multi: assign IDs to all timers and make each timer singleton

A) reduces the timeout lists drastically

B) prevents a lot of superfluous loops for timers that expires "in vain"

multi: assign IDs to all timers and make each timer singleton

A) reduces the timeout lists drastically

B) prevents a lot of superfluous loops for timers that expires "in vain"
when it has actually already been extended to fire later on

show more ...

buffer: use data->set.buffer_size instead of BUFSIZE

... to properly use the dynamically set buffer size!

upload: UPLOAD_BUFSIZE is now for the upload buffer

transfer: fix minor buffer_size mistake

transfer: remove 'uploadbuf' pointer and cleanup readwrite_upload()

The data->req.uploadbuf struct member served no good purpose, instead we
use ->state.uploadbuffer directly. It makes i

transfer: remove 'uploadbuf' pointer and cleanup readwrite_upload()

The data->req.uploadbuf struct member served no good purpose, instead we
use ->state.uploadbuffer directly. It makes it clearer in the code which
buffer that's being used.

Removed the 'SingleRequest *' argument from the readwrite_upload() proto
as it can be derived from the Curl_easy struct. Also made the code in
the readwrite_upload() function use the 'k->' shortcut to all references
to struct fields in 'data->req', which previously was made with a mix of
both.

show more ...

llist: replace Curl_llist_alloc with Curl_llist_init

No longer allocate the curl_llist head struct for lists separately.

Removes 17 (15%) tiny allocations in a normal "curl localhos

llist: replace Curl_llist_alloc with Curl_llist_init

No longer allocate the curl_llist head struct for lists separately.

Removes 17 (15%) tiny allocations in a normal "curl localhost" invoke.

closes #1381

show more ...

spelling fixes

Closes #1356

Improve code readbility

... by removing the else branch after a return, break or continue.

Closes #1310

transfer: only retry nobody-requests for HTTP

Using sftp to delete a file with CURLOPT_NOBODY set with a reused
connection would fail as curl expected to get some data. Thus it would

transfer: only retry nobody-requests for HTTP

Using sftp to delete a file with CURLOPT_NOBODY set with a reused
connection would fail as curl expected to get some data. Thus it would
retry the command again which fails as the file has already been
deleted.

Fixes #1243

show more ...

checksrc: stricter no-space-before-paren enforcement

In order to make the code style more uniform everywhere

proxy: Support HTTPS proxy and SOCKS+HTTP(s)

* HTTPS proxies:

An HTTPS proxy receives all transactions over an SSL/TLS connection.
Once a secure connection with the proxy is est

proxy: Support HTTPS proxy and SOCKS+HTTP(s)

* HTTPS proxies:

An HTTPS proxy receives all transactions over an SSL/TLS connection.
Once a secure connection with the proxy is established, the user agent
uses the proxy as usual, including sending CONNECT requests to instruct
the proxy to establish a [usually secure] TCP tunnel with an origin
server. HTTPS proxies protect nearly all aspects of user-proxy
communications as opposed to HTTP proxies that receive all requests
(including CONNECT requests) in vulnerable clear text.

With HTTPS proxies, it is possible to have two concurrent _nested_
SSL/TLS sessions: the "outer" one between the user agent and the proxy
and the "inner" one between the user agent and the origin server
(through the proxy). This change adds supports for such nested sessions
as well.

A secure connection with a proxy requires its own set of the usual SSL
options (their actual descriptions differ and need polishing, see TODO):

--proxy-cacert FILE CA certificate to verify peer against
--proxy-capath DIR CA directory to verify peer against
--proxy-cert CERT[:PASSWD] Client certificate file and password
--proxy-cert-type TYPE Certificate file type (DER/PEM/ENG)
--proxy-ciphers LIST SSL ciphers to use
--proxy-crlfile FILE Get a CRL list in PEM format from the file
--proxy-insecure Allow connections to proxies with bad certs
--proxy-key KEY Private key file name
--proxy-key-type TYPE Private key file type (DER/PEM/ENG)
--proxy-pass PASS Pass phrase for the private key
--proxy-ssl-allow-beast Allow security flaw to improve interop
--proxy-sslv2 Use SSLv2
--proxy-sslv3 Use SSLv3
--proxy-tlsv1 Use TLSv1
--proxy-tlsuser USER TLS username
--proxy-tlspassword STRING TLS password
--proxy-tlsauthtype STRING TLS authentication type (default SRP)

All --proxy-foo options are independent from their --foo counterparts,
except --proxy-crlfile which defaults to --crlfile and --proxy-capath
which defaults to --capath.

Curl now also supports %{proxy_ssl_verify_result} --write-out variable,
similar to the existing %{ssl_verify_result} variable.

Supported backends: OpenSSL, GnuTLS, and NSS.

* A SOCKS proxy + HTTP/HTTPS proxy combination:

If both --socks* and --proxy options are given, Curl first connects to
the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS
proxy.

TODO: Update documentation for the new APIs and --proxy-* options.
Look for "Added in 7.XXX" marks.

show more ...

lib: fix compiler warnings after de4de4e3c7c

Visual C++ now complains about implicitly casting time_t (64-bit) to
long (32-bit). Fix this by changing some variables from long to time_t,

lib: fix compiler warnings after de4de4e3c7c

Visual C++ now complains about implicitly casting time_t (64-bit) to
long (32-bit). Fix this by changing some variables from long to time_t,
or explicitly casting to long where the public interface would be
affected.

