Commit Graph

516 Commits

Author SHA1 Message Date
Daniel Stenberg
08b8ef4e72
connect: store "conn_remote_port" in the info struct
To make it available after the connection ended.
2022-04-25 16:24:33 +02:00
Frank Meier
1b169d5ea1
connect: make Curl_getconnectinfo work with conn cache from share handle
Closes #8524
2022-03-08 09:22:09 +01:00
MAntoniak
2cd9837e02
connect: use TCP_KEEPALIVE only if TCP_KEEPIDLE is not defined
Closes #8539
2022-03-05 23:57:08 +01:00
Daniel Stenberg
6dd8d7f349
connect: follow-up fix the copyright year 2022-02-13 12:13:45 +01:00
MAntoniak
06eb208126
misc: remove unused data when IPv6 is not supported
Closes #8430
2022-02-13 12:08:50 +01:00
Daniel Stenberg
c148f0f551
ngtcp2: verify the server cert on connect (quictls)
Make ngtcp2+quictls correctly acknowledge `CURLOPT_SSL_VERIFYPEER` and
`CURLOPT_SSL_VERIFYHOST`.

The name check now uses a function from lib/vtls/openssl.c which will
need attention for when TLS is not done by OpenSSL or is disabled while
QUIC is enabled.

Possibly the servercert() function in openssl.c should be adjusted to be
able to use for both regular TLS and QUIC.

Ref: #8173
Closes #8178
2021-12-28 23:34:23 +01:00
Wyatt O'Day
7da636cad5 version_win32: Check build number and platform id
Prior to this change the build number was not checked during version
comparison, and the platform id was supposed to be checked but wasn't.

Checking the build number is required for enabling "evergreen"
Windows 10/11 features (like TLS 1.3).

Ref: https://github.com/curl/curl/pull/7784

Closes https://github.com/curl/curl/pull/7824
Closes https://github.com/curl/curl/pull/7867
2021-12-02 03:39:14 -05:00
Daniel Stenberg
4d97fe5473
tftp: mark protocol as not possible to do over CONNECT
... and make connect_init() refusing trying to tunnel protocols marked
as not working. Avoids a double-free.

Reported-by: Even Rouault
Fixes #8018
Closes #8020
2021-11-15 23:13:09 +01:00
Daniel Stenberg
f5ee9cf5ba
Curl_updateconninfo: store addresses for QUIC connections too
So that CURLINFO_PRIMARY_IP etc work for HTTP/3 like for other HTTP
versions.

Reported-by: Jerome Mao
Fixes #7939
Closes #7944
2021-11-02 17:57:04 +01:00
Jan Mazur
0fe9018e1a
connnect: use sysaddr_un fron sys/un.h or custom-defined for windows
Closes #7737
2021-09-30 12:27:47 +02:00
Marcel Raad
0259e8c35f lib: remove HAVE_WINSOCK_H usage
WinSock v1 is not supported anymore. Exclusively use `HAVE_WINSOCK2_H`
instead.

Closes https://github.com/curl/curl/pull/7795
2021-09-29 15:54:31 +02:00
Daniel Stenberg
180180a44d
Revert "build: remove checks for WinSock 1"
Due to CI issues

This reverts commit c2ea04f92b.

Closes #7790
2021-09-29 10:42:49 +02:00
Marcel Raad
c2ea04f92b
build: remove checks for WinSock 1
It's not supported anymore.

Closes https://github.com/curl/curl/pull/7778
2021-09-28 19:29:27 +02:00
Daniel Stenberg
424051d78b
connect: get local port + ip also when reusing connections
Regression. In d6a37c23a3 (7.75.0) we removed the duplicated storage
(connection + easy handle), so this info needs be extracted again even
for re-used connections.

Add test 435 to verify

Reported-by: Max Dymond
Fixes #7660
Closes #7662
2021-09-02 23:42:18 +02:00
Daniel Gustafsson
3df8d08d00 connect: remove superfluous conditional
Commit dbd16c3e2 cleaned up the logic for traversing the addrinfos,
but the move left a conditional on ai which no longer is needed as
the while loop reevaluation will cover it.

