[GNUnet-SVN] [gnurl] 51/173: url: Refactor detect

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [gnurl] 51/173: url: Refactor detect_proxy()

From:	gnunet
Subject:	[GNUnet-SVN] [gnurl] 51/173: url: Refactor detect_proxy()
Date:	Fri, 24 Feb 2017 14:01:13 +0100

This is an automated email from the git hooks/post-receive script.

ng0 pushed a commit to annotated tag gnurl-7.53.1
in repository gnurl.

commit efdbfde7ca205f256c4e8b473c775cf73557cfd7
Author: ERAMOTO Masaya <address@hidden>
AuthorDate: Fri Dec 16 21:26:18 2016 +0900

    url: Refactor detect_proxy()
    
    If defined CURL_DISABLE_HTTP, detect_proxy() returned NULL. If not
    defined CURL_DISABLE_HTTP, detect_proxy() checked noproxy list.
    
    Thus refactor to set proxy to NULL instead of calling detect_proxy() if
    define CURL_DISABLE_HTTP, and refactor to call detect_proxy() if not
    define CURL_DISABLE_HTTP and the host is not in the noproxy list.
---
 lib/url.c | 91 ++++++++++++++++++++++++++++-----------------------------------
 1 file changed, 40 insertions(+), 51 deletions(-)

diff --git a/lib/url.c b/lib/url.c
index 3cb7cba0e..d1a7afe1d 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -4853,7 +4853,6 @@ static char *detect_proxy(struct connectdata *conn)
 {
   char *proxy = NULL;
 
-#ifndef CURL_DISABLE_HTTP
   /* If proxy was not specified, we check for default proxy environment
    * variables, to enable i.e Lynx compliance:
    *
@@ -4871,62 +4870,46 @@ static char *detect_proxy(struct connectdata *conn)
    * For compatibility, the all-uppercase versions of these variables are
    * checked if the lowercase versions don't exist.
    */
-  char *no_proxy=NULL;
   char proxy_env[128];
+  const char *protop = conn->handler->scheme;
+  char *envp = proxy_env;
+  char *prox;
 
-  no_proxy=curl_getenv("no_proxy");
-  if(!no_proxy)
-    no_proxy=curl_getenv("NO_PROXY");
-
-  if(!check_noproxy(conn->host.name, no_proxy)) {
-    /* It was not listed as without proxy */
-    const char *protop = conn->handler->scheme;
-    char *envp = proxy_env;
-    char *prox;
+  /* Now, build <protocol>_proxy and check for such a one to use */
+  while(*protop)
+    *envp++ = (char)tolower((int)*protop++);
 
-    /* Now, build <protocol>_proxy and check for such a one to use */
-    while(*protop)
-      *envp++ = (char)tolower((int)*protop++);
+  /* append _proxy */
+  strcpy(envp, "_proxy");
 
-    /* append _proxy */
-    strcpy(envp, "_proxy");
+  /* read the protocol proxy: */
+  prox=curl_getenv(proxy_env);
 
-    /* read the protocol proxy: */
+  /*
+   * We don't try the uppercase version of HTTP_PROXY because of
+   * security reasons:
+   *
+   * When curl is used in a webserver application
+   * environment (cgi or php), this environment variable can
+   * be controlled by the web server user by setting the
+   * http header 'Proxy:' to some value.
+   *
+   * This can cause 'internal' http/ftp requests to be
+   * arbitrarily redirected by any external attacker.
+   */
+  if(!prox && !strcasecompare("http_proxy", proxy_env)) {
+    /* There was no lowercase variable, try the uppercase version: */
+    Curl_strntoupper(proxy_env, proxy_env, sizeof(proxy_env));
     prox=curl_getenv(proxy_env);
+  }
 
