2013-12-18 21:27:31 +08:00
|
|
|
#***************************************************************************
|
|
|
|
# _ _ ____ _
|
|
|
|
# Project ___| | | | _ \| |
|
|
|
|
# / __| | | | |_) | |
|
|
|
|
# | (__| |_| | _ <| |___
|
|
|
|
# \___|\___/|_| \_\_____|
|
|
|
|
#
|
2023-01-02 20:51:48 +08:00
|
|
|
# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
2013-12-18 21:27:31 +08:00
|
|
|
#
|
|
|
|
# This software is licensed as described in the file COPYING, which
|
|
|
|
# you should have received as part of this distribution. The terms
|
2020-11-04 21:02:01 +08:00
|
|
|
# are also available at https://curl.se/docs/copyright.html.
|
2013-12-18 21:27:31 +08:00
|
|
|
#
|
|
|
|
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
|
|
# copies of the Software, and permit persons to whom the Software is
|
|
|
|
# furnished to do so, under the terms of the COPYING file.
|
|
|
|
#
|
|
|
|
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
|
|
# KIND, either express or implied.
|
|
|
|
#
|
2022-05-17 17:16:50 +08:00
|
|
|
# SPDX-License-Identifier: curl
|
|
|
|
#
|
2013-12-18 21:27:31 +08:00
|
|
|
###########################################################################
|
2007-07-24 05:46:26 +08:00
|
|
|
|
2021-01-14 15:46:11 +08:00
|
|
|
LIB_VAUTH_CFILES = \
|
|
|
|
vauth/cleartext.c \
|
|
|
|
vauth/cram.c \
|
|
|
|
vauth/digest.c \
|
|
|
|
vauth/digest_sspi.c \
|
2020-12-25 02:48:45 +08:00
|
|
|
vauth/gsasl.c \
|
2021-01-14 15:46:11 +08:00
|
|
|
vauth/krb5_gssapi.c \
|
|
|
|
vauth/krb5_sspi.c \
|
|
|
|
vauth/ntlm.c \
|
|
|
|
vauth/ntlm_sspi.c \
|
|
|
|
vauth/oauth2.c \
|
|
|
|
vauth/spnego_gssapi.c \
|
|
|
|
vauth/spnego_sspi.c \
|
2020-04-14 17:19:12 +08:00
|
|
|
vauth/vauth.c
|
2015-09-12 18:48:24 +08:00
|
|
|
|
2021-01-14 15:46:11 +08:00
|
|
|
LIB_VAUTH_HFILES = \
|
|
|
|
vauth/digest.h \
|
|
|
|
vauth/ntlm.h \
|
|
|
|
vauth/vauth.h
|
2015-09-12 18:48:24 +08:00
|
|
|
|
2021-01-14 15:46:11 +08:00
|
|
|
LIB_VTLS_CFILES = \
|
|
|
|
vtls/bearssl.c \
|
|
|
|
vtls/gskit.c \
|
|
|
|
vtls/gtls.c \
|
2022-02-04 17:44:02 +08:00
|
|
|
vtls/hostcheck.c \
|
2021-01-14 15:46:11 +08:00
|
|
|
vtls/keylog.c \
|
|
|
|
vtls/mbedtls.c \
|
|
|
|
vtls/mbedtls_threadlock.c \
|
|
|
|
vtls/nss.c \
|
|
|
|
vtls/openssl.c \
|
2020-12-13 15:55:09 +08:00
|
|
|
vtls/rustls.c \
|
2021-01-14 15:46:11 +08:00
|
|
|
vtls/schannel.c \
|
|
|
|
vtls/schannel_verify.c \
|
|
|
|
vtls/sectransp.c \
|
|
|
|
vtls/vtls.c \
|
2022-02-04 17:44:02 +08:00
|
|
|
vtls/wolfssl.c \
|
|
|
|
vtls/x509asn1.c
|
2020-01-16 15:17:04 +08:00
|
|
|
|
2021-01-14 15:46:11 +08:00
|
|
|
LIB_VTLS_HFILES = \
|
|
|
|
vtls/bearssl.h \
|
|
|
|
vtls/gskit.h \
|
|
|
|
vtls/gtls.h \
|
2022-02-04 17:44:02 +08:00
|
|
|
vtls/hostcheck.h \
|
2021-01-14 15:46:11 +08:00
|
|
|
vtls/keylog.h \
|
|
|
|
vtls/mbedtls.h \
|
|
|
|
vtls/mbedtls_threadlock.h \
