summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2019-02-25 18:12:51 +0100
committerDaniel Stenberg <daniel@haxx.se>2019-02-26 10:20:21 +0100
commit880cd5dd2040826b8a1c49ecf59a385ea775a3d3 (patch)
treedf4d2466d48ea75f9c098891a8170484415793e2 /lib
parent8eddb8f4259193633cfc95a42603958a89b31de5 (diff)
downloadcurl-880cd5dd2040826b8a1c49ecf59a385ea775a3d3.tar.gz
strerror: make the strerror function use local buffers
Instead of using a fixed 256 byte buffer in the connectdata struct. In my build, this reduces the size of the connectdata struct by 11.8%, from 2160 to 1904 bytes with no functionality or performance loss. This also fixes a bug in schannel's Curl_verify_certificate where it called Curl_sspi_strerror when it should have called Curl_strerror for string from GetLastError. the only effect would have been no text or the wrong text being shown for the error. Co-authored-by: Jay Satiro Closes #3612
Diffstat (limited to 'lib')
-rw-r--r--lib/connect.c45
-rw-r--r--lib/curl_ntlm_wb.c15
-rw-r--r--lib/ftp.c22
-rw-r--r--lib/hostip6.c9
-rw-r--r--lib/sendf.c8
-rw-r--r--lib/socks_sspi.c5
-rw-r--r--lib/strerror.c20
-rw-r--r--lib/strerror.h11
-rw-r--r--lib/tftp.c26
-rw-r--r--lib/urldata.h1
-rw-r--r--lib/vauth/spnego_sspi.c3
-rw-r--r--lib/vtls/schannel.c40
-rw-r--r--lib/vtls/schannel_verify.c45
13 files changed, 142 insertions, 108 deletions
diff --git a/lib/connect.c b/lib/connect.c
index c30dee035..89216200d 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -446,9 +446,10 @@ static CURLcode bindlocal(struct connectdata *conn,
curl_socklen_t size = sizeof(add);
memset(&add, 0, sizeof(struct Curl_sockaddr_storage));
if(getsockname(sockfd, (struct sockaddr *) &add, &size) < 0) {
+ char buffer[STRERROR_LEN];
data->state.os_errno = error = SOCKERRNO;
failf(data, "getsockname() failed with errno %d: %s",
- error, Curl_strerror(conn, error));
+ error, Curl_strerror(error, buffer, sizeof(buffer)));
return CURLE_INTERFACE_FAILED;
}
infof(data, "Local port: %hu\n", port);
@@ -470,10 +471,12 @@ static CURLcode bindlocal(struct connectdata *conn,
else
break;
}
-
- data->state.os_errno = error = SOCKERRNO;
- failf(data, "bind failed with errno %d: %s",
- error, Curl_strerror(conn, error));
+ {
+ char buffer[STRERROR_LEN];
+ data->state.os_errno = error = SOCKERRNO;
+ failf(data, "bind failed with errno %d: %s",
+ error, Curl_strerror(error, buffer, sizeof(buffer)));
+ }
return CURLE_INTERFACE_FAILED;
}
@@ -686,11 +689,12 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd)
return;
if(!conn->bits.reuse && !conn->bits.tcp_fastopen) {
+ char buffer[STRERROR_LEN];
len = sizeof(struct Curl_sockaddr_storage);
if(getpeername(sockfd, (struct sockaddr*) &ssrem, &len)) {
int error = SOCKERRNO;
failf(data, "getpeername() failed with errno %d: %s",
- error, Curl_strerror(conn, error));
+ error, Curl_strerror(error, buffer, sizeof(buffer)));
return;
}
@@ -699,14 +703,14 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd)
if(getsockname(sockfd, (struct sockaddr*) &ssloc, &len)) {
int error = SOCKERRNO;
failf(data, "getsockname() failed with errno %d: %s",
- error, Curl_strerror(conn, error));
+ error, Curl_strerror(error, buffer, sizeof(buffer)));
return;
}
if(!getaddressinfo((struct sockaddr*)&ssrem,
conn->primary_ip, &conn->primary_port)) {
failf(data, "ssrem inet_ntop() failed with errno %d: %s",
- errno, Curl_strerror(conn, errno));
+ errno, Curl_strerror(errno, buffer, sizeof(buffer)));
return;
}
memcpy(conn->ip_addr_str, conn->primary_ip, MAX_IPADR_LEN);
@@ -714,7 +718,7 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd)
if(!getaddressinfo((struct sockaddr*)&ssloc,
conn->local_ip, &conn->local_port)) {
failf(data, "ssloc inet_ntop() failed with errno %d: %s",
- errno, Curl_strerror(conn, errno));
+ errno, Curl_strerror(errno, buffer, sizeof(buffer)));
return;
}
@@ -839,9 +843,11 @@ CURLcode Curl_is_connected(struct connectdata *conn,
if(conn->tempaddr[i]) {
CURLcode status;
char ipaddress[MAX_IPADR_LEN];
+ char buffer[STRERROR_LEN];
Curl_printable_address(conn->tempaddr[i], ipaddress, MAX_IPADR_LEN);
infof(data, "connect to %s port %ld failed: %s\n",
- ipaddress, conn->port, Curl_strerror(conn, error));
+ ipaddress, conn->port,
+ Curl_strerror(error, buffer, sizeof(buffer)));
conn->timeoutms_per_addr = conn->tempaddr[i]->ai_next == NULL ?
