1
/***************************************************************************
2
 *                                  _   _ ____  _
3
 *  Project                     ___| | | |  _ \| |
4
 *                             / __| | | | |_) | |
5
 *                            | (__| |_| |  _ <| |___
6
 *                             \___|\___/|_| \_\_____|
7
 *
8
 * Copyright (C) Daniel Stenberg, <[email protected]>, et al.
9
 *
10
 * This software is licensed as described in the file COPYING, which
11
 * you should have received as part of this distribution. The terms
12
 * are also available at https://curl.se/docs/copyright.html.
13
 *
14
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15
 * copies of the Software, and permit persons to whom the Software is
16
 * furnished to do so, under the terms of the COPYING file.
17
 *
18
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19
 * KIND, either express or implied.
20
 *
21
 * SPDX-License-Identifier: curl
22
 *
23
 ***************************************************************************/
24

25
#include "curl_setup.h"
26

27
#ifdef HAVE_NETINET_IN_H
28
#include <netinet/in.h> /* <netinet/tcp.h> may need it */
29
#endif
30
#ifdef HAVE_SYS_UN_H
31
#include <sys/un.h> /* for sockaddr_un */
32
#endif
33
#ifdef HAVE_LINUX_TCP_H
34
#include <linux/tcp.h>
35
#elif defined(HAVE_NETINET_TCP_H)
36
#include <netinet/tcp.h>
37
#endif
38
#ifdef HAVE_NETINET_UDP_H
39
#include <netinet/udp.h>
40
#endif
41
#ifdef HAVE_SYS_IOCTL_H
42
#include <sys/ioctl.h>
43
#endif
44
#ifdef HAVE_NETDB_H
45
#include <netdb.h>
46
#endif
47
#ifdef HAVE_ARPA_INET_H
48
#include <arpa/inet.h>
49
#endif
50

51
#ifdef __VMS
52
#include <in.h>
53
#include <inet.h>
54
#endif
55

56
#ifdef __DragonFly__
57
/* Required for __DragonFly_version */
58
#include <sys/param.h>
59
#endif
60

61
#include "urldata.h"
62
#include "bufq.h"
63
#include "sendf.h"
64
#include "if2ip.h"
65
#include "cfilters.h"
66
#include "cf-socket.h"
67
#include "connect.h"
68
#include "select.h"
69
#include "url.h" /* for Curl_safefree() */
70
#include "multiif.h"
71
#include "sockaddr.h" /* required for Curl_sockaddr_storage */
72
#include "curlx/inet_pton.h"
73
#include "progress.h"
74
#include "curlx/warnless.h"
75
#include "conncache.h"
76
#include "multihandle.h"
77
#include "rand.h"
78
#include "share.h"
79
#include "strdup.h"
80
#include "system_win32.h"
81
#include "curlx/version_win32.h"
82
#include "curlx/strerr.h"
83
#include "curlx/strparse.h"
84

85
/* The last 2 #include files should be in this order */
86
#include "curl_memory.h"
87
#include "memdebug.h"
88

89

90
#if defined(USE_IPV6) && defined(IPV6_V6ONLY) && defined(_WIN32)
91
/* It makes support for IPv4-mapped IPv6 addresses.
92
 * Linux kernel, NetBSD, FreeBSD and Darwin: default is off;
93
 * Windows Vista and later: default is on;
94
 * DragonFly BSD: acts like off, and dummy setting;
95
 * OpenBSD and earlier Windows: unsupported.
96
 * Linux: controlled by /proc/sys/net/ipv6/bindv6only.
97
 */
98
static void set_ipv6_v6only(curl_socket_t sockfd, int on)
99
{
100
  (void)setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&on, sizeof(on));
101
}
102
#else
103
#define set_ipv6_v6only(x,y)
104
#endif
105

106
static void tcpnodelay(struct Curl_easy *data, curl_socket_t sockfd)
107
{
108
#if defined(TCP_NODELAY) && defined(CURL_TCP_NODELAY_SUPPORTED)
109
  curl_socklen_t onoff = (curl_socklen_t) 1;
110
  int level = IPPROTO_TCP;
111
  char buffer[STRERROR_LEN];
112

113
  if(setsockopt(sockfd, level, TCP_NODELAY,
114
                (void *)&onoff, sizeof(onoff)) < 0)
115
    infof(data, "Could not set TCP_NODELAY: %s",
116
          curlx_strerror(SOCKERRNO, buffer, sizeof(buffer)));
117
#else
118
  (void)data;
119
  (void)sockfd;
120
#endif
121
}
122

