summaryrefslogtreecommitdiffstats
path: root/lib/urldata.h
diff options
context:
space:
mode:
Diffstat (limited to 'lib/urldata.h')
-rw-r--r--lib/urldata.h162
1 files changed, 80 insertions, 82 deletions
diff --git a/lib/urldata.h b/lib/urldata.h
index 8594c2f..b1c2056 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -40,6 +40,8 @@
#define PORT_IMAPS 993
#define PORT_POP3 110
#define PORT_POP3S 995
+#define PORT_SMB 445
+#define PORT_SMBS 445
#define PORT_SMTP 25
#define PORT_SMTPS 465 /* sometimes called SSMTP */
#define PORT_RTSP 554
@@ -64,6 +66,7 @@
#define PROTO_FAMILY_HTTP (CURLPROTO_HTTP|CURLPROTO_HTTPS)
#define PROTO_FAMILY_FTP (CURLPROTO_FTP|CURLPROTO_FTPS)
#define PROTO_FAMILY_POP3 (CURLPROTO_POP3|CURLPROTO_POP3S)
+#define PROTO_FAMILY_SMB (CURLPROTO_SMB|CURLPROTO_SMBS)
#define PROTO_FAMILY_SMTP (CURLPROTO_SMTP|CURLPROTO_SMTPS)
#define DEFAULT_CONNCACHE_SIZE 5
@@ -79,38 +82,12 @@
#include "cookie.h"
#include "formdata.h"
-#ifdef USE_SSLEAY
#ifdef USE_OPENSSL
-#include <openssl/rsa.h>
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
#include <openssl/ssl.h>
-#include <openssl/err.h>
#ifdef HAVE_OPENSSL_ENGINE_H
#include <openssl/engine.h>
#endif
-#ifdef HAVE_OPENSSL_PKCS12_H
-#include <openssl/pkcs12.h>
-#endif
-#else /* SSLeay-style includes */
-#include <rsa.h>
-#include <crypto.h>
-#include <x509.h>
-#include <pem.h>
-#include <ssl.h>
-#include <err.h>
-#ifdef HAVE_OPENSSL_ENGINE_H
-#include <engine.h>
-#endif
-#ifdef HAVE_OPENSSL_PKCS12_H
-#include <pkcs12.h>
-#endif
#endif /* USE_OPENSSL */
-#ifdef USE_GNUTLS
-#error Configuration error; cannot use GnuTLS *and* OpenSSL.
-#endif
-#endif /* USE_SSLEAY */
#ifdef USE_GNUTLS
#include <gnutls/gnutls.h>
@@ -138,15 +115,12 @@
#include <pk11pub.h>
#endif
-#ifdef USE_QSOSSL
-#include <qsossl.h>
-#endif
-
#ifdef USE_GSKIT
#include <gskssl.h>
#endif
#ifdef USE_AXTLS
+#include <axTLS/config.h>
#include <axTLS/ssl.h>
#undef malloc
#undef calloc
@@ -195,6 +169,7 @@
#include "ssh.h"
#include "http.h"
#include "rtsp.h"
+#include "smb.h"
#include "wildcard.h"
#include "multihandle.h"
@@ -223,6 +198,8 @@
#define HEADERSIZE 256
#define CURLEASY_MAGIC_NUMBER 0xc0dedbadU
+#define GOOD_EASY_HANDLE(x) \
+ ((x) && (((struct SessionHandle *)(x))->magic == CURLEASY_MAGIC_NUMBER))
/* Some convenience macros to get the larger/smaller value out of two given.