allow : allow / 2;
@@ -857,8 +863,8 @@ CURLcode Curl_is_connected(struct connectdata *conn,
if(result) {
/* no more addresses to try */
-
const char *hostname;
+ char buffer[STRERROR_LEN];
/* if the first address family runs out of addresses to try before
the happy eyeball timeout, go ahead and try the next family now */
@@ -878,7 +884,8 @@ CURLcode Curl_is_connected(struct connectdata *conn,
hostname = conn->host.name;
failf(data, "Failed to connect to %s port %ld: %s",
- hostname, conn->port, Curl_strerror(conn, error));
+ hostname, conn->port,
+ Curl_strerror(error, buffer, sizeof(buffer)));
}
return result;
@@ -892,6 +899,7 @@ static void tcpnodelay(struct connectdata *conn, curl_socket_t sockfd)
#endif
curl_socklen_t onoff = (curl_socklen_t) 1;
int level = IPPROTO_TCP;
+ char buffer[STRERROR_LEN];
#if defined(CURL_DISABLE_VERBOSE_STRINGS)
(void) conn;
@@ -900,7 +908,7 @@ static void tcpnodelay(struct connectdata *conn, curl_socket_t sockfd)
if(setsockopt(sockfd, level, TCP_NODELAY, (void *)&onoff,
sizeof(onoff)) < 0)
infof(data, "Could not set TCP_NODELAY: %s\n",
- Curl_strerror(conn, SOCKERRNO));
+ Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
else
infof(data, "TCP_NODELAY set\n");
#else
@@ -920,9 +928,11 @@ static void nosigpipe(struct connectdata *conn,
struct Curl_easy *data = conn->data;
int onoff = 1;
if(setsockopt(sockfd, SOL_SOCKET, SO_NOSIGPIPE, (void *)&onoff,
- sizeof(onoff)) < 0)
+ sizeof(onoff)) < 0) {
+ char buffer[STRERROR_LEN];
infof(data, "Could not set SO_NOSIGPIPE: %s\n",
- Curl_strerror(conn, SOCKERRNO));
+ Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
+ }
}
#else
#define nosigpipe(x,y) Curl_nop_stmt
@@ -998,6 +1008,7 @@ static CURLcode singleipconnect(struct connectdata *conn,
#ifdef TCP_FASTOPEN_CONNECT
int optval = 1;
#endif
+ char buffer[STRERROR_LEN];
*sockp = CURL_SOCKET_BAD;
@@ -1013,7 +1024,7 @@ static CURLcode singleipconnect(struct connectdata *conn,
ipaddress, &port)) {
/* malformed address or bug in inet_ntop, try next address */
failf(data, "sa_addr inet_ntop() failed with errno %d: %s",
- errno, Curl_strerror(conn, errno));
+ errno, Curl_strerror(errno, buffer, sizeof(buffer)));
Curl_closesocket(conn, sockfd);
return CURLE_OK;
}
@@ -1149,7 +1160,7 @@ static CURLcode singleipconnect(struct connectdata *conn,
default:
/* unknown error, fallthrough and try another address! */
infof(data, "Immediate connect fail for %s: %s\n",
- ipaddress, Curl_strerror(conn, error));
+ ipaddress, Curl_strerror(error, buffer, sizeof(buffer)));
data->state.os_errno = error;
/* connect failed */
diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c
index a4791eb41..18ee75dd9 100644
--- a/lib/curl_ntlm_wb.c
+++ b/lib/curl_ntlm_wb.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -124,6 +124,7 @@ static CURLcode ntlm_wb_init(struct connectdata *conn, const char *userp)
struct passwd pw, *pw_res;
char pwbuf[1024];
#endif
+ char buffer[STRERROR_LEN];
/* Return if communication with ntlm_auth already set up */
if(conn->ntlm_auth_hlpr_socket != CURL_SOCKET_BAD ||
@@ -179,13 +180,13 @@ static CURLcode ntlm_wb_init(struct connectdata *conn, const char *userp)
if(access(ntlm_auth, X_OK) != 0) {
failf(conn->data, "Could not access ntlm_auth: %s errno %d: %s",
- ntlm_auth, errno, Curl_strerror(conn, errno));
+ ntlm_auth, errno, Curl_strerror(errno, buffer, sizeof(buffer)));
goto done;
}