123
#ifdef SO_NOSIGPIPE
124
/* The preferred method on macOS (10.2 and later) to prevent SIGPIPEs when
125
   sending data to a dead peer (instead of relying on the 4th argument to send
126
   being MSG_NOSIGNAL). Possibly also existing and in use on other BSD
127
   systems? */
128
static void nosigpipe(struct Curl_easy *data,
129
                      curl_socket_t sockfd)
130
{
131
  int onoff = 1;
132
  (void)data;
133
  if(setsockopt(sockfd, SOL_SOCKET, SO_NOSIGPIPE,
134
                (void *)&onoff, sizeof(onoff)) < 0) {
135
#ifndef CURL_DISABLE_VERBOSE_STRINGS
136
    char buffer[STRERROR_LEN];
137
    infof(data, "Could not set SO_NOSIGPIPE: %s",
138
          curlx_strerror(SOCKERRNO, buffer, sizeof(buffer)));
139
#endif
140
  }
141
}
142
#else
143
#define nosigpipe(x,y) Curl_nop_stmt
144
#endif
145

146
#if defined(USE_WINSOCK) && \
147
    defined(TCP_KEEPIDLE) && defined(TCP_KEEPINTVL) && defined(TCP_KEEPCNT)
148
/*  Win 10, v 1709 (10.0.16299) and later can use SetSockOpt TCP_KEEP____
149
 *  so should use seconds */
150
#define CURL_WINSOCK_KEEP_SSO
151
#define KEEPALIVE_FACTOR(x)
152
#elif defined(USE_WINSOCK) || \
153
   (defined(__sun) && !defined(TCP_KEEPIDLE)) || \
154
   (defined(__DragonFly__) && __DragonFly_version < 500702) || \
155
   (defined(_WIN32) && !defined(TCP_KEEPIDLE))
156
/* Solaris < 11.4, DragonFlyBSD < 500702 and Windows < 10.0.16299
157
 * use millisecond units. */
158
#define KEEPALIVE_FACTOR(x) (x *= 1000)
159
#else
160
#define KEEPALIVE_FACTOR(x)
161
#endif
162

163
/* Offered by mingw-w64 and MS SDK. Latter only when targeting Win7+. */
164
#if defined(USE_WINSOCK) && !defined(SIO_KEEPALIVE_VALS)
165
#define SIO_KEEPALIVE_VALS    _WSAIOW(IOC_VENDOR,4)
166

167
struct tcp_keepalive {
168
  u_long onoff;
169
  u_long keepalivetime;
170
  u_long keepaliveinterval;
171
};
172
#endif
173

174
static void
175
tcpkeepalive(struct Curl_easy *data,
176
             curl_socket_t sockfd)
177
{
178
  int optval = data->set.tcp_keepalive ? 1 : 0;
179

