
+ 0xC0000018: ("STATUS_CONFLICTING_ADDRESSES","{Conflicting Address
Range} The specified address range conflicts with the address space."),
+ 0xC0000019: ("STATUS_NOT_MAPPED_VIEW","The address range to unmap is
not a mapped view."),
+ 0xC000001A: ("STATUS_UNABLE_TO_FREE_VM","The virtual memory cannot be
freed."),
+ 0xC000001B: ("STATUS_UNABLE_TO_DELETE_SECTION","The specified section
cannot be deleted."),
+ 0xC000001C: ("STATUS_INVALID_SYSTEM_SERVICE","An invalid system
service was specified in a system service call."),
+ 0xC000001D: ("STATUS_ILLEGAL_INSTRUCTION","{EXCEPTION} Illegal
Instruction An attempt was made to execute an illegal instruction."),
+ 0xC000001E: ("STATUS_INVALID_LOCK_SEQUENCE","{Invalid Lock Sequence}
An attempt was made to execute an invalid lock sequence."),
+ 0xC000001F: ("STATUS_INVALID_VIEW_SIZE","{Invalid Mapping} An attempt
was made to create a view for a section that is bigger than the section."),
+ 0xC0000020: ("STATUS_INVALID_FILE_FOR_SECTION","{Bad File} The
attributes of the specified mapping file for a section of memory cannot be
read."),
+ 0xC0000021: ("STATUS_ALREADY_COMMITTED","{Already Committed} The
specified address range is already committed."),
+ 0xC0000022: ("STATUS_ACCESS_DENIED","{Access Denied} A process has
requested access to an object but has not been granted those access rights."),
+ 0xC0000023: ("STATUS_BUFFER_TOO_SMALL","{Buffer Too Small} The buffer
is too small to contain the entry. No information has been written to the
buffer."),
+ 0xC0000024: ("STATUS_OBJECT_TYPE_MISMATCH","{Wrong Type} There is a
mismatch between the type of object that is required by the requested operation
and the type of object that is specified in the request."),
+ 0xC0000025: ("STATUS_NONCONTINUABLE_EXCEPTION","{EXCEPTION} Cannot
Continue Windows cannot continue from this exception."),
+ 0xC0000026: ("STATUS_INVALID_DISPOSITION","An invalid exception
disposition was returned by an exception handler."),
+ 0xC0000027: ("STATUS_UNWIND","Unwind exception code."),
+ 0xC0000028: ("STATUS_BAD_STACK","An invalid or unaligned stack was
encountered during an unwind operation."),
+ 0xC0000029: ("STATUS_INVALID_UNWIND_TARGET","An invalid unwind target
was encountered during an unwind operation."),
+ 0xC000002A: ("STATUS_NOT_LOCKED","An attempt was made to unlock a page
of memory that was not locked."),
+ 0xC000002B: ("STATUS_PARITY_ERROR","A device parity error on an I/O
operation."),
+ 0xC000002C: ("STATUS_UNABLE_TO_DECOMMIT_VM","An attempt was made to
decommit uncommitted virtual memory."),
+ 0xC000002D: ("STATUS_NOT_COMMITTED","An attempt was made to change the
attributes on memory that has not been committed."),
+ 0xC000002E: ("STATUS_INVALID_PORT_ATTRIBUTES","Invalid object
attributes specified to NtCreatePort or invalid port attributes specified to
NtConnectPort."),
+ 0xC000002F: ("STATUS_PORT_MESSAGE_TOO_LONG","The length of the message
that was passed to NtRequestPort or NtRequestWaitReplyPort is longer than the
maximum message that is allowed by the port."),
+ 0xC0000030: ("STATUS_INVALID_PARAMETER_MIX","An invalid combination of
parameters was specified."),
+ 0xC0000031: ("STATUS_INVALID_QUOTA_LOWER","An attempt was made to
lower a quota limit below the current usage."),
+ 0xC0000032: ("STATUS_DISK_CORRUPT_ERROR","{Corrupt Disk} The file
system structure on the disk is corrupt and unusable. Run the Chkdsk utility on
the volume %hs."),
+ 0xC0000033: ("STATUS_OBJECT_NAME_INVALID","The object name is
invalid."),
+ 0xC0000034: ("STATUS_OBJECT_NAME_NOT_FOUND","The object name is not
found."),
+ 0xC0000035: ("STATUS_OBJECT_NAME_COLLISION","The object name already
exists."),
+ 0xC0000037: ("STATUS_PORT_DISCONNECTED","An attempt was made to send a
message to a disconnected communication port."),
+ 0xC0000038: ("STATUS_DEVICE_ALREADY_ATTACHED","An attempt was made to
attach to a device that was already attached to another device."),
+ 0xC0000039: ("STATUS_OBJECT_PATH_INVALID","The object path component
was not a directory object."),
+ 0xC000003A: ("STATUS_OBJECT_PATH_NOT_FOUND","{Path Not Found} The path
%hs does not exist."),
+ 0xC000003B: ("STATUS_OBJECT_PATH_SYNTAX_BAD","The object path
component was not a directory object."),
+ 0xC000003C: ("STATUS_DATA_OVERRUN","{Data Overrun} A data overrun
error occurred."),
+ 0xC000003D: ("STATUS_DATA_LATE_ERROR","{Data Late} A data late error
occurred."),
+ 0xC000003E: ("STATUS_DATA_ERROR","{Data Error} An error occurred in
reading or writing data."),
+ 0xC000003F: ("STATUS_CRC_ERROR","{Bad CRC} A cyclic redundancy check
(CRC) checksum error occurred."),
+ 0xC0000040: ("STATUS_SECTION_TOO_BIG","{Section Too Large} The
specified section is too big to map the file."),
+ 0xC0000041: ("STATUS_PORT_CONNECTION_REFUSED","The NtConnectPort
request is refused."),
+ 0xC0000042: ("STATUS_INVALID_PORT_HANDLE","The type of port handle is
invalid for the operation that is requested."),
+ 0xC0000043: ("STATUS_SHARING_VIOLATION","A file cannot be opened
because the share access flags are incompatible."),
+ 0xC0000044: ("STATUS_QUOTA_EXCEEDED","Insufficient quota exists to
complete the operation."),
+ 0xC0000045: ("STATUS_INVALID_PAGE_PROTECTION","The specified page
protection was not valid."),
+ 0xC0000046: ("STATUS_MUTANT_NOT_OWNED","An attempt to release a mutant
object was made by a thread that was not the owner of the mutant object."),
+ 0xC0000047: ("STATUS_SEMAPHORE_LIMIT_EXCEEDED","An attempt was made to
release a semaphore such that its maximum count would have been exceeded."),
+ 0xC0000048: ("STATUS_PORT_ALREADY_SET","An attempt was made to set the
DebugPort or ExceptionPort of a process, but a port already exists in the
process, or an attempt was made to set the CompletionPort of a file but a port
was already set in the file, or an attempt was made to set the associated
completion port of an ALPC port but it is already set."),
+ 0xC0000049: ("STATUS_SECTION_NOT_IMAGE","An attempt was made to query
image information on a section that does not map an image."),
+ 0xC000004A: ("STATUS_SUSPEND_COUNT_EXCEEDED","An attempt was made to
suspend a thread whose suspend count was at its maximum."),
+ 0xC000004B: ("STATUS_THREAD_IS_TERMINATING","An attempt was made to
suspend a thread that has begun termination."),
+ 0xC000004C: ("STATUS_BAD_WORKING_SET_LIMIT","An attempt was made to
set the working set limit to an invalid value (for example, the minimum greater
than maximum)."),
+ 0xC000004D: ("STATUS_INCOMPATIBLE_FILE_MAP","A section was created to
map a file that is not compatible with an already existing section that maps
the same file."),
+ 0xC000004E: ("STATUS_SECTION_PROTECTION","A view to a section
specifies a protection that is incompatible with the protection of the initial
view."),
+ 0xC000004F: ("STATUS_EAS_NOT_SUPPORTED","An operation involving EAs
failed because the file system does not support EAs."),
+ 0xC0000050: ("STATUS_EA_TOO_LARGE","An EA operation failed because the
EA set is too large."),
+ 0xC0000051: ("STATUS_NONEXISTENT_EA_ENTRY","An EA operation failed
because the name or EA index is invalid."),
+ 0xC0000052: ("STATUS_NO_EAS_ON_FILE","The file for which EAs were
requested has no EAs."),
+ 0xC0000053: ("STATUS_EA_CORRUPT_ERROR","The EA is corrupt and cannot
be read."),
+ 0xC0000054: ("STATUS_FILE_LOCK_CONFLICT","A requested read/write
cannot be granted due to a conflicting file lock."),
+ 0xC0000055: ("STATUS_LOCK_NOT_GRANTED","A requested file lock cannot
be granted due to other existing locks."),
+ 0xC0000056: ("STATUS_DELETE_PENDING","A non-close operation has been
requested of a file object that has a delete pending."),
+ 0xC0000057: ("STATUS_CTL_FILE_NOT_SUPPORTED","An attempt was made to
set the control attribute on a file. This attribute is not supported in the
destination file system."),
+ 0xC0000058: ("STATUS_UNKNOWN_REVISION","Indicates a revision number
that was encountered or specified is not one that is known by the service. It
may be a more recent revision than the service is aware of."),
+ 0xC0000059: ("STATUS_REVISION_MISMATCH","Indicates that two revision
levels are incompatible."),
+ 0xC000005A: ("STATUS_INVALID_OWNER","Indicates a particular security
ID may not be assigned as the owner of an object."),
+ 0xC000005B: ("STATUS_INVALID_PRIMARY_GROUP","Indicates a particular
security ID may not be assigned as the primary group of an object."),
+ 0xC000005C: ("STATUS_NO_IMPERSONATION_TOKEN","An attempt has been made
to operate on an impersonation token by a thread that is not currently
impersonating a client."),
+ 0xC000005D: ("STATUS_CANT_DISABLE_MANDATORY","A mandatory group may
not be disabled."),
+ 0xC000005E: ("STATUS_NO_LOGON_SERVERS","No logon servers are currently
available to service the logon request."),
+ 0xC000005F: ("STATUS_NO_SUCH_LOGON_SESSION","A specified logon session
does not exist. It may already have been terminated."),
+ 0xC0000060: ("STATUS_NO_SUCH_PRIVILEGE","A specified privilege does
not exist."),
+ 0xC0000061: ("STATUS_PRIVILEGE_NOT_HELD","A required privilege is not
held by the client."),
+ 0xC0000062: ("STATUS_INVALID_ACCOUNT_NAME","The name provided is not a
properly formed account name."),
+ 0xC0000063: ("STATUS_USER_EXISTS","The specified account already
exists."),
+ 0xC0000064: ("STATUS_NO_SUCH_USER","The specified account does not
exist."),
+ 0xC0000065: ("STATUS_GROUP_EXISTS","The specified group already
exists."),
+ 0xC0000066: ("STATUS_NO_SUCH_GROUP","The specified group does not
exist."),
+ 0xC0000067: ("STATUS_MEMBER_IN_GROUP","The specified user account is
already in the specified group account. Also used to indicate a group cannot be
deleted because it contains a member."),
+ 0xC0000068: ("STATUS_MEMBER_NOT_IN_GROUP","The specified user account
is not a member of the specified group account."),
+ 0xC0000069: ("STATUS_LAST_ADMIN","Indicates the requested operation
would disable or delete the last remaining administration account. This is not
allowed to prevent creating a situation in which the system cannot be
administrated."),
+ 0xC000006A: ("STATUS_WRONG_PASSWORD","When trying to update a
password, this return status indicates that the value provided as the current
password is not correct."),
+ 0xC000006B: ("STATUS_ILL_FORMED_PASSWORD","When trying to update a
password, this return status indicates that the value provided for the new
password contains values that are not allowed in passwords."),
+ 0xC000006C: ("STATUS_PASSWORD_RESTRICTION","When trying to update a
password, this status indicates that some password update rule has been
violated. For example, the password may not meet length criteria."),
+ 0xC000006D: ("STATUS_LOGON_FAILURE","The attempted logon is invalid.
This is either due to a bad username or authentication information."),
+ 0xC000006E: ("STATUS_ACCOUNT_RESTRICTION","Indicates a referenced user
name and authentication information are valid, but some user account
restriction has prevented successful authentication (such as time-of-day
restrictions)."),
+ 0xC000006F: ("STATUS_INVALID_LOGON_HOURS","The user account has time
restrictions and may not be logged onto at this time."),
+ 0xC0000070: ("STATUS_INVALID_WORKSTATION","The user account is
restricted so that it may not be used to log on from the source workstation."),
+ 0xC0000071: ("STATUS_PASSWORD_EXPIRED","The user account password has
expired."),
+ 0xC0000072: ("STATUS_ACCOUNT_DISABLED","The referenced account is
currently disabled and may not be logged on to."),
+ 0xC0000073: ("STATUS_NONE_MAPPED","None of the information to be
translated has been translated."),
+ 0xC0000074: ("STATUS_TOO_MANY_LUIDS_REQUESTED","The number of LUIDs
requested may not be allocated with a single allocation."),
+ 0xC0000075: ("STATUS_LUIDS_EXHAUSTED","Indicates there are no more
LUIDs to allocate."),
+ 0xC0000076: ("STATUS_INVALID_SUB_AUTHORITY","Indicates the
sub-authority value is invalid for the particular use."),
+ 0xC0000077: ("STATUS_INVALID_ACL","Indicates the ACL structure is not
valid."),
+ 0xC0000078: ("STATUS_INVALID_SID","Indicates the SID structure is not
valid."),
+ 0xC0000079: ("STATUS_INVALID_SECURITY_DESCR","Indicates the
SECURITY_DESCRIPTOR structure is not valid."),
+ 0xC000007A: ("STATUS_PROCEDURE_NOT_FOUND","Indicates the specified
procedure address cannot be found in the DLL."),
+ 0xC000007B: ("STATUS_INVALID_IMAGE_FORMAT","{Bad Image} %hs is either
not designed to run on Windows or it contains an error. Try installing the
program again using the original installation media or contact your system
administrator or the software vendor for support."),
+ 0xC000007C: ("STATUS_NO_TOKEN","An attempt was made to reference a
token that does not exist. This is typically done by referencing the token that
is associated with a thread when the thread is not impersonating a client."),
+ 0xC000007D: ("STATUS_BAD_INHERITANCE_ACL","Indicates that an attempt
to build either an inherited ACL or ACE was not successful. This can be caused
by a number of things. One of the more probable causes is the replacement of a
CreatorId with a SID that did not fit into the ACE or ACL."),
+ 0xC000007E: ("STATUS_RANGE_NOT_LOCKED","The range specified in
NtUnlockFile was not locked."),
+ 0xC000007F: ("STATUS_DISK_FULL","An operation failed because the disk
was full."),
+ 0xC0000080: ("STATUS_SERVER_DISABLED","The GUID allocation server is
disabled at the moment."),
+ 0xC0000081: ("STATUS_SERVER_NOT_DISABLED","The GUID allocation server
is enabled at the moment."),
+ 0xC0000082: ("STATUS_TOO_MANY_GUIDS_REQUESTED","Too many GUIDs were
requested from the allocation server at once."),
+ 0xC0000083: ("STATUS_GUIDS_EXHAUSTED","The GUIDs could not be
allocated because the Authority Agent was exhausted."),
+ 0xC0000084: ("STATUS_INVALID_ID_AUTHORITY","The value provided was an
invalid value for an identifier authority."),
+ 0xC0000085: ("STATUS_AGENTS_EXHAUSTED","No more authority agent values
are available for the particular identifier authority value."),
+ 0xC0000086: ("STATUS_INVALID_VOLUME_LABEL","An invalid volume label
has been specified."),
+ 0xC0000087: ("STATUS_SECTION_NOT_EXTENDED","A mapped section could not
be extended."),
+ 0xC0000088: ("STATUS_NOT_MAPPED_DATA","Specified section to flush does
not map a data file."),
+ 0xC0000089: ("STATUS_RESOURCE_DATA_NOT_FOUND","Indicates the specified
image file did not contain a resource section."),
+ 0xC000008A: ("STATUS_RESOURCE_TYPE_NOT_FOUND","Indicates the specified
resource type cannot be found in the image file."),
+ 0xC000008B: ("STATUS_RESOURCE_NAME_NOT_FOUND","Indicates the specified
resource name cannot be found in the image file."),
+ 0xC000008C: ("STATUS_ARRAY_BOUNDS_EXCEEDED","{EXCEPTION} Array bounds
exceeded."),
+ 0xC000008D: ("STATUS_FLOAT_DENORMAL_OPERAND","{EXCEPTION}
Floating-point denormal operand."),
+ 0xC000008E: ("STATUS_FLOAT_DIVIDE_BY_ZERO","{EXCEPTION} Floating-point
division by zero."),
+ 0xC000008F: ("STATUS_FLOAT_INEXACT_RESULT","{EXCEPTION} Floating-point
inexact result."),
+ 0xC0000090: ("STATUS_FLOAT_INVALID_OPERATION","{EXCEPTION}
Floating-point invalid operation."),
+ 0xC0000091: ("STATUS_FLOAT_OVERFLOW","{EXCEPTION} Floating-point
overflow."),
+ 0xC0000092: ("STATUS_FLOAT_STACK_CHECK","{EXCEPTION} Floating-point
stack check."),
+ 0xC0000093: ("STATUS_FLOAT_UNDERFLOW","{EXCEPTION} Floating-point
underflow."),
+ 0xC0000094: ("STATUS_INTEGER_DIVIDE_BY_ZERO","{EXCEPTION} Integer
division by zero."),
+ 0xC0000095: ("STATUS_INTEGER_OVERFLOW","{EXCEPTION} Integer
overflow."),
+ 0xC0000096: ("STATUS_PRIVILEGED_INSTRUCTION","{EXCEPTION} Privileged
instruction."),
+ 0xC0000097: ("STATUS_TOO_MANY_PAGING_FILES","An attempt was made to
install more paging files than the system supports."),
+ 0xC0000098: ("STATUS_FILE_INVALID","The volume for a file has been
externally altered such that the opened file is no longer valid."),
+ 0xC0000099: ("STATUS_ALLOTTED_SPACE_EXCEEDED","When a block of memory
is allotted for future updates, such as the memory allocated to hold
discretionary access control and primary group information, successive updates
may exceed the amount of memory originally allotted. Because a quota may
already have been charged to several processes that have handles to the object,
it is not reasonable to alter the size of the allocated memory. Instead, a
request that requires more memory than [...]
+ 0xC000009A: ("STATUS_INSUFFICIENT_RESOURCES","Insufficient system
resources exist to complete the API."),
+ 0xC000009B: ("STATUS_DFS_EXIT_PATH_FOUND","An attempt has been made to
open a DFS exit path control file."),
+ 0xC000009C: ("STATUS_DEVICE_DATA_ERROR","There are bad blocks
(sectors) on the hard disk."),
+ 0xC000009D: ("STATUS_DEVICE_NOT_CONNECTED","There is bad cabling,
non-termination, or the controller is not able to obtain access to the hard
disk."),
+ 0xC000009F: ("STATUS_FREE_VM_NOT_AT_BASE","Virtual memory cannot be
freed because the base address is not the base of the region and a region size
of zero was specified."),
+ 0xC00000A0: ("STATUS_MEMORY_NOT_ALLOCATED","An attempt was made to
free virtual memory that is not allocated."),
+ 0xC00000A1: ("STATUS_WORKING_SET_QUOTA","The working set is not big
enough to allow the requested pages to be locked."),
+ 0xC00000A2: ("STATUS_MEDIA_WRITE_PROTECTED","{Write Protect Error} The
disk cannot be written to because it is write-protected. Remove the write
protection from the volume %hs in drive %hs."),
+ 0xC00000A3: ("STATUS_DEVICE_NOT_READY","{Drive Not Ready} The drive is
not ready for use; its door may be open. Check drive %hs and make sure that a
disk is inserted and that the drive door is closed."),
+ 0xC00000A4: ("STATUS_INVALID_GROUP_ATTRIBUTES","The specified
attributes are invalid or are incompatible with the attributes for the group as
a whole."),
+ 0xC00000A5: ("STATUS_BAD_IMPERSONATION_LEVEL","A specified
impersonation level is invalid. Also used to indicate that a required
impersonation level was not provided."),
+ 0xC00000A6: ("STATUS_CANT_OPEN_ANONYMOUS","An attempt was made to open
an anonymous-level token. Anonymous tokens may not be opened."),
+ 0xC00000A7: ("STATUS_BAD_VALIDATION_CLASS","The validation information
class requested was invalid."),
+ 0xC00000A8: ("STATUS_BAD_TOKEN_TYPE","The type of a token object is
inappropriate for its attempted use."),
+ 0xC00000A9: ("STATUS_BAD_MASTER_BOOT_RECORD","The type of a token
object is inappropriate for its attempted use."),
+ 0xC00000AA: ("STATUS_INSTRUCTION_MISALIGNMENT","An attempt was made to
execute an instruction at an unaligned address and the host system does not
support unaligned instruction references."),
+ 0xC00000AB: ("STATUS_INSTANCE_NOT_AVAILABLE","The maximum named pipe
instance count has been reached."),
+ 0xC00000AC: ("STATUS_PIPE_NOT_AVAILABLE","An instance of a named pipe
cannot be found in the listening state."),
+ 0xC00000AD: ("STATUS_INVALID_PIPE_STATE","The named pipe is not in the
connected or closing state."),
+ 0xC00000AE: ("STATUS_PIPE_BUSY","The specified pipe is set to complete
operations and there are current I/O operations queued so that it cannot be
changed to queue operations."),
+ 0xC00000AF: ("STATUS_ILLEGAL_FUNCTION","The specified handle is not
open to the server end of the named pipe."),
+ 0xC00000B0: ("STATUS_PIPE_DISCONNECTED","The specified named pipe is
in the disconnected state."),
+ 0xC00000B1: ("STATUS_PIPE_CLOSING","The specified named pipe is in the
closing state."),
+ 0xC00000B2: ("STATUS_PIPE_CONNECTED","The specified named pipe is in
the connected state."),
+ 0xC00000B3: ("STATUS_PIPE_LISTENING","The specified named pipe is in
the listening state."),
+ 0xC00000B4: ("STATUS_INVALID_READ_MODE","The specified named pipe is
not in message mode."),
+ 0xC00000B5: ("STATUS_IO_TIMEOUT","{Device Timeout} The specified I/O
operation on %hs was not completed before the time-out period expired."),
+ 0xC00000B6: ("STATUS_FILE_FORCED_CLOSED","The specified file has been
closed by another process."),
+ 0xC00000B7: ("STATUS_PROFILING_NOT_STARTED","Profiling is not
started."),
+ 0xC00000B8: ("STATUS_PROFILING_NOT_STOPPED","Profiling is not
stopped."),
+ 0xC00000B9: ("STATUS_COULD_NOT_INTERPRET","The passed ACL did not
contain the minimum required information."),
+ 0xC00000BA: ("STATUS_FILE_IS_A_DIRECTORY","The file that was specified
as a target is a directory, and the caller specified that it could be anything
but a directory."),
+ 0xC00000BB: ("STATUS_NOT_SUPPORTED","The request is not supported."),
+ 0xC00000BC: ("STATUS_REMOTE_NOT_LISTENING","This remote computer is
not listening."),
+ 0xC00000BD: ("STATUS_DUPLICATE_NAME","A duplicate name exists on the
network."),
+ 0xC00000BE: ("STATUS_BAD_NETWORK_PATH","The network path cannot be
located."),
+ 0xC00000BF: ("STATUS_NETWORK_BUSY","The network is busy."),
+ 0xC00000C0: ("STATUS_DEVICE_DOES_NOT_EXIST","This device does not
exist."),
+ 0xC00000C1: ("STATUS_TOO_MANY_COMMANDS","The network BIOS command
limit has been reached."),
+ 0xC00000C2: ("STATUS_ADAPTER_HARDWARE_ERROR","An I/O adapter hardware
error has occurred."),
+ 0xC00000C3: ("STATUS_INVALID_NETWORK_RESPONSE","The network responded
incorrectly."),
+ 0xC00000C4: ("STATUS_UNEXPECTED_NETWORK_ERROR","An unexpected network
error occurred."),
+ 0xC00000C5: ("STATUS_BAD_REMOTE_ADAPTER","The remote adapter is not
compatible."),
+ 0xC00000C6: ("STATUS_PRINT_QUEUE_FULL","The print queue is full."),
+ 0xC00000C7: ("STATUS_NO_SPOOL_SPACE","Space to store the file that is
waiting to be printed is not available on the server."),
+ 0xC00000C8: ("STATUS_PRINT_CANCELLED","The requested print file has
been canceled."),
+ 0xC00000C9: ("STATUS_NETWORK_NAME_DELETED","The network name was
deleted."),
+ 0xC00000CA: ("STATUS_NETWORK_ACCESS_DENIED","Network access is
denied."),
+ 0xC00000CB: ("STATUS_BAD_DEVICE_TYPE","{Incorrect Network Resource
Type} The specified device type (LPT, for example) conflicts with the actual
device type on the remote resource."),
+ 0xC00000CC: ("STATUS_BAD_NETWORK_NAME","{Network Name Not Found} The
specified share name cannot be found on the remote server."),
+ 0xC00000CD: ("STATUS_TOO_MANY_NAMES","The name limit for the network
adapter card of the local computer was exceeded."),
+ 0xC00000CE: ("STATUS_TOO_MANY_SESSIONS","The network BIOS session
limit was exceeded."),
+ 0xC00000CF: ("STATUS_SHARING_PAUSED","File sharing has been
temporarily paused."),
+ 0xC00000D0: ("STATUS_REQUEST_NOT_ACCEPTED","No more connections can be
made to this remote computer at this time because the computer has already
accepted the maximum number of connections."),
+ 0xC00000D1: ("STATUS_REDIRECTOR_PAUSED","Print or disk redirection is
temporarily paused."),
+ 0xC00000D2: ("STATUS_NET_WRITE_FAULT","A network data fault
occurred."),
+ 0xC00000D3: ("STATUS_PROFILING_AT_LIMIT","The number of active
profiling objects is at the maximum and no more may be started."),
+ 0xC00000D4: ("STATUS_NOT_SAME_DEVICE","{Incorrect Volume} The
destination file of a rename request is located on a different device than the
source of the rename request."),
+ 0xC00000D5: ("STATUS_FILE_RENAMED","The specified file has been
renamed and thus cannot be modified."),
+ 0xC00000D6: ("STATUS_VIRTUAL_CIRCUIT_CLOSED","{Network Request
Timeout} The session with a remote server has been disconnected because the
time-out interval for a request has expired."),
+ 0xC00000D7: ("STATUS_NO_SECURITY_ON_OBJECT","Indicates an attempt was
made to operate on the security of an object that does not have security
associated with it."),
+ 0xC00000D8: ("STATUS_CANT_WAIT","Used to indicate that an operation
cannot continue without blocking for I/O."),
+ 0xC00000D9: ("STATUS_PIPE_EMPTY","Used to indicate that a read
operation was done on an empty pipe."),
+ 0xC00000DA: ("STATUS_CANT_ACCESS_DOMAIN_INFO","Configuration
information could not be read from the domain controller, either because the
machine is unavailable or access has been denied."),
+ 0xC00000DB: ("STATUS_CANT_TERMINATE_SELF","Indicates that a thread
attempted to terminate itself by default (called NtTerminateThread with NULL)
and it was the last thread in the current process."),
+ 0xC00000DC: ("STATUS_INVALID_SERVER_STATE","Indicates the Sam Server
was in the wrong state to perform the desired operation."),
+ 0xC00000DD: ("STATUS_INVALID_DOMAIN_STATE","Indicates the domain was
in the wrong state to perform the desired operation."),
+ 0xC00000DE: ("STATUS_INVALID_DOMAIN_ROLE","This operation is only
allowed for the primary domain controller of the domain."),
+ 0xC00000DF: ("STATUS_NO_SUCH_DOMAIN","The specified domain did not
exist."),
+ 0xC00000E0: ("STATUS_DOMAIN_EXISTS","The specified domain already
exists."),
+ 0xC00000E1: ("STATUS_DOMAIN_LIMIT_EXCEEDED","An attempt was made to
exceed the limit on the number of domains per server for this release."),
+ 0xC00000E2: ("STATUS_OPLOCK_NOT_GRANTED","An error status returned
when the opportunistic lock (oplock) request is denied."),
+ 0xC00000E3: ("STATUS_INVALID_OPLOCK_PROTOCOL","An error status
returned when an invalid opportunistic lock (oplock) acknowledgment is received
by a file system."),
+ 0xC00000E4: ("STATUS_INTERNAL_DB_CORRUPTION","This error indicates
that the requested operation cannot be completed due to a catastrophic media
failure or an on-disk data structure corruption."),
+ 0xC00000E5: ("STATUS_INTERNAL_ERROR","An internal error occurred."),
+ 0xC00000E6: ("STATUS_GENERIC_NOT_MAPPED","Indicates generic access
types were contained in an access mask which should already be mapped to
non-generic access types."),
+ 0xC00000E7: ("STATUS_BAD_DESCRIPTOR_FORMAT","Indicates a security
descriptor is not in the necessary format (absolute or self-relative)."),
+ 0xC00000E8: ("STATUS_INVALID_USER_BUFFER","An access to a user buffer
failed at an expected point in time. This code is defined because the caller
does not want to accept STATUS_ACCESS_VIOLATION in its filter."),
+ 0xC00000E9: ("STATUS_UNEXPECTED_IO_ERROR","If an I/O error that is not
defined in the standard FsRtl filter is returned, it is converted to the
following error, which is guaranteed to be in the filter. In this case,
information is lost; however, the filter correctly handles the exception."),
+ 0xC00000EA: ("STATUS_UNEXPECTED_MM_CREATE_ERR","If an MM error that is
not defined in the standard FsRtl filter is returned, it is converted to one of
the following errors, which are guaranteed to be in the filter. In this case,
information is lost; however, the filter correctly handles the exception."),
+ 0xC00000EB: ("STATUS_UNEXPECTED_MM_MAP_ERROR","If an MM error that is
not defined in the standard FsRtl filter is returned, it is converted to one of
the following errors, which are guaranteed to be in the filter. In this case,
information is lost; however, the filter correctly handles the exception."),
+ 0xC00000EC: ("STATUS_UNEXPECTED_MM_EXTEND_ERR","If an MM error that is
not defined in the standard FsRtl filter is returned, it is converted to one of
the following errors, which are guaranteed to be in the filter. In this case,
information is lost; however, the filter correctly handles the exception."),
+ 0xC00000ED: ("STATUS_NOT_LOGON_PROCESS","The requested action is
restricted for use by logon processes only. The calling process has not
registered as a logon process."),
+ 0xC00000EE: ("STATUS_LOGON_SESSION_EXISTS","An attempt has been made
to start a new session manager or LSA logon session by using an ID that is
already in use."),
+ 0xC00000EF: ("STATUS_INVALID_PARAMETER_1","An invalid parameter was
passed to a service or function as the first argument."),
+ 0xC00000F0: ("STATUS_INVALID_PARAMETER_2","An invalid parameter was
passed to a service or function as the second argument."),
+ 0xC00000F1: ("STATUS_INVALID_PARAMETER_3","An invalid parameter was
passed to a service or function as the third argument."),
+ 0xC00000F2: ("STATUS_INVALID_PARAMETER_4","An invalid parameter was
passed to a service or function as the fourth argument."),
+ 0xC00000F3: ("STATUS_INVALID_PARAMETER_5","An invalid parameter was
passed to a service or function as the fifth argument."),
+ 0xC00000F4: ("STATUS_INVALID_PARAMETER_6","An invalid parameter was
passed to a service or function as the sixth argument."),
+ 0xC00000F5: ("STATUS_INVALID_PARAMETER_7","An invalid parameter was
passed to a service or function as the seventh argument."),
+ 0xC00000F6: ("STATUS_INVALID_PARAMETER_8","An invalid parameter was
passed to a service or function as the eighth argument."),
+ 0xC00000F7: ("STATUS_INVALID_PARAMETER_9","An invalid parameter was
passed to a service or function as the ninth argument."),
+ 0xC00000F8: ("STATUS_INVALID_PARAMETER_10","An invalid parameter was
passed to a service or function as the tenth argument."),
+ 0xC00000F9: ("STATUS_INVALID_PARAMETER_11","An invalid parameter was
passed to a service or function as the eleventh argument."),
+ 0xC00000FA: ("STATUS_INVALID_PARAMETER_12","An invalid parameter was
passed to a service or function as the twelfth argument."),
+ 0xC00000FB: ("STATUS_REDIRECTOR_NOT_STARTED","An attempt was made to
access a network file, but the network software was not yet started."),
+ 0xC00000FC: ("STATUS_REDIRECTOR_STARTED","An attempt was made to start
the redirector, but the redirector has already been started."),
+ 0xC00000FD: ("STATUS_STACK_OVERFLOW","A new guard page for the stack
cannot be created."),
+ 0xC00000FE: ("STATUS_NO_SUCH_PACKAGE","A specified authentication
package is unknown."),
+ 0xC00000FF: ("STATUS_BAD_FUNCTION_TABLE","A malformed function table
was encountered during an unwind operation."),
+ 0xC0000100: ("STATUS_VARIABLE_NOT_FOUND","Indicates the specified
environment variable name was not found in the specified environment block."),
+ 0xC0000101: ("STATUS_DIRECTORY_NOT_EMPTY","Indicates that the
directory trying to be deleted is not empty."),
+ 0xC0000102: ("STATUS_FILE_CORRUPT_ERROR","{Corrupt File} The file or
directory %hs is corrupt and unreadable. Run the Chkdsk utility."),
+ 0xC0000103: ("STATUS_NOT_A_DIRECTORY","A requested opened file is not
a directory."),
+ 0xC0000104: ("STATUS_BAD_LOGON_SESSION_STATE","The logon session is
not in a state that is consistent with the requested operation."),
+ 0xC0000105: ("STATUS_LOGON_SESSION_COLLISION","An internal LSA error
has occurred. An authentication package has requested the creation of a logon
session but the ID of an already existing logon session has been specified."),
+ 0xC0000106: ("STATUS_NAME_TOO_LONG","A specified name string is too
long for its intended use."),
+ 0xC0000107: ("STATUS_FILES_OPEN","The user attempted to force close
the files on a redirected drive, but there were opened files on the drive, and
the user did not specify a sufficient level of force."),
+ 0xC0000108: ("STATUS_CONNECTION_IN_USE","The user attempted to force
close the files on a redirected drive, but there were opened directories on the
drive, and the user did not specify a sufficient level of force."),
+ 0xC0000109: ("STATUS_MESSAGE_NOT_FOUND","RtlFindMessage could not
locate the requested message ID in the message table resource."),
+ 0xC000010A: ("STATUS_PROCESS_IS_TERMINATING","An attempt was made to
duplicate an object handle into or out of an exiting process."),
+ 0xC000010B: ("STATUS_INVALID_LOGON_TYPE","Indicates an invalid value
has been provided for the LogonType requested."),
+ 0xC000010C: ("STATUS_NO_GUID_TRANSLATION","Indicates that an attempt
was made to assign protection to a file system file or directory and one of the
SIDs in the security descriptor could not be translated into a GUID that could
be stored by the file system. This causes the protection attempt to fail, which
may cause a file creation attempt to fail."),
+ 0xC000010D: ("STATUS_CANNOT_IMPERSONATE","Indicates that an attempt
has been made to impersonate via a named pipe that has not yet been read
from."),
+ 0xC000010E: ("STATUS_IMAGE_ALREADY_LOADED","Indicates that the
specified image is already loaded."),
+ 0xC0000117: ("STATUS_NO_LDT","Indicates that an attempt was made to
change the size of the LDT for a process that has no LDT."),
+ 0xC0000118: ("STATUS_INVALID_LDT_SIZE","Indicates that an attempt was
made to grow an LDT by setting its size, or that the size was not an even
number of selectors."),
+ 0xC0000119: ("STATUS_INVALID_LDT_OFFSET","Indicates that the starting
value for the LDT information was not an integral multiple of the selector
size."),
+ 0xC000011A: ("STATUS_INVALID_LDT_DESCRIPTOR","Indicates that the user
supplied an invalid descriptor when trying to set up LDT descriptors."),
+ 0xC000011B: ("STATUS_INVALID_IMAGE_NE_FORMAT","The specified image
file did not have the correct format. It appears to be NE format."),
+ 0xC000011C: ("STATUS_RXACT_INVALID_STATE","Indicates that the
transaction state of a registry subtree is incompatible with the requested
operation. For example, a request has been made to start a new transaction with
one already in progress, or a request has been made to apply a transaction when
one is not currently in progress."),
+ 0xC000011D: ("STATUS_RXACT_COMMIT_FAILURE","Indicates an error has
occurred during a registry transaction commit. The database has been left in an
unknown, but probably inconsistent, state. The state of the registry
transaction is left as COMMITTING."),
+ 0xC000011E: ("STATUS_MAPPED_FILE_SIZE_ZERO","An attempt was made to
map a file of size zero with the maximum size specified as zero."),
+ 0xC000011F: ("STATUS_TOO_MANY_OPENED_FILES","Too many files are opened
on a remote server. This error should only be returned by the Windows
redirector on a remote drive."),
+ 0xC0000120: ("STATUS_CANCELLED","The I/O request was canceled."),
+ 0xC0000121: ("STATUS_CANNOT_DELETE","An attempt has been made to
remove a file or directory that cannot be deleted."),
+ 0xC0000122: ("STATUS_INVALID_COMPUTER_NAME","Indicates a name that was
specified as a remote computer name is syntactically invalid."),
+ 0xC0000123: ("STATUS_FILE_DELETED","An I/O request other than close
was performed on a file after it was deleted, which can only happen to a
request that did not complete before the last handle was closed via NtClose."),
+ 0xC0000124: ("STATUS_SPECIAL_ACCOUNT","Indicates an operation that is
incompatible with built-in accounts has been attempted on a built-in (special)
SAM account. For example, built-in accounts cannot be deleted."),
+ 0xC0000125: ("STATUS_SPECIAL_GROUP","The operation requested may not
be performed on the specified group because it is a built-in special group."),
+ 0xC0000126: ("STATUS_SPECIAL_USER","The operation requested may not be
performed on the specified user because it is a built-in special user."),
+ 0xC0000127: ("STATUS_MEMBERS_PRIMARY_GROUP","Indicates a member cannot
be removed from a group because the group is currently the member's primary
group."),
+ 0xC0000128: ("STATUS_FILE_CLOSED","An I/O request other than close and
several other special case operations was attempted using a file object that
had already been closed."),
+ 0xC0000129: ("STATUS_TOO_MANY_THREADS","Indicates a process has too
many threads to perform the requested action. For example, assignment of a
primary token may only be performed when a process has zero or one threads."),
+ 0xC000012A: ("STATUS_THREAD_NOT_IN_PROCESS","An attempt was made to
operate on a thread within a specific process, but the specified thread is not
in the specified process."),
+ 0xC000012B: ("STATUS_TOKEN_ALREADY_IN_USE","An attempt was made to
establish a token for use as a primary token but the token is already in use. A
token can only be the primary token of one process at a time."),
+ 0xC000012C: ("STATUS_PAGEFILE_QUOTA_EXCEEDED","The page file quota was
exceeded."),
+ 0xC000012D: ("STATUS_COMMITMENT_LIMIT","{Out of Virtual Memory} Your
system is low on virtual memory. To ensure that Windows runs correctly,
increase the size of your virtual memory paging file. For more information, see
Help."),
+ 0xC000012E: ("STATUS_INVALID_IMAGE_LE_FORMAT","The specified image
file did not have the correct format: it appears to be LE format."),
+ 0xC000012F: ("STATUS_INVALID_IMAGE_NOT_MZ","The specified image file
did not have the correct format: it did not have an initial MZ."),
+ 0xC0000130: ("STATUS_INVALID_IMAGE_PROTECT","The specified image file
did not have the correct format: it did not have a proper e_lfarlc in the MZ
header."),
+ 0xC0000131: ("STATUS_INVALID_IMAGE_WIN_16","The specified image file
did not have the correct format: it appears to be a 16-bit Windows image."),
+ 0xC0000132: ("STATUS_LOGON_SERVER_CONFLICT","The Netlogon service
cannot start because another Netlogon service running in the domain conflicts
with the specified role."),
+ 0xC0000133: ("STATUS_TIME_DIFFERENCE_AT_DC","The time at the primary
domain controller is different from the time at the backup domain controller or
member server by too large an amount."),
+ 0xC0000134: ("STATUS_SYNCHRONIZATION_REQUIRED","The SAM database on a
Windows Server is significantly out of synchronization with the copy on the
domain controller. A complete synchronization is required."),
+ 0xC0000135: ("STATUS_DLL_NOT_FOUND","{Unable To Locate Component} This
application has failed to start because %hs was not found. Reinstalling the
application may fix this problem."),
+ 0xC0000136: ("STATUS_OPEN_FAILED","The NtCreateFile API failed. This
error should never be returned to an application; it is a place holder for the
Windows LAN Manager Redirector to use in its internal error-mapping routines."),
+ 0xC0000137: ("STATUS_IO_PRIVILEGE_FAILED","{Privilege Failed} The I/O
permissions for the process could not be changed."),
+ 0xC0000138: ("STATUS_ORDINAL_NOT_FOUND","{Ordinal Not Found} The
ordinal %ld could not be located in the dynamic link library %hs."),
+ 0xC0000139: ("STATUS_ENTRYPOINT_NOT_FOUND","{Entry Point Not Found}
The procedure entry point %hs could not be located in the dynamic link library
%hs."),
+ 0xC000013A: ("STATUS_CONTROL_C_EXIT","{Application Exit by CTRL+C} The
application terminated as a result of a CTRL+C."),
+ 0xC000013B: ("STATUS_LOCAL_DISCONNECT","{Virtual Circuit Closed} The
network transport on your computer has closed a network connection. There may
or may not be I/O requests outstanding."),
+ 0xC000013C: ("STATUS_REMOTE_DISCONNECT","{Virtual Circuit Closed} The
network transport on a remote computer has closed a network connection. There
may or may not be I/O requests outstanding."),
+ 0xC000013D: ("STATUS_REMOTE_RESOURCES","{Insufficient Resources on
Remote Computer} The remote computer has insufficient resources to complete the
network request. For example, the remote computer may not have enough available
memory to carry out the request at this time."),
+ 0xC000013E: ("STATUS_LINK_FAILED","{Virtual Circuit Closed} An
existing connection (virtual circuit) has been broken at the remote computer.
There is probably something wrong with the network software protocol or the
network hardware on the remote computer."),
+ 0xC000013F: ("STATUS_LINK_TIMEOUT","{Virtual Circuit Closed} The
network transport on your computer has closed a network connection because it
had to wait too long for a response from the remote computer."),
+ 0xC0000140: ("STATUS_INVALID_CONNECTION","The connection handle that
was given to the transport was invalid."),
+ 0xC0000141: ("STATUS_INVALID_ADDRESS","The address handle that was
given to the transport was invalid."),
+ 0xC0000142: ("STATUS_DLL_INIT_FAILED","{DLL Initialization Failed}
Initialization of the dynamic link library %hs failed. The process is
terminating abnormally."),
+ 0xC0000143: ("STATUS_MISSING_SYSTEMFILE","{Missing System File} The
required system file %hs is bad or missing."),
+ 0xC0000144: ("STATUS_UNHANDLED_EXCEPTION","{Application Error} The
exception %s (0x%08lx) occurred in the application at location 0x%08lx."),
+ 0xC0000145: ("STATUS_APP_INIT_FAILURE","{Application Error} The
application failed to initialize properly (0x%lx). Click OK to terminate the
application."),
+ 0xC0000146: ("STATUS_PAGEFILE_CREATE_FAILED","{Unable to Create Paging
File} The creation of the paging file %hs failed (%lx). The requested size was
%ld."),
+ 0xC0000147: ("STATUS_NO_PAGEFILE","{No Paging File Specified} No
paging file was specified in the system configuration."),
+ 0xC0000148: ("STATUS_INVALID_LEVEL","{Incorrect System Call Level} An
invalid level was passed into the specified system call."),
+ 0xC0000149: ("STATUS_WRONG_PASSWORD_CORE","{Incorrect Password to LAN
Manager Server} You specified an incorrect password to a LAN Manager 2.x or
MS-NET server."),
+ 0xC000014A: ("STATUS_ILLEGAL_FLOAT_CONTEXT","{EXCEPTION} A real-mode
application issued a floating-point instruction and floating-point hardware is
not present."),
+ 0xC000014B: ("STATUS_PIPE_BROKEN","The pipe operation has failed
because the other end of the pipe has been closed."),
+ 0xC000014C: ("STATUS_REGISTRY_CORRUPT","{The Registry Is Corrupt} The
structure of one of the files that contains registry data is corrupt; the image
of the file in memory is corrupt; or the file could not be recovered because
the alternate copy or log was absent or corrupt."),
+ 0xC000014D: ("STATUS_REGISTRY_IO_FAILED","An I/O operation initiated
by the Registry failed and cannot be recovered. The registry could not read in,
write out, or flush one of the files that contain the system's image of the
registry."),
+ 0xC000014E: ("STATUS_NO_EVENT_PAIR","An event pair synchronization
operation was performed using the thread-specific client/server event pair
object, but no event pair object was associated with the thread."),
+ 0xC000014F: ("STATUS_UNRECOGNIZED_VOLUME","The volume does not contain
a recognized file system. Be sure that all required file system drivers are
loaded and that the volume is not corrupt."),
+ 0xC0000150: ("STATUS_SERIAL_NO_DEVICE_INITED","No serial device was
successfully initialized. The serial driver will unload."),
+ 0xC0000151: ("STATUS_NO_SUCH_ALIAS","The specified local group does
not exist."),
+ 0xC0000152: ("STATUS_MEMBER_NOT_IN_ALIAS","The specified account name
is not a member of the group."),
+ 0xC0000153: ("STATUS_MEMBER_IN_ALIAS","The specified account name is
already a member of the group."),
+ 0xC0000154: ("STATUS_ALIAS_EXISTS","The specified local group already
exists."),
+ 0xC0000155: ("STATUS_LOGON_NOT_GRANTED","A requested type of logon
(for example, interactive, network, and service) is not granted by the local
security policy of the target system. Ask the system administrator to grant the
necessary form of logon."),
+ 0xC0000156: ("STATUS_TOO_MANY_SECRETS","The maximum number of secrets
that may be stored in a single system was exceeded. The length and number of
secrets is limited to satisfy U.S. State Department export restrictions."),
+ 0xC0000157: ("STATUS_SECRET_TOO_LONG","The length of a secret exceeds
the maximum allowable length. The length and number of secrets is limited to
satisfy U.S. State Department export restrictions."),
+ 0xC0000158: ("STATUS_INTERNAL_DB_ERROR","The local security authority
(LSA) database contains an internal inconsistency."),
+ 0xC0000159: ("STATUS_FULLSCREEN_MODE","The requested operation cannot
be performed in full-screen mode."),
+ 0xC000015A: ("STATUS_TOO_MANY_CONTEXT_IDS","During a logon attempt,
the user's security context accumulated too many security IDs. This is a very
unusual situation. Remove the user from some global or local groups to reduce
the number of security IDs to incorporate into the security context."),
+ 0xC000015B: ("STATUS_LOGON_TYPE_NOT_GRANTED","A user has requested a
type of logon (for example, interactive or network) that has not been granted.
An administrator has control over who may logon interactively and through the
network."),
+ 0xC000015C: ("STATUS_NOT_REGISTRY_FILE","The system has attempted to
load or restore a file into the registry, and the specified file is not in the
format of a registry file."),
+ 0xC000015D: ("STATUS_NT_CROSS_ENCRYPTION_REQUIRED","An attempt was
made to change a user password in the security account manager without
providing the necessary Windows cross-encrypted password."),
+ 0xC000015E: ("STATUS_DOMAIN_CTRLR_CONFIG_ERROR","A Windows Server has
an incorrect configuration."),
+ 0xC000015F: ("STATUS_FT_MISSING_MEMBER","An attempt was made to
explicitly access the secondary copy of information via a device control to the
fault tolerance driver and the secondary copy is not present in the system."),
+ 0xC0000160: ("STATUS_ILL_FORMED_SERVICE_ENTRY","A configuration
registry node that represents a driver service entry was ill-formed and did not
contain the required value entries."),
+ 0xC0000161: ("STATUS_ILLEGAL_CHARACTER","An illegal character was
encountered. For a multibyte character set, this includes a lead byte without a
succeeding trail byte. For the Unicode character set this includes the
characters 0xFFFF and 0xFFFE."),
+ 0xC0000162: ("STATUS_UNMAPPABLE_CHARACTER","No mapping for the Unicode
character exists in the target multibyte code page."),
+ 0xC0000163: ("STATUS_UNDEFINED_CHARACTER","The Unicode character is
not defined in the Unicode character set that is installed on the system."),
+ 0xC0000164: ("STATUS_FLOPPY_VOLUME","The paging file cannot be created
on a floppy disk."),
+ 0xC0000165: ("STATUS_FLOPPY_ID_MARK_NOT_FOUND","{Floppy Disk Error}
While accessing a floppy disk, an ID address mark was not found."),
+ 0xC0000166: ("STATUS_FLOPPY_WRONG_CYLINDER","{Floppy Disk Error} While
accessing a floppy disk, the track address from the sector ID field was found
to be different from the track address that is maintained by the controller."),
+ 0xC0000167: ("STATUS_FLOPPY_UNKNOWN_ERROR","{Floppy Disk Error} The
floppy disk controller reported an error that is not recognized by the floppy
disk driver."),
+ 0xC0000168: ("STATUS_FLOPPY_BAD_REGISTERS","{Floppy Disk Error} While
accessing a floppy-disk, the controller returned inconsistent results via its
registers."),
+ 0xC0000169: ("STATUS_DISK_RECALIBRATE_FAILED","{Hard Disk Error} While
accessing the hard disk, a recalibrate operation failed, even after retries."),
+ 0xC000016A: ("STATUS_DISK_OPERATION_FAILED","{Hard Disk Error} While
accessing the hard disk, a disk operation failed even after retries."),
+ 0xC000016B: ("STATUS_DISK_RESET_FAILED","{Hard Disk Error} While
accessing the hard disk, a disk controller reset was needed, but even that
failed."),
+ 0xC000016C: ("STATUS_SHARED_IRQ_BUSY","An attempt was made to open a
device that was sharing an interrupt request (IRQ) with other devices. At least
one other device that uses that IRQ was already opened. Two concurrent opens of
devices that share an IRQ and only work via interrupts is not supported for the
particular bus type that the devices use."),
+ 0xC000016D: ("STATUS_FT_ORPHANING","{FT Orphaning} A disk that is part
of a fault-tolerant volume can no longer be accessed."),
+ 0xC000016E: ("STATUS_BIOS_FAILED_TO_CONNECT_INTERRUPT","The basic
input/output system (BIOS) failed to connect a system interrupt to the device
or bus for which the device is connected."),
+ 0xC0000172: ("STATUS_PARTITION_FAILURE","The tape could not be
partitioned."),
+ 0xC0000173: ("STATUS_INVALID_BLOCK_LENGTH","When accessing a new tape
of a multi-volume partition, the current blocksize is incorrect."),
+ 0xC0000174: ("STATUS_DEVICE_NOT_PARTITIONED","The tape partition
information could not be found when loading a tape."),
+ 0xC0000175: ("STATUS_UNABLE_TO_LOCK_MEDIA","An attempt to lock the
eject media mechanism failed."),
+ 0xC0000176: ("STATUS_UNABLE_TO_UNLOAD_MEDIA","An attempt to unload
media failed."),
+ 0xC0000177: ("STATUS_EOM_OVERFLOW","The physical end of tape was
detected."),
+ 0xC0000178: ("STATUS_NO_MEDIA","{No Media} There is no media in the
drive. Insert media into drive %hs."),
+ 0xC000017A: ("STATUS_NO_SUCH_MEMBER","A member could not be added to
or removed from the local group because the member does not exist."),
+ 0xC000017B: ("STATUS_INVALID_MEMBER","A new member could not be added
to a local group because the member has the wrong account type."),
+ 0xC000017C: ("STATUS_KEY_DELETED","An illegal operation was attempted
on a registry key that has been marked for deletion."),
+ 0xC000017D: ("STATUS_NO_LOG_SPACE","The system could not allocate the
required space in a registry log."),
+ 0xC000017E: ("STATUS_TOO_MANY_SIDS","Too many SIDs have been
specified."),
+ 0xC000017F: ("STATUS_LM_CROSS_ENCRYPTION_REQUIRED","An attempt was
made to change a user password in the security account manager without
providing the necessary LM cross-encrypted password."),
+ 0xC0000180: ("STATUS_KEY_HAS_CHILDREN","An attempt was made to create
a symbolic link in a registry key that already has subkeys or values."),
+ 0xC0000181: ("STATUS_CHILD_MUST_BE_VOLATILE","An attempt was made to
create a stable subkey under a volatile parent key."),
+ 0xC0000182: ("STATUS_DEVICE_CONFIGURATION_ERROR","The I/O device is
configured incorrectly or the configuration parameters to the driver are
incorrect."),
+ 0xC0000183: ("STATUS_DRIVER_INTERNAL_ERROR","An error was detected
between two drivers or within an I/O driver."),
+ 0xC0000184: ("STATUS_INVALID_DEVICE_STATE","The device is not in a
valid state to perform this request."),
+ 0xC0000185: ("STATUS_IO_DEVICE_ERROR","The I/O device reported an I/O
error."),
+ 0xC0000186: ("STATUS_DEVICE_PROTOCOL_ERROR","A protocol error was
detected between the driver and the device."),
+ 0xC0000187: ("STATUS_BACKUP_CONTROLLER","This operation is only
allowed for the primary domain controller of the domain."),
+ 0xC0000188: ("STATUS_LOG_FILE_FULL","The log file space is
insufficient to support this operation."),
+ 0xC0000189: ("STATUS_TOO_LATE","A write operation was attempted to a
volume after it was dismounted."),
+ 0xC000018A: ("STATUS_NO_TRUST_LSA_SECRET","The workstation does not
have a trust secret for the primary domain in the local LSA database."),
+ 0xC000018B: ("STATUS_NO_TRUST_SAM_ACCOUNT","The SAM database on the
Windows Server does not have a computer account for this workstation trust
relationship."),
+ 0xC000018C: ("STATUS_TRUSTED_DOMAIN_FAILURE","The logon request failed
because the trust relationship between the primary domain and the trusted
domain failed."),
+ 0xC000018D: ("STATUS_TRUSTED_RELATIONSHIP_FAILURE","The logon request
failed because the trust relationship between this workstation and the primary
domain failed."),
+ 0xC000018E: ("STATUS_EVENTLOG_FILE_CORRUPT","The Eventlog log file is
corrupt."),
+ 0xC000018F: ("STATUS_EVENTLOG_CANT_START","No Eventlog log file could
be opened. The Eventlog service did not start."),
+ 0xC0000190: ("STATUS_TRUST_FAILURE","The network logon failed. This
may be because the validation authority cannot be reached."),
+ 0xC0000191: ("STATUS_MUTANT_LIMIT_EXCEEDED","An attempt was made to
acquire a mutant such that its maximum count would have been exceeded."),
+ 0xC0000192: ("STATUS_NETLOGON_NOT_STARTED","An attempt was made to
logon, but the NetLogon service was not started."),
+ 0xC0000193: ("STATUS_ACCOUNT_EXPIRED","The user account has expired."),
+ 0xC0000194: ("STATUS_POSSIBLE_DEADLOCK","{EXCEPTION} Possible deadlock
condition."),
+ 0xC0000195: ("STATUS_NETWORK_CREDENTIAL_CONFLICT","Multiple
connections to a server or shared resource by the same user, using more than
one user name, are not allowed. Disconnect all previous connections to the
server or shared resource and try again."),
+ 0xC0000196: ("STATUS_REMOTE_SESSION_LIMIT","An attempt was made to
establish a session to a network server, but there are already too many
sessions established to that server."),
+ 0xC0000197: ("STATUS_EVENTLOG_FILE_CHANGED","The log file has changed
between reads."),
+ 0xC0000198: ("STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT","The account
used is an interdomain trust account. Use your global user account or local
user account to access this server."),
+ 0xC0000199: ("STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT","The account
used is a computer account. Use your global user account or local user account
to access this server."),
+ 0xC000019A: ("STATUS_NOLOGON_SERVER_TRUST_ACCOUNT","The account used
is a server trust account. Use your global user account or local user account
to access this server."),
+ 0xC000019B: ("STATUS_DOMAIN_TRUST_INCONSISTENT","The name or SID of
the specified domain is inconsistent with the trust information for that
domain."),
+ 0xC000019C: ("STATUS_FS_DRIVER_REQUIRED","A volume has been accessed
for which a file system driver is required that has not yet been loaded."),
+ 0xC000019D: ("STATUS_IMAGE_ALREADY_LOADED_AS_DLL","Indicates that the
specified image is already loaded as a DLL."),
+ 0xC000019E:
("STATUS_INCOMPATIBLE_WITH_GLOBAL_SHORT_NAME_REGISTRY_SETTING","Short name
settings may not be changed on this volume due to the global registry
setting."),
+ 0xC000019F: ("STATUS_SHORT_NAMES_NOT_ENABLED_ON_VOLUME","Short names
are not enabled on this volume."),
+ 0xC00001A0: ("STATUS_SECURITY_STREAM_IS_INCONSISTENT","The security
stream for the given volume is in an inconsistent state. Please run CHKDSK on
the volume."),
+ 0xC00001A1: ("STATUS_INVALID_LOCK_RANGE","A requested file lock
operation cannot be processed due to an invalid byte range."),
+ 0xC00001A2: ("STATUS_INVALID_ACE_CONDITION","The specified access
control entry (ACE) contains an invalid condition."),
+ 0xC00001A3: ("STATUS_IMAGE_SUBSYSTEM_NOT_PRESENT","The subsystem
needed to support the image type is not present."),
+ 0xC00001A4: ("STATUS_NOTIFICATION_GUID_ALREADY_DEFINED","The specified
file already has a notification GUID associated with it."),
+ 0xC0000201: ("STATUS_NETWORK_OPEN_RESTRICTION","A remote open failed
because the network open restrictions were not satisfied."),
+ 0xC0000202: ("STATUS_NO_USER_SESSION_KEY","There is no user session
key for the specified logon session."),
+ 0xC0000203: ("STATUS_USER_SESSION_DELETED","The remote user session
has been deleted."),
+ 0xC0000204: ("STATUS_RESOURCE_LANG_NOT_FOUND","Indicates the specified
resource language ID cannot be found in the image file."),
+ 0xC0000205: ("STATUS_INSUFF_SERVER_RESOURCES","Insufficient server
resources exist to complete the request."),
+ 0xC0000206: ("STATUS_INVALID_BUFFER_SIZE","The size of the buffer is
invalid for the specified operation."),
+ 0xC0000207: ("STATUS_INVALID_ADDRESS_COMPONENT","The transport
rejected the specified network address as invalid."),
+ 0xC0000208: ("STATUS_INVALID_ADDRESS_WILDCARD","The transport rejected
the specified network address due to invalid use of a wildcard."),
+ 0xC0000209: ("STATUS_TOO_MANY_ADDRESSES","The transport address could
not be opened because all the available addresses are in use."),
+ 0xC000020A: ("STATUS_ADDRESS_ALREADY_EXISTS","The transport address
could not be opened because it already exists."),
+ 0xC000020B: ("STATUS_ADDRESS_CLOSED","The transport address is now
closed."),
+ 0xC000020C: ("STATUS_CONNECTION_DISCONNECTED","The transport
connection is now disconnected."),
+ 0xC000020D: ("STATUS_CONNECTION_RESET","The transport connection has
been reset."),
+ 0xC000020E: ("STATUS_TOO_MANY_NODES","The transport cannot dynamically
acquire any more nodes."),
+ 0xC000020F: ("STATUS_TRANSACTION_ABORTED","The transport aborted a
pending transaction."),
+ 0xC0000210: ("STATUS_TRANSACTION_TIMED_OUT","The transport timed out a
request that is waiting for a response."),
+ 0xC0000211: ("STATUS_TRANSACTION_NO_RELEASE","The transport did not
receive a release for a pending response."),
+ 0xC0000212: ("STATUS_TRANSACTION_NO_MATCH","The transport did not find
a transaction that matches the specific token."),
+ 0xC0000213: ("STATUS_TRANSACTION_RESPONDED","The transport had
previously responded to a transaction request."),
+ 0xC0000214: ("STATUS_TRANSACTION_INVALID_ID","The transport does not
recognize the specified transaction request ID."),
+ 0xC0000215: ("STATUS_TRANSACTION_INVALID_TYPE","The transport does not
recognize the specified transaction request type."),
+ 0xC0000216: ("STATUS_NOT_SERVER_SESSION","The transport can only
process the specified request on the server side of a session."),
+ 0xC0000217: ("STATUS_NOT_CLIENT_SESSION","The transport can only
process the specified request on the client side of a session."),
+ 0xC0000218: ("STATUS_CANNOT_LOAD_REGISTRY_FILE","{Registry File
Failure} The registry cannot load the hive (file): %hs or its log or alternate.
It is corrupt, absent, or not writable."),
+ 0xC0000219: ("STATUS_DEBUG_ATTACH_FAILED","{Unexpected Failure in
DebugActiveProcess} An unexpected failure occurred while processing a
DebugActiveProcess API request. You may choose OK to terminate the process, or
Cancel to ignore the error."),
+ 0xC000021A: ("STATUS_SYSTEM_PROCESS_TERMINATED","{Fatal System Error}
The %hs system process terminated unexpectedly with a status of 0x%08x (0x%08x
0x%08x). The system has been shut down."),
+ 0xC000021B: ("STATUS_DATA_NOT_ACCEPTED","{Data Not Accepted} The TDI
client could not handle the data received during an indication."),
+ 0xC000021C: ("STATUS_NO_BROWSER_SERVERS_FOUND","{Unable to Retrieve
Browser Server List} The list of servers for this workgroup is not currently
available."),
+ 0xC000021D: ("STATUS_VDM_HARD_ERROR","NTVDM encountered a hard
error."),
+ 0xC000021E: ("STATUS_DRIVER_CANCEL_TIMEOUT","{Cancel Timeout} The
driver %hs failed to complete a canceled I/O request in the allotted time."),
+ 0xC000021F: ("STATUS_REPLY_MESSAGE_MISMATCH","{Reply Message Mismatch}
An attempt was made to reply to an LPC message, but the thread specified by the
client ID in the message was not waiting on that message."),
+ 0xC0000220: ("STATUS_MAPPED_ALIGNMENT","{Mapped View Alignment
Incorrect} An attempt was made to map a view of a file, but either the
specified base address or the offset into the file were not aligned on the
proper allocation granularity."),
+ 0xC0000221: ("STATUS_IMAGE_CHECKSUM_MISMATCH","{Bad Image Checksum}
The image %hs is possibly corrupt. The header checksum does not match the
computed checksum."),
+ 0xC0000222: ("STATUS_LOST_WRITEBEHIND_DATA","{Delayed Write Failed}
Windows was unable to save all the data for the file %hs. The data has been
lost. This error may be caused by a failure of your computer hardware or
network connection. Try to save this file elsewhere."),
+ 0xC0000223: ("STATUS_CLIENT_SERVER_PARAMETERS_INVALID","The parameters
passed to the server in the client/server shared memory window were invalid.
Too much data may have been put in the shared memory window."),
+ 0xC0000224: ("STATUS_PASSWORD_MUST_CHANGE","The user password must be
changed before logging on the first time."),
+ 0xC0000225: ("STATUS_NOT_FOUND","The object was not found."),
+ 0xC0000226: ("STATUS_NOT_TINY_STREAM","The stream is not a tiny
stream."),
+ 0xC0000227: ("STATUS_RECOVERY_FAILURE","A transaction recovery
failed."),
+ 0xC0000228: ("STATUS_STACK_OVERFLOW_READ","The request must be handled
by the stack overflow code."),
+ 0xC0000229: ("STATUS_FAIL_CHECK","A consistency check failed."),
+ 0xC000022A: ("STATUS_DUPLICATE_OBJECTID","The attempt to insert the ID
in the index failed because the ID is already in the index."),
+ 0xC000022B: ("STATUS_OBJECTID_EXISTS","The attempt to set the object
ID failed because the object already has an ID."),
+ 0xC000022C: ("STATUS_CONVERT_TO_LARGE","Internal OFS status codes
indicating how an allocation operation is handled. Either it is retried after
the containing oNode is moved or the extent stream is converted to a large
stream."),
+ 0xC000022D: ("STATUS_RETRY","The request needs to be retried."),
+ 0xC000022E: ("STATUS_FOUND_OUT_OF_SCOPE","The attempt to find the
object found an object on the volume that matches by ID; however, it is out of
the scope of the handle that is used for the operation."),
+ 0xC000022F: ("STATUS_ALLOCATE_BUCKET","The bucket array must be grown.
Retry the transaction after doing so."),
+ 0xC0000230: ("STATUS_PROPSET_NOT_FOUND","The specified property set
does not exist on the object."),
+ 0xC0000231: ("STATUS_MARSHALL_OVERFLOW","The user/kernel marshaling
buffer has overflowed."),
+ 0xC0000232: ("STATUS_INVALID_VARIANT","The supplied variant structure
contains invalid data."),
+ 0xC0000233: ("STATUS_DOMAIN_CONTROLLER_NOT_FOUND","A domain controller
for this domain was not found."),
+ 0xC0000234: ("STATUS_ACCOUNT_LOCKED_OUT","The user account has been
automatically locked because too many invalid logon attempts or password change
attempts have been requested."),
+ 0xC0000235: ("STATUS_HANDLE_NOT_CLOSABLE","NtClose was called on a
handle that was protected from close via NtSetInformationObject."),
+ 0xC0000236: ("STATUS_CONNECTION_REFUSED","The transport-connection
attempt was refused by the remote system."),
+ 0xC0000237: ("STATUS_GRACEFUL_DISCONNECT","The transport connection
was gracefully closed."),
+ 0xC0000238: ("STATUS_ADDRESS_ALREADY_ASSOCIATED","The transport
endpoint already has an address associated with it."),
+ 0xC0000239: ("STATUS_ADDRESS_NOT_ASSOCIATED","An address has not yet
been associated with the transport endpoint."),
+ 0xC000023A: ("STATUS_CONNECTION_INVALID","An operation was attempted
on a nonexistent transport connection."),
+ 0xC000023B: ("STATUS_CONNECTION_ACTIVE","An invalid operation was
attempted on an active transport connection."),
+ 0xC000023C: ("STATUS_NETWORK_UNREACHABLE","The remote network is not
reachable by the transport."),
+ 0xC000023D: ("STATUS_HOST_UNREACHABLE","The remote system is not
reachable by the transport."),
+ 0xC000023E: ("STATUS_PROTOCOL_UNREACHABLE","The remote system does not
support the transport protocol."),
+ 0xC000023F: ("STATUS_PORT_UNREACHABLE","No service is operating at the
destination port of the transport on the remote system."),
+ 0xC0000240: ("STATUS_REQUEST_ABORTED","The request was aborted."),
+ 0xC0000241: ("STATUS_CONNECTION_ABORTED","The transport connection was
aborted by the local system."),
+ 0xC0000242: ("STATUS_BAD_COMPRESSION_BUFFER","The specified buffer
contains ill-formed data."),
+ 0xC0000243: ("STATUS_USER_MAPPED_FILE","The requested operation cannot
be performed on a file with a user mapped section open."),
+ 0xC0000244: ("STATUS_AUDIT_FAILED","{Audit Failed} An attempt to
generate a security audit failed."),
+ 0xC0000245: ("STATUS_TIMER_RESOLUTION_NOT_SET","The timer resolution
was not previously set by the current process."),
+ 0xC0000246: ("STATUS_CONNECTION_COUNT_LIMIT","A connection to the
server could not be made because the limit on the number of concurrent
connections for this account has been reached."),
+ 0xC0000247: ("STATUS_LOGIN_TIME_RESTRICTION","Attempting to log on
during an unauthorized time of day for this account."),
+ 0xC0000248: ("STATUS_LOGIN_WKSTA_RESTRICTION","The account is not
authorized to log on from this station."),
+ 0xC0000249: ("STATUS_IMAGE_MP_UP_MISMATCH","{UP/MP Image Mismatch} The
image %hs has been modified for use on a uniprocessor system, but you are
running it on a multiprocessor machine. Reinstall the image file."),
+ 0xC0000250: ("STATUS_INSUFFICIENT_LOGON_INFO","There is insufficient
account information to log you on."),
+ 0xC0000251: ("STATUS_BAD_DLL_ENTRYPOINT","{Invalid DLL Entrypoint} The
dynamic link library %hs is not written correctly. The stack pointer has been
left in an inconsistent state. The entry point should be declared as WINAPI or
STDCALL. Select YES to fail the DLL load. Select NO to continue execution.
Selecting NO may cause the application to operate incorrectly."),
+ 0xC0000252: ("STATUS_BAD_SERVICE_ENTRYPOINT","{Invalid Service
Callback Entrypoint} The %hs service is not written correctly. The stack
pointer has been left in an inconsistent state. The callback entry point should
be declared as WINAPI or STDCALL. Selecting OK will cause the service to
continue operation. However, the service process may operate incorrectly."),
+ 0xC0000253: ("STATUS_LPC_REPLY_LOST","The server received the messages
but did not send a reply."),
+ 0xC0000254: ("STATUS_IP_ADDRESS_CONFLICT1","There is an IP address
conflict with another system on the network."),
+ 0xC0000255: ("STATUS_IP_ADDRESS_CONFLICT2","There is an IP address
conflict with another system on the network."),
+ 0xC0000256: ("STATUS_REGISTRY_QUOTA_LIMIT","{Low On Registry Space}
The system has reached the maximum size that is allowed for the system part of
the registry. Additional storage requests will be ignored."),
+ 0xC0000257: ("STATUS_PATH_NOT_COVERED","The contacted server does not
support the indicated part of the DFS namespace."),
+ 0xC0000258: ("STATUS_NO_CALLBACK_ACTIVE","A callback return system
service cannot be executed when no callback is active."),
+ 0xC0000259: ("STATUS_LICENSE_QUOTA_EXCEEDED","The service being
accessed is licensed for a particular number of connections. No more
connections can be made to the service at this time because the service has
already accepted the maximum number of connections."),
+ 0xC000025A: ("STATUS_PWD_TOO_SHORT","The password provided is too
short to meet the policy of your user account. Choose a longer password."),
+ 0xC000025B: ("STATUS_PWD_TOO_RECENT","The policy of your user account
does not allow you to change passwords too frequently. This is done to prevent
users from changing back to a familiar, but potentially discovered, password.
If you feel your password has been compromised, contact your administrator
immediately to have a new one assigned."),
+ 0xC000025C: ("STATUS_PWD_HISTORY_CONFLICT","You have attempted to
change your password to one that you have used in the past. The policy of your
user account does not allow this. Select a password that you have not
previously used."),
+ 0xC000025E: ("STATUS_PLUGPLAY_NO_DEVICE","You have attempted to load a
legacy device driver while its device instance had been disabled."),
+ 0xC000025F: ("STATUS_UNSUPPORTED_COMPRESSION","The specified
compression format is unsupported."),
+ 0xC0000260: ("STATUS_INVALID_HW_PROFILE","The specified hardware
profile configuration is invalid."),
+ 0xC0000261: ("STATUS_INVALID_PLUGPLAY_DEVICE_PATH","The specified Plug
and Play registry device path is invalid."),
+ 0xC0000262: ("STATUS_DRIVER_ORDINAL_NOT_FOUND","{Driver Entry Point
Not Found} The %hs device driver could not locate the ordinal %ld in driver
%hs."),
+ 0xC0000263: ("STATUS_DRIVER_ENTRYPOINT_NOT_FOUND","{Driver Entry Point
Not Found} The %hs device driver could not locate the entry point %hs in driver
%hs."),
+ 0xC0000264: ("STATUS_RESOURCE_NOT_OWNED","{Application Error} The
application attempted to release a resource it did not own. Click OK to
terminate the application."),
+ 0xC0000265: ("STATUS_TOO_MANY_LINKS","An attempt was made to create
more links on a file than the file system supports."),
+ 0xC0000266: ("STATUS_QUOTA_LIST_INCONSISTENT","The specified quota
list is internally inconsistent with its descriptor."),
+ 0xC0000267: ("STATUS_FILE_IS_OFFLINE","The specified file has been
relocated to offline storage."),
+ 0xC0000268: ("STATUS_EVALUATION_EXPIRATION","{Windows Evaluation
Notification} The evaluation period for this installation of Windows has
expired. This system will shutdown in 1 hour. To restore access to this
installation of Windows, upgrade this installation by using a licensed
distribution of this product."),
+ 0xC0000269: ("STATUS_ILLEGAL_DLL_RELOCATION","{Illegal System DLL
Relocation} The system DLL %hs was relocated in memory. The application will
not run properly. The relocation occurred because the DLL %hs occupied an
address range that is reserved for Windows system DLLs. The vendor supplying
the DLL should be contacted for a new DLL."),
+ 0xC000026A: ("STATUS_LICENSE_VIOLATION","{License Violation} The
system has detected tampering with your registered product type. This is a
violation of your software license. Tampering with the product type is not
permitted."),
+ 0xC000026B: ("STATUS_DLL_INIT_FAILED_LOGOFF","{DLL Initialization
Failed} The application failed to initialize because the window station is
shutting down."),
+ 0xC000026C: ("STATUS_DRIVER_UNABLE_TO_LOAD","{Unable to Load Device
Driver} %hs device driver could not be loaded. Error Status was 0x%x."),
+ 0xC000026D: ("STATUS_DFS_UNAVAILABLE","DFS is unavailable on the
contacted server."),
+ 0xC000026E: ("STATUS_VOLUME_DISMOUNTED","An operation was attempted to
a volume after it was dismounted."),
+ 0xC000026F: ("STATUS_WX86_INTERNAL_ERROR","An internal error occurred
in the Win32 x86 emulation subsystem."),
+ 0xC0000270: ("STATUS_WX86_FLOAT_STACK_CHECK","Win32 x86 emulation
subsystem floating-point stack check."),
+ 0xC0000271: ("STATUS_VALIDATE_CONTINUE","The validation process needs
to continue on to the next step."),
+ 0xC0000272: ("STATUS_NO_MATCH","There was no match for the specified
key in the index."),
+ 0xC0000273: ("STATUS_NO_MORE_MATCHES","There are no more matches for
the current index enumeration."),
+ 0xC0000275: ("STATUS_NOT_A_REPARSE_POINT","The NTFS file or directory
is not a reparse point."),
+ 0xC0000276: ("STATUS_IO_REPARSE_TAG_INVALID","The Windows I/O reparse
tag passed for the NTFS reparse point is invalid."),
+ 0xC0000277: ("STATUS_IO_REPARSE_TAG_MISMATCH","The Windows I/O reparse
tag does not match the one that is in the NTFS reparse point."),
+ 0xC0000278: ("STATUS_IO_REPARSE_DATA_INVALID","The user data passed
for the NTFS reparse point is invalid."),
+ 0xC0000279: ("STATUS_IO_REPARSE_TAG_NOT_HANDLED","The layered file
system driver for this I/O tag did not handle it when needed."),
+ 0xC0000280: ("STATUS_REPARSE_POINT_NOT_RESOLVED","The NTFS symbolic
link could not be resolved even though the initial file name is valid."),
+ 0xC0000281: ("STATUS_DIRECTORY_IS_A_REPARSE_POINT","The NTFS directory
is a reparse point."),
+ 0xC0000282: ("STATUS_RANGE_LIST_CONFLICT","The range could not be
added to the range list because of a conflict."),
+ 0xC0000283: ("STATUS_SOURCE_ELEMENT_EMPTY","The specified medium
changer source element contains no media."),
+ 0xC0000284: ("STATUS_DESTINATION_ELEMENT_FULL","The specified medium
changer destination element already contains media."),
+ 0xC0000285: ("STATUS_ILLEGAL_ELEMENT_ADDRESS","The specified medium
changer element does not exist."),
+ 0xC0000286: ("STATUS_MAGAZINE_NOT_PRESENT","The specified element is
contained in a magazine that is no longer present."),
+ 0xC0000287: ("STATUS_REINITIALIZATION_NEEDED","The device requires
re-initialization due to hardware errors."),
+ 0xC000028A: ("STATUS_ENCRYPTION_FAILED","The file encryption attempt
failed."),
+ 0xC000028B: ("STATUS_DECRYPTION_FAILED","The file decryption attempt
failed."),
+ 0xC000028C: ("STATUS_RANGE_NOT_FOUND","The specified range could not
be found in the range list."),
+ 0xC000028D: ("STATUS_NO_RECOVERY_POLICY","There is no encryption
recovery policy configured for this system."),
+ 0xC000028E: ("STATUS_NO_EFS","The required encryption driver is not
loaded for this system."),
+ 0xC000028F: ("STATUS_WRONG_EFS","The file was encrypted with a
different encryption driver than is currently loaded."),
+ 0xC0000290: ("STATUS_NO_USER_KEYS","There are no EFS keys defined for
the user."),
+ 0xC0000291: ("STATUS_FILE_NOT_ENCRYPTED","The specified file is not
encrypted."),
+ 0xC0000292: ("STATUS_NOT_EXPORT_FORMAT","The specified file is not in
the defined EFS export format."),
+ 0xC0000293: ("STATUS_FILE_ENCRYPTED","The specified file is encrypted
and the user does not have the ability to decrypt it."),
+ 0xC0000295: ("STATUS_WMI_GUID_NOT_FOUND","The GUID passed was not
recognized as valid by a WMI data provider."),
+ 0xC0000296: ("STATUS_WMI_INSTANCE_NOT_FOUND","The instance name passed
was not recognized as valid by a WMI data provider."),
+ 0xC0000297: ("STATUS_WMI_ITEMID_NOT_FOUND","The data item ID passed
was not recognized as valid by a WMI data provider."),
+ 0xC0000298: ("STATUS_WMI_TRY_AGAIN","The WMI request could not be
completed and should be retried."),
+ 0xC0000299: ("STATUS_SHARED_POLICY","The policy object is shared and
can only be modified at the root."),
+ 0xC000029A: ("STATUS_POLICY_OBJECT_NOT_FOUND","The policy object does
not exist when it should."),
+ 0xC000029B: ("STATUS_POLICY_ONLY_IN_DS","The requested policy
information only lives in the Ds."),
+ 0xC000029C: ("STATUS_VOLUME_NOT_UPGRADED","The volume must be upgraded
to enable this feature."),
+ 0xC000029D: ("STATUS_REMOTE_STORAGE_NOT_ACTIVE","The remote storage
service is not operational at this time."),
+ 0xC000029E: ("STATUS_REMOTE_STORAGE_MEDIA_ERROR","The remote storage
service encountered a media error."),
+ 0xC000029F: ("STATUS_NO_TRACKING_SERVICE","The tracking (workstation)
service is not running."),
+ 0xC00002A0: ("STATUS_SERVER_SID_MISMATCH","The server process is
running under a SID that is different from the SID that is required by
client."),
+ 0xC00002A1: ("STATUS_DS_NO_ATTRIBUTE_OR_VALUE","The specified
directory service attribute or value does not exist."),
+ 0xC00002A2: ("STATUS_DS_INVALID_ATTRIBUTE_SYNTAX","The attribute
syntax specified to the directory service is invalid."),
+ 0xC00002A3: ("STATUS_DS_ATTRIBUTE_TYPE_UNDEFINED","The attribute type
specified to the directory service is not defined."),
+ 0xC00002A4: ("STATUS_DS_ATTRIBUTE_OR_VALUE_EXISTS","The specified
directory service attribute or value already exists."),
+ 0xC00002A5: ("STATUS_DS_BUSY","The directory service is busy."),
+ 0xC00002A6: ("STATUS_DS_UNAVAILABLE","The directory service is
unavailable."),
+ 0xC00002A7: ("STATUS_DS_NO_RIDS_ALLOCATED","The directory service was
unable to allocate a relative identifier."),
+ 0xC00002A8: ("STATUS_DS_NO_MORE_RIDS","The directory service has
exhausted the pool of relative identifiers."),
+ 0xC00002A9: ("STATUS_DS_INCORRECT_ROLE_OWNER","The requested operation
could not be performed because the directory service is not the master for that
type of operation."),
+ 0xC00002AA: ("STATUS_DS_RIDMGR_INIT_ERROR","The directory service was
unable to initialize the subsystem that allocates relative identifiers."),
+ 0xC00002AB: ("STATUS_DS_OBJ_CLASS_VIOLATION","The requested operation
did not satisfy one or more constraints that are associated with the class of
the object."),
+ 0xC00002AC: ("STATUS_DS_CANT_ON_NON_LEAF","The directory service can
perform the requested operation only on a leaf object."),
+ 0xC00002AD: ("STATUS_DS_CANT_ON_RDN","The directory service cannot
perform the requested operation on the Relatively Defined Name (RDN) attribute
of an object."),
+ 0xC00002AE: ("STATUS_DS_CANT_MOD_OBJ_CLASS","The directory service
detected an attempt to modify the object class of an object."),
+ 0xC00002AF: ("STATUS_DS_CROSS_DOM_MOVE_FAILED","An error occurred
while performing a cross domain move operation."),
+ 0xC00002B0: ("STATUS_DS_GC_NOT_AVAILABLE","Unable to contact the
global catalog server."),
+ 0xC00002B1: ("STATUS_DIRECTORY_SERVICE_REQUIRED","The requested
operation requires a directory service, and none was available."),
+ 0xC00002B2: ("STATUS_REPARSE_ATTRIBUTE_CONFLICT","The reparse
attribute cannot be set because it is incompatible with an existing
attribute."),
+ 0xC00002B3: ("STATUS_CANT_ENABLE_DENY_ONLY","A group marked \"use for
deny only\" cannot be enabled."),
+ 0xC00002B4: ("STATUS_FLOAT_MULTIPLE_FAULTS","{EXCEPTION} Multiple
floating-point faults."),
+ 0xC00002B5: ("STATUS_FLOAT_MULTIPLE_TRAPS","{EXCEPTION} Multiple
floating-point traps."),
+ 0xC00002B6: ("STATUS_DEVICE_REMOVED","The device has been removed."),
+ 0xC00002B7: ("STATUS_JOURNAL_DELETE_IN_PROGRESS","The volume change
journal is being deleted."),
+ 0xC00002B8: ("STATUS_JOURNAL_NOT_ACTIVE","The volume change journal is
not active."),
+ 0xC00002B9: ("STATUS_NOINTERFACE","The requested interface is not
supported."),
+ 0xC00002C1: ("STATUS_DS_ADMIN_LIMIT_EXCEEDED","A directory service
resource limit has been exceeded."),
+ 0xC00002C2: ("STATUS_DRIVER_FAILED_SLEEP","{System Standby Failed} The
driver %hs does not support standby mode. Updating this driver may allow the
system to go to standby mode."),
+ 0xC00002C3: ("STATUS_MUTUAL_AUTHENTICATION_FAILED","Mutual
Authentication failed. The server password is out of date at the domain
controller."),
+ 0xC00002C4: ("STATUS_CORRUPT_SYSTEM_FILE","The system file %1 has
become corrupt and has been replaced."),
+ 0xC00002C5: ("STATUS_DATATYPE_MISALIGNMENT_ERROR","{EXCEPTION}
Alignment Error A data type misalignment error was detected in a load or store
instruction."),
+ 0xC00002C6: ("STATUS_WMI_READ_ONLY","The WMI data item or data block
is read-only."),
+ 0xC00002C7: ("STATUS_WMI_SET_FAILURE","The WMI data item or data block
could not be changed."),
+ 0xC00002C8: ("STATUS_COMMITMENT_MINIMUM","{Virtual Memory Minimum Too
Low} Your system is low on virtual memory. Windows is increasing the size of
your virtual memory paging file. During this process, memory requests for some
applications may be denied. For more information, see Help."),
+ 0xC00002C9: ("STATUS_REG_NAT_CONSUMPTION","{EXCEPTION} Register NaT
consumption faults. A NaT value is consumed on a non-speculative instruction."),
+ 0xC00002CA: ("STATUS_TRANSPORT_FULL","The transport element of the
medium changer contains media, which is causing the operation to fail."),
+ 0xC00002CB: ("STATUS_DS_SAM_INIT_FAILURE","Security Accounts Manager
initialization failed because of the following error: %hs Error Status: 0x%x.
Click OK to shut down this system and restart in Directory Services Restore
Mode. Check the event log for more detailed information."),
+ 0xC00002CC: ("STATUS_ONLY_IF_CONNECTED","This operation is supported
only when you are connected to the server."),
+ 0xC00002CD: ("STATUS_DS_SENSITIVE_GROUP_VIOLATION","Only an
administrator can modify the membership list of an administrative group."),
+ 0xC00002CE: ("STATUS_PNP_RESTART_ENUMERATION","A device was removed so
enumeration must be restarted."),
+ 0xC00002CF: ("STATUS_JOURNAL_ENTRY_DELETED","The journal entry has
been deleted from the journal."),
+ 0xC00002D0: ("STATUS_DS_CANT_MOD_PRIMARYGROUPID","Cannot change the
primary group ID of a domain controller account."),
+ 0xC00002D1: ("STATUS_SYSTEM_IMAGE_BAD_SIGNATURE","{Fatal System Error}
The system image %s is not properly signed. The file has been replaced with the
signed file. The system has been shut down."),
+ 0xC00002D2: ("STATUS_PNP_REBOOT_REQUIRED","The device will not start
without a reboot."),
+ 0xC00002D3: ("STATUS_POWER_STATE_INVALID","The power state of the
current device cannot support this request."),
+ 0xC00002D4: ("STATUS_DS_INVALID_GROUP_TYPE","The specified group type
is invalid."),
+ 0xC00002D5: ("STATUS_DS_NO_NEST_GLOBALGROUP_IN_MIXEDDOMAIN","In a
mixed domain, no nesting of a global group if the group is security enabled."),
+ 0xC00002D6: ("STATUS_DS_NO_NEST_LOCALGROUP_IN_MIXEDDOMAIN","In a mixed
domain, cannot nest local groups with other local groups, if the group is
security enabled."),
+ 0xC00002D7: ("STATUS_DS_GLOBAL_CANT_HAVE_LOCAL_MEMBER","A global group
cannot have a local group as a member."),
+ 0xC00002D8: ("STATUS_DS_GLOBAL_CANT_HAVE_UNIVERSAL_MEMBER","A global
group cannot have a universal group as a member."),
+ 0xC00002D9: ("STATUS_DS_UNIVERSAL_CANT_HAVE_LOCAL_MEMBER","A universal
group cannot have a local group as a member."),
+ 0xC00002DA: ("STATUS_DS_GLOBAL_CANT_HAVE_CROSSDOMAIN_MEMBER","A global
group cannot have a cross-domain member."),
+ 0xC00002DB: ("STATUS_DS_LOCAL_CANT_HAVE_CROSSDOMAIN_LOCAL_MEMBER","A
local group cannot have another cross-domain local group as a member."),
+ 0xC00002DC: ("STATUS_DS_HAVE_PRIMARY_MEMBERS","Cannot change to a
security-disabled group because primary members are in this group."),
+ 0xC00002DD: ("STATUS_WMI_NOT_SUPPORTED","The WMI operation is not
supported by the data block or method."),
+ 0xC00002DE: ("STATUS_INSUFFICIENT_POWER","There is not enough power to
complete the requested operation."),
+ 0xC00002DF: ("STATUS_SAM_NEED_BOOTKEY_PASSWORD","The Security Accounts
Manager needs to get the boot password."),
+ 0xC00002E0: ("STATUS_SAM_NEED_BOOTKEY_FLOPPY","The Security Accounts
Manager needs to get the boot key from the floppy disk."),
+ 0xC00002E1: ("STATUS_DS_CANT_START","The directory service cannot
start."),
+ 0xC00002E2: ("STATUS_DS_INIT_FAILURE","The directory service could not
start because of the following error: %hs Error Status: 0x%x. Click OK to shut
down this system and restart in Directory Services Restore Mode. Check the
event log for more detailed information."),
+ 0xC00002E3: ("STATUS_SAM_INIT_FAILURE","The Security Accounts Manager
initialization failed because of the following error: %hs Error Status: 0x%x.
Click OK to shut down this system and restart in Safe Mode. Check the event log
for more detailed information."),
+ 0xC00002E4: ("STATUS_DS_GC_REQUIRED","The requested operation can be
performed only on a global catalog server."),
+ 0xC00002E5: ("STATUS_DS_LOCAL_MEMBER_OF_LOCAL_ONLY","A local group can
only be a member of other local groups in the same domain."),
+ 0xC00002E6: ("STATUS_DS_NO_FPO_IN_UNIVERSAL_GROUPS","Foreign security
principals cannot be members of universal groups."),
+ 0xC00002E7: ("STATUS_DS_MACHINE_ACCOUNT_QUOTA_EXCEEDED","Your computer
could not be joined to the domain. You have exceeded the maximum number of
computer accounts you are allowed to create in this domain. Contact your system
administrator to have this limit reset or increased."),
+ 0xC00002E9: ("STATUS_CURRENT_DOMAIN_NOT_ALLOWED","This operation
cannot be performed on the current domain."),
+ 0xC00002EA: ("STATUS_CANNOT_MAKE","The directory or file cannot be
created."),
+ 0xC00002EB: ("STATUS_SYSTEM_SHUTDOWN","The system is in the process of
shutting down."),
+ 0xC00002EC: ("STATUS_DS_INIT_FAILURE_CONSOLE","Directory Services
could not start because of the following error: %hs Error Status: 0x%x. Click
OK to shut down the system. You can use the recovery console to diagnose the
system further."),
+ 0xC00002ED: ("STATUS_DS_SAM_INIT_FAILURE_CONSOLE","Security Accounts
Manager initialization failed because of the following error: %hs Error Status:
0x%x. Click OK to shut down the system. You can use the recovery console to
diagnose the system further."),
+ 0xC00002EE: ("STATUS_UNFINISHED_CONTEXT_DELETED","A security context
was deleted before the context was completed. This is considered a logon
failure."),
+ 0xC00002EF: ("STATUS_NO_TGT_REPLY","The client is trying to negotiate
a context and the server requires user-to-user but did not send a TGT reply."),
+ 0xC00002F0: ("STATUS_OBJECTID_NOT_FOUND","An object ID was not found
in the file."),
+ 0xC00002F1: ("STATUS_NO_IP_ADDRESSES","Unable to accomplish the
requested task because the local machine does not have any IP addresses."),
+ 0xC00002F2: ("STATUS_WRONG_CREDENTIAL_HANDLE","The supplied credential
handle does not match the credential that is associated with the security
context."),
+ 0xC00002F3: ("STATUS_CRYPTO_SYSTEM_INVALID","The crypto system or
checksum function is invalid because a required function is unavailable."),
+ 0xC00002F4: ("STATUS_MAX_REFERRALS_EXCEEDED","The number of maximum
ticket referrals has been exceeded."),
+ 0xC00002F5: ("STATUS_MUST_BE_KDC","The local machine must be a
Kerberos KDC (domain controller) and it is not."),
+ 0xC00002F6: ("STATUS_STRONG_CRYPTO_NOT_SUPPORTED","The other end of
the security negotiation requires strong crypto but it is not supported on the
local machine."),
+ 0xC00002F7: ("STATUS_TOO_MANY_PRINCIPALS","The KDC reply contained
more than one principal name."),
+ 0xC00002F8: ("STATUS_NO_PA_DATA","Expected to find PA data for a hint
of what etype to use, but it was not found."),
+ 0xC00002F9: ("STATUS_PKINIT_NAME_MISMATCH","The client certificate
does not contain a valid UPN, or does not match the client name in the logon
request. Contact your administrator."),
+ 0xC00002FA: ("STATUS_SMARTCARD_LOGON_REQUIRED","Smart card logon is
required and was not used."),
+ 0xC00002FB: ("STATUS_KDC_INVALID_REQUEST","An invalid request was sent
to the KDC."),
+ 0xC00002FC: ("STATUS_KDC_UNABLE_TO_REFER","The KDC was unable to
generate a referral for the service requested."),
+ 0xC00002FD: ("STATUS_KDC_UNKNOWN_ETYPE","The encryption type requested
is not supported by the KDC."),
+ 0xC00002FE: ("STATUS_SHUTDOWN_IN_PROGRESS","A system shutdown is in
progress."),
+ 0xC00002FF: ("STATUS_SERVER_SHUTDOWN_IN_PROGRESS","The server machine
is shutting down."),
+ 0xC0000300: ("STATUS_NOT_SUPPORTED_ON_SBS","This operation is not
supported on a computer running Windows Server 2003 for Small Business
Server."),
+ 0xC0000301: ("STATUS_WMI_GUID_DISCONNECTED","The WMI GUID is no longer
available."),
+ 0xC0000302: ("STATUS_WMI_ALREADY_DISABLED","Collection or events for
the WMI GUID is already disabled."),
+ 0xC0000303: ("STATUS_WMI_ALREADY_ENABLED","Collection or events for
the WMI GUID is already enabled."),
+ 0xC0000304: ("STATUS_MFT_TOO_FRAGMENTED","The master file table on the
volume is too fragmented to complete this operation."),
+ 0xC0000305: ("STATUS_COPY_PROTECTION_FAILURE","Copy protection
failure."),
+ 0xC0000306: ("STATUS_CSS_AUTHENTICATION_FAILURE","Copy protection
error-DVD CSS Authentication failed."),
+ 0xC0000307: ("STATUS_CSS_KEY_NOT_PRESENT","Copy protection error-The
specified sector does not contain a valid key."),
+ 0xC0000308: ("STATUS_CSS_KEY_NOT_ESTABLISHED","Copy protection
error-DVD session key not established."),
+ 0xC0000309: ("STATUS_CSS_SCRAMBLED_SECTOR","Copy protection error-The
read failed because the sector is encrypted."),
+ 0xC000030A: ("STATUS_CSS_REGION_MISMATCH","Copy protection error-The
region of the specified DVD does not correspond to the region setting of the
drive."),
+ 0xC000030B: ("STATUS_CSS_RESETS_EXHAUSTED","Copy protection error-The
region setting of the drive may be permanent."),
+ 0xC0000320: ("STATUS_PKINIT_FAILURE","The Kerberos protocol
encountered an error while validating the KDC certificate during smart card
logon. There is more information in the system event log."),
+ 0xC0000321: ("STATUS_SMARTCARD_SUBSYSTEM_FAILURE","The Kerberos
protocol encountered an error while attempting to use the smart card
subsystem."),
+ 0xC0000322: ("STATUS_NO_KERB_KEY","The target server does not have
acceptable Kerberos credentials."),
+ 0xC0000350: ("STATUS_HOST_DOWN","The transport determined that the
remote system is down."),
+ 0xC0000351: ("STATUS_UNSUPPORTED_PREAUTH","An unsupported
pre-authentication mechanism was presented to the Kerberos package."),
+ 0xC0000352: ("STATUS_EFS_ALG_BLOB_TOO_BIG","The encryption algorithm
that is used on the source file needs a bigger key buffer than the one that is
used on the destination file."),
+ 0xC0000353: ("STATUS_PORT_NOT_SET","An attempt to remove a processes
DebugPort was made, but a port was not already associated with the process."),
+ 0xC0000354: ("STATUS_DEBUGGER_INACTIVE","An attempt to do an operation
on a debug port failed because the port is in the process of being deleted."),
+ 0xC0000355: ("STATUS_DS_VERSION_CHECK_FAILURE","This version of
Windows is not compatible with the behavior version of the directory forest,
domain, or domain controller."),
+ 0xC0000356: ("STATUS_AUDITING_DISABLED","The specified event is
currently not being audited."),
+ 0xC0000357: ("STATUS_PRENT4_MACHINE_ACCOUNT","The machine account was
created prior to Windows NT 4.0. The account needs to be recreated."),
+ 0xC0000358: ("STATUS_DS_AG_CANT_HAVE_UNIVERSAL_MEMBER","An account
group cannot have a universal group as a member."),
+ 0xC0000359: ("STATUS_INVALID_IMAGE_WIN_32","The specified image file
did not have the correct format; it appears to be a 32-bit Windows image."),
+ 0xC000035A: ("STATUS_INVALID_IMAGE_WIN_64","The specified image file
did not have the correct format; it appears to be a 64-bit Windows image."),
+ 0xC000035B: ("STATUS_BAD_BINDINGS","The client's supplied SSPI channel
bindings were incorrect."),
+ 0xC000035C: ("STATUS_NETWORK_SESSION_EXPIRED","The client session has
expired; so the client must re-authenticate to continue accessing the remote
resources."),
+ 0xC000035D: ("STATUS_APPHELP_BLOCK","The AppHelp dialog box canceled;
thus preventing the application from starting."),
+ 0xC000035E: ("STATUS_ALL_SIDS_FILTERED","The SID filtering operation
removed all SIDs."),
+ 0xC000035F: ("STATUS_NOT_SAFE_MODE_DRIVER","The driver was not loaded
because the system is starting in safe mode."),
+ 0xC0000361: ("STATUS_ACCESS_DISABLED_BY_POLICY_DEFAULT","Access to %1
has been restricted by your Administrator by the default software restriction
policy level."),
+ 0xC0000362: ("STATUS_ACCESS_DISABLED_BY_POLICY_PATH","Access to %1 has
been restricted by your Administrator by location with policy rule %2 placed on
path %3."),
+ 0xC0000363: ("STATUS_ACCESS_DISABLED_BY_POLICY_PUBLISHER","Access to
%1 has been restricted by your Administrator by software publisher policy."),
+ 0xC0000364: ("STATUS_ACCESS_DISABLED_BY_POLICY_OTHER","Access to %1
has been restricted by your Administrator by policy rule %2."),
+ 0xC0000365: ("STATUS_FAILED_DRIVER_ENTRY","The driver was not loaded
because it failed its initialization call."),
+ 0xC0000366: ("STATUS_DEVICE_ENUMERATION_ERROR","The device encountered
an error while applying power or reading the device configuration. This may be
caused by a failure of your hardware or by a poor connection."),
+ 0xC0000368: ("STATUS_MOUNT_POINT_NOT_RESOLVED","The create operation
failed because the name contained at least one mount point that resolves to a
volume to which the specified device object is not attached."),
+ 0xC0000369: ("STATUS_INVALID_DEVICE_OBJECT_PARAMETER","The device
object parameter is either not a valid device object or is not attached to the
volume that is specified by the file name."),
+ 0xC000036A: ("STATUS_MCA_OCCURED","A machine check error has occurred.
Check the system event log for additional information."),
+ 0xC000036B: ("STATUS_DRIVER_BLOCKED_CRITICAL","Driver %2 has been
blocked from loading."),
+ 0xC000036C: ("STATUS_DRIVER_BLOCKED","Driver %2 has been blocked from
loading."),
+ 0xC000036D: ("STATUS_DRIVER_DATABASE_ERROR","There was error [%2]
processing the driver database."),
+ 0xC000036E: ("STATUS_SYSTEM_HIVE_TOO_LARGE","System hive size has
exceeded its limit."),
+ 0xC000036F: ("STATUS_INVALID_IMPORT_OF_NON_DLL","A dynamic link
library (DLL) referenced a module that was neither a DLL nor the process's
executable image."),
+ 0xC0000371: ("STATUS_NO_SECRETS","The local account store does not
contain secret material for the specified account."),
+ 0xC0000372: ("STATUS_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY","Access to
%1 has been restricted by your Administrator by policy rule %2."),
+ 0xC0000373: ("STATUS_FAILED_STACK_SWITCH","The system was not able to
allocate enough memory to perform a stack switch."),
+ 0xC0000374: ("STATUS_HEAP_CORRUPTION","A heap has been corrupted."),
+ 0xC0000380: ("STATUS_SMARTCARD_WRONG_PIN","An incorrect PIN was
presented to the smart card."),
+ 0xC0000381: ("STATUS_SMARTCARD_CARD_BLOCKED","The smart card is
blocked."),
+ 0xC0000382: ("STATUS_SMARTCARD_CARD_NOT_AUTHENTICATED","No PIN was
presented to the smart card."),
+ 0xC0000383: ("STATUS_SMARTCARD_NO_CARD","No smart card is available."),
+ 0xC0000384: ("STATUS_SMARTCARD_NO_KEY_CONTAINER","The requested key
container does not exist on the smart card."),
+ 0xC0000385: ("STATUS_SMARTCARD_NO_CERTIFICATE","The requested
certificate does not exist on the smart card."),
+ 0xC0000386: ("STATUS_SMARTCARD_NO_KEYSET","The requested keyset does
not exist."),
+ 0xC0000387: ("STATUS_SMARTCARD_IO_ERROR","A communication error with
the smart card has been detected."),
+ 0xC0000388: ("STATUS_DOWNGRADE_DETECTED","The system detected a
possible attempt to compromise security. Ensure that you can contact the server
that authenticated you."),
+ 0xC0000389: ("STATUS_SMARTCARD_CERT_REVOKED","The smart card
certificate used for authentication has been revoked. Contact your system
administrator. There may be additional information in the event log."),
+ 0xC000038A: ("STATUS_ISSUING_CA_UNTRUSTED","An untrusted certificate
authority was detected while processing the smart card certificate that is used
for authentication. Contact your system administrator."),
+ 0xC000038B: ("STATUS_REVOCATION_OFFLINE_C","The revocation status of
the smart card certificate that is used for authentication could not be
determined. Contact your system administrator."),
+ 0xC000038C: ("STATUS_PKINIT_CLIENT_FAILURE","The smart card
certificate used for authentication was not trusted. Contact your system
administrator."),
+ 0xC000038D: ("STATUS_SMARTCARD_CERT_EXPIRED","The smart card
certificate used for authentication has expired. Contact your system
administrator."),
+ 0xC000038E: ("STATUS_DRIVER_FAILED_PRIOR_UNLOAD","The driver could not
be loaded because a previous version of the driver is still in memory."),
+ 0xC000038F: ("STATUS_SMARTCARD_SILENT_CONTEXT","The smart card
provider could not perform the action because the context was acquired as
silent."),
+ 0xC0000401: ("STATUS_PER_USER_TRUST_QUOTA_EXCEEDED","The delegated
trust creation quota of the current user has been exceeded."),
+ 0xC0000402: ("STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED","The total
delegated trust creation quota has been exceeded."),
+ 0xC0000403: ("STATUS_USER_DELETE_TRUST_QUOTA_EXCEEDED","The delegated
trust deletion quota of the current user has been exceeded."),
+ 0xC0000404: ("STATUS_DS_NAME_NOT_UNIQUE","The requested name already
exists as a unique identifier."),
+ 0xC0000405: ("STATUS_DS_DUPLICATE_ID_FOUND","The requested object has
a non-unique identifier and cannot be retrieved."),
+ 0xC0000406: ("STATUS_DS_GROUP_CONVERSION_ERROR","The group cannot be
converted due to attribute restrictions on the requested group type."),
+ 0xC0000407: ("STATUS_VOLSNAP_PREPARE_HIBERNATE","{Volume Shadow Copy
Service} Wait while the Volume Shadow Copy Service prepares volume %hs for
hibernation."),
+ 0xC0000408: ("STATUS_USER2USER_REQUIRED","Kerberos sub-protocol
User2User is required."),
+ 0xC0000409: ("STATUS_STACK_BUFFER_OVERRUN","The system detected an
overrun of a stack-based buffer in this application. This overrun could
potentially allow a malicious user to gain control of this application."),
+ 0xC000040A: ("STATUS_NO_S4U_PROT_SUPPORT","The Kerberos subsystem
encountered an error. A service for user protocol request was made against a
domain controller which does not support service for user."),
+ 0xC000040B: ("STATUS_CROSSREALM_DELEGATION_FAILURE","An attempt was
made by this server to make a Kerberos constrained delegation request for a
target that is outside the server realm. This action is not supported and the
resulting error indicates a misconfiguration on the allowed-to-delegate-to list
for this server. Contact your administrator."),
+ 0xC000040C: ("STATUS_REVOCATION_OFFLINE_KDC","The revocation status of
the domain controller certificate used for smart card authentication could not
be determined. There is additional information in the system event log. Contact
your system administrator."),
+ 0xC000040D: ("STATUS_ISSUING_CA_UNTRUSTED_KDC","An untrusted
certificate authority was detected while processing the domain controller
certificate used for authentication. There is additional information in the
system event log. Contact your system administrator."),
+ 0xC000040E: ("STATUS_KDC_CERT_EXPIRED","The domain controller
certificate used for smart card logon has expired. Contact your system
administrator with the contents of your system event log."),
+ 0xC000040F: ("STATUS_KDC_CERT_REVOKED","The domain controller
certificate used for smart card logon has been revoked. Contact your system
administrator with the contents of your system event log."),
+ 0xC0000410: ("STATUS_PARAMETER_QUOTA_EXCEEDED","Data present in one of
the parameters is more than the function can operate on."),
+ 0xC0000411: ("STATUS_HIBERNATION_FAILURE","The system has failed to
hibernate (The error code is %hs). Hibernation will be disabled until the
system is restarted."),
+ 0xC0000412: ("STATUS_DELAY_LOAD_FAILED","An attempt to delay-load a
.dll or get a function address in a delay-loaded .dll failed."),
+ 0xC0000413: ("STATUS_AUTHENTICATION_FIREWALL_FAILED","Logon Failure:
The machine you are logging onto is protected by an authentication firewall.
The specified account is not allowed to authenticate to the machine."),
+ 0xC0000414: ("STATUS_VDM_DISALLOWED","%hs is a 16-bit application. You
do not have permissions to execute 16-bit applications. Check your permissions
with your system administrator."),
+ 0xC0000415: ("STATUS_HUNG_DISPLAY_DRIVER_THREAD","{Display Driver
Stopped Responding} The %hs display driver has stopped working normally. Save
your work and reboot the system to restore full display functionality. The next
time you reboot the machine a dialog will be displayed giving you a chance to
report this failure to Microsoft."),
+ 0xC0000416:
("STATUS_INSUFFICIENT_RESOURCE_FOR_SPECIFIED_SHARED_SECTION_SIZE","The Desktop
heap encountered an error while allocating session memory. There is more
information in the system event log."),
+ 0xC0000417: ("STATUS_INVALID_CRUNTIME_PARAMETER","An invalid parameter
was passed to a C runtime function."),
+ 0xC0000418: ("STATUS_NTLM_BLOCKED","The authentication failed because
NTLM was blocked."),
+ 0xC0000419: ("STATUS_DS_SRC_SID_EXISTS_IN_FOREST","The source object's
SID already exists in destination forest."),
+ 0xC000041A: ("STATUS_DS_DOMAIN_NAME_EXISTS_IN_FOREST","The domain name
of the trusted domain already exists in the forest."),
+ 0xC000041B: ("STATUS_DS_FLAT_NAME_EXISTS_IN_FOREST","The flat name of
the trusted domain already exists in the forest."),
+ 0xC000041C: ("STATUS_INVALID_USER_PRINCIPAL_NAME","The User Principal
Name (UPN) is invalid."),
+ 0xC0000420: ("STATUS_ASSERTION_FAILURE","There has been an assertion
failure."),
+ 0xC0000421: ("STATUS_VERIFIER_STOP","Application verifier has found an
error in the current process."),
+ 0xC0000423: ("STATUS_CALLBACK_POP_STACK","A user mode unwind is in
progress."),
+ 0xC0000424: ("STATUS_INCOMPATIBLE_DRIVER_BLOCKED","%2 has been blocked
from loading due to incompatibility with this system. Contact your software
vendor for a compatible version of the driver."),
+ 0xC0000425: ("STATUS_HIVE_UNLOADED","Illegal operation attempted on a
registry key which has already been unloaded."),
+ 0xC0000426: ("STATUS_COMPRESSION_DISABLED","Compression is disabled
for this volume."),
+ 0xC0000427: ("STATUS_FILE_SYSTEM_LIMITATION","The requested operation
could not be completed due to a file system limitation."),
+ 0xC0000428: ("STATUS_INVALID_IMAGE_HASH","The hash for image %hs
cannot be found in the system catalogs. The image is likely corrupt or the
victim of tampering."),
+ 0xC0000429: ("STATUS_NOT_CAPABLE","The implementation is not capable
of performing the request."),
+ 0xC000042A: ("STATUS_REQUEST_OUT_OF_SEQUENCE","The requested operation
is out of order with respect to other operations."),
+ 0xC000042B: ("STATUS_IMPLEMENTATION_LIMIT","An operation attempted to
exceed an implementation-defined limit."),
+ 0xC000042C: ("STATUS_ELEVATION_REQUIRED","The requested operation
requires elevation."),
+ 0xC000042D: ("STATUS_NO_SECURITY_CONTEXT","The required security
context does not exist."),
+ 0xC000042E: ("STATUS_PKU2U_CERT_FAILURE","The PKU2U protocol
encountered an error while attempting to utilize the associated certificates."),
+ 0xC0000432: ("STATUS_BEYOND_VDL","The operation was attempted beyond
the valid data length of the file."),
+ 0xC0000433: ("STATUS_ENCOUNTERED_WRITE_IN_PROGRESS","The attempted
write operation encountered a write already in progress for some portion of the
range."),
+ 0xC0000434: ("STATUS_PTE_CHANGED","The page fault mappings changed in
the middle of processing a fault so the operation must be retried."),
+ 0xC0000435: ("STATUS_PURGE_FAILED","The attempt to purge this file
from memory failed to purge some or all the data from memory."),
+ 0xC0000440: ("STATUS_CRED_REQUIRES_CONFIRMATION","The requested
credential requires confirmation."),
+ 0xC0000441: ("STATUS_CS_ENCRYPTION_INVALID_SERVER_RESPONSE","The
remote server sent an invalid response for a file being opened with Client Side
Encryption."),
+ 0xC0000442: ("STATUS_CS_ENCRYPTION_UNSUPPORTED_SERVER","Client Side
Encryption is not supported by the remote server even though it claims to
support it."),
+ 0xC0000443: ("STATUS_CS_ENCRYPTION_EXISTING_ENCRYPTED_FILE","File is
encrypted and should be opened in Client Side Encryption mode."),
+ 0xC0000444: ("STATUS_CS_ENCRYPTION_NEW_ENCRYPTED_FILE","A new
encrypted file is being created and a $EFS needs to be provided."),
+ 0xC0000445: ("STATUS_CS_ENCRYPTION_FILE_NOT_CSE","The SMB client
requested a CSE FSCTL on a non-CSE file."),
+ 0xC0000446: ("STATUS_INVALID_LABEL","Indicates a particular Security
ID may not be assigned as the label of an object."),
+ 0xC0000450: ("STATUS_DRIVER_PROCESS_TERMINATED","The process hosting
the driver for this device has terminated."),
+ 0xC0000451: ("STATUS_AMBIGUOUS_SYSTEM_DEVICE","The requested system
device cannot be identified due to multiple indistinguishable devices
potentially matching the identification criteria."),
+ 0xC0000452: ("STATUS_SYSTEM_DEVICE_NOT_FOUND","The requested system
device cannot be found."),
+ 0xC0000453: ("STATUS_RESTART_BOOT_APPLICATION","This boot application
must be restarted."),
+ 0xC0000454: ("STATUS_INSUFFICIENT_NVRAM_RESOURCES","Insufficient NVRAM
resources exist to complete the API. A reboot might be required."),
+ 0xC0000500: ("STATUS_INVALID_TASK_NAME","The specified task name is
invalid."),
+ 0xC0000501: ("STATUS_INVALID_TASK_INDEX","The specified task index is
invalid."),
+ 0xC0000502: ("STATUS_THREAD_ALREADY_IN_TASK","The specified thread is
already joining a task."),
+ 0xC0000503: ("STATUS_CALLBACK_BYPASS","A callback has requested to
bypass native code."),
+ 0xC0000602: ("STATUS_FAIL_FAST_EXCEPTION","A fail fast exception
occurred. Exception handlers will not be invoked and the process will be
terminated immediately."),
+ 0xC0000603: ("STATUS_IMAGE_CERT_REVOKED","Windows cannot verify the
digital signature for this file. The signing certificate for this file has been
revoked."),
+ 0xC0000700: ("STATUS_PORT_CLOSED","The ALPC port is closed."),
+ 0xC0000701: ("STATUS_MESSAGE_LOST","The ALPC message requested is no
longer available."),
+ 0xC0000702: ("STATUS_INVALID_MESSAGE","The ALPC message supplied is
invalid."),
+ 0xC0000703: ("STATUS_REQUEST_CANCELED","The ALPC message has been
canceled."),
+ 0xC0000704: ("STATUS_RECURSIVE_DISPATCH","Invalid recursive dispatch
attempt."),
+ 0xC0000705: ("STATUS_LPC_RECEIVE_BUFFER_EXPECTED","No receive buffer
has been supplied in a synchronous request."),
+ 0xC0000706: ("STATUS_LPC_INVALID_CONNECTION_USAGE","The connection
port is used in an invalid context."),
+ 0xC0000707: ("STATUS_LPC_REQUESTS_NOT_ALLOWED","The ALPC port does not
accept new request messages."),
+ 0xC0000708: ("STATUS_RESOURCE_IN_USE","The resource requested is
already in use."),
+ 0xC0000709: ("STATUS_HARDWARE_MEMORY_ERROR","The hardware has reported
an uncorrectable memory error."),
+ 0xC000070A: ("STATUS_THREADPOOL_HANDLE_EXCEPTION","Status 0x%08x was
returned, waiting on handle 0x%x for wait 0x%p, in waiter 0x%p."),
+ 0xC000070B: ("STATUS_THREADPOOL_SET_EVENT_ON_COMPLETION_FAILED","After
a callback to 0x%p(0x%p), a completion call to Set event(0x%p) failed with
status 0x%08x."),
+ 0xC000070C:
("STATUS_THREADPOOL_RELEASE_SEMAPHORE_ON_COMPLETION_FAILED","After a callback
to 0x%p(0x%p), a completion call to ReleaseSemaphore(0x%p, %d) failed with
status 0x%08x."),
+ 0xC000070D:
("STATUS_THREADPOOL_RELEASE_MUTEX_ON_COMPLETION_FAILED","After a callback to
0x%p(0x%p), a completion call to ReleaseMutex(%p) failed with status 0x%08x."),
+ 0xC000070E:
("STATUS_THREADPOOL_FREE_LIBRARY_ON_COMPLETION_FAILED","After a callback to
0x%p(0x%p), a completion call to FreeLibrary(%p) failed with status 0x%08x."),
+ 0xC000070F: ("STATUS_THREADPOOL_RELEASED_DURING_OPERATION","The thread
pool 0x%p was released while a thread was posting a callback to 0x%p(0x%p) to
it."),
+ 0xC0000710: ("STATUS_CALLBACK_RETURNED_WHILE_IMPERSONATING","A thread
pool worker thread is impersonating a client, after a callback to 0x%p(0x%p).
This is unexpected, indicating that the callback is missing a call to revert
the impersonation."),
+ 0xC0000711: ("STATUS_APC_RETURNED_WHILE_IMPERSONATING","A thread pool
worker thread is impersonating a client, after executing an APC. This is
unexpected, indicating that the APC is missing a call to revert the
impersonation."),
+ 0xC0000712: ("STATUS_PROCESS_IS_PROTECTED","Either the target process,
or the target thread's containing process, is a protected process."),
+ 0xC0000713: ("STATUS_MCA_EXCEPTION","A thread is getting dispatched
with MCA EXCEPTION because of MCA."),
+ 0xC0000714: ("STATUS_CERTIFICATE_MAPPING_NOT_UNIQUE","The client
certificate account mapping is not unique."),
+ 0xC0000715: ("STATUS_SYMLINK_CLASS_DISABLED","The symbolic link cannot
be followed because its type is disabled."),
+ 0xC0000716: ("STATUS_INVALID_IDN_NORMALIZATION","Indicates that the
specified string is not valid for IDN normalization."),
+ 0xC0000717: ("STATUS_NO_UNICODE_TRANSLATION","No mapping for the
Unicode character exists in the target multi-byte code page."),
+ 0xC0000718: ("STATUS_ALREADY_REGISTERED","The provided callback is
already registered."),
+ 0xC0000719: ("STATUS_CONTEXT_MISMATCH","The provided context did not
match the target."),
+ 0xC000071A: ("STATUS_PORT_ALREADY_HAS_COMPLETION_LIST","The specified
port already has a completion list."),
+ 0xC000071B: ("STATUS_CALLBACK_RETURNED_THREAD_PRIORITY","A threadpool
worker thread entered a callback at thread base priority 0x%x and exited at
priority 0x%x. This is unexpected, indicating that the callback missed
restoring the priority."),
+ 0xC000071C: ("STATUS_INVALID_THREAD","An invalid thread, handle %p, is
specified for this operation. Possibly, a threadpool worker thread was
specified."),
+ 0xC000071D: ("STATUS_CALLBACK_RETURNED_TRANSACTION","A threadpool
worker thread entered a callback, which left transaction state. This is
unexpected, indicating that the callback missed clearing the transaction."),
+ 0xC000071E: ("STATUS_CALLBACK_RETURNED_LDR_LOCK","A threadpool worker
thread entered a callback, which left the loader lock held. This is
unexpected, indicating that the callback missed releasing the lock."),
+ 0xC000071F: ("STATUS_CALLBACK_RETURNED_LANG","A threadpool worker
thread entered a callback, which left with preferred languages set. This is
unexpected, indicating that the callback missed clearing them."),
+ 0xC0000720: ("STATUS_CALLBACK_RETURNED_PRI_BACK","A threadpool worker
thread entered a callback, which left with background priorities set. This is
unexpected, indicating that the callback missed restoring the original
priorities."),
+ 0xC0000800: ("STATUS_DISK_REPAIR_DISABLED","The attempted operation
required self healing to be enabled."),
+ 0xC0000801: ("STATUS_DS_DOMAIN_RENAME_IN_PROGRESS","The directory
service cannot perform the requested operation because a domain rename
operation is in progress."),
+ 0xC0000802: ("STATUS_DISK_QUOTA_EXCEEDED","An operation failed because
the storage quota was exceeded."),
+ 0xC0000804: ("STATUS_CONTENT_BLOCKED","An operation failed because the
content was blocked."),
+ 0xC0000805: ("STATUS_BAD_CLUSTERS","The operation could not be
completed due to bad clusters on disk."),
+ 0xC0000806: ("STATUS_VOLUME_DIRTY","The operation could not be
completed because the volume is dirty. Please run the Chkdsk utility and try
again."),
+ 0xC0000901: ("STATUS_FILE_CHECKED_OUT","This file is checked out or
locked for editing by another user."),
+ 0xC0000902: ("STATUS_CHECKOUT_REQUIRED","The file must be checked out
before saving changes."),
+ 0xC0000903: ("STATUS_BAD_FILE_TYPE","The file type being saved or
retrieved has been blocked."),
+ 0xC0000904: ("STATUS_FILE_TOO_LARGE","The file size exceeds the limit
allowed and cannot be saved."),
+ 0xC0000905: ("STATUS_FORMS_AUTH_REQUIRED","Access Denied. Before
opening files in this location, you must first browse to the e.g. site and
select the option to log on automatically."),
+ 0xC0000906: ("STATUS_VIRUS_INFECTED","The operation did not complete
successfully because the file contains a virus."),
+ 0xC0000907: ("STATUS_VIRUS_DELETED","This file contains a virus and
cannot be opened. Due to the nature of this virus, the file has been removed
from this location."),
+ 0xC0000908: ("STATUS_BAD_MCFG_TABLE","The resources required for this
device conflict with the MCFG table."),
+ 0xC0000909: ("STATUS_CANNOT_BREAK_OPLOCK","The operation did not
complete successfully because it would cause an oplock to be broken. The caller
has requested that existing oplocks not be broken."),
+ 0xC0009898: ("STATUS_WOW_ASSERTION","WOW Assertion Error."),
+ 0xC000A000: ("STATUS_INVALID_SIGNATURE","The cryptographic signature
is invalid."),
+ 0xC000A001: ("STATUS_HMAC_NOT_SUPPORTED","The cryptographic provider
does not support HMAC."),
+ 0xC000A010: ("STATUS_IPSEC_QUEUE_OVERFLOW","The IPsec queue
overflowed."),
+ 0xC000A011: ("STATUS_ND_QUEUE_OVERFLOW","The neighbor discovery queue
overflowed."),
+ 0xC000A012: ("STATUS_HOPLIMIT_EXCEEDED","An Internet Control Message
Protocol (ICMP) hop limit exceeded error was received."),
+ 0xC000A013: ("STATUS_PROTOCOL_NOT_SUPPORTED","The protocol is not
installed on the local machine."),
+ 0xC000A080:
("STATUS_LOST_WRITEBEHIND_DATA_NETWORK_DISCONNECTED","{Delayed Write Failed}
Windows was unable to save all the data for the file %hs; the data has been
lost. This error may be caused by network connectivity issues. Try to save this
file elsewhere."),
+ 0xC000A081:
("STATUS_LOST_WRITEBEHIND_DATA_NETWORK_SERVER_ERROR","{Delayed Write Failed}
Windows was unable to save all the data for the file %hs; the data has been
lost. This error was returned by the server on which the file exists. Try to
save this file elsewhere."),
+ 0xC000A082: ("STATUS_LOST_WRITEBEHIND_DATA_LOCAL_DISK_ERROR","{Delayed
Write Failed} Windows was unable to save all the data for the file %hs; the
data has been lost. This error may be caused if the device has been removed or
the media is write-protected."),
+ 0xC000A083: ("STATUS_XML_PARSE_ERROR","Windows was unable to parse the
requested XML data."),
+ 0xC000A084: ("STATUS_XMLDSIG_ERROR","An error was encountered while
processing an XML digital signature."),
+ 0xC000A085: ("STATUS_WRONG_COMPARTMENT","This indicates that the
caller made the connection request in the wrong routing compartment."),
+ 0xC000A086: ("STATUS_AUTHIP_FAILURE","This indicates that there was an
AuthIP failure when attempting to connect to the remote host."),
+ 0xC000A087: ("STATUS_DS_OID_MAPPED_GROUP_CANT_HAVE_MEMBERS","OID
mapped groups cannot have members."),
+ 0xC000A088: ("STATUS_DS_OID_NOT_FOUND","The specified OID cannot be
found."),
+ 0xC000A100: ("STATUS_HASH_NOT_SUPPORTED","Hash generation for the
specified version and hash type is not enabled on server."),
+ 0xC000A101: ("STATUS_HASH_NOT_PRESENT","The hash requests is not
present or not up to date with the current file contents."),
+ 0xC0010001: ("DBG_NO_STATE_CHANGE","The debugger did not perform a
state change."),
+ 0xC0010002: ("DBG_APP_NOT_IDLE","The debugger found that the
application is not idle."),
+ 0xC0020001: ("RPC_NT_INVALID_STRING_BINDING","The string binding is
invalid."),
+ 0xC0020002: ("RPC_NT_WRONG_KIND_OF_BINDING","The binding handle is not
the correct type."),
+ 0xC0020003: ("RPC_NT_INVALID_BINDING","The binding handle is
invalid."),
+ 0xC0020004: ("RPC_NT_PROTSEQ_NOT_SUPPORTED","The RPC protocol sequence
is not supported."),
+ 0xC0020005: ("RPC_NT_INVALID_RPC_PROTSEQ","The RPC protocol sequence
is invalid."),
+ 0xC0020006: ("RPC_NT_INVALID_STRING_UUID","The string UUID is
invalid."),
+ 0xC0020007: ("RPC_NT_INVALID_ENDPOINT_FORMAT","The endpoint format is
invalid."),
+ 0xC0020008: ("RPC_NT_INVALID_NET_ADDR","The network address is
invalid."),
+ 0xC0020009: ("RPC_NT_NO_ENDPOINT_FOUND","No endpoint was found."),
+ 0xC002000A: ("RPC_NT_INVALID_TIMEOUT","The time-out value is
invalid."),
+ 0xC002000B: ("RPC_NT_OBJECT_NOT_FOUND","The object UUID was not
found."),
+ 0xC002000C: ("RPC_NT_ALREADY_REGISTERED","The object UUID has already
been registered."),
+ 0xC002000D: ("RPC_NT_TYPE_ALREADY_REGISTERED","The type UUID has
already been registered."),
+ 0xC002000E: ("RPC_NT_ALREADY_LISTENING","The RPC server is already
listening."),
+ 0xC002000F: ("RPC_NT_NO_PROTSEQS_REGISTERED","No protocol sequences
have been registered."),
+ 0xC0020010: ("RPC_NT_NOT_LISTENING","The RPC server is not
listening."),
+ 0xC0020011: ("RPC_NT_UNKNOWN_MGR_TYPE","The manager type is unknown."),
+ 0xC0020012: ("RPC_NT_UNKNOWN_IF","The interface is unknown."),
+ 0xC0020013: ("RPC_NT_NO_BINDINGS","There are no bindings."),
+ 0xC0020014: ("RPC_NT_NO_PROTSEQS","There are no protocol sequences."),
+ 0xC0020015: ("RPC_NT_CANT_CREATE_ENDPOINT","The endpoint cannot be
created."),
+ 0xC0020016: ("RPC_NT_OUT_OF_RESOURCES","Insufficient resources are
available to complete this operation."),
+ 0xC0020017: ("RPC_NT_SERVER_UNAVAILABLE","The RPC server is
unavailable."),
+ 0xC0020018: ("RPC_NT_SERVER_TOO_BUSY","The RPC server is too busy to
complete this operation."),
+ 0xC0020019: ("RPC_NT_INVALID_NETWORK_OPTIONS","The network options are
invalid."),
+ 0xC002001A: ("RPC_NT_NO_CALL_ACTIVE","No RPCs are active on this
thread."),
+ 0xC002001B: ("RPC_NT_CALL_FAILED","The RPC failed."),
+ 0xC002001C: ("RPC_NT_CALL_FAILED_DNE","The RPC failed and did not
execute."),
+ 0xC002001D: ("RPC_NT_PROTOCOL_ERROR","An RPC protocol error
occurred."),
+ 0xC002001F: ("RPC_NT_UNSUPPORTED_TRANS_SYN","The RPC server does not
support the transfer syntax."),
+ 0xC0020021: ("RPC_NT_UNSUPPORTED_TYPE","The type UUID is not
supported."),
+ 0xC0020022: ("RPC_NT_INVALID_TAG","The tag is invalid."),
+ 0xC0020023: ("RPC_NT_INVALID_BOUND","The array bounds are invalid."),
+ 0xC0020024: ("RPC_NT_NO_ENTRY_NAME","The binding does not contain an
entry name."),
+ 0xC0020025: ("RPC_NT_INVALID_NAME_SYNTAX","The name syntax is
invalid."),
+ 0xC0020026: ("RPC_NT_UNSUPPORTED_NAME_SYNTAX","The name syntax is not
supported."),
+ 0xC0020028: ("RPC_NT_UUID_NO_ADDRESS","No network address is available
to construct a UUID."),
+ 0xC0020029: ("RPC_NT_DUPLICATE_ENDPOINT","The endpoint is a
duplicate."),
+ 0xC002002A: ("RPC_NT_UNKNOWN_AUTHN_TYPE","The authentication type is
unknown."),
+ 0xC002002B: ("RPC_NT_MAX_CALLS_TOO_SMALL","The maximum number of calls
is too small."),
+ 0xC002002C: ("RPC_NT_STRING_TOO_LONG","The string is too long."),
+ 0xC002002D: ("RPC_NT_PROTSEQ_NOT_FOUND","The RPC protocol sequence was
not found."),
+ 0xC002002E: ("RPC_NT_PROCNUM_OUT_OF_RANGE","The procedure number is
out of range."),
+ 0xC002002F: ("RPC_NT_BINDING_HAS_NO_AUTH","The binding does not
contain any authentication information."),
+ 0xC0020030: ("RPC_NT_UNKNOWN_AUTHN_SERVICE","The authentication
service is unknown."),
+ 0xC0020031: ("RPC_NT_UNKNOWN_AUTHN_LEVEL","The authentication level is
unknown."),
+ 0xC0020032: ("RPC_NT_INVALID_AUTH_IDENTITY","The security context is
invalid."),
+ 0xC0020033: ("RPC_NT_UNKNOWN_AUTHZ_SERVICE","The authorization service
is unknown."),
+ 0xC0020034: ("EPT_NT_INVALID_ENTRY","The entry is invalid."),
+ 0xC0020035: ("EPT_NT_CANT_PERFORM_OP","The operation cannot be
performed."),
+ 0xC0020036: ("EPT_NT_NOT_REGISTERED","No more endpoints are available
from the endpoint mapper."),
+ 0xC0020037: ("RPC_NT_NOTHING_TO_EXPORT","No interfaces have been
exported."),
+ 0xC0020038: ("RPC_NT_INCOMPLETE_NAME","The entry name is incomplete."),
+ 0xC0020039: ("RPC_NT_INVALID_VERS_OPTION","The version option is
invalid."),
+ 0xC002003A: ("RPC_NT_NO_MORE_MEMBERS","There are no more members."),
+ 0xC002003B: ("RPC_NT_NOT_ALL_OBJS_UNEXPORTED","There is nothing to
unexport."),
+ 0xC002003C: ("RPC_NT_INTERFACE_NOT_FOUND","The interface was not
found."),
+ 0xC002003D: ("RPC_NT_ENTRY_ALREADY_EXISTS","The entry already
exists."),
+ 0xC002003E: ("RPC_NT_ENTRY_NOT_FOUND","The entry was not found."),
+ 0xC002003F: ("RPC_NT_NAME_SERVICE_UNAVAILABLE","The name service is
unavailable."),
+ 0xC0020040: ("RPC_NT_INVALID_NAF_ID","The network address family is
invalid."),
+ 0xC0020041: ("RPC_NT_CANNOT_SUPPORT","The requested operation is not
supported."),
+ 0xC0020042: ("RPC_NT_NO_CONTEXT_AVAILABLE","No security context is
available to allow impersonation."),
+ 0xC0020043: ("RPC_NT_INTERNAL_ERROR","An internal error occurred in
the RPC."),
+ 0xC0020044: ("RPC_NT_ZERO_DIVIDE","The RPC server attempted to divide
an integer by zero."),
+ 0xC0020045: ("RPC_NT_ADDRESS_ERROR","An addressing error occurred in
the RPC server."),
+ 0xC0020046: ("RPC_NT_FP_DIV_ZERO","A floating point operation at the
RPC server caused a divide by zero."),
+ 0xC0020047: ("RPC_NT_FP_UNDERFLOW","A floating point underflow
occurred at the RPC server."),
+ 0xC0020048: ("RPC_NT_FP_OVERFLOW","A floating point overflow occurred
at the RPC server."),
+ 0xC0020049: ("RPC_NT_CALL_IN_PROGRESS","An RPC is already in progress
for this thread."),
+ 0xC002004A: ("RPC_NT_NO_MORE_BINDINGS","There are no more bindings."),
+ 0xC002004B: ("RPC_NT_GROUP_MEMBER_NOT_FOUND","The group member was not
found."),
+ 0xC002004C: ("EPT_NT_CANT_CREATE","The endpoint mapper database entry
could not be created."),
+ 0xC002004D: ("RPC_NT_INVALID_OBJECT","The object UUID is the nil
UUID."),
+ 0xC002004F: ("RPC_NT_NO_INTERFACES","No interfaces have been
registered."),
+ 0xC0020050: ("RPC_NT_CALL_CANCELLED","The RPC was canceled."),
+ 0xC0020051: ("RPC_NT_BINDING_INCOMPLETE","The binding handle does not
contain all the required information."),
+ 0xC0020052: ("RPC_NT_COMM_FAILURE","A communications failure occurred
during an RPC."),
+ 0xC0020053: ("RPC_NT_UNSUPPORTED_AUTHN_LEVEL","The requested
authentication level is not supported."),
+ 0xC0020054: ("RPC_NT_NO_PRINC_NAME","No principal name was
registered."),
+ 0xC0020055: ("RPC_NT_NOT_RPC_ERROR","The error specified is not a
valid Windows RPC error code."),
+ 0xC0020057: ("RPC_NT_SEC_PKG_ERROR","A security package-specific error
occurred."),
+ 0xC0020058: ("RPC_NT_NOT_CANCELLED","The thread was not canceled."),
+ 0xC0020062: ("RPC_NT_INVALID_ASYNC_HANDLE","Invalid asynchronous RPC
handle."),
+ 0xC0020063: ("RPC_NT_INVALID_ASYNC_CALL","Invalid asynchronous RPC
call handle for this operation."),
+ 0xC0020064: ("RPC_NT_PROXY_ACCESS_DENIED","Access to the HTTP proxy is
denied."),
+ 0xC0030001: ("RPC_NT_NO_MORE_ENTRIES","The list of RPC servers
available for auto-handle binding has been exhausted."),
+ 0xC0030002: ("RPC_NT_SS_CHAR_TRANS_OPEN_FAIL","The file designated by
DCERPCCHARTRANS cannot be opened."),
+ 0xC0030003: ("RPC_NT_SS_CHAR_TRANS_SHORT_FILE","The file containing
the character translation table has fewer than 512 bytes."),
+ 0xC0030004: ("RPC_NT_SS_IN_NULL_CONTEXT","A null context handle is
passed as an [in] parameter."),
+ 0xC0030005: ("RPC_NT_SS_CONTEXT_MISMATCH","The context handle does not
match any known context handles."),
+ 0xC0030006: ("RPC_NT_SS_CONTEXT_DAMAGED","The context handle changed
during a call."),
+ 0xC0030007: ("RPC_NT_SS_HANDLES_MISMATCH","The binding handles passed
to an RPC do not match."),
+ 0xC0030008: ("RPC_NT_SS_CANNOT_GET_CALL_HANDLE","The stub is unable to
get the call handle."),
+ 0xC0030009: ("RPC_NT_NULL_REF_POINTER","A null reference pointer was
passed to the stub."),
+ 0xC003000A: ("RPC_NT_ENUM_VALUE_OUT_OF_RANGE","The enumeration value
is out of range."),
+ 0xC003000B: ("RPC_NT_BYTE_COUNT_TOO_SMALL","The byte count is too
small."),
+ 0xC003000C: ("RPC_NT_BAD_STUB_DATA","The stub received bad data."),
+ 0xC0030059: ("RPC_NT_INVALID_ES_ACTION","Invalid operation on the
encoding/decoding handle."),
+ 0xC003005A: ("RPC_NT_WRONG_ES_VERSION","Incompatible version of the
serializing package."),
+ 0xC003005B: ("RPC_NT_WRONG_STUB_VERSION","Incompatible version of the
RPC stub."),
+ 0xC003005C: ("RPC_NT_INVALID_PIPE_OBJECT","The RPC pipe object is
invalid or corrupt."),
+ 0xC003005D: ("RPC_NT_INVALID_PIPE_OPERATION","An invalid operation was
attempted on an RPC pipe object."),
+ 0xC003005E: ("RPC_NT_WRONG_PIPE_VERSION","Unsupported RPC pipe
version."),
+ 0xC003005F: ("RPC_NT_PIPE_CLOSED","The RPC pipe object has already
been closed."),
+ 0xC0030060: ("RPC_NT_PIPE_DISCIPLINE_ERROR","The RPC call completed
before all pipes were processed."),
+ 0xC0030061: ("RPC_NT_PIPE_EMPTY","No more data is available from the
RPC pipe."),
+ 0xC0040035: ("STATUS_PNP_BAD_MPS_TABLE","A device is missing in the
system BIOS MPS table. This device will not be used. Contact your system vendor
for a system BIOS update."),
+ 0xC0040036: ("STATUS_PNP_TRANSLATION_FAILED","A translator failed to
translate resources."),
+ 0xC0040037: ("STATUS_PNP_IRQ_TRANSLATION_FAILED","An IRQ translator
failed to translate resources."),
+ 0xC0040038: ("STATUS_PNP_INVALID_ID","Driver %2 returned an invalid ID
for a child device (%3)."),
+ 0xC0040039: ("STATUS_IO_REISSUE_AS_CACHED","Reissue the given
operation as a cached I/O operation"),
+ 0xC00A0001: ("STATUS_CTX_WINSTATION_NAME_INVALID","Session name %1 is
invalid."),
+ 0xC00A0002: ("STATUS_CTX_INVALID_PD","The protocol driver %1 is
invalid."),
+ 0xC00A0003: ("STATUS_CTX_PD_NOT_FOUND","The protocol driver %1 was not
found in the system path."),
+ 0xC00A0006: ("STATUS_CTX_CLOSE_PENDING","A close operation is pending
on the terminal connection."),
+ 0xC00A0007: ("STATUS_CTX_NO_OUTBUF","No free output buffers are
available."),
+ 0xC00A0008: ("STATUS_CTX_MODEM_INF_NOT_FOUND","The MODEM.INF file was
not found."),
+ 0xC00A0009: ("STATUS_CTX_INVALID_MODEMNAME","The modem (%1) was not
found in the MODEM.INF file."),
+ 0xC00A000A: ("STATUS_CTX_RESPONSE_ERROR","The modem did not accept the
command sent to it. Verify that the configured modem name matches the attached
modem."),
+ 0xC00A000B: ("STATUS_CTX_MODEM_RESPONSE_TIMEOUT","The modem did not
respond to the command sent to it. Verify that the modem cable is properly
attached and the modem is turned on."),
+ 0xC00A000C: ("STATUS_CTX_MODEM_RESPONSE_NO_CARRIER","Carrier detection
has failed or the carrier has been dropped due to disconnection."),
+ 0xC00A000D: ("STATUS_CTX_MODEM_RESPONSE_NO_DIALTONE","A dial tone was
not detected within the required time. Verify that the phone cable is properly
attached and functional."),
+ 0xC00A000E: ("STATUS_CTX_MODEM_RESPONSE_BUSY","A busy signal was
detected at a remote site on callback."),
+ 0xC00A000F: ("STATUS_CTX_MODEM_RESPONSE_VOICE","A voice was detected
at a remote site on callback."),
+ 0xC00A0010: ("STATUS_CTX_TD_ERROR","Transport driver error."),
+ 0xC00A0012: ("STATUS_CTX_LICENSE_CLIENT_INVALID","The client you are
using is not licensed to use this system. Your logon request is denied."),
+ 0xC00A0013: ("STATUS_CTX_LICENSE_NOT_AVAILABLE","The system has
reached its licensed logon limit. Try again later."),
+ 0xC00A0014: ("STATUS_CTX_LICENSE_EXPIRED","The system license has
expired. Your logon request is denied."),
+ 0xC00A0015: ("STATUS_CTX_WINSTATION_NOT_FOUND","The specified session
cannot be found."),
+ 0xC00A0016: ("STATUS_CTX_WINSTATION_NAME_COLLISION","The specified
session name is already in use."),
+ 0xC00A0017: ("STATUS_CTX_WINSTATION_BUSY","The requested operation
cannot be completed because the terminal connection is currently processing a
connect, disconnect, reset, or delete operation."),
+ 0xC00A0018: ("STATUS_CTX_BAD_VIDEO_MODE","An attempt has been made to
connect to a session whose video mode is not supported by the current client."),
+ 0xC00A0022: ("STATUS_CTX_GRAPHICS_INVALID","The application attempted
to enable DOS graphics mode. DOS graphics mode is not supported."),
+ 0xC00A0024: ("STATUS_CTX_NOT_CONSOLE","The requested operation can be
performed only on the system console. This is most often the result of a driver
or system DLL requiring direct console access."),
+ 0xC00A0026: ("STATUS_CTX_CLIENT_QUERY_TIMEOUT","The client failed to
respond to the server connect message."),
+ 0xC00A0027: ("STATUS_CTX_CONSOLE_DISCONNECT","Disconnecting the
console session is not supported."),
+ 0xC00A0028: ("STATUS_CTX_CONSOLE_CONNECT","Reconnecting a disconnected
session to the console is not supported."),
+ 0xC00A002A: ("STATUS_CTX_SHADOW_DENIED","The request to control
another session remotely was denied."),
+ 0xC00A002B: ("STATUS_CTX_WINSTATION_ACCESS_DENIED","A process has
requested access to a session, but has not been granted those access rights."),
+ 0xC00A002E: ("STATUS_CTX_INVALID_WD","The terminal connection driver
%1 is invalid."),
+ 0xC00A002F: ("STATUS_CTX_WD_NOT_FOUND","The terminal connection driver
%1 was not found in the system path."),
+ 0xC00A0030: ("STATUS_CTX_SHADOW_INVALID","The requested session cannot
be controlled remotely. You cannot control your own session, a session that is
trying to control your session, a session that has no user logged on, or other
sessions from the console."),
+ 0xC00A0031: ("STATUS_CTX_SHADOW_DISABLED","The requested session is
not configured to allow remote control."),
+ 0xC00A0032: ("STATUS_RDP_PROTOCOL_ERROR","The RDP protocol component
%2 detected an error in the protocol stream and has disconnected the client."),
+ 0xC00A0033: ("STATUS_CTX_CLIENT_LICENSE_NOT_SET","Your request to
connect to this terminal server has been rejected. Your terminal server client
license number has not been entered for this copy of the terminal client.