We prefix with CURL to prevent name collisions. */
@@ -288,13 +265,13 @@ struct ssl_connect_data {
current state of the connection. */
bool use;
ssl_connection_state state;
-#ifdef USE_SSLEAY
+#ifdef USE_OPENSSL
/* these ones requires specific SSL-types */
SSL_CTX* ctx;
SSL* handle;
X509* server_cert;
ssl_connect_state connecting_state;
-#endif /* USE_SSLEAY */
+#endif /* USE_OPENSSL */
#ifdef USE_GNUTLS
gnutls_session_t session;
gnutls_certificate_credentials_t cred;
@@ -328,9 +305,6 @@ struct ssl_connect_data {
PK11GenericObject *obj_clicert;
ssl_connect_state connecting_state;
#endif /* USE_NSS */
-#ifdef USE_QSOSSL
- SSLHandle *handle;
-#endif /* USE_QSOSSL */
#ifdef USE_GSKIT
gsk_handle handle;
int iocport;
@@ -350,6 +324,9 @@ struct ssl_connect_data {
size_t encdata_offset, decdata_offset;
unsigned char *encdata_buffer, *decdata_buffer;
unsigned long req_flags, ret_flags;
+ CURLcode recv_unrecoverable_err; /* schannel_recv had an unrecoverable err */
+ bool recv_sspi_close_notify; /* true if connection closed by close_notify */
+ bool recv_connection_closed; /* true if connection closed, regardless how */
#endif /* USE_SCHANNEL */
#ifdef USE_DARWINSSL
SSLContextRef ssl_ctx;
@@ -366,6 +343,7 @@ struct ssl_config_data {
bool verifypeer; /* set TRUE if this is desired */
bool verifyhost; /* set TRUE if CN/SAN must match hostname */
+ bool verifystatus; /* set TRUE if certificate status must be checked */
char *CApath; /* certificate dir (doesn't work on windows) */
char *CAfile; /* certificate to verify peer against */
const char *CRLfile; /* CRL to check certificate revocation */
@@ -378,6 +356,7 @@ struct ssl_config_data {
void *fsslctxp; /* parameter for call back */
bool sessionid; /* cache session IDs or not */
bool certinfo; /* gather lots of certificate info */
+ bool falsestart;
#ifdef USE_TLS_SRP
char *username; /* TLS username (for, e.g., SRP) */
@@ -398,6 +377,10 @@ struct curl_ssl_session {
/* Struct used for Digest challenge-response authentication */
struct digestdata {
+#if defined(USE_WINDOWS_SSPI)
+ BYTE *input_token;
+ size_t input_token_len;
+#else
char *nonce;
char *cnonce;
char *realm;
@@ -407,6 +390,7 @@ struct digestdata {
char *qop;
char *algorithm;
int nc; /* nounce count */
+#endif
};
typedef enum {
@@ -426,8 +410,9 @@ typedef enum {
#endif
/* Struct used for GSSAPI (Kerberos V5) authentication */
-#if defined(USE_WINDOWS_SSPI)
+#if defined(USE_KERBEROS5)
struct kerberos5data {
+#if defined(USE_WINDOWS_SSPI)
CredHandle *credentials;
CtxtHandle *context;
TCHAR *spn;
@@ -435,22 +420,26 @@ struct kerberos5data {
SEC_WINNT_AUTH_IDENTITY *p_identity;
size_t token_max;
BYTE *output_token;
+#else
+ gss_ctx_id_t context;
+ gss_name_t spn;
+#endif
};
#endif
/* Struct used for NTLM challenge-response authentication */
+#if defined(USE_NTLM)
struct ntlmdata {
curlntlm state;
#ifdef USE_WINDOWS_SSPI
- CredHandle handle;
- CtxtHandle c_handle;
+ CredHandle *credentials;
+ CtxtHandle *context;
SEC_WINNT_AUTH_IDENTITY identity;
SEC_WINNT_AUTH_IDENTITY *p_identity;
- size_t max_token_length;
+ size_t token_max;
BYTE *output_token;
- int has_handles;
- void *type_2;
- unsigned long n_type_2;
+ BYTE *input_token;
+ size_t input_token_len;
#else
unsigned int flags;
unsigned char nonce[8];
@@ -458,6 +447,7 @@ struct ntlmdata {
unsigned int target_info_len;
#endif
};
+#endif
#ifdef USE_SPNEGO
struct negotiatedata {
@@ -472,12 +462,12 @@ struct negotiatedata {
#else
#ifdef USE_WINDOWS_SSPI
DWORD status;
- CtxtHandle *context;