Closes #7511
Reviewed-by: Carlo Marcelo Arenas Belón
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2021-07-30 09:40:15 +02:00
Jay Satiro
12284e008b connect: fix wrong format specifier in connect error string
0842175 (not in any release) used the wrong format specifier (long int)
for timediff_t. On an OS such as Windows libcurl's timediff_t (usually
64-bit) is bigger than long int (32-bit). In 32-bit Windows builds the
upper 32-bits of the timediff_t were erroneously then used by the next
format specifier. Usually since the timeout isn't larger than 32-bits
this would result in null as a pointer to the string with the reason for
the connection failing. On other OSes or maybe other compilers it could
probably result in garbage values (ie crash on deref).

Before:
Failed to connect to localhost port 12345 after 1201 ms: (nil)

After:
Failed to connect to localhost port 12345 after 1203 ms: Connection refused

Closes https://github.com/curl/curl/pull/7449
2021-07-20 02:16:53 -04:00
Sergey Markelov
e919848ead build: fix compiler warnings when CURL_DISABLE_VERBOSE_STRINGS
fix compiler warnings about unused variables and parameters when
built with --disable-verbose.

Closes https://github.com/curl/curl/pull/7377
2021-07-16 13:55:52 -04:00
Daniel Stenberg
e7416cfd2b
infof: remove newline from format strings, always append it
- the data needs to be "line-based" anyway since it's also passed to the
  debug callback/application

- it makes infof() work like failf() and consistency is good

- there's an assert that triggers on newlines in the format string

- Also removes a few instances of "..."

- Removes the code that would append "..." to the end of the data *iff*
  it was truncated in infof()

Closes #7357
2021-07-07 22:54:01 +02:00
Daniel Stenberg
1ff1d9e179
lib: more %u for port and int for %*s fixes
Detected by Coverity

Closes #7329
2021-07-01 09:12:58 +02:00
Daniel Stenberg
d696ee00ee
lib: use %u instead of %ld for port number printf
Follow-up to 764c6bd3bf which changed the type of some port number
fields. Detected by Coverity (CID 1486624) etc.

Closes #7325
2021-06-30 23:25:35 +02:00
Richard Whitehouse
0842175fa4
multi: alter transfer timeout ordering
- Check whether a connection has succeded before checking whether it's
  timed out.

  This means if we've connected quickly, but subsequently been
  descheduled, we allow the connection to succeed. Note, if we timeout,
  but between checking the timeout, and connecting to the server the
  connection succeeds, we will allow it to go ahead. This is viewed as
  an acceptable trade off.

- Add additional failf logging around failed connection attempts to
  propogate the cause up to the caller.

Co-Authored-by: Martin Howarth
Closes #7178
2021-06-24 15:51:39 +02:00
Lucas Clemente Vella
84d2839740
CURLOPT_IPRESOLVE: preventing wrong IP version from being used
In some situations, it was possible that a transfer was setup to
use an specific IP version, but due do DNS caching or connection
reuse, it ended up using a different IP version from requested.

This commit changes the effect of CURLOPT_IPRESOLVE from simply
restricting address resolution to preventing the wrong connection
type being used, when choosing a connection from the pool, and
to restricting what addresses could be used when establishing
a new connection.

It is important that all addresses versions are resolved, even if
not used in that transfer in particular, because the result is
cached, and could be useful for a different transfer with a
different CURLOPT_IPRESOLVE setting.

Closes #6853
2021-05-20 16:58:31 +02:00
Daniel Stenberg
355aae5b7f
connect: use CURL_SA_FAMILY_T for portability
Reported-by: Kevin R. Bulgrien
Bug: https://curl.se/mail/lib-2021-04/0071.html

Closes #6918
2021-04-21 09:22:37 +02:00
Daniel Stenberg
e8e7ef3612
Curl_timeleft: check both timeouts during connect
The duration of a connect and the total transfer are calculated from two
different time-stamps. It can end up with the total timeout triggering
before the connect timeout expires and we should make sure to
acknowledge whichever timeout that is reached first.

This is especially notable when a transfer first sits in PENDING, as
that time is counted in the total time but the connect timeout is based
on the time since the handle changed to the CONNECT state.

The CONNECTTIMEOUT is per connect attempt. The TIMEOUT is for the entire
operation.