Contact your system administrator for help in entering a valid, unique license
number for this terminal server client. Click OK to continue."),
+ 0xC00A0034: ("STATUS_CTX_CLIENT_LICENSE_IN_USE","Your request to
connect to this terminal server has been rejected. Your terminal server client
license number is currently being used by another user. Contact your system
administrator to obtain a new copy of the terminal server client with a valid,
unique license number. Click OK to continue."),
+ 0xC00A0035: ("STATUS_CTX_SHADOW_ENDED_BY_MODE_CHANGE","The remote
control of the console was terminated because the display mode was changed.
Changing the display mode in a remote control session is not supported."),
+ 0xC00A0036: ("STATUS_CTX_SHADOW_NOT_RUNNING","Remote control could not
be terminated because the specified session is not currently being remotely
controlled."),
+ 0xC00A0037: ("STATUS_CTX_LOGON_DISABLED","Your interactive logon
privilege has been disabled. Contact your system administrator."),
+ 0xC00A0038: ("STATUS_CTX_SECURITY_LAYER_ERROR","The terminal server
security layer detected an error in the protocol stream and has disconnected
the client."),
+ 0xC00A0039: ("STATUS_TS_INCOMPATIBLE_SESSIONS","The target session is
incompatible with the current session."),
+ 0xC00B0001: ("STATUS_MUI_FILE_NOT_FOUND","The resource loader failed
to find an MUI file."),
+ 0xC00B0002: ("STATUS_MUI_INVALID_FILE","The resource loader failed to
load an MUI file because the file failed to pass validation."),
+ 0xC00B0003: ("STATUS_MUI_INVALID_RC_CONFIG","The RC manifest is
corrupted with garbage data, is an unsupported version, or is missing a
required item."),
+ 0xC00B0004: ("STATUS_MUI_INVALID_LOCALE_NAME","The RC manifest has an
invalid culture name."),
+ 0xC00B0005: ("STATUS_MUI_INVALID_ULTIMATEFALLBACK_NAME","The RC
manifest has and invalid ultimate fallback name."),
+ 0xC00B0006: ("STATUS_MUI_FILE_NOT_LOADED","The resource loader cache
does not have a loaded MUI entry."),
+ 0xC00B0007: ("STATUS_RESOURCE_ENUM_USER_STOP","The user stopped
resource enumeration."),
+ 0xC0130001: ("STATUS_CLUSTER_INVALID_NODE","The cluster node is not
valid."),
+ 0xC0130002: ("STATUS_CLUSTER_NODE_EXISTS","The cluster node already
exists."),
+ 0xC0130003: ("STATUS_CLUSTER_JOIN_IN_PROGRESS","A node is in the
process of joining the cluster."),
+ 0xC0130004: ("STATUS_CLUSTER_NODE_NOT_FOUND","The cluster node was not
found."),
+ 0xC0130005: ("STATUS_CLUSTER_LOCAL_NODE_NOT_FOUND","The cluster local
node information was not found."),
+ 0xC0130006: ("STATUS_CLUSTER_NETWORK_EXISTS","The cluster network
already exists."),
+ 0xC0130007: ("STATUS_CLUSTER_NETWORK_NOT_FOUND","The cluster network
was not found."),
+ 0xC0130008: ("STATUS_CLUSTER_NETINTERFACE_EXISTS","The cluster network
interface already exists."),
+ 0xC0130009: ("STATUS_CLUSTER_NETINTERFACE_NOT_FOUND","The cluster
network interface was not found."),
+ 0xC013000A: ("STATUS_CLUSTER_INVALID_REQUEST","The cluster request is
not valid for this object."),
+ 0xC013000B: ("STATUS_CLUSTER_INVALID_NETWORK_PROVIDER","The cluster
network provider is not valid."),
+ 0xC013000C: ("STATUS_CLUSTER_NODE_DOWN","The cluster node is down."),
+ 0xC013000D: ("STATUS_CLUSTER_NODE_UNREACHABLE","The cluster node is
not reachable."),
+ 0xC013000E: ("STATUS_CLUSTER_NODE_NOT_MEMBER","The cluster node is not
a member of the cluster."),
+ 0xC013000F: ("STATUS_CLUSTER_JOIN_NOT_IN_PROGRESS","A cluster join
operation is not in progress."),
+ 0xC0130010: ("STATUS_CLUSTER_INVALID_NETWORK","The cluster network is
not valid."),
+ 0xC0130011: ("STATUS_CLUSTER_NO_NET_ADAPTERS","No network adapters are
available."),
+ 0xC0130012: ("STATUS_CLUSTER_NODE_UP","The cluster node is up."),
+ 0xC0130013: ("STATUS_CLUSTER_NODE_PAUSED","The cluster node is
paused."),
+ 0xC0130014: ("STATUS_CLUSTER_NODE_NOT_PAUSED","The cluster node is not
paused."),
+ 0xC0130015: ("STATUS_CLUSTER_NO_SECURITY_CONTEXT","No cluster security
context is available."),
+ 0xC0130016: ("STATUS_CLUSTER_NETWORK_NOT_INTERNAL","The cluster
network is not configured for internal cluster communication."),
+ 0xC0130017: ("STATUS_CLUSTER_POISONED","The cluster node has been
poisoned."),
+ 0xC0140001: ("STATUS_ACPI_INVALID_OPCODE","An attempt was made to run
an invalid AML opcode."),
+ 0xC0140002: ("STATUS_ACPI_STACK_OVERFLOW","The AML interpreter stack
has overflowed."),
+ 0xC0140003: ("STATUS_ACPI_ASSERT_FAILED","An inconsistent state has
occurred."),
+ 0xC0140004: ("STATUS_ACPI_INVALID_INDEX","An attempt was made to
access an array outside its bounds."),
+ 0xC0140005: ("STATUS_ACPI_INVALID_ARGUMENT","A required argument was
not specified."),
+ 0xC0140006: ("STATUS_ACPI_FATAL","A fatal error has occurred."),
+ 0xC0140007: ("STATUS_ACPI_INVALID_SUPERNAME","An invalid SuperName was
specified."),
+ 0xC0140008: ("STATUS_ACPI_INVALID_ARGTYPE","An argument with an
incorrect type was specified."),
+ 0xC0140009: ("STATUS_ACPI_INVALID_OBJTYPE","An object with an
incorrect type was specified."),
+ 0xC014000A: ("STATUS_ACPI_INVALID_TARGETTYPE","A target with an
incorrect type was specified."),
+ 0xC014000B: ("STATUS_ACPI_INCORRECT_ARGUMENT_COUNT","An incorrect
number of arguments was specified."),
+ 0xC014000C: ("STATUS_ACPI_ADDRESS_NOT_MAPPED","An address failed to
translate."),
+ 0xC014000D: ("STATUS_ACPI_INVALID_EVENTTYPE","An incorrect event type
was specified."),
+ 0xC014000E: ("STATUS_ACPI_HANDLER_COLLISION","A handler for the target
already exists."),
+ 0xC014000F: ("STATUS_ACPI_INVALID_DATA","Invalid data for the target
was specified."),
+ 0xC0140010: ("STATUS_ACPI_INVALID_REGION","An invalid region for the
target was specified."),
+ 0xC0140011: ("STATUS_ACPI_INVALID_ACCESS_SIZE","An attempt was made to
access a field outside the defined range."),
+ 0xC0140012: ("STATUS_ACPI_ACQUIRE_GLOBAL_LOCK","The global system lock
could not be acquired."),
+ 0xC0140013: ("STATUS_ACPI_ALREADY_INITIALIZED","An attempt was made to
reinitialize the ACPI subsystem."),
+ 0xC0140014: ("STATUS_ACPI_NOT_INITIALIZED","The ACPI subsystem has not
been initialized."),
+ 0xC0140015: ("STATUS_ACPI_INVALID_MUTEX_LEVEL","An incorrect mutex was
specified."),
+ 0xC0140016: ("STATUS_ACPI_MUTEX_NOT_OWNED","The mutex is not currently
owned."),
+ 0xC0140017: ("STATUS_ACPI_MUTEX_NOT_OWNER","An attempt was made to
access the mutex by a process that was not the owner."),
+ 0xC0140018: ("STATUS_ACPI_RS_ACCESS","An error occurred during an
access to region space."),
+ 0xC0140019: ("STATUS_ACPI_INVALID_TABLE","An attempt was made to use
an incorrect table."),
+ 0xC0140020: ("STATUS_ACPI_REG_HANDLER_FAILED","The registration of an
ACPI event failed."),
+ 0xC0140021: ("STATUS_ACPI_POWER_REQUEST_FAILED","An ACPI power object
failed to transition state."),
+ 0xC0150001: ("STATUS_SXS_SECTION_NOT_FOUND","The requested section is
not present in the activation context."),
+ 0xC0150002: ("STATUS_SXS_CANT_GEN_ACTCTX","Windows was unble to
process the application binding information. Refer to the system event log for
further information."),
+ 0xC0150003: ("STATUS_SXS_INVALID_ACTCTXDATA_FORMAT","The application
binding data format is invalid."),
+ 0xC0150004: ("STATUS_SXS_ASSEMBLY_NOT_FOUND","The referenced assembly
is not installed on the system."),
+ 0xC0150005: ("STATUS_SXS_MANIFEST_FORMAT_ERROR","The manifest file
does not begin with the required tag and format information."),
+ 0xC0150006: ("STATUS_SXS_MANIFEST_PARSE_ERROR","The manifest file
contains one or more syntax errors."),
+ 0xC0150007: ("STATUS_SXS_ACTIVATION_CONTEXT_DISABLED","The application
attempted to activate a disabled activation context."),
+ 0xC0150008: ("STATUS_SXS_KEY_NOT_FOUND","The requested lookup key was
not found in any active activation context."),
+ 0xC0150009: ("STATUS_SXS_VERSION_CONFLICT","A component version
required by the application conflicts with another component version that is
already active."),
+ 0xC015000A: ("STATUS_SXS_WRONG_SECTION_TYPE","The type requested
activation context section does not match the query API used."),
+ 0xC015000B: ("STATUS_SXS_THREAD_QUERIES_DISABLED","Lack of system
resources has required isolated activation to be disabled for the current
thread of execution."),
+ 0xC015000C: ("STATUS_SXS_ASSEMBLY_MISSING","The referenced assembly
could not be found."),
+ 0xC015000E: ("STATUS_SXS_PROCESS_DEFAULT_ALREADY_SET","An attempt to
set the process default activation context failed because the process default
activation context was already set."),
+ 0xC015000F: ("STATUS_SXS_EARLY_DEACTIVATION","The activation context
being deactivated is not the most recently activated one."),
+ 0xC0150010: ("STATUS_SXS_INVALID_DEACTIVATION","The activation context
being deactivated is not active for the current thread of execution."),
+ 0xC0150011: ("STATUS_SXS_MULTIPLE_DEACTIVATION","The activation
context being deactivated has already been deactivated."),
+ 0xC0150012: ("STATUS_SXS_SYSTEM_DEFAULT_ACTIVATION_CONTEXT_EMPTY","The
activation context of the system default assembly could not be generated."),
+ 0xC0150013: ("STATUS_SXS_PROCESS_TERMINATION_REQUESTED","A component
used by the isolation facility has requested that the process be terminated."),
+ 0xC0150014: ("STATUS_SXS_CORRUPT_ACTIVATION_STACK","The activation
context activation stack for the running thread of execution is corrupt."),
+ 0xC0150015: ("STATUS_SXS_CORRUPTION","The application isolation
metadata for this process or thread has become corrupt."),
+ 0xC0150016: ("STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_VALUE","The value
of an attribute in an identity is not within the legal range."),
+ 0xC0150017: ("STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_NAME","The name of
an attribute in an identity is not within the legal range."),
+ 0xC0150018: ("STATUS_SXS_IDENTITY_DUPLICATE_ATTRIBUTE","An identity
contains two definitions for the same attribute."),
+ 0xC0150019: ("STATUS_SXS_IDENTITY_PARSE_ERROR","The identity string is
malformed. This may be due to a trailing comma, more than two unnamed
attributes, a missing attribute name, or a missing attribute value."),
+ 0xC015001A: ("STATUS_SXS_COMPONENT_STORE_CORRUPT","The component store
has become corrupted."),
+ 0xC015001B: ("STATUS_SXS_FILE_HASH_MISMATCH","A component's file does
not match the verification information present in the component manifest."),
+ 0xC015001C:
("STATUS_SXS_MANIFEST_IDENTITY_SAME_BUT_CONTENTS_DIFFERENT","The identities of
the manifests are identical, but their contents are different."),
+ 0xC015001D: ("STATUS_SXS_IDENTITIES_DIFFERENT","The component
identities are different."),
+ 0xC015001E: ("STATUS_SXS_ASSEMBLY_IS_NOT_A_DEPLOYMENT","The assembly
is not a deployment."),
+ 0xC015001F: ("STATUS_SXS_FILE_NOT_PART_OF_ASSEMBLY","The file is not a
part of the assembly."),
+ 0xC0150020: ("STATUS_ADVANCED_INSTALLER_FAILED","An advanced installer
failed during setup or servicing."),
+ 0xC0150021: ("STATUS_XML_ENCODING_MISMATCH","The character encoding in
the XML declaration did not match the encoding used in the document."),
+ 0xC0150022: ("STATUS_SXS_MANIFEST_TOO_BIG","The size of the manifest
exceeds the maximum allowed."),
+ 0xC0150023: ("STATUS_SXS_SETTING_NOT_REGISTERED","The setting is not
registered."),
+ 0xC0150024: ("STATUS_SXS_TRANSACTION_CLOSURE_INCOMPLETE","One or more
required transaction members are not present."),
+ 0xC0150025: ("STATUS_SMI_PRIMITIVE_INSTALLER_FAILED","The SMI
primitive installer failed during setup or servicing."),
+ 0xC0150026: ("STATUS_GENERIC_COMMAND_FAILED","A generic command
executable returned a result that indicates failure."),
+ 0xC0150027: ("STATUS_SXS_FILE_HASH_MISSING","A component is missing
file verification information in its manifest."),
+ 0xC0190001: ("STATUS_TRANSACTIONAL_CONFLICT","The function attempted
to use a name that is reserved for use by another transaction."),
+ 0xC0190002: ("STATUS_INVALID_TRANSACTION","The transaction handle
associated with this operation is invalid."),
+ 0xC0190003: ("STATUS_TRANSACTION_NOT_ACTIVE","The requested operation
was made in the context of a transaction that is no longer active."),
+ 0xC0190004: ("STATUS_TM_INITIALIZATION_FAILED","The transaction
manager was unable to be successfully initialized. Transacted operations are
not supported."),
+ 0xC0190005: ("STATUS_RM_NOT_ACTIVE","Transaction support within the
specified file system resource manager was not started or was shut down due to
an error."),
+ 0xC0190006: ("STATUS_RM_METADATA_CORRUPT","The metadata of the
resource manager has been corrupted. The resource manager will not function."),
+ 0xC0190007: ("STATUS_TRANSACTION_NOT_JOINED","The resource manager
attempted to prepare a transaction that it has not successfully joined."),
+ 0xC0190008: ("STATUS_DIRECTORY_NOT_RM","The specified directory does
not contain a file system resource manager."),
+ 0xC019000A: ("STATUS_TRANSACTIONS_UNSUPPORTED_REMOTE","The remote
server or share does not support transacted file operations."),
+ 0xC019000B: ("STATUS_LOG_RESIZE_INVALID_SIZE","The requested log size
for the file system resource manager is invalid."),
+ 0xC019000C: ("STATUS_REMOTE_FILE_VERSION_MISMATCH","The remote server
sent mismatching version number or Fid for a file opened with transactions."),
+ 0xC019000F: ("STATUS_CRM_PROTOCOL_ALREADY_EXISTS","The resource
manager tried to register a protocol that already exists."),
+ 0xC0190010: ("STATUS_TRANSACTION_PROPAGATION_FAILED","The attempt to
propagate the transaction failed."),
+ 0xC0190011: ("STATUS_CRM_PROTOCOL_NOT_FOUND","The requested
propagation protocol was not registered as a CRM."),
+ 0xC0190012: ("STATUS_TRANSACTION_SUPERIOR_EXISTS","The transaction
object already has a superior enlistment, and the caller attempted an operation
that would have created a new superior. Only a single superior enlistment is
allowed."),
+ 0xC0190013: ("STATUS_TRANSACTION_REQUEST_NOT_VALID","The requested
operation is not valid on the transaction object in its current state."),
+ 0xC0190014: ("STATUS_TRANSACTION_NOT_REQUESTED","The caller has called
a response API, but the response is not expected because the transaction
manager did not issue the corresponding request to the caller."),
+ 0xC0190015: ("STATUS_TRANSACTION_ALREADY_ABORTED","It is too late to
perform the requested operation, because the transaction has already been
aborted."),
+ 0xC0190016: ("STATUS_TRANSACTION_ALREADY_COMMITTED","It is too late to
perform the requested operation, because the transaction has already been
committed."),
+ 0xC0190017: ("STATUS_TRANSACTION_INVALID_MARSHALL_BUFFER","The buffer
passed in to NtPushTransaction or NtPullTransaction is not in a valid format."),
+ 0xC0190018: ("STATUS_CURRENT_TRANSACTION_NOT_VALID","The current
transaction context associated with the thread is not a valid handle to a
transaction object."),
+ 0xC0190019: ("STATUS_LOG_GROWTH_FAILED","An attempt to create space in
the transactional resource manager's log failed. The failure status has been
recorded in the event log."),
+ 0xC0190021: ("STATUS_OBJECT_NO_LONGER_EXISTS","The object (file,
stream, or link) that corresponds to the handle has been deleted by a
transaction savepoint rollback."),
+ 0xC0190022: ("STATUS_STREAM_MINIVERSION_NOT_FOUND","The specified file
miniversion was not found for this transacted file open."),
+ 0xC0190023: ("STATUS_STREAM_MINIVERSION_NOT_VALID","The specified file
miniversion was found but has been invalidated. The most likely cause is a
transaction savepoint rollback."),
+ 0xC0190024:
("STATUS_MINIVERSION_INACCESSIBLE_FROM_SPECIFIED_TRANSACTION","A miniversion
may be opened only in the context of the transaction that created it."),
+ 0xC0190025: ("STATUS_CANT_OPEN_MINIVERSION_WITH_MODIFY_INTENT","It is
not possible to open a miniversion with modify access."),
+ 0xC0190026: ("STATUS_CANT_CREATE_MORE_STREAM_MINIVERSIONS","It is not
possible to create any more miniversions for this stream."),
+ 0xC0190028: ("STATUS_HANDLE_NO_LONGER_VALID","The handle has been
invalidated by a transaction. The most likely cause is the presence of memory
mapping on a file or an open handle when the transaction ended or rolled back
to savepoint."),
+ 0xC0190030: ("STATUS_LOG_CORRUPTION_DETECTED","The log data is
corrupt."),
+ 0xC0190032: ("STATUS_RM_DISCONNECTED","The transaction outcome is
unavailable because the resource manager responsible for it is disconnected."),
+ 0xC0190033: ("STATUS_ENLISTMENT_NOT_SUPERIOR","The request was
rejected because the enlistment in question is not a superior enlistment."),
+ 0xC0190036: ("STATUS_FILE_IDENTITY_NOT_PERSISTENT","The file cannot be
opened in a transaction because its identity depends on the outcome of an
unresolved transaction."),
+ 0xC0190037: ("STATUS_CANT_BREAK_TRANSACTIONAL_DEPENDENCY","The
operation cannot be performed because another transaction is depending on this
property not changing."),
+ 0xC0190038: ("STATUS_CANT_CROSS_RM_BOUNDARY","The operation would
involve a single file with two transactional resource managers and is,
therefore, not allowed."),
+ 0xC0190039: ("STATUS_TXF_DIR_NOT_EMPTY","The $Txf directory must be
empty for this operation to succeed."),
+ 0xC019003A: ("STATUS_INDOUBT_TRANSACTIONS_EXIST","The operation would
leave a transactional resource manager in an inconsistent state and is
therefore not allowed."),
+ 0xC019003B: ("STATUS_TM_VOLATILE","The operation could not be
completed because the transaction manager does not have a log."),
+ 0xC019003C: ("STATUS_ROLLBACK_TIMER_EXPIRED","A rollback could not be
scheduled because a previously scheduled rollback has already executed or been
queued for execution."),
+ 0xC019003D: ("STATUS_TXF_ATTRIBUTE_CORRUPT","The transactional
metadata attribute on the file or directory %hs is corrupt and unreadable."),
+ 0xC019003E: ("STATUS_EFS_NOT_ALLOWED_IN_TRANSACTION","The encryption
operation could not be completed because a transaction is active."),
+ 0xC019003F: ("STATUS_TRANSACTIONAL_OPEN_NOT_ALLOWED","This object is
not allowed to be opened in a transaction."),
+ 0xC0190040: ("STATUS_TRANSACTED_MAPPING_UNSUPPORTED_REMOTE","Memory
mapping (creating a mapped section) a remote file under a transaction is not
supported."),
+ 0xC0190043: ("STATUS_TRANSACTION_REQUIRED_PROMOTION","Promotion was
required to allow the resource manager to enlist, but the transaction was set
to disallow it."),
+ 0xC0190044: ("STATUS_CANNOT_EXECUTE_FILE_IN_TRANSACTION","This file is
open for modification in an unresolved transaction and may be opened for
execute only by a transacted reader."),
+ 0xC0190045: ("STATUS_TRANSACTIONS_NOT_FROZEN","The request to thaw
frozen transactions was ignored because transactions were not previously
frozen."),
+ 0xC0190046: ("STATUS_TRANSACTION_FREEZE_IN_PROGRESS","Transactions
cannot be frozen because a freeze is already in progress."),
+ 0xC0190047: ("STATUS_NOT_SNAPSHOT_VOLUME","The target volume is not a
snapshot volume. This operation is valid only on a volume mounted as a
snapshot."),
+ 0xC0190048: ("STATUS_NO_SAVEPOINT_WITH_OPEN_FILES","The savepoint
operation failed because files are open on the transaction, which is not
permitted."),
+ 0xC0190049: ("STATUS_SPARSE_NOT_ALLOWED_IN_TRANSACTION","The sparse
operation could not be completed because a transaction is active on the file."),
+ 0xC019004A: ("STATUS_TM_IDENTITY_MISMATCH","The call to create a
transaction manager object failed because the Tm Identity that is stored in the
log file does not match the Tm Identity that was passed in as an argument."),
+ 0xC019004B: ("STATUS_FLOATED_SECTION","I/O was attempted on a section
object that has been floated as a result of a transaction ending. There is no
valid data."),
+ 0xC019004C: ("STATUS_CANNOT_ACCEPT_TRANSACTED_WORK","The transactional
resource manager cannot currently accept transacted work due to a transient
condition, such as low resources."),
+ 0xC019004D: ("STATUS_CANNOT_ABORT_TRANSACTIONS","The transactional
resource manager had too many transactions outstanding that could not be
aborted. The transactional resource manager has been shut down."),
+ 0xC019004E: ("STATUS_TRANSACTION_NOT_FOUND","The specified transaction
was unable to be opened because it was not found."),
+ 0xC019004F: ("STATUS_RESOURCEMANAGER_NOT_FOUND","The specified
resource manager was unable to be opened because it was not found."),
+ 0xC0190050: ("STATUS_ENLISTMENT_NOT_FOUND","The specified enlistment
was unable to be opened because it was not found."),
+ 0xC0190051: ("STATUS_TRANSACTIONMANAGER_NOT_FOUND","The specified
transaction manager was unable to be opened because it was not found."),
+ 0xC0190052: ("STATUS_TRANSACTIONMANAGER_NOT_ONLINE","The specified
resource manager was unable to create an enlistment because its associated
transaction manager is not online."),
+ 0xC0190053: ("STATUS_TRANSACTIONMANAGER_RECOVERY_NAME_COLLISION","The
specified transaction manager was unable to create the objects contained in its
log file in the Ob namespace. Therefore, the transaction manager was unable to
recover."),
+ 0xC0190054: ("STATUS_TRANSACTION_NOT_ROOT","The call to create a
superior enlistment on this transaction object could not be completed because
the transaction object specified for the enlistment is a subordinate branch of
the transaction. Only the root of the transaction can be enlisted as a
superior."),
+ 0xC0190055: ("STATUS_TRANSACTION_OBJECT_EXPIRED","Because the
associated transaction manager or resource manager has been closed, the handle
is no longer valid."),
+ 0xC0190056: ("STATUS_COMPRESSION_NOT_ALLOWED_IN_TRANSACTION","The
compression operation could not be completed because a transaction is active on
the file."),
+ 0xC0190057: ("STATUS_TRANSACTION_RESPONSE_NOT_ENLISTED","The specified
operation could not be performed on this superior enlistment because the
enlistment was not created with the corresponding completion response in the
NotificationMask."),
+ 0xC0190058: ("STATUS_TRANSACTION_RECORD_TOO_LONG","The specified
operation could not be performed because the record to be logged was too long.
This can occur because either there are too many enlistments on this
transaction or the combined RecoveryInformation being logged on behalf of those
enlistments is too long."),
+ 0xC0190059: ("STATUS_NO_LINK_TRACKING_IN_TRANSACTION","The
link-tracking operation could not be completed because a transaction is
active."),
+ 0xC019005A: ("STATUS_OPERATION_NOT_SUPPORTED_IN_TRANSACTION","This
operation cannot be performed in a transaction."),
+ 0xC019005B: ("STATUS_TRANSACTION_INTEGRITY_VIOLATED","The kernel
transaction manager had to abort or forget the transaction because it blocked
forward progress."),
+ 0xC0190060: ("STATUS_EXPIRED_HANDLE","The handle is no longer properly
associated with its transaction. It may have been opened in a transactional
resource manager that was subsequently forced to restart. Please close the
handle and open a new one."),
+ 0xC0190061: ("STATUS_TRANSACTION_NOT_ENLISTED","The specified
operation could not be performed because the resource manager is not enlisted
in the transaction."),
+ 0xC01A0001: ("STATUS_LOG_SECTOR_INVALID","The log service found an
invalid log sector."),
+ 0xC01A0002: ("STATUS_LOG_SECTOR_PARITY_INVALID","The log service
encountered a log sector with invalid block parity."),
+ 0xC01A0003: ("STATUS_LOG_SECTOR_REMAPPED","The log service encountered
a remapped log sector."),
+ 0xC01A0004: ("STATUS_LOG_BLOCK_INCOMPLETE","The log service
encountered a partial or incomplete log block."),
+ 0xC01A0005: ("STATUS_LOG_INVALID_RANGE","The log service encountered
an attempt to access data outside the active log range."),
+ 0xC01A0006: ("STATUS_LOG_BLOCKS_EXHAUSTED","The log service user-log
marshaling buffers are exhausted."),
+ 0xC01A0007: ("STATUS_LOG_READ_CONTEXT_INVALID","The log service
encountered an attempt to read from a marshaling area with an invalid read
context."),
+ 0xC01A0008: ("STATUS_LOG_RESTART_INVALID","The log service encountered
an invalid log restart area."),
+ 0xC01A0009: ("STATUS_LOG_BLOCK_VERSION","The log service encountered
an invalid log block version."),
+ 0xC01A000A: ("STATUS_LOG_BLOCK_INVALID","The log service encountered
an invalid log block."),
+ 0xC01A000B: ("STATUS_LOG_READ_MODE_INVALID","The log service
encountered an attempt to read the log with an invalid read mode."),
+ 0xC01A000D: ("STATUS_LOG_METADATA_CORRUPT","The log service
encountered a corrupted metadata file."),
+ 0xC01A000E: ("STATUS_LOG_METADATA_INVALID","The log service
encountered a metadata file that could not be created by the log file system."),
+ 0xC01A000F: ("STATUS_LOG_METADATA_INCONSISTENT","The log service
encountered a metadata file with inconsistent data."),
+ 0xC01A0010: ("STATUS_LOG_RESERVATION_INVALID","The log service
encountered an attempt to erroneously allocate or dispose reservation space."),
+ 0xC01A0011: ("STATUS_LOG_CANT_DELETE","The log service cannot delete
the log file or the file system container."),
+ 0xC01A0012: ("STATUS_LOG_CONTAINER_LIMIT_EXCEEDED","The log service
has reached the maximum allowable containers allocated to a log file."),
+ 0xC01A0013: ("STATUS_LOG_START_OF_LOG","The log service has attempted
to read or write backward past the start of the log."),
+ 0xC01A0014: ("STATUS_LOG_POLICY_ALREADY_INSTALLED","The log policy
could not be installed because a policy of the same type is already present."),
+ 0xC01A0015: ("STATUS_LOG_POLICY_NOT_INSTALLED","The log policy in
question was not installed at the time of the request."),
+ 0xC01A0016: ("STATUS_LOG_POLICY_INVALID","The installed set of
policies on the log is invalid."),
+ 0xC01A0017: ("STATUS_LOG_POLICY_CONFLICT","A policy on the log in
question prevented the operation from completing."),
+ 0xC01A0018: ("STATUS_LOG_PINNED_ARCHIVE_TAIL","The log space cannot be
reclaimed because the log is pinned by the archive tail."),
+ 0xC01A0019: ("STATUS_LOG_RECORD_NONEXISTENT","The log record is not a
record in the log file."),
+ 0xC01A001A: ("STATUS_LOG_RECORDS_RESERVED_INVALID","The number of
reserved log records or the adjustment of the number of reserved log records is
invalid."),
+ 0xC01A001B: ("STATUS_LOG_SPACE_RESERVED_INVALID","The reserved log
space or the adjustment of the log space is invalid."),
+ 0xC01A001C: ("STATUS_LOG_TAIL_INVALID","A new or existing archive tail
or the base of the active log is invalid."),
+ 0xC01A001D: ("STATUS_LOG_FULL","The log space is exhausted."),
+ 0xC01A001E: ("STATUS_LOG_MULTIPLEXED","The log is multiplexed; no
direct writes to the physical log are allowed."),
+ 0xC01A001F: ("STATUS_LOG_DEDICATED","The operation failed because the
log is dedicated."),
+ 0xC01A0020: ("STATUS_LOG_ARCHIVE_NOT_IN_PROGRESS","The operation
requires an archive context."),
+ 0xC01A0021: ("STATUS_LOG_ARCHIVE_IN_PROGRESS","Log archival is in
progress."),
+ 0xC01A0022: ("STATUS_LOG_EPHEMERAL","The operation requires a
nonephemeral log, but the log is ephemeral."),
+ 0xC01A0023: ("STATUS_LOG_NOT_ENOUGH_CONTAINERS","The log must have at
least two containers before it can be read from or written to."),
+ 0xC01A0024: ("STATUS_LOG_CLIENT_ALREADY_REGISTERED","A log client has
already registered on the stream."),
+ 0xC01A0025: ("STATUS_LOG_CLIENT_NOT_REGISTERED","A log client has not
been registered on the stream."),
+ 0xC01A0026: ("STATUS_LOG_FULL_HANDLER_IN_PROGRESS","A request has
already been made to handle the log full condition."),
+ 0xC01A0027: ("STATUS_LOG_CONTAINER_READ_FAILED","The log service
encountered an error when attempting to read from a log container."),
+ 0xC01A0028: ("STATUS_LOG_CONTAINER_WRITE_FAILED","The log service
encountered an error when attempting to write to a log container."),
+ 0xC01A0029: ("STATUS_LOG_CONTAINER_OPEN_FAILED","The log service
encountered an error when attempting to open a log container."),
+ 0xC01A002A: ("STATUS_LOG_CONTAINER_STATE_INVALID","The log service
encountered an invalid container state when attempting a requested action."),
+ 0xC01A002B: ("STATUS_LOG_STATE_INVALID","The log service is not in the
correct state to perform a requested action."),
+ 0xC01A002C: ("STATUS_LOG_PINNED","The log space cannot be reclaimed
because the log is pinned."),
+ 0xC01A002D: ("STATUS_LOG_METADATA_FLUSH_FAILED","The log metadata
flush failed."),
+ 0xC01A002E: ("STATUS_LOG_INCONSISTENT_SECURITY","Security on the log
and its containers is inconsistent."),
+ 0xC01A002F: ("STATUS_LOG_APPENDED_FLUSH_FAILED","Records were appended
to the log or reservation changes were made, but the log could not be
flushed."),
+ 0xC01A0030: ("STATUS_LOG_PINNED_RESERVATION","The log is pinned due to
reservation consuming most of the log space. Free some reserved records to make
space available."),
+ 0xC01B00EA: ("STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD","{Display
Driver Stopped Responding} The %hs display driver has stopped working normally.
Save your work and reboot the system to restore full display functionality. The
next time you reboot the computer, a dialog box will allow you to upload data
about this failure to Microsoft."),
+ 0xC01C0001: ("STATUS_FLT_NO_HANDLER_DEFINED","A handler was not
defined by the filter for this operation."),
+ 0xC01C0002: ("STATUS_FLT_CONTEXT_ALREADY_DEFINED","A context is
already defined for this object."),
+ 0xC01C0003: ("STATUS_FLT_INVALID_ASYNCHRONOUS_REQUEST","Asynchronous
requests are not valid for this operation."),
+ 0xC01C0004: ("STATUS_FLT_DISALLOW_FAST_IO","This is an internal error
code used by the filter manager to determine if a fast I/O operation should be
forced down the input/output request packet (IRP) path. Minifilters should
never return this value."),
+ 0xC01C0005: ("STATUS_FLT_INVALID_NAME_REQUEST","An invalid name
request was made. The name requested cannot be retrieved at this time."),
+ 0xC01C0006: ("STATUS_FLT_NOT_SAFE_TO_POST_OPERATION","Posting this
operation to a worker thread for further processing is not safe at this time
because it could lead to a system deadlock."),
+ 0xC01C0007: ("STATUS_FLT_NOT_INITIALIZED","The Filter Manager was not
initialized when a filter tried to register. Make sure that the Filter Manager
is loaded as a driver."),
+ 0xC01C0008: ("STATUS_FLT_FILTER_NOT_READY","The filter is not ready
for attachment to volumes because it has not finished initializing
(FltStartFiltering has not been called)."),
+ 0xC01C0009: ("STATUS_FLT_POST_OPERATION_CLEANUP","The filter must
clean up any operation-specific context at this time because it is being
removed from the system before the operation is completed by the lower
drivers."),
+ 0xC01C000A: ("STATUS_FLT_INTERNAL_ERROR","The Filter Manager had an
internal error from which it cannot recover; therefore, the operation has
failed. This is usually the result of a filter returning an invalid value from
a pre-operation callback."),
+ 0xC01C000B: ("STATUS_FLT_DELETING_OBJECT","The object specified for
this action is in the process of being deleted; therefore, the action requested
cannot be completed at this time."),
+ 0xC01C000C: ("STATUS_FLT_MUST_BE_NONPAGED_POOL","A nonpaged pool must
be used for this type of context."),
+ 0xC01C000D: ("STATUS_FLT_DUPLICATE_ENTRY","A duplicate handler
definition has been provided for an operation."),
+ 0xC01C000E: ("STATUS_FLT_CBDQ_DISABLED","The callback data queue has
been disabled."),
+ 0xC01C000F: ("STATUS_FLT_DO_NOT_ATTACH","Do not attach the filter to
the volume at this time."),
+ 0xC01C0010: ("STATUS_FLT_DO_NOT_DETACH","Do not detach the filter from
the volume at this time."),
+ 0xC01C0011: ("STATUS_FLT_INSTANCE_ALTITUDE_COLLISION","An instance
already exists at this altitude on the volume specified."),
+ 0xC01C0012: ("STATUS_FLT_INSTANCE_NAME_COLLISION","An instance already
exists with this name on the volume specified."),
+ 0xC01C0013: ("STATUS_FLT_FILTER_NOT_FOUND","The system could not find
the filter specified."),
+ 0xC01C0014: ("STATUS_FLT_VOLUME_NOT_FOUND","The system could not find
the volume specified."),
+ 0xC01C0015: ("STATUS_FLT_INSTANCE_NOT_FOUND","The system could not
find the instance specified."),
+ 0xC01C0016: ("STATUS_FLT_CONTEXT_ALLOCATION_NOT_FOUND","No registered
context allocation definition was found for the given request."),
+ 0xC01C0017: ("STATUS_FLT_INVALID_CONTEXT_REGISTRATION","An invalid
parameter was specified during context registration."),
+ 0xC01C0018: ("STATUS_FLT_NAME_CACHE_MISS","The name requested was not
found in the Filter Manager name cache and could not be retrieved from the file
system."),
+ 0xC01C0019: ("STATUS_FLT_NO_DEVICE_OBJECT","The requested device
object does not exist for the given volume."),
+ 0xC01C001A: ("STATUS_FLT_VOLUME_ALREADY_MOUNTED","The specified volume
is already mounted."),
+ 0xC01C001B: ("STATUS_FLT_ALREADY_ENLISTED","The specified transaction
context is already enlisted in a transaction."),
+ 0xC01C001C: ("STATUS_FLT_CONTEXT_ALREADY_LINKED","The specified
context is already attached to another object."),
+ 0xC01C0020: ("STATUS_FLT_NO_WAITER_FOR_REPLY","No waiter is present
for the filter's reply to this message."),
+ 0xC01D0001: ("STATUS_MONITOR_NO_DESCRIPTOR","A monitor descriptor
could not be obtained."),
+ 0xC01D0002: ("STATUS_MONITOR_UNKNOWN_DESCRIPTOR_FORMAT","This release
does not support the format of the obtained monitor descriptor."),
+ 0xC01D0003: ("STATUS_MONITOR_INVALID_DESCRIPTOR_CHECKSUM","The
checksum of the obtained monitor descriptor is invalid."),
+ 0xC01D0004: ("STATUS_MONITOR_INVALID_STANDARD_TIMING_BLOCK","The
monitor descriptor contains an invalid standard timing block."),
+ 0xC01D0005: ("STATUS_MONITOR_WMI_DATABLOCK_REGISTRATION_FAILED","WMI
data-block registration failed for one of the MSMonitorClass WMI subclasses."),
+ 0xC01D0006: ("STATUS_MONITOR_INVALID_SERIAL_NUMBER_MONDSC_BLOCK","The
provided monitor descriptor block is either corrupted or does not contain the
monitor's detailed serial number."),
+ 0xC01D0007: ("STATUS_MONITOR_INVALID_USER_FRIENDLY_MONDSC_BLOCK","The
provided monitor descriptor block is either corrupted or does not contain the
monitor's user-friendly name."),
+ 0xC01D0008: ("STATUS_MONITOR_NO_MORE_DESCRIPTOR_DATA","There is no
monitor descriptor data at the specified (offset or size) region."),
+ 0xC01D0009: ("STATUS_MONITOR_INVALID_DETAILED_TIMING_BLOCK","The
monitor descriptor contains an invalid detailed timing block."),
+ 0xC01D000A: ("STATUS_MONITOR_INVALID_MANUFACTURE_DATE","Monitor
descriptor contains invalid manufacture date."),
+ 0xC01E0000: ("STATUS_GRAPHICS_NOT_EXCLUSIVE_MODE_OWNER","Exclusive
mode ownership is needed to create an unmanaged primary allocation."),
+ 0xC01E0001: ("STATUS_GRAPHICS_INSUFFICIENT_DMA_BUFFER","The driver
needs more DMA buffer space to complete the requested operation."),
+ 0xC01E0002: ("STATUS_GRAPHICS_INVALID_DISPLAY_ADAPTER","The specified
display adapter handle is invalid."),
+ 0xC01E0003: ("STATUS_GRAPHICS_ADAPTER_WAS_RESET","The specified
display adapter and all of its state have been reset."),
+ 0xC01E0004: ("STATUS_GRAPHICS_INVALID_DRIVER_MODEL","The driver stack
does not match the expected driver model."),
+ 0xC01E0005: ("STATUS_GRAPHICS_PRESENT_MODE_CHANGED","Present happened
but ended up into the changed desktop mode."),
+ 0xC01E0006: ("STATUS_GRAPHICS_PRESENT_OCCLUDED","Nothing to present
due to desktop occlusion."),
+ 0xC01E0007: ("STATUS_GRAPHICS_PRESENT_DENIED","Not able to present due
to denial of desktop access."),
+ 0xC01E0008: ("STATUS_GRAPHICS_CANNOTCOLORCONVERT","Not able to present
with color conversion."),
+ 0xC01E000B: ("STATUS_GRAPHICS_PRESENT_REDIRECTION_DISABLED","Present
redirection is disabled (desktop windowing management subsystem is off)."),
+ 0xC01E000C: ("STATUS_GRAPHICS_PRESENT_UNOCCLUDED","Previous exclusive
VidPn source owner has released its ownership"),
+ 0xC01E0100: ("STATUS_GRAPHICS_NO_VIDEO_MEMORY","Not enough video
memory is available to complete the operation."),
+ 0xC01E0101: ("STATUS_GRAPHICS_CANT_LOCK_MEMORY","Could not probe and
lock the underlying memory of an allocation."),
+ 0xC01E0102: ("STATUS_GRAPHICS_ALLOCATION_BUSY","The allocation is
currently busy."),
+ 0xC01E0103: ("STATUS_GRAPHICS_TOO_MANY_REFERENCES","An object being
referenced has already reached the maximum reference count and cannot be
referenced further."),
+ 0xC01E0104: ("STATUS_GRAPHICS_TRY_AGAIN_LATER","A problem could not be
solved due to an existing condition. Try again later."),
+ 0xC01E0105: ("STATUS_GRAPHICS_TRY_AGAIN_NOW","A problem could not be
solved due to an existing condition. Try again now."),
+ 0xC01E0106: ("STATUS_GRAPHICS_ALLOCATION_INVALID","The allocation is
invalid."),
+ 0xC01E0107: ("STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNAVAILABLE","No
more unswizzling apertures are currently available."),
+ 0xC01E0108: ("STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNSUPPORTED","The
current allocation cannot be unswizzled by an aperture."),
+ 0xC01E0109: ("STATUS_GRAPHICS_CANT_EVICT_PINNED_ALLOCATION","The
request failed because a pinned allocation cannot be evicted."),
+ 0xC01E0110: ("STATUS_GRAPHICS_INVALID_ALLOCATION_USAGE","The
allocation cannot be used from its current segment location for the specified
operation."),
+ 0xC01E0111: ("STATUS_GRAPHICS_CANT_RENDER_LOCKED_ALLOCATION","A locked
allocation cannot be used in the current command buffer."),
+ 0xC01E0112: ("STATUS_GRAPHICS_ALLOCATION_CLOSED","The allocation being
referenced has been closed permanently."),
+ 0xC01E0113: ("STATUS_GRAPHICS_INVALID_ALLOCATION_INSTANCE","An invalid
allocation instance is being referenced."),
+ 0xC01E0114: ("STATUS_GRAPHICS_INVALID_ALLOCATION_HANDLE","An invalid
allocation handle is being referenced."),
+ 0xC01E0115: ("STATUS_GRAPHICS_WRONG_ALLOCATION_DEVICE","The allocation
being referenced does not belong to the current device."),
+ 0xC01E0116: ("STATUS_GRAPHICS_ALLOCATION_CONTENT_LOST","The specified
allocation lost its content."),
+ 0xC01E0200: ("STATUS_GRAPHICS_GPU_EXCEPTION_ON_DEVICE","A GPU
exception was detected on the given device. The device cannot be scheduled."),
+ 0xC01E0300: ("STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY","The specified
VidPN topology is invalid."),
+ 0xC01E0301: ("STATUS_GRAPHICS_VIDPN_TOPOLOGY_NOT_SUPPORTED","The
specified VidPN topology is valid but is not supported by this model of the
display adapter."),
+ 0xC01E0302:
("STATUS_GRAPHICS_VIDPN_TOPOLOGY_CURRENTLY_NOT_SUPPORTED","The specified VidPN
topology is valid but is not currently supported by the display adapter due to
allocation of its resources."),
+ 0xC01E0303: ("STATUS_GRAPHICS_INVALID_VIDPN","The specified VidPN
handle is invalid."),
+ 0xC01E0304: ("STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE","The
specified video present source is invalid."),
+ 0xC01E0305: ("STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET","The
specified video present target is invalid."),
+ 0xC01E0306: ("STATUS_GRAPHICS_VIDPN_MODALITY_NOT_SUPPORTED","The
specified VidPN modality is not supported (for example, at least two of the
pinned modes are not co-functional)."),
+ 0xC01E0308: ("STATUS_GRAPHICS_INVALID_VIDPN_SOURCEMODESET","The
specified VidPN source mode set is invalid."),
+ 0xC01E0309: ("STATUS_GRAPHICS_INVALID_VIDPN_TARGETMODESET","The
specified VidPN target mode set is invalid."),
+ 0xC01E030A: ("STATUS_GRAPHICS_INVALID_FREQUENCY","The specified video
signal frequency is invalid."),
+ 0xC01E030B: ("STATUS_GRAPHICS_INVALID_ACTIVE_REGION","The specified
video signal active region is invalid."),
+ 0xC01E030C: ("STATUS_GRAPHICS_INVALID_TOTAL_REGION","The specified
video signal total region is invalid."),
+ 0xC01E0310: ("STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE_MODE","The
specified video present source mode is invalid."),
+ 0xC01E0311: ("STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET_MODE","The
specified video present target mode is invalid."),
+ 0xC01E0312: ("STATUS_GRAPHICS_PINNED_MODE_MUST_REMAIN_IN_SET","The
pinned mode must remain in the set on the VidPN's co-functional modality
enumeration."),
+ 0xC01E0313: ("STATUS_GRAPHICS_PATH_ALREADY_IN_TOPOLOGY","The specified
video present path is already in the VidPN's topology."),
+ 0xC01E0314: ("STATUS_GRAPHICS_MODE_ALREADY_IN_MODESET","The specified
mode is already in the mode set."),
+ 0xC01E0315: ("STATUS_GRAPHICS_INVALID_VIDEOPRESENTSOURCESET","The
specified video present source set is invalid."),
+ 0xC01E0316: ("STATUS_GRAPHICS_INVALID_VIDEOPRESENTTARGETSET","The
specified video present target set is invalid."),
+ 0xC01E0317: ("STATUS_GRAPHICS_SOURCE_ALREADY_IN_SET","The specified
video present source is already in the video present source set."),
+ 0xC01E0318: ("STATUS_GRAPHICS_TARGET_ALREADY_IN_SET","The specified
video present target is already in the video present target set."),
+ 0xC01E0319: ("STATUS_GRAPHICS_INVALID_VIDPN_PRESENT_PATH","The
specified VidPN present path is invalid."),
+ 0xC01E031A: ("STATUS_GRAPHICS_NO_RECOMMENDED_VIDPN_TOPOLOGY","The
miniport has no recommendation for augmenting the specified VidPN's topology."),
+ 0xC01E031B: ("STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGESET","The
specified monitor frequency range set is invalid."),
+ 0xC01E031C: ("STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE","The
specified monitor frequency range is invalid."),
+ 0xC01E031D: ("STATUS_GRAPHICS_FREQUENCYRANGE_NOT_IN_SET","The
specified frequency range is not in the specified monitor frequency range
set."),
+ 0xC01E031F: ("STATUS_GRAPHICS_FREQUENCYRANGE_ALREADY_IN_SET","The
specified frequency range is already in the specified monitor frequency range
set."),
+ 0xC01E0320: ("STATUS_GRAPHICS_STALE_MODESET","The specified mode set
is stale. Reacquire the new mode set."),
+ 0xC01E0321: ("STATUS_GRAPHICS_INVALID_MONITOR_SOURCEMODESET","The
specified monitor source mode set is invalid."),
+ 0xC01E0322: ("STATUS_GRAPHICS_INVALID_MONITOR_SOURCE_MODE","The
specified monitor source mode is invalid."),
+ 0xC01E0323: ("STATUS_GRAPHICS_NO_RECOMMENDED_FUNCTIONAL_VIDPN","The
miniport does not have a recommendation regarding the request to provide a
functional VidPN given the current display adapter configuration."),
+ 0xC01E0324: ("STATUS_GRAPHICS_MODE_ID_MUST_BE_UNIQUE","The ID of the
specified mode is being used by another mode in the set."),
+ 0xC01E0325:
("STATUS_GRAPHICS_EMPTY_ADAPTER_MONITOR_MODE_SUPPORT_INTERSECTION","The system
failed to determine a mode that is supported by both the display adapter and
the monitor connected to it."),
+ 0xC01E0326:
("STATUS_GRAPHICS_VIDEO_PRESENT_TARGETS_LESS_THAN_SOURCES","The number of video
present targets must be greater than or equal to the number of video present
sources."),
+ 0xC01E0327: ("STATUS_GRAPHICS_PATH_NOT_IN_TOPOLOGY","The specified
present path is not in the VidPN's topology."),
+ 0xC01E0328:
("STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_SOURCE","The display adapter
must have at least one video present source."),
+ 0xC01E0329:
("STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_TARGET","The display adapter
must have at least one video present target."),
+ 0xC01E032A: ("STATUS_GRAPHICS_INVALID_MONITORDESCRIPTORSET","The
specified monitor descriptor set is invalid."),
+ 0xC01E032B: ("STATUS_GRAPHICS_INVALID_MONITORDESCRIPTOR","The
specified monitor descriptor is invalid."),
+ 0xC01E032C: ("STATUS_GRAPHICS_MONITORDESCRIPTOR_NOT_IN_SET","The
specified descriptor is not in the specified monitor descriptor set."),
+ 0xC01E032D: ("STATUS_GRAPHICS_MONITORDESCRIPTOR_ALREADY_IN_SET","The
specified descriptor is already in the specified monitor descriptor set."),
+ 0xC01E032E:
("STATUS_GRAPHICS_MONITORDESCRIPTOR_ID_MUST_BE_UNIQUE","The ID of the specified
monitor descriptor is being used by another descriptor in the set."),
+ 0xC01E032F: ("STATUS_GRAPHICS_INVALID_VIDPN_TARGET_SUBSET_TYPE","The
specified video present target subset type is invalid."),
+ 0xC01E0330: ("STATUS_GRAPHICS_RESOURCES_NOT_RELATED","Two or more of
the specified resources are not related to each other, as defined by the
interface semantics."),
+ 0xC01E0331: ("STATUS_GRAPHICS_SOURCE_ID_MUST_BE_UNIQUE","The ID of the
specified video present source is being used by another source in the set."),
+ 0xC01E0332: ("STATUS_GRAPHICS_TARGET_ID_MUST_BE_UNIQUE","The ID of the
specified video present target is being used by another target in the set."),
+ 0xC01E0333: ("STATUS_GRAPHICS_NO_AVAILABLE_VIDPN_TARGET","The
specified VidPN source cannot be used because there is no available VidPN
target to connect it to."),
+ 0xC01E0334:
("STATUS_GRAPHICS_MONITOR_COULD_NOT_BE_ASSOCIATED_WITH_ADAPTER","The newly
arrived monitor could not be associated with a display adapter."),
+ 0xC01E0335: ("STATUS_GRAPHICS_NO_VIDPNMGR","The particular display
adapter does not have an associated VidPN manager."),
+ 0xC01E0336: ("STATUS_GRAPHICS_NO_ACTIVE_VIDPN","The VidPN manager of
the particular display adapter does not have an active VidPN."),
+ 0xC01E0337: ("STATUS_GRAPHICS_STALE_VIDPN_TOPOLOGY","The specified
VidPN topology is stale; obtain the new topology."),
+ 0xC01E0338: ("STATUS_GRAPHICS_MONITOR_NOT_CONNECTED","No monitor is
connected on the specified video present target."),
+ 0xC01E0339: ("STATUS_GRAPHICS_SOURCE_NOT_IN_TOPOLOGY","The specified
source is not part of the specified VidPN's topology."),
+ 0xC01E033A: ("STATUS_GRAPHICS_INVALID_PRIMARYSURFACE_SIZE","The
specified primary surface size is invalid."),
+ 0xC01E033B: ("STATUS_GRAPHICS_INVALID_VISIBLEREGION_SIZE","The
specified visible region size is invalid."),
+ 0xC01E033C: ("STATUS_GRAPHICS_INVALID_STRIDE","The specified stride is
invalid."),
+ 0xC01E033D: ("STATUS_GRAPHICS_INVALID_PIXELFORMAT","The specified
pixel format is invalid."),
+ 0xC01E033E: ("STATUS_GRAPHICS_INVALID_COLORBASIS","The specified color
basis is invalid."),
+ 0xC01E033F: ("STATUS_GRAPHICS_INVALID_PIXELVALUEACCESSMODE","The
specified pixel value access mode is invalid."),
+ 0xC01E0340: ("STATUS_GRAPHICS_TARGET_NOT_IN_TOPOLOGY","The specified
target is not part of the specified VidPN's topology."),
+ 0xC01E0341:
("STATUS_GRAPHICS_NO_DISPLAY_MODE_MANAGEMENT_SUPPORT","Failed to acquire the
display mode management interface."),
+ 0xC01E0342: ("STATUS_GRAPHICS_VIDPN_SOURCE_IN_USE","The specified
VidPN source is already owned by a DMM client and cannot be used until that
client releases it."),
+ 0xC01E0343: ("STATUS_GRAPHICS_CANT_ACCESS_ACTIVE_VIDPN","The specified
VidPN is active and cannot be accessed."),
+ 0xC01E0344: ("STATUS_GRAPHICS_INVALID_PATH_IMPORTANCE_ORDINAL","The
specified VidPN's present path importance ordinal is invalid."),
+ 0xC01E0345:
("STATUS_GRAPHICS_INVALID_PATH_CONTENT_GEOMETRY_TRANSFORMATION","The specified
VidPN's present path content geometry transformation is invalid."),
+ 0xC01E0346:
("STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_SUPPORTED","The
specified content geometry transformation is not supported on the respective
VidPN present path."),
+ 0xC01E0347: ("STATUS_GRAPHICS_INVALID_GAMMA_RAMP","The specified gamma
ramp is invalid."),
+ 0xC01E0348: ("STATUS_GRAPHICS_GAMMA_RAMP_NOT_SUPPORTED","The specified
gamma ramp is not supported on the respective VidPN present path."),
+ 0xC01E0349:
("STATUS_GRAPHICS_MULTISAMPLING_NOT_SUPPORTED","Multisampling is not supported
on the respective VidPN present path."),
+ 0xC01E034A: ("STATUS_GRAPHICS_MODE_NOT_IN_MODESET","The specified mode
is not in the specified mode set."),
+ 0xC01E034D:
("STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY_RECOMMENDATION_REASON","The specified
VidPN topology recommendation reason is invalid."),
+ 0xC01E034E: ("STATUS_GRAPHICS_INVALID_PATH_CONTENT_TYPE","The
specified VidPN present path content type is invalid."),
+ 0xC01E034F: ("STATUS_GRAPHICS_INVALID_COPYPROTECTION_TYPE","The
specified VidPN present path copy protection type is invalid."),
+ 0xC01E0350: ("STATUS_GRAPHICS_UNASSIGNED_MODESET_ALREADY_EXISTS","Only
one unassigned mode set can exist at any one time for a particular VidPN source
or target."),
+ 0xC01E0352: ("STATUS_GRAPHICS_INVALID_SCANLINE_ORDERING","The
specified scan line ordering type is invalid."),
+ 0xC01E0353: ("STATUS_GRAPHICS_TOPOLOGY_CHANGES_NOT_ALLOWED","The
topology changes are not allowed for the specified VidPN."),
+ 0xC01E0354: ("STATUS_GRAPHICS_NO_AVAILABLE_IMPORTANCE_ORDINALS","All
available importance ordinals are being used in the specified topology."),
+ 0xC01E0355: ("STATUS_GRAPHICS_INCOMPATIBLE_PRIVATE_FORMAT","The
specified primary surface has a different private-format attribute than the
current primary surface."),
+ 0xC01E0356: ("STATUS_GRAPHICS_INVALID_MODE_PRUNING_ALGORITHM","The
specified mode-pruning algorithm is invalid."),
+ 0xC01E0357: ("STATUS_GRAPHICS_INVALID_MONITOR_CAPABILITY_ORIGIN","The
specified monitor-capability origin is invalid."),
+ 0xC01E0358:
("STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE_CONSTRAINT","The specified
monitor-frequency range constraint is invalid."),
+ 0xC01E0359: ("STATUS_GRAPHICS_MAX_NUM_PATHS_REACHED","The maximum
supported number of present paths has been reached."),
+ 0xC01E035A: ("STATUS_GRAPHICS_CANCEL_VIDPN_TOPOLOGY_AUGMENTATION","The
miniport requested that augmentation be canceled for the specified source of
the specified VidPN's topology."),
+ 0xC01E035B: ("STATUS_GRAPHICS_INVALID_CLIENT_TYPE","The specified
client type was not recognized."),
+ 0xC01E035C: ("STATUS_GRAPHICS_CLIENTVIDPN_NOT_SET","The client VidPN
is not set on this adapter (for example, no user mode-initiated mode changes
have taken place on this adapter)."),
+ 0xC01E0400: ("STATUS_GRAPHICS_SPECIFIED_CHILD_ALREADY_CONNECTED","The
specified display adapter child device already has an external device connected
to it."),
+ 0xC01E0401: ("STATUS_GRAPHICS_CHILD_DESCRIPTOR_NOT_SUPPORTED","The
display adapter child device does not support reporting a descriptor."),
+ 0xC01E0430: ("STATUS_GRAPHICS_NOT_A_LINKED_ADAPTER","The display
adapter is not linked to any other adapters."),
+ 0xC01E0431: ("STATUS_GRAPHICS_LEADLINK_NOT_ENUMERATED","The lead
adapter in a linked configuration was not enumerated yet."),
+ 0xC01E0432: ("STATUS_GRAPHICS_CHAINLINKS_NOT_ENUMERATED","Some chain
adapters in a linked configuration have not yet been enumerated."),
+ 0xC01E0433: ("STATUS_GRAPHICS_ADAPTER_CHAIN_NOT_READY","The chain of
linked adapters is not ready to start because of an unknown failure."),
+ 0xC01E0434: ("STATUS_GRAPHICS_CHAINLINKS_NOT_STARTED","An attempt was
made to start a lead link display adapter when the chain links had not yet
started."),
+ 0xC01E0435: ("STATUS_GRAPHICS_CHAINLINKS_NOT_POWERED_ON","An attempt
was made to turn on a lead link display adapter when the chain links were
turned off."),
+ 0xC01E0436: ("STATUS_GRAPHICS_INCONSISTENT_DEVICE_LINK_STATE","The
adapter link was found in an inconsistent state. Not all adapters are in an
expected PNP/power state."),
+ 0xC01E0438: ("STATUS_GRAPHICS_NOT_POST_DEVICE_DRIVER","The driver
trying to start is not the same as the driver for the posted display adapter."),
+ 0xC01E043B: ("STATUS_GRAPHICS_ADAPTER_ACCESS_NOT_EXCLUDED","An
operation is being attempted that requires the display adapter to be in a
quiescent state."),
+ 0xC01E0500: ("STATUS_GRAPHICS_OPM_NOT_SUPPORTED","The driver does not
support OPM."),
+ 0xC01E0501: ("STATUS_GRAPHICS_COPP_NOT_SUPPORTED","The driver does not
support COPP."),
+ 0xC01E0502: ("STATUS_GRAPHICS_UAB_NOT_SUPPORTED","The driver does not
support UAB."),
+ 0xC01E0503: ("STATUS_GRAPHICS_OPM_INVALID_ENCRYPTED_PARAMETERS","The
specified encrypted parameters are invalid."),
+ 0xC01E0504: ("STATUS_GRAPHICS_OPM_PARAMETER_ARRAY_TOO_SMALL","An array
passed to a function cannot hold all of the data that the function wants to put
in it."),
+ 0xC01E0505: ("STATUS_GRAPHICS_OPM_NO_PROTECTED_OUTPUTS_EXIST","The GDI
display device passed to this function does not have any active protected
outputs."),
+ 0xC01E0506:
("STATUS_GRAPHICS_PVP_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME","The PVP cannot
find an actual GDI display device that corresponds to the passed-in GDI display
device name."),
+ 0xC01E0507:
("STATUS_GRAPHICS_PVP_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP","This function
failed because the GDI display device passed to it was not attached to the
Windows desktop."),
+ 0xC01E0508:
("STATUS_GRAPHICS_PVP_MIRRORING_DEVICES_NOT_SUPPORTED","The PVP does not
support mirroring display devices because they do not have any protected
outputs."),
+ 0xC01E050A: ("STATUS_GRAPHICS_OPM_INVALID_POINTER","The function
failed because an invalid pointer parameter was passed to it. A pointer
parameter is invalid if it is null, is not correctly aligned, or it points to
an invalid address or a kernel mode address."),
+ 0xC01E050B: ("STATUS_GRAPHICS_OPM_INTERNAL_ERROR","An internal error
caused an operation to fail."),
+ 0xC01E050C: ("STATUS_GRAPHICS_OPM_INVALID_HANDLE","The function failed
because the caller passed in an invalid OPM user-mode handle."),
+ 0xC01E050D:
("STATUS_GRAPHICS_PVP_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE","This function
failed because the GDI device passed to it did not have any monitors associated
with it."),
+ 0xC01E050E: ("STATUS_GRAPHICS_PVP_INVALID_CERTIFICATE_LENGTH","A
certificate could not be returned because the certificate buffer passed to the
function was too small."),
+ 0xC01E050F:
("STATUS_GRAPHICS_OPM_SPANNING_MODE_ENABLED","DxgkDdiOpmCreateProtectedOutput()
could not create a protected output because the video present yarget is in
spanning mode."),
+ 0xC01E0510:
("STATUS_GRAPHICS_OPM_THEATER_MODE_ENABLED","DxgkDdiOpmCreateProtectedOutput()
could not create a protected output because the video present target is in
theater mode."),
+ 0xC01E0511: ("STATUS_GRAPHICS_PVP_HFS_FAILED","The function call
failed because the display adapter's hardware functionality scan (HFS) failed
to validate the graphics hardware."),
+ 0xC01E0512: ("STATUS_GRAPHICS_OPM_INVALID_SRM","The HDCP SRM passed to
this function did not comply with section 5 of the HDCP 1.1 specification."),
+ 0xC01E0513: ("STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_HDCP","The
protected output cannot enable the HDCP system because it does not support
it."),
+ 0xC01E0514: ("STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_ACP","The
protected output cannot enable analog copy protection because it does not
support it."),
+ 0xC01E0515: ("STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_CGMSA","The
protected output cannot enable the CGMS-A protection technology because it does
not support it."),
+ 0xC01E0516:
("STATUS_GRAPHICS_OPM_HDCP_SRM_NEVER_SET","DxgkDdiOPMGetInformation() cannot
return the version of the SRM being used because the application never
successfully passed an SRM to the protected output."),
+ 0xC01E0517:
("STATUS_GRAPHICS_OPM_RESOLUTION_TOO_HIGH","DxgkDdiOPMConfigureProtectedOutput()
cannot enable the specified output protection technology because the output's
screen resolution is too high."),
+ 0xC01E0518:
("STATUS_GRAPHICS_OPM_ALL_HDCP_HARDWARE_ALREADY_IN_USE","DxgkDdiOPMConfigureProtectedOutput()
cannot enable HDCP because other physical outputs are using the display
adapter's HDCP hardware."),
+ 0xC01E051A:
("STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_NO_LONGER_EXISTS","The operating system
asynchronously destroyed this OPM-protected output because the operating system
state changed. This error typically occurs because the monitor PDO associated
with this protected output was removed or stopped, the protected output's
session became a nonconsole session, or the protected output's desktop became
inactive."),
+ 0xC01E051B:
("STATUS_GRAPHICS_OPM_SESSION_TYPE_CHANGE_IN_PROGRESS","OPM functions cannot be
called when a session is changing its type. Three types of sessions currently
exist: console, disconnected, and remote (RDP or ICA)."),
+ 0xC01E051C:
("STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_COPP_SEMANTICS","The
DxgkDdiOPMGetCOPPCompatibleInformation, DxgkDdiOPMGetInformation, or
DxgkDdiOPMConfigureProtectedOutput function failed. This error is returned only
if a protected output has OPM semantics.
DxgkDdiOPMGetCOPPCompatibleInformation always returns this error if a protected
output has OPM semantics. DxgkDdiOPMGetInformation returns this error code if
the caller requested COPP-specific information. [...]
+ 0xC01E051D: ("STATUS_GRAPHICS_OPM_INVALID_INFORMATION_REQUEST","The
DxgkDdiOPMGetInformation and DxgkDdiOPMGetCOPPCompatibleInformation functions
return this error code if the passed-in sequence number is not the expected
sequence number or the passed-in OMAC value is invalid."),
+ 0xC01E051E: ("STATUS_GRAPHICS_OPM_DRIVER_INTERNAL_ERROR","The function
failed because an unexpected error occurred inside a display driver."),
+ 0xC01E051F:
("STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_OPM_SEMANTICS","The
DxgkDdiOPMGetCOPPCompatibleInformation, DxgkDdiOPMGetInformation, or
DxgkDdiOPMConfigureProtectedOutput function failed. This error is returned only
if a protected output has COPP semantics.
DxgkDdiOPMGetCOPPCompatibleInformation returns this error code if the caller
requested OPM-specific information. DxgkDdiOPMGetInformation always returns
this error if a protected output has COPP semantics. [...]
+ 0xC01E0520: ("STATUS_GRAPHICS_OPM_SIGNALING_NOT_SUPPORTED","The
DxgkDdiOPMGetCOPPCompatibleInformation and DxgkDdiOPMConfigureProtectedOutput
functions return this error if the display driver does not support the
DXGKMDT_OPM_GET_ACP_AND_CGMSA_SIGNALING and
DXGKMDT_OPM_SET_ACP_AND_CGMSA_SIGNALING GUIDs."),
+ 0xC01E0521: ("STATUS_GRAPHICS_OPM_INVALID_CONFIGURATION_REQUEST","The
DxgkDdiOPMConfigureProtectedOutput function returns this error code if the
passed-in sequence number is not the expected sequence number or the passed-in
OMAC value is invalid."),
+ 0xC01E0580: ("STATUS_GRAPHICS_I2C_NOT_SUPPORTED","The monitor
connected to the specified video output does not have an I2C bus."),
+ 0xC01E0581: ("STATUS_GRAPHICS_I2C_DEVICE_DOES_NOT_EXIST","No device on
the I2C bus has the specified address."),
+ 0xC01E0582: ("STATUS_GRAPHICS_I2C_ERROR_TRANSMITTING_DATA","An error
occurred while transmitting data to the device on the I2C bus."),
+ 0xC01E0583: ("STATUS_GRAPHICS_I2C_ERROR_RECEIVING_DATA","An error
occurred while receiving data from the device on the I2C bus."),
+ 0xC01E0584: ("STATUS_GRAPHICS_DDCCI_VCP_NOT_SUPPORTED","The monitor
does not support the specified VCP code."),
+ 0xC01E0585: ("STATUS_GRAPHICS_DDCCI_INVALID_DATA","The data received
from the monitor is invalid."),
+ 0xC01E0586:
("STATUS_GRAPHICS_DDCCI_MONITOR_RETURNED_INVALID_TIMING_STATUS_BYTE","A
function call failed because a monitor returned an invalid timing status byte
when the operating system used the DDC/CI get timing report and timing message
command to get a timing report from a monitor."),
+ 0xC01E0587: ("STATUS_GRAPHICS_DDCCI_INVALID_CAPABILITIES_STRING","A
monitor returned a DDC/CI capabilities string that did not comply with the
ACCESS.bus 3.0, DDC/CI 1.1, or MCCS 2 Revision 1 specification."),
+ 0xC01E0588: ("STATUS_GRAPHICS_MCA_INTERNAL_ERROR","An internal error
caused an operation to fail."),
+ 0xC01E0589: ("STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_COMMAND","An
operation failed because a DDC/CI message had an invalid value in its command
field."),
+ 0xC01E058A: ("STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_LENGTH","This
error occurred because a DDC/CI message had an invalid value in its length
field."),
+ 0xC01E058B: ("STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_CHECKSUM","This
error occurred because the value in a DDC/CI message's checksum field did not
match the message's computed checksum value. This error implies that the data
was corrupted while it was being transmitted from a monitor to a computer."),
+ 0xC01E058C: ("STATUS_GRAPHICS_INVALID_PHYSICAL_MONITOR_HANDLE","This
function failed because an invalid monitor handle was passed to it."),
+ 0xC01E058D: ("STATUS_GRAPHICS_MONITOR_NO_LONGER_EXISTS","The operating
system asynchronously destroyed the monitor that corresponds to this handle
because the operating system's state changed. This error typically occurs
because the monitor PDO associated with this handle was removed or stopped, or
a display mode change occurred. A display mode change occurs when Windows sends
a WM_DISPLAYCHANGE message to applications."),
+ 0xC01E05E0: ("STATUS_GRAPHICS_ONLY_CONSOLE_SESSION_SUPPORTED","This
function can be used only if a program is running in the local console session.
It cannot be used if a program is running on a remote desktop session or on a
terminal server session."),
+ 0xC01E05E1:
("STATUS_GRAPHICS_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME","This function cannot
find an actual GDI display device that corresponds to the specified GDI display
device name."),
+ 0xC01E05E2:
("STATUS_GRAPHICS_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP","The function failed
because the specified GDI display device was not attached to the Windows
desktop."),
+ 0xC01E05E3: ("STATUS_GRAPHICS_MIRRORING_DEVICES_NOT_SUPPORTED","This
function does not support GDI mirroring display devices because GDI mirroring
display devices do not have any physical monitors associated with them."),
+ 0xC01E05E4: ("STATUS_GRAPHICS_INVALID_POINTER","The function failed
because an invalid pointer parameter was passed to it. A pointer parameter is
invalid if it is null, is not correctly aligned, or points to an invalid
address or to a kernel mode address."),
+ 0xC01E05E5:
("STATUS_GRAPHICS_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE","This function
failed because the GDI device passed to it did not have a monitor associated
with it."),
+ 0xC01E05E6: ("STATUS_GRAPHICS_PARAMETER_ARRAY_TOO_SMALL","An array
passed to the function cannot hold all of the data that the function must copy
into the array."),
+ 0xC01E05E7: ("STATUS_GRAPHICS_INTERNAL_ERROR","An internal error
caused an operation to fail."),
+ 0xC01E05E8: ("STATUS_GRAPHICS_SESSION_TYPE_CHANGE_IN_PROGRESS","The
function failed because the current session is changing its type. This function
cannot be called when the current session is changing its type. Three types of
sessions currently exist: console, disconnected, and remote (RDP or ICA)."),
+ 0xC0210000: ("STATUS_FVE_LOCKED_VOLUME","The volume must be unlocked
before it can be used."),
+ 0xC0210001: ("STATUS_FVE_NOT_ENCRYPTED","The volume is fully decrypted
and no key is available."),
+ 0xC0210002: ("STATUS_FVE_BAD_INFORMATION","The control block for the
encrypted volume is not valid."),
+ 0xC0210003: ("STATUS_FVE_TOO_SMALL","Not enough free space remains on
the volume to allow encryption."),
+ 0xC0210004: ("STATUS_FVE_FAILED_WRONG_FS","The partition cannot be
encrypted because the file system is not supported."),
+ 0xC0210005: ("STATUS_FVE_FAILED_BAD_FS","The file system is
inconsistent. Run the Check Disk utility."),
+ 0xC0210006: ("STATUS_FVE_FS_NOT_EXTENDED","The file system does not
extend to the end of the volume."),
+ 0xC0210007: ("STATUS_FVE_FS_MOUNTED","This operation cannot be
performed while a file system is mounted on the volume."),
+ 0xC0210008: ("STATUS_FVE_NO_LICENSE","BitLocker Drive Encryption is
not included with this version of Windows."),
+ 0xC0210009: ("STATUS_FVE_ACTION_NOT_ALLOWED","The requested action was
denied by the FVE control engine."),
+ 0xC021000A: ("STATUS_FVE_BAD_DATA","The data supplied is malformed."),
+ 0xC021000B: ("STATUS_FVE_VOLUME_NOT_BOUND","The volume is not bound to
the system."),
+ 0xC021000C: ("STATUS_FVE_NOT_DATA_VOLUME","The volume specified is not
a data volume."),
+ 0xC021000D: ("STATUS_FVE_CONV_READ_ERROR","A read operation failed
while converting the volume."),
+ 0xC021000E: ("STATUS_FVE_CONV_WRITE_ERROR","A write operation failed
while converting the volume."),
+ 0xC021000F: ("STATUS_FVE_OVERLAPPED_UPDATE","The control block for the
encrypted volume was updated by another thread. Try again."),
+ 0xC0210010: ("STATUS_FVE_FAILED_SECTOR_SIZE","The volume encryption
algorithm cannot be used on this sector size."),
+ 0xC0210011: ("STATUS_FVE_FAILED_AUTHENTICATION","BitLocker recovery
authentication failed."),
+ 0xC0210012: ("STATUS_FVE_NOT_OS_VOLUME","The volume specified is not
the boot operating system volume."),
+ 0xC0210013: ("STATUS_FVE_KEYFILE_NOT_FOUND","The BitLocker startup key
or recovery password could not be read from external media."),
+ 0xC0210014: ("STATUS_FVE_KEYFILE_INVALID","The BitLocker startup key
or recovery password file is corrupt or invalid."),
+ 0xC0210015: ("STATUS_FVE_KEYFILE_NO_VMK","The BitLocker encryption key
could not be obtained from the startup key or the recovery password."),
+ 0xC0210016: ("STATUS_FVE_TPM_DISABLED","The TPM is disabled."),
+ 0xC0210017: ("STATUS_FVE_TPM_SRK_AUTH_NOT_ZERO","The authorization
data for the SRK of the TPM is not zero."),
+ 0xC0210018: ("STATUS_FVE_TPM_INVALID_PCR","The system boot information
changed or the TPM locked out access to BitLocker encryption keys until the
computer is restarted."),
+ 0xC0210019: ("STATUS_FVE_TPM_NO_VMK","The BitLocker encryption key
could not be obtained from the TPM."),
+ 0xC021001A: ("STATUS_FVE_PIN_INVALID","The BitLocker encryption key
could not be obtained from the TPM and PIN."),
+ 0xC021001B: ("STATUS_FVE_AUTH_INVALID_APPLICATION","A boot application
hash does not match the hash computed when BitLocker was turned on."),
+ 0xC021001C: ("STATUS_FVE_AUTH_INVALID_CONFIG","The Boot Configuration
Data (BCD) settings are not supported or have changed because BitLocker was
enabled."),
+ 0xC021001D: ("STATUS_FVE_DEBUGGER_ENABLED","Boot debugging is enabled.
Run Windows Boot Configuration Data Store Editor (bcdedit.exe) to turn it
off."),
+ 0xC021001E: ("STATUS_FVE_DRY_RUN_FAILED","The BitLocker encryption key
could not be obtained."),
+ 0xC021001F: ("STATUS_FVE_BAD_METADATA_POINTER","The metadata disk
region pointer is incorrect."),
+ 0xC0210020: ("STATUS_FVE_OLD_METADATA_COPY","The backup copy of the
metadata is out of date."),
+ 0xC0210021: ("STATUS_FVE_REBOOT_REQUIRED","No action was taken because
a system restart is required."),
+ 0xC0210022: ("STATUS_FVE_RAW_ACCESS","No action was taken because
BitLocker Drive Encryption is in RAW access mode."),
+ 0xC0210023: ("STATUS_FVE_RAW_BLOCKED","BitLocker Drive Encryption
cannot enter RAW access mode for this volume."),
+ 0xC0210026: ("STATUS_FVE_NO_FEATURE_LICENSE","This feature of
BitLocker Drive Encryption is not included with this version of Windows."),
+ 0xC0210027: ("STATUS_FVE_POLICY_USER_DISABLE_RDV_NOT_ALLOWED","Group
policy does not permit turning off BitLocker Drive Encryption on roaming data
volumes."),
+ 0xC0210028: ("STATUS_FVE_CONV_RECOVERY_FAILED","Bitlocker Drive
Encryption failed to recover from aborted conversion. This could be due to
either all conversion logs being corrupted or the media being
write-protected."),
+ 0xC0210029: ("STATUS_FVE_VIRTUALIZED_SPACE_TOO_BIG","The requested
virtualization size is too big."),
+ 0xC0210030: ("STATUS_FVE_VOLUME_TOO_SMALL","The drive is too small to
be protected using BitLocker Drive Encryption."),
+ 0xC0220001: ("STATUS_FWP_CALLOUT_NOT_FOUND","The callout does not
exist."),
+ 0xC0220002: ("STATUS_FWP_CONDITION_NOT_FOUND","The filter condition
does not exist."),
+ 0xC0220003: ("STATUS_FWP_FILTER_NOT_FOUND","The filter does not
exist."),
+ 0xC0220004: ("STATUS_FWP_LAYER_NOT_FOUND","The layer does not exist."),
+ 0xC0220005: ("STATUS_FWP_PROVIDER_NOT_FOUND","The provider does not
exist."),
+ 0xC0220006: ("STATUS_FWP_PROVIDER_CONTEXT_NOT_FOUND","The provider
context does not exist."),
+ 0xC0220007: ("STATUS_FWP_SUBLAYER_NOT_FOUND","The sublayer does not
exist."),
+ 0xC0220008: ("STATUS_FWP_NOT_FOUND","The object does not exist."),
+ 0xC0220009: ("STATUS_FWP_ALREADY_EXISTS","An object with that GUID or
LUID already exists."),
+ 0xC022000A: ("STATUS_FWP_IN_USE","The object is referenced by other
objects and cannot be deleted."),
+ 0xC022000B: ("STATUS_FWP_DYNAMIC_SESSION_IN_PROGRESS","The call is not
allowed from within a dynamic session."),
+ 0xC022000C: ("STATUS_FWP_WRONG_SESSION","The call was made from the
wrong session and cannot be completed."),
+ 0xC022000D: ("STATUS_FWP_NO_TXN_IN_PROGRESS","The call must be made
from within an explicit transaction."),
+ 0xC022000E: ("STATUS_FWP_TXN_IN_PROGRESS","The call is not allowed
from within an explicit transaction."),
+ 0xC022000F: ("STATUS_FWP_TXN_ABORTED","The explicit transaction has
been forcibly canceled."),
+ 0xC0220010: ("STATUS_FWP_SESSION_ABORTED","The session has been
canceled."),
+ 0xC0220011: ("STATUS_FWP_INCOMPATIBLE_TXN","The call is not allowed
from within a read-only transaction."),
+ 0xC0220012: ("STATUS_FWP_TIMEOUT","The call timed out while waiting to
acquire the transaction lock."),
+ 0xC0220013: ("STATUS_FWP_NET_EVENTS_DISABLED","The collection of
network diagnostic events is disabled."),
+ 0xC0220014: ("STATUS_FWP_INCOMPATIBLE_LAYER","The operation is not
supported by the specified layer."),
+ 0xC0220015: ("STATUS_FWP_KM_CLIENTS_ONLY","The call is allowed for
kernel-mode callers only."),
+ 0xC0220016: ("STATUS_FWP_LIFETIME_MISMATCH","The call tried to
associate two objects with incompatible lifetimes."),
+ 0xC0220017: ("STATUS_FWP_BUILTIN_OBJECT","The object is built-in and
cannot be deleted."),
+ 0xC0220018: ("STATUS_FWP_TOO_MANY_BOOTTIME_FILTERS","The maximum
number of boot-time filters has been reached."),
+ 0xC0220018: ("STATUS_FWP_TOO_MANY_CALLOUTS","The maximum number of
callouts has been reached."),
+ 0xC0220019: ("STATUS_FWP_NOTIFICATION_DROPPED","A notification could
not be delivered because a message queue has reached maximum capacity."),
+ 0xC022001A: ("STATUS_FWP_TRAFFIC_MISMATCH","The traffic parameters do
not match those for the security association context."),
+ 0xC022001B: ("STATUS_FWP_INCOMPATIBLE_SA_STATE","The call is not
allowed for the current security association state."),
+ 0xC022001C: ("STATUS_FWP_NULL_POINTER","A required pointer is null."),
+ 0xC022001D: ("STATUS_FWP_INVALID_ENUMERATOR","An enumerator is not
valid."),
+ 0xC022001E: ("STATUS_FWP_INVALID_FLAGS","The flags field contains an
invalid value."),
+ 0xC022001F: ("STATUS_FWP_INVALID_NET_MASK","A network mask is not
valid."),
+ 0xC0220020: ("STATUS_FWP_INVALID_RANGE","An FWP_RANGE is not valid."),
+ 0xC0220021: ("STATUS_FWP_INVALID_INTERVAL","The time interval is not
valid."),
+ 0xC0220022: ("STATUS_FWP_ZERO_LENGTH_ARRAY","An array that must
contain at least one element has a zero length."),
+ 0xC0220023: ("STATUS_FWP_NULL_DISPLAY_NAME","The displayData.name
field cannot be null."),
+ 0xC0220024: ("STATUS_FWP_INVALID_ACTION_TYPE","The action type is not
one of the allowed action types for a filter."),
+ 0xC0220025: ("STATUS_FWP_INVALID_WEIGHT","The filter weight is not
valid."),
+ 0xC0220026: ("STATUS_FWP_MATCH_TYPE_MISMATCH","A filter condition
contains a match type that is not compatible with the operands."),
+ 0xC0220027: ("STATUS_FWP_TYPE_MISMATCH","An FWP_VALUE or
FWPM_CONDITION_VALUE is of the wrong type."),
+ 0xC0220028: ("STATUS_FWP_OUT_OF_BOUNDS","An integer value is outside
the allowed range."),
+ 0xC0220029: ("STATUS_FWP_RESERVED","A reserved field is nonzero."),
+ 0xC022002A: ("STATUS_FWP_DUPLICATE_CONDITION","A filter cannot contain
multiple conditions operating on a single field."),
+ 0xC022002B: ("STATUS_FWP_DUPLICATE_KEYMOD","A policy cannot contain
the same keying module more than once."),
+ 0xC022002C: ("STATUS_FWP_ACTION_INCOMPATIBLE_WITH_LAYER","The action
type is not compatible with the layer."),
+ 0xC022002D: ("STATUS_FWP_ACTION_INCOMPATIBLE_WITH_SUBLAYER","The
action type is not compatible with the sublayer."),
+ 0xC022002E: ("STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_LAYER","The raw
context or the provider context is not compatible with the layer."),
+ 0xC022002F: ("STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_CALLOUT","The raw
context or the provider context is not compatible with the callout."),
+ 0xC0220030: ("STATUS_FWP_INCOMPATIBLE_AUTH_METHOD","The authentication
method is not compatible with the policy type."),
+ 0xC0220031: ("STATUS_FWP_INCOMPATIBLE_DH_GROUP","The Diffie-Hellman
group is not compatible with the policy type."),
+ 0xC0220032: ("STATUS_FWP_EM_NOT_SUPPORTED","An IKE policy cannot
contain an Extended Mode policy."),
+ 0xC0220033: ("STATUS_FWP_NEVER_MATCH","The enumeration template or
subscription will never match any objects."),
+ 0xC0220034: ("STATUS_FWP_PROVIDER_CONTEXT_MISMATCH","The provider
context is of the wrong type."),
+ 0xC0220035: ("STATUS_FWP_INVALID_PARAMETER","The parameter is
incorrect."),
+ 0xC0220036: ("STATUS_FWP_TOO_MANY_SUBLAYERS","The maximum number of
sublayers has been reached."),
+ 0xC0220037: ("STATUS_FWP_CALLOUT_NOTIFICATION_FAILED","The
notification function for a callout returned an error."),
+ 0xC0220038: ("STATUS_FWP_INCOMPATIBLE_AUTH_CONFIG","The IPsec
authentication configuration is not compatible with the authentication type."),
+ 0xC0220039: ("STATUS_FWP_INCOMPATIBLE_CIPHER_CONFIG","The IPsec cipher
configuration is not compatible with the cipher type."),
+ 0xC022003C: ("STATUS_FWP_DUPLICATE_AUTH_METHOD","A policy cannot
contain the same auth method more than once."),
+ 0xC0220100: ("STATUS_FWP_TCPIP_NOT_READY","The TCP/IP stack is not
ready."),
+ 0xC0220101: ("STATUS_FWP_INJECT_HANDLE_CLOSING","The injection handle
is being closed by another thread."),
+ 0xC0220102: ("STATUS_FWP_INJECT_HANDLE_STALE","The injection handle is
stale."),
+ 0xC0220103: ("STATUS_FWP_CANNOT_PEND","The classify cannot be
pended."),
+ 0xC0230002: ("STATUS_NDIS_CLOSING","The binding to the network
interface is being closed."),
+ 0xC0230004: ("STATUS_NDIS_BAD_VERSION","An invalid version was
specified."),
+ 0xC0230005: ("STATUS_NDIS_BAD_CHARACTERISTICS","An invalid
characteristics table was used."),
+ 0xC0230006: ("STATUS_NDIS_ADAPTER_NOT_FOUND","Failed to find the
network interface or the network interface is not ready."),
+ 0xC0230007: ("STATUS_NDIS_OPEN_FAILED","Failed to open the network
interface."),
+ 0xC0230008: ("STATUS_NDIS_DEVICE_FAILED","The network interface has
encountered an internal unrecoverable failure."),
+ 0xC0230009: ("STATUS_NDIS_MULTICAST_FULL","The multicast list on the
network interface is full."),
+ 0xC023000A: ("STATUS_NDIS_MULTICAST_EXISTS","An attempt was made to
add a duplicate multicast address to the list."),
+ 0xC023000B: ("STATUS_NDIS_MULTICAST_NOT_FOUND","At attempt was made to
remove a multicast address that was never added."),
+ 0xC023000C: ("STATUS_NDIS_REQUEST_ABORTED","The network interface
aborted the request."),
+ 0xC023000D: ("STATUS_NDIS_RESET_IN_PROGRESS","The network interface
cannot process the request because it is being reset."),
+ 0xC023000F: ("STATUS_NDIS_INVALID_PACKET","An attempt was made to send
an invalid packet on a network interface."),
+ 0xC0230010: ("STATUS_NDIS_INVALID_DEVICE_REQUEST","The specified
request is not a valid operation for the target device."),
+ 0xC0230011: ("STATUS_NDIS_ADAPTER_NOT_READY","The network interface is
not ready to complete this operation."),
+ 0xC0230014: ("STATUS_NDIS_INVALID_LENGTH","The length of the buffer
submitted for this operation is not valid."),
+ 0xC0230015: ("STATUS_NDIS_INVALID_DATA","The data used for this
operation is not valid."),
+ 0xC0230016: ("STATUS_NDIS_BUFFER_TOO_SHORT","The length of the
submitted buffer for this operation is too small."),
+ 0xC0230017: ("STATUS_NDIS_INVALID_OID","The network interface does not
support this object identifier."),
+ 0xC0230018: ("STATUS_NDIS_ADAPTER_REMOVED","The network interface has
been removed."),
+ 0xC0230019: ("STATUS_NDIS_UNSUPPORTED_MEDIA","The network interface
does not support this media type."),
+ 0xC023001A: ("STATUS_NDIS_GROUP_ADDRESS_IN_USE","An attempt was made
to remove a token ring group address that is in use by other components."),
+ 0xC023001B: ("STATUS_NDIS_FILE_NOT_FOUND","An attempt was made to map
a file that cannot be found."),
+ 0xC023001C: ("STATUS_NDIS_ERROR_READING_FILE","An error occurred while
NDIS tried to map the file."),
+ 0xC023001D: ("STATUS_NDIS_ALREADY_MAPPED","An attempt was made to map
a file that is already mapped."),
+ 0xC023001E: ("STATUS_NDIS_RESOURCE_CONFLICT","An attempt to allocate a
hardware resource failed because the resource is used by another component."),
+ 0xC023001F: ("STATUS_NDIS_MEDIA_DISCONNECTED","The I/O operation
failed because the network media is disconnected or the wireless access point
is out of range."),
+ 0xC0230022: ("STATUS_NDIS_INVALID_ADDRESS","The network address used
in the request is invalid."),
+ 0xC023002A: ("STATUS_NDIS_PAUSED","The offload operation on the
network interface has been paused."),
+ 0xC023002B: ("STATUS_NDIS_INTERFACE_NOT_FOUND","The network interface
was not found."),
+ 0xC023002C: ("STATUS_NDIS_UNSUPPORTED_REVISION","The revision number
specified in the structure is not supported."),
+ 0xC023002D: ("STATUS_NDIS_INVALID_PORT","The specified port does not
exist on this network interface."),
+ 0xC023002E: ("STATUS_NDIS_INVALID_PORT_STATE","The current state of
the specified port on this network interface does not support the requested
operation."),
+ 0xC023002F: ("STATUS_NDIS_LOW_POWER_STATE","The miniport adapter is in
a lower power state."),
+ 0xC02300BB: ("STATUS_NDIS_NOT_SUPPORTED","The network interface does
not support this request."),
+ 0xC023100F: ("STATUS_NDIS_OFFLOAD_POLICY","The TCP connection is not
offloadable because of a local policy setting."),
+ 0xC0231012: ("STATUS_NDIS_OFFLOAD_CONNECTION_REJECTED","The TCP
connection is not offloadable by the Chimney offload target."),
+ 0xC0231013: ("STATUS_NDIS_OFFLOAD_PATH_REJECTED","The IP Path object
is not in an offloadable state."),
+ 0xC0232000: ("STATUS_NDIS_DOT11_AUTO_CONFIG_ENABLED","The wireless LAN
interface is in auto-configuration mode and does not support the requested
parameter change operation."),
+ 0xC0232001: ("STATUS_NDIS_DOT11_MEDIA_IN_USE","The wireless LAN
interface is busy and cannot perform the requested operation."),
+ 0xC0232002: ("STATUS_NDIS_DOT11_POWER_STATE_INVALID","The wireless LAN
interface is power down and does not support the requested operation."),
+ 0xC0232003: ("STATUS_NDIS_PM_WOL_PATTERN_LIST_FULL","The list of wake
on LAN patterns is full."),
+ 0xC0232004: ("STATUS_NDIS_PM_PROTOCOL_OFFLOAD_LIST_FULL","The list of
low power protocol offloads is full."),
+ 0xC0360001: ("STATUS_IPSEC_BAD_SPI","The SPI in the packet does not
match a valid IPsec SA."),
+ 0xC0360002: ("STATUS_IPSEC_SA_LIFETIME_EXPIRED","The packet was
received on an IPsec SA whose lifetime has expired."),
+ 0xC0360003: ("STATUS_IPSEC_WRONG_SA","The packet was received on an
IPsec SA that does not match the packet characteristics."),
+ 0xC0360004: ("STATUS_IPSEC_REPLAY_CHECK_FAILED","The packet sequence
number replay check failed."),
+ 0xC0360005: ("STATUS_IPSEC_INVALID_PACKET","The IPsec header and/or
trailer in the packet is invalid."),
+ 0xC0360006: ("STATUS_IPSEC_INTEGRITY_CHECK_FAILED","The IPsec
integrity check failed."),
+ 0xC0360007: ("STATUS_IPSEC_CLEAR_TEXT_DROP","IPsec dropped a clear
text packet."),
+ 0xC0360008: ("STATUS_IPSEC_AUTH_FIREWALL_DROP","IPsec dropped an
incoming ESP packet in authenticated firewall mode. This drop is benign."),
+ 0xC0360009: ("STATUS_IPSEC_THROTTLE_DROP","IPsec dropped a packet due
to DOS throttle."),
+ 0xC0368000: ("STATUS_IPSEC_DOSP_BLOCK","IPsec Dos Protection matched
an explicit block rule."),
+ 0xC0368001: ("STATUS_IPSEC_DOSP_RECEIVED_MULTICAST","IPsec Dos
Protection received an IPsec specific multicast packet which is not allowed."),
+ 0xC0368002: ("STATUS_IPSEC_DOSP_INVALID_PACKET","IPsec Dos Protection
received an incorrectly formatted packet."),
+ 0xC0368003: ("STATUS_IPSEC_DOSP_STATE_LOOKUP_FAILED","IPsec Dos
Protection failed to lookup state."),
+ 0xC0368004: ("STATUS_IPSEC_DOSP_MAX_ENTRIES","IPsec Dos Protection
failed to create state because there are already maximum number of entries
allowed by policy."),
+ 0xC0368005: ("STATUS_IPSEC_DOSP_KEYMOD_NOT_ALLOWED","IPsec Dos
Protection received an IPsec negotiation packet for a keying module which is
not allowed by policy."),
+ 0xC0368006: ("STATUS_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES","IPsec
Dos Protection failed to create per internal IP ratelimit queue because there
is already maximum number of queues allowed by policy."),
+ 0xC038005B: ("STATUS_VOLMGR_MIRROR_NOT_SUPPORTED","The system does not
support mirrored volumes."),
+ 0xC038005C: ("STATUS_VOLMGR_RAID5_NOT_SUPPORTED","The system does not
support RAID-5 volumes."),
+ 0xC03A0014: ("STATUS_VIRTDISK_PROVIDER_NOT_FOUND","A virtual disk
support provider for the specified file was not found."),
+ 0xC03A0015: ("STATUS_VIRTDISK_NOT_VIRTUAL_DISK","The specified disk is
not a virtual disk."),
+ 0xC03A0016: ("STATUS_VHD_PARENT_VHD_ACCESS_DENIED","The chain of
virtual hard disks is inaccessible. The process has not been granted access
rights to the parent virtual hard disk for the differencing disk."),
+ 0xC03A0017: ("STATUS_VHD_CHILD_PARENT_SIZE_MISMATCH","The chain of
virtual hard disks is corrupted. There is a mismatch in the virtual sizes of
the parent virtual hard disk and differencing disk."),
+ 0xC03A0018: ("STATUS_VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED","The chain
of virtual hard disks is corrupted. A differencing disk is indicated in its own
parent chain."),
+ 0xC03A0019: ("STATUS_VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT","The
chain of virtual hard disks is inaccessible. There was an error opening a
virtual hard disk further up the chain."),
+}
+
+# Error Codes
+
+STATUS_SUCCESS = 0x00000000
+STATUS_WAIT_1 = 0x00000001
+STATUS_WAIT_2 = 0x00000002
+STATUS_WAIT_3 = 0x00000003
+STATUS_WAIT_63 = 0x0000003F
+STATUS_ABANDONED = 0x00000080
+STATUS_ABANDONED_WAIT_0 = 0x00000080
+STATUS_ABANDONED_WAIT_63 = 0x000000BF
+STATUS_USER_APC = 0x000000C0
+STATUS_ALERTED = 0x00000101
+STATUS_TIMEOUT = 0x00000102
+STATUS_PENDING = 0x00000103
+STATUS_REPARSE = 0x00000104
+STATUS_MORE_ENTRIES = 0x00000105
+STATUS_NOT_ALL_ASSIGNED = 0x00000106
+STATUS_SOME_NOT_MAPPED = 0x00000107
+STATUS_OPLOCK_BREAK_IN_PROGRESS = 0x00000108
+STATUS_VOLUME_MOUNTED = 0x00000109
+STATUS_RXACT_COMMITTED = 0x0000010A
+STATUS_NOTIFY_CLEANUP = 0x0000010B
+STATUS_NOTIFY_ENUM_DIR = 0x0000010C
+STATUS_NO_QUOTAS_FOR_ACCOUNT = 0x0000010D
+STATUS_PRIMARY_TRANSPORT_CONNECT_FAILED = 0x0000010E
+STATUS_PAGE_FAULT_TRANSITION = 0x00000110
+STATUS_PAGE_FAULT_DEMAND_ZERO = 0x00000111
+STATUS_PAGE_FAULT_COPY_ON_WRITE = 0x00000112
+STATUS_PAGE_FAULT_GUARD_PAGE = 0x00000113
+STATUS_PAGE_FAULT_PAGING_FILE = 0x00000114
+STATUS_CACHE_PAGE_LOCKED = 0x00000115
+STATUS_CRASH_DUMP = 0x00000116
+STATUS_BUFFER_ALL_ZEROS = 0x00000117
+STATUS_REPARSE_OBJECT = 0x00000118
+STATUS_RESOURCE_REQUIREMENTS_CHANGED = 0x00000119
+STATUS_TRANSLATION_COMPLETE = 0x00000120
+STATUS_DS_MEMBERSHIP_EVALUATED_LOCALLY = 0x00000121
+STATUS_NOTHING_TO_TERMINATE = 0x00000122
+STATUS_PROCESS_NOT_IN_JOB = 0x00000123
+STATUS_PROCESS_IN_JOB = 0x00000124
+STATUS_VOLSNAP_HIBERNATE_READY = 0x00000125
+STATUS_FSFILTER_OP_COMPLETED_SUCCESSFULLY = 0x00000126
+STATUS_INTERRUPT_VECTOR_ALREADY_CONNECTED = 0x00000127
+STATUS_INTERRUPT_STILL_CONNECTED = 0x00000128
+STATUS_PROCESS_CLONED = 0x00000129
+STATUS_FILE_LOCKED_WITH_ONLY_READERS = 0x0000012A
+STATUS_FILE_LOCKED_WITH_WRITERS = 0x0000012B
+STATUS_RESOURCEMANAGER_READ_ONLY = 0x00000202
+STATUS_WAIT_FOR_OPLOCK = 0x00000367
+DBG_EXCEPTION_HANDLED = 0x00010001
+DBG_CONTINUE = 0x00010002
+STATUS_FLT_IO_COMPLETE = 0x001C0001
+STATUS_FILE_NOT_AVAILABLE = 0xC0000467
+STATUS_CALLBACK_RETURNED_THREAD_AFFINITY = 0xC0000721
+STATUS_OBJECT_NAME_EXISTS = 0x40000000
+STATUS_THREAD_WAS_SUSPENDED = 0x40000001
+STATUS_WORKING_SET_LIMIT_RANGE = 0x40000002
+STATUS_IMAGE_NOT_AT_BASE = 0x40000003
+STATUS_RXACT_STATE_CREATED = 0x40000004
+STATUS_SEGMENT_NOTIFICATION = 0x40000005
+STATUS_LOCAL_USER_SESSION_KEY = 0x40000006
+STATUS_BAD_CURRENT_DIRECTORY = 0x40000007
+STATUS_SERIAL_MORE_WRITES = 0x40000008
+STATUS_REGISTRY_RECOVERED = 0x40000009
+STATUS_FT_READ_RECOVERY_FROM_BACKUP = 0x4000000A
+STATUS_FT_WRITE_RECOVERY = 0x4000000B
+STATUS_SERIAL_COUNTER_TIMEOUT = 0x4000000C
+STATUS_NULL_LM_PASSWORD = 0x4000000D
+STATUS_IMAGE_MACHINE_TYPE_MISMATCH = 0x4000000E
+STATUS_RECEIVE_PARTIAL = 0x4000000F
+STATUS_RECEIVE_EXPEDITED = 0x40000010
+STATUS_RECEIVE_PARTIAL_EXPEDITED = 0x40000011
+STATUS_EVENT_DONE = 0x40000012
+STATUS_EVENT_PENDING = 0x40000013
+STATUS_CHECKING_FILE_SYSTEM = 0x40000014
+STATUS_FATAL_APP_EXIT = 0x40000015
+STATUS_PREDEFINED_HANDLE = 0x40000016
+STATUS_WAS_UNLOCKED = 0x40000017
+STATUS_SERVICE_NOTIFICATION = 0x40000018
+STATUS_WAS_LOCKED = 0x40000019
+STATUS_LOG_HARD_ERROR = 0x4000001A
+STATUS_ALREADY_WIN32 = 0x4000001B
+STATUS_WX86_UNSIMULATE = 0x4000001C
+STATUS_WX86_CONTINUE = 0x4000001D
+STATUS_WX86_SINGLE_STEP = 0x4000001E
+STATUS_WX86_BREAKPOINT = 0x4000001F
+STATUS_WX86_EXCEPTION_CONTINUE = 0x40000020
+STATUS_WX86_EXCEPTION_LASTCHANCE = 0x40000021
+STATUS_WX86_EXCEPTION_CHAIN = 0x40000022
+STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE = 0x40000023
+STATUS_NO_YIELD_PERFORMED = 0x40000024
+STATUS_TIMER_RESUME_IGNORED = 0x40000025
+STATUS_ARBITRATION_UNHANDLED = 0x40000026
+STATUS_CARDBUS_NOT_SUPPORTED = 0x40000027
+STATUS_WX86_CREATEWX86TIB = 0x40000028
+STATUS_MP_PROCESSOR_MISMATCH = 0x40000029
+STATUS_HIBERNATED = 0x4000002A
+STATUS_RESUME_HIBERNATION = 0x4000002B
+STATUS_FIRMWARE_UPDATED = 0x4000002C
+STATUS_DRIVERS_LEAKING_LOCKED_PAGES = 0x4000002D
+STATUS_MESSAGE_RETRIEVED = 0x4000002E
+STATUS_SYSTEM_POWERSTATE_TRANSITION = 0x4000002F
+STATUS_ALPC_CHECK_COMPLETION_LIST = 0x40000030
+STATUS_SYSTEM_POWERSTATE_COMPLEX_TRANSITION = 0x40000031
+STATUS_ACCESS_AUDIT_BY_POLICY = 0x40000032
+STATUS_ABANDON_HIBERFILE = 0x40000033
+STATUS_BIZRULES_NOT_ENABLED = 0x40000034
+STATUS_WAKE_SYSTEM = 0x40000294
+STATUS_DS_SHUTTING_DOWN = 0x40000370
+DBG_REPLY_LATER = 0x40010001
+DBG_UNABLE_TO_PROVIDE_HANDLE = 0x40010002
+DBG_TERMINATE_THREAD = 0x40010003
+DBG_TERMINATE_PROCESS = 0x40010004
+DBG_CONTROL_C = 0x40010005
+DBG_PRINTEXCEPTION_C = 0x40010006
+DBG_RIPEXCEPTION = 0x40010007
+DBG_CONTROL_BREAK = 0x40010008
+DBG_COMMAND_EXCEPTION = 0x40010009
+RPC_NT_UUID_LOCAL_ONLY = 0x40020056
+RPC_NT_SEND_INCOMPLETE = 0x400200AF
+STATUS_CTX_CDM_CONNECT = 0x400A0004
+STATUS_CTX_CDM_DISCONNECT = 0x400A0005
+STATUS_SXS_RELEASE_ACTIVATION_CONTEXT = 0x4015000D
+STATUS_RECOVERY_NOT_NEEDED = 0x40190034
+STATUS_RM_ALREADY_STARTED = 0x40190035
+STATUS_LOG_NO_RESTART = 0x401A000C
+STATUS_VIDEO_DRIVER_DEBUG_REPORT_REQUEST = 0x401B00EC
+STATUS_GRAPHICS_PARTIAL_DATA_POPULATED = 0x401E000A
+STATUS_GRAPHICS_DRIVER_MISMATCH = 0x401E0117
+STATUS_GRAPHICS_MODE_NOT_PINNED = 0x401E0307
+STATUS_GRAPHICS_NO_PREFERRED_MODE = 0x401E031E
+STATUS_GRAPHICS_DATASET_IS_EMPTY = 0x401E034B
+STATUS_GRAPHICS_NO_MORE_ELEMENTS_IN_DATASET = 0x401E034C
+STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_PINNED = 0x401E0351
+STATUS_GRAPHICS_UNKNOWN_CHILD_STATUS = 0x401E042F
+STATUS_GRAPHICS_LEADLINK_START_DEFERRED = 0x401E0437
+STATUS_GRAPHICS_POLLING_TOO_FREQUENTLY = 0x401E0439
+STATUS_GRAPHICS_START_DEFERRED = 0x401E043A
+STATUS_NDIS_INDICATION_REQUIRED = 0x40230001
+STATUS_GUARD_PAGE_VIOLATION = 0x80000001
+STATUS_DATATYPE_MISALIGNMENT = 0x80000002
+STATUS_BREAKPOINT = 0x80000003
+STATUS_SINGLE_STEP = 0x80000004
+STATUS_BUFFER_OVERFLOW = 0x80000005
+STATUS_NO_MORE_FILES = 0x80000006
+STATUS_WAKE_SYSTEM_DEBUGGER = 0x80000007
+STATUS_HANDLES_CLOSED = 0x8000000A
+STATUS_NO_INHERITANCE = 0x8000000B
+STATUS_GUID_SUBSTITUTION_MADE = 0x8000000C
+STATUS_PARTIAL_COPY = 0x8000000D
+STATUS_DEVICE_PAPER_EMPTY = 0x8000000E
+STATUS_DEVICE_POWERED_OFF = 0x8000000F
+STATUS_DEVICE_OFF_LINE = 0x80000010
+STATUS_DEVICE_BUSY = 0x80000011
+STATUS_NO_MORE_EAS = 0x80000012
+STATUS_INVALID_EA_NAME = 0x80000013
+STATUS_EA_LIST_INCONSISTENT = 0x80000014
+STATUS_INVALID_EA_FLAG = 0x80000015
+STATUS_VERIFY_REQUIRED = 0x80000016
+STATUS_EXTRANEOUS_INFORMATION = 0x80000017
+STATUS_RXACT_COMMIT_NECESSARY = 0x80000018
+STATUS_NO_MORE_ENTRIES = 0x8000001A
+STATUS_FILEMARK_DETECTED = 0x8000001B
+STATUS_MEDIA_CHANGED = 0x8000001C
+STATUS_BUS_RESET = 0x8000001D
+STATUS_END_OF_MEDIA = 0x8000001E
+STATUS_BEGINNING_OF_MEDIA = 0x8000001F
+STATUS_MEDIA_CHECK = 0x80000020
+STATUS_SETMARK_DETECTED = 0x80000021
+STATUS_NO_DATA_DETECTED = 0x80000022
+STATUS_REDIRECTOR_HAS_OPEN_HANDLES = 0x80000023
+STATUS_SERVER_HAS_OPEN_HANDLES = 0x80000024
+STATUS_ALREADY_DISCONNECTED = 0x80000025
+STATUS_LONGJUMP = 0x80000026
+STATUS_CLEANER_CARTRIDGE_INSTALLED = 0x80000027
+STATUS_PLUGPLAY_QUERY_VETOED = 0x80000028
+STATUS_UNWIND_CONSOLIDATE = 0x80000029
+STATUS_REGISTRY_HIVE_RECOVERED = 0x8000002A
+STATUS_DLL_MIGHT_BE_INSECURE = 0x8000002B
+STATUS_DLL_MIGHT_BE_INCOMPATIBLE = 0x8000002C
+STATUS_STOPPED_ON_SYMLINK = 0x8000002D
+STATUS_DEVICE_REQUIRES_CLEANING = 0x80000288
+STATUS_DEVICE_DOOR_OPEN = 0x80000289
+STATUS_DATA_LOST_REPAIR = 0x80000803
+DBG_EXCEPTION_NOT_HANDLED = 0x80010001
+STATUS_CLUSTER_NODE_ALREADY_UP = 0x80130001
+STATUS_CLUSTER_NODE_ALREADY_DOWN = 0x80130002
+STATUS_CLUSTER_NETWORK_ALREADY_ONLINE = 0x80130003
+STATUS_CLUSTER_NETWORK_ALREADY_OFFLINE = 0x80130004
+STATUS_CLUSTER_NODE_ALREADY_MEMBER = 0x80130005
+STATUS_COULD_NOT_RESIZE_LOG = 0x80190009
+STATUS_NO_TXF_METADATA = 0x80190029
+STATUS_CANT_RECOVER_WITH_HANDLE_OPEN = 0x80190031
+STATUS_TXF_METADATA_ALREADY_PRESENT = 0x80190041
+STATUS_TRANSACTION_SCOPE_CALLBACKS_NOT_SET = 0x80190042
+STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD_RECOVERED = 0x801B00EB
+STATUS_FLT_BUFFER_TOO_SMALL = 0x801C0001
+STATUS_FVE_PARTIAL_METADATA = 0x80210001
+STATUS_FVE_TRANSIENT_STATE = 0x80210002
+STATUS_UNSUCCESSFUL = 0xC0000001
+STATUS_NOT_IMPLEMENTED = 0xC0000002
+STATUS_INVALID_INFO_CLASS = 0xC0000003
+STATUS_INFO_LENGTH_MISMATCH = 0xC0000004
+STATUS_ACCESS_VIOLATION = 0xC0000005
+STATUS_IN_PAGE_ERROR = 0xC0000006
+STATUS_PAGEFILE_QUOTA = 0xC0000007
+STATUS_INVALID_HANDLE = 0xC0000008
+STATUS_BAD_INITIAL_STACK = 0xC0000009
+STATUS_BAD_INITIAL_PC = 0xC000000A
+STATUS_INVALID_CID = 0xC000000B
+STATUS_TIMER_NOT_CANCELED = 0xC000000C
+STATUS_INVALID_PARAMETER = 0xC000000D
+STATUS_NO_SUCH_DEVICE = 0xC000000E
+STATUS_NO_SUCH_FILE = 0xC000000F
+STATUS_INVALID_DEVICE_REQUEST = 0xC0000010
+STATUS_END_OF_FILE = 0xC0000011
+STATUS_WRONG_VOLUME = 0xC0000012
+STATUS_NO_MEDIA_IN_DEVICE = 0xC0000013
+STATUS_UNRECOGNIZED_MEDIA = 0xC0000014
+STATUS_NONEXISTENT_SECTOR = 0xC0000015
+STATUS_MORE_PROCESSING_REQUIRED = 0xC0000016
+STATUS_NO_MEMORY = 0xC0000017
+STATUS_CONFLICTING_ADDRESSES = 0xC0000018
+STATUS_NOT_MAPPED_VIEW = 0xC0000019
+STATUS_UNABLE_TO_FREE_VM = 0xC000001A
+STATUS_UNABLE_TO_DELETE_SECTION = 0xC000001B
+STATUS_INVALID_SYSTEM_SERVICE = 0xC000001C
+STATUS_ILLEGAL_INSTRUCTION = 0xC000001D
+STATUS_INVALID_LOCK_SEQUENCE = 0xC000001E
+STATUS_INVALID_VIEW_SIZE = 0xC000001F
+STATUS_INVALID_FILE_FOR_SECTION = 0xC0000020
+STATUS_ALREADY_COMMITTED = 0xC0000021
+STATUS_ACCESS_DENIED = 0xC0000022
+STATUS_BUFFER_TOO_SMALL = 0xC0000023
+STATUS_OBJECT_TYPE_MISMATCH = 0xC0000024
+STATUS_NONCONTINUABLE_EXCEPTION = 0xC0000025
+STATUS_INVALID_DISPOSITION = 0xC0000026
+STATUS_UNWIND = 0xC0000027
+STATUS_BAD_STACK = 0xC0000028
+STATUS_INVALID_UNWIND_TARGET = 0xC0000029
+STATUS_NOT_LOCKED = 0xC000002A
+STATUS_PARITY_ERROR = 0xC000002B
+STATUS_UNABLE_TO_DECOMMIT_VM = 0xC000002C
+STATUS_NOT_COMMITTED = 0xC000002D
+STATUS_INVALID_PORT_ATTRIBUTES = 0xC000002E
+STATUS_PORT_MESSAGE_TOO_LONG = 0xC000002F
+STATUS_INVALID_PARAMETER_MIX = 0xC0000030
+STATUS_INVALID_QUOTA_LOWER = 0xC0000031