CredHandle *credentials;
+ CtxtHandle *context;
SEC_WINNT_AUTH_IDENTITY identity;
SEC_WINNT_AUTH_IDENTITY *p_identity;
TCHAR *server_name;
- size_t max_token_length;
+ size_t token_max;
BYTE *output_token;
size_t output_token_length;
#endif
@@ -531,11 +521,6 @@ struct ConnectBits {
requests */
bool netrc; /* name+password provided by netrc */
bool userpwd_in_url; /* name+password found in url */
-
- bool done; /* set to FALSE when Curl_do() is called and set to TRUE
- when Curl_done() is called, to prevent Curl_done() to
- get invoked twice when the multi interface is
- used. */
bool stream_was_rewound; /* Indicates that the stream was rewound after a
request read past the end of its response byte
boundary */
@@ -545,6 +530,7 @@ struct ConnectBits {
bool bound; /* set true if bind() has already been done on this socket/
connection */
bool type_set; /* type= was used in the URL */
+ bool multiplex; /* connection is multiplexed */
};
struct hostname {
@@ -617,12 +603,6 @@ enum upgrade101 {
UPGR101_WORKING /* talking upgraded protocol */
};
-enum negotiatenpn {
- NPN_INIT, /* default state */
- NPN_HTTP1_1, /* HTTP/1.1 negotiated */
- NPN_HTTP2 /* HTTP2 (draft-xx) negotiated */
-};
-
/*
* Request specific data in the easy handle (SessionHandle). Previously,
* these members were on the connectdata struct but since a conn struct may
@@ -680,7 +660,6 @@ struct SingleRequest {
#define IDENTITY 0 /* No encoding */
#define DEFLATE 1 /* zlib deflate [RFC 1950 & 1951] */
#define GZIP 2 /* gzip algorithm [RFC 1952] */
-#define COMPRESS 3 /* Not handled, added for completeness */
#ifdef HAVE_LIBZ
zlibInitState zlib_init; /* possible zlib init state;
@@ -883,7 +862,7 @@ struct connectdata {
the ip_addr itself. */
char ip_addr_str[MAX_IPADR_LEN];
- unsigned int scope; /* address scope for IPv6 */
+ unsigned int scope_id; /* Scope id for IPv6 */
int socktype; /* SOCK_STREAM or SOCK_DGRAM */
@@ -974,8 +953,8 @@ struct connectdata {
char *te; /* TE: request header */
} allocptr;
- int sec_complete; /* if kerberos is enabled for this connection */
#ifdef HAVE_GSSAPI
+ int sec_complete; /* if Kerberos is enabled for this connection */
enum protection_level command_prot;
enum protection_level data_prot;
enum protection_level request_data_prot;
@@ -986,7 +965,7 @@ struct connectdata {
struct sockaddr_in local_addr;
#endif
-#if defined(USE_WINDOWS_SSPI) /* Consider moving some of the above GSS-API */
+#if defined(USE_KERBEROS5) /* Consider moving some of the above GSS-API */
struct kerberos5data krb5; /* variables into the structure definition, */
#endif /* however, some of them are ftp specific. */
@@ -1013,22 +992,20 @@ struct connectdata {
/*************** Request - specific items ************/
- /* previously this was in the urldata struct */
- curl_read_callback fread_func; /* function that reads the input */
- void *fread_in; /* pointer to pass to the fread() above */
-
+#if defined(USE_NTLM)
struct ntlmdata ntlm; /* NTLM differs from other authentication schemes
because it authenticates connections, not
single requests! */
struct ntlmdata proxyntlm; /* NTLM data for proxy */
-#if defined(USE_NTLM) && defined(NTLM_WB_ENABLED)
+#if defined(NTLM_WB_ENABLED)
/* used for communication with Samba's winbind daemon helper ntlm_auth */
curl_socket_t ntlm_auth_hlpr_socket;
pid_t ntlm_auth_hlpr_pid;
char* challenge_header;
char* response_header;
#endif
+#endif
char syserr_buf [256]; /* buffer for Curl_strerror() */
@@ -1051,6 +1028,7 @@ struct connectdata {