180
  /* only set IDLE and INTVL if setting KEEPALIVE is successful */
181
  if(setsockopt(sockfd, SOL_SOCKET, SO_KEEPALIVE,
182
                (void *)&optval, sizeof(optval)) < 0) {
183
    infof(data, "Failed to set SO_KEEPALIVE on fd "
184
          "%" FMT_SOCKET_T ": errno %d",
185
          sockfd, SOCKERRNO);
186
  }
187
  else {
188
#ifdef SIO_KEEPALIVE_VALS /* Windows */
189
/* Windows 10, version 1709 (10.0.16299) and later versions */
190
#ifdef CURL_WINSOCK_KEEP_SSO
191
    optval = curlx_sltosi(data->set.tcp_keepidle);
192
    KEEPALIVE_FACTOR(optval);
193
    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPIDLE,
194
                (const char *)&optval, sizeof(optval)) < 0) {
195
      infof(data, "Failed to set TCP_KEEPIDLE on fd "
196
            "%" FMT_SOCKET_T ": errno %d",
197
            sockfd, SOCKERRNO);
198
    }
199
    optval = curlx_sltosi(data->set.tcp_keepintvl);
200
    KEEPALIVE_FACTOR(optval);
201
    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPINTVL,
202
                (const char *)&optval, sizeof(optval)) < 0) {
203
      infof(data, "Failed to set TCP_KEEPINTVL on fd "
204
            "%" FMT_SOCKET_T ": errno %d",
205
            sockfd, SOCKERRNO);
206
    }
207
    optval = curlx_sltosi(data->set.tcp_keepcnt);
208
    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPCNT,
209
                (const char *)&optval, sizeof(optval)) < 0) {
210
      infof(data, "Failed to set TCP_KEEPCNT on fd "
211
            "%" FMT_SOCKET_T ": errno %d",
212
            sockfd, SOCKERRNO);
213
    }
214
#else /* Windows < 10.0.16299 */
215
    struct tcp_keepalive vals;
216
    DWORD dummy;
217
    vals.onoff = 1;
218
    optval = curlx_sltosi(data->set.tcp_keepidle);
219
    KEEPALIVE_FACTOR(optval);
220
    vals.keepalivetime = (u_long)optval;
221
    optval = curlx_sltosi(data->set.tcp_keepintvl);
222
    KEEPALIVE_FACTOR(optval);
223
    vals.keepaliveinterval = (u_long)optval;
224
    if(WSAIoctl(sockfd, SIO_KEEPALIVE_VALS, (LPVOID) &vals, sizeof(vals),
225
                NULL, 0, &dummy, NULL, NULL) != 0) {
226
      infof(data, "Failed to set SIO_KEEPALIVE_VALS on fd "
227
            "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
228
    }
229
#endif
230
#else /* !Windows */
231
#ifdef TCP_KEEPIDLE
232
    optval = curlx_sltosi(data->set.tcp_keepidle);
233
    KEEPALIVE_FACTOR(optval);
234
    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPIDLE,
235
                  (void *)&optval, sizeof(optval)) < 0) {
236
      infof(data, "Failed to set TCP_KEEPIDLE on fd "
237
            "%" FMT_SOCKET_T ": errno %d",
238
            sockfd, SOCKERRNO);
239
    }
240
#elif defined(TCP_KEEPALIVE)
241
    /* macOS style */
242
    optval = curlx_sltosi(data->set.tcp_keepidle);
243
    KEEPALIVE_FACTOR(optval);
244
    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPALIVE,
245
                  (void *)&optval, sizeof(optval)) < 0) {
246
      infof(data, "Failed to set TCP_KEEPALIVE on fd "
247
            "%" FMT_SOCKET_T ": errno %d",
248
            sockfd, SOCKERRNO);
249
    }
250
#elif defined(TCP_KEEPALIVE_THRESHOLD)
251
    /* Solaris <11.4 style */
252
    optval = curlx_sltosi(data->set.tcp_keepidle);
253
    KEEPALIVE_FACTOR(optval);
254
    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPALIVE_THRESHOLD,
255
                  (void *)&optval, sizeof(optval)) < 0) {
256
      infof(data, "Failed to set TCP_KEEPALIVE_THRESHOLD on fd "
257
            "%" FMT_SOCKET_T ": errno %d",
258
            sockfd, SOCKERRNO);
259
    }
260
#endif
261
#ifdef TCP_KEEPINTVL
262
    optval = curlx_sltosi(data->set.tcp_keepintvl);
263
    KEEPALIVE_FACTOR(optval);
264
    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPINTVL,
265
                  (void *)&optval, sizeof(optval)) < 0) {
266
      infof(data, "Failed to set TCP_KEEPINTVL on fd "
267
            "%" FMT_SOCKET_T ": errno %d",
268
            sockfd, SOCKERRNO);
269
    }
270
#elif defined(TCP_KEEPALIVE_ABORT_THRESHOLD)
271
    /* Solaris <11.4 style */
272
    /* TCP_KEEPALIVE_ABORT_THRESHOLD should equal to
273
     * TCP_KEEPCNT * TCP_KEEPINTVL on other platforms.
274
     * The default value of TCP_KEEPCNT is 9 on Linux,
275
     * 8 on *BSD/macOS, 5 or 10 on Windows. We use the
276
     * default config for Solaris <11.4 because there is
277
     * no default value for TCP_KEEPCNT on Solaris 11.4.
278
     *
279
     * Note that the consequent probes will not be sent
280
     * at equal intervals on Solaris, but will be sent
281
     * using the exponential backoff algorithm. */
282
    optval = curlx_sltosi(data->set.tcp_keepcnt) *
283
             curlx_sltosi(data->set.tcp_keepintvl);
284
    KEEPALIVE_FACTOR(optval);
285
    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPALIVE_ABORT_THRESHOLD,
286
                  (void *)&optval, sizeof(optval)) < 0) {
287
      infof(data, "Failed to set TCP_KEEPALIVE_ABORT_THRESHOLD on fd "
288
            "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
289
    }
290
#endif
291
#ifdef TCP_KEEPCNT
292
    optval = curlx_sltosi(data->set.tcp_keepcnt);
293
    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPCNT,
294
                  (void *)&optval, sizeof(optval)) < 0) {
295
      infof(data, "Failed to set TCP_KEEPCNT on fd "
296
            "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
297
    }
298
#endif
299
#endif
300
  }
301
}
302

303
/**
304
 * Assign the address `ai` to the Curl_sockaddr_ex `dest` and
305
 * set the transport used.
306
 */
307
static CURLcode sock_assign_addr(struct Curl_sockaddr_ex *dest,
308
                                 const struct Curl_addrinfo *ai,
309
                                 int transport)
310
{
311
  /*
312
   * The Curl_sockaddr_ex structure is basically libcurl's external API
313
   * curl_sockaddr structure with enough space available to directly hold
314
   * any protocol-specific address structures. The variable declared here
315
   * will be used to pass / receive data to/from the fopensocket callback
316
   * if