+STATUS_DISK_CORRUPT_ERROR = 0xC0000032
+STATUS_OBJECT_NAME_INVALID = 0xC0000033
+STATUS_OBJECT_NAME_NOT_FOUND = 0xC0000034
+STATUS_OBJECT_NAME_COLLISION = 0xC0000035
+STATUS_PORT_DISCONNECTED = 0xC0000037
+STATUS_DEVICE_ALREADY_ATTACHED = 0xC0000038
+STATUS_OBJECT_PATH_INVALID = 0xC0000039
+STATUS_OBJECT_PATH_NOT_FOUND = 0xC000003A
+STATUS_OBJECT_PATH_SYNTAX_BAD = 0xC000003B
+STATUS_DATA_OVERRUN = 0xC000003C
+STATUS_DATA_LATE_ERROR = 0xC000003D
+STATUS_DATA_ERROR = 0xC000003E
+STATUS_CRC_ERROR = 0xC000003F
+STATUS_SECTION_TOO_BIG = 0xC0000040
+STATUS_PORT_CONNECTION_REFUSED = 0xC0000041
+STATUS_INVALID_PORT_HANDLE = 0xC0000042
+STATUS_SHARING_VIOLATION = 0xC0000043
+STATUS_QUOTA_EXCEEDED = 0xC0000044
+STATUS_INVALID_PAGE_PROTECTION = 0xC0000045
+STATUS_MUTANT_NOT_OWNED = 0xC0000046
+STATUS_SEMAPHORE_LIMIT_EXCEEDED = 0xC0000047
+STATUS_PORT_ALREADY_SET = 0xC0000048
+STATUS_SECTION_NOT_IMAGE = 0xC0000049
+STATUS_SUSPEND_COUNT_EXCEEDED = 0xC000004A
+STATUS_THREAD_IS_TERMINATING = 0xC000004B
+STATUS_BAD_WORKING_SET_LIMIT = 0xC000004C
+STATUS_INCOMPATIBLE_FILE_MAP = 0xC000004D
+STATUS_SECTION_PROTECTION = 0xC000004E
+STATUS_EAS_NOT_SUPPORTED = 0xC000004F
+STATUS_EA_TOO_LARGE = 0xC0000050
+STATUS_NONEXISTENT_EA_ENTRY = 0xC0000051
+STATUS_NO_EAS_ON_FILE = 0xC0000052
+STATUS_EA_CORRUPT_ERROR = 0xC0000053
+STATUS_FILE_LOCK_CONFLICT = 0xC0000054
+STATUS_LOCK_NOT_GRANTED = 0xC0000055
+STATUS_DELETE_PENDING = 0xC0000056
+STATUS_CTL_FILE_NOT_SUPPORTED = 0xC0000057
+STATUS_UNKNOWN_REVISION = 0xC0000058
+STATUS_REVISION_MISMATCH = 0xC0000059
+STATUS_INVALID_OWNER = 0xC000005A
+STATUS_INVALID_PRIMARY_GROUP = 0xC000005B
+STATUS_NO_IMPERSONATION_TOKEN = 0xC000005C
+STATUS_CANT_DISABLE_MANDATORY = 0xC000005D
+STATUS_NO_LOGON_SERVERS = 0xC000005E
+STATUS_NO_SUCH_LOGON_SESSION = 0xC000005F
+STATUS_NO_SUCH_PRIVILEGE = 0xC0000060
+STATUS_PRIVILEGE_NOT_HELD = 0xC0000061
+STATUS_INVALID_ACCOUNT_NAME = 0xC0000062
+STATUS_USER_EXISTS = 0xC0000063
+STATUS_NO_SUCH_USER = 0xC0000064
+STATUS_GROUP_EXISTS = 0xC0000065
+STATUS_NO_SUCH_GROUP = 0xC0000066
+STATUS_MEMBER_IN_GROUP = 0xC0000067
+STATUS_MEMBER_NOT_IN_GROUP = 0xC0000068
+STATUS_LAST_ADMIN = 0xC0000069
+STATUS_WRONG_PASSWORD = 0xC000006A
+STATUS_ILL_FORMED_PASSWORD = 0xC000006B
+STATUS_PASSWORD_RESTRICTION = 0xC000006C
+STATUS_LOGON_FAILURE = 0xC000006D
+STATUS_ACCOUNT_RESTRICTION = 0xC000006E
+STATUS_INVALID_LOGON_HOURS = 0xC000006F
+STATUS_INVALID_WORKSTATION = 0xC0000070
+STATUS_PASSWORD_EXPIRED = 0xC0000071
+STATUS_ACCOUNT_DISABLED = 0xC0000072
+STATUS_NONE_MAPPED = 0xC0000073
+STATUS_TOO_MANY_LUIDS_REQUESTED = 0xC0000074
+STATUS_LUIDS_EXHAUSTED = 0xC0000075
+STATUS_INVALID_SUB_AUTHORITY = 0xC0000076
+STATUS_INVALID_ACL = 0xC0000077
+STATUS_INVALID_SID = 0xC0000078
+STATUS_INVALID_SECURITY_DESCR = 0xC0000079
+STATUS_PROCEDURE_NOT_FOUND = 0xC000007A
+STATUS_INVALID_IMAGE_FORMAT = 0xC000007B
+STATUS_NO_TOKEN = 0xC000007C
+STATUS_BAD_INHERITANCE_ACL = 0xC000007D
+STATUS_RANGE_NOT_LOCKED = 0xC000007E
+STATUS_DISK_FULL = 0xC000007F
+STATUS_SERVER_DISABLED = 0xC0000080
+STATUS_SERVER_NOT_DISABLED = 0xC0000081
+STATUS_TOO_MANY_GUIDS_REQUESTED = 0xC0000082
+STATUS_GUIDS_EXHAUSTED = 0xC0000083
+STATUS_INVALID_ID_AUTHORITY = 0xC0000084
+STATUS_AGENTS_EXHAUSTED = 0xC0000085
+STATUS_INVALID_VOLUME_LABEL = 0xC0000086
+STATUS_SECTION_NOT_EXTENDED = 0xC0000087
+STATUS_NOT_MAPPED_DATA = 0xC0000088
+STATUS_RESOURCE_DATA_NOT_FOUND = 0xC0000089
+STATUS_RESOURCE_TYPE_NOT_FOUND = 0xC000008A
+STATUS_RESOURCE_NAME_NOT_FOUND = 0xC000008B
+STATUS_ARRAY_BOUNDS_EXCEEDED = 0xC000008C
+STATUS_FLOAT_DENORMAL_OPERAND = 0xC000008D
+STATUS_FLOAT_DIVIDE_BY_ZERO = 0xC000008E
+STATUS_FLOAT_INEXACT_RESULT = 0xC000008F
+STATUS_FLOAT_INVALID_OPERATION = 0xC0000090
+STATUS_FLOAT_OVERFLOW = 0xC0000091
+STATUS_FLOAT_STACK_CHECK = 0xC0000092
+STATUS_FLOAT_UNDERFLOW = 0xC0000093
+STATUS_INTEGER_DIVIDE_BY_ZERO = 0xC0000094
+STATUS_INTEGER_OVERFLOW = 0xC0000095
+STATUS_PRIVILEGED_INSTRUCTION = 0xC0000096
+STATUS_TOO_MANY_PAGING_FILES = 0xC0000097
+STATUS_FILE_INVALID = 0xC0000098
+STATUS_ALLOTTED_SPACE_EXCEEDED = 0xC0000099
+STATUS_INSUFFICIENT_RESOURCES = 0xC000009A
+STATUS_DFS_EXIT_PATH_FOUND = 0xC000009B
+STATUS_DEVICE_DATA_ERROR = 0xC000009C
+STATUS_DEVICE_NOT_CONNECTED = 0xC000009D
+STATUS_FREE_VM_NOT_AT_BASE = 0xC000009F
+STATUS_MEMORY_NOT_ALLOCATED = 0xC00000A0
+STATUS_WORKING_SET_QUOTA = 0xC00000A1
+STATUS_MEDIA_WRITE_PROTECTED = 0xC00000A2
+STATUS_DEVICE_NOT_READY = 0xC00000A3
+STATUS_INVALID_GROUP_ATTRIBUTES = 0xC00000A4
+STATUS_BAD_IMPERSONATION_LEVEL = 0xC00000A5
+STATUS_CANT_OPEN_ANONYMOUS = 0xC00000A6
+STATUS_BAD_VALIDATION_CLASS = 0xC00000A7
+STATUS_BAD_TOKEN_TYPE = 0xC00000A8
+STATUS_BAD_MASTER_BOOT_RECORD = 0xC00000A9
+STATUS_INSTRUCTION_MISALIGNMENT = 0xC00000AA
+STATUS_INSTANCE_NOT_AVAILABLE = 0xC00000AB
+STATUS_PIPE_NOT_AVAILABLE = 0xC00000AC
+STATUS_INVALID_PIPE_STATE = 0xC00000AD
+STATUS_PIPE_BUSY = 0xC00000AE
+STATUS_ILLEGAL_FUNCTION = 0xC00000AF
+STATUS_PIPE_DISCONNECTED = 0xC00000B0
+STATUS_PIPE_CLOSING = 0xC00000B1
+STATUS_PIPE_CONNECTED = 0xC00000B2
+STATUS_PIPE_LISTENING = 0xC00000B3
+STATUS_INVALID_READ_MODE = 0xC00000B4
+STATUS_IO_TIMEOUT = 0xC00000B5
+STATUS_FILE_FORCED_CLOSED = 0xC00000B6
+STATUS_PROFILING_NOT_STARTED = 0xC00000B7
+STATUS_PROFILING_NOT_STOPPED = 0xC00000B8
+STATUS_COULD_NOT_INTERPRET = 0xC00000B9
+STATUS_FILE_IS_A_DIRECTORY = 0xC00000BA
+STATUS_NOT_SUPPORTED = 0xC00000BB
+STATUS_REMOTE_NOT_LISTENING = 0xC00000BC
+STATUS_DUPLICATE_NAME = 0xC00000BD
+STATUS_BAD_NETWORK_PATH = 0xC00000BE
+STATUS_NETWORK_BUSY = 0xC00000BF
+STATUS_DEVICE_DOES_NOT_EXIST = 0xC00000C0
+STATUS_TOO_MANY_COMMANDS = 0xC00000C1
+STATUS_ADAPTER_HARDWARE_ERROR = 0xC00000C2
+STATUS_INVALID_NETWORK_RESPONSE = 0xC00000C3
+STATUS_UNEXPECTED_NETWORK_ERROR = 0xC00000C4
+STATUS_BAD_REMOTE_ADAPTER = 0xC00000C5
+STATUS_PRINT_QUEUE_FULL = 0xC00000C6
+STATUS_NO_SPOOL_SPACE = 0xC00000C7
+STATUS_PRINT_CANCELLED = 0xC00000C8
+STATUS_NETWORK_NAME_DELETED = 0xC00000C9
+STATUS_NETWORK_ACCESS_DENIED = 0xC00000CA
+STATUS_BAD_DEVICE_TYPE = 0xC00000CB
+STATUS_BAD_NETWORK_NAME = 0xC00000CC
+STATUS_TOO_MANY_NAMES = 0xC00000CD
+STATUS_TOO_MANY_SESSIONS = 0xC00000CE
+STATUS_SHARING_PAUSED = 0xC00000CF
+STATUS_REQUEST_NOT_ACCEPTED = 0xC00000D0
+STATUS_REDIRECTOR_PAUSED = 0xC00000D1
+STATUS_NET_WRITE_FAULT = 0xC00000D2
+STATUS_PROFILING_AT_LIMIT = 0xC00000D3
+STATUS_NOT_SAME_DEVICE = 0xC00000D4
+STATUS_FILE_RENAMED = 0xC00000D5
+STATUS_VIRTUAL_CIRCUIT_CLOSED = 0xC00000D6
+STATUS_NO_SECURITY_ON_OBJECT = 0xC00000D7
+STATUS_CANT_WAIT = 0xC00000D8
+STATUS_PIPE_EMPTY = 0xC00000D9
+STATUS_CANT_ACCESS_DOMAIN_INFO = 0xC00000DA
+STATUS_CANT_TERMINATE_SELF = 0xC00000DB
+STATUS_INVALID_SERVER_STATE = 0xC00000DC
+STATUS_INVALID_DOMAIN_STATE = 0xC00000DD
+STATUS_INVALID_DOMAIN_ROLE = 0xC00000DE
+STATUS_NO_SUCH_DOMAIN = 0xC00000DF
+STATUS_DOMAIN_EXISTS = 0xC00000E0
+STATUS_DOMAIN_LIMIT_EXCEEDED = 0xC00000E1
+STATUS_OPLOCK_NOT_GRANTED = 0xC00000E2
+STATUS_INVALID_OPLOCK_PROTOCOL = 0xC00000E3
+STATUS_INTERNAL_DB_CORRUPTION = 0xC00000E4
+STATUS_INTERNAL_ERROR = 0xC00000E5
+STATUS_GENERIC_NOT_MAPPED = 0xC00000E6
+STATUS_BAD_DESCRIPTOR_FORMAT = 0xC00000E7
+STATUS_INVALID_USER_BUFFER = 0xC00000E8
+STATUS_UNEXPECTED_IO_ERROR = 0xC00000E9
+STATUS_UNEXPECTED_MM_CREATE_ERR = 0xC00000EA
+STATUS_UNEXPECTED_MM_MAP_ERROR = 0xC00000EB
+STATUS_UNEXPECTED_MM_EXTEND_ERR = 0xC00000EC
+STATUS_NOT_LOGON_PROCESS = 0xC00000ED
+STATUS_LOGON_SESSION_EXISTS = 0xC00000EE
+STATUS_INVALID_PARAMETER_1 = 0xC00000EF
+STATUS_INVALID_PARAMETER_2 = 0xC00000F0
+STATUS_INVALID_PARAMETER_3 = 0xC00000F1
+STATUS_INVALID_PARAMETER_4 = 0xC00000F2
+STATUS_INVALID_PARAMETER_5 = 0xC00000F3
+STATUS_INVALID_PARAMETER_6 = 0xC00000F4
+STATUS_INVALID_PARAMETER_7 = 0xC00000F5
+STATUS_INVALID_PARAMETER_8 = 0xC00000F6
+STATUS_INVALID_PARAMETER_9 = 0xC00000F7
+STATUS_INVALID_PARAMETER_10 = 0xC00000F8
+STATUS_INVALID_PARAMETER_11 = 0xC00000F9
+STATUS_INVALID_PARAMETER_12 = 0xC00000FA
+STATUS_REDIRECTOR_NOT_STARTED = 0xC00000FB
+STATUS_REDIRECTOR_STARTED = 0xC00000FC
+STATUS_STACK_OVERFLOW = 0xC00000FD
+STATUS_NO_SUCH_PACKAGE = 0xC00000FE
+STATUS_BAD_FUNCTION_TABLE = 0xC00000FF
+STATUS_VARIABLE_NOT_FOUND = 0xC0000100
+STATUS_DIRECTORY_NOT_EMPTY = 0xC0000101
+STATUS_FILE_CORRUPT_ERROR = 0xC0000102
+STATUS_NOT_A_DIRECTORY = 0xC0000103
+STATUS_BAD_LOGON_SESSION_STATE = 0xC0000104
+STATUS_LOGON_SESSION_COLLISION = 0xC0000105
+STATUS_NAME_TOO_LONG = 0xC0000106
+STATUS_FILES_OPEN = 0xC0000107
+STATUS_CONNECTION_IN_USE = 0xC0000108
+STATUS_MESSAGE_NOT_FOUND = 0xC0000109
+STATUS_PROCESS_IS_TERMINATING = 0xC000010A
+STATUS_INVALID_LOGON_TYPE = 0xC000010B
+STATUS_NO_GUID_TRANSLATION = 0xC000010C
+STATUS_CANNOT_IMPERSONATE = 0xC000010D
+STATUS_IMAGE_ALREADY_LOADED = 0xC000010E
+STATUS_NO_LDT = 0xC0000117
+STATUS_INVALID_LDT_SIZE = 0xC0000118
+STATUS_INVALID_LDT_OFFSET = 0xC0000119
+STATUS_INVALID_LDT_DESCRIPTOR = 0xC000011A
+STATUS_INVALID_IMAGE_NE_FORMAT = 0xC000011B
+STATUS_RXACT_INVALID_STATE = 0xC000011C
+STATUS_RXACT_COMMIT_FAILURE = 0xC000011D
+STATUS_MAPPED_FILE_SIZE_ZERO = 0xC000011E
+STATUS_TOO_MANY_OPENED_FILES = 0xC000011F
+STATUS_CANCELLED = 0xC0000120
+STATUS_CANNOT_DELETE = 0xC0000121
+STATUS_INVALID_COMPUTER_NAME = 0xC0000122
+STATUS_FILE_DELETED = 0xC0000123
+STATUS_SPECIAL_ACCOUNT = 0xC0000124
+STATUS_SPECIAL_GROUP = 0xC0000125
+STATUS_SPECIAL_USER = 0xC0000126
+STATUS_MEMBERS_PRIMARY_GROUP = 0xC0000127
+STATUS_FILE_CLOSED = 0xC0000128
+STATUS_TOO_MANY_THREADS = 0xC0000129
+STATUS_THREAD_NOT_IN_PROCESS = 0xC000012A
+STATUS_TOKEN_ALREADY_IN_USE = 0xC000012B
+STATUS_PAGEFILE_QUOTA_EXCEEDED = 0xC000012C
+STATUS_COMMITMENT_LIMIT = 0xC000012D
+STATUS_INVALID_IMAGE_LE_FORMAT = 0xC000012E
+STATUS_INVALID_IMAGE_NOT_MZ = 0xC000012F
+STATUS_INVALID_IMAGE_PROTECT = 0xC0000130
+STATUS_INVALID_IMAGE_WIN_16 = 0xC0000131
+STATUS_LOGON_SERVER_CONFLICT = 0xC0000132
+STATUS_TIME_DIFFERENCE_AT_DC = 0xC0000133
+STATUS_SYNCHRONIZATION_REQUIRED = 0xC0000134
+STATUS_DLL_NOT_FOUND = 0xC0000135
+STATUS_OPEN_FAILED = 0xC0000136
+STATUS_IO_PRIVILEGE_FAILED = 0xC0000137
+STATUS_ORDINAL_NOT_FOUND = 0xC0000138
+STATUS_ENTRYPOINT_NOT_FOUND = 0xC0000139
+STATUS_CONTROL_C_EXIT = 0xC000013A
+STATUS_LOCAL_DISCONNECT = 0xC000013B
+STATUS_REMOTE_DISCONNECT = 0xC000013C
+STATUS_REMOTE_RESOURCES = 0xC000013D
+STATUS_LINK_FAILED = 0xC000013E
+STATUS_LINK_TIMEOUT = 0xC000013F
+STATUS_INVALID_CONNECTION = 0xC0000140
+STATUS_INVALID_ADDRESS = 0xC0000141
+STATUS_DLL_INIT_FAILED = 0xC0000142
+STATUS_MISSING_SYSTEMFILE = 0xC0000143
+STATUS_UNHANDLED_EXCEPTION = 0xC0000144
+STATUS_APP_INIT_FAILURE = 0xC0000145
+STATUS_PAGEFILE_CREATE_FAILED = 0xC0000146
+STATUS_NO_PAGEFILE = 0xC0000147
+STATUS_INVALID_LEVEL = 0xC0000148
+STATUS_WRONG_PASSWORD_CORE = 0xC0000149
+STATUS_ILLEGAL_FLOAT_CONTEXT = 0xC000014A
+STATUS_PIPE_BROKEN = 0xC000014B
+STATUS_REGISTRY_CORRUPT = 0xC000014C
+STATUS_REGISTRY_IO_FAILED = 0xC000014D
+STATUS_NO_EVENT_PAIR = 0xC000014E
+STATUS_UNRECOGNIZED_VOLUME = 0xC000014F
+STATUS_SERIAL_NO_DEVICE_INITED = 0xC0000150
+STATUS_NO_SUCH_ALIAS = 0xC0000151
+STATUS_MEMBER_NOT_IN_ALIAS = 0xC0000152
+STATUS_MEMBER_IN_ALIAS = 0xC0000153
+STATUS_ALIAS_EXISTS = 0xC0000154
+STATUS_LOGON_NOT_GRANTED = 0xC0000155
+STATUS_TOO_MANY_SECRETS = 0xC0000156
+STATUS_SECRET_TOO_LONG = 0xC0000157
+STATUS_INTERNAL_DB_ERROR = 0xC0000158
+STATUS_FULLSCREEN_MODE = 0xC0000159
+STATUS_TOO_MANY_CONTEXT_IDS = 0xC000015A
+STATUS_LOGON_TYPE_NOT_GRANTED = 0xC000015B
+STATUS_NOT_REGISTRY_FILE = 0xC000015C
+STATUS_NT_CROSS_ENCRYPTION_REQUIRED = 0xC000015D
+STATUS_DOMAIN_CTRLR_CONFIG_ERROR = 0xC000015E
+STATUS_FT_MISSING_MEMBER = 0xC000015F
+STATUS_ILL_FORMED_SERVICE_ENTRY = 0xC0000160
+STATUS_ILLEGAL_CHARACTER = 0xC0000161
+STATUS_UNMAPPABLE_CHARACTER = 0xC0000162
+STATUS_UNDEFINED_CHARACTER = 0xC0000163
+STATUS_FLOPPY_VOLUME = 0xC0000164
+STATUS_FLOPPY_ID_MARK_NOT_FOUND = 0xC0000165
+STATUS_FLOPPY_WRONG_CYLINDER = 0xC0000166
+STATUS_FLOPPY_UNKNOWN_ERROR = 0xC0000167
+STATUS_FLOPPY_BAD_REGISTERS = 0xC0000168
+STATUS_DISK_RECALIBRATE_FAILED = 0xC0000169
+STATUS_DISK_OPERATION_FAILED = 0xC000016A
+STATUS_DISK_RESET_FAILED = 0xC000016B
+STATUS_SHARED_IRQ_BUSY = 0xC000016C
+STATUS_FT_ORPHANING = 0xC000016D
+STATUS_BIOS_FAILED_TO_CONNECT_INTERRUPT = 0xC000016E
+STATUS_PARTITION_FAILURE = 0xC0000172
+STATUS_INVALID_BLOCK_LENGTH = 0xC0000173
+STATUS_DEVICE_NOT_PARTITIONED = 0xC0000174
+STATUS_UNABLE_TO_LOCK_MEDIA = 0xC0000175
+STATUS_UNABLE_TO_UNLOAD_MEDIA = 0xC0000176
+STATUS_EOM_OVERFLOW = 0xC0000177
+STATUS_NO_MEDIA = 0xC0000178
+STATUS_NO_SUCH_MEMBER = 0xC000017A
+STATUS_INVALID_MEMBER = 0xC000017B
+STATUS_KEY_DELETED = 0xC000017C
+STATUS_NO_LOG_SPACE = 0xC000017D
+STATUS_TOO_MANY_SIDS = 0xC000017E
+STATUS_LM_CROSS_ENCRYPTION_REQUIRED = 0xC000017F
+STATUS_KEY_HAS_CHILDREN = 0xC0000180
+STATUS_CHILD_MUST_BE_VOLATILE = 0xC0000181
+STATUS_DEVICE_CONFIGURATION_ERROR = 0xC0000182
+STATUS_DRIVER_INTERNAL_ERROR = 0xC0000183
+STATUS_INVALID_DEVICE_STATE = 0xC0000184
+STATUS_IO_DEVICE_ERROR = 0xC0000185
+STATUS_DEVICE_PROTOCOL_ERROR = 0xC0000186
+STATUS_BACKUP_CONTROLLER = 0xC0000187
+STATUS_LOG_FILE_FULL = 0xC0000188
+STATUS_TOO_LATE = 0xC0000189
+STATUS_NO_TRUST_LSA_SECRET = 0xC000018A
+STATUS_NO_TRUST_SAM_ACCOUNT = 0xC000018B
+STATUS_TRUSTED_DOMAIN_FAILURE = 0xC000018C
+STATUS_TRUSTED_RELATIONSHIP_FAILURE = 0xC000018D
+STATUS_EVENTLOG_FILE_CORRUPT = 0xC000018E
+STATUS_EVENTLOG_CANT_START = 0xC000018F
+STATUS_TRUST_FAILURE = 0xC0000190
+STATUS_MUTANT_LIMIT_EXCEEDED = 0xC0000191
+STATUS_NETLOGON_NOT_STARTED = 0xC0000192
+STATUS_ACCOUNT_EXPIRED = 0xC0000193
+STATUS_POSSIBLE_DEADLOCK = 0xC0000194
+STATUS_NETWORK_CREDENTIAL_CONFLICT = 0xC0000195
+STATUS_REMOTE_SESSION_LIMIT = 0xC0000196
+STATUS_EVENTLOG_FILE_CHANGED = 0xC0000197
+STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT = 0xC0000198
+STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT = 0xC0000199
+STATUS_NOLOGON_SERVER_TRUST_ACCOUNT = 0xC000019A
+STATUS_DOMAIN_TRUST_INCONSISTENT = 0xC000019B
+STATUS_FS_DRIVER_REQUIRED = 0xC000019C
+STATUS_IMAGE_ALREADY_LOADED_AS_DLL = 0xC000019D
+STATUS_INCOMPATIBLE_WITH_GLOBAL_SHORT_NAME_REGISTRY_SETTING = 0xC000019E
+STATUS_SHORT_NAMES_NOT_ENABLED_ON_VOLUME = 0xC000019F
+STATUS_SECURITY_STREAM_IS_INCONSISTENT = 0xC00001A0
+STATUS_INVALID_LOCK_RANGE = 0xC00001A1
+STATUS_INVALID_ACE_CONDITION = 0xC00001A2
+STATUS_IMAGE_SUBSYSTEM_NOT_PRESENT = 0xC00001A3
+STATUS_NOTIFICATION_GUID_ALREADY_DEFINED = 0xC00001A4
+STATUS_NETWORK_OPEN_RESTRICTION = 0xC0000201
+STATUS_NO_USER_SESSION_KEY = 0xC0000202
+STATUS_USER_SESSION_DELETED = 0xC0000203
+STATUS_RESOURCE_LANG_NOT_FOUND = 0xC0000204
+STATUS_INSUFF_SERVER_RESOURCES = 0xC0000205
+STATUS_INVALID_BUFFER_SIZE = 0xC0000206
+STATUS_INVALID_ADDRESS_COMPONENT = 0xC0000207
+STATUS_INVALID_ADDRESS_WILDCARD = 0xC0000208
+STATUS_TOO_MANY_ADDRESSES = 0xC0000209
+STATUS_ADDRESS_ALREADY_EXISTS = 0xC000020A
+STATUS_ADDRESS_CLOSED = 0xC000020B
+STATUS_CONNECTION_DISCONNECTED = 0xC000020C
+STATUS_CONNECTION_RESET = 0xC000020D
+STATUS_TOO_MANY_NODES = 0xC000020E
+STATUS_TRANSACTION_ABORTED = 0xC000020F
+STATUS_TRANSACTION_TIMED_OUT = 0xC0000210
+STATUS_TRANSACTION_NO_RELEASE = 0xC0000211
+STATUS_TRANSACTION_NO_MATCH = 0xC0000212
+STATUS_TRANSACTION_RESPONDED = 0xC0000213
+STATUS_TRANSACTION_INVALID_ID = 0xC0000214
+STATUS_TRANSACTION_INVALID_TYPE = 0xC0000215
+STATUS_NOT_SERVER_SESSION = 0xC0000216
+STATUS_NOT_CLIENT_SESSION = 0xC0000217
+STATUS_CANNOT_LOAD_REGISTRY_FILE = 0xC0000218
+STATUS_DEBUG_ATTACH_FAILED = 0xC0000219
+STATUS_SYSTEM_PROCESS_TERMINATED = 0xC000021A
+STATUS_DATA_NOT_ACCEPTED = 0xC000021B
+STATUS_NO_BROWSER_SERVERS_FOUND = 0xC000021C
+STATUS_VDM_HARD_ERROR = 0xC000021D
+STATUS_DRIVER_CANCEL_TIMEOUT = 0xC000021E
+STATUS_REPLY_MESSAGE_MISMATCH = 0xC000021F
+STATUS_MAPPED_ALIGNMENT = 0xC0000220
+STATUS_IMAGE_CHECKSUM_MISMATCH = 0xC0000221
+STATUS_LOST_WRITEBEHIND_DATA = 0xC0000222
+STATUS_CLIENT_SERVER_PARAMETERS_INVALID = 0xC0000223
+STATUS_PASSWORD_MUST_CHANGE = 0xC0000224
+STATUS_NOT_FOUND = 0xC0000225
+STATUS_NOT_TINY_STREAM = 0xC0000226
+STATUS_RECOVERY_FAILURE = 0xC0000227
+STATUS_STACK_OVERFLOW_READ = 0xC0000228
+STATUS_FAIL_CHECK = 0xC0000229
+STATUS_DUPLICATE_OBJECTID = 0xC000022A
+STATUS_OBJECTID_EXISTS = 0xC000022B
+STATUS_CONVERT_TO_LARGE = 0xC000022C
+STATUS_RETRY = 0xC000022D
+STATUS_FOUND_OUT_OF_SCOPE = 0xC000022E
+STATUS_ALLOCATE_BUCKET = 0xC000022F
+STATUS_PROPSET_NOT_FOUND = 0xC0000230
+STATUS_MARSHALL_OVERFLOW = 0xC0000231
+STATUS_INVALID_VARIANT = 0xC0000232
+STATUS_DOMAIN_CONTROLLER_NOT_FOUND = 0xC0000233
+STATUS_ACCOUNT_LOCKED_OUT = 0xC0000234
+STATUS_HANDLE_NOT_CLOSABLE = 0xC0000235
+STATUS_CONNECTION_REFUSED = 0xC0000236
+STATUS_GRACEFUL_DISCONNECT = 0xC0000237
+STATUS_ADDRESS_ALREADY_ASSOCIATED = 0xC0000238
+STATUS_ADDRESS_NOT_ASSOCIATED = 0xC0000239
+STATUS_CONNECTION_INVALID = 0xC000023A
+STATUS_CONNECTION_ACTIVE = 0xC000023B
+STATUS_NETWORK_UNREACHABLE = 0xC000023C
+STATUS_HOST_UNREACHABLE = 0xC000023D
+STATUS_PROTOCOL_UNREACHABLE = 0xC000023E
+STATUS_PORT_UNREACHABLE = 0xC000023F
+STATUS_REQUEST_ABORTED = 0xC0000240
+STATUS_CONNECTION_ABORTED = 0xC0000241
+STATUS_BAD_COMPRESSION_BUFFER = 0xC0000242
+STATUS_USER_MAPPED_FILE = 0xC0000243
+STATUS_AUDIT_FAILED = 0xC0000244
+STATUS_TIMER_RESOLUTION_NOT_SET = 0xC0000245
+STATUS_CONNECTION_COUNT_LIMIT = 0xC0000246
+STATUS_LOGIN_TIME_RESTRICTION = 0xC0000247
+STATUS_LOGIN_WKSTA_RESTRICTION = 0xC0000248
+STATUS_IMAGE_MP_UP_MISMATCH = 0xC0000249
+STATUS_INSUFFICIENT_LOGON_INFO = 0xC0000250
+STATUS_BAD_DLL_ENTRYPOINT = 0xC0000251
+STATUS_BAD_SERVICE_ENTRYPOINT = 0xC0000252
+STATUS_LPC_REPLY_LOST = 0xC0000253
+STATUS_IP_ADDRESS_CONFLICT1 = 0xC0000254
+STATUS_IP_ADDRESS_CONFLICT2 = 0xC0000255
+STATUS_REGISTRY_QUOTA_LIMIT = 0xC0000256
+STATUS_PATH_NOT_COVERED = 0xC0000257
+STATUS_NO_CALLBACK_ACTIVE = 0xC0000258
+STATUS_LICENSE_QUOTA_EXCEEDED = 0xC0000259
+STATUS_PWD_TOO_SHORT = 0xC000025A
+STATUS_PWD_TOO_RECENT = 0xC000025B
+STATUS_PWD_HISTORY_CONFLICT = 0xC000025C
+STATUS_PLUGPLAY_NO_DEVICE = 0xC000025E
+STATUS_UNSUPPORTED_COMPRESSION = 0xC000025F
+STATUS_INVALID_HW_PROFILE = 0xC0000260
+STATUS_INVALID_PLUGPLAY_DEVICE_PATH = 0xC0000261
+STATUS_DRIVER_ORDINAL_NOT_FOUND = 0xC0000262
+STATUS_DRIVER_ENTRYPOINT_NOT_FOUND = 0xC0000263
+STATUS_RESOURCE_NOT_OWNED = 0xC0000264
+STATUS_TOO_MANY_LINKS = 0xC0000265
+STATUS_QUOTA_LIST_INCONSISTENT = 0xC0000266
+STATUS_FILE_IS_OFFLINE = 0xC0000267
+STATUS_EVALUATION_EXPIRATION = 0xC0000268
+STATUS_ILLEGAL_DLL_RELOCATION = 0xC0000269
+STATUS_LICENSE_VIOLATION = 0xC000026A
+STATUS_DLL_INIT_FAILED_LOGOFF = 0xC000026B
+STATUS_DRIVER_UNABLE_TO_LOAD = 0xC000026C
+STATUS_DFS_UNAVAILABLE = 0xC000026D
+STATUS_VOLUME_DISMOUNTED = 0xC000026E
+STATUS_WX86_INTERNAL_ERROR = 0xC000026F
+STATUS_WX86_FLOAT_STACK_CHECK = 0xC0000270
+STATUS_VALIDATE_CONTINUE = 0xC0000271
+STATUS_NO_MATCH = 0xC0000272
+STATUS_NO_MORE_MATCHES = 0xC0000273
+STATUS_NOT_A_REPARSE_POINT = 0xC0000275
+STATUS_IO_REPARSE_TAG_INVALID = 0xC0000276
+STATUS_IO_REPARSE_TAG_MISMATCH = 0xC0000277
+STATUS_IO_REPARSE_DATA_INVALID = 0xC0000278
+STATUS_IO_REPARSE_TAG_NOT_HANDLED = 0xC0000279
+STATUS_REPARSE_POINT_NOT_RESOLVED = 0xC0000280
+STATUS_DIRECTORY_IS_A_REPARSE_POINT = 0xC0000281
+STATUS_RANGE_LIST_CONFLICT = 0xC0000282
+STATUS_SOURCE_ELEMENT_EMPTY = 0xC0000283
+STATUS_DESTINATION_ELEMENT_FULL = 0xC0000284
+STATUS_ILLEGAL_ELEMENT_ADDRESS = 0xC0000285
+STATUS_MAGAZINE_NOT_PRESENT = 0xC0000286
+STATUS_REINITIALIZATION_NEEDED = 0xC0000287
+STATUS_ENCRYPTION_FAILED = 0xC000028A
+STATUS_DECRYPTION_FAILED = 0xC000028B
+STATUS_RANGE_NOT_FOUND = 0xC000028C
+STATUS_NO_RECOVERY_POLICY = 0xC000028D
+STATUS_NO_EFS = 0xC000028E
+STATUS_WRONG_EFS = 0xC000028F
+STATUS_NO_USER_KEYS = 0xC0000290
+STATUS_FILE_NOT_ENCRYPTED = 0xC0000291
+STATUS_NOT_EXPORT_FORMAT = 0xC0000292
+STATUS_FILE_ENCRYPTED = 0xC0000293
+STATUS_WMI_GUID_NOT_FOUND = 0xC0000295
+STATUS_WMI_INSTANCE_NOT_FOUND = 0xC0000296
+STATUS_WMI_ITEMID_NOT_FOUND = 0xC0000297
+STATUS_WMI_TRY_AGAIN = 0xC0000298
+STATUS_SHARED_POLICY = 0xC0000299
+STATUS_POLICY_OBJECT_NOT_FOUND = 0xC000029A
+STATUS_POLICY_ONLY_IN_DS = 0xC000029B
+STATUS_VOLUME_NOT_UPGRADED = 0xC000029C
+STATUS_REMOTE_STORAGE_NOT_ACTIVE = 0xC000029D
+STATUS_REMOTE_STORAGE_MEDIA_ERROR = 0xC000029E
+STATUS_NO_TRACKING_SERVICE = 0xC000029F
+STATUS_SERVER_SID_MISMATCH = 0xC00002A0
+STATUS_DS_NO_ATTRIBUTE_OR_VALUE = 0xC00002A1
+STATUS_DS_INVALID_ATTRIBUTE_SYNTAX = 0xC00002A2
+STATUS_DS_ATTRIBUTE_TYPE_UNDEFINED = 0xC00002A3
+STATUS_DS_ATTRIBUTE_OR_VALUE_EXISTS = 0xC00002A4
+STATUS_DS_BUSY = 0xC00002A5
+STATUS_DS_UNAVAILABLE = 0xC00002A6
+STATUS_DS_NO_RIDS_ALLOCATED = 0xC00002A7
+STATUS_DS_NO_MORE_RIDS = 0xC00002A8
+STATUS_DS_INCORRECT_ROLE_OWNER = 0xC00002A9
+STATUS_DS_RIDMGR_INIT_ERROR = 0xC00002AA
+STATUS_DS_OBJ_CLASS_VIOLATION = 0xC00002AB
+STATUS_DS_CANT_ON_NON_LEAF = 0xC00002AC
+STATUS_DS_CANT_ON_RDN = 0xC00002AD
+STATUS_DS_CANT_MOD_OBJ_CLASS = 0xC00002AE
+STATUS_DS_CROSS_DOM_MOVE_FAILED = 0xC00002AF
+STATUS_DS_GC_NOT_AVAILABLE = 0xC00002B0
+STATUS_DIRECTORY_SERVICE_REQUIRED = 0xC00002B1
+STATUS_REPARSE_ATTRIBUTE_CONFLICT = 0xC00002B2
+STATUS_CANT_ENABLE_DENY_ONLY = 0xC00002B3
+STATUS_FLOAT_MULTIPLE_FAULTS = 0xC00002B4
+STATUS_FLOAT_MULTIPLE_TRAPS = 0xC00002B5
+STATUS_DEVICE_REMOVED = 0xC00002B6
+STATUS_JOURNAL_DELETE_IN_PROGRESS = 0xC00002B7
+STATUS_JOURNAL_NOT_ACTIVE = 0xC00002B8
+STATUS_NOINTERFACE = 0xC00002B9
+STATUS_DS_ADMIN_LIMIT_EXCEEDED = 0xC00002C1
+STATUS_DRIVER_FAILED_SLEEP = 0xC00002C2
+STATUS_MUTUAL_AUTHENTICATION_FAILED = 0xC00002C3
+STATUS_CORRUPT_SYSTEM_FILE = 0xC00002C4
+STATUS_DATATYPE_MISALIGNMENT_ERROR = 0xC00002C5
+STATUS_WMI_READ_ONLY = 0xC00002C6
+STATUS_WMI_SET_FAILURE = 0xC00002C7
+STATUS_COMMITMENT_MINIMUM = 0xC00002C8
+STATUS_REG_NAT_CONSUMPTION = 0xC00002C9
+STATUS_TRANSPORT_FULL = 0xC00002CA
+STATUS_DS_SAM_INIT_FAILURE = 0xC00002CB
+STATUS_ONLY_IF_CONNECTED = 0xC00002CC
+STATUS_DS_SENSITIVE_GROUP_VIOLATION = 0xC00002CD
+STATUS_PNP_RESTART_ENUMERATION = 0xC00002CE
+STATUS_JOURNAL_ENTRY_DELETED = 0xC00002CF
+STATUS_DS_CANT_MOD_PRIMARYGROUPID = 0xC00002D0
+STATUS_SYSTEM_IMAGE_BAD_SIGNATURE = 0xC00002D1
+STATUS_PNP_REBOOT_REQUIRED = 0xC00002D2
+STATUS_POWER_STATE_INVALID = 0xC00002D3
+STATUS_DS_INVALID_GROUP_TYPE = 0xC00002D4
+STATUS_DS_NO_NEST_GLOBALGROUP_IN_MIXEDDOMAIN = 0xC00002D5
+STATUS_DS_NO_NEST_LOCALGROUP_IN_MIXEDDOMAIN = 0xC00002D6
+STATUS_DS_GLOBAL_CANT_HAVE_LOCAL_MEMBER = 0xC00002D7
+STATUS_DS_GLOBAL_CANT_HAVE_UNIVERSAL_MEMBER = 0xC00002D8
+STATUS_DS_UNIVERSAL_CANT_HAVE_LOCAL_MEMBER = 0xC00002D9
+STATUS_DS_GLOBAL_CANT_HAVE_CROSSDOMAIN_MEMBER = 0xC00002DA
+STATUS_DS_LOCAL_CANT_HAVE_CROSSDOMAIN_LOCAL_MEMBER = 0xC00002DB
+STATUS_DS_HAVE_PRIMARY_MEMBERS = 0xC00002DC
+STATUS_WMI_NOT_SUPPORTED = 0xC00002DD
+STATUS_INSUFFICIENT_POWER = 0xC00002DE
+STATUS_SAM_NEED_BOOTKEY_PASSWORD = 0xC00002DF
+STATUS_SAM_NEED_BOOTKEY_FLOPPY = 0xC00002E0
+STATUS_DS_CANT_START = 0xC00002E1
+STATUS_DS_INIT_FAILURE = 0xC00002E2
+STATUS_SAM_INIT_FAILURE = 0xC00002E3
+STATUS_DS_GC_REQUIRED = 0xC00002E4
+STATUS_DS_LOCAL_MEMBER_OF_LOCAL_ONLY = 0xC00002E5
+STATUS_DS_NO_FPO_IN_UNIVERSAL_GROUPS = 0xC00002E6
+STATUS_DS_MACHINE_ACCOUNT_QUOTA_EXCEEDED = 0xC00002E7
+STATUS_CURRENT_DOMAIN_NOT_ALLOWED = 0xC00002E9
+STATUS_CANNOT_MAKE = 0xC00002EA
+STATUS_SYSTEM_SHUTDOWN = 0xC00002EB
+STATUS_DS_INIT_FAILURE_CONSOLE = 0xC00002EC
+STATUS_DS_SAM_INIT_FAILURE_CONSOLE = 0xC00002ED
+STATUS_UNFINISHED_CONTEXT_DELETED = 0xC00002EE
+STATUS_NO_TGT_REPLY = 0xC00002EF
+STATUS_OBJECTID_NOT_FOUND = 0xC00002F0
+STATUS_NO_IP_ADDRESSES = 0xC00002F1
+STATUS_WRONG_CREDENTIAL_HANDLE = 0xC00002F2
+STATUS_CRYPTO_SYSTEM_INVALID = 0xC00002F3
+STATUS_MAX_REFERRALS_EXCEEDED = 0xC00002F4
+STATUS_MUST_BE_KDC = 0xC00002F5
+STATUS_STRONG_CRYPTO_NOT_SUPPORTED = 0xC00002F6
+STATUS_TOO_MANY_PRINCIPALS = 0xC00002F7
+STATUS_NO_PA_DATA = 0xC00002F8
+STATUS_PKINIT_NAME_MISMATCH = 0xC00002F9
+STATUS_SMARTCARD_LOGON_REQUIRED = 0xC00002FA
+STATUS_KDC_INVALID_REQUEST = 0xC00002FB
+STATUS_KDC_UNABLE_TO_REFER = 0xC00002FC
+STATUS_KDC_UNKNOWN_ETYPE = 0xC00002FD
+STATUS_SHUTDOWN_IN_PROGRESS = 0xC00002FE
+STATUS_SERVER_SHUTDOWN_IN_PROGRESS = 0xC00002FF
+STATUS_NOT_SUPPORTED_ON_SBS = 0xC0000300
+STATUS_WMI_GUID_DISCONNECTED = 0xC0000301
+STATUS_WMI_ALREADY_DISABLED = 0xC0000302
+STATUS_WMI_ALREADY_ENABLED = 0xC0000303
+STATUS_MFT_TOO_FRAGMENTED = 0xC0000304
+STATUS_COPY_PROTECTION_FAILURE = 0xC0000305
+STATUS_CSS_AUTHENTICATION_FAILURE = 0xC0000306
+STATUS_CSS_KEY_NOT_PRESENT = 0xC0000307
+STATUS_CSS_KEY_NOT_ESTABLISHED = 0xC0000308
+STATUS_CSS_SCRAMBLED_SECTOR = 0xC0000309
+STATUS_CSS_REGION_MISMATCH = 0xC000030A
+STATUS_CSS_RESETS_EXHAUSTED = 0xC000030B
+STATUS_PKINIT_FAILURE = 0xC0000320
+STATUS_SMARTCARD_SUBSYSTEM_FAILURE = 0xC0000321
+STATUS_NO_KERB_KEY = 0xC0000322
+STATUS_HOST_DOWN = 0xC0000350
+STATUS_UNSUPPORTED_PREAUTH = 0xC0000351
+STATUS_EFS_ALG_BLOB_TOO_BIG = 0xC0000352
+STATUS_PORT_NOT_SET = 0xC0000353
+STATUS_DEBUGGER_INACTIVE = 0xC0000354
+STATUS_DS_VERSION_CHECK_FAILURE = 0xC0000355
+STATUS_AUDITING_DISABLED = 0xC0000356
+STATUS_PRENT4_MACHINE_ACCOUNT = 0xC0000357
+STATUS_DS_AG_CANT_HAVE_UNIVERSAL_MEMBER = 0xC0000358
+STATUS_INVALID_IMAGE_WIN_32 = 0xC0000359
+STATUS_INVALID_IMAGE_WIN_64 = 0xC000035A
+STATUS_BAD_BINDINGS = 0xC000035B
+STATUS_NETWORK_SESSION_EXPIRED = 0xC000035C
+STATUS_APPHELP_BLOCK = 0xC000035D
+STATUS_ALL_SIDS_FILTERED = 0xC000035E
+STATUS_NOT_SAFE_MODE_DRIVER = 0xC000035F
+STATUS_ACCESS_DISABLED_BY_POLICY_DEFAULT = 0xC0000361
+STATUS_ACCESS_DISABLED_BY_POLICY_PATH = 0xC0000362
+STATUS_ACCESS_DISABLED_BY_POLICY_PUBLISHER = 0xC0000363
+STATUS_ACCESS_DISABLED_BY_POLICY_OTHER = 0xC0000364
+STATUS_FAILED_DRIVER_ENTRY = 0xC0000365
+STATUS_DEVICE_ENUMERATION_ERROR = 0xC0000366
+STATUS_MOUNT_POINT_NOT_RESOLVED = 0xC0000368
+STATUS_INVALID_DEVICE_OBJECT_PARAMETER = 0xC0000369
+STATUS_MCA_OCCURED = 0xC000036A
+STATUS_DRIVER_BLOCKED_CRITICAL = 0xC000036B
+STATUS_DRIVER_BLOCKED = 0xC000036C
+STATUS_DRIVER_DATABASE_ERROR = 0xC000036D
+STATUS_SYSTEM_HIVE_TOO_LARGE = 0xC000036E
+STATUS_INVALID_IMPORT_OF_NON_DLL = 0xC000036F
+STATUS_NO_SECRETS = 0xC0000371
+STATUS_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY = 0xC0000372
+STATUS_FAILED_STACK_SWITCH = 0xC0000373
+STATUS_HEAP_CORRUPTION = 0xC0000374
+STATUS_SMARTCARD_WRONG_PIN = 0xC0000380
+STATUS_SMARTCARD_CARD_BLOCKED = 0xC0000381
+STATUS_SMARTCARD_CARD_NOT_AUTHENTICATED = 0xC0000382
+STATUS_SMARTCARD_NO_CARD = 0xC0000383
+STATUS_SMARTCARD_NO_KEY_CONTAINER = 0xC0000384
+STATUS_SMARTCARD_NO_CERTIFICATE = 0xC0000385
+STATUS_SMARTCARD_NO_KEYSET = 0xC0000386
+STATUS_SMARTCARD_IO_ERROR = 0xC0000387
+STATUS_DOWNGRADE_DETECTED = 0xC0000388
+STATUS_SMARTCARD_CERT_REVOKED = 0xC0000389
+STATUS_ISSUING_CA_UNTRUSTED = 0xC000038A
+STATUS_REVOCATION_OFFLINE_C = 0xC000038B
+STATUS_PKINIT_CLIENT_FAILURE = 0xC000038C
+STATUS_SMARTCARD_CERT_EXPIRED = 0xC000038D
+STATUS_DRIVER_FAILED_PRIOR_UNLOAD = 0xC000038E
+STATUS_SMARTCARD_SILENT_CONTEXT = 0xC000038F
+STATUS_PER_USER_TRUST_QUOTA_EXCEEDED = 0xC0000401
+STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED = 0xC0000402
+STATUS_USER_DELETE_TRUST_QUOTA_EXCEEDED = 0xC0000403
+STATUS_DS_NAME_NOT_UNIQUE = 0xC0000404
+STATUS_DS_DUPLICATE_ID_FOUND = 0xC0000405
+STATUS_DS_GROUP_CONVERSION_ERROR = 0xC0000406
+STATUS_VOLSNAP_PREPARE_HIBERNATE = 0xC0000407
+STATUS_USER2USER_REQUIRED = 0xC0000408
+STATUS_STACK_BUFFER_OVERRUN = 0xC0000409
+STATUS_NO_S4U_PROT_SUPPORT = 0xC000040A
+STATUS_CROSSREALM_DELEGATION_FAILURE = 0xC000040B
+STATUS_REVOCATION_OFFLINE_KDC = 0xC000040C
+STATUS_ISSUING_CA_UNTRUSTED_KDC = 0xC000040D
+STATUS_KDC_CERT_EXPIRED = 0xC000040E
+STATUS_KDC_CERT_REVOKED = 0xC000040F
+STATUS_PARAMETER_QUOTA_EXCEEDED = 0xC0000410
+STATUS_HIBERNATION_FAILURE = 0xC0000411
+STATUS_DELAY_LOAD_FAILED = 0xC0000412
+STATUS_AUTHENTICATION_FIREWALL_FAILED = 0xC0000413
+STATUS_VDM_DISALLOWED = 0xC0000414
+STATUS_HUNG_DISPLAY_DRIVER_THREAD = 0xC0000415
+STATUS_INSUFFICIENT_RESOURCE_FOR_SPECIFIED_SHARED_SECTION_SIZE = 0xC0000416
+STATUS_INVALID_CRUNTIME_PARAMETER = 0xC0000417
+STATUS_NTLM_BLOCKED = 0xC0000418
+STATUS_DS_SRC_SID_EXISTS_IN_FOREST = 0xC0000419
+STATUS_DS_DOMAIN_NAME_EXISTS_IN_FOREST = 0xC000041A
+STATUS_DS_FLAT_NAME_EXISTS_IN_FOREST = 0xC000041B
+STATUS_INVALID_USER_PRINCIPAL_NAME = 0xC000041C
+STATUS_ASSERTION_FAILURE = 0xC0000420
+STATUS_VERIFIER_STOP = 0xC0000421
+STATUS_CALLBACK_POP_STACK = 0xC0000423
+STATUS_INCOMPATIBLE_DRIVER_BLOCKED = 0xC0000424
+STATUS_HIVE_UNLOADED = 0xC0000425
+STATUS_COMPRESSION_DISABLED = 0xC0000426
+STATUS_FILE_SYSTEM_LIMITATION = 0xC0000427
+STATUS_INVALID_IMAGE_HASH = 0xC0000428
+STATUS_NOT_CAPABLE = 0xC0000429
+STATUS_REQUEST_OUT_OF_SEQUENCE = 0xC000042A
+STATUS_IMPLEMENTATION_LIMIT = 0xC000042B
+STATUS_ELEVATION_REQUIRED = 0xC000042C
+STATUS_NO_SECURITY_CONTEXT = 0xC000042D
+STATUS_PKU2U_CERT_FAILURE = 0xC000042E
+STATUS_BEYOND_VDL = 0xC0000432
+STATUS_ENCOUNTERED_WRITE_IN_PROGRESS = 0xC0000433
+STATUS_PTE_CHANGED = 0xC0000434
+STATUS_PURGE_FAILED = 0xC0000435
+STATUS_CRED_REQUIRES_CONFIRMATION = 0xC0000440
+STATUS_CS_ENCRYPTION_INVALID_SERVER_RESPONSE = 0xC0000441
+STATUS_CS_ENCRYPTION_UNSUPPORTED_SERVER = 0xC0000442
+STATUS_CS_ENCRYPTION_EXISTING_ENCRYPTED_FILE = 0xC0000443
+STATUS_CS_ENCRYPTION_NEW_ENCRYPTED_FILE = 0xC0000444
+STATUS_CS_ENCRYPTION_FILE_NOT_CSE = 0xC0000445
+STATUS_INVALID_LABEL = 0xC0000446
+STATUS_DRIVER_PROCESS_TERMINATED = 0xC0000450
+STATUS_AMBIGUOUS_SYSTEM_DEVICE = 0xC0000451
+STATUS_SYSTEM_DEVICE_NOT_FOUND = 0xC0000452
+STATUS_RESTART_BOOT_APPLICATION = 0xC0000453
+STATUS_INSUFFICIENT_NVRAM_RESOURCES = 0xC0000454
+STATUS_INVALID_TASK_NAME = 0xC0000500
+STATUS_INVALID_TASK_INDEX = 0xC0000501
+STATUS_THREAD_ALREADY_IN_TASK = 0xC0000502
+STATUS_CALLBACK_BYPASS = 0xC0000503
+STATUS_FAIL_FAST_EXCEPTION = 0xC0000602
+STATUS_IMAGE_CERT_REVOKED = 0xC0000603
+STATUS_PORT_CLOSED = 0xC0000700
+STATUS_MESSAGE_LOST = 0xC0000701
+STATUS_INVALID_MESSAGE = 0xC0000702
+STATUS_REQUEST_CANCELED = 0xC0000703
+STATUS_RECURSIVE_DISPATCH = 0xC0000704
+STATUS_LPC_RECEIVE_BUFFER_EXPECTED = 0xC0000705
+STATUS_LPC_INVALID_CONNECTION_USAGE = 0xC0000706
+STATUS_LPC_REQUESTS_NOT_ALLOWED = 0xC0000707
+STATUS_RESOURCE_IN_USE = 0xC0000708
+STATUS_HARDWARE_MEMORY_ERROR = 0xC0000709
+STATUS_THREADPOOL_HANDLE_EXCEPTION = 0xC000070A
+STATUS_THREADPOOL_SET_EVENT_ON_COMPLETION_FAILED = 0xC000070B
+STATUS_THREADPOOL_RELEASE_SEMAPHORE_ON_COMPLETION_FAILED = 0xC000070C
+STATUS_THREADPOOL_RELEASE_MUTEX_ON_COMPLETION_FAILED = 0xC000070D
+STATUS_THREADPOOL_FREE_LIBRARY_ON_COMPLETION_FAILED = 0xC000070E
+STATUS_THREADPOOL_RELEASED_DURING_OPERATION = 0xC000070F
+STATUS_CALLBACK_RETURNED_WHILE_IMPERSONATING = 0xC0000710
+STATUS_APC_RETURNED_WHILE_IMPERSONATING = 0xC0000711
+STATUS_PROCESS_IS_PROTECTED = 0xC0000712
+STATUS_MCA_EXCEPTION = 0xC0000713
+STATUS_CERTIFICATE_MAPPING_NOT_UNIQUE = 0xC0000714
+STATUS_SYMLINK_CLASS_DISABLED = 0xC0000715
+STATUS_INVALID_IDN_NORMALIZATION = 0xC0000716
+STATUS_NO_UNICODE_TRANSLATION = 0xC0000717
+STATUS_ALREADY_REGISTERED = 0xC0000718
+STATUS_CONTEXT_MISMATCH = 0xC0000719
+STATUS_PORT_ALREADY_HAS_COMPLETION_LIST = 0xC000071A
+STATUS_CALLBACK_RETURNED_THREAD_PRIORITY = 0xC000071B
+STATUS_INVALID_THREAD = 0xC000071C
+STATUS_CALLBACK_RETURNED_TRANSACTION = 0xC000071D
+STATUS_CALLBACK_RETURNED_LDR_LOCK = 0xC000071E
+STATUS_CALLBACK_RETURNED_LANG = 0xC000071F
+STATUS_CALLBACK_RETURNED_PRI_BACK = 0xC0000720
+STATUS_DISK_REPAIR_DISABLED = 0xC0000800
+STATUS_DS_DOMAIN_RENAME_IN_PROGRESS = 0xC0000801
+STATUS_DISK_QUOTA_EXCEEDED = 0xC0000802
+STATUS_CONTENT_BLOCKED = 0xC0000804
+STATUS_BAD_CLUSTERS = 0xC0000805
+STATUS_VOLUME_DIRTY = 0xC0000806
+STATUS_FILE_CHECKED_OUT = 0xC0000901
+STATUS_CHECKOUT_REQUIRED = 0xC0000902
+STATUS_BAD_FILE_TYPE = 0xC0000903
+STATUS_FILE_TOO_LARGE = 0xC0000904
+STATUS_FORMS_AUTH_REQUIRED = 0xC0000905
+STATUS_VIRUS_INFECTED = 0xC0000906
+STATUS_VIRUS_DELETED = 0xC0000907
+STATUS_BAD_MCFG_TABLE = 0xC0000908
+STATUS_CANNOT_BREAK_OPLOCK = 0xC0000909
+STATUS_WOW_ASSERTION = 0xC0009898
+STATUS_INVALID_SIGNATURE = 0xC000A000
+STATUS_HMAC_NOT_SUPPORTED = 0xC000A001
+STATUS_IPSEC_QUEUE_OVERFLOW = 0xC000A010
+STATUS_ND_QUEUE_OVERFLOW = 0xC000A011
+STATUS_HOPLIMIT_EXCEEDED = 0xC000A012
+STATUS_PROTOCOL_NOT_SUPPORTED = 0xC000A013
+STATUS_LOST_WRITEBEHIND_DATA_NETWORK_DISCONNECTED = 0xC000A080
+STATUS_LOST_WRITEBEHIND_DATA_NETWORK_SERVER_ERROR = 0xC000A081
+STATUS_LOST_WRITEBEHIND_DATA_LOCAL_DISK_ERROR = 0xC000A082
+STATUS_XML_PARSE_ERROR = 0xC000A083
+STATUS_XMLDSIG_ERROR = 0xC000A084
+STATUS_WRONG_COMPARTMENT = 0xC000A085
+STATUS_AUTHIP_FAILURE = 0xC000A086
+STATUS_DS_OID_MAPPED_GROUP_CANT_HAVE_MEMBERS = 0xC000A087
+STATUS_DS_OID_NOT_FOUND = 0xC000A088
+STATUS_HASH_NOT_SUPPORTED = 0xC000A100
+STATUS_HASH_NOT_PRESENT = 0xC000A101
+DBG_NO_STATE_CHANGE = 0xC0010001
+DBG_APP_NOT_IDLE = 0xC0010002
+RPC_NT_INVALID_STRING_BINDING = 0xC0020001
+RPC_NT_WRONG_KIND_OF_BINDING = 0xC0020002
+RPC_NT_INVALID_BINDING = 0xC0020003
+RPC_NT_PROTSEQ_NOT_SUPPORTED = 0xC0020004
+RPC_NT_INVALID_RPC_PROTSEQ = 0xC0020005
+RPC_NT_INVALID_STRING_UUID = 0xC0020006
+RPC_NT_INVALID_ENDPOINT_FORMAT = 0xC0020007
+RPC_NT_INVALID_NET_ADDR = 0xC0020008
+RPC_NT_NO_ENDPOINT_FOUND = 0xC0020009
+RPC_NT_INVALID_TIMEOUT = 0xC002000A
+RPC_NT_OBJECT_NOT_FOUND = 0xC002000B
+RPC_NT_ALREADY_REGISTERED = 0xC002000C
+RPC_NT_TYPE_ALREADY_REGISTERED = 0xC002000D
+RPC_NT_ALREADY_LISTENING = 0xC002000E
+RPC_NT_NO_PROTSEQS_REGISTERED = 0xC002000F
+RPC_NT_NOT_LISTENING = 0xC0020010
+RPC_NT_UNKNOWN_MGR_TYPE = 0xC0020011
+RPC_NT_UNKNOWN_IF = 0xC0020012
+RPC_NT_NO_BINDINGS = 0xC0020013
+RPC_NT_NO_PROTSEQS = 0xC0020014
+RPC_NT_CANT_CREATE_ENDPOINT = 0xC0020015
+RPC_NT_OUT_OF_RESOURCES = 0xC0020016
+RPC_NT_SERVER_UNAVAILABLE = 0xC0020017
+RPC_NT_SERVER_TOO_BUSY = 0xC0020018
+RPC_NT_INVALID_NETWORK_OPTIONS = 0xC0020019
+RPC_NT_NO_CALL_ACTIVE = 0xC002001A
+RPC_NT_CALL_FAILED = 0xC002001B
+RPC_NT_CALL_FAILED_DNE = 0xC002001C
+RPC_NT_PROTOCOL_ERROR = 0xC002001D
+RPC_NT_UNSUPPORTED_TRANS_SYN = 0xC002001F
+RPC_NT_UNSUPPORTED_TYPE = 0xC0020021
+RPC_NT_INVALID_TAG = 0xC0020022
+RPC_NT_INVALID_BOUND = 0xC0020023
+RPC_NT_NO_ENTRY_NAME = 0xC0020024
+RPC_NT_INVALID_NAME_SYNTAX = 0xC0020025
+RPC_NT_UNSUPPORTED_NAME_SYNTAX = 0xC0020026
+RPC_NT_UUID_NO_ADDRESS = 0xC0020028
+RPC_NT_DUPLICATE_ENDPOINT = 0xC0020029
+RPC_NT_UNKNOWN_AUTHN_TYPE = 0xC002002A
+RPC_NT_MAX_CALLS_TOO_SMALL = 0xC002002B
+RPC_NT_STRING_TOO_LONG = 0xC002002C
+RPC_NT_PROTSEQ_NOT_FOUND = 0xC002002D
+RPC_NT_PROCNUM_OUT_OF_RANGE = 0xC002002E
+RPC_NT_BINDING_HAS_NO_AUTH = 0xC002002F
+RPC_NT_UNKNOWN_AUTHN_SERVICE = 0xC0020030
+RPC_NT_UNKNOWN_AUTHN_LEVEL = 0xC0020031
+RPC_NT_INVALID_AUTH_IDENTITY = 0xC0020032
+RPC_NT_UNKNOWN_AUTHZ_SERVICE = 0xC0020033
+EPT_NT_INVALID_ENTRY = 0xC0020034
+EPT_NT_CANT_PERFORM_OP = 0xC0020035
+EPT_NT_NOT_REGISTERED = 0xC0020036
+RPC_NT_NOTHING_TO_EXPORT = 0xC0020037
+RPC_NT_INCOMPLETE_NAME = 0xC0020038
+RPC_NT_INVALID_VERS_OPTION = 0xC0020039
+RPC_NT_NO_MORE_MEMBERS = 0xC002003A
+RPC_NT_NOT_ALL_OBJS_UNEXPORTED = 0xC002003B
+RPC_NT_INTERFACE_NOT_FOUND = 0xC002003C
+RPC_NT_ENTRY_ALREADY_EXISTS = 0xC002003D
+RPC_NT_ENTRY_NOT_FOUND = 0xC002003E
+RPC_NT_NAME_SERVICE_UNAVAILABLE = 0xC002003F
+RPC_NT_INVALID_NAF_ID = 0xC0020040
+RPC_NT_CANNOT_SUPPORT = 0xC0020041
+RPC_NT_NO_CONTEXT_AVAILABLE = 0xC0020042
+RPC_NT_INTERNAL_ERROR = 0xC0020043
+RPC_NT_ZERO_DIVIDE = 0xC0020044
+RPC_NT_ADDRESS_ERROR = 0xC0020045
+RPC_NT_FP_DIV_ZERO = 0xC0020046
+RPC_NT_FP_UNDERFLOW = 0xC0020047
+RPC_NT_FP_OVERFLOW = 0xC0020048
+RPC_NT_CALL_IN_PROGRESS = 0xC0020049
+RPC_NT_NO_MORE_BINDINGS = 0xC002004A
+RPC_NT_GROUP_MEMBER_NOT_FOUND = 0xC002004B
+EPT_NT_CANT_CREATE = 0xC002004C
+RPC_NT_INVALID_OBJECT = 0xC002004D
+RPC_NT_NO_INTERFACES = 0xC002004F
+RPC_NT_CALL_CANCELLED = 0xC0020050
+RPC_NT_BINDING_INCOMPLETE = 0xC0020051
+RPC_NT_COMM_FAILURE = 0xC0020052
+RPC_NT_UNSUPPORTED_AUTHN_LEVEL = 0xC0020053
+RPC_NT_NO_PRINC_NAME = 0xC0020054
+RPC_NT_NOT_RPC_ERROR = 0xC0020055
+RPC_NT_SEC_PKG_ERROR = 0xC0020057
+RPC_NT_NOT_CANCELLED = 0xC0020058
+RPC_NT_INVALID_ASYNC_HANDLE = 0xC0020062
+RPC_NT_INVALID_ASYNC_CALL = 0xC0020063
+RPC_NT_PROXY_ACCESS_DENIED = 0xC0020064
+RPC_NT_NO_MORE_ENTRIES = 0xC0030001
+RPC_NT_SS_CHAR_TRANS_OPEN_FAIL = 0xC0030002
+RPC_NT_SS_CHAR_TRANS_SHORT_FILE = 0xC0030003
+RPC_NT_SS_IN_NULL_CONTEXT = 0xC0030004
+RPC_NT_SS_CONTEXT_MISMATCH = 0xC0030005
+RPC_NT_SS_CONTEXT_DAMAGED = 0xC0030006
+RPC_NT_SS_HANDLES_MISMATCH = 0xC0030007
+RPC_NT_SS_CANNOT_GET_CALL_HANDLE = 0xC0030008
+RPC_NT_NULL_REF_POINTER = 0xC0030009
+RPC_NT_ENUM_VALUE_OUT_OF_RANGE = 0xC003000A
+RPC_NT_BYTE_COUNT_TOO_SMALL = 0xC003000B
+RPC_NT_BAD_STUB_DATA = 0xC003000C
+RPC_NT_INVALID_ES_ACTION = 0xC0030059
+RPC_NT_WRONG_ES_VERSION = 0xC003005A
+RPC_NT_WRONG_STUB_VERSION = 0xC003005B
+RPC_NT_INVALID_PIPE_OBJECT = 0xC003005C
+RPC_NT_INVALID_PIPE_OPERATION = 0xC003005D
+RPC_NT_WRONG_PIPE_VERSION = 0xC003005E
+RPC_NT_PIPE_CLOSED = 0xC003005F
+RPC_NT_PIPE_DISCIPLINE_ERROR = 0xC0030060
+RPC_NT_PIPE_EMPTY = 0xC0030061
+STATUS_PNP_BAD_MPS_TABLE = 0xC0040035
+STATUS_PNP_TRANSLATION_FAILED = 0xC0040036
+STATUS_PNP_IRQ_TRANSLATION_FAILED = 0xC0040037
+STATUS_PNP_INVALID_ID = 0xC0040038
+STATUS_IO_REISSUE_AS_CACHED = 0xC0040039
+STATUS_CTX_WINSTATION_NAME_INVALID = 0xC00A0001
+STATUS_CTX_INVALID_PD = 0xC00A0002
+STATUS_CTX_PD_NOT_FOUND = 0xC00A0003
+STATUS_CTX_CLOSE_PENDING = 0xC00A0006
+STATUS_CTX_NO_OUTBUF = 0xC00A0007
+STATUS_CTX_MODEM_INF_NOT_FOUND = 0xC00A0008
+STATUS_CTX_INVALID_MODEMNAME = 0xC00A0009
+STATUS_CTX_RESPONSE_ERROR = 0xC00A000A
+STATUS_CTX_MODEM_RESPONSE_TIMEOUT = 0xC00A000B
+STATUS_CTX_MODEM_RESPONSE_NO_CARRIER = 0xC00A000C
+STATUS_CTX_MODEM_RESPONSE_NO_DIALTONE = 0xC00A000D
+STATUS_CTX_MODEM_RESPONSE_BUSY = 0xC00A000E
+STATUS_CTX_MODEM_RESPONSE_VOICE = 0xC00A000F
+STATUS_CTX_TD_ERROR = 0xC00A0010
+STATUS_CTX_LICENSE_CLIENT_INVALID = 0xC00A0012
+STATUS_CTX_LICENSE_NOT_AVAILABLE = 0xC00A0013
+STATUS_CTX_LICENSE_EXPIRED = 0xC00A0014
+STATUS_CTX_WINSTATION_NOT_FOUND = 0xC00A0015
+STATUS_CTX_WINSTATION_NAME_COLLISION = 0xC00A0016
+STATUS_CTX_WINSTATION_BUSY = 0xC00A0017
+STATUS_CTX_BAD_VIDEO_MODE = 0xC00A0018
+STATUS_CTX_GRAPHICS_INVALID = 0xC00A0022
+STATUS_CTX_NOT_CONSOLE = 0xC00A0024
+STATUS_CTX_CLIENT_QUERY_TIMEOUT = 0xC00A0026
+STATUS_CTX_CONSOLE_DISCONNECT = 0xC00A0027
+STATUS_CTX_CONSOLE_CONNECT = 0xC00A0028
+STATUS_CTX_SHADOW_DENIED = 0xC00A002A
+STATUS_CTX_WINSTATION_ACCESS_DENIED = 0xC00A002B
+STATUS_CTX_INVALID_WD = 0xC00A002E
+STATUS_CTX_WD_NOT_FOUND = 0xC00A002F
+STATUS_CTX_SHADOW_INVALID = 0xC00A0030
+STATUS_CTX_SHADOW_DISABLED = 0xC00A0031
+STATUS_RDP_PROTOCOL_ERROR = 0xC00A0032
+STATUS_CTX_CLIENT_LICENSE_NOT_SET = 0xC00A0033
+STATUS_CTX_CLIENT_LICENSE_IN_USE = 0xC00A0034
+STATUS_CTX_SHADOW_ENDED_BY_MODE_CHANGE = 0xC00A0035
+STATUS_CTX_SHADOW_NOT_RUNNING = 0xC00A0036
+STATUS_CTX_LOGON_DISABLED = 0xC00A0037
+STATUS_CTX_SECURITY_LAYER_ERROR = 0xC00A0038
+STATUS_TS_INCOMPATIBLE_SESSIONS = 0xC00A0039
+STATUS_MUI_FILE_NOT_FOUND = 0xC00B0001
+STATUS_MUI_INVALID_FILE = 0xC00B0002
+STATUS_MUI_INVALID_RC_CONFIG = 0xC00B0003
+STATUS_MUI_INVALID_LOCALE_NAME = 0xC00B0004
+STATUS_MUI_INVALID_ULTIMATEFALLBACK_NAME = 0xC00B0005
+STATUS_MUI_FILE_NOT_LOADED = 0xC00B0006
+STATUS_RESOURCE_ENUM_USER_STOP = 0xC00B0007
+STATUS_CLUSTER_INVALID_NODE = 0xC0130001
+STATUS_CLUSTER_NODE_EXISTS = 0xC0130002
+STATUS_CLUSTER_JOIN_IN_PROGRESS = 0xC0130003
+STATUS_CLUSTER_NODE_NOT_FOUND = 0xC0130004
+STATUS_CLUSTER_LOCAL_NODE_NOT_FOUND = 0xC0130005
+STATUS_CLUSTER_NETWORK_EXISTS = 0xC0130006
+STATUS_CLUSTER_NETWORK_NOT_FOUND = 0xC0130007
+STATUS_CLUSTER_NETINTERFACE_EXISTS = 0xC0130008
+STATUS_CLUSTER_NETINTERFACE_NOT_FOUND = 0xC0130009
+STATUS_CLUSTER_INVALID_REQUEST = 0xC013000A
+STATUS_CLUSTER_INVALID_NETWORK_PROVIDER = 0xC013000B
+STATUS_CLUSTER_NODE_DOWN = 0xC013000C
+STATUS_CLUSTER_NODE_UNREACHABLE = 0xC013000D
+STATUS_CLUSTER_NODE_NOT_MEMBER = 0xC013000E
+STATUS_CLUSTER_JOIN_NOT_IN_PROGRESS = 0xC013000F
+STATUS_CLUSTER_INVALID_NETWORK = 0xC0130010
+STATUS_CLUSTER_NO_NET_ADAPTERS = 0xC0130011
+STATUS_CLUSTER_NODE_UP = 0xC0130012
+STATUS_CLUSTER_NODE_PAUSED = 0xC0130013
+STATUS_CLUSTER_NODE_NOT_PAUSED = 0xC0130014
+STATUS_CLUSTER_NO_SECURITY_CONTEXT = 0xC0130015
+STATUS_CLUSTER_NETWORK_NOT_INTERNAL = 0xC0130016
+STATUS_CLUSTER_POISONED = 0xC0130017
+STATUS_ACPI_INVALID_OPCODE = 0xC0140001
+STATUS_ACPI_STACK_OVERFLOW = 0xC0140002
+STATUS_ACPI_ASSERT_FAILED = 0xC0140003
+STATUS_ACPI_INVALID_INDEX = 0xC0140004
+STATUS_ACPI_INVALID_ARGUMENT = 0xC0140005
+STATUS_ACPI_FATAL = 0xC0140006
+STATUS_ACPI_INVALID_SUPERNAME = 0xC0140007
+STATUS_ACPI_INVALID_ARGTYPE = 0xC0140008
+STATUS_ACPI_INVALID_OBJTYPE = 0xC0140009
+STATUS_ACPI_INVALID_TARGETTYPE = 0xC014000A
+STATUS_ACPI_INCORRECT_ARGUMENT_COUNT = 0xC014000B
+STATUS_ACPI_ADDRESS_NOT_MAPPED = 0xC014000C
+STATUS_ACPI_INVALID_EVENTTYPE = 0xC014000D
+STATUS_ACPI_HANDLER_COLLISION = 0xC014000E
+STATUS_ACPI_INVALID_DATA = 0xC014000F
+STATUS_ACPI_INVALID_REGION = 0xC0140010
+STATUS_ACPI_INVALID_ACCESS_SIZE = 0xC0140011
+STATUS_ACPI_ACQUIRE_GLOBAL_LOCK = 0xC0140012
+STATUS_ACPI_ALREADY_INITIALIZED = 0xC0140013
+STATUS_ACPI_NOT_INITIALIZED = 0xC0140014
+STATUS_ACPI_INVALID_MUTEX_LEVEL = 0xC0140015
+STATUS_ACPI_MUTEX_NOT_OWNED = 0xC0140016
+STATUS_ACPI_MUTEX_NOT_OWNER = 0xC0140017
+STATUS_ACPI_RS_ACCESS = 0xC0140018
+STATUS_ACPI_INVALID_TABLE = 0xC0140019
+STATUS_ACPI_REG_HANDLER_FAILED = 0xC0140020
+STATUS_ACPI_POWER_REQUEST_FAILED = 0xC0140021
+STATUS_SXS_SECTION_NOT_FOUND = 0xC0150001
+STATUS_SXS_CANT_GEN_ACTCTX = 0xC0150002
+STATUS_SXS_INVALID_ACTCTXDATA_FORMAT = 0xC0150003
+STATUS_SXS_ASSEMBLY_NOT_FOUND = 0xC0150004
+STATUS_SXS_MANIFEST_FORMAT_ERROR = 0xC0150005
+STATUS_SXS_MANIFEST_PARSE_ERROR = 0xC0150006
+STATUS_SXS_ACTIVATION_CONTEXT_DISABLED = 0xC0150007
+STATUS_SXS_KEY_NOT_FOUND = 0xC0150008
+STATUS_SXS_VERSION_CONFLICT = 0xC0150009
+STATUS_SXS_WRONG_SECTION_TYPE = 0xC015000A
+STATUS_SXS_THREAD_QUERIES_DISABLED = 0xC015000B
+STATUS_SXS_ASSEMBLY_MISSING = 0xC015000C
+STATUS_SXS_PROCESS_DEFAULT_ALREADY_SET = 0xC015000E
+STATUS_SXS_EARLY_DEACTIVATION = 0xC015000F
+STATUS_SXS_INVALID_DEACTIVATION = 0xC0150010
+STATUS_SXS_MULTIPLE_DEACTIVATION = 0xC0150011
+STATUS_SXS_SYSTEM_DEFAULT_ACTIVATION_CONTEXT_EMPTY = 0xC0150012
+STATUS_SXS_PROCESS_TERMINATION_REQUESTED = 0xC0150013
+STATUS_SXS_CORRUPT_ACTIVATION_STACK = 0xC0150014
+STATUS_SXS_CORRUPTION = 0xC0150015
+STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_VALUE = 0xC0150016
+STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_NAME = 0xC0150017
+STATUS_SXS_IDENTITY_DUPLICATE_ATTRIBUTE = 0xC0150018
+STATUS_SXS_IDENTITY_PARSE_ERROR = 0xC0150019
+STATUS_SXS_COMPONENT_STORE_CORRUPT = 0xC015001A
+STATUS_SXS_FILE_HASH_MISMATCH = 0xC015001B
+STATUS_SXS_MANIFEST_IDENTITY_SAME_BUT_CONTENTS_DIFFERENT = 0xC015001C
+STATUS_SXS_IDENTITIES_DIFFERENT = 0xC015001D
+STATUS_SXS_ASSEMBLY_IS_NOT_A_DEPLOYMENT = 0xC015001E
+STATUS_SXS_FILE_NOT_PART_OF_ASSEMBLY = 0xC015001F
+STATUS_ADVANCED_INSTALLER_FAILED = 0xC0150020
+STATUS_XML_ENCODING_MISMATCH = 0xC0150021
+STATUS_SXS_MANIFEST_TOO_BIG = 0xC0150022
+STATUS_SXS_SETTING_NOT_REGISTERED = 0xC0150023
+STATUS_SXS_TRANSACTION_CLOSURE_INCOMPLETE = 0xC0150024
+STATUS_SMI_PRIMITIVE_INSTALLER_FAILED = 0xC0150025
+STATUS_GENERIC_COMMAND_FAILED = 0xC0150026
+STATUS_SXS_FILE_HASH_MISSING = 0xC0150027
+STATUS_TRANSACTIONAL_CONFLICT = 0xC0190001
+STATUS_INVALID_TRANSACTION = 0xC0190002
+STATUS_TRANSACTION_NOT_ACTIVE = 0xC0190003
+STATUS_TM_INITIALIZATION_FAILED = 0xC0190004
+STATUS_RM_NOT_ACTIVE = 0xC0190005
+STATUS_RM_METADATA_CORRUPT = 0xC0190006
+STATUS_TRANSACTION_NOT_JOINED = 0xC0190007
+STATUS_DIRECTORY_NOT_RM = 0xC0190008
+STATUS_TRANSACTIONS_UNSUPPORTED_REMOTE = 0xC019000A
+STATUS_LOG_RESIZE_INVALID_SIZE = 0xC019000B
+STATUS_REMOTE_FILE_VERSION_MISMATCH = 0xC019000C
+STATUS_CRM_PROTOCOL_ALREADY_EXISTS = 0xC019000F
+STATUS_TRANSACTION_PROPAGATION_FAILED = 0xC0190010
+STATUS_CRM_PROTOCOL_NOT_FOUND = 0xC0190011
+STATUS_TRANSACTION_SUPERIOR_EXISTS = 0xC0190012
+STATUS_TRANSACTION_REQUEST_NOT_VALID = 0xC0190013
+STATUS_TRANSACTION_NOT_REQUESTED = 0xC0190014
+STATUS_TRANSACTION_ALREADY_ABORTED = 0xC0190015
+STATUS_TRANSACTION_ALREADY_COMMITTED = 0xC0190016
+STATUS_TRANSACTION_INVALID_MARSHALL_BUFFER = 0xC0190017
+STATUS_CURRENT_TRANSACTION_NOT_VALID = 0xC0190018
+STATUS_LOG_GROWTH_FAILED = 0xC0190019
+STATUS_OBJECT_NO_LONGER_EXISTS = 0xC0190021
+STATUS_STREAM_MINIVERSION_NOT_FOUND = 0xC0190022
+STATUS_STREAM_MINIVERSION_NOT_VALID = 0xC0190023
+STATUS_MINIVERSION_INACCESSIBLE_FROM_SPECIFIED_TRANSACTION = 0xC0190024
+STATUS_CANT_OPEN_MINIVERSION_WITH_MODIFY_INTENT = 0xC0190025
+STATUS_CANT_CREATE_MORE_STREAM_MINIVERSIONS = 0xC0190026
+STATUS_HANDLE_NO_LONGER_VALID = 0xC0190028
+STATUS_LOG_CORRUPTION_DETECTED = 0xC0190030
+STATUS_RM_DISCONNECTED = 0xC0190032
+STATUS_ENLISTMENT_NOT_SUPERIOR = 0xC0190033
+STATUS_FILE_IDENTITY_NOT_PERSISTENT = 0xC0190036
+STATUS_CANT_BREAK_TRANSACTIONAL_DEPENDENCY = 0xC0190037
+STATUS_CANT_CROSS_RM_BOUNDARY = 0xC0190038
+STATUS_TXF_DIR_NOT_EMPTY = 0xC0190039
+STATUS_INDOUBT_TRANSACTIONS_EXIST = 0xC019003A
+STATUS_TM_VOLATILE = 0xC019003B
+STATUS_ROLLBACK_TIMER_EXPIRED = 0xC019003C
+STATUS_TXF_ATTRIBUTE_CORRUPT = 0xC019003D
+STATUS_EFS_NOT_ALLOWED_IN_TRANSACTION = 0xC019003E
+STATUS_TRANSACTIONAL_OPEN_NOT_ALLOWED = 0xC019003F
+STATUS_TRANSACTED_MAPPING_UNSUPPORTED_REMOTE = 0xC0190040
+STATUS_TRANSACTION_REQUIRED_PROMOTION = 0xC0190043
+STATUS_CANNOT_EXECUTE_FILE_IN_TRANSACTION = 0xC0190044
+STATUS_TRANSACTIONS_NOT_FROZEN = 0xC0190045
+STATUS_TRANSACTION_FREEZE_IN_PROGRESS = 0xC0190046
+STATUS_NOT_SNAPSHOT_VOLUME = 0xC0190047
+STATUS_NO_SAVEPOINT_WITH_OPEN_FILES = 0xC0190048
+STATUS_SPARSE_NOT_ALLOWED_IN_TRANSACTION = 0xC0190049
+STATUS_TM_IDENTITY_MISMATCH = 0xC019004A
+STATUS_FLOATED_SECTION = 0xC019004B
+STATUS_CANNOT_ACCEPT_TRANSACTED_WORK = 0xC019004C
+STATUS_CANNOT_ABORT_TRANSACTIONS = 0xC019004D
+STATUS_TRANSACTION_NOT_FOUND = 0xC019004E
+STATUS_RESOURCEMANAGER_NOT_FOUND = 0xC019004F
+STATUS_ENLISTMENT_NOT_FOUND = 0xC0190050
+STATUS_TRANSACTIONMANAGER_NOT_FOUND = 0xC0190051
+STATUS_TRANSACTIONMANAGER_NOT_ONLINE = 0xC0190052
+STATUS_TRANSACTIONMANAGER_RECOVERY_NAME_COLLISION = 0xC0190053
+STATUS_TRANSACTION_NOT_ROOT = 0xC0190054
+STATUS_TRANSACTION_OBJECT_EXPIRED = 0xC0190055
+STATUS_COMPRESSION_NOT_ALLOWED_IN_TRANSACTION = 0xC0190056
+STATUS_TRANSACTION_RESPONSE_NOT_ENLISTED = 0xC0190057
+STATUS_TRANSACTION_RECORD_TOO_LONG = 0xC0190058
+STATUS_NO_LINK_TRACKING_IN_TRANSACTION = 0xC0190059
+STATUS_OPERATION_NOT_SUPPORTED_IN_TRANSACTION = 0xC019005A
+STATUS_TRANSACTION_INTEGRITY_VIOLATED = 0xC019005B
+STATUS_EXPIRED_HANDLE = 0xC0190060
+STATUS_TRANSACTION_NOT_ENLISTED = 0xC0190061
+STATUS_LOG_SECTOR_INVALID = 0xC01A0001
+STATUS_LOG_SECTOR_PARITY_INVALID = 0xC01A0002
+STATUS_LOG_SECTOR_REMAPPED = 0xC01A0003
+STATUS_LOG_BLOCK_INCOMPLETE = 0xC01A0004
+STATUS_LOG_INVALID_RANGE = 0xC01A0005
+STATUS_LOG_BLOCKS_EXHAUSTED = 0xC01A0006
+STATUS_LOG_READ_CONTEXT_INVALID = 0xC01A0007
+STATUS_LOG_RESTART_INVALID = 0xC01A0008
+STATUS_LOG_BLOCK_VERSION = 0xC01A0009
+STATUS_LOG_BLOCK_INVALID = 0xC01A000A
+STATUS_LOG_READ_MODE_INVALID = 0xC01A000B
+STATUS_LOG_METADATA_CORRUPT = 0xC01A000D
+STATUS_LOG_METADATA_INVALID = 0xC01A000E
+STATUS_LOG_METADATA_INCONSISTENT = 0xC01A000F
+STATUS_LOG_RESERVATION_INVALID = 0xC01A0010
+STATUS_LOG_CANT_DELETE = 0xC01A0011
+STATUS_LOG_CONTAINER_LIMIT_EXCEEDED = 0xC01A0012
+STATUS_LOG_START_OF_LOG = 0xC01A0013
+STATUS_LOG_POLICY_ALREADY_INSTALLED = 0xC01A0014
+STATUS_LOG_POLICY_NOT_INSTALLED = 0xC01A0015
+STATUS_LOG_POLICY_INVALID = 0xC01A0016
+STATUS_LOG_POLICY_CONFLICT = 0xC01A0017
+STATUS_LOG_PINNED_ARCHIVE_TAIL = 0xC01A0018
+STATUS_LOG_RECORD_NONEXISTENT = 0xC01A0019
+STATUS_LOG_RECORDS_RESERVED_INVALID = 0xC01A001A
+STATUS_LOG_SPACE_RESERVED_INVALID = 0xC01A001B
+STATUS_LOG_TAIL_INVALID = 0xC01A001C
+STATUS_LOG_FULL = 0xC01A001D
+STATUS_LOG_MULTIPLEXED = 0xC01A001E
+STATUS_LOG_DEDICATED = 0xC01A001F
+STATUS_LOG_ARCHIVE_NOT_IN_PROGRESS = 0xC01A0020
+STATUS_LOG_ARCHIVE_IN_PROGRESS = 0xC01A0021
+STATUS_LOG_EPHEMERAL = 0xC01A0022
+STATUS_LOG_NOT_ENOUGH_CONTAINERS = 0xC01A0023
+STATUS_LOG_CLIENT_ALREADY_REGISTERED = 0xC01A0024
+STATUS_LOG_CLIENT_NOT_REGISTERED = 0xC01A0025
+STATUS_LOG_FULL_HANDLER_IN_PROGRESS = 0xC01A0026
+STATUS_LOG_CONTAINER_READ_FAILED = 0xC01A0027
+STATUS_LOG_CONTAINER_WRITE_FAILED = 0xC01A0028
+STATUS_LOG_CONTAINER_OPEN_FAILED = 0xC01A0029
+STATUS_LOG_CONTAINER_STATE_INVALID = 0xC01A002A
+STATUS_LOG_STATE_INVALID = 0xC01A002B
+STATUS_LOG_PINNED = 0xC01A002C
+STATUS_LOG_METADATA_FLUSH_FAILED = 0xC01A002D
+STATUS_LOG_INCONSISTENT_SECURITY = 0xC01A002E
+STATUS_LOG_APPENDED_FLUSH_FAILED = 0xC01A002F
+STATUS_LOG_PINNED_RESERVATION = 0xC01A0030
+STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD = 0xC01B00EA
+STATUS_FLT_NO_HANDLER_DEFINED = 0xC01C0001
+STATUS_FLT_CONTEXT_ALREADY_DEFINED = 0xC01C0002
+STATUS_FLT_INVALID_ASYNCHRONOUS_REQUEST = 0xC01C0003
+STATUS_FLT_DISALLOW_FAST_IO = 0xC01C0004
+STATUS_FLT_INVALID_NAME_REQUEST = 0xC01C0005
+STATUS_FLT_NOT_SAFE_TO_POST_OPERATION = 0xC01C0006
+STATUS_FLT_NOT_INITIALIZED = 0xC01C0007
+STATUS_FLT_FILTER_NOT_READY = 0xC01C0008
+STATUS_FLT_POST_OPERATION_CLEANUP = 0xC01C0009
+STATUS_FLT_INTERNAL_ERROR = 0xC01C000A
+STATUS_FLT_DELETING_OBJECT = 0xC01C000B
+STATUS_FLT_MUST_BE_NONPAGED_POOL = 0xC01C000C
+STATUS_FLT_DUPLICATE_ENTRY = 0xC01C000D
+STATUS_FLT_CBDQ_DISABLED = 0xC01C000E
+STATUS_FLT_DO_NOT_ATTACH = 0xC01C000F
+STATUS_FLT_DO_NOT_DETACH = 0xC01C0010
+STATUS_FLT_INSTANCE_ALTITUDE_COLLISION = 0xC01C0011
+STATUS_FLT_INSTANCE_NAME_COLLISION = 0xC01C0012
+STATUS_FLT_FILTER_NOT_FOUND = 0xC01C0013
+STATUS_FLT_VOLUME_NOT_FOUND = 0xC01C0014
+STATUS_FLT_INSTANCE_NOT_FOUND = 0xC01C0015
+STATUS_FLT_CONTEXT_ALLOCATION_NOT_FOUND = 0xC01C0016
+STATUS_FLT_INVALID_CONTEXT_REGISTRATION = 0xC01C0017
+STATUS_FLT_NAME_CACHE_MISS = 0xC01C0018
+STATUS_FLT_NO_DEVICE_OBJECT = 0xC01C0019
+STATUS_FLT_VOLUME_ALREADY_MOUNTED = 0xC01C001A
+STATUS_FLT_ALREADY_ENLISTED = 0xC01C001B
+STATUS_FLT_CONTEXT_ALREADY_LINKED = 0xC01C001C
+STATUS_FLT_NO_WAITER_FOR_REPLY = 0xC01C0020
+STATUS_MONITOR_NO_DESCRIPTOR = 0xC01D0001
+STATUS_MONITOR_UNKNOWN_DESCRIPTOR_FORMAT = 0xC01D0002
+STATUS_MONITOR_INVALID_DESCRIPTOR_CHECKSUM = 0xC01D0003
+STATUS_MONITOR_INVALID_STANDARD_TIMING_BLOCK = 0xC01D0004
+STATUS_MONITOR_WMI_DATABLOCK_REGISTRATION_FAILED = 0xC01D0005
+STATUS_MONITOR_INVALID_SERIAL_NUMBER_MONDSC_BLOCK = 0xC01D0006
+STATUS_MONITOR_INVALID_USER_FRIENDLY_MONDSC_BLOCK = 0xC01D0007
+STATUS_MONITOR_NO_MORE_DESCRIPTOR_DATA = 0xC01D0008
+STATUS_MONITOR_INVALID_DETAILED_TIMING_BLOCK = 0xC01D0009
+STATUS_MONITOR_INVALID_MANUFACTURE_DATE = 0xC01D000A
+STATUS_GRAPHICS_NOT_EXCLUSIVE_MODE_OWNER = 0xC01E0000
+STATUS_GRAPHICS_INSUFFICIENT_DMA_BUFFER = 0xC01E0001
+STATUS_GRAPHICS_INVALID_DISPLAY_ADAPTER = 0xC01E0002
+STATUS_GRAPHICS_ADAPTER_WAS_RESET = 0xC01E0003
+STATUS_GRAPHICS_INVALID_DRIVER_MODEL = 0xC01E0004
+STATUS_GRAPHICS_PRESENT_MODE_CHANGED = 0xC01E0005
+STATUS_GRAPHICS_PRESENT_OCCLUDED = 0xC01E0006
+STATUS_GRAPHICS_PRESENT_DENIED = 0xC01E0007
+STATUS_GRAPHICS_CANNOTCOLORCONVERT = 0xC01E0008
+STATUS_GRAPHICS_PRESENT_REDIRECTION_DISABLED = 0xC01E000B
+STATUS_GRAPHICS_PRESENT_UNOCCLUDED = 0xC01E000C
+STATUS_GRAPHICS_NO_VIDEO_MEMORY = 0xC01E0100
+STATUS_GRAPHICS_CANT_LOCK_MEMORY = 0xC01E0101
+STATUS_GRAPHICS_ALLOCATION_BUSY = 0xC01E0102
+STATUS_GRAPHICS_TOO_MANY_REFERENCES = 0xC01E0103
+STATUS_GRAPHICS_TRY_AGAIN_LATER = 0xC01E0104
+STATUS_GRAPHICS_TRY_AGAIN_NOW = 0xC01E0105
+STATUS_GRAPHICS_ALLOCATION_INVALID = 0xC01E0106
+STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNAVAILABLE = 0xC01E0107
+STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNSUPPORTED = 0xC01E0108
+STATUS_GRAPHICS_CANT_EVICT_PINNED_ALLOCATION = 0xC01E0109
+STATUS_GRAPHICS_INVALID_ALLOCATION_USAGE = 0xC01E0110
+STATUS_GRAPHICS_CANT_RENDER_LOCKED_ALLOCATION = 0xC01E0111
+STATUS_GRAPHICS_ALLOCATION_CLOSED = 0xC01E0112
+STATUS_GRAPHICS_INVALID_ALLOCATION_INSTANCE = 0xC01E0113
+STATUS_GRAPHICS_INVALID_ALLOCATION_HANDLE = 0xC01E0114
+STATUS_GRAPHICS_WRONG_ALLOCATION_DEVICE = 0xC01E0115
+STATUS_GRAPHICS_ALLOCATION_CONTENT_LOST = 0xC01E0116
+STATUS_GRAPHICS_GPU_EXCEPTION_ON_DEVICE = 0xC01E0200
+STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY = 0xC01E0300
+STATUS_GRAPHICS_VIDPN_TOPOLOGY_NOT_SUPPORTED = 0xC01E0301
+STATUS_GRAPHICS_VIDPN_TOPOLOGY_CURRENTLY_NOT_SUPPORTED = 0xC01E0302
+STATUS_GRAPHICS_INVALID_VIDPN = 0xC01E0303
+STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE = 0xC01E0304
+STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET = 0xC01E0305
+STATUS_GRAPHICS_VIDPN_MODALITY_NOT_SUPPORTED = 0xC01E0306
+STATUS_GRAPHICS_INVALID_VIDPN_SOURCEMODESET = 0xC01E0308
+STATUS_GRAPHICS_INVALID_VIDPN_TARGETMODESET = 0xC01E0309
+STATUS_GRAPHICS_INVALID_FREQUENCY = 0xC01E030A
+STATUS_GRAPHICS_INVALID_ACTIVE_REGION = 0xC01E030B
+STATUS_GRAPHICS_INVALID_TOTAL_REGION = 0xC01E030C
+STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE_MODE = 0xC01E0310
+STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET_MODE = 0xC01E0311
+STATUS_GRAPHICS_PINNED_MODE_MUST_REMAIN_IN_SET = 0xC01E0312
+STATUS_GRAPHICS_PATH_ALREADY_IN_TOPOLOGY = 0xC01E0313
+STATUS_GRAPHICS_MODE_ALREADY_IN_MODESET = 0xC01E0314
+STATUS_GRAPHICS_INVALID_VIDEOPRESENTSOURCESET = 0xC01E0315
+STATUS_GRAPHICS_INVALID_VIDEOPRESENTTARGETSET = 0xC01E0316
+STATUS_GRAPHICS_SOURCE_ALREADY_IN_SET = 0xC01E0317
+STATUS_GRAPHICS_TARGET_ALREADY_IN_SET = 0xC01E0318
+STATUS_GRAPHICS_INVALID_VIDPN_PRESENT_PATH = 0xC01E0319
+STATUS_GRAPHICS_NO_RECOMMENDED_VIDPN_TOPOLOGY = 0xC01E031A
+STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGESET = 0xC01E031B
+STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE = 0xC01E031C
+STATUS_GRAPHICS_FREQUENCYRANGE_NOT_IN_SET = 0xC01E031D
+STATUS_GRAPHICS_FREQUENCYRANGE_ALREADY_IN_SET = 0xC01E031F
+STATUS_GRAPHICS_STALE_MODESET = 0xC01E0320
+STATUS_GRAPHICS_INVALID_MONITOR_SOURCEMODESET = 0xC01E0321
+STATUS_GRAPHICS_INVALID_MONITOR_SOURCE_MODE = 0xC01E0322
+STATUS_GRAPHICS_NO_RECOMMENDED_FUNCTIONAL_VIDPN = 0xC01E0323
+STATUS_GRAPHICS_MODE_ID_MUST_BE_UNIQUE = 0xC01E0324
+STATUS_GRAPHICS_EMPTY_ADAPTER_MONITOR_MODE_SUPPORT_INTERSECTION = 0xC01E0325
+STATUS_GRAPHICS_VIDEO_PRESENT_TARGETS_LESS_THAN_SOURCES = 0xC01E0326
+STATUS_GRAPHICS_PATH_NOT_IN_TOPOLOGY = 0xC01E0327
+STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_SOURCE = 0xC01E0328
+STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_TARGET = 0xC01E0329
+STATUS_GRAPHICS_INVALID_MONITORDESCRIPTORSET = 0xC01E032A
+STATUS_GRAPHICS_INVALID_MONITORDESCRIPTOR = 0xC01E032B
+STATUS_GRAPHICS_MONITORDESCRIPTOR_NOT_IN_SET = 0xC01E032C
+STATUS_GRAPHICS_MONITORDESCRIPTOR_ALREADY_IN_SET = 0xC01E032D
+STATUS_GRAPHICS_MONITORDESCRIPTOR_ID_MUST_BE_UNIQUE = 0xC01E032E
+STATUS_GRAPHICS_INVALID_VIDPN_TARGET_SUBSET_TYPE = 0xC01E032F
+STATUS_GRAPHICS_RESOURCES_NOT_RELATED = 0xC01E0330
+STATUS_GRAPHICS_SOURCE_ID_MUST_BE_UNIQUE = 0xC01E0331
+STATUS_GRAPHICS_TARGET_ID_MUST_BE_UNIQUE = 0xC01E0332
+STATUS_GRAPHICS_NO_AVAILABLE_VIDPN_TARGET = 0xC01E0333
+STATUS_GRAPHICS_MONITOR_COULD_NOT_BE_ASSOCIATED_WITH_ADAPTER = 0xC01E0334
+STATUS_GRAPHICS_NO_VIDPNMGR = 0xC01E0335
+STATUS_GRAPHICS_NO_ACTIVE_VIDPN = 0xC01E0336
+STATUS_GRAPHICS_STALE_VIDPN_TOPOLOGY = 0xC01E0337
+STATUS_GRAPHICS_MONITOR_NOT_CONNECTED = 0xC01E0338
+STATUS_GRAPHICS_SOURCE_NOT_IN_TOPOLOGY = 0xC01E0339
+STATUS_GRAPHICS_INVALID_PRIMARYSURFACE_SIZE = 0xC01E033A
+STATUS_GRAPHICS_INVALID_VISIBLEREGION_SIZE = 0xC01E033B
+STATUS_GRAPHICS_INVALID_STRIDE = 0xC01E033C
+STATUS_GRAPHICS_INVALID_PIXELFORMAT = 0xC01E033D
+STATUS_GRAPHICS_INVALID_COLORBASIS = 0xC01E033E
+STATUS_GRAPHICS_INVALID_PIXELVALUEACCESSMODE = 0xC01E033F
+STATUS_GRAPHICS_TARGET_NOT_IN_TOPOLOGY = 0xC01E0340
+STATUS_GRAPHICS_NO_DISPLAY_MODE_MANAGEMENT_SUPPORT = 0xC01E0341
+STATUS_GRAPHICS_VIDPN_SOURCE_IN_USE = 0xC01E0342
+STATUS_GRAPHICS_CANT_ACCESS_ACTIVE_VIDPN = 0xC01E0343
+STATUS_GRAPHICS_INVALID_PATH_IMPORTANCE_ORDINAL = 0xC01E0344
+STATUS_GRAPHICS_INVALID_PATH_CONTENT_GEOMETRY_TRANSFORMATION = 0xC01E0345
+STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_SUPPORTED = 0xC01E0346
+STATUS_GRAPHICS_INVALID_GAMMA_RAMP = 0xC01E0347
+STATUS_GRAPHICS_GAMMA_RAMP_NOT_SUPPORTED = 0xC01E0348
+STATUS_GRAPHICS_MULTISAMPLING_NOT_SUPPORTED = 0xC01E0349
+STATUS_GRAPHICS_MODE_NOT_IN_MODESET = 0xC01E034A
+STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY_RECOMMENDATION_REASON = 0xC01E034D
+STATUS_GRAPHICS_INVALID_PATH_CONTENT_TYPE = 0xC01E034E
+STATUS_GRAPHICS_INVALID_COPYPROTECTION_TYPE = 0xC01E034F
+STATUS_GRAPHICS_UNASSIGNED_MODESET_ALREADY_EXISTS = 0xC01E0350
+STATUS_GRAPHICS_INVALID_SCANLINE_ORDERING = 0xC01E0352
+STATUS_GRAPHICS_TOPOLOGY_CHANGES_NOT_ALLOWED = 0xC01E0353
+STATUS_GRAPHICS_NO_AVAILABLE_IMPORTANCE_ORDINALS = 0xC01E0354
+STATUS_GRAPHICS_INCOMPATIBLE_PRIVATE_FORMAT = 0xC01E0355
+STATUS_GRAPHICS_INVALID_MODE_PRUNING_ALGORITHM = 0xC01E0356
+STATUS_GRAPHICS_INVALID_MONITOR_CAPABILITY_ORIGIN = 0xC01E0357
+STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE_CONSTRAINT = 0xC01E0358
+STATUS_GRAPHICS_MAX_NUM_PATHS_REACHED = 0xC01E0359
+STATUS_GRAPHICS_CANCEL_VIDPN_TOPOLOGY_AUGMENTATION = 0xC01E035A
+STATUS_GRAPHICS_INVALID_CLIENT_TYPE = 0xC01E035B
+STATUS_GRAPHICS_CLIENTVIDPN_NOT_SET = 0xC01E035C
+STATUS_GRAPHICS_SPECIFIED_CHILD_ALREADY_CONNECTED = 0xC01E0400
+STATUS_GRAPHICS_CHILD_DESCRIPTOR_NOT_SUPPORTED = 0xC01E0401
+STATUS_GRAPHICS_NOT_A_LINKED_ADAPTER = 0xC01E0430
+STATUS_GRAPHICS_LEADLINK_NOT_ENUMERATED = 0xC01E0431
+STATUS_GRAPHICS_CHAINLINKS_NOT_ENUMERATED = 0xC01E0432
+STATUS_GRAPHICS_ADAPTER_CHAIN_NOT_READY = 0xC01E0433
+STATUS_GRAPHICS_CHAINLINKS_NOT_STARTED = 0xC01E0434
+STATUS_GRAPHICS_CHAINLINKS_NOT_POWERED_ON = 0xC01E0435
+STATUS_GRAPHICS_INCONSISTENT_DEVICE_LINK_STATE = 0xC01E0436
+STATUS_GRAPHICS_NOT_POST_DEVICE_DRIVER = 0xC01E0438
+STATUS_GRAPHICS_ADAPTER_ACCESS_NOT_EXCLUDED = 0xC01E043B
+STATUS_GRAPHICS_OPM_NOT_SUPPORTED = 0xC01E0500
+STATUS_GRAPHICS_COPP_NOT_SUPPORTED = 0xC01E0501
+STATUS_GRAPHICS_UAB_NOT_SUPPORTED = 0xC01E0502
+STATUS_GRAPHICS_OPM_INVALID_ENCRYPTED_PARAMETERS = 0xC01E0503
+STATUS_GRAPHICS_OPM_PARAMETER_ARRAY_TOO_SMALL = 0xC01E0504
+STATUS_GRAPHICS_OPM_NO_PROTECTED_OUTPUTS_EXIST = 0xC01E0505
+STATUS_GRAPHICS_PVP_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME = 0xC01E0506
+STATUS_GRAPHICS_PVP_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP = 0xC01E0507
+STATUS_GRAPHICS_PVP_MIRRORING_DEVICES_NOT_SUPPORTED = 0xC01E0508
+STATUS_GRAPHICS_OPM_INVALID_POINTER = 0xC01E050A
+STATUS_GRAPHICS_OPM_INTERNAL_ERROR = 0xC01E050B
+STATUS_GRAPHICS_OPM_INVALID_HANDLE = 0xC01E050C
+STATUS_GRAPHICS_PVP_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE = 0xC01E050D
+STATUS_GRAPHICS_PVP_INVALID_CERTIFICATE_LENGTH = 0xC01E050E
+STATUS_GRAPHICS_OPM_SPANNING_MODE_ENABLED = 0xC01E050F
+STATUS_GRAPHICS_OPM_THEATER_MODE_ENABLED = 0xC01E0510
+STATUS_GRAPHICS_PVP_HFS_FAILED = 0xC01E0511
+STATUS_GRAPHICS_OPM_INVALID_SRM = 0xC01E0512
+STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_HDCP = 0xC01E0513
+STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_ACP = 0xC01E0514
+STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_CGMSA = 0xC01E0515
+STATUS_GRAPHICS_OPM_HDCP_SRM_NEVER_SET = 0xC01E0516
+STATUS_GRAPHICS_OPM_RESOLUTION_TOO_HIGH = 0xC01E0517
+STATUS_GRAPHICS_OPM_ALL_HDCP_HARDWARE_ALREADY_IN_USE = 0xC01E0518
+STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_NO_LONGER_EXISTS = 0xC01E051A
+STATUS_GRAPHICS_OPM_SESSION_TYPE_CHANGE_IN_PROGRESS = 0xC01E051B
+STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_COPP_SEMANTICS = 0xC01E051C
+STATUS_GRAPHICS_OPM_INVALID_INFORMATION_REQUEST = 0xC01E051D
+STATUS_GRAPHICS_OPM_DRIVER_INTERNAL_ERROR = 0xC01E051E
+STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_OPM_SEMANTICS = 0xC01E051F
+STATUS_GRAPHICS_OPM_SIGNALING_NOT_SUPPORTED = 0xC01E0520
+STATUS_GRAPHICS_OPM_INVALID_CONFIGURATION_REQUEST = 0xC01E0521
+STATUS_GRAPHICS_I2C_NOT_SUPPORTED = 0xC01E0580
+STATUS_GRAPHICS_I2C_DEVICE_DOES_NOT_EXIST = 0xC01E0581
+STATUS_GRAPHICS_I2C_ERROR_TRANSMITTING_DATA = 0xC01E0582
+STATUS_GRAPHICS_I2C_ERROR_RECEIVING_DATA = 0xC01E0583
+STATUS_GRAPHICS_DDCCI_VCP_NOT_SUPPORTED = 0xC01E0584
+STATUS_GRAPHICS_DDCCI_INVALID_DATA = 0xC01E0585
+STATUS_GRAPHICS_DDCCI_MONITOR_RETURNED_INVALID_TIMING_STATUS_BYTE = 0xC01E0586
+STATUS_GRAPHICS_DDCCI_INVALID_CAPABILITIES_STRING = 0xC01E0587
+STATUS_GRAPHICS_MCA_INTERNAL_ERROR = 0xC01E0588
+STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_COMMAND = 0xC01E0589
+STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_LENGTH = 0xC01E058A
+STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_CHECKSUM = 0xC01E058B
+STATUS_GRAPHICS_INVALID_PHYSICAL_MONITOR_HANDLE = 0xC01E058C
+STATUS_GRAPHICS_MONITOR_NO_LONGER_EXISTS = 0xC01E058D
+STATUS_GRAPHICS_ONLY_CONSOLE_SESSION_SUPPORTED = 0xC01E05E0
+STATUS_GRAPHICS_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME = 0xC01E05E1
+STATUS_GRAPHICS_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP = 0xC01E05E2
+STATUS_GRAPHICS_MIRRORING_DEVICES_NOT_SUPPORTED = 0xC01E05E3
+STATUS_GRAPHICS_INVALID_POINTER = 0xC01E05E4
+STATUS_GRAPHICS_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE = 0xC01E05E5
+STATUS_GRAPHICS_PARAMETER_ARRAY_TOO_SMALL = 0xC01E05E6
+STATUS_GRAPHICS_INTERNAL_ERROR = 0xC01E05E7
+STATUS_GRAPHICS_SESSION_TYPE_CHANGE_IN_PROGRESS = 0xC01E05E8
+STATUS_FVE_LOCKED_VOLUME = 0xC0210000
+STATUS_FVE_NOT_ENCRYPTED = 0xC0210001
+STATUS_FVE_BAD_INFORMATION = 0xC0210002
+STATUS_FVE_TOO_SMALL = 0xC0210003
+STATUS_FVE_FAILED_WRONG_FS = 0xC0210004
+STATUS_FVE_FAILED_BAD_FS = 0xC0210005
+STATUS_FVE_FS_NOT_EXTENDED = 0xC0210006
+STATUS_FVE_FS_MOUNTED = 0xC0210007
+STATUS_FVE_NO_LICENSE = 0xC0210008
+STATUS_FVE_ACTION_NOT_ALLOWED = 0xC0210009
+STATUS_FVE_BAD_DATA = 0xC021000A
+STATUS_FVE_VOLUME_NOT_BOUND = 0xC021000B
+STATUS_FVE_NOT_DATA_VOLUME = 0xC021000C
+STATUS_FVE_CONV_READ_ERROR = 0xC021000D
+STATUS_FVE_CONV_WRITE_ERROR = 0xC021000E
+STATUS_FVE_OVERLAPPED_UPDATE = 0xC021000F
+STATUS_FVE_FAILED_SECTOR_SIZE = 0xC0210010
+STATUS_FVE_FAILED_AUTHENTICATION = 0xC0210011
+STATUS_FVE_NOT_OS_VOLUME = 0xC0210012
+STATUS_FVE_KEYFILE_NOT_FOUND = 0xC0210013
+STATUS_FVE_KEYFILE_INVALID = 0xC0210014
+STATUS_FVE_KEYFILE_NO_VMK = 0xC0210015
+STATUS_FVE_TPM_DISABLED = 0xC0210016
+STATUS_FVE_TPM_SRK_AUTH_NOT_ZERO = 0xC0210017
+STATUS_FVE_TPM_INVALID_PCR = 0xC0210018
+STATUS_FVE_TPM_NO_VMK = 0xC0210019
+STATUS_FVE_PIN_INVALID = 0xC021001A
+STATUS_FVE_AUTH_INVALID_APPLICATION = 0xC021001B
+STATUS_FVE_AUTH_INVALID_CONFIG = 0xC021001C
+STATUS_FVE_DEBUGGER_ENABLED = 0xC021001D
+STATUS_FVE_DRY_RUN_FAILED = 0xC021001E
+STATUS_FVE_BAD_METADATA_POINTER = 0xC021001F
+STATUS_FVE_OLD_METADATA_COPY = 0xC0210020
+STATUS_FVE_REBOOT_REQUIRED = 0xC0210021
+STATUS_FVE_RAW_ACCESS = 0xC0210022
+STATUS_FVE_RAW_BLOCKED = 0xC0210023
+STATUS_FVE_NO_FEATURE_LICENSE = 0xC0210026
+STATUS_FVE_POLICY_USER_DISABLE_RDV_NOT_ALLOWED = 0xC0210027
+STATUS_FVE_CONV_RECOVERY_FAILED = 0xC0210028
+STATUS_FVE_VIRTUALIZED_SPACE_TOO_BIG = 0xC0210029
+STATUS_FVE_VOLUME_TOO_SMALL = 0xC0210030
+STATUS_FWP_CALLOUT_NOT_FOUND = 0xC0220001
+STATUS_FWP_CONDITION_NOT_FOUND = 0xC0220002
+STATUS_FWP_FILTER_NOT_FOUND = 0xC0220003
+STATUS_FWP_LAYER_NOT_FOUND = 0xC0220004
+STATUS_FWP_PROVIDER_NOT_FOUND = 0xC0220005
+STATUS_FWP_PROVIDER_CONTEXT_NOT_FOUND = 0xC0220006
+STATUS_FWP_SUBLAYER_NOT_FOUND = 0xC0220007
+STATUS_FWP_NOT_FOUND = 0xC0220008
+STATUS_FWP_ALREADY_EXISTS = 0xC0220009
+STATUS_FWP_IN_USE = 0xC022000A
+STATUS_FWP_DYNAMIC_SESSION_IN_PROGRESS = 0xC022000B
+STATUS_FWP_WRONG_SESSION = 0xC022000C
+STATUS_FWP_NO_TXN_IN_PROGRESS = 0xC022000D
+STATUS_FWP_TXN_IN_PROGRESS = 0xC022000E
+STATUS_FWP_TXN_ABORTED = 0xC022000F
+STATUS_FWP_SESSION_ABORTED = 0xC0220010
+STATUS_FWP_INCOMPATIBLE_TXN = 0xC0220011
+STATUS_FWP_TIMEOUT = 0xC0220012
+STATUS_FWP_NET_EVENTS_DISABLED = 0xC0220013
+STATUS_FWP_INCOMPATIBLE_LAYER = 0xC0220014
+STATUS_FWP_KM_CLIENTS_ONLY = 0xC0220015
+STATUS_FWP_LIFETIME_MISMATCH = 0xC0220016
+STATUS_FWP_BUILTIN_OBJECT = 0xC0220017
+STATUS_FWP_TOO_MANY_BOOTTIME_FILTERS = 0xC0220018
+STATUS_FWP_TOO_MANY_CALLOUTS = 0xC0220018
+STATUS_FWP_NOTIFICATION_DROPPED = 0xC0220019
+STATUS_FWP_TRAFFIC_MISMATCH = 0xC022001A
+STATUS_FWP_INCOMPATIBLE_SA_STATE = 0xC022001B
+STATUS_FWP_NULL_POINTER = 0xC022001C
+STATUS_FWP_INVALID_ENUMERATOR = 0xC022001D
+STATUS_FWP_INVALID_FLAGS = 0xC022001E
+STATUS_FWP_INVALID_NET_MASK = 0xC022001F
+STATUS_FWP_INVALID_RANGE = 0xC0220020
+STATUS_FWP_INVALID_INTERVAL = 0xC0220021
+STATUS_FWP_ZERO_LENGTH_ARRAY = 0xC0220022
+STATUS_FWP_NULL_DISPLAY_NAME = 0xC0220023
+STATUS_FWP_INVALID_ACTION_TYPE = 0xC0220024
+STATUS_FWP_INVALID_WEIGHT = 0xC0220025
+STATUS_FWP_MATCH_TYPE_MISMATCH = 0xC0220026
+STATUS_FWP_TYPE_MISMATCH = 0xC0220027
+STATUS_FWP_OUT_OF_BOUNDS = 0xC0220028
+STATUS_FWP_RESERVED = 0xC0220029
+STATUS_FWP_DUPLICATE_CONDITION = 0xC022002A
+STATUS_FWP_DUPLICATE_KEYMOD = 0xC022002B
+STATUS_FWP_ACTION_INCOMPATIBLE_WITH_LAYER = 0xC022002C
+STATUS_FWP_ACTION_INCOMPATIBLE_WITH_SUBLAYER = 0xC022002D
+STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_LAYER = 0xC022002E
+STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_CALLOUT = 0xC022002F
+STATUS_FWP_INCOMPATIBLE_AUTH_METHOD = 0xC0220030
+STATUS_FWP_INCOMPATIBLE_DH_GROUP = 0xC0220031
+STATUS_FWP_EM_NOT_SUPPORTED = 0xC0220032
+STATUS_FWP_NEVER_MATCH = 0xC0220033
+STATUS_FWP_PROVIDER_CONTEXT_MISMATCH = 0xC0220034
+STATUS_FWP_INVALID_PARAMETER = 0xC0220035
+STATUS_FWP_TOO_MANY_SUBLAYERS = 0xC0220036
+STATUS_FWP_CALLOUT_NOTIFICATION_FAILED = 0xC0220037
+STATUS_FWP_INCOMPATIBLE_AUTH_CONFIG = 0xC0220038
+STATUS_FWP_INCOMPATIBLE_CIPHER_CONFIG = 0xC0220039
+STATUS_FWP_DUPLICATE_AUTH_METHOD = 0xC022003C
+STATUS_FWP_TCPIP_NOT_READY = 0xC0220100
+STATUS_FWP_INJECT_HANDLE_CLOSING = 0xC0220101
+STATUS_FWP_INJECT_HANDLE_STALE = 0xC0220102
+STATUS_FWP_CANNOT_PEND = 0xC0220103
+STATUS_NDIS_CLOSING = 0xC0230002
+STATUS_NDIS_BAD_VERSION = 0xC0230004
+STATUS_NDIS_BAD_CHARACTERISTICS = 0xC0230005
+STATUS_NDIS_ADAPTER_NOT_FOUND = 0xC0230006
+STATUS_NDIS_OPEN_FAILED = 0xC0230007
+STATUS_NDIS_DEVICE_FAILED = 0xC0230008
+STATUS_NDIS_MULTICAST_FULL = 0xC0230009
+STATUS_NDIS_MULTICAST_EXISTS = 0xC023000A
+STATUS_NDIS_MULTICAST_NOT_FOUND = 0xC023000B
+STATUS_NDIS_REQUEST_ABORTED = 0xC023000C
+STATUS_NDIS_RESET_IN_PROGRESS = 0xC023000D
+STATUS_NDIS_INVALID_PACKET = 0xC023000F
+STATUS_NDIS_INVALID_DEVICE_REQUEST = 0xC0230010
+STATUS_NDIS_ADAPTER_NOT_READY = 0xC0230011
+STATUS_NDIS_INVALID_LENGTH = 0xC0230014
+STATUS_NDIS_INVALID_DATA = 0xC0230015
+STATUS_NDIS_BUFFER_TOO_SHORT = 0xC0230016
+STATUS_NDIS_INVALID_OID = 0xC0230017
+STATUS_NDIS_ADAPTER_REMOVED = 0xC0230018
+STATUS_NDIS_UNSUPPORTED_MEDIA = 0xC0230019
+STATUS_NDIS_GROUP_ADDRESS_IN_USE = 0xC023001A
+STATUS_NDIS_FILE_NOT_FOUND = 0xC023001B
+STATUS_NDIS_ERROR_READING_FILE = 0xC023001C
+STATUS_NDIS_ALREADY_MAPPED = 0xC023001D
+STATUS_NDIS_RESOURCE_CONFLICT = 0xC023001E
+STATUS_NDIS_MEDIA_DISCONNECTED = 0xC023001F
+STATUS_NDIS_INVALID_ADDRESS = 0xC0230022
+STATUS_NDIS_PAUSED = 0xC023002A
+STATUS_NDIS_INTERFACE_NOT_FOUND = 0xC023002B
+STATUS_NDIS_UNSUPPORTED_REVISION = 0xC023002C
+STATUS_NDIS_INVALID_PORT = 0xC023002D
+STATUS_NDIS_INVALID_PORT_STATE = 0xC023002E
+STATUS_NDIS_LOW_POWER_STATE = 0xC023002F
+STATUS_NDIS_NOT_SUPPORTED = 0xC02300BB
+STATUS_NDIS_OFFLOAD_POLICY = 0xC023100F
+STATUS_NDIS_OFFLOAD_CONNECTION_REJECTED = 0xC0231012
+STATUS_NDIS_OFFLOAD_PATH_REJECTED = 0xC0231013
+STATUS_NDIS_DOT11_AUTO_CONFIG_ENABLED = 0xC0232000
+STATUS_NDIS_DOT11_MEDIA_IN_USE = 0xC0232001
+STATUS_NDIS_DOT11_POWER_STATE_INVALID = 0xC0232002
+STATUS_NDIS_PM_WOL_PATTERN_LIST_FULL = 0xC0232003
+STATUS_NDIS_PM_PROTOCOL_OFFLOAD_LIST_FULL = 0xC0232004
+STATUS_IPSEC_BAD_SPI = 0xC0360001
+STATUS_IPSEC_SA_LIFETIME_EXPIRED = 0xC0360002
+STATUS_IPSEC_WRONG_SA = 0xC0360003
+STATUS_IPSEC_REPLAY_CHECK_FAILED = 0xC0360004
+STATUS_IPSEC_INVALID_PACKET = 0xC0360005
+STATUS_IPSEC_INTEGRITY_CHECK_FAILED = 0xC0360006
+STATUS_IPSEC_CLEAR_TEXT_DROP = 0xC0360007
+STATUS_IPSEC_AUTH_FIREWALL_DROP = 0xC0360008
+STATUS_IPSEC_THROTTLE_DROP = 0xC0360009
+STATUS_IPSEC_DOSP_BLOCK = 0xC0368000
+STATUS_IPSEC_DOSP_RECEIVED_MULTICAST = 0xC0368001
+STATUS_IPSEC_DOSP_INVALID_PACKET = 0xC0368002
+STATUS_IPSEC_DOSP_STATE_LOOKUP_FAILED = 0xC0368003
+STATUS_IPSEC_DOSP_MAX_ENTRIES = 0xC0368004
+STATUS_IPSEC_DOSP_KEYMOD_NOT_ALLOWED = 0xC0368005
+STATUS_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES = 0xC0368006
+STATUS_VOLMGR_MIRROR_NOT_SUPPORTED = 0xC038005B
+STATUS_VOLMGR_RAID5_NOT_SUPPORTED = 0xC038005C
+STATUS_VIRTDISK_PROVIDER_NOT_FOUND = 0xC03A0014
+STATUS_VIRTDISK_NOT_VIRTUAL_DISK = 0xC03A0015
+STATUS_VHD_PARENT_VHD_ACCESS_DENIED = 0xC03A0016
+STATUS_VHD_CHILD_PARENT_SIZE_MISMATCH = 0xC03A0017
+STATUS_VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED = 0xC03A0018
+STATUS_VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT = 0xC03A0019
diff --git a/tests/python_dependencies/impacket/ntlm.py
b/tests/python_dependencies/impacket/ntlm.py
new file mode 100644
index 000000000..8376644bd
--- /dev/null
+++ b/tests/python_dependencies/impacket/ntlm.py
@@ -0,0 +1,971 @@
+# Copyright (c) 2003-2016 CORE Security Technologies:
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+import base64
+import struct
+import calendar
+import time
+import hashlib
+import random
+import string
+import binascii
+
+from impacket.structure import Structure
+from impacket import LOG
+
+
+# This is important. NTLMv2 is not negotiated by the client or server.
+# It is used if set locally on both sides. Change this item if you don't want
to use
+# NTLMv2 by default and fall back to NTLMv1 (with EXTENDED_SESSION_SECURITY or
not)
+# Check the following links:
+# http://davenport.sourceforge.net/ntlm.html
+#
http://blogs.msdn.com/b/openspecification/archive/2010/04/20/ntlm-keys-and-sundry-stuff.aspx
+#
http://social.msdn.microsoft.com/Forums/en-US/os_interopscenarios/thread/c8f488ed-1b96-4e06-bd65-390aa41138d1/
+# So I'm setting a global variable to control this, this can also be set
programmatically
+
+USE_NTLMv2 = True # if false will fall back to NTLMv1 (or NTLMv1 with ESS
a.k.a NTLM2)
+
+
+def computeResponse(flags, serverChallenge, clientChallenge, serverName,
domain, user, password, lmhash='', nthash='',
+ use_ntlmv2=USE_NTLMv2):
+ if use_ntlmv2:
+ return computeResponseNTLMv2(flags, serverChallenge, clientChallenge,
serverName, domain, user, password,
+ lmhash, nthash, use_ntlmv2=use_ntlmv2)
+ else:
+ return computeResponseNTLMv1(flags, serverChallenge, clientChallenge,
serverName, domain, user, password,
+ lmhash, nthash, use_ntlmv2=use_ntlmv2)
+try:
+ POW = None
+ from Crypto.Cipher import ARC4
+ from Crypto.Cipher import DES
+ from Crypto.Hash import MD4
+except Exception:
+ try:
+ import POW
+ except Exception:
+ LOG.critical("Warning: You don't have any crypto installed. You need
PyCrypto")
+ LOG.critical("See http://www.pycrypto.org/";)
+
+NTLM_AUTH_NONE = 1
+NTLM_AUTH_CONNECT = 2
+NTLM_AUTH_CALL = 3
+NTLM_AUTH_PKT = 4
+NTLM_AUTH_PKT_INTEGRITY = 5
+NTLM_AUTH_PKT_PRIVACY = 6
+
+# If set, requests 56-bit encryption. If the client sends
NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN
+# with NTLMSSP_NEGOTIATE_56 to the server in the NEGOTIATE_MESSAGE, the server
MUST return NTLMSSP_NEGOTIATE_56 to
+# the client in the CHALLENGE_MESSAGE. Otherwise it is ignored. If both
NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128
+# are requested and supported by the client and server, NTLMSSP_NEGOTIATE_56
and NTLMSSP_NEGOTIATE_128 will both be
+# returned to the client. Clients and servers that set NTLMSSP_NEGOTIATE_SEAL
SHOULD set NTLMSSP_NEGOTIATE_56 if it is
+# supported. An alternate name for this field is NTLMSSP_NEGOTIATE_56.
+NTLMSSP_NEGOTIATE_56 = 0x80000000
+
+# If set, requests an explicit key exchange. This capability SHOULD be used
because it improves security for message
+# integrity or confidentiality. See sections 3.2.5.1.2, 3.2.5.2.1, and
3.2.5.2.2 for details. An alternate name for
+# this field is NTLMSSP_NEGOTIATE_KEY_EXCH.
+NTLMSSP_NEGOTIATE_KEY_EXCH = 0x40000000
+
+# If set, requests 128-bit session key negotiation. An alternate name for this
field is NTLMSSP_NEGOTIATE_128.
+# If the client sends NTLMSSP_NEGOTIATE_128 to the server in the
NEGOTIATE_MESSAGE, the server MUST return
+# NTLMSSP_NEGOTIATE_128 to the client in the CHALLENGE_MESSAGE only if the
client sets NTLMSSP_NEGOTIATE_SEAL or
+# NTLMSSP_NEGOTIATE_SIGN. Otherwise it is ignored. If both
NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128 are
+# requested and supported by the client and server, NTLMSSP_NEGOTIATE_56 and
NTLMSSP_NEGOTIATE_128 will both be
+# returned to the client. Clients and servers that set NTLMSSP_NEGOTIATE_SEAL
SHOULD set NTLMSSP_NEGOTIATE_128 if it
+# is supported. An alternate name for this field is NTLMSSP_NEGOTIATE_128
+NTLMSSP_NEGOTIATE_128 = 0x20000000
+
+NTLMSSP_RESERVED_1 = 0x10000000
+NTLMSSP_RESERVED_2 = 0x08000000
+NTLMSSP_RESERVED_3 = 0x04000000
+
+# If set, requests the protocol version number. The data corresponding to this
flag is provided in the Version field
+# of the NEGOTIATE_MESSAGE, the CHALLENGE_MESSAGE, and the
AUTHENTICATE_MESSAGE.<22> An alternate name for this field
+# is NTLMSSP_NEGOTIATE_VERSION
+NTLMSSP_NEGOTIATE_VERSION = 0x02000000
+NTLMSSP_RESERVED_4 = 0x01000000
+
+# If set, indicates that the TargetInfo fields in the CHALLENGE_MESSAGE
(section 2.2.1.2) are populated.
+# An alternate name for this field is NTLMSSP_NEGOTIATE_TARGET_INFO.
+NTLMSSP_NEGOTIATE_TARGET_INFO = 0x00800000
+
+# If set, requests the usage of the LMOWF (section 3.3). An alternate name for
this field is
+# NTLMSSP_REQUEST_NON_NT_SESSION_KEY.
+NTLMSSP_REQUEST_NON_NT_SESSION_KEY = 0x00400000
+NTLMSSP_RESERVED_5 = 0x00200000
+
+# If set, requests an identify level token. An alternate name for this field
is NTLMSSP_NEGOTIATE_IDENTIFY
+NTLMSSP_NEGOTIATE_IDENTIFY = 0x00100000
+
+# If set, requests usage of the NTLM v2 session security. NTLM v2 session
security is a misnomer because it is not
+# NTLM v2. It is NTLM v1 using the extended session security that is also in
NTLM v2. NTLMSSP_NEGOTIATE_LM_KEY and
+# NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are mutually exclusive. If both
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
+# and NTLMSSP_NEGOTIATE_LM_KEY are requested,
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY alone MUST be returned to the
+# client. NTLM v2 authentication session key generation MUST be supported by
both the client and the DC in order to be
+# used, and extended session security signing and sealing requires support
from the client and the server in order to
+# be used.<23> An alternate name for this field is
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
+NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY = 0x00080000
+NTLMSSP_NEGOTIATE_NTLM2 = 0x00080000
+NTLMSSP_TARGET_TYPE_SHARE = 0x00040000
+
+# If set, TargetName MUST be a server name. The data corresponding to this
flag is provided by the server in the
+# TargetName field of the CHALLENGE_MESSAGE. If this bit is set, then
NTLMSSP_TARGET_TYPE_DOMAIN MUST NOT be set.
+# This flag MUST be ignored in the NEGOTIATE_MESSAGE and the
AUTHENTICATE_MESSAGE. An alternate name for this field
+# is NTLMSSP_TARGET_TYPE_SERVER
+NTLMSSP_TARGET_TYPE_SERVER = 0x00020000
+
+# If set, TargetName MUST be a domain name. The data corresponding to this
flag is provided by the server in the
+# TargetName field of the CHALLENGE_MESSAGE. If set, then
NTLMSSP_TARGET_TYPE_SERVER MUST NOT be set. This flag MUST
+# be ignored in the NEGOTIATE_MESSAGE and the AUTHENTICATE_MESSAGE. An
alternate name for this field is
+# NTLMSSP_TARGET_TYPE_DOMAIN.
+NTLMSSP_TARGET_TYPE_DOMAIN = 0x00010000
+
+# If set, requests the presence of a signature block on all messages.
NTLMSSP_NEGOTIATE_ALWAYS_SIGN MUST be set in the
+# NEGOTIATE_MESSAGE to the server and the CHALLENGE_MESSAGE to the client.
NTLMSSP_NEGOTIATE_ALWAYS_SIGN is overridden
+# by NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL, if they are supported.
An alternate name for this field is
+# NTLMSSP_NEGOTIATE_ALWAYS_SIGN.
+NTLMSSP_NEGOTIATE_ALWAYS_SIGN = 0x00008000 # forces the
other end to sign packets
+NTLMSSP_RESERVED_6 = 0x00004000
+
+# This flag indicates whether the Workstation field is present. If this flag
is not set, the Workstation field MUST be
+# ignored. If this flag is set, the length field of the Workstation field
specifies whether the workstation name is
+# nonempty or not.<24> An alternate name for this field is
NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED.
+NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED = 0x00002000
+
+# If set, the domain name is provided (section 2.2.1.1).<25> An alternate name
for this field is
+# NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
+NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED = 0x00001000
+NTLMSSP_RESERVED_7 = 0x00000800
+
+
+# If set, LM authentication is not allowed and only NT authentication is used.
+NTLMSSP_NEGOTIATE_NT_ONLY = 0x00000400
+
+# If set, requests usage of the NTLM v1 session security protocol.
NTLMSSP_NEGOTIATE_NTLM MUST be set in the
+# NEGOTIATE_MESSAGE to the server and the CHALLENGE_MESSAGE to the client. An
alternate name for this field is
+# NTLMSSP_NEGOTIATE_NTLM
+NTLMSSP_NEGOTIATE_NTLM = 0x00000200
+NTLMSSP_RESERVED_8 = 0x00000100
+
+# If set, requests LAN Manager (LM) session key computation.
NTLMSSP_NEGOTIATE_LM_KEY and
+# NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are mutually exclusive. If both
NTLMSSP_NEGOTIATE_LM_KEY and
+# NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are requested,
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY alone MUST be
+# returned to the client. NTLM v2 authentication session key generation MUST
be supported by both the client and the
+# DC in order to be used, and extended session security signing and sealing
requires support from the client and the
+# server to be used. An alternate name for this field is
NTLMSSP_NEGOTIATE_LM_KEY.
+NTLMSSP_NEGOTIATE_LM_KEY = 0x00000080
+
+# If set, requests connectionless authentication. If
NTLMSSP_NEGOTIATE_DATAGRAM is set, then NTLMSSP_NEGOTIATE_KEY_EXCH
+# MUST always be set in the AUTHENTICATE_MESSAGE to the server and the
CHALLENGE_MESSAGE to the client. An alternate
+# name for this field is NTLMSSP_NEGOTIATE_DATAGRAM.
+NTLMSSP_NEGOTIATE_DATAGRAM = 0x00000040
+
+# If set, requests session key negotiation for message confidentiality. If the
client sends NTLMSSP_NEGOTIATE_SEAL to
+# the server in the NEGOTIATE_MESSAGE, the server MUST return
NTLMSSP_NEGOTIATE_SEAL to the client in the
+# CHALLENGE_MESSAGE. Clients and servers that set NTLMSSP_NEGOTIATE_SEAL
SHOULD always set NTLMSSP_NEGOTIATE_56 and
+# NTLMSSP_NEGOTIATE_128, if they are supported. An alternate name for this
field is NTLMSSP_NEGOTIATE_SEAL.
+NTLMSSP_NEGOTIATE_SEAL = 0x00000020
+
+# If set, requests session key negotiation for message signatures. If the
client sends NTLMSSP_NEGOTIATE_SIGN to the
+# server in the NEGOTIATE_MESSAGE, the server MUST return
NTLMSSP_NEGOTIATE_SIGN to the client in the CHALLENGE_MESSAGE.
+# An alternate name for this field is NTLMSSP_NEGOTIATE_SIGN.
+NTLMSSP_NEGOTIATE_SIGN = 0x00000010 # means packet
is signed, if verifier is wrong it fails
+NTLMSSP_RESERVED_9 = 0x00000008
+
+# If set, a TargetName field of the CHALLENGE_MESSAGE (section 2.2.1.2) MUST
be supplied. An alternate name for this
+# field is NTLMSSP_REQUEST_TARGET.
+NTLMSSP_REQUEST_TARGET = 0x00000004
+
+# If set, requests OEM character set encoding. An alternate name for this
field is NTLM_NEGOTIATE_OEM. See bit A for
+# details.
+NTLM_NEGOTIATE_OEM = 0x00000002
+
+# If set, requests Unicode character set encoding. An alternate name for this
field is NTLMSSP_NEGOTIATE_UNICODE.
+NTLMSSP_NEGOTIATE_UNICODE = 0x00000001
+
+# AV_PAIR constants
+NTLMSSP_AV_EOL = 0x00
+NTLMSSP_AV_HOSTNAME = 0x01
+NTLMSSP_AV_DOMAINNAME = 0x02
+NTLMSSP_AV_DNS_HOSTNAME = 0x03
+NTLMSSP_AV_DNS_DOMAINNAME = 0x04
+NTLMSSP_AV_DNS_TREENAME = 0x05
+NTLMSSP_AV_FLAGS = 0x06
+NTLMSSP_AV_TIME = 0x07
+NTLMSSP_AV_RESTRICTIONS = 0x08
+NTLMSSP_AV_TARGET_NAME = 0x09
+NTLMSSP_AV_CHANNEL_BINDINGS = 0x0a
+
+class AV_PAIRS():
+ def __init__(self, data = None):
+ self.fields = {}
+ if data is not None:
+ self.fromString(data)
+
+ def __setitem__(self,key,value):
+ self.fields[key] = (len(value),value)
+
+ def __getitem__(self, key):
+ if self.fields.has_key(key):
+ return self.fields[key]
+ return None
+
+ def __delitem__(self, key):
+ del self.fields[key]
+
+ def __len__(self):
+ return len(self.getData())
+
+ def __str__(self):
+ return len(self.getData())
+
+ def fromString(self, data):
+ tInfo = data
+ fType = 0xff
+ while fType is not NTLMSSP_AV_EOL:
+ fType = struct.unpack('<H',tInfo[:struct.calcsize('<H')])[0]
+ tInfo = tInfo[struct.calcsize('<H'):]
+ length = struct.unpack('<H',tInfo[:struct.calcsize('<H')])[0]
+ tInfo = tInfo[struct.calcsize('<H'):]
+ content = tInfo[:length]
+ self.fields[fType]=(length,content)
+ tInfo = tInfo[length:]
+
+ def dump(self):
+ for i in self.fields.keys():
+ print "%s: {%r}" % (i,self[i])
+
+ def getData(self):
+ if self.fields.has_key(NTLMSSP_AV_EOL):
+ del self.fields[NTLMSSP_AV_EOL]
+ ans = ''
+ for i in self.fields.keys():
+ ans+= struct.pack('<HH', i, self[i][0])
+ ans+= self[i][1]
+
+ # end with a NTLMSSP_AV_EOL
+ ans += struct.pack('<HH', NTLMSSP_AV_EOL, 0)
+
+ return ans
+
+class NTLMAuthMixin:
+ def get_os_version(self):
+ if self['os_version'] == '':
+ return None
+ else:
+ mayor_v = struct.unpack('B',self['os_version'][0])[0]
+ minor_v = struct.unpack('B',self['os_version'][1])[0]
+ build_v = struct.unpack('H',self['os_version'][2:4])
+ return (mayor_v,minor_v,build_v)
+
+class NTLMAuthNegotiate(Structure, NTLMAuthMixin):
+
+ structure = (
+ ('','"NTLMSSP\x00'),
+ ('message_type','<L=1'),
+ ('flags','<L'),
+ ('domain_len','<H-domain_name'),
+ ('domain_max_len','<H-domain_name'),
+ ('domain_offset','<L=0'),
+ ('host_len','<H-host_name'),
+ ('host_maxlen','<H-host_name'),
+ ('host_offset','<L=0'),
+ ('os_version',':'),
+ ('host_name',':'),
+ ('domain_name',':'))
+
+ def __init__(self):
+ Structure.__init__(self)
+ self['flags']= (
+ NTLMSSP_NEGOTIATE_128 |
+ NTLMSSP_NEGOTIATE_KEY_EXCH|
+ # NTLMSSP_LM_KEY |
+ NTLMSSP_NEGOTIATE_NTLM |
+ NTLMSSP_NEGOTIATE_UNICODE |
+ # NTLMSSP_ALWAYS_SIGN |
+ NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_SEAL |
+ # NTLMSSP_TARGET |
+ 0)
+ self['host_name']=''
+ self['domain_name']=''
+ self['os_version']=''
+
+ def getData(self):
+ if len(self.fields['host_name']) > 0:
+ self['flags'] |= NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
+ if len(self.fields['domain_name']) > 0:
+ self['flags'] |= NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
+ if len(self.fields['os_version']) > 0:
+ self['flags'] |= NTLMSSP_NEGOTIATE_VERSION
+ if (self['flags'] & NTLMSSP_NEGOTIATE_VERSION) ==
NTLMSSP_NEGOTIATE_VERSION:
+ version_len = 8
+ else:
+ version_len = 0
+ if (self['flags'] & NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED) ==
NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED:
+ self['host_offset']=32 + version_len
+ if (self['flags'] & NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED) ==
NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED:
+ self['domain_offset']=32+len(self['host_name']) + version_len
+ return Structure.getData(self)
+
+ def fromString(self,data):
+ Structure.fromString(self,data)
+
+ domain_offset = self['domain_offset']
+ domain_end = self['domain_len'] + domain_offset
+ self['domain_name'] = data[ domain_offset : domain_end ]
+
+ host_offset = self['host_offset']
+ host_end = self['host_len'] + host_offset
+ self['host_name'] = data[ host_offset : host_end ]
+
+ hasOsInfo = self['flags'] & NTLMSSP_NEGOTIATE_VERSION
+ if len(data) >= 36 and hasOsInfo:
+ self['os_version'] = data[32:40]
+ else:
+ self['os_version'] = ''
+
+class NTLMAuthChallenge(Structure):
+
+ structure = (
+ ('','"NTLMSSP\x00'),
+ ('message_type','<L=2'),
+ ('domain_len','<H-domain_name'),
+ ('domain_max_len','<H-domain_name'),
+ ('domain_offset','<L=40'),
+ ('flags','<L=0'),
+ ('challenge','8s'),
+ ('reserved','8s=""'),
+ ('TargetInfoFields_len','<H-TargetInfoFields'),
+ ('TargetInfoFields_max_len','<H-TargetInfoFields'),
+ ('TargetInfoFields_offset','<L'),
+ ('VersionLen','_-Version','self.checkVersion(self["flags"])'),
+ ('Version',':'),
+ ('domain_name',':'),
+ ('TargetInfoFields',':'))
+
+ def checkVersion(self, flags):
+ if flags is not None:
+ if flags & NTLMSSP_NEGOTIATE_VERSION == 0:
+ return 0
+ return 8
+
+ def getData(self):
+ if self['TargetInfoFields'] is not None and
type(self['TargetInfoFields']) is not str:
+ raw_av_fields = self['TargetInfoFields'].getData()
+ self['TargetInfoFields'] = raw_av_fields
+ return Structure.getData(self)
+
+ def fromString(self,data):
+ Structure.fromString(self,data)
+ # Just in case there's more data after the TargetInfoFields
+ self['TargetInfoFields'] =
self['TargetInfoFields'][:self['TargetInfoFields_len']]
+ # We gotta process the TargetInfoFields
+ #if self['TargetInfoFields_len'] > 0:
+ # av_pairs =
AV_PAIRS(self['TargetInfoFields'][:self['TargetInfoFields_len']])
+ # self['TargetInfoFields'] = av_pairs
+
+ return self
+
+class NTLMAuthChallengeResponse(Structure, NTLMAuthMixin):
+
+ structure = (
+ ('','"NTLMSSP\x00'),
+ ('message_type','<L=3'),
+ ('lanman_len','<H-lanman'),
+ ('lanman_max_len','<H-lanman'),
+ ('lanman_offset','<L'),
+ ('ntlm_len','<H-ntlm'),
+ ('ntlm_max_len','<H-ntlm'),
+ ('ntlm_offset','<L'),
+ ('domain_len','<H-domain_name'),
+ ('domain_max_len','<H-domain_name'),
+ ('domain_offset','<L'),
+ ('user_len','<H-user_name'),
+ ('user_max_len','<H-user_name'),
+ ('user_offset','<L'),
+ ('host_len','<H-host_name'),
+ ('host_max_len','<H-host_name'),
+ ('host_offset','<L'),
+ ('session_key_len','<H-session_key'),
+ ('session_key_max_len','<H-session_key'),
+ ('session_key_offset','<L'),
+ ('flags','<L'),
+ ('VersionLen','_-Version','self.checkVersion(self["flags"])'),
+ ('Version',':=""'),
+ ('MICLen','_-MIC','self.checkMIC(self["flags"])'),
+ ('MIC',':=""'),
+ ('domain_name',':'),
+ ('user_name',':'),
+ ('host_name',':'),
+ ('lanman',':'),
+ ('ntlm',':'),
+ ('session_key',':'))
+
+ def __init__(self, username = '', password = '', challenge = '', lmhash =
'', nthash = '', flags = 0):
+ Structure.__init__(self)
+ self['session_key']=''
+ self['user_name']=username.encode('utf-16le')
+ self['domain_name']='' #"CLON".encode('utf-16le')
+ self['host_name']='' #"BETS".encode('utf-16le')
+ self['flags'] = ( #authResp['flags']
+ # we think (beto & gera) that his flags force a memory conten
leakage when a windows 2000 answers using uninitializaed verifiers
+ NTLMSSP_NEGOTIATE_128 |
+ NTLMSSP_NEGOTIATE_KEY_EXCH|
+ # NTLMSSP_LM_KEY |
+ NTLMSSP_NEGOTIATE_NTLM |
+ NTLMSSP_NEGOTIATE_UNICODE |
+ # NTLMSSP_ALWAYS_SIGN |
+ NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_SEAL |
+ # NTLMSSP_TARGET |
+ 0)
+ # Here we do the stuff
+ if username and ( lmhash != '' or nthash != ''):
+ self['lanman'] = get_ntlmv1_response(lmhash, challenge)
+ self['ntlm'] = get_ntlmv1_response(nthash, challenge)
+ elif (username and password):
+ lmhash = compute_lmhash(password)
+ nthash = compute_nthash(password)
+ self['lanman']=get_ntlmv1_response(lmhash, challenge)
+ self['ntlm']=get_ntlmv1_response(nthash, challenge) # This is
not used for LM_KEY nor NTLM_KEY
+ else:
+ self['lanman'] = ''
+ self['ntlm'] = ''
+ if not self['host_name']:
+ self['host_name'] = 'NULL'.encode('utf-16le') # for NULL
session there must be a hostname
+
+ def checkVersion(self, flags):
+ if flags is not None:
+ if flags & NTLMSSP_NEGOTIATE_VERSION == 0:
+ return 0
+ return 8
+
+ def checkMIC(self, flags):
+ # TODO: Find a proper way to check the MIC is in there
+ if flags is not None:
+ if flags & NTLMSSP_NEGOTIATE_VERSION == 0:
+ return 0
+ return 16
+
+ def getData(self):
+
self['domain_offset']=64+self.checkMIC(self["flags"])+self.checkVersion(self["flags"])
+
self['user_offset']=64+self.checkMIC(self["flags"])+self.checkVersion(self["flags"])+len(self['domain_name'])
+ self['host_offset']=self['user_offset']+len(self['user_name'])
+ self['lanman_offset']=self['host_offset']+len(self['host_name'])
+ self['ntlm_offset']=self['lanman_offset']+len(self['lanman'])
+ self['session_key_offset']=self['ntlm_offset']+len(self['ntlm'])
+ return Structure.getData(self)
+
+ def fromString(self,data):
+ Structure.fromString(self,data)
+ # [MS-NLMP] page 27
+ # Payload data can be present in any order within the Payload field,
+ # with variable-length padding before or after the data
+
+ domain_offset = self['domain_offset']
+ domain_end = self['domain_len'] + domain_offset
+ self['domain_name'] = data[ domain_offset : domain_end ]
+
+ host_offset = self['host_offset']
+ host_end = self['host_len'] + host_offset
+ self['host_name'] = data[ host_offset: host_end ]
+
+ user_offset = self['user_offset']
+ user_end = self['user_len'] + user_offset
+ self['user_name'] = data[ user_offset: user_end ]
+
+ ntlm_offset = self['ntlm_offset']
+ ntlm_end = self['ntlm_len'] + ntlm_offset
+ self['ntlm'] = data[ ntlm_offset : ntlm_end ]
+
+ lanman_offset = self['lanman_offset']
+ lanman_end = self['lanman_len'] + lanman_offset
+ self['lanman'] = data[ lanman_offset : lanman_end]
+
+ #if len(data) >= 36:
+ # self['os_version'] = data[32:36]
+ #else:
+ # self['os_version'] = ''
+
+class ImpacketStructure(Structure):
+ def set_parent(self, other):
+ self.parent = other
+
+ def get_packet(self):
+ return str(self)
+
+ def get_size(self):
+ return len(self)
+
+class ExtendedOrNotMessageSignature(Structure):
+ def __init__(self, flags = 0, **kargs):
+ if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY:
+ self.structure = self.extendedMessageSignature
+ else:
+ self.structure = self.MessageSignature
+ return Structure.__init__(self, **kargs)
+
+class NTLMMessageSignature(ExtendedOrNotMessageSignature):
+ extendedMessageSignature = (
+ ('Version','<L=1'),
+ ('Checksum','<q'),
+ ('SeqNum','<i'),
+ )
+
+ MessageSignature = (
+ ('Version','<L=1'),
+ ('RandomPad','<i=0'),
+ ('Checksum','<i'),
+ ('SeqNum','<i'),
+ )
+
+KNOWN_DES_INPUT = "address@hidden"
+
+def __expand_DES_key( key):
+ # Expand the key from a 7-byte password key into a 8-byte DES key
+ key = key[:7]
+ key += '\x00'*(7-len(key))
+ s = chr(((ord(key[0]) >> 1) & 0x7f) << 1)
+ s = s + chr(((ord(key[0]) & 0x01) << 6 | ((ord(key[1]) >> 2) & 0x3f)) << 1)
+ s = s + chr(((ord(key[1]) & 0x03) << 5 | ((ord(key[2]) >> 3) & 0x1f)) << 1)
+ s = s + chr(((ord(key[2]) & 0x07) << 4 | ((ord(key[3]) >> 4) & 0x0f)) << 1)
+ s = s + chr(((ord(key[3]) & 0x0f) << 3 | ((ord(key[4]) >> 5) & 0x07)) << 1)
+ s = s + chr(((ord(key[4]) & 0x1f) << 2 | ((ord(key[5]) >> 6) & 0x03)) << 1)
+ s = s + chr(((ord(key[5]) & 0x3f) << 1 | ((ord(key[6]) >> 7) & 0x01)) << 1)
+ s = s + chr((ord(key[6]) & 0x7f) << 1)
+ return s
+
+def __DES_block(key, msg):
+ if POW:
+ cipher = POW.Symmetric(POW.DES_ECB)
+ cipher.encryptInit(__expand_DES_key(key))
+ return cipher.update(msg)
+ else:
+ cipher = DES.new(__expand_DES_key(key),DES.MODE_ECB)
+ return cipher.encrypt(msg)
+
+def ntlmssp_DES_encrypt(key, challenge):
+ answer = __DES_block(key[:7], challenge)
+ answer += __DES_block(key[7:14], challenge)
+ answer += __DES_block(key[14:], challenge)
+ return answer
+
+# High level functions to use NTLMSSP
+
+def getNTLMSSPType1(workstation='', domain='', signingRequired = False,
use_ntlmv2 = USE_NTLMv2):
+ # Let's do some encoding checks before moving on. Kind of dirty, but found
effective when dealing with
+ # international characters.
