1
0
mirror of https://github.com/rkd77/elinks.git synced 2025-01-03 14:57:44 -05:00
Commit Graph

191 Commits

Author SHA1 Message Date
Witold Filipczyk
7456f785ca [ssl] wrong signature of function 2019-11-15 14:33:30 +01:00
Witold Filipczyk
6b9d6c93df [ssl] ASN1_STRING_data is deprecated 2019-11-15 14:24:59 +01:00
Witold Filipczyk
903fc4984d [ssl] RAND_pseudo_bytes is deprecated. 2019-11-15 14:19:47 +01:00
Witold Filipczyk
3d96b0d7d7 Revert "Compile with C++."
This reverts commit 4f4df33638.
2019-04-21 12:27:40 +02:00
Witold Filipczyk
4f4df33638 Compile with C++.
Weak points:
- alignof
- js problems

Todo:
- make js work with C++ and mozjs-17
- then mozjs-24
- then mozjs-52
- then mozjs-60
- decrease number of warnings
2019-02-17 20:46:16 +01:00
أحمد المحمودي (Ahmed El-Mahmoudy)
a1bea9349f Compat with gnutls 3.6.4 2019-01-24 07:53:19 +01:00
Witold Filipczyk
8a8af596e0 gnutls: GNUTLS_E_PREMATURE_TERMINATION on www.raspberrypi.org 2017-12-23 14:51:43 +01:00
Guillem Jover
85b8dd8f42 SSL authentication using client certs 2017-11-22 01:46:30 +01:00
Witold Filipczyk
4c4717b82a Repeat gnutls_handshake until success
It's blocking, but better than SSL errors.
2017-11-15 01:01:36 +01:00
Witold Filipczyk
91beac7ee3 gnutls_certificate_set_x509_system_trust
If this function is available and gnutls is used,
and connection.ssl.trusted_ca_file is "",
gnutls_certificate_set_x509_system_trust is called
to load certificates.
2017-11-14 16:02:22 +01:00
Witold Filipczyk
442f4936dc Use blacklist to skip verification of certificates 2017-07-23 18:59:05 +02:00
Witold Filipczyk
f43f5714e8 Let users retry connection in case of error. Especially SSL error.
Also verify ssl certificates by default.
It has some weak points, for example in load_uri not always data
is a session.
2017-07-23 14:33:40 +02:00
Witold Filipczyk
54ebe365b7 Compilation fix for OpenSSL-1.1 2017-03-06 17:39:36 +01:00
Witold Filipczyk
257422f28c Reorganisation of code to make C++ happy 2016-04-20 22:21:31 +02:00
Witold Filipczyk
67673f5fe5 new -> new_ for C++ compatibility 2016-04-20 18:42:22 +02:00
Fabienne Ducroquet
73b09749ac Use the proxied URI to verify server certificates
Otherwise, the verification fails when using a HTTPS proxy because ELinks checks
whether the proxy matches the certificate.

Signed-off-by: Fabienne Ducroquet <fabiduc@gmail.com>
2016-04-12 21:41:46 +02:00
Kylie McClain
f4a58ba3b5 ssl: Make RAND_egd optional
Fixes compilation with LibreSSL.
2015-12-30 11:12:35 +01:00
Witold Filipczyk
e015e2be21 -VERS-SSL3.0 in gnutls to avoid SSL error. 2015-07-01 16:23:19 +02:00
Kalle Olavi Niemitalo
8b00e1ef70 bug 764: Initialize the right member of union option_value
INIT_OPTION used to initialize union option_value at compile time by
casting the default value to LIST_OF(struct option) *, which is the
type of the first member.  On sparc64 and other big-endian systems
where sizeof(int) < sizeof(struct list_head *), this tended to leave
option->value.number as zero, thus messing up OPT_INT and OPT_BOOL
at least.  OPT_LONG however tended to work right.

This would be easy to fix with C99 designated initializers,
but doc/hacking.txt says ELinks must be kept C89 compatible.
Another solution would be to make register_options() read the
value from option->value.tree (the first member), cast it back
to the right type, and write it to the appropriate member;
but that would still require somewhat dubious conversions
between integers, data pointers, and function pointers.

So here's a rather more invasive solution.  Add struct option_init,
which is somewhat similar to struct option but has non-overlapping
members for different types of values, to ensure nothing is lost
in compile-time conversions.  Move unsigned char *path from struct
option_info to struct option_init, and replace struct option_info
with a union that contains struct option_init and struct option.
Now, this union can be initialized with no portability problems,
and register_options() then moves the values from struct option_init
to their final places in struct option.