if(socketpair(AF_UNIX, SOCK_STREAM, 0, sockfds)) {
failf(conn->data, "Could not open socket pair. errno %d: %s",
- errno, Curl_strerror(conn, errno));
+ errno, Curl_strerror(errno, buffer, sizeof(buffer)));
goto done;
}
@@ -194,7 +195,7 @@ static CURLcode ntlm_wb_init(struct connectdata *conn, const char *userp)
sclose(sockfds[0]);
sclose(sockfds[1]);
failf(conn->data, "Could not fork. errno %d: %s",
- errno, Curl_strerror(conn, errno));
+ errno, Curl_strerror(errno, buffer, sizeof(buffer)));
goto done;
}
else if(!child_pid) {
@@ -206,13 +207,13 @@ static CURLcode ntlm_wb_init(struct connectdata *conn, const char *userp)
sclose_nolog(sockfds[0]);
if(dup2(sockfds[1], STDIN_FILENO) == -1) {
failf(conn->data, "Could not redirect child stdin. errno %d: %s",
- errno, Curl_strerror(conn, errno));
+ errno, Curl_strerror(errno, buffer, sizeof(buffer)));
exit(1);
}
if(dup2(sockfds[1], STDOUT_FILENO) == -1) {
failf(conn->data, "Could not redirect child stdout. errno %d: %s",
- errno, Curl_strerror(conn, errno));
+ errno, Curl_strerror(errno, buffer, sizeof(buffer)));
exit(1);
}
@@ -232,7 +233,7 @@ static CURLcode ntlm_wb_init(struct connectdata *conn, const char *userp)
sclose_nolog(sockfds[1]);
failf(conn->data, "Could not execl(). errno %d: %s",
- errno, Curl_strerror(conn, errno));
+ errno, Curl_strerror(errno, buffer, sizeof(buffer)));
exit(1);
}
diff --git a/lib/ftp.c b/lib/ftp.c
index c5f954000..45555f2a3 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -955,7 +955,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
unsigned short port_max = 0;
unsigned short port;
bool possibly_non_local = TRUE;
-
+ char buffer[STRERROR_LEN];
char *addr = NULL;
/* Step 1, figure out what is requested,
@@ -1064,11 +1064,10 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
if(!host) {
/* not an interface and not a host name, get default by extracting
the IP from the control connection */
-
sslen = sizeof(ss);
if(getsockname(conn->sock[FIRSTSOCKET], sa, &sslen)) {
failf(data, "getsockname() failed: %s",
- Curl_strerror(conn, SOCKERRNO) );
+ Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
free(addr);
return CURLE_FTP_PORT_FAILED;
}
@@ -1121,7 +1120,8 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
break;
}
if(!ai) {
- failf(data, "socket failure: %s", Curl_strerror(conn, error));
+ failf(data, "socket failure: %s",
+ Curl_strerror(error, buffer, sizeof(buffer)));
return CURLE_FTP_PORT_FAILED;
}
@@ -1145,14 +1145,13 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
/* The requested bind address is not local. Use the address used for
* the control connection instead and restart the port loop
*/
-
infof(data, "bind(port=%hu) on non-local address failed: %s\n", port,
- Curl_strerror(conn, error) );
+ Curl_strerror(error, buffer, sizeof(buffer)));
sslen = sizeof(ss);
if(getsockname(conn->sock[FIRSTSOCKET], sa, &sslen)) {
failf(data, "getsockname() failed: %s",
- Curl_strerror(conn, SOCKERRNO) );
+ Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
Curl_closesocket(conn, portsock);
return CURLE_FTP_PORT_FAILED;
}
@@ -1162,7 +1161,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
}
if(error != EADDRINUSE && error != EACCES) {
failf(data, "bind(port=%hu) failed: %s", port,
- Curl_strerror(conn, error) );
+ Curl_strerror(error, buffer, sizeof(buffer)));
Curl_closesocket(conn, portsock);
return CURLE_FTP_PORT_FAILED;
}