Fixes #6744
Closes #6745
Reported-by: Andrei Bica
Assisted-by: Jay Satiro
2021-03-17 00:28:44 +01:00
Daniel Stenberg
ec549aa625
quiche: fix crash when failing to connect
Reported-by: ウさん
Fixes #6664
Closes #6701
2021-03-08 17:14:13 +01:00
Daniel Stenberg
cfff12a0b3
lib: remove 'conn->data' completely
The Curl_easy pointer struct entry in connectdata is now gone. Just
before commit 215db086e0 landed on January 8, 2021 there were 919
references to conn->data.

Closes #6608
2021-02-16 10:48:57 +01:00
Jay Satiro
cb2dc1ba89 lib: use int type for more port variables
This is a follow-up to 764c6bd. Prior to that change port variables
were usually type long.

Closes https://github.com/curl/curl/pull/6553
2021-02-09 02:53:31 -05:00
Layla
4fc5e7eda5
connect: fix compile errors in Curl_conninfo_local
.. for the `#else` (`!HAVE_GETSOCKNAME`) case

Fixes https://github.com/curl/curl/issues/6548
Closes #6549

Signed-off-by: Layla <layla@insightfulvr.com>
2021-01-29 23:30:50 +01:00
Daniel Stenberg
e76b058f3c
urldata: store ip version in a single byte
Closes #6534
2021-01-27 09:19:12 +01:00
Daniel Stenberg
d6a37c23a3
urldata: remove 'local_ip' from the connectdata struct
As the info is already stored in the transfer handle anyway, there's no
need to carry around a duplicate buffer for the life-time of the handle.

Closes #6534
2021-01-27 09:19:05 +01:00
Daniel Stenberg
764c6bd3bf
urldata: remove duplicate port number storage
... and use 'int' for ports. We don't use 'unsigned short' since -1 is
still often used internally to signify "unknown value" and 0 - 65535 are
all valid port numbers.

Closes #6534
2021-01-27 09:19:01 +01:00
Daniel Stenberg
642d78026f
urldata: remove the duplicate 'ip_addr_str' field
... as the numerical IP address is already stored and kept in 'primary_ip'.

Closes #6534
2021-01-27 09:18:51 +01:00
Daniel Stenberg
8335c6417e
hostip: remove conn->data from resolver functions
This also moves the 'async' struct from the connectdata struct into the
Curl_easy struct, which seems like a better home for it.

Closes #6497
2021-01-22 08:25:09 +01:00
Daniel Stenberg
2bdec0b363
quic: remove conn->data use
Closes #6485
2021-01-19 16:56:35 +01:00
Daniel Stenberg
a304051620
lib: more conn->data cleanups
Closes #6479
2021-01-19 09:14:51 +01:00
Daniel Stenberg
215db086e0
lib: pass in 'struct Curl_easy *' to most functions
... in most cases instead of 'struct connectdata *' but in some cases in
addition to.

- We mostly operate on transfers and not connections.

- We need the transfer handle to log, store data and more. Everything in
  libcurl is driven by a transfer (the CURL * in the public API).

- This work clarifies and separates the transfers from the connections
  better.

- We should avoid "conn->data". Since individual connections can be used
  by many transfers when multiplexing, making sure that conn->data
  points to the current and correct transfer at all times is difficult
  and has been notoriously error-prone over the years. The goal is to
  ultimately remove the conn->data pointer for this reason.

Closes #6425
2021-01-17 23:56:09 +01:00
Daniel Stenberg
6cb803ecb1
connect: mark intentional ignores of setsockopt return values
Pointed out by Coverity

Closes #6431
2021-01-11 10:21:51 +01:00
Cristian Rodríguez
d13179db3e
connect: on linux, enable reporting of all ICMP errors on UDP sockets
The linux kernel does not report all ICMP errors back to userspace due
to historical reasons.

IP*_RECVERR sockopt must be turned on to have the correct behaviour
which is to pass all ICMP errors to userspace.

See https://bugzilla.kernel.org/show_bug.cgi?id=202355

Closes #6341
2020-12-21 15:24:08 +01:00
Cristian Rodríguez
25b4e158e9
connect: defer port selection until connect() time
If supported, defer port selection until connect() time
if --interface is given and source port is 0.