In my x86 ELinks build with plenty of options configured in, this
change bloated the text section by 340 bytes but compressed the data
section by 2784 bytes, presumably because union option_info is a
pointer smaller than struct option_info was.
(cherry picked from elinks-0.12 commit e5f6592ee2)

Conflicts:
	src/protocol/fsp/fsp.c: All options had been removed in 0.13.GIT.
	src/protocol/smb/smb2.c: Ditto.
2012-11-03 22:16:32 +02:00
mancha
bc3fcb4696 Fix hostname verification code.
[ From bug 1123 attachment 569.  --KON ]
2012-07-18 12:37:55 +03:00
witekfl
2ec6c54697 On Windows safe_read or safe_write return -1 and set errno = EWOULDBLOCK
for nonblocking io.
2012-05-25 19:43:10 +02:00
witekfl
7328bb9c9e gnutls_transport_ptr is deprecated. 2012-05-08 13:41:26 +02:00
Kalle Olavi Niemitalo
0c3f3e09a7 1024: Verify server certificate hostname with OpenSSL
Not tested with nss-compat-ossl.
2011-07-28 17:23:51 +03:00
Kalle Olavi Niemitalo
7c40e03421 1024: Always disable TLS1.1 with GnuTLS
Using the RFC 3546 server_name TLS extension with TLS 1.1 made
https://bugzilla.novell.com/ never respond to negotiation.
Disable TLS 1.1 with GnuTLS, like it has already been disabled with
OpenSSL.  And if an SSL error is detected, disable TLS 1.2 as well.
2011-07-28 17:23:51 +03:00
Kalle Olavi Niemitalo
6c84978cf5 1024: Use RFC 3546 server_name TLS extension
For both GnuTLS and OpenSSL.  Not tested with nss-compat-openssl.
2011-07-28 17:23:51 +03:00
Kalle Olavi Niemitalo
5d0e4e2452 1024: Reject OpenPGP certificates 2011-07-28 17:23:51 +03:00
Witold Filipczyk
a15216863f 1024: Verify hostname and expiration time of the certificate.
GnuTLS only.

[ From bug 1024 attachment 483.  Resolved conflicts with 0.13.GIT.  --KON ]
2011-07-28 17:23:51 +03:00
witekfl
eb4e5d7e0d Revert "Do not try to use gpm in X11."
This reverts commit 8183aecd90.
2011-07-06 13:41:41 +02:00
witekfl
8183aecd90 Do not try to use gpm in X11.
X11 is detected by checking DISPLAY variable.
Without this ELinks stopped on reading from /dev/gpmctl.
2011-07-06 13:19:09 +02:00
Kalle Olavi Niemitalo
5ddf20b85e GNUTLS: Make anon_cred and xcred static
anon_cred and xcred are defined in src/network/ssl/ssl.c and not
mentioned in any other file.  Make them static.
2011-05-02 14:55:17 +03:00
Kalle Olavi Niemitalo
6457a13005 GNUTLS: #if 0 arrays needed by deprecated functions
src/network/ssl/ssl.c defined some constant arrays for passing to
GnuTLS functions.  Those functions have been deprecated and their
calls are in #if 0 nowadays.  Put #if 0 around the arrays as well.
2011-05-02 14:55:17 +03:00
Kalle Olavi Niemitalo
2d8fd9cecf bug 1115: Check status after gnutls_certificate_verify_peers2
The deprecated gnutls_certificate_verify_peers function returns -1
if it fails, or a set of gnutls_certificate_status_t bits; each bit
indicates some kind of problem, so the result is zero if the
certificate is OK.

The newer gnutls_certificate_verify_peers2 function returns -1 if it
fails, or 0 if it succeeds; and writes the status bits via a pointer.
When using that function, ELinks must check the status separately.
Do that.

Also, if GnuTLS is not being used, do not declare a status variable,
because leaving it unused would break the debug build:

/home/Kalle/src/elinks-0.13/src/network/ssl/socket.c: In function ‘ssl_want_read’:
/home/Kalle/src/elinks-0.13/src/network/ssl/socket.c:87: error: unused variable ‘status’
/home/Kalle/src/elinks-0.13/src/network/ssl/socket.c: In function ‘ssl_connect’:
/home/Kalle/src/elinks-0.13/src/network/ssl/socket.c:121: error: unused variable ‘status’
2011-05-01 02:27:19 +03:00
witekfl
b228fe82ab bug 1115: Avoid deprecated functions when compile --with-gnutls 2011-04-28 18:21:40 +02:00
witekfl
5a99cca30b gcry_create_nounce is part of libgcrypt.
Lack of -lgcrypt caused linking error when compiled --with-gnutls.
2011-04-28 18:02:00 +02:00
Witold Filipczyk
7933724dc8 Removed code using pipes for decompression and simplified decompress_data.
Workarounds for sites, which send incorrect data, probably won't work.
2010-09-24 16:12:35 +02:00
Kalle Olavi Niemitalo
ef548e5728 Merge branch 'elinks-0.12'
Conflicts:
	src/session/download.c
	src/session/download.h
	src/viewer/text/view.c
2009-07-24 18:32:25 +03:00
Kalle Olavi Niemitalo
b427a4f159 Small Doxygen fixes 2009-07-17 23:58:38 +03:00
Kalle Olavi Niemitalo
683cfe4c86 Merge branch 'elinks-0.12' into elinks-0.13
Conflicts:
	NEWS: merged
	configure.in: VERSION changed in elinks-0.12; kept 0.13.GIT
	doc/man/man1/elinks.1.in: regenerated
	doc/man/man5/elinks.conf.5: regenerated
	doc/man/man5/elinkskeys.5: regenerated
	po/fr.po: kept 0.13.GIT
	po/pl.po: kept 0.13.GIT
2009-05-31 16:18:23 +03:00
Kalle Olavi Niemitalo
681e377027 Debian bug 528661: Check for gnutls_priority_set_direct
Avoid compilation error with GNUTLS 1.2.9:

/home/Kalle/src/elinks-0.12/src/network/ssl/ssl.c:258: error: implicit declaration of function ‘gnutls_priority_set_direct’

If the function is not available, use gnutls_set_default_priority instead.
Perhaps it'll work with bugzilla.novell.com, perhaps not.
2009-05-30 14:34:01 +03:00
Witold Filipczyk
864fa0b56a Debian bug 528661: Disable some TLS extensions on GNUTLS.
- gnutls_handshake_set_private_extensions: Do not enable private cipher
  suites that might not be supported by anything other than GNUTLS.
  The GNUTLS 2.8.0 documentation notes that enabling these extensions
  can cause interoperability problems.
- gnutls_set_default_priority: Explicitly disable OpenPGP certificates.
- gnutls_certificate_type_set_priority: Do not enable OpenPGP certificates.
  The GNUTLS 2.8.0 documentation notes that OpenPGP certificate support
  requires libgnutls-extra.  Because libgnutls-extra 2.2.0 and later are
  under GPLv3-or-later and thus not GPLv2 compatible, ELinks doesn't use
  libgnutls-extra, so OpenPGP certificates didn't work anyway.
- gnutls_server_name_set: Do not tell the server the hostname from the URL.
  This was supposed to let the server choose the appropriate certificate
  for each name-based virtual host, but ELinks actually always sent just
  "localhost", so it didn't work anyway.  This will have to be revisited
  when ELinks is changed to actually verify the subject name from the
  server's certificate (ELinks bug 1024).

These changes should help ELinks negotiate SSL with bugzilla.novell.com.

[NEWS and commit message by me.  --KON]
2009-05-30 11:21:17 +03:00
Miciah Dashiel Butler Masters
d16e0c974f Use cache if at all possible if CACHE_MODE_ALWAYS
In load_uri, if there is no valid cache entry and no existing connection
for the requested URI, make one last check in case there is an
incomplete cache entry.
2009-05-22 23:09:07 +00:00
Kalle Olavi Niemitalo
1bb71f3732 Merge branch 'elinks-0.12' into elinks-0.13
Conflicts:
	src/config/conf.c
	src/network/ssl/ssl.c
2009-03-12 08:46:02 +02:00
Kalle Olavi Niemitalo
5a43c55c9e Rewrap lines in option documentation.
Documentation strings of most options used to contain a "\n" at the
end of each source line.  When the option manager displayed these
strings, it treated each "\n" as a hard newline.  On 80x24 terminals
however, the option description window has only 60 columes available
for the text (with the default setup.h), and the hard newlines were
further apart, so the option manager wrapped the text a second time,
resulting in rather ugly output where long lones are interleaved with
short ones.  This could also cause the text to take up too much
vertical space and not fit in the window.

Replace most of those hard newlines with spaces so that the option
manager (or perhaps BFU) will take care of the wrapping.  At the same
time, rewrap the strings in source code so that the source lines are
at most 79 columns wide.