@@ -1185,7 +1184,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
sslen = sizeof(ss);
if(getsockname(portsock, (struct sockaddr *)sa, &sslen)) {
failf(data, "getsockname() failed: %s",
- Curl_strerror(conn, SOCKERRNO) );
+ Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
Curl_closesocket(conn, portsock);
return CURLE_FTP_PORT_FAILED;
}
@@ -1193,7 +1192,8 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
/* step 4, listen on the socket */
if(listen(portsock, 1)) {
- failf(data, "socket failure: %s", Curl_strerror(conn, SOCKERRNO));
+ failf(data, "socket failure: %s",
+ Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
Curl_closesocket(conn, portsock);
return CURLE_FTP_PORT_FAILED;
}
diff --git a/lib/hostip6.c b/lib/hostip6.c
index e06d0343a..fb2f35ce3 100644
--- a/lib/hostip6.c
+++ b/lib/hostip6.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -101,14 +101,15 @@ static void dump_addrinfo(struct connectdata *conn, const Curl_addrinfo *ai)
{
printf("dump_addrinfo:\n");
for(; ai; ai = ai->ai_next) {
- char buf[INET6_ADDRSTRLEN];
-
+ char buf[INET6_ADDRSTRLEN];
+ char buffer[STRERROR_LEN];
printf(" fam %2d, CNAME %s, ",
ai->ai_family, ai->ai_canonname ? ai->ai_canonname : "<none>");
if(Curl_printable_address(ai, buf, sizeof(buf)))
printf("%s\n", buf);
else
- printf("failed; %s\n", Curl_strerror(conn, SOCKERRNO));
+ printf("failed; %s\n",
+ Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
}
}
#else
diff --git a/lib/sendf.c b/lib/sendf.c
index e8598e617..5008d9333 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -411,8 +411,9 @@ ssize_t Curl_send_plain(struct connectdata *conn, int num,
*code = CURLE_AGAIN;
}
else {
+ char buffer[STRERROR_LEN];
failf(conn->data, "Send failure: %s",
- Curl_strerror(conn, err));
+ Curl_strerror(err, buffer, sizeof(buffer)));
conn->data->state.os_errno = err;
*code = CURLE_SEND_ERROR;
}
@@ -476,8 +477,9 @@ ssize_t Curl_recv_plain(struct connectdata *conn, int num, char *buf,
*code = CURLE_AGAIN;
}
else {
+ char buffer[STRERROR_LEN];
failf(conn->data, "Recv failure: %s",
- Curl_strerror(conn, err));
+ Curl_strerror(err, buffer, sizeof(buffer)));
conn->data->state.os_errno = err;
*code = CURLE_RECV_ERROR;
}
diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c
index bedb01ebb..57027ef68 100644
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2012 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 2009, 2011, Markus Moeller, <markus_moeller@compuserve.com>
*
* This software is licensed as described in the file COPYING, which
@@ -51,8 +51,9 @@ static int check_sspi_err(struct connectdata *conn,
status != SEC_I_COMPLETE_AND_CONTINUE &&
status != SEC_I_COMPLETE_NEEDED &&
status != SEC_I_CONTINUE_NEEDED) {
+ char buffer[STRERROR_LEN];
failf(conn->data, "SSPI error: %s failed: %s", function,
- Curl_sspi_strerror(conn, status));
+ Curl_sspi_strerror(status, buffer, sizeof(buffer)));
return 1;
}
return 0;
diff --git a/lib/strerror.c b/lib/strerror.c
index bf30c8907..e273f3765 100644
--- a/lib/strerror.c
+++ b/lib/strerror.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2004 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2004 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -646,20 +646,18 @@ get_winsock_error (int err, char *buf, size_t len)
* We don't do range checking (on systems other than Windows) since there is
* no good reliable and portable way to do it.