|
|
|
|
vtls/nssg.h \
|
|
|
|
vtls/openssl.h \
|
2020-12-13 15:55:09 +08:00
|
|
|
vtls/rustls.h \
|
2021-01-14 15:46:11 +08:00
|
|
|
vtls/schannel.h \
|
|
|
|
vtls/sectransp.h \
|
|
|
|
vtls/vtls.h \
|
2022-11-11 18:45:34 +08:00
|
|
|
vtls/vtls_int.h \
|
2022-02-04 17:44:02 +08:00
|
|
|
vtls/wolfssl.h \
|
|
|
|
vtls/x509asn1.h
|
2013-12-18 21:25:43 +08:00
|
|
|
|
2021-01-14 15:46:11 +08:00
|
|
|
LIB_VQUIC_CFILES = \
|
2023-01-06 02:23:21 +08:00
|
|
|
vquic/curl_msh3.c \
|
|
|
|
vquic/curl_ngtcp2.c \
|
|
|
|
vquic/curl_quiche.c \
|
2021-01-14 15:46:11 +08:00
|
|
|
vquic/vquic.c
|
2019-07-22 05:48:58 +08:00
|
|
|
|
2021-01-14 15:46:11 +08:00
|
|
|
LIB_VQUIC_HFILES = \
|
2023-01-06 02:23:21 +08:00
|
|
|
vquic/curl_msh3.h \
|
|
|
|
vquic/curl_ngtcp2.h \
|
|
|
|
vquic/curl_quiche.h \
|
2022-12-30 16:14:55 +08:00
|
|
|
vquic/vquic.h \
|
|
|
|
vquic/vquic_int.h
|
2019-07-22 05:48:58 +08:00
|
|
|
|
2021-01-14 15:46:11 +08:00
|
|
|
LIB_VSSH_CFILES = \
|
|
|
|
vssh/libssh.c \
|
|
|
|
vssh/libssh2.c \
|
|
|
|
vssh/wolfssh.c
|
2019-08-16 22:01:42 +08:00
|
|
|
|
2021-01-14 15:46:11 +08:00
|
|
|
LIB_VSSH_HFILES = \
|
|
|
|
vssh/ssh.h
|
2019-11-18 04:04:37 +08:00
|
|
|
|
2020-12-14 21:10:33 +08:00
|
|
|
LIB_CFILES = \
|
|
|
|
altsvc.c \
|
|
|
|
amigaos.c \
|
|
|
|
asyn-ares.c \
|
|
|
|
asyn-thread.c \
|
|
|
|
base64.c \
|
2023-03-20 21:23:53 +08:00
|
|
|
bufq.c \
|
2021-03-23 09:02:18 +08:00
|
|
|
bufref.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
c-hyper.c \
|
2023-04-06 15:54:57 +08:00
|
|
|
cf-h1-proxy.c \
|
|
|
|
cf-h2-proxy.c \
|
|
|
|
cf-haproxy.c \
|
2023-03-01 23:40:22 +08:00
|
|
|
cf-https-connect.c \
|
connections: introduce http/3 happy eyeballs
New cfilter HTTP-CONNECT for h3/h2/http1.1 eyeballing.
- filter is installed when `--http3` in the tool is used (or
the equivalent CURLOPT_ done in the library)
- starts a QUIC/HTTP/3 connect right away. Should that not
succeed after 100ms (subject to change), a parallel attempt
is started for HTTP/2 and HTTP/1.1 via TCP
- both attempts are subject to IPv6/IPv4 eyeballing, same
as happens for other connections
- tie timeout to the ip-version HAPPY_EYEBALLS_TIMEOUT
- use a `soft` timeout at half the value. When the soft timeout
expires, the HTTPS-CONNECT filter checks if the QUIC filter
has received any data from the server. If not, it will start
the HTTP/2 attempt.
HTTP/3(ngtcp2) improvements.
- setting call_data in all cfilter calls similar to http/2 and vtls filters
for use in callback where no stream data is available.
- returning CURLE_PARTIAL_FILE for prematurely terminated transfers
- enabling pytest test_05 for h3
- shifting functionality to "connect" UDP sockets from ngtcp2
implementation into the udp socket cfilter. Because unconnected
UDP sockets are weird. For example they error when adding to a
pollset.
