summaryrefslogtreecommitdiff
path: root/lib/conncache.c
Commit message (Collapse)AuthorAgeFilesLines
* conncache: download buffer needs +1 size for trailing zeroDaniel Stenberg2020-05-311-1/+1
| | | | | Follow-up to c4e6968127e Detected by OSS-Fuzz: https://oss-fuzz.com/testcase-detail/5727799779524608
* build: disable more code/data when built without proxy supportDaniel Stenberg2020-05-301-2/+5
| | | | | | Added build to travis to verify Closes #5466
* url: alloc the download buffer at transfer startDaniel Stenberg2020-05-301-0/+6
| | | | | | | | | | | ... and free it as soon as the transfer is done. It removes the extra alloc when a new size is set with setopt() and reduces memory for unused easy handles. In addition: the closure_handle now doesn't use an allocated buffer at all but the smallest supported size as a stack based one. Closes #5472
* conncache: various concept cleanupsDaniel Stenberg2020-04-301-47/+40
| | | | | | | | | | | | | | | | More connection cache accesses are protected by locks. CONNCACHE_* is a beter prefix for the connection cache lock macros. Curl_attach_connnection: now called as soon as there's a connection struct available and before the connection is added to the connection cache. Curl_disconnect: now assumes that the connection is already removed from the connection cache. Ref: #4915 Closes #5009
* conncache: removed unused Curl_conncache_bundle_size()Daniel Stenberg2020-01-241-13/+1
|
* conncache: CONNECT_ONLY connections assumed always in-useDaniel Stenberg2019-12-111-1/+2
| | | | | | | | | | | | | | | This makes them never to be considered "the oldest" to be discarded when reaching the connection cache limit. The reasoning here is that CONNECT_ONLY is primarily used in combination with using the connection's socket post connect and since that is used outside of curl's knowledge we must assume that it is in use until explicitly closed. Reported-by: Pavel Pavlov Reported-by: Pavel Löbl Fixes #4426 Fixes #4369 Closes #4696
* conncache: fix multi-thread use of shared connection cacheDaniel Stenberg2019-12-091-26/+4
| | | | | | | | | It could accidentally let the connection get used by more than one thread, leading to double-free and more. Reported-by: Christopher Reid Fixes #4544 Closes #4557
* url: make Curl_close() NULLify the pointer tooDaniel Stenberg2019-10-301-5/+3
| | | | | | | This is the common pattern used in the code and by a unified approach we avoid mistakes. Closes #4534
* conncache: Remove the DEBUGASSERT on length checkSteve Holme2019-05-291-4/+4
| | | | | | We trust the calling code as this is an internal function. Closes #3962
* url: default conn->port to the same as conn->remote_portDaniel Stenberg2019-05-281-2/+5
| | | | | | | | | | | | | | ... so that it has a sensible value when ConnectionExists() is called which needs it set to differentiate host "bundles" correctly on port number! Also, make conncache:hashkey() use correct port for bundles that are proxy vs host connections. Probably a regression from 7.62.0 Reported-by: Tom van der Woerdt Fixes #3956 Closes #3957
* conncache: make "bundles" per host name when doing proxy tunnelsDaniel Stenberg2019-05-281-8/+12
| | | | | | | | | Only HTTP proxy use where multiple host names can be used over the same connection should use the proxy host name for bundles. Reported-by: Tom van der Woerdt Fixes #3951 Closes #3955
* CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuseDaniel Stenberg2019-04-211-2/+3
| | | | | | | | | ... and disconnect too old ones instead of trying to reuse. Default max age is set to 118 seconds. Ref: #3722 Closes #3782
* conncache: use conn->data to know if a transfer owns itDaniel Stenberg2019-03-171-2/+3
| | | | | | | | | | | | | - make sure an already "owned" connection isn't returned unless multiplexed. - clear ->data when returning the connection to the cache again Regression since 7.62.0 (probably in commit 1b76c38904f0) Bug: https://curl.haxx.se/mail/lib-2019-03/0064.html Closes #3686
* cleanup: make local functions staticDaniel Stenberg2019-02-101-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | urlapi: turn three local-only functions into statics conncache: make conncache_find_first_connection static multi: make detach_connnection static connect: make getaddressinfo static curl_ntlm_core: make hmac_md5 static http2: make two functions static http: make http_setup_conn static connect: make tcpnodelay static tests: make UNITTEST a thing to mark functions with, so they can be static for normal builds and non-static for unit test builds ... and mark Curl_shuffle_addr accordingly. url: make up_free static setopt: make vsetopt static curl_endian: make write32_le static rtsp: make rtsp_connisdead static warnless: remove unused functions memdebug: remove one unused function, made another static