*/
-const char *Curl_strerror(struct connectdata *conn, int err)
+const char *Curl_strerror(int err, char *buf, size_t buflen)
{
#ifdef PRESERVE_WINDOWS_ERROR_CODE
DWORD old_win_err = GetLastError();
#endif
int old_errno = errno;
- char *buf, *p;
+ char *p;
size_t max;
- DEBUGASSERT(conn);
DEBUGASSERT(err >= 0);
- buf = conn->syserr_buf;
- max = sizeof(conn->syserr_buf)-1;
+ max = buflen - 1;
*buf = '\0';
#ifdef USE_WINSOCK
@@ -757,7 +755,7 @@ const char *Curl_strerror(struct connectdata *conn, int err)
}
#ifdef USE_WINDOWS_SSPI
-const char *Curl_sspi_strerror (struct connectdata *conn, int err)
+const char *Curl_sspi_strerror(int err, char *buf, size_t buflen)
{
#ifdef PRESERVE_WINDOWS_ERROR_CODE
DWORD old_win_err = GetLastError();
@@ -768,15 +766,13 @@ const char *Curl_sspi_strerror (struct connectdata *conn, int err)
size_t outmax;
#ifndef CURL_DISABLE_VERBOSE_STRINGS
char txtbuf[80];
- char msgbuf[sizeof(conn->syserr_buf)];
+ char msgbuf[256];
char *p, *str, *msg = NULL;
bool msg_formatted = FALSE;
#endif
- DEBUGASSERT(conn);
-
- outbuf = conn->syserr_buf;
- outmax = sizeof(conn->syserr_buf)-1;
+ outbuf = buf;
+ outmax = buflen - 1;
*outbuf = '\0';
#ifndef CURL_DISABLE_VERBOSE_STRINGS
diff --git a/lib/strerror.h b/lib/strerror.h
index 627273eb2..683b5b4a3 100644
--- a/lib/strerror.h
+++ b/lib/strerror.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,14 +24,11 @@
#include "urldata.h"
-const char *Curl_strerror (struct connectdata *conn, int err);
-
-#ifdef USE_LIBIDN2
-const char *Curl_idn_strerror (struct connectdata *conn, int err);
-#endif
+#define STRERROR_LEN 128 /* a suitable length */
+const char *Curl_strerror(int err, char *buf, size_t buflen);
#ifdef USE_WINDOWS_SSPI
-const char *Curl_sspi_strerror (struct connectdata *conn, int err);
+const char *Curl_sspi_strerror(int err, char *buf, size_t buflen);
#endif
#endif /* HEADER_CURL_STRERROR_H */
diff --git a/lib/tftp.c b/lib/tftp.c
index 269b3cde4..0f48d9e27 100644
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -540,7 +540,8 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event)
state->conn->ip_addr->ai_addr,
state->conn->ip_addr->ai_addrlen);
if(senddata != (ssize_t)sbytes) {
- failf(data, "%s", Curl_strerror(state->conn, SOCKERRNO));
+ char buffer[STRERROR_LEN];
+ failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
}
free(filename);
break;
@@ -590,6 +591,7 @@ static CURLcode tftp_rx(tftp_state_data_t *state, tftp_event_t event)
ssize_t sbytes;
int rblock;
struct Curl_easy *data = state->conn->data;
+ char buffer[STRERROR_LEN];
switch(event) {
@@ -622,7 +624,7 @@ static CURLcode tftp_rx(tftp_state_data_t *state, tftp_event_t event)
(struct sockaddr *)&state->remote_addr,
state->remote_addrlen);
if(sbytes < 0) {
- failf(data, "%s", Curl_strerror(state->conn, SOCKERRNO));
+ failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
return CURLE_SEND_ERROR;
}
@@ -647,7 +649,7 @@ static CURLcode tftp_rx(tftp_state_data_t *state, tftp_event_t event)
(struct sockaddr *)&state->remote_addr,
state->remote_addrlen);
if(sbytes < 0) {
- failf(data, "%s", Curl_strerror(state->conn, SOCKERRNO));
+ failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
return CURLE_SEND_ERROR;
}
@@ -673,7 +675,7 @@ static CURLcode tftp_rx(tftp_state_data_t *state, tftp_event_t event)
(struct sockaddr *)&state->remote_addr,
state->remote_addrlen);
if(sbytes<0) {
- failf(data, "%s", Curl_strerror(state->conn, SOCKERRNO));
+ failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
return CURLE_SEND_ERROR;
}
}
@@ -713,6 +715,7 @@ static CURLcode tftp_tx(tftp_state_data_t *state, tftp_event_t event)
CURLcode result = CURLE_OK;
struct SingleRequest *k = &data->req;
size_t cb; /* Bytes currently read */
+ char buffer[STRERROR_LEN];
switch(event) {
@@ -747,7 +750,8 @@ static CURLcode tftp_tx(tftp_state_data_t *state, tftp_event_t event)
state->remote_addrlen);
