src/curl_stream.c


Log

Author Commit Date CI Message
Carlos Martín Nieto 27a8092b 2017-09-27T15:30:19 curl: free the user-provided proxy credentials
Carlos Martín Nieto 8d7dcb10 2017-09-27T15:27:32 curl: free the proxy options
Patrick Steinhardt 5cbd5260 2016-11-11T11:37:00 curl_stream: use CURLINFO_ACTIVESOCKET if curl is recent enough The `CURLINFO_LASTSOCKET` information has been deprecated since curl version 7.45.0 as it may result in an overflow in the returned socket on certain systems, most importantly on 64 bit Windows. Instead, a new call `CURLINFO_ACTIVESOCKET` has been added which instead returns a `curl_socket_t`, which is always sufficiently long to store a socket. As we need to provide backwards compatibility with curl versions smaller than 7.45.0, alias CURLINFO_ACTIVESOCKET to CURLINFO_LASTSOCKET on platforms without CURLINFO_ACTIVESOCKET.
Alex Crichton 5ca75fd5 2016-11-10T08:00:22 curl_stream: check for -1 after CURLINFO_LASTSOCKET We're recently trying to upgrade to the current master of libgit2 in Cargo but we're unfortunately hitting a segfault in one of our tests. This particular test is just a small smoke test that https works (e.g. it's configured in libgit2). It attempts to clone from a URL which simply immediately drops connections after they're accepted (e.g. terminate abnormally). We expect to see a standard error from libgit2 but unfortunately we're seeing a segfault. This segfault is happening inside of the `wait_for` function of `curl_stream.c` at the line `FD_SET(fd, &errfd)` because `fd` is -1. This ends up doing an out-of-bounds array access that faults the program. I tracked back to where this -1 came from to the line here (returned by `CURLINFO_LASTSOCKET`) and added a check to return an error.
Carlos Martín Nieto 467e2cb1 2015-10-02T10:11:43 curl: ask for proxy credentials
Carlos Martín Nieto b373e9a6 2015-09-21T22:38:50 net: use proxy options struct in the stream config
Patrick Steinhardt a001846b 2016-02-08T17:05:57 curl_stream: fix unused cert infos When copying contents of the cURL certiinfo we duplicate the data but forget to actually put it into the vector.
Bob Kuo 8bd1c19e 2016-01-16T19:39:24 Free allocated pointer to curl stream on error
Carlos Martín Nieto dc035189 2015-08-06T13:02:35 curl: use the most secure auth method for the proxy When curl uses a proxy, it will only use Basic unless we prompt it to try to use the most secure on it has available. This is something which git did recently, and it seems like a good idea.
Edward Thomson 79698030 2015-06-29T22:51:18 git_cert: child types use proper base type
Carlos Martín Nieto 8443f492 2015-06-11T16:57:04 curl: remove the encrypted param to the constructor We do not want libcurl to perform the TLS negotiation for us, so we don't need to pass this option.
Carlos Martín Nieto cdee630f 2015-06-09T19:07:58 curl: extract certificate information The information is exposed by curl for some crypto libraries in the form of name:content strings. We can't do much more than return this information.
Carlos Martín Nieto 1376e784 2015-06-07T14:42:13 stream: add support for setting a proxy If the stream claims to support this feature, we can let the transport set the proxy. We also set HTTPPROXYTUNNEL option so curl can create a tunnel through the proxy which lets us create our own TLS session (if needed).
Carlos Martín Nieto 8dea1c21 2015-06-05T11:02:11 Implement a curl stream cURL has a mode in which it acts a lot like our streams, providing send and recv functions and taking care of the TLS and proxy setup for us. Implement a new stream which uses libcurl instead of raw sockets or the TLS libraries directly. This version does not support reporting certificates or proxies yet.