In some options though, there is a list of possible values and their
meanings.  In those lists, if the description of one value does not
fit in one line, then continuation lines should be indented.  The
option manager and BFU are not currently able to do that.  So, keep
the hard newlines in those lists, but rewrap them to 60 columns so
that they are less likely to require further wrapping at runtime.
2009-03-08 15:18:10 +02:00
Kalle Olavi Niemitalo
5c2fada371 Merge branch 'elinks-0.12' into elinks-0.13
Conflicts:
	src/session/download.c
2008-11-01 22:39:17 +02:00
M. Vefa Bicakci
96b3093519 Patch 2: Modifications to the remaining parts of ELinks
[Forward ported to 0.12 from bug 1004 attachment 499.  --KON]
2008-11-01 22:20:25 +02:00
Kalle Olavi Niemitalo
9c17d8e805 Merge branch 'elinks-0.12' into elinks-0.13 2008-10-04 15:17:11 +03:00
Kalle Olavi Niemitalo
00f5831812 Bug 1053: Fix crash when download ends prematurely.
Call stacks reported by valgrind:

==14702==    at 0x80DD791: read_from_socket (socket.c:945)
==14702==    by 0x8104D0C: read_more_http_data (http.c:1180)
==14702==    by 0x81052FE: read_http_data (http.c:1388)
==14702==    by 0x80DD69B: read_select (socket.c:910)
==14702==    by 0x80D27AA: select_loop (select.c:307)
==14702==    by 0x80D1ADE: main (main.c:358)
==14702==  Address 0x4F4E598 is 56 bytes inside a block of size 81 free'd
==14702==    at 0x402210F: free (vg_replace_malloc.c:233)
==14702==    by 0x812BED8: debug_mem_free (memdebug.c:484)
==14702==    by 0x80D7C82: done_connection (connection.c:479)
==14702==    by 0x80D8A44: abort_connection (connection.c:769)
==14702==    by 0x80D99CE: cancel_download (connection.c:1053)
==14702==    by 0x8110EB6: abort_download (download.c:143)
==14702==    by 0x81115BC: download_data_store (download.c:337)
==14702==    by 0x8111AFB: download_data (download.c:446)
==14702==    by 0x80D7B33: notify_connection_callbacks (connection.c:458)
==14702==    by 0x80D781E: set_connection_state (connection.c:388)
==14702==    by 0x80D7132: set_connection_socket_state (connection.c:234)
==14702==    by 0x80DD78D: read_from_socket (socket.c:943)

read_from_socket() attempted to read socket->fd in order to set
handlers on it, but the socket had already been freed.  Incidentally,
socket->fd was -1, which would have resulted in an assertion failure
if valgrind hadn't caught the bug first.

To fix this, add a list of weak references to sockets.
read_from_socket() registers a weak reference on entry and unregisters
it before exit.  done_socket() breaks any weak references to the
specified socket.  read_from_socket() then checks whether the weak
reference was broken, and doesn't access the socket any more if so.
2008-10-04 14:19:00 +03:00
Kalle Olavi Niemitalo
bda58a124a Revert "Use given connections id in connection_disappeared()."
This reverts src/{network,sched}/connection.c CVS revision 1.43,
which was made on 2003-07-03 and converted to Git commit
cae65f7941628109b51ffb2e2d05882fbbdc73ef in elinks-history.

It is pointless to check whether (c == d && c->id == d->id).
If c == d, then surely c->id == d->id, and I wouldn't be surprised
to see a compiler optimize that out.
Whereas, by taking the id as a parameter, connection_disappeared()
can check whether the pointer now points to a new struct connection
with a different id.
2008-10-04 13:00:57 +03:00
Kamil Dudka
a00a413765 add support for nss_compat_ossl library (OpenSSL replacement)
* configure.in: New configure parameter --with-nss_compat_ossl.
 * socket.c: New configure option connection.ssl.client_cert.nickname.
 * ssl.h: Handle CONFIG_NSS_COMPAT_OSSL macro.
 * ssl.c: Add support for nss_compat_ossl.
 * TODO: Remove completed task.
 * NEWS: Mention the change.
2008-09-27 16:32:36 +03:00
Kalle Olavi Niemitalo
b40736cafe Merge branch 'elinks-0.12' into elinks-0.13
Conflicts:

	NEWS (merged)
	configure.in (merged)
	doc/man/man1/elinks.1.in (regenerated)
	doc/man/man5/elinks.conf.5 (regenerated)
	doc/man/man5/elinkskeys.5 (regenerated)
	po/fr.po (kept 0.13.GIT version)
	po/pl.po (kept 0.13.GIT version)
2008-09-27 16:28:28 +03:00
Kalle Olavi Niemitalo
d93bceb9bd Fix blacklist crash in BitTorrent
make_bittorrent_peer_connection() used to construct a struct uri on
the stack. This was hacky but worked nicely because the struct uri
was not really accessed after make_connection() returned.  However,
since commit a83ff1f565, the struct uri
is also needed when the connection is being closed.  Valgrind shows:

Invalid read of size 2
   at 0x8100764: get_blacklist_entry (blacklist.c:33)
   by 0x8100985: del_blacklist_entry (blacklist.c:64)
   by 0x80DA579: complete_connect_socket (socket.c:448)
   by 0x80DA84A: connected (socket.c:513)
   by 0x80D0DDF: select_loop (select.c:297)
   by 0x80D00C6: main (main.c:353)
 Address 0xBEC3BFAE is just below the stack ptr.  To suppress, use: --workaround-gcc296-bugs=yes

To fix this, allocate the struct uri on the heap instead, by
constructing a string and giving that to get_uri().  This string
cannot use the "bittorrent" URI scheme because parse_uri() does not
recognize the host and port fields in that.  (The "bittorrent" scheme
has protocol_backend.free_syntax = 1 in order to support strings like
"bittorrent:http://beta.legaltorrents.com/get/159-noisome-beasts".)
Instead, define a new "bittorrent-peer" URI scheme for this purpose.
If the user attempts to use this URI scheme, its handler aborts the
connection with an error; but when make_bittorrent_peer_connection()
uses a bittorrent-peer URI, the handler is not called.

This change also lets get_uri() set the ipv6 flag if peer_info->ip is
an IPv6 address literal.

Reported by Witold Filipczyk.
2008-09-07 06:31:36 +03:00
Kalle Olavi Niemitalo
a73fe73cd2 Merge branch 'elinks-0.12' into elinks-0.13
Conflicts:

	src/document/document.h
	src/encoding/encoding.c
	src/network/connection.c
	src/protocol/bittorrent/bittorrent.c
	src/protocol/bittorrent/bittorrent.h
	src/protocol/bittorrent/common.h
	src/protocol/bittorrent/connection.c
	src/protocol/bittorrent/dialogs.c
	src/protocol/bittorrent/tracker.c
	src/protocol/file/cgi.c
	src/protocol/http/http.c
2008-08-03 22:18:53 +03:00
Kalle Olavi Niemitalo
c1ffba2f95 Work around fsp_open_session() not setting errno.
fsp_open_session() has a bug where it does not set errno if getaddrinfo fails.
Before the bug 1013 fix, this caused an assertion failure.
After the bug 1013 fix, this caused a "Success" error message.
Now it instead causes "FSP server not found".
2008-08-03 20:26:50 +03:00
Kalle Olavi Niemitalo
6c2e8cd7b2 Bug 1013: Don't assume errno is between 0 and 100000
Replace almost all uses of enum connection_state with struct
connection_status.  This removes the assumption that errno values used
by the system are between 0 and 100000.  The GNU Hurd uses values like
ENOENT = 0x40000002 and EMIG_SERVER_DIED = -308.

This commit is derived from my attachments 450 and 467 to bug 1013.
2008-08-03 17:56:41 +03:00
Kalle Olavi Niemitalo
abe4927d69 1022: NEWS and option documentation 2008-07-27 20:11:39 +03:00
Witold Filipczyk
2e1983ce93 1022: Fixes issue with mbank.
New patch, fixes issue with mbank's certificate verification.
2008-07-27 17:15:36 +03:00
Kalle Olavi Niemitalo
a83ff1f565 1040: Blacklist servers that support SSL3 but not TLS1.
It seems GnuTLS is not as good at negotiating a supported protocol as
OpenSSL is.  ELinks tries to work around that by retrying with a
different protocol if the SSL library reports an error.  However,
ELinks must not automatically retry POST requests where some data may
have already reached the server; POST is not a safe method in HTTP.
So instead, collect the name of the TLS-incapable server in a blacklist
when ELinks e.g. loads an HTML form from it; the actual POST can then
immediately use the protocol that worked.

It's a bit ugly that src/network/socket.c now uses
protocol/http/blacklist.h.  It might be better to move the blacklist
files out of the http directory, and perhaps merge them with the
BitTorrent blacklisting code.
2008-07-27 01:39:01 +03:00
Kalle Olavi Niemitalo
5b6c913c6a Merge branch 'elinks-0.12' into elinks-0.13
Conflicts:

	src/network/connection.h
	src/session/download.c
	src/session/download.h
2008-06-15 21:43:08 +03:00
Kalle Olavi Niemitalo
bfb034c953 Revert "copiousoutput: cleanup after copiousoutput handling. Temporary files should"
I am reverting all copiousoutput support because of bug 917.
This reverts commit 4dc4ea47f2.

