|
25fdb3f0
|
2017-10-07T11:25:12
|
|
proxy: rename the options freeing function
|
|
6f8d1eb9
|
2017-09-27T15:30:19
|
|
curl: free the user-provided proxy credentials
|
|
406b47bf
|
2017-09-27T15:27:32
|
|
curl: free the proxy options
|
|
0c7f49dd
|
2017-06-30T13:39:01
|
|
Make sure to always include "common.h" first
Next to including several files, our "common.h" header also declares
various macros which are then used throughout the project. As such, we
have to make sure to always include this file first in all
implementation files. Otherwise, we might encounter problems or even
silent behavioural differences due to macros or defines not being
defined as they should be. So in fact, our header and implementation
files should make sure to always include "common.h" first.
This commit does so by establishing a common include pattern. Header
files inside of "src" will now always include "common.h" as its first
other file, separated by a newline from all the other includes to make
it stand out as special. There are two cases for the implementation
files. If they do have a matching header file, they will always include
this one first, leading to "common.h" being transitively included as
first file. If they do not have a matching header file, they instead
include "common.h" as first file themselves.
This fixes the outlined problems and will become our standard practice
for header and source files inside of the "src/" from now on.
|
|
5cbd5260
|
2016-11-11T11:37:00
|
|
curl_stream: use CURLINFO_ACTIVESOCKET if curl is recent enough
The `CURLINFO_LASTSOCKET` information has been deprecated since
curl version 7.45.0 as it may result in an overflow in the
returned socket on certain systems, most importantly on 64 bit
Windows. Instead, a new call `CURLINFO_ACTIVESOCKET` has been
added which instead returns a `curl_socket_t`, which is always
sufficiently long to store a socket.
As we need to provide backwards compatibility with curl versions
smaller than 7.45.0, alias CURLINFO_ACTIVESOCKET to
CURLINFO_LASTSOCKET on platforms without CURLINFO_ACTIVESOCKET.
|
|
5ca75fd5
|
2016-11-10T08:00:22
|
|
curl_stream: check for -1 after CURLINFO_LASTSOCKET
We're recently trying to upgrade to the current master of libgit2
in Cargo but we're unfortunately hitting a segfault in one of our
tests. This particular test is just a small smoke test that https
works (e.g. it's configured in libgit2). It attempts to clone
from a URL which simply immediately drops connections after
they're accepted (e.g. terminate abnormally). We expect to see a
standard error from libgit2 but unfortunately we're seeing a
segfault.
This segfault is happening inside of the `wait_for` function of
`curl_stream.c` at the line `FD_SET(fd, &errfd)` because `fd` is
-1. This ends up doing an out-of-bounds array access that faults
the program. I tracked back to where this -1 came from to the
line here (returned by `CURLINFO_LASTSOCKET`) and added a check
to return an error.
|
|
467e2cb1
|
2015-10-02T10:11:43
|
|
curl: ask for proxy credentials
|
|
b373e9a6
|
2015-09-21T22:38:50
|
|
net: use proxy options struct in the stream config
|
|
a001846b
|
2016-02-08T17:05:57
|
|
curl_stream: fix unused cert infos
When copying contents of the cURL certiinfo we duplicate the
data but forget to actually put it into the vector.
|
|
8bd1c19e
|
2016-01-16T19:39:24
|
|
Free allocated pointer to curl stream on error
|
|
dc035189
|
2015-08-06T13:02:35
|
|
curl: use the most secure auth method for the proxy
When curl uses a proxy, it will only use Basic unless we prompt it to
try to use the most secure on it has available.
This is something which git did recently, and it seems like a good idea.
|
|
79698030
|
2015-06-29T22:51:18
|
|
git_cert: child types use proper base type
|
|
8443f492
|
2015-06-11T16:57:04
|
|
curl: remove the encrypted param to the constructor
We do not want libcurl to perform the TLS negotiation for us, so we
don't need to pass this option.
|
|
cdee630f
|
2015-06-09T19:07:58
|
|
curl: extract certificate information
The information is exposed by curl for some crypto libraries in the form
of name:content strings. We can't do much more than return this
information.
|
|
1376e784
|
2015-06-07T14:42:13
|
|
stream: add support for setting a proxy
If the stream claims to support this feature, we can let the transport
set the proxy.
We also set HTTPPROXYTUNNEL option so curl can create a tunnel through
the proxy which lets us create our own TLS session (if needed).
|
|
8dea1c21
|
2015-06-05T11:02:11
|
|
Implement a curl stream
cURL has a mode in which it acts a lot like our streams, providing send
and recv functions and taking care of the TLS and proxy setup for us.
Implement a new stream which uses libcurl instead of raw sockets or the
TLS libraries directly. This version does not support reporting
certificates or proxies yet.
|