- 10 Mar, 2018 4 commits
-
-
Our curl-based streams make use of the easy curl interface. This interface automatically initializes and de-initializes the global curl state by calling out to `curl_global_init` and `curl_global_cleanup`. Thus, all global state will be repeatedly re-initialized when creating multiple curl streams in succession. Despite being inefficient, this is not thread-safe due to `curl_global_init` being not thread-safe itself. Thus a multi-threaded programing handling multiple curl streams at the same time is inherently racy. Fix the issue by globally initializing and cleaning up curl's state.
Patrick Steinhardt committed -
Carlos Martín Nieto committed
-
Carlos Martín Nieto committed
-
Carlos Martín Nieto committed
-
- 15 Nov, 2016 1 commit
-
-
The `CURLINFO_LASTSOCKET` information has been deprecated since curl version 7.45.0 as it may result in an overflow in the returned socket on certain systems, most importantly on 64 bit Windows. Instead, a new call `CURLINFO_ACTIVESOCKET` has been added which instead returns a `curl_socket_t`, which is always sufficiently long to store a socket. As we need to provide backwards compatibility with curl versions smaller than 7.45.0, alias CURLINFO_ACTIVESOCKET to CURLINFO_LASTSOCKET on platforms without CURLINFO_ACTIVESOCKET.
Patrick Steinhardt committed
-
- 11 Nov, 2016 1 commit
-
-
We're recently trying to upgrade to the current master of libgit2 in Cargo but we're unfortunately hitting a segfault in one of our tests. This particular test is just a small smoke test that https works (e.g. it's configured in libgit2). It attempts to clone from a URL which simply immediately drops connections after they're accepted (e.g. terminate abnormally). We expect to see a standard error from libgit2 but unfortunately we're seeing a segfault. This segfault is happening inside of the `wait_for` function of `curl_stream.c` at the line `FD_SET(fd, &errfd)` because `fd` is -1. This ends up doing an out-of-bounds array access that faults the program. I tracked back to where this -1 came from to the line here (returned by `CURLINFO_LASTSOCKET`) and added a check to return an error.
Alex Crichton committed
-
- 19 Apr, 2016 2 commits
-
-
Carlos Martín Nieto committed
-
Carlos Martín Nieto committed
-
- 08 Feb, 2016 1 commit
-
-
When copying contents of the cURL certiinfo we duplicate the data but forget to actually put it into the vector.
Patrick Steinhardt committed
-
- 17 Jan, 2016 1 commit
-
-
Bob Kuo committed
-
- 06 Aug, 2015 1 commit
-
-
When curl uses a proxy, it will only use Basic unless we prompt it to try to use the most secure on it has available. This is something which git did recently, and it seems like a good idea.
Carlos Martín Nieto committed
-
- 10 Jul, 2015 1 commit
-
-
Edward Thomson committed
-
- 24 Jun, 2015 4 commits
-
-
We do not want libcurl to perform the TLS negotiation for us, so we don't need to pass this option.
Carlos Martín Nieto committed -
The information is exposed by curl for some crypto libraries in the form of name:content strings. We can't do much more than return this information.
Carlos Martín Nieto committed -
If the stream claims to support this feature, we can let the transport set the proxy. We also set HTTPPROXYTUNNEL option so curl can create a tunnel through the proxy which lets us create our own TLS session (if needed).
Carlos Martín Nieto committed -
cURL has a mode in which it acts a lot like our streams, providing send and recv functions and taking care of the TLS and proxy setup for us. Implement a new stream which uses libcurl instead of raw sockets or the TLS libraries directly. This version does not support reporting certificates or proxies yet.
Carlos Martín Nieto committed
-