Conflicts:

	src/network/connection.h: After the original commit, the declaration
	  of copiousoutput_data had been changed to use the LIST_OF macro.
	  Also, connection.cgi had been added next to the connection.popen
	  member added by the original commit.
	src/session/download.c: After the original commit, the definition of
	  copiousoutput_data had been changed to use the INIT_LIST_OF macro.
2008-06-15 14:17:44 +03:00
Kalle Olavi Niemitalo
1661109a99 Revert "copiousoutput: I'm not sure about this. pclose may hang ELinks for long time,"
I am reverting all copiousoutput support because of bug 917.
This reverts commit 47f3dd0421.
2008-06-15 14:08:18 +03:00
Witold Filipczyk
d15439edff bug 991: Added the bit field cgi to the structs connection and type_query.
CGI scripts are distinguishable from normal files. I hope that this
fixes the bug 991. This commit also reverts the previous revert.
(cherry picked from commit 7ceba1e461)
2008-06-15 13:07:02 +03:00
Kalle Olavi Niemitalo
d6fd2ac31f Erase progress.timer before calling progress.timer_func
Previously, each progress timer function registered with
start_update_progress() was directly used as the timer function of
progress.timer, so it was responsible of erasing the expired timer ID
from that member.  Failing to do this could result in heap corruption.
The progress timer functions normally fulfilled the requirement by
calling update_progress(), but one such function upload_stat_timer()
had to erase the timer ID on its own too.

Now instead, there is a wrapper function progress_timeout(), which
progress.c sets as the timer function of progress.timer.  This wrapper
erases the expired timer ID from progress.timer and then calls the
progress timer function registered with start_update_progress().  So
the progress timer function is no longer responsible of erasing the
timer ID and there's no risk that it could fail to do that in some
error situation.

This commit introduces a new risk though.  Previously, if the struct
progress was freed while the timer was running, the (progress) timer
function would still be called, and it would be able to detect that
the progress pointer is NULL and recover from this situation.  Now,
the timer function progress_timeout() has a pointer to the struct
progress and will dereference that pointer without being able to check
whether the structure has been freed.  Fortunately, done_progress()
asserts that the timer is not running, so this should not occur.
2008-06-15 11:27:19 +03:00
Kalle Olavi Niemitalo
8e33098306 1008: always erase timer ID in upload_stat_timer() 2008-06-03 10:02:06 +03:00
Kalle Olavi Niemitalo
08941fd47d 1008: rename connection.upload_progress to .http_upload_progress 2008-06-03 09:57:58 +03:00
Kalle Olavi Niemitalo
2d2cc6c5f5 1008: Abort connection if a file is resized. 2008-06-03 01:49:10 +03:00
Kalle Olavi Niemitalo
1b707208d3 1008: New struct http_post.
Move connection.post_fd to http_post.post_fd.
Make connection.done point to the new done_http_connection(),
which calls the new done_http_post(), which closes post_fd.
So done_connection() no longer needs to do that.

Now that done_http_post() exists, a later commit can add dynamically
allocated data in struct http_post and ensure that it will be freed.
2008-05-26 01:56:58 +03:00
Kalle Olavi Niemitalo
7a72a685e5 1008: Centralize random numbers.
If ELinks is being linked with SSL library, use its random number
generator.

Otherwise, try /dev/urandom and /dev/prandom.  If they do not work,
fall back to rand(), calling srand() only once.  This fallback is
mostly interesting for the Hurd and Microsoft Windows.

BitTorrent piece selection and dom/test/html-mangle.c still use rand()
(but not srand()) directly.  Those would not benefit from being
unpredictable, I think.
2008-05-25 18:44:21 +03:00
Kalle Olavi Niemitalo
291a913d1e 1008: Call and reset conn->done when freeing conn->info.
In the places that set conn->info without freeing the original value,
assert that both conn->info and conn->done are NULL.
2008-05-22 03:59:33 +03:00
Witold Filipczyk
a6184b3081 1008: Moved post_fd to the struct connection. 2008-05-12 11:24:00 +02:00
Witold Filipczyk
8508c18341 1008: big uploads. Added info in the status bar about uploded data. 2008-05-11 13:14:06 +02:00
Witold Filipczyk
6c0979aae9 1008: Added upload_progress to the connection. 2008-05-11 13:14:00 +02:00
Witold Filipczyk
2aa70f77bc bug 991: Added the bit field cgi to the structs connection and type_query.
CGI scripts are distinguishable from normal files. I hope that this
fixes the bug 991. This commit also reverts the previous revert.
(cherry picked from commit 7ceba1e461)
2008-03-15 19:25:01 +02:00
Kalle Olavi Niemitalo
cd4a9d77b9 Revert "bug 991: Added the bit field cgi to the structs connection and type_query."
This reverts commit 7ceba1e461,
which is causing an assertion to fail if I open the same PDF
twice in a row, even if I cancel the dialog box when ELinks
first asks which program to run:

INTERNAL ERROR at /home/Kalle/src/elinks-0.12/src/session/download.c:980: assertion download && download->conn failed!