+ import sys
+ encoding = sys.getfilesystemencoding()
+ if encoding is not None:
+ try:
+ workstation.encode('utf-16le')
+ except:
+ workstation = workstation.decode(encoding)
+ try:
+ domain.encode('utf-16le')
+ except:
+ domain = domain.decode(encoding)
+
+ # Let's prepare a Type 1 NTLMSSP Message
+ auth = NTLMAuthNegotiate()
+ auth['flags']=0
+ if signingRequired:
+ auth['flags'] = NTLMSSP_NEGOTIATE_KEY_EXCH | NTLMSSP_NEGOTIATE_SIGN |
NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NTLMSSP_NEGOTIATE_SEAL
+ if use_ntlmv2:
+ auth['flags'] |= NTLMSSP_NEGOTIATE_TARGET_INFO
+ auth['flags'] |= NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY | NTLMSSP_NEGOTIATE_UNICODE |
NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_56
+ auth['domain_name'] = domain.encode('utf-16le')
+ return auth
+
+def getNTLMSSPType3(type1, type2, user, password, domain, lmhash = '', nthash
= '', use_ntlmv2 = USE_NTLMv2):
+
+ # Let's do some encoding checks before moving on. Kind of dirty, but found
effective when dealing with
+ # international characters.
+ import sys
+ encoding = sys.getfilesystemencoding()
+ if encoding is not None:
+ try:
+ user.encode('utf-16le')
+ except:
+ user = user.decode(encoding)
+ try:
+ password.encode('utf-16le')
+ except:
+ password = password.decode(encoding)
+ try:
+ domain.encode('utf-16le')
+ except:
+ domain = user.decode(encoding)
+
+ ntlmChallenge = NTLMAuthChallenge(type2)
+
+ # Let's start with the original flags sent in the type1 message
+ responseFlags = type1['flags']
+
+ # Token received and parsed. Depending on the authentication
+ # method we will create a valid ChallengeResponse
+ ntlmChallengeResponse = NTLMAuthChallengeResponse(user, password,
ntlmChallenge['challenge'])
+
+ clientChallenge = "".join([random.choice(string.digits+string.letters) for
i in xrange(8)])
+
+ serverName = ntlmChallenge['TargetInfoFields']
+
+ ntResponse, lmResponse, sessionBaseKey =
computeResponse(ntlmChallenge['flags'], ntlmChallenge['challenge'],
clientChallenge, serverName, domain, user, password, lmhash, nthash, use_ntlmv2
)
+
+ # Let's check the return flags
+ if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY)
== 0:
+ # No extended session security, taking it out
+ responseFlags &= 0xffffffff ^
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
+ if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_128 ) == 0:
+ # No support for 128 key len, taking it out
+ responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_128
+ if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_KEY_EXCH) == 0:
+ # No key exchange supported, taking it out
+ responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_KEY_EXCH
+ if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_SEAL) == 0:
+ # No sign available, taking it out
+ responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_SEAL
+ if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_SIGN) == 0:
+ # No sign available, taking it out
+ responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_SIGN
+ if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) == 0:
+ # No sign available, taking it out
+ responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_ALWAYS_SIGN
+
+ keyExchangeKey = KXKEY(ntlmChallenge['flags'],sessionBaseKey, lmResponse,
ntlmChallenge['challenge'], password, lmhash, nthash,use_ntlmv2)
+
+ # Special case for anonymous login
+ if user == '' and password == '' and lmhash == '' and nthash == '':
+ keyExchangeKey = '\x00'*16
+
+ # If we set up key exchange, let's fill the right variables
+ if ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_KEY_EXCH:
+ # not exactly what I call random tho :\
+ # exportedSessionKey = this is the key we should use to sign
+ exportedSessionKey =
"".join([random.choice(string.digits+string.letters) for i in xrange(16)])
+ #exportedSessionKey = "A"*16
+ #print "keyExchangeKey %r" % keyExchangeKey
+ # Let's generate the right session key based on the challenge flags
+ #if responseFlags & NTLMSSP_NTLM2_KEY:
+ # Extended session security enabled
+ # if responseFlags & NTLMSSP_KEY_128:
+ # Full key
+ # exportedSessionKey = exportedSessionKey
+ # elif responseFlags & NTLMSSP_KEY_56:
+ # Only 56-bit key
+ # exportedSessionKey = exportedSessionKey[:7]
+ # else:
+ # exportedSessionKey = exportedSessionKey[:5]
+ #elif responseFlags & NTLMSSP_KEY_56:
+ # No extended session security, just 56 bits key
+ # exportedSessionKey = exportedSessionKey[:7] + '\xa0'
+ #else:
+ # exportedSessionKey = exportedSessionKey[:5] + '\xe5\x38\xb0'
+
+ encryptedRandomSessionKey = generateEncryptedSessionKey(keyExchangeKey,
exportedSessionKey)
+ else:
+ encryptedRandomSessionKey = None
+ # [MS-NLMP] page 46
+ exportedSessionKey = keyExchangeKey
+
+ ntlmChallengeResponse['flags'] = responseFlags
+ ntlmChallengeResponse['domain_name'] = domain.encode('utf-16le')
+ ntlmChallengeResponse['lanman'] = lmResponse
+ ntlmChallengeResponse['ntlm'] = ntResponse
+ if encryptedRandomSessionKey is not None:
+ ntlmChallengeResponse['session_key'] = encryptedRandomSessionKey
+
+ return ntlmChallengeResponse, exportedSessionKey
+
+
+# NTLMv1 Algorithm
+
+def generateSessionKeyV1(password, lmhash, nthash):
+ if POW:
+ hash = POW.Digest(POW.MD4_DIGEST)
+ else:
+ hash = MD4.new()
+ hash.update(NTOWFv1(password, lmhash, nthash))
+ return hash.digest()
+
+def computeResponseNTLMv1(flags, serverChallenge, clientChallenge, serverName,
domain, user, password, lmhash='', nthash='', use_ntlmv2 = USE_NTLMv2):
+ if (user == '' and password == ''):
+ # Special case for anonymous authentication
+ lmResponse = ''
+ ntResponse = ''
+ else:
+ lmhash = LMOWFv1(password, lmhash, nthash)
+ nthash = NTOWFv1(password, lmhash, nthash)
+ if flags & NTLMSSP_NEGOTIATE_LM_KEY:
+ ntResponse = ''
+ lmResponse = get_ntlmv1_response(lmhash, serverChallenge)
+ elif flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY:
+ md5 = hashlib.new('md5')
+ chall = (serverChallenge + clientChallenge)
+ md5.update(chall)
+ ntResponse = ntlmssp_DES_encrypt(nthash, md5.digest()[:8])
+ lmResponse = clientChallenge + '\x00'*16
+ else:
+ ntResponse = get_ntlmv1_response(nthash,serverChallenge)
+ lmResponse = get_ntlmv1_response(lmhash, serverChallenge)
+
+ sessionBaseKey = generateSessionKeyV1(password, lmhash, nthash)
+ return ntResponse, lmResponse, sessionBaseKey
+
+def compute_lmhash(password):
+ # This is done according to Samba's encryption specification
(docs/html/ENCRYPTION.html)
+ password = password.upper()
+ lmhash = __DES_block(password[:7], KNOWN_DES_INPUT)
+ lmhash += __DES_block(password[7:14], KNOWN_DES_INPUT)
+ return lmhash
+
+def NTOWFv1(password, lmhash = '', nthash=''):
+ if nthash != '':
+ return nthash
+ return compute_nthash(password)
+
+def LMOWFv1(password, lmhash = '', nthash=''):
+ if lmhash != '':
+ return lmhash
+ return compute_lmhash(password)
+
+def compute_nthash(password):
+ # This is done according to Samba's encryption specification
(docs/html/ENCRYPTION.html)
+ try:
+ password = unicode(password).encode('utf_16le')
+ except UnicodeDecodeError:
+ import sys
+ password =
password.decode(sys.getfilesystemencoding()).encode('utf_16le')
+
+ if POW:
+ hash = POW.Digest(POW.MD4_DIGEST)
+ else:
+ hash = MD4.new()
+ hash.update(password)
+ return hash.digest()
+
+def get_ntlmv1_response(key, challenge):
+ return ntlmssp_DES_encrypt(key, challenge)
+
+# NTLMv2 Algorithm - as described in MS-NLMP Section 3.3.2
+
+# Crypto Stuff
+
+def MAC(flags, handle, signingKey, seqNum, message):
+ # [MS-NLMP] Section 3.4.4
+ # Returns the right messageSignature depending on the flags
+ messageSignature = NTLMMessageSignature(flags)
+ if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY:
+ if flags & NTLMSSP_NEGOTIATE_KEY_EXCH:
+ messageSignature['Version'] = 1
+ messageSignature['Checksum'] =
struct.unpack('<q',handle(hmac_md5(signingKey,
struct.pack('<i',seqNum)+message)[:8]))[0]
+ messageSignature['SeqNum'] = seqNum
+ seqNum += 1
+ else:
+ messageSignature['Version'] = 1
+ messageSignature['Checksum'] =
struct.unpack('<q',hmac_md5(signingKey,
struct.pack('<i',seqNum)+message)[:8])[0]
+ messageSignature['SeqNum'] = seqNum
+ seqNum += 1
+ else:
+ messageSignature['Version'] = 1
+ messageSignature['Checksum'] = struct.pack('<i',binascii.crc32(message))
+ messageSignature['RandomPad'] = 0
+ messageSignature['RandomPad'] =
handle(struct.pack('<i',messageSignature['RandomPad']))
+ messageSignature['Checksum'] =
struct.unpack('<i',handle(messageSignature['Checksum']))[0]
+ messageSignature['SeqNum'] = handle('\x00\x00\x00\x00')
+ messageSignature['SeqNum'] =
struct.unpack('<i',messageSignature['SeqNum'])[0] ^ seqNum
+ messageSignature['RandomPad'] = 0
+
+ return messageSignature
+
+def SEAL(flags, signingKey, sealingKey, messageToSign, messageToEncrypt,
seqNum, handle):
+ sealedMessage = handle(messageToEncrypt)
+ signature = MAC(flags, handle, signingKey, seqNum, messageToSign)
+ return sealedMessage, signature
+
+def SIGN(flags, signingKey, message, seqNum, handle):
+ return MAC(flags, handle, signingKey, seqNum, message)
+
+def SIGNKEY(flags, randomSessionKey, mode = 'Client'):
+ if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY:
+ if mode == 'Client':
+ md5 = hashlib.new('md5')
+ md5.update(randomSessionKey + "session key to client-to-server
signing key magic constant\x00")
+ signKey = md5.digest()
+ else:
+ md5 = hashlib.new('md5')
+ md5.update(randomSessionKey + "session key to server-to-client
signing key magic constant\x00")
+ signKey = md5.digest()
+ else:
+ signKey = None
+ return signKey
+
+def SEALKEY(flags, randomSessionKey, mode = 'Client'):
+ if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY:
+ if flags & NTLMSSP_NEGOTIATE_128:
+ sealKey = randomSessionKey
+ elif flags & NTLMSSP_NEGOTIATE_56:
+ sealKey = randomSessionKey[:7]
+ else:
+ sealKey = randomSessionKey[:5]
+
+ if mode == 'Client':
+ md5 = hashlib.new('md5')
+ md5.update(sealKey + 'session key to client-to-server sealing
key magic constant\x00')
+ sealKey = md5.digest()
+ else:
+ md5 = hashlib.new('md5')
+ md5.update(sealKey + 'session key to server-to-client sealing
key magic constant\x00')
+ sealKey = md5.digest()
+
+ elif flags & NTLMSSP_NEGOTIATE_56:
+ sealKey = randomSessionKey[:7] + '\xa0'
+ else:
+ sealKey = randomSessionKey[:5] + '\xe5\x38\xb0'
+
+ return sealKey
+
+
+def generateEncryptedSessionKey(keyExchangeKey, exportedSessionKey):
+ if POW:
+ cipher = POW.Symmetric(POW.RC4)
+ cipher.encryptInit(keyExchangeKey)
+ cipher_encrypt = cipher.update
+ else:
+ cipher = ARC4.new(keyExchangeKey)
+ cipher_encrypt = cipher.encrypt
+
+ sessionKey = cipher_encrypt(exportedSessionKey)
+ return sessionKey
+
+def KXKEY(flags, sessionBaseKey, lmChallengeResponse, serverChallenge,
password, lmhash, nthash, use_ntlmv2 = USE_NTLMv2):
+ if use_ntlmv2:
+ return sessionBaseKey
+
+ if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY:
+ if flags & NTLMSSP_NEGOTIATE_NTLM:
+ keyExchangeKey = hmac_md5(sessionBaseKey, serverChallenge +
lmChallengeResponse[:8])
+ else:
+ keyExchangeKey = sessionBaseKey
+ elif flags & NTLMSSP_NEGOTIATE_NTLM:
+ if flags & NTLMSSP_NEGOTIATE_LM_KEY:
+ keyExchangeKey = __DES_block(LMOWFv1(password,lmhash)[:7],
lmChallengeResponse[:8]) + __DES_block(LMOWFv1(password,lmhash)[7] +
'\xBD\xBD\xBD\xBD\xBD\xBD', lmChallengeResponse[:8])
+ elif flags & NTLMSSP_REQUEST_NON_NT_SESSION_KEY:
+ keyExchangeKey = LMOWFv1(password,lmhash)[:8] + '\x00'*8
+ else:
+ keyExchangeKey = sessionBaseKey
+ else:
+ raise "Can't create a valid KXKEY!"
+
+ return keyExchangeKey
+
+def hmac_md5(key, data):
+ if POW:
+ h = POW.Hmac(POW.MD5_DIGEST, key)
+ h.update(data)
+ result = h.mac()
+ else:
+ import hmac
+ h = hmac.new(key)
+ h.update(data)
+ result = h.digest()
+ return result
+
+def NTOWFv2( user, password, domain, hash = ''):
+ if hash != '':
+ theHash = hash
+ else:
+ theHash = compute_nthash(password)
+ return hmac_md5(theHash, user.upper().encode('utf-16le') +
domain.encode('utf-16le'))
+
+def LMOWFv2( user, password, domain, lmhash = ''):
+ return NTOWFv2( user, password, domain, lmhash)
+
+
+def computeResponseNTLMv2(flags, serverChallenge, clientChallenge,
serverName, domain, user, password, lmhash = '', nthash = '', use_ntlmv2 =
USE_NTLMv2):
+
+ responseServerVersion = '\x01'
+ hiResponseServerVersion = '\x01'
+ responseKeyNT = NTOWFv2(user, password, domain, nthash)
+ responseKeyLM = LMOWFv2(user, password, domain, lmhash)
+
+ # If you're running test-ntlm, comment the following lines and uncoment
the ones that are commented. Don't forget to turn it back after the tests!
+ ######################
+ av_pairs = AV_PAIRS(serverName)
+ # In order to support SPN target name validation, we have to add this to
the serverName av_pairs. Otherwise we will get access denied
+ # This is set at Local Security Policy -> Local Policies -> Security
Options -> Server SPN target name validation level
+ av_pairs[NTLMSSP_AV_TARGET_NAME] = 'cifs/'.encode('utf-16le') +
av_pairs[NTLMSSP_AV_HOSTNAME][1]
+ if av_pairs[NTLMSSP_AV_TIME] is not None:
+ aTime = av_pairs[NTLMSSP_AV_TIME][1]
+ else:
+ aTime = struct.pack('<q', (116444736000000000 +
calendar.timegm(time.gmtime()) * 10000000) )
+ #aTime = '\x00'*8
+ av_pairs[NTLMSSP_AV_TIME] = aTime
+ serverName = av_pairs.getData()
+
+ ######################
+ #aTime = '\x00'*8
+ ######################
+ temp = responseServerVersion + hiResponseServerVersion + '\x00' * 6 +
aTime + clientChallenge + '\x00' * 4 + serverName + '\x00' * 4
+
+ ntProofStr = hmac_md5(responseKeyNT, serverChallenge + temp)
+
+ ntChallengeResponse = ntProofStr + temp
+ lmChallengeResponse = hmac_md5(responseKeyNT, serverChallenge +
clientChallenge) + clientChallenge
+ sessionBaseKey = hmac_md5(responseKeyNT, ntProofStr)
+
+ if (user == '' and password == ''):
+ # Special case for anonymous authentication
+ ntChallengeResponse = ''
+ lmChallengeResponse = ''
+
+ return ntChallengeResponse, lmChallengeResponse, sessionBaseKey
+
+class NTLM_HTTP(object):
+ '''Parent class for NTLM HTTP classes.'''
+ MSG_TYPE = None
+
+ @classmethod
+ def get_instace(cls,msg_64):
+ msg = None
+ msg_type = 0
+ if msg_64 != '':
+ msg = base64.b64decode(msg_64[5:]) # Remove the 'NTLM '
+ msg_type = ord(msg[8])
+
+ for _cls in NTLM_HTTP.__subclasses__():
+ if msg_type == _cls.MSG_TYPE:
+ instance = _cls()
+ instance.fromString(msg)
+ return instance
+
+
+class NTLM_HTTP_AuthRequired(NTLM_HTTP):
+ commonHdr = ()
+ # Message 0 means the first HTTP request e.g. 'GET /bla.png'
+ MSG_TYPE = 0
+
+ def fromString(self,data):
+ pass
+
+
+class NTLM_HTTP_AuthNegotiate(NTLM_HTTP, NTLMAuthNegotiate):
+ commonHdr = ()
+ MSG_TYPE = 1
+
+ def __init__(self):
+ NTLMAuthNegotiate.__init__(self)
+
+
+class NTLM_HTTP_AuthChallengeResponse(NTLM_HTTP, NTLMAuthChallengeResponse):
+ commonHdr = ()
+ MSG_TYPE = 3
+
+ def __init__(self):
+ NTLMAuthChallengeResponse.__init__(self)
+
diff --git a/tests/python_dependencies/impacket/smb.py
b/tests/python_dependencies/impacket/smb.py
new file mode 100644
index 000000000..95efb2c63
--- /dev/null
+++ b/tests/python_dependencies/impacket/smb.py
@@ -0,0 +1,4099 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+# Copyright (C) 2001 Michael Teo <address@hidden>
+# smb.py - SMB/CIFS library
+#
+# This software is provided 'as-is', without any express or implied warranty.
+# In no event will the author be held liable for any damages arising from the
+# use of this software.
+#
+# Permission is granted to anyone to use this software for any purpose,
+# including commercial applications, and to alter it and redistribute it
+# freely, subject to the following restrictions:
+#
+# 1. The origin of this software must not be misrepresented; you must not
+# claim that you wrote the original software. If you use this software
+# in a product, an acknowledgment in the product documentation would be
+# appreciated but is not required.
+#
+# 2. Altered source versions must be plainly marked as such, and must not be
+# misrepresented as being the original software.
+#
+# 3. This notice cannot be removed or altered from any source distribution.
+#
+# Altered source done by Alberto Solino (@agsolino)
+
+# Todo:
+# [ ] Try [SMB]transport fragmentation using Transact requests
+# [ ] Try other methods of doing write (write_raw, transact2, write,
write_and_unlock, write_and_close, write_mpx)
+# [-] Try replacements for SMB_COM_NT_CREATE_ANDX (CREATE, T_TRANSACT_CREATE,
OPEN_ANDX works
+# [x] Fix forceWriteAndx, which needs to send a RecvRequest, because recv()
will not send it
+# [x] Fix Recv() when using RecvAndx and the answer comes splet in several
packets
+# [ ] Try [SMB]transport fragmentation with overlaping segments
+# [ ] Try [SMB]transport fragmentation with out of order segments
+# [x] Do chained AndX requests
+# [ ] Transform the rest of the calls to structure
+# [X] Implement TRANS/TRANS2 reassembly for list_path
+
+import os
+import socket
+import string
+from binascii import a2b_hex
+import datetime
+from struct import pack, unpack
+from contextlib import contextmanager
+
+from impacket import nmb, ntlm, nt_errors, LOG
+from impacket.structure import Structure
+from impacket.spnego import SPNEGO_NegTokenInit, TypesMech, SPNEGO_NegTokenResp
+
+# For signing
+import hashlib
+
+unicode_support = 0
+unicode_convert = 1
+
+try:
+ from cStringIO import StringIO
+except ImportError:
+ from StringIO import StringIO
+
+# Dialect for SMB1
+SMB_DIALECT = 'NT LM 0.12'
+
+# Shared Device Type
+SHARED_DISK = 0x00
+SHARED_DISK_HIDDEN = 0x80000000
+SHARED_PRINT_QUEUE = 0x01
+SHARED_DEVICE = 0x02
+SHARED_IPC = 0x03
+
+# Extended attributes mask
+ATTR_ARCHIVE = 0x020
+ATTR_COMPRESSED = 0x800
+ATTR_NORMAL = 0x080
+ATTR_HIDDEN = 0x002
+ATTR_READONLY = 0x001
+ATTR_TEMPORARY = 0x100
+ATTR_DIRECTORY = 0x010
+ATTR_SYSTEM = 0x004
+
+# Service Type
+SERVICE_DISK = 'A:'
+SERVICE_PRINTER = 'LPT1:'
+SERVICE_IPC = 'IPC'
+SERVICE_COMM = 'COMM'
+SERVICE_ANY = '?????'
+
+# Server Type (Can be used to mask with SMBMachine.get_type() or
SMBDomain.get_type())
+SV_TYPE_WORKSTATION = 0x00000001
+SV_TYPE_SERVER = 0x00000002
+SV_TYPE_SQLSERVER = 0x00000004
+SV_TYPE_DOMAIN_CTRL = 0x00000008
+SV_TYPE_DOMAIN_BAKCTRL = 0x00000010
+SV_TYPE_TIME_SOURCE = 0x00000020
+SV_TYPE_AFP = 0x00000040
+SV_TYPE_NOVELL = 0x00000080
+SV_TYPE_DOMAIN_MEMBER = 0x00000100
+SV_TYPE_PRINTQ_SERVER = 0x00000200
+SV_TYPE_DIALIN_SERVER = 0x00000400
+SV_TYPE_XENIX_SERVER = 0x00000800
+SV_TYPE_NT = 0x00001000
+SV_TYPE_WFW = 0x00002000
+SV_TYPE_SERVER_NT = 0x00004000
+SV_TYPE_POTENTIAL_BROWSER = 0x00010000
+SV_TYPE_BACKUP_BROWSER = 0x00020000
+SV_TYPE_MASTER_BROWSER = 0x00040000
+SV_TYPE_DOMAIN_MASTER = 0x00080000
+SV_TYPE_LOCAL_LIST_ONLY = 0x40000000
+SV_TYPE_DOMAIN_ENUM = 0x80000000
+
+# Options values for SMB.stor_file and SMB.retr_file
+SMB_O_CREAT = 0x10 # Create the file if file does not
exists. Otherwise, operation fails.
+SMB_O_EXCL = 0x00 # When used with SMB_O_CREAT,
operation fails if file exists. Cannot be used with SMB_O_OPEN.
+SMB_O_OPEN = 0x01 # Open the file if the file exists
+SMB_O_TRUNC = 0x02 # Truncate the file if the file
exists
+
+# Share Access Mode
+SMB_SHARE_COMPAT = 0x00
+SMB_SHARE_DENY_EXCL = 0x10
+SMB_SHARE_DENY_WRITE = 0x20
+SMB_SHARE_DENY_READEXEC = 0x30
+SMB_SHARE_DENY_NONE = 0x40
+SMB_ACCESS_READ = 0x00
+SMB_ACCESS_WRITE = 0x01
+SMB_ACCESS_READWRITE = 0x02
+SMB_ACCESS_EXEC = 0x03
+
+TRANS_DISCONNECT_TID = 1
+TRANS_NO_RESPONSE = 2
+
+STATUS_SUCCESS = 0x00000000
+STATUS_LOGON_FAILURE = 0xC000006D
+STATUS_LOGON_TYPE_NOT_GRANTED = 0xC000015B
+MAX_TFRAG_SIZE = 5840
+EVASION_NONE = 0
+EVASION_LOW = 1
+EVASION_HIGH = 2
+EVASION_MAX = 3
+RPC_X_BAD_STUB_DATA = 0x6F7
+
+# SMB_FILE_ATTRIBUTES
+
+SMB_FILE_ATTRIBUTE_NORMAL = 0x0000
+SMB_FILE_ATTRIBUTE_READONLY = 0x0001
+SMB_FILE_ATTRIBUTE_HIDDEN = 0x0002
+SMB_FILE_ATTRIBUTE_SYSTEM = 0x0004
+SMB_FILE_ATTRIBUTE_VOLUME = 0x0008
+SMB_FILE_ATTRIBUTE_DIRECTORY = 0x0010
+SMB_FILE_ATTRIBUTE_ARCHIVE = 0x0020
+SMB_SEARCH_ATTRIBUTE_READONLY = 0x0100
+SMB_SEARCH_ATTRIBUTE_HIDDEN = 0x0200
+SMB_SEARCH_ATTRIBUTE_SYSTEM = 0x0400
+SMB_SEARCH_ATTRIBUTE_DIRECTORY = 0x1000
+SMB_SEARCH_ATTRIBUTE_ARCHIVE = 0x2000
+
+# Session SetupAndX Action flags
+SMB_SETUP_GUEST = 0x01
+SMB_SETUP_USE_LANMAN_KEY = 0x02
+
+# QUERY_INFORMATION levels
+SMB_INFO_ALLOCATION = 0x0001
+SMB_INFO_VOLUME = 0x0002
+FILE_FS_SIZE_INFORMATION = 0x0003
+SMB_QUERY_FS_VOLUME_INFO = 0x0102
+SMB_QUERY_FS_SIZE_INFO = 0x0103
+SMB_QUERY_FILE_EA_INFO = 0x0103
+SMB_QUERY_FS_DEVICE_INFO = 0x0104
+SMB_QUERY_FS_ATTRIBUTE_INFO = 0x0105
+SMB_QUERY_FILE_BASIC_INFO = 0x0101
+SMB_QUERY_FILE_STANDARD_INFO = 0x0102
+SMB_QUERY_FILE_ALL_INFO = 0x0107
+FILE_FS_FULL_SIZE_INFORMATION = 0x03EF
+
+# SET_INFORMATION levels
+SMB_SET_FILE_DISPOSITION_INFO = 0x0102
+SMB_SET_FILE_BASIC_INFO = 0x0101
+SMB_SET_FILE_END_OF_FILE_INFO = 0x0104
+
+
+# File System Attributes
+FILE_CASE_SENSITIVE_SEARCH = 0x00000001
+FILE_CASE_PRESERVED_NAMES = 0x00000002
+FILE_UNICODE_ON_DISK = 0x00000004
+FILE_PERSISTENT_ACLS = 0x00000008
+FILE_FILE_COMPRESSION = 0x00000010
+FILE_VOLUME_IS_COMPRESSED = 0x00008000
+
+# FIND_FIRST2 flags and levels
+SMB_FIND_CLOSE_AFTER_REQUEST = 0x0001
+SMB_FIND_CLOSE_AT_EOS = 0x0002
+SMB_FIND_RETURN_RESUME_KEYS = 0x0004
+SMB_FIND_CONTINUE_FROM_LAST = 0x0008
+SMB_FIND_WITH_BACKUP_INTENT = 0x0010
+
+FILE_DIRECTORY_FILE = 0x00000001
+FILE_DELETE_ON_CLOSE = 0x00001000
+FILE_NON_DIRECTORY_FILE = 0x00000040
+
+SMB_FIND_INFO_STANDARD = 0x0001
+SMB_FIND_FILE_DIRECTORY_INFO = 0x0101
+SMB_FIND_FILE_FULL_DIRECTORY_INFO= 0x0102
+SMB_FIND_FILE_NAMES_INFO = 0x0103
+SMB_FIND_FILE_BOTH_DIRECTORY_INFO= 0x0104
+SMB_FIND_FILE_ID_FULL_DIRECTORY_INFO = 0x105
+SMB_FIND_FILE_ID_BOTH_DIRECTORY_INFO = 0x106
+
+
+# DesiredAccess flags
+FILE_READ_DATA = 0x00000001
+FILE_WRITE_DATA = 0x00000002
+FILE_APPEND_DATA = 0x00000004
+FILE_EXECUTE = 0x00000020
+MAXIMUM_ALLOWED = 0x02000000
+GENERIC_ALL = 0x10000000
+GENERIC_EXECUTE = 0x20000000
+GENERIC_WRITE = 0x40000000
+GENERIC_READ = 0x80000000
+
+# ShareAccess flags
+FILE_SHARE_NONE = 0x00000000
+FILE_SHARE_READ = 0x00000001
+FILE_SHARE_WRITE = 0x00000002
+FILE_SHARE_DELETE = 0x00000004
+
+# CreateDisposition flags
+FILE_SUPERSEDE = 0x00000000
+FILE_OPEN = 0x00000001
+FILE_CREATE = 0x00000002
+FILE_OPEN_IF = 0x00000003
+FILE_OVERWRITE = 0x00000004
+FILE_OVERWRITE_IF = 0x00000005
+
+def strerror(errclass, errcode):
+ if errclass == 0x01:
+ return 'OS error', ERRDOS.get(errcode, 'Unknown error')
+ elif errclass == 0x02:
+ return 'Server error', ERRSRV.get(errcode, 'Unknown error')
+ elif errclass == 0x03:
+ return 'Hardware error', ERRHRD.get(errcode, 'Unknown error')
+ # This is not a standard error class for SMB
+ #elif errclass == 0x80:
+ # return 'Browse error', ERRBROWSE.get(errcode, 'Unknown error')
+ elif errclass == 0xff:
+ return 'Bad command', 'Bad command. Please file bug report'
+ else:
+ return 'Unknown error', 'Unknown error'
+
+# Raised when an error has occured during a session
+class SessionError(Exception):
+ # SMB X/Open error codes for the ERRDOS error class
+ ERRsuccess = 0
+ ERRbadfunc = 1
+ ERRbadfile = 2
+ ERRbadpath = 3
+ ERRnofids = 4
+ ERRnoaccess = 5
+ ERRbadfid = 6
+ ERRbadmcb = 7
+ ERRnomem = 8
+ ERRbadmem = 9
+ ERRbadenv = 10
+ ERRbadaccess = 12
+ ERRbaddata = 13
+ ERRres = 14
+ ERRbaddrive = 15
+ ERRremcd = 16
+ ERRdiffdevice = 17
+ ERRnofiles = 18
+ ERRgeneral = 31
+ ERRbadshare = 32
+ ERRlock = 33
+ ERRunsup = 50
+ ERRnetnamedel = 64
+ ERRnosuchshare = 67
+ ERRfilexists = 80
+ ERRinvalidparam = 87
+ ERRcannotopen = 110
+ ERRinsufficientbuffer = 122
+ ERRinvalidname = 123
+ ERRunknownlevel = 124
+ ERRnotlocked = 158
+ ERRrename = 183
+ ERRbadpipe = 230
+ ERRpipebusy = 231
+ ERRpipeclosing = 232
+ ERRnotconnected = 233
+ ERRmoredata = 234
+ ERRnomoreitems = 259
+ ERRbaddirectory = 267
+ ERReasnotsupported = 282
+ ERRlogonfailure = 1326
+ ERRbuftoosmall = 2123
+ ERRunknownipc = 2142
+ ERRnosuchprintjob = 2151
+ ERRinvgroup = 2455
+
+ # here's a special one from observing NT
+ ERRnoipc = 66
+
+ # These errors seem to be only returned by the NT printer driver system
+ ERRdriveralreadyinstalled = 1795
+ ERRunknownprinterport = 1796
+ ERRunknownprinterdriver = 1797
+ ERRunknownprintprocessor = 1798
+ ERRinvalidseparatorfile = 1799
+ ERRinvalidjobpriority = 1800
+ ERRinvalidprintername = 1801
+ ERRprinteralreadyexists = 1802
+ ERRinvalidprintercommand = 1803
+ ERRinvaliddatatype = 1804
+ ERRinvalidenvironment = 1805
+
+ ERRunknownprintmonitor = 3000
+ ERRprinterdriverinuse = 3001
+ ERRspoolfilenotfound = 3002
+ ERRnostartdoc = 3003
+ ERRnoaddjob = 3004
+ ERRprintprocessoralreadyinstalled = 3005
+ ERRprintmonitoralreadyinstalled = 3006
+ ERRinvalidprintmonitor = 3007
+ ERRprintmonitorinuse = 3008
+ ERRprinterhasjobsqueued = 3009
+
+ # Error codes for the ERRSRV class
+
+ ERRerror = 1
+ ERRbadpw = 2
+ ERRbadtype = 3
+ ERRaccess = 4
+ ERRinvnid = 5
+ ERRinvnetname = 6
+ ERRinvdevice = 7
+ ERRqfull = 49
+ ERRqtoobig = 50
+ ERRinvpfid = 52
+ ERRsmbcmd = 64
+ ERRsrverror = 65
+ ERRfilespecs = 67
+ ERRbadlink = 68
+ ERRbadpermits = 69
+ ERRbadpid = 70
+ ERRsetattrmode = 71
+ ERRpaused = 81
+ ERRmsgoff = 82
+ ERRnoroom = 83
+ ERRrmuns = 87
+ ERRtimeout = 88
+ ERRnoresource = 89
+ ERRtoomanyuids = 90
+ ERRbaduid = 91
+ ERRuseMPX = 250
+ ERRuseSTD = 251
+ ERRcontMPX = 252
+ ERRbadPW = None
+ ERRnosupport = 0
+ ERRunknownsmb = 22
+
+ # Error codes for the ERRHRD class
+
+ ERRnowrite = 19
+ ERRbadunit = 20
+ ERRnotready = 21
+ ERRbadcmd = 22
+ ERRdata = 23
+ ERRbadreq = 24
+ ERRseek = 25
+ ERRbadmedia = 26
+ ERRbadsector = 27
+ ERRnopaper = 28
+ ERRwrite = 29
+ ERRread = 30
+ ERRwrongdisk = 34
+ ERRFCBunavail = 35
+ ERRsharebufexc = 36
+ ERRdiskfull = 39
+
+
+ hard_msgs = {
+ 19: ("ERRnowrite", "Attempt to write on write-protected diskette."),
+ 20: ("ERRbadunit", "Unknown unit."),
+ 21: ("ERRnotready", "Drive not ready."),
+ 22: ("ERRbadcmd", "Unknown command."),
+ 23: ("ERRdata", "Data error (CRC)."),
+ 24: ("ERRbadreq", "Bad request structure length."),
+ 25: ("ERRseek", "Seek error."),
+ 26: ("ERRbadmedia", "Unknown media type."),
+ 27: ("ERRbadsector", "Sector not found."),
+ 28: ("ERRnopaper", "Printer out of paper."),
+ 29: ("ERRwrite", "Write fault."),
+ 30: ("ERRread", "Read fault."),
+ 31: ("ERRgeneral", "General failure."),
+ 32: ("ERRbadshare", "An open conflicts with an existing open."),
+ 33: ("ERRlock", "A Lock request conflicted with an existing lock or
specified an invalid mode, or an Unlock requested attempted to remove a lock
held by another process."),
+ 34: ("ERRwrongdisk", "The wrong disk was found in a drive."),
+ 35: ("ERRFCBUnavail", "No FCBs are available to process request."),
+ 36: ("ERRsharebufexc", "A sharing buffer has been exceeded.")
+ }
+
+ dos_msgs = {
+ ERRbadfunc: ("ERRbadfunc", "Invalid function."),
+ ERRbadfile: ("ERRbadfile", "File not found."),
+ ERRbadpath: ("ERRbadpath", "Directory invalid."),
+ ERRnofids: ("ERRnofids", "No file descriptors available"),
+ ERRnoaccess: ("ERRnoaccess", "Access denied."),
+ ERRbadfid: ("ERRbadfid", "Invalid file handle."),
+ ERRbadmcb: ("ERRbadmcb", "Memory control blocks destroyed."),
+ ERRnomem: ("ERRnomem", "Insufficient server memory to perform the
requested function."),
+ ERRbadmem: ("ERRbadmem", "Invalid memory block address."),
+ ERRbadenv: ("ERRbadenv", "Invalid environment."),
+ 11: ("ERRbadformat", "Invalid format."),
+ ERRbadaccess: ("ERRbadaccess", "Invalid open mode."),
+ ERRbaddata: ("ERRbaddata", "Invalid data."),
+ ERRres: ("ERRres", "reserved."),
+ ERRbaddrive: ("ERRbaddrive", "Invalid drive specified."),
+ ERRremcd: ("ERRremcd", "A Delete Directory request attempted to remove
the server's current directory."),
+ ERRdiffdevice: ("ERRdiffdevice", "Not same device."),
+ ERRnofiles: ("ERRnofiles", "A File Search command can find no more files
matching the specified criteria."),
+ ERRbadshare: ("ERRbadshare", "The sharing mode specified for an Open
conflicts with existing FIDs on the file."),
+ ERRlock: ("ERRlock", "A Lock request conflicted with an existing lock or
specified an invalid mode, or an Unlock requested attempted to remove a lock
held by another process."),
+ ERRunsup: ("ERRunsup", "The operation is unsupported"),
+ ERRnosuchshare: ("ERRnosuchshare", "You specified an invalid share
name"),
+ ERRfilexists: ("ERRfilexists", "The file named in a Create Directory,
Make New File or Link request already exists."),
+ ERRinvalidname: ("ERRinvalidname", "Invalid name"),
+ ERRbadpipe: ("ERRbadpipe", "Pipe invalid."),
+ ERRpipebusy: ("ERRpipebusy", "All instances of the requested pipe are
busy."),
+ ERRpipeclosing: ("ERRpipeclosing", "Pipe close in progress."),
+ ERRnotconnected: ("ERRnotconnected", "No process on other end of pipe."),
+ ERRmoredata: ("ERRmoredata", "There is more data to be returned."),
+ ERRinvgroup: ("ERRinvgroup", "Invalid workgroup (try the -W option)"),
+ ERRlogonfailure: ("ERRlogonfailure", "Logon failure"),
+ ERRdiskfull: ("ERRdiskfull", "Disk full"),
+ ERRgeneral: ("ERRgeneral", "General failure"),
+ ERRunknownlevel: ("ERRunknownlevel", "Unknown info level")
+ }
+
+ server_msgs = {
+ 1: ("ERRerror", "Non-specific error code."),
+ 2: ("ERRbadpw", "Bad password - name/password pair in a Tree Connect or
Session Setup are invalid."),
+ 3: ("ERRbadtype", "reserved."),
+ 4: ("ERRaccess", "The requester does not have the necessary access
rights within the specified context for the requested function. The context
is defined by the TID or the UID."),
+ 5: ("ERRinvnid", "The tree ID (TID) specified in a command was
invalid."),
+ 6: ("ERRinvnetname", "Invalid network name in tree connect."),
+ 7: ("ERRinvdevice", "Invalid device - printer request made to
non-printer connection or non-printer request made to printer connection."),
+ 49: ("ERRqfull", "Print queue full (files) -- returned by open print
file."),
+ 50: ("ERRqtoobig", "Print queue full -- no space."),
+ 51: ("ERRqeof", "EOF on print queue dump."),
+ 52: ("ERRinvpfid", "Invalid print file FID."),
+ 64: ("ERRsmbcmd", "The server did not recognize the command received."),
+ 65: ("ERRsrverror","The server encountered an internal error, e.g.,
system file unavailable."),
+ 67: ("ERRfilespecs", "The file handle (FID) and pathname parameters
contained an invalid combination of values."),
+ 68: ("ERRreserved", "reserved."),
+ 69: ("ERRbadpermits", "The access permissions specified for a file or
directory are not a valid combination. The server cannot set the requested
attribute."),
+ 70: ("ERRreserved", "reserved."),
+ 71: ("ERRsetattrmode", "The attribute mode in the Set File Attribute
request is invalid."),
+ 81: ("ERRpaused", "Server is paused."),
+ 82: ("ERRmsgoff", "Not receiving messages."),
+ 83: ("ERRnoroom", "No room to buffer message."),
+ 87: ("ERRrmuns", "Too many remote user names."),
+ 88: ("ERRtimeout", "Operation timed out."),
+ 89: ("ERRnoresource", "No resources currently available for request."),
+ 90: ("ERRtoomanyuids", "Too many UIDs active on this session."),
+ 91: ("ERRbaduid", "The UID is not known as a valid ID on this session."),
+ 250: ("ERRusempx","Temp unable to support Raw, use MPX mode."),
+ 251: ("ERRusestd","Temp unable to support Raw, use standard
read/write."),
+ 252: ("ERRcontmpx", "Continue in MPX mode."),
+ 253: ("ERRreserved", "reserved."),
+ 254: ("ERRreserved", "reserved."),
+ 0xFFFF: ("ERRnosupport", "Function not supported.")
+ }
+ # Error clases
+
+ ERRDOS = 0x1
+ error_classes = { 0: ("SUCCESS", {}),
+ ERRDOS: ("ERRDOS", dos_msgs),
+ 0x02: ("ERRSRV",server_msgs),
+ 0x03: ("ERRHRD",hard_msgs),
+ 0x04: ("ERRXOS", {} ),
+ 0xE1: ("ERRRMX1", {} ),
+ 0xE2: ("ERRRMX2", {} ),
+ 0xE3: ("ERRRMX3", {} ),
+ 0xFF: ("ERRCMD", {} ) }
+
+
+
+ def __init__( self, error_string, error_class, error_code, nt_status = 0):
+ Exception.__init__(self, error_string)
+ self.nt_status = nt_status
+ self._args = error_string
+ if nt_status:
+ self.error_class = 0
+ self.error_code = (error_code << 16) + error_class
+ else:
+ self.error_class = error_class
+ self.error_code = error_code
+
+
+ def get_error_class( self ):
+ return self.error_class
+
+ def get_error_code( self ):
+ return self.error_code
+
+ def __str__( self ):
+ error_class = SessionError.error_classes.get( self.error_class, None )
+ if not error_class:
+ error_code_str = self.error_code
+ error_class_str = self.error_class
+ else:
+ error_class_str = error_class[0]
+ error_code = error_class[1].get( self.error_code, None )
+ if not error_code:
+ error_code_str = self.error_code
+ else:
+ error_code_str = '%s(%s)' % error_code
+
+ if self.nt_status:
+ return 'SMB SessionError: %s(%s)' %
nt_errors.ERROR_MESSAGES[self.error_code]
+ else:
+ # Fall back to the old format
+ return 'SMB SessionError: class: %s, code: %s' % (error_class_str,
error_code_str)
+
+
+# Raised when an supported feature is present/required in the protocol but is
not
+# currently supported by pysmb
+class UnsupportedFeature(Exception): pass
+
+# Contains information about a SMB shared device/service
+class SharedDevice:
+ def __init__(self, name, share_type, comment):
+ self.__name = name
+ self.__type = share_type
+ self.__comment = comment
+
+ def get_name(self):
+ return self.__name
+
+ def get_type(self):
+ return self.__type
+
+ def get_comment(self):
+ return self.__comment
+
+ def __repr__(self):
+ return '<SharedDevice instance: name=' + self.__name + ', type=' +
str(self.__type) + ', comment="' + self.__comment + '">'
+
+
+# Contains information about the shared file/directory
+class SharedFile:
+ def __init__(self, ctime, atime, mtime, filesize, allocsize, attribs,
shortname, longname):
+ self.__ctime = ctime
+ self.__atime = atime
+ self.__mtime = mtime
+ self.__filesize = filesize
+ self.__allocsize = allocsize
+ self.__attribs = attribs
+ try:
+ self.__shortname = shortname[:string.index(shortname, '\0')]
+ except ValueError:
+ self.__shortname = shortname
+ try:
+ self.__longname = longname[:string.index(longname, '\0')]
+ except ValueError:
+ self.__longname = longname
+
+ def get_ctime(self):
+ return self.__ctime
+
+ def get_ctime_epoch(self):
+ return self.__convert_smbtime(self.__ctime)
+
+ def get_mtime(self):
+ return self.__mtime
+
+ def get_mtime_epoch(self):
+ return self.__convert_smbtime(self.__mtime)
+
+ def get_atime(self):
+ return self.__atime
+
+ def get_atime_epoch(self):
+ return self.__convert_smbtime(self.__atime)
+
+ def get_filesize(self):
+ return self.__filesize
+
+ def get_allocsize(self):
+ return self.__allocsize
+
+ def get_attributes(self):
+ return self.__attribs
+
+ def is_archive(self):
+ return self.__attribs & ATTR_ARCHIVE
+
+ def is_compressed(self):
+ return self.__attribs & ATTR_COMPRESSED
+
+ def is_normal(self):
+ return self.__attribs & ATTR_NORMAL
+
+ def is_hidden(self):
+ return self.__attribs & ATTR_HIDDEN
+
+ def is_readonly(self):
+ return self.__attribs & ATTR_READONLY
+
+ def is_temporary(self):
+ return self.__attribs & ATTR_TEMPORARY
+
+ def is_directory(self):
+ return self.__attribs & ATTR_DIRECTORY
+
+ def is_system(self):
+ return self.__attribs & ATTR_SYSTEM
+
+ def get_shortname(self):
+ return self.__shortname
+
+ def get_longname(self):
+ return self.__longname
+
+ def __repr__(self):
+ return '<SharedFile instance: shortname="' + self.__shortname + '",
longname="' + self.__longname + '", filesize=' + str(self.__filesize) + '>'
+
+ @staticmethod
+ def __convert_smbtime(t):
+ x = t >> 32
+ y = t & 0xffffffffL
+ geo_cal_offset = 11644473600.0 # = 369.0 * 365.25 * 24 * 60 * 60 -
(3.0 * 24 * 60 * 60 + 6.0 * 60 * 60)
+ return (x * 4.0 * (1 << 30) + (y & 0xfff00000L)) * 1.0e-7 -
geo_cal_offset
+
+
+# Contain information about a SMB machine
+class SMBMachine:
+ def __init__(self, nbname, nbt_type, comment):
+ self.__nbname = nbname
+ self.__type = nbt_type
+ self.__comment = comment
+
+ def __repr__(self):
+ return '<SMBMachine instance: nbname="' + self.__nbname + '", type=' +
hex(self.__type) + ', comment="' + self.__comment + '">'
+
+class SMBDomain:
+ def __init__(self, nbgroup, domain_type, master_browser):
+ self.__nbgroup = nbgroup
+ self.__type = domain_type
+ self.__master_browser = master_browser
+
+ def __repr__(self):
+ return '<SMBDomain instance: nbgroup="' + self.__nbgroup + '", type='
+ hex(self.__type) + ', master browser="' + self.__master_browser + '">'
+
+# Represents a SMB Packet
+class NewSMBPacket(Structure):
+ structure = (
+ ('Signature', '"\xffSMB'),
+ ('Command','B=0'),
+ ('ErrorClass','B=0'),
+ ('_reserved','B=0'),
+ ('ErrorCode','<H=0'),
+ ('Flags1','B=0'),
+ ('Flags2','<H=0'),
+ ('PIDHigh','<H=0'),
+ ('SecurityFeatures','8s=""'),
+ ('Reserved','<H=0'),
+ ('Tid','<H=0xffff'),
+ ('Pid','<H=0'),
+ ('Uid','<H=0'),
+ ('Mid','<H=0'),
+ ('Data','*:'),
+ )
+
+ def __init__(self, **kargs):
+ Structure.__init__(self, **kargs)
+
+ if self.fields.has_key('Flags2') is False:
+ self['Flags2'] = 0
+ if self.fields.has_key('Flags1') is False:
+ self['Flags1'] = 0
+
+ if not kargs.has_key('data'):
+ self['Data'] = []
+
+ def addCommand(self, command):
+ if len(self['Data']) == 0:
+ self['Command'] = command.command
+ else:
+ self['Data'][-1]['Parameters']['AndXCommand'] = command.command
+ self['Data'][-1]['Parameters']['AndXOffset'] = len(self)
+ self['Data'].append(command)
+
+ def isMoreData(self):
+ return (self['Command'] in [SMB.SMB_COM_TRANSACTION,
SMB.SMB_COM_READ_ANDX, SMB.SMB_COM_READ_RAW] and
+ self['ErrorClass'] == 1 and self['ErrorCode'] ==
SessionError.ERRmoredata)
+
+ def isMoreProcessingRequired(self):
+ return self['ErrorClass'] == 0x16 and self['ErrorCode'] == 0xc000
+
+ def isValidAnswer(self, cmd):
+ # this was inside a loop reading more from the net (with
recv_packet(None))
+ if self['Command'] == cmd:
+ if (self['ErrorClass'] == 0x00 and
+ self['ErrorCode'] == 0x00):
+ return 1
+ elif self.isMoreData():
+ return 1
+ elif self.isMoreProcessingRequired():
+ return 1
+ raise SessionError, ("SMB Library Error", self['ErrorClass'] +
(self['_reserved'] << 8), self['ErrorCode'], self['Flags2'] &
SMB.FLAGS2_NT_STATUS)
+ else:
+ raise UnsupportedFeature, ("Unexpected answer from server: Got %d,
Expected %d" % (self['Command'], cmd))
+
+
+class SMBCommand(Structure):
+ structure = (
+ ('WordCount', 'B=len(Parameters)/2'),
+ ('_ParametersLength','_-Parameters','WordCount*2'),
+ ('Parameters',':'), # default set by constructor
+ ('ByteCount','<H-Data'),
+ ('Data',':'), # default set by constructor
+ )
+
+ def __init__(self, commandOrData = None, data = None, **kargs):
+ if type(commandOrData) == type(0):
+ self.command = commandOrData
+ else:
+ data = data or commandOrData
+
+ Structure.__init__(self, data = data, **kargs)
+
+ if data is None:
+ self['Parameters'] = ''
+ self['Data'] = ''
+
+class AsciiOrUnicodeStructure(Structure):
+ UnicodeStructure = ()
+ AsciiStructure = ()
+ def __init__(self, flags = 0, **kargs):
+ if flags & SMB.FLAGS2_UNICODE:
+ self.structure = self.UnicodeStructure
+ else:
+ self.structure = self.AsciiStructure
+ Structure.__init__(self, **kargs)
+
+class SMBCommand_Parameters(Structure):
+ pass
+
+class SMBAndXCommand_Parameters(Structure):
+ commonHdr = (
+ ('AndXCommand','B=0xff'),
+ ('_reserved','B=0'),
+ ('AndXOffset','<H=0'),
+ )
+ structure = ( # default structure, overriden by subclasses
+ ('Data',':=""'),
+ )
+
+############# TRANSACTIONS RELATED
+# TRANS2_QUERY_FS_INFORMATION
+# QUERY_FS Information Levels
+# SMB_QUERY_FS_ATTRIBUTE_INFO
+class SMBQueryFsAttributeInfo(Structure):
+ structure = (
+ ('FileSystemAttributes','<L'),
+ ('MaxFilenNameLengthInBytes','<L'),
+ ('LengthOfFileSystemName','<L-FileSystemName'),
+ ('FileSystemName',':'),
+ )
+
+class SMBQueryFsInfoVolume(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('ulVolSerialNbr','<L=0xABCDEFAA'),
+ ('cCharCount','<B-VolumeLabel'),
+ )
+ AsciiStructure = (
+ ('VolumeLabel','z'),
+ )
+ UnicodeStructure = (
+ ('VolumeLabel','u'),
+ )
+
+# FILE_FS_SIZE_INFORMATION
+class FileFsSizeInformation(Structure):
+ structure = (
+ ('TotalAllocationUnits','<q=148529400'),
+ ('AvailableAllocationUnits','<q=14851044'),
+ ('SectorsPerAllocationUnit','<L=2'),
+ ('BytesPerSector','<L=512'),
+ )
+
+# SMB_QUERY_FS_SIZE_INFO
+class SMBQueryFsSizeInfo(Structure):
+ structure = (
+ ('TotalAllocationUnits','<q=148529400'),
+ ('TotalFreeAllocationUnits','<q=14851044'),
+ ('SectorsPerAllocationUnit','<L=2'),
+ ('BytesPerSector','<L=512'),
+ )
+# FILE_FS_FULL_SIZE_INFORMATION
+class SMBFileFsFullSizeInformation(Structure):
+ structure = (
+ ('TotalAllocationUnits','<q=148529400'),
+ ('CallerAvailableAllocationUnits','<q=148529400'),
+ ('ActualAvailableAllocationUnits','<q=148529400'),
+ ('SectorsPerAllocationUnit','<L=15'),
+ ('BytesPerSector','<L=512')
+ )
+# SMB_QUERY_FS_VOLUME_INFO
+class SMBQueryFsVolumeInfo(Structure):
+ structure = (
+ ('VolumeCreationTime','<q'),
+ ('SerialNumber','<L=0xABCDEFAA'),
+ ('VolumeLabelSize','<L=len(VolumeLabel)'),
+ ('Reserved','<H=0x10'),
+ ('VolumeLabel',':')
+ )
+# SMB_FIND_FILE_BOTH_DIRECTORY_INFO level
+class SMBFindFileBothDirectoryInfo(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('NextEntryOffset','<L=0'),
+ ('FileIndex','<L=0'),
+ ('CreationTime','<q'),
+ ('LastAccessTime','<q'),
+ ('LastWriteTime','<q'),
+ ('LastChangeTime','<q'),
+ ('EndOfFile','<q=0'),
+ ('AllocationSize','<q=0'),
+ ('ExtFileAttributes','<L=0'),
+ )
+ AsciiStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)'),
+ ('EaSize','<L=0'),
+ ('ShortNameLength','<B=0'),
+ ('Reserved','<B=0'),
+ ('ShortName','24s'),
+ ('FileName',':'),
+ )
+ UnicodeStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)*2'),
+ ('EaSize','<L=0'),
+ ('ShortNameLength','<B=0'),
+ ('Reserved','<B=0'),
+ ('ShortName','24s'),
+ ('FileName',':'),
+ )
+
+# SMB_FIND_FILE_ID_FULL_DIRECTORY_INFO level
+class SMBFindFileIdFullDirectoryInfo(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('NextEntryOffset','<L=0'),
+ ('FileIndex','<L=0'),
+ ('CreationTime','<q'),
+ ('LastAccessTime','<q'),
+ ('LastWriteTime','<q'),
+ ('LastChangeTime','<q'),
+ ('EndOfFile','<q=0'),
+ ('AllocationSize','<q=0'),
+ ('ExtFileAttributes','<L=0'),
+ )
+ AsciiStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)'),
+ ('EaSize','<L=0'),
+ ('FileID','<q=0'),
+ ('FileName',':'),
+ )
+ UnicodeStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)*2'),
+ ('EaSize','<L=0'),
+ ('FileID','<q=0'),
+ ('FileName',':'),
+ )
+
+# SMB_FIND_FILE_ID_BOTH_DIRECTORY_INFO level
+class SMBFindFileIdBothDirectoryInfo(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('NextEntryOffset','<L=0'),
+ ('FileIndex','<L=0'),
+ ('CreationTime','<q'),
+ ('LastAccessTime','<q'),
+ ('LastWriteTime','<q'),
+ ('LastChangeTime','<q'),
+ ('EndOfFile','<q=0'),
+ ('AllocationSize','<q=0'),
+ ('ExtFileAttributes','<L=0'),
+ )
+ AsciiStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)'),
+ ('EaSize','<L=0'),
+ ('ShortNameLength','<B=0'),
+ ('Reserved','<B=0'),
+ ('ShortName','24s'),
+ ('Reserved','<H=0'),
+ ('FileID','<q=0'),
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)*2'),
+ ('EaSize','<L=0'),
+ ('ShortNameLength','<B=0'),
+ ('Reserved','<B=0'),
+ ('ShortName','24s'),
+ ('Reserved','<H=0'),
+ ('FileID','<q=0'),
+ ('FileName',':'),
+ )
+
+# SMB_FIND_FILE_DIRECTORY_INFO level
+class SMBFindFileDirectoryInfo(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('NextEntryOffset','<L=0'),
+ ('FileIndex','<L=0'),
+ ('CreationTime','<q'),
+ ('LastAccessTime','<q'),
+ ('LastWriteTime','<q'),
+ ('LastChangeTime','<q'),
+ ('EndOfFile','<q=0'),
+ ('AllocationSize','<q=1'),
+ ('ExtFileAttributes','<L=0'),
+ )
+ AsciiStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)'),
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)*2'),
+ ('FileName',':'),
+ )
+
+# SMB_FIND_FILE_NAMES_INFO level
+class SMBFindFileNamesInfo(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('NextEntryOffset','<L=0'),
+ ('FileIndex','<L=0'),
+ )
+ AsciiStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)'),
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)*2'),
+ ('FileName',':'),
+ )
+
+# SMB_FIND_FILE_FULL_DIRECTORY_INFO level
+class SMBFindFileFullDirectoryInfo(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('NextEntryOffset','<L=0'),
+ ('FileIndex','<L=0'),
+ ('CreationTime','<q'),
+ ('LastAccessTime','<q'),
+ ('LastWriteTime','<q'),
+ ('LastChangeTime','<q'),
+ ('EndOfFile','<q=0'),
+ ('AllocationSize','<q=1'),
+ ('ExtFileAttributes','<L=0'),
+ )
+ AsciiStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)'),
+ ('EaSize','<L'),
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileNameLength','<L-FileName','len(FileName)*2'),
+ ('EaSize','<L'),
+ ('FileName',':'),
+ )
+
+# SMB_FIND_INFO_STANDARD level
+class SMBFindInfoStandard(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('ResumeKey','<L=0xff'),
+ ('CreationDate','<H=0'),
+ ('CreationTime','<H=0'),
+ ('LastAccessDate','<H=0'),
+ ('LastAccessTime','<H=0'),
+ ('LastWriteDate','<H=0'),
+ ('LastWriteTime','<H=0'),
+ ('EaSize','<L'),
+ ('AllocationSize','<L=1'),
+ ('ExtFileAttributes','<H=0'),
+ )
+ AsciiStructure = (
+ ('FileNameLength','<B-FileName','len(FileName)'),
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileNameLength','<B-FileName','len(FileName)*2'),
+ ('FileName',':'),
+ )
+
+# SET_FILE_INFORMATION structures
+# SMB_SET_FILE_DISPOSITION_INFO
+class SMBSetFileDispositionInfo(Structure):
+ structure = (
+ ('DeletePending','<B'),
+ )
+
+# SMB_SET_FILE_BASIC_INFO
+class SMBSetFileBasicInfo(Structure):
+ structure = (
+ ('CreationTime','<q'),
+ ('LastAccessTime','<q'),
+ ('LastWriteTime','<q'),
+ ('ChangeTime','<q'),
+ ('ExtFileAttributes','<H'),
+ ('Reserved','<L'),
+ )
+
+# FILE_STREAM_INFORMATION
+class SMBFileStreamInformation(Structure):
+ commonHdr = (
+ ('NextEntryOffset','<L=0'),
+ ('StreamNameLength','<L=0'),
+ ('StreamSize','<q=0'),
+ ('StreamAllocationSize','<q=0'),
+ ('StreamName',':=""'),
+ )
+
+# FILE_NETWORK_OPEN_INFORMATION
+class SMBFileNetworkOpenInfo(Structure):
+ structure = (
+ ('CreationTime','<q=0'),
+ ('LastAccessTime','<q=0'),
+ ('LastWriteTime','<q=0'),
+ ('ChangeTime','<q=0'),
+ ('AllocationSize','<q=0'),
+ ('EndOfFile','<q=0'),
+ ('FileAttributes','<L=0'),
+ ('Reserved','<L=0'),
+ )
+
+# SMB_SET_FILE_END_OF_FILE_INFO
+class SMBSetFileEndOfFileInfo(Structure):
+ structure = (
+ ('EndOfFile','<q'),
+ )
+
+# TRANS2_FIND_NEXT2
+class SMBFindNext2_Parameters(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('SID','<H'),
+ ('SearchCount','<H'),
+ ('InformationLevel','<H'),
+ ('ResumeKey','<L'),
+ ('Flags','<H'),
+ )
+ AsciiStructure = (
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileName','u'),
+ )
+
+class SMBFindNext2Response_Parameters(Structure):
+ structure = (
+ ('SearchCount','<H'),
+ ('EndOfSearch','<H=1'),
+ ('EaErrorOffset','<H=0'),
+ ('LastNameOffset','<H=0'),
+ )
+
+class SMBFindNext2_Data(Structure):
+ structure = (
+ ('GetExtendedAttributesListLength','_-GetExtendedAttributesList',
'self["GetExtendedAttributesListLength"]'),
+ ('GetExtendedAttributesList',':'),
+ )
+
+
+# TRANS2_FIND_FIRST2
+class SMBFindFirst2Response_Parameters(Structure):
+ structure = (
+ ('SID','<H'),
+ ('SearchCount','<H'),
+ ('EndOfSearch','<H=1'),
+ ('EaErrorOffset','<H=0'),
+ ('LastNameOffset','<H=0'),
+ )
+
+class SMBFindFirst2_Parameters(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('SearchAttributes','<H'),
+ ('SearchCount','<H'),
+ ('Flags','<H'),
+ ('InformationLevel','<H'),
+ ('SearchStorageType','<L'),
+ )
+ AsciiStructure = (
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileName','u'),
+ )
+
+class SMBFindFirst2_Data(Structure):
+ structure = (
+ ('GetExtendedAttributesListLength','_-GetExtendedAttributesList',
'self["GetExtendedAttributesListLength"]'),
+ ('GetExtendedAttributesList',':'),
+ )
+
+# TRANS2_SET_PATH_INFORMATION
+class SMBSetPathInformation_Parameters(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('InformationLevel','<H'),
+ ('Reserved','<L'),
+ )
+ AsciiStructure = (
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileName','u'),
+ )
+
+class SMBSetPathInformationResponse_Parameters(Structure):
+ structure = (
+ ('EaErrorOffset','<H=0'),
+ )
+
+# TRANS2_SET_FILE_INFORMATION
+class SMBSetFileInformation_Parameters(Structure):
+ structure = (
+ ('FID','<H'),
+ ('InformationLevel','<H'),
+ ('Reserved','<H'),
+ )
+
+class SMBSetFileInformationResponse_Parameters(Structure):
+ structure = (
+ ('EaErrorOffset','<H=0'),
+ )
+
+# TRANS2_QUERY_FILE_INFORMATION
+class SMBQueryFileInformation_Parameters(Structure):
+ structure = (
+ ('FID','<H'),
+ ('InformationLevel','<H'),
+ )
+
+class SMBQueryFileInformationResponse_Parameters(Structure):
+ structure = (
+ ('EaErrorOffset','<H=0'),
+ )
+
+class SMBQueryFileInformation_Data(Structure):
+ structure = (
+ ('GetExtendedAttributeList',':'),
+ )
+
+# TRANS2_QUERY_PATH_INFORMATION
+class SMBQueryPathInformationResponse_Parameters(Structure):
+ structure = (
+ ('EaErrorOffset','<H=0'),
+ )
+
+class SMBQueryPathInformation_Parameters(AsciiOrUnicodeStructure):
+ commonHdr = (
+ ('InformationLevel','<H'),
+ ('Reserved','<L=0'),
+ )
+ AsciiStructure = (
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileName','u'),
+ )
+
+class SMBQueryPathInformation_Data(Structure):
+ structure = (
+ ('GetExtendedAttributeList',':'),
+ )
+
+
+# SMB_QUERY_FILE_EA_INFO
+class SMBQueryFileEaInfo(Structure):
+ structure = (
+ ('EaSize','<L=0'),
+ )
+
+# SMB_QUERY_FILE_BASIC_INFO
+class SMBQueryFileBasicInfo(Structure):
+ structure = (
+ ('CreationTime','<q'),
+ ('LastAccessTime','<q'),
+ ('LastWriteTime','<q'),
+ ('LastChangeTime','<q'),
+ ('ExtFileAttributes','<L'),
+ #('Reserved','<L=0'),
+ )
+
+# SMB_QUERY_FILE_STANDARD_INFO
+class SMBQueryFileStandardInfo(Structure):
+ structure = (
+ ('AllocationSize','<q'),
+ ('EndOfFile','<q'),
+ ('NumberOfLinks','<L=0'),
+ ('DeletePending','<B=0'),
+ ('Directory','<B'),
+ )
+
+# SMB_QUERY_FILE_ALL_INFO
+class SMBQueryFileAllInfo(Structure):
+ structure = (
+ ('CreationTime','<q'),
+ ('LastAccessTime','<q'),
+ ('LastWriteTime','<q'),
+ ('LastChangeTime','<q'),
+ ('ExtFileAttributes','<L'),
+ ('Reserved','<L=0'),
+ ('AllocationSize','<q'),
+ ('EndOfFile','<q'),
+ ('NumberOfLinks','<L=0'),
+ ('DeletePending','<B=0'),
+ ('Directory','<B'),
+ ('Reserved','<H=0'),
+ ('EaSize','<L=0'),
+ ('FileNameLength','<L-FileName','len(FileName)'),
+ ('FileName',':'),
+ )
+
+# \PIPE\LANMAN NetShareEnum
+class SMBNetShareEnum(Structure):
+ structure = (
+ ('RAPOpcode','<H=0'),
+ ('ParamDesc','z'),
+ ('DataDesc','z'),
+ ('InfoLevel','<H'),
+ ('ReceiveBufferSize','<H'),
+ )
+
+class SMBNetShareEnumResponse(Structure):
+ structure = (
+ ('Status','<H=0'),
+ ('Convert','<H=0'),
+ ('EntriesReturned','<H'),
+ ('EntriesAvailable','<H'),
+ )
+
+class NetShareInfo1(Structure):
+ structure = (
+ ('NetworkName','13s'),
+ ('Pad','<B=0'),
+ ('Type','<H=0'),
+ ('RemarkOffsetLow','<H=0'),
+ ('RemarkOffsetHigh','<H=0'),
+ )
+
+# \PIPE\LANMAN NetServerGetInfo
+class SMBNetServerGetInfoResponse(Structure):
+ structure = (
+ ('Status','<H=0'),
+ ('Convert','<H=0'),
+ ('TotalBytesAvailable','<H'),
+ )
+
+class SMBNetServerInfo1(Structure):
+ # Level 1 Response
+ structure = (
+ ('ServerName','16s'),
+ ('MajorVersion','B=5'),
+ ('MinorVersion','B=0'),
+ ('ServerType','<L=3'),
+ ('ServerCommentLow','<H=0'),
+ ('ServerCommentHigh','<H=0'),
+ )
+
+# \PIPE\LANMAN NetShareGetInfo
+class SMBNetShareGetInfo(Structure):
+ structure = (
+ ('RAPOpcode','<H=0'),
+ ('ParamDesc','z'),
+ ('DataDesc','z'),
+ ('ShareName','z'),
+ ('InfoLevel','<H'),
+ ('ReceiveBufferSize','<H'),
+ )
+
+class SMBNetShareGetInfoResponse(Structure):
+ structure = (
+ ('Status','<H=0'),
+ ('Convert','<H=0'),
+ ('TotalBytesAvailable','<H'),
+ )
+
+############# Security Features
+class SecurityFeatures(Structure):
+ structure = (
+ ('Key','<L=0'),
+ ('CID','<H=0'),
+ ('SequenceNumber','<H=0'),
+ )
+
+############# SMB_COM_QUERY_INFORMATION2 (0x23)
+class SMBQueryInformation2_Parameters(Structure):
+ structure = (
+ ('Fid','<H'),
+ )
+
+class SMBQueryInformation2Response_Parameters(Structure):
+ structure = (
+ ('CreateDate','<H'),
+ ('CreationTime','<H'),
+ ('LastAccessDate','<H'),
+ ('LastAccessTime','<H'),
+ ('LastWriteDate','<H'),
+ ('LastWriteTime','<H'),
+ ('FileDataSize','<L'),
+ ('FileAllocationSize','<L'),
+ ('FileAttributes','<L'),
+ )
+
+
+
+############# SMB_COM_SESSION_SETUP_ANDX (0x73)
+class SMBSessionSetupAndX_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('MaxBuffer','<H'),
+ ('MaxMpxCount','<H'),
+ ('VCNumber','<H'),
+ ('SessionKey','<L'),
+ ('AnsiPwdLength','<H'),
+ ('UnicodePwdLength','<H'),
+ ('_reserved','<L=0'),
+ ('Capabilities','<L'),
+ )
+
+class SMBSessionSetupAndX_Extended_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('MaxBufferSize','<H'),
+ ('MaxMpxCount','<H'),
+ ('VcNumber','<H'),
+ ('SessionKey','<L'),
+ ('SecurityBlobLength','<H'),
+ ('Reserved','<L=0'),
+ ('Capabilities','<L'),
+ )
+
+class SMBSessionSetupAndX_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('AnsiPwdLength','_-AnsiPwd','self["AnsiPwdLength"]'),
+ ('UnicodePwdLength','_-UnicodePwd','self["UnicodePwdLength"]'),
+ ('AnsiPwd',':=""'),
+ ('UnicodePwd',':=""'),
+ ('Account','z=""'),
+ ('PrimaryDomain','z=""'),
+ ('NativeOS','z=""'),
+ ('NativeLanMan','z=""'),
+ )
+
+ UnicodeStructure = (
+ ('AnsiPwdLength','_-AnsiPwd','self["AnsiPwdLength"]'),
+ ('UnicodePwdLength','_-UnicodePwd','self["UnicodePwdLength"]'),
+ ('AnsiPwd',':=""'),
+ ('UnicodePwd',':=""'),
+ ('Account','u=""'),
+ ('PrimaryDomain','u=""'),
+ ('NativeOS','u=""'),
+ ('NativeLanMan','u=""'),
+ )
+
+class SMBSessionSetupAndX_Extended_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('SecurityBlobLength','_-SecurityBlob','self["SecurityBlobLength"]'),
+ ('SecurityBlob',':'),
+ ('NativeOS','z=""'),
+ ('NativeLanMan','z=""'),
+ )
+
+ UnicodeStructure = (
+ ('SecurityBlobLength','_-SecurityBlob','self["SecurityBlobLength"]'),
+ ('SecurityBlob',':'),
+ ('NativeOS','u=""'),
+ ('NativeLanMan','u=""'),
+ )
+
+class SMBSessionSetupAndXResponse_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('Action','<H'),
+ )
+
+class
SMBSessionSetupAndX_Extended_Response_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('Action','<H=0'),
+ ('SecurityBlobLength','<H'),
+ )
+
+class SMBSessionSetupAndXResponse_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('NativeOS','z=""'),
+ ('NativeLanMan','z=""'),
+ ('PrimaryDomain','z=""'),
+ )
+
+ UnicodeStructure = (
+ ('NativeOS','u=""'),
+ ('NativeLanMan','u=""'),
+ ('PrimaryDomain','u=""'),
+ )
+
+class SMBSessionSetupAndX_Extended_Response_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('SecurityBlobLength','_-SecurityBlob','self["SecurityBlobLength"]'),
+ ('SecurityBlob',':'),
+ ('NativeOS','z=""'),
+ ('NativeLanMan','z=""'),
+ )
+
+ UnicodeStructure = (
+ ('SecurityBlobLength','_-SecurityBlob','self["SecurityBlobLength"]'),
+ ('SecurityBlob',':'),
+ ('NativeOS','u=""'),
+ ('NativeLanMan','u=""'),
+ )
+
+############# SMB_COM_TREE_CONNECT (0x70)
+class SMBTreeConnect_Parameters(SMBCommand_Parameters):
+ structure = (
+ )
+
+class SMBTreeConnect_Data(SMBCommand_Parameters):
+ structure = (
+ ('PathFormat','"\x04'),
+ ('Path','z'),
+ ('PasswordFormat','"\x04'),
+ ('Password','z'),
+ ('ServiceFormat','"\x04'),
+ ('Service','z'),
+ )
+
+############# SMB_COM_TREE_CONNECT_ANDX (0x75)
+class SMBTreeConnectAndX_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('Flags','<H=0'),
+ ('PasswordLength','<H'),
+ )
+
+class SMBTreeConnectAndXResponse_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('OptionalSupport','<H=0'),
+ )
+
+class SMBTreeConnectAndXExtendedResponse_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('OptionalSupport','<H=1'),
+ ('MaximalShareAccessRights','<L=0x1fffff'),
+ ('GuestMaximalShareAccessRights','<L=0x1fffff'),
+ )
+
+class SMBTreeConnectAndX_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('_PasswordLength','_-Password','self["_PasswordLength"]'),
+ ('Password',':'),
+ ('Path','z'),
+ ('Service','z'),
+ )
+
+ UnicodeStructure = (
+ ('_PasswordLength','_-Password','self["_PasswordLength"] if
self["_PasswordLength"] > 0 else 1'),
+ ('Password',':'),
+ ('Path','u'),
+ ('Service','z'),
+ )
+
+class SMBTreeConnectAndXResponse_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('Service','z'),
+ ('PadLen','_-Pad','self["PadLen"]'),
+ ('Pad',':=""'),
+ ('NativeFileSystem','z'),
+ )
+ UnicodeStructure = (
+ ('Service','z'),
+ ('PadLen','_-Pad','self["PadLen"]'),
+ ('Pad',':=""'),
+ ('NativeFileSystem','u'),
+ )
+
+############# SMB_COM_NT_CREATE_ANDX (0xA2)
+class SMBNtCreateAndX_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('_reserved', 'B=0'),
+ ('FileNameLength','<H'), # NameLength
+ ('CreateFlags','<L'), # Flags
+ ('RootFid','<L=0'), # RootDirectoryFID
+ ('AccessMask','<L'), # DesiredAccess
+ ('AllocationSizeLo','<L=0'), # AllocationSize
+ ('AllocationSizeHi','<L=0'),
+ ('FileAttributes','<L=0'), # ExtFileAttributes
+ ('ShareAccess','<L=3'), #
+ ('Disposition','<L=1'), # CreateDisposition
+ ('CreateOptions','<L'), # CreateOptions
+ ('Impersonation','<L=2'),
+ ('SecurityFlags','B=3'),
+ )
+
+class SMBNtCreateAndXResponse_Parameters(SMBAndXCommand_Parameters):
+ # XXX Is there a memory leak in the response for NTCreate (where the Data
section would be) in Win 2000, Win XP, and Win 2003?
+ structure = (
+ ('OplockLevel', 'B=0'),
+ ('Fid','<H'),
+ ('CreateAction','<L'),
+ ('CreateTime','<q=0'),
+ ('LastAccessTime','<q=0'),
+ ('LastWriteTime','<q=0'),
+ ('LastChangeTime','<q=0'),
+ ('FileAttributes','<L=0x80'),
+ ('AllocationSize','<q=0'),
+ ('EndOfFile','<q=0'),
+ ('FileType','<H=0'),
+ ('IPCState','<H=0'),
+ ('IsDirectory','B'),
+ )
+
+class SMBNtCreateAndXExtendedResponse_Parameters(SMBAndXCommand_Parameters):
+ # [MS-SMB] Extended response description
+ structure = (
+ ('OplockLevel', 'B=0'),
+ ('Fid','<H'),
+ ('CreateAction','<L'),
+ ('CreateTime','<q=0'),
+ ('LastAccessTime','<q=0'),
+ ('LastWriteTime','<q=0'),
+ ('LastChangeTime','<q=0'),
+ ('FileAttributes','<L=0x80'),
+ ('AllocationSize','<q=0'),
+ ('EndOfFile','<q=0'),
+ ('FileType','<H=0'),
+ ('IPCState','<H=0'),
+ ('IsDirectory','B'),
+ ('VolumeGUID','16s'),
+ ('FileIdLow','<L=0'),
+ ('FileIdHigh','<L=0'),
+ ('MaximalAccessRights','<L=0x12019b'),
+ ('GuestMaximalAccessRights','<L=0x120089'),
+ )
+
+class SMBNtCreateAndX_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('Pad','B'),
+ ('FileName','u'),
+ )
+
+############# SMB_COM_OPEN_ANDX (0xD2)
+class SMBOpenAndX_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('Flags','<H=0'),
+ ('DesiredAccess','<H=0'),
+ ('SearchAttributes','<H=0'),
+ ('FileAttributes','<H=0'),
+ ('CreationTime','<L=0'),
+ ('OpenMode','<H=1'), # SMB_O_OPEN = 1
+ ('AllocationSize','<L=0'),
+ ('Reserved','8s=""'),
+ )
+
+class SMBOpenAndX_Data(SMBNtCreateAndX_Data):
+ pass
+
+class SMBOpenAndXResponse_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('Fid','<H=0'),
+ ('FileAttributes','<H=0'),
+ ('LastWriten','<L=0'),
+ ('FileSize','<L=0'),
+ ('GrantedAccess','<H=0'),
+ ('FileType','<H=0'),
+ ('IPCState','<H=0'),
+ ('Action','<H=0'),
+ ('ServerFid','<L=0'),
+ ('_reserved','<H=0'),
+ )
+
+############# SMB_COM_WRITE (0x0B)
+class SMBWrite_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('Fid','<H'),
+ ('Count','<H'),
+ ('Offset','<L'),
+ ('Remaining','<H'),
+ )
+
+class SMBWriteResponse_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('Count','<H'),
+ )
+
+class SMBWrite_Data(Structure):
+ structure = (
+ ('BufferFormat','<B=1'),
+ ('DataLength','<H-Data'),
+ ('Data',':'),
+ )
+
+
+############# SMB_COM_WRITE_ANDX (0x2F)
+class SMBWriteAndX_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('Fid','<H=0'),
+ ('Offset','<L=0'),
+ ('_reserved','<L=0xff'),
+ ('WriteMode','<H=8'),
+ ('Remaining','<H=0'),
+ ('DataLength_Hi','<H=0'),
+ ('DataLength','<H=0'),
+ ('DataOffset','<H=0'),
+ ('HighOffset','<L=0'),
+ )
+
+class SMBWriteAndX_Data_Short(Structure):
+ structure = (
+ ('_PadLen','_-Pad','self["DataOffset"] - 59'),
+ ('Pad',':'),
+ #('Pad','<B=0'),
+ ('DataLength','_-Data','self["DataLength"]'),
+ ('Data',':'),
+ )
+
+class SMBWriteAndX_Data(Structure):
+ structure = (
+ ('_PadLen','_-Pad','self["DataOffset"] - 63'),
+ ('Pad',':'),
+ #('Pad','<B=0'),
+ ('DataLength','_-Data','self["DataLength"]'),
+ ('Data',':'),
+ )
+
+
+class SMBWriteAndX_Parameters_Short(SMBAndXCommand_Parameters):
+ structure = (
+ ('Fid','<H'),
+ ('Offset','<L'),
+ ('_reserved','<L=0xff'),
+ ('WriteMode','<H=8'),
+ ('Remaining','<H'),
+ ('DataLength_Hi','<H=0'),
+ ('DataLength','<H'),
+ ('DataOffset','<H=0'),
+ )
+
+class SMBWriteAndXResponse_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('Count','<H'),
+ ('Available','<H'),
+ ('Reserved','<L=0'),
+ )
+
+############# SMB_COM_WRITE_RAW (0x1D)
+class SMBWriteRaw_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('Fid','<H'),
+ ('Count','<H'),
+ ('_reserved','<H=0'),
+ ('Offset','<L'),
+ ('Timeout','<L=0'),
+ ('WriteMode','<H=0'),
+ ('_reserved2','<L=0'),
+ ('DataLength','<H'),
+ ('DataOffset','<H=0'),
+ )
+
+############# SMB_COM_READ (0x0A)
+class SMBRead_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('Fid','<H'),
+ ('Count','<H'),
+ ('Offset','<L'),
+ ('Remaining','<H=Count'),
+ )
+
+class SMBReadResponse_Parameters(Structure):
+ structure = (
+ ('Count','<H=0'),
+ ('_reserved','8s=""'),
+ )
+
+class SMBReadResponse_Data(Structure):
+ structure = (
+ ('BufferFormat','<B=0x1'),
+ ('DataLength','<H-Data'),
+ ('Data',':'),
+ )
+
+############# SMB_COM_READ_RAW (0x1A)
+class SMBReadRaw_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('Fid','<H'),
+ ('Offset','<L'),
+ ('MaxCount','<H'),
+ ('MinCount','<H=MaxCount'),
+ ('Timeout','<L=0'),
+ ('_reserved','<H=0'),
+ )
+
+############# SMB_COM_NT_TRANSACT (0xA0)
+class SMBNTTransaction_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('MaxSetupCount','<B=0'),
+ ('Reserved1','<H=0'),
+ ('TotalParameterCount','<L'),
+ ('TotalDataCount','<L'),
+ ('MaxParameterCount','<L=1024'),
+ ('MaxDataCount','<L=65504'),
+ ('ParameterCount','<L'),
+ ('ParameterOffset','<L'),
+ ('DataCount','<L'),
+ ('DataOffset','<L'),
+ ('SetupCount','<B=len(Setup)/2'),
+ ('Function','<H=0'),
+ ('SetupLength','_-Setup','SetupCount*2'),
+ ('Setup',':'),
+ )
+
+class SMBNTTransactionResponse_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('Reserved1','3s=""'),
+ ('TotalParameterCount','<L'),
+ ('TotalDataCount','<L'),
+ ('ParameterCount','<L'),
+ ('ParameterOffset','<L'),
+ ('ParameterDisplacement','<L=0'),
+ ('DataCount','<L'),
+ ('DataOffset','<L'),
+ ('DataDisplacement','<L=0'),
+ ('SetupCount','<B=0'),
+ ('SetupLength','_-Setup','SetupCount*2'),
+ ('Setup',':'),
+ )
+
+class SMBNTTransaction_Data(Structure):
+ structure = (
+ ('Pad1Length','_-Pad1','self["Pad1Length"]'),
+ ('Pad1',':'),
+
('NT_Trans_ParametersLength','_-NT_Trans_Parameters','self["NT_Trans_ParametersLength"]'),
+ ('NT_Trans_Parameters',':'),
+ ('Pad2Length','_-Pad2','self["Pad2Length"]'),
+ ('Pad2',':'),
+
('NT_Trans_DataLength','_-NT_Trans_Data','self["NT_Trans_DataLength"]'),
+ ('NT_Trans_Data',':'),
+ )
+
+class SMBNTTransactionResponse_Data(Structure):
+ structure = (
+ ('Pad1Length','_-Pad1','self["Pad1Length"]'),
+ ('Pad1',':'),
+
('Trans_ParametersLength','_-Trans_Parameters','self["Trans_ParametersLength"]'),
+ ('Trans_Parameters',':'),
+ ('Pad2Length','_-Pad2','self["Pad2Length"]'),
+ ('Pad2',':'),
+ ('Trans_DataLength','_-Trans_Data','self["Trans_DataLength"]'),
+ ('Trans_Data',':'),
+ )
+
+
+############# SMB_COM_TRANSACTION2_SECONDARY (0x33)
+class SMBTransaction2Secondary_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('TotalParameterCount','<H'),
+ ('TotalDataCount','<H'),
+ ('ParameterCount','<H'),
+ ('ParameterOffset','<H'),
+ ('DataCount','<H'),
+ ('DataOffset','<H'),
+ ('DataDisplacement','<H=0'),
+ ('FID','<H'),
+ )
+
+class SMBTransaction2Secondary_Data(Structure):
+ structure = (
+ ('Pad1Length','_-Pad1','self["Pad1Length"]'),
+ ('Pad1',':'),
+
('Trans_ParametersLength','_-Trans_Parameters','self["Trans_ParametersLength"]'),
+ ('Trans_Parameters',':'),
+ ('Pad2Length','_-Pad2','self["Pad2Length"]'),
+ ('Pad2',':'),
+ ('Trans_DataLength','_-Trans_Data','self["Trans_DataLength"]'),
+ ('Trans_Data',':'),
+ )
+
+
+############# SMB_COM_TRANSACTION2 (0x32)
+
+class SMBTransaction2_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('TotalParameterCount','<H'),
+ ('TotalDataCount','<H'),
+ ('MaxParameterCount','<H=1024'),
+ ('MaxDataCount','<H=65504'),
+ ('MaxSetupCount','<B=0'),
+ ('Reserved1','<B=0'),
+ ('Flags','<H=0'),
+ ('Timeout','<L=0'),
+ ('Reserved2','<H=0'),
+ ('ParameterCount','<H'),
+ ('ParameterOffset','<H'),
+ ('DataCount','<H'),
+ ('DataOffset','<H'),
+ ('SetupCount','<B=len(Setup)/2'),
+ ('Reserved3','<B=0'),
+ ('SetupLength','_-Setup','SetupCount*2'),
+ ('Setup',':'),
+ )
+
+class SMBTransaction2Response_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('TotalParameterCount','<H'),
+ ('TotalDataCount','<H'),
+ ('Reserved1','<H=0'),
+ ('ParameterCount','<H'),
+ ('ParameterOffset','<H'),
+ ('ParameterDisplacement','<H=0'),
+ ('DataCount','<H'),
+ ('DataOffset','<H'),
+ ('DataDisplacement','<H=0'),
+ ('SetupCount','<B=0'),
+ ('Reserved2','<B=0'),
+ ('SetupLength','_-Setup','SetupCount*2'),
+ ('Setup',':'),
+ )
+
+class SMBTransaction2_Data(Structure):
+ structure = (
+# ('NameLength','_-Name','1'),
+# ('Name',':'),
+ ('Pad1Length','_-Pad1','self["Pad1Length"]'),
+ ('Pad1',':'),
+
('Trans_ParametersLength','_-Trans_Parameters','self["Trans_ParametersLength"]'),
+ ('Trans_Parameters',':'),
+ ('Pad2Length','_-Pad2','self["Pad2Length"]'),
+ ('Pad2',':'),
+ ('Trans_DataLength','_-Trans_Data','self["Trans_DataLength"]'),
+ ('Trans_Data',':'),
+ )
+
+class SMBTransaction2Response_Data(Structure):
+ structure = (
+ ('Pad1Length','_-Pad1','self["Pad1Length"]'),
+ ('Pad1',':'),
+
('Trans_ParametersLength','_-Trans_Parameters','self["Trans_ParametersLength"]'),
+ ('Trans_Parameters',':'),
+ ('Pad2Length','_-Pad2','self["Pad2Length"]'),
+ ('Pad2',':'),
+ ('Trans_DataLength','_-Trans_Data','self["Trans_DataLength"]'),
+ ('Trans_Data',':'),
+ )
+
+############# SMB_COM_QUERY_INFORMATION (0x08)
+
+class SMBQueryInformation_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('BufferFormat','B=4'),
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('BufferFormat','B=4'),
+ ('FileName','u'),
+ )
+
+
+class SMBQueryInformationResponse_Parameters(Structure):
+ structure = (
+ ('FileAttributes','<H'),
+ ('LastWriteTime','<L'),
+ ('FileSize','<L'),
+ ('Reserved','"0123456789'),
+ )
+
+############# SMB_COM_TRANSACTION (0x25)
+class SMBTransaction_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('TotalParameterCount','<H'),
+ ('TotalDataCount','<H'),
+ ('MaxParameterCount','<H=1024'),
+ ('MaxDataCount','<H=65504'),
+ ('MaxSetupCount','<B=0'),
+ ('Reserved1','<B=0'),
+ ('Flags','<H=0'),
+ ('Timeout','<L=0'),
+ ('Reserved2','<H=0'),
+ ('ParameterCount','<H'),
+ ('ParameterOffset','<H'),
+ ('DataCount','<H'),
+ ('DataOffset','<H'),
+ ('SetupCount','<B=len(Setup)/2'),
+ ('Reserved3','<B=0'),
+ ('SetupLength','_-Setup','SetupCount*2'),
+ ('Setup',':'),
+ )
+
+class SMBTransactionResponse_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('TotalParameterCount','<H'),
+ ('TotalDataCount','<H'),
+ ('Reserved1','<H=0'),
+ ('ParameterCount','<H'),
+ ('ParameterOffset','<H'),
+ ('ParameterDisplacement','<H=0'),
+ ('DataCount','<H'),
+ ('DataOffset','<H'),
+ ('DataDisplacement','<H=0'),
+ ('SetupCount','<B'),
+ ('Reserved2','<B=0'),
+ ('SetupLength','_-Setup','SetupCount*2'),
+ ('Setup',':'),
+ )
+
+# TODO: We should merge these both. But this will require fixing
+# the instances where this structure is used on the client side
+class SMBTransaction_SData(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('Name','z'),
+ ('Trans_ParametersLength','_-Trans_Parameters'),
+ ('Trans_Parameters',':'),
+ ('Trans_DataLength','_-Trans_Data'),
+ ('Trans_Data',':'),
+ )
+ UnicodeStructure = (
+ ('Pad','B'),
+ ('Name','u'),
+ ('Trans_ParametersLength','_-Trans_Parameters'),
+ ('Trans_Parameters',':'),
+ ('Trans_DataLength','_-Trans_Data'),
+ ('Trans_Data',':'),
+ )
+
+class SMBTransaction_Data(Structure):
+ structure = (
+ ('NameLength','_-Name'),
+ ('Name',':'),
+ ('Trans_ParametersLength','_-Trans_Parameters'),
+ ('Trans_Parameters',':'),
+ ('Trans_DataLength','_-Trans_Data'),
+ ('Trans_Data',':'),
+ )
+
+class SMBTransactionResponse_Data(Structure):
+ structure = (
+ ('Trans_ParametersLength','_-Trans_Parameters'),
+ ('Trans_Parameters',':'),
+ ('Trans_DataLength','_-Trans_Data'),
+ ('Trans_Data',':'),
+ )
+
+############# SMB_COM_READ_ANDX (0x2E)
+class SMBReadAndX_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('Fid','<H'),
+ ('Offset','<L'),
+ ('MaxCount','<H'),
+ ('MinCount','<H=MaxCount'),
+ ('_reserved','<L=0x0'),
+ ('Remaining','<H=MaxCount'),
+ ('HighOffset','<L=0'),
+ )
+
+class SMBReadAndX_Parameters2(SMBAndXCommand_Parameters):
+ structure = (
+ ('Fid','<H'),
+ ('Offset','<L'),
+ ('MaxCount','<H'),
+ ('MinCount','<H=MaxCount'),
+ ('_reserved','<L=0xffffffff'),
+ ('Remaining','<H=MaxCount'),
+ )
+
+class SMBReadAndXResponse_Parameters(SMBAndXCommand_Parameters):
+ structure = (
+ ('Remaining','<H=0'),
+ ('DataMode','<H=0'),
+ ('_reserved','<H=0'),
+ ('DataCount','<H'),
+ ('DataOffset','<H'),
+ ('DataCount_Hi','<L'),
+ ('_reserved2','6s=""'),
+ )
+
+############# SMB_COM_ECHO (0x2B)
+class SMBEcho_Data(Structure):
+ structure = (
+ ('Data',':'),
+ )
+
+class SMBEcho_Parameters(Structure):
+ structure = (
+ ('EchoCount','<H'),
+ )
+
+class SMBEchoResponse_Data(Structure):
+ structure = (
+ ('Data',':'),
+ )
+
+class SMBEchoResponse_Parameters(Structure):
+ structure = (
+ ('SequenceNumber','<H=1'),
+ )
+
+############# SMB_COM_QUERY_INFORMATION_DISK (0x80)
+class SMBQueryInformationDiskResponse_Parameters(Structure):
+ structure = (
+ ('TotalUnits','<H'),
+ ('BlocksPerUnit','<H'),
+ ('BlockSize','<H'),
+ ('FreeUnits','<H'),
+ ('Reserved','<H=0'),
+ )
+
+
+############# SMB_COM_LOGOFF_ANDX (0x74)
+class SMBLogOffAndX(SMBAndXCommand_Parameters):
+ strucure = ()
+
+############# SMB_COM_CLOSE (0x04)
+class SMBClose_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('FID','<H'),
+ ('Time','<L=0'),
+ )
+
+############# SMB_COM_FLUSH (0x05)
+class SMBFlush_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('FID','<H'),
+ )
+
+############# SMB_COM_CREATE_DIRECTORY (0x00)
+class SMBCreateDirectory_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('BufferFormat','<B=4'),
+ ('DirectoryName','z'),
+ )
+ UnicodeStructure = (
+ ('BufferFormat','<B=4'),
+ ('DirectoryName','u'),
+ )
+
+############# SMB_COM_DELETE (0x06)
+class SMBDelete_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('BufferFormat','<B=4'),
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('BufferFormat','<B=4'),
+ ('FileName','u'),
+ )
+
+class SMBDelete_Parameters(Structure):
+ structure = (
+ ('SearchAttributes','<H'),
+ )
+
+############# SMB_COM_DELETE_DIRECTORY (0x01)
+class SMBDeleteDirectory_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('BufferFormat','<B=4'),
+ ('DirectoryName','z'),
+ )
+ UnicodeStructure = (
+ ('BufferFormat','<B=4'),
+ ('DirectoryName','u'),
+ )
+
+############# SMB_COM_CHECK_DIRECTORY (0x10)
+class SMBCheckDirectory_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('BufferFormat','<B=4'),
+ ('DirectoryName','z'),
+ )
+ UnicodeStructure = (
+ ('BufferFormat','<B=4'),
+ ('DirectoryName','u'),
+ )
+
+############# SMB_COM_RENAME (0x07)
+class SMBRename_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('SearchAttributes','<H'),
+ )
+
+class SMBRename_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('BufferFormat1','<B=4'),
+ ('OldFileName','z'),
+ ('BufferFormat2','<B=4'),
+ ('NewFileName','z'),
+ )
+ UnicodeStructure = (
+ ('BufferFormat1','<B=4'),
+ ('OldFileName','u'),
+ ('BufferFormat2','<B=4'),
+ ('Pad','B=0'),
+ ('NewFileName','u'),
+ )
+
+
+############# SMB_COM_OPEN (0x02)
+class SMBOpen_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('DesiredAccess','<H=0'),
+ ('SearchAttributes','<H=0'),
+ )
+
+class SMBOpen_Data(AsciiOrUnicodeStructure):
+ AsciiStructure = (
+ ('FileNameFormat','"\x04'),
+ ('FileName','z'),
+ )
+ UnicodeStructure = (
+ ('FileNameFormat','"\x04'),
+ ('FileName','z'),
+ )
+
+class SMBOpenResponse_Parameters(SMBCommand_Parameters):
+ structure = (
+ ('Fid','<H=0'),
+ ('FileAttributes','<H=0'),
+ ('LastWriten','<L=0'),
+ ('FileSize','<L=0'),
+ ('GrantedAccess','<H=0'),
+ )
+
+############# EXTENDED SECURITY CLASSES
+class SMBExtended_Security_Parameters(Structure):
+ structure = (
+ ('DialectIndex','<H'),
+ ('SecurityMode','<B'),
+ ('MaxMpxCount','<H'),
+ ('MaxNumberVcs','<H'),
+ ('MaxBufferSize','<L'),
+ ('MaxRawSize','<L'),
+ ('SessionKey','<L'),
+ ('Capabilities','<L'),
+ ('LowDateTime','<L'),
+ ('HighDateTime','<L'),
+ ('ServerTimeZone','<H'),
+ ('ChallengeLength','<B'),
+ )
+
+class SMBExtended_Security_Data(Structure):
+ structure = (
+ ('ServerGUID','16s'),
+ ('SecurityBlob',':'),
+ )
+
+class SMBNTLMDialect_Parameters(Structure):
+ structure = (
+ ('DialectIndex','<H'),
+ ('SecurityMode','<B'),
+ ('MaxMpxCount','<H'),
+ ('MaxNumberVcs','<H'),
+ ('MaxBufferSize','<L'),
+ ('MaxRawSize','<L'),
+ ('SessionKey','<L'),
+ ('Capabilities','<L'),
+ ('LowDateTime','<L'),
+ ('HighDateTime','<L'),
+ ('ServerTimeZone','<H'),
+ ('ChallengeLength','<B'),
+ )
+
+class SMBNTLMDialect_Data(Structure):
+ structure = (
+ ('ChallengeLength','_-Challenge','self["ChallengeLength"]'),
+ ('Challenge',':'),
+ ('Payload',':'),
+# For some reason on an old Linux this field is not present, we have to check
this out. There must be a flag stating this.
+ ('DomainName','_'),
+ ('ServerName','_'),
+ )
+ def __init__(self,data = None, alignment = 0):
+ Structure.__init__(self,data,alignment)
+ #self['ChallengeLength']=8
+
+ def fromString(self,data):
+ Structure.fromString(self,data)
+ self['DomainName'] = ''
+ self['ServerName'] = ''
+
+class SMB:
+ # SMB Command Codes
+ SMB_COM_CREATE_DIRECTORY = 0x00
+ SMB_COM_DELETE_DIRECTORY = 0x01
+ SMB_COM_OPEN = 0x02
+ SMB_COM_CREATE = 0x03
+ SMB_COM_CLOSE = 0x04
+ SMB_COM_FLUSH = 0x05
+ SMB_COM_DELETE = 0x06
+ SMB_COM_RENAME = 0x07
+ SMB_COM_QUERY_INFORMATION = 0x08
+ SMB_COM_SET_INFORMATION = 0x09
+ SMB_COM_READ = 0x0A
+ SMB_COM_WRITE = 0x0B
+ SMB_COM_LOCK_BYTE_RANGE = 0x0C
+ SMB_COM_UNLOCK_BYTE_RANGE = 0x0D
+ SMB_COM_CREATE_TEMPORARY = 0x0E
+ SMB_COM_CREATE_NEW = 0x0F
+ SMB_COM_CHECK_DIRECTORY = 0x10
+ SMB_COM_PROCESS_EXIT = 0x11
+ SMB_COM_SEEK = 0x12
+ SMB_COM_LOCK_AND_READ = 0x13
+ SMB_COM_WRITE_AND_UNLOCK = 0x14
+ SMB_COM_READ_RAW = 0x1A
+ SMB_COM_READ_MPX = 0x1B
+ SMB_COM_READ_MPX_SECONDARY = 0x1C
+ SMB_COM_WRITE_RAW = 0x1D
+ SMB_COM_WRITE_MPX = 0x1E
+ SMB_COM_WRITE_MPX_SECONDARY = 0x1F
+ SMB_COM_WRITE_COMPLETE = 0x20
+ SMB_COM_QUERY_SERVER = 0x21
+ SMB_COM_SET_INFORMATION2 = 0x22
+ SMB_COM_QUERY_INFORMATION2 = 0x23
+ SMB_COM_LOCKING_ANDX = 0x24
+ SMB_COM_TRANSACTION = 0x25
+ SMB_COM_TRANSACTION_SECONDARY = 0x26
+ SMB_COM_IOCTL = 0x27
+ SMB_COM_IOCTL_SECONDARY = 0x28
+ SMB_COM_COPY = 0x29
+ SMB_COM_MOVE = 0x2A
+ SMB_COM_ECHO = 0x2B
+ SMB_COM_WRITE_AND_CLOSE = 0x2C
+ SMB_COM_OPEN_ANDX = 0x2D
+ SMB_COM_READ_ANDX = 0x2E
+ SMB_COM_WRITE_ANDX = 0x2F
+ SMB_COM_NEW_FILE_SIZE = 0x30
+ SMB_COM_CLOSE_AND_TREE_DISC = 0x31
+ SMB_COM_TRANSACTION2 = 0x32
+ SMB_COM_TRANSACTION2_SECONDARY = 0x33
+ SMB_COM_FIND_CLOSE2 = 0x34
+ SMB_COM_FIND_NOTIFY_CLOSE = 0x35
+ # Used by Xenix/Unix 0x60 - 0x6E
+ SMB_COM_TREE_CONNECT = 0x70
+ SMB_COM_TREE_DISCONNECT = 0x71
+ SMB_COM_NEGOTIATE = 0x72
+ SMB_COM_SESSION_SETUP_ANDX = 0x73
+ SMB_COM_LOGOFF_ANDX = 0x74
+ SMB_COM_TREE_CONNECT_ANDX = 0x75
+ SMB_COM_QUERY_INFORMATION_DISK = 0x80
+ SMB_COM_SEARCH = 0x81
+ SMB_COM_FIND = 0x82
+ SMB_COM_FIND_UNIQUE = 0x83
+ SMB_COM_FIND_CLOSE = 0x84
+ SMB_COM_NT_TRANSACT = 0xA0
+ SMB_COM_NT_TRANSACT_SECONDARY = 0xA1
+ SMB_COM_NT_CREATE_ANDX = 0xA2
+ SMB_COM_NT_CANCEL = 0xA4
+ SMB_COM_NT_RENAME = 0xA5
+ SMB_COM_OPEN_PRINT_FILE = 0xC0
+ SMB_COM_WRITE_PRINT_FILE = 0xC1
+ SMB_COM_CLOSE_PRINT_FILE = 0xC2
+ SMB_COM_GET_PRINT_QUEUE = 0xC3
+ SMB_COM_READ_BULK = 0xD8
+ SMB_COM_WRITE_BULK = 0xD9
+ SMB_COM_WRITE_BULK_DATA = 0xDA
+
+ # TRANSACT codes
+ TRANS_TRANSACT_NMPIPE = 0x26
+
+ # TRANSACT2 codes
+ TRANS2_FIND_FIRST2 = 0x0001
+ TRANS2_FIND_NEXT2 = 0x0002
+ TRANS2_QUERY_FS_INFORMATION = 0x0003
+ TRANS2_QUERY_PATH_INFORMATION = 0x0005
+ TRANS2_QUERY_FILE_INFORMATION = 0x0007
+ TRANS2_SET_FILE_INFORMATION = 0x0008
+ TRANS2_SET_PATH_INFORMATION = 0x0006
+
+ # Security Share Mode (Used internally by SMB class)
+ SECURITY_SHARE_MASK = 0x01
+ SECURITY_SHARE_SHARE = 0x00
+ SECURITY_SHARE_USER = 0x01
+ SECURITY_SIGNATURES_ENABLED = 0X04
+ SECURITY_SIGNATURES_REQUIRED = 0X08
+
+ # Security Auth Mode (Used internally by SMB class)
+ SECURITY_AUTH_MASK = 0x02
+ SECURITY_AUTH_ENCRYPTED = 0x02
+ SECURITY_AUTH_PLAINTEXT = 0x00
+
+ # Raw Mode Mask (Used internally by SMB class. Good for dialect up to and
including LANMAN2.1)
+ RAW_READ_MASK = 0x01
+ RAW_WRITE_MASK = 0x02
+
+ # Capabilities Mask (Used internally by SMB class. Good for dialect NT LM
0.12)
+ CAP_RAW_MODE = 0x00000001
+ CAP_MPX_MODE = 0x0002
+ CAP_UNICODE = 0x0004
+ CAP_LARGE_FILES = 0x0008
+ CAP_EXTENDED_SECURITY = 0x80000000
+ CAP_USE_NT_ERRORS = 0x40
+ CAP_NT_SMBS = 0x10
+ CAP_LARGE_READX = 0x00004000
+ CAP_LARGE_WRITEX = 0x00008000
+ CAP_RPC_REMOTE_APIS = 0x20
+
+ # Flags1 Mask
+ FLAGS1_LOCK_AND_READ_OK = 0x01
+ FLAGS1_PATHCASELESS = 0x08
+ FLAGS1_CANONICALIZED_PATHS = 0x10
+ FLAGS1_REPLY = 0x80
+
+ # Flags2 Mask
+ FLAGS2_LONG_NAMES = 0x0001
+ FLAGS2_EAS = 0x0002
+ FLAGS2_SMB_SECURITY_SIGNATURE = 0x0004
+ FLAGS2_IS_LONG_NAME = 0x0040
+ FLAGS2_DFS = 0x1000
+ FLAGS2_PAGING_IO = 0x2000
+ FLAGS2_NT_STATUS = 0x4000
+ FLAGS2_UNICODE = 0x8000
+ FLAGS2_COMPRESSED = 0x0008
+ FLAGS2_SMB_SECURITY_SIGNATURE_REQUIRED = 0x0010
+ FLAGS2_EXTENDED_SECURITY = 0x0800
+
+ # Dialect's Security Mode flags
+ NEGOTIATE_USER_SECURITY = 0x01
+ NEGOTIATE_ENCRYPT_PASSWORDS = 0x02
+ NEGOTIATE_SECURITY_SIGNATURE_ENABLE = 0x04
+ NEGOTIATE_SECURITY_SIGNATURE_REQUIRED = 0x08
+
+ # Tree Connect AndX Response optionalSuppor flags
+ SMB_SUPPORT_SEARCH_BITS = 0x01
+ SMB_SHARE_IS_IN_DFS = 0x02
+
+ def __init__(self, remote_name, remote_host, my_name = None, host_type =
nmb.TYPE_SERVER, sess_port = 445, timeout=None, UDP = 0, session = None,
negPacket = None):
+ # The uid attribute will be set when the client calls the login()
method
+ self._uid = 0
+ self.__server_name = ''
+ self.__server_os = ''
+ self.__server_os_major = None
+ self.__server_os_minor = None
+ self.__server_os_build = None
+ self.__server_lanman = ''
+ self.__server_domain = ''
+ self.__server_dns_domain_name = ''
+ self.__remote_name = string.upper(remote_name)
+ self.__remote_host = remote_host
+ self.__isNTLMv2 = True
+ self._dialects_parameters = None
+ self._dialects_data = None
+ # Credentials
+ self.__userName = ''
+ self.__password = ''
+ self.__domain = ''
+ self.__lmhash = ''
+ self.__nthash = ''
+ self.__aesKey = ''
+ self.__kdc = ''
+ self.__TGT = None
+ self.__TGS = None
+
+ # Negotiate Protocol Result, used everywhere
+ # Could be extended or not, flags should be checked before
+ self._dialect_data = 0
+ self._dialect_parameters = 0
+ self._action = 0
+ self._sess = None
+ self.encrypt_passwords = True
+ self.tid = 0
+ self.fid = 0
+
+ # Signing stuff
+ self._SignSequenceNumber = 0
+ self._SigningSessionKey = ''
+ self._SigningChallengeResponse = ''
+ self._SignatureEnabled = False
+ self._SignatureVerificationEnabled = False
+ self._SignatureRequired = False
+
+ # Base flags (default flags, can be overriden using set_flags())
+ self.__flags1 = SMB.FLAGS1_PATHCASELESS |
SMB.FLAGS1_CANONICALIZED_PATHS
+ self.__flags2 = SMB.FLAGS2_EXTENDED_SECURITY | SMB.FLAGS2_NT_STATUS |
SMB.FLAGS2_LONG_NAMES
+
+ if timeout is None:
+ self.__timeout = 60
+ else:
+ self.__timeout = timeout
+
+ # If port 445 and the name sent is *SMBSERVER we're setting the name
to the IP.
+ # This is to help some old applications still believing
+ # *SMSBSERVER will work against modern OSes. If port is
NETBIOS_SESSION_PORT the user better
+ # know about *SMBSERVER's limitations
+ if sess_port == 445 and remote_name == '*SMBSERVER':
+ self.__remote_name = remote_host
+
+ if session is None:
+ if not my_name:
+ my_name = socket.gethostname()
+ i = string.find(my_name, '.')
+ if i > -1:
+ my_name = my_name[:i]
+
+ if UDP:
+ self._sess = nmb.NetBIOSUDPSession(my_name, remote_name,
remote_host, host_type, sess_port, self.__timeout)
+ else:
+ self._sess = nmb.NetBIOSTCPSession(my_name, remote_name,
remote_host, host_type, sess_port, self.__timeout)
+
+ # Initialize session values (_dialect_data and
_dialect_parameters)
+ self.neg_session()
+
+ # Call login() without any authentication information to
+ # setup a session if the remote server
+ # is in share mode.
+ if (self._dialects_parameters['SecurityMode'] &
SMB.SECURITY_SHARE_MASK) == SMB.SECURITY_SHARE_SHARE:
+ self.login('', '')
+ else:
+ self._sess = session
+ self.neg_session(negPacket = negPacket)
+ # Call login() without any authentication information to
+ # setup a session if the remote server
+ # is in share mode.
+ if (self._dialects_parameters['SecurityMode'] &
SMB.SECURITY_SHARE_MASK) == SMB.SECURITY_SHARE_SHARE:
+ self.login('', '')
+
+ @staticmethod
+ def ntlm_supported():
+ return False
+
+ def get_remote_name(self):
+ return self.__remote_name
+
+ def get_remote_host(self):
+ return self.__remote_host
+
+ def get_flags(self):
+ return self.__flags1, self.__flags2
+
+ def set_flags(self, flags1=None, flags2=None):
+ if flags1 is not None:
+ self.__flags1 = flags1
+ if flags2 is not None:
+ self.__flags2 = flags2
+
+ def set_timeout(self, timeout):
+ prev_timeout = self.__timeout
+ self.__timeout = timeout
+ return prev_timeout
+
+ def get_timeout(self):
+ return self.__timeout
+
+ @contextmanager
+ def use_timeout(self, timeout):
+ prev_timeout = self.set_timeout(timeout)
+ try:
+ yield
+ finally:
+ self.set_timeout(prev_timeout)
+
+ def get_session(self):
+ return self._sess
+
+ def get_tid(self):
+ return self.tid
+
+ def get_fid(self):
+ return self.fid
+
+ def isGuestSession(self):
+ return self._action & SMB_SETUP_GUEST
+
+ def doesSupportNTLMv2(self):
+ return self.__isNTLMv2
+
+ def __del__(self):
+ if self._sess:
+ self._sess.close()
+
+ def recvSMB(self):
+ r = self._sess.recv_packet(self.__timeout)
+ return NewSMBPacket(data = r.get_trailer())
+
+ @staticmethod
+ def __decode_trans(params, data):
+ totparamcnt, totdatacnt, _, paramcnt, paramoffset, paramds, datacnt,
dataoffset, datads, setupcnt = unpack('<HHHHHHHHHB', params[:19])
+ if paramcnt + paramds < totparamcnt or datacnt + datads < totdatacnt:
+ has_more = 1
+ else:
+ has_more = 0
+ paramoffset = paramoffset - 55 - setupcnt * 2
+ dataoffset = dataoffset - 55 - setupcnt * 2
+ return has_more, params[20:20 + setupcnt * 2],
data[paramoffset:paramoffset + paramcnt], data[dataoffset:dataoffset + datacnt]
+
+ # TODO: Move this to NewSMBPacket, it belongs there
+ def signSMB(self, packet, signingSessionKey, signingChallengeResponse):
+ # This logic MUST be applied for messages sent in response to any of
the higher-layer actions and in
+ # compliance with the message sequencing rules.
+ # * The client or server that sends the message MUST provide the
32-bit sequence number for this
+ # message, as specified in sections 3.2.4.1 and 3.3.4.1.
+ # * The SMB_FLAGS2_SMB_SECURITY_SIGNATURE flag in the header MUST be
set.
+ # * To generate the signature, a 32-bit sequence number is copied
into the
+ # least significant 32 bits of the SecuritySignature field and the
remaining
+ # 4 bytes are set to 0x00.
+ # * The MD5 algorithm, as specified in [RFC1321], MUST be used to
generate a hash of the SMB
+ # message from the start of the SMB Header, which is defined as
follows.
+ # CALL MD5Init( md5context )
+ # CALL MD5Update( md5context, Connection.SigningSessionKey )
+ # CALL MD5Update( md5context, Connection.SigningChallengeResponse )
+ # CALL MD5Update( md5context, SMB message )
+ # CALL MD5Final( digest, md5context )
+ # SET signature TO the first 8 bytes of the digest
+ # The resulting 8-byte signature MUST be copied into the
SecuritySignature field of the SMB Header,
+ # after which the message can be transmitted.
+
+ #print "seq(%d) signingSessionKey %r, signingChallengeResponse %r" %
(self._SignSequenceNumber, signingSessionKey, signingChallengeResponse)
+ packet['SecurityFeatures'] = pack('<q',self._SignSequenceNumber)
+ # Sign with the sequence
+ m = hashlib.md5()
+ m.update( signingSessionKey )
+ m.update( signingChallengeResponse )
+ m.update( str(packet) )
+ # Replace sequence with acual hash
+ packet['SecurityFeatures'] = m.digest()[:8]
+ if self._SignatureVerificationEnabled:
+ self._SignSequenceNumber +=1
+ else:
+ self._SignSequenceNumber +=2
+
+ def checkSignSMB(self, packet, signingSessionKey,
signingChallengeResponse):
+ # Let's check
+ signature = packet['SecurityFeatures']
+ #print "Signature received: %r " % signature
+ self.signSMB(packet, signingSessionKey, signingChallengeResponse)
+ #print "Signature calculated: %r" % packet['SecurityFeatures']
+ if self._SignatureVerificationEnabled is not True:
+ self._SignSequenceNumber -= 1
+ return packet['SecurityFeatures'] == signature
+
+ def sendSMB(self,smb):
+ smb['Uid'] = self._uid
+ #At least on AIX, PIDs can exceed 16 bits, so we mask them out
+ smb['Pid'] = (os.getpid() & 0xFFFF)
+ # set flags
+ smb['Flags1'] |= self.__flags1
+ smb['Flags2'] |= self.__flags2
+ if self._SignatureEnabled:
+ smb['Flags2'] |= SMB.FLAGS2_SMB_SECURITY_SIGNATURE
+ self.signSMB(smb, self._SigningSessionKey,
self._SigningChallengeResponse)
+
+ self._sess.send_packet(str(smb))
+
+ @staticmethod
+ def isValidAnswer(s, cmd):
+ while 1:
+ if s.rawData():
+ if s.get_command() == cmd:
+ if s.get_error_class() == 0x00 and s.get_error_code() ==
0x00:
+ return 1
+ else:
+ raise SessionError, ( "SMB Library Error",
s.get_error_class()+ (s.get_reserved() << 8), s.get_error_code() ,
s.get_flags2() & SMB.FLAGS2_NT_STATUS )
+ else:
+ break
+ return 0
+
+ def neg_session(self, extended_security = True, negPacket = None):
+ def parsePacket(smb):
+ if smb.isValidAnswer(SMB.SMB_COM_NEGOTIATE):
+ sessionResponse = SMBCommand(smb['Data'][0])
+ self._dialects_parameters =
SMBNTLMDialect_Parameters(sessionResponse['Parameters'])
+ self._dialects_data = SMBNTLMDialect_Data()
+ self._dialects_data['ChallengeLength'] =
self._dialects_parameters['ChallengeLength']
+ self._dialects_data.fromString(sessionResponse['Data'])
+ if self._dialects_parameters['Capabilities'] &
SMB.CAP_EXTENDED_SECURITY:
+ # Whether we choose it or it is enforced by the server, we
go for extended security
+ self._dialects_parameters =
SMBExtended_Security_Parameters(sessionResponse['Parameters'])
+ self._dialects_data =
SMBExtended_Security_Data(sessionResponse['Data'])
+ # Let's setup some variable for later use
+ if self._dialects_parameters['SecurityMode'] &
SMB.SECURITY_SIGNATURES_REQUIRED:
+ self._SignatureRequired = True
+
+ # Interestingly, the security Blob might be missing
sometimes.
+ #spnego =
SPNEGO_NegTokenInit(self._dialects_data['SecurityBlob'])
+ #for i in spnego['MechTypes']:
+ # print "Mech Found: %s" % MechTypes[i]
+ return 1
+
+ # If not, let's try the old way
+ else:
+ if self._dialects_data['ServerName'] is not None:
+ self.__server_name = self._dialects_data['ServerName']
+
+ if self._dialects_parameters['DialectIndex'] == 0xffff:
+ raise UnsupportedFeature,"Remote server does not know
NT LM 0.12"
+ return 1
+ else:
+ return 0
+
+ if negPacket is None:
+ smb = NewSMBPacket()
+ negSession = SMBCommand(SMB.SMB_COM_NEGOTIATE)
+ flags2 = self.get_flags()[1]
+ if extended_security is True:
+ self.set_flags(flags2=flags2|SMB.FLAGS2_EXTENDED_SECURITY)
+ else:
+ self.set_flags(flags2=flags2 & (~SMB.FLAGS2_EXTENDED_SECURITY))
+
+ negSession['Data'] = '\x02NT LM 0.12\x00'
+ smb.addCommand(negSession)
+ self.sendSMB(smb)
+
+ while 1:
+ smb = self.recvSMB()
+ return parsePacket(smb)
+ else:
+
+ return parsePacket( NewSMBPacket( data = negPacket))
+
+ def tree_connect(self, path, password = '', service = SERVICE_ANY):
+ LOG.warning("[MS-CIFS] This is an original Core Protocol command.This
command has been deprecated.Client Implementations SHOULD use
SMB_COM_TREE_CONNECT_ANDX")
+
+ # return 0x800
+ if password:
+ # Password is only encrypted if the server passed us an
"encryption" during protocol dialect
+ if self._dialects_parameters['ChallengeLength'] > 0:
+ # this code is untested
+ password =
self.get_ntlmv1_response(ntlm.compute_lmhash(password))
+
+ if not unicode_support:
+ if unicode_convert:
+ path = str(path)
+ else:
+ raise Exception('SMB: Can\t conver path from unicode!')
+
+ smb = NewSMBPacket()
+ treeConnect = SMBCommand(SMB.SMB_COM_TREE_CONNECT)
+ treeConnect['Parameters'] = SMBTreeConnect_Parameters()
+ treeConnect['Data'] = SMBTreeConnect_Data()
+ treeConnect['Data']['Path'] = path.upper()
+ treeConnect['Data']['Password'] = password
+ treeConnect['Data']['Service'] = service
+ smb.addCommand(treeConnect)
+ self.sendSMB(smb)
+
+ while 1:
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_TREE_CONNECT):
+ # XXX Here we are ignoring the rest of the response
+ return smb['Tid']
+ return smb['Tid']
+
+ def get_uid(self):
+ return self._uid
+
+ def set_uid(self, uid):
+ self._uid = uid
+
+ def tree_connect_andx(self, path, password = None, service = SERVICE_ANY,
smb_packet=None):
+ if password:
+ # Password is only encrypted if the server passed us an
"encryption" during protocol dialect
+ if self._dialects_parameters['ChallengeLength'] > 0:
+ # this code is untested
+ password =
self.get_ntlmv1_response(ntlm.compute_lmhash(password))
+ else:
+ password = '\x00'
+
+ if not unicode_support:
+ if unicode_convert:
+ path = str(path)
+ else:
+ raise Exception('SMB: Can\t convert path from unicode!')
+
+ if smb_packet is None:
+ smb = NewSMBPacket()
+ else:
+ smb = smb_packet
+
+ # Just in case this came with the full path ,let's just leave
+ # the sharename, we'll take care of the rest
+
+ share = path.split('\\')[-1]
+ try:
+ _, _, _, _, sockaddr = socket.getaddrinfo(self.get_remote_host(),
80, 0, 0, socket.IPPROTO_TCP)[0]
+ remote_host = sockaddr[0]
+ except Exception:
+ remote_host = self.get_remote_host()
+
+ path = '\\\\' + remote_host + '\\' +share
+ path = path.upper().encode('utf-16le') if self.__flags2 &
SMB.FLAGS2_UNICODE else path
+
+ treeConnect = SMBCommand(SMB.SMB_COM_TREE_CONNECT_ANDX)
+ treeConnect['Parameters'] = SMBTreeConnectAndX_Parameters()
+ treeConnect['Data'] =
SMBTreeConnectAndX_Data(flags=self.__flags2)
+ treeConnect['Parameters']['PasswordLength'] = len(password)
+ treeConnect['Data']['Password'] = password
+ treeConnect['Data']['Path'] = path
+ treeConnect['Data']['Service'] = service
+
+ if self.__flags2 & SMB.FLAGS2_UNICODE:
+ treeConnect['Data']['Pad'] = 0x0
+
+ smb.addCommand(treeConnect)
+
+ # filename = "\PIPE\epmapper"
+
+ # ntCreate = SMBCommand(SMB.SMB_COM_NT_CREATE_ANDX)
+ # ntCreate['Parameters'] = SMBNtCreateAndX_Parameters()
+ # ntCreate['Data'] = SMBNtCreateAndX_Data()
+ # ntCreate['Parameters']['FileNameLength'] = len(filename)
+ # ntCreate['Parameters']['CreateFlags'] = 0
+ # ntCreate['Parameters']['AccessMask'] = 0x3
+ # ntCreate['Parameters']['CreateOptions'] = 0x0
+ # ntCreate['Data']['FileName'] = filename
+
+ # smb.addCommand(ntCreate)
+ self.sendSMB(smb)
+
+ while 1:
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_TREE_CONNECT_ANDX):
+ # XXX Here we are ignoring the rest of the response
+ self.tid = smb['Tid']
+ return self.tid
+ self.tid = smb['Tid']
+ return self.tid
+
+ # backwars compatibility
+ connect_tree = tree_connect_andx
+
+ @staticmethod
+ def getDialect():
+ return SMB_DIALECT
+
+ def get_server_name(self):
+ #return self._dialects_data['ServerName']
+ return self.__server_name
+
+ def get_session_key(self):
+ return self._SigningSessionKey
+
+ def set_session_key(self, key):
+ self._SigningSessionKey = key
+
+ def get_encryption_key(self):
+ if self._dialects_data.fields.has_key('Challenge'):
+ return self._dialects_data['Challenge']
+ else:
+ return None
+
+ def get_server_time(self):
+ timestamp = self._dialects_parameters['HighDateTime']
+ timestamp <<= 32
+ timestamp |= self._dialects_parameters['LowDateTime']
+ timestamp -= 116444736000000000
+ timestamp /= 10000000
+ d = datetime.datetime.utcfromtimestamp(timestamp)
+ return d.strftime("%a, %d %b %Y %H:%M:%S GMT")
+
+ def disconnect_tree(self, tid):
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ smb.addCommand(SMBCommand(SMB.SMB_COM_TREE_DISCONNECT))
+
+ self.sendSMB(smb)
+ self.recvSMB()
+
+ def open(self, tid, filename, open_mode, desired_access):
+ filename = string.replace(filename,'/', '\\')
+ filename = filename.encode('utf-16le') if self.__flags2 &
SMB.FLAGS2_UNICODE else filename
+
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ openFile = SMBCommand(SMB.SMB_COM_OPEN)
+ openFile['Parameters'] = SMBOpen_Parameters()
+ openFile['Parameters']['DesiredAccess'] = desired_access
+ openFile['Parameters']['OpenMode'] = open_mode
+ openFile['Parameters']['SearchAttributes'] = ATTR_READONLY |
ATTR_HIDDEN | ATTR_ARCHIVE
+ openFile['Data'] = SMBOpen_Data(flags=self.__flags2)
+ openFile['Data']['FileName'] = filename
+
+ if self.__flags2 & SMB.FLAGS2_UNICODE:
+ openFile['Data']['Pad'] = 0x0
+
+ smb.addCommand(openFile)
+
+ self.sendSMB(smb)
+
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_OPEN):
+ # XXX Here we are ignoring the rest of the response
+ openFileResponse = SMBCommand(smb['Data'][0])
+ openFileParameters =
SMBOpenResponse_Parameters(openFileResponse['Parameters'])
+
+ return (
+ openFileParameters['Fid'],
+ openFileParameters['FileAttributes'],
+ openFileParameters['LastWriten'],
+ openFileParameters['FileSize'],
+ openFileParameters['GrantedAccess'],
+ )
+
+ def open_andx(self, tid, filename, open_mode, desired_access):
+ filename = string.replace(filename,'/', '\\')
+ filename = filename.encode('utf-16le') if self.__flags2 &
SMB.FLAGS2_UNICODE else filename
+
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ openFile = SMBCommand(SMB.SMB_COM_OPEN_ANDX)
+ openFile['Parameters'] = SMBOpenAndX_Parameters()
+ openFile['Parameters']['DesiredAccess'] = desired_access
+ openFile['Parameters']['OpenMode'] = open_mode
+ openFile['Parameters']['SearchAttributes'] = ATTR_READONLY |
ATTR_HIDDEN | ATTR_ARCHIVE
+ openFile['Data'] = SMBOpenAndX_Data(flags=self.__flags2)
+ openFile['Data']['FileName'] = filename
+
+ if self.__flags2 & SMB.FLAGS2_UNICODE:
+ openFile['Data']['Pad'] = 0x0
+
+ smb.addCommand(openFile)
+
+ self.sendSMB(smb)
+
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_OPEN_ANDX):
+ # XXX Here we are ignoring the rest of the response
+ openFileResponse = SMBCommand(smb['Data'][0])
+ openFileParameters =
SMBOpenAndXResponse_Parameters(openFileResponse['Parameters'])
+
+ return (
+ openFileParameters['Fid'],
+ openFileParameters['FileAttributes'],
+ openFileParameters['LastWriten'],
+ openFileParameters['FileSize'],
+ openFileParameters['GrantedAccess'],
+ openFileParameters['FileType'],
+ openFileParameters['IPCState'],
+ openFileParameters['Action'],
+ openFileParameters['ServerFid'],
+ )
+
+ def close(self, tid, fid):
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ closeFile = SMBCommand(SMB.SMB_COM_CLOSE)
+ closeFile['Parameters'] = SMBClose_Parameters()
+ closeFile['Parameters']['FID'] = fid
+ smb.addCommand(closeFile)
+
+ self.sendSMB(smb)
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_CLOSE):
+ return 1
+ return 0
+
+ def send_trans(self, tid, setup, name, param, data, noAnswer = 0):
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ transCommand = SMBCommand(SMB.SMB_COM_TRANSACTION)
+ transCommand['Parameters'] = SMBTransaction_Parameters()
+ transCommand['Data'] = SMBTransaction_Data()
+
+ transCommand['Parameters']['Setup'] = setup
+ transCommand['Parameters']['TotalParameterCount'] = len(param)
+ transCommand['Parameters']['TotalDataCount'] = len(data)
+
+ transCommand['Parameters']['ParameterCount'] = len(param)
+ transCommand['Parameters']['ParameterOffset'] =
32+3+28+len(setup)+len(name)
+
+ transCommand['Parameters']['DataCount'] = len(data)
+ transCommand['Parameters']['DataOffset'] =
transCommand['Parameters']['ParameterOffset'] + len(param)
+
+ transCommand['Data']['Name'] = name
+ transCommand['Data']['Trans_Parameters'] = param
+ transCommand['Data']['Trans_Data'] = data
+
+ if noAnswer:
+ transCommand['Parameters']['Flags'] = TRANS_NO_RESPONSE
+
+ smb.addCommand(transCommand)
+
+ self.sendSMB(smb)
+
+ def send_trans2(self, tid, setup, name, param, data):
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ command = pack('<H', setup)
+
+ transCommand = SMBCommand(SMB.SMB_COM_TRANSACTION2)
+ transCommand['Parameters'] = SMBTransaction2_Parameters()
+ transCommand['Parameters']['MaxDataCount'] =
self._dialects_parameters['MaxBufferSize']
+ transCommand['Data'] = SMBTransaction2_Data()
+
+ transCommand['Parameters']['Setup'] = command
+ transCommand['Parameters']['TotalParameterCount'] = len(param)
+ transCommand['Parameters']['TotalDataCount'] = len(data)
+
+ if len(param) > 0:
+ padLen = (4 - (32+2+28 + len(command)) % 4 ) % 4
+ padBytes = '\xFF' * padLen
+ transCommand['Data']['Pad1'] = padBytes
+ else:
+ transCommand['Data']['Pad1'] = ''
+ padLen = 0
+
+ transCommand['Parameters']['ParameterCount'] = len(param)
+ transCommand['Parameters']['ParameterOffset'] =
32+2+28+len(command)+len(name) + padLen
+
+ if len(data) > 0:
+ pad2Len = (4 - (32+2+28 + len(command) + padLen + len(param)) % 4)
% 4
+ transCommand['Data']['Pad2'] = '\xFF' * pad2Len
+ else:
+ transCommand['Data']['Pad2'] = ''
+ pad2Len = 0
+
+ transCommand['Parameters']['DataCount'] = len(data)
+ transCommand['Parameters']['DataOffset'] =
transCommand['Parameters']['ParameterOffset'] + len(param) + pad2Len
+
+ transCommand['Data']['Name'] = name
+ transCommand['Data']['Trans_Parameters'] = param
+ transCommand['Data']['Trans_Data'] = data
+ smb.addCommand(transCommand)
+
+ self.sendSMB(smb)
+
+ def query_file_info(self, tid, fid, fileInfoClass =
SMB_QUERY_FILE_STANDARD_INFO):
+ self.send_trans2(tid, SMB.TRANS2_QUERY_FILE_INFORMATION, '\x00',
pack('<HH', fid, fileInfoClass), '')
+
+ resp = self.recvSMB()
+ if resp.isValidAnswer(SMB.SMB_COM_TRANSACTION2):
+ trans2Response = SMBCommand(resp['Data'][0])
+ trans2Parameters =
SMBTransaction2Response_Parameters(trans2Response['Parameters'])
+ # Remove Potential Prefix Padding
+ return trans2Response['Data'][-trans2Parameters['TotalDataCount']:]
+
+ def __nonraw_retr_file(self, tid, fid, offset, datasize, callback):
+ if (self._dialects_parameters['Capabilities'] & SMB.CAP_LARGE_READX)
and self._SignatureEnabled is False:
+ max_buf_size = 65000
+ else:
+ max_buf_size = self._dialects_parameters['MaxBufferSize'] & ~0x3ff
# Read in multiple KB blocks
+
+ read_offset = offset
+ while read_offset < datasize:
+ data = self.read_andx(tid, fid, read_offset, max_buf_size)
+
+ callback(data)
+ read_offset += len(data)
+
+ def __nonraw_stor_file(self, tid, fid, offset, datasize, callback):
+ if (self._dialects_parameters['Capabilities'] & SMB.CAP_LARGE_WRITEX)
and self._SignatureEnabled is False:
+ max_buf_size = 65000
+ else:
+ max_buf_size = self._dialects_parameters['MaxBufferSize'] & ~0x3ff
# Write in multiple KB blocks
+
+ write_offset = offset
+ while 1:
+ data = callback(max_buf_size)
+ if not data:
+ break
+
+ smb = self.write_andx(tid,fid,data, write_offset)
+ writeResponse = SMBCommand(smb['Data'][0])
+ writeResponseParameters =
SMBWriteAndXResponse_Parameters(writeResponse['Parameters'])
+ write_offset += writeResponseParameters['Count']
+
+ def get_server_domain(self):
+ return self.__server_domain
+
+ def get_server_dns_domain_name(self):
+ return self.__server_dns_domain_name
+
+ def get_server_os(self):
+ return self.__server_os
+
+ def get_server_os_major(self):
+ return self.__server_os_major
+
+ def get_server_os_minor(self):
+ return self.__server_os_minor
+
+ def get_server_os_build(self):
+ return self.__server_os_build
+
+ def set_server_os(self, os):
+ self.__server_os = os
+
+ def get_server_lanman(self):
+ return self.__server_lanman
+
+ def is_login_required(self):
+ # Login is required if share mode is user.