/* Check all sbytes were sent */
if(sbytes<0) {
- failf(data, "%s", Curl_strerror(state->conn, SOCKERRNO));
+ failf(data, "%s", Curl_strerror(SOCKERRNO,
+ buffer, sizeof(buffer)));
result = CURLE_SEND_ERROR;
}
}
@@ -791,7 +795,7 @@ static CURLcode tftp_tx(tftp_state_data_t *state, tftp_event_t event)
state->remote_addrlen);
/* Check all sbytes were sent */
if(sbytes<0) {
- failf(data, "%s", Curl_strerror(state->conn, SOCKERRNO));
+ failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
return CURLE_SEND_ERROR;
}
/* Update the progress meter */
@@ -817,7 +821,7 @@ static CURLcode tftp_tx(tftp_state_data_t *state, tftp_event_t event)
state->remote_addrlen);
/* Check all sbytes were sent */
if(sbytes<0) {
- failf(data, "%s", Curl_strerror(state->conn, SOCKERRNO));
+ failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
return CURLE_SEND_ERROR;
}
/* since this was a re-send, we remain at the still byte position */
@@ -1030,8 +1034,9 @@ static CURLcode tftp_connect(struct connectdata *conn, bool *done)
int rc = bind(state->sockfd, (struct sockaddr *)&state->local_addr,
conn->ip_addr->ai_addrlen);
if(rc) {
+ char buffer[STRERROR_LEN];
failf(conn->data, "bind() failed; %s",
- Curl_strerror(conn, SOCKERRNO));
+ Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
return CURLE_COULDNT_CONNECT;
}
conn->bits.bound = TRUE;
@@ -1251,7 +1256,8 @@ static CURLcode tftp_multi_statemach(struct connectdata *conn, bool *done)
if(rc == -1) {
/* bail out */
int error = SOCKERRNO;
- failf(data, "%s", Curl_strerror(conn, error));
+ char buffer[STRERROR_LEN];
+ failf(data, "%s", Curl_strerror(error, buffer, sizeof(buffer)));
state->event = TFTP_EVENT_ERROR;
}
else if(rc != 0) {
diff --git a/lib/urldata.h b/lib/urldata.h
index cdedb8fb1..8258b920a 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -1005,7 +1005,6 @@ struct connectdata {
#endif
#endif
- char syserr_buf [256]; /* buffer for Curl_strerror() */
/* data used for the asynch name resolve callback */
struct Curl_async async;
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index 00d840465..98c471e58 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -248,8 +248,9 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
free(chlg);
if(GSS_ERROR(nego->status)) {
+ char buffer[STRERROR_LEN];
failf(data, "InitializeSecurityContext failed: %s",
- Curl_sspi_strerror(data->conn, nego->status));
+ Curl_sspi_strerror(nego->status, buffer, sizeof(buffer)));
return CURLE_OUT_OF_MEMORY;
}
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 36e68f969..39ac080e8 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -687,8 +687,9 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
CertFreeCertificateContext(client_certs[0]);
if(sspi_status != SEC_E_OK) {
+ char buffer[STRERROR_LEN];
failf(data, "schannel: AcquireCredentialsHandle failed: %s",
- Curl_sspi_strerror(conn, sspi_status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
Curl_safefree(BACKEND->cred);
switch(sspi_status) {
case SEC_E_INSUFFICIENT_MEMORY:
@@ -803,15 +804,16 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
Curl_unicodefree(host_name);
if(sspi_status != SEC_I_CONTINUE_NEEDED) {
+ char buffer[STRERROR_LEN];
Curl_safefree(BACKEND->ctxt);
switch(sspi_status) {
case SEC_E_INSUFFICIENT_MEMORY:
failf(data, "schannel: initial InitializeSecurityContext failed: %s",
- Curl_sspi_strerror(conn, sspi_status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
return CURLE_OUT_OF_MEMORY;
case SEC_E_WRONG_PRINCIPAL:
failf(data, "schannel: SNI or certificate check failed: %s",
- Curl_sspi_strerror(conn, sspi_status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
return CURLE_PEER_FAILED_VERIFICATION;
/*
case SEC_E_INVALID_HANDLE:
@@ -826,7 +828,7 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
*/
default:
failf(data, "schannel: initial InitializeSecurityContext failed: %s",