Forcing core dump! Man the Lifeboats! Women and children first!

But please DO NOT report this as a segfault!!! It is an internal error, not a
normal segfault, there is a huge difference in these for us the developers.
Also, noting the EXACT error you got above is crucial for hunting the problem
down. Thanks, and please get in touch with us.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1216698688 (LWP 17877)]
0xb7a02d76 in raise () from /lib/libc.so.6
(gdb) backtrace 6
    at /home/Kalle/src/elinks-0.12/src/util/error.c:179
    fmt=0x816984c "assertion download && download->conn failed!")
    at /home/Kalle/src/elinks-0.12/src/util/error.c:122
    cached=0x8253ca8) at /home/Kalle/src/elinks-0.12/src/session/download.c:980
    cached=0x8253ca8, frame=0)
    at /home/Kalle/src/elinks-0.12/src/session/download.c:1339
    at /home/Kalle/src/elinks-0.12/src/session/task.c:493
(More stack frames follow...)

There is a fix available but I don't trust it yet.
2008-03-11 10:51:20 +02:00
Witold Filipczyk
7ceba1e461 bug 991: Added the bit field cgi to the structs connection and type_query.
CGI scripts are distinguishable from normal files. I hope that this
fixes the bug 991. This commit also reverts the previous revert.
2008-03-09 15:47:35 +02:00
Kalle Olavi Niemitalo
3c861fd530 Merge branch 'elinks-0.12' into elinks-0.13
Conflicts:

	configure.in
	src/protocol/http/http.c
2008-02-24 22:49:47 +02:00
Kalle Olavi Niemitalo
a7232792dd encoding: Don't leak a pipe fd if open_encoded() fails. 2008-02-17 21:54:19 +02:00
Kalle Olavi Niemitalo
6555359f8e Debian bug 464384: fix cast warning in ssl_connect
There are warnings about casts in the Debian amd64 build logs:
http://buildd.debian.org/fetch.cgi?&pkg=elinks&ver=0.11.3-2&arch=amd64&stamp=1200348983&file=log

	[CC]   src/intl/gettext/dcigettext.o
/build/buildd/elinks-0.11.3/src/intl/gettext/dcigettext.c: In function '_nl_find_msg':
/build/buildd/elinks-0.11.3/src/intl/gettext/dcigettext.c:745: warning: cast from pointer to integer of different size
/build/buildd/elinks-0.11.3/src/intl/gettext/dcigettext.c:746: warning: cast from pointer to integer of different size
...
	[CC]   src/network/ssl/socket.o
/build/buildd/elinks-0.11.3/src/network/ssl/socket.c: In function 'ssl_connect':
/build/buildd/elinks-0.11.3/src/network/ssl/socket.c:219: warning: cast to pointer from integer of different size

The warnings in _nl_find_msg were caused by alignof, which I already
fixed.  This commit ought to fix the gnutls_transport_set_ptr call in
ssl_connect.  This warning did not yet happen in bug 464384 because
the others broke the build before it got that far.
2008-02-09 15:19:20 +02:00
Miciah Dashiel Butler Masters
3a0286e447 Strings corrections from Malcolm Parsons
Fix the spelling and grammar in various comments, variable names, comment
descriptions, and documentation.
2008-01-27 04:19:23 +00:00
Miciah Dashiel Butler Masters
643a34e6af Strings corrections from Malcolm Parsons
Fix the spelling and grammar in various comments, variable names, comment
descriptions, and documentation.
2008-01-27 04:09:18 +00:00
Kalle Olavi Niemitalo
40f319ce22 Merge branch 'elinks-0.12' into elinks-0.13
Conflicts:

	po/pl.po
2008-01-22 01:09:18 +02:00
Kalle Olavi Niemitalo
e5922e4fe1 Bug 997: Fix unlikely stack corruption in get_pasv_socket.
It is unlikely because the standard members of struct sockaddr_in
(sin_family, sin_port, sin_addr) already require at least 8 bytes
and I don't know of any system that has size_t larger than that.
Besides, at least glibc pads the structure to 16 bytes.
2008-01-22 00:42:13 +02:00
Kalle Olavi Niemitalo
0c1b52637f get_pasv_socket: Use AF_INET6 when appropriate.
When get_pasv6_socket was merged into get_pasv_socket on 2005-04-15,
the AF_INET6 of get_pasv6_socket was lost and the merged function
always returned AF_INET sockets.  This then made getsockname fill
only part of the struct sockaddr_in6, and ELinks sent to the server
an EPRT command that had half the bits missing from the IPv6 address.
At least ftp.funet.fi then rejected the command, helpfully saying
what the address should have been.