+ # Otherwise only public services or services in share mode
+ # are allowed.
+ return (self._dialects_parameters['SecurityMode'] &
SMB.SECURITY_SHARE_MASK) == SMB.SECURITY_SHARE_USER
+
+ def is_signing_required(self):
+ return self._SignatureRequired
+
+ def get_ntlmv1_response(self, key):
+ challenge = self._dialects_data['Challenge']
+ return ntlm.get_ntlmv1_response(key, challenge)
+
+ def kerberos_login(self, user, password, domain = '', lmhash = '', nthash
= '', aesKey = '', kdcHost = '', TGT=None, TGS=None):
+ # Importing down here so pyasn1 is not required if kerberos is not
used.
+ from impacket.krb5.asn1 import AP_REQ, Authenticator, TGS_REP, seq_set
+ from impacket.krb5.kerberosv5 import getKerberosTGT, getKerberosTGS
+ from impacket.krb5 import constants
+ from impacket.krb5.types import Principal, KerberosTime, Ticket
+ from pyasn1.codec.der import decoder, encoder
+ import datetime
+
+ # login feature does not support unicode
+ # disable it if enabled
+ flags2 = self.__flags2
+ if flags2 & SMB.FLAGS2_UNICODE:
+ self.__flags2 = flags2 & (flags2 ^ SMB.FLAGS2_UNICODE)
+
+ # If TGT or TGS are specified, they are in the form of:
+ # TGS['KDC_REP'] = the response from the server
+ # TGS['cipher'] = the cipher used
+ # TGS['sessionKey'] = the sessionKey
+ # If we have hashes, normalize them
+ if lmhash != '' or nthash != '':
+ if len(lmhash) % 2: lmhash = '0%s' % lmhash
+ if len(nthash) % 2: nthash = '0%s' % nthash
+ try: # just in case they were converted already
+ lmhash = a2b_hex(lmhash)
+ nthash = a2b_hex(nthash)
+ except:
+ pass
+
+ self.__userName = user
+ self.__password = password
+ self.__domain = domain
+ self.__lmhash = lmhash
+ self.__nthash = nthash
+ self.__aesKey = aesKey
+ self.__kdc = kdcHost
+ self.__TGT = TGT
+ self.__TGS = TGS
+
+ # First of all, we need to get a TGT for the user
+ userName = Principal(user,
type=constants.PrincipalNameType.NT_PRINCIPAL.value)
+ if TGT is None:
+ if TGS is None:
+ tgt, cipher, oldSessionKey, sessionKey =
getKerberosTGT(userName, password, domain, lmhash, nthash, aesKey, kdcHost)
+ else:
+ tgt = TGT['KDC_REP']
+ cipher = TGT['cipher']
+ sessionKey = TGT['sessionKey']
+
+ # Now that we have the TGT, we should ask for a TGS for cifs
+
+ if TGS is None:
+ serverName = Principal('cifs/%s' % self.__remote_name,
type=constants.PrincipalNameType.NT_SRV_INST.value)
+ tgs, cipher, oldSessionKey, sessionKey =
getKerberosTGS(serverName, domain, kdcHost, tgt, cipher, sessionKey)
+ else:
+ tgs = TGS['KDC_REP']
+ cipher = TGS['cipher']
+ sessionKey = TGS['sessionKey']
+
+ smb = NewSMBPacket()
+
+ # Are we required to sign SMB? If so we do it, if not we skip it
+ if self._SignatureRequired:
+ smb['Flags2'] |= SMB.FLAGS2_SMB_SECURITY_SIGNATURE
+
+
+ sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX)
+ sessionSetup['Parameters'] = SMBSessionSetupAndX_Extended_Parameters()
+ sessionSetup['Data'] = SMBSessionSetupAndX_Extended_Data()
+
+ sessionSetup['Parameters']['MaxBufferSize'] = 61440
+ sessionSetup['Parameters']['MaxMpxCount'] = 2
+ sessionSetup['Parameters']['VcNumber'] = 1
+ sessionSetup['Parameters']['SessionKey'] = 0
+ sessionSetup['Parameters']['Capabilities'] =
SMB.CAP_EXTENDED_SECURITY | SMB.CAP_USE_NT_ERRORS | SMB.CAP_UNICODE |
SMB.CAP_LARGE_READX | SMB.CAP_LARGE_WRITEX
+
+
+ # Let's build a NegTokenInit with the NTLMSSP
+ # TODO: In the future we should be able to choose different providers
+
+ blob = SPNEGO_NegTokenInit()
+
+ # Kerberos v5 mech
+ blob['MechTypes'] = [TypesMech['MS KRB5 - Microsoft Kerberos 5']]
+
+ # Let's extract the ticket from the TGS
+ tgs = decoder.decode(tgs, asn1Spec = TGS_REP())[0]
+ ticket = Ticket()
+ ticket.from_asn1(tgs['ticket'])
+
+ # Now let's build the AP_REQ
+ apReq = AP_REQ()
+ apReq['pvno'] = 5
+ apReq['msg-type'] = int(constants.ApplicationTagNumbers.AP_REQ.value)
+
+ opts = list()
+ apReq['ap-options'] = constants.encodeFlags(opts)
+ seq_set(apReq,'ticket', ticket.to_asn1)
+
+ authenticator = Authenticator()
+ authenticator['authenticator-vno'] = 5
+ authenticator['crealm'] = domain
+ seq_set(authenticator, 'cname', userName.components_to_asn1)
+ now = datetime.datetime.utcnow()
+
+ authenticator['cusec'] = now.microsecond
+ authenticator['ctime'] = KerberosTime.to_asn1(now)
+
+ encodedAuthenticator = encoder.encode(authenticator)
+
+ # Key Usage 11
+ # AP-REQ Authenticator (includes application authenticator
+ # subkey), encrypted with the application session key
+ # (Section 5.5.1)
+ encryptedEncodedAuthenticator = cipher.encrypt(sessionKey, 11,
encodedAuthenticator, None)
+
+ apReq['authenticator'] = None
+ apReq['authenticator']['etype'] = cipher.enctype
+ apReq['authenticator']['cipher'] = encryptedEncodedAuthenticator
+
+ blob['MechToken'] = encoder.encode(apReq)
+
+ sessionSetup['Parameters']['SecurityBlobLength'] = len(blob)
+ sessionSetup['Parameters'].getData()
+ sessionSetup['Data']['SecurityBlob'] = blob.getData()
+
+ # Fake Data here, don't want to get us fingerprinted
+ sessionSetup['Data']['NativeOS'] = 'Unix'
+ sessionSetup['Data']['NativeLanMan'] = 'Samba'
+
+ smb.addCommand(sessionSetup)
+ self.sendSMB(smb)
+
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX):
+ # We will need to use this uid field for all future
requests/responses
+ self._uid = smb['Uid']
+
+ # Now we have to extract the blob to continue the auth process
+ sessionResponse = SMBCommand(smb['Data'][0])
+ sessionParameters =
SMBSessionSetupAndX_Extended_Response_Parameters(sessionResponse['Parameters'])
+ sessionData =
SMBSessionSetupAndX_Extended_Response_Data(flags = smb['Flags2'])
+ sessionData['SecurityBlobLength'] =
sessionParameters['SecurityBlobLength']
+ sessionData.fromString(sessionResponse['Data'])
+
+ self._action = sessionParameters['Action']
+ # If smb sign required, let's enable it for the rest of the
connection
+ if self._dialects_parameters['SecurityMode'] &
SMB.SECURITY_SIGNATURES_REQUIRED:
+ self._SigningSessionKey = sessionKey.contents
+ self._SignSequenceNumber = 2
+ self._SignatureEnabled = True
+
+ # restore unicode flag if needed
+ if flags2 & SMB.FLAGS2_UNICODE:
+ self.__flags2 |= SMB.FLAGS2_UNICODE
+
+ return 1
+ else:
+ raise Exception('Error: Could not login successfully')
+
+ def login_extended(self, user, password, domain = '', lmhash = '', nthash
= '', use_ntlmv2 = True ):
+
+ # login feature does not support unicode
+ # disable it if enabled
+ flags2 = self.__flags2
+ if flags2 & SMB.FLAGS2_UNICODE:
+ self.__flags2 = flags2 & (flags2 ^ SMB.FLAGS2_UNICODE)
+
+ # Once everything's working we should join login methods into a single
one
+ smb = NewSMBPacket()
+ # Are we required to sign SMB? If so we do it, if not we skip it
+ if self._SignatureRequired:
+ smb['Flags2'] |= SMB.FLAGS2_SMB_SECURITY_SIGNATURE
+
+ sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX)
+ sessionSetup['Parameters'] = SMBSessionSetupAndX_Extended_Parameters()
+ sessionSetup['Data'] = SMBSessionSetupAndX_Extended_Data()
+
+ sessionSetup['Parameters']['MaxBufferSize'] = 61440
+ sessionSetup['Parameters']['MaxMpxCount'] = 2
+ sessionSetup['Parameters']['VcNumber'] = 1
+ sessionSetup['Parameters']['SessionKey'] = 0
+ sessionSetup['Parameters']['Capabilities'] =
SMB.CAP_EXTENDED_SECURITY | SMB.CAP_USE_NT_ERRORS | SMB.CAP_UNICODE |
SMB.CAP_LARGE_READX | SMB.CAP_LARGE_WRITEX
+
+
+ # Let's build a NegTokenInit with the NTLMSSP
+ # TODO: In the future we should be able to choose different providers
+
+ blob = SPNEGO_NegTokenInit()
+
+ # NTLMSSP
+ blob['MechTypes'] = [TypesMech['NTLMSSP - Microsoft NTLM Security
Support Provider']]
+ auth = ntlm.getNTLMSSPType1('','',self._SignatureRequired, use_ntlmv2
= use_ntlmv2)
+ blob['MechToken'] = str(auth)
+
+ sessionSetup['Parameters']['SecurityBlobLength'] = len(blob)
+ sessionSetup['Parameters'].getData()
+ sessionSetup['Data']['SecurityBlob'] = blob.getData()
+
+ # Fake Data here, don't want to get us fingerprinted
+ sessionSetup['Data']['NativeOS'] = 'Unix'
+ sessionSetup['Data']['NativeLanMan'] = 'Samba'
+
+ smb.addCommand(sessionSetup)
+ self.sendSMB(smb)
+
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX):
+ # We will need to use this uid field for all future
requests/responses
+ self._uid = smb['Uid']
+
+ # Now we have to extract the blob to continue the auth process
+ sessionResponse = SMBCommand(smb['Data'][0])
+ sessionParameters =
SMBSessionSetupAndX_Extended_Response_Parameters(sessionResponse['Parameters'])
+ sessionData =
SMBSessionSetupAndX_Extended_Response_Data(flags = smb['Flags2'])
+ sessionData['SecurityBlobLength'] =
sessionParameters['SecurityBlobLength']
+ sessionData.fromString(sessionResponse['Data'])
+ respToken = SPNEGO_NegTokenResp(sessionData['SecurityBlob'])
+
+ # Let's parse some data and keep it to ourselves in case it is
asked
+ ntlmChallenge = ntlm.NTLMAuthChallenge(respToken['ResponseToken'])
+ if ntlmChallenge['TargetInfoFields_len'] > 0:
+ av_pairs =
ntlm.AV_PAIRS(ntlmChallenge['TargetInfoFields'][:ntlmChallenge['TargetInfoFields_len']])
+ if av_pairs[ntlm.NTLMSSP_AV_HOSTNAME] is not None:
+ try:
+ self.__server_name =
av_pairs[ntlm.NTLMSSP_AV_HOSTNAME][1].decode('utf-16le')
+ except:
+ # For some reason, we couldn't decode Unicode here..
silently discard the operation
+ pass
+ if av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME] is not None:
+ try:
+ if self.__server_name !=
av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME][1].decode('utf-16le'):
+ self.__server_domain =
av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME][1].decode('utf-16le')
+ except:
+ # For some reason, we couldn't decode Unicode here..
silently discard the operation
+ pass
+ if av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME] is not None:
+ try:
+ self.__server_dns_domain_name =
av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME][1].decode('utf-16le')
+ except:
+ # For some reason, we couldn't decode Unicode here..
silently discard the operation
+ pass
+
+ # Parse Version to know the target Operating system name. Not
provided elsewhere anymore
+ if ntlmChallenge.fields.has_key('Version'):
+ version = ntlmChallenge['Version']
+
+ if len(version) >= 4:
+ self.__server_os_major, self.__server_os_minor,
self.__server_os_build = unpack('<BBH',version[:4])
+
+ type3, exportedSessionKey = ntlm.getNTLMSSPType3(auth,
respToken['ResponseToken'], user, password, domain, lmhash, nthash, use_ntlmv2
= use_ntlmv2)
+
+ if exportedSessionKey is not None:
+ self._SigningSessionKey = exportedSessionKey
+
+ smb = NewSMBPacket()
+
+ # Are we required to sign SMB? If so we do it, if not we skip it
+ if self._SignatureRequired:
+ smb['Flags2'] |= SMB.FLAGS2_SMB_SECURITY_SIGNATURE
+
+ respToken2 = SPNEGO_NegTokenResp()
+ respToken2['ResponseToken'] = str(type3)
+
+ # Reusing the previous structure
+ sessionSetup['Parameters']['SecurityBlobLength'] = len(respToken2)
+ sessionSetup['Data']['SecurityBlob'] = respToken2.getData()
+
+ # Storing some info for later use
+ self.__server_os = sessionData['NativeOS']
+ self.__server_lanman = sessionData['NativeLanMan']
+
+ smb.addCommand(sessionSetup)
+ self.sendSMB(smb)
+
+ smb = self.recvSMB()
+ self._uid = 0
+ if smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX):
+ self._uid = smb['Uid']
+ sessionResponse = SMBCommand(smb['Data'][0])
+ sessionParameters =
SMBSessionSetupAndXResponse_Parameters(sessionResponse['Parameters'])
+
+ self._action = sessionParameters['Action']
+ # If smb sign required, let's enable it for the rest of the
connection
+ if self._dialects_parameters['SecurityMode'] &
SMB.SECURITY_SIGNATURES_REQUIRED:
+ self._SignSequenceNumber = 2
+ self._SignatureEnabled = True
+
+ # restore unicode flag if needed
+ if flags2 & SMB.FLAGS2_UNICODE:
+ self.__flags2 |= SMB.FLAGS2_UNICODE
+
+ return 1
+ else:
+ raise Exception('Error: Could not login successfully')
+
+ def getCredentials(self):
+ return (
+ self.__userName,
+ self.__password,
+ self.__domain,
+ self.__lmhash,
+ self.__nthash,
+ self.__aesKey,
+ self.__TGT,
+ self.__TGS)
+
+ def getIOCapabilities(self):
+ res = dict()
+ if (self._dialects_parameters['Capabilities'] & SMB.CAP_LARGE_READX)
and self._SignatureEnabled is False:
+ max_size = 65000
+ else:
+ max_size = self._dialects_parameters['MaxBufferSize'] # Read in
multiple KB blocks
+ res['MaxReadSize'] = max_size
+ res['MaxWriteSize'] = max_size
+ return res
+
+ def login(self, user, password, domain = '', lmhash = '', nthash = '',
ntlm_fallback = True):
+
+ # If we have hashes, normalize them
+ if lmhash != '' or nthash != '':
+ if len(lmhash) % 2: lmhash = '0%s' % lmhash
+ if len(nthash) % 2: nthash = '0%s' % nthash
+ try: # just in case they were converted already
+ lmhash = a2b_hex(lmhash)
+ nthash = a2b_hex(nthash)
+ except:
+ pass
+
+ self.__userName = user
+ self.__password = password
+ self.__domain = domain
+ self.__lmhash = lmhash
+ self.__nthash = nthash
+ self.__aesKey = ''
+ self.__TGT = None
+ self.__TGS = None
+
+ if self._dialects_parameters['Capabilities'] &
SMB.CAP_EXTENDED_SECURITY:
+ try:
+ self.login_extended(user, password, domain, lmhash, nthash,
use_ntlmv2 = True)
+ except:
+ # If the target OS is Windows 5.0 or Samba, let's try using
NTLMv1
+ if ntlm_fallback and ((self.get_server_lanman().find('Windows
2000') != -1) or (self.get_server_lanman().find('Samba') != -1)):
+ self.login_extended(user, password, domain, lmhash,
nthash, use_ntlmv2 = False)
+ self.__isNTLMv2 = False
+ else:
+ raise
+ elif ntlm_fallback:
+ self.login_standard(user, password, domain, lmhash, nthash)
+ self.__isNTLMv2 = False
+ else:
+ raise SessionError('Cannot authenticate against target, enable
ntlm_fallback')
+
+ def login_standard(self, user, password, domain = '', lmhash = '', nthash
= ''):
+
+ # login feature does not support unicode
+ # disable it if enabled
+ flags2 = self.__flags2
+ if flags2 & SMB.FLAGS2_UNICODE:
+ self.__flags2 = flags2 & (flags2 ^ SMB.FLAGS2_UNICODE)
+
+ # Only supports NTLMv1
+ # Password is only encrypted if the server passed us an "encryption
key" during protocol dialect negotiation
+ if self._dialects_parameters['ChallengeLength'] > 0:
+ if lmhash != '' or nthash != '':
+ pwd_ansi = self.get_ntlmv1_response(lmhash)
+ pwd_unicode = self.get_ntlmv1_response(nthash)
+ elif password:
+ lmhash = ntlm.compute_lmhash(password)
+ nthash = ntlm.compute_nthash(password)
+ pwd_ansi = self.get_ntlmv1_response(lmhash)
+ pwd_unicode = self.get_ntlmv1_response(nthash)
+ else: # NULL SESSION
+ pwd_ansi = ''
+ pwd_unicode = ''
+ else:
+ pwd_ansi = password
+ pwd_unicode = ''
+
+ smb = NewSMBPacket()
+
+ sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX)
+ sessionSetup['Parameters'] = SMBSessionSetupAndX_Parameters()
+ sessionSetup['Data'] = SMBSessionSetupAndX_Data()
+
+ sessionSetup['Parameters']['MaxBuffer'] = 61440
+ sessionSetup['Parameters']['MaxMpxCount'] = 2
+ sessionSetup['Parameters']['VCNumber'] = os.getpid()
+ sessionSetup['Parameters']['SessionKey'] =
self._dialects_parameters['SessionKey']
+ sessionSetup['Parameters']['AnsiPwdLength'] = len(pwd_ansi)
+ sessionSetup['Parameters']['UnicodePwdLength'] = len(pwd_unicode)
+ sessionSetup['Parameters']['Capabilities'] = SMB.CAP_RAW_MODE |
SMB.CAP_USE_NT_ERRORS | SMB.CAP_LARGE_READX | SMB.CAP_LARGE_WRITEX
+
+ sessionSetup['Data']['AnsiPwd'] = pwd_ansi
+ sessionSetup['Data']['UnicodePwd'] = pwd_unicode
+ sessionSetup['Data']['Account'] = str(user)
+ sessionSetup['Data']['PrimaryDomain'] = str(domain)
+ sessionSetup['Data']['NativeOS'] = str(os.name)
+ sessionSetup['Data']['NativeLanMan'] = 'pysmb'
+ smb.addCommand(sessionSetup)
+
+ self.sendSMB(smb)
+
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX):
+ # We will need to use this uid field for all future
requests/responses
+ self._uid = smb['Uid']
+ sessionResponse = SMBCommand(smb['Data'][0])
+ sessionParameters =
SMBSessionSetupAndXResponse_Parameters(sessionResponse['Parameters'])
+ sessionData = SMBSessionSetupAndXResponse_Data(flags =
smb['Flags2'], data = sessionResponse['Data'])
+
+ self._action = sessionParameters['Action']
+
+ # Still gotta figure out how to do this with no EXTENDED_SECURITY
+ if sessionParameters['Action'] & SMB_SETUP_USE_LANMAN_KEY == 0:
+ self._SigningChallengeResponse =
sessionSetup['Data']['UnicodePwd']
+ self._SigningSessionKey = nthash
+ else:
+ self._SigningChallengeResponse =
sessionSetup['Data']['AnsiPwd']
+ self._SigningSessionKey = lmhash
+
+ #self._SignSequenceNumber = 1
+ #self.checkSignSMB(smb, self._SigningSessionKey
,self._SigningChallengeResponse)
+ #self._SignatureEnabled = True
+ self.__server_os = sessionData['NativeOS']
+ self.__server_lanman = sessionData['NativeLanMan']
+ self.__server_domain = sessionData['PrimaryDomain']
+
+ # restore unicode flag if needed
+ if flags2 & SMB.FLAGS2_UNICODE:
+ self.__flags2 |= SMB.FLAGS2_UNICODE
+
+ return 1
+ else: raise Exception('Error: Could not login successfully')
+
+ def waitNamedPipe(self, tid, pipe, timeout = 5, noAnswer = 0):
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ transCommand = SMBCommand(SMB.SMB_COM_TRANSACTION)
+ transCommand['Parameters'] = SMBTransaction_Parameters()
+ transCommand['Data'] = SMBTransaction_Data()
+
+ setup = '\x53\x00\x00\x00'
+ name = '\\PIPE%s\x00' % pipe
+ transCommand['Parameters']['Setup'] = setup
+ transCommand['Parameters']['TotalParameterCount'] = 0
+ transCommand['Parameters']['TotalDataCount'] = 0
+ transCommand['Parameters']['MaxParameterCount'] = 0
+ transCommand['Parameters']['MaxDataCount'] = 0
+ transCommand['Parameters']['Timeout'] = timeout * 1000
+
+ transCommand['Parameters']['ParameterCount'] = 0
+ transCommand['Parameters']['ParameterOffset'] =
32+3+28+len(setup)+len(name)
+
+ transCommand['Parameters']['DataCount'] = 0
+ transCommand['Parameters']['DataOffset'] = 0
+
+ transCommand['Data']['Name'] = name
+ transCommand['Data']['Trans_Parameters'] = ''
+ transCommand['Data']['Trans_Data'] = ''
+
+ if noAnswer:
+ transCommand['Parameters']['Flags'] = TRANS_NO_RESPONSE
+
+ smb.addCommand(transCommand)
+ self.sendSMB(smb)
+
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_TRANSACTION):
+ return 1
+ return 0
+
+ def read(self, tid, fid, offset=0, max_size = None, wait_answer=1):
+ if not max_size:
+ max_size = self._dialects_parameters['MaxBufferSize'] # Read in
multiple KB blocks
+
+ # max_size is not working, because although it would, the server
returns an error (More data avail)
+
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ read = SMBCommand(SMB.SMB_COM_READ)
+ read['Parameters'] = SMBRead_Parameters()
+ read['Parameters']['Fid'] = fid
+ read['Parameters']['Offset'] = offset
+ read['Parameters']['Count'] = max_size
+ smb.addCommand(read)
+
+ if wait_answer:
+ while 1:
+ self.sendSMB(smb)
+ ans = self.recvSMB()
+
+ if ans.isValidAnswer(SMB.SMB_COM_READ):
+ readResponse = SMBCommand(ans['Data'][0])
+ readData = SMBReadResponse_Data(readResponse['Data'])
+
+ return readData['Data']
+
+ return None
+
+ def read_andx(self, tid, fid, offset=0, max_size = None, wait_answer=1,
smb_packet=None):
+ if not max_size:
+ if (self._dialects_parameters['Capabilities'] &
SMB.CAP_LARGE_READX) and self._SignatureEnabled is False:
+ max_size = 65000
+ else:
+ max_size = self._dialects_parameters['MaxBufferSize'] # Read
in multiple KB blocks
+
+ # max_size is not working, because although it would, the server
returns an error (More data avail)
+
+ if smb_packet is None:
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ readAndX = SMBCommand(SMB.SMB_COM_READ_ANDX)
+ readAndX['Parameters'] = SMBReadAndX_Parameters()
+ readAndX['Parameters']['Fid'] = fid
+ readAndX['Parameters']['Offset'] = offset
+ readAndX['Parameters']['MaxCount'] = max_size
+ smb.addCommand(readAndX)
+ else:
+ smb = smb_packet
+
+ if wait_answer:
+ answer = ''
+ while 1:
+ self.sendSMB(smb)
+ ans = self.recvSMB()
+
+ if ans.isValidAnswer(SMB.SMB_COM_READ_ANDX):
+ # XXX Here we are only using a few fields from the response
+ readAndXResponse = SMBCommand(ans['Data'][0])
+ readAndXParameters =
SMBReadAndXResponse_Parameters(readAndXResponse['Parameters'])
+
+ offset = readAndXParameters['DataOffset']
+ count =
readAndXParameters['DataCount']+0x10000*readAndXParameters['DataCount_Hi']
+ answer += str(ans)[offset:offset+count]
+ if not ans.isMoreData():
+ return answer
+ max_size = min(max_size, readAndXParameters['Remaining'])
+ readAndX['Parameters']['Offset'] += count
# XXX Offset is not important (apparently)
+ else:
+ self.sendSMB(smb)
+ ans = self.recvSMB()
+
+ try:
+ if ans.isValidAnswer(SMB.SMB_COM_READ_ANDX):
+ return ans
+ else:
+ return None
+ except:
+ return ans
+
+ return None
+
+ def read_raw(self, tid, fid, offset=0, max_size = None, wait_answer=1):
+ if not max_size:
+ max_size = self._dialects_parameters['MaxBufferSize'] # Read in
multiple KB blocks
+
+ # max_size is not working, because although it would, the server
returns an error (More data avail)
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ readRaw = SMBCommand(SMB.SMB_COM_READ_RAW)
+ readRaw['Parameters'] = SMBReadRaw_Parameters()
+ readRaw['Parameters']['Fid'] = fid
+ readRaw['Parameters']['Offset'] = offset
+ readRaw['Parameters']['MaxCount'] = max_size
+ smb.addCommand(readRaw)
+
+ self.sendSMB(smb)
+ if wait_answer:
+ data = self._sess.recv_packet(self.__timeout).get_trailer()
+ if not data:
+ # If there is no data it means there was an error
+ data = self.read_andx(tid, fid, offset, max_size)
+ return data
+
+ return None
+
+ def write(self,tid,fid,data, offset = 0, wait_answer=1):
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ write = SMBCommand(SMB.SMB_COM_WRITE)
+ write['Parameters'] = SMBWrite_Parameters()
+ write['Data'] = SMBWrite_Data()
+ write['Parameters']['Fid'] = fid
+ write['Parameters']['Count'] = len(data)
+ write['Parameters']['Offset'] = offset
+ write['Parameters']['Remaining'] = len(data)
+ write['Data']['Data'] = data
+ smb.addCommand(write)
+
+ self.sendSMB(smb)
+
+ if wait_answer:
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_WRITE):
+ return smb
+ return None
+
+ def write_andx(self,tid,fid,data, offset = 0, wait_answer=1,
write_pipe_mode = False, smb_packet=None):
+ if smb_packet is None:
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ writeAndX = SMBCommand(SMB.SMB_COM_WRITE_ANDX)
+ smb.addCommand(writeAndX)
+
+ writeAndX['Parameters'] = SMBWriteAndX_Parameters()
+ writeAndX['Parameters']['Fid'] = fid
+ writeAndX['Parameters']['Offset'] = offset
+ writeAndX['Parameters']['WriteMode'] = 8
+ writeAndX['Parameters']['Remaining'] = len(data)
+ writeAndX['Parameters']['DataLength'] = len(data)
+ writeAndX['Parameters']['DataOffset'] = len(smb) # this length
already includes the parameter
+ writeAndX['Data'] = data
+
+ if write_pipe_mode is True:
+ # First of all we gotta know what the MaxBuffSize is
+ maxBuffSize = self._dialects_parameters['MaxBufferSize']
+ if len(data) > maxBuffSize:
+ chunks_size = maxBuffSize - 60
+ writeAndX['Parameters']['WriteMode'] = 0x0c
+ sendData = '\xff\xff' + data
+ totalLen = len(sendData)
+ writeAndX['Parameters']['DataLength'] = chunks_size
+ writeAndX['Parameters']['Remaining'] = totalLen-2
+ writeAndX['Data'] = sendData[:chunks_size]
+
+ self.sendSMB(smb)
+ if wait_answer:
+ smbResp = self.recvSMB()
+ smbResp.isValidAnswer(SMB.SMB_COM_WRITE_ANDX)
+
+ alreadySent = chunks_size
+ sendData = sendData[chunks_size:]
+
+ while alreadySent < totalLen:
+ writeAndX['Parameters']['WriteMode'] = 0x04
+ writeAndX['Parameters']['DataLength'] =
len(sendData[:chunks_size])
+ writeAndX['Data'] = sendData[:chunks_size]
+ self.sendSMB(smb)
+ if wait_answer:
+ smbResp = self.recvSMB()
+ smbResp.isValidAnswer(SMB.SMB_COM_WRITE_ANDX)
+ alreadySent += writeAndX['Parameters']['DataLength']
+ sendData = sendData[chunks_size:]
+
+ return smbResp
+
+ else:
+ smb = smb_packet
+
+ self.sendSMB(smb)
+
+ if wait_answer:
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_WRITE_ANDX):
+ return smb
+ return None
+
+ def write_raw(self,tid,fid,data, offset = 0, wait_answer=1):
+ LOG.warning("[MS-CIFS] This command was introduced in the CorePlus
dialect, but is often listed as part of the LAN Manager 1.0 dialect.This
command has been deprecated.Clients SHOULD use SMB_COM_WRITE_ANDX")
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+
+ writeRaw = SMBCommand(SMB.SMB_COM_WRITE_RAW)
+ writeRaw['Parameters'] = SMBWriteRaw_Parameters()
+ writeRaw['Parameters']['Fid'] = fid
+ writeRaw['Parameters']['Offset'] = offset
+ writeRaw['Parameters']['Count'] = len(data)
+ writeRaw['Parameters']['DataLength'] = 0
+ writeRaw['Parameters']['DataOffset'] = 0
+ smb.addCommand(writeRaw)
+
+ self.sendSMB(smb)
+ self._sess.send_packet(data)
+
+ if wait_answer:
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_WRITE_RAW):
+ return smb
+ return None
+
+ def TransactNamedPipe(self, tid, fid, data = '', noAnswer = 0, waitAnswer
= 1, offset = 0):
+ self.send_trans(tid,pack('<HH', 0x26, fid),'\\PIPE\\\x00','',data,
noAnswer = noAnswer)
+
+ if noAnswer or not waitAnswer:
+ return
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_TRANSACTION):
+ transResponse = SMBCommand(smb['Data'][0])
+ transParameters =
SMBTransactionResponse_Parameters(transResponse['Parameters'])
+ return transResponse['Data'][-transParameters['TotalDataCount']:] #
Remove Potential Prefix Padding
+ return None
+
+ def TransactNamedPipeRecv(self):
+ s = self.recvSMB()
+ if s.isValidAnswer(SMB.SMB_COM_TRANSACTION):
+ transResponse = SMBCommand(s['Data'][0])
+ transParameters =
SMBTransactionResponse_Parameters(transResponse['Parameters'])
+ return transResponse['Data'][-transParameters['TotalDataCount']:] #
Remove Potential Prefix Padding
+ return None
+
+ def nt_create_andx(self,tid,filename, smb_packet=None, cmd = None,
shareAccessMode = FILE_SHARE_READ | FILE_SHARE_WRITE, disposition = FILE_OPEN,
accessMask = 0x2019f):
+ filename = filename.replace('/', '\\')
+ filename = filename.encode('utf-16le') if self.__flags2 &
SMB.FLAGS2_UNICODE else filename
+
+ if smb_packet is None:
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+ else:
+ smb = smb_packet
+
+ if cmd is None:
+ ntCreate = SMBCommand(SMB.SMB_COM_NT_CREATE_ANDX)
+ ntCreate['Parameters'] = SMBNtCreateAndX_Parameters()
+ ntCreate['Data'] = SMBNtCreateAndX_Data(flags=self.__flags2)
+ ntCreate['Parameters']['FileNameLength'] = len(filename)
+ ntCreate['Parameters']['CreateFlags'] = 0x16
+ ntCreate['Parameters']['AccessMask'] = accessMask
+ ntCreate['Parameters']['CreateOptions'] = 0x40
+ ntCreate['Parameters']['ShareAccess'] = shareAccessMode
+ ntCreate['Parameters']['Disposition'] = disposition
+ ntCreate['Data']['FileName'] = filename
+
+ if self.__flags2 & SMB.FLAGS2_UNICODE:
+ ntCreate['Data']['Pad'] = 0x0
+ else:
+ ntCreate = cmd
+
+ smb.addCommand(ntCreate)
+
+ self.sendSMB(smb)
+
+ while 1:
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_NT_CREATE_ANDX):
+ # XXX Here we are ignoring the rest of the response
+ ntCreateResponse = SMBCommand(smb['Data'][0])
+ ntCreateParameters =
SMBNtCreateAndXResponse_Parameters(ntCreateResponse['Parameters'])
+
+ self.fid = ntCreateParameters['Fid']
+ return ntCreateParameters['Fid']
+
+ def logoff(self):
+ smb = NewSMBPacket()
+
+ logOff = SMBCommand(SMB.SMB_COM_LOGOFF_ANDX)
+ logOff['Parameters'] = SMBLogOffAndX()
+ smb.addCommand(logOff)
+
+ self.sendSMB(smb)
+ self.recvSMB()
+ # Let's clear some fields so you can login again under the same session
+ self._uid = 0
+
+ def list_path(self, service, path = '*', password = None):
+ path = path.replace('/', '\\')
+ path = path.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE
else path
+
+ tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' +
service, password)
+ try:
+ findFirstParameter = SMBFindFirst2_Parameters()
+ findFirstParameter['SearchAttributes'] =
SMB_FILE_ATTRIBUTE_DIRECTORY | SMB_FILE_ATTRIBUTE_HIDDEN | \
+ SMB_FILE_ATTRIBUTE_SYSTEM
| SMB_FILE_ATTRIBUTE_READONLY | \
+ SMB_FILE_ATTRIBUTE_ARCHIVE
+ findFirstParameter['SearchCount'] = 512
+ findFirstParameter['Flags'] = SMB_FIND_RETURN_RESUME_KEYS |
SMB_FIND_CLOSE_AT_EOS
+ findFirstParameter['InformationLevel'] =
SMB_FIND_FILE_BOTH_DIRECTORY_INFO
+ findFirstParameter['SearchStorageType'] = 0
+ findFirstParameter['FileName'] = path + ('\x00\x00' if
self.__flags2 & SMB.FLAGS2_UNICODE else '\x00')
+ self.send_trans2(tid, SMB.TRANS2_FIND_FIRST2, '\x00',
findFirstParameter, '')
+ files = [ ]
+
+ totalDataCount = 1
+ findData = ''
+ findFirst2ParameterBlock = ''
+ while len(findData) < totalDataCount:
+ resp = self.recvSMB()
+
+ if resp.isValidAnswer(SMB.SMB_COM_TRANSACTION2):
+ trans2Response = SMBCommand(resp['Data'][0])
+ trans2Parameters =
SMBTransaction2Response_Parameters(trans2Response['Parameters'])
+ totalDataCount = trans2Parameters['TotalDataCount']
+ findFirst2ParameterBlock +=
trans2Response['Data'][trans2Parameters['ParameterOffset']-55:][:trans2Parameters['ParameterCount']]
+ findData +=
trans2Response['Data'][trans2Parameters['DataOffset']-55:]
+
+ findParameterBlock =
SMBFindFirst2Response_Parameters(findFirst2ParameterBlock)
+ # Save the SID for resume operations
+ sid = findParameterBlock['SID']
+
+ while True:
+ record = SMBFindFileBothDirectoryInfo(data = findData)
+
+ shortname = record['ShortName'].decode('utf-16le') if
self.__flags2 & SMB.FLAGS2_UNICODE else record['ShortName']
+ filename = record['FileName'].decode('utf-16le') if
self.__flags2 & SMB.FLAGS2_UNICODE else record['FileName']
+
+ fileRecord = SharedFile(record['CreationTime'],
record['LastAccessTime'], record['LastChangeTime'],
+ record['EndOfFile'],
record['AllocationSize'], record['ExtFileAttributes'],
+ shortname, filename)
+ files.append(fileRecord)
+ if record['NextEntryOffset'] > 0 and
len(findData[record['NextEntryOffset']:]) > 0:
+ findData = findData[record['NextEntryOffset']:]
+ else:
+ # More data to search?
+ if findParameterBlock['EndOfSearch'] == 0:
+ resume_filename = record['FileName']
+ findNextParameter = SMBFindNext2_Parameters()
+ findNextParameter['SID'] = sid
+ findNextParameter['SearchCount'] = 1024
+ findNextParameter['InformationLevel'] =
SMB_FIND_FILE_BOTH_DIRECTORY_INFO
+ findNextParameter['ResumeKey'] = 0
+ findNextParameter['Flags'] =
SMB_FIND_RETURN_RESUME_KEYS | SMB_FIND_CLOSE_AT_EOS
+ findNextParameter['FileName'] = resume_filename +
('\x00\x00' if self.__flags2 & SMB.FLAGS2_UNICODE else '\x00')
+ self.send_trans2(tid, SMB.TRANS2_FIND_NEXT2, '\x00',
findNextParameter, '')
+ findData = ''
+ findNext2ParameterBlock = ''
+ totalDataCount = 1
+ while len(findData) < totalDataCount:
+ resp = self.recvSMB()
+
+ if resp.isValidAnswer(SMB.SMB_COM_TRANSACTION2):
+ trans2Response = SMBCommand(resp['Data'][0])
+ trans2Parameters =
SMBTransaction2Response_Parameters(trans2Response['Parameters'])
+ totalDataCount =
trans2Parameters['TotalDataCount']
+ findNext2ParameterBlock +=
trans2Response['Data'][trans2Parameters['ParameterOffset']-55:][:trans2Parameters['ParameterCount']]
+ findData +=
trans2Response['Data'][trans2Parameters['DataOffset']-55:]
+ findParameterBlock =
SMBFindNext2Response_Parameters(findNext2ParameterBlock)
+ else:
+ break
+ finally:
+ self.disconnect_tree(tid)
+
+ return files
+
+ def retr_file(self, service, filename, callback, mode = FILE_OPEN, offset
= 0, password = None, shareAccessMode = SMB_ACCESS_READ):
+ filename = string.replace(filename, '/', '\\')
+
+ fid = -1
+ tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' +
service, password)
+ try:
+ fid = self.nt_create_andx(tid, filename, shareAccessMode =
shareAccessMode, accessMask = 0x20089)
+
+ res = self.query_file_info(tid, fid)
+ datasize = SMBQueryFileStandardInfo(res)['EndOfFile']
+
+ self.__nonraw_retr_file(tid, fid, offset, datasize, callback)
+ finally:
+ if fid >= 0:
+ self.close(tid, fid)
+ self.disconnect_tree(tid)
+
+ def stor_file(self, service, filename, callback, mode = FILE_OVERWRITE_IF,
offset = 0, password = None, shareAccessMode = SMB_ACCESS_WRITE):
+ filename = string.replace(filename, '/', '\\')
+
+ fid = -1
+ tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' +
service, password)
+ try:
+ fid = self.nt_create_andx(tid, filename, shareAccessMode =
shareAccessMode, disposition = mode )
+
+ self.__nonraw_stor_file(tid, fid, offset, 0, callback)
+ finally:
+ if fid >= 0:
+ self.close(tid, fid)
+ self.disconnect_tree(tid)
+
+ def stor_file_nonraw(self, service, filename, callback, mode =
FILE_OVERWRITE_IF, offset = 0, password = None, shareAccessMode =
SMB_ACCESS_WRITE ):
+ filename = string.replace(filename, '/', '\\')
+
+ fid = -1
+ tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' +
service, password)
+ try:
+ fid = self.nt_create_andx(tid, filename, shareAccessMode =
shareAccessMode, disposition = mode)
+ self.__nonraw_stor_file(tid, fid, offset, 0, callback)
+ finally:
+ if fid >= 0:
+ self.close(tid, fid)
+ self.disconnect_tree(tid)
+
+ def check_dir(self, service, path, password = None):
+ path = string.replace(path,'/', '\\')
+ tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' +
service, password)
+ try:
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+ smb['Mid'] = 0
+
+ cmd = SMBCommand(SMB.SMB_COM_CHECK_DIRECTORY)
+ cmd['Parameters'] = ''
+ cmd['Data'] = SMBCheckDirectory_Data(flags = self.__flags2)
+ cmd['Data']['DirectoryName'] = path.encode('utf-16le') if
self.__flags2 & SMB.FLAGS2_UNICODE else path
+ smb.addCommand(cmd)
+
+ self.sendSMB(smb)
+
+ while 1:
+ s = self.recvSMB()
+ if s.isValidAnswer(SMB.SMB_COM_CHECK_DIRECTORY):
+ return
+ finally:
+ self.disconnect_tree(tid)
+
+ def remove(self, service, path, password = None):
+ path = string.replace(path,'/', '\\')
+ # Perform a list to ensure the path exists
+ self.list_path(service, path, password)
+
+ tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' +
service, password)
+ try:
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+ smb['Mid'] = 0
+
+ cmd = SMBCommand(SMB.SMB_COM_DELETE)
+ cmd['Parameters'] = SMBDelete_Parameters()
+ cmd['Parameters']['SearchAttributes'] = ATTR_HIDDEN | ATTR_SYSTEM
| ATTR_ARCHIVE
+ cmd['Data'] = SMBDelete_Data(flags = self.__flags2)
+ cmd['Data']['FileName'] = (path + '\x00').encode('utf-16le') if
self.__flags2 & SMB.FLAGS2_UNICODE else (path + '\x00')
+ smb.addCommand(cmd)
+
+ self.sendSMB(smb)
+
+ while 1:
+ s = self.recvSMB()
+ if s.isValidAnswer(SMB.SMB_COM_DELETE):
+ return
+ finally:
+ self.disconnect_tree(tid)
+
+ def rmdir(self, service, path, password = None):
+ path = string.replace(path,'/', '\\')
+ # Check that the directory exists
+ self.check_dir(service, path, password)
+
+ tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' +
service, password)
+ try:
+ path = path.encode('utf-16le') if self.__flags2 &
SMB.FLAGS2_UNICODE else path
+
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+ createDir = SMBCommand(SMB.SMB_COM_DELETE_DIRECTORY)
+ createDir['Data'] = SMBDeleteDirectory_Data(flags=self.__flags2)
+ createDir['Data']['DirectoryName'] = path
+ smb.addCommand(createDir)
+
+ self.sendSMB(smb)
+
+ while 1:
+ s = self.recvSMB()
+ if s.isValidAnswer(SMB.SMB_COM_DELETE_DIRECTORY):
+ return
+ finally:
+ self.disconnect_tree(tid)
+
+ def mkdir(self, service, path, password = None):
+ path = string.replace(path,'/', '\\')
+ tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' +
service, password)
+ try:
+ path = path.encode('utf-16le') if self.__flags2 &
SMB.FLAGS2_UNICODE else path
+
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+ smb['Mid'] = 0
+
+ createDir = SMBCommand(SMB.SMB_COM_CREATE_DIRECTORY)
+ createDir['Data'] = SMBCreateDirectory_Data(flags=self.__flags2)
+ createDir['Data']['DirectoryName'] = path
+ smb.addCommand(createDir)
+
+ self.sendSMB(smb)
+
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_CREATE_DIRECTORY):
+ return 1
+ return 0
+ finally:
+ self.disconnect_tree(tid)
+
+ def rename(self, service, old_path, new_path, password = None):
+ old_path = string.replace(old_path,'/', '\\')
+ new_path = string.replace(new_path,'/', '\\')
+ tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' +
service, password)
+ try:
+ smb = NewSMBPacket()
+ smb['Tid'] = tid
+ smb['Mid'] = 0
+
+ renameCmd = SMBCommand(SMB.SMB_COM_RENAME)
+ renameCmd['Parameters'] = SMBRename_Parameters()
+ renameCmd['Parameters']['SearchAttributes'] = ATTR_SYSTEM |
ATTR_HIDDEN | ATTR_DIRECTORY
+ renameCmd['Data'] = SMBRename_Data(flags = self.__flags2)
+ renameCmd['Data']['OldFileName'] = old_path.encode('utf-16le') if
self.__flags2 & SMB.FLAGS2_UNICODE else old_path
+ renameCmd['Data']['NewFileName'] = new_path.encode('utf-16le') if
self.__flags2 & SMB.FLAGS2_UNICODE else new_path
+ smb.addCommand(renameCmd)
+
+ self.sendSMB(smb)
+
+ smb = self.recvSMB()
+ if smb.isValidAnswer(SMB.SMB_COM_RENAME):
+ return 1
+ return 0
+ finally:
+ self.disconnect_tree(tid)
+
+ def writeFile(self, treeId, fileId, data, offset = 0):
+ if (self._dialects_parameters['Capabilities'] & SMB.CAP_LARGE_WRITEX)
and self._SignatureEnabled is False:
+ max_buf_size = 65000
+ else:
+ max_buf_size = self._dialects_parameters['MaxBufferSize'] & ~0x3ff
# Write in multiple KB blocks
+
+ write_offset = offset
+ while 1:
+ if len(data) == 0:
+ break
+ writeData = data[:max_buf_size]
+ data = data[max_buf_size:]
+
+ smb = self.write_andx(treeId,fileId,writeData, write_offset)
+ writeResponse = SMBCommand(smb['Data'][0])
+ writeResponseParameters =
SMBWriteAndXResponse_Parameters(writeResponse['Parameters'])
+ write_offset += writeResponseParameters['Count']
+
+ def get_socket(self):
+ return self._sess.get_socket()
+
+ERRDOS = { 1: 'Invalid function',
+ 2: 'File not found',
+ 3: 'Invalid directory',
+ 4: 'Too many open files',
+ 5: 'Access denied',
+ 6: 'Invalid file handle. Please file a bug report.',
+ 7: 'Memory control blocks destroyed',
+ 8: 'Out of memory',
+ 9: 'Invalid memory block address',
+ 10: 'Invalid environment',
+ 11: 'Invalid format',
+ 12: 'Invalid open mode',
+ 13: 'Invalid data',
+ 15: 'Invalid drive',
+ 16: 'Attempt to remove server\'s current directory',
+ 17: 'Not the same device',
+ 18: 'No files found',
+ 32: 'Sharing mode conflicts detected',
+ 33: 'Lock request conflicts detected',
+ 80: 'File already exists'
+ }
+
+ERRSRV = { 1: 'Non-specific error',
+ 2: 'Bad password',
+ 4: 'Access denied',
+ 5: 'Invalid tid. Please file a bug report.',
+ 6: 'Invalid network name',
+ 7: 'Invalid device',
+ 49: 'Print queue full',
+ 50: 'Print queue full',
+ 51: 'EOF on print queue dump',
+ 52: 'Invalid print file handle',
+ 64: 'Command not recognized. Please file a bug report.',
+ 65: 'Internal server error',
+ 67: 'Invalid path',
+ 69: 'Invalid access permissions',
+ 71: 'Invalid attribute mode',
+ 81: 'Server is paused',
+ 82: 'Not receiving messages',
+ 83: 'No room to buffer messages',
+ 87: 'Too many remote user names',
+ 88: 'Operation timeout',
+ 89: 'Out of resources',
+ 91: 'Invalid user handle. Please file a bug report.',
+ 250: 'Temporarily unable to support raw mode for transfer',
+ 251: 'Temporarily unable to support raw mode for transfer',
+ 252: 'Continue in MPX mode',
+ 65535: 'Unsupported function'
+ }
+
+ERRHRD = { 19: 'Media is write-protected',
+ 20: 'Unknown unit',
+ 21: 'Drive not ready',
+ 22: 'Unknown command',
+ 23: 'CRC error',
+ 24: 'Bad request',
+ 25: 'Seek error',
+ 26: 'Unknown media type',
+ 27: 'Sector not found',
+ 28: 'Printer out of paper',
+ 29: 'Write fault',
+ 30: 'Read fault',
+ 31: 'General failure',
+ 32: 'Open conflicts with an existing open',
+ 33: 'Invalid lock request',
+ 34: 'Wrong disk in drive',
+ 35: 'FCBs not available',
+ 36: 'Sharing buffer exceeded'
+ }
+
diff --git a/tests/python_dependencies/impacket/smb3.py
b/tests/python_dependencies/impacket/smb3.py
new file mode 100644
index 000000000..5548e4b0c
--- /dev/null
+++ b/tests/python_dependencies/impacket/smb3.py
@@ -0,0 +1,1629 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+# Author: Alberto Solino (@agsolino)
+#
+# Description:
+# [MS-SMB2] Protocol Implementation (SMB2 and SMB3)
+# As you might see in the code, it's implemented strictly following
+# the structures defined in the protocol specification. This may
+# not be the most efficient way (e.g. self._Connection is the
+# same to self._Session in the context of this library ) but
+# it certainly helps following the document way easier.
+#
+# ToDo:
+# [X] Implement SMB2_CHANGE_NOTIFY
+# [X] Implement SMB2_QUERY_INFO
+# [X] Implement SMB2_SET_INFO
+# [ ] Implement SMB2_OPLOCK_BREAK
+# [X] Implement SMB3 signing
+# [ ] Implement SMB3 encryption
+# [ ] Add more backward compatible commands from the smb.py code
+# [ ] Fix up all the 'ToDo' comments inside the code
+#
+
+import socket
+import ntpath
+import random
+import string
+import struct
+from binascii import a2b_hex
+from contextlib import contextmanager
+
+from impacket import nmb, ntlm, uuid, crypto, LOG
+from impacket.smb3structs import *
+from impacket.nt_errors import STATUS_SUCCESS,
STATUS_MORE_PROCESSING_REQUIRED, STATUS_INVALID_PARAMETER, \
+ STATUS_NO_MORE_FILES, STATUS_PENDING, STATUS_NOT_IMPLEMENTED,
ERROR_MESSAGES
+from impacket.spnego import SPNEGO_NegTokenInit, TypesMech, SPNEGO_NegTokenResp
+
+
+# For signing
+import hashlib, hmac, copy
+
+# Structs to be used
+TREE_CONNECT = {
+ 'ShareName' : '',
+ 'TreeConnectId' : 0,
+ 'Session' : 0,
+ 'IsDfsShare' : False,
+ # If the client implements the SMB 3.0 dialect,
+ # the client MUST also implement the following
+ 'IsCAShare' : False,
+ 'EncryptData' : False,
+ 'IsScaleoutShare' : False,
+ # Outside the protocol
+ 'NumberOfUses' : 0,
+}
+
+FILE = {
+ 'OpenTable' : [],
+ 'LeaseKey' : '',
+ 'LeaseState' : 0,
+ 'LeaseEpoch' : 0,
+}
+
+OPEN = {
+ 'FileID' : '',
+ 'TreeConnect' : 0,
+ 'Connection' : 0, # Not Used
+ 'Oplocklevel' : 0,
+ 'Durable' : False,
+ 'FileName' : '',
+ 'ResilientHandle' : False,
+ 'LastDisconnectTime' : 0,
+ 'ResilientTimeout' : 0,
+ 'OperationBuckets' : [],
+ # If the client implements the SMB 3.0 dialect,
+ # the client MUST implement the following
+ 'CreateGuid' : '',
+ 'IsPersistent' : False,
+ 'DesiredAccess' : '',
+ 'ShareMode' : 0,
+ 'CreateOption' : '',
+ 'FileAttributes' : '',
+ 'CreateDisposition' : '',
+}
+
+REQUEST = {
+ 'CancelID' : '',
+ 'Message' : '',
+ 'Timestamp' : 0,
+}
+
+CHANNEL = {
+ 'SigningKey' : '',
+ 'Connection' : 0,
+}
+
+
+class SessionError(Exception):
+ def __init__( self, error = 0, packet=0):
+ Exception.__init__(self)
+ self.error = error
+ self.packet = packet
+
+ def get_error_code( self ):
+ return self.error
+
+ def get_error_packet( self ):
+ return self.packet
+
+ def __str__( self ):
+ return 'SMB SessionError: %s(%s)' % (ERROR_MESSAGES[self.error])
+
+
+class SMB3:
+ def __init__(self, remote_name, remote_host, my_name = None, host_type =
nmb.TYPE_SERVER, sess_port = 445, timeout=60, UDP = 0, preferredDialect = None,
session = None):
+
+ # [MS-SMB2] Section 3
+ self.RequireMessageSigning = False #
+ self.ConnectionTable = {}
+ self.GlobalFileTable = {}
+ self.ClientGuid = ''.join([random.choice(string.letters) for i in
range(16)])
+ # Only for SMB 3.0
+ self.EncryptionAlgorithmList = ['AES-CCM']
+ self.MaxDialect = []
+ self.RequireSecureNegotiate = False
+
+ # Per Transport Connection Data
+ self._Connection = {
+ # Indexed by SessionID
+ #'SessionTable' : {},
+ # Indexed by MessageID
+ 'OutstandingRequests' : {},
+ 'OutstandingResponses' : {}, #
+ 'SequenceWindow' : 0, #
+ 'GSSNegotiateToken' : '', #
+ 'MaxTransactSize' : 0, #
+ 'MaxReadSize' : 0, #
+ 'MaxWriteSize' : 0, #
+ 'ServerGuid' : '', #
+ 'RequireSigning' : False, #
+ 'ServerName' : '', #
+ # If the client implements the SMB 2.1 or SMB 3.0 dialects, it
MUST
+ # also implement the following
+ 'Dialect' : '', #
+ 'SupportsFileLeasing' : False, #
+ 'SupportsMultiCredit' : False, #
+ # If the client implements the SMB 3.0 dialect,
+ # it MUST also implement the following
+ 'SupportsDirectoryLeasing' : False, #
+ 'SupportsMultiChannel' : False, #
+ 'SupportsPersistentHandles': False, #
+ 'SupportsEncryption' : False, #
+ 'ClientCapabilities' : 0,
+ 'ServerCapabilities' : 0, #
+ 'ClientSecurityMode' : 0, #
+ 'ServerSecurityMode' : 0, #
+ # Outside the protocol
+ 'ServerIP' : '', #
+ }
+
+ self._Session = {
+ 'SessionID' : 0, #
+ 'TreeConnectTable' : {}, #
+ 'SessionKey' : '', #
+ 'SigningRequired' : False, #
+ 'Connection' : 0, #
+ 'UserCredentials' : '', #
+ 'OpenTable' : {}, #
+ # If the client implements the SMB 3.0 dialect,
+ # it MUST also implement the following
+ 'ChannelList' : [],
+ 'ChannelSequence' : 0,
+ #'EncryptData' : False,
+ 'EncryptData' : True,
+ 'EncryptionKey' : '',
+ 'DecryptionKey' : '',
+ 'SigningKey' : '',
+ 'ApplicationKey' : '',
+ # Outside the protocol
+ 'SessionFlags' : 0, #
+ 'ServerName' : '', #
+ 'ServerDomain' : '', #
+ 'ServerDNSDomainName' : '', #
+ 'ServerOS' : '', #
+ 'SigningActivated' : False, #
+ }
+
+ self.SMB_PACKET = SMB2Packet
+
+ self._timeout = timeout
+ self._Connection['ServerIP'] = remote_host
+ self._NetBIOSSession = None
+
+ self.__userName = ''
+ self.__password = ''
+ self.__domain = ''
+ self.__lmhash = ''
+ self.__nthash = ''
+ self.__kdc = ''
+ self.__aesKey = ''
+ self.__TGT = None
+ self.__TGS = None
+
+ if sess_port == 445 and remote_name == '*SMBSERVER':
+ self._Connection['ServerName'] = remote_host
+ else:
+ self._Connection['ServerName'] = remote_name
+
+ if session is None:
+ if not my_name:
+ my_name = socket.gethostname()
+ i = string.find(my_name, '.')
+ if i > -1:
+ my_name = my_name[:i]
+
+ if UDP:
+ self._NetBIOSSession = nmb.NetBIOSUDPSession(my_name,
self._Connection['ServerName'], remote_host, host_type, sess_port,
self._timeout)
+ else:
+ self._NetBIOSSession = nmb.NetBIOSTCPSession(my_name,
self._Connection['ServerName'], remote_host, host_type, sess_port,
self._timeout)
+
+ self.negotiateSession(preferredDialect)
+ else:
+ self._NetBIOSSession = session
+ # We should increase the SequenceWindow since a packet was already
received.
+ self._Connection['SequenceWindow'] += 1
+ # Let's negotiate again using the same connection
+ self.negotiateSession(preferredDialect)
+
+ def printStatus(self):
+ print "CONNECTION"
+ for i in self._Connection.items():
+ print "%-40s : %s" % i
+ print
+ print "SESSION"
+ for i in self._Session.items():
+ print "%-40s : %s" % i
+
+ def getServerName(self):
+ return self._Session['ServerName']
+
+ def getServerIP(self):
+ return self._Connection['ServerIP']
+
+ def getServerDomain(self):
+ return self._Session['ServerDomain']
+
+ def getServerDNSDomainName(self):
+ return self._Session['ServerDNSDomainName']
+
+ def getServerOS(self):
+ return self._Session['ServerOS']
+
+ def getServerOSMajor(self):
+ return self._Session['ServerOSMajor']
+
+ def getServerOSMinor(self):
+ return self._Session['ServerOSMinor']
+
+ def getServerOSBuild(self):
+ return self._Session['ServerOSBuild']
+
+ def isGuestSession(self):
+ return self._Session['SessionFlags'] & SMB2_SESSION_FLAG_IS_GUEST
+
+ def setTimeout(self, timeout):
+ self._timeout = timeout
+
+ @contextmanager
+ def useTimeout(self, timeout):
+ prev_timeout = self.getTimeout(timeout)
+ try:
+ yield
+ finally:
+ self.setTimeout(prev_timeout)
+
+ def getDialect(self):
+ return self._Connection['Dialect']
+
+
+ def signSMB(self, packet):
+ packet['Signature'] = '\x00'*16
+ if self._Connection['Dialect'] == SMB2_DIALECT_21 or
self._Connection['Dialect'] == SMB2_DIALECT_002:
+ if len(self._Session['SessionKey']) > 0:
+ signature = hmac.new(self._Session['SessionKey'], str(packet),
hashlib.sha256).digest()
+ packet['Signature'] = signature[:16]
+ else:
+ if len(self._Session['SessionKey']) > 0:
+ p = str(packet)
+ signature = crypto.AES_CMAC(self._Session['SigningKey'], p,
len(p))
+ packet['Signature'] = signature
+
+ def sendSMB(self, packet):
+ # The idea here is to receive multiple/single commands and create a
compound request, and send it
+ # Should return the MessageID for later retrieval. Implement
compounded related requests.
+
+ # If Connection.Dialect is equal to "3.000" and if
Connection.SupportsMultiChannel or
+ # Connection.SupportsPersistentHandles is TRUE, the client MUST set
ChannelSequence in the
+ # SMB2 header to Session.ChannelSequence
+
+ # Check this is not a CANCEL request. If so, don't consume sequece
numbers
+ if packet['Command'] is not SMB2_CANCEL:
+ packet['MessageID'] = self._Connection['SequenceWindow']
+ self._Connection['SequenceWindow'] += 1
+ packet['SessionID'] = self._Session['SessionID']
+
+ # Default the credit charge to 1 unless set by the caller
+ if packet.fields.has_key('CreditCharge') is False:
+ packet['CreditCharge'] = 1
+
+ # Standard credit request after negotiating protocol
+ if self._Connection['SequenceWindow'] > 3:
+ packet['CreditRequestResponse'] = 127
+
+ messageId = packet['MessageID']
+
+ if self._Session['SigningActivated'] is True and
self._Connection['SequenceWindow'] > 2:
+ if packet['TreeID'] > 0 and
self._Session['TreeConnectTable'].has_key(packet['TreeID']) is True:
+ if
self._Session['TreeConnectTable'][packet['TreeID']]['EncryptData'] is False:
+ packet['Flags'] = SMB2_FLAGS_SIGNED
+ self.signSMB(packet)
+ elif packet['TreeID'] == 0:
+ packet['Flags'] = SMB2_FLAGS_SIGNED
+ self.signSMB(packet)
+
+ if (self._Session['SessionFlags'] & SMB2_SESSION_FLAG_ENCRYPT_DATA) or
( packet['TreeID'] != 0 and
self._Session['TreeConnectTable'][packet['TreeID']]['EncryptData'] is True):
+ plainText = str(packet)
+ transformHeader = SMB2_TRANSFORM_HEADER()
+ transformHeader['Nonce'] = ''.join([random.choice(string.letters)
for i in range(11)])
+ transformHeader['OriginalMessageSize'] = len(plainText)
+ transformHeader['EncryptionAlgorithm'] = SMB2_ENCRYPTION_AES128_CCM
+ transformHeader['SessionID'] = self._Session['SessionID']
+ from Crypto.Cipher import AES
+ try:
+ AES.MODE_CCM
+ except:
+ LOG.critical("Your pycrypto doesn't support AES.MODE_CCM.
Currently only pycrypto experimental supports this mode.\nDownload it from
https://www.dlitz.net/software/pycrypto ")
+ raise
+ cipher = AES.new(self._Session['EncryptionKey'], AES.MODE_CCM,
transformHeader['Nonce'])
+ cipher.update(str(transformHeader)[20:])
+ cipherText = cipher.encrypt(plainText)
+ transformHeader['Signature'] = cipher.digest()
+ packet = str(transformHeader) + cipherText
+
+ self._NetBIOSSession.send_packet(str(packet))
+ return messageId
+
+ def recvSMB(self, packetID = None):
+ # First, verify we don't have the packet already
+ if self._Connection['OutstandingResponses'].has_key(packetID):
+ return self._Connection['OutstandingResponses'].pop(packetID)
+
+ data = self._NetBIOSSession.recv_packet(self._timeout)
+
+ if data.get_trailer().startswith('\xfdSMB'):
+ # Packet is encrypted
+ transformHeader = SMB2_TRANSFORM_HEADER(data.get_trailer())
+ from Crypto.Cipher import AES
+ try:
+ AES.MODE_CCM
+ except:
+ LOG.critical("Your pycrypto doesn't support AES.MODE_CCM.
Currently only pycrypto experimental supports this mode.\nDownload it from
https://www.dlitz.net/software/pycrypto ")
+ raise
+ cipher = AES.new(self._Session['DecryptionKey'], AES.MODE_CCM,
transformHeader['Nonce'][:11])
+ cipher.update(str(transformHeader)[20:])
+ plainText =
cipher.decrypt(data.get_trailer()[len(SMB2_TRANSFORM_HEADER()):])
+ #cipher.verify(transformHeader['Signature'])
+ packet = SMB2Packet(plainText)
+ else:
+ # In all SMB dialects for a response this field is interpreted as
the Status field.
+ # This field can be set to any value. For a list of valid status
codes,
+ # see [MS-ERREF] section 2.3.
+ packet = SMB2Packet(data.get_trailer())
+
+ # Loop while we receive pending requests
+ if packet['Status'] == STATUS_PENDING:
+ status = STATUS_PENDING
+ while status == STATUS_PENDING:
+ data = self._NetBIOSSession.recv_packet(self._timeout)
+ if data.get_trailer().startswith('\xfeSMB'):
+ packet = SMB2Packet(data.get_trailer())
+ else:
+ # Packet is encrypted
+ transformHeader = SMB2_TRANSFORM_HEADER(data.get_trailer())
+ from Crypto.Cipher import AES
+ try:
+ AES.MODE_CCM
+ except:
+ LOG.critical("Your pycrypto doesn't support
AES.MODE_CCM. Currently only pycrypto experimental supports this
mode.\nDownload it from https://www.dlitz.net/software/pycrypto ")
+ raise
+ cipher = AES.new(self._Session['DecryptionKey'],
AES.MODE_CCM, transformHeader['Nonce'][:11])
+ cipher.update(str(transformHeader)[20:])
+ plainText =
cipher.decrypt(data.get_trailer()[len(SMB2_TRANSFORM_HEADER()):])
+ #cipher.verify(transformHeader['Signature'])
+ packet = SMB2Packet(plainText)
+ status = packet['Status']
+
+ if packet['MessageID'] == packetID or packetID is None:
+ # if self._Session['SigningRequired'] is True:
+ # self.signSMB(packet)
+ # Let's update the sequenceWindow based on the CreditsCharged
+ self._Connection['SequenceWindow'] += (packet['CreditCharge'] - 1)
+ return packet
+ else:
+ self._Connection['OutstandingResponses'][packet['MessageID']] =
packet
+ return self.recvSMB(packetID)
+
+ def negotiateSession(self, preferredDialect = None):
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_NEGOTIATE
+ negSession = SMB2Negotiate()
+
+ negSession['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_ENABLED
+ if self.RequireMessageSigning is True:
+ negSession['SecurityMode'] |= SMB2_NEGOTIATE_SIGNING_REQUIRED
+ negSession['Capabilities'] = SMB2_GLOBAL_CAP_ENCRYPTION
+ negSession['ClientGuid'] = self.ClientGuid
+ if preferredDialect is not None:
+ negSession['Dialects'] = [preferredDialect]
+ else:
+ negSession['Dialects'] = [SMB2_DIALECT_002, SMB2_DIALECT_21,
SMB2_DIALECT_30]
+ negSession['DialectCount'] = len(negSession['Dialects'])
+ packet['Data'] = negSession
+
+ # Storing this data for later use
+ self._Connection['ClientSecurityMode'] = negSession['SecurityMode']
+ self._Connection['Capabilities'] = negSession['Capabilities']
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ # ToDo this:
+ # If the DialectRevision in the SMB2 NEGOTIATE Response is
0x02FF, the client MUST issue a new
+ # SMB2 NEGOTIATE request as described in section 3.2.4.2.2.2 with
the only exception
+ # that the client MUST allocate sequence number 1 from
Connection.SequenceWindow, and MUST set
+ # MessageId field of the SMB2 header to 1. Otherwise, the client
MUST proceed as follows.
+ negResp = SMB2Negotiate_Response(ans['Data'])
+ self._Connection['MaxTransactSize'] =
min(0x100000,negResp['MaxTransactSize'])
+ self._Connection['MaxReadSize'] =
min(0x100000,negResp['MaxReadSize'])
+ self._Connection['MaxWriteSize'] =
min(0x100000,negResp['MaxWriteSize'])
+ self._Connection['ServerGuid'] = negResp['ServerGuid']
+ self._Connection['GSSNegotiateToken'] = negResp['Buffer']
+ self._Connection['Dialect'] = negResp['DialectRevision']
+ if (negResp['SecurityMode'] & SMB2_NEGOTIATE_SIGNING_REQUIRED) ==
SMB2_NEGOTIATE_SIGNING_REQUIRED:
+ self._Connection['RequireSigning'] = True
+ if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_LEASING) ==
SMB2_GLOBAL_CAP_LEASING:
+ self._Connection['SupportsFileLeasing'] = True
+ if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_LARGE_MTU) ==
SMB2_GLOBAL_CAP_LARGE_MTU:
+ self._Connection['SupportsMultiCredit'] = True
+
+ if self._Connection['Dialect'] == SMB2_DIALECT_30:
+ # Switching to the right packet format
+ self.SMB_PACKET = SMB3Packet
+ if (negResp['Capabilities'] &
SMB2_GLOBAL_CAP_DIRECTORY_LEASING) == SMB2_GLOBAL_CAP_DIRECTORY_LEASING:
+ self._Connection['SupportsDirectoryLeasing'] = True
+ if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_MULTI_CHANNEL)
== SMB2_GLOBAL_CAP_MULTI_CHANNEL:
+ self._Connection['SupportsMultiChannel'] = True
+ if (negResp['Capabilities'] &
SMB2_GLOBAL_CAP_PERSISTENT_HANDLES) == SMB2_GLOBAL_CAP_PERSISTENT_HANDLES:
+ self._Connection['SupportsPersistentHandles'] = True
+ if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_ENCRYPTION) ==
SMB2_GLOBAL_CAP_ENCRYPTION:
+ self._Connection['SupportsEncryption'] = True
+
+ self._Connection['ServerCapabilities'] =
negResp['Capabilities']
+ self._Connection['ServerSecurityMode'] =
negResp['SecurityMode']
+
+ def getCredentials(self):
+ return (
+ self.__userName,
+ self.__password,
+ self.__domain,
+ self.__lmhash,
+ self.__nthash,
+ self.__aesKey,
+ self.__TGT,
+ self.__TGS)
+
+ def kerberosLogin(self, user, password, domain = '', lmhash = '', nthash =
'', aesKey='', kdcHost = '', TGT=None, TGS=None):
+ # If TGT or TGS are specified, they are in the form of:
+ # TGS['KDC_REP'] = the response from the server
+ # TGS['cipher'] = the cipher used
+ # TGS['sessionKey'] = the sessionKey
+ # If we have hashes, normalize them
+ if lmhash != '' or nthash != '':
+ if len(lmhash) % 2: lmhash = '0%s' % lmhash
+ if len(nthash) % 2: nthash = '0%s' % nthash
+ try: # just in case they were converted already
+ lmhash = a2b_hex(lmhash)
+ nthash = a2b_hex(nthash)
+ except:
+ pass
+
+ self.__userName = user
+ self.__password = password
+ self.__domain = domain
+ self.__lmhash = lmhash
+ self.__nthash = nthash
+ self.__kdc = kdcHost
+ self.__aesKey = aesKey
+ self.__TGT = TGT
+ self.__TGS = TGS
+
+ sessionSetup = SMB2SessionSetup()
+ if self.RequireMessageSigning is True:
+ sessionSetup['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_REQUIRED
+ else:
+ sessionSetup['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_ENABLED
+
+ sessionSetup['Flags'] = 0
+ #sessionSetup['Capabilities'] = SMB2_GLOBAL_CAP_LARGE_MTU |
SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_DFS
+
+ # Importing down here so pyasn1 is not required if kerberos is not
used.
+ from impacket.krb5.asn1 import AP_REQ, Authenticator, TGS_REP, seq_set
+ from impacket.krb5.kerberosv5 import getKerberosTGT, getKerberosTGS
+ from impacket.krb5 import constants
+ from impacket.krb5.types import Principal, KerberosTime, Ticket
+ from pyasn1.codec.der import decoder, encoder
+ import datetime
+
+ # First of all, we need to get a TGT for the user
+ userName = Principal(user,
type=constants.PrincipalNameType.NT_PRINCIPAL.value)
+ if TGT is None:
+ if TGS is None:
+ tgt, cipher, oldSessionKey, sessionKey =
getKerberosTGT(userName, password, domain, lmhash, nthash, aesKey, kdcHost)
+ else:
+ tgt = TGT['KDC_REP']
+ cipher = TGT['cipher']
+ sessionKey = TGT['sessionKey']
+
+ # Save the ticket
+ # If you want, for debugging purposes
+# from impacket.krb5.ccache import CCache
+# ccache = CCache()
+# try:
+# if TGS is None:
+# ccache.fromTGT(tgt, oldSessionKey, sessionKey)
+# else:
+# ccache.fromTGS(TGS['KDC_REP'], TGS['oldSessionKey'],
TGS['sessionKey'] )
+# ccache.saveFile('/tmp/ticket.bin')
+# except Exception, e:
+# print e
+# pass
+
+ # Now that we have the TGT, we should ask for a TGS for cifs
+
+ if TGS is None:
+ serverName = Principal('cifs/%s' %
(self._Connection['ServerName']),
type=constants.PrincipalNameType.NT_SRV_INST.value)
+ tgs, cipher, oldSessionKey, sessionKey =
getKerberosTGS(serverName, domain, kdcHost, tgt, cipher, sessionKey)
+ else:
+ tgs = TGS['KDC_REP']
+ cipher = TGS['cipher']
+ sessionKey = TGS['sessionKey']
+
+ # Let's build a NegTokenInit with a Kerberos REQ_AP
+
+ blob = SPNEGO_NegTokenInit()
+
+ # Kerberos
+ blob['MechTypes'] = [TypesMech['MS KRB5 - Microsoft Kerberos 5']]
+
+ # Let's extract the ticket from the TGS
+ tgs = decoder.decode(tgs, asn1Spec = TGS_REP())[0]
+ ticket = Ticket()
+ ticket.from_asn1(tgs['ticket'])
+
+ # Now let's build the AP_REQ
+ apReq = AP_REQ()
+ apReq['pvno'] = 5
+ apReq['msg-type'] = int(constants.ApplicationTagNumbers.AP_REQ.value)
+
+ opts = list()
+ apReq['ap-options'] = constants.encodeFlags(opts)
+ seq_set(apReq,'ticket', ticket.to_asn1)
+
+ authenticator = Authenticator()
+ authenticator['authenticator-vno'] = 5
+ authenticator['crealm'] = domain
+ seq_set(authenticator, 'cname', userName.components_to_asn1)
+ now = datetime.datetime.utcnow()
+
+ authenticator['cusec'] = now.microsecond
+ authenticator['ctime'] = KerberosTime.to_asn1(now)
+
+ encodedAuthenticator = encoder.encode(authenticator)
+
+ # Key Usage 11
+ # AP-REQ Authenticator (includes application authenticator
+ # subkey), encrypted with the application session key
+ # (Section 5.5.1)
+ encryptedEncodedAuthenticator = cipher.encrypt(sessionKey, 11,
encodedAuthenticator, None)
+
+ apReq['authenticator'] = None
+ apReq['authenticator']['etype'] = cipher.enctype
+ apReq['authenticator']['cipher'] = encryptedEncodedAuthenticator
+
+ blob['MechToken'] = encoder.encode(apReq)
+
+ sessionSetup['SecurityBufferLength'] = len(blob)
+ sessionSetup['Buffer'] = blob.getData()
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_SESSION_SETUP
+ packet['Data'] = sessionSetup
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ self._Session['SessionID'] = ans['SessionID']
+ self._Session['SigningRequired'] =
self._Connection['RequireSigning']
+ self._Session['UserCredentials'] = (user, password, domain,
lmhash, nthash)
+ self._Session['Connection'] =
self._NetBIOSSession.get_socket()
+
+ self._Session['SessionKey'] = sessionKey.contents[:16]
+ if self._Session['SigningRequired'] is True and
self._Connection['Dialect'] == SMB2_DIALECT_30:
+ self._Session['SigningKey'] =
crypto.KDF_CounterMode(self._Session['SessionKey'], "SMB2AESCMAC\x00",
"SmbSign\x00", 128)
+
+ # Calculate the key derivations for dialect 3.0
+ if self._Session['SigningRequired'] is True:
+ self._Session['SigningActivated'] = True
+ if self._Connection['Dialect'] == SMB2_DIALECT_30:
+ self._Session['ApplicationKey'] =
crypto.KDF_CounterMode(self._Session['SessionKey'], "SMB2APP\x00",
"SmbRpc\x00", 128)
+ self._Session['EncryptionKey'] =
crypto.KDF_CounterMode(self._Session['SessionKey'], "SMB2AESCCM\x00", "ServerIn
\x00", 128)
+ self._Session['DecryptionKey'] =
crypto.KDF_CounterMode(self._Session['SessionKey'], "SMB2AESCCM\x00",
"ServerOut\x00", 128)
+
+ return True
+ else:
+ # We clean the stuff we used in case we want to authenticate again
+ # within the same connection
+ self._Session['UserCredentials'] = ''
+ self._Session['Connection'] = 0
+ self._Session['SessionID'] = 0
+ self._Session['SigningRequired'] = False
+ self._Session['SigningKey'] = ''
+ self._Session['SessionKey'] = ''
+ self._Session['SigningActivated'] = False
+ raise
+
+
+ def login(self, user, password, domain = '', lmhash = '', nthash = ''):
+ # If we have hashes, normalize them
+ if lmhash != '' or nthash != '':
+ if len(lmhash) % 2: lmhash = '0%s' % lmhash
+ if len(nthash) % 2: nthash = '0%s' % nthash
+ try: # just in case they were converted already
+ lmhash = a2b_hex(lmhash)
+ nthash = a2b_hex(nthash)
+ except:
+ pass
+
+ self.__userName = user
+ self.__password = password
+ self.__domain = domain
+ self.__lmhash = lmhash
+ self.__nthash = nthash
+ self.__aesKey = ''
+ self.__TGT = None
+ self.__TGS = None
+
+ sessionSetup = SMB2SessionSetup()
+ if self.RequireMessageSigning is True:
+ sessionSetup['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_REQUIRED
+ else:
+ sessionSetup['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_ENABLED
+
+ sessionSetup['Flags'] = 0
+ #sessionSetup['Capabilities'] = SMB2_GLOBAL_CAP_LARGE_MTU |
SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_DFS
+
+ # Let's build a NegTokenInit with the NTLMSSP
+ # TODO: In the future we should be able to choose different providers
+
+ blob = SPNEGO_NegTokenInit()
+
+ # NTLMSSP
+ blob['MechTypes'] = [TypesMech['NTLMSSP - Microsoft NTLM Security
Support Provider']]
+ auth = ntlm.getNTLMSSPType1('','', self._Connection['RequireSigning'])
+ blob['MechToken'] = str(auth)
+
+ sessionSetup['SecurityBufferLength'] = len(blob)
+ sessionSetup['Buffer'] = blob.getData()
+
+ # ToDo:
+ # If this authentication is for establishing an alternative channel
for an existing Session, as specified
+ # in section 3.2.4.1.7, the client MUST also set the following values:
+ # The SessionId field in the SMB2 header MUST be set to the
Session.SessionId for the new
+ # channel being established.
+ # The SMB2_SESSION_FLAG_BINDING bit MUST be set in the Flags field.
+ # The PreviousSessionId field MUST be set to zero.
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_SESSION_SETUP
+ packet['Data'] = sessionSetup
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+ if ans.isValidAnswer(STATUS_MORE_PROCESSING_REQUIRED):
+ self._Session['SessionID'] = ans['SessionID']
+ self._Session['SigningRequired'] =
self._Connection['RequireSigning']
+ self._Session['UserCredentials'] = (user, password, domain,
lmhash, nthash)
+ self._Session['Connection'] =
self._NetBIOSSession.get_socket()
+ sessionSetupResponse = SMB2SessionSetup_Response(ans['Data'])
+ respToken = SPNEGO_NegTokenResp(sessionSetupResponse['Buffer'])
+
+ # Let's parse some data and keep it to ourselves in case it is
asked
+ ntlmChallenge = ntlm.NTLMAuthChallenge(respToken['ResponseToken'])
+ if ntlmChallenge['TargetInfoFields_len'] > 0:
+ av_pairs =
ntlm.AV_PAIRS(ntlmChallenge['TargetInfoFields'][:ntlmChallenge['TargetInfoFields_len']])
+ if av_pairs[ntlm.NTLMSSP_AV_HOSTNAME] is not None:
+ try:
+ self._Session['ServerName'] =
av_pairs[ntlm.NTLMSSP_AV_HOSTNAME][1].decode('utf-16le')
+ except:
+ # For some reason, we couldn't decode Unicode here..
silently discard the operation
+ pass
+ if av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME] is not None:
+ try:
+ if self._Session['ServerName'] !=
av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME][1].decode('utf-16le'):
+ self._Session['ServerDomain'] =
av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME][1].decode('utf-16le')
+ except:
+ # For some reason, we couldn't decode Unicode here..
silently discard the operation
+ pass
+ if av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME] is not None:
+ try:
+ self._Session['ServerDNSDomainName'] =
av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME][1].decode('utf-16le')
+ except:
+ # For some reason, we couldn't decode Unicode here..
silently discard the operation
+ pass
+
+ # Parse Version to know the target Operating system name. Not
provided elsewhere anymore
+ if ntlmChallenge.fields.has_key('Version'):
+ version = ntlmChallenge['Version']
+
+ if len(version) >= 4:
+ self._Session['ServerOS'] = "Windows %d.%d Build %d" %
(ord(version[0]), ord(version[1]), struct.unpack('<H',version[2:4])[0])
+ self._Session["ServerOSMajor"] = ord(version[0])
+ self._Session["ServerOSMinor"] = ord(version[1])
+ self._Session["ServerOSBuild"] =
struct.unpack('<H',version[2:4])[0]
+
+ type3, exportedSessionKey = ntlm.getNTLMSSPType3(auth,
respToken['ResponseToken'], user, password, domain, lmhash, nthash)
+
+ if exportedSessionKey is not None:
+ self._Session['SessionKey'] = exportedSessionKey
+ if self._Session['SigningRequired'] is True and
self._Connection['Dialect'] == SMB2_DIALECT_30:
+ self._Session['SigningKey'] =
crypto.KDF_CounterMode(exportedSessionKey, "SMB2AESCMAC\x00", "SmbSign\x00",
128)
+
+ respToken2 = SPNEGO_NegTokenResp()
+ respToken2['ResponseToken'] = str(type3)
+
+ # Reusing the previous structure
+ sessionSetup['SecurityBufferLength'] = len(respToken2)
+ sessionSetup['Buffer'] = respToken2.getData()
+
+ packetID = self.sendSMB(packet)
+ packet = self.recvSMB(packetID)
+ try:
+ if packet.isValidAnswer(STATUS_SUCCESS):
+ sessionSetupResponse =
SMB2SessionSetup_Response(packet['Data'])
+ self._Session['SessionFlags'] =
sessionSetupResponse['SessionFlags']
+
+ # Calculate the key derivations for dialect 3.0
+ if self._Session['SigningRequired'] is True:
+ self._Session['SigningActivated'] = True
+ if self._Connection['Dialect'] == SMB2_DIALECT_30:
+ self._Session['ApplicationKey'] =
crypto.KDF_CounterMode(exportedSessionKey, "SMB2APP\x00", "SmbRpc\x00", 128)
+ self._Session['EncryptionKey'] =
crypto.KDF_CounterMode(exportedSessionKey, "SMB2AESCCM\x00", "ServerIn \x00",
128)
+ self._Session['DecryptionKey'] =
crypto.KDF_CounterMode(exportedSessionKey, "SMB2AESCCM\x00", "ServerOut\x00",
128)
+
+ return True
+ except:
+ # We clean the stuff we used in case we want to authenticate
again
+ # within the same connection
+ self._Session['UserCredentials'] = ''
+ self._Session['Connection'] = 0
+ self._Session['SessionID'] = 0
+ self._Session['SigningRequired'] = False
+ self._Session['SigningKey'] = ''
+ self._Session['SessionKey'] = ''
+ self._Session['SigningActivated'] = False
+ raise
+
+ def connectTree(self, share):
+
+ # Just in case this came with the full path (maybe an SMB1 client),
let's just leave
+ # the sharename, we'll take care of the rest
+
+ #print self._Session['TreeConnectTable']
+ share = share.split('\\')[-1]
+ if self._Session['TreeConnectTable'].has_key(share):
+ # Already connected, no need to reconnect
+ treeEntry = self._Session['TreeConnectTable'][share]
+ treeEntry['NumberOfUses'] += 1
+
self._Session['TreeConnectTable'][treeEntry['TreeConnectId']]['NumberOfUses']
+= 1
+ return treeEntry['TreeConnectId']
+
+ #path = share
+ try:
+ _, _, _, _, sockaddr =
socket.getaddrinfo(self._Connection['ServerIP'], 80, 0, 0,
socket.IPPROTO_TCP)[0]
+ remoteHost = sockaddr[0]
+ except:
+ remoteHost = self._Connection['ServerIP']
+ path = '\\\\' + remoteHost + '\\' +share
+
+ treeConnect = SMB2TreeConnect()
+ treeConnect['Buffer'] = path.encode('utf-16le')
+ treeConnect['PathLength'] = len(path)*2
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_TREE_CONNECT
+ packet['Data'] = treeConnect
+ packetID = self.sendSMB(packet)
+ packet = self.recvSMB(packetID)
+ if packet.isValidAnswer(STATUS_SUCCESS):
+ treeConnectResponse = SMB2TreeConnect_Response(packet['Data'])
+ treeEntry = copy.deepcopy(TREE_CONNECT)
+ treeEntry['ShareName'] = share
+ treeEntry['TreeConnectId'] = packet['TreeID']
+ treeEntry['Session'] = packet['SessionID']
+ treeEntry['NumberOfUses'] += 1
+ if (treeConnectResponse['Capabilities'] & SMB2_SHARE_CAP_DFS) ==
SMB2_SHARE_CAP_DFS:
+ treeEntry['IsDfsShare'] = True
+ if (treeConnectResponse['Capabilities'] &
SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY) ==
SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY:
+ treeEntry['IsCAShare'] = True
+
+ if self._Connection['Dialect'] == SMB2_DIALECT_30:
+ if (self._Connection['SupportsEncryption'] is True) and
((treeConnectResponse['ShareFlags'] & SMB2_SHAREFLAG_ENCRYPT_DATA) ==
SMB2_SHAREFLAG_ENCRYPT_DATA):
+ treeEntry['EncryptData'] = True
+ # ToDo: This and what follows
+ # If Session.EncryptData is FALSE, the client MUST then
generate an encryption key, a
+ # decryption key as specified in section 3.1.4.2, by
providing the following inputs and store
+ # them in Session.EncryptionKey and Session.DecryptionKey:
+ if (treeConnectResponse['Capabilities'] &
SMB2_SHARE_CAP_SCALEOUT) == SMB2_SHARE_CAP_SCALEOUT:
+ treeEntry['IsScaleoutShare'] = True
+
+ self._Session['TreeConnectTable'][packet['TreeID']] = treeEntry
+ self._Session['TreeConnectTable'][share] = treeEntry
+
+ return packet['TreeID']
+
+ def disconnectTree(self, treeId):
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ if self._Session['TreeConnectTable'].has_key(treeId):
+ # More than 1 use? descrease it and return, if not, send the packet
+ if self._Session['TreeConnectTable'][treeId]['NumberOfUses'] > 1:
+ treeEntry = self._Session['TreeConnectTable'][treeId]
+ treeEntry['NumberOfUses'] -= 1
+
self._Session['TreeConnectTable'][treeEntry['ShareName']]['NumberOfUses'] -= 1
+ return True
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_TREE_DISCONNECT
+ packet['TreeID'] = treeId
+ treeDisconnect = SMB2TreeDisconnect()
+ packet['Data'] = treeDisconnect
+ packetID = self.sendSMB(packet)
+ packet = self.recvSMB(packetID)
+ if packet.isValidAnswer(STATUS_SUCCESS):
+ shareName = self._Session['TreeConnectTable'][treeId]['ShareName']
+ del(self._Session['TreeConnectTable'][shareName])
+ del(self._Session['TreeConnectTable'][treeId])
+ return True
+
+ def create(self, treeId, fileName, desiredAccess, shareMode,
creationOptions, creationDisposition, fileAttributes, impersonationLevel =
SMB2_IL_IMPERSONATION, securityFlags = 0, oplockLevel = SMB2_OPLOCK_LEVEL_NONE,
createContexts = None):
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ fileName = string.replace(fileName, '/', '\\')
+ if len(fileName) > 0:
+ fileName = ntpath.normpath(fileName)
+ if fileName[0] == '\\':
+ fileName = fileName[1:]
+
+ if self._Session['TreeConnectTable'][treeId]['IsDfsShare'] is True:
+ pathName = fileName
+ else:
+ pathName = '\\\\' + self._Connection['ServerName'] + '\\' +
fileName
+
+ fileEntry = copy.deepcopy(FILE)
+ fileEntry['LeaseKey'] = uuid.generate()
+ fileEntry['LeaseState'] = SMB2_LEASE_NONE
+ self.GlobalFileTable[pathName] = fileEntry
+
+ if self._Connection['Dialect'] == SMB2_DIALECT_30 and
self._Connection['SupportsDirectoryLeasing'] is True:
+ # Is this file NOT on the root directory?
+ if len(fileName.split('\\')) > 2:
+ parentDir = ntpath.dirname(pathName)
+ if self.GlobalFileTable.has_key(parentDir):
+ LOG.critical("Don't know what to do now! :-o")
+ raise
+ else:
+ parentEntry = copy.deepcopy(FILE)
+ parentEntry['LeaseKey'] = uuid.generate()
+ parentEntry['LeaseState'] = SMB2_LEASE_NONE
+ self.GlobalFileTable[parentDir] = parentEntry
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_CREATE
+ packet['TreeID'] = treeId
+ if self._Session['TreeConnectTable'][treeId]['IsDfsShare'] is True:
+ packet['Flags'] = SMB2_FLAGS_DFS_OPERATIONS
+
+ smb2Create = SMB2Create()
+ smb2Create['SecurityFlags'] = 0
+ smb2Create['RequestedOplockLevel'] = oplockLevel
+ smb2Create['ImpersonationLevel'] = impersonationLevel
+ smb2Create['DesiredAccess'] = desiredAccess
+ smb2Create['FileAttributes'] = fileAttributes
+ smb2Create['ShareAccess'] = shareMode
+ smb2Create['CreateDisposition'] = creationDisposition
+ smb2Create['CreateOptions'] = creationOptions
+
+ smb2Create['NameLength'] = len(fileName)*2
+ if fileName != '':
+ smb2Create['Buffer'] = fileName.encode('utf-16le')
+ else:
+ smb2Create['Buffer'] = '\x00'
+
+ if createContexts is not None:
+ smb2Create['Buffer'] += createContexts
+ smb2Create['CreateContextsOffset'] = len(SMB2Packet()) +
SMB2Create.SIZE + smb2Create['NameLength']
+ smb2Create['CreateContextsLength'] = len(createContexts)
+ else:
+ smb2Create['CreateContextsOffset'] = 0
+ smb2Create['CreateContextsLength'] = 0
+
+ packet['Data'] = smb2Create
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ createResponse = SMB2Create_Response(ans['Data'])
+
+ openFile = copy.deepcopy(OPEN)
+ openFile['FileID'] = createResponse['FileID']
+ openFile['TreeConnect'] = treeId
+ openFile['Oplocklevel'] = oplockLevel
+ openFile['Durable'] = False
+ openFile['ResilientHandle'] = False
+ openFile['LastDisconnectTime'] = 0
+ openFile['FileName'] = pathName
+
+ # ToDo: Complete the OperationBuckets
+ if self._Connection['Dialect'] == SMB2_DIALECT_30:
+ openFile['DesiredAccess'] = oplockLevel
+ openFile['ShareMode'] = oplockLevel
+ openFile['CreateOptions'] = oplockLevel
+ openFile['FileAttributes'] = oplockLevel
+ openFile['CreateDisposition'] = oplockLevel
+
+ # ToDo: Process the contexts
+ self._Session['OpenTable'][str(createResponse['FileID'])] =
openFile
+
+ # The client MUST generate a handle for the Open, and it MUST
+ # return success and the generated handle to the calling
application.
+ # In our case, str(FileID)
+ return str(createResponse['FileID'])
+
+ def close(self, treeId, fileId):
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if self._Session['OpenTable'].has_key(fileId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_CLOSE
+ packet['TreeID'] = treeId
+
+ smbClose = SMB2Close()
+ smbClose['Flags'] = 0
+ smbClose['FileID'] = fileId
+
+ packet['Data'] = smbClose
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+
del(self.GlobalFileTable[self._Session['OpenTable'][fileId]['FileName']])
+ del(self._Session['OpenTable'][fileId])
+
+ # ToDo Remove stuff from GlobalFileTable
+ return True
+
+ def read(self, treeId, fileId, offset = 0, bytesToRead = 0, waitAnswer =
True):
+ # IMPORTANT NOTE: As you can see, this was coded as a recursive
function
+ # Hence, you can exhaust the memory pretty easy ( large bytesToRead )
+ # This function should NOT be used for reading files directly, but
another higher
+ # level function should be used that will break the read into smaller
pieces
+
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if self._Session['OpenTable'].has_key(fileId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_READ
+ packet['TreeID'] = treeId
+
+ if self._Connection['MaxReadSize'] < bytesToRead:
+ maxBytesToRead = self._Connection['MaxReadSize']
+ else:
+ maxBytesToRead = bytesToRead
+
+ if self._Connection['Dialect'] != SMB2_DIALECT_002 and
self._Connection['SupportsMultiCredit'] is True:
+ packet['CreditCharge'] = ( 1 + (maxBytesToRead - 1) / 65536)
+ else:
+ maxBytesToRead = min(65536,bytesToRead)
+
+ smbRead = SMB2Read()
+ smbRead['Padding'] = 0x50
+ smbRead['FileID'] = fileId
+ smbRead['Length'] = maxBytesToRead
+ smbRead['Offset'] = offset
+ packet['Data'] = smbRead
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ readResponse = SMB2Read_Response(ans['Data'])
+ retData = readResponse['Buffer']
+ if readResponse['DataRemaining'] > 0:
+ retData += self.read(treeId, fileId, offset+len(retData),
readResponse['DataRemaining'], waitAnswer)
+ return retData
+
+ def write(self, treeId, fileId, data, offset = 0, bytesToWrite = 0,
waitAnswer = True):
+ # IMPORTANT NOTE: As you can see, this was coded as a recursive
function
+ # Hence, you can exhaust the memory pretty easy ( large bytesToWrite )
+ # This function should NOT be used for writing directly to files, but
another higher
+ # level function should be used that will break the writes into
smaller pieces
+
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if self._Session['OpenTable'].has_key(fileId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_WRITE
+ packet['TreeID'] = treeId
+
+ if self._Connection['MaxWriteSize'] < bytesToWrite:
+ maxBytesToWrite = self._Connection['MaxWriteSize']
+ else:
+ maxBytesToWrite = bytesToWrite
+
+ if self._Connection['Dialect'] != SMB2_DIALECT_002 and
self._Connection['SupportsMultiCredit'] is True:
+ packet['CreditCharge'] = ( 1 + (maxBytesToWrite - 1) / 65536)
+ else:
+ maxBytesToWrite = min(65536,bytesToWrite)
+
+ smbWrite = SMB2Write()
+ smbWrite['FileID'] = fileId
+ smbWrite['Length'] = maxBytesToWrite
+ smbWrite['Offset'] = offset
+ smbWrite['WriteChannelInfoOffset'] = 0
+ smbWrite['Buffer'] = data[:maxBytesToWrite]
+ packet['Data'] = smbWrite
+
+ packetID = self.sendSMB(packet)
+ if waitAnswer is True:
+ ans = self.recvSMB(packetID)
+ else:
+ return maxBytesToWrite
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ writeResponse = SMB2Write_Response(ans['Data'])
+ bytesWritten = writeResponse['Count']
+ if bytesWritten < bytesToWrite:
+ bytesWritten += self.write(treeId, fileId,
data[bytesWritten:], offset+bytesWritten, bytesToWrite-bytesWritten, waitAnswer)
+ return bytesWritten
+
+ def queryDirectory(self, treeId, fileId, searchString = '*', resumeIndex =
0, informationClass = FILENAMES_INFORMATION, maxBufferSize = None, enumRestart
= False, singleEntry = False):
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if self._Session['OpenTable'].has_key(fileId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_QUERY_DIRECTORY
+ packet['TreeID'] = treeId
+
+ queryDirectory = SMB2QueryDirectory()
+ queryDirectory['FileInformationClass'] = informationClass
+ if resumeIndex != 0 :
+ queryDirectory['Flags'] = SMB2_INDEX_SPECIFIED
+ queryDirectory['FileIndex'] = resumeIndex
+ queryDirectory['FileID'] = fileId
+ if maxBufferSize is None:
+ maxBufferSize = self._Connection['MaxReadSize']
+ queryDirectory['OutputBufferLength'] = maxBufferSize
+ queryDirectory['FileNameLength'] = len(searchString)*2
+ queryDirectory['Buffer'] = searchString.encode('utf-16le')
+
+ packet['Data'] = queryDirectory
+
+ if self._Connection['Dialect'] != SMB2_DIALECT_002 and
self._Connection['SupportsMultiCredit'] is True:
+ packet['CreditCharge'] = ( 1 + (maxBufferSize - 1) / 65536)
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ queryDirectoryResponse = SMB2QueryDirectory_Response(ans['Data'])
+ return queryDirectoryResponse['Buffer']
+
+ def echo(self):
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_ECHO
+ smbEcho = SMB2Echo()
+ packet['Data'] = smbEcho
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ return True
+
+ def cancel(self, packetID):
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_CANCEL
+ packet['MessageID'] = packetID
+
+ smbCancel = SMB2Cancel()
+
+ packet['Data'] = smbCancel
+ self.sendSMB(packet)
+
+ def ioctl(self, treeId, fileId = None, ctlCode = -1, flags = 0, inputBlob
= '', maxInputResponse = None, maxOutputResponse = None, waitAnswer = 1):
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if fileId is None:
+ fileId = '\xff'*16
+ else:
+ if self._Session['OpenTable'].has_key(fileId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_IOCTL
+ packet['TreeID'] = treeId
+
+ smbIoctl = SMB2Ioctl()
+ smbIoctl['FileID'] = fileId
+ smbIoctl['CtlCode'] = ctlCode
+ smbIoctl['MaxInputResponse'] = maxInputResponse
+ smbIoctl['MaxOutputResponse'] = maxOutputResponse
+ smbIoctl['InputCount'] = len(inputBlob)
+ if len(inputBlob) == 0:
+ smbIoctl['InputOffset'] = 0
+ smbIoctl['Buffer'] = '\x00'
+ else:
+ smbIoctl['Buffer'] = inputBlob
+ smbIoctl['OutputOffset'] = 0
+ smbIoctl['MaxOutputResponse'] = maxOutputResponse
+ smbIoctl['Flags'] = flags
+
+ packet['Data'] = smbIoctl
+
+ packetID = self.sendSMB(packet)
+
+ if waitAnswer == 0:
+ return True
+
+ ans = self.recvSMB(packetID)
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ smbIoctlResponse = SMB2Ioctl_Response(ans['Data'])
+ return smbIoctlResponse['Buffer']
+
+ def flush(self,treeId, fileId):
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if self._Session['OpenTable'].has_key(fileId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_FLUSH
+ packet['TreeID'] = treeId
+
+ smbFlush = SMB2Flush()
+ smbFlush['FileID'] = fileId
+
+ packet['Data'] = smbFlush
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ return True
+
+ def lock(self, treeId, fileId, locks, lockSequence = 0):
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if self._Session['OpenTable'].has_key(fileId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_LOCK
+ packet['TreeID'] = treeId
+
+ smbLock = SMB2Lock()
+ smbLock['FileID'] = fileId
+ smbLock['LockCount'] = len(locks)
+ smbLock['LockSequence'] = lockSequence
+ smbLock['Locks'] = ''.join(str(x) for x in locks)
+
+ packet['Data'] = smbLock
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ smbFlushResponse = SMB2Lock_Response(ans['Data'])
+ return True
+
+ # ToDo:
+ # If Open.ResilientHandle is TRUE or Connection.SupportsMultiChannel
is TRUE, the client MUST
+ # do the following:
+ # The client MUST scan through Open.OperationBuckets and find an
element with its Free field
+ # set to TRUE. If no such element could be found, an
implementation-specific error MUST be
+ # returned to the application.
+ # Let the zero-based array index of the element chosen above be
referred to as BucketIndex, and
+ # let BucketNumber = BucketIndex +1.
+ # Set Open.OperationBuckets[BucketIndex].Free = FALSE
+ # Let the SequenceNumber of the element chosen above be referred to as
BucketSequence.
+ # The LockSequence field of the SMB2 lock request MUST be set to
(BucketNumber<< 4) +
+ # BucketSequence.
+ # Increment the SequenceNumber of the element chosen above using MOD
16 arithmetic.
+
+ def logoff(self):
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_LOGOFF
+
+ smbLogoff = SMB2Logoff()
+
+ packet['Data'] = smbLogoff
+
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ # We clean the stuff we used in case we want to authenticate again
+ # within the same connection
+ self._Session['UserCredentials'] = ''
+ self._Session['Connection'] = 0
+ self._Session['SessionID'] = 0
+ self._Session['SigningRequired'] = False
+ self._Session['SigningKey'] = ''
+ self._Session['SessionKey'] = ''
+ self._Session['SigningActivated'] = False
+ return True
+
+ def queryInfo(self, treeId, fileId, inputBlob = '', infoType =
SMB2_0_INFO_FILE, fileInfoClass = SMB2_FILE_STANDARD_INFO,
additionalInformation = 0, flags = 0 ):
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if self._Session['OpenTable'].has_key(fileId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_QUERY_INFO
+ packet['TreeID'] = treeId
+
+ queryInfo = SMB2QueryInfo()
+ queryInfo['FileID'] = fileId
+ queryInfo['InfoType'] = SMB2_0_INFO_FILE
+ queryInfo['FileInfoClass'] = fileInfoClass
+ queryInfo['OutputBufferLength'] = 65535
+ queryInfo['AdditionalInformation'] = additionalInformation
+ if len(inputBlob) == 0:
+ queryInfo['InputBufferOffset'] = 0
+ queryInfo['Buffer'] = '\x00'
+ else:
+ queryInfo['InputBufferLength'] = len(inputBlob)
+ queryInfo['Buffer'] = inputBlob
+ queryInfo['Flags'] = flags
+
+ packet['Data'] = queryInfo
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ queryResponse = SMB2QueryInfo_Response(ans['Data'])
+ return queryResponse['Buffer']
+
+ def setInfo(self, treeId, fileId, inputBlob = '', infoType =
SMB2_0_INFO_FILE, fileInfoClass = SMB2_FILE_STANDARD_INFO,
additionalInformation = 0 ):
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if self._Session['OpenTable'].has_key(fileId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ packet = self.SMB_PACKET()
+ packet['Command'] = SMB2_SET_INFO
+ packet['TreeID'] = treeId
+
+ setInfo = SMB2SetInfo()
+ setInfo['InfoType'] = SMB2_0_INFO_FILE
+ setInfo['FileInfoClass'] = fileInfoClass
+ setInfo['BufferLength'] = len(inputBlob)
+ setInfo['AdditionalInformation'] = additionalInformation
+ setInfo['FileID'] = fileId
+ setInfo['Buffer'] = inputBlob
+
+ packet['Data'] = setInfo
+ packetID = self.sendSMB(packet)
+ ans = self.recvSMB(packetID)
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ return True
+
+ def getSessionKey(self):
+ if self.getDialect() == SMB2_DIALECT_30:
+ return self._Session['ApplicationKey']
+ else:
+ return self._Session['SessionKey']
+
+ def setSessionKey(self, key):
+ if self.getDialect() == SMB2_DIALECT_30:
+ self._Session['ApplicationKey'] = key
+ else:
+ self._Session['SessionKey'] = key
+
+ ######################################################################
+ # Higher level functions
+
+ def rename(self, shareName, oldPath, newPath):
+ oldPath = string.replace(oldPath,'/', '\\')
+ oldPath = ntpath.normpath(oldPath)
+ if len(oldPath) > 0 and oldPath[0] == '\\':
+ oldPath = oldPath[1:]
+
+ newPath = string.replace(newPath,'/', '\\')
+ newPath = ntpath.normpath(newPath)
+ if len(newPath) > 0 and newPath[0] == '\\':
+ newPath = newPath[1:]
+
+ treeId = self.connectTree(shareName)
+ fileId = None
+ try:
+ fileId = self.create(treeId, oldPath, MAXIMUM_ALLOWED
,FILE_SHARE_READ | FILE_SHARE_WRITE |FILE_SHARE_DELETE, 0x200020, FILE_OPEN, 0)
+ renameReq = FILE_RENAME_INFORMATION_TYPE_2()
+ renameReq['ReplaceIfExists'] = 1
+ renameReq['RootDirectory'] = '\x00'*8
+ renameReq['FileNameLength'] = len(newPath)*2
+ renameReq['FileName'] = newPath.encode('utf-16le')
+ self.setInfo(treeId, fileId, renameReq, infoType =
SMB2_0_INFO_FILE, fileInfoClass = SMB2_FILE_RENAME_INFO)
+ finally:
+ if fileId is not None:
+ self.close(treeId, fileId)
+ self.disconnectTree(treeId)
+
+ return True
+
+ def writeFile(self, treeId, fileId, data, offset = 0):
+ finished = False
+ writeOffset = offset
+ while not finished:
+ if len(data) == 0:
+ break
+ writeData = data[:self._Connection['MaxWriteSize']]
+ data = data[self._Connection['MaxWriteSize']:]
+ written = self.write(treeId, fileId, writeData, writeOffset,
len(writeData))
+ writeOffset += written
+ return writeOffset - offset
+
+ def listPath(self, shareName, path, password = None):
+ # ToDo: Handle situations where share is password protected
+ path = string.replace(path,'/', '\\')
+ path = ntpath.normpath(path)
+ if len(path) > 0 and path[0] == '\\':
+ path = path[1:]
+
+ treeId = self.connectTree(shareName)
+
+ fileId = None
+ try:
+ # ToDo, we're assuming it's a directory, we should check what the
file type is
+ fileId = self.create(treeId, ntpath.dirname(path),
FILE_READ_ATTRIBUTES | FILE_READ_DATA ,FILE_SHARE_READ | FILE_SHARE_WRITE
|FILE_SHARE_DELETE, FILE_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT,
FILE_OPEN, 0)
+ res = ''
+ files = []
+ from impacket import smb
+ while True:
+ try:
+ res = self.queryDirectory( treeId, fileId,
ntpath.basename(path), maxBufferSize = 65535, informationClass =
FILE_FULL_DIRECTORY_INFORMATION )
+ nextOffset = 1
+ while nextOffset != 0:
+ fileInfo =
smb.SMBFindFileFullDirectoryInfo(smb.SMB.FLAGS2_UNICODE)
+ fileInfo.fromString(res)
+
files.append(smb.SharedFile(fileInfo['CreationTime'],fileInfo['LastAccessTime'],fileInfo['LastChangeTime'],fileInfo['EndOfFile'],fileInfo['AllocationSize'],fileInfo['ExtFileAttributes'],fileInfo['FileName'].decode('utf-16le'),
fileInfo['FileName'].decode('utf-16le')))
+ nextOffset = fileInfo['NextEntryOffset']
+ res = res[nextOffset:]
+ except SessionError, e:
+ if (e.get_error_code()) != STATUS_NO_MORE_FILES:
+ raise
+ break
+ finally:
+ if fileId is not None:
+ self.close(treeId, fileId)
+ self.disconnectTree(treeId)
+
+ return files
+
+ def mkdir(self, shareName, pathName, password = None):
+ # ToDo: Handle situations where share is password protected
+ pathName = string.replace(pathName,'/', '\\')
+ pathName = ntpath.normpath(pathName)
+ if len(pathName) > 0 and pathName[0] == '\\':
+ pathName = pathName[1:]
+
+ treeId = self.connectTree(shareName)
+
+ fileId = None
+ try:
+ fileId = self.create(treeId, pathName,GENERIC_ALL ,FILE_SHARE_READ
| FILE_SHARE_WRITE |FILE_SHARE_DELETE, FILE_DIRECTORY_FILE |
FILE_SYNCHRONOUS_IO_NONALERT, FILE_CREATE, 0)
+ finally:
+ if fileId is not None:
+ self.close(treeId, fileId)
+ self.disconnectTree(treeId)
+
+ return True
+
+ def rmdir(self, shareName, pathName, password = None):
+ # ToDo: Handle situations where share is password protected
+ pathName = string.replace(pathName,'/', '\\')
+ pathName = ntpath.normpath(pathName)
+ if len(pathName) > 0 and pathName[0] == '\\':
+ pathName = pathName[1:]
+
+ treeId = self.connectTree(shareName)
+
+ fileId = None
+ try:
+ fileId = self.create(treeId, pathName, DELETE, FILE_SHARE_DELETE,
FILE_DIRECTORY_FILE | FILE_DELETE_ON_CLOSE, FILE_OPEN, 0)
+ finally:
+ if fileId is not None:
+ self.close(treeId, fileId)
+ self.disconnectTree(treeId)
+
+ return True
+
+ def remove(self, shareName, pathName, password = None):
+ # ToDo: Handle situations where share is password protected
+ pathName = string.replace(pathName,'/', '\\')
+ pathName = ntpath.normpath(pathName)
+ if len(pathName) > 0 and pathName[0] == '\\':
+ pathName = pathName[1:]
+
+ treeId = self.connectTree(shareName)
+
+ fileId = None
+ try:
+ fileId = self.create(treeId, pathName,DELETE |
FILE_READ_ATTRIBUTES, FILE_SHARE_DELETE, FILE_NON_DIRECTORY_FILE |
FILE_DELETE_ON_CLOSE, FILE_OPEN, 0)
+ finally:
+ if fileId is not None:
+ self.close(treeId, fileId)
+ self.disconnectTree(treeId)
+
+ return True
+
+ def retrieveFile(self, shareName, path, callback, mode = FILE_OPEN, offset
= 0, password = None, shareAccessMode = FILE_SHARE_READ):
+ # ToDo: Handle situations where share is password protected
+ path = string.replace(path,'/', '\\')
+ path = ntpath.normpath(path)
+ if len(path) > 0 and path[0] == '\\':
+ path = path[1:]
+
+ treeId = self.connectTree(shareName)
+ fileId = None
+ from impacket import smb
+ try:
+ fileId = self.create(treeId, path, FILE_READ_DATA,
shareAccessMode, FILE_NON_DIRECTORY_FILE, mode, 0)
+ res = self.queryInfo(treeId, fileId)
+ fileInfo = smb.SMBQueryFileStandardInfo(res)
+ fileSize = fileInfo['EndOfFile']
+ if (fileSize-offset) < self._Connection['MaxReadSize']:
+ # Skip reading 0 bytes files.
+ if (fileSize-offset) > 0:
+ data = self.read(treeId, fileId, offset, fileSize-offset)
+ callback(data)
+ else:
+ written = 0
+ toBeRead = fileSize-offset
+ while written < toBeRead:
+ data = self.read(treeId, fileId, offset,
self._Connection['MaxReadSize'])
+ written += len(data)
+ offset += len(data)
+ callback(data)
+ finally:
+ if fileId is not None:
+ self.close(treeId, fileId)
+ self.disconnectTree(treeId)
+
+ def storeFile(self, shareName, path, callback, mode = FILE_OVERWRITE_IF,
offset = 0, password = None, shareAccessMode = FILE_SHARE_WRITE):
+ # ToDo: Handle situations where share is password protected
+ path = string.replace(path,'/', '\\')
+ path = ntpath.normpath(path)
+ if len(path) > 0 and path[0] == '\\':
+ path = path[1:]
+
+ treeId = self.connectTree(shareName)
+ fileId = None
+ try:
+ fileId = self.create(treeId, path, FILE_WRITE_DATA,
shareAccessMode, FILE_NON_DIRECTORY_FILE, mode, 0)
+ finished = False
+ writeOffset = offset
+ while not finished:
+ data = callback(self._Connection['MaxWriteSize'])
+ if len(data) == 0:
+ break
+ written = self.write(treeId, fileId, data, writeOffset,
len(data))
+ writeOffset += written
+ finally:
+ if fileId is not None:
+ self.close(treeId, fileId)
+ self.disconnectTree(treeId)
+
+ def waitNamedPipe(self, treeId, pipename, timeout = 5):
+ pipename = ntpath.basename(pipename)
+ if self._Session['TreeConnectTable'].has_key(treeId) is False:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+ if len(pipename) > 0xffff:
+ raise SessionError(STATUS_INVALID_PARAMETER)
+
+ pipeWait = FSCTL_PIPE_WAIT_STRUCTURE()
+ pipeWait['Timeout'] = timeout*100000
+ pipeWait['NameLength'] = len(pipename)*2
+ pipeWait['TimeoutSpecified'] = 1
+ pipeWait['Name'] = pipename.encode('utf-16le')
+
+ return self.ioctl(treeId, None,
FSCTL_PIPE_WAIT,flags=SMB2_0_IOCTL_IS_FSCTL, inputBlob=pipeWait,
maxInputResponse = 0, maxOutputResponse=0)
+
+ def getIOCapabilities(self):
+ res = dict()
+
+ res['MaxReadSize'] = self._Connection['MaxReadSize']
+ res['MaxWriteSize'] = self._Connection['MaxWriteSize']
+ return res
+
+
+ ######################################################################
+ # Backward compatibility functions and alias for SMB1 and DCE Transports
+ # NOTE: It is strongly recommended not to use these commands
+ # when implementing new client calls.
+ get_server_name = getServerName
+ get_server_domain = getServerDomain
+ get_server_dns_domain_name = getServerDNSDomainName
+ get_remote_name = getServerName
+ get_remote_host = getServerIP
+ get_server_os = getServerOS
+ get_server_os_major = getServerOSMajor
+ get_server_os_minor = getServerOSMinor
+ get_server_os_build = getServerOSBuild
+ tree_connect_andx = connectTree
+ tree_connect = connectTree
+ connect_tree = connectTree
+ disconnect_tree = disconnectTree
+ set_timeout = setTimeout
+ use_timeout = useTimeout
+ stor_file = storeFile
+ retr_file = retrieveFile
+ list_path = listPath
+
+ def __del__(self):
+ if self._NetBIOSSession:
+ self._NetBIOSSession.close()
+
+
+ def doesSupportNTLMv2(self):
+ # Always true :P
+ return True
+
+ def is_login_required(self):
+ # Always true :P
+ return True
+
+ def is_signing_required(self):
+ return self._Session["SigningRequired"]
+
+ def nt_create_andx(self, treeId, fileName, smb_packet=None, cmd = None):
+ if len(fileName) > 0 and fileName[0] == '\\':
+ fileName = fileName[1:]
+
+ if cmd is not None:
+ from impacket import smb
+ ntCreate = smb.SMBCommand(data = str(cmd))
+ params = smb.SMBNtCreateAndX_Parameters(ntCreate['Parameters'])
+ return self.create(treeId, fileName, params['AccessMask'],
params['ShareAccess'],
+ params['CreateOptions'], params['Disposition'],
params['FileAttributes'],
+ params['Impersonation'],
params['SecurityFlags'])
+
+ else:
+ return self.create(treeId, fileName,
+ FILE_READ_DATA | FILE_WRITE_DATA | FILE_APPEND_DATA |
FILE_READ_EA |
+ FILE_WRITE_EA | FILE_WRITE_ATTRIBUTES |
FILE_READ_ATTRIBUTES | READ_CONTROL,
+ FILE_SHARE_READ | FILE_SHARE_WRITE,
FILE_NON_DIRECTORY_FILE, FILE_OPEN, 0 )
+
+ def get_socket(self):
+ return self._NetBIOSSession.get_socket()
+
+
+ def write_andx(self,tid,fid,data, offset = 0, wait_answer=1,
write_pipe_mode = False, smb_packet=None):
+ # ToDo: Handle the custom smb_packet situation
+ return self.write(tid, fid, data, offset, len(data))
+
+ def TransactNamedPipe(self, tid, fid, data, noAnswer = 0, waitAnswer = 1,
offset = 0):
+ return self.ioctl(tid, fid, FSCTL_PIPE_TRANSCEIVE,
SMB2_0_IOCTL_IS_FSCTL, data, maxOutputResponse = 65535, waitAnswer = noAnswer |
waitAnswer)
+
+ def TransactNamedPipeRecv(self):
+ ans = self.recvSMB()
+
+ if ans.isValidAnswer(STATUS_SUCCESS):
+ smbIoctlResponse = SMB2Ioctl_Response(ans['Data'])
+ return smbIoctlResponse['Buffer']
+
+
+ def read_andx(self, tid, fid, offset=0, max_size = None, wait_answer=1,
smb_packet=None):
+ # ToDo: Handle the custom smb_packet situation
+ if max_size is None:
+ max_size = self._Connection['MaxReadSize']
+ return self.read(tid, fid, offset, max_size, wait_answer)
+
+ def list_shared(self):
+ # In the context of SMB2/3, forget about the old LANMAN, throw NOT
IMPLEMENTED
+ raise SessionError(STATUS_NOT_IMPLEMENTED)
+
+ def open_andx(self, tid, fileName, open_mode, desired_access):
+ # ToDo Return all the attributes of the file
+ if len(fileName) > 0 and fileName[0] == '\\':
+ fileName = fileName[1:]
+
+ fileId = self.create(tid,fileName,desired_access, open_mode,
FILE_NON_DIRECTORY_FILE, open_mode, 0)
+ return fileId, 0, 0, 0, 0, 0, 0, 0, 0
+
diff --git a/tests/python_dependencies/impacket/smb3structs.py
b/tests/python_dependencies/impacket/smb3structs.py
new file mode 100644
index 000000000..ddc8a9084
--- /dev/null
+++ b/tests/python_dependencies/impacket/smb3structs.py
@@ -0,0 +1,1363 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+# Author: Alberto Solino (@agsolino)
+#
+# Description:
+# SMB 2 and 3 Protocol Structures and constants [MS-SMB2]
+#
+
+from impacket.structure import Structure
+
+# Constants
+
+# SMB Packet
+SMB2_PACKET_SIZE = 64
+
+# SMB Commands
+SMB2_NEGOTIATE = 0x0000 #
+SMB2_SESSION_SETUP = 0x0001 #
+SMB2_LOGOFF = 0x0002 #
+SMB2_TREE_CONNECT = 0x0003 #
+SMB2_TREE_DISCONNECT = 0x0004 #
+SMB2_CREATE = 0x0005 #
+SMB2_CLOSE = 0x0006 #
+SMB2_FLUSH = 0x0007 #
+SMB2_READ = 0x0008 #
+SMB2_WRITE = 0x0009 #
+SMB2_LOCK = 0x000A #
+SMB2_IOCTL = 0x000B #
+SMB2_CANCEL = 0x000C #
+SMB2_ECHO = 0x000D #
+SMB2_QUERY_DIRECTORY = 0x000E #
+SMB2_CHANGE_NOTIFY = 0x000F
+SMB2_QUERY_INFO = 0x0010 #
+SMB2_SET_INFO = 0x0011
+SMB2_OPLOCK_BREAK = 0x0012
+
+# SMB Flags
+SMB2_FLAGS_SERVER_TO_REDIR = 0x00000001
+SMB2_FLAGS_ASYNC_COMMAND = 0x00000002
+SMB2_FLAGS_RELATED_OPERATIONS = 0x00000004
+SMB2_FLAGS_SIGNED = 0x00000008
+SMB2_FLAGS_DFS_OPERATIONS = 0x10000000
+SMB2_FLAGS_REPLAY_OPERATION = 0x80000000
+
+# SMB Error SymLink Flags
+SYMLINK_FLAG_ABSOLUTE = 0x0
+SYMLINK_FLAG_RELATIVE = 0x1
+
+# SMB2_NEGOTIATE
+# Security Modes
+SMB2_NEGOTIATE_SIGNING_ENABLED = 0x1
+SMB2_NEGOTIATE_SIGNING_REQUIRED = 0x2
+
+# Capabilities
+SMB2_GLOBAL_CAP_DFS = 0x01
+SMB2_GLOBAL_CAP_LEASING = 0x02
+SMB2_GLOBAL_CAP_LARGE_MTU = 0x04
+SMB2_GLOBAL_CAP_MULTI_CHANNEL = 0x08
+SMB2_GLOBAL_CAP_PERSISTENT_HANDLES = 0x10
+SMB2_GLOBAL_CAP_DIRECTORY_LEASING = 0x20
+SMB2_GLOBAL_CAP_ENCRYPTION = 0x40
+
+# Dialects
+SMB2_DIALECT_002 = 0x0202
+SMB2_DIALECT_21 = 0x0210
+SMB2_DIALECT_30 = 0x0300
+SMB2_DIALECT_WILDCARD = 0x02FF
+
+# SMB2_SESSION_SETUP
+# Flags
+SMB2_SESSION_FLAG_BINDING = 0x01
+SMB2_SESSION_FLAG_IS_GUEST = 0x01
+SMB2_SESSION_FLAG_IS_NULL = 0x02
+SMB2_SESSION_FLAG_ENCRYPT_DATA = 0x04
+
+# SMB2_TREE_CONNECT
+# Types
+SMB2_SHARE_TYPE_DISK = 0x1
+SMB2_SHARE_TYPE_PIPE = 0x2
+SMB2_SHARE_TYPE_PRINT = 0x3
+
+# Share Flags
+SMB2_SHAREFLAG_MANUAL_CACHING = 0x00000000
+SMB2_SHAREFLAG_AUTO_CACHING = 0x00000010
+SMB2_SHAREFLAG_VDO_CACHING = 0x00000020
+SMB2_SHAREFLAG_NO_CACHING = 0x00000030
+SMB2_SHAREFLAG_DFS = 0x00000001
+SMB2_SHAREFLAG_DFS_ROOT = 0x00000002
+SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS = 0x00000100
+SMB2_SHAREFLAG_FORCE_SHARED_DELETE = 0x00000200
+SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING = 0x00000400
+SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM = 0x00000800
+SMB2_SHAREFLAG_FORCE_LEVELII_OPLOCK = 0x00001000
+SMB2_SHAREFLAG_ENABLE_HASH_V1 = 0x00002000
+SMB2_SHAREFLAG_ENABLE_HASH_V2 = 0x00004000
+SMB2_SHAREFLAG_ENCRYPT_DATA = 0x00008000
+
+# Capabilities
+SMB2_SHARE_CAP_DFS = 0x00000008
+SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY = 0x00000010
+SMB2_SHARE_CAP_SCALEOUT = 0x00000020
+SMB2_SHARE_CAP_CLUSTER = 0x00000040
+
+# SMB_CREATE
+# Oplocks
+SMB2_OPLOCK_LEVEL_NONE = 0x00
+SMB2_OPLOCK_LEVEL_II = 0x01
+SMB2_OPLOCK_LEVEL_EXCLUSIVE = 0x08
+SMB2_OPLOCK_LEVEL_BATCH = 0x09
+SMB2_OPLOCK_LEVEL_LEASE = 0xFF
+
+# Impersonation Level
+SMB2_IL_ANONYMOUS = 0x00000000
+SMB2_IL_IDENTIFICATION = 0x00000001
+SMB2_IL_IMPERSONATION = 0x00000002
+SMB2_IL_DELEGATE = 0x00000003
+
+# File Attributes
+FILE_ATTRIBUTE_ARCHIVE = 0x00000020
+FILE_ATTRIBUTE_COMPRESSED = 0x00000800
+FILE_ATTRIBUTE_DIRECTORY = 0x00000010
+FILE_ATTRIBUTE_ENCRYPTED = 0x00004000
+FILE_ATTRIBUTE_HIDDEN = 0x00000002
+FILE_ATTRIBUTE_NORMAL = 0x00000080
+FILE_ATTRIBUTE_NOT_CONTENT_INDEXED = 0x00002000
+FILE_ATTRIBUTE_OFFLINE = 0x00001000
+FILE_ATTRIBUTE_READONLY = 0x00000001
+FILE_ATTRIBUTE_REPARSE_POINT = 0x00000400
+FILE_ATTRIBUTE_SPARSE_FILE = 0x00000200
+FILE_ATTRIBUTE_SYSTEM = 0x00000004
+FILE_ATTRIBUTE_TEMPORARY = 0x00000100
+FILE_ATTRIBUTE_INTEGRITY_STREAM = 0x00000800
+FILE_ATTRIBUTE_NO_SCRUB_DATA = 0x00020000
+
+# Share Access
+FILE_SHARE_READ = 0x00000001
+FILE_SHARE_WRITE = 0x00000002
+FILE_SHARE_DELETE = 0x00000004
+
+# Create Disposition
+FILE_SUPERSEDE = 0x00000000
+FILE_OPEN = 0x00000001
+FILE_CREATE = 0x00000002
+FILE_OPEN_IF = 0x00000003
+FILE_OVERWRITE = 0x00000004
+FILE_OVERWRITE_IF = 0x00000005
+
+# Create Options
+FILE_DIRECTORY_FILE = 0x00000001
+FILE_WRITE_THROUGH = 0x00000002
+FILE_SEQUENTIAL_ONLY = 0x00000004
+FILE_NO_INTERMEDIATE_BUFFERING = 0x00000008
+FILE_SYNCHRONOUS_IO_ALERT = 0x00000010
+FILE_SYNCHRONOUS_IO_NONALERT = 0x00000020
+FILE_NON_DIRECTORY_FILE = 0x00000040
+FILE_COMPLETE_IF_OPLOCKED = 0x00000100
+FILE_NO_EA_KNOWLEDGE = 0x00000200
+FILE_RANDOM_ACCESS = 0x00000800
+FILE_DELETE_ON_CLOSE = 0x00001000
+FILE_OPEN_BY_FILE_ID = 0x00002000
+FILE_OPEN_FOR_BACKUP_INTENT = 0x00004000
+FILE_NO_COMPRESSION = 0x00008000
+FILE_RESERVE_OPFILTER = 0x00100000
+FILE_OPEN_REPARSE_POINT = 0x00200000
+FILE_OPEN_NO_RECALL = 0x00400000
+FILE_OPEN_FOR_FREE_SPACE_QUERY = 0x00800000
+
+# File Access Mask / Desired Access
+FILE_READ_DATA = 0x00000001
+FILE_WRITE_DATA = 0x00000002
+FILE_APPEND_DATA = 0x00000004
+FILE_READ_EA = 0x00000008
+FILE_WRITE_EA = 0x00000010
+FILE_EXECUTE = 0x00000020
+FILE_READ_ATTRIBUTES = 0x00000080
+FILE_WRITE_ATTRIBUTES = 0x00000100
+DELETE = 0x00010000
+READ_CONTROL = 0x00020000
+WRITE_DAC = 0x00040000
+WRITE_OWNER = 0x00080000
+SYNCHRONIZE = 0x00100000
+ACCESS_SYSTEM_SECURITY = 0x01000000
+MAXIMUM_ALLOWED = 0x02000000
+GENERIC_ALL = 0x10000000
+GENERIC_EXECUTE = 0x20000000
+GENERIC_WRITE = 0x40000000
+GENERIC_READ = 0x80000000
+
+# Directory Access Mask
+FILE_LIST_DIRECTORY = 0x00000001
+FILE_ADD_FILE = 0x00000002
+FILE_ADD_SUBDIRECTORY = 0x00000004
+FILE_TRAVERSE = 0x00000020
+FILE_DELETE_CHILD = 0x00000040
+
+# Create Contexts
+SMB2_CREATE_EA_BUFFER = 0x45787441
+SMB2_CREATE_SD_BUFFER = 0x53656344
+SMB2_CREATE_DURABLE_HANDLE_REQUEST = 0x44486e51
+SMB2_CREATE_DURABLE_HANDLE_RECONNECT = 0x44486e43
+SMB2_CREATE_ALLOCATION_SIZE = 0x416c5369
+SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST = 0x4d784163
+SMB2_CREATE_TIMEWARP_TOKEN = 0x54577270
+SMB2_CREATE_QUERY_ON_DISK_ID = 0x51466964
+SMB2_CREATE_REQUEST = 0x52714c73
+SMB2_CREATE_REQUEST_LEASE_V2 = 0x52714c73
+SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2 = 0x44483251
+SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 = 0x44483243
+SMB2_CREATE_APP_INSTANCE_ID = 0x45BCA66AEFA7F74A9008FA462E144D74
+
+# Flags
+SMB2_CREATE_FLAG_REPARSEPOINT = 0x1
+FILE_NEED_EA = 0x80
+
+# CreateAction
+FILE_SUPERSEDED = 0x00000000
+FILE_OPENED = 0x00000001
+FILE_CREATED = 0x00000002
+FILE_OVERWRITTEN = 0x00000003
+
+# SMB2_CREATE_REQUEST_LEASE states
+SMB2_LEASE_NONE = 0x00
+SMB2_LEASE_READ_CACHING = 0x01
+SMB2_LEASE_HANDLE_CACHING = 0x02
+SMB2_LEASE_WRITE_CACHING = 0x04
+
+# SMB2_CREATE_REQUEST_LEASE_V2 Flags
+SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET = 0x4
+
+# SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2 Flags
+SMB2_DHANDLE_FLAG_PERSISTENT = 0x02
+
+# SMB2_CLOSE
+# Flags
+SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB = 0x0001
+
+# SMB2_READ
+# Channel
+SMB2_CHANNEL_NONE = 0x00
+SMB2_CHANNEL_RDMA_V1 = 0x01
+
+# SMB2_WRITE
+# Flags
+SMB2_WRITEFLAG_WRITE_THROUGH = 0x01
+
+# Lease Break Notification
+SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED = 0x01
+
+# SMB_LOCK
+# Flags
+SMB2_LOCKFLAG_SHARED_LOCK = 0x01
+SMB2_LOCKFLAG_EXCLUSIVE_LOCK = 0x02
+SMB2_LOCKFLAG_UNLOCK = 0x04
+SMB2_LOCKFLAG_FAIL_IMMEDIATELY = 0x10
+
+# SMB IOCTL
+# Control Codes
+FSCTL_DFS_GET_REFERRALS = 0x00060194
+FSCTL_PIPE_PEEK = 0x0011400C
+FSCTL_PIPE_WAIT = 0x00110018
+FSCTL_PIPE_TRANSCEIVE = 0x0011C017
+FSCTL_SRV_COPYCHUNK = 0x001440F2
+FSCTL_SRV_ENUMERATE_SNAPSHOTS = 0x00144064
+FSCTL_SRV_REQUEST_RESUME_KEY = 0x00140078
+FSCTL_SRV_READ_HASH = 0x001441bb
+FSCTL_SRV_COPYCHUNK_WRITE = 0x001480F2
+FSCTL_LMR_REQUEST_RESILIENCY = 0x001401D4
+FSCTL_QUERY_NETWORK_INTERFACE_INFO = 0x001401FC
+FSCTL_SET_REPARSE_POINT = 0x000900A4
+FSCTL_DFS_GET_REFERRALS_EX = 0x000601B0
+FSCTL_FILE_LEVEL_TRIM = 0x00098208
+FSCTL_VALIDATE_NEGOTIATE_INFO = 0x00140204
+
+# Flags
+SMB2_0_IOCTL_IS_FSCTL = 0x1
+
+# SRV_READ_HASH
+# Type
+SRV_HASH_TYPE_PEER_DIST = 0x01
+
+# Version
+SRV_HASH_VER_1 = 0x1
+SRV_HASH_VER_2 = 0x2
+
+# Retrieval Type
+SRV_HASH_RETRIEVE_HASH_BASED = 0x01
+SRV_HASH_RETRIEVE_FILE_BASED = 0x02
+
+# NETWORK_INTERFACE_INFO
+# Capabilities
+RSS_CAPABLE = 0x01
+RDMA_CAPABLE = 0x02
+
+# SMB2_QUERY_DIRECTORIES
+# Information Class
+FILE_DIRECTORY_INFORMATION = 0x01
+FILE_FULL_DIRECTORY_INFORMATION = 0x02
+FILEID_FULL_DIRECTORY_INFORMATION = 0x26
+FILE_BOTH_DIRECTORY_INFORMATION = 0x03
+FILEID_BOTH_DIRECTORY_INFORMATION = 0x25
+FILENAMES_INFORMATION = 0x0C
+
+# Flags
+SMB2_RESTART_SCANS = 0x01
+SMB2_RETURN_SINGLE_ENTRY = 0x02
+SMB2_INDEX_SPECIFIED = 0x04
+SMB2_REOPEN = 0x10
+
+# SMB2_CHANGE_NOTIFY
+# Flags
+SMB2_WATCH_TREE = 0x01
+
+# Filters
+FILE_NOTIFY_CHANGE_FILE_NAME = 0x00000001
+FILE_NOTIFY_CHANGE_DIR_NAME = 0x00000002
+FILE_NOTIFY_CHANGE_ATTRIBUTES = 0x00000004
+FILE_NOTIFY_CHANGE_SIZE = 0x00000008
+FILE_NOTIFY_CHANGE_LAST_WRITE = 0x00000010
+FILE_NOTIFY_CHANGE_LAST_ACCESS = 0x00000020
+FILE_NOTIFY_CHANGE_CREATION = 0x00000040
+FILE_NOTIFY_CHANGE_EA = 0x00000080
+FILE_NOTIFY_CHANGE_SECURITY = 0x00000100
+FILE_NOTIFY_CHANGE_STREAM_NAME = 0x00000200
+FILE_NOTIFY_CHANGE_STREAM_SIZE = 0x00000400
+FILE_NOTIFY_CHANGE_STREAM_WRITE = 0x00000800
+
+# FILE_NOTIFY_INFORMATION
+# Actions
+FILE_ACTION_ADDED = 0x00000001
+FILE_ACTION_REMOVED = 0x00000002
+FILE_ACTION_MODIFIED = 0x00000003
+FILE_ACTION_RENAMED_OLD_NAME = 0x00000004
+FILE_ACTION_RENAMED_NEW_NAME = 0x00000005
+
+# SMB2_QUERY_INFO
+# InfoTypes
+SMB2_0_INFO_FILE = 0x01
+SMB2_0_INFO_FILESYSTEM = 0x02
+SMB2_0_INFO_SECURITY = 0x03
+SMB2_0_INFO_QUOTA = 0x04
+
+# File Information Classes
+SMB2_FILE_ACCESS_INFO = 8
+SMB2_FILE_ALIGNMENT_INFO = 17
+SMB2_FILE_ALL_INFO = 18
+SMB2_FILE_ALLOCATION_INFO = 19
+SMB2_FILE_ALTERNATE_NAME_INFO = 21
+SMB2_ATTRIBUTE_TAG_INFO = 35
+SMB2_FILE_BASIC_INFO = 4
+SMB2_FILE_BOTH_DIRECTORY_INFO = 3
+SMB2_FILE_COMPRESSION_INFO = 28
+SMB2_FILE_DIRECTORY_INFO = 1
+SMB2_FILE_DISPOSITION_INFO = 13
+SMB2_FILE_EA_INFO = 7
+SMB2_FILE_END_OF_FILE_INFO = 20
+SMB2_FULL_DIRECTORY_INFO = 2
+SMB2_FULL_EA_INFO = 15
+SMB2_FILE_HARDLINK_INFO = 46
+SMB2_FILE_ID_BOTH_DIRECTORY_INFO = 37
+SMB2_FILE_ID_FULL_DIRECTORY_INFO = 38
+SMB2_FILE_ID_GLOBAL_TX_DIRECTORY_INFO = 50
+SMB2_FILE_INTERNAL_INFO = 6
+SMB2_FILE_LINK_INFO = 11
+SMB2_FILE_MAILSLOT_QUERY_INFO = 26
+SMB2_FILE_MAILSLOT_SET_INFO = 27
+SMB2_FILE_MODE_INFO = 16
+SMB2_FILE_MOVE_CLUSTER_INFO = 31
+SMB2_FILE_NAME_INFO = 9
+SMB2_FILE_NAMES_INFO = 12
+SMB2_FILE_NETWORK_OPEN_INFO = 34
+SMB2_FILE_NORMALIZED_NAME_INFO = 48
+SMB2_FILE_OBJECT_ID_INFO = 29
+SMB2_FILE_PIPE_INFO = 23
+SMB2_FILE_PIPE_LOCAL_INFO = 24
+SMB2_FILE_PIPE_REMOTE_INFO = 25
+SMB2_FILE_POSITION_INFO = 14
+SMB2_FILE_QUOTA_INFO = 32
+SMB2_FILE_RENAME_INFO = 10
+SMB2_FILE_REPARSE_POINT_INFO = 33
+SMB2_FILE_SFIO_RESERVE_INFO = 44
+SMB2_FILE_SHORT_NAME_INFO = 45
+SMB2_FILE_STANDARD_INFO = 5
+SMB2_FILE_STANDARD_LINK_INFO = 54
+SMB2_FILE_STREAM_INFO = 22
+SMB2_FILE_TRACKING_INFO = 36
+SMB2_FILE_VALID_DATA_LENGTH_INFO = 39
+
+# File System Information Classes
+SMB2_FILESYSTEM_VOLUME_INFO = 1
+SMB2_FILESYSTEM_LABEL_INFO = 2
+SMB2_FILESYSTEM_SIZE_INFO = 3
+SMB2_FILESYSTEM_DEVICE_INFO = 4
+SMB2_FILESYSTEM_ATTRIBUTE_INFO = 5
+SMB2_FILESYSTEM_CONTROL_INFO = 6
+SMB2_FILESYSTEM_FULL_SIZE_INFO = 7
+SMB2_FILESYSTEM_OBJECT_ID_INFO = 8
+SMB2_FILESYSTEM_DRIVER_PATH_INFO = 9
+SMB2_FILESYSTEM_SECTOR_SIZE_INFO = 11
+
+# Additional information
+OWNER_SECURITY_INFORMATION = 0x00000001
+GROUP_SECURITY_INFORMATION = 0x00000002
+DACL_SECURITY_INFORMATION = 0x00000004
+SACL_SECURITY_INFORMATION = 0x00000008
+LABEL_SECURITY_INFORMATION = 0x00000010
+
+# Flags
+SL_RESTART_SCAN = 0x00000001
+SL_RETURN_SINGLE_ENTRY = 0x00000002
+SL_INDEX_SPECIFIED = 0x00000004
+
+# TRANSFORM_HEADER
+SMB2_ENCRYPTION_AES128_CCM = 0x0001
+
+
+# STRUCtures
+# Represents a SMB2/3 Packet
+class SMBPacketBase(Structure):
+ def addCommand(self,command):
+ # Pad to 8 bytes and put the offset of another SMBPacket
+ raise 'Implement This!'