- Curl_sspi_strerror(conn, sspi_status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
return CURLE_SSL_CONNECT_ERROR;
}
}
@@ -1047,14 +1049,15 @@ schannel_connect_step2(struct connectdata *conn, int sockindex)
}
}
else {
+ char buffer[STRERROR_LEN];
switch(sspi_status) {
case SEC_E_INSUFFICIENT_MEMORY:
failf(data, "schannel: next InitializeSecurityContext failed: %s",
- Curl_sspi_strerror(conn, sspi_status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
return CURLE_OUT_OF_MEMORY;
case SEC_E_WRONG_PRINCIPAL:
failf(data, "schannel: SNI or certificate check failed: %s",
- Curl_sspi_strerror(conn, sspi_status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
return CURLE_PEER_FAILED_VERIFICATION;
/*
case SEC_E_INVALID_HANDLE:
@@ -1069,7 +1072,7 @@ schannel_connect_step2(struct connectdata *conn, int sockindex)
*/
default:
failf(data, "schannel: next InitializeSecurityContext failed: %s",
- Curl_sspi_strerror(conn, sspi_status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
return CURLE_SSL_CONNECT_ERROR;
}
}
@@ -1851,9 +1854,10 @@ schannel_recv(struct connectdata *conn, int sockindex,
goto cleanup;
}
else {
+ char buffer[STRERROR_LEN];
*err = CURLE_RECV_ERROR;
infof(data, "schannel: failed to read data from server: %s\n",
- Curl_sspi_strerror(conn, sspi_status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
goto cleanup;
}
}
@@ -2003,9 +2007,11 @@ static int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
sspi_status = s_pSecFn->ApplyControlToken(&BACKEND->ctxt->ctxt_handle,
&BuffDesc);
- if(sspi_status != SEC_E_OK)
+ if(sspi_status != SEC_E_OK) {
+ char buffer[STRERROR_LEN];
failf(data, "schannel: ApplyControlToken failure: %s",
- Curl_sspi_strerror(conn, sspi_status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
+ }
host_name = Curl_convert_UTF8_to_tchar(hostname);
if(!host_name)
@@ -2123,7 +2129,7 @@ static CURLcode Curl_schannel_random(struct Curl_easy *data UNUSED_PARAM,
static CURLcode pkp_pin_peer_pubkey(struct connectdata *conn, int sockindex,
const char *pinnedpubkey)
{
- SECURITY_STATUS status;
+ SECURITY_STATUS sspi_status;
struct Curl_easy *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
CERT_CONTEXT *pCertContextServer = NULL;
@@ -2140,13 +2146,15 @@ static CURLcode pkp_pin_peer_pubkey(struct connectdata *conn, int sockindex,
return CURLE_OK;
do {
- status = s_pSecFn->QueryContextAttributes(&BACKEND->ctxt->ctxt_handle,
- SECPKG_ATTR_REMOTE_CERT_CONTEXT,
- &pCertContextServer);
+ sspi_status =
+ s_pSecFn->QueryContextAttributes(&BACKEND->ctxt->ctxt_handle,
+ SECPKG_ATTR_REMOTE_CERT_CONTEXT,
+ &pCertContextServer);
- if((status != SEC_E_OK) || (pCertContextServer == NULL)) {
+ if((sspi_status != SEC_E_OK) || (pCertContextServer == NULL)) {
+ char buffer[STRERROR_LEN];
failf(data, "schannel: Failed to read remote certificate context: %s",
- Curl_sspi_strerror(conn, status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
break; /* failed */
}
diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index 680f6ec5d..5a09e969e 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -96,9 +96,10 @@ static CURLcode add_certs_to_store(HCERTSTORE trust_store,
ca_file_tstr = Curl_convert_UTF8_to_tchar((char *)ca_file);
if(!ca_file_tstr) {
+ char buffer[STRERROR_LEN];
failf(data,
"schannel: invalid path name for CA file '%s': %s",
- ca_file, Curl_strerror(conn, GetLastError()));
+ ca_file, Curl_strerror(GetLastError(), buffer, sizeof(buffer)));
result = CURLE_SSL_CACERT_BADFILE;
goto cleanup;
}
@@ -116,17 +117,19 @@ static CURLcode add_certs_to_store(HCERTSTORE trust_store,
FILE_ATTRIBUTE_NORMAL,
NULL);
if(ca_file_handle == INVALID_HANDLE_VALUE) {
+ char buffer[STRERROR_LEN];
failf(data,
"schannel: failed to open CA file '%s': %s",
- ca_file, Curl_strerror(conn, GetLastError()));
+ ca_file, Curl_strerror(GetLastError(), buffer, sizeof(buffer)));
result = CURLE_SSL_CACERT_BADFILE;
goto cleanup;
}