Closes #1131

show more ...

strcasecompare: all case insensitive string compares ignore locale now

We had some confusions on when each function was used. We should not act
differently on different locales anyway.

strcasecompare: is the new name for strequal()

... to make it less likely that we forget that the function actually
does case insentive compares. Also replaced several invokes of the

strcasecompare: is the new name for strequal()

... to make it less likely that we forget that the function actually
does case insentive compares. Also replaced several invokes of the
function with a plain strcmp when case sensitivity is not an issue (like
comparing with "-").

show more ...

select: switch to macros in uppercase

Curl_select_ready() was the former API that was replaced with
Curl_select_check() a while back and the former arg setup was provided
with a defi

select: switch to macros in uppercase

Curl_select_ready() was the former API that was replaced with
Curl_select_check() a while back and the former arg setup was provided
with a define (in order to leave existing code unmodified).

Now we instead offer SOCKET_READABLE and SOCKET_WRITABLE for the most
common shortcuts where only one socket is checked. They're also more
visibly macros.

show more ...

http: refuse to pass on response body with NO_NODY was set

... like when a HTTP/0.9 response comes back without any headers at all
and just a body this now prevents that body from being

http: refuse to pass on response body with NO_NODY was set

... like when a HTTP/0.9 response comes back without any headers at all
and just a body this now prevents that body from being sent to the
callback etc.

Adapted test 1144 to verify.

Fixes #973

Assisted-by: Ray Satiro

show more ...

http2: return EOF when done uploading without known size

Fixes #982

speed caps: not based on average speeds anymore

Speed limits (from CURLOPT_MAX_RECV_SPEED_LARGE &
CURLOPT_MAX_SEND_SPEED_LARGE) were applied simply by comparing limits
with the cumul

speed caps: not based on average speeds anymore

Speed limits (from CURLOPT_MAX_RECV_SPEED_LARGE &
CURLOPT_MAX_SEND_SPEED_LARGE) were applied simply by comparing limits
with the cumulative average speed of the entire transfer; While this
might work at times with good/constant connections, in other cases it
can result to the limits simply being "ignored" for more than "short
bursts" (as told in man page).

Consider a download that goes on much slower than the limit for some
time (because bandwidth is used elsewhere, server is slow, whatever the
reason), then once things get better, curl would simply ignore the limit
up until the average speed (since the beginning of the transfer) reached
the limit. This could prove the limit useless to effectively avoid
using the entire bandwidth (at least for quite some time).

So instead, we now use a "moving starting point" as reference, and every
time at least as much as the limit as been transferred, we can reset
this starting point to the current position. This gets a good limiting
effect that applies to the "current speed" with instant reactivity (in
case of sudden speed burst).

Closes #971

show more ...

HTTP: retry failed HEAD requests too

Mark's new document about HTTP Retries
(https://mnot.github.io/I-D/httpbis-retry/) made me check our code and I
spotted that we don't retry faile

HTTP: retry failed HEAD requests too

Mark's new document about HTTP Retries
(https://mnot.github.io/I-D/httpbis-retry/) made me check our code and I
spotted that we don't retry failed HEAD requests which seems totally
inconsistent and I can't see any reason for that separate treatment.

So, no separate treatment for HEAD starting now. A HTTP request sent
over a reused connection that gets cut off before a single byte is
received will be retried on a fresh connection.

Made-aware-by: Mark Nottingham

show more ...

transfer: return without select when the read loop reached maxcount

Regression added in 790d6de48515. The was then added to avoid one
particular transfer to starve out others. But when a

transfer: return without select when the read loop reached maxcount

Regression added in 790d6de48515. The was then added to avoid one
particular transfer to starve out others. But when aborting due to
reading the maxcount, the connection must be marked to be read from
again without first doing a select as for some protocols (like SFTP/SCP)
the data may already have been read off the socket.

Reported-by: Dan Donahue
Bug: https://curl.haxx.se/mail/lib-2016-07/0057.html

show more ...

internals: rename the SessionHandle struct to Curl_easy

ftp: fix incorrect out-of-memory code in Curl_pretransfer

- Return value type must match function type.

s/CURLM_OUT_OF_MEMORY/CURLE_OUT_OF_MEMORY/

Caught by Travis CI

ftp wildcard: segfault due to init only in multi_perform

The proper FTP wildcard init is now more properly done in Curl_pretransfer()
and the corresponding cleanup in Curl_close().

ftp wildcard: segfault due to init only in multi_perform

The proper FTP wildcard init is now more properly done in Curl_pretransfer()
and the corresponding cleanup in Curl_close().

The previous place of init/cleanup code made the internal pointer to be NULL
when this feature was used with the multi_socket() API, as it was made within
the curl_multi_perform() function.

Reported-by: Jonathan Cardoso Machado
Fixes #800

show more ...

lib: include curl_printf.h as one of the last headers

curl_printf.h defines printf to curl_mprintf, etc. This can cause
problems with external headers which may use
__attribute__((fo

lib: include curl_printf.h as one of the last headers

curl_printf.h defines printf to curl_mprintf, etc. This can cause
problems with external headers which may use
__attribute__((format(printf, ...))) markers etc.

To avoid that they cause problems with system includes, we include
curl_printf.h after any system headers. That makes the three last
headers to always be, and we keep them in this order:

curl_printf.h
curl_memory.h
memdebug.h

None of them include system headers, they all do funny #defines.

Reported-by: David Benjamin

Fixes #743

show more ...

code: style updates