+
+ def isValidAnswer(self, status):
+ if self['Status'] != status:
+ import smb3
+ raise smb3.SessionError(self['Status'], self)
+ return True
+
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['TreeID'] = 0
+
+
+class SMB2PacketAsync(SMBPacketBase):
+ structure = (
+ ('ProtocolID','"\xfeSMB'),
+ ('StructureSize','<H=64'),
+ ('CreditCharge','<H=0'),
+ ('Status','<L=0'),
+ ('Command','<H=0'),
+ ('CreditRequestResponse','<H=0'),
+ ('Flags','<L=0'),
+ ('NextCommand','<L=0'),
+ ('MessageID','<Q=0'),
+ ('AsyncID','<Q=0'),
+ ('SessionID','<Q=0'),
+ ('Signature','16s=""'),
+ ('Data',':=""'),
+ )
+
+class SMB3PacketAsync(SMBPacketBase):
+ structure = (
+ ('ProtocolID','"\xfeSMB'),
+ ('StructureSize','<H=64'),
+ ('CreditCharge','<H=0'),
+ ('ChannelSequence','<H=0'),
+ ('Reserved','<H=0'),
+ ('Command','<H=0'),
+ ('CreditRequestResponse','<H=0'),
+ ('Flags','<L=0'),
+ ('NextCommand','<L=0'),
+ ('MessageID','<Q=0'),
+ ('AsyncID','<Q=0'),
+ ('SessionID','<Q=0'),
+ ('Signature','16s=""'),
+ ('Data',':=""'),
+ )
+
+class SMB2Packet(SMBPacketBase):
+ structure = (
+ ('ProtocolID','"\xfeSMB'),
+ ('StructureSize','<H=64'),
+ ('CreditCharge','<H=0'),
+ ('Status','<L=0'),
+ ('Command','<H=0'),
+ ('CreditRequestResponse','<H=0'),
+ ('Flags','<L=0'),
+ ('NextCommand','<L=0'),
+ ('MessageID','<Q=0'),
+ ('Reserved','<L=0'),
+ ('TreeID','<L=0'),
+ ('SessionID','<Q=0'),
+ ('Signature','16s=""'),
+ ('Data',':=""'),
+ )
+
+class SMB3Packet(SMBPacketBase):
+ structure = (
+ ('ProtocolID','"\xfeSMB'),
+ ('StructureSize','<H=64'),
+ ('CreditCharge','<H=0'),
+ ('ChannelSequence','<H=0'),
+ ('Reserved','<H=0'),
+ ('Command','<H=0'),
+ ('CreditRequestResponse','<H=0'),
+ ('Flags','<L=0'),
+ ('NextCommand','<L=0'),
+ ('MessageID','<Q=0'),
+ ('Reserved','<L=0'),
+ ('TreeID','<L=0'),
+ ('SessionID','<Q=0'),
+ ('Signature','16s=""'),
+ ('Data',':=""'),
+ )
+
+class SMB2Error(Structure):
+ structure = (
+ ('StructureSize','<H=9'),
+ ('Reserved','<H=0'),
+ ('ByteCount','<L=0'),
+ ('_ErrorData','_-ErrorData','self["ByteCount"]'),
+ ('ErrorData','"\xff'),
+ )
+
+class SMB2ErrorSymbolicLink(Structure):
+ structure = (
+ ('SymLinkLength','<L=0'),
+ ('SymLinkErrorTag','<L=0'),
+ ('ReparseTag','<L=0'),
+ ('ReparseDataLenght','<H=0'),
+ ('UnparsedPathLength','<H=0'),
+ ('SubstituteNameOffset','<H=0'),
+ ('SubstituteNameLength','<H=0'),
+ ('PrintNameOffset','<H=0'),
+ ('PrintNameLength','<H=0'),
+ ('Flags','<L=0'),
+ ('PathBuffer',':'),
+ )
+
+# SMB2_NEGOTIATE
+class SMB2Negotiate(Structure):
+ structure = (
+ ('StructureSize','<H=36'),
+ ('DialectCount','<H=0'),
+ ('SecurityMode','<H=0'),
+ ('Reserved','<H=0'),
+ ('Capabilities','<L=0'),
+ ('ClientGuid','16s=""'),
+ ('ClientStartTime','<Q=0'),
+ ('Dialects','*<H'),
+ )
+
+class SMB2Negotiate_Response(Structure):
+ structure = (
+ ('StructureSize','<H=65'),
+ ('SecurityMode','<H=0'),
+ ('DialectRevision','<H=0'),
+ ('Reserved','<H=0'),
+ ('ServerGuid','16s=""'),
+ ('Capabilities','<L=0'),
+ ('MaxTransactSize','<L=0'),
+ ('MaxReadSize','<L=0'),
+ ('MaxWriteSize','<L=0'),
+ ('SystemTime','<Q=0'),
+ ('ServerStartTime','<Q=0'),
+ ('SecurityBufferOffset','<H=0'),
+ ('SecurityBufferLength','<H=0'),
+ ('Reserved2','<L=0'),
+ ('_AlignPad','_-AlignPad','self["SecurityBufferOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["SecurityBufferLength"]'),
+ ('Buffer',':'),
+ )
+
+# SMB2_SESSION_SETUP
+class SMB2SessionSetup(Structure):
+ SIZE = 24
+ structure = (
+ ('StructureSize','<H=25'),
+ ('Flags','<B=0'),
+ ('SecurityMode','<B=0'),
+ ('Capabilities','<L=0'),
+ ('Channel','<L=0'),
+ ('SecurityBufferOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'),
+ ('SecurityBufferLength','<H=0'),
+ ('PreviousSessionId','<Q=0'),
+ ('_AlignPad','_-AlignPad','self["SecurityBufferOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["SecurityBufferLength"]'),
+ ('Buffer',':'),
+ )
+
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['AlignPad'] = ''
+
+ def getData(self):
+ #self['AlignPad'] = '\x00' * ((8 - ((24 + SMB2_PACKET_SIZE) & 7)) & 7)
+ #self['SecurityBufferOffset'] = 24 + SMB2_PACKET_SIZE
+len(self['AlignPad'])
+ #self['SecurityBufferLength'] += len(self['AlignPad'])
+ return Structure.getData(self)
+
+
+class SMB2SessionSetup_Response(Structure):
+ structure = (
+ ('StructureSize','<H=9'),
+ ('SessionFlags','<H=0'),
+ ('SecurityBufferOffset','<H=0'),
+ ('SecurityBufferLength','<H=0'),
+ ('_AlignPad','_-AlignPad','self["SecurityBufferOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["SecurityBufferLength"]'),
+ ('Buffer',':'),
+ )
+
+# SMB2_LOGOFF
+class SMB2Logoff(Structure):
+ structure = (
+ ('StructureSize','<H=4'),
+ ('Reserved','<H=0'),
+ )
+
+
+class SMB2Logoff_Response(Structure):
+ structure = (
+ ('StructureSize','<H=4'),
+ ('Reserved','<H=0'),
+ )
+
+# SMB2_TREE_CONNECT
+class SMB2TreeConnect(Structure):
+ SIZE = 8
+ structure = (
+ ('StructureSize','<H=9'),
+ ('Reserved','<H=0'),
+ ('PathOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'),
+ ('PathLength','<H=0'),
+ ('_AlignPad','_-AlignPad','self["PathOffset"] - (64 + self.SIZE - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["PathLength"]'),
+ ('Buffer',':'),
+ )
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['AlignPad'] = ''
+
+class SMB2TreeConnect_Response(Structure):
+ structure = (
+ ('StructureSize','<H=16'),
+ ('ShareType','<B=0'),
+ ('Reserved','<B=0'),
+ ('ShareFlags','<L=0'),
+ ('Capabilities','<L=0'),
+ ('MaximalAccess','<L=0'),
+ )
+
+# SMB2_TREE_DISCONNECT
+class SMB2TreeDisconnect(Structure):
+ structure = (
+ ('StructureSize','<H=4'),
+ ('Reserved','<H=0'),
+ )
+
+class SMB2TreeDisconnect_Response(Structure):
+ structure = (
+ ('StructureSize','<H=4'),
+ ('Reserved','<H=0'),
+ )
+
+# SMB2_CREATE
+class SMB2Create(Structure):
+ SIZE = 56
+ structure = (
+ ('StructureSize','<H=57'),
+ ('SecurityFlags','<B=0'),
+ ('RequestedOplockLevel','<B=0'),
+ ('ImpersonationLevel','<L=0'),
+ ('SmbCreateFlags','<Q=0'),
+ ('Reserved','<Q=0'),
+ ('DesiredAccess','<L=0'),
+ ('FileAttributes','<L=0'),
+ ('ShareAccess','<L=0'),
+ ('CreateDisposition','<L=0'),
+ ('CreateOptions','<L=0'),
+ ('NameOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'),
+ ('NameLength','<H=0'),
+ ('CreateContextsOffset','<L=0'),
+ ('CreateContextsLength','<L=0'),
+ ('_AlignPad','_-AlignPad','self["NameOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+
('_Buffer','_-Buffer','self["CreateContextsLength"]+self["NameLength"]'),
+ ('Buffer',':'),
+ )
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['AlignPad'] = ''
+
+class SMB2CreateContext(Structure):
+ structure = (
+ ('Next','<L=0'),
+ ('NameOffset','<H=0'),
+ ('NameLength','<H=0'),
+ ('Reserved','<H=0'),
+ ('DataOffset','<H=0'),
+ ('DataLength','<L=0'),
+ ('_Buffer','_-Buffer','self["DataLength"]+self["NameLength"]'),
+ ('Buffer',':'),
+ )
+
+class SMB2_FILEID(Structure):
+ structure = (
+ ('Persistent','<Q=0'),
+ ('Volatile','<Q=0'),
+ )
+
+class SMB2Create_Response(Structure):
+ structure = (
+ ('StructureSize','<H=89'),
+ ('OplockLevel','<B=0'),
+ ('Flags','<B=0'),
+ ('CreateAction','<L=0'),
+ ('CreationTime','<Q=0'),
+ ('LastAccessTime','<Q=0'),
+ ('LastWriteTime','<Q=0'),
+ ('ChangeTime','<Q=0'),
+ ('AllocationSize','<Q=0'),
+ ('EndOfFile','<Q=0'),
+ ('FileAttributes','<L=0'),
+ ('Reserved2','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('CreateContextsOffset','<L=0'),
+ ('CreateContextsLength','<L=0'),
+ ('_AlignPad','_-AlignPad','self["CreateContextsOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["CreateContextsLength"]'),
+ ('Buffer',':'),
+ )
+
+class FILE_FULL_EA_INFORMATION(Structure):
+ structure = (
+ ('NextEntryOffset','<L=0'),
+ ('Flags','<B=0'),
+ ('EaNameLength','<B=0'),
+ ('EaValueLength','<H=0'),
+ ('_EaName','_-EaName','self["EaNameLength"]'),
+ ('EaName',':'),
+ ('_EaValue','_-EaValue','self["EaValue"]'),
+ ('EaValue',':'),
+ )
+
+
+class SMB2_CREATE_DURABLE_HANDLE_RECONNECT(Structure):
+ structure = (
+ ('Data',':',SMB2_FILEID),
+ )
+
+class SMB2_CREATE_DURABLE_HANDLE_REQUEST(Structure):
+ structure = (
+ ('DurableRequest','16s=""'),
+ )
+
+class SMB2_CREATE_DURABLE_HANDLE_RESPONSE(Structure):
+ structure = (
+ ('Reserved','<Q=0'),
+ )
+
+class SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST(Structure):
+ structure = (
+ ('Timestamp','<Q=0'),
+ )
+
+class SMB2_CREATE_QUERY_MAXIMAL_ACCESS_RESPONSE(Structure):
+ structure = (
+ ('QueryStatus','<L=0'),
+ ('MaximalAccess','<L=0'),
+ )
+
+class SMB2_CREATE_ALLOCATION_SIZE(Structure):
+ structure = (
+ ('AllocationSize','<Q=0'),
+ )
+
+class SMB2_CREATE_TIMEWARP_TOKEN(Structure):
+ structure = (
+ ('AllocationSize','<Q=0'),
+ )
+
+class SMB2_CREATE_REQUEST_LEASE(Structure):
+ structure = (
+ ('LeaseKey','16s=""'),
+ ('LeaseState','<L=0'),
+ ('LeaseFlags','<L=0'),
+ ('LeaseDuration','<Q=0'),
+ )
+
+SMB2_CREATE_RESPONSE_LEASE = SMB2_CREATE_REQUEST_LEASE
+
+class SMB2_CREATE_REQUEST_LEASE_V2(Structure):
+ structure = (
+ ('LeaseKey','16s=""'),
+ ('LeaseState','<L=0'),
+ ('Flags','<L=0'),
+ ('LeaseDuration','<Q=0'),
+ ('ParentLeaseKey','16s=""'),
+ ('Epoch','<H=0'),
+ ('Reserved','<H=0'),
+ )
+
+SMB2_CREATE_RESPONSE_LEASE_V2 = SMB2_CREATE_REQUEST_LEASE_V2
+
+class SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2(Structure):
+ structure = (
+ ('Timeout','<L=0'),
+ ('Flags','<L=0'),
+ ('Reserved','8s=""'),
+ ('CreateGuid','16s=""'),
+ )
+
+class SMB2_CREATE_DURABLE_HANDLE_RESPONSE_V2(Structure):
+ structure = (
+ ('Timeout','<L=0'),
+ ('Flags','<L=0'),
+ )
+
+class SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2(Structure):
+ structure = (
+ ('FileID',':', SMB2_FILEID),
+ ('CreateGuid','16s=""'),
+ ('Flags','<L=0'),
+ )
+
+class SMB2_CREATE_APP_INSTANCE_ID(Structure):
+ structure = (
+ ('StructureSize','<H=0'),
+ ('Reserved','<H=0'),
+ ('AppInstanceId','16s=""'),
+ )
+
+class SMB2_CREATE_QUERY_ON_DISK_ID(Structure):
+ structure = (
+ ('DiskIDBuffer','32s=""'),
+ )
+
+# Todo: Add Classes for
+#SMB2_CREATE_SD_BUFFER
+
+# SMB2_CLOSE
+class SMB2Close(Structure):
+ structure = (
+ ('StructureSize','<H=24'),
+ ('Flags','<H=0'),
+ ('Reserved','<L=0'),
+ ('FileID',':', SMB2_FILEID),
+ )
+
+class SMB2Close_Response(Structure):
+ structure = (
+ ('StructureSize','<H=60'),
+ ('Flags','<H=0'),
+ ('Reserved','<L=0'),
+ ('CreationTime','<Q=0'),
+ ('LastAccessTime','<Q=0'),
+ ('LastWriteTime','<Q=0'),
+ ('ChangeTime','<Q=0'),
+ ('AllocationSize','<Q=0'),
+ ('EndofFile','<Q=0'),
+ ('FileAttributes','<L=0'),
+ )
+
+# SMB2_FLUSH
+class SMB2Flush(Structure):
+ structure = (
+ ('StructureSize','<H=24'),
+ ('Reserved1','<H=0'),
+ ('Reserved2','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ )
+
+class SMB2Flush_Response(Structure):
+ structure = (
+ ('StructureSize','<H=4'),
+ ('Reserved','<H=0'),
+ )
+
+# SMB2_READ
+class SMB2Read(Structure):
+ SIZE = 48
+ structure = (
+ ('StructureSize','<H=49'),
+ ('Padding','<B=0'),
+ ('Reserved','<B=0'),
+ ('Length','<L=0'),
+ ('Offset','<Q=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('MinimumCount','<L=0'),
+ ('Channel','<L=0'),
+ ('RemainingBytes','<L=0'),
+ ('ReadChannelInfoOffset','<H=0'),
+ ('ReadChannelInfoLength','<H=0'),
+ ('_AlignPad','_-AlignPad','self["ReadChannelInfoOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["ReadChannelInfoLength"]'),
+ ('Buffer',':=0'),
+ )
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['AlignPad'] = ''
+
+
+class SMB2Read_Response(Structure):
+ structure = (
+ ('StructureSize','<H=17'),
+ ('DataOffset','<B=0'),
+ ('Reserved','<B=0'),
+ ('DataLength','<L=0'),
+ ('DataRemaining','<L=0'),
+ ('Reserved2','<L=0'),
+ ('_AlignPad','_-AlignPad','self["DataOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["DataLength"]'),
+ ('Buffer',':'),
+ )
+
+# SMB2_WRITE
+class SMB2Write(Structure):
+ SIZE = 48
+ structure = (
+ ('StructureSize','<H=49'),
+ ('DataOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'),
+ ('Length','<L=0'),
+ ('Offset','<Q=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('Channel','<L=0'),
+ ('RemainingBytes','<L=0'),
+ ('WriteChannelInfoOffset','<H=0'),
+ ('WriteChannelInfoLength','<H=0'),
+ ('_AlignPad','_-AlignPad','self["DataOffset"] +
self["WriteChannelInfoOffset"] - (64 + self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('Flags','<L=0'),
+ ('_Buffer','_-Buffer','self["Length"]+self["WriteChannelInfoLength"]'),
+ ('Buffer',':'),
+ )
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['AlignPad'] = ''
+
+
+class SMB2Write_Response(Structure):
+ structure = (
+ ('StructureSize','<H=17'),
+ ('Reserved','<H=0'),
+ ('Count','<L=0'),
+ ('Remaining','<L=0'),
+ ('WriteChannelInfoOffset','<H=0'),
+ ('WriteChannelInfoLength','<H=0'),
+ )
+
+class SMB2OplockBreakNotification(Structure):
+ structure = (
+ ('StructureSize','<H=24'),
+ ('OplockLevel','<B=0'),
+ ('Reserved','<B=0'),
+ ('Reserved2','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ )
+
+SMB2OplockBreakAcknowledgment = SMB2OplockBreakNotification
+SMB2OplockBreakResponse = SMB2OplockBreakNotification
+
+class SMB2LeaseBreakNotification(Structure):
+ structure = (
+ ('StructureSize','<H=44'),
+ ('NewEpoch','<H=0'),
+ ('Flags','<L=0'),
+ ('LeaseKey','16s=""'),
+ ('CurrentLeaseState','<L=0'),
+ ('NewLeaseState','<L=0'),
+ ('BreakReason','<L=0'),
+ ('AccessMaskHint','<L=0'),
+ ('ShareMaskHint','<L=0'),
+ )
+
+class SMB2LeaseBreakAcknowledgement(Structure):
+ structure = (
+ ('StructureSize','<H=36'),
+ ('Reserved','<H=0'),
+ ('Flags','<L=0'),
+ ('LeaseKey','16s=""'),
+ ('LeaseState','<L=0'),
+ ('LeaseDuration','<Q=0'),
+ )
+
+SMB2LeaseBreakResponse = SMB2LeaseBreakAcknowledgement
+
+# SMB2_LOCK
+class SMB2_LOCK_ELEMENT(Structure):
+ structure = (
+ ('Offset','<Q=0'),
+ ('Length','<Q=0'),
+ ('Flags','<L=0'),
+ ('Reserved','<L=0'),
+ )
+
+class SMB2Lock(Structure):
+ structure = (
+ ('StructureSize','<H=48'),
+ ('LockCount','<H=0'),
+ ('LockSequence','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('_Locks','_-Locks','self["LockCount"]*24'),
+ ('Locks',':'),
+ )
+
+class SMB2Lock_Response(Structure):
+ structure = (
+ ('StructureSize','<H=4'),
+ ('Reserved','<H=0'),
+ )
+
+
+# SMB2_ECHO
+class SMB2Echo(Structure):
+ structure = (
+ ('StructureSize','<H=4'),
+ ('Reserved','<H=0'),
+ )
+
+SMB2Echo_Response = SMB2Echo
+
+# SMB2_CANCEL`
+class SMB2Cancel(Structure):
+ structure = (
+ ('StructureSize','<H=4'),
+ ('Reserved','<H=0'),
+ )
+
+# SMB2_IOCTL
+class SMB2Ioctl(Structure):
+ SIZE = 56
+ structure = (
+ ('StructureSize','<H=57'),
+ ('Reserved','<H=0'),
+ ('CtlCode','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('InputOffset','<L=(self.SIZE + 64 + len(self["AlignPad"]))'),
+ ('InputCount','<L=0'),
+ ('MaxInputResponse','<L=0'),
+ ('OutputOffset','<L=(self.SIZE + 64 + len(self["AlignPad"]) +
self["InputCount"])'),
+ ('OutputCount','<L=0'),
+ ('MaxOutputResponse','<L=0'),
+ ('Flags','<L=0'),
+ ('Reserved2','<L=0'),
+ #('_AlignPad','_-AlignPad','self["InputOffset"] + self["OutputOffset"]
- (64 + self["StructureSize"] - 1)'),
+ #('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["InputCount"]+self["OutputCount"]'),
+ ('Buffer',':'),
+ )
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['AlignPad'] = ''
+
+class FSCTL_PIPE_WAIT_STRUCTURE(Structure):
+ structure = (
+ ('Timeout','<q=0'),
+ ('NameLength','<L=0'),
+ ('TimeoutSpecified','<B=0'),
+ ('Padding','<B=0'),
+ ('_Name','_-Name','self["NameLength"]'),
+ ('Name',':'),
+ )
+
+class SRV_COPYCHUNK_COPY(Structure):
+ structure = (
+ ('SourceKey','24s=""'),
+ ('ChunkCount','<L=0'),
+ ('Reserved','<L=0'),
+ ('_Chunks','_-Chunks', 'self["ChunkCount"]*len(SRV_COPYCHUNK)'),
+ ('Chunks',':'),
+ )
+
+class SRV_COPYCHUNK(Structure):
+ structure = (
+ ('SourceOffset','<Q=0'),
+ ('TargetOffset','<Q=0'),
+ ('Length','<L=0'),
+ ('Reserved','<L=0'),
+ )
+
+class SRV_COPYCHUNK_RESPONSE(Structure):
+ structure = (
+ ('ChunksWritten','<L=0'),
+ ('ChunkBytesWritten','<L=0'),
+ ('TotalBytesWritten','<L=0'),
+ )
+
+class SRV_READ_HASH(Structure):
+ structure = (
+ ('HashType','<L=0'),
+ ('HashVersion','<L=0'),
+ ('HashRetrievalType','<L=0'),
+ ('Length','<L=0'),
+ ('Offset','<Q=0'),
+ )
+
+class NETWORK_RESILIENCY_REQUEST(Structure):
+ structure = (
+ ('Timeout','<L=0'),
+ ('Reserved','<L=0'),
+ )
+
+class VALIDATE_NEGOTIATE_INFO(Structure):
+ structure = (
+ ('Capabilities','<L=0'),
+ ('Guid','16s=""'),
+ ('SecurityMode','<H=0'),
+ #('DialectCount','<H=0'),
+ ('Dialects','<H*<H'),
+ )
+
+class SRV_SNAPSHOT_ARRAY(Structure):
+ structure = (
+ ('NumberOfSnapShots','<L=0'),
+ ('NumberOfSnapShotsReturned','<L=0'),
+ ('SnapShotArraySize','<L=0'),
+ ('_SnapShots','_-SnapShots','self["SnapShotArraySize"]'),
+ ('SnapShots',':'),
+ )
+
+class SRV_REQUEST_RESUME_KEY(Structure):
+ structure = (
+ ('ResumeKey','24s=""'),
+ ('ContextLength','<L=0'),
+ ('_Context','_-Context','self["ContextLength"]'),
+ ('Context',':'),
+ )
+
+class HASH_HEADER(Structure):
+ structure = (
+ ('HashType','<L=0'),
+ ('HashVersion','<L=0'),
+ ('SourceFileChangeTime','<Q=0'),
+ ('SourceFileSize','<Q=0'),
+ ('HashBlobLength','<L=0'),
+ ('HashBlobOffset','<L=0'),
+ ('Dirty','<H=0'),
+ ('SourceFileNameLength','<L=0'),
+ ('_SourceFileName','_-SourceFileName','self["SourceFileNameLength"]',),
+ ('SourceFileName',':'),
+ )
+
+class SRV_HASH_RETRIEVE_HASH_BASED(Structure):
+ structure = (
+ ('Offset','<Q=0'),
+ ('BufferLength','<L=0'),
+ ('Reserved','<L=0'),
+ ('_Buffer','_-Buffer','self["BufferLength"]'),
+ ('Buffer',':'),
+ )
+
+class SRV_HASH_RETRIEVE_FILE_BASED(Structure):
+ structure = (
+ ('FileDataOffset','<Q=0'),
+ ('FileDataLength','<Q=0'),
+ ('BufferLength','<L=0'),
+ ('Reserved','<L=0'),
+ ('_Buffer','_-Buffer','self["BufferLength"]'),
+ ('Buffer',':'),
+ )
+
+class NETWORK_INTERFACE_INFO(Structure):
+ structure = (
+ ('Next','<L=0'),
+ ('IfIndex','<L=0'),
+ ('Capability','<L=0'),
+ ('Reserved','<L=0'),
+ ('LinkSpeed','<Q=0'),
+ ('SockAddr_Storage','128s=""'),
+ )
+
+class SMB2Ioctl_Response(Structure):
+ structure = (
+ ('StructureSize','<H=49'),
+ ('Reserved','<H=0'),
+ ('CtlCode','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('InputOffset','<L=0'),
+ ('InputCount','<L=0'),
+ ('OutputOffset','<L=0'),
+ ('OutputCount','<L=0'),
+ ('Flags','<L=0'),
+ ('Reserved2','<L=0'),
+ ('_AlignPad','_-AlignPad','self["OutputOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["InputCount"]+self["OutputCount"]'),
+ ('Buffer',':'),
+ )
+
+# SMB2_QUERY_DIRECTORY
+class SMB2QueryDirectory(Structure):
+ SIZE = 32
+ structure = (
+ ('StructureSize','<H=33'),
+ ('FileInformationClass','<B=0'),
+ ('Flags','<B=0'),
+ ('FileIndex','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('FileNameOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'),
+ ('FileNameLength','<H=0'),
+ ('OutputBufferLength','<L=0'),
+ ('_AlignPad','_-AlignPad','self["FileNameOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["FileNameLength"]'),
+ ('Buffer',':'),
+ )
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['AlignPad'] = ''
+
+class SMB2QueryDirectory_Response(Structure):
+ structure = (
+ ('StructureSize','<H=9'),
+ ('OutputBufferOffset','<H=0'),
+ ('OutputBufferLength','<L=0'),
+ ('_AlignPad','_-AlignPad','self["OutputBufferOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["OutputBufferLength"]'),
+ ('Buffer',':'),
+ )
+
+# SMB2_CHANGE_NOTIFY
+class SMB2ChangeNotify(Structure):
+ structure = (
+ ('StructureSize','<H=32'),
+ ('Flags','<H=0'),
+ ('OutputBufferLength','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('CompletionFilter','<L=0'),
+ ('Reserved','<L=0'),
+ )
+
+class SMB2ChangeNotify_Response(Structure):
+ structure = (
+ ('StructureSize','<H=9'),
+ ('OutputBufferOffset','<H=0'),
+ ('OutputBufferLength','<L=0'),
+ ('_AlignPad','_-AlignPad','self["OutputBufferOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["OutputBufferLength"]'),
+ ('Buffer',':'),
+ )
+
+class FILE_NOTIFY_INFORMATION(Structure):
+ structure = (
+ ('NextEntryOffset','<L=0'),
+ ('Action','<L=0'),
+ ('FileNameLength','<L=0'),
+ ('_FileName','_-FileName','self["FileNameLength"]',),
+ ('FileName',':'),
+ )
+
+# SMB2_QUERY_INFO
+class SMB2QueryInfo(Structure):
+ SIZE = 40
+ structure = (
+ ('StructureSize','<H=41'),
+ ('InfoType','<B=0'),
+ ('FileInfoClass','<B=0'),
+ ('OutputBufferLength','<L=0'),
+ ('InputBufferOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'),
+ ('Reserved','<H=0'),
+ ('InputBufferLength','<L=0'),
+ ('AdditionalInformation','<L=0'),
+ ('Flags','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('_AlignPad','_-AlignPad','self["InputBufferOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["InputBufferLength"]'),
+ ('Buffer',':'),
+ )
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['AlignPad'] = ''
+
+
+class SMB2_QUERY_QUOTA_INFO(Structure):
+ structure = (
+ ('ReturnSingle','<B=0'),
+ ('RestartScan','<B=0'),
+ ('Reserved','<H=0'),
+ ('SidListLength','<L=0'),
+ ('StartSidLength','<L=0'),
+ ('StartSidOffset','<L=0'),
+ # ToDo: Check 2.2.37.1 here
+ ('SidBuffer',':'),
+ )
+
+class SMB2QueryInfo_Response(Structure):
+ structure = (
+ ('StructureSize','<H=9'),
+ ('OutputBufferOffset','<H=0'),
+ ('OutputBufferLength','<L=0'),
+ ('_AlignPad','_-AlignPad','self["OutputBufferOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["OutputBufferLength"]'),
+ ('Buffer',':'),
+ )
+
+# SMB2_SET_INFO
+class SMB2SetInfo(Structure):
+ SIZE = 32
+ structure = (
+ ('StructureSize','<H=33'),
+ ('InfoType','<B=0'),
+ ('FileInfoClass','<B=0'),
+ ('BufferLength','<L=0'),
+ ('BufferOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'),
+ ('Reserved','<H=0'),
+ ('AdditionalInformation','<L=0'),
+ ('FileID',':',SMB2_FILEID),
+ ('_AlignPad','_-AlignPad','self["BufferOffset"] - (64 +
self["StructureSize"] - 1)'),
+ ('AlignPad',':=""'),
+ ('_Buffer','_-Buffer','self["BufferLength"]'),
+ ('Buffer',':'),
+ )
+ def __init__(self, data = None):
+ Structure.__init__(self,data)
+ if data is None:
+ self['AlignPad'] = ''
+
+class SMB2SetInfo_Response(Structure):
+ structure = (
+ ('StructureSize','<H=2'),
+ )
+
+class FILE_RENAME_INFORMATION_TYPE_2(Structure):
+ structure = (
+ ('ReplaceIfExists','<B=0'),
+ ('Reserved','7s=""'),
+ ('RootDirectory','<Q=0'),
+ ('FileNameLength','<L=0'),
+ ('_FileName','_-FileName','self["FileNameLength"]'),
+ ('FileName',':'),
+ )
+
+class SMB2_TRANSFORM_HEADER(Structure):
+ structure = (
+ ('ProtocolID','"\xfdSMB'),
+ ('Signature','16s=""'),
+ ('Nonce','16s=""'),
+ ('OriginalMessageSize','<L=0'),
+ ('Reserved','<H=0'),
+ ('EncryptionAlgorithm','<H=0'),
+ ('SessionID','<Q=0'),
+ )
+
+# SMB2_FILE_INTERNAL_INFO
+class FileInternalInformation(Structure):
+ structure = (
+ ('IndexNumber','<q=0'),
+ )
diff --git a/tests/python_dependencies/impacket/smbserver.py
b/tests/python_dependencies/impacket/smbserver.py
new file mode 100644
index 000000000..aa795e52e
--- /dev/null
+++ b/tests/python_dependencies/impacket/smbserver.py
@@ -0,0 +1,4168 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+# Author: Alberto Solino (@agsolino)
+#
+# TODO:
+# [-] Functions should return NT error codes
+# [-] Handling errors in all situations, right now it's just raising
exceptions.
+# [*] Standard authentication support
+# [ ] Organize the connectionData stuff
+# [*] Add capability to send a bad user ID if the user is not authenticated,
+# right now you can ask for any command without actually being
authenticated
+# [ ] PATH TRAVERSALS EVERYWHERE.. BE WARNED!
+# [ ] Check the credentials.. now we're just letting everybody to log in.
+# [ ] Check error situation (now many places assume the right data is coming)
+# [ ] Implement IPC to the main process so the connectionData is on a single
place
+# [ ] Hence.. implement locking
+# estamos en la B
+
+from __future__ import with_statement
+import calendar
+import socket
+import time
+import datetime
+import struct
+import ConfigParser
+import SocketServer
+import threading
+import logging
+import logging.config
+import ntpath
+import os
+import fnmatch
+import errno
+import sys
+import random
+import shutil
+from binascii import hexlify
+
+# For signing
+from impacket import smb, nmb, ntlm, uuid, LOG
+from impacket import smb3structs as smb2
+from impacket.spnego import SPNEGO_NegTokenInit, TypesMech, MechTypes,
SPNEGO_NegTokenResp, ASN1_AID, ASN1_SUPPORTED_MECH
+from impacket.nt_errors import STATUS_NO_MORE_FILES,
STATUS_NETWORK_NAME_DELETED, STATUS_INVALID_PARAMETER, \
+ STATUS_FILE_CLOSED, STATUS_MORE_PROCESSING_REQUIRED,
STATUS_OBJECT_PATH_NOT_FOUND, STATUS_DIRECTORY_NOT_EMPTY, \
+ STATUS_FILE_IS_A_DIRECTORY, STATUS_NOT_IMPLEMENTED, STATUS_INVALID_HANDLE,
STATUS_OBJECT_NAME_COLLISION, \
+ STATUS_NO_SUCH_FILE, STATUS_CANCELLED, STATUS_OBJECT_NAME_NOT_FOUND,
STATUS_SUCCESS, STATUS_ACCESS_DENIED, \
+ STATUS_NOT_SUPPORTED, STATUS_INVALID_DEVICE_REQUEST,
STATUS_FS_DRIVER_REQUIRED, STATUS_INVALID_INFO_CLASS
+
+# These ones not defined in nt_errors
+STATUS_SMB_BAD_UID = 0x005B0002
+STATUS_SMB_BAD_TID = 0x00050002
+
+# Utility functions
+# and general functions.
+# There are some common functions that can be accessed from more than one SMB
+# command (or either TRANSACTION). That's why I'm putting them here
+# TODO: Return NT ERROR Codes
+
+def outputToJohnFormat(challenge, username, domain, lmresponse, ntresponse):
+# We don't want to add a possible failure here, since this is an
+# extra bonus. We try, if it fails, returns nothing
+ ret_value = ''
+ try:
+ if len(ntresponse) > 24:
+ # Extended Security - NTLMv2
+ ret_value = {'hash_string':'%s::%s:%s:%s:%s' %
(username.decode('utf-16le'), domain.decode('utf-16le'), hexlify(challenge),
hexlify(ntresponse)[:32], hexlify(ntresponse)[32:]), 'hash_version':'ntlmv2'}
+ else:
+ # NTLMv1
+ ret_value = {'hash_string':'%s::%s:%s:%s:%s' %
(username.decode('utf-16le'), domain.decode('utf-16le'), hexlify(lmresponse),
hexlify(ntresponse), hexlify(challenge)), 'hash_version':'ntlm'}
+ except:
+ # Let's try w/o decoding Unicode
+ try:
+ if len(ntresponse) > 24:
+ # Extended Security - NTLMv2
+ ret_value = {'hash_string':'%s::%s:%s:%s:%s' % (username,
domain, hexlify(challenge), hexlify(ntresponse)[:32],
hexlify(ntresponse)[32:]), 'hash_version':'ntlmv2'}
+ else:
+ # NTLMv1
+ ret_value = {'hash_string':'%s::%s:%s:%s:%s' % (username,
domain, hexlify(lmresponse), hexlify(ntresponse), hexlify(challenge)),
'hash_version':'ntlm'}
+ except Exception, e:
+ LOG.error("outputToJohnFormat: %s" % e)
+ pass
+
+ return ret_value
+
+def writeJohnOutputToFile(hash_string, hash_version, file_name):
+ fn_data = os.path.splitext(file_name)
+ if hash_version == "ntlmv2":
+ output_filename = fn_data[0] + "_ntlmv2" + fn_data[1]
+ else:
+ output_filename = fn_data[0] + "_ntlm" + fn_data[1]
+
+ with open(output_filename,"a") as f:
+ f.write(hash_string)
+ f.write('\n')
+
+
+def decodeSMBString( flags, text ):
+ if flags & smb.SMB.FLAGS2_UNICODE:
+ return text.decode('utf-16le')
+ else:
+ return text
+
+def encodeSMBString( flags, text ):
+ if flags & smb.SMB.FLAGS2_UNICODE:
+ return (text).encode('utf-16le')
+ else:
+ return text
+
+def getFileTime(t):
+ t *= 10000000
+ t += 116444736000000000
+ return t
+
+def getUnixTime(t):
+ t -= 116444736000000000
+ t /= 10000000
+ return t
+
+def getSMBDate(t):
+ # TODO: Fix this :P
+ d = datetime.date.fromtimestamp(t)
+ year = d.year - 1980
+ ret = (year << 8) + (d.month << 4) + d.day
+ return ret
+
+def getSMBTime(t):
+ # TODO: Fix this :P
+ d = datetime.datetime.fromtimestamp(t)
+ return (d.hour << 8) + (d.minute << 4) + d.second
+
+def getShares(connId, smbServer):
+ config = smbServer.getServerConfig()
+ sections = config.sections()
+ # Remove the global one
+ del(sections[sections.index('global')])
+ shares = {}
+ for i in sections:
+ shares[i] = dict(config.items(i))
+ return shares
+
+def searchShare(connId, share, smbServer):
+ config = smbServer.getServerConfig()
+ if config.has_section(share):
+ return dict(config.items(share))
+ else:
+ return None
+
+def openFile(path,fileName, accessMode, fileAttributes, openMode):
+ fileName = os.path.normpath(fileName.replace('\\','/'))
+ errorCode = 0
+ if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'):
+ # strip leading '/'
+ fileName = fileName[1:]
+ pathName = os.path.join(path,fileName)
+ mode = 0
+ # Check the Open Mode
+ if openMode & 0x10:
+ # If the file does not exist, create it.
+ mode = os.O_CREAT
+ else:
+ # If file does not exist, return an error
+ if os.path.exists(pathName) is not True:
+ errorCode = STATUS_NO_SUCH_FILE
+ return 0,mode, pathName, errorCode
+
+ if os.path.isdir(pathName) and (fileAttributes & smb.ATTR_DIRECTORY) == 0:
+ # Request to open a normal file and this is actually a directory
+ errorCode = STATUS_FILE_IS_A_DIRECTORY
+ return 0, mode, pathName, errorCode
+ # Check the Access Mode
+ if accessMode & 0x7 == 1:
+ mode |= os.O_WRONLY
+ elif accessMode & 0x7 == 2:
+ mode |= os.O_RDWR
+ else:
+ mode = os.O_RDONLY
+
+ try:
+ if sys.platform == 'win32':
+ mode |= os.O_BINARY
+ fid = os.open(pathName, mode)
+ except Exception, e:
+ LOG.error("openFile: %s,%s" % (pathName, mode) ,e)
+ fid = 0
+ errorCode = STATUS_ACCESS_DENIED
+
+ return fid, mode, pathName, errorCode
+
+def queryFsInformation(path, filename, level=0):
+
+ if isinstance(filename,unicode):
+ encoding = 'utf-16le'
+ flags = smb.SMB.FLAGS2_UNICODE
+ else:
+ encoding = 'ascii'
+ flags = 0
+
+ fileName = os.path.normpath(filename.replace('\\','/'))
+ if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'):
+ # strip leading '/'
+ fileName = fileName[1:]
+ pathName = os.path.join(path,fileName)
+ fileSize = os.path.getsize(pathName)
+ (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime) =
os.stat(pathName)
+ if level == smb.SMB_QUERY_FS_ATTRIBUTE_INFO or level ==
smb2.SMB2_FILESYSTEM_ATTRIBUTE_INFO:
+ data = smb.SMBQueryFsAttributeInfo()
+ data['FileSystemAttributes'] = smb.FILE_CASE_SENSITIVE_SEARCH |
smb.FILE_CASE_PRESERVED_NAMES
+ data['MaxFilenNameLengthInBytes'] = 255
+ data['LengthOfFileSystemName'] = len('XTFS')*2
+ data['FileSystemName'] = 'XTFS'.encode('utf-16le')
+ return data.getData()
+ elif level == smb.SMB_INFO_VOLUME:
+ data = smb.SMBQueryFsInfoVolume( flags = flags )
+ data['VolumeLabel'] = 'SHARE'.encode(encoding)
+ return data.getData()
+ elif level == smb.SMB_QUERY_FS_VOLUME_INFO or level ==
smb2.SMB2_FILESYSTEM_VOLUME_INFO:
+ data = smb.SMBQueryFsVolumeInfo()
+ data['VolumeLabel'] = ''
+ data['VolumeCreationTime'] = getFileTime(ctime)
+ return data.getData()
+ elif level == smb.SMB_QUERY_FS_SIZE_INFO:
+ data = smb.SMBQueryFsSizeInfo()
+ return data.getData()
+ elif level == smb.FILE_FS_FULL_SIZE_INFORMATION:
+ data = smb.SMBFileFsFullSizeInformation()
+ return data.getData()
+ elif level == smb.FILE_FS_SIZE_INFORMATION:
+ data = smb.FileFsSizeInformation()
+ return data.getData()
+ else:
+ lastWriteTime = mtime
+ attribs = 0
+ if os.path.isdir(pathName):
+ attribs |= smb.SMB_FILE_ATTRIBUTE_DIRECTORY
+ if os.path.isfile(pathName):
+ attribs |= smb.SMB_FILE_ATTRIBUTE_NORMAL
+ fileAttributes = attribs
+ return fileSize, lastWriteTime, fileAttributes
+
+def findFirst2(path, fileName, level, searchAttributes, isSMB2 = False):
+ # TODO: Depending on the level, this could be done much simpler
+
+ #print "FindFirs2 path:%s, filename:%s" % (path, fileName)
+ fileName = os.path.normpath(fileName.replace('\\','/'))
+ # Let's choose the right encoding depending on the request
+ if isinstance(fileName,unicode):
+ encoding = 'utf-16le'
+ flags = smb.SMB.FLAGS2_UNICODE
+ else:
+ encoding = 'ascii'
+ flags = 0
+
+ if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'):
+ # strip leading '/'
+ fileName = fileName[1:]
+
+ pathName = os.path.join(path,fileName)
+ files = []
+
+ if pathName.find('*') == -1 and pathName.find('?') == -1:
+ # No search patterns
+ pattern = ''
+ else:
+ pattern = os.path.basename(pathName)
+ dirName = os.path.dirname(pathName)
+
+ # Always add . and .. Not that important for Windows, but Samba whines if
+ # not present (for * search only)
+ if pattern == '*':
+ files.append(os.path.join(dirName,'.'))
+ files.append(os.path.join(dirName,'..'))
+
+ if pattern != '':
+ for file in os.listdir(dirName):
+ if fnmatch.fnmatch(file.lower(),pattern.lower()):
+ entry = os.path.join(dirName, file)
+ if os.path.isdir(entry):
+ if searchAttributes & smb.ATTR_DIRECTORY:
+ files.append(entry)
+ else:
+ files.append(entry)
+ else:
+ if os.path.exists(pathName):
+ files.append(pathName)
+
+ searchResult = []
+ searchCount = len(files)
+ errorCode = STATUS_SUCCESS
+
+ for i in files:
+ if level == smb.SMB_FIND_FILE_BOTH_DIRECTORY_INFO or level ==
smb2.SMB2_FILE_BOTH_DIRECTORY_INFO:
+ item = smb.SMBFindFileBothDirectoryInfo( flags = flags )
+ elif level == smb.SMB_FIND_FILE_DIRECTORY_INFO or level ==
smb2.SMB2_FILE_DIRECTORY_INFO:
+ item = smb.SMBFindFileDirectoryInfo( flags = flags )
+ elif level == smb.SMB_FIND_FILE_FULL_DIRECTORY_INFO or level ==
smb2.SMB2_FULL_DIRECTORY_INFO:
+ item = smb.SMBFindFileFullDirectoryInfo( flags = flags )
+ elif level == smb.SMB_FIND_INFO_STANDARD:
+ item = smb.SMBFindInfoStandard( flags = flags )
+ elif level == smb.SMB_FIND_FILE_ID_FULL_DIRECTORY_INFO or level ==
smb2.SMB2_FILE_ID_FULL_DIRECTORY_INFO:
+ item = smb.SMBFindFileIdFullDirectoryInfo( flags = flags )
+ elif level == smb.SMB_FIND_FILE_ID_BOTH_DIRECTORY_INFO or level ==
smb2.SMB2_FILE_ID_BOTH_DIRECTORY_INFO:
+ item = smb.SMBFindFileIdBothDirectoryInfo( flags = flags )
+ elif level == smb.SMB_FIND_FILE_NAMES_INFO or level ==
smb2.SMB2_FILE_NAMES_INFO:
+ item = smb.SMBFindFileNamesInfo( flags = flags )
+ else:
+ LOG.error("Wrong level %d!" % level)
+ return searchResult, searchCount, STATUS_NOT_SUPPORTED
+
+ (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime) =
os.stat(i)
+ if os.path.isdir(i):
+ item['ExtFileAttributes'] = smb.ATTR_DIRECTORY
+ else:
+ item['ExtFileAttributes'] = smb.ATTR_NORMAL | smb.ATTR_ARCHIVE
+
+ item['FileName'] = os.path.basename(i).encode(encoding)
+
+ if level == smb.SMB_FIND_FILE_BOTH_DIRECTORY_INFO or level ==
smb.SMB_FIND_FILE_ID_BOTH_DIRECTORY_INFO or level ==
smb2.SMB2_FILE_ID_BOTH_DIRECTORY_INFO or level ==
smb2.SMB2_FILE_BOTH_DIRECTORY_INFO:
+ item['EaSize'] = 0
+ item['EndOfFile'] = size
+ item['AllocationSize'] = size
+ item['CreationTime'] = getFileTime(ctime)
+ item['LastAccessTime'] = getFileTime(atime)
+ item['LastWriteTime'] = getFileTime(mtime)
+ item['LastChangeTime'] = getFileTime(mtime)
+ item['ShortName'] = '\x00'*24
+ item['FileName'] = os.path.basename(i).encode(encoding)
+ padLen = (8-(len(item) % 8)) % 8
+ item['NextEntryOffset'] = len(item) + padLen
+ elif level == smb.SMB_FIND_FILE_DIRECTORY_INFO:
+ item['EndOfFile'] = size
+ item['AllocationSize'] = size
+ item['CreationTime'] = getFileTime(ctime)
+ item['LastAccessTime'] = getFileTime(atime)
+ item['LastWriteTime'] = getFileTime(mtime)
+ item['LastChangeTime'] = getFileTime(mtime)
+ item['FileName'] = os.path.basename(i).encode(encoding)
+ padLen = (8-(len(item) % 8)) % 8
+ item['NextEntryOffset'] = len(item) + padLen
+ elif level == smb.SMB_FIND_FILE_FULL_DIRECTORY_INFO or level ==
smb.SMB_FIND_FILE_ID_FULL_DIRECTORY_INFO or level ==
smb2.SMB2_FULL_DIRECTORY_INFO:
+ item['EaSize'] = 0
+ item['EndOfFile'] = size
+ item['AllocationSize'] = size
+ item['CreationTime'] = getFileTime(ctime)
+ item['LastAccessTime'] = getFileTime(atime)
+ item['LastWriteTime'] = getFileTime(mtime)
+ item['LastChangeTime'] = getFileTime(mtime)
+ padLen = (8-(len(item) % 8)) % 8
+ item['NextEntryOffset'] = len(item) + padLen
+ elif level == smb.SMB_FIND_INFO_STANDARD:
+ item['EaSize'] = size
+ item['CreationDate'] = getSMBDate(ctime)
+ item['CreationTime'] = getSMBTime(ctime)
+ item['LastAccessDate'] = getSMBDate(atime)
+ item['LastAccessTime'] = getSMBTime(atime)
+ item['LastWriteDate'] = getSMBDate(mtime)
+ item['LastWriteTime'] = getSMBTime(mtime)
+ searchResult.append(item)
+
+ # No more files
+ if (level >= smb.SMB_FIND_FILE_DIRECTORY_INFO or isSMB2 == True) and
searchCount > 0:
+ searchResult[-1]['NextEntryOffset'] = 0
+
+ return searchResult, searchCount, errorCode
+
+def queryFileInformation(path, filename, level):
+ #print "queryFileInfo path: %s, filename: %s, level:0x%x" %
(path,filename,level)
+ return queryPathInformation(path,filename, level)
+
+def queryPathInformation(path, filename, level):
+ # TODO: Depending on the level, this could be done much simpler
+ #print "queryPathInfo path: %s, filename: %s, level:0x%x" %
(path,filename,level)
+ try:
+ errorCode = 0
+ fileName = os.path.normpath(filename.replace('\\','/'))
+ if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\') and
path != '':
+ # strip leading '/'
+ fileName = fileName[1:]
+ pathName = os.path.join(path,fileName)
+ if os.path.exists(pathName):
+ (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime) =
os.stat(pathName)
+ if level == smb.SMB_QUERY_FILE_BASIC_INFO:
+ infoRecord = smb.SMBQueryFileBasicInfo()
+ infoRecord['CreationTime'] = getFileTime(ctime)
+ infoRecord['LastAccessTime'] = getFileTime(atime)
+ infoRecord['LastWriteTime'] = getFileTime(mtime)
+ infoRecord['LastChangeTime'] = getFileTime(mtime)
+ if os.path.isdir(pathName):
+ infoRecord['ExtFileAttributes'] = smb.ATTR_DIRECTORY
+ else:
+ infoRecord['ExtFileAttributes'] = smb.ATTR_NORMAL |
smb.ATTR_ARCHIVE
+ elif level == smb.SMB_QUERY_FILE_STANDARD_INFO:
+ infoRecord = smb.SMBQueryFileStandardInfo()
+ infoRecord['AllocationSize'] = size
+ infoRecord['EndOfFile'] = size
+ if os.path.isdir(pathName):
+ infoRecord['Directory'] = 1
+ else:
+ infoRecord['Directory'] = 0
+ elif level == smb.SMB_QUERY_FILE_ALL_INFO or level ==
smb2.SMB2_FILE_ALL_INFO:
+ infoRecord = smb.SMBQueryFileAllInfo()
+ infoRecord['CreationTime'] = getFileTime(ctime)
+ infoRecord['LastAccessTime'] = getFileTime(atime)
+ infoRecord['LastWriteTime'] = getFileTime(mtime)
+ infoRecord['LastChangeTime'] = getFileTime(mtime)
+ if os.path.isdir(pathName):
+ infoRecord['ExtFileAttributes'] = smb.ATTR_DIRECTORY
+ else:
+ infoRecord['ExtFileAttributes'] = smb.ATTR_NORMAL |
smb.ATTR_ARCHIVE
+ infoRecord['AllocationSize'] = size
+ infoRecord['EndOfFile'] = size
+ if os.path.isdir(pathName):
+ infoRecord['Directory'] = 1
+ else:
+ infoRecord['Directory'] = 0
+ infoRecord['FileName'] = filename.encode('utf-16le')
+ elif level == smb2.SMB2_FILE_NETWORK_OPEN_INFO:
+ infoRecord = smb.SMBFileNetworkOpenInfo()
+ infoRecord['CreationTime'] = getFileTime(ctime)
+ infoRecord['LastAccessTime'] = getFileTime(atime)
+ infoRecord['LastWriteTime'] = getFileTime(mtime)
+ infoRecord['ChangeTime'] = getFileTime(mtime)
+ infoRecord['AllocationSize'] = size
+ infoRecord['EndOfFile'] = size
+ if os.path.isdir(pathName):
+ infoRecord['FileAttributes'] = smb.ATTR_DIRECTORY
+ else:
+ infoRecord['FileAttributes'] = smb.ATTR_NORMAL |
smb.ATTR_ARCHIVE
+ elif level == smb.SMB_QUERY_FILE_EA_INFO or level ==
smb2.SMB2_FILE_EA_INFO:
+ infoRecord = smb.SMBQueryFileEaInfo()
+ elif level == smb2.SMB2_FILE_STREAM_INFO:
+ infoRecord = smb.SMBFileStreamInformation()
+ else:
+ LOG.error('Unknown level for query path info! 0x%x' % level)
+ # UNSUPPORTED
+ return None, STATUS_NOT_SUPPORTED
+
+ return infoRecord, errorCode
+ else:
+ # NOT FOUND
+ return None, STATUS_OBJECT_NAME_NOT_FOUND
+ except Exception, e:
+ LOG.error('queryPathInfo: %s' % e)
+ raise
+
+def queryDiskInformation(path):
+# TODO: Do something useful here :)
+# For now we just return fake values
+ totalUnits = 65535
+ freeUnits = 65535
+ return totalUnits, freeUnits
+
+# Here we implement the NT transaction handlers
+class NTTRANSCommands:
+ def default(self, connId, smbServer, recvPacket, parameters, data,
maxDataCount = 0):
+ pass
+
+# Here we implement the NT transaction handlers
+class TRANSCommands:
+ @staticmethod
+ def lanMan(connId, smbServer, recvPacket, parameters, data, maxDataCount =
0):
+ # Minimal [MS-RAP] implementation, just to return the shares
+ connData = smbServer.getConnectionData(connId)
+
+ respSetup = ''
+ respParameters = ''
+ respData = ''
+ errorCode = STATUS_SUCCESS
+ if struct.unpack('<H',parameters[:2])[0] == 0:
+ # NetShareEnum Request
+ netShareEnum = smb.SMBNetShareEnum(parameters)
+ if netShareEnum['InfoLevel'] == 1:
+ shares = getShares(connId, smbServer)
+ respParameters = smb.SMBNetShareEnumResponse()
+ respParameters['EntriesReturned'] = len(shares)
+ respParameters['EntriesAvailable'] = len(shares)
+ tailData = ''
+ for i in shares:
+ # NetShareInfo1 len == 20
+ entry = smb.NetShareInfo1()
+ entry['NetworkName'] = i + '\x00'*(13-len(i))
+ entry['Type'] = int(shares[i]['share type'])
+ # (beto) If offset == 0 it crashes explorer.exe on windows
7
+ entry['RemarkOffsetLow'] = 20 * len(shares) + len(tailData)
+ respData += entry.getData()
+ if shares[i].has_key('comment'):
+ tailData += shares[i]['comment'] + '\x00'
+ else:
+ tailData += '\x00'
+ respData += tailData
+ else:
+ # We don't support other info levels
+ errorCode = STATUS_NOT_SUPPORTED
+ elif struct.unpack('<H',parameters[:2])[0] == 13:
+ # NetrServerGetInfo Request
+ respParameters = smb.SMBNetServerGetInfoResponse()
+ netServerInfo = smb.SMBNetServerInfo1()
+ netServerInfo['ServerName'] = smbServer.getServerName()
+ respData = str(netServerInfo)
+ respParameters['TotalBytesAvailable'] = len(respData)
+ elif struct.unpack('<H',parameters[:2])[0] == 1:
+ # NetrShareGetInfo Request
+ request = smb.SMBNetShareGetInfo(parameters)
+ respParameters = smb.SMBNetShareGetInfoResponse()
+ shares = getShares(connId, smbServer)
+ share = shares[request['ShareName'].upper()]
+ shareInfo = smb.NetShareInfo1()
+ shareInfo['NetworkName'] = request['ShareName'].upper() + '\x00'
+ shareInfo['Type'] = int(share['share type'])
+ respData = shareInfo.getData()
+ if share.has_key('comment'):
+ shareInfo['RemarkOffsetLow'] = len(respData)
+ respData += share['comment'] + '\x00'
+ respParameters['TotalBytesAvailable'] = len(respData)
+
+ else:
+ # We don't know how to handle anything else
+ errorCode = STATUS_NOT_SUPPORTED
+
+ smbServer.setConnectionData(connId, connData)
+
+ return respSetup, respParameters, respData, errorCode
+
+ @staticmethod
+ def transactNamedPipe(connId, smbServer, recvPacket, parameters, data,
maxDataCount = 0):
+ connData = smbServer.getConnectionData(connId)
+
+ respSetup = ''
+ respParameters = ''
+ respData = ''
+ errorCode = STATUS_SUCCESS
+ SMBCommand = smb.SMBCommand(recvPacket['Data'][0])
+ transParameters=
smb.SMBTransaction_Parameters(SMBCommand['Parameters'])
+
+ # Extract the FID
+ fid = struct.unpack('<H', transParameters['Setup'][2:])[0]
+
+ if connData['OpenedFiles'].has_key(fid):
+ fileHandle = connData['OpenedFiles'][fid]['FileHandle']
+ if fileHandle != PIPE_FILE_DESCRIPTOR:
+ os.write(fileHandle,data)
+ respData = os.read(fileHandle,data)
+ else:
+ sock = connData['OpenedFiles'][fid]['Socket']
+ sock.send(data)
+ respData = sock.recv(maxDataCount)
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ smbServer.setConnectionData(connId, connData)
+
+ return respSetup, respParameters, respData, errorCode
+
+# Here we implement the transaction2 handlers
+class TRANS2Commands:
+ # All these commands return setup, parameters, data, errorCode
+ @staticmethod
+ def setPathInformation(connId, smbServer, recvPacket, parameters, data,
maxDataCount = 0):
+ connData = smbServer.getConnectionData(connId)
+
+ respSetup = ''
+ respParameters = ''
+ respData = ''
+ errorCode = STATUS_SUCCESS
+ setPathInfoParameters = smb.SMBSetPathInformation_Parameters(flags =
recvPacket['Flags2'], data = parameters)
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ path = connData['ConnectedShares'][recvPacket['Tid']]['path']
+ fileName = decodeSMBString(recvPacket['Flags2'],
setPathInfoParameters['FileName'])
+ fileName = os.path.normpath(fileName.replace('\\','/'))
+ if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] ==
'\\') and path != '':
+ # strip leading '/'
+ fileName = fileName[1:]
+ pathName = os.path.join(path,fileName)
+ if os.path.exists(pathName):
+ informationLevel = setPathInfoParameters['InformationLevel']
+ if informationLevel == smb.SMB_SET_FILE_BASIC_INFO:
+ infoRecord = smb.SMBSetFileBasicInfo(data)
+ # Creation time won't be set, the other ones we play with.
+ atime = infoRecord['LastAccessTime']
+ if atime == 0:
+ atime = -1
+ else:
+ atime = getUnixTime(atime)
+ mtime = infoRecord['LastWriteTime']
+ if mtime == 0:
+ mtime = -1
+ else:
+ mtime = getUnixTime(mtime)
+ if mtime != -1 or atime != -1:
+ os.utime(pathName,(atime,mtime))
+ else:
+ smbServer.log('Unknown level for set path info! 0x%x' %
setPathInfoParameters['InformationLevel'], logging.ERROR)
+ # UNSUPPORTED
+ errorCode = STATUS_NOT_SUPPORTED
+ else:
+ errorCode = STATUS_OBJECT_NAME_NOT_FOUND
+
+ if errorCode == STATUS_SUCCESS:
+ respParameters = smb.SMBSetPathInformationResponse_Parameters()
+
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ smbServer.setConnectionData(connId, connData)
+
+ return respSetup, respParameters, respData, errorCode
+
+
+ @staticmethod
+ def setFileInformation(connId, smbServer, recvPacket, parameters, data,
maxDataCount = 0):
+ connData = smbServer.getConnectionData(connId)
+
+ respSetup = ''
+ respParameters = ''
+ respData = ''
+ errorCode = STATUS_SUCCESS
+ setFileInfoParameters =
smb.SMBSetFileInformation_Parameters(parameters)
+
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ if connData['OpenedFiles'].has_key(setFileInfoParameters['FID']):
+ fileName =
connData['OpenedFiles'][setFileInfoParameters['FID']]['FileName']
+ informationLevel = setFileInfoParameters['InformationLevel']
+ if informationLevel == smb.SMB_SET_FILE_DISPOSITION_INFO:
+ infoRecord = smb.SMBSetFileDispositionInfo(parameters)
+ if infoRecord['DeletePending'] > 0:
+ # Mark this file for removal after closed
+
connData['OpenedFiles'][setFileInfoParameters['FID']]['DeleteOnClose'] = True
+ respParameters =
smb.SMBSetFileInformationResponse_Parameters()
+ elif informationLevel == smb.SMB_SET_FILE_BASIC_INFO:
+ infoRecord = smb.SMBSetFileBasicInfo(data)
+ # Creation time won't be set, the other ones we play with.
+ atime = infoRecord['LastAccessTime']
+ if atime == 0:
+ atime = -1
+ else:
+ atime = getUnixTime(atime)
+ mtime = infoRecord['LastWriteTime']
+ if mtime == 0:
+ mtime = -1
+ else:
+ mtime = getUnixTime(mtime)
+ os.utime(fileName,(atime,mtime))
+ elif informationLevel == smb.SMB_SET_FILE_END_OF_FILE_INFO:
+ fileHandle =
connData['OpenedFiles'][setFileInfoParameters['FID']]['FileHandle']
+ infoRecord = smb.SMBSetFileEndOfFileInfo(data)
+ if infoRecord['EndOfFile'] > 0:
+ os.lseek(fileHandle, infoRecord['EndOfFile']-1, 0)
+ os.write(fileHandle, '\x00')
+ else:
+ smbServer.log('Unknown level for set file info! 0x%x' %
setFileInfoParameters['InformationLevel'], logging.ERROR)
+ # UNSUPPORTED
+ errorCode = STATUS_NOT_SUPPORTED
+ else:
+ errorCode = STATUS_NO_SUCH_FILE
+
+ if errorCode == STATUS_SUCCESS:
+ respParameters = smb.SMBSetFileInformationResponse_Parameters()
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ smbServer.setConnectionData(connId, connData)
+
+ return respSetup, respParameters, respData, errorCode
+
+ @staticmethod
+ def queryFileInformation(connId, smbServer, recvPacket, parameters, data,
maxDataCount = 0):
+ connData = smbServer.getConnectionData(connId)
+
+ respSetup = ''
+ respParameters = ''
+ respData = ''
+
+ queryFileInfoParameters =
smb.SMBQueryFileInformation_Parameters(parameters)
+
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ if connData['OpenedFiles'].has_key(queryFileInfoParameters['FID']):
+ fileName =
connData['OpenedFiles'][queryFileInfoParameters['FID']]['FileName']
+
+ infoRecord, errorCode = queryFileInformation('', fileName,
queryFileInfoParameters['InformationLevel'])
+
+ if infoRecord is not None:
+ respParameters =
smb.SMBQueryFileInformationResponse_Parameters()
+ respData = infoRecord
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ smbServer.setConnectionData(connId, connData)
+
+ return respSetup, respParameters, respData, errorCode
+
+ @staticmethod
+ def queryPathInformation(connId, smbServer, recvPacket, parameters, data,
maxDataCount = 0):
+ connData = smbServer.getConnectionData(connId)
+
+ respSetup = ''
+ respParameters = ''
+ respData = ''
+ errorCode = 0
+
+ queryPathInfoParameters = smb.SMBQueryPathInformation_Parameters(flags
= recvPacket['Flags2'], data = parameters)
+
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ path = connData['ConnectedShares'][recvPacket['Tid']]['path']
+ try:
+ infoRecord, errorCode = queryPathInformation(path,
decodeSMBString(recvPacket['Flags2'], queryPathInfoParameters['FileName']),
queryPathInfoParameters['InformationLevel'])
+ except Exception, e:
+ smbServer.log("queryPathInformation: %s" % e,logging.ERROR)
+
+ if infoRecord is not None:
+ respParameters =
smb.SMBQueryPathInformationResponse_Parameters()
+ respData = infoRecord
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ smbServer.setConnectionData(connId, connData)
+
+ return respSetup, respParameters, respData, errorCode
+
+ @staticmethod
+ def queryFsInformation(connId, smbServer, recvPacket, parameters, data,
maxDataCount = 0):
+ connData = smbServer.getConnectionData(connId)
+ errorCode = 0
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ data =
queryFsInformation(connData['ConnectedShares'][recvPacket['Tid']]['path'], '',
struct.unpack('<H',parameters)[0])
+
+ smbServer.setConnectionData(connId, connData)
+
+ return '','', data, errorCode
+
+ @staticmethod
+ def findNext2(connId, smbServer, recvPacket, parameters, data,
maxDataCount):
+ connData = smbServer.getConnectionData(connId)
+
+ respSetup = ''
+ respParameters = ''
+ respData = ''
+ errorCode = STATUS_SUCCESS
+ findNext2Parameters = smb.SMBFindNext2_Parameters(flags =
recvPacket['Flags2'], data = parameters)
+
+ sid = findNext2Parameters['SID']
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ if connData['SIDs'].has_key(sid):
+ searchResult = connData['SIDs'][sid]
+ respParameters = smb.SMBFindNext2Response_Parameters()
+ endOfSearch = 1
+ searchCount = 1
+ totalData = 0
+ for i in enumerate(searchResult):
+ data = i[1].getData()
+ lenData = len(data)
+ if (totalData+lenData) >= maxDataCount or (i[0]+1) >=
findNext2Parameters['SearchCount']:
+ # We gotta stop here and continue on a find_next2
+ endOfSearch = 0
+ connData['SIDs'][sid] = searchResult[i[0]:]
+ respParameters['LastNameOffset'] = totalData
+ break
+ else:
+ searchCount +=1
+ respData += data
+ totalData += lenData
+
+ # Have we reached the end of the search or still stuff to send?
+ if endOfSearch > 0:
+ # Let's remove the SID from our ConnData
+ del(connData['SIDs'][sid])
+
+ respParameters['EndOfSearch'] = endOfSearch
+ respParameters['SearchCount'] = searchCount
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ smbServer.setConnectionData(connId, connData)
+
+ return respSetup, respParameters, respData, errorCode
+
+ @staticmethod
+ def findFirst2(connId, smbServer, recvPacket, parameters, data,
maxDataCount):
+ connData = smbServer.getConnectionData(connId)
+
+ respSetup = ''
+ respParameters = ''
+ respData = ''
+ findFirst2Parameters = smb.SMBFindFirst2_Parameters(
recvPacket['Flags2'], data = parameters)
+
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ path = connData['ConnectedShares'][recvPacket['Tid']]['path']
+
+ searchResult, searchCount, errorCode = findFirst2(path,
+ decodeSMBString( recvPacket['Flags2'],
findFirst2Parameters['FileName'] ),
+ findFirst2Parameters['InformationLevel'],
+ findFirst2Parameters['SearchAttributes'] )
+
+ respParameters = smb.SMBFindFirst2Response_Parameters()
+ endOfSearch = 1
+ sid = 0x80 # default SID
+ searchCount = 0
+ totalData = 0
+ for i in enumerate(searchResult):
+ #i[1].dump()
+ data = i[1].getData()
+ lenData = len(data)
+ if (totalData+lenData) >= maxDataCount or (i[0]+1) >
findFirst2Parameters['SearchCount']:
+ # We gotta stop here and continue on a find_next2
+ endOfSearch = 0
+ # Simple way to generate a fid
+ if len(connData['SIDs']) == 0:
+ sid = 1
+ else:
+ sid = connData['SIDs'].keys()[-1] + 1
+ # Store the remaining search results in the ConnData SID
+ connData['SIDs'][sid] = searchResult[i[0]:]
+ respParameters['LastNameOffset'] = totalData
+ break
+ else:
+ searchCount +=1
+ respData += data
+
+ padLen = (8-(lenData % 8)) %8
+ respData += '\xaa'*padLen
+ totalData += lenData + padLen
+
+ respParameters['SID'] = sid
+ respParameters['EndOfSearch'] = endOfSearch
+ respParameters['SearchCount'] = searchCount
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ smbServer.setConnectionData(connId, connData)
+
+ return respSetup, respParameters, respData, errorCode
+
+# Here we implement the commands handlers
+class SMBCommands:
+
+ @staticmethod
+ def smbTransaction(connId, smbServer, SMBCommand, recvPacket,
transCommands):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(recvPacket['Command'])
+
+ transParameters=
smb.SMBTransaction_Parameters(SMBCommand['Parameters'])
+
+ # Do the stuff
+ if transParameters['ParameterCount'] !=
transParameters['TotalParameterCount']:
+ # TODO: Handle partial parameters
+ raise Exception("Unsupported partial parameters in TRANSACT2!")
+ else:
+ transData = smb.SMBTransaction_SData(flags = recvPacket['Flags2'])
+ # Standard says servers shouldn't trust Parameters and Data comes
+ # in order, so we have to parse the offsets, ugly
+
+ paramCount = transParameters['ParameterCount']
+ transData['Trans_ParametersLength'] = paramCount
+ dataCount = transParameters['DataCount']
+ transData['Trans_DataLength'] = dataCount
+ transData.fromString(SMBCommand['Data'])
+ if transParameters['ParameterOffset'] > 0:
+ paramOffset = transParameters['ParameterOffset'] - 63 -
transParameters['SetupLength']
+ transData['Trans_Parameters'] =
SMBCommand['Data'][paramOffset:paramOffset+paramCount]
+ else:
+ transData['Trans_Parameters'] = ''
+
+ if transParameters['DataOffset'] > 0:
+ dataOffset = transParameters['DataOffset'] - 63 -
transParameters['SetupLength']
+ transData['Trans_Data'] =
SMBCommand['Data'][dataOffset:dataOffset + dataCount]
+ else:
+ transData['Trans_Data'] = ''
+
+ # Call the handler for this TRANSACTION
+ if transParameters['SetupCount'] == 0:
+ # No subcommand, let's play with the Name
+ command =
decodeSMBString(recvPacket['Flags2'],transData['Name'])
+ else:
+ command = struct.unpack('<H', transParameters['Setup'][:2])[0]
+
+ if transCommands.has_key(command):
+ # Call the TRANS subcommand
+ setup = ''
+ parameters = ''
+ data = ''
+ try:
+ setup, parameters, data, errorCode =
transCommands[command](connId,
+ smbServer,
+ recvPacket,
+ transData['Trans_Parameters'],
+ transData['Trans_Data'],
+ transParameters['MaxDataCount'])
+ except Exception, e:
+ #print 'Transaction: %s' % e,e
+ smbServer.log('Transaction: (%r,%s)' % (command, e),
logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ #raise
+
+ if setup == '' and parameters == '' and data == '':
+ # Something wen't wrong
+ respParameters = ''
+ respData = ''
+ else:
+ # Build the answer
+ data = str(data)
+ remainingData = len(data)
+ parameters = str(parameters)
+ remainingParameters = len(parameters)
+ commands = []
+ dataDisplacement = 0
+ while remainingData > 0 or remainingParameters > 0:
+ respSMBCommand = smb.SMBCommand(recvPacket['Command'])
+ respParameters = smb.SMBTransactionResponse_Parameters()
+ respData = smb.SMBTransaction2Response_Data()
+
+ respParameters['TotalParameterCount'] = len(parameters)
+ respParameters['ParameterCount'] = len(parameters)
+ respData['Trans_ParametersLength'] = len(parameters)
+ respParameters['TotalDataCount'] = len(data)
+ respParameters['DataDisplacement'] = dataDisplacement
+
+ # TODO: Do the same for parameters
+ if len(data) > transParameters['MaxDataCount']:
+ # Answer doesn't fit in this packet
+ LOG.debug("Lowering answer from %d to %d" %
(len(data),transParameters['MaxDataCount']) )
+ respParameters['DataCount'] =
transParameters['MaxDataCount']
+ else:
+ respParameters['DataCount'] = len(data)
+
+ respData['Trans_DataLength'] =
respParameters['DataCount']
+ respParameters['SetupCount'] = len(setup)
+ respParameters['Setup'] = setup
+ # TODO: Make sure we're calculating the pad right
+ if len(parameters) > 0:
+ #padLen = 4 - (55 + len(setup)) % 4
+ padLen = (4 - (55 + len(setup)) % 4 ) % 4
+ padBytes = '\xFF' * padLen
+ respData['Pad1'] = padBytes
+ respParameters['ParameterOffset'] = 55 + len(setup)
+ padLen
+ else:
+ padLen = 0
+ respParameters['ParameterOffset'] = 0
+ respData['Pad1'] = ''
+
+ if len(data) > 0:
+ #pad2Len = 4 - (55 + len(setup) + padLen +
len(parameters)) % 4
+ pad2Len = (4 - (55 + len(setup) + padLen +
len(parameters)) % 4) % 4
+ respData['Pad2'] = '\xFF' * pad2Len
+ respParameters['DataOffset'] = 55 + len(setup) +
padLen + len(parameters) + pad2Len
+ else:
+ respParameters['DataOffset'] = 0
+ respData['Pad2'] = ''
+
+ respData['Trans_Parameters'] =
parameters[:respParameters['ParameterCount']]
+ respData['Trans_Data'] =
data[:respParameters['DataCount']]
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ data = data[respParameters['DataCount']:]
+ remainingData -= respParameters['DataCount']
+ dataDisplacement += respParameters['DataCount'] + 1
+
+ parameters =
parameters[respParameters['ParameterCount']:]
+ remainingParameters -= respParameters['ParameterCount']
+ commands.append(respSMBCommand)
+
+ smbServer.setConnectionData(connId, connData)
+ return commands, None, errorCode
+
+ else:
+ smbServer.log("Unsupported Transact command %r" % command,
logging.ERROR)
+ respParameters = ''
+ respData = ''
+ errorCode = STATUS_NOT_IMPLEMENTED
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+
+ @staticmethod
+ def smbNTTransact(connId, smbServer, SMBCommand, recvPacket,
transCommands):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(recvPacket['Command'])
+
+ NTTransParameters=
smb.SMBNTTransaction_Parameters(SMBCommand['Parameters'])
+ # Do the stuff
+ if NTTransParameters['ParameterCount'] !=
NTTransParameters['TotalParameterCount']:
+ # TODO: Handle partial parameters
+ raise Exception("Unsupported partial parameters in NTTrans!")
+ else:
+ NTTransData = smb.SMBNTTransaction_Data()
+ # Standard says servers shouldn't trust Parameters and Data comes
+ # in order, so we have to parse the offsets, ugly
+
+ paramCount = NTTransParameters['ParameterCount']
+ NTTransData['NT_Trans_ParametersLength'] = paramCount
+ dataCount = NTTransParameters['DataCount']
+ NTTransData['NT_Trans_DataLength'] = dataCount
+
+ if NTTransParameters['ParameterOffset'] > 0:
+ paramOffset = NTTransParameters['ParameterOffset'] - 73 -
NTTransParameters['SetupLength']
+ NTTransData['NT_Trans_Parameters'] =
SMBCommand['Data'][paramOffset:paramOffset+paramCount]
+ else:
+ NTTransData['NT_Trans_Parameters'] = ''
+
+ if NTTransParameters['DataOffset'] > 0:
+ dataOffset = NTTransParameters['DataOffset'] - 73 -
NTTransParameters['SetupLength']
+ NTTransData['NT_Trans_Data'] =
SMBCommand['Data'][dataOffset:dataOffset + dataCount]
+ else:
+ NTTransData['NT_Trans_Data'] = ''
+
+ # Call the handler for this TRANSACTION
+ command = NTTransParameters['Function']
+ if transCommands.has_key(command):
+ # Call the NT TRANS subcommand
+ setup = ''
+ parameters = ''
+ data = ''
+ try:
+ setup, parameters, data, errorCode =
transCommands[command](connId,
+ smbServer,
+ recvPacket,
+ NTTransData['NT_Trans_Parameters'],
+ NTTransData['NT_Trans_Data'],
+ NTTransParameters['MaxDataCount'])
+ except Exception, e:
+ smbServer.log('NTTransaction: (0x%x,%s)' % (command, e),
logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ #raise
+
+ if setup == '' and parameters == '' and data == '':
+ # Something wen't wrong
+ respParameters = ''
+ respData = ''
+ if errorCode == STATUS_SUCCESS:
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ # Build the answer
+ data = str(data)
+ remainingData = len(data)
+ parameters = str(parameters)
+ remainingParameters = len(parameters)
+ commands = []
+ dataDisplacement = 0
+ while remainingData > 0 or remainingParameters > 0:
+ respSMBCommand = smb.SMBCommand(recvPacket['Command'])
+ respParameters =
smb.SMBNTTransactionResponse_Parameters()
+ respData = smb.SMBNTTransactionResponse_Data()
+
+ respParameters['TotalParameterCount'] = len(parameters)
+ respParameters['ParameterCount'] = len(parameters)
+ respData['Trans_ParametersLength'] = len(parameters)
+ respParameters['TotalDataCount'] = len(data)
+ respParameters['DataDisplacement'] = dataDisplacement
+ # TODO: Do the same for parameters
+ if len(data) > NTTransParameters['MaxDataCount']:
+ # Answer doesn't fit in this packet
+ LOG.debug("Lowering answer from %d to %d" %
(len(data),NTTransParameters['MaxDataCount']) )
+ respParameters['DataCount'] =
NTTransParameters['MaxDataCount']
+ else:
+ respParameters['DataCount'] = len(data)
+
+ respData['NT_Trans_DataLength'] =
respParameters['DataCount']
+ respParameters['SetupCount'] = len(setup)
+ respParameters['Setup'] = setup
+ # TODO: Make sure we're calculating the pad right
+ if len(parameters) > 0:
+ #padLen = 4 - (71 + len(setup)) % 4
+ padLen = (4 - (73 + len(setup)) % 4 ) % 4
+ padBytes = '\xFF' * padLen
+ respData['Pad1'] = padBytes
+ respParameters['ParameterOffset'] = 73 + len(setup)
+ padLen
+ else:
+ padLen = 0
+ respParameters['ParameterOffset'] = 0
+ respData['Pad1'] = ''
+
+ if len(data) > 0:
+ #pad2Len = 4 - (71 + len(setup) + padLen +
len(parameters)) % 4
+ pad2Len = (4 - (73 + len(setup) + padLen +
len(parameters)) % 4) % 4
+ respData['Pad2'] = '\xFF' * pad2Len
+ respParameters['DataOffset'] = 73 + len(setup) +
padLen + len(parameters) + pad2Len
+ else:
+ respParameters['DataOffset'] = 0
+ respData['Pad2'] = ''
+
+ respData['NT_Trans_Parameters'] =
parameters[:respParameters['ParameterCount']]
+ respData['NT_Trans_Data'] =
data[:respParameters['DataCount']]
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ data = data[respParameters['DataCount']:]
+ remainingData -= respParameters['DataCount']
+ dataDisplacement += respParameters['DataCount'] + 1
+
+ parameters =
parameters[respParameters['ParameterCount']:]
+ remainingParameters -= respParameters['ParameterCount']
+ commands.append(respSMBCommand)
+
+ smbServer.setConnectionData(connId, connData)
+ return commands, None, errorCode
+
+ else:
+ #smbServer.log("Unsupported NTTransact command 0x%x" % command,
logging.ERROR)
+ respParameters = ''
+ respData = ''
+ errorCode = STATUS_NOT_IMPLEMENTED
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+
+ @staticmethod
+ def smbTransaction2(connId, smbServer, SMBCommand, recvPacket,
transCommands):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(recvPacket['Command'])
+
+ trans2Parameters=
smb.SMBTransaction2_Parameters(SMBCommand['Parameters'])
+
+ # Do the stuff
+ if trans2Parameters['ParameterCount'] !=
trans2Parameters['TotalParameterCount']:
+ # TODO: Handle partial parameters
+ #print "Unsupported partial parameters in TRANSACT2!"
+ raise Exception("Unsupported partial parameters in TRANSACT2!")
+ else:
+ trans2Data = smb.SMBTransaction2_Data()
+ # Standard says servers shouldn't trust Parameters and Data comes
+ # in order, so we have to parse the offsets, ugly
+
+ paramCount = trans2Parameters['ParameterCount']
+ trans2Data['Trans_ParametersLength'] = paramCount
+ dataCount = trans2Parameters['DataCount']
+ trans2Data['Trans_DataLength'] = dataCount
+
+ if trans2Parameters['ParameterOffset'] > 0:
+ paramOffset = trans2Parameters['ParameterOffset'] - 63 -
trans2Parameters['SetupLength']
+ trans2Data['Trans_Parameters'] =
SMBCommand['Data'][paramOffset:paramOffset+paramCount]
+ else:
+ trans2Data['Trans_Parameters'] = ''
+
+ if trans2Parameters['DataOffset'] > 0:
+ dataOffset = trans2Parameters['DataOffset'] - 63 -
trans2Parameters['SetupLength']
+ trans2Data['Trans_Data'] =
SMBCommand['Data'][dataOffset:dataOffset + dataCount]
+ else:
+ trans2Data['Trans_Data'] = ''
+
+ # Call the handler for this TRANSACTION
+ command = struct.unpack('<H', trans2Parameters['Setup'])[0]
+ if transCommands.has_key(command):
+ # Call the TRANS2 subcommand
+ try:
+ setup, parameters, data, errorCode =
transCommands[command](connId,
+ smbServer,
+ recvPacket,
+ trans2Data['Trans_Parameters'],
+ trans2Data['Trans_Data'],
+ trans2Parameters['MaxDataCount'])
+ except Exception, e:
+ smbServer.log('Transaction2: (0x%x,%s)' % (command, e),
logging.ERROR)
+ #import traceback
+ #traceback.print_exc()
+ raise
+
+ if setup == '' and parameters == '' and data == '':
+ # Something wen't wrong
+ respParameters = ''
+ respData = ''
+ else:
+ # Build the answer
+ data = str(data)
+ remainingData = len(data)
+ parameters = str(parameters)
+ remainingParameters = len(parameters)
+ commands = []
+ dataDisplacement = 0
+ while remainingData > 0 or remainingParameters > 0:
+ respSMBCommand = smb.SMBCommand(recvPacket['Command'])
+ respParameters =
smb.SMBTransaction2Response_Parameters()
+ respData = smb.SMBTransaction2Response_Data()
+
+ respParameters['TotalParameterCount'] = len(parameters)
+ respParameters['ParameterCount'] = len(parameters)
+ respData['Trans_ParametersLength'] = len(parameters)
+ respParameters['TotalDataCount'] = len(data)
+ respParameters['DataDisplacement'] = dataDisplacement
+ # TODO: Do the same for parameters
+ if len(data) > trans2Parameters['MaxDataCount']:
+ # Answer doesn't fit in this packet
+ LOG.debug("Lowering answer from %d to %d" %
(len(data),trans2Parameters['MaxDataCount']) )
+ respParameters['DataCount'] =
trans2Parameters['MaxDataCount']
+ else:
+ respParameters['DataCount'] = len(data)
+
+ respData['Trans_DataLength'] =
respParameters['DataCount']
+ respParameters['SetupCount'] = len(setup)
+ respParameters['Setup'] = setup
+ # TODO: Make sure we're calculating the pad right
+ if len(parameters) > 0:
+ #padLen = 4 - (55 + len(setup)) % 4
+ padLen = (4 - (55 + len(setup)) % 4 ) % 4
+ padBytes = '\xFF' * padLen
+ respData['Pad1'] = padBytes
+ respParameters['ParameterOffset'] = 55 + len(setup)
+ padLen
+ else:
+ padLen = 0
+ respParameters['ParameterOffset'] = 0
+ respData['Pad1'] = ''
+
+ if len(data) > 0:
+ #pad2Len = 4 - (55 + len(setup) + padLen +
len(parameters)) % 4
+ pad2Len = (4 - (55 + len(setup) + padLen +
len(parameters)) % 4) % 4
+ respData['Pad2'] = '\xFF' * pad2Len
+ respParameters['DataOffset'] = 55 + len(setup) +
padLen + len(parameters) + pad2Len
+ else:
+ respParameters['DataOffset'] = 0
+ respData['Pad2'] = ''
+
+ respData['Trans_Parameters'] =
parameters[:respParameters['ParameterCount']]
+ respData['Trans_Data'] =
data[:respParameters['DataCount']]
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ data = data[respParameters['DataCount']:]
+ remainingData -= respParameters['DataCount']
+ dataDisplacement += respParameters['DataCount'] + 1
+
+ parameters =
parameters[respParameters['ParameterCount']:]
+ remainingParameters -= respParameters['ParameterCount']
+ commands.append(respSMBCommand)
+
+ smbServer.setConnectionData(connId, connData)
+ return commands, None, errorCode
+
+ else:
+ smbServer.log("Unsupported Transact/2 command 0x%x" % command,
logging.ERROR)
+ respParameters = ''
+ respData = ''
+ errorCode = STATUS_NOT_IMPLEMENTED
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComLockingAndX(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_LOCKING_ANDX)
+ respParameters = ''
+ respData = ''
+
+ # I'm actually doing nothing.. just make MacOS happy ;)
+ errorCode = STATUS_SUCCESS
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+
+ @staticmethod
+ def smbComClose(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_CLOSE)
+ respParameters = ''
+ respData = ''
+
+ comClose = smb.SMBClose_Parameters(SMBCommand['Parameters'])
+
+ if connData['OpenedFiles'].has_key(comClose['FID']):
+ errorCode = STATUS_SUCCESS
+ fileHandle =
connData['OpenedFiles'][comClose['FID']]['FileHandle']
+ try:
+ if fileHandle == PIPE_FILE_DESCRIPTOR:
+ connData['OpenedFiles'][comClose['FID']]['Socket'].close()
+ elif fileHandle != VOID_FILE_DESCRIPTOR:
+ os.close(fileHandle)
+ except Exception, e:
+ smbServer.log("comClose %s" % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ # Check if the file was marked for removal
+ if connData['OpenedFiles'][comClose['FID']]['DeleteOnClose']
is True:
+ try:
+
os.remove(connData['OpenedFiles'][comClose['FID']]['FileName'])
+ except Exception, e:
+ smbServer.log("comClose %s" % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ del(connData['OpenedFiles'][comClose['FID']])
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComWrite(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_WRITE)
+ respParameters = smb.SMBWriteResponse_Parameters()
+ respData = ''
+
+ comWriteParameters = smb.SMBWrite_Parameters(SMBCommand['Parameters'])
+ comWriteData = smb.SMBWrite_Data(SMBCommand['Data'])
+
+ if connData['OpenedFiles'].has_key(comWriteParameters['Fid']):
+ fileHandle =
connData['OpenedFiles'][comWriteParameters['Fid']]['FileHandle']
+ errorCode = STATUS_SUCCESS
+ try:
+ if fileHandle != PIPE_FILE_DESCRIPTOR:
+ # TODO: Handle big size files
+ # If we're trying to write past the file end we just skip
the write call (Vista does this)
+ if os.lseek(fileHandle, 0, 2) >=
comWriteParameters['Offset']:
+ os.lseek(fileHandle,comWriteParameters['Offset'],0)
+ os.write(fileHandle,comWriteData['Data'])
+ else:
+ sock =
connData['OpenedFiles'][comWriteParameters['Fid']]['Socket']
+ sock.send(comWriteData['Data'])
+ respParameters['Count'] = comWriteParameters['Count']
+ except Exception, e:
+ smbServer.log('smbComWrite: %s' % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComFlush(connId, smbServer, SMBCommand,recvPacket ):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_FLUSH)
+ respParameters = ''
+ respData = ''
+
+ comFlush = smb.SMBFlush_Parameters(SMBCommand['Parameters'])
+
+ if connData['OpenedFiles'].has_key(comFlush['FID']):
+ errorCode = STATUS_SUCCESS
+ fileHandle =
connData['OpenedFiles'][comFlush['FID']]['FileHandle']
+ try:
+ os.fsync(fileHandle)
+ except Exception, e:
+ smbServer.log("comFlush %s" % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+
+ @staticmethod
+ def smbComCreateDirectory(connId, smbServer, SMBCommand,recvPacket ):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand =
smb.SMBCommand(smb.SMB.SMB_COM_CREATE_DIRECTORY)
+ respParameters = ''
+ respData = ''
+
+ comCreateDirectoryData= smb.SMBCreateDirectory_Data(flags =
recvPacket['Flags2'], data = SMBCommand['Data'])
+
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ errorCode = STATUS_SUCCESS
+ path = connData['ConnectedShares'][recvPacket['Tid']]['path']
+ fileName =
os.path.normpath(decodeSMBString(recvPacket['Flags2'],comCreateDirectoryData['DirectoryName']).replace('\\','/'))
+ if len(fileName) > 0:
+ if fileName[0] == '/' or fileName[0] == '\\':
+ # strip leading '/'
+ fileName = fileName[1:]
+ pathName = os.path.join(path,fileName)
+ if os.path.exists(pathName):
+ errorCode = STATUS_OBJECT_NAME_COLLISION
+
+ # TODO: More checks here in the future.. Specially when we support
+ # user access
+ else:
+ try:
+ os.mkdir(pathName)
+ except Exception, e:
+ smbServer.log("smbComCreateDirectory: %s" % e,
logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComRename(connId, smbServer, SMBCommand, recvPacket ):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_RENAME)
+ respParameters = ''
+ respData = ''
+
+ comRenameData = smb.SMBRename_Data(flags = recvPacket['Flags2'],
data = SMBCommand['Data'])
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ errorCode = STATUS_SUCCESS
+ path = connData['ConnectedShares'][recvPacket['Tid']]['path']
+ oldFileName =
os.path.normpath(decodeSMBString(recvPacket['Flags2'],comRenameData['OldFileName']).replace('\\','/'))
+ newFileName =
os.path.normpath(decodeSMBString(recvPacket['Flags2'],comRenameData['NewFileName']).replace('\\','/'))
+ if len(oldFileName) > 0 and (oldFileName[0] == '/' or
oldFileName[0] == '\\'):
+ # strip leading '/'
+ oldFileName = oldFileName[1:]
+ oldPathName = os.path.join(path,oldFileName)
+ if len(newFileName) > 0 and (newFileName[0] == '/' or
newFileName[0] == '\\'):
+ # strip leading '/'
+ newFileName = newFileName[1:]
+ newPathName = os.path.join(path,newFileName)
+
+ if os.path.exists(oldPathName) is not True:
+ errorCode = STATUS_NO_SUCH_FILE
+
+ # TODO: More checks here in the future.. Specially when we support
+ # user access
+ else:
+ try:
+ os.rename(oldPathName,newPathName)
+ except OSError, e:
+ smbServer.log("smbComRename: %s" % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComDelete(connId, smbServer, SMBCommand, recvPacket ):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_DELETE)
+ respParameters = ''
+ respData = ''
+
+ comDeleteData = smb.SMBDelete_Data(flags =
recvPacket['Flags2'], data = SMBCommand['Data'])
+
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ errorCode = STATUS_SUCCESS
+ path = connData['ConnectedShares'][recvPacket['Tid']]['path']
+ fileName =
os.path.normpath(decodeSMBString(recvPacket['Flags2'],comDeleteData['FileName']).replace('\\','/'))
+ if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] ==
'\\'):
+ # strip leading '/'
+ fileName = fileName[1:]
+ pathName = os.path.join(path,fileName)
+ if os.path.exists(pathName) is not True:
+ errorCode = STATUS_NO_SUCH_FILE
+
+ # TODO: More checks here in the future.. Specially when we support
+ # user access
+ else:
+ try:
+ os.remove(pathName)
+ except OSError, e:
+ smbServer.log("smbComDelete: %s" % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+
+ @staticmethod
+ def smbComDeleteDirectory(connId, smbServer, SMBCommand, recvPacket ):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand =
smb.SMBCommand(smb.SMB.SMB_COM_DELETE_DIRECTORY)
+ respParameters = ''
+ respData = ''
+
+ comDeleteDirectoryData= smb.SMBDeleteDirectory_Data(flags =
recvPacket['Flags2'], data = SMBCommand['Data'])
+
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ errorCode = STATUS_SUCCESS
+ path = connData['ConnectedShares'][recvPacket['Tid']]['path']
+ fileName =
os.path.normpath(decodeSMBString(recvPacket['Flags2'],comDeleteDirectoryData['DirectoryName']).replace('\\','/'))
+ if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] ==
'\\'):
+ # strip leading '/'
+ fileName = fileName[1:]
+ pathName = os.path.join(path,fileName)
+ if os.path.exists(pathName) is not True:
+ errorCode = STATUS_NO_SUCH_FILE
+
+ # TODO: More checks here in the future.. Specially when we support
+ # user access
+ else:
+ try:
+ os.rmdir(pathName)
+ except OSError, e:
+ smbServer.log("smbComDeleteDirectory: %s" %
e,logging.ERROR)
+ if e.errno == errno.ENOTEMPTY:
+ errorCode = STATUS_DIRECTORY_NOT_EMPTY
+ else:
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+
+ @staticmethod
+ def smbComWriteAndX(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_WRITE_ANDX)
+ respParameters = smb.SMBWriteAndXResponse_Parameters()
+ respData = ''
+
+ if SMBCommand['WordCount'] == 0x0C:
+ writeAndX =
smb.SMBWriteAndX_Parameters_Short(SMBCommand['Parameters'])
+ writeAndXData = smb.SMBWriteAndX_Data_Short()
+ else:
+ writeAndX = smb.SMBWriteAndX_Parameters(SMBCommand['Parameters'])
+ writeAndXData = smb.SMBWriteAndX_Data()
+ writeAndXData['DataLength'] = writeAndX['DataLength']
+ writeAndXData['DataOffset'] = writeAndX['DataOffset']
+ writeAndXData.fromString(SMBCommand['Data'])
+
+
+ if connData['OpenedFiles'].has_key(writeAndX['Fid']):
+ fileHandle =
connData['OpenedFiles'][writeAndX['Fid']]['FileHandle']
+ errorCode = STATUS_SUCCESS
+ try:
+ if fileHandle != PIPE_FILE_DESCRIPTOR:
+ offset = writeAndX['Offset']
+ if writeAndX.fields.has_key('HighOffset'):
+ offset += (writeAndX['HighOffset'] << 32)
+ # If we're trying to write past the file end we just skip
the write call (Vista does this)
+ if os.lseek(fileHandle, 0, 2) >= offset:
+ os.lseek(fileHandle,offset,0)
+ os.write(fileHandle,writeAndXData['Data'])
+ else:
+ sock = connData['OpenedFiles'][writeAndX['Fid']]['Socket']
+ sock.send(writeAndXData['Data'])
+
+ respParameters['Count'] = writeAndX['DataLength']
+ respParameters['Available']= 0xff
+ except Exception, e:
+ smbServer.log('smbComWriteAndx: %s' % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComRead(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_READ)
+ respParameters = smb.SMBReadResponse_Parameters()
+ respData = smb.SMBReadResponse_Data()
+
+ comReadParameters = smb.SMBRead_Parameters(SMBCommand['Parameters'])
+
+ if connData['OpenedFiles'].has_key(comReadParameters['Fid']):
+ fileHandle =
connData['OpenedFiles'][comReadParameters['Fid']]['FileHandle']
+ errorCode = STATUS_SUCCESS
+ try:
+ if fileHandle != PIPE_FILE_DESCRIPTOR:
+ # TODO: Handle big size files
+ os.lseek(fileHandle,comReadParameters['Offset'],0)
+ content = os.read(fileHandle,comReadParameters['Count'])
+ else:
+ sock =
connData['OpenedFiles'][comReadParameters['Fid']]['Socket']
+ content = sock.recv(comReadParameters['Count'])
+ respParameters['Count'] = len(content)
+ respData['DataLength'] = len(content)
+ respData['Data'] = content
+ except Exception, e:
+ smbServer.log('smbComRead: %s ' % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComReadAndX(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_READ_ANDX)
+ respParameters = smb.SMBReadAndXResponse_Parameters()
+ respData = ''
+
+ if SMBCommand['WordCount'] == 0x0A:
+ readAndX = smb.SMBReadAndX_Parameters2(SMBCommand['Parameters'])
+ else:
+ readAndX = smb.SMBReadAndX_Parameters(SMBCommand['Parameters'])
+
+ if connData['OpenedFiles'].has_key(readAndX['Fid']):
+ fileHandle =
connData['OpenedFiles'][readAndX['Fid']]['FileHandle']
+ errorCode = 0
+ try:
+ if fileHandle != PIPE_FILE_DESCRIPTOR:
+ offset = readAndX['Offset']
+ if readAndX.fields.has_key('HighOffset'):
+ offset += (readAndX['HighOffset'] << 32)
+ os.lseek(fileHandle,offset,0)
+ content = os.read(fileHandle,readAndX['MaxCount'])
+ else:
+ sock = connData['OpenedFiles'][readAndX['Fid']]['Socket']
+ content = sock.recv(readAndX['MaxCount'])
+ respParameters['Remaining'] = 0xffff
+ respParameters['DataCount'] = len(content)
+ respParameters['DataOffset'] = 59
+ respParameters['DataCount_Hi'] = 0
+ respData = content
+ except Exception, e:
+ smbServer.log('smbComReadAndX: %s ' % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbQueryInformation(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_QUERY_INFORMATION)
+ respParameters = smb.SMBQueryInformationResponse_Parameters()
+ respData = ''
+
+ queryInformation= smb.SMBQueryInformation_Data(flags =
recvPacket['Flags2'], data = SMBCommand['Data'])
+
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ fileSize, lastWriteTime, fileAttributes = queryFsInformation(
+ connData['ConnectedShares'][recvPacket['Tid']]['path'],
+
decodeSMBString(recvPacket['Flags2'],queryInformation['FileName']))
+
+ respParameters['FileSize'] = fileSize
+ respParameters['LastWriteTime'] = lastWriteTime
+ respParameters['FileAttributes'] = fileAttributes
+ errorCode = STATUS_SUCCESS
+ else:
+ # STATUS_SMB_BAD_TID
+ errorCode = STATUS_SMB_BAD_TID
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbQueryInformationDisk(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_QUERY_INFORMATION_DISK)
+ respParameters = smb.SMBQueryInformationDiskResponse_Parameters()
+ respData = ''
+
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ totalUnits, freeUnits = queryDiskInformation(
+ connData['ConnectedShares'][recvPacket['Tid']]['path'])
+
+ respParameters['TotalUnits'] = totalUnits
+ respParameters['BlocksPerUnit'] = 1
+ respParameters['BlockSize'] = 1
+ respParameters['FreeUnits'] = freeUnits
+ errorCode = STATUS_SUCCESS
+ else:
+ # STATUS_SMB_BAD_TID
+ respData = ''
+ respParameters = ''
+ errorCode = STATUS_SMB_BAD_TID
+
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComEcho(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_ECHO)
+ respParameters = smb.SMBEchoResponse_Parameters()
+ respData = smb.SMBEchoResponse_Data()
+
+ echoData = smb.SMBEcho_Data(SMBCommand['Data'])
+
+ respParameters['SequenceNumber'] = 1
+ respData['Data'] = echoData['Data']
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ errorCode = STATUS_SUCCESS
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComTreeDisconnect(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_TREE_DISCONNECT)
+
+ # Check if the Tid matches the Tid trying to disconnect
+ respParameters = ''
+ respData = ''
+
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ smbServer.log("Disconnecting Share(%d:%s)" %
(recvPacket['Tid'],connData['ConnectedShares'][recvPacket['Tid']]['shareName']))
+ del(connData['ConnectedShares'][recvPacket['Tid']])
+ errorCode = STATUS_SUCCESS
+ else:
+ # STATUS_SMB_BAD_TID
+ errorCode = STATUS_SMB_BAD_TID
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComLogOffAndX(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_LOGOFF_ANDX)
+
+ # Check if the Uid matches the user trying to logoff
+ respParameters = ''
+ respData = ''
+ if recvPacket['Uid'] != connData['Uid']:
+ # STATUS_SMB_BAD_UID
+ errorCode = STATUS_SMB_BAD_UID
+ else:
+ errorCode = STATUS_SUCCESS
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ connData['Uid'] = 0
+
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComQueryInformation2(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand =
smb.SMBCommand(smb.SMB.SMB_COM_QUERY_INFORMATION2)
+ respParameters = smb.SMBQueryInformation2Response_Parameters()
+ respData = ''
+
+ queryInformation2 =
smb.SMBQueryInformation2_Parameters(SMBCommand['Parameters'])
+ errorCode = 0xFF
+ if connData['OpenedFiles'].has_key(queryInformation2['Fid']):
+ errorCode = STATUS_SUCCESS
+ pathName =
connData['OpenedFiles'][queryInformation2['Fid']]['FileName']
+ try:
+ (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime)
= os.stat(pathName)
+ respParameters['CreateDate'] = getSMBDate(ctime)
+ respParameters['CreationTime'] = getSMBTime(ctime)
+ respParameters['LastAccessDate'] = getSMBDate(atime)
+ respParameters['LastAccessTime'] = getSMBTime(atime)
+ respParameters['LastWriteDate'] = getSMBDate(mtime)
+ respParameters['LastWriteTime'] = getSMBTime(mtime)
+ respParameters['FileDataSize'] = size
+ respParameters['FileAllocationSize'] = size
+ attribs = 0
+ if os.path.isdir(pathName):
+ attribs = smb.SMB_FILE_ATTRIBUTE_DIRECTORY
+ if os.path.isfile(pathName):
+ attribs = smb.SMB_FILE_ATTRIBUTE_NORMAL
+ respParameters['FileAttributes'] = attribs
+ except Exception, e:
+ smbServer.log('smbComQueryInformation2 %s' % e,logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+
+ if errorCode > 0:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComNtCreateAndX(connId, smbServer, SMBCommand, recvPacket):
+ # TODO: Fully implement this
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_NT_CREATE_ANDX)
+ respParameters = smb.SMBNtCreateAndXResponse_Parameters()
+ respData = ''
+
+ ntCreateAndXParameters =
smb.SMBNtCreateAndX_Parameters(SMBCommand['Parameters'])
+ ntCreateAndXData = smb.SMBNtCreateAndX_Data( flags =
recvPacket['Flags2'], data = SMBCommand['Data'])
+
+ #if ntCreateAndXParameters['CreateFlags'] & 0x10: #
NT_CREATE_REQUEST_EXTENDED_RESPONSE
+ # respParameters =
smb.SMBNtCreateAndXExtendedResponse_Parameters()
+ # respParameters['VolumeGUID'] = '\x00'
+
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ # If we have a rootFid, the path is relative to that fid
+ errorCode = STATUS_SUCCESS
+ if ntCreateAndXParameters['RootFid'] > 0:
+ path =
connData['OpenedFiles'][ntCreateAndXParameters['RootFid']]['FileName']
+ LOG.debug("RootFid present %s!" % path)
+ else:
+ if
connData['ConnectedShares'][recvPacket['Tid']].has_key('path'):
+ path =
connData['ConnectedShares'][recvPacket['Tid']]['path']
+ else:
+ path = 'NONE'
+ errorCode = STATUS_ACCESS_DENIED
+
+ deleteOnClose = False
+
+ fileName =
os.path.normpath(decodeSMBString(recvPacket['Flags2'],ntCreateAndXData['FileName']).replace('\\','/'))
+ if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] ==
'\\'):
+ # strip leading '/'
+ fileName = fileName[1:]
+ pathName = os.path.join(path,fileName)
+ createDisposition = ntCreateAndXParameters['Disposition']
+ mode = 0
+
+ if createDisposition == smb.FILE_SUPERSEDE:
+ mode |= os.O_TRUNC | os.O_CREAT
+ elif createDisposition & smb.FILE_OVERWRITE_IF ==
smb.FILE_OVERWRITE_IF:
+ mode |= os.O_TRUNC | os.O_CREAT
+ elif createDisposition & smb.FILE_OVERWRITE == smb.FILE_OVERWRITE:
+ if os.path.exists(pathName) is True:
+ mode |= os.O_TRUNC
+ else:
+ errorCode = STATUS_NO_SUCH_FILE
+ elif createDisposition & smb.FILE_OPEN_IF == smb.FILE_OPEN_IF:
+ if os.path.exists(pathName) is True:
+ mode |= os.O_TRUNC
+ else:
+ mode |= os.O_TRUNC | os.O_CREAT
+ elif createDisposition & smb.FILE_CREATE == smb.FILE_CREATE:
+ if os.path.exists(pathName) is True:
+ errorCode = STATUS_OBJECT_NAME_COLLISION
+ else:
+ mode |= os.O_CREAT
+ elif createDisposition & smb.FILE_OPEN == smb.FILE_OPEN:
+ if os.path.exists(pathName) is not True and
smbServer.getRegisteredNamedPipes().has_key(unicode(pathName)) is not True:
+ errorCode = STATUS_NO_SUCH_FILE
+
+ if errorCode == STATUS_SUCCESS:
+ desiredAccess = ntCreateAndXParameters['AccessMask']
+ if (desiredAccess & smb.FILE_READ_DATA) or (desiredAccess &
smb.GENERIC_READ):
+ mode |= os.O_RDONLY
+ if (desiredAccess & smb.FILE_WRITE_DATA) or (desiredAccess &
smb.GENERIC_WRITE):
+ if (desiredAccess & smb.FILE_READ_DATA) or (desiredAccess
& smb.GENERIC_READ):
+ mode |= os.O_RDWR #| os.O_APPEND
+ else:
+ mode |= os.O_WRONLY #| os.O_APPEND
+ if desiredAccess & smb.GENERIC_ALL:
+ mode |= os.O_RDWR #| os.O_APPEND
+
+ createOptions = ntCreateAndXParameters['CreateOptions']
+ if mode & os.O_CREAT == os.O_CREAT:
+ if createOptions & smb.FILE_DIRECTORY_FILE ==
smb.FILE_DIRECTORY_FILE:
+ try:
+ # Let's create the directory
+ os.mkdir(pathName)
+ mode = os.O_RDONLY
+ except Exception, e:
+ smbServer.log("NTCreateAndX: %s,%s,%s" %
(pathName,mode,e),logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ if createOptions & smb.FILE_NON_DIRECTORY_FILE ==
smb.FILE_NON_DIRECTORY_FILE:
+ # If the file being opened is a directory, the server
MUST fail the request with
+ # STATUS_FILE_IS_A_DIRECTORY in the Status field of the
SMB Header in the server
+ # response.
+ if os.path.isdir(pathName) is True:
+ errorCode = STATUS_FILE_IS_A_DIRECTORY
+
+ if createOptions & smb.FILE_DELETE_ON_CLOSE ==
smb.FILE_DELETE_ON_CLOSE:
+ deleteOnClose = True
+
+ if errorCode == STATUS_SUCCESS:
+ try:
+ if os.path.isdir(pathName) and sys.platform ==
'win32':
+ fid = VOID_FILE_DESCRIPTOR
+ else:
+ if sys.platform == 'win32':
+ mode |= os.O_BINARY
+ if
smbServer.getRegisteredNamedPipes().has_key(unicode(pathName)):
+ fid = PIPE_FILE_DESCRIPTOR
+ sock = socket.socket()
+
sock.connect(smbServer.getRegisteredNamedPipes()[unicode(pathName)])
+ else:
+ fid = os.open(pathName, mode)
+ except Exception, e:
+ smbServer.log("NTCreateAndX: %s,%s,%s" %
(pathName,mode,e),logging.ERROR)
+ #print e
+ fid = 0
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ if errorCode == STATUS_SUCCESS:
+ # Simple way to generate a fid
+ if len(connData['OpenedFiles']) == 0:
+ fakefid = 1
+ else:
+ fakefid = connData['OpenedFiles'].keys()[-1] + 1
+ respParameters['Fid'] = fakefid
+ respParameters['CreateAction'] = createDisposition
+ if fid == PIPE_FILE_DESCRIPTOR:
+ respParameters['FileAttributes'] = 0x80
+ respParameters['IsDirectory'] = 0
+ respParameters['CreateTime'] = 0
+ respParameters['LastAccessTime'] = 0
+ respParameters['LastWriteTime'] = 0
+ respParameters['LastChangeTime'] = 0
+ respParameters['AllocationSize'] = 4096
+ respParameters['EndOfFile'] = 0
+ respParameters['FileType'] = 2
+ respParameters['IPCState'] = 0x5ff
+ else:
+ if os.path.isdir(pathName):
+ respParameters['FileAttributes'] =
smb.SMB_FILE_ATTRIBUTE_DIRECTORY
+ respParameters['IsDirectory'] = 1
+ else:
+ respParameters['IsDirectory'] = 0
+ respParameters['FileAttributes'] =
ntCreateAndXParameters['FileAttributes']
+ # Let's get this file's information
+ respInfo, errorCode = queryPathInformation('',pathName,level=
smb.SMB_QUERY_FILE_ALL_INFO)
+ if errorCode == STATUS_SUCCESS:
+ respParameters['CreateTime'] = respInfo['CreationTime']
+ respParameters['LastAccessTime'] =
respInfo['LastAccessTime']
+ respParameters['LastWriteTime'] =
respInfo['LastWriteTime']
+ respParameters['LastChangeTime'] =
respInfo['LastChangeTime']
+ respParameters['FileAttributes'] =
respInfo['ExtFileAttributes']
+ respParameters['AllocationSize'] =
respInfo['AllocationSize']
+ respParameters['EndOfFile'] = respInfo['EndOfFile']
+ else:
+ respParameters = ''
+ respData = ''
+
+ if errorCode == STATUS_SUCCESS:
+ # Let's store the fid for the connection
+ # smbServer.log('Create file %s, mode:0x%x' % (pathName, mode))
+ connData['OpenedFiles'][fakefid] = {}
+ connData['OpenedFiles'][fakefid]['FileHandle'] = fid
+ connData['OpenedFiles'][fakefid]['FileName'] = pathName
+ connData['OpenedFiles'][fakefid]['DeleteOnClose'] =
deleteOnClose
+ if fid == PIPE_FILE_DESCRIPTOR:
+ connData['OpenedFiles'][fakefid]['Socket'] = sock
+ else:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComOpenAndX(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_OPEN_ANDX)
+ respParameters = smb.SMBOpenAndXResponse_Parameters()
+ respData = ''
+
+ openAndXParameters =
smb.SMBOpenAndX_Parameters(SMBCommand['Parameters'])
+ openAndXData = smb.SMBOpenAndX_Data( flags =
recvPacket['Flags2'], data = SMBCommand['Data'])
+
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['Tid']):
+ path = connData['ConnectedShares'][recvPacket['Tid']]['path']
+ openedFile, mode, pathName, errorCode = openFile(path,
+
decodeSMBString(recvPacket['Flags2'],openAndXData['FileName']),
+ openAndXParameters['DesiredAccess'],
+ openAndXParameters['FileAttributes'],
+ openAndXParameters['OpenMode'])
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ if errorCode == STATUS_SUCCESS:
+ # Simple way to generate a fid
+ fid = len(connData['OpenedFiles']) + 1
+ if len(connData['OpenedFiles']) == 0:
+ fid = 1
+ else:
+ fid = connData['OpenedFiles'].keys()[-1] + 1
+ respParameters['Fid'] = fid
+ if mode & os.O_CREAT:
+ # File did not exist and was created
+ respParameters['Action'] = 0x2
+ elif mode & os.O_RDONLY:
+ # File existed and was opened
+ respParameters['Action'] = 0x1
+ elif mode & os.O_APPEND:
+ # File existed and was opened
+ respParameters['Action'] = 0x1
+ else:
+ # File existed and was truncated
+ respParameters['Action'] = 0x3
+
+ # Let's store the fid for the connection
+ #smbServer.log('Opening file %s' % pathName)
+ connData['OpenedFiles'][fid] = {}
+ connData['OpenedFiles'][fid]['FileHandle'] = openedFile
+ connData['OpenedFiles'][fid]['FileName'] = pathName
+ connData['OpenedFiles'][fid]['DeleteOnClose'] = False
+ else:
+ respParameters = ''
+ respData = ''
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComTreeConnectAndX(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ resp = smb.NewSMBPacket()
+ resp['Flags1'] = smb.SMB.FLAGS1_REPLY
+ resp['Flags2'] = smb.SMB.FLAGS2_EXTENDED_SECURITY |
smb.SMB.FLAGS2_NT_STATUS | smb.SMB.FLAGS2_LONG_NAMES | recvPacket['Flags2'] &
smb.SMB.FLAGS2_UNICODE
+
+ resp['Tid'] = recvPacket['Tid']
+ resp['Mid'] = recvPacket['Mid']
+ resp['Pid'] = connData['Pid']
+
+ respSMBCommand =
smb.SMBCommand(smb.SMB.SMB_COM_TREE_CONNECT_ANDX)
+ respParameters = smb.SMBTreeConnectAndXResponse_Parameters()
+ respData = smb.SMBTreeConnectAndXResponse_Data()
+
+ treeConnectAndXParameters =
smb.SMBTreeConnectAndX_Parameters(SMBCommand['Parameters'])
+
+ if treeConnectAndXParameters['Flags'] & 0x8:
+ respParameters =
smb.SMBTreeConnectAndXExtendedResponse_Parameters()
+
+ treeConnectAndXData = smb.SMBTreeConnectAndX_Data(
flags = recvPacket['Flags2'] )
+ treeConnectAndXData['_PasswordLength'] =
treeConnectAndXParameters['PasswordLength']
+ treeConnectAndXData.fromString(SMBCommand['Data'])
+
+ errorCode = STATUS_SUCCESS
+
+ ## Process here the request, does the share exist?
+ UNCOrShare = decodeSMBString(recvPacket['Flags2'],
treeConnectAndXData['Path'])
+
+ # Is this a UNC?
+ if ntpath.ismount(UNCOrShare):
+ path = UNCOrShare.split('\\')[3]
+ else:
+ path = ntpath.basename(UNCOrShare)
+
+ share = searchShare(connId, path, smbServer)
+ if share is not None:
+ # Simple way to generate a Tid
+ if len(connData['ConnectedShares']) == 0:
+ tid = 1
+ else:
+ tid = connData['ConnectedShares'].keys()[-1] + 1
+ connData['ConnectedShares'][tid] = share
+ connData['ConnectedShares'][tid]['shareName'] = path
+ resp['Tid'] = tid
+ #smbServer.log("Connecting Share(%d:%s)" % (tid,path))
+ else:
+ smbServer.log("TreeConnectAndX not found %s" % path, logging.ERROR)
+ errorCode = STATUS_OBJECT_PATH_NOT_FOUND
+ resp['ErrorCode'] = errorCode >> 16
+ resp['ErrorClass'] = errorCode & 0xff
+ ##
+ respParameters['OptionalSupport'] = smb.SMB.SMB_SUPPORT_SEARCH_BITS
+
+ if path == 'IPC$':
+ respData['Service'] = 'IPC'
+ else:
+ respData['Service'] = path
+ respData['PadLen'] = 0
+ respData['NativeFileSystem'] =
encodeSMBString(recvPacket['Flags2'], 'NTFS' )
+
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ resp['Uid'] = connData['Uid']
+ resp.addCommand(respSMBCommand)
+ smbServer.setConnectionData(connId, connData)
+
+ return None, [resp], errorCode
+
+ @staticmethod
+ def smbComSessionSetupAndX(connId, smbServer, SMBCommand, recvPacket):
+ connData = smbServer.getConnectionData(connId, checkStatus = False)
+
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_SESSION_SETUP_ANDX)
+
+ # From [MS-SMB]
+ # When extended security is being used (see section 3.2.4.2.4), the
+ # request MUST take the following form
+ # [..]
+ # WordCount (1 byte): The value of this field MUST be 0x0C.
+ if SMBCommand['WordCount'] == 12:
+ # Extended security. Here we deal with all SPNEGO stuff
+ respParameters =
smb.SMBSessionSetupAndX_Extended_Response_Parameters()
+ respData =
smb.SMBSessionSetupAndX_Extended_Response_Data(flags = recvPacket['Flags2'])
+ sessionSetupParameters =
smb.SMBSessionSetupAndX_Extended_Parameters(SMBCommand['Parameters'])
+ sessionSetupData = smb.SMBSessionSetupAndX_Extended_Data()
+ sessionSetupData['SecurityBlobLength'] =
sessionSetupParameters['SecurityBlobLength']
+ sessionSetupData.fromString(SMBCommand['Data'])
+ connData['Capabilities'] = sessionSetupParameters['Capabilities']
+
+ rawNTLM = False
+ if struct.unpack('B',sessionSetupData['SecurityBlob'][0])[0] ==
ASN1_AID:
+ # NEGOTIATE packet
+ blob = SPNEGO_NegTokenInit(sessionSetupData['SecurityBlob'])
+ token = blob['MechToken']
+ if len(blob['MechTypes'][0]) > 0:
+ # Is this GSSAPI NTLM or something else we don't support?
+ mechType = blob['MechTypes'][0]
+ if mechType != TypesMech['NTLMSSP - Microsoft NTLM Security
Support Provider']:
+ # Nope, do we know it?
+ if MechTypes.has_key(mechType):
+ mechStr = MechTypes[mechType]
+ else:
+ mechStr = hexlify(mechType)
+ smbServer.log("Unsupported MechType '%s'" % mechStr,
logging.CRITICAL)
+ # We don't know the token, we answer back again saying
+ # we just support NTLM.
+ # ToDo: Build this into a SPNEGO_NegTokenResp()
+ respToken =
'\xa1\x15\x30\x13\xa0\x03\x0a\x01\x03\xa1\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a'
+ respParameters['SecurityBlobLength'] = len(respToken)
+ respData['SecurityBlobLength'] =
respParameters['SecurityBlobLength']
+ respData['SecurityBlob'] = respToken
+ respData['NativeOS'] =
encodeSMBString(recvPacket['Flags2'], smbServer.getServerOS())
+ respData['NativeLanMan'] =
encodeSMBString(recvPacket['Flags2'], smbServer.getServerOS())
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+ return [respSMBCommand], None,
STATUS_MORE_PROCESSING_REQUIRED
+
+ elif struct.unpack('B',sessionSetupData['SecurityBlob'][0])[0] ==
ASN1_SUPPORTED_MECH:
+ # AUTH packet
+ blob = SPNEGO_NegTokenResp(sessionSetupData['SecurityBlob'])
+ token = blob['ResponseToken']
+ else:
+ # No GSSAPI stuff, raw NTLMSSP
+ rawNTLM = True
+ token = sessionSetupData['SecurityBlob']
+
+ # Here we only handle NTLMSSP, depending on what stage of the
+ # authentication we are, we act on it
+ messageType =
struct.unpack('<L',token[len('NTLMSSP\x00'):len('NTLMSSP\x00')+4])[0]
+
+ if messageType == 0x01:
+ # NEGOTIATE_MESSAGE
+ negotiateMessage = ntlm.NTLMAuthNegotiate()
+ negotiateMessage.fromString(token)
+ # Let's store it in the connection data
+ connData['NEGOTIATE_MESSAGE'] = negotiateMessage
+ # Let's build the answer flags
+ # TODO: Parse all the flags. With this we're leaving some
clients out
+
+ ansFlags = 0
+
+ if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_56:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_56
+ if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_128:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_128
+ if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_KEY_EXCH:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_KEY_EXCH
+ if negotiateMessage['flags'] &
ntlm.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
+ if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_UNICODE:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_UNICODE
+ if negotiateMessage['flags'] & ntlm.NTLM_NEGOTIATE_OEM:
+ ansFlags |= ntlm.NTLM_NEGOTIATE_OEM
+
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_VERSION |
ntlm.NTLMSSP_NEGOTIATE_TARGET_INFO | ntlm.NTLMSSP_TARGET_TYPE_SERVER |
ntlm.NTLMSSP_NEGOTIATE_NTLM | ntlm.NTLMSSP_REQUEST_TARGET
+
+ # Generate the AV_PAIRS
+ av_pairs = ntlm.AV_PAIRS()
+ # TODO: Put the proper data from SMBSERVER config
+ av_pairs[ntlm.NTLMSSP_AV_HOSTNAME] =
av_pairs[ntlm.NTLMSSP_AV_DNS_HOSTNAME] =
smbServer.getServerName().encode('utf-16le')
+ av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME] =
av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME] =
smbServer.getServerDomain().encode('utf-16le')
+ av_pairs[ntlm.NTLMSSP_AV_TIME] = struct.pack('<q',
(116444736000000000 + calendar.timegm(time.gmtime()) * 10000000) )
+
+ challengeMessage = ntlm.NTLMAuthChallenge()
+ challengeMessage['flags'] = ansFlags
+ challengeMessage['domain_len'] =
len(smbServer.getServerDomain().encode('utf-16le'))
+ challengeMessage['domain_max_len'] =
challengeMessage['domain_len']
+ challengeMessage['domain_offset'] = 40 + 16
+ challengeMessage['challenge'] =
smbServer.getSMBChallenge()
+ challengeMessage['domain_name'] =
smbServer.getServerDomain().encode('utf-16le')
+ challengeMessage['TargetInfoFields_len'] = len(av_pairs)
+ challengeMessage['TargetInfoFields_max_len'] = len(av_pairs)
+ challengeMessage['TargetInfoFields'] = av_pairs
+ challengeMessage['TargetInfoFields_offset'] = 40 + 16 +
len(challengeMessage['domain_name'])
+ challengeMessage['Version'] = '\xff'*8
+ challengeMessage['VersionLen'] = 8
+
+ if rawNTLM is False:
+ respToken = SPNEGO_NegTokenResp()
+ # accept-incomplete. We want more data
+ respToken['NegResult'] = '\x01'
+ respToken['SupportedMech'] = TypesMech['NTLMSSP -
Microsoft NTLM Security Support Provider']
+
+ respToken['ResponseToken'] = challengeMessage.getData()
+ else:
+ respToken = challengeMessage
+
+ # Setting the packet to STATUS_MORE_PROCESSING
+ errorCode = STATUS_MORE_PROCESSING_REQUIRED
+ # Let's set up an UID for this connection and store it
+ # in the connection's data
+ # Picking a fixed value
+ # TODO: Manage more UIDs for the same session
+ connData['Uid'] = 10
+ # Let's store it in the connection data
+ connData['CHALLENGE_MESSAGE'] = challengeMessage
+
+ elif messageType == 0x02:
+ # CHALLENGE_MESSAGE
+ raise Exception('Challenge Message raise, not implemented!')
+ elif messageType == 0x03:
+ # AUTHENTICATE_MESSAGE, here we deal with authentication
+ authenticateMessage = ntlm.NTLMAuthChallengeResponse()
+ authenticateMessage.fromString(token)
+ smbServer.log("AUTHENTICATE_MESSAGE (%s\\%s,%s)" %
(authenticateMessage['domain_name'], authenticateMessage['user_name'],
authenticateMessage['host_name']))
+ # TODO: Check the credentials! Now granting permissions
+
+ respToken = SPNEGO_NegTokenResp()
+ # accept-completed
+ respToken['NegResult'] = '\x00'
+
+ # Status SUCCESS
+ errorCode = STATUS_SUCCESS
+ smbServer.log('User %s\\%s authenticated successfully' %
(authenticateMessage['user_name'], authenticateMessage['host_name']))
+ # Let's store it in the connection data
+ connData['AUTHENTICATE_MESSAGE'] = authenticateMessage
+ try:
+ jtr_dump_path = smbServer.getJTRdumpPath()
+ ntlm_hash_data = outputToJohnFormat(
connData['CHALLENGE_MESSAGE']['challenge'], authenticateMessage['user_name'],
authenticateMessage['domain_name'], authenticateMessage['lanman'],
authenticateMessage['ntlm'] )
+ smbServer.log(ntlm_hash_data['hash_string'])
+ if jtr_dump_path is not '':
+ writeJohnOutputToFile(ntlm_hash_data['hash_string'],
ntlm_hash_data['hash_version'], jtr_dump_path)
+ except:
+ smbServer.log("Could not write NTLM Hashes to the
specified JTR_Dump_Path %s" % jtr_dump_path)
+ else:
+ raise Exception("Unknown NTLMSSP MessageType %d" % messageType)
+
+ respParameters['SecurityBlobLength'] = len(respToken)
+ respData['SecurityBlobLength'] =
respParameters['SecurityBlobLength']
+ respData['SecurityBlob'] = respToken.getData()
+
+ else:
+ # Process Standard Security
+ respParameters = smb.SMBSessionSetupAndXResponse_Parameters()
+ respData = smb.SMBSessionSetupAndXResponse_Data()
+ sessionSetupParameters =
smb.SMBSessionSetupAndX_Parameters(SMBCommand['Parameters'])
+ sessionSetupData = smb.SMBSessionSetupAndX_Data()
+ sessionSetupData['AnsiPwdLength'] =
sessionSetupParameters['AnsiPwdLength']
+ sessionSetupData['UnicodePwdLength'] =
sessionSetupParameters['UnicodePwdLength']
+ sessionSetupData.fromString(SMBCommand['Data'])
+ connData['Capabilities'] = sessionSetupParameters['Capabilities']
+ # Do the verification here, for just now we grant access
+ # TODO: Manage more UIDs for the same session
+ errorCode = STATUS_SUCCESS
+ connData['Uid'] = 10
+ respParameters['Action'] = 0
+ smbServer.log('User %s\\%s authenticated successfully (basic)' %
(sessionSetupData['PrimaryDomain'], sessionSetupData['Account']))
+ try:
+ jtr_dump_path = smbServer.getJTRdumpPath()
+ ntlm_hash_data = outputToJohnFormat( '',
sessionSetupData['Account'], sessionSetupData['PrimaryDomain'],
sessionSetupData['AnsiPwd'], sessionSetupData['UnicodePwd'] )
+ smbServer.log(ntlm_hash_data['hash_string'])
+ if jtr_dump_path is not '':
+ writeJohnOutputToFile(ntlm_hash_data['hash_string'],
ntlm_hash_data['hash_version'], jtr_dump_path)
+ except:
+ smbServer.log("Could not write NTLM Hashes to the specified
JTR_Dump_Path %s" % jtr_dump_path)
+
+ respData['NativeOS'] = encodeSMBString(recvPacket['Flags2'],
smbServer.getServerOS())
+ respData['NativeLanMan'] = encodeSMBString(recvPacket['Flags2'],
smbServer.getServerOS())
+ respSMBCommand['Parameters'] = respParameters
+ respSMBCommand['Data'] = respData
+
+ # From now on, the client can ask for other commands
+ connData['Authenticated'] = True
+ # For now, just switching to nobody
+ #os.setregid(65534,65534)
+ #os.setreuid(65534,65534)
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smbComNegotiate(connId, smbServer, SMBCommand, recvPacket ):
+ connData = smbServer.getConnectionData(connId, checkStatus = False)
+ connData['Pid'] = recvPacket['Pid']
+
+ SMBCommand = smb.SMBCommand(recvPacket['Data'][0])
+ respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_NEGOTIATE)
+
+ resp = smb.NewSMBPacket()
+ resp['Flags1'] = smb.SMB.FLAGS1_REPLY
+ resp['Pid'] = connData['Pid']
+ resp['Tid'] = recvPacket['Tid']
+ resp['Mid'] = recvPacket['Mid']
+
+ # TODO: We support more dialects, and parse them accordingly
+ dialects = SMBCommand['Data'].split('\x02')
+ try:
+ index = dialects.index('NT LM 0.12\x00') - 1
+ # Let's fill the data for NTLM
+ if recvPacket['Flags2'] & smb.SMB.FLAGS2_EXTENDED_SECURITY:
+ resp['Flags2'] = smb.SMB.FLAGS2_EXTENDED_SECURITY |
smb.SMB.FLAGS2_NT_STATUS | smb.SMB.FLAGS2_UNICODE
+ #resp['Flags2'] = smb.SMB.FLAGS2_EXTENDED_SECURITY |
smb.SMB.FLAGS2_NT_STATUS
+ _dialects_data = smb.SMBExtended_Security_Data()
+ _dialects_data['ServerGUID'] = 'A'*16
+ blob = SPNEGO_NegTokenInit()
+ blob['MechTypes'] = [TypesMech['NTLMSSP - Microsoft NTLM
Security Support Provider']]
+ _dialects_data['SecurityBlob'] = blob.getData()
+
+ _dialects_parameters =
smb.SMBExtended_Security_Parameters()
+ _dialects_parameters['Capabilities'] =
smb.SMB.CAP_EXTENDED_SECURITY | smb.SMB.CAP_USE_NT_ERRORS | smb.SMB.CAP_NT_SMBS
| smb.SMB.CAP_UNICODE
+ _dialects_parameters['ChallengeLength'] = 0
+
+ else:
+ resp['Flags2'] = smb.SMB.FLAGS2_NT_STATUS |
smb.SMB.FLAGS2_UNICODE
+ _dialects_parameters = smb.SMBNTLMDialect_Parameters()
+ _dialects_data= smb.SMBNTLMDialect_Data()
+ _dialects_data['Payload'] = ''
+ if connData.has_key('EncryptionKey'):
+ _dialects_data['Challenge'] = connData['EncryptionKey']
+ _dialects_parameters['ChallengeLength'] =
len(str(_dialects_data))
+ else:
+ # TODO: Handle random challenges, now one that can be
used with rainbow tables
+ _dialects_data['Challenge'] =
'\x11\x22\x33\x44\x55\x66\x77\x88'
+ _dialects_parameters['ChallengeLength'] = 8
+ _dialects_parameters['Capabilities'] =
smb.SMB.CAP_USE_NT_ERRORS | smb.SMB.CAP_NT_SMBS
+
+ # Let's see if we need to support RPC_REMOTE_APIS
+ config = smbServer.getServerConfig()
+ if config.has_option('global','rpc_apis'):
+ if config.getboolean('global', 'rpc_apis') is True:
+ _dialects_parameters['Capabilities'] |=
smb.SMB.CAP_RPC_REMOTE_APIS
+
+ _dialects_parameters['DialectIndex'] = index
+ _dialects_parameters['SecurityMode'] =
smb.SMB.SECURITY_AUTH_ENCRYPTED | smb.SMB.SECURITY_SHARE_USER
+ _dialects_parameters['MaxMpxCount'] = 1
+ _dialects_parameters['MaxNumberVcs'] = 1
+ _dialects_parameters['MaxBufferSize'] = 64000
+ _dialects_parameters['MaxRawSize'] = 65536
+ _dialects_parameters['SessionKey'] = 0
+ _dialects_parameters['LowDateTime'] = 0
+ _dialects_parameters['HighDateTime'] = 0
+ _dialects_parameters['ServerTimeZone'] = 0
+
+
+ respSMBCommand['Data'] = _dialects_data
+ respSMBCommand['Parameters'] = _dialects_parameters
+ connData['_dialects_data'] = _dialects_data
+ connData['_dialects_parameters'] = _dialects_parameters
+
+ except Exception, e:
+ # No NTLM throw an error
+ smbServer.log('smbComNegotiate: %s' % e, logging.ERROR)
+ respSMBCommand['Data'] = struct.pack('<H',0xffff)
+
+
+ smbServer.setConnectionData(connId, connData)
+
+ resp.addCommand(respSMBCommand)
+
+ return None, [resp], STATUS_SUCCESS
+
+ @staticmethod
+ def default(connId, smbServer, SMBCommand, recvPacket):
+ # By default we return an SMB Packet with error not implemented
+ smbServer.log("Not implemented command: 0x%x" %
recvPacket['Command'],logging.DEBUG)
+ packet = smb.NewSMBPacket()
+ packet['Flags1'] = smb.SMB.FLAGS1_REPLY
+ packet['Flags2'] = smb.SMB.FLAGS2_NT_STATUS
+ packet['Command'] = recvPacket['Command']
+ packet['Pid'] = recvPacket['Pid']
+ packet['Tid'] = recvPacket['Tid']
+ packet['Mid'] = recvPacket['Mid']
+ packet['Uid'] = recvPacket['Uid']
+ packet['Data'] = '\x00\x00\x00'
+ errorCode = STATUS_NOT_IMPLEMENTED
+ packet['ErrorCode'] = errorCode >> 16
+ packet['ErrorClass'] = errorCode & 0xff
+
+ return None, [packet], errorCode
+
+class SMB2Commands:
+ @staticmethod
+ def smb2Negotiate(connId, smbServer, recvPacket, isSMB1 = False):
+ connData = smbServer.getConnectionData(connId, checkStatus = False)
+
+ respPacket = smb2.SMB2Packet()
+ respPacket['Flags'] = smb2.SMB2_FLAGS_SERVER_TO_REDIR
+ respPacket['Status'] = STATUS_SUCCESS
+ respPacket['CreditRequestResponse'] = 1
+ respPacket['Command'] = smb2.SMB2_NEGOTIATE
+ respPacket['SessionID'] = 0
+ if isSMB1 is False:
+ respPacket['MessageID'] = recvPacket['MessageID']
+ else:
+ respPacket['MessageID'] = 0
+ respPacket['TreeID'] = 0
+
+
+ respSMBCommand = smb2.SMB2Negotiate_Response()
+
+ respSMBCommand['SecurityMode'] = 1
+ if isSMB1 is True:
+ # Let's first parse the packet to see if the client supports SMB2
+ SMBCommand = smb.SMBCommand(recvPacket['Data'][0])
+
+ dialects = SMBCommand['Data'].split('\x02')
+ if 'SMB 2.002\x00' in dialects or 'SMB 2.???\x00' in dialects:
+ respSMBCommand['DialectRevision'] = smb2.SMB2_DIALECT_002
+ else:
+ # Client does not support SMB2 fallbacking
+ raise Exception('SMB2 not supported, fallbacking')
+ else:
+ respSMBCommand['DialectRevision'] = smb2.SMB2_DIALECT_002
+ respSMBCommand['ServerGuid'] = 'A'*16
+ respSMBCommand['Capabilities'] = 0
+ respSMBCommand['MaxTransactSize'] = 65536
+ respSMBCommand['MaxReadSize'] = 65536
+ respSMBCommand['MaxWriteSize'] = 65536
+ respSMBCommand['SystemTime'] =
getFileTime(calendar.timegm(time.gmtime()))
+ respSMBCommand['ServerStartTime'] =
getFileTime(calendar.timegm(time.gmtime()))
+ respSMBCommand['SecurityBufferOffset'] = 0x80
+
+ blob = SPNEGO_NegTokenInit()
+ blob['MechTypes'] = [TypesMech['NTLMSSP - Microsoft NTLM Security
Support Provider']]
+
+ respSMBCommand['Buffer'] = blob.getData()
+ respSMBCommand['SecurityBufferLength'] = len(respSMBCommand['Buffer'])
+
+ respPacket['Data'] = respSMBCommand
+
+ smbServer.setConnectionData(connId, connData)
+
+ return None, [respPacket], STATUS_SUCCESS
+
+ @staticmethod
+ def smb2SessionSetup(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId, checkStatus = False)
+
+ respSMBCommand = smb2.SMB2SessionSetup_Response()
+
+ sessionSetupData = smb2.SMB2SessionSetup(recvPacket['Data'])
+
+ connData['Capabilities'] = sessionSetupData['Capabilities']
+
+ securityBlob = sessionSetupData['Buffer']
+
+ rawNTLM = False
+ if struct.unpack('B',securityBlob[0])[0] == ASN1_AID:
+ # NEGOTIATE packet
+ blob = SPNEGO_NegTokenInit(securityBlob)
+ token = blob['MechToken']
+ if len(blob['MechTypes'][0]) > 0:
+ # Is this GSSAPI NTLM or something else we don't support?