HTTP/3(quiche) improvements.
- fixed upload bug in quiche implementation, now passes 251 and pytest
- error codes on stream RESET
- improved debug logs
- handling of DRAIN during connect
- limiting pending event queue
HTTP/2 cfilter improvements.
- use LOG_CF macros for dynamic logging in debug build
- fix CURLcode on RST streams to be CURLE_PARTIAL_FILE
- enable pytest test_05 for h2
- fix upload pytests and improve parallel transfer performance.
GOAWAY handling for ngtcp2/quiche
- during connect, when the remote server refuses to accept new connections
and closes immediately (so the local conn goes into DRAIN phase), the
connection is torn down and a another attempt is made after a short grace
period.
This is the behaviour observed with nghttpx when we tell it to shut
down gracefully. Tested in pytest test_03_02.
TLS improvements
- ALPN selection for SSL/SSL-PROXY filters in one vtls set of functions, replaces
copy of logic in all tls backends.
- standardized the infof logging of offered ALPNs
- ALPN negotiated: have common function for all backends that sets alpn proprty
and connection related things based on the negotiated protocol (or lack thereof).
- new tests/tests-httpd/scorecard.py for testing h3/h2 protocol implementation.
Invoke:
python3 tests/tests-httpd/scorecard.py --help
for usage.
Improvements on gathering connect statistics and socket access.
- new CF_CTRL_CONN_REPORT_STATS cfilter control for having cfilters
report connection statistics. This is triggered when the connection
has completely connected.
- new void Curl_pgrsTimeWas(..) method to report a timer update with
a timestamp of when it happend. This allows for updating timers
"later", e.g. a connect statistic after full connectivity has been
reached.
- in case of HTTP eyeballing, the previous changes will update
statistics only from the filter chain that "won" the eyeballing.
- new cfilter query CF_QUERY_SOCKET for retrieving the socket used
by a filter chain.
Added methods Curl_conn_cf_get_socket() and Curl_conn_get_socket()
for convenient use of this query.
- Change VTLS backend to query their sub-filters for the socket when
checks during the handshake are made.
HTTP/3 documentation on how https eyeballing works.
TLS improvements
- ALPN selection for SSL/SSL-PROXY filters in one vtls set of functions, replaces
copy of logic in all tls backends.
- standardized the infof logging of offered ALPNs
- ALPN negotiated: have common function for all backends that sets alpn proprty
and connection related things based on the negotiated protocol (or lack thereof).
Scorecard with Caddy.
- configure can be run with `--with-test-caddy=path` to specify which caddy to use for testing
- tests/tests-httpd/scorecard.py now measures download speeds with caddy
pytest improvements
- adding Makfile to clean gen dir
- adding nghttpx rundir creation on start
- checking httpd version 2.4.55 for test_05 cases where it is needed. Skipping with message if too old.
- catch exception when checking for caddy existance on system.
Closes #10349
2023-02-02 00:13:12 +08:00
|
|
|
cf-socket.c \
|
2022-11-11 18:45:34 +08:00
|
|
|
cfilters.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
conncache.c \
|
|
|
|
connect.c \
|
|
|
|
content_encoding.c \
|
|
|
|
cookie.c \
|
|
|
|
curl_addrinfo.c \
|
|
|
|
curl_des.c \
|
|
|
|
curl_endian.c \
|
|
|
|
curl_fnmatch.c \
|
|
|
|
curl_get_line.c \
|
|
|
|
curl_gethostname.c \
|
|
|
|
curl_gssapi.c \
|
2023-01-11 17:30:42 +08:00
|
|
|
curl_log.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
curl_memrchr.c \
|
|
|
|
curl_multibyte.c \
|
|
|
|
curl_ntlm_core.c \
|
|
|
|
curl_ntlm_wb.c \
|
|
|
|
curl_path.c \
|
|
|
|
curl_range.c \
|
|
|
|
curl_rtmp.c \
|
|
|
|
curl_sasl.c \
|
|
|
|
curl_sspi.c \
|
|
|
|
curl_threads.c \
|
|
|
|
dict.c \
|
|
|
|
doh.c \
|
|
|
|
dynbuf.c \
|
2023-03-20 21:23:53 +08:00
|
|
|
dynhds.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
easy.c \
|
|
|
|
easygetopt.c \
|
|
|
|
easyoptions.c \
|
|
|
|
escape.c \
|
|
|
|
file.c \
|
|
|
|
fileinfo.c \
|
2022-05-25 16:09:53 +08:00
|
|
|
fopen.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
formdata.c \
|
|
|
|
ftp.c \
|
|
|
|
ftplistparser.c \
|
|
|
|
getenv.c \
|
|
|
|
getinfo.c \
|
|
|
|
gopher.c \
|
|
|
|
hash.c \
|
2022-03-17 17:20:19 +08:00
|
|
|
headers.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
hmac.c \
|
|
|
|
hostasyn.c \
|
|
|
|
hostip.c \
|
|
|
|
hostip4.c \
|
|
|
|
hostip6.c \
|
|
|
|
hostsyn.c \
|
|
|
|
hsts.c \
|
|
|
|
http.c \
|
2023-04-14 17:38:14 +08:00
|
|
|
http1.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
http2.c \
|
|
|
|
http_chunks.c \
|
|
|
|
http_digest.c \
|
|
|
|
http_negotiate.c \
|
|
|
|
http_ntlm.c \
|
|
|
|
http_proxy.c \
|
http: introduce AWS HTTP v4 Signature
It is a security process for HTTP.