-    /*
-     * We don't try the uppercase version of HTTP_PROXY because of
-     * security reasons:
-     *
-     * When curl is used in a webserver application
-     * environment (cgi or php), this environment variable can
-     * be controlled by the web server user by setting the
-     * http header 'Proxy:' to some value.
-     *
-     * This can cause 'internal' http/ftp requests to be
-     * arbitrarily redirected by any external attacker.
-     */
-    if(!prox && !strcasecompare("http_proxy", proxy_env)) {
-      /* There was no lowercase variable, try the uppercase version: */
-      Curl_strntoupper(proxy_env, proxy_env, sizeof(proxy_env));
-      prox=curl_getenv(proxy_env);
-    }
-
-    if(prox)
-      proxy = prox; /* use this */
-    else {
-      proxy = curl_getenv("all_proxy"); /* default proxy to use */
-      if(!proxy)
-        proxy=curl_getenv("ALL_PROXY");
-    }
-  } /* if(!check_noproxy(conn->host.name, no_proxy)) - it wasn't specified
-       non-proxy */
-  free(no_proxy);
-
-#else /* !CURL_DISABLE_HTTP */
-
-  (void)conn;
-#endif /* CURL_DISABLE_HTTP */
+  if(prox)
+    proxy = prox; /* use this */
+  else {
+    proxy = curl_getenv("all_proxy"); /* default proxy to use */
+    if(!proxy)
+      proxy=curl_getenv("ALL_PROXY");
+  }
 
   return proxy;
 }
@@ -6267,7 +6250,13 @@ static CURLcode create_conn(struct Curl_easy *data,
     Curl_safefree(socksproxy);
   }
   else if(!proxy && !socksproxy)
-    proxy = detect_proxy(conn);
+#ifndef CURL_DISABLE_HTTP
+    /* if the host is not in the noproxy list, detect proxy. */
+    if(!check_noproxy(conn->host.name, no_proxy))
+      proxy = detect_proxy(conn);
+#else  /* !CURL_DISABLE_HTTP */
+    proxy = NULL;
+#endif /* CURL_DISABLE_HTTP */
 
   Curl_safefree(no_proxy);
 

-- 
To stop receiving notification emails like this one, please contact
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [gnurl] 82/173: sws: use SOCKERRNO, not errno, (continued)
- [GNUnet-SVN] [gnurl] 82/173: sws: use SOCKERRNO, not errno, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 60/173: write-out.d: 'time_total' is not always shown with ms precision, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 63/173: THANKS-filter: Jiri Malak, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 56/173: CURLOPT_PREQUOTE.3: takes a struct curl_slist*, not a char*, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 120/173: polarssl, mbedtls: Fix detection of pending data, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 30/173: wolfssl: support setting cipher list, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 81/173: KNOWN_BUGS: HTTP/2 server push enabled when no pushes can be accepted, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 85/173: vtls: fix PolarSSL non-blocking handling, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 80/173: *.rc: escape non-ASCII/non-UTF-8 character for clarity, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 64/173: addrinfo: fix compiler warning on offsetof() use, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 51/173: url: Refactor detect_proxy(), gnunet <=
- [GNUnet-SVN] [gnurl] 50/173: url: Fix NO_PROXY env var to work properly with --proxy option., gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 68/173: TODO: send only part of --data, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 61/173: unix_socket: add support for abstract unix domain socket, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 92/173: telnet: fix windows compiler warnings, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 84/173: vtls: fix mbedtls multi non blocking handshake., gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 104/173: cmake: Support curl --xattr when built with cmake, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 76/173: parseurl: move back buffer to function scope, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 77/173: usercertinmem.c: improve the short description, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 101/173: docs: we no longer ship HTML versions of man pages, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 96/173: polarssl: fix hangs, gnunet, 2017/02/24

Prev by Date: [GNUnet-SVN] [gnurl] 64/173: addrinfo: fix compiler warning on offsetof() use
Next by Date: [GNUnet-SVN] [gnurl] 50/173: url: Fix NO_PROXY env var to work properly with --proxy option.
Previous by thread: [GNUnet-SVN] [gnurl] 64/173: addrinfo: fix compiler warning on offsetof() use
Next by thread: [GNUnet-SVN] [gnurl] 50/173: url: Fix NO_PROXY env var to work properly with --proxy option.
Index(es):
- Date
- Thread