+ mechType = blob['MechTypes'][0]
+ if mechType != TypesMech['NTLMSSP - Microsoft NTLM Security
Support Provider']:
+ # Nope, do we know it?
+ if MechTypes.has_key(mechType):
+ mechStr = MechTypes[mechType]
+ else:
+ mechStr = hexlify(mechType)
+ smbServer.log("Unsupported MechType '%s'" % mechStr,
logging.CRITICAL)
+ # We don't know the token, we answer back again saying
+ # we just support NTLM.
+ # ToDo: Build this into a SPNEGO_NegTokenResp()
+ respToken =
'\xa1\x15\x30\x13\xa0\x03\x0a\x01\x03\xa1\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a'
+ respSMBCommand['SecurityBufferOffset'] = 0x48
+ respSMBCommand['SecurityBufferLength'] = len(respToken)
+ respSMBCommand['Buffer'] = respToken
+
+ return [respSMBCommand], None,
STATUS_MORE_PROCESSING_REQUIRED
+ elif struct.unpack('B',securityBlob[0])[0] == ASN1_SUPPORTED_MECH:
+ # AUTH packet
+ blob = SPNEGO_NegTokenResp(securityBlob)
+ token = blob['ResponseToken']
+ else:
+ # No GSSAPI stuff, raw NTLMSSP
+ rawNTLM = True
+ token = securityBlob
+
+ # Here we only handle NTLMSSP, depending on what stage of the
+ # authentication we are, we act on it
+ messageType =
struct.unpack('<L',token[len('NTLMSSP\x00'):len('NTLMSSP\x00')+4])[0]
+
+ if messageType == 0x01:
+ # NEGOTIATE_MESSAGE
+ negotiateMessage = ntlm.NTLMAuthNegotiate()
+ negotiateMessage.fromString(token)
+ # Let's store it in the connection data
+ connData['NEGOTIATE_MESSAGE'] = negotiateMessage
+ # Let's build the answer flags
+ # TODO: Parse all the flags. With this we're leaving some clients
out
+
+ ansFlags = 0
+
+ if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_56:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_56
+ if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_128:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_128
+ if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_KEY_EXCH:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_KEY_EXCH
+ if negotiateMessage['flags'] &
ntlm.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
+ if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_UNICODE:
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_UNICODE
+ if negotiateMessage['flags'] & ntlm.NTLM_NEGOTIATE_OEM:
+ ansFlags |= ntlm.NTLM_NEGOTIATE_OEM
+
+ ansFlags |= ntlm.NTLMSSP_NEGOTIATE_VERSION |
ntlm.NTLMSSP_NEGOTIATE_TARGET_INFO | ntlm.NTLMSSP_TARGET_TYPE_SERVER |
ntlm.NTLMSSP_NEGOTIATE_NTLM | ntlm.NTLMSSP_REQUEST_TARGET
+
+ # Generate the AV_PAIRS
+ av_pairs = ntlm.AV_PAIRS()
+ # TODO: Put the proper data from SMBSERVER config
+ av_pairs[ntlm.NTLMSSP_AV_HOSTNAME] =
av_pairs[ntlm.NTLMSSP_AV_DNS_HOSTNAME] =
smbServer.getServerName().encode('utf-16le')
+ av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME] =
av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME] =
smbServer.getServerDomain().encode('utf-16le')
+ av_pairs[ntlm.NTLMSSP_AV_TIME] = struct.pack('<q',
(116444736000000000 + calendar.timegm(time.gmtime()) * 10000000) )
+
+ challengeMessage = ntlm.NTLMAuthChallenge()
+ challengeMessage['flags'] = ansFlags
+ challengeMessage['domain_len'] =
len(smbServer.getServerDomain().encode('utf-16le'))
+ challengeMessage['domain_max_len'] =
challengeMessage['domain_len']
+ challengeMessage['domain_offset'] = 40 + 16
+ challengeMessage['challenge'] = smbServer.getSMBChallenge()
+ challengeMessage['domain_name'] =
smbServer.getServerDomain().encode('utf-16le')
+ challengeMessage['TargetInfoFields_len'] = len(av_pairs)
+ challengeMessage['TargetInfoFields_max_len'] = len(av_pairs)
+ challengeMessage['TargetInfoFields'] = av_pairs
+ challengeMessage['TargetInfoFields_offset'] = 40 + 16 +
len(challengeMessage['domain_name'])
+ challengeMessage['Version'] = '\xff'*8
+ challengeMessage['VersionLen'] = 8
+
+ if rawNTLM is False:
+ respToken = SPNEGO_NegTokenResp()
+ # accept-incomplete. We want more data
+ respToken['NegResult'] = '\x01'
+ respToken['SupportedMech'] = TypesMech['NTLMSSP - Microsoft
NTLM Security Support Provider']
+
+ respToken['ResponseToken'] = challengeMessage.getData()
+ else:
+ respToken = challengeMessage
+
+ # Setting the packet to STATUS_MORE_PROCESSING
+ errorCode = STATUS_MORE_PROCESSING_REQUIRED
+ # Let's set up an UID for this connection and store it
+ # in the connection's data
+ # Picking a fixed value
+ # TODO: Manage more UIDs for the same session
+ connData['Uid'] = random.randint(1,0xffffffff)
+ # Let's store it in the connection data
+ connData['CHALLENGE_MESSAGE'] = challengeMessage
+
+ elif messageType == 0x02:
+ # CHALLENGE_MESSAGE
+ raise Exception('Challenge Message raise, not implemented!')
+ elif messageType == 0x03:
+ # AUTHENTICATE_MESSAGE, here we deal with authentication
+ authenticateMessage = ntlm.NTLMAuthChallengeResponse()
+ authenticateMessage.fromString(token)
+ smbServer.log("AUTHENTICATE_MESSAGE (%s\\%s,%s)" %
(authenticateMessage['domain_name'], authenticateMessage['user_name'],
authenticateMessage['host_name']))
+ # TODO: Check the credentials! Now granting permissions
+
+ respToken = SPNEGO_NegTokenResp()
+ # accept-completed
+ respToken['NegResult'] = '\x00'
+
+ # Status SUCCESS
+ errorCode = STATUS_SUCCESS
+ smbServer.log('User %s\\%s authenticated successfully' %
(authenticateMessage['user_name'], authenticateMessage['host_name']))
+ # Let's store it in the connection data
+ connData['AUTHENTICATE_MESSAGE'] = authenticateMessage
+ try:
+ jtr_dump_path = smbServer.getJTRdumpPath()
+ ntlm_hash_data = outputToJohnFormat(
connData['CHALLENGE_MESSAGE']['challenge'], authenticateMessage['user_name'],
authenticateMessage['domain_name'], authenticateMessage['lanman'],
authenticateMessage['ntlm'] )
+ smbServer.log(ntlm_hash_data['hash_string'])
+ if jtr_dump_path is not '':
+ writeJohnOutputToFile(ntlm_hash_data['hash_string'],
ntlm_hash_data['hash_version'], jtr_dump_path)
+ except:
+ smbServer.log("Could not write NTLM Hashes to the specified
JTR_Dump_Path %s" % jtr_dump_path)
+ respSMBCommand['SessionFlags'] = 1
+ else:
+ raise Exception("Unknown NTLMSSP MessageType %d" % messageType)
+
+ respSMBCommand['SecurityBufferOffset'] = 0x48
+ respSMBCommand['SecurityBufferLength'] = len(respToken)
+ respSMBCommand['Buffer'] = respToken.getData()
+
+ # From now on, the client can ask for other commands
+ connData['Authenticated'] = True
+ # For now, just switching to nobody
+ #os.setregid(65534,65534)
+ #os.setreuid(65534,65534)
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2TreeConnect(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respPacket = smb2.SMB2Packet()
+ respPacket['Flags'] = smb2.SMB2_FLAGS_SERVER_TO_REDIR
+ respPacket['Status'] = STATUS_SUCCESS
+ respPacket['CreditRequestResponse'] = 1
+ respPacket['Command'] = recvPacket['Command']
+ respPacket['SessionID'] = connData['Uid']
+ respPacket['Reserved'] = recvPacket['Reserved']
+ respPacket['MessageID'] = recvPacket['MessageID']
+ respPacket['TreeID'] = recvPacket['TreeID']
+
+ respSMBCommand = smb2.SMB2TreeConnect_Response()
+
+ treeConnectRequest = smb2.SMB2TreeConnect(recvPacket['Data'])
+
+ errorCode = STATUS_SUCCESS
+
+ ## Process here the request, does the share exist?
+ path =
str(recvPacket)[treeConnectRequest['PathOffset']:][:treeConnectRequest['PathLength']]
+ UNCOrShare = path.decode('utf-16le')
+
+ # Is this a UNC?
+ if ntpath.ismount(UNCOrShare):
+ path = UNCOrShare.split('\\')[3]
+ else:
+ path = ntpath.basename(UNCOrShare)
+
+ share = searchShare(connId, path.upper(), smbServer)
+ if share is not None:
+ # Simple way to generate a Tid
+ if len(connData['ConnectedShares']) == 0:
+ tid = 1
+ else:
+ tid = connData['ConnectedShares'].keys()[-1] + 1
+ connData['ConnectedShares'][tid] = share
+ connData['ConnectedShares'][tid]['shareName'] = path
+ respPacket['TreeID'] = tid
+ smbServer.log("Connecting Share(%d:%s)" % (tid,path))
+ else:
+ smbServer.log("SMB2_TREE_CONNECT not found %s" % path,
logging.ERROR)
+ errorCode = STATUS_OBJECT_PATH_NOT_FOUND
+ respPacket['Status'] = errorCode
+ ##
+
+ if path == 'IPC$':
+ respSMBCommand['ShareType'] = smb2.SMB2_SHARE_TYPE_PIPE
+ respSMBCommand['ShareFlags'] = 0x30
+ else:
+ respSMBCommand['ShareType'] = smb2.SMB2_SHARE_TYPE_DISK
+ respSMBCommand['ShareFlags'] = 0x0
+
+ respSMBCommand['Capabilities'] = 0
+ respSMBCommand['MaximalAccess'] = 0x000f01ff
+
+ respPacket['Data'] = respSMBCommand
+
+ smbServer.setConnectionData(connId, connData)
+
+ return None, [respPacket], errorCode
+
+ @staticmethod
+ def smb2Create(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2Create_Response()
+
+ ntCreateRequest = smb2.SMB2Create(recvPacket['Data'])
+
+ respSMBCommand['Buffer'] = '\x00'
+ # Get the Tid associated
+ if connData['ConnectedShares'].has_key(recvPacket['TreeID']):
+ # If we have a rootFid, the path is relative to that fid
+ errorCode = STATUS_SUCCESS
+ if
connData['ConnectedShares'][recvPacket['TreeID']].has_key('path'):
+ path =
connData['ConnectedShares'][recvPacket['TreeID']]['path']
+ else:
+ path = 'NONE'
+ errorCode = STATUS_ACCESS_DENIED
+
+ deleteOnClose = False
+
+ fileName =
os.path.normpath(ntCreateRequest['Buffer'][:ntCreateRequest['NameLength']].decode('utf-16le').replace('\\','/'))
+ if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] ==
'\\'):
+ # strip leading '/'
+ fileName = fileName[1:]
+ pathName = os.path.join(path,fileName)
+ createDisposition = ntCreateRequest['CreateDisposition']
+ mode = 0
+
+ if createDisposition == smb2.FILE_SUPERSEDE:
+ mode |= os.O_TRUNC | os.O_CREAT
+ elif createDisposition & smb2.FILE_OVERWRITE_IF ==
smb2.FILE_OVERWRITE_IF:
+ mode |= os.O_TRUNC | os.O_CREAT
+ elif createDisposition & smb2.FILE_OVERWRITE ==
smb2.FILE_OVERWRITE:
+ if os.path.exists(pathName) is True:
+ mode |= os.O_TRUNC
+ else:
+ errorCode = STATUS_NO_SUCH_FILE
+ elif createDisposition & smb2.FILE_OPEN_IF == smb2.FILE_OPEN_IF:
+ if os.path.exists(pathName) is True:
+ mode |= os.O_TRUNC
+ else:
+ mode |= os.O_TRUNC | os.O_CREAT
+ elif createDisposition & smb2.FILE_CREATE == smb2.FILE_CREATE:
+ if os.path.exists(pathName) is True:
+ errorCode = STATUS_OBJECT_NAME_COLLISION
+ else:
+ mode |= os.O_CREAT
+ elif createDisposition & smb2.FILE_OPEN == smb2.FILE_OPEN:
+ if os.path.exists(pathName) is not True and
smbServer.getRegisteredNamedPipes().has_key(unicode(pathName)) is not True:
+ errorCode = STATUS_NO_SUCH_FILE
+
+ if errorCode == STATUS_SUCCESS:
+ desiredAccess = ntCreateRequest['DesiredAccess']
+ if (desiredAccess & smb2.FILE_READ_DATA) or (desiredAccess &
smb2.GENERIC_READ):
+ mode |= os.O_RDONLY
+ if (desiredAccess & smb2.FILE_WRITE_DATA) or (desiredAccess &
smb2.GENERIC_WRITE):
+ if (desiredAccess & smb2.FILE_READ_DATA) or
(desiredAccess & smb2.GENERIC_READ):
+ mode |= os.O_RDWR #| os.O_APPEND
+ else:
+ mode |= os.O_WRONLY #| os.O_APPEND
+ if desiredAccess & smb2.GENERIC_ALL:
+ mode |= os.O_RDWR #| os.O_APPEND
+
+ createOptions = ntCreateRequest['CreateOptions']
+ if mode & os.O_CREAT == os.O_CREAT:
+ if createOptions & smb2.FILE_DIRECTORY_FILE ==
smb2.FILE_DIRECTORY_FILE:
+ try:
+ # Let's create the directory
+ os.mkdir(pathName)
+ mode = os.O_RDONLY
+ except Exception, e:
+ smbServer.log("SMB2_CREATE: %s,%s,%s" %
(pathName,mode,e),logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ if createOptions & smb2.FILE_NON_DIRECTORY_FILE ==
smb2.FILE_NON_DIRECTORY_FILE:
+ # If the file being opened is a directory, the server
MUST fail the request with
+ # STATUS_FILE_IS_A_DIRECTORY in the Status field of the
SMB Header in the server
+ # response.
+ if os.path.isdir(pathName) is True:
+ errorCode = STATUS_FILE_IS_A_DIRECTORY
+
+ if createOptions & smb2.FILE_DELETE_ON_CLOSE ==
smb2.FILE_DELETE_ON_CLOSE:
+ deleteOnClose = True
+
+ if errorCode == STATUS_SUCCESS:
+ try:
+ if os.path.isdir(pathName) and sys.platform ==
'win32':
+ fid = VOID_FILE_DESCRIPTOR
+ else:
+ if sys.platform == 'win32':
+ mode |= os.O_BINARY
+ if
smbServer.getRegisteredNamedPipes().has_key(unicode(pathName)):
+ fid = PIPE_FILE_DESCRIPTOR
+ sock = socket.socket()
+
sock.connect(smbServer.getRegisteredNamedPipes()[unicode(pathName)])
+ else:
+ fid = os.open(pathName, mode)
+ except Exception, e:
+ smbServer.log("SMB2_CREATE: %s,%s,%s" %
(pathName,mode,e),logging.ERROR)
+ #print e
+ fid = 0
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+ if errorCode == STATUS_SUCCESS:
+ # Simple way to generate a fid
+ fakefid = uuid.generate()
+
+ respSMBCommand['FileID'] = fakefid
+ respSMBCommand['CreateAction'] = createDisposition
+
+ if fid == PIPE_FILE_DESCRIPTOR:
+ respSMBCommand['CreationTime'] = 0
+ respSMBCommand['LastAccessTime'] = 0
+ respSMBCommand['LastWriteTime'] = 0
+ respSMBCommand['ChangeTime'] = 0
+ respSMBCommand['AllocationSize'] = 4096
+ respSMBCommand['EndOfFile'] = 0
+ respSMBCommand['FileAttributes'] = 0x80
+
+ else:
+ if os.path.isdir(pathName):
+ respSMBCommand['FileAttributes'] =
smb.SMB_FILE_ATTRIBUTE_DIRECTORY
+ else:
+ respSMBCommand['FileAttributes'] =
ntCreateRequest['FileAttributes']
+ # Let's get this file's information
+ respInfo, errorCode = queryPathInformation('',pathName,level=
smb.SMB_QUERY_FILE_ALL_INFO)
+ if errorCode == STATUS_SUCCESS:
+ respSMBCommand['CreationTime'] = respInfo['CreationTime']
+ respSMBCommand['LastAccessTime'] =
respInfo['LastAccessTime']
+ respSMBCommand['LastWriteTime'] =
respInfo['LastWriteTime']
+ respSMBCommand['LastChangeTime'] =
respInfo['LastChangeTime']
+ respSMBCommand['FileAttributes'] =
respInfo['ExtFileAttributes']
+ respSMBCommand['AllocationSize'] =
respInfo['AllocationSize']
+ respSMBCommand['EndOfFile'] = respInfo['EndOfFile']
+
+ if errorCode == STATUS_SUCCESS:
+ # Let's store the fid for the connection
+ # smbServer.log('Create file %s, mode:0x%x' % (pathName, mode))
+ connData['OpenedFiles'][fakefid] = {}
+ connData['OpenedFiles'][fakefid]['FileHandle'] = fid
+ connData['OpenedFiles'][fakefid]['FileName'] = pathName
+ connData['OpenedFiles'][fakefid]['DeleteOnClose'] =
deleteOnClose
+ connData['OpenedFiles'][fakefid]['Open'] = {}
+
connData['OpenedFiles'][fakefid]['Open']['EnumerationLocation'] = 0
+
connData['OpenedFiles'][fakefid]['Open']['EnumerationSearchPattern'] = ''
+ if fid == PIPE_FILE_DESCRIPTOR:
+ connData['OpenedFiles'][fakefid]['Socket'] = sock
+ else:
+ respSMBCommand = smb2.SMB2Error()
+
+ if errorCode == STATUS_SUCCESS:
+ connData['LastRequest']['SMB2_CREATE'] = respSMBCommand
+ smbServer.setConnectionData(connId, connData)
+
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2Close(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2Close_Response()
+
+ closeRequest = smb2.SMB2Close(recvPacket['Data'])
+
+ if str(closeRequest['FileID']) == '\xff'*16:
+ # Let's take the data from the lastRequest
+ if connData['LastRequest'].has_key('SMB2_CREATE'):
+ fileID = connData['LastRequest']['SMB2_CREATE']['FileID']
+ else:
+ fileID = str(closeRequest['FileID'])
+ else:
+ fileID = str(closeRequest['FileID'])
+
+ if connData['OpenedFiles'].has_key(fileID):
+ errorCode = STATUS_SUCCESS
+ fileHandle = connData['OpenedFiles'][fileID]['FileHandle']
+ pathName = connData['OpenedFiles'][fileID]['FileName']
+ infoRecord = None
+ try:
+ if fileHandle == PIPE_FILE_DESCRIPTOR:
+ connData['OpenedFiles'][fileID]['Socket'].close()
+ elif fileHandle != VOID_FILE_DESCRIPTOR:
+ os.close(fileHandle)
+ infoRecord, errorCode =
queryFileInformation(os.path.dirname(pathName), os.path.basename(pathName),
smb2.SMB2_FILE_NETWORK_OPEN_INFO)
+ except Exception, e:
+ smbServer.log("SMB2_CLOSE %s" % e, logging.ERROR)
+ errorCode = STATUS_INVALID_HANDLE
+ else:
+ # Check if the file was marked for removal
+ if connData['OpenedFiles'][fileID]['DeleteOnClose'] is True:
+ try:
+ if os.path.isdir(pathName):
+
shutil.rmtree(connData['OpenedFiles'][fileID]['FileName'])
+ else:
+
os.remove(connData['OpenedFiles'][fileID]['FileName'])
+ except Exception, e:
+ smbServer.log("SMB2_CLOSE %s" % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+
+ # Now fill out the response
+ if infoRecord is not None:
+ respSMBCommand['CreationTime'] =
infoRecord['CreationTime']
+ respSMBCommand['LastAccessTime'] =
infoRecord['LastAccessTime']
+ respSMBCommand['LastWriteTime'] =
infoRecord['LastWriteTime']
+ respSMBCommand['ChangeTime'] =
infoRecord['ChangeTime']
+ respSMBCommand['AllocationSize'] =
infoRecord['AllocationSize']
+ respSMBCommand['EndofFile'] = infoRecord['EndOfFile']
+ respSMBCommand['FileAttributes'] =
infoRecord['FileAttributes']
+ if errorCode == STATUS_SUCCESS:
+ del(connData['OpenedFiles'][fileID])
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2QueryInfo(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2QueryInfo_Response()
+
+ queryInfo = smb2.SMB2QueryInfo(recvPacket['Data'])
+
+ errorCode = STATUS_SUCCESS
+
+ respSMBCommand['OutputBufferOffset'] = 0x48
+ respSMBCommand['Buffer'] = '\x00'
+
+ if str(queryInfo['FileID']) == '\xff'*16:
+ # Let's take the data from the lastRequest
+ if connData['LastRequest'].has_key('SMB2_CREATE'):
+ fileID = connData['LastRequest']['SMB2_CREATE']['FileID']
+ else:
+ fileID = str(queryInfo['FileID'])
+ else:
+ fileID = str(queryInfo['FileID'])
+
+ if connData['ConnectedShares'].has_key(recvPacket['TreeID']):
+ if connData['OpenedFiles'].has_key(fileID):
+ fileName = connData['OpenedFiles'][fileID]['FileName']
+
+ if queryInfo['InfoType'] == smb2.SMB2_0_INFO_FILE:
+ if queryInfo['FileInfoClass'] ==
smb2.SMB2_FILE_INTERNAL_INFO:
+ # No need to call queryFileInformation, we have the
data here
+ infoRecord = smb2.FileInternalInformation()
+ infoRecord['IndexNumber'] = fileID
+ else:
+ infoRecord, errorCode =
queryFileInformation(os.path.dirname(fileName), os.path.basename(fileName),
queryInfo['FileInfoClass'])
+ elif queryInfo['InfoType'] == smb2.SMB2_0_INFO_FILESYSTEM:
+ infoRecord = queryFsInformation(os.path.dirname(fileName),
os.path.basename(fileName), queryInfo['FileInfoClass'])
+ elif queryInfo['InfoType'] == smb2.SMB2_0_INFO_SECURITY:
+ # Failing for now, until we support it
+ infoRecord = None
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ smbServer.log("queryInfo not supported (%x)" %
queryInfo['InfoType'], logging.ERROR)
+
+ if infoRecord is not None:
+ respSMBCommand['OutputBufferLength'] = len(infoRecord)
+ respSMBCommand['Buffer'] = infoRecord
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2SetInfo(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2SetInfo_Response()
+
+ setInfo = smb2.SMB2SetInfo(recvPacket['Data'])
+
+ errorCode = STATUS_SUCCESS
+
+ if str(setInfo['FileID']) == '\xff'*16:
+ # Let's take the data from the lastRequest
+ if connData['LastRequest'].has_key('SMB2_CREATE'):
+ fileID = connData['LastRequest']['SMB2_CREATE']['FileID']
+ else:
+ fileID = str(setInfo['FileID'])
+ else:
+ fileID = str(setInfo['FileID'])
+
+ if connData['ConnectedShares'].has_key(recvPacket['TreeID']):
+ path =
connData['ConnectedShares'][recvPacket['TreeID']]['path']
+ if connData['OpenedFiles'].has_key(fileID):
+ pathName = connData['OpenedFiles'][fileID]['FileName']
+
+ if setInfo['InfoType'] == smb2.SMB2_0_INFO_FILE:
+ # The file information is being set
+ informationLevel = setInfo['FileInfoClass']
+ if informationLevel == smb2.SMB2_FILE_DISPOSITION_INFO:
+ infoRecord =
smb.SMBSetFileDispositionInfo(setInfo['Buffer'])
+ if infoRecord['DeletePending'] > 0:
+ # Mark this file for removal after closed
+ connData['OpenedFiles'][fileID]['DeleteOnClose'] =
True
+ elif informationLevel == smb2.SMB2_FILE_BASIC_INFO:
+ infoRecord = smb.SMBSetFileBasicInfo(setInfo['Buffer'])
+ # Creation time won't be set, the other ones we play
with.
+ atime = infoRecord['LastWriteTime']
+ if atime == 0:
+ atime = -1
+ else:
+ atime = getUnixTime(atime)
+ mtime = infoRecord['ChangeTime']
+ if mtime == 0:
+ mtime = -1
+ else:
+ mtime = getUnixTime(mtime)
+ if atime > 0 and mtime > 0:
+ os.utime(pathName,(atime,mtime))
+ elif informationLevel == smb2.SMB2_FILE_END_OF_FILE_INFO:
+ fileHandle =
connData['OpenedFiles'][fileID]['FileHandle']
+ infoRecord =
smb.SMBSetFileEndOfFileInfo(setInfo['Buffer'])
+ if infoRecord['EndOfFile'] > 0:
+ os.lseek(fileHandle, infoRecord['EndOfFile']-1, 0)
+ os.write(fileHandle, '\x00')
+ elif informationLevel == smb2.SMB2_FILE_RENAME_INFO:
+ renameInfo =
smb2.FILE_RENAME_INFORMATION_TYPE_2(setInfo['Buffer'])
+ newPathName =
os.path.join(path,renameInfo['FileName'].decode('utf-16le').replace('\\', '/'))
+ if renameInfo['ReplaceIfExists'] == 0 and
os.path.exists(newPathName):
+ return [smb2.SMB2Error()], None,
STATUS_OBJECT_NAME_COLLISION
+ try:
+ os.rename(pathName,newPathName)
+ connData['OpenedFiles'][fileID]['FileName'] =
newPathName
+ except Exception, e:
+ smbServer.log("smb2SetInfo: %s" % e,
logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ smbServer.log('Unknown level for set file info! 0x%x'
% informationLevel, logging.ERROR)
+ # UNSUPPORTED
+ errorCode = STATUS_NOT_SUPPORTED
+ #elif setInfo['InfoType'] == smb2.SMB2_0_INFO_FILESYSTEM:
+ # # The underlying object store information is being set.
+ # setInfo = queryFsInformation('/', fileName,
queryInfo['FileInfoClass'])
+ #elif setInfo['InfoType'] == smb2.SMB2_0_INFO_SECURITY:
+ # # The security information is being set.
+ # # Failing for now, until we support it
+ # infoRecord = None
+ # errorCode = STATUS_ACCESS_DENIED
+ #elif setInfo['InfoType'] == smb2.SMB2_0_INFO_QUOTA:
+ # # The underlying object store quota information is being
set.
+ # setInfo = queryFsInformation('/', fileName,
queryInfo['FileInfoClass'])
+ else:
+ smbServer.log("setInfo not supported (%x)" %
setInfo['InfoType'], logging.ERROR)
+
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+ else:
+ errorCode = STATUS_SMB_BAD_TID
+
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2Write(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2Write_Response()
+ writeRequest = smb2.SMB2Write(recvPacket['Data'])
+
+ respSMBCommand['Buffer'] = '\x00'
+
+ if str(writeRequest['FileID']) == '\xff'*16:
+ # Let's take the data from the lastRequest
+ if connData['LastRequest'].has_key('SMB2_CREATE'):
+ fileID = connData['LastRequest']['SMB2_CREATE']['FileID']
+ else:
+ fileID = str(writeRequest['FileID'])
+ else:
+ fileID = str(writeRequest['FileID'])
+
+ if connData['OpenedFiles'].has_key(fileID):
+ fileHandle = connData['OpenedFiles'][fileID]['FileHandle']
+ errorCode = STATUS_SUCCESS
+ try:
+ if fileHandle != PIPE_FILE_DESCRIPTOR:
+ offset = writeRequest['Offset']
+ # If we're trying to write past the file end we just skip
the write call (Vista does this)
+ if os.lseek(fileHandle, 0, 2) >= offset:
+ os.lseek(fileHandle,offset,0)
+ os.write(fileHandle,writeRequest['Buffer'])
+ else:
+ sock = connData['OpenedFiles'][fileID]['Socket']
+ sock.send(writeRequest['Buffer'])
+
+ respSMBCommand['Count'] = writeRequest['Length']
+ respSMBCommand['Remaining']= 0xff
+ except Exception, e:
+ smbServer.log('SMB2_WRITE: %s' % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2Read(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2Read_Response()
+ readRequest = smb2.SMB2Read(recvPacket['Data'])
+
+ respSMBCommand['Buffer'] = '\x00'
+
+ if str(readRequest['FileID']) == '\xff'*16:
+ # Let's take the data from the lastRequest
+ if connData['LastRequest'].has_key('SMB2_CREATE'):
+ fileID = connData['LastRequest']['SMB2_CREATE']['FileID']
+ else:
+ fileID = str(readRequest['FileID'])
+ else:
+ fileID = str(readRequest['FileID'])
+
+ if connData['OpenedFiles'].has_key(fileID):
+ fileHandle = connData['OpenedFiles'][fileID]['FileHandle']
+ errorCode = 0
+ try:
+ if fileHandle != PIPE_FILE_DESCRIPTOR:
+ offset = readRequest['Offset']
+ os.lseek(fileHandle,offset,0)
+ content = os.read(fileHandle,readRequest['Length'])
+ else:
+ sock = connData['OpenedFiles'][fileID]['Socket']
+ content = sock.recv(readRequest['Length'])
+
+ respSMBCommand['DataOffset'] = 0x50
+ respSMBCommand['DataLength'] = len(content)
+ respSMBCommand['DataRemaining']= 0
+ respSMBCommand['Buffer'] = content
+ except Exception, e:
+ smbServer.log('SMB2_READ: %s ' % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2Flush(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2Flush_Response()
+ flushRequest = smb2.SMB2Flush(recvPacket['Data'])
+
+ if connData['OpenedFiles'].has_key(str(flushRequest['FileID'])):
+ fileHandle =
connData['OpenedFiles'][str(flushRequest['FileID'])]['FileHandle']
+ errorCode = STATUS_SUCCESS
+ try:
+ os.fsync(fileHandle)
+ except Exception, e:
+ smbServer.log("SMB2_FLUSH %s" % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_INVALID_HANDLE
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+
+ @staticmethod
+ def smb2QueryDirectory(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+ respSMBCommand = smb2.SMB2QueryDirectory_Response()
+ queryDirectoryRequest = smb2.SMB2QueryDirectory(recvPacket['Data'])
+
+ respSMBCommand['Buffer'] = '\x00'
+
+ # The server MUST locate the tree connection, as specified in section
3.3.5.2.11.
+ if connData['ConnectedShares'].has_key(recvPacket['TreeID']) is False:
+ return [smb2.SMB2Error()], None, STATUS_NETWORK_NAME_DELETED
+
+ # Next, the server MUST locate the open for the directory to be queried
+ # If no open is found, the server MUST fail the request with
STATUS_FILE_CLOSED
+ if str(queryDirectoryRequest['FileID']) == '\xff'*16:
+ # Let's take the data from the lastRequest
+ if connData['LastRequest'].has_key('SMB2_CREATE'):
+ fileID = connData['LastRequest']['SMB2_CREATE']['FileID']
+ else:
+ fileID = str(queryDirectoryRequest['FileID'])
+ else:
+ fileID = str(queryDirectoryRequest['FileID'])
+
+ if connData['OpenedFiles'].has_key(fileID) is False:
+ return [smb2.SMB2Error()], None, STATUS_FILE_CLOSED
+
+ # If the open is not an open to a directory, the request MUST be failed
+ # with STATUS_INVALID_PARAMETER.
+ if os.path.isdir(connData['OpenedFiles'][fileID]['FileName']) is False:
+ return [smb2.SMB2Error()], None, STATUS_INVALID_PARAMETER
+
+ # If any other information class is specified in the
FileInformationClass
+ # field of the SMB2 QUERY_DIRECTORY Request, the server MUST fail the
+ # operation with STATUS_INVALID_INFO_CLASS.
+ if queryDirectoryRequest['FileInformationClass'] not in (
+ smb2.FILE_DIRECTORY_INFORMATION, smb2.FILE_FULL_DIRECTORY_INFORMATION,
smb2.FILEID_FULL_DIRECTORY_INFORMATION,
+ smb2.FILE_BOTH_DIRECTORY_INFORMATION,
smb2.FILEID_BOTH_DIRECTORY_INFORMATION, smb2.FILENAMES_INFORMATION):
+ return [smb2.SMB2Error()], None, STATUS_INVALID_INFO_CLASS
+
+ # If SMB2_REOPEN is set in the Flags field of the SMB2 QUERY_DIRECTORY
+ # Request, the server SHOULD<326> set Open.EnumerationLocation to 0
+ # and Open.EnumerationSearchPattern to an empty string.
+ if queryDirectoryRequest['Flags'] & smb2.SMB2_REOPEN:
+ connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] = 0
+
connData['OpenedFiles'][fileID]['Open']['EnumerationSearchPattern'] = ''
+
+ # If SMB2_RESTART_SCANS is set in the Flags field of the SMB2
+ # QUERY_DIRECTORY Request, the server MUST set
+ # Open.EnumerationLocation to 0.
+ if queryDirectoryRequest['Flags'] & smb2.SMB2_RESTART_SCANS:
+ connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] = 0
+
+ # If Open.EnumerationLocation is 0 and Open.EnumerationSearchPattern
+ # is an empty string, then Open.EnumerationSearchPattern MUST be set
+ # to the search pattern specified in the SMB2 QUERY_DIRECTORY by
+ # FileNameOffset and FileNameLength. If FileNameLength is 0, the server
+ # SHOULD<327> set Open.EnumerationSearchPattern as "*" to search all
entries.
+
+ pattern = queryDirectoryRequest['Buffer'].decode('utf-16le')
+ if connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] ==
0 and \
+
connData['OpenedFiles'][fileID]['Open']['EnumerationSearchPattern'] == '':
+ if pattern == '':
+ pattern = '*'
+
connData['OpenedFiles'][fileID]['Open']['EnumerationSearchPattern'] = pattern
+
+ # If SMB2_INDEX_SPECIFIED is set and FileNameLength is not zero,
+ # the server MUST set Open.EnumerationSearchPattern to the search
pattern
+ # specified in the request by FileNameOffset and FileNameLength.
+ if queryDirectoryRequest['Flags'] & smb2.SMB2_INDEX_SPECIFIED and \
+ queryDirectoryRequest['FileNameLength'] > 0:
+
connData['OpenedFiles'][fileID]['Open']['EnumerationSearchPattern'] = pattern
+
+ pathName =
os.path.join(os.path.normpath(connData['OpenedFiles'][fileID]['FileName']),pattern)
+ searchResult, searchCount, errorCode =
findFirst2(os.path.dirname(pathName),
+ os.path.basename(pathName),
+ queryDirectoryRequest['FileInformationClass'],
+ smb.ATTR_DIRECTORY, isSMB2 = True )
+
+ if errorCode != STATUS_SUCCESS:
+ return [smb2.SMB2Error()], None, errorCode
+
+ if searchCount > 2 and pattern == '*':
+ # strip . and ..
+ searchCount -= 2
+ searchResult = searchResult[2:]
+
+ if searchCount == 0 and
connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] == 0:
+ return [smb2.SMB2Error()], None, STATUS_NO_SUCH_FILE
+
+ if connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] < 0:
+ return [smb2.SMB2Error()], None, STATUS_NO_MORE_FILES
+
+ totalData = 0
+ respData = ''
+ for nItem in
range(connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'],
searchCount):
+ connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] += 1
+ if queryDirectoryRequest['Flags'] & smb2.SL_RETURN_SINGLE_ENTRY:
+ # If single entry is requested we must clear the
NextEntryOffset
+ searchResult[nItem]['NextEntryOffset'] = 0
+ data = searchResult[nItem].getData()
+ lenData = len(data)
+ padLen = (8-(lenData % 8)) %8
+
+ if (totalData+lenData) >=
queryDirectoryRequest['OutputBufferLength']:
+ connData['OpenedFiles'][fileID]['Open']['EnumerationLocation']
-= 1
+ break
+ else:
+ respData += data + '\x00'*padLen
+ totalData += lenData + padLen
+
+ if queryDirectoryRequest['Flags'] & smb2.SL_RETURN_SINGLE_ENTRY:
+ break
+
+ if connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] >=
searchCount:
+ connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] =
-1
+
+ respSMBCommand['OutputBufferOffset'] = 0x48
+ respSMBCommand['OutputBufferLength'] = totalData
+ respSMBCommand['Buffer'] = respData
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2ChangeNotify(connId, smbServer, recvPacket):
+
+ return [smb2.SMB2Error()], None, STATUS_NOT_SUPPORTED
+
+ @staticmethod
+ def smb2Echo(connId, smbServer, recvPacket):
+
+ respSMBCommand = smb2.SMB2Echo_Response()
+
+ return [respSMBCommand], None, STATUS_SUCCESS
+
+ @staticmethod
+ def smb2TreeDisconnect(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2TreeDisconnect_Response()
+
+ if connData['ConnectedShares'].has_key(recvPacket['TreeID']):
+ smbServer.log("Disconnecting Share(%d:%s)" %
(recvPacket['TreeID'],connData['ConnectedShares'][recvPacket['TreeID']]['shareName']))
+ del(connData['ConnectedShares'][recvPacket['TreeID']])
+ errorCode = STATUS_SUCCESS
+ else:
+ # STATUS_SMB_BAD_TID
+ errorCode = STATUS_SMB_BAD_TID
+
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2Logoff(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2Logoff_Response()
+
+ if recvPacket['SessionID'] != connData['Uid']:
+ # STATUS_SMB_BAD_UID
+ errorCode = STATUS_SMB_BAD_UID
+ else:
+ errorCode = STATUS_SUCCESS
+
+ connData['Uid'] = 0
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2Ioctl(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2Ioctl_Response()
+ ioctlRequest = smb2.SMB2Ioctl(recvPacket['Data'])
+
+ ioctls = smbServer.getIoctls()
+ if ioctls.has_key(ioctlRequest['CtlCode']):
+ outputData, errorCode = ioctls[ioctlRequest['CtlCode']](connId,
smbServer, ioctlRequest)
+ if errorCode == STATUS_SUCCESS:
+ respSMBCommand['CtlCode'] = ioctlRequest['CtlCode']
+ respSMBCommand['FileID'] = ioctlRequest['FileID']
+ respSMBCommand['InputOffset'] = 0
+ respSMBCommand['InputCount'] = 0
+ respSMBCommand['OutputOffset'] = 0x70
+ respSMBCommand['OutputCount'] = len(outputData)
+ respSMBCommand['Flags'] = 0
+ respSMBCommand['Buffer'] = outputData
+ else:
+ respSMBCommand = outputData
+ else:
+ smbServer.log("Ioctl not implemented command: 0x%x" %
ioctlRequest['CtlCode'],logging.DEBUG)
+ errorCode = STATUS_INVALID_DEVICE_REQUEST
+ respSMBCommand = smb2.SMB2Error()
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2Lock(connId, smbServer, recvPacket):
+ connData = smbServer.getConnectionData(connId)
+
+ respSMBCommand = smb2.SMB2Lock_Response()
+
+ # I'm actually doing nothing.. just make MacOS happy ;)
+ errorCode = STATUS_SUCCESS
+
+ smbServer.setConnectionData(connId, connData)
+ return [respSMBCommand], None, errorCode
+
+ @staticmethod
+ def smb2Cancel(connId, smbServer, recvPacket):
+ # I'm actually doing nothing
+ return [smb2.SMB2Error()], None, STATUS_CANCELLED
+
+ @staticmethod
+ def default(connId, smbServer, recvPacket):
+ # By default we return an SMB Packet with error not implemented
+ smbServer.log("Not implemented command: 0x%x" %
recvPacket['Command'],logging.DEBUG)
+ return [smb2.SMB2Error()], None, STATUS_NOT_SUPPORTED
+
+class Ioctls:
+ @staticmethod
+ def fsctlDfsGetReferrals(connId, smbServer, ioctlRequest):
+ return smb2.SMB2Error(), STATUS_FS_DRIVER_REQUIRED
+
+ @staticmethod
+ def fsctlPipeTransceive(connId, smbServer, ioctlRequest):
+ connData = smbServer.getConnectionData(connId)
+
+ ioctlResponse = ''
+
+ if connData['OpenedFiles'].has_key(str(ioctlRequest['FileID'])):
+ fileHandle =
connData['OpenedFiles'][str(ioctlRequest['FileID'])]['FileHandle']
+ errorCode = STATUS_SUCCESS
+ try:
+ if fileHandle != PIPE_FILE_DESCRIPTOR:
+ errorCode = STATUS_INVALID_DEVICE_REQUEST
+ else:
+ sock =
connData['OpenedFiles'][str(ioctlRequest['FileID'])]['Socket']
+ sock.sendall(ioctlRequest['Buffer'])
+ ioctlResponse =
sock.recv(ioctlRequest['MaxOutputResponse'])
+ except Exception, e:
+ smbServer.log('fsctlPipeTransceive: %s ' % e, logging.ERROR)
+ errorCode = STATUS_ACCESS_DENIED
+ else:
+ errorCode = STATUS_INVALID_DEVICE_REQUEST
+
+ smbServer.setConnectionData(connId, connData)
+ return ioctlResponse, errorCode
+
+ @staticmethod
+ def fsctlValidateNegotiateInfo(connId, smbServer, ioctlRequest):
+ connData = smbServer.getConnectionData(connId)
+
+ errorCode = STATUS_SUCCESS
+
+ validateNegotiateInfo =
smb2.VALIDATE_NEGOTIATE_INFO(ioctlRequest['Buffer'])
+ validateNegotiateInfo['Capabilities'] = 0
+ validateNegotiateInfo['Guid'] = 'A'*16
+ validateNegotiateInfo['SecurityMode'] = 1
+ validateNegotiateInfo['Dialects'] = (smb2.SMB2_DIALECT_002,)
+
+ smbServer.setConnectionData(connId, connData)
+ return validateNegotiateInfo.getData(), errorCode
+
+
+class SMBSERVERHandler(SocketServer.BaseRequestHandler):
+ def __init__(self, request, client_address, server, select_poll = False):
+ self.__SMB = server
+ self.__ip, self.__port = client_address
+ self.__request = request
+ self.__connId = threading.currentThread().getName()
+ self.__timeOut = 60*5
+ self.__select_poll = select_poll
+ #self.__connId = os.getpid()
+ SocketServer.BaseRequestHandler.__init__(self, request,
client_address, server)
+
+ def handle(self):
+ self.__SMB.log("Incoming connection (%s,%d)" % (self.__ip,
self.__port))
+ self.__SMB.addConnection(self.__connId, self.__ip, self.__port)
+ while True:
+ try:
+ # Firt of all let's get the NETBIOS packet
+ session =
nmb.NetBIOSTCPSession(self.__SMB.getServerName(),'HOST', self.__ip, sess_port =
self.__port, sock = self.__request, select_poll = self.__select_poll)
+ try:
+ p = session.recv_packet(self.__timeOut)
+ except nmb.NetBIOSTimeout:
+ raise
+ except nmb.NetBIOSError:
+ break
+
+ if p.get_type() == nmb.NETBIOS_SESSION_REQUEST:
+ # Someone is requesting a session, we're gonna accept them
all :)
+ _, rn, my = p.get_trailer().split(' ')
+ remote_name = nmb.decode_name('\x20'+rn)
+ myname = nmb.decode_name('\x20'+my)
+ self.__SMB.log("NetBIOS Session request (%s,%s,%s)" %
(self.__ip, remote_name[1].strip(), myname[1]))
+ r = nmb.NetBIOSSessionPacket()
+ r.set_type(nmb.NETBIOS_SESSION_POSITIVE_RESPONSE)
+ r.set_trailer(p.get_trailer())
+ self.__request.send(r.rawData())
+ else:
+ resp = self.__SMB.processRequest(self.__connId,
p.get_trailer())
+ # Send all the packets recevied. Except for big
transactions this should be
+ # a single packet
+ for i in resp:
+ session.send_packet(str(i))
+ except Exception, e:
+ self.__SMB.log("Handle: %s" % e)
+ #import traceback
+ #traceback.print_exc()
+ break
+
+ def finish(self):
+ # Thread/process is dying, we should tell the main SMB thread to
remove all this thread data
+ self.__SMB.log("Closing down connection (%s,%d)" % (self.__ip,
self.__port))
+ self.__SMB.removeConnection(self.__connId)
+ return SocketServer.BaseRequestHandler.finish(self)
+
+class SMBSERVER(SocketServer.ThreadingMixIn, SocketServer.TCPServer):
+#class SMBSERVER(SocketServer.ForkingMixIn, SocketServer.TCPServer):
+ def __init__(self, server_address, handler_class=SMBSERVERHandler,
config_parser = None):
+ SocketServer.TCPServer.allow_reuse_address = True
+ SocketServer.TCPServer.__init__(self, server_address, handler_class)
+
+ # Server name and OS to be presented whenever is necessary
+ self.__serverName = ''
+ self.__serverOS = ''
+ self.__serverDomain = ''
+ self.__challenge = ''
+ self.__log = None
+
+ # Our ConfigParser data
+ self.__serverConfig = config_parser
+
+ # Our credentials to be used during the server's lifetime
+ self.__credentials = {}
+
+ # Our log file
+ self.__logFile = ''
+
+ # Registered Named Pipes, format is PipeName,Socket
+ self.__registeredNamedPipes = {}
+
+ # JTR dump path
+ self.__jtr_dump_path = ''
+
+ # SMB2 Support flag = default not active
+ self.__SMB2Support = False
+
+ # Our list of commands we will answer, by default the NOT IMPLEMENTED
one
+ self.__smbCommandsHandler = SMBCommands()
+ self.__smbTrans2Handler = TRANS2Commands()
+ self.__smbTransHandler = TRANSCommands()
+ self.__smbNTTransHandler = NTTRANSCommands()
+ self.__smb2CommandsHandler = SMB2Commands()
+ self.__IoctlHandler = Ioctls()
+
+ self.__smbNTTransCommands = {
+ # NT IOCTL, can't find doc for this
+ 0xff :self.__smbNTTransHandler.default
+ }
+
+ self.__smbTransCommands = {
+'\\PIPE\\LANMAN' :self.__smbTransHandler.lanMan,
+smb.SMB.TRANS_TRANSACT_NMPIPE
:self.__smbTransHandler.transactNamedPipe,
+ }
+ self.__smbTrans2Commands = {
+ smb.SMB.TRANS2_FIND_FIRST2 :self.__smbTrans2Handler.findFirst2,
+ smb.SMB.TRANS2_FIND_NEXT2 :self.__smbTrans2Handler.findNext2,
+ smb.SMB.TRANS2_QUERY_FS_INFORMATION
:self.__smbTrans2Handler.queryFsInformation,
+ smb.SMB.TRANS2_QUERY_PATH_INFORMATION
:self.__smbTrans2Handler.queryPathInformation,
+ smb.SMB.TRANS2_QUERY_FILE_INFORMATION
:self.__smbTrans2Handler.queryFileInformation,
+ smb.SMB.TRANS2_SET_FILE_INFORMATION
:self.__smbTrans2Handler.setFileInformation,
+ smb.SMB.TRANS2_SET_PATH_INFORMATION
:self.__smbTrans2Handler.setPathInformation
+ }
+
+ self.__smbCommands = {
+ #smb.SMB.SMB_COM_FLUSH: self.__smbCommandsHandler.smbComFlush,
+ smb.SMB.SMB_COM_CREATE_DIRECTORY:
self.__smbCommandsHandler.smbComCreateDirectory,
+ smb.SMB.SMB_COM_DELETE_DIRECTORY:
self.__smbCommandsHandler.smbComDeleteDirectory,
+ smb.SMB.SMB_COM_RENAME: self.__smbCommandsHandler.smbComRename,
+ smb.SMB.SMB_COM_DELETE: self.__smbCommandsHandler.smbComDelete,
+ smb.SMB.SMB_COM_NEGOTIATE: self.__smbCommandsHandler.smbComNegotiate,
+ smb.SMB.SMB_COM_SESSION_SETUP_ANDX:
self.__smbCommandsHandler.smbComSessionSetupAndX,
+ smb.SMB.SMB_COM_LOGOFF_ANDX:
self.__smbCommandsHandler.smbComLogOffAndX,
+ smb.SMB.SMB_COM_TREE_CONNECT_ANDX:
self.__smbCommandsHandler.smbComTreeConnectAndX,
+ smb.SMB.SMB_COM_TREE_DISCONNECT:
self.__smbCommandsHandler.smbComTreeDisconnect,
+ smb.SMB.SMB_COM_ECHO: self.__smbCommandsHandler.smbComEcho,
+ smb.SMB.SMB_COM_QUERY_INFORMATION:
self.__smbCommandsHandler.smbQueryInformation,
+ smb.SMB.SMB_COM_TRANSACTION2: self.__smbCommandsHandler.smbTransaction2,
+ smb.SMB.SMB_COM_TRANSACTION: self.__smbCommandsHandler.smbTransaction,
+ # Not needed for now
+ smb.SMB.SMB_COM_NT_TRANSACT: self.__smbCommandsHandler.smbNTTransact,
+ smb.SMB.SMB_COM_QUERY_INFORMATION_DISK:
self.__smbCommandsHandler.smbQueryInformationDisk,
+ smb.SMB.SMB_COM_OPEN_ANDX: self.__smbCommandsHandler.smbComOpenAndX,
+ smb.SMB.SMB_COM_QUERY_INFORMATION2:
self.__smbCommandsHandler.smbComQueryInformation2,
+ smb.SMB.SMB_COM_READ_ANDX: self.__smbCommandsHandler.smbComReadAndX,
+ smb.SMB.SMB_COM_READ: self.__smbCommandsHandler.smbComRead,
+ smb.SMB.SMB_COM_WRITE_ANDX: self.__smbCommandsHandler.smbComWriteAndX,
+ smb.SMB.SMB_COM_WRITE: self.__smbCommandsHandler.smbComWrite,
+ smb.SMB.SMB_COM_CLOSE: self.__smbCommandsHandler.smbComClose,
+ smb.SMB.SMB_COM_LOCKING_ANDX:
self.__smbCommandsHandler.smbComLockingAndX,
+ smb.SMB.SMB_COM_NT_CREATE_ANDX:
self.__smbCommandsHandler.smbComNtCreateAndX,
+ 0xFF: self.__smbCommandsHandler.default
+}
+
+ self.__smb2Ioctls = {
+ smb2.FSCTL_DFS_GET_REFERRALS:
self.__IoctlHandler.fsctlDfsGetReferrals,
+# smb2.FSCTL_PIPE_PEEK: self.__IoctlHandler.fsctlPipePeek,
+# smb2.FSCTL_PIPE_WAIT: self.__IoctlHandler.fsctlPipeWait,
+ smb2.FSCTL_PIPE_TRANSCEIVE:
self.__IoctlHandler.fsctlPipeTransceive,
+# smb2.FSCTL_SRV_COPYCHUNK:
self.__IoctlHandler.fsctlSrvCopyChunk,
+# smb2.FSCTL_SRV_ENUMERATE_SNAPSHOTS:
self.__IoctlHandler.fsctlSrvEnumerateSnapshots,
+# smb2.FSCTL_SRV_REQUEST_RESUME_KEY:
self.__IoctlHandler.fsctlSrvRequestResumeKey,
+# smb2.FSCTL_SRV_READ_HASH:
self.__IoctlHandler.fsctlSrvReadHash,
+# smb2.FSCTL_SRV_COPYCHUNK_WRITE:
self.__IoctlHandler.fsctlSrvCopyChunkWrite,
+# smb2.FSCTL_LMR_REQUEST_RESILIENCY:
self.__IoctlHandler.fsctlLmrRequestResiliency,
+# smb2.FSCTL_QUERY_NETWORK_INTERFACE_INFO:
self.__IoctlHandler.fsctlQueryNetworkInterfaceInfo,
+# smb2.FSCTL_SET_REPARSE_POINT:
self.__IoctlHandler.fsctlSetReparsePoint,
+# smb2.FSCTL_DFS_GET_REFERRALS_EX:
self.__IoctlHandler.fsctlDfsGetReferralsEx,
+# smb2.FSCTL_FILE_LEVEL_TRIM:
self.__IoctlHandler.fsctlFileLevelTrim,
+ smb2.FSCTL_VALIDATE_NEGOTIATE_INFO:
self.__IoctlHandler.fsctlValidateNegotiateInfo,
+}
+
+ self.__smb2Commands = {
+ smb2.SMB2_NEGOTIATE: self.__smb2CommandsHandler.smb2Negotiate,
+ smb2.SMB2_SESSION_SETUP: self.__smb2CommandsHandler.smb2SessionSetup,
+ smb2.SMB2_LOGOFF: self.__smb2CommandsHandler.smb2Logoff,
+ smb2.SMB2_TREE_CONNECT: self.__smb2CommandsHandler.smb2TreeConnect,
+ smb2.SMB2_TREE_DISCONNECT: self.__smb2CommandsHandler.smb2TreeDisconnect,
+ smb2.SMB2_CREATE: self.__smb2CommandsHandler.smb2Create,
+ smb2.SMB2_CLOSE: self.__smb2CommandsHandler.smb2Close,
+ smb2.SMB2_FLUSH: self.__smb2CommandsHandler.smb2Flush,
+ smb2.SMB2_READ: self.__smb2CommandsHandler.smb2Read,
+ smb2.SMB2_WRITE: self.__smb2CommandsHandler.smb2Write,
+ smb2.SMB2_LOCK: self.__smb2CommandsHandler.smb2Lock,
+ smb2.SMB2_IOCTL: self.__smb2CommandsHandler.smb2Ioctl,
+ smb2.SMB2_CANCEL: self.__smb2CommandsHandler.smb2Cancel,
+ smb2.SMB2_ECHO: self.__smb2CommandsHandler.smb2Echo,
+ smb2.SMB2_QUERY_DIRECTORY: self.__smb2CommandsHandler.smb2QueryDirectory,
+ smb2.SMB2_CHANGE_NOTIFY: self.__smb2CommandsHandler.smb2ChangeNotify,
+ smb2.SMB2_QUERY_INFO: self.__smb2CommandsHandler.smb2QueryInfo,
+ smb2.SMB2_SET_INFO: self.__smb2CommandsHandler.smb2SetInfo,
+# smb2.SMB2_OPLOCK_BREAK: self.__smb2CommandsHandler.smb2SessionSetup,
+ 0xFF: self.__smb2CommandsHandler.default
+}
+
+ # List of active connections
+ self.__activeConnections = {}
+
+ def getIoctls(self):
+ return self.__smb2Ioctls
+
+ def getCredentials(self):
+ return self.__credentials
+
+ def removeConnection(self, name):
+ try:
+ del(self.__activeConnections[name])
+ except:
+ pass
+ self.log("Remaining connections %s" % self.__activeConnections.keys())
+
+ def addConnection(self, name, ip, port):
+ self.__activeConnections[name] = {}
+ # Let's init with some know stuff we will need to have
+ # TODO: Document what's in there
+ #print "Current Connections", self.__activeConnections.keys()
+ self.__activeConnections[name]['PacketNum'] = 0
+ self.__activeConnections[name]['ClientIP'] = ip
+ self.__activeConnections[name]['ClientPort'] = port
+ self.__activeConnections[name]['Uid'] = 0
+ self.__activeConnections[name]['ConnectedShares'] = {}
+ self.__activeConnections[name]['OpenedFiles'] = {}
+ # SID results for findfirst2
+ self.__activeConnections[name]['SIDs'] = {}
+ self.__activeConnections[name]['LastRequest'] = {}
+
+ def getActiveConnections(self):
+ return self.__activeConnections
+
+ def setConnectionData(self, connId, data):
+ self.__activeConnections[connId] = data
+ #print "setConnectionData"
+ #print self.__activeConnections
+
+ def getConnectionData(self, connId, checkStatus = True):
+ conn = self.__activeConnections[connId]
+ if checkStatus is True:
+ if conn.has_key('Authenticated') is not True:
+ # Can't keep going further
+ raise Exception("User not Authenticated!")
+ return conn
+
+ def getRegisteredNamedPipes(self):
+ return self.__registeredNamedPipes
+
+ def registerNamedPipe(self, pipeName, address):
+ self.__registeredNamedPipes[unicode(pipeName)] = address
+ return True
+
+ def unregisterNamedPipe(self, pipeName):
+ if self.__registeredNamedPipes.has_key(pipeName):
+ del(self.__registeredNamedPipes[unicode(pipeName)])
+ return True
+ return False
+
+ def unregisterTransaction(self, transCommand):
+ if self.__smbTransCommands.has_key(transCommand):
+ del(self.__smbTransCommands[transCommand])
+
+ def hookTransaction(self, transCommand, callback):
+ # If you call this function, callback will replace
+ # the current Transaction sub command.
+ # (don't get confused with the Transaction smbCommand)
+ # If the transaction sub command doesn't not exist, it is added
+ # If the transaction sub command exists, it returns the original
function # replaced
+ #
+ # callback MUST be declared as:
+ # callback(connId, smbServer, recvPacket, parameters, data,
maxDataCount=0)
+ #
+ # WHERE:
+ #
+ # connId : the connection Id, used to grab/update information
about
+ # the current connection
+ # smbServer : the SMBServer instance available for you to ask
+ # configuration data
+ # recvPacket : the full SMBPacket that triggered this command
+ # parameters : the transaction parameters
+ # data : the transaction data
+ # maxDataCount: the max amount of data that can be transfered agreed
+ # with the client
+ #
+ # and MUST return:
+ # respSetup, respParameters, respData, errorCode
+ #
+ # WHERE:
+ #
+ # respSetup: the setup response of the transaction
+ # respParameters: the parameters response of the transaction
+ # respData: the data reponse of the transaction
+ # errorCode: the NT error code
+
+ if self.__smbTransCommands.has_key(transCommand):
+ originalCommand = self.__smbTransCommands[transCommand]
+ else:
+ originalCommand = None
+
+ self.__smbTransCommands[transCommand] = callback
+ return originalCommand
+
+ def unregisterTransaction2(self, transCommand):
+ if self.__smbTrans2Commands.has_key(transCommand):
+ del(self.__smbTrans2Commands[transCommand])
+
+ def hookTransaction2(self, transCommand, callback):
+ # Here we should add to __smbTrans2Commands
+ # Same description as Transaction
+ if self.__smbTrans2Commands.has_key(transCommand):
+ originalCommand = self.__smbTrans2Commands[transCommand]
+ else:
+ originalCommand = None
+
+ self.__smbTrans2Commands[transCommand] = callback
+ return originalCommand
+
+ def unregisterNTTransaction(self, transCommand):
+ if self.__smbNTTransCommands.has_key(transCommand):
+ del(self.__smbNTTransCommands[transCommand])
+
+ def hookNTTransaction(self, transCommand, callback):
+ # Here we should add to __smbNTTransCommands
+ # Same description as Transaction
+ if self.__smbNTTransCommands.has_key(transCommand):
+ originalCommand = self.__smbNTTransCommands[transCommand]
+ else:
+ originalCommand = None
+
+ self.__smbNTTransCommands[transCommand] = callback
+ return originalCommand
+
+ def unregisterSmbCommand(self, smbCommand):
+ if self.__smbCommands.has_key(smbCommand):
+ del(self.__smbCommands[smbCommand])
+
+ def hookSmbCommand(self, smbCommand, callback):
+ # Here we should add to self.__smbCommands
+ # If you call this function, callback will replace
+ # the current smbCommand.
+ # If smbCommand doesn't not exist, it is added
+ # If SMB command exists, it returns the original function replaced
+ #
+ # callback MUST be declared as:
+ # callback(connId, smbServer, SMBCommand, recvPacket)
+ #
+ # WHERE:
+ #
+ # connId : the connection Id, used to grab/update information about
+ # the current connection
+ # smbServer : the SMBServer instance available for you to ask
+ # configuration data
+ # SMBCommand: the SMBCommand itself, with its data and parameters.
+ # Check smb.py:SMBCommand() for a reference
+ # recvPacket: the full SMBPacket that triggered this command
+ #
+ # and MUST return:
+ # <list of respSMBCommands>, <list of packets>, errorCode
+ # <list of packets> has higher preference over commands, in case you
+ # want to change the whole packet
+ # errorCode: the NT error code
+ #
+ # For SMB_COM_TRANSACTION2, SMB_COM_TRANSACTION and SMB_COM_NT_TRANSACT
+ # the callback function is slightly different:
+ #
+ # callback(connId, smbServer, SMBCommand, recvPacket, transCommands)
+ #
+ # WHERE:
+ #
+ # transCommands: a list of transaction subcommands already registered
+ #
+
+ if self.__smbCommands.has_key(smbCommand):
+ originalCommand = self.__smbCommands[smbCommand]
+ else:
+ originalCommand = None
+
+ self.__smbCommands[smbCommand] = callback
+ return originalCommand
+
+ def unregisterSmb2Command(self, smb2Command):
+ if self.__smb2Commands.has_key(smb2Command):
+ del(self.__smb2Commands[smb2Command])
+
+ def hookSmb2Command(self, smb2Command, callback):
+ if self.__smb2Commands.has_key(smb2Command):
+ originalCommand = self.__smb2Commands[smb2Command]
+ else:
+ originalCommand = None
+
+ self.__smb2Commands[smb2Command] = callback
+ return originalCommand
+
+ def log(self, msg, level=logging.INFO):
+ self.__log.log(level,msg)
+
+ def getServerName(self):
+ return self.__serverName
+
+ def getServerOS(self):
+ return self.__serverOS
+
+ def getServerDomain(self):
+ return self.__serverDomain
+
+ def getSMBChallenge(self):
+ return self.__challenge
+
+ def getServerConfig(self):
+ return self.__serverConfig
+
+ def setServerConfig(self, config):
+ self.__serverConfig = config
+
+ def getJTRdumpPath(self):
+ return self.__jtr_dump_path
+
+ def verify_request(self, request, client_address):
+ # TODO: Control here the max amount of processes we want to launch
+ # returning False, closes the connection
+ return True
+
+ def processRequest(self, connId, data):
+
+ # TODO: Process batched commands.
+ isSMB2 = False
+ SMBCommand = None
+ try:
+ packet = smb.NewSMBPacket(data = data)
+ SMBCommand = smb.SMBCommand(packet['Data'][0])
+ except:
+ # Maybe a SMB2 packet?
+ packet = smb2.SMB2Packet(data = data)
+ isSMB2 = True
+
+ # We might have compound requests
+ compoundedPacketsResponse = []
+ compoundedPackets = []
+ try:
+ # Search out list of implemented commands
+ # We provide them with:
+ # connId : representing the data for this specific connection
+ # self : the SMBSERVER if they want to ask data to it
+ # SMBCommand : the SMBCommand they are expecting to process
+ # packet : the received packet itself, in case they need more
data than the actual command
+ # Only for Transactions
+ # transCommand: a list of transaction subcommands
+ # We expect to get:
+ # respCommands: a list of answers for the commands processed
+ # respPacket : if the commands chose to directly craft packet/s,
we use this and not the previous
+ # this MUST be a list
+ # errorCode : self explanatory
+ if isSMB2 is False:
+ if packet['Command'] == smb.SMB.SMB_COM_TRANSACTION2:
+ respCommands, respPackets, errorCode =
self.__smbCommands[packet['Command']](
+ connId,
+ self,
+ SMBCommand,
+ packet,
+ self.__smbTrans2Commands)
+ elif packet['Command'] == smb.SMB.SMB_COM_NT_TRANSACT:
+ respCommands, respPackets, errorCode =
self.__smbCommands[packet['Command']](
+ connId,
+ self,
+ SMBCommand,
+ packet,
+ self.__smbNTTransCommands)
+ elif packet['Command'] == smb.SMB.SMB_COM_TRANSACTION:
+ respCommands, respPackets, errorCode =
self.__smbCommands[packet['Command']](
+ connId,
+ self,
+ SMBCommand,
+ packet,
+ self.__smbTransCommands)
+ else:
+ if self.__smbCommands.has_key(packet['Command']):
+ if self.__SMB2Support is True:
+ if packet['Command'] == smb.SMB.SMB_COM_NEGOTIATE:
+ try:
+ respCommands, respPackets, errorCode =
self.__smb2Commands[smb2.SMB2_NEGOTIATE](connId, self, packet, True)
+ isSMB2 = True
+ except Exception, e:
+ self.log('SMB2_NEGOTIATE: %s' % e,
logging.ERROR)
+ # If something went wrong, let's fallback
to SMB1
+ respCommands, respPackets, errorCode =
self.__smbCommands[packet['Command']](
+ connId,
+ self,
+ SMBCommand,
+ packet)
+ #self.__SMB2Support = False
+ pass
+ else:
+ respCommands, respPackets, errorCode =
self.__smbCommands[packet['Command']](
+ connId,
+ self,
+ SMBCommand,
+ packet)
+ else:
+ respCommands, respPackets, errorCode =
self.__smbCommands[packet['Command']](
+ connId,
+ self,
+ SMBCommand,
+ packet)
+ else:
+ respCommands, respPackets, errorCode =
self.__smbCommands[255](connId, self, SMBCommand, packet)
+
+ compoundedPacketsResponse.append((respCommands, respPackets,
errorCode))
+ compoundedPackets.append(packet)
+
+ else:
+ done = False
+ while not done:
+ if self.__smb2Commands.has_key(packet['Command']):
+ if self.__SMB2Support is True:
+ respCommands, respPackets, errorCode =
self.__smb2Commands[packet['Command']](
+ connId,
+ self,
+ packet)
+ else:
+ respCommands, respPackets, errorCode =
self.__smb2Commands[255](connId, self, packet)
+ else:
+ respCommands, respPackets, errorCode =
self.__smb2Commands[255](connId, self, packet)
+ # Let's store the result for this compounded packet
+ compoundedPacketsResponse.append((respCommands,
respPackets, errorCode))
+ compoundedPackets.append(packet)
+ if packet['NextCommand'] != 0:
+ data = data[packet['NextCommand']:]
+ packet = smb2.SMB2Packet(data = data)
+ else:
+ done = True
+
+ except Exception, e:
+ #import traceback
+ #traceback.print_exc()
+ # Something wen't wrong, defaulting to Bad user ID
+ self.log('processRequest (0x%x,%s)' % (packet['Command'],e),
logging.ERROR)
+ raise
+
+ # We prepare the response packet to commands don't need to bother
about that.
+ connData = self.getConnectionData(connId, False)
+
+ # Force reconnection loop.. This is just a test.. client will send me
back credentials :)
+ #connData['PacketNum'] += 1
+ #if connData['PacketNum'] == 15:
+ # connData['PacketNum'] = 0
+ # # Something wen't wrong, defaulting to Bad user ID
+ # self.log('Sending BAD USER ID!', logging.ERROR)
+ # #raise
+ # packet['Flags1'] |= smb.SMB.FLAGS1_REPLY
+ # packet['Flags2'] = 0
+ # errorCode = STATUS_SMB_BAD_UID
+ # packet['ErrorCode'] = errorCode >> 16
+ # packet['ErrorClass'] = errorCode & 0xff
+ # return [packet]
+
+ self.setConnectionData(connId, connData)
+
+ packetsToSend = []
+ for packetNum in range(len(compoundedPacketsResponse)):
+ respCommands, respPackets, errorCode =
compoundedPacketsResponse[packetNum]
+ packet = compoundedPackets[packetNum]
+ if respPackets is None:
+ for respCommand in respCommands:
+ if isSMB2 is False:
+ respPacket = smb.NewSMBPacket()
+ respPacket['Flags1'] = smb.SMB.FLAGS1_REPLY
+
+ # TODO this should come from a per session
configuration
+ respPacket['Flags2'] =
smb.SMB.FLAGS2_EXTENDED_SECURITY | smb.SMB.FLAGS2_NT_STATUS |
smb.SMB.FLAGS2_LONG_NAMES | packet['Flags2'] & smb.SMB.FLAGS2_UNICODE
+ #respPacket['Flags2'] =
smb.SMB.FLAGS2_EXTENDED_SECURITY | smb.SMB.FLAGS2_NT_STATUS |
smb.SMB.FLAGS2_LONG_NAMES
+ #respPacket['Flags1'] = 0x98
+ #respPacket['Flags2'] = 0xc807
+
+
+ respPacket['Tid'] = packet['Tid']
+ respPacket['Mid'] = packet['Mid']
+ respPacket['Pid'] = packet['Pid']
+ respPacket['Uid'] = connData['Uid']
+
+ respPacket['ErrorCode'] = errorCode >> 16
+ respPacket['_reserved'] = errorCode >> 8 & 0xff
+ respPacket['ErrorClass'] = errorCode & 0xff
+ respPacket.addCommand(respCommand)
+
+ packetsToSend.append(respPacket)
+ else:
+ respPacket = smb2.SMB2Packet()
+ respPacket['Flags'] =
smb2.SMB2_FLAGS_SERVER_TO_REDIR
+ if packetNum > 0:
+ respPacket['Flags'] |=
smb2.SMB2_FLAGS_RELATED_OPERATIONS
+ respPacket['Status'] = errorCode
+ respPacket['CreditRequestResponse'] =
packet['CreditRequestResponse']
+ respPacket['Command'] = packet['Command']
+ respPacket['CreditCharge'] = packet['CreditCharge']
+ #respPacket['CreditCharge'] = 0
+ respPacket['Reserved'] = packet['Reserved']
+ respPacket['SessionID'] = connData['Uid']
+ respPacket['MessageID'] = packet['MessageID']
+ respPacket['TreeID'] = packet['TreeID']
+ respPacket['Data'] = str(respCommand)
+ packetsToSend.append(respPacket)
+ else:
+ # The SMBCommand took care of building the packet
+ packetsToSend = respPackets
+
+ if isSMB2 is True:
+ # Let's build a compound answer
+ finalData = ''
+ i = 0
+ for i in range(len(packetsToSend)-1):
+ packet = packetsToSend[i]
+ # Align to 8-bytes
+ padLen = (8 - (len(packet) % 8) ) % 8
+ packet['NextCommand'] = len(packet) + padLen
+ finalData += str(packet) + padLen*'\x00'
+
+ # Last one
+ finalData += str(packetsToSend[len(packetsToSend)-1])
+ packetsToSend = [finalData]
+
+ # We clear the compound requests
+ connData['LastRequest'] = {}
+
+ return packetsToSend
+
+ def processConfigFile(self, configFile = None):
+ # TODO: Do a real config parser
+ if self.__serverConfig is None:
+ if configFile is None:
+ configFile = 'smb.conf'
+ self.__serverConfig = ConfigParser.ConfigParser()
+ self.__serverConfig.read(configFile)
+
+ self.__serverName = self.__serverConfig.get('global','server_name')
+ self.__serverOS = self.__serverConfig.get('global','server_os')
+ self.__serverDomain = self.__serverConfig.get('global','server_domain')
+ self.__logFile = self.__serverConfig.get('global','log_file')
+ if self.__serverConfig.has_option('global', 'challenge'):
+ self.__challenge = self.__serverConfig.get('global',
'challenge')
+ else:
+ self.__challenge = 'A'*8
+
+ if self.__serverConfig.has_option("global", "jtr_dump_path"):
+ self.__jtr_dump_path = self.__serverConfig.get("global",
"jtr_dump_path")
+
+ if self.__serverConfig.has_option("global", "SMB2Support"):
+ self.__SMB2Support =
self.__serverConfig.getboolean("global","SMB2Support")
+ else:
+ self.__SMB2Support = False
+
+ if self.__logFile != 'None':
+ logging.basicConfig(filename = self.__logFile,
+ level = logging.DEBUG,
+ format="%(asctime)s: %(levelname)s: %(message)s",
+ datefmt = '%m/%d/%Y %I:%M:%S %p')
+ self.__log = LOG
+
+ # Process the credentials
+ credentials_fname =
self.__serverConfig.get('global','credentials_file')
+ if credentials_fname is not "":
+ cred = open(credentials_fname)
+ line = cred.readline()
+ while line:
+ name, domain, lmhash, nthash = line.split(':')
+ self.__credentials[name] = (domain, lmhash,
nthash.strip('\r\n'))
+ line = cred.readline()
+ cred.close()
+ self.log('Config file parsed')
+
+# For windows platforms, opening a directory is not an option, so we set a
void FD
+VOID_FILE_DESCRIPTOR = -1
+PIPE_FILE_DESCRIPTOR = -2
diff --git a/tests/python_dependencies/impacket/spnego.py
b/tests/python_dependencies/impacket/spnego.py
new file mode 100644
index 000000000..f177d18f7
--- /dev/null
+++ b/tests/python_dependencies/impacket/spnego.py
@@ -0,0 +1,372 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+# Author: Alberto Solino (address@hidden)
+#
+# Description:
+# SPNEGO functions used by SMB, SMB2/3 and DCERPC
+#
+
+from struct import pack, unpack, calcsize
+
+############### GSS Stuff ################
+GSS_API_SPNEGO_UUID = '\x2b\x06\x01\x05\x05\x02'
+ASN1_SEQUENCE = 0x30
+ASN1_AID = 0x60
+ASN1_OID = 0x06
+ASN1_OCTET_STRING = 0x04
+ASN1_MECH_TYPE = 0xa0
+ASN1_MECH_TOKEN = 0xa2
+ASN1_SUPPORTED_MECH = 0xa1
+ASN1_RESPONSE_TOKEN = 0xa2
+ASN1_ENUMERATED = 0x0a
+MechTypes = {
+'+\x06\x01\x04\x01\x827\x02\x02\x1e': 'SNMPv2-SMI::enterprises.311.2.2.30',
+'+\x06\x01\x04\x01\x827\x02\x02\n': 'NTLMSSP - Microsoft NTLM Security Support
Provider',
+'*\x86H\x82\xf7\x12\x01\x02\x02': 'MS KRB5 - Microsoft Kerberos 5',
+'*\x86H\x86\xf7\x12\x01\x02\x02': 'KRB5 - Kerberos 5',
+'*\x86H\x86\xf7\x12\x01\x02\x02\x03': 'KRB5 - Kerberos 5 - User to User'
+}
+TypesMech = dict((v,k) for k, v in MechTypes.iteritems())
+
+def asn1encode(data = ''):
+ #res = asn1.SEQUENCE(str).encode()
+ #import binascii
+ #print '\nalex asn1encode str: %s\n' % binascii.hexlify(str)
+ if 0 <= len(data) <= 0x7F:
+ res = pack('B', len(data)) + data
+ elif 0x80 <= len(data) <= 0xFF:
+ res = pack('BB', 0x81, len(data)) + data
+ elif 0x100 <= len(data) <= 0xFFFF:
+ res = pack('!BH', 0x82, len(data)) + data
+ elif 0x10000 <= len(data) <= 0xffffff:
+ res = pack('!BBH', 0x83, len(data) >> 16, len(data) & 0xFFFF) +
data
+ elif 0x1000000 <= len(data) <= 0xffffffff:
+ res = pack('!BL', 0x84, len(data)) + data
+ else:
+ raise Exception('Error in asn1encode')
+ return str(res)
+
+def asn1decode(data = ''):
+ len1 = unpack('B', data[:1])[0]
+ data = data[1:]
+ if len1 == 0x81:
+ pad = calcsize('B')
+ len2 = unpack('B',data[:pad])[0]
+ data = data[pad:]
+ ans = data[:len2]
+ elif len1 == 0x82:
+ pad = calcsize('H')
+ len2 = unpack('!H', data[:pad])[0]
+ data = data[pad:]
+ ans = data[:len2]
+ elif len1 == 0x83:
+ pad = calcsize('B') + calcsize('!H')
+ len2, len3 = unpack('!BH', data[:pad])
+ data = data[pad:]
+ ans = data[:len2 << 16 + len3]
+ elif len1 == 0x84:
+ pad = calcsize('!L')
+ len2 = unpack('!L', data[:pad])[0]
+ data = data[pad:]
+ ans = data[:len2]
+ # 1 byte length, string <= 0x7F
+ else:
+ pad = 0
+ ans = data[:len1]
+ return ans, len(ans)+pad+1
+
+class GSSAPI:
+# Generic GSSAPI Header Format
+ def __init__(self, data = None):
+ self.fields = {}
+ self['UUID'] = GSS_API_SPNEGO_UUID
+ if data:
+ self.fromString(data)
+ pass
+
+ def __setitem__(self,key,value):
+ self.fields[key] = value
+
+ def __getitem__(self, key):
+ return self.fields[key]
+
+ def __delitem__(self, key):
+ del self.fields[key]
+
+ def __len__(self):
+ return len(self.getData())
+
+ def __str__(self):
+ return len(self.getData())
+
+ def fromString(self, data = None):
+ # Manual parse of the GSSAPI Header Format
+ # It should be something like
+ # AID = 0x60 TAG, BER Length
+ # OID = 0x06 TAG
+ # GSSAPI OID
+ # UUID data (BER Encoded)
+ # Payload
+ next_byte = unpack('B',data[:1])[0]
+ if next_byte != ASN1_AID:
+ raise Exception('Unknown AID=%x' % next_byte)
+ data = data[1:]
+ decode_data, total_bytes = asn1decode(data)
+ # Now we should have a OID tag
+ next_byte = unpack('B',decode_data[:1])[0]
+ if next_byte != ASN1_OID:
+ raise Exception('OID tag not found %x' % next_byte)
+ decode_data = decode_data[1:]
+ # Now the OID contents, should be SPNEGO UUID
+ uuid, total_bytes = asn1decode(decode_data)
+ self['OID'] = uuid
+ # the rest should be the data
+ self['Payload'] = decode_data[total_bytes:]
+ #pass
+
+ def dump(self):
+ for i in self.fields.keys():
+ print "%s: {%r}" % (i,self[i])
+
+ def getData(self):
+ ans = pack('B',ASN1_AID)
+ ans += asn1encode(
+ pack('B',ASN1_OID) +
+ asn1encode(self['UUID']) +
+ self['Payload'] )
+ return ans
+
+class SPNEGO_NegTokenResp:
+ # http://tools.ietf.org/html/rfc4178#page-9
+ # NegTokenResp ::= SEQUENCE {
+ # negState [0] ENUMERATED {
+ # accept-completed (0),
+ # accept-incomplete (1),
+ # reject (2),
+ # request-mic (3)
+ # } OPTIONAL,
+ # -- REQUIRED in the first reply from the target
+ # supportedMech [1] MechType OPTIONAL,
+ # -- present only in the first reply from the target
+ # responseToken [2] OCTET STRING OPTIONAL,
+ # mechListMIC [3] OCTET STRING OPTIONAL,
+ # ...
+ # }
+ # This structure is not prepended by a GSS generic header!
+ SPNEGO_NEG_TOKEN_RESP = 0xa1
+ SPNEGO_NEG_TOKEN_TARG = 0xa0
+
+ def __init__(self, data = None):
+ self.fields = {}
+ if data:
+ self.fromString(data)
+ pass
+
+ def __setitem__(self,key,value):
+ self.fields[key] = value
+
+ def __getitem__(self, key):
+ return self.fields[key]
+
+ def __delitem__(self, key):
+ del self.fields[key]
+
+ def __len__(self):
+ return len(self.getData())
+
+ def __str__(self):
+ return len(self.getData())
+
+ def fromString(self, data = 0):
+ payload = data
+ next_byte = unpack('B', payload[:1])[0]
+ if next_byte != SPNEGO_NegTokenResp.SPNEGO_NEG_TOKEN_RESP:
+ raise Exception('NegTokenResp not found %x' % next_byte)
+ payload = payload[1:]
+ decode_data, total_bytes = asn1decode(payload)
+ next_byte = unpack('B', decode_data[:1])[0]
+ if next_byte != ASN1_SEQUENCE:
+ raise Exception('SEQUENCE tag not found %x' % next_byte)
+ decode_data = decode_data[1:]
+ decode_data, total_bytes = asn1decode(decode_data)
+ next_byte = unpack('B',decode_data[:1])[0]
+
+ if next_byte != ASN1_MECH_TYPE:
+ # MechType not found, could be an AUTH answer
+ if next_byte != ASN1_RESPONSE_TOKEN:
+ raise Exception('MechType/ResponseToken tag not found %x' %
next_byte)
+ else:
+ decode_data2 = decode_data[1:]
+ decode_data2, total_bytes = asn1decode(decode_data2)
+ next_byte = unpack('B', decode_data2[:1])[0]
+ if next_byte != ASN1_ENUMERATED:
+ raise Exception('Enumerated tag not found %x' % next_byte)
+ item, total_bytes2 = asn1decode(decode_data)
+ self['NegResult'] = item
+ decode_data = decode_data[1:]
+ decode_data = decode_data[total_bytes:]
+
+ # Do we have more data?
+ if len(decode_data) == 0:
+ return
+
+ next_byte = unpack('B', decode_data[:1])[0]
+ if next_byte != ASN1_SUPPORTED_MECH:
+ if next_byte != ASN1_RESPONSE_TOKEN:
+ raise Exception('Supported Mech/ResponseToken tag not
found %x' % next_byte)
+ else:
+ decode_data2 = decode_data[1:]
+ decode_data2, total_bytes = asn1decode(decode_data2)
+ next_byte = unpack('B', decode_data2[:1])[0]
+ if next_byte != ASN1_OID:
+ raise Exception('OID tag not found %x' % next_byte)
+ decode_data2 = decode_data2[1:]
+ item, total_bytes2 = asn1decode(decode_data2)
+ self['SuportedMech'] = item
+
+ decode_data = decode_data[1:]
+ decode_data = decode_data[total_bytes:]
+ next_byte = unpack('B', decode_data[:1])[0]
+ if next_byte != ASN1_RESPONSE_TOKEN:
+ raise Exception('Response token tag not found %x' %
next_byte)
+
+ decode_data = decode_data[1:]
+ decode_data, total_bytes = asn1decode(decode_data)
+ next_byte = unpack('B', decode_data[:1])[0]
+ if next_byte != ASN1_OCTET_STRING:
+ raise Exception('Octet string token tag not found %x' % next_byte)
+ decode_data = decode_data[1:]
+ decode_data, total_bytes = asn1decode(decode_data)
+ self['ResponseToken'] = decode_data
+
+ def dump(self):
+ for i in self.fields.keys():
+ print "%s: {%r}" % (i,self[i])
+
+ def getData(self):
+ ans = pack('B',SPNEGO_NegTokenResp.SPNEGO_NEG_TOKEN_RESP)
+ if self.fields.has_key('NegResult') and
self.fields.has_key('SupportedMech'):
+ # Server resp
+ ans += asn1encode(
+ pack('B', ASN1_SEQUENCE) +
+ asn1encode(
+ pack('B',SPNEGO_NegTokenResp.SPNEGO_NEG_TOKEN_TARG) +
+ asn1encode(
+ pack('B',ASN1_ENUMERATED) +
+ asn1encode( self['NegResult'] )) +
+ pack('B',ASN1_SUPPORTED_MECH) +
+ asn1encode(
+ pack('B',ASN1_OID) +
+ asn1encode(self['SupportedMech'])) +
+ pack('B',ASN1_RESPONSE_TOKEN ) +
+ asn1encode(
+ pack('B', ASN1_OCTET_STRING) +
asn1encode(self['ResponseToken']))))
+ elif self.fields.has_key('NegResult'):
+ # Server resp
+ ans += asn1encode(
+ pack('B', ASN1_SEQUENCE) +
+ asn1encode(
+ pack('B', SPNEGO_NegTokenResp.SPNEGO_NEG_TOKEN_TARG) +
+ asn1encode(
+ pack('B',ASN1_ENUMERATED) +
+ asn1encode( self['NegResult'] ))))
+ else:
+ # Client resp
+ ans += asn1encode(
+ pack('B', ASN1_SEQUENCE) +
+ asn1encode(
+ pack('B', ASN1_RESPONSE_TOKEN) +
+ asn1encode(
+ pack('B', ASN1_OCTET_STRING) +
asn1encode(self['ResponseToken']))))
+ return ans
+
+class SPNEGO_NegTokenInit(GSSAPI):
+ # http://tools.ietf.org/html/rfc4178#page-8
+ # NegTokeInit :: = SEQUENCE {
+ # mechTypes [0] MechTypeList,
+ # reqFlags [1] ContextFlags OPTIONAL,
+ # mechToken [2] OCTET STRING OPTIONAL,
+ # mechListMIC [3] OCTET STRING OPTIONAL,
+ # }
+ SPNEGO_NEG_TOKEN_INIT = 0xa0
+ def fromString(self, data = 0):
+ GSSAPI.fromString(self, data)
+ payload = self['Payload']
+ next_byte = unpack('B', payload[:1])[0]
+ if next_byte != SPNEGO_NegTokenInit.SPNEGO_NEG_TOKEN_INIT:
+ raise Exception('NegTokenInit not found %x' % next_byte)
+ payload = payload[1:]
+ decode_data, total_bytes = asn1decode(payload)
+ # Now we should have a SEQUENCE Tag
+ next_byte = unpack('B', decode_data[:1])[0]
+ if next_byte != ASN1_SEQUENCE:
+ raise Exception('SEQUENCE tag not found %x' % next_byte)
+ decode_data = decode_data[1:]
+ decode_data, total_bytes2 = asn1decode(decode_data)
+ next_byte = unpack('B',decode_data[:1])[0]
+ if next_byte != ASN1_MECH_TYPE:
+ raise Exception('MechType tag not found %x' % next_byte)
+ decode_data = decode_data[1:]
+ remaining_data = decode_data
+ decode_data, total_bytes3 = asn1decode(decode_data)
+ next_byte = unpack('B', decode_data[:1])[0]
+ if next_byte != ASN1_SEQUENCE:
+ raise Exception('SEQUENCE tag not found %x' % next_byte)
+ decode_data = decode_data[1:]
+ decode_data, total_bytes4 = asn1decode(decode_data)
+ # And finally we should have the MechTypes
+ self['MechTypes'] = []
+ while decode_data:
+ next_byte = unpack('B', decode_data[:1])[0]
+ if next_byte != ASN1_OID:
+ # Not a valid OID, there must be something else we won't unpack
+ break
+ decode_data = decode_data[1:]
+ item, total_bytes = asn1decode(decode_data)
+ self['MechTypes'].append(item)
+ decode_data = decode_data[total_bytes:]
+
+ # Do we have MechTokens as well?
+ decode_data = remaining_data[total_bytes3:]
+ if len(decode_data) > 0:
+ next_byte = unpack('B', decode_data[:1])[0]
+ if next_byte == ASN1_MECH_TOKEN:
+ # We have tokens in here!
+ decode_data = decode_data[1:]
+ decode_data, total_bytes = asn1decode(decode_data)
+ next_byte = unpack('B', decode_data[:1])[0]
+ if next_byte == ASN1_OCTET_STRING:
+ decode_data = decode_data[1:]
+ decode_data, total_bytes = asn1decode(decode_data)
+ self['MechToken'] = decode_data
+
+ def getData(self):
+ mechTypes = ''
+ for i in self['MechTypes']:
+ mechTypes += pack('B', ASN1_OID)
+ mechTypes += asn1encode(i)
+
+ mechToken = ''
+ # Do we have tokens to send?
+ if self.fields.has_key('MechToken'):
+ mechToken = pack('B', ASN1_MECH_TOKEN) + asn1encode(
+ pack('B', ASN1_OCTET_STRING) + asn1encode(
+ self['MechToken']))
+
+ ans = pack('B',SPNEGO_NegTokenInit.SPNEGO_NEG_TOKEN_INIT)
+ ans += asn1encode(
+ pack('B', ASN1_SEQUENCE) +
+ asn1encode(
+ pack('B', ASN1_MECH_TYPE) +
+ asn1encode(
+ pack('B', ASN1_SEQUENCE) +
+ asn1encode(mechTypes)) + mechToken ))
+
+
+ self['Payload'] = ans
+ return GSSAPI.getData(self)
+
diff --git a/tests/python_dependencies/impacket/structure.py
b/tests/python_dependencies/impacket/structure.py
new file mode 100644
index 000000000..7a04117ff
--- /dev/null
+++ b/tests/python_dependencies/impacket/structure.py
@@ -0,0 +1,743 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+
+from struct import pack, unpack, calcsize
+
+class Structure:
+ """ sublcasses can define commonHdr and/or structure.
+ each of them is an tuple of either two: (fieldName, format) or three:
(fieldName, ':', class) fields.
+ [it can't be a dictionary, because order is important]
+
+ where format specifies how the data in the field will be converted
to/from bytes (string)
+ class is the class to use when unpacking ':' fields.
+
+ each field can only contain one value (or an array of values for *)
+ i.e. struct.pack('Hl',1,2) is valid, but format specifier 'Hl' is
not (you must use 2 dfferent fields)
+
+ format specifiers:
+ specifiers from module pack can be used with the same format
+ see struct.__doc__ (pack/unpack is finally called)
+ x [padding byte]
+ c [character]
+ b [signed byte]
+ B [unsigned byte]
+ h [signed short]
+ H [unsigned short]
+ l [signed long]
+ L [unsigned long]
+ i [signed integer]
+ I [unsigned integer]
+ q [signed long long (quad)]
+ Q [unsigned long long (quad)]
+ s [string (array of chars), must be preceded with length in
format specifier, padded with zeros]
+ p [pascal string (includes byte count), must be preceded
with length in format specifier, padded with zeros]
+ f [float]
+ d [double]
+ = [native byte ordering, size and alignment]
+ @ [native byte ordering, standard size and alignment]
+ ! [network byte ordering]
+ < [little endian]
+ > [big endian]
+
+ usual printf like specifiers can be used (if started with %)
+ [not recommeneded, there is no why to unpack this]
+
+ %08x will output an 8 bytes hex
+ %s will output a string
+ %s\\x00 will output a NUL terminated string
+ %d%d will output 2 decimal digits (against the very same
specification of Structure)
+ ...
+
+ some additional format specifiers:
+ : just copy the bytes from the field into the output string
(input may be string, other structure, or anything responding to __str__())
(for unpacking, all what's left is returned)
+ z same as :, but adds a NUL byte at the end (asciiz) (for
unpacking the first NUL byte is used as terminator) [asciiz string]
+ u same as z, but adds two NUL bytes at the end (after
padding to an even size with NULs). (same for unpacking) [unicode string]
+ w DCE-RPC/NDR string (it's a macro for [
'<L=(len(field)+1)/2','"\\x00\\x00\\x00\\x00','<L=(len(field)+1)/2',':' ]
+ ?-field length of field named 'field', formated as specified with
? ('?' may be '!H' for example). The input value overrides the real length
+ ?1*?2 array of elements. Each formated as '?2', the number of
elements in the array is stored as specified by '?1' (?1 is optional, or can
also be a constant (number), for unpacking)
+ 'xxxx literal xxxx (field's value doesn't change the output.
quotes must not be closed or escaped)
+ "xxxx literal xxxx (field's value doesn't change the output.
quotes must not be closed or escaped)
+ _ will not pack the field. Accepts a third argument, which
is an unpack code. See _Test_UnpackCode for an example
+ ?=packcode will evaluate packcode in the context of the
structure, and pack the result as specified by ?. Unpacking is made plain
+ ?&fieldname "Address of field fieldname".
+ For packing it will simply pack the id() of fieldname.
Or use 0 if fieldname doesn't exists.
+ For unpacking, it's used to know weather fieldname has
to be unpacked or not, i.e. by adding a & field you turn another field
(fieldname) in an optional field.
+
+ """
+ commonHdr = ()
+ structure = ()
+ debug = 0
+
+ def __init__(self, data = None, alignment = 0):
+ if not hasattr(self, 'alignment'):
+ self.alignment = alignment
+
+ self.fields = {}
+ self.rawData = data
+ if data is not None:
+ self.fromString(data)
+ else:
+ self.data = None
+
+ @classmethod
+ def fromFile(self, file):
+ answer = self()
+ answer.fromString(file.read(len(answer)))
+ return answer
+
+ def setAlignment(self, alignment):
+ self.alignment = alignment
+
+ def setData(self, data):
+ self.data = data
+
+ def packField(self, fieldName, format = None):
+ if self.debug:
+ print "packField( %s | %s )" % (fieldName, format)
+
+ if format is None:
+ format = self.formatForField(fieldName)
+
+ if self.fields.has_key(fieldName):
+ ans = self.pack(format, self.fields[fieldName], field = fieldName)
+ else:
+ ans = self.pack(format, None, field = fieldName)
+
+ if self.debug:
+ print "\tanswer %r" % ans
+
+ return ans
+
+ def getData(self):
+ if self.data is not None:
+ return self.data
+ data = ''
+ for field in self.commonHdr+self.structure:
+ try:
+ data += self.packField(field[0], field[1])
+ except Exception, e:
+ if self.fields.has_key(field[0]):
+ e.args += ("When packing field '%s | %s | %r' in %s" %
(field[0], field[1], self[field[0]], self.__class__),)
+ else:
+ e.args += ("When packing field '%s | %s' in %s" %
(field[0], field[1], self.__class__),)
+ raise
+ if self.alignment:
+ if len(data) % self.alignment:
+ data += ('\x00'*self.alignment)[:-(len(data) %
self.alignment)]
+
+ #if len(data) % self.alignment: data +=
('\x00'*self.alignment)[:-(len(data) % self.alignment)]
+ return data
+
+ def fromString(self, data):
+ self.rawData = data
+ for field in self.commonHdr+self.structure:
+ if self.debug:
+ print "fromString( %s | %s | %r )" % (field[0], field[1], data)
+ size = self.calcUnpackSize(field[1], data, field[0])
+ if self.debug:
+ print " size = %d" % size
+ dataClassOrCode = str
+ if len(field) > 2:
+ dataClassOrCode = field[2]
+ try:
+ self[field[0]] = self.unpack(field[1], data[:size],
dataClassOrCode = dataClassOrCode, field = field[0])
+ except Exception,e:
+ e.args += ("When unpacking field '%s | %s | %r[:%d]'" %
(field[0], field[1], data, size),)
+ raise
+
+ size = self.calcPackSize(field[1], self[field[0]], field[0])
+ if self.alignment and size % self.alignment:
+ size += self.alignment - (size % self.alignment)
+ data = data[size:]
+
+ return self
+
+ def __setitem__(self, key, value):
+ self.fields[key] = value
+ self.data = None # force recompute
+
+ def __getitem__(self, key):
+ return self.fields[key]
+
+ def __delitem__(self, key):
+ del self.fields[key]
+
+ def __str__(self):
+ return self.getData()
+
+ def __len__(self):
+ # XXX: improve
+ return len(self.getData())
+
+ def pack(self, format, data, field = None):
+ if self.debug:
+ print " pack( %s | %r | %s)" % (format, data, field)
+
+ if field:
+ addressField = self.findAddressFieldFor(field)
+ if (addressField is not None) and (data is None):
+ return ''
+
+ # void specifier
+ if format[:1] == '_':
+ return ''
+
+ # quote specifier
+ if format[:1] == "'" or format[:1] == '"':
+ return format[1:]
+
+ # code specifier
+ two = format.split('=')
+ if len(two) >= 2:
+ try:
+ return self.pack(two[0], data)
+ except:
+ fields = {'self':self}
+ fields.update(self.fields)
+ return self.pack(two[0], eval(two[1], {}, fields))
+
+ # address specifier
+ two = format.split('&')
+ if len(two) == 2:
+ try:
+ return self.pack(two[0], data)
+ except:
+ if (self.fields.has_key(two[1])) and (self[two[1]] is not
None):
+ return self.pack(two[0], id(self[two[1]]) &
((1<<(calcsize(two[0])*8))-1) )
+ else:
+ return self.pack(two[0], 0)
+
+ # length specifier
+ two = format.split('-')
+ if len(two) == 2:
+ try:
+ return self.pack(two[0],data)
+ except:
+ return self.pack(two[0], self.calcPackFieldSize(two[1]))
+
+ # array specifier
+ two = format.split('*')
+ if len(two) == 2:
+ answer = ''
+ for each in data:
+ answer += self.pack(two[1], each)
+ if two[0]:
+ if two[0].isdigit():
+ if int(two[0]) != len(data):
+ raise Exception, "Array field has a constant size, and
it doesn't match the actual value"
+ else:
+ return self.pack(two[0], len(data))+answer
+ return answer
+
+ # "printf" string specifier
+ if format[:1] == '%':
+ # format string like specifier
+ return format % data
+
+ # asciiz specifier
+ if format[:1] == 'z':
+ return str(data)+'\0'
+
+ # unicode specifier
+ if format[:1] == 'u':
+ return str(data)+'\0\0' + (len(data) & 1 and '\0' or '')
+
+ # DCE-RPC/NDR string specifier
+ if format[:1] == 'w':
+ if len(data) == 0:
+ data = '\0\0'
+ elif len(data) % 2:
+ data += '\0'
+ l = pack('<L', len(data)/2)
+ return '%s\0\0\0\0%s%s' % (l,l,data)
+
+ if data is None:
+ raise Exception, "Trying to pack None"
+
+ # literal specifier
+ if format[:1] == ':':
+ return str(data)
+
+ # struct like specifier
+ return pack(format, data)
+
+ def unpack(self, format, data, dataClassOrCode = str, field = None):
+ if self.debug:
+ print " unpack( %s | %r )" % (format, data)
+
+ if field:
+ addressField = self.findAddressFieldFor(field)
+ if addressField is not None:
+ if not self[addressField]:
+ return
+
+ # void specifier
+ if format[:1] == '_':
+ if dataClassOrCode != str:
+ fields = {'self':self, 'inputDataLeft':data}
+ fields.update(self.fields)
+ return eval(dataClassOrCode, {}, fields)
+ else:
+ return None
+
+ # quote specifier
+ if format[:1] == "'" or format[:1] == '"':
+ answer = format[1:]
+ if answer != data:
+ raise Exception, "Unpacked data doesn't match constant value
'%r' should be '%r'" % (data, answer)
+ return answer
+
+ # address specifier
+ two = format.split('&')
+ if len(two) == 2:
+ return self.unpack(two[0],data)
+
+ # code specifier
+ two = format.split('=')
+ if len(two) >= 2:
+ return self.unpack(two[0],data)
+
+ # length specifier
+ two = format.split('-')
+ if len(two) == 2:
+ return self.unpack(two[0],data)
+
+ # array specifier
+ two = format.split('*')
+ if len(two) == 2:
+ answer = []
+ sofar = 0
+ if two[0].isdigit():
+ number = int(two[0])
+ elif two[0]:
+ sofar += self.calcUnpackSize(two[0], data)
+ number = self.unpack(two[0], data[:sofar])
+ else:
+ number = -1
+
+ while number and sofar < len(data):
+ nsofar = sofar + self.calcUnpackSize(two[1],data[sofar:])
+ answer.append(self.unpack(two[1], data[sofar:nsofar],
dataClassOrCode))
+ number -= 1
+ sofar = nsofar
+ return answer
+
+ # "printf" string specifier
+ if format[:1] == '%':
+ # format string like specifier
+ return format % data
+
+ # asciiz specifier
+ if format == 'z':
+ if data[-1] != '\x00':
+ raise Exception, ("%s 'z' field is not NUL terminated: %r" %
(field, data))
+ return data[:-1] # remove trailing NUL
+
+ # unicode specifier
+ if format == 'u':
+ if data[-2:] != '\x00\x00':
+ raise Exception, ("%s 'u' field is not NUL-NUL terminated: %r"
% (field, data))
+ return data[:-2] # remove trailing NUL
+
+ # DCE-RPC/NDR string specifier
+ if format == 'w':
+ l = unpack('<L', data[:4])[0]
+ return data[12:12+l*2]
+
+ # literal specifier
+ if format == ':':
+ return dataClassOrCode(data)
+
+ # struct like specifier
+ return unpack(format, data)[0]
+
+ def calcPackSize(self, format, data, field = None):
+# # print " calcPackSize %s:%r" % (format, data)
+ if field:
+ addressField = self.findAddressFieldFor(field)
+ if addressField is not None:
+ if not self[addressField]:
+ return 0
+
+ # void specifier
+ if format[:1] == '_':
+ return 0
+
+ # quote specifier
+ if format[:1] == "'" or format[:1] == '"':
+ return len(format)-1
+
+ # address specifier
+ two = format.split('&')
+ if len(two) == 2:
+ return self.calcPackSize(two[0], data)
+
+ # code specifier
+ two = format.split('=')
+ if len(two) >= 2:
+ return self.calcPackSize(two[0], data)
+
+ # length specifier
+ two = format.split('-')
+ if len(two) == 2:
+ return self.calcPackSize(two[0], data)
+
+ # array specifier
+ two = format.split('*')
+ if len(two) == 2:
+ answer = 0
+ if two[0].isdigit():
+ if int(two[0]) != len(data):
+ raise Exception, "Array field has a constant size, and
it doesn't match the actual value"
+ elif two[0]:
+ answer += self.calcPackSize(two[0], len(data))
+
+ for each in data:
+ answer += self.calcPackSize(two[1], each)
+ return answer
+
+ # "printf" string specifier
+ if format[:1] == '%':
+ # format string like specifier
+ return len(format % data)
+
+ # asciiz specifier
+ if format[:1] == 'z':
+ return len(data)+1
+
+ # asciiz specifier
+ if format[:1] == 'u':
+ l = len(data)
+ return l + (l & 1 and 3 or 2)
+
+ # DCE-RPC/NDR string specifier
+ if format[:1] == 'w':
+ l = len(data)
+ return 12+l+l % 2
+
+ # literal specifier
+ if format[:1] == ':':
+ return len(data)
+
+ # struct like specifier
+ return calcsize(format)
+
+ def calcUnpackSize(self, format, data, field = None):
+ if self.debug:
+ print " calcUnpackSize( %s | %s | %r)" % (field, format, data)
+
+ # void specifier
+ if format[:1] == '_':
+ return 0
+
+ addressField = self.findAddressFieldFor(field)
+ if addressField is not None:
+ if not self[addressField]:
+ return 0
+
+ try:
+ lengthField = self.findLengthFieldFor(field)
+ return self[lengthField]
+ except:
+ pass
+
+ # XXX: Try to match to actual values, raise if no match
+
+ # quote specifier
+ if format[:1] == "'" or format[:1] == '"':
+ return len(format)-1
+
+ # address specifier
+ two = format.split('&')
+ if len(two) == 2:
+ return self.calcUnpackSize(two[0], data)
+
+ # code specifier
+ two = format.split('=')
+ if len(two) >= 2:
+ return self.calcUnpackSize(two[0], data)
+
+ # length specifier
+ two = format.split('-')
+ if len(two) == 2:
+ return self.calcUnpackSize(two[0], data)
+
+ # array specifier
+ two = format.split('*')
+ if len(two) == 2:
+ answer = 0
+ if two[0]:
+ if two[0].isdigit():
+ number = int(two[0])
+ else:
+ answer += self.calcUnpackSize(two[0], data)
+ number = self.unpack(two[0], data[:answer])
+
+ while number:
+ number -= 1
+ answer += self.calcUnpackSize(two[1], data[answer:])
+ else:
+ while answer < len(data):
+ answer += self.calcUnpackSize(two[1], data[answer:])
+ return answer
+
+ # "printf" string specifier
+ if format[:1] == '%':
+ raise Exception, "Can't guess the size of a printf like specifier
for unpacking"
+
+ # asciiz specifier
+ if format[:1] == 'z':
+ return data.index('\x00')+1
+
+ # asciiz specifier
+ if format[:1] == 'u':
+ l = data.index('\x00\x00')
+ return l + (l & 1 and 3 or 2)
+
+ # DCE-RPC/NDR string specifier
+ if format[:1] == 'w':
+ l = unpack('<L', data[:4])[0]
+ return 12+l*2
+
+ # literal specifier
+ if format[:1] == ':':
+ return len(data)
+
+ # struct like specifier
+ return calcsize(format)
+
+ def calcPackFieldSize(self, fieldName, format = None):
+ if format is None:
+ format = self.formatForField(fieldName)
+
+ return self.calcPackSize(format, self[fieldName])
+
+ def formatForField(self, fieldName):
+ for field in self.commonHdr+self.structure:
+ if field[0] == fieldName:
+ return field[1]
+ raise Exception, ("Field %s not found" % fieldName)
+
+ def findAddressFieldFor(self, fieldName):
+ descriptor = '&%s' % fieldName
+ l = len(descriptor)
+ for field in self.commonHdr+self.structure:
+ if field[1][-l:] == descriptor:
+ return field[0]
+ return None
+
+ def findLengthFieldFor(self, fieldName):
+ descriptor = '-%s' % fieldName
+ l = len(descriptor)
+ for field in self.commonHdr+self.structure:
+ if field[1][-l:] == descriptor:
+ return field[0]
+ return None
+
+ def zeroValue(self, format):
+ two = format.split('*')
+ if len(two) == 2:
+ if two[0].isdigit():
+ return (self.zeroValue(two[1]),)*int(two[0])
+
+ if not format.find('*') == -1: return ()
+ if 's' in format: return ''
+ if format in ['z',':','u']: return ''
+ if format == 'w': return '\x00\x00'
+
+ return 0
+
+ def clear(self):
+ for field in self.commonHdr + self.structure:
+ self[field[0]] = self.zeroValue(field[1])
+
+ def dump(self, msg = None, indent = 0):
+ if msg is None: msg = self.__class__.__name__
+ ind = ' '*indent
+ print "\n%s" % msg
+ fixedFields = []
+ for field in self.commonHdr+self.structure:
+ i = field[0]
+ if i in self.fields:
+ fixedFields.append(i)
+ if isinstance(self[i], Structure):
+ self[i].dump('%s%s:{' % (ind,i), indent = indent + 4)
+ print "%s}" % ind
+ else:
+ print "%s%s: {%r}" % (ind,i,self[i])
+ # Do we have remaining fields not defined in the structures? let's
+ # print them
+ remainingFields = list(set(self.fields) - set(fixedFields))
+ for i in remainingFields:
+ if isinstance(self[i], Structure):
+ self[i].dump('%s%s:{' % (ind,i), indent = indent + 4)
+ print "%s}" % ind
+ else:
+ print "%s%s: {%r}" % (ind,i,self[i])
+
+
+class _StructureTest:
+ alignment = 0
+ def create(self,data = None):
+ if data is not None:
+ return self.theClass(data, alignment = self.alignment)
+ else:
+ return self.theClass(alignment = self.alignment)
+
+ def run(self):
+ print
+ print "-"*70
+ testName = self.__class__.__name__
+ print "starting test: %s....." % testName
+ a = self.create()
+ self.populate(a)
+ a.dump("packing.....")
+ a_str = str(a)
+ print "packed: %r" % a_str
+ print "unpacking....."
+ b = self.create(a_str)
+ b.dump("unpacked.....")
+ print "repacking....."
+ b_str = str(b)
+ if b_str != a_str:
+ print "ERROR: original packed and repacked don't match"
+ print "packed: %r" % b_str
+
+class _Test_simple(_StructureTest):
+ class theClass(Structure):
+ commonHdr = ()
+ structure = (
+ ('int1', '!L'),
+ ('len1','!L-z1'),
+ ('arr1','B*<L'),
+ ('z1', 'z'),
+ ('u1','u'),
+ ('', '"COCA'),
+ ('len2','!H-:1'),
+ ('', '"COCA'),
+ (':1', ':'),
+ ('int3','>L'),
+ ('code1','>L=len(arr1)*2+0x1000'),
+ )
+
+ def populate(self, a):
+ a['default'] = 'hola'
+ a['int1'] = 0x3131
+ a['int3'] = 0x45444342
+ a['z1'] = 'hola'
+ a['u1'] = 'hola'.encode('utf_16_le')
+ a[':1'] = ':1234:'
+ a['arr1'] = (0x12341234,0x88990077,0x41414141)
+ # a['len1'] = 0x42424242
+
+class _Test_fixedLength(_Test_simple):
+ def populate(self, a):
+ _Test_simple.populate(self, a)
+ a['len1'] = 0x42424242
+
+class _Test_simple_aligned4(_Test_simple):
+ alignment = 4
+
+class _Test_nested(_StructureTest):
+ class theClass(Structure):
+ class _Inner(Structure):
+ structure = (('data', 'z'),)
+
+ structure = (
+ ('nest1', ':', _Inner),
+ ('nest2', ':', _Inner),
+ ('int', '<L'),
+ )
+
+ def populate(self, a):
+ a['nest1'] = _Test_nested.theClass._Inner()
+ a['nest2'] = _Test_nested.theClass._Inner()
+ a['nest1']['data'] = 'hola manola'
+ a['nest2']['data'] = 'chau loco'
+ a['int'] = 0x12345678
+
+class _Test_Optional(_StructureTest):
+ class theClass(Structure):
+ structure = (
+ ('pName','<L&Name'),
+ ('pList','<L&List'),
+ ('Name','w'),
+ ('List','<H*<L'),
+ )
+
+ def populate(self, a):
+ a['Name'] = 'Optional test'
+ a['List'] = (1,2,3,4)
+
+class _Test_Optional_sparse(_Test_Optional):
+ def populate(self, a):
+ _Test_Optional.populate(self, a)
+ del a['Name']
+
+class _Test_AsciiZArray(_StructureTest):
+ class theClass(Structure):
+ structure = (
+ ('head','<L'),
+ ('array','B*z'),
+ ('tail','<L'),
+ )
+
+ def populate(self, a):
+ a['head'] = 0x1234
+ a['tail'] = 0xabcd
+ a['array'] = ('hola','manola','te traje')
+
+class _Test_UnpackCode(_StructureTest):
+ class theClass(Structure):
+ structure = (
+ ('leni','<L=len(uno)*2'),
+ ('cuchi','_-uno','leni/2'),
+ ('uno',':'),
+ ('dos',':'),
+ )
+
+ def populate(self, a):
+ a['uno'] = 'soy un loco!'
+ a['dos'] = 'que haces fiera'
+
+class _Test_AAA(_StructureTest):
+ class theClass(Structure):
+ commonHdr = ()
+ structure = (
+ ('iv', '!L=((init_vector & 0xFFFFFF) << 8) | ((pad & 0x3f) << 2) |
(keyid & 3)'),
+ ('init_vector', '_','(iv >> 8)'),
+ ('pad', '_','((iv >>2) & 0x3F)'),
+ ('keyid', '_','( iv & 0x03 )'),
+ ('dataLen', '_-data', 'len(inputDataLeft)-4'),
+ ('data',':'),
+ ('icv','>L'),
+ )
+
+ def populate(self, a):
+ a['init_vector']=0x01020304
+ #a['pad']=int('01010101',2)
+ a['pad']=int('010101',2)
+ a['keyid']=0x07
+ a['data']="\xA0\xA1\xA2\xA3\xA4\xA5\xA6\xA7\xA8\xA9"
+ a['icv'] = 0x05060708
+ #a['iv'] = 0x01020304
+
+if __name__ == '__main__':
+ _Test_simple().run()
+
+ try:
+ _Test_fixedLength().run()
+ except:
+ print "cannot repack because length is bogus"
+
+ _Test_simple_aligned4().run()
+ _Test_nested().run()
+ _Test_Optional().run()
+ _Test_Optional_sparse().run()
+ _Test_AsciiZArray().run()
+ _Test_UnpackCode().run()
+ _Test_AAA().run()
diff --git a/tests/python_dependencies/impacket/uuid.py
b/tests/python_dependencies/impacket/uuid.py
new file mode 100644
index 000000000..fb4d7b3a0
--- /dev/null
+++ b/tests/python_dependencies/impacket/uuid.py
@@ -0,0 +1,68 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+# Description:
+# Generate UUID compliant with
http://www.webdav.org/specs/draft-leach-uuids-guids-01.txt.
+# A different, much simpler (not necessarily better) algorithm is used.
+#
+# Author:
+# Javier Kohen (jkohen)
+#
+
+import re
+
+from random import randrange
+from struct import pack, unpack
+
+def generate():
+ # UHm... crappy Python has an maximum integer of 2**31-1.
+ top = (1L<<31)-1
+ return pack("IIII", randrange(top), randrange(top), randrange(top),
randrange(top))
+
+def bin_to_string(uuid):
+ uuid1, uuid2, uuid3 = unpack('<LHH', uuid[:8])
+ uuid4, uuid5, uuid6 = unpack('>HHL', uuid[8:16])
+ return '%08X-%04X-%04X-%04X-%04X%08X' % (uuid1, uuid2, uuid3, uuid4,
uuid5, uuid6)
+
+def string_to_bin(uuid):
+ matches =
re.match('([\dA-Fa-f]{8})-([\dA-Fa-f]{4})-([\dA-Fa-f]{4})-([\dA-Fa-f]{4})-([\dA-Fa-f]{4})([\dA-Fa-f]{8})',
uuid)
+ (uuid1, uuid2, uuid3, uuid4, uuid5, uuid6) = map(lambda x: long(x, 16),
matches.groups())
+ uuid = pack('<LHH', uuid1, uuid2, uuid3)
+ uuid += pack('>HHL', uuid4, uuid5, uuid6)
+ return uuid
+
+def stringver_to_bin(s):
+ (maj,min) = s.split('.')
+ return pack('<H',int(maj)) + pack('<H',int(min))
+
+def uuidtup_to_bin(tup):
+ if len(tup) != 2: return
+ return string_to_bin(tup[0]) + stringver_to_bin(tup[1])
+
+def bin_to_uuidtup(bin):
+ assert len(bin) == 20
+ uuidstr = bin_to_string(bin[:16])
+ maj, min = unpack("<HH", bin[16:])
+ return uuidstr, "%d.%d" % (maj, min)
+
+#input: string
+#output: tuple (uuid,version)
+#if version is not found in the input string "1.0" is returned
+#example:
+# "00000000-0000-0000-0000-000000000000 3.0" returns
('00000000-0000-0000-0000-000000000000','3.0')
+# "10000000-2000-3000-4000-500000000000 version 3.0" returns
('00000000-0000-0000-0000-000000000000','3.0')
+# "10000000-2000-3000-4000-500000000000 v 3.0" returns
('00000000-0000-0000-0000-000000000000','3.0')
+# "10000000-2000-3000-4000-500000000000" returns
('00000000-0000-0000-0000-000000000000','1.0')
+def string_to_uuidtup(s):
+ g =
re.search("([A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}).*?([0-9]{1,5}\.[0-9]{1,5})",s+"
1.0")
+ if g:
+ (u,v) = g.groups()
+ return (u,v)
+ return
+
+def uuidtup_to_string(tup):
+ uuid, (maj, min) = tup
+ return "%s v%d.%d" % (uuid, maj, min)
diff --git a/tests/python_dependencies/impacket/version.py
b/tests/python_dependencies/impacket/version.py
new file mode 100644
index 000000000..badd4a8a4
--- /dev/null
+++ b/tests/python_dependencies/impacket/version.py
@@ -0,0 +1,12 @@
+# Copyright (c) 2003-2016 CORE Security Technologies
+#
+# This software is provided under under a slightly modified version
+# of the Apache Software License. See the accompanying LICENSE file
+# for more information.
+#
+
+VER_MAJOR = "0"
+VER_MINOR = "9.15"
+
+BANNER = "Impacket v%s.%s - Copyright 2002-2016 Core Security Technologies\n"
% (VER_MAJOR,VER_MINOR)
+
diff --git a/tests/rtspserver.pl b/tests/rtspserver.pl
index bddccb919..02d2f9f90 100755
--- a/tests/rtspserver.pl
+++ b/tests/rtspserver.pl
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2010, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -37,7 +37,7 @@ use serverhelp qw(
my $verbose = 0; # set to 1 for debugging
my $port = 8990; # just a default
my $ipvnum = 4; # default IP version of rtsp server
-my $idnum = 1; # dafault rtsp server instance number
+my $idnum = 1; # default rtsp server instance number
my $proto = 'rtsp'; # protocol the rtsp server speaks
my $pidfile; # rtsp server pid file
my $logfile; # rtsp server log file
diff --git a/tests/runtests.1 b/tests/runtests.1
index 5576b2fd8..18ddce483 100644
--- a/tests/runtests.1
+++ b/tests/runtests.1
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -76,6 +76,8 @@ Prints out all files in "log/" to stdout when a test case
fails. Very
practical when used in the automated and distributed tests since then the
people checking the failures and the reasons for them might not have physical
access to the machine and logs.
+.IP "-R"
+Run the tests in a scrambled, or randomized, order instead of sequentially.
.IP "-r"
Display run time statistics. (Requires Perl Time::HiRes module)
.IP "-rf"
diff --git a/tests/runtests.pl b/tests/runtests.pl
index 4e44a6d1b..c67673fbd 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -145,6 +145,10 @@ my $HTTPPROXYPORT; # HTTP proxy port, when using
CONNECT
my $HTTPPIPEPORT; # HTTP pipelining port
my $HTTPUNIXPATH; # HTTP server Unix domain socket path
my $HTTP2PORT; # HTTP/2 server port
+my $DICTPORT; # DICT server port
+my $SMBPORT; # SMB server port
+my $SMBSPORT; # SMBS server port
+my $NEGTELNETPORT; # TELNET server port with negotiation
my $srcdir = $ENV{'srcdir'} || '.';
my $CURL="../src/gnurl".exe_ext(); # what curl executable to run on the tests
@@ -194,7 +198,7 @@ my $pwd = getcwd(); # current working directory
my $start;
my $ftpchecktime=1; # time it took to verify our test FTP server
-
+my $scrambleorder;
my $stunnel = checkcmd("stunnel4") || checkcmd("tstunnel") ||
checkcmd("stunnel");
my $valgrind = checktestcmd("valgrind");
my $valgrind_logfile="--logfile";
@@ -378,7 +382,8 @@ sub init_serverpidfile_hash {
}
}
}
- for my $proto (('tftp', 'sftp', 'socks', 'ssh', 'rtsp', 'gopher',
'httptls')) {
+ for my $proto (('tftp', 'sftp', 'socks', 'ssh', 'rtsp', 'gopher', 'httptls',
+ 'dict', 'smb', 'smbs', 'telnet')) {
for my $ipvnum ((4, 6)) {
for my $idnum ((1, 2)) {
my $serv = servername_id($proto, $ipvnum, $idnum);
@@ -1119,6 +1124,128 @@ sub verifysocks {
}
#######################################################################
+# Verify that the server that runs on $ip, $port is our server. This also
+# implies that we can speak with it, as there might be occasions when the
+# server runs fine but we cannot talk to it ("Failed to connect to ::1: Can't
+# assign requested address")
+#
+sub verifysmb {
+ my ($proto, $ipvnum, $idnum, $ip, $port) = @_;
+ my $server = servername_id($proto, $ipvnum, $idnum);
+ my $pid = 0;
+ my $time=time();
+ my $extra="";
+
+ my $verifylog = "$LOGDIR/".
+ servername_canon($proto, $ipvnum, $idnum) .'_verify.log';
+ unlink($verifylog) if(-f $verifylog);
+
+ my $flags = "--max-time $server_response_maxtime ";
+ $flags .= "--silent ";
+ $flags .= "--verbose ";
+ $flags .= "--globoff ";
+ $flags .= "-u 'curltest:curltest' ";
+ $flags .= $extra;
+ $flags .= "\"$proto://$ip:$port/SERVER/verifiedserver\"";
+
+ my $cmd = "$VCURL $flags 2>$verifylog";
+
+ # check if this is our server running on this port:
+ logmsg "RUN: $cmd\n" if($verbose);
+ my @data = runclientoutput($cmd);
+
+ my $res = $? >> 8; # rotate the result
+ if($res & 128) {
+ logmsg "RUN: curl command died with a coredump\n";
+ return -1;
+ }
+
+ foreach my $line (@data) {
+ if($line =~ /WE ROOLZ: (\d+)/) {
+ # this is our test server with a known pid!
+ $pid = 0+$1;
+ last;
+ }
+ }
+ if($pid <= 0 && @data && $data[0]) {
+ # this is not a known server
+ logmsg "RUN: Unknown server on our $server port: $port\n";
+ return 0;
+ }
+ # we can/should use the time it took to verify the server as a measure
+ # on how fast/slow this host is.
+ my $took = int(0.5+time()-$time);
+
+ if($verbose) {
+ logmsg "RUN: Verifying our test $server server took $took seconds\n";
+ }
+ $ftpchecktime = $took>=1?$took:1; # make sure it never is below 1
+
+ return $pid;
+}
+
+#######################################################################
+# Verify that the server that runs on $ip, $port is our server. This also
+# implies that we can speak with it, as there might be occasions when the
+# server runs fine but we cannot talk to it ("Failed to connect to ::1: Can't
+# assign requested address")
+#
+sub verifytelnet {
+ my ($proto, $ipvnum, $idnum, $ip, $port) = @_;
+ my $server = servername_id($proto, $ipvnum, $idnum);
+ my $pid = 0;
+ my $time=time();
+ my $extra="";
+
+ my $verifylog = "$LOGDIR/".
+ servername_canon($proto, $ipvnum, $idnum) .'_verify.log';
+ unlink($verifylog) if(-f $verifylog);
+
+ my $flags = "--max-time $server_response_maxtime ";
+ $flags .= "--silent ";
+ $flags .= "--verbose ";
+ $flags .= "--globoff ";
+ $flags .= "--upload-file - ";
+ $flags .= $extra;
+ $flags .= "\"$proto://$ip:$port\"";
+
+ my $cmd = "echo 'verifiedserver' | $VCURL $flags 2>$verifylog";
+
+ # check if this is our server running on this port:
+ logmsg "RUN: $cmd\n" if($verbose);
+ my @data = runclientoutput($cmd);
+
+ my $res = $? >> 8; # rotate the result
+ if($res & 128) {
+ logmsg "RUN: curl command died with a coredump\n";
+ return -1;
+ }
+
+ foreach my $line (@data) {
+ if($line =~ /WE ROOLZ: (\d+)/) {
+ # this is our test server with a known pid!
+ $pid = 0+$1;
+ last;
+ }
+ }
+ if($pid <= 0 && @data && $data[0]) {
+ # this is not a known server
+ logmsg "RUN: Unknown server on our $server port: $port\n";
+ return 0;
+ }
+ # we can/should use the time it took to verify the server as a measure
+ # on how fast/slow this host is.
+ my $took = int(0.5+time()-$time);
+
+ if($verbose) {
+ logmsg "RUN: Verifying our test $server server took $took seconds\n";
+ }
+
+ return $pid;
+}
+
+
+#######################################################################
# Verify that the server that runs on $ip, $port is our server.
# Retry over several seconds before giving up. The ssh server in
# particular can take a long time to start if it needs to generate
@@ -1143,7 +1270,10 @@ my %protofunc = ('http' => \&verifyhttp,
'ssh' => \&verifyssh,
'socks' => \&verifysocks,
'gopher' => \&verifyhttp,
- 'httptls' => \&verifyhttptls);
+ 'httptls' => \&verifyhttptls,
+ 'dict' => \&verifyftp,
+ 'smb' => \&verifysmb,
+ 'telnet' => \&verifytelnet);
sub verifyserver {
my ($proto, $ipvnum, $idnum, $ip, $port) = @_;
@@ -1227,6 +1357,7 @@ sub runhttp2server {
$flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";
$flags .= "--port $HTTP2PORT ";
+ $flags .= "--connect $HOSTIP:$HTTPPORT ";
$flags .= $verbose_flag if($debugprotocol);
my $cmd = "$exe $flags";
@@ -2164,6 +2295,235 @@ sub runsocksserver {
}
#######################################################################
+# start the dict server
+#
+sub rundictserver {
+ my ($verbose, $alt, $port) = @_;
+ my $proto = "dict";
+ my $ip = $HOSTIP;
+ my $ipvnum = 4;
+ my $idnum = 1;
+ my $server;
+ my $srvrname;
+ my $pidfile;
+ my $logfile;
+ my $flags = "";
+
+ if($alt eq "ipv6") {
+ # No IPv6
+ }
+
+ $server = servername_id($proto, $ipvnum, $idnum);
+
+ $pidfile = $serverpidfile{$server};
+
+ # don't retry if the server doesn't work
+ if ($doesntrun{$pidfile}) {
+ return (0,0);
+ }
+
+ my $pid = processexists($pidfile);
+ if($pid > 0) {
+ stopserver($server, "$pid");
+ }
+ unlink($pidfile) if(-f $pidfile);
+
+ $srvrname = servername_str($proto, $ipvnum, $idnum);
+
+ $logfile = server_logfilename($LOGDIR, $proto, $ipvnum, $idnum);
+
+ $flags .= "--verbose 1 " if($debugprotocol);
+ $flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";
+ $flags .= "--id $idnum " if($idnum > 1);
+ $flags .= "--port $port --srcdir \"$srcdir\"";
+
+ my $cmd = "$srcdir/dictserver.py $flags";
+ my ($dictpid, $pid2) = startnew($cmd, $pidfile, 15, 0);
+
+ if($dictpid <= 0 || !pidexists($dictpid)) {
+ # it is NOT alive
+ logmsg "RUN: failed to start the $srvrname server\n";
+ stopserver($server, "$pid2");
+ displaylogs($testnumcheck);
+ $doesntrun{$pidfile} = 1;
+ return (0,0);
+ }
+
+ # Server is up. Verify that we can speak to it.
+ my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port);
+ if(!$pid3) {
+ logmsg "RUN: $srvrname server failed verification\n";
+ # failed to talk to it properly. Kill the server and return failure
+ stopserver($server, "$dictpid $pid2");
+ displaylogs($testnumcheck);
+ $doesntrun{$pidfile} = 1;
+ return (0,0);
+ }
+ $pid2 = $pid3;
+
+ if($verbose) {
+ logmsg "RUN: $srvrname server is now running PID $dictpid\n";
+ }
+
+ sleep(1);
+
+ return ($dictpid, $pid2);
+}
+
+#######################################################################
+# start the SMB server
+#
+sub runsmbserver {
+ my ($verbose, $alt, $port) = @_;
+ my $proto = "smb";
+ my $ip = $HOSTIP;
+ my $ipvnum = 4;
+ my $idnum = 1;
+ my $server;
+ my $srvrname;
+ my $pidfile;
+ my $logfile;
+ my $flags = "";
+
+ if($alt eq "ipv6") {
+ # No IPv6
+ }
+
+ $server = servername_id($proto, $ipvnum, $idnum);
+
+ $pidfile = $serverpidfile{$server};
+
+ # don't retry if the server doesn't work
+ if ($doesntrun{$pidfile}) {
+ return (0,0);
+ }
+
+ my $pid = processexists($pidfile);
+ if($pid > 0) {
+ stopserver($server, "$pid");
+ }
+ unlink($pidfile) if(-f $pidfile);
+
+ $srvrname = servername_str($proto, $ipvnum, $idnum);
+
+ $logfile = server_logfilename($LOGDIR, $proto, $ipvnum, $idnum);
+
+ $flags .= "--verbose 1 " if($debugprotocol);
+ $flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";
+ $flags .= "--id $idnum " if($idnum > 1);
+ $flags .= "--port $port --srcdir \"$srcdir\"";
+
+ my $cmd = "$srcdir/smbserver.py $flags";
+ my ($smbpid, $pid2) = startnew($cmd, $pidfile, 15, 0);
+
+ if($smbpid <= 0 || !pidexists($smbpid)) {
+ # it is NOT alive
+ logmsg "RUN: failed to start the $srvrname server\n";
+ stopserver($server, "$pid2");
+ displaylogs($testnumcheck);
+ $doesntrun{$pidfile} = 1;
+ return (0,0);
+ }
+
+ # Server is up. Verify that we can speak to it.
+ my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port);
+ if(!$pid3) {
+ logmsg "RUN: $srvrname server failed verification\n";
+ # failed to talk to it properly. Kill the server and return failure
+ stopserver($server, "$smbpid $pid2");
+ displaylogs($testnumcheck);
+ $doesntrun{$pidfile} = 1;
+ return (0,0);
+ }
+ $pid2 = $pid3;
+
+ if($verbose) {
+ logmsg "RUN: $srvrname server is now running PID $smbpid\n";
+ }
+
+ sleep(1);
+
+ return ($smbpid, $pid2);
+}
+
+#######################################################################
+# start the telnet server
+#
+sub runnegtelnetserver {
+ my ($verbose, $alt, $port) = @_;
+ my $proto = "telnet";
+ my $ip = $HOSTIP;
+ my $ipvnum = 4;
+ my $idnum = 1;
+ my $server;
+ my $srvrname;
+ my $pidfile;
+ my $logfile;
+ my $flags = "";
+
+ if($alt eq "ipv6") {
+ # No IPv6
+ }
+
+ $server = servername_id($proto, $ipvnum, $idnum);
+
+ $pidfile = $serverpidfile{$server};
+
+ # don't retry if the server doesn't work
+ if ($doesntrun{$pidfile}) {
+ return (0,0);
+ }
+
+ my $pid = processexists($pidfile);
+ if($pid > 0) {
+ stopserver($server, "$pid");
+ }
+ unlink($pidfile) if(-f $pidfile);
+
+ $srvrname = servername_str($proto, $ipvnum, $idnum);
+
+ $logfile = server_logfilename($LOGDIR, $proto, $ipvnum, $idnum);
+
+ $flags .= "--verbose 1 " if($debugprotocol);
+ $flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";
+ $flags .= "--id $idnum " if($idnum > 1);
+ $flags .= "--port $port --srcdir \"$srcdir\"";
+
+ my $cmd = "$srcdir/negtelnetserver.py $flags";
+ my ($ntelpid, $pid2) = startnew($cmd, $pidfile, 15, 0);
+
+ if($ntelpid <= 0 || !pidexists($ntelpid)) {
+ # it is NOT alive
+ logmsg "RUN: failed to start the $srvrname server\n";
+ stopserver($server, "$pid2");
+ displaylogs($testnumcheck);
+ $doesntrun{$pidfile} = 1;
+ return (0,0);
+ }
+
+ # Server is up. Verify that we can speak to it.
