[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 157/173: url: Improve CURLOPT_PROXY_CAPATH error ha
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 157/173: url: Improve CURLOPT_PROXY_CAPATH error handling |
Date: |
Fri, 24 Feb 2017 14:02:59 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.53.1
in repository gnurl.
commit b259646ea10fc13d6cd97608824d0038f9720996
Author: Jay Satiro <address@hidden>
AuthorDate: Tue Feb 21 22:21:17 2017 -0500
url: Improve CURLOPT_PROXY_CAPATH error handling
- Change CURLOPT_PROXY_CAPATH to return CURLE_NOT_BUILT_IN if the option
is not supported, which is the same as what we already do for
CURLOPT_CAPATH.
- Change the curl tool to handle CURLOPT_PROXY_CAPATH error
CURLE_NOT_BUILT_IN as a warning instead of as an error, which is the
same as what we already do for CURLOPT_CAPATH.
- Fix CAPATH docs to show that CURLE_NOT_BUILT_IN is returned when the
respective CAPATH option is not supported by the SSL library.
Ref: https://github.com/curl/curl/pull/1257
---
docs/libcurl/opts/CURLOPT_CAPATH.3 | 9 +++++++--
docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3 | 9 +++++++--
lib/url.c | 9 +++++++--
src/tool_operate.c | 21 +++++++++++++++++----
4 files changed, 38 insertions(+), 10 deletions(-)
diff --git a/docs/libcurl/opts/CURLOPT_CAPATH.3
b/docs/libcurl/opts/CURLOPT_CAPATH.3
index 85ef06956..b19994b50 100644
--- a/docs/libcurl/opts/CURLOPT_CAPATH.3
+++ b/docs/libcurl/opts/CURLOPT_CAPATH.3
@@ -49,8 +49,13 @@ TODO
This option is supported by the OpenSSL, GnuTLS and PolarSSL backends. The NSS
backend provides the option only for backward compatibility.
.SH RETURN VALUE
-Returns CURLE_OK if TLS enabled, and CURLE_UNKNOWN_OPTION if not, or
-CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+CURLE_OK if supported; or an error such as:
+
+CURLE_NOT_BUILT_IN - Not supported by the SSL backend
+
+CURLE_UNKNOWN_OPTION
+
+CURLE_OUT_OF_MEMORY
.SH "SEE ALSO"
.BR CURLOPT_CAINFO "(3), "
.BR CURLOPT_STDERR "(3), " CURLOPT_DEBUGFUNCTION "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
b/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
index 372cc9503..dc317f03b 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3
@@ -48,8 +48,13 @@ Added in 7.52.0
This option is supported by the OpenSSL, GnuTLS and PolarSSL backends. The NSS
backend provides the option only for backward compatibility.
.SH RETURN VALUE
-Returns CURLE_OK if TLS enabled, and CURLE_UNKNOWN_OPTION if not, or
-CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+CURLE_OK if supported; or an error such as:
+
+CURLE_NOT_BUILT_IN - Not supported by the SSL backend
+
+CURLE_UNKNOWN_OPTION
+
+CURLE_OUT_OF_MEMORY
.SH "SEE ALSO"
.BR CURLOPT_CAINFO "(3), "
.BR CURLOPT_STDERR "(3), " CURLOPT_DEBUGFUNCTION "(3), "
diff --git a/lib/url.c b/lib/url.c
index b8f7cfb9b..a78a2412f 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -583,8 +583,9 @@ CURLcode Curl_init_userdefined(struct UserDefined *set)
if(result)
return result;
- result = setstropt(&set->str[STRING_SSL_CAPATH_PROXY],
- (char *) CURL_CA_PATH);
+ result = setstropt(&set->str[STRING_SSL_CAPATH_PROXY], CURL_CA_PATH);
+ if(result)
+ return result;
#endif
set->wildcardmatch = FALSE;
@@ -2225,8 +2226,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
/* This does not work on windows. */
result = setstropt(&data->set.str[STRING_SSL_CAPATH_ORIG],
va_arg(param, char *));
+#else
+ result = CURLE_NOT_BUILT_IN;
+#endif
break;
case CURLOPT_PROXY_CAPATH:
+#ifdef have_curlssl_ca_path /* not supported by all backends */
/*
* Set CA path info for SSL connection proxy. Specify directory name of the
* CA certificates which have been prepared using openssl c_rehash utility.
diff --git a/src/tool_operate.c b/src/tool_operate.c
index bc36520d9..c30b32046 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -1014,6 +1014,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt_str(curl, CURLOPT_CAINFO, config->cacert);
if(config->proxy_cacert)
my_setopt_str(curl, CURLOPT_PROXY_CAINFO, config->proxy_cacert);
+
if(config->capath) {
result = res_setopt_str(curl, CURLOPT_CAPATH, config->capath);
if(result == CURLE_NOT_BUILT_IN) {
@@ -1024,10 +1025,22 @@ static CURLcode operate_do(struct GlobalConfig *global,
else if(result)
goto show_error;
}
- if(config->proxy_capath)
- my_setopt_str(curl, CURLOPT_PROXY_CAPATH, config->proxy_capath);
- else if(config->capath) /* CURLOPT_PROXY_CAPATH default is capath */
- my_setopt_str(curl, CURLOPT_PROXY_CAPATH, config->capath);
+ /* For the time being if --proxy-capath is not set then we use the
+ --capath value for it, if any. See #1257 */
+ if(config->proxy_capath || config->capath) {
+ result = res_setopt_str(curl, CURLOPT_PROXY_CAPATH,
+ (config->proxy_capath ?
+ config->proxy_capath :
+ config->capath));
+ if(result == CURLE_NOT_BUILT_IN) {
+ if(config->proxy_capath) {
+ warnf(config->global,
+ "ignoring --proxy-capath, not supported by libcurl\n");
+ }
+ }
+ else if(result)
+ goto show_error;
+ }
if(config->crlfile)
my_setopt_str(curl, CURLOPT_CRLFILE, config->crlfile);
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 114/173: telnet: Fix typos, (continued)
- [GNUnet-SVN] [gnurl] 114/173: telnet: Fix typos, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 130/173: http2: fix memory-leak when denying push streams, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 158/173: urldata: include curl_sspi.h when Windows SSPI is enabled, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 159/173: TODO: brotli is deployed widely now, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 167/173: TODO: "OPTIONS *", gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 134/173: RELEASE-NOTES: synced with 690935390c29c, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 21/173: digest_sspi: copy terminating NUL as well, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 118/173: RELEASE-NOTES: synced with 102454459dd688c, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 142/173: docs: fix timeout handling in multi-uv example, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 116/173: http2: reset push header counter fixes crash, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 157/173: url: Improve CURLOPT_PROXY_CAPATH error handling,
gnunet <=
- [GNUnet-SVN] [gnurl] 121/173: http_proxy: Fix tiny memory leak upon edge case connecting to proxy, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 140/173: http: fix missing 'Content-Length: 0' while negotiating auth, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 87/173: contri*.sh: cut off parentheses from names too, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 143/173: speed caps: update the timeouts if the speed is too low/high, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 91/173: VC: remove the makefile.vc6 build infra, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 156/173: cyassl: fix typo, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 86/173: RELEASE-NOTES: synced with 01ab7c30bba6f, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 102/173: mbedtls: implement CTR-DRBG and HAVEGE random generators, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 161/173: docs: gitignore curl.1, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 122/173: http_proxy: avoid freeing static memory, gnunet, 2017/02/24