It doesn't seems to be standard, but it is used by some cloud providers.
Aws:
https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
Outscale:
https://wiki.outscale.net/display/EN/Creating+a+Canonical+Request
GCP (I didn't test that this code work with GCP though):
https://cloud.google.com/storage/docs/access-control/signing-urls-manually
most of the code is in lib/http_v4_signature.c
Information require by the algorithm:
- The URL
- Current time
- some prefix that are append to some of the signature parameters.
The data extracted from the URL are: the URI, the region,
the host and the API type
example:
https://api.eu-west-2.outscale.com/api/latest/ReadNets
~~~ ~~~~~~~~ ~~~~~~~~~~~~~~~~~~~
^ ^ ^
/ \ URI
API type region
Small description of the algorithm:
- make canonical header using content type, the host, and the date
- hash the post data
- make canonical_request using custom request, the URI,
the get data, the canonical header, the signed header
and post data hash
- hash canonical_request
- make str_to_sign using one of the prefix pass in parameter,
the date, the credential scope and the canonical_request hash
- compute hmac from date, using secret key as key.
- compute hmac from region, using above hmac as key
- compute hmac from api_type, using above hmac as key
- compute hmac from request_type, using above hmac as key
- compute hmac from str_to_sign using above hmac as key
- create Authorization header using above hmac, prefix pass in parameter,
the date, and above hash
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
Closes #5703
2020-07-09 19:58:37 +08:00
|
|
|
http_aws_sigv4.c \
|
2022-12-14 21:49:59 +08:00
|
|
|
idn.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
if2ip.c \
|
|
|
|
imap.c \
|
|
|
|
inet_ntop.c \
|
|
|
|
inet_pton.c \
|
|
|
|
krb5.c \
|
|
|
|
ldap.c \
|
|
|
|
llist.c \
|
|
|
|
md4.c \
|
|
|
|
md5.c \
|
|
|
|
memdebug.c \
|
|
|
|
mime.c \
|
|
|
|
mprintf.c \
|
|
|
|
mqtt.c \
|
|
|
|
multi.c \
|
|
|
|
netrc.c \
|
|
|
|
nonblock.c \
|
2022-10-20 21:21:12 +08:00
|
|
|
noproxy.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
openldap.c \
|
|
|
|
parsedate.c \
|
|
|
|
pingpong.c \
|
|
|
|
pop3.c \
|
|
|
|
progress.c \
|
|
|
|
psl.c \
|
|
|
|
rand.c \
|
|
|
|
rename.c \
|
|
|
|
rtsp.c \
|
|
|
|
select.c \
|
|
|
|
sendf.c \
|
|
|
|
setopt.c \
|
|
|
|
sha256.c \
|
|
|
|
share.c \
|
|
|
|
slist.c \
|
|
|
|
smb.c \
|
|
|
|
smtp.c \
|
|
|
|
socketpair.c \
|
|
|
|
socks.c \
|
|
|
|
socks_gssapi.c \
|
|
|
|
socks_sspi.c \
|
|
|
|
speedcheck.c \
|
|
|
|
splay.c \
|
|
|
|
strcase.c \
|
|
|
|
strdup.c \
|
|
|
|
strerror.c \
|
|
|
|
strtok.c \
|
|
|
|
strtoofft.c \
|
|
|
|
system_win32.c \
|
|
|
|
telnet.c \
|
|
|
|
tftp.c \
|
2020-08-29 18:54:30 +08:00
|
|
|
timediff.c \
|
2020-12-14 21:10:33 +08:00
|
|
|
timeval.c \
|
|
|
|
transfer.c \
|
|
|
|
url.c \
|
|
|
|
urlapi.c \
|
|
|
|
version.c \
|
|
|
|
version_win32.c \
|
|
|
|
warnless.c \
|
2022-09-09 21:11:14 +08:00
|
|
|
ws.c
|
2012-12-28 19:40:20 +08:00
|
|
|
|
2020-12-14 21:10:33 +08:00
|
|
|
LIB_HFILES = \
|
|
|
|
altsvc.h \
|
|
|
|
amigaos.h \
|
|
|
|
arpa_telnet.h \
|
|
|
|
asyn.h \
|
2023-03-20 21:23:53 +08:00
|
|
|
bufq.h \
|