if(!GetFileSizeEx(ca_file_handle, &file_size)) {
+ char buffer[STRERROR_LEN];
failf(data,
"schannel: failed to determine size of CA file '%s': %s",
- ca_file, Curl_strerror(conn, GetLastError()));
+ ca_file, Curl_strerror(GetLastError(), buffer, sizeof(buffer)));
result = CURLE_SSL_CACERT_BADFILE;
goto cleanup;
}
@@ -153,10 +156,10 @@ static CURLcode add_certs_to_store(HCERTSTORE trust_store,
if(!ReadFile(ca_file_handle, ca_file_buffer + total_bytes_read,
bytes_to_read, &bytes_read, NULL)) {
-
+ char buffer[STRERROR_LEN];
failf(data,
"schannel: failed to read from CA file '%s': %s",
- ca_file, Curl_strerror(conn, GetLastError()));
+ ca_file, Curl_strerror(GetLastError(), buffer, sizeof(buffer)));
result = CURLE_SSL_CACERT_BADFILE;
goto cleanup;
}
@@ -215,11 +218,12 @@ static CURLcode add_certs_to_store(HCERTSTORE trust_store,
NULL,
NULL,
(const void **)&cert_context)) {
-
+ char buffer[STRERROR_LEN];
failf(data,
"schannel: failed to extract certificate from CA file "
"'%s': %s",
- ca_file, Curl_strerror(conn, GetLastError()));
+ ca_file,
+ Curl_strerror(GetLastError(), buffer, sizeof(buffer)));
result = CURLE_SSL_CACERT_BADFILE;
more_certs = 0;
}
@@ -243,10 +247,12 @@ static CURLcode add_certs_to_store(HCERTSTORE trust_store,
NULL);
CertFreeCertificateContext(cert_context);
if(!add_cert_result) {
+ char buffer[STRERROR_LEN];
failf(data,
"schannel: failed to add certificate from CA file '%s' "
"to certificate store: %s",
- ca_file, Curl_strerror(conn, GetLastError()));
+ ca_file,
+ Curl_strerror(GetLastError(), buffer, sizeof(buffer)));
result = CURLE_SSL_CACERT_BADFILE;
more_certs = 0;
}
@@ -408,7 +414,7 @@ cleanup:
CURLcode Curl_verify_certificate(struct connectdata *conn, int sockindex)
{
- SECURITY_STATUS status;
+ SECURITY_STATUS sspi_status;
struct Curl_easy *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
CURLcode result = CURLE_OK;
@@ -420,13 +426,15 @@ CURLcode Curl_verify_certificate(struct connectdata *conn, int sockindex)
conn->http_proxy.host.name :
conn->host.name;
- status = s_pSecFn->QueryContextAttributes(&BACKEND->ctxt->ctxt_handle,
- SECPKG_ATTR_REMOTE_CERT_CONTEXT,
- &pCertContextServer);
+ sspi_status =
+ s_pSecFn->QueryContextAttributes(&BACKEND->ctxt->ctxt_handle,
+ SECPKG_ATTR_REMOTE_CERT_CONTEXT,
+ &pCertContextServer);
- if((status != SEC_E_OK) || (pCertContextServer == NULL)) {
+ if((sspi_status != SEC_E_OK) || (pCertContextServer == NULL)) {
+ char buffer[STRERROR_LEN];
failf(data, "schannel: Failed to read remote certificate context: %s",
- Curl_sspi_strerror(conn, status));
+ Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
result = CURLE_PEER_FAILED_VERIFICATION;
}
@@ -450,8 +458,9 @@ CURLcode Curl_verify_certificate(struct connectdata *conn, int sockindex)
CERT_STORE_CREATE_NEW_FLAG,
NULL);
if(!trust_store) {
+ char buffer[STRERROR_LEN];
failf(data, "schannel: failed to create certificate store: %s",
- Curl_strerror(conn, GetLastError()));
+ Curl_strerror(GetLastError(), buffer, sizeof(buffer)));
result = CURLE_SSL_CACERT_BADFILE;
}
else {
@@ -477,9 +486,10 @@ CURLcode Curl_verify_certificate(struct connectdata *conn, int sockindex)
CertCreateCertificateChainEngine(
(CERT_CHAIN_ENGINE_CONFIG *)&engine_config, &cert_chain_engine);
if(!create_engine_result) {
+ char buffer[STRERROR_LEN];
failf(data,
"schannel: failed to create certificate chain engine: %s",
- Curl_strerror(conn, GetLastError()));
+ Curl_strerror(GetLastError(), buffer, sizeof(buffer)));
result = CURLE_SSL_CACERT_BADFILE;
}
}
@@ -500,8 +510,9 @@ CURLcode Curl_verify_certificate(struct connectdata *conn, int sockindex)
CERT_CHAIN_REVOCATION_CHECK_CHAIN),
NULL,
&pChainContext)) {
+ char buffer[STRERROR_LEN];
failf(data, "schannel: CertGetCertificateChain failed: %s",
- Curl_sspi_strerror(conn, GetLastError()));
+ Curl_strerror(GetLastError(), buffer, sizeof(buffer)));
pChainContext = NULL;
result = CURLE_PEER_FAILED_VERIFICATION;
}