struct pop3_conn pop3c;
struct smtp_conn smtpc;
struct rtsp_conn rtspc;
+ struct smb_conn smbc;
void *generic; /* RTMP and LDAP use this */
} proto;
@@ -1081,7 +1059,7 @@ struct connectdata {
} tunnel_state[2]; /* two separate ones to allow FTP */
struct connectbundle *bundle; /* The bundle we are member of */
- enum negotiatenpn negnpn;
+ int negnpn; /* APLN or NPN TLS negotiated protocol, CURL_HTTP_VERSION* */
};
/* The end of connectdata. */
@@ -1279,9 +1257,9 @@ struct UrlState {
void *resolver; /* resolver state, if it is used in the URL state -
ares_channel f.e. */
-#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
+#if defined(USE_OPENSSL) && defined(HAVE_OPENSSL_ENGINE_H)
ENGINE *engine;
-#endif /* USE_SSLEAY */
+#endif /* USE_OPENSSL */
struct timeval expiretime; /* set this with Curl_expire() only */
struct Curl_tree timenode; /* for the splay stuff */
struct curl_llist *timeoutlist; /* list of pending timeouts */
@@ -1325,10 +1303,15 @@ struct UrlState {
long rtsp_next_server_CSeq; /* the session's next server CSeq */
long rtsp_CSeq_recv; /* most recent CSeq received */
- /* if true, force SSL connection retry (workaround for certain servers) */
- bool ssl_connect_retry;
curl_off_t infilesize; /* size of file to upload, -1 means unknown.
Copied from set.filesize at start of operation */
+
+ int drain; /* Increased when this stream has data to read, even if its
+ socket not necessarily is readable. Decreased when
+ checked. */
+ bool done; /* set to FALSE when Curl_do() is called and set to TRUE when
+ Curl_done() is called, to prevent Curl_done() to get invoked
+ twice when the multi interface is used. */
};
@@ -1378,13 +1361,13 @@ enum dupstring {
STRING_KRB_LEVEL, /* krb security level */
STRING_NETRC_FILE, /* if not NULL, use this instead of trying to find
$HOME/.netrc */
- STRING_COPYPOSTFIELDS, /* if POST, set the fields' values here */
STRING_PROXY, /* proxy to use */
STRING_SET_RANGE, /* range, if used */
STRING_SET_REFERER, /* custom string for the HTTP referer field */
STRING_SET_URL, /* what original URL to work on */
STRING_SSL_CAPATH, /* CA directory name (doesn't work on windows) */
STRING_SSL_CAFILE, /* certificate file to verify peer against */
+ STRING_SSL_PINNEDPUBLICKEY, /* public key file to verify peer against */
STRING_SSL_CIPHER_LIST, /* list of ciphers to use */
STRING_SSL_EGDSOCKET, /* path to file containing the EGD daemon socket */
STRING_SSL_RANDOM_FILE, /* path to file containing "random" data */
@@ -1408,19 +1391,31 @@ enum dupstring {
STRING_SSH_KNOWNHOSTS, /* file name of knownhosts file */
#endif
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
- STRING_SOCKS5_GSSAPI_SERVICE, /* GSSAPI service name */
+ STRING_SOCKS5_GSSAPI_SERVICE, /* GSSAPI service name */
+ STRING_PROXY_SERVICE_NAME, /* Proxy service name */
+ STRING_SERVICE_NAME, /* Service name */
#endif
STRING_MAIL_FROM,
STRING_MAIL_AUTH,
#ifdef USE_TLS_SRP
- STRING_TLSAUTH_USERNAME, /* TLS auth <username> */
- STRING_TLSAUTH_PASSWORD, /* TLS auth <password> */
+ STRING_TLSAUTH_USERNAME, /* TLS auth <username> */
+ STRING_TLSAUTH_PASSWORD, /* TLS auth <password> */
#endif
+ STRING_BEARER, /* <bearer>, if used */
+#ifdef USE_UNIX_SOCKETS
+ STRING_UNIX_SOCKET_PATH, /* path to Unix socket, if used */
+#endif
+
+ /* -- end of zero-terminated strings -- */
- STRING_BEARER, /* <bearer>, if used */
+ STRING_LASTZEROTERMINATED,
+
+ /* -- below this are pointers to binary data that cannot be strdup'ed.