* urldata: rename easy_conn to just connDaniel Stenberg2019-01-111-3/+1
| | | | | | | | | | | | | | | We use "conn" everywhere to be a pointer to the connection. Introduces two functions that "attaches" and "detaches" the connection to and from the transfer. Going forward, we should favour using "data->conn" (since a transfer always only has a single connection or none at all) to "conn->data" (since a connection can have none, one or many transfers associated with it and updating conn->data to be correct is error prone and a frequent reason for internal issues). Closes #3442
* conncache_unlock: avoid indirection by changing input argument typeDaniel Stenberg2018-12-221-2/+2
|
* disconnect: separate connections and easy handles betterDaniel Stenberg2018-12-221-2/+8
| | | | | | | | | | | | Do not assume/store assocation between a given easy handle and the connection if it can be avoided. Long-term, the 'conn->data' pointer should probably be removed as it is a little too error-prone. Still used very widely though. Reported-by: masbug on github Fixes #3391 Closes #3400
* snprintf: renamed and we now only use msnprintf()Daniel Stenberg2018-11-231-1/+1
| | | | | | | | | | | The function does not return the same value as snprintf() normally does, so readers may be mislead into thinking the code works differently than it actually does. A different function name makes this easier to detect. Reported-by: Tomas Hoger Assisted-by: Daniel Gustafsson Fixes #3296 Closes #3297
* vtls: set conn->data when closing TLSDaniel Stenberg2018-07-221-1/+0
| | | | | | | | | Follow-up to 1b76c38904f0. The VTLS backends that close down the TLS layer for a connection still needs a Curl_easy handle for the session_id cache etc. Fixes #2764 Closes #2771
* conn: remove the boolean 'inuse' fieldDaniel Stenberg2018-07-111-18/+12
| | | | ... as the usage needs to be counted.
* url: check Curl_conncache_add_conn return codeDaniel Stenberg2018-06-251-11/+4
| | | | | | | ... it was previously unchecked in two places and thus errors could remain undetected and cause trouble. Closes #2681
* url: fix dangling conn->data pointerDaniel Stenberg2018-06-211-1/+2
| | | | | | | | | | | By masking sure to use the *current* easy handle with extracted connections from the cache, and make sure to NULLify the ->data pointer when the connection is put into the cache to make this mistake easier to detect in the future. Reported-by: Will Dietz Fixes #2669 Closes #2672
* strictness: correct {infof, failf} format specifiersRikard Falkeborn2018-05-311-11/+8
| | | | Closes #2623
* conncache: fix a return code [regression]Daniel Stenberg2017-12-121-1/+1
| | | | | This broke in 07cb27c98e. Make sure to return 'result' properly. Pointed out by scan-build!
* conncache: fix several lock issuesDaniel Stenberg2017-12-051-33/+189
| | | | | | | | | If the lock is released before the dealings with the bundle is over, it may have changed by another thread in the mean time. Fixes #2132 Fixes #2151 Closes #2139
* share: add support for sharing the connection cacheDaniel Stenberg2017-11-091-8/+133
|
* llist: no longer uses mallocDaniel Stenberg2017-04-221-5/+3
| | | | | | | | | | | | The 'list element' struct now has to be within the data that is being added to the list. Removes 16.6% (tiny) mallocs from a simple HTTP transfer. (96 => 80) Also removed return codes since the llist functions can't fail now. Test 1300 updated accordingly. Closes #1435
* llist: replace Curl_llist_alloc with Curl_llist_initDaniel Stenberg2017-04-041-14/+8
| | | | | | | | No longer allocate the curl_llist head struct for lists separately. Removes 17 (15%) tiny allocations in a normal "curl localhost" invoke. closes #1381
* conncache: make hashkey avoid mallocDaniel Stenberg2017-03-291-18/+15
| | | | | | ... to make it much faster. Idea developed with primepie on IRC. Closes #1365
* string formatting: fix 4 printf-style format stringsMichael Kaufmann2017-02-191-1/+1
|
* proxy: Support HTTPS proxy and SOCKS+HTTP(s)Alex Rousskov2016-11-241-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
* strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg2016-10-311-1/+0
| | | | | We had some confusions on when each function was used. We should not act differently on different locales anyway.
* internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg2016-06-221-2/+2
|
* connections: non-HTTP proxies on different ports aren't reused eitherDaniel Stenberg2016-05-031-1/+1
| | | | | | Reported-by: Oleg Pudeyev and fuchaoqun Fixes #648
* lib: include curl_printf.h as one of the last headersDaniel Stenberg2016-04-291-3/+2
| | | | | | | | | | | | | | | | | | | | curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743
* news: CURLOPT_CONNECT_TO and --connect-toMichael Kaufmann2016-04-171-3/+10
| | | | | Makes curl connect to the given host+port instead of the host+port found in the URL.
* URLs: change all http:// URLs to https://Daniel Stenberg2016-02-031-1/+1
|
* conncache: fixed memory leak on OOM (torture tests)Dan Fandrich2015-05-241-1/+3
|
* hostip: fix unintended destruction of hash tableAnthony Avina2015-05-181-1/+1
| | | | .. and added unit1602 for hash.c
* bundles: store no/default/pipeline/multiplexDaniel Stenberg2015-05-181-4/+2
| | | | | | | to allow code to act differently on the situation. Also added some more info message for the connection re-use function to make it clearer when connections are not re-used.
* Curl_conncache_add_conn: fix memory leak on OOMDaniel Stenberg2015-05-141-1/+3
|
* conncache: keep bundles on host+port bases, not only host namesDaniel Stenberg2015-05-121-11/+27
| | | | | | | | Previously we counted all connections to a specific host name and that would be used for the CURLMOPT_MAX_HOST_CONNECTIONS check for example, while servers on different port numbers are normally considered different "origins" on the web and should thus be considered different hosts.
* bundles: merged into conncache.cDaniel Stenberg2015-05-121-6/+79
| | | | | | All the existing Curl_bundle* functions were only ever used from within the conncache.c file, so I moved them over and made them static (and removed the Curl_ prefix).
* connection cache: avoid Curl_hash_alloc()Daniel Stenberg2015-05-121-27/+11
| | | | | ... by using plain structs instead of pointers for the connection cache, we can avoid several dynamic allocations that weren't necessary.
* proxy: re-use proxy connections (regression)Daniel Stenberg2015-03-111-7/+9
| | | | | | | | | | When checking for a connection to re-use, a proxy-using request must check for and use a proxy connection and not one based on the host name! Added test 1421 to verify Bug: http://curl.haxx.se/bug/view.cgi?id=1492
* conncache: Fixed specifiers in infof() for long and size_t variablesSteve Holme2014-11-191-5/+6
|
* debug: added new connection cache output, plus fixupsCarlo Wood2014-11-181-0/+4
| | | | | | | | | | | | | Debug output 'typo' fix. Don't print an extra "0x" in * Pipe broke: handle 0x0x2546d88, url = / Add debug output. Print the number of connections in the connection cache when adding one, and not only when one is removed. Fix typos in comments.
* code cleanup: we prefer 'CURLcode result'Daniel Stenberg2014-10-241-2/+2
| | | | | | | | | | | | | | ... for the local variable name in functions holding the return code. Using the same name universally makes code easier to read and follow. Also, unify code for checking for CURLcode errors with: if(result) or if(!result) instead of if(result == CURLE_OK), if(CURLE_OK == result) or if(result != CURLE_OK)
* cleanups: reduce variable scopeDaniel Stenberg2014-10-141-3/+2
| | | | cppcheck pointed these out.
* create_conn: prune dead connectionsFrank Meier2014-08-121-2/+1
| | | | | | | | | | | | | Bringing back the old functionality that was mistakenly removed when the connection cache was remade. When creating a new connection, all the existing ones are checked and those that are known to be dead get disconnected for real and removed from the connection cache. It helps the cache from holding on to very many stale connections and aids in keeping down the number of system sockets in wait states. Help-by: Jonatan Vela <jonatan.vela@ergon.ch> Bug: http://curl.haxx.se/mail/lib-2014-06/0189.html