+ my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port);
+ if(!$pid3) {
+ logmsg "RUN: $srvrname server failed verification\n";
+ # failed to talk to it properly. Kill the server and return failure
+ stopserver($server, "$ntelpid $pid2");
+ displaylogs($testnumcheck);
+ $doesntrun{$pidfile} = 1;
+ return (0,0);
+ }
+ $pid2 = $pid3;
+
+ if($verbose) {
+ logmsg "RUN: $srvrname server is now running PID $ntelpid\n";
+ }
+
+ sleep(1);
+
+ return ($ntelpid, $pid2);
+}
+
+
+#######################################################################
# Single shot http and gopher server responsiveness test. This should only
# be used to verify that a server present in %run hash is still functional
#
@@ -2411,6 +2771,7 @@ sub checksystem {
}
elsif ($libcurl =~ /securetransport/i) {
$has_darwinssl=1;
+ $has_sslpinning=1;
$ssllib="DarwinSSL";
}
elsif ($libcurl =~ /BoringSSL/i) {
@@ -2653,7 +3014,7 @@ sub checksystem {
logmsg sprintf("* Servers: %s", $stunnel?"SSL ":"");
logmsg sprintf("%s", $http_ipv6?"HTTP-IPv6 ":"");
logmsg sprintf("%s", $http_unix?"HTTP-unix ":"");
- logmsg sprintf("%s\n", $ftp_ipv6?"FTP-IPv6 ":"OFF");
+ logmsg sprintf("%s\n", $ftp_ipv6?"FTP-IPv6 ":"");
logmsg sprintf("* Env: %s%s", $valgrind?"Valgrind ":"",
$run_event_based?"event-based ":"");
@@ -2683,7 +3044,7 @@ sub checksystem {
}
logmsg sprintf("\n* GOPHER/%d ", $GOPHERPORT);
if($gopher_ipv6) {
- logmsg sprintf("GOPHER-IPv6/%d", $GOPHERPORT);
+ logmsg sprintf("GOPHER-IPv6/%d", $GOPHER6PORT);
}
logmsg sprintf("\n* SSH/%d ", $SSHPORT);
logmsg sprintf("SOCKS/%d ", $SOCKSPORT);
@@ -2760,6 +3121,13 @@ sub subVariables {
$$thing =~ s/%TFTP6PORT/$TFTP6PORT/g;
$$thing =~ s/%TFTPPORT/$TFTPPORT/g;
+ $$thing =~ s/%DICTPORT/$DICTPORT/g;
+
+ $$thing =~ s/%SMBPORT/$SMBPORT/g;
+ $$thing =~ s/%SMBSPORT/$SMBSPORT/g;
+
+ $$thing =~ s/%NEGTELNETPORT/$NEGTELNETPORT/g;
+
# server Unix domain socket paths
$$thing =~ s/%HTTPUNIXPATH/$HTTPUNIXPATH/g;
@@ -2794,7 +3162,7 @@ sub subVariables {
# HTTP2
- $$thing =~ s/%H2CVER/$h2cver/g;
+ $$thing =~ s/%H2CVER/$h2cver/g;
}
sub fixarray {
@@ -3037,6 +3405,11 @@ sub singletest {
next;
}
}
+ elsif($1 eq "threaded-resolver") {
+ if($has_threadedres) {
+ next;
+ }
+ }
elsif($1 eq "PSL") {
if($has_psl) {
next;
@@ -3183,6 +3556,11 @@ sub singletest {
next;
}
}
+ elsif($1 eq "threaded-resolver") {
+ if(!$has_threadedres) {
+ next;
+ }
+ }
else {
next;
}
@@ -3278,11 +3656,6 @@ sub singletest {
}
if(!$why) {
- # TODO:
- # Add a precheck cache. If a precheck command was already invoked
- # exactly like this, then use the previous result to speed up
- # successive test invokes!
-
my @precheck = getpart("client", "precheck");
if(@precheck) {
$cmd = $precheck[0];
@@ -3332,31 +3705,12 @@ sub singletest {
}
logmsg sprintf("test %04d...", $testnum) if(!$automakestyle);
- # extract the reply data
- my @reply = getpart("reply", "data");
- my @replycheck = getpart("reply", "datacheck");
-
my %replyattr = getpartattr("reply", "data");
- my %replycheckattr = getpartattr("reply", "datacheck");
-
- if (@replycheck) {
- # we use this file instead to check the final output against
- # get the mode attribute
- my $filemode=$replycheckattr{'mode'};
- if($filemode && ($filemode eq "text") && $has_textaware) {
- # text mode when running on windows: fix line endings
- map s/\r\n/\n/g, @replycheck;
- map s/\n/\r\n/g, @replycheck;
- }
- if($replycheckattr{'nonewline'}) {
- # Yes, we must cut off the final newline from the final line
- # of the datacheck
- chomp($replycheck[$#replycheck]);
- }
-
- for my $partsuffix (('1', '2', '3', '4')) {
+ my @reply;
+ if (partexists("reply", "datacheck")) {
+ for my $partsuffix (('', '1', '2', '3', '4')) {
my @replycheckpart = getpart("reply", "datacheck".$partsuffix);
- if(@replycheckpart || partexists("reply", "datacheck".$partsuffix)
) {
+ if(@replycheckpart) {
my %replycheckpartattr = getpartattr("reply",
"datacheck".$partsuffix);
# get the mode attribute
my $filemode=$replycheckpartattr{'mode'};
@@ -3370,13 +3724,13 @@ sub singletest {
# of the datacheck
chomp($replycheckpart[$#replycheckpart]);
}
- push(@replycheck, @replycheckpart);
+ push(@reply, @replycheckpart);
}
}
-
- @address@hidden;
}
else {
+ # check against the data section
+ @reply = getpart("reply", "data");
# get the mode attribute
my $filemode=$replyattr{'mode'};
if($filemode && ($filemode eq "text") && $has_textaware) {
@@ -3594,7 +3948,7 @@ sub singletest {
$usevalgrind = 1;
my $valgrindcmd = "$valgrind ";
$valgrindcmd .= "$valgrind_tool " if($valgrind_tool);
- $valgrindcmd .= "--leak-check=yes ";
+ $valgrindcmd .= "--quiet --leak-check=yes ";
$valgrindcmd .= "--suppressions=$srcdir/valgrind.supp ";
# $valgrindcmd .= "--gen-suppressions=all ";
$valgrindcmd .= "--num-callers=16 ";
@@ -3616,21 +3970,6 @@ sub singletest {
my $dumped_core;
my $cmdres;
- # Apr 2007: precommand isn't being used and could be removed
- my @precommand= getpart("client", "precommand");
- if($precommand[0]) {
- # this is pure perl to eval!
- my $code = join("", @precommand);
- eval $code;
- if($@) {
- logmsg "perl: $code\n";
- logmsg "precommand: $@";
- stopservers($verbose);
- timestampskippedevents($testnum);
- return -1;
- }
- }
-
if($gdbthis) {
my $gdbinit = "$TESTDIR/gdbinit$testnum";
open(GDBCMD, ">$LOGDIR/gdbcmd");
@@ -3792,7 +4131,7 @@ sub singletest {
# run the postcheck command
my @postcheck= getpart("client", "postcheck");
if(@postcheck) {
- $cmd = $postcheck[0];
+ $cmd = join("", @postcheck);
chomp $cmd;
subVariables \$cmd;
if($cmd) {
@@ -4143,7 +4482,7 @@ sub singletest {
$timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
return 1;
}
- my @e = valgrindparse($srcdir, $feature{'SSL'}, "$LOGDIR/$vgfile");
+ my @e = valgrindparse("$LOGDIR/$vgfile");
if(@e && $e[0]) {
if($automakestyle) {
logmsg "FAIL: $testnum - $testname - valgrind\n";
@@ -4613,7 +4952,7 @@ sub startservers {
return "failed starting socks5 server";
}
elsif(($sshdid =~ /OpenSSH/) && ($sshdvernum < 370)) {
- # Need OpenSSH 3.7 for socks5 -
http://www.openssh.com/txt/release-3.7
+ # Need OpenSSH 3.7 for socks5 -
https://www.openssh.com/txt/release-3.7
logmsg "$sshdverstr insufficient; socks5 tests need at
least OpenSSH 3.7\n";
return "failed starting socks5 server";
}
@@ -4640,6 +4979,41 @@ sub startservers {
$run{'http-unix'}="$pid $pid2";
}
}
+ elsif($what eq "dict") {
+ if(!$run{'dict'}) {
+ ($pid, $pid2) = rundictserver($verbose, "", $DICTPORT);
+ if($pid <= 0) {
+ return "failed starting DICT server";
+ }
+ logmsg sprintf ("* pid DICT => %d %d\n", $pid, $pid2)
+ if($verbose);
+ $run{'dict'}="$pid $pid2";
+ }
+ }
+ elsif($what eq "smb") {
+ if(!$run{'smb'}) {
+ ($pid, $pid2) = runsmbserver($verbose, "", $SMBPORT);
+ if($pid <= 0) {
+ return "failed starting SMB server";
+ }
+ logmsg sprintf ("* pid SMB => %d %d\n", $pid, $pid2)
+ if($verbose);
+ $run{'dict'}="$pid $pid2";
+ }
+ }
+ elsif($what eq "telnet") {
+ if(!$run{'telnet'}) {
+ ($pid, $pid2) = runnegtelnetserver($verbose,
+ "",
+ $NEGTELNETPORT);
+ if($pid <= 0) {
+ return "failed starting neg TELNET server";
+ }
+ logmsg sprintf ("* pid neg TELNET => %d %d\n", $pid, $pid2)
+ if($verbose);
+ $run{'dict'}="$pid $pid2";
+ }
+ }
elsif($what eq "none") {
logmsg "* starts no server\n" if ($verbose);
}
@@ -4869,6 +5243,10 @@ while(@ARGV) {
# have the servers display protocol output
$debugprotocol=1;
}
+ elsif($ARGV[0] eq "-e") {
+ # run the tests cases event based if possible
+ $run_event_based=1;
+ }
elsif ($ARGV[0] eq "-g") {
# run this test with gdb
$gdbthis=1;
@@ -4891,6 +5269,10 @@ while(@ARGV) {
# no valgrind
undef $valgrind;
}
+ elsif ($ARGV[0] eq "-R") {
+ # execute in scrambled order
+ $scrambleorder=1;
+ }
elsif($ARGV[0] =~ /^-t(.*)/) {
# torture
$torture=1;
@@ -4906,10 +5288,6 @@ while(@ARGV) {
# continue anyway, even if a test fail
$anyway=1;
}
- elsif($ARGV[0] eq "-e") {
- # run the tests cases event based if possible
- $run_event_based=1;
- }
elsif($ARGV[0] eq "-p") {
$postmortem=1;
}
@@ -4957,6 +5335,7 @@ Usage: runtests.pl [options] [test selection(s)]
-bN use base port number N for test servers (default $base)
-c path use this curl executable
-d display server debug info
+ -e event-based execution
-g run the test case with gdb
-gw run the test case with gdb as a windowed application
-h this help text
@@ -4964,6 +5343,7 @@ Usage: runtests.pl [options] [test selection(s)]
-l list all test case names/descriptions
-n no valgrind
-p print log file contents when a test fails
+ -R scrambled order
-r run time statistics
-rf full run time statistics
-s short output
@@ -5093,6 +5473,10 @@ $HTTPTLS6PORT = $base++; # HTTP TLS (non-stunnel)
IPv6 server port
$HTTPPROXYPORT = $base++; # HTTP proxy port, when using CONNECT
$HTTPPIPEPORT = $base++; # HTTP pipelining port
$HTTP2PORT = $base++; # HTTP/2 port
+$DICTPORT = $base++; # DICT port
+$SMBPORT = $base++; # SMB port
+$SMBSPORT = $base++; # SMBS port
+$NEGTELNETPORT = $base++; # TELNET port with negotiation
$HTTPUNIXPATH = 'http.sock'; # HTTP server Unix domain socket path
#######################################################################
@@ -5187,6 +5571,23 @@ else {
$TESTCASES = $verified;
}
+if($scrambleorder) {
+ # scramble the order of the test cases
+ my @rand;
+ while($TESTCASES) {
+ my @all = split(/ +/, $TESTCASES);
+ if(!$all[0]) {
+ # if the first is blank, shift away it
+ shift @all;
+ }
+ my $r = rand @all;
+ push @rand, $all[$r];
+ $all[$r]="";
+ $TESTCASES = join(" ", @all);
+ }
+ $TESTCASES = join(" ", @rand);
+}
+
#######################################################################
# Start the command line log
#
diff --git a/tests/secureserver.pl b/tests/secureserver.pl
index 3a7443c40..c897ee5f1 100755
--- a/tests/secureserver.pl
+++ b/tests/secureserver.pl
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -63,7 +63,7 @@ my $pidfile; # stunnel pid file
my $logfile; # stunnel log file
my $loglevel = 5; # stunnel log level
my $ipvnum = 4; # default IP version of stunneled server
-my $idnum = 1; # dafault stunneled server instance number
+my $idnum = 1; # default stunneled server instance number
my $proto = 'https'; # default secure server protocol
my $conffile; # stunnel configuration file
my $capath; # certificate chain PEM folder
@@ -172,7 +172,7 @@ while(@ARGV) {
}
#***************************************************************************
-# Initialize command line option dependant variables
+# Initialize command line option dependent variables
#
if(!$pidfile) {
$pidfile = "$path/". server_pidfilename($proto, $ipvnum, $idnum);
@@ -181,7 +181,7 @@ if(!$logfile) {
$logfile = server_logfilename($logdir, $proto, $ipvnum, $idnum);
}
-$conffile = "$path/stunnel.conf";
+$conffile = "$path/${proto}_stunnel.conf";
$capath = abs_path($path);
$certfile = "$srcdir/". ($stuncert?"certs/$stuncert":"stunnel.pem");
diff --git a/tests/server/CMakeLists.txt b/tests/server/CMakeLists.txt
index 00f5242f9..39c145007 100644
--- a/tests/server/CMakeLists.txt
+++ b/tests/server/CMakeLists.txt
@@ -1,5 +1,9 @@
set(TARGET_LABEL_PREFIX "Test server ")
+if(MSVC)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /wd4127 /wd4306")
+endif()
+
function(SETUP_EXECUTABLE TEST_NAME) # ARGN are the files in the test
add_executable( ${TEST_NAME} ${ARGN} )
string(TOUPPER ${TEST_NAME} UPPER_TEST_NAME)
@@ -7,7 +11,7 @@ function(SETUP_EXECUTABLE TEST_NAME) # ARGN are the files
in the test
include_directories(
${CURL_SOURCE_DIR}/lib # To be able to reach "curl_setup_once.h"
${CURL_BINARY_DIR}/lib # To be able to reach "curl_config.h"
- ${CURL_BINARY_DIR}/include # To be able to reach "curl/curlbuild.h"
+ ${CURL_BINARY_DIR}/include # To be able to reach "gnurl/curl.h"
)
if(USE_ARES)
include_directories(${CARES_INCLUDE_DIR})
diff --git a/tests/server/Makefile.am b/tests/server/Makefile.am
index e274c01ab..f2067f2e2 100644
--- a/tests/server/Makefile.am
+++ b/tests/server/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -26,8 +26,6 @@ AUTOMAKE_OPTIONS = foreign nostdinc
# being currently built and tested are searched before the library which
# might possibly already be installed in the system.
#
-# $(top_builddir)/include/curl for generated curlbuild.h included from curl.h
-# $(top_builddir)/include for generated curlbuild.h inc. from lib/curl_setup.h
# $(top_srcdir)/include is for libcurl's external include files
# $(top_builddir)/lib is for libcurl's generated lib/curl_config.h file
# $(top_srcdir)/lib for libcurl's lib/curl_setup.h and other "borrowed" files
@@ -35,17 +33,13 @@ AUTOMAKE_OPTIONS = foreign nostdinc
# $(top_srcdir)/ares is for in-tree c-ares's external include files
if USE_EMBEDDED_ARES
-AM_CPPFLAGS = -I$(top_builddir)/include/curl \
- -I$(top_builddir)/include \
- -I$(top_srcdir)/include \
+AM_CPPFLAGS = -I$(top_srcdir)/include \
-I$(top_builddir)/lib \
-I$(top_srcdir)/lib \
-I$(top_builddir)/ares \
-I$(top_srcdir)/ares
else
-AM_CPPFLAGS = -I$(top_builddir)/include/curl \
- -I$(top_builddir)/include \
- -I$(top_srcdir)/include \
+AM_CPPFLAGS = -I$(top_srcdir)/include \
-I$(top_builddir)/lib \
-I$(top_srcdir)/lib
endif
@@ -64,3 +58,8 @@ EXTRA_DIST = base64.pl Makefile.inc CMakeLists.txt
checksrc:
@PERL@ $(top_srcdir)/lib/checksrc.pl $(srcdir)/*.c
+
+if CURLDEBUG
+# for debug builds, we scan the sources on all regular make invokes
+all-local: checksrc
+endif
diff --git a/tests/server/Makefile.inc b/tests/server/Makefile.inc
index 6e81dfdbc..c3ea664b6 100644
--- a/tests/server/Makefile.inc
+++ b/tests/server/Makefile.inc
@@ -3,7 +3,6 @@ noinst_PROGRAMS = getpart resolve rtspd sockfilt sws tftpd
fake_ntlm
CURLX_SRCS = \
../../lib/mprintf.c \
../../lib/nonblock.c \
- ../../lib/strequal.c \
../../lib/strtoofft.c \
../../lib/timeval.c \
../../lib/warnless.c
@@ -11,7 +10,6 @@ CURLX_SRCS = \
CURLX_HDRS = \
../../lib/curlx.h \
../../lib/nonblock.h \
- ../../lib/strequal.h \
../../lib/strtoofft.h \
../../lib/timeval.h \
../../lib/warnless.h
diff --git a/tests/server/fake_ntlm.c b/tests/server/fake_ntlm.c
index 87118b315..0d1b3e1b6 100644
--- a/tests/server/fake_ntlm.c
+++ b/tests/server/fake_ntlm.c
@@ -37,11 +37,9 @@
/* include memdebug.h last */
#include "memdebug.h"
-#ifndef DEFAULT_LOGFILE
-#define DEFAULT_LOGFILE "log/fake_ntlm.log"
-#endif
+#define LOGFILE "log/fake_ntlm%d.log"
-const char *serverlogfile = DEFAULT_LOGFILE;
+const char *serverlogfile;
/*
* Returns an allocated buffer with printable representation of input
@@ -111,6 +109,7 @@ static char *printable(char *inbuf, size_t inlength)
int main(int argc, char *argv[])
{
char buf[1024];
+ char logfilename[256];
FILE *stream;
char *filename;
int error;
@@ -120,9 +119,9 @@ int main(int argc, char *argv[])
long testnum;
const char *env;
int arg = 1;
- char *helper_user = (char *)"unknown";
- char *helper_proto = (char *)"unknown";
- char *helper_domain = (char *)"unknown";
+ const char *helper_user = "unknown";
+ const char *helper_proto = "unknown";
+ const char *helper_domain = "unknown";
bool use_cached_creds = FALSE;
char *msgbuf;
@@ -158,25 +157,29 @@ int main(int argc, char *argv[])
}
}
- logmsg("fake_ntlm (user: %s) (proto: %s) (domain: %s) (cached creds: %s)",
- helper_user, helper_proto, helper_domain,
- (use_cached_creds) ? "yes" : "no");
-
env = getenv("CURL_NTLM_AUTH_TESTNUM");
if(env) {
char *endptr;
long lnum = strtol(env, &endptr, 10);
if((endptr != env + strlen(env)) || (lnum < 1L)) {
- logmsg("Test number not valid in CURL_NTLM_AUTH_TESTNUM");
+ fprintf(stderr, "Test number not valid in CURL_NTLM_AUTH_TESTNUM");
exit(1);
}
testnum = lnum;
}
else {
- logmsg("Test number not specified in CURL_NTLM_AUTH_TESTNUM");
+ fprintf(stderr, "Test number not specified in CURL_NTLM_AUTH_TESTNUM");
exit(1);
}
+ /* logmsg cannot be used until this file name is set */
+ snprintf(logfilename, sizeof(logfilename), LOGFILE, testnum);
+ serverlogfile = logfilename;
+
+ logmsg("fake_ntlm (user: %s) (proto: %s) (domain: %s) (cached creds: %s)",
+ helper_user, helper_proto, helper_domain,
+ (use_cached_creds) ? "yes" : "no");
+
env = getenv("CURL_NTLM_AUTH_SRCDIR");
if(env) {
path = env;
@@ -276,5 +279,6 @@ int main(int argc, char *argv[])
exit(1);
}
}
+ logmsg("Exit");
return 1;
}
diff --git a/tests/server/getpart.c b/tests/server/getpart.c
index 1952fbbe5..bb8351bc3 100644
--- a/tests/server/getpart.c
+++ b/tests/server/getpart.c
@@ -190,7 +190,7 @@ static int appenddata(char **dst_buf, /* dest buffer */
static int decodedata(char **buf, /* dest buffer */
size_t *len) /* dest buffer data length */
{
- int error = 0;
+ CURLcode error = CURLE_OK;
unsigned char *buf64 = NULL;
size_t src_len = 0;
@@ -198,7 +198,7 @@ static int decodedata(char **buf, /* dest buffer */
return GPE_OK;
/* base64 decode the given buffer */
- error = (int) Curl_base64_decode(*buf, &buf64, &src_len);
+ error = Curl_base64_decode(*buf, &buf64, &src_len);
if(error)
return GPE_OUT_OF_MEMORY;
@@ -309,7 +309,8 @@ int getpart(char **outbuf, size_t *outlen,
ptr++;
end = ptr;
EAT_WORD(end);
- if((len.sig = end - ptr) > MAX_TAG_LEN) {
+ len.sig = end - ptr;
+ if(len.sig > MAX_TAG_LEN) {
error = GPE_NO_BUFFER_SPACE;
break;
}
@@ -370,7 +371,8 @@ int getpart(char **outbuf, size_t *outlen,
/* get potential tag */
end = ptr;
EAT_WORD(end);
- if((len.sig = end - ptr) > MAX_TAG_LEN) {
+ len.sig = end - ptr;
+ if(len.sig > MAX_TAG_LEN) {
error = GPE_NO_BUFFER_SPACE;
break;
}
@@ -389,7 +391,8 @@ int getpart(char **outbuf, size_t *outlen,
end = ptr;
while(*end && ('>' != *end))
end++;
- if((len.sig = end - ptr) > MAX_TAG_LEN) {
+ len.sig = end - ptr;
+ if(len.sig > MAX_TAG_LEN) {
error = GPE_NO_BUFFER_SPACE;
break;
}
diff --git a/tests/server/resolve.c b/tests/server/resolve.c
index 206245aba..34f14e066 100644
--- a/tests/server/resolve.c
+++ b/tests/server/resolve.c
@@ -107,16 +107,8 @@ int main(int argc, char *argv[])
atexit(win32_cleanup);
#endif
- if(!use_ipv6) {
- /* gethostbyname() resolve */
- struct hostent *he;
-
- he = gethostbyname(host);
-
- rc = !he;
- }
- else {
#ifdef ENABLE_IPV6
+ if(use_ipv6) {
/* Check that the system has IPv6 enabled before checking the resolver */
curl_socket_t s = socket(PF_INET6, SOCK_DGRAM, 0);
if(s == CURL_SOCKET_BAD)
@@ -125,28 +117,38 @@ int main(int argc, char *argv[])
else {
sclose(s);
}
+ }
- if(rc == 0) {
- /* getaddrinfo() resolve */
- struct addrinfo *ai;
- struct addrinfo hints;
-
- memset(&hints, 0, sizeof(hints));
- hints.ai_family = PF_INET6;
- hints.ai_socktype = SOCK_STREAM;
- hints.ai_flags = AI_CANONNAME;
- /* Use parenthesis around functions to stop them from being replaced by
- the macro in memdebug.h */
- rc = (getaddrinfo)(host, "80", &hints, &ai);
- if(rc == 0)
- (freeaddrinfo)(ai);
- }
-
+ if(rc == 0) {
+ /* getaddrinfo() resolve */
+ struct addrinfo *ai;
+ struct addrinfo hints;
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = use_ipv6 ? PF_INET6 : PF_INET;
+ hints.ai_socktype = SOCK_STREAM;
+ hints.ai_flags = AI_CANONNAME;
+ /* Use parenthesis around functions to stop them from being replaced by
+ the macro in memdebug.h */
+ rc = (getaddrinfo)(host, "80", &hints, &ai);
+ if(rc == 0)
+ (freeaddrinfo)(ai);
+ }
#else
+ if(use_ipv6) {
puts("IPv6 support has been disabled in this program");
return 1;
-#endif
}
+ else {
+ /* gethostbyname() resolve */
+ struct hostent *he;
+
+ he = gethostbyname(host);
+
+ rc = !he;
+ }
+#endif
+
if(rc)
printf("Resolving %s '%s' didn't work\n", ipv_inuse, host);
diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c
index 91ef6c62b..120d65d52 100644
--- a/tests/server/rtspd.c
+++ b/tests/server/rtspd.c
@@ -129,7 +129,7 @@ static void storerequest(char *reqbuf, size_t totalsize);
const char *serverlogfile = DEFAULT_LOGFILE;
-#define RTSPDVERSION "cURL test suite RTSP server/0.1"
+#define RTSPDVERSION "curl test suite RTSP server/0.1"
#define REQUEST_DUMP "log/server.input"
#define RESPONSE_DUMP "log/server.response"
@@ -260,36 +260,42 @@ static void install_signal_handlers(void)
{
#ifdef SIGHUP
/* ignore SIGHUP signal */
- if((old_sighup_handler = signal(SIGHUP, SIG_IGN)) == SIG_ERR)
+ old_sighup_handler = signal(SIGHUP, SIG_IGN);
+ if(old_sighup_handler == SIG_ERR)
logmsg("cannot install SIGHUP handler: %s", strerror(errno));
#endif
#ifdef SIGPIPE
/* ignore SIGPIPE signal */
- if((old_sigpipe_handler = signal(SIGPIPE, SIG_IGN)) == SIG_ERR)
+ old_sigpipe_handler = signal(SIGPIPE, SIG_IGN);
+ if(old_sigpipe_handler == SIG_ERR)
logmsg("cannot install SIGPIPE handler: %s", strerror(errno));
#endif
#ifdef SIGALRM
/* ignore SIGALRM signal */
- if((old_sigalrm_handler = signal(SIGALRM, SIG_IGN)) == SIG_ERR)
+ old_sigalrm_handler = signal(SIGALRM, SIG_IGN);
+ if(old_sigalrm_handler == SIG_ERR)
logmsg("cannot install SIGALRM handler: %s", strerror(errno));
#endif
#ifdef SIGINT
/* handle SIGINT signal with our exit_signal_handler */
- if((old_sigint_handler = signal(SIGINT, exit_signal_handler)) == SIG_ERR)
+ old_sigint_handler = signal(SIGINT, exit_signal_handler);
+ if(old_sigint_handler == SIG_ERR)
logmsg("cannot install SIGINT handler: %s", strerror(errno));
else
siginterrupt(SIGINT, 1);
#endif
#ifdef SIGTERM
/* handle SIGTERM signal with our exit_signal_handler */
- if((old_sigterm_handler = signal(SIGTERM, exit_signal_handler)) == SIG_ERR)
+ old_sigterm_handler = signal(SIGTERM, exit_signal_handler);
+ if(old_sigterm_handler == SIG_ERR)
logmsg("cannot install SIGTERM handler: %s", strerror(errno));
else
siginterrupt(SIGTERM, 1);
#endif
#if defined(SIGBREAK) && defined(WIN32)
/* handle SIGBREAK signal with our exit_signal_handler */
- if((old_sigbreak_handler = signal(SIGBREAK, exit_signal_handler)) == SIG_ERR)
+ old_sigbreak_handler = signal(SIGBREAK, exit_signal_handler);
+ if(old_sigbreak_handler == SIG_ERR)
logmsg("cannot install SIGBREAK handler: %s", strerror(errno));
else
siginterrupt(SIGBREAK, 1);
@@ -590,7 +596,7 @@ static int ProcessRequest(struct httprequest *req)
if(got_exit_signal)
return 1; /* done */
- if((req->cl==0) && curlx_strnequal("Content-Length:", line, 15)) {
+ if((req->cl==0) && strncasecompare("Content-Length:", line, 15)) {
/* If we don't ignore content-length, we read it and we read the whole
request including the body before we return. If we've been told to
ignore the content-length, we will return as soon as all headers
@@ -616,7 +622,7 @@ static int ProcessRequest(struct httprequest *req)
logmsg("... but will abort after %zu bytes", req->cl);
break;
}
- else if(curlx_strnequal("Transfer-Encoding: chunked", line,
+ else if(strncasecompare("Transfer-Encoding: chunked", line,
strlen("Transfer-Encoding: chunked"))) {
/* chunked data coming in */
chunked = TRUE;
@@ -1184,13 +1190,15 @@ int main(int argc, char *argv[])
int wrotepidfile = 0;
int flag;
unsigned short port = DEFAULT_PORT;
- char *pidname= (char *)".rtsp.pid";
+ const char *pidname = ".rtsp.pid";
struct httprequest req;
int rc;
int error;
int arg=1;
long pid;
+ memset(&req, 0, sizeof(req));
+
while(argc>arg) {
if(!strcmp("--version", argv[arg])) {
printf("rtspd IPv4%s"
diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index 38aa51e67..6695d8486 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -206,36 +206,42 @@ static void install_signal_handlers(void)
{
#ifdef SIGHUP
/* ignore SIGHUP signal */
- if((old_sighup_handler = signal(SIGHUP, SIG_IGN)) == SIG_ERR)
+ old_sighup_handler = signal(SIGHUP, SIG_IGN);
+ if(old_sighup_handler == SIG_ERR)
logmsg("cannot install SIGHUP handler: %s", strerror(errno));
#endif
#ifdef SIGPIPE
/* ignore SIGPIPE signal */
- if((old_sigpipe_handler = signal(SIGPIPE, SIG_IGN)) == SIG_ERR)
+ old_sigpipe_handler = signal(SIGPIPE, SIG_IGN);
+ if(old_sigpipe_handler == SIG_ERR)
logmsg("cannot install SIGPIPE handler: %s", strerror(errno));
#endif
#ifdef SIGALRM
/* ignore SIGALRM signal */
- if((old_sigalrm_handler = signal(SIGALRM, SIG_IGN)) == SIG_ERR)
+ old_sigalrm_handler = signal(SIGALRM, SIG_IGN);
+ if(old_sigalrm_handler == SIG_ERR)
logmsg("cannot install SIGALRM handler: %s", strerror(errno));
#endif
#ifdef SIGINT
/* handle SIGINT signal with our exit_signal_handler */
- if((old_sigint_handler = signal(SIGINT, exit_signal_handler)) == SIG_ERR)
+ old_sigint_handler = signal(SIGINT, exit_signal_handler);
+ if(old_sigint_handler == SIG_ERR)
logmsg("cannot install SIGINT handler: %s", strerror(errno));
else
siginterrupt(SIGINT, 1);
#endif
#ifdef SIGTERM
/* handle SIGTERM signal with our exit_signal_handler */
- if((old_sigterm_handler = signal(SIGTERM, exit_signal_handler)) == SIG_ERR)
+ old_sigterm_handler = signal(SIGTERM, exit_signal_handler);
+ if(old_sigterm_handler == SIG_ERR)
logmsg("cannot install SIGTERM handler: %s", strerror(errno));
else
siginterrupt(SIGTERM, 1);
#endif
#if defined(SIGBREAK) && defined(WIN32)
/* handle SIGBREAK signal with our exit_signal_handler */
- if((old_sigbreak_handler = signal(SIGBREAK, exit_signal_handler)) == SIG_ERR)
+ old_sigbreak_handler = signal(SIGBREAK, exit_signal_handler);
+ if(old_sigbreak_handler == SIG_ERR)
logmsg("cannot install SIGBREAK handler: %s", strerror(errno));
else
siginterrupt(SIGBREAK, 1);
@@ -399,7 +405,8 @@ static ssize_t fullwrite(int filedes, const void *buffer,
size_t nbytes)
ssize_t nwrite = 0;
do {
- wc = write(filedes, (unsigned char *)buffer + nwrite, nbytes - nwrite);
+ wc = write(filedes, (const unsigned char *)buffer + nwrite,
+ nbytes - nwrite);
if(got_exit_signal) {
logmsg("signalled to die");
@@ -542,7 +549,7 @@ static DWORD WINAPI select_ws_wait_thread(LPVOID
lpParameter)
free(data);
}
else
- return -1;
+ return (DWORD)-1;
/* retrieve the type of file to wait on */
type = GetFileType(handle);
@@ -1283,7 +1290,7 @@ static curl_socket_t sockdaemon(curl_socket_t sock,
sclose(sock);
return CURL_SOCKET_BAD;
}
- switch (localaddr.sa.sa_family) {
+ switch(localaddr.sa.sa_family) {
case AF_INET:
*listenport = ntohs(localaddr.sa4.sin_port);
break;
@@ -1332,7 +1339,7 @@ int main(int argc, char *argv[])
curl_socket_t sock = CURL_SOCKET_BAD;
curl_socket_t msgsock = CURL_SOCKET_BAD;
int wrotepidfile = 0;
- char *pidname= (char *)".sockfilt.pid";
+ const char *pidname = ".sockfilt.pid";
bool juggle_again;
int rc;
int error;
diff --git a/tests/server/sws.c b/tests/server/sws.c
index 27c86e013..bff30f212 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -130,7 +130,7 @@ static curl_socket_t all_sockets[MAX_SOCKETS];
static size_t num_sockets = 0;
static int ProcessRequest(struct httprequest *req);
-static void storerequest(char *reqbuf, size_t totalsize);
+static void storerequest(const char *reqbuf, size_t totalsize);
#define DEFAULT_PORT 8999
@@ -140,7 +140,7 @@ static void storerequest(char *reqbuf, size_t totalsize);
const char *serverlogfile = DEFAULT_LOGFILE;
-#define SWSVERSION "cURL test suite HTTP server/0.1"
+#define SWSVERSION "curl test suite HTTP server/0.1"
#define REQUEST_DUMP "log/server.input"
#define RESPONSE_DUMP "log/server.response"
@@ -265,36 +265,42 @@ static void install_signal_handlers(void)
{
#ifdef SIGHUP
/* ignore SIGHUP signal */
- if((old_sighup_handler = signal(SIGHUP, SIG_IGN)) == SIG_ERR)
+ old_sighup_handler = signal(SIGHUP, SIG_IGN);
+ if(old_sighup_handler == SIG_ERR)
logmsg("cannot install SIGHUP handler: %s", strerror(errno));
#endif
#ifdef SIGPIPE
/* ignore SIGPIPE signal */
- if((old_sigpipe_handler = signal(SIGPIPE, SIG_IGN)) == SIG_ERR)
+ old_sigpipe_handler = signal(SIGPIPE, SIG_IGN);
+ if(old_sigpipe_handler == SIG_ERR)
logmsg("cannot install SIGPIPE handler: %s", strerror(errno));
#endif
#ifdef SIGALRM
/* ignore SIGALRM signal */
- if((old_sigalrm_handler = signal(SIGALRM, SIG_IGN)) == SIG_ERR)
+ old_sigalrm_handler = signal(SIGALRM, SIG_IGN);
+ if(old_sigalrm_handler == SIG_ERR)
logmsg("cannot install SIGALRM handler: %s", strerror(errno));
#endif
#ifdef SIGINT
/* handle SIGINT signal with our exit_signal_handler */
- if((old_sigint_handler = signal(SIGINT, exit_signal_handler)) == SIG_ERR)
+ old_sigint_handler = signal(SIGINT, exit_signal_handler);
+ if(old_sigint_handler == SIG_ERR)
logmsg("cannot install SIGINT handler: %s", strerror(errno));
else
siginterrupt(SIGINT, 1);
#endif
#ifdef SIGTERM
/* handle SIGTERM signal with our exit_signal_handler */
- if((old_sigterm_handler = signal(SIGTERM, exit_signal_handler)) == SIG_ERR)
+ old_sigterm_handler = signal(SIGTERM, exit_signal_handler);
+ if(old_sigterm_handler == SIG_ERR)
logmsg("cannot install SIGTERM handler: %s", strerror(errno));
else
siginterrupt(SIGTERM, 1);
#endif
#if defined(SIGBREAK) && defined(WIN32)
/* handle SIGBREAK signal with our exit_signal_handler */
- if((old_sigbreak_handler = signal(SIGBREAK, exit_signal_handler)) == SIG_ERR)
+ old_sigbreak_handler = signal(SIGBREAK, exit_signal_handler);
+ if(old_sigbreak_handler == SIG_ERR)
logmsg("cannot install SIGBREAK handler: %s", strerror(errno));
else
siginterrupt(SIGBREAK, 1);
@@ -596,6 +602,14 @@ static int ProcessRequest(struct httprequest *req)
}
if(req->testno == DOCNUMBER_NOTHING) {
+ /* check for a Testno: header with the test case number */
+ char *testno = strstr(line, "\nTestno: ");
+ if(testno) {
+ req->testno = strtol(&testno[9], NULL, 10);
+ logmsg("Found test number %d in Testno: header!", req->testno);
+ }
+ }
+ if(req->testno == DOCNUMBER_NOTHING) {
/* Still no test case number. Try to get the the number off the last dot
instead, IE we consider the TLD to be the test number. Test 123 can
then be written as "example.com.123". */
@@ -697,7 +711,7 @@ static int ProcessRequest(struct httprequest *req)
if(got_exit_signal)
return 1; /* done */
- if((req->cl==0) && curlx_strnequal("Content-Length:", line, 15)) {
+ if((req->cl==0) && strncasecompare("Content-Length:", line, 15)) {
/* If we don't ignore content-length, we read it and we read the whole
request including the body before we return. If we've been told to
ignore the content-length, we will return as soon as all headers
@@ -723,7 +737,7 @@ static int ProcessRequest(struct httprequest *req)
logmsg("... but will abort after %zu bytes", req->cl);
break;
}
- else if(curlx_strnequal("Transfer-Encoding: chunked", line,
+ else if(strncasecompare("Transfer-Encoding: chunked", line,
strlen("Transfer-Encoding: chunked"))) {
/* chunked data coming in */
chunked = TRUE;
@@ -837,7 +851,7 @@ static int ProcessRequest(struct httprequest *req)
}
/* store the entire request in a file */
-static void storerequest(char *reqbuf, size_t totalsize)
+static void storerequest(const char *reqbuf, size_t totalsize)
{
int res;
int error = 0;
@@ -1188,20 +1202,24 @@ static int send_doc(curl_socket_t sock, struct
httprequest *req)
responsesize = count;
do {
- /* Ok, we send no more than 200 bytes at a time, just to make sure that
+ /* Ok, we send no more than N bytes at a time, just to make sure that
larger chunks are split up so that the client will need to do multiple
recv() calls to get it and thus we exercise that code better */
size_t num = count;
- if(num > 200)
- num = 200;
+ if(num > 20)
+ num = 20;
+
+ retry:
written = swrite(sock, buffer, num);
if(written < 0) {
+ if((EWOULDBLOCK == SOCKERRNO) || (EAGAIN == SOCKERRNO)) {
+ wait_ms(10);
+ goto retry;
+ }
sendfailure = TRUE;
break;
}
- else {
- logmsg("Sent off %zd bytes", written);
- }
+
/* write to file as well */
fwrite(buffer, 1, (size_t)written, dump);
@@ -1476,7 +1494,7 @@ static void http_connect(curl_socket_t *infdp,
maxfd = clientfd[i];
}
if(poll_client_wr[i] && toc[i]) {
- /* unless told not to do so, monitor writeability
+ /* unless told not to do so, monitor writability
if there is data ready to be sent to client */
FD_SET(clientfd[i], &output);
if(clientfd[i] > maxfd)
@@ -1492,7 +1510,7 @@ static void http_connect(curl_socket_t *infdp,
maxfd = serverfd[i];
}
if(poll_server_wr[i] && tos[i]) {
- /* unless told not to do so, monitor writeability
+ /* unless told not to do so, monitor writability
if there is data ready to be sent to server */
FD_SET(serverfd[i], &output);
if(serverfd[i] > maxfd)
@@ -1585,7 +1603,7 @@ static void http_connect(curl_socket_t *infdp,
/* ---------------------------------------------------------- */
- /* react to tunnel endpoint readable/writeable notifications */
+ /* react to tunnel endpoint readable/writable notifications */
for(i = 0; i <= max_tunnel_idx; i++) {
size_t len;
if(clientfd[i] != CURL_SOCKET_BAD) {
@@ -1881,7 +1899,7 @@ static int service_connection(curl_socket_t msgsock,
struct httprequest *req,
while(!req->done_processing) {
int rc = get_request(msgsock, req);
if(rc <= 0) {
- /* Nothing further to read now (possibly because the socket was closed */
+ /* Nothing further to read now, possibly because the socket was closed */
return rc;
}
}
@@ -1952,7 +1970,7 @@ int main(int argc, char *argv[])
const char *unix_socket = NULL;
bool unlink_socket = false;
#endif
- char *pidname= (char *)".http.pid";
+ const char *pidname = ".http.pid";
struct httprequest req;
int rc = 0;
int error;
@@ -2231,9 +2249,9 @@ int main(int argc, char *argv[])
/* Clear out closed sockets */
for(socket_idx = num_sockets - 1; socket_idx >= 1; --socket_idx) {
if(CURL_SOCKET_BAD == all_sockets[socket_idx]) {
- char* dst = (char *) (all_sockets + socket_idx);
- char* src = (char *) (all_sockets + socket_idx + 1);
- char* end = (char *) (all_sockets + num_sockets);
+ char *dst = (char *) (all_sockets + socket_idx);
+ char *src = (char *) (all_sockets + socket_idx + 1);
+ char *end = (char *) (all_sockets + num_sockets);
memmove(dst, src, end - src);
num_sockets -= 1;
}
@@ -2242,7 +2260,7 @@ int main(int argc, char *argv[])
if(got_exit_signal)
goto sws_cleanup;
- /* Set up for select*/
+ /* Set up for select */
FD_ZERO(&input);
FD_ZERO(&output);
@@ -2268,7 +2286,7 @@ int main(int argc, char *argv[])
goto sws_cleanup;
if(rc == 0) {
- /* Timed out - try again*/
+ /* Timed out - try again */
continue;
}
@@ -2302,7 +2320,7 @@ int main(int argc, char *argv[])
if(req.connmon) {
const char *keepopen="[DISCONNECT]\n";
- storerequest((char *)keepopen, strlen(keepopen));
+ storerequest(keepopen, strlen(keepopen));
}
if(!req.open)
diff --git a/tests/server/testpart.c b/tests/server/testpart.c
index f3a70c7cf..79869e21c 100644
--- a/tests/server/testpart.c
+++ b/tests/server/testpart.c
@@ -23,8 +23,7 @@
#include "getpart.h"
-#define _MPRINTF_REPLACE /* use our functions only */
-#include <curl/mprintf.h>
+#include "curl_printf.h"
/* include memdebug.h last */
#include "memdebug.h"
diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c
index afc0884e0..df01eb782 100644
--- a/tests/server/tftpd.c
+++ b/tests/server/tftpd.c
@@ -15,7 +15,7 @@
*/
/*
- * Copyright (c) 1983 Regents of the University of California.
+ * Copyright (c) 1983, 2016 Regents of the University of California.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -199,8 +199,8 @@ static curl_socklen_t fromlen;
static curl_socket_t peer = CURL_SOCKET_BAD;
-static int timeout;
-static int maxtimeout = 5 * TIMEOUT;
+static unsigned int timeout;
+static unsigned int maxtimeout = 5 * TIMEOUT;
#ifdef ENABLE_IPV6
static bool use_ipv6 = FALSE;
@@ -208,7 +208,7 @@ static bool use_ipv6 = FALSE;
static const char *ipv_inuse = "IPv4";
const char *serverlogfile = DEFAULT_LOGFILE;
-static char *pidname= (char *)".tftpd.pid";
+static const char *pidname = ".tftpd.pid";
static int serverlogslocked = 0;
static int wrotepidfile = 0;
@@ -217,7 +217,7 @@ static sigjmp_buf timeoutbuf;
#endif
#if defined(HAVE_ALARM) && defined(SIGALRM)
-static int rexmtval = TIMEOUT;
+static const unsigned int rexmtval = TIMEOUT;
#endif
/* do-nothing macro replacement for systems which lack siginterrupt() */
@@ -367,31 +367,36 @@ static void install_signal_handlers(void)
{
#ifdef SIGHUP
/* ignore SIGHUP signal */
- if((old_sighup_handler = signal(SIGHUP, SIG_IGN)) == SIG_ERR)
+ old_sighup_handler = signal(SIGHUP, SIG_IGN);
+ if(old_sighup_handler == SIG_ERR)
logmsg("cannot install SIGHUP handler: %s", strerror(errno));
#endif
#ifdef SIGPIPE
/* ignore SIGPIPE signal */
- if((old_sigpipe_handler = signal(SIGPIPE, SIG_IGN)) == SIG_ERR)
+ old_sigpipe_handler = signal(SIGPIPE, SIG_IGN);
+ if(old_sigpipe_handler == SIG_ERR)
logmsg("cannot install SIGPIPE handler: %s", strerror(errno));
#endif
#ifdef SIGINT
/* handle SIGINT signal with our exit_signal_handler */
- if((old_sigint_handler = signal(SIGINT, exit_signal_handler)) == SIG_ERR)
+ old_sigint_handler = signal(SIGINT, exit_signal_handler);
+ if(old_sigint_handler == SIG_ERR)
logmsg("cannot install SIGINT handler: %s", strerror(errno));
else
siginterrupt(SIGINT, 1);
#endif
#ifdef SIGTERM
/* handle SIGTERM signal with our exit_signal_handler */
- if((old_sigterm_handler = signal(SIGTERM, exit_signal_handler)) == SIG_ERR)
+ old_sigterm_handler = signal(SIGTERM, exit_signal_handler);
+ if(old_sigterm_handler == SIG_ERR)
logmsg("cannot install SIGTERM handler: %s", strerror(errno));
else
siginterrupt(SIGTERM, 1);
#endif
#if defined(SIGBREAK) && defined(WIN32)
/* handle SIGBREAK signal with our exit_signal_handler */
- if((old_sigbreak_handler = signal(SIGBREAK, exit_signal_handler)) == SIG_ERR)
+ old_sigbreak_handler = signal(SIGBREAK, exit_signal_handler);
+ if(old_sigbreak_handler == SIG_ERR)
logmsg("cannot install SIGBREAK handler: %s", strerror(errno));
else
siginterrupt(SIGBREAK, 1);
@@ -955,7 +960,7 @@ static int do_tftp(struct testcase *test, struct tftphdr
*tp, ssize_t size)
#ifdef USE_WINSOCK
DWORD recvtimeout, recvtimeoutbak;
#endif
- char *option = (char *)"mode"; /* mode is implicit */
+ const char *option = "mode"; /* mode is implicit */
int toggle = 1;
/* Open request dump file. */
@@ -1040,10 +1045,10 @@ static int do_tftp(struct testcase *test, struct
tftphdr *tp, ssize_t size)
#ifdef USE_WINSOCK
recvtimeout = sizeof(recvtimeoutbak);
getsockopt(peer, SOL_SOCKET, SO_RCVTIMEO,
- (char*)&recvtimeoutbak, (int*)&recvtimeout);
+ (char *)&recvtimeoutbak, (int *)&recvtimeout);
recvtimeout = TIMEOUT*1000;
setsockopt(peer, SOL_SOCKET, SO_RCVTIMEO,
- (const char*)&recvtimeout, sizeof(recvtimeout));
+ (const char *)&recvtimeout, sizeof(recvtimeout));
#endif
if(tp->th_opcode == opcode_WRQ)
@@ -1054,7 +1059,7 @@ static int do_tftp(struct testcase *test, struct tftphdr
*tp, ssize_t size)
#ifdef USE_WINSOCK
recvtimeout = recvtimeoutbak;
setsockopt(peer, SOL_SOCKET, SO_RCVTIMEO,
- (const char*)&recvtimeout, sizeof(recvtimeout));
+ (const char *)&recvtimeout, sizeof(recvtimeout));
#endif
return 0;
@@ -1232,19 +1237,17 @@ static void sendtftp(struct testcase *test, struct
formats *pf)
{
int size;
ssize_t n;
- /* This is volatile to live through a siglongjmp */
+ /* These are volatile to live through a siglongjmp */
volatile unsigned short sendblock; /* block count */
- struct tftphdr *sdp; /* data buffer */
- struct tftphdr *sap; /* ack buffer */
+ struct tftphdr * volatile sdp = r_init(); /* data buffer */
+ struct tftphdr * const sap = &ackbuf.hdr; /* ack buffer */
sendblock = 1;
#if defined(HAVE_ALARM) && defined(SIGALRM)
mysignal(SIGALRM, timer);
#endif
- sdp = r_init();
- sap = &ackbuf.hdr;
do {
- size = readit(test, &sdp, pf->f_convert);
+ size = readit(test, (struct tftphdr **)&sdp, pf->f_convert);
if(size < 0) {
nak(errno + 100);
return;
diff --git a/tests/server/util.c b/tests/server/util.c
index d99336397..42e585349 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -34,10 +34,13 @@
#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif
-#ifdef HAVE_SYS_POLL_H
-#include <sys/poll.h>
-#elif defined(HAVE_POLL_H)
+#ifdef HAVE_POLL_H
#include <poll.h>
+#elif defined(HAVE_SYS_POLL_H)
+#include <sys/poll.h>
+#endif
+#ifdef __MINGW32__
+#include <w32api.h>
#endif
#define ENABLE_CURLX_PRINTF
@@ -55,9 +58,14 @@
#define EINVAL 22 /* errno.h value */
#endif
+/* MinGW with w32api version < 3.6 declared in6addr_any as extern,
+ but lacked the definition */
#if defined(ENABLE_IPV6) && defined(__MINGW32__)
+#if (__W32API_MAJOR_VERSION < 3) || \
+ ((__W32API_MAJOR_VERSION == 3) && (__W32API_MINOR_VERSION < 6))
const struct in6_addr in6addr_any = {{ IN6ADDR_ANY_INIT }};
-#endif
+#endif /* w32api < 3.6 */
+#endif /* ENABLE_IPV6 && __MINGW32__*/
/* This function returns a pointer to STATIC memory. It converts the given
* binary lump to a hex formatted string usable for output in logs or
@@ -92,7 +100,7 @@ void logmsg(const char *msg, ...)
char buffer[2048 + 1];
FILE *logfp;
int error;
- struct timeval tv;
+ struct curltime tv;
time_t sec;
struct tm *now;
char timebuf[20];
@@ -135,7 +143,7 @@ void logmsg(const char *msg, ...)
#ifdef WIN32
/* use instead of perror() on generic windows */
-void win32_perror (const char *msg)
+void win32_perror(const char *msg)
{
char buf[512];
DWORD err = SOCKERRNO;
@@ -205,7 +213,7 @@ int wait_ms(int timeout_ms)
#ifndef HAVE_POLL_FINE
struct timeval pending_tv;
#endif
- struct timeval initial_tv;
+ struct curltime initial_tv;
int pending_ms;
int error;
#endif
@@ -305,3 +313,87 @@ void clear_advisor_read_lock(const char *filename)
logmsg("Error removing lock file %s error: %d %s",
filename, error, strerror(error));
}
+
+
+/* Portable, consistent toupper (remember EBCDIC). Do not use toupper() because
+ its behavior is altered by the current locale. */
+static char raw_toupper(char in)
+{
+#if !defined(CURL_DOES_CONVERSIONS)
+ if(in >= 'a' && in <= 'z')
+ return (char)('A' + in - 'a');
+#else
+ switch(in) {
+ case 'a':
+ return 'A';
+ case 'b':
+ return 'B';
+ case 'c':
+ return 'C';
+ case 'd':
+ return 'D';
+ case 'e':
+ return 'E';
+ case 'f':
+ return 'F';
+ case 'g':
+ return 'G';
+ case 'h':
+ return 'H';
+ case 'i':
+ return 'I';
+ case 'j':
+ return 'J';
+ case 'k':
+ return 'K';
+ case 'l':
+ return 'L';
+ case 'm':
+ return 'M';
+ case 'n':
+ return 'N';
+ case 'o':
+ return 'O';
+ case 'p':
+ return 'P';
+ case 'q':
+ return 'Q';
+ case 'r':
+ return 'R';
+ case 's':
+ return 'S';
+ case 't':
+ return 'T';
+ case 'u':
+ return 'U';
+ case 'v':
+ return 'V';
+ case 'w':
+ return 'W';
+ case 'x':
+ return 'X';
+ case 'y':
+ return 'Y';
+ case 'z':
+ return 'Z';
+ }
+#endif
+
+ return in;
+}
+
+int strncasecompare(const char *first, const char *second, size_t max)
+{
+ while(*first && *second && max) {
+ if(raw_toupper(*first) != raw_toupper(*second)) {
+ break;
+ }
+ max--;
+ first++;
+ second++;
+ }
+ if(0 == max)
+ return 1; /* they are equal this far */
+
+ return raw_toupper(*first) == raw_toupper(*second);
+}
diff --git a/tests/server/util.h b/tests/server/util.h
index 2a19a613b..a2a56badd 100644
--- a/tests/server/util.h
+++ b/tests/server/util.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -44,7 +44,7 @@ extern const char *serverlogfile;
#undef perror
#define perror(m) win32_perror(m)
-void win32_perror (const char *msg);
+void win32_perror(const char *msg);
#endif /* WIN32 */
#ifdef USE_WINSOCK
@@ -63,4 +63,6 @@ void set_advisor_read_lock(const char *filename);
void clear_advisor_read_lock(const char *filename);
+int strncasecompare(const char *first, const char *second, size_t max);
+
#endif /* HEADER_CURL_SERVER_UTIL_H */
diff --git a/tests/serverhelp.pm b/tests/serverhelp.pm
index d6a06508d..a83a12584 100644
--- a/tests/serverhelp.pm
+++ b/tests/serverhelp.pm
@@ -105,7 +105,7 @@ sub servername_str {
$proto = uc($proto) if($proto);
die "unsupported protocol: '$proto'" unless($proto &&
- ($proto =~
/^(((FTP|HTTP|HTTP\/2|IMAP|POP3|SMTP|HTTP-PIPE)S?)|(TFTP|SFTP|SOCKS|SSH|RTSP|GOPHER|HTTPTLS))$/));
+ ($proto =~
/^(((FTP|HTTP|HTTP\/2|IMAP|POP3|SMTP|HTTP-PIPE)S?)|(TFTP|SFTP|SOCKS|SSH|RTSP|GOPHER|HTTPTLS|DICT|SMB|SMBS|TELNET))$/));
$ipver = (not $ipver) ? 'ipv4' : lc($ipver);
die "unsupported IP version: '$ipver'" unless($ipver &&
diff --git a/tests/smbserver.py b/tests/smbserver.py
new file mode 100755
index 000000000..195ae395b
--- /dev/null
+++ b/tests/smbserver.py
@@ -0,0 +1,377 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+# Project ___| | | | _ \| |
+# / __| | | | |_) | |
+# | (__| |_| | _ <| |___
+# \___|\___/|_| \_\_____|
+#
+# Copyright (C) 2017, Daniel Stenberg, <address@hidden>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+"""Server for testing SMB"""
+
+from __future__ import (absolute_import, division, print_function)
+# unicode_literals)
+import argparse
+import ConfigParser
+import os
+import sys
+import logging
+import tempfile
+
+# Import our curl test data helper
+import curl_test_data
+
+# This saves us having to set up the PYTHONPATH explicitly
+deps_dir = os.path.join(os.path.dirname(__file__), "python_dependencies")
+sys.path.append(deps_dir)
+from impacket import smbserver as imp_smbserver
+from impacket import smb as imp_smb
+from impacket.nt_errors import (STATUS_ACCESS_DENIED, STATUS_SUCCESS,
+ STATUS_NO_SUCH_FILE)
+
+log = logging.getLogger(__name__)
+SERVER_MAGIC = "SERVER_MAGIC"
+TESTS_MAGIC = "TESTS_MAGIC"
+VERIFIED_REQ = "verifiedserver"
+VERIFIED_RSP = b"WE ROOLZ: {pid}\n"
+
+
+def smbserver(options):
+ """Start up a TCP SMB server that serves forever
+
+ """
+ if options.pidfile:
+ pid = os.getpid()
+ with open(options.pidfile, "w") as f:
+ f.write("{0}".format(pid))
+
+ # Here we write a mini config for the server
+ smb_config = ConfigParser.ConfigParser()
+ smb_config.add_section("global")
+ smb_config.set("global", "server_name", "SERVICE")
+ smb_config.set("global", "server_os", "UNIX")
+ smb_config.set("global", "server_domain", "WORKGROUP")
+ smb_config.set("global", "log_file", "")
+ smb_config.set("global", "credentials_file", "")
+
+ # We need a share which allows us to test that the server is running
+ smb_config.add_section("SERVER")
+ smb_config.set("SERVER", "comment", "server function")
+ smb_config.set("SERVER", "read only", "yes")
+ smb_config.set("SERVER", "share type", "0")
+ smb_config.set("SERVER", "path", SERVER_MAGIC)
+
+ # Have a share for tests. These files will be autogenerated from the
+ # test input.
+ smb_config.add_section("TESTS")
+ smb_config.set("TESTS", "comment", "tests")
+ smb_config.set("TESTS", "read only", "yes")
+ smb_config.set("TESTS", "share type", "0")
+ smb_config.set("TESTS", "path", TESTS_MAGIC)
+
+ if not options.srcdir or not os.path.isdir(options.srcdir):
+ raise ScriptException("--srcdir is mandatory")
+
+ test_data_dir = os.path.join(options.srcdir, "data")
+
+ smb_server = TestSmbServer(("127.0.0.1", options.port),
+ config_parser=smb_config,
+ test_data_directory=test_data_dir)
+ log.info("[SMB] setting up SMB server on port %s", options.port)
+ smb_server.processConfigFile()
+ smb_server.serve_forever()
+ return 0
+
+
+class TestSmbServer(imp_smbserver.SMBSERVER):
+ """
+ Test server for SMB which subclasses the impacket SMBSERVER and provides
+ test functionality.
+ """
+
+ def __init__(self,
+ address,
+ config_parser=None,
+ test_data_directory=None):
+ imp_smbserver.SMBSERVER.__init__(self,
+ address,
+ config_parser=config_parser)
+
+ # Set up a test data object so we can get test data later.
+ self.ctd = curl_test_data.TestData(test_data_directory)
+
+ # Override smbComNtCreateAndX so we can pretend to have files which
+ # don't exist.
+ self.hookSmbCommand(imp_smb.SMB.SMB_COM_NT_CREATE_ANDX,
+ self.create_and_x)
+
+ def create_and_x(self, conn_id, smb_server, smb_command, recv_packet):
+ """
+ Our version of smbComNtCreateAndX looks for special test files and
+ fools the rest of the framework into opening them as if they were
+ normal files.
+ """
+ conn_data = smb_server.getConnectionData(conn_id)
+
+ # Wrap processing in a try block which allows us to throw SmbException
+ # to control the flow.
+ try:
+ ncax_parms = imp_smb.SMBNtCreateAndX_Parameters(
+ smb_command["Parameters"])
+
+ path = self.get_share_path(conn_data,
+ ncax_parms["RootFid"],
+ recv_packet["Tid"])
+ log.info("[SMB] Requested share path: %s", path)
+
+ disposition = ncax_parms["Disposition"]
+ log.debug("[SMB] Requested disposition: %s", disposition)
+
+ # Currently we only support reading files.
+ if disposition != imp_smb.FILE_OPEN:
+ raise SmbException(STATUS_ACCESS_DENIED,
+ "Only support reading files")
+
+ # Check to see if the path we were given is actually a
+ # magic path which needs generating on the fly.
+ if path not in [SERVER_MAGIC, TESTS_MAGIC]:
+ # Pass the command onto the original handler.
+ return imp_smbserver.SMBCommands.smbComNtCreateAndX(conn_id,
+ smb_server,
+
smb_command,
+
recv_packet)
+
+ flags2 = recv_packet["Flags2"]
+ ncax_data = imp_smb.SMBNtCreateAndX_Data(flags=flags2,
+ data=smb_command[
+ "Data"])
+ requested_file = imp_smbserver.decodeSMBString(
+ flags2,
+ ncax_data["FileName"])
+ log.debug("[SMB] User requested file '%s'", requested_file)
+
+ if path == SERVER_MAGIC:
+ fid, full_path = self.get_server_path(requested_file)
+ else:
+ assert (path == TESTS_MAGIC)
+ fid, full_path = self.get_test_path(requested_file)
+
+ resp_parms = imp_smb.SMBNtCreateAndXResponse_Parameters()
+ resp_data = ""
+
+ # Simple way to generate a fid
+ if len(conn_data["OpenedFiles"]) == 0:
+ fakefid = 1
+ else:
+ fakefid = conn_data["OpenedFiles"].keys()[-1] + 1
+ resp_parms["Fid"] = fakefid
+ resp_parms["CreateAction"] = disposition
+
+ if os.path.isdir(path):
+ resp_parms[
+ "FileAttributes"] = imp_smb.SMB_FILE_ATTRIBUTE_DIRECTORY
+ resp_parms["IsDirectory"] = 1
+ else:
+ resp_parms["IsDirectory"] = 0
+ resp_parms["FileAttributes"] = ncax_parms["FileAttributes"]
+
+ # Get this file's information
+ resp_info, error_code = imp_smbserver.queryPathInformation(
+ "", full_path, level=imp_smb.SMB_QUERY_FILE_ALL_INFO)
+
+ if error_code != STATUS_SUCCESS:
+ raise SmbException(error_code, "Failed to query path info")
+
+ resp_parms["CreateTime"] = resp_info["CreationTime"]
+ resp_parms["LastAccessTime"] = resp_info[
+ "LastAccessTime"]
+ resp_parms["LastWriteTime"] = resp_info["LastWriteTime"]
+ resp_parms["LastChangeTime"] = resp_info[
+ "LastChangeTime"]
+ resp_parms["FileAttributes"] = resp_info[
+ "ExtFileAttributes"]
+ resp_parms["AllocationSize"] = resp_info[
+ "AllocationSize"]
+ resp_parms["EndOfFile"] = resp_info["EndOfFile"]
+
+ # Let's store the fid for the connection
+ # smbServer.log("Create file %s, mode:0x%x" % (pathName, mode))
+ conn_data["OpenedFiles"][fakefid] = {}
+ conn_data["OpenedFiles"][fakefid]["FileHandle"] = fid
+ conn_data["OpenedFiles"][fakefid]["FileName"] = path
+ conn_data["OpenedFiles"][fakefid]["DeleteOnClose"] = False
+
+ except SmbException as s:
+ log.debug("[SMB] SmbException hit: %s", s)
+ error_code = s.error_code
+ resp_parms = ""
+ resp_data = ""
+
+ resp_cmd = imp_smb.SMBCommand(imp_smb.SMB.SMB_COM_NT_CREATE_ANDX)
+ resp_cmd["Parameters"] = resp_parms
+ resp_cmd["Data"] = resp_data
+ smb_server.setConnectionData(conn_id, conn_data)
+
+ return [resp_cmd], None, error_code
+
+ def get_share_path(self, conn_data, root_fid, tid):
+ conn_shares = conn_data["ConnectedShares"]
+
+ if tid in conn_shares:
+ if root_fid > 0:
+ # If we have a rootFid, the path is relative to that fid
+ path = conn_data["OpenedFiles"][root_fid]["FileName"]
+ log.debug("RootFid present %s!" % path)
+ else:
+ if "path" in conn_shares[tid]:
+ path = conn_shares[tid]["path"]
+ else:
+ raise SmbException(STATUS_ACCESS_DENIED,
+ "Connection share had no path")
+ else:
+ raise SmbException(imp_smbserver.STATUS_SMB_BAD_TID,
+ "TID was invalid")
+
+ return path
+
+ def get_server_path(self, requested_filename):
+ log.debug("[SMB] Get server path '%s'", requested_filename)
+
+ if requested_filename not in [VERIFIED_REQ]:
+ raise SmbException(STATUS_NO_SUCH_FILE, "Couldn't find the file")
+
+ fid, filename = tempfile.mkstemp()
+ log.debug("[SMB] Created %s (%d) for storing '%s'",
+ filename, fid, requested_filename)
+
+ contents = ""
+
+ if requested_filename == VERIFIED_REQ:
+ log.debug("[SMB] Verifying server is alive")
+ contents = VERIFIED_RSP.format(pid=os.getpid())
+
+ self.write_to_fid(fid, contents)
+ return fid, filename
+
+ def write_to_fid(self, fid, contents):
+ # Write the contents to file descriptor
+ os.write(fid, contents)
+ os.fsync(fid)
+
+ # Rewind the file to the beginning so a read gets us the contents
+ os.lseek(fid, 0, os.SEEK_SET)
+
+ def get_test_path(self, requested_filename):
+ log.info("[SMB] Get reply data from 'test%s'", requested_filename)
+
+ fid, filename = tempfile.mkstemp()
+ log.debug("[SMB] Created %s (%d) for storing test '%s'",
+ filename, fid, requested_filename)
+
+ try:
+ contents = self.ctd.get_test_data(requested_filename)
+ self.write_to_fid(fid, contents)
+ return fid, filename
+
+ except Exception:
+ log.exception("Failed to make test file")
+ raise SmbException(STATUS_NO_SUCH_FILE, "Failed to make test file")
+
+
+class SmbException(Exception):
+ def __init__(self, error_code, error_message):
+ super(SmbException, self).__init__(error_message)
+ self.error_code = error_code
+
+
+class ScriptRC(object):
+ """Enum for script return codes"""
+ SUCCESS = 0
+ FAILURE = 1
+ EXCEPTION = 2
+
+
+class ScriptException(Exception):
+ pass
+
+
+def get_options():
+ parser = argparse.ArgumentParser()
+
+ parser.add_argument("--port", action="store", default=9017,
+ type=int, help="port to listen on")
+ parser.add_argument("--verbose", action="store", type=int, default=0,
+ help="verbose output")
+ parser.add_argument("--pidfile", action="store",
+ help="file name for the PID")
+ parser.add_argument("--logfile", action="store",
+ help="file name for the log")
+ parser.add_argument("--srcdir", action="store", help="test directory")
+ parser.add_argument("--id", action="store", help="server ID")
+ parser.add_argument("--ipv4", action="store_true", default=0,
+ help="IPv4 flag")
+
+ return parser.parse_args()
+
+
+def setup_logging(options):
+ """
+ Set up logging from the command line options
+ """
+ root_logger = logging.getLogger()
+ add_stdout = False
+
+ formatter = logging.Formatter("%(asctime)s %(levelname)-5.5s %(message)s")
+
+ # Write out to a logfile
+ if options.logfile:
+ handler = logging.FileHandler(options.logfile, mode="w")
+ handler.setFormatter(formatter)
+ handler.setLevel(logging.DEBUG)
+ root_logger.addHandler(handler)
+ else:
+ # The logfile wasn't specified. Add a stdout logger.
+ add_stdout = True
+
+ if options.verbose:
+ # Add a stdout logger as well in verbose mode
+ root_logger.setLevel(logging.DEBUG)
+ add_stdout = True
+ else:
+ root_logger.setLevel(logging.INFO)
+
+ if add_stdout:
+ stdout_handler = logging.StreamHandler(sys.stdout)
+ stdout_handler.setFormatter(formatter)
+ stdout_handler.setLevel(logging.DEBUG)
+ root_logger.addHandler(stdout_handler)
+
+
+if __name__ == '__main__':
+ # Get the options from the user.
+ options = get_options()
+
+ # Setup logging using the user options
+ setup_logging(options)
+
+ # Run main script.
+ try:
+ rc = smbserver(options)
+ except Exception as e:
+ log.exception(e)
+ rc = ScriptRC.EXCEPTION
+
+ log.info("[SMB] Returning %d", rc)
+ sys.exit(rc)
diff --git a/tests/sshserver.pl b/tests/sshserver.pl
index 3ebf8e675..9b3d122fd 100755
--- a/tests/sshserver.pl
+++ b/tests/sshserver.pl
@@ -84,7 +84,7 @@ my $port = 8999; # our default SCP/SFTP server
port
my $socksport = $port + 1; # our default SOCKS4/5 server port
my $listenaddr = '127.0.0.1'; # default address on which to listen
my $ipvnum = 4; # default IP version of listener address
-my $idnum = 1; # dafault ssh daemon instance number
+my $idnum = 1; # default ssh daemon instance number
my $proto = 'ssh'; # protocol the ssh daemon speaks
my $path = getcwd(); # current working directory
my $logdir = $path .'/log'; # directory for log files
diff --git a/tests/symbol-scan.pl b/tests/symbol-scan.pl
index 5d570d8a8..1700ca33a 100644
--- a/tests/symbol-scan.pl
+++ b/tests/symbol-scan.pl
@@ -51,8 +51,8 @@ my $root=$ARGV[0] || ".";
# need an include directory when building out-of-tree
my $i = ($ARGV[1]) ? "-I$ARGV[1] " : '';
-my $h = "$root/include/curl/curl.h";
-my $mh = "$root/include/curl/multi.h";
+my $h = "$root/include/gnurl/curl.h";
+my $mh = "$root/include/gnurl/multi.h";
my $verbose=0;
my $summary=0;
diff --git a/tests/testcurl.1 b/tests/testcurl.1
index 509f5dcc9..ee07d64fe 100644
--- a/tests/testcurl.1
+++ b/tests/testcurl.1
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, <address@hidden>, et al.
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -32,7 +32,7 @@ crontab job or similar at a regular interval. The output is
suitable to be
mailed to address@hidden to be dealt with automatically (make sure
the subject includes the word "autobuild" as the mail gets silently discarded
otherwise). The most current build status (with a reasonable backlog) will be
-published on the curl site, at https://curl.haxx.se/auto/
+published on the curl site, at https://curl.haxx.se/dev/builds.html
\fIoptions\fP may be omitted. See \fI--setup\fP for what happens then.
@@ -78,13 +78,13 @@ Specify your target environment. Recognized strings include
'vc', 'mingw32',
\&'borland' and 'netware'.
.SH "INITIAL SETUP"
First you make a checkout from git (or you write a script that downloads daily
-snapshots automatically, find inspiration at
-https://curl.haxx.se/auto/autocurl.txt):
+snapshots automatically, find inspiration in
+https://curl.haxx.se/dev/autocurl.txt ):
.nf
$ mkdir daily-curl
$ cd daily-curl
- $ git clone git://github.com/curl/curl.git
+ $ git clone https://github.com/curl/curl.git
.fi
With the curl sources checked out, or downloaded, you can start testing right
diff --git a/tests/testcurl.pl b/tests/testcurl.pl
index dc35a026d..48fde3dcf 100755
--- a/tests/testcurl.pl
+++ b/tests/testcurl.pl
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2015, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -503,8 +503,8 @@ if ($git) {
}
# Set timestamp to the one in curlver.h if this isn't a git test build.
-if ((-f "include/curl/curlver.h") &&
- (open(F, "<include/curl/curlver.h"))) {
+if ((-f "include/gnurl/curlver.h") &&
+ (open(F, "<include/gnurl/curlver.h"))) {
while (<F>) {
chomp;
if ($_ =~ /^\#define\s+LIBCURL_TIMESTAMP\s+\"(.+)\".*$/) {
@@ -588,7 +588,6 @@ if ($configurebuild) {
elsif ($^O eq 'linux') {
system("cp -afr $CURLDIR/* .");
system("cp -af $CURLDIR/Makefile.dist Makefile");
- system("cp -af $CURLDIR/include/curl/curlbuild.h.dist
./include/curl/curlbuild.h");
system("$make -i -C lib -f Makefile.$targetos prebuild");
system("$make -i -C src -f Makefile.$targetos prebuild");
if (-d "$CURLDIR/ares") {
@@ -609,20 +608,6 @@ if(-f "./libcurl.pc") {
}
}
-if(-f "./include/curl/curlbuild.h") {
- logit_spaced "display include/curl/curlbuild.h";
- if(open(F, "<./include/curl/curlbuild.h")) {
- while(<F>) {
- my $ll = $_;
- print $ll if(($ll =~ /^ *# *define *CURL_/) && ($ll !~
/__CURL_CURLBUILD_H/));
- }
- close(F);
- }
-}
-else {
- mydie "no curlbuild.h created/found";
-}
-
logit_spaced "display lib/$confheader";
open(F, "lib/$confheader") or die "lib/$confheader: $!";
while (<F>) {
diff --git a/tests/tftpserver.pl b/tests/tftpserver.pl
index a4c4e47c0..8c84111bf 100755
--- a/tests/tftpserver.pl
+++ b/tests/tftpserver.pl
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2010, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -37,7 +37,7 @@ use serverhelp qw(
my $verbose = 0; # set to 1 for debugging
my $port = 8997; # just a default
my $ipvnum = 4; # default IP version of tftp server
-my $idnum = 1; # dafault tftp server instance number
+my $idnum = 1; # default tftp server instance number
my $proto = 'tftp'; # protocol the tftp server speaks
my $pidfile; # tftp server pid file
my $logfile; # tftp server log file
diff --git a/tests/unit/CMakeLists.txt b/tests/unit/CMakeLists.txt
index 14589d68d..ea265b3e5 100644
--- a/tests/unit/CMakeLists.txt
+++ b/tests/unit/CMakeLists.txt
@@ -29,7 +29,7 @@ include_directories(
${CURL_SOURCE_DIR}/tests/libtest
${CURL_SOURCE_DIR}/src
${CURL_BINARY_DIR}/lib # To be able to reach "curl_config.h"
- ${CURL_BINARY_DIR}/include # To be able to reach "curl/curlbuild.h"
+ ${CURL_BINARY_DIR}/include # To be able to reach "gnurl/curl.h"
)
foreach(_testfile ${UT_SRC})
diff --git a/tests/unit/Makefile.am b/tests/unit/Makefile.am
index d4987d69d..61b72c0db 100644
--- a/tests/unit/Makefile.am
+++ b/tests/unit/Makefile.am
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -26,8 +26,6 @@ AUTOMAKE_OPTIONS = foreign nostdinc
# being currently built and tested are searched before the library which
# might possibly already be installed in the system.
#
-# $(top_builddir)/include/curl for generated curlbuild.h included from curl.h
-# $(top_builddir)/include for generated curlbuild.h inc. from lib/curl_setup.h
# $(top_srcdir)/include is for libcurl's external include files
# $(top_builddir)/lib is for libcurl's generated lib/curl_config.h file
# $(top_srcdir)/lib for libcurl's lib/curl_setup.h and other "borrowed" files
@@ -35,9 +33,7 @@ AUTOMAKE_OPTIONS = foreign nostdinc
# $(top_srcdir)/ares is for in-tree c-ares's external include files
if USE_EMBEDDED_ARES
-AM_CPPFLAGS = -I$(top_builddir)/include/curl \
- -I$(top_builddir)/include \
- -I$(top_srcdir)/include \
+AM_CPPFLAGS = -I$(top_srcdir)/include \
-I$(top_builddir)/lib \
-I$(top_srcdir)/lib \
-I$(top_srcdir)/src \
@@ -45,16 +41,14 @@ AM_CPPFLAGS = -I$(top_builddir)/include/curl \
-I$(top_builddir)/ares \
-I$(top_srcdir)/ares
else
-AM_CPPFLAGS = -I$(top_builddir)/include/curl \
- -I$(top_builddir)/include \
- -I$(top_srcdir)/include \
+AM_CPPFLAGS = -I$(top_srcdir)/include \
-I$(top_builddir)/lib \
-I$(top_srcdir)/lib \
-I$(top_srcdir)/src \
-I$(top_srcdir)/tests/libtest
endif
-EXTRA_DIST = Makefile.inc
+EXTRA_DIST = Makefile.inc CMakeLists.txt
# Prevent LIBS from being used for all link targets
LIBS = $(BLANK_AT_MAKETIME)
@@ -63,9 +57,6 @@ LDADD = $(top_builddir)/src/libcurltool.la \
$(top_builddir)/lib/libcurlu.la \
@LDFLAGS@ @LIBCURL_LIBS@
-DEPENDENCIES = $(top_builddir)/src/libcurltool.la \
- $(top_builddir)/lib/libcurlu.la
-
AM_CPPFLAGS += -DCURL_STATICLIB -DUNITTESTS
# Makefile.inc provides neat definitions
diff --git a/tests/unit/Makefile.inc b/tests/unit/Makefile.inc
index cd586367f..e4cfa2c99 100644
--- a/tests/unit/Makefile.inc
+++ b/tests/unit/Makefile.inc
@@ -6,8 +6,10 @@ UNITFILES = curlcheck.h \
# These are all unit test programs
UNITPROGS = unit1300 unit1301 unit1302 unit1303 unit1304 unit1305 unit1307
\
- unit1308 unit1309 unit1330 unit1394 unit1395 unit1396 unit1397 unit1398
\
- unit1600 unit1601 unit1602 unit1603 unit1604 unit1605
+ unit1308 unit1309 unit1323 \
+ unit1330 unit1394 unit1395 unit1396 unit1397 unit1398 \
+ unit1399 \
+ unit1600 unit1601 unit1602 unit1603 unit1604 unit1605 unit1606
unit1300_SOURCES = unit1300.c $(UNITFILES)
unit1300_CPPFLAGS = $(AM_CPPFLAGS)
@@ -36,6 +38,9 @@ unit1308_CPPFLAGS = $(AM_CPPFLAGS)
unit1309_SOURCES = unit1309.c $(UNITFILES)
unit1309_CPPFLAGS = $(AM_CPPFLAGS)
+unit1323_SOURCES = unit1323.c $(UNITFILES)
+unit1323_CPPFLAGS = $(AM_CPPFLAGS)
+
unit1330_SOURCES = unit1330.c $(UNITFILES)
unit1330_CPPFLAGS = $(AM_CPPFLAGS)
@@ -57,6 +62,9 @@ unit1397_CPPFLAGS = $(AM_CPPFLAGS)
unit1398_SOURCES = unit1398.c $(UNITFILES)
unit1398_CPPFLAGS = $(AM_CPPFLAGS)
+unit1399_SOURCES = unit1399.c $(UNITFILES)
+unit1399_CPPFLAGS = $(AM_CPPFLAGS)
+
unit1600_SOURCES = unit1600.c $(UNITFILES)
unit1600_CPPFLAGS = $(AM_CPPFLAGS)
@@ -74,3 +82,6 @@ unit1604_CPPFLAGS = $(AM_CPPFLAGS) $(LIBMETALINK_CPPFLAGS)
unit1605_SOURCES = unit1605.c $(UNITFILES)
unit1605_CPPFLAGS = $(AM_CPPFLAGS)
+
+unit1606_SOURCES = unit1606.c $(UNITFILES)
+unit1606_CPPFLAGS = $(AM_CPPFLAGS)
diff --git a/tests/unit/curlcheck.h b/tests/unit/curlcheck.h
index 0660e2bed..46cb84aaf 100644
--- a/tests/unit/curlcheck.h
+++ b/tests/unit/curlcheck.h
@@ -39,9 +39,10 @@
#define verify_memory(dynamic, check, len) \
if(dynamic && memcmp(dynamic, check, len)) { \
fprintf(stderr, "%s:%d Memory buffer mismatch size %d. '%s' is not\n", \
- __FILE__, __LINE__, len, hexdump((unsigned char *)check, len)); \
- fprintf(stderr, "%s:%d the same as '%s'\n", \
- __FILE__, __LINE__, hexdump((unsigned char *)dynamic, len)); \
+ __FILE__, __LINE__, len, \
+ hexdump((const unsigned char *)check, len)); \
+ fprintf(stderr, "%s:%d the same as '%s'\n", __FILE__, __LINE__, \
+ hexdump((const unsigned char *)dynamic, len)); \
unitfail++; \
}
diff --git a/tests/unit/unit1300.c b/tests/unit/unit1300.c
index c4d9dd90d..8ec32a8c9 100644
--- a/tests/unit/unit1300.c
+++ b/tests/unit/unit1300.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,9 +23,9 @@
#include "llist.h"
-static struct curl_llist *llist;
+static struct curl_llist llist;
-static struct curl_llist *llist_destination;
+static struct curl_llist llist_destination;
static void test_curl_llist_dtor(void *key, void *value)
{
@@ -36,34 +36,32 @@ static void test_curl_llist_dtor(void *key, void *value)
static CURLcode unit_setup(void)
{
- llist = Curl_llist_alloc(test_curl_llist_dtor);
- if(!llist)
- return CURLE_OUT_OF_MEMORY;
- llist_destination = Curl_llist_alloc(test_curl_llist_dtor);
- if(!llist_destination) {
- Curl_llist_destroy(llist, NULL);
- return CURLE_OUT_OF_MEMORY;
- }
-
+ Curl_llist_init(&llist, test_curl_llist_dtor);
+ Curl_llist_init(&llist_destination, test_curl_llist_dtor);
return CURLE_OK;
}
static void unit_stop(void)
{
- Curl_llist_destroy(llist, NULL);
- Curl_llist_destroy(llist_destination, NULL);
+ Curl_llist_destroy(&llist, NULL);
+ Curl_llist_destroy(&llist_destination, NULL);
}
UNITTEST_START
+{
int unusedData_case1 = 1;
int unusedData_case2 = 2;
int unusedData_case3 = 3;
+ struct curl_llist_element case1_list;
+ struct curl_llist_element case2_list;
+ struct curl_llist_element case3_list;
+ struct curl_llist_element case4_list;
+ struct curl_llist_element case5_list;
struct curl_llist_element *head;
struct curl_llist_element *element_next;
struct curl_llist_element *element_prev;
struct curl_llist_element *to_remove;
- size_t llist_size = Curl_llist_count(llist);
- int curlErrCode = 0;
+ size_t llist_size = Curl_llist_count(&llist);
/**
* testing llist_init
@@ -76,10 +74,10 @@ UNITTEST_START
* 4: list dtor will be NULL
*/
- fail_unless(llist->size == 0, "list initial size should be zero");
- fail_unless(llist->head == NULL, "list head should initiate to NULL");
- fail_unless(llist->tail == NULL, "list tail should intiate to NULL");
- fail_unless(llist->dtor == test_curl_llist_dtor,
+ fail_unless(llist.size == 0, "list initial size should be zero");
+ fail_unless(llist.head == NULL, "list head should initiate to NULL");
+ fail_unless(llist.tail == NULL, "list tail should intiate to NULL");
+ fail_unless(llist.dtor == test_curl_llist_dtor,
"list dtor shold initiate to test_curl_llist_dtor");
/**
@@ -92,67 +90,49 @@ UNITTEST_START
* 3: list tail will be the same as list head
*/
- curlErrCode = Curl_llist_insert_next(llist, llist->head, &unusedData_case1);
- if(curlErrCode == 1) {
- fail_unless(Curl_llist_count(llist) == 1,
- "List size should be 1 after adding a new element");
- /*test that the list head data holds my unusedData */
- fail_unless(llist->head->ptr == &unusedData_case1,
- "List size should be 1 after adding a new element");
- /*same goes for the list tail */
- fail_unless(llist->tail == llist->head,
- "List size should be 1 after adding a new element");
-
- /**
- * testing Curl_llist_insert_next
- * case 2:
- * list has 1 element, adding one element after the head
- * @assumptions:
- * 1: the element next to head should be our newly created element
- * 2: the list tail should be our newly created element
- */
-
- curlErrCode = Curl_llist_insert_next(llist, llist->head,
- &unusedData_case3);
- if(curlErrCode == 1) {
- fail_unless(llist->head->next->ptr == &unusedData_case3,
- "the node next to head is not getting set correctly");
- fail_unless(llist->tail->ptr == &unusedData_case3,
- "the list tail is not getting set correctly");
- }
- else {
- printf("skipping Curl_llist_insert_next as a non "
- "success error code was returned\n");
- }
-
- /**
- * testing Curl_llist_insert_next
- * case 3:
- * list has >1 element, adding one element after "NULL"
- * @assumptions:
- * 1: the element next to head should be our newly created element
- * 2: the list tail should different from newly created element
- */
-
- curlErrCode = Curl_llist_insert_next(llist, llist->head,
- &unusedData_case2);
- if(curlErrCode == 1) {
- fail_unless(llist->head->next->ptr == &unusedData_case2,
- "the node next to head is not getting set correctly");
- /* better safe than sorry, check that the tail isn't corrupted */
- fail_unless(llist->tail->ptr != &unusedData_case2,
- "the list tail is not getting set correctly");
- }
- else {
- printf("skipping Curl_llist_insert_next as a non "
- "success error code was returned\n");
- }
-
- }
- else {
- printf("skipping Curl_llist_insert_next as a non "
- "success error code was returned\n");
- }
+ Curl_llist_insert_next(&llist, llist.head, &unusedData_case1, &case1_list);
+
+ fail_unless(Curl_llist_count(&llist) == 1,
+ "List size should be 1 after adding a new element");
+ /*test that the list head data holds my unusedData */
+ fail_unless(llist.head->ptr == &unusedData_case1,
+ "head ptr should be first entry");
+ /*same goes for the list tail */
+ fail_unless(llist.tail == llist.head,
+ "tail and head should be the same");
+
+ /**
+ * testing Curl_llist_insert_next
+ * case 2:
+ * list has 1 element, adding one element after the head
+ * @assumptions:
+ * 1: the element next to head should be our newly created element
+ * 2: the list tail should be our newly created element
+ */
+
+ Curl_llist_insert_next(&llist, llist.head,
+ &unusedData_case3, &case3_list);
+ fail_unless(llist.head->next->ptr == &unusedData_case3,
+ "the node next to head is not getting set correctly");
+ fail_unless(llist.tail->ptr == &unusedData_case3,
+ "the list tail is not getting set correctly");
+
+ /**
+ * testing Curl_llist_insert_next
+ * case 3:
+ * list has >1 element, adding one element after "NULL"
+ * @assumptions:
+ * 1: the element next to head should be our newly created element
+ * 2: the list tail should different from newly created element
+ */
+
+ Curl_llist_insert_next(&llist, llist.head,
+ &unusedData_case2, &case2_list);
+ fail_unless(llist.head->next->ptr == &unusedData_case2,
+ "the node next to head is not getting set correctly");
+ /* better safe than sorry, check that the tail isn't corrupted */
+ fail_unless(llist.tail->ptr != &unusedData_case2,
+ "the list tail is not getting set correctly");
/* unit tests for Curl_llist_remove */
@@ -165,19 +145,19 @@ UNITTEST_START
* 3: "new" head's previous will be NULL
*/
- head=llist->head;
- abort_unless(head, "llist->head is NULL");
+ head=llist.head;
+ abort_unless(head, "llist.head is NULL");
element_next = head->next;
- llist_size = Curl_llist_count(llist);
+ llist_size = Curl_llist_count(&llist);
- Curl_llist_remove(llist, llist->head, NULL);
+ Curl_llist_remove(&llist, llist.head, NULL);
- fail_unless(Curl_llist_count(llist) == (llist_size-1),
+ fail_unless(Curl_llist_count(&llist) == (llist_size-1),
"llist size not decremented as expected");
- fail_unless(llist->head == element_next,
+ fail_unless(llist.head == element_next,
"llist new head not modified properly");
- abort_unless(llist->head, "llist->head is NULL");
- fail_unless(llist->head->prev == NULL,
+ abort_unless(llist.head, "llist.head is NULL");
+ fail_unless(llist.head->prev == NULL,
"new head previous not set to null");
/**
@@ -190,13 +170,16 @@ UNITTEST_START
* 2: element->previous->next will be element->next
* 3: element->next->previous will be element->previous
*/
- Curl_llist_insert_next(llist, llist->head, &unusedData_case3);
- llist_size = Curl_llist_count(llist);
- to_remove = llist->head->next;
+ Curl_llist_insert_next(&llist, llist.head, &unusedData_case3,
+ &case4_list);
+ llist_size = Curl_llist_count(&llist);
+ fail_unless(llist_size == 3, "should be 3 list members");
+
+ to_remove = llist.head->next;
abort_unless(to_remove, "to_remove is NULL");
element_next = to_remove->next;
element_prev = to_remove->prev;
- Curl_llist_remove(llist, to_remove, NULL);
+ Curl_llist_remove(&llist, to_remove, NULL);
fail_unless(element_prev->next == element_next,
"element previous->next is not being adjusted");
abort_unless(element_next, "element_next is NULL");
@@ -213,10 +196,10 @@ UNITTEST_START
* 4: list->tail will be tail->previous
*/
- to_remove = llist->tail;
+ to_remove = llist.tail;
element_prev = to_remove->prev;
- Curl_llist_remove(llist, to_remove, NULL);
- fail_unless(llist->tail == element_prev,
+ Curl_llist_remove(&llist, to_remove, NULL);
+ fail_unless(llist.tail == element_prev,
"llist tail is not being adjusted when removing tail");
/**
@@ -228,11 +211,11 @@ UNITTEST_START
* 3: list tail will be null
*/
- to_remove = llist->head;
- Curl_llist_remove(llist, to_remove, NULL);
- fail_unless(llist->head == NULL,
+ to_remove = llist.head;
+ Curl_llist_remove(&llist, to_remove, NULL);
+ fail_unless(llist.head == NULL,
"llist head is not NULL while the llist is empty");
- fail_unless(llist->tail == NULL,
+ fail_unless(llist.tail == NULL,
"llist tail is not NULL while the llist is empty");
/* @testing Curl_llist_move(struct curl_llist *,
@@ -242,7 +225,7 @@ UNITTEST_START
/**
* @case 1:
- * moving head from an llist containg one element to an empty llist
+ * moving head from an llist containing one element to an empty llist
* @assumptions:
* 1: llist size will be 0
* 2: llist_destination size will be 1
@@ -255,38 +238,33 @@ UNITTEST_START
* add one element to the list
*/
- curlErrCode = Curl_llist_insert_next(llist, llist->head, &unusedData_case1);
+ Curl_llist_insert_next(&llist, llist.head, &unusedData_case1,
+ &case5_list);
/* necessary assertions */
- abort_unless(curlErrCode == 1,
- "Curl_llist_insert_next returned an error, Can't move on with test");
- abort_unless(Curl_llist_count(llist) == 1,
+ abort_unless(Curl_llist_count(&llist) == 1,
"Number of list elements is not as expected, Aborting");
- abort_unless(Curl_llist_count(llist_destination) == 0,
+ abort_unless(Curl_llist_count(&llist_destination) == 0,
"Number of list elements is not as expected, Aborting");
/*actual testing code*/
- curlErrCode = Curl_llist_move(llist, llist->head, llist_destination, NULL);
- abort_unless(curlErrCode == 1,
- "Curl_llist_move returned an error, Can't move on with test");
- fail_unless(Curl_llist_count(llist) == 0,
+ Curl_llist_move(&llist, llist.head, &llist_destination, NULL);
+ fail_unless(Curl_llist_count(&llist) == 0,
"moving element from llist didn't decrement the size");
- fail_unless(Curl_llist_count(llist_destination) == 1,
+ fail_unless(Curl_llist_count(&llist_destination) == 1,
"moving element to llist_destination didn't increment the size");
- fail_unless(llist->head == NULL,
+ fail_unless(llist.head == NULL,
"llist head not set to null after moving the head");
- fail_unless(llist_destination->head != NULL,
+ fail_unless(llist_destination.head != NULL,
"llist_destination head set to null after moving an element");
- fail_unless(llist_destination->tail != NULL,
+ fail_unless(llist_destination.tail != NULL,
"llist_destination tail set to null after moving an element");
- fail_unless(llist_destination->tail == llist_destination->tail,
+ fail_unless(llist_destination.tail == llist_destination.tail,
"llist_destination tail doesn't equal llist_destination head");
-
-
-
+}
UNITTEST_STOP
diff --git a/tests/unit/unit1301.c b/tests/unit/unit1301.c
index 928076e29..aa8610113 100644
--- a/tests/unit/unit1301.c
+++ b/tests/unit/unit1301.c
@@ -21,7 +21,7 @@
***************************************************************************/
#include "curlcheck.h"
-#include "strequal.h"
+#include "strcase.h"
static CURLcode unit_setup(void) {return CURLE_OK;}
static void unit_stop(void) {}
diff --git a/tests/unit/unit1303.c b/tests/unit/unit1303.c
index a4bd59826..143ccd034 100644
--- a/tests/unit/unit1303.c
+++ b/tests/unit/unit1303.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -64,17 +64,17 @@ struct timetest {
int timeout_ms;
int connecttimeout_ms;
bool connecting;
- long result;
+ time_t result;
const char *comment;
};
UNITTEST_START
+{
+ struct curltime now;
+ time_t timeout;
+ unsigned int i;
-struct timeval now;
-long timeout;
-unsigned int i;
-
-const struct timetest run[] = {
+ const struct timetest run[] = {
/* both timeouts set, not connecting */
{BASE + 4, 0, 10000, 8000, FALSE, 6000, "6 seconds should be left"},
{BASE + 4, 990000, 10000, 8000, FALSE, 5010, "5010 ms should be left"},
@@ -126,21 +126,20 @@ const struct timetest run[] = {
/* both timeouts set, connecting, connect timeout the longer one */
{BASE + 4, 0, 10000, 12000, TRUE, 6000, "6 seconds should be left"},
-};
-
-/* this is the pretended start time of the transfer */
-data->progress.t_startsingle.tv_sec = BASE;
-data->progress.t_startsingle.tv_usec = 0;
-data->progress.t_startop.tv_sec = BASE;
-data->progress.t_startop.tv_usec = 0;
-
-for(i=0; i < sizeof(run)/sizeof(run[0]); i++) {
- NOW(run[i].now_s, run[i].now_us);
- TIMEOUTS(run[i].timeout_ms, run[i].connecttimeout_ms);
- timeout = Curl_timeleft(data, &now, run[i].connecting);
- if(timeout != run[i].result)
- fail(run[i].comment);
+ };
+
+ /* this is the pretended start time of the transfer */
+ data->progress.t_startsingle.tv_sec = BASE;
+ data->progress.t_startsingle.tv_usec = 0;
+ data->progress.t_startop.tv_sec = BASE;
+ data->progress.t_startop.tv_usec = 0;
+
+ for(i=0; i < sizeof(run)/sizeof(run[0]); i++) {
+ NOW(run[i].now_s, run[i].now_us);
+ TIMEOUTS(run[i].timeout_ms, run[i].connecttimeout_ms);
+ timeout = Curl_timeleft(data, &now, run[i].connecting);
+ if(timeout != run[i].result)
+ fail(run[i].comment);
+ }
}
-
-
UNITTEST_STOP
diff --git a/tests/unit/unit1304.c b/tests/unit/unit1304.c
index 11bba390f..83375f55d 100644
--- a/tests/unit/unit1304.c
+++ b/tests/unit/unit1304.c
@@ -48,7 +48,7 @@ static void unit_stop(void)
UNITTEST_START
int result;
- static const char* const filename1 = "log/netrc1304";
+ static const char * const filename1 = "log/netrc1304";
memcpy(filename, filename1, strlen(filename1));
/*
diff --git a/tests/unit/unit1305.c b/tests/unit/unit1305.c
index ad270f565..b958d0434 100644
--- a/tests/unit/unit1305.c
+++ b/tests/unit/unit1305.c
@@ -76,26 +76,26 @@ static void unit_stop(void)
static Curl_addrinfo *fake_ai(void)
{
static Curl_addrinfo *ai;
- int ss_size;
- ss_size = sizeof (struct sockaddr_in);
-
- if((ai = calloc(1, sizeof(Curl_addrinfo))) == NULL)
+ ai = calloc(1, sizeof(Curl_addrinfo));
+ if(!ai)
return NULL;
- if((ai->ai_canonname = strdup("dummy")) == NULL) {
+ ai->ai_canonname = strdup("dummy");
+ if(!ai->ai_canonname) {
free(ai);
return NULL;
}
- if((ai->ai_addr = calloc(1, ss_size)) == NULL) {
+ ai->ai_addr = calloc(1, sizeof(struct sockaddr_in));
+ if(!ai->ai_addr) {
free(ai->ai_canonname);
free(ai);
return NULL;
}
ai->ai_family = AF_INET;
- ai->ai_addrlen = ss_size;
+ ai->ai_addrlen = sizeof(struct sockaddr_in);
return ai;
}
diff --git a/tests/unit/unit1308.c b/tests/unit/unit1308.c
index 968bcff21..4cd384877 100644
--- a/tests/unit/unit1308.c
+++ b/tests/unit/unit1308.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
***************************************************************************/
#include "curlcheck.h"
-#include <curl/curl.h>
+#include <gnurl/curl.h>
static CURLcode unit_setup(void)
{
@@ -42,8 +42,8 @@ static size_t print_httppost_callback(void *arg, const char
*buf, size_t len)
UNITTEST_START
int rc;
- struct curl_httppost* post = NULL;
- struct curl_httppost* last = NULL;
+ struct curl_httppost *post = NULL;
+ struct curl_httppost *last = NULL;
size_t total_size = 0;
char buffer[] = "test buffer";
diff --git a/tests/unit/unit1309.c b/tests/unit/unit1309.c
index 3cf6eefbd..9d1e70d27 100644
--- a/tests/unit/unit1309.c
+++ b/tests/unit/unit1309.c
@@ -52,7 +52,7 @@ static void splayprint(struct Curl_tree * t, int d, char
output)
(long)t->key.tv_usec, i);
}
- for(count=0, node = t->same; node; node = node->same, count++)
+ for(count=0, node = t->samen; node != t; node = node->samen, count++)
;
if(output) {
@@ -70,19 +70,23 @@ UNITTEST_START
/* number of nodes to add to the splay tree */
#define NUM_NODES 50
- struct Curl_tree *root;
- struct Curl_tree nodes[NUM_NODES];
+ struct Curl_tree *root, *removed;
+ struct Curl_tree nodes[NUM_NODES*3];
int rc;
- int i;
+ int i, j;
+ struct curltime tv_now = {0, 0};
root = NULL; /* the empty tree */
+ /* add nodes */
for(i = 0; i < NUM_NODES; i++) {
- struct timeval key;
+ struct curltime key;
+ size_t payload;
key.tv_sec = 0;
key.tv_usec = (541*i)%1023;
+ payload = (size_t) key.tv_usec;
- nodes[i].payload = (void *)key.tv_usec; /* for simplicity */
+ nodes[i].payload = (void *)payload; /* for simplicity */
root = Curl_splayinsert(key, root, &nodes[i]);
}
@@ -103,6 +107,37 @@ UNITTEST_START
}
}
+ fail_unless(root == NULL, "tree not empty after removing all nodes");
+
+ /* rebuild tree */
+ for(i = 0; i < NUM_NODES; i++) {
+ struct curltime key;
+
+ key.tv_sec = 0;
+ key.tv_usec = (541*i)%1023;
+
+ /* add some nodes with the same key */
+ for(j = 0; j <= i % 3; j++) {
+ size_t payload = key.tv_usec*10 + j;
+ nodes[i*3+j].payload = (void *)payload; /* for simplicity */
+ root = Curl_splayinsert(key, root, &nodes[i*3+j]);
+ }
+ }
+
+ removed = NULL;
+ for(i = 0; i <= 1100; i+= 100) {
+ printf("Removing nodes not larger than %d\n", i);
+ tv_now.tv_usec = i;
+ root = Curl_splaygetbest(tv_now, root, &removed);
+ while(removed != NULL) {
+ printf("removed payload %ld[%ld]\n", (long)(removed->payload) / 10,
+ (long)(removed->payload) % 10);
+ root = Curl_splaygetbest(tv_now, root, &removed);
+ }
+ }
+
+ fail_unless(root == NULL, "tree not empty when it should be");
+
UNITTEST_STOP
diff --git a/tests/unit/unit1323.c b/tests/unit/unit1323.c
new file mode 100644
index 000000000..65dd3d287
--- /dev/null
+++ b/tests/unit/unit1323.c
@@ -0,0 +1,66 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "curlcheck.h"
+
+#include "timeval.h"
+
+static CURLcode unit_setup(void)
+{
+ return CURLE_OK;
+}
+
+static void unit_stop(void)
+{
+
+}
+
+struct a {
+ struct curltime first;
+ struct curltime second;
+ time_t result;
+};
+
+UNITTEST_START
+{
+ struct a tests[] = {
+ { {36762, 8345 }, {36761, 995926 }, 13 },
+ { {36761, 995926 }, {36762, 8345 }, -13 },
+ { {36761, 995926 }, {0, 0}, 36761995 },
+ { {0, 0}, {36761, 995926 }, -36761995 },
+ };
+ size_t i;
+
+ for(i=0; i < sizeof(tests)/sizeof(tests[0]); i++) {
+ time_t result = curlx_tvdiff(tests[i].first, tests[i].second);
+ if(result != tests[i].result) {
+ printf("%d.%06u to %d.%06u got %d, but expected %d\n",
+ tests[i].first.tv_sec,
+ tests[i].first.tv_usec,
+ tests[i].second.tv_sec,
+ tests[i].second.tv_usec,
+ result,
+ tests[i].result);
+ fail("unexpected result!");
+ }
+ }
+}
+UNITTEST_STOP
diff --git a/tests/unit/unit1395.c b/tests/unit/unit1395.c
index 13f464134..13ea97bc4 100644
--- a/tests/unit/unit1395.c
+++ b/tests/unit/unit1395.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -65,10 +65,17 @@ UNITTEST_START
{ "/", "/" },
{ "", "" },
{ "/.../", "/.../" },
+ { "./moo", "moo" },
+ { "../moo", "moo" },
+ { "/.", "/" },
+ { "/..", "/" },
+ { "/moo/..", "/" },
+ { "..", "" },
+ { ".", "" },
};
for(i=0; i < sizeof(pairs)/sizeof(pairs[0]); i++) {
- char *out = Curl_dedotdotify((char *)pairs[i].input);
+ char *out = Curl_dedotdotify(pairs[i].input);
abort_unless(out != NULL, "returned NULL!");
if(strcmp(out, pairs[i].output)) {
diff --git a/tests/unit/unit1396.c b/tests/unit/unit1396.c
index 84a5162dd..f3275fdb6 100644
--- a/tests/unit/unit1396.c
+++ b/tests/unit/unit1396.c
@@ -21,7 +21,7 @@
***************************************************************************/
#include "curlcheck.h"
-CURL *hnd;
+static CURL *hnd;
static CURLcode unit_setup(void)
{
diff --git a/tests/unit/unit1398.c b/tests/unit/unit1398.c
index 9491c46c5..095242b07 100644
--- a/tests/unit/unit1398.c
+++ b/tests/unit/unit1398.c
@@ -21,7 +21,7 @@
***************************************************************************/
#include "curlcheck.h"
-#include "curl/mprintf.h"
+#include "gnurl/mprintf.h"
static CURLcode unit_setup(void) {return CURLE_OK;}
static void unit_stop(void) {}
diff --git a/tests/unit/unit1399.c b/tests/unit/unit1399.c
new file mode 100644
index 000000000..82e0dc27e
--- /dev/null
+++ b/tests/unit/unit1399.c
@@ -0,0 +1,100 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "curlcheck.h"
+
+#include "urldata.h"
+#include "progress.h"
+
+static int usec_magnitude = 1000000;
+
+static bool unit_setup(void)
+{
+ return CURLE_OK;
+}
+
+static void unit_stop(void)
+{
+
+}
+
+static bool usec_matches_seconds(time_t time_usec, int expected_seconds)
+{
+ int time_sec = (int)(time_usec / usec_magnitude);
+ bool same = (time_sec == expected_seconds);
+ fprintf(stderr, "is %d us same as %d seconds? %s\n",
+ (int)time_usec, expected_seconds,
+ same?"Yes":"No");
+ return same;
+}
+
+UNITTEST_START
+ struct Curl_easy data;
+ struct curltime now = Curl_tvnow();
+
+ data.progress.t_starttransfer = 0;
+ data.progress.t_redirect = 0;
+
+ /*
+ * Set the startsingle time to a second ago. This time is used by
+ * Curl_pgrsTime to calculate how much time the events takes.
+ * t_starttransfer should be updated to reflect the difference from this time
+ * when `Curl_pgrsTime is invoked.
+ */
+ data.progress.t_startsingle.tv_sec = now.tv_sec - 1;
+ data.progress.t_startsingle.tv_usec = now.tv_usec;
+
+ Curl_pgrsTime(&data, TIMER_STARTTRANSFER);
+
+ fail_unless(usec_matches_seconds(data.progress.t_starttransfer, 1),
+ "about 1 second should have passed");
+
+ /*
+ * Update the startsingle time to a second ago to simulate another second has
+ * passed.
+ * Now t_starttransfer should not be changed, as t_starttransfer has already
+ * occurred and another invocation of `Curl_pgrsTime` for TIMER_STARTTRANSFER
+ * is superfluous.
+ */
+ data.progress.t_startsingle.tv_sec = now.tv_sec - 2;
+ data.progress.t_startsingle.tv_usec = now.tv_usec;
+
+ Curl_pgrsTime(&data, TIMER_STARTTRANSFER);
+
+ fail_unless(usec_matches_seconds(data.progress.t_starttransfer, 1),
+ "about 1 second should have passed");
+
+ /*
+ * Simulate what happens after a redirect has occurred.
+ *
+ * Since the value of t_starttransfer is set to the value from the first
+ * request, it should be updated when a transfer occurs such that
+ * t_starttransfer is the starttransfer time of the redirect request.
+ */
+ data.progress.t_startsingle.tv_sec = now.tv_sec - 3;
+ data.progress.t_startsingle.tv_usec = now.tv_usec;
+ data.progress.t_redirect = data.progress.t_starttransfer + 1;
+
+ Curl_pgrsTime(&data, TIMER_STARTTRANSFER);
+
+ fail_unless(usec_matches_seconds(data.progress.t_starttransfer, 3),
+ "about 3 second should have passed");
+UNITTEST_STOP
diff --git a/tests/unit/unit1600.c b/tests/unit/unit1600.c
index f0f9cc1f4..11d718d35 100644
--- a/tests/unit/unit1600.c
+++ b/tests/unit/unit1600.c
@@ -24,12 +24,12 @@
#include "urldata.h"
#include "curl_ntlm_core.h"
-CURL *easy;
+static CURL *easy;
static CURLcode unit_setup(void)
{
easy = curl_easy_init();
- return CURLE_OK;
+ return easy ? CURLE_OK : CURLE_OUT_OF_MEMORY;
}
static void unit_stop(void)
diff --git a/tests/unit/unit1602.c b/tests/unit/unit1602.c
index c67c0a555..5f1ee9f47 100644
--- a/tests/unit/unit1602.c
+++ b/tests/unit/unit1602.c
@@ -32,7 +32,7 @@ static struct curl_hash hash_static;
static void mydtor(void *p)
{
- int *ptr = (int*)p;
+ int *ptr = (int *)p;
free(ptr);
}
diff --git a/tests/unit/unit1604.c b/tests/unit/unit1604.c
index 242be0005..b414e03e5 100644
--- a/tests/unit/unit1604.c
+++ b/tests/unit/unit1604.c
@@ -9,7 +9,7 @@
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
- * are also available at http://curl.haxx.se/docs/copyright.html.
+ * are also available at https://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
@@ -42,27 +42,31 @@ static void unit_stop(void)
#if defined(MSDOS) || defined(WIN32)
-static char *getflagstr(int flags) {
+static char *getflagstr(int flags)
+{
char *buf = malloc(256);
- fail_unless(buf, "out of memory");
- snprintf(buf, 256, "%s,%s,%s,%s",
- ((flags & SANITIZE_ALLOW_COLONS) ? "SANITIZE_ALLOW_COLONS" : ""),
- ((flags & SANITIZE_ALLOW_PATH) ? "SANITIZE_ALLOW_PATH" : ""),
- ((flags & SANITIZE_ALLOW_RESERVED) ? "SANITIZE_ALLOW_RESERVED" : ""),
- ((flags & SANITIZE_ALLOW_TRUNCATE) ? "SANITIZE_ALLOW_TRUNCATE" : ""));
+ if(buf) {
+ snprintf(buf, 256, "%s,%s,%s,%s",
+ ((flags & SANITIZE_ALLOW_COLONS) ? "SANITIZE_ALLOW_COLONS" : ""),
+ ((flags & SANITIZE_ALLOW_PATH) ? "SANITIZE_ALLOW_PATH" : ""),
+ ((flags & SANITIZE_ALLOW_RESERVED) ? "SANITIZE_ALLOW_RESERVED" : ""),
+ ((flags & SANITIZE_ALLOW_TRUNCATE) ? "SANITIZE_ALLOW_TRUNCATE" : ""));
+ }
return buf;
}
-static char *getcurlcodestr(int cc) {
+static char *getcurlcodestr(int cc)
+{
char *buf = malloc(256);
- fail_unless(buf, "out of memory");
- snprintf(buf, 256, "%s (%d)",
- (cc == SANITIZE_ERR_OK ? "SANITIZE_ERR_OK" :
- cc == SANITIZE_ERR_BAD_ARGUMENT ? "SANITIZE_ERR_BAD_ARGUMENT" :
- cc == SANITIZE_ERR_INVALID_PATH ? "SANITIZE_ERR_INVALID_PATH" :
- cc == SANITIZE_ERR_OUT_OF_MEMORY ? "SANITIZE_ERR_OUT_OF_MEMORY" :
- "unexpected error code - add name"),
- cc);
+ if(buf) {
+ snprintf(buf, 256, "%s (%d)",
+ (cc == SANITIZE_ERR_OK ? "SANITIZE_ERR_OK" :
+ cc == SANITIZE_ERR_BAD_ARGUMENT ? "SANITIZE_ERR_BAD_ARGUMENT" :
+ cc == SANITIZE_ERR_INVALID_PATH ? "SANITIZE_ERR_INVALID_PATH" :
+ cc == SANITIZE_ERR_OUT_OF_MEMORY ? "SANITIZE_ERR_OUT_OF_MEMORY" :
+ "unexpected error code - add name"),
+ cc);
+ }
return buf;
}
@@ -308,8 +312,11 @@ UNITTEST_START
}
flagstr = getflagstr(data[i].flags);
+ abort_unless(flagstr, "out of memory");
received_ccstr = getcurlcodestr(res);
+ abort_unless(received_ccstr, "out of memory");
expected_ccstr = getcurlcodestr(data[i].expected_result);
+ abort_unless(expected_ccstr, "out of memory");
unitfail++;
fprintf(stderr, "\n"
diff --git a/tests/unit/unit1605.c b/tests/unit/unit1605.c
index c807cb3f2..2fe3a5aca 100644
--- a/tests/unit/unit1605.c
+++ b/tests/unit/unit1605.c
@@ -34,9 +34,10 @@ static void unit_stop(void)
}
UNITTEST_START
- CURL *easy = curl_easy_init();
int len;
char *esc;
+ CURL *easy = curl_easy_init();
+ abort_unless(easy, "out of memory");
esc = curl_easy_escape(easy, "", -1);
fail_unless(esc == NULL, "negative string length can't work");
diff --git a/tests/unit/unit1606.c b/tests/unit/unit1606.c
new file mode 100644
index 000000000..eca8f3c38
--- /dev/null
+++ b/tests/unit/unit1606.c
@@ -0,0 +1,90 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "curlcheck.h"
+
+#include "speedcheck.h"
+#include "urldata.h"
+
+static CURLcode unit_setup(void)
+{
+ return CURLE_OK;
+}
+
+static void unit_stop(void)
+{
+
+}
+
+static int runawhile(struct Curl_easy *easy,
+ long time_limit,
+ long speed_limit,
+ curl_off_t speed,
+ int dec)
+{
+ int counter = 1;
+ struct curltime now = {1, 0};
+ CURLcode result;
+ int finaltime;
+
+ curl_easy_setopt(easy, CURLOPT_LOW_SPEED_LIMIT, speed_limit);
+ curl_easy_setopt(easy, CURLOPT_LOW_SPEED_TIME, time_limit);
+ Curl_speedinit(easy);
+
+ do {
+ /* fake the current transfer speed */
+ easy->progress.current_speed = speed;
+ result = Curl_speedcheck(easy, now);
+ if(result)
+ break;
+ /* step the time */
+ now.tv_sec = ++counter;
+ speed -= dec;
+ } while(counter < 100);
+
+ finaltime = (int)(now.tv_sec - 1);
+
+ return finaltime;
+}
+
+UNITTEST_START
+{
+ struct Curl_easy *easy = curl_easy_init();
+ abort_unless(easy, "out of memory");
+
+ fail_unless(runawhile(easy, 41, 41, 40, 0) == 41,
+ "wrong low speed timeout");
+ fail_unless(runawhile(easy, 21, 21, 20, 0) == 21,
+ "wrong low speed timeout");
+ fail_unless(runawhile(easy, 60, 60, 40, 0) == 60,
+ "wrong log speed timeout");
+ fail_unless(runawhile(easy, 50, 50, 40, 0) == 50,
+ "wrong log speed timeout");
+ fail_unless(runawhile(easy, 40, 40, 40, 0) == 99,
+ "should not time out");
+ fail_unless(runawhile(easy, 10, 50, 100, 2) == 36,
+ "bad timeout");
+
+ curl_easy_cleanup(easy);
+
+ return 0;
+}
+UNITTEST_STOP
diff --git a/tests/valgrind.pm b/tests/valgrind.pm
index 838183b44..8b3d717d4 100644
--- a/tests/valgrind.pm
+++ b/tests/valgrind.pm
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2010, Daniel Stenberg, <address@hidden>, et al.
+# Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -23,93 +23,10 @@
use File::Basename;
sub valgrindparse {
- my ($srcdir, # the dir in which the runtests script resides
- $sslenabled,
- $file) = @_;
- my $leak;
- my $invalidread;
- my $uninitedvar;
- my $error;
- my $partial;
- my $us;
-
+ my ($file) = @_;
my @o;
-
- my $bt=0;
- my $nssinit=0;
-
open(VAL, "<$file");
- while(<VAL>) {
- if($bt) {
- # back trace parsing
- if($_ =~ /^==(\d+)== *(at|by) 0x([0-9A-F]+): (.*)/) {
- my $w = $4;
- if($w =~ /(.*) \(([^:]*):(\d+)/) {
- my ($func, $source, $line)=($1, $2, $3);
- my $sourcename = basename($source);
- if(-f "$srcdir/../src/$sourcename" ||
- -f "$srcdir/../lib/$sourcename") {
- # this is our source
- # print "$func() at $source:$line\n";
- $us++;
- } #else {print "Not our source: $func, $source, $line\n";}
- }
-
- # the memory leakage within NSS_InitContext is not a bug of
curl
- if($w =~ /NSS_InitContext/) {
- $nssinit++;
- }
- }
- else {
- if($us and not $nssinit) {
- # the stack trace included source details about us
-
- $error++;
- if($leak) {
- push @o, "\n Leaked $leak bytes\n";
- }
- if($invalidread) {
- push @o, "\n Read $invalidread invalid bytes\n";
- }
- if($uninitedvar) {
- push @o, "\n Conditional jump or move depends on
uninitialised value(s)\n";
- }
- }
- $bt = 0; # no more backtrace
- $us = 0;
- $nssinit = 0;
- }
- }
- else {
- if($_ =~ /(\d+) bytes in (\d+) blocks are definitely lost/) {
- $leak = $1;
- if($leak) {
- $error++;
- }
- $bt = 1;
- }
- elsif($_ =~ /Invalid read of size (\d+)/) {
- $invalidread = $1;
- $error++;
- $bt = 1;
- }
- elsif($_ =~ /Conditional jump or move/) {
- # If we require SSL, this test case most probaly makes
- # us use OpenSSL. OpenSSL produces numerous valgrind
- # errors of this kind, rendering it impossible for us to
- # detect (valid) reports on actual curl or libcurl code.
-
- if(!$sslenabled) {
- $uninitedvar = 1;
- $error++;
- $bt = 1;
- }
- else {
- $partial=1;
- }
- }
- }
- }
+ @o = <VAL>;
close(VAL);
return @o;
}
diff --git a/tests/valgrind.supp b/tests/valgrind.supp
index 8c81327e1..10b07314a 100644
--- a/tests/valgrind.supp
+++ b/tests/valgrind.supp
@@ -87,3 +87,24 @@
fun:operate
fun:main
}
+
+{
+ openssl-1.0.1-error-as-seen-on-travis
+ Memcheck:Cond
+ fun:ASN1_STRING_set
+ fun:ASN1_mbstring_ncopy
+ fun:ASN1_mbstring_copy
+ fun:ASN1_STRING_to_UTF8
+ obj:/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
+ obj:/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
+ fun:ASN1_item_ex_d2i
+ obj:/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
+ obj:/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
+ fun:ASN1_item_ex_d2i
+ obj:/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
+ obj:/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
+ fun:ASN1_item_ex_d2i
+ fun:ASN1_item_d2i
+ fun:PEM_X509_INFO_read_bio
+ fun:X509_load_cert_crl_file
+}
diff --git a/winbuild/BUILD.WINDOWS.txt b/winbuild/BUILD.WINDOWS.txt
index 51674d772..7b0d5ba86 100644
--- a/winbuild/BUILD.WINDOWS.txt
+++ b/winbuild/BUILD.WINDOWS.txt
@@ -21,7 +21,7 @@ Building with Visual C++, prerequisites
If you wish to support zlib, openssl, c-ares, ssh2, you will have to
download
them separately and copy them to the deps directory as shown below:
-
+
somedirectory\
|_curl-src
| |_winbuild
@@ -34,6 +34,13 @@ Building with Visual C++, prerequisites
It is also possible to create the deps directory in some other random
places and tell the Makefile its location using the WITH_DEVEL option.
+Building straight from git
+==========================
+
+ When you check out code git and build it, as opposed from a released source
+ code archive, you need to first run the "buildconf.bat" batch file (present
+ in the source code root directory) to set things up.
+
Building with Visual C++
========================
@@ -47,12 +54,12 @@ Open a Visual Studio Command prompt or the SDK CMD shell.
Everything is already pre-configured by calling one of the command
prompt.
-Once you are in the console, go to the winbuild directory in the Curl
+Once you are in the console, go to the winbuild directory in the Curl
sources:
cd curl-src\winbuild
Then you can call nmake /f Makefile.vc with the desired options (see below).
-The builds will be in the top src directory, builds\ directory, in
+The builds will be in the top src directory, builds\ directory, in
a directory named using the options given to the nmake call.
nmake /f Makefile.vc mode=<static or dll> <options>
diff --git a/winbuild/Makefile.msvc.names b/winbuild/Makefile.msvc.names
deleted file mode 100644
index 13eafac81..000000000
--- a/winbuild/Makefile.msvc.names
+++ /dev/null
@@ -1,81 +0,0 @@
-#***************************************************************************
-# _ _ ____ _
-# Project ___| | | | _ \| |
-# / __| | | | |_) | |
-# | (__| |_| | _ <| |___
-# \___|\___/|_| \_\_____|
-#
-# Copyright (C) 1999 - 2010, Daniel Stenberg, <address@hidden>, et al.
-#
-# This software is licensed as described in the file COPYING, which
-# you should have received as part of this distribution. The terms
-# are also available at https://curl.haxx.se/docs/copyright.html.
-#
-# You may opt to use, copy, modify, merge, publish, distribute and/or sell
-# copies of the Software, and permit persons to whom the Software is
-# furnished to do so, under the terms of the COPYING file.
-#
-# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-# KIND, either express or implied.
-#
-#***************************************************************************
-
-#
-# This file is included from MSVC makefiles located in lib and src,
-# providing libcurl common file names required by these makefiles.
-#
-
-# ------------------
-# libcurl base name
-# ------------------
-
-!IF !DEFINED(LIB_NAME) || "$(LIB_NAME)" == ""
-LIB_NAME = libcurl
-!ENDIF
-
-# -------------------------------------------------
-# libcurl static and dynamic libraries common base
-# file names for release and debug configurations
-# -------------------------------------------------
-
-!IF !DEFINED(LIB_NAME_STA_REL) || "$(LIB_NAME_STA_REL)" == ""
-LIB_NAME_STA_REL = $(LIB_NAME)
-!ENDIF
-
-!IF !DEFINED(LIB_NAME_STA_DBG) || "$(LIB_NAME_STA_DBG)" == ""
-LIB_NAME_STA_DBG = $(LIB_NAME_STA_REL)d
-!ENDIF
-
-!IF !DEFINED(LIB_NAME_DYN_REL) || "$(LIB_NAME_DYN_REL)" == ""
-LIB_NAME_DYN_REL = $(LIB_NAME)
-!ENDIF
-
-!IF !DEFINED(LIB_NAME_DYN_DBG) || "$(LIB_NAME_DYN_DBG)" == ""
-LIB_NAME_DYN_DBG = $(LIB_NAME_DYN_REL)d
-!ENDIF
-
-# --------------------------------------------
-# Base names for libcurl DLL import libraries
-# --------------------------------------------
-
-!IF !DEFINED(LIB_NAME_IMP_REL) || "$(LIB_NAME_IMP_REL)" == ""
-LIB_NAME_IMP_REL = $(LIB_NAME_DYN_REL)_imp
-!ENDIF
-
-!IF !DEFINED(LIB_NAME_IMP_DBG) || "$(LIB_NAME_IMP_DBG)" == ""
-LIB_NAME_IMP_DBG = $(LIB_NAME_DYN_DBG)_imp
-!ENDIF
-
-# --------------------------------------
-# File names with extension and no path
-# --------------------------------------
-
-LIBCURL_STA_LIB_REL = $(LIB_NAME_STA_REL).lib
-LIBCURL_STA_LIB_DBG = $(LIB_NAME_STA_DBG).lib
-LIBCURL_DYN_LIB_REL = $(LIB_NAME_DYN_REL).dll
-LIBCURL_DYN_LIB_DBG = $(LIB_NAME_DYN_DBG).dll
-LIBCURL_IMP_LIB_REL = $(LIB_NAME_IMP_REL).lib
-LIBCURL_IMP_LIB_DBG = $(LIB_NAME_IMP_DBG).lib
-LIBCURL_DYN_LIB_PDB = $(LIB_NAME_IMP_DBG).pdb
-
-# End of Makefile.msvc.names
diff --git a/winbuild/Makefile.vc b/winbuild/Makefile.vc
index bd5c8e032..ba73efde9 100644
--- a/winbuild/Makefile.vc
+++ b/winbuild/Makefile.vc
@@ -21,6 +21,7 @@ CFGSET=true
!MESSAGE Libraries can be fetched at
http://pecl2.php.net/downloads/php-windows-builds/
!MESSAGE Uncompress them into the deps folder.
!MESSAGE WITH_SSL=<dll or static> - Enable OpenSSL support, DLL or static
+!MESSAGE WITH_NGHTTP2=<dll or static> - Enable HTTP/2 support, DLL or static
!MESSAGE WITH_CARES=<dll or static> - Enable c-ares support, DLL or static
!MESSAGE WITH_ZLIB=<dll or static> - Enable zlib support, DLL or static
!MESSAGE WITH_SSH2=<dll or static> - Enable libSSH2 support, DLL or static
@@ -55,7 +56,10 @@ ENABLE_SSPI = $(USE_SSPI)
!ENDIF
# default options
+
!IFNDEF MACHINE
+# Note: nmake magically changes the value of PROCESSOR_ARCHITECTURE from
"AMD64"
+# to "x86" when building in a 32 bit build environment on a 64 bit machine.
!IF "$(PROCESSOR_ARCHITECTURE)"=="AMD64"
MACHINE = x64
!ELSE
@@ -109,6 +113,23 @@ USE_SSL = true
SSL = static
!ENDIF
+!IF "$(ENABLE_NGHTTP2)"=="yes"
+# compatibility bit, WITH_NGHTTP2 is the correct flag
+WITH_NGHTTP2 = dll
+USE_NGHTTP2 = true
+NGHTTP2 = dll
+!ELSEIF "$(WITH_NGHTTP2)"=="dll"
+USE_NGHTTP2 = true
+NGHTTP2 = dll
+!ELSEIF "$(WITH_NGHTTP2)"=="static"
+USE_NGHTTP2 = true
+NGHTTP2 = static
+!ENDIF
+
+!IFNDEF USE_NGHTTP2
+USE_NGHTTP2 = false
+!ENDIF
+
!IF "$(WITH_MBEDTLS)"=="dll" || "$(WITH_MBEDTLS)"=="static"
USE_MBEDTLS = true
MBEDTLS = $(WITH_MBEDTLS)
@@ -190,6 +211,10 @@ CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-sspi
CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-winssl
!ENDIF
+!IF "$(USE_NGHTTP2)"=="true"
+CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-nghttp2-$(NGHTTP2)
+!ENDIF
+
!MESSAGE configuration name: $(CONFIG_NAME_LIB)
BUILD_DIR=../builds/$(CONFIG_NAME_LIB)
@@ -198,9 +223,6 @@ CURL_DIROBJ = ..\builds\$(CONFIG_NAME_LIB)-obj-curl
DIRDIST = ..\builds\$(CONFIG_NAME_LIB)\
$(MODE):
- @IF NOT EXIST ..\include\curl\curlbuild.h ( \
- CALL ..\buildconf.bat \
- )
@SET DIROBJ=$(LIBCURL_DIROBJ)
@SET MACRO_NAME=LIBCURL_OBJS
@SET OUTFILE=LIBCURL_OBJS.inc
@@ -213,10 +235,14 @@ $(MODE):
@SET CONFIG_NAME_LIB=$(CONFIG_NAME_LIB)
@SET MACHINE=$(MACHINE)
+ @SET USE_NGHTTP2=$(USE_NGHTTP2)
@SET USE_IDN=$(USE_IDN)
@SET USE_IPV6=$(USE_IPV6)
@SET USE_SSPI=$(USE_SSPI)
@SET USE_WINSSL=$(USE_WINSSL)
+# compatibility bit
+ @SET WITH_NGHTTP2=$(WITH_NGHTTP2)
+
@$(MAKE) /NOLOGO /F MakefileBuild.vc
copy_from_lib:
diff --git a/winbuild/MakefileBuild.vc b/winbuild/MakefileBuild.vc
index 3b4fc109c..36ad4681c 100644
--- a/winbuild/MakefileBuild.vc
+++ b/winbuild/MakefileBuild.vc
@@ -56,11 +56,11 @@ CC = cl.exe
!IF "$(VC)"=="6"
CC_NODEBUG = $(CC) /O2 /DNDEBUG
CC_DEBUG = $(CC) /Od /Gm /Zi /D_DEBUG /GZ
-CFLAGS = /I. /I../lib /I../include /nologo /W3 /GX /DWIN32 /YX /FD /c
/DBUILDING_LIBCURL
+CFLAGS = /I. /I../lib /I../include /nologo /W4 /wd4127 /GX /DWIN32 /YX
/FD /c /DBUILDING_LIBCURL
!ELSE
CC_NODEBUG = $(CC) /O2 /DNDEBUG
-CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd /W3
-CFLAGS = /I. /I ../lib /I../include /nologo /W3 /EHsc /DWIN32 /FD /c
/DBUILDING_LIBCURL
+CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd
+CFLAGS = /I. /I ../lib /I../include /nologo /W4 /wd4127 /EHsc /DWIN32 /FD
/c /DBUILDING_LIBCURL
!ENDIF
LFLAGS = /nologo /machine:$(MACHINE)
@@ -93,7 +93,7 @@ PDB_NAME_DLL_DEBUG = $(BASE_NAME_DEBUG).pdb
# CURL Command section
PROGRAM_NAME = curl.exe
-CURL_CFLAGS = /I../lib /I../include /nologo /W3 /EHsc /DWIN32 /FD /c
+CURL_CFLAGS = /I../lib /I../include /nologo /W4 /EHsc /DWIN32 /FD /c
CURL_LFLAGS = /nologo /out:$(DIRDIST)\bin\$(PROGRAM_NAME) /subsystem:console
/machine:$(MACHINE)
CURL_RESFLAGS = /i../include
@@ -114,17 +114,36 @@ LFLAGS = $(LFLAGS) "/LIBPATH:$(DEVEL_LIB)"
!IF "$(WITH_SSL)"=="dll"
+!IF EXISTS("$(DEVEL_LIB)\libssl.lib")
+SSL_LIBS = libssl.lib libcrypto.lib
+!ELSE
SSL_LIBS = libeay32.lib ssleay32.lib
+!ENDIF
USE_SSL = true
SSL = dll
!ELSEIF "$(WITH_SSL)"=="static"
+!IF EXISTS("$(DEVEL_LIB)\libssl.lib")
+SSL_LIBS = libssl.lib libcrypto.lib gdi32.lib user32.lib crypt32.lib
+!ELSE
SSL_LIBS = libeay32.lib ssleay32.lib gdi32.lib user32.lib crypt32.lib
+!ENDIF
USE_SSL = true
SSL = static
!ENDIF
!IFDEF USE_SSL
SSL_CFLAGS = /DUSE_OPENSSL /I"$(DEVEL_INCLUDE)/openssl"
+!IF EXISTS("$(DEVEL_INCLUDE)\openssl\is_boringssl.h")
+SSL_CFLAGS = $(SSL_CFLAGS) /DHAVE_BORINGSSL
+!ENDIF
+!ENDIF
+
+!IF "$(WITH_NGHTTP2)"=="dll"
+NGHTTP2_CFLAGS = /DUSE_NGHTTP2
+NGHTTP2_LIBS = nghttp2.lib
+!ELSEIF "$(WITH_NGHTTP2)"=="static"
+NGHTTP2_CFLAGS = /DUSE_NGHTTP2 /DNGHTTP2_STATICLIB
+NGHTTP2_LIBS = nghttp2_static.lib
!ENDIF
!IF "$(WITH_MBEDTLS)"=="dll" || "$(WITH_MBEDTLS)"=="static"
@@ -359,6 +378,11 @@ CFLAGS = $(CFLAGS) $(IPV6_CFLAGS)
CFLAGS = $(CFLAGS) $(SSPI_CFLAGS)
!ENDIF
+!IF "$(USE_NGHTTP2)"=="true"
+CFLAGS = $(CFLAGS) $(NGHTTP2_CFLAGS)
+LFLAGS = $(LFLAGS) $(NGHTTP2_LFLAGS) $(NGHTTP2_LIBS)
+!ENDIF
+
!IF "$(GEN_PDB)"=="true"
CFLAGS = $(CFLAGS) $(CFLAGS_PDB) /Fd"$(LIB_DIROBJ)\$(PDB)"
LFLAGS = $(LFLAGS) $(LFLAGS_PDB)
@@ -416,6 +440,7 @@ package: $(TARGET)
$(TARGET): $(LIB_OBJS) $(LIB_DIROBJ) $(DISTDIR)
@echo Using SSL: $(USE_SSL)
+ @echo Using NGHTTP2: $(USE_NGHTTP2)
@echo Using c-ares: $(USE_CARES)
@echo Using SSH2: $(USE_SSH2)
@echo Using ZLIB: $(USE_ZLIB)
@@ -494,7 +519,6 @@ CURL_LIBCURL_LIBNAME=$(LIB_NAME_IMP)
CURL_FROM_LIBCURL=$(CURL_DIROBJ)\tool_hugehelp.obj \
$(CURL_DIROBJ)\nonblock.obj \
- $(CURL_DIROBJ)\rawstr.obj \
$(CURL_DIROBJ)\strtoofft.obj \
$(CURL_DIROBJ)\warnless.obj
@@ -509,8 +533,6 @@ $(CURL_DIROBJ)\tool_hugehelp.obj:
$(CURL_SRC_DIR)\tool_hugehelp.c
$(CURL_CC) $(CURL_CFLAGS) /Zm200 /Fo"$@" $(CURL_SRC_DIR)\tool_hugehelp.c
$(CURL_DIROBJ)\nonblock.obj: ../lib/nonblock.c
$(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/nonblock.c
-$(CURL_DIROBJ)\rawstr.obj: ../lib/rawstr.c
- $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/rawstr.c
$(CURL_DIROBJ)\strtoofft.obj: ../lib/strtoofft.c
$(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/strtoofft.c
$(CURL_DIROBJ)\warnless.obj: ../lib/warnless.c
--
To stop receiving notification emails like this one, please contact
address@hidden
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnurl] branch master updated (a94d1993d -> 20f7f9014),
gnunet <=