+ Each such pointer must be added manually to Curl_dupset() --- */
+
+ STRING_COPYPOSTFIELDS, /* if POST, set the fields' values here */
- /* -- end of strings -- */
STRING_LAST /* not used, just an end-of-list marker */
};
@@ -1431,8 +1426,8 @@ struct UserDefined {
long proxyport; /* If non-zero, use this port number by default. If the
proxy string features a ":[port]" that one will override
this. */
- void *out; /* the fetched file goes here */
- void *in; /* the uploaded file is read from here */
+ void *out; /* CURLOPT_WRITEDATA */
+ void *in; /* CURLOPT_READDATA */
void *writeheader; /* write the header to this if non-NULL */
void *rtp_out; /* write RTP to this if non-NULL */
long use_port; /* which port to use (when not using default) */
@@ -1553,7 +1548,7 @@ struct UserDefined {
bool ftp_list_only; /* switch FTP command for listing directories */
bool ftp_use_port; /* use the FTP PORT command */
bool hide_progress; /* don't use the progress meter */
- bool http_fail_on_error; /* fail on HTTP error codes >= 300 */
+ bool http_fail_on_error; /* fail on HTTP error codes >= 400 */
bool http_follow_location; /* follow HTTP redirects */
bool http_transfer_encoding; /* request compressed HTTP transfer-encoding */
bool http_disable_hostname_check_before_authentication;
@@ -1566,7 +1561,7 @@ struct UserDefined {
enum CURL_NETRC_OPTION
use_netrc; /* defined in include/curl.h */
bool verbose; /* output verbosity */
- bool krb; /* kerberos connection requested */
+ bool krb; /* Kerberos connection requested */
bool reuse_forbid; /* forbidden to be reused, close after use */
bool reuse_fresh; /* do not re-use an existing connection */
bool ftp_use_epsv; /* if EPSV is to be attempted or not */
@@ -1586,6 +1581,7 @@ struct UserDefined {
bool connect_only; /* make connection, let application use the socket */
bool ssl_enable_beast; /* especially allow this flaw for interoperability's
sake*/
+ bool ssl_no_revoke; /* disable SSL certificate revocation checks */
long ssh_auth_types; /* allowed SSH auth types */
bool http_te_skip; /* pass the raw body data to the user, even when
transfer-encoded (chunked, compressed) */
@@ -1596,7 +1592,7 @@ struct UserDefined {
bool proxy_transfer_mode; /* set transfer mode (;type=<a|i>) when doing FTP
via an HTTP proxy */
char *str[STRING_LAST]; /* array of strings, pointing to allocated memory */
- unsigned int scope; /* address scope for IPv6 */
+ unsigned int scope_id; /* Scope id for IPv6 */
long allowed_protocols;
long redir_protocols;
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
@@ -1627,7 +1623,9 @@ struct UserDefined {
bool ssl_enable_npn; /* TLS NPN extension? */
bool ssl_enable_alpn; /* TLS ALPN extension? */
-
+ bool path_as_is; /* allow dotdots? */
+ bool pipewait; /* wait for pipe/multiplex status before starting a
+ new connection */
long expect_100_timeout; /* in milliseconds */
};