2021-03-23 09:02:18 +08:00
|
|
|
bufref.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
c-hyper.h \
|
2023-04-06 15:54:57 +08:00
|
|
|
cf-h1-proxy.h \
|
|
|
|
cf-h2-proxy.h \
|
|
|
|
cf-haproxy.h \
|
2023-03-01 23:40:22 +08:00
|
|
|
cf-https-connect.h \
|
connections: introduce http/3 happy eyeballs
New cfilter HTTP-CONNECT for h3/h2/http1.1 eyeballing.
- filter is installed when `--http3` in the tool is used (or
the equivalent CURLOPT_ done in the library)
- starts a QUIC/HTTP/3 connect right away. Should that not
succeed after 100ms (subject to change), a parallel attempt
is started for HTTP/2 and HTTP/1.1 via TCP
- both attempts are subject to IPv6/IPv4 eyeballing, same
as happens for other connections
- tie timeout to the ip-version HAPPY_EYEBALLS_TIMEOUT
- use a `soft` timeout at half the value. When the soft timeout
expires, the HTTPS-CONNECT filter checks if the QUIC filter
has received any data from the server. If not, it will start
the HTTP/2 attempt.
HTTP/3(ngtcp2) improvements.
- setting call_data in all cfilter calls similar to http/2 and vtls filters
for use in callback where no stream data is available.
- returning CURLE_PARTIAL_FILE for prematurely terminated transfers
- enabling pytest test_05 for h3
- shifting functionality to "connect" UDP sockets from ngtcp2
implementation into the udp socket cfilter. Because unconnected
UDP sockets are weird. For example they error when adding to a
pollset.
HTTP/3(quiche) improvements.
- fixed upload bug in quiche implementation, now passes 251 and pytest
- error codes on stream RESET
- improved debug logs
- handling of DRAIN during connect
- limiting pending event queue
HTTP/2 cfilter improvements.
- use LOG_CF macros for dynamic logging in debug build
- fix CURLcode on RST streams to be CURLE_PARTIAL_FILE
- enable pytest test_05 for h2
- fix upload pytests and improve parallel transfer performance.
GOAWAY handling for ngtcp2/quiche
- during connect, when the remote server refuses to accept new connections
and closes immediately (so the local conn goes into DRAIN phase), the
connection is torn down and a another attempt is made after a short grace
period.
This is the behaviour observed with nghttpx when we tell it to shut
down gracefully. Tested in pytest test_03_02.
TLS improvements
- ALPN selection for SSL/SSL-PROXY filters in one vtls set of functions, replaces
copy of logic in all tls backends.
- standardized the infof logging of offered ALPNs
- ALPN negotiated: have common function for all backends that sets alpn proprty
and connection related things based on the negotiated protocol (or lack thereof).
- new tests/tests-httpd/scorecard.py for testing h3/h2 protocol implementation.
Invoke:
python3 tests/tests-httpd/scorecard.py --help
for usage.
Improvements on gathering connect statistics and socket access.
- new CF_CTRL_CONN_REPORT_STATS cfilter control for having cfilters
report connection statistics. This is triggered when the connection
has completely connected.
- new void Curl_pgrsTimeWas(..) method to report a timer update with
a timestamp of when it happend. This allows for updating timers
"later", e.g. a connect statistic after full connectivity has been
reached.