This commit fixes active FTP over IPv6.  Passive FTP was already fixed
in 0.11.3.GIT (887d650efe), on 2007-05-01.
2008-01-22 00:41:25 +02:00
Miciah Dashiel Butler Masters
a197bde2f6 Really retry forever when connection.retries = 0
This feature has been broken since zas backported it from Links 0.99pre3 2003-04-20.
2007-09-26 16:18:59 +00:00
Miciah Dashiel Butler Masters
aced375440 Really retry forever when connection.retries = 0
This feature has been broken since zas backported it from Links 0.99pre3 2003-04-20.
2007-09-26 16:18:24 +00:00
Miciah Dashiel Butler Masters
ea372bd0cd get_opt_*: Add ses parameter
Add a session parameter to get_opt_ and its wrappers in preparation for session-specific and domain-specific options.
2007-08-28 17:24:59 +00:00
Kalle Olavi Niemitalo
96176a8c77 Declare element types of lists. 2007-07-26 22:47:23 +03:00
Kalle Olavi Niemitalo
146c42dcaa Win32: Get socklen_t from <ws2tcpip.h>. 2007-07-18 00:41:08 +03:00
Kalle Olavi Niemitalo
90518c7d23 Bug 920, move_download: Sort the queue before calling cancel_download. 2007-06-23 23:28:54 +03:00
Kalle Olavi Niemitalo
a38cc74ee0 Change connection.pri[] to int, reverting part of 7215c964e4.
Revert part of commit 7215c964e40afe953787d7831b04182fbaba4662,
"Use real types (enum connection_{state,priority})." of 2005-06-14.

connection.pri[] is indexed by enum connection_priority, but its
elements are merely reference counts; they are never assigned from
or compared to enum connection_priority.  Defining the elements
as int will result in more readable output from GDB.

Noted in bug 920.
2007-06-23 18:08:08 +03:00
Kalle Olavi Niemitalo
c0f488251f Revert 2d6840b9, "Only set the socket protocol family on success."
Revert commit 2d6840b9bd9d3a7a45a5ad92b4e98ff7224d6d97.  It is causing
passive FTP via IPv6 to fail on ftp.funet.fi.  ELinks sends PASV and
the server says "425 You cannot use PASV on IPv6 connections. Use EPSV
instead."
2007-04-30 09:08:20 +03:00
Kalle Olavi Niemitalo
2f25d3e57c Bug 712, ssl_set_no_tls: Disable TLS protocols for GnuTLS too.
And log this in NEWS, although that may have to be reverted later if
it turns out this change just hides a real bug elsewhere in ELinks.
2007-04-21 13:58:20 +03:00
Simon Josefsson
82edb1f892 Use gnutls_set_default_priority.
Thereby enabling TLS 1.2 on GnuTLS versions that support it.
2007-04-21 13:30:34 +03:00
Kalle Olavi Niemitalo
801d520ddd Fix compiler errors without HAVE_VARIADIC_MACROS. 2007-03-11 12:22:02 +02:00
Kalle Olavi Niemitalo
80a3019a2f fsp: Comment about connection.data_socket. 2007-03-05 19:34:19 +02:00
Kalle Olavi Niemitalo
3651a53e58 do_real_lookup: Assert that ai_addrlen <= sizeof(struct sockaddr_storage). 2007-02-17 22:21:56 +02:00
Kalle Olavi Niemitalo
543b0f6768 Make msg_dsc[] static const. 2007-02-04 13:40:46 +02:00
Kalle Olavi Niemitalo
bddafe5f7e Document how timer callbacks erase timer IDs; add some assertions.
Tangential to bug 868.
2006-12-02 18:35:03 +02:00
Jonas Fonseca
b61d8d06d9 Fix crashes with various bogus BitTorrent URLs
... mainly bittorrent:// and bittorrent://x

The BitTorrent URL is supposed to contain an embedded URL pointing to a
metainfo file. If this is not the case a "custom" error message will be
shown. Also fixes calling of free_list() on an uninitialized list.

Closes bug 729.
2006-11-06 16:24:07 +01:00
Miciah Dashiel Butler Masters
f7fba1b8e4 Use DNS_ERROR instead of -1 where appropriate 2006-10-20 23:10:36 +00:00
Jonas Fonseca
b9d66bd9bd Fix compilation on Minix3
- Include arpa/inet.h to get hton* ntoh* functions.
 - Use socklen_t instead of int.
 - Try to define PF_INET to AF_INET if it doesn't exist.

Reported-by: Andy Tanenbaum <ast@cs.vu.nl>
2006-08-22 22:18:00 +02:00