Reproducer:

* start fast webserver on port 80
* starve system of ephemeral ports
$  sysctl net.ipv4.ip_local_port_range="60990 60999"

* start a curl/libcurl "crawler"
$curl --keepalive --parallel --parallel-immediate --head --interface
127.0.0.2 "http://127.0.0.[1-254]/file[001-002].txt"

current result:
(possible some successful data)
curl: (45) bind failed with errno 98: Address already in use

result after patch:
(complete success or few connections failing, higlhy depending on load)

Fail only when all the possible 4-tuple combinations are exhausted,
which is impossible to do when port is selected at bind() time becuse
the kernel does not know if socket will be listen()'ed on or connect'ed
yet.

Closes #6295
2020-12-10 08:55:42 +01:00
Hans-Christian Noren Egtvedt
8a10abaf85
connect: zero variable on stack to silence valgrind complaint
Valgrind will complain that ssrem buffer usage if not explicit
initialized, hence initialize it to zero.

This completes the change intially started in commit 2c0d721215 ('ftp:
retry getpeername for FTP with TCP_FASTOPEN') where the ssloc buffer has
a similar memset to zero.

Signed-off-by: Hans-Christian Noren Egtvedt <hegtvedt@cisco.com>
Closes #6289
2020-12-09 23:36:15 +01:00
Klaus Crusius
2c0d721215
ftp: retry getpeername for FTP with TCP_FASTOPEN
In the case of TFO, the remote host name is not resolved at the
connetion time.

For FTP that has lead to missing hostname for the secondary connection.
Therefore the name resolution is done at the time, when FTP requires it.

Fixes #6252
Closes #6265
Closes #6282
2020-12-06 11:18:28 +01:00
Daniel Stenberg
4d2f800677
curl.se: new home
Closes #6172
2020-11-04 23:59:47 +01:00
Jay Satiro
8b1a10cdf7
connect: repair build without ipv6 availability
Assisted-by: Daniel Stenberg
Reported-by: Tom G. Christensen

Fixes https://github.com/curl/curl/issues/6069
Closes https://github.com/curl/curl/pull/6071
2020-10-15 12:56:57 +02:00
Daniel Stenberg
3d64031fa7
symbian: drop support
The OS is deprecated. I see no traces of anyone having actually built
curl for Symbian after 2012.

The public headers are unmodified.

Closes #5989
2020-09-22 15:14:12 +02:00
ihsinme
d1d3105317
connect.c: remove superfluous 'else' in Curl_getconnectinfo
Closes #5912
2020-09-04 13:31:51 +02:00
Daniel Stenberg
a2c85bb8e4
Curl_pgrsTime - return new time to avoid timeout integer overflow
Setting a timeout to INT_MAX could cause an immediate error to get
returned as timeout because of an overflow when different values of
'now' were used.

This is primarily fixed by having Curl_pgrsTime() return the "now" when
TIMER_STARTSINGLE is set so that the parent function will continue using
that time.

Reported-by: Ionuț-Francisc Oancea
Fixes #5583
Closes #5847
2020-08-28 14:16:41 +02:00
Daniel Stenberg
88b1ca7cba
CURLE_PROXY: new error code
Failures clearly returned from a (SOCKS) proxy now causes this return
code. Previously the situation was not very clear as what would be
returned and when.

In addition: when this error code is returned, an application can use
CURLINFO_PROXY_ERROR to query libcurl for the detailed error, which then
returns a value from the new 'CURLproxycode' enum.

Closes #5770
2020-08-24 08:41:48 +02:00
Daniel Stenberg
3c9e021f86
Curl_easy: remember last connection by id, not by pointer
CVE-2020-8231

Bug: https://curl.haxx.se/docs/CVE-2020-8231.html

Reported-by: Marc Aldorasi
Closes #5824
2020-08-17 14:33:09 +02:00
Cameron Cawley
790137b0f7
win32: Add Curl_verify_windows_version() to curlx
Closes https://github.com/curl/curl/pull/5754
2020-08-02 17:58:44 +02:00
Marc Hoersken
633c9478c9
connect: remove redundant message about connect failure
Reviewed-by: Daniel Stenberg

Closes #5708
2020-07-31 18:58:03 +02:00