- in case of HTTP eyeballing, the previous changes will update
statistics only from the filter chain that "won" the eyeballing.
- new cfilter query CF_QUERY_SOCKET for retrieving the socket used
by a filter chain.
Added methods Curl_conn_cf_get_socket() and Curl_conn_get_socket()
for convenient use of this query.
- Change VTLS backend to query their sub-filters for the socket when
checks during the handshake are made.
HTTP/3 documentation on how https eyeballing works.
TLS improvements
- ALPN selection for SSL/SSL-PROXY filters in one vtls set of functions, replaces
copy of logic in all tls backends.
- standardized the infof logging of offered ALPNs
- ALPN negotiated: have common function for all backends that sets alpn proprty
and connection related things based on the negotiated protocol (or lack thereof).
Scorecard with Caddy.
- configure can be run with `--with-test-caddy=path` to specify which caddy to use for testing
- tests/tests-httpd/scorecard.py now measures download speeds with caddy
pytest improvements
- adding Makfile to clean gen dir
- adding nghttpx rundir creation on start
- checking httpd version 2.4.55 for test_05 cases where it is needed. Skipping with message if too old.
- catch exception when checking for caddy existance on system.
Closes #10349
2023-02-02 00:13:12 +08:00
|
|
|
cf-socket.h \
|
2022-11-11 18:45:34 +08:00
|
|
|
cfilters.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
conncache.h \
|
|
|
|
connect.h \
|
|
|
|
content_encoding.h \
|
|
|
|
cookie.h \
|
|
|
|
curl_addrinfo.h \
|
|
|
|
curl_base64.h \
|
|
|
|
curl_ctype.h \
|
|
|
|
curl_des.h \
|
|
|
|
curl_endian.h \
|
|
|
|
curl_fnmatch.h \
|
|
|
|
curl_get_line.h \
|
|
|
|
curl_gethostname.h \
|
|
|
|
curl_gssapi.h \
|
|
|
|
curl_hmac.h \
|
|
|
|
curl_krb5.h \
|
|
|
|
curl_ldap.h \
|
2023-01-11 17:30:42 +08:00
|
|
|
curl_log.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
curl_md4.h \
|
|
|
|
curl_md5.h \
|
|
|
|
curl_memory.h \
|
|
|
|
curl_memrchr.h \
|
|
|
|
curl_multibyte.h \
|
|
|
|
curl_ntlm_core.h \
|
|
|
|
curl_ntlm_wb.h \
|
|
|
|
curl_path.h \
|
|
|
|
curl_printf.h \
|
|
|
|
curl_range.h \
|
|
|
|
curl_rtmp.h \
|
|
|
|
curl_sasl.h \
|
|
|
|
curl_setup.h \
|
|
|
|
curl_setup_once.h \
|
|
|
|
curl_sha256.h \
|
|
|
|
curl_sspi.h \
|
|
|
|
curl_threads.h \
|
|
|
|
curlx.h \
|
|
|
|
dict.h \
|
|
|
|
doh.h \
|
|
|
|
dynbuf.h \
|
2023-03-20 21:23:53 +08:00
|
|
|
dynhds.h \
|
2022-04-05 21:46:03 +08:00
|
|
|
easy_lock.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
easyif.h \
|
|
|
|
easyoptions.h \
|
|
|
|
escape.h \
|
|
|
|
file.h \
|
|
|
|
fileinfo.h \
|
2022-05-25 16:09:53 +08:00
|
|
|
fopen.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
formdata.h \
|
2022-09-26 17:45:18 +08:00
|
|
|
functypes.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
ftp.h \
|
|
|
|
ftplistparser.h \
|
|
|
|
getinfo.h \
|
|
|
|
gopher.h \
|
|
|
|
hash.h \
|
2022-03-17 17:20:19 +08:00
|
|
|
headers.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
hostip.h \
|
|
|
|
hsts.h \
|
|
|
|
http.h \
|
2023-04-14 17:38:14 +08:00
|
|
|
http1.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
http2.h \
|
|
|
|
http_chunks.h \
|
|
|
|
http_digest.h \
|
|
|
|
http_negotiate.h \
|
|
|
|
http_ntlm.h \
|
|
|
|
http_proxy.h \
|
http: introduce AWS HTTP v4 Signature
It is a security process for HTTP.
It doesn't seems to be standard, but it is used by some cloud providers.
Aws:
https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
Outscale:
https://wiki.outscale.net/display/EN/Creating+a+Canonical+Request
GCP (I didn't test that this code work with GCP though):
https://cloud.google.com/storage/docs/access-control/signing-urls-manually
most of the code is in lib/http_v4_signature.c
Information require by the algorithm:
- The URL
- Current time
- some prefix that are append to some of the signature parameters.
The data extracted from the URL are: the URI, the region,
the host and the API type
example:
https://api.eu-west-2.outscale.com/api/latest/ReadNets
~~~ ~~~~~~~~ ~~~~~~~~~~~~~~~~~~~
^ ^ ^
/ \ URI
API type region
Small description of the algorithm:
- make canonical header using content type, the host, and the date
- hash the post data
- make canonical_request using custom request, the URI,
the get data, the canonical header, the signed header
and post data hash
- hash canonical_request
- make str_to_sign using one of the prefix pass in parameter,
the date, the credential scope and the canonical_request hash
- compute hmac from date, using secret key as key.
- compute hmac from region, using above hmac as key
- compute hmac from api_type, using above hmac as key
- compute hmac from request_type, using above hmac as key
- compute hmac from str_to_sign using above hmac as key
- create Authorization header using above hmac, prefix pass in parameter,
the date, and above hash
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
Closes #5703
2020-07-09 19:58:37 +08:00
|
|
|
http_aws_sigv4.h \
|
2022-12-14 21:49:59 +08:00
|
|
|
idn.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
if2ip.h \
|
|
|
|
imap.h \
|
|
|
|
inet_ntop.h \
|
|
|
|
inet_pton.h \
|
|
|
|
llist.h \
|
|
|
|
memdebug.h \
|
|
|
|
mime.h \
|
|
|
|
mqtt.h \
|
|
|
|
multihandle.h \
|
|
|
|
multiif.h \
|
|
|
|
netrc.h \
|
|
|
|
nonblock.h \
|
2022-10-20 21:21:12 +08:00
|
|
|
noproxy.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
parsedate.h \
|
|
|
|
pingpong.h \
|
|
|
|
pop3.h \
|
|
|
|
progress.h \
|
|
|
|
psl.h \
|
|
|
|
rand.h \
|
|
|
|
rename.h \
|
|
|
|
rtsp.h \
|
|
|
|
select.h \
|
|
|
|
sendf.h \
|
|
|
|
setopt.h \
|
|
|
|
setup-vms.h \
|
|
|
|
share.h \
|
|
|
|
sigpipe.h \
|
|
|
|
slist.h \
|
|
|
|
smb.h \
|
|
|
|
smtp.h \
|
|
|
|
sockaddr.h \
|
|
|
|
socketpair.h \
|
|
|
|
socks.h \
|
|
|
|
speedcheck.h \
|
|
|
|
splay.h \
|
|
|
|
strcase.h \
|
|
|
|
strdup.h \
|
|
|
|
strerror.h \
|
|
|
|
strtok.h \
|
|
|
|
strtoofft.h \
|
|
|
|
system_win32.h \
|
|
|
|
telnet.h \
|
|
|
|
tftp.h \
|
2020-08-29 18:54:30 +08:00
|
|
|
timediff.h \
|
2020-12-14 21:10:33 +08:00
|
|
|
timeval.h \
|
|
|
|
transfer.h \
|
|
|
|
url.h \
|
|
|
|
urlapi-int.h \
|
|
|
|
urldata.h \
|
|
|
|
version_win32.h \
|
|
|
|
warnless.h \
|
2022-09-09 21:11:14 +08:00
|
|
|
ws.h
|
2014-05-10 05:27:40 +08:00
|
|
|
|
2014-05-19 04:43:40 +08:00
|
|
|
LIB_RCFILES = libcurl.rc
|
2014-05-12 03:52:52 +08:00
|
|
|
|
2019-07-22 05:48:58 +08:00
|
|
|
CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) \
|
2019-08-16 22:01:42 +08:00
|
|
|
$(LIB_VQUIC_CFILES) $(LIB_VSSH_CFILES)
|
2019-07-22 05:48:58 +08:00
|
|
|
HHEADERS = $(LIB_HFILES) $(LIB_VAUTH_HFILES) $(LIB_VTLS_HFILES) \
|
2019-11-18 04:04:37 +08:00
|
|
|
$(LIB_VQUIC_HFILES) $(LIB_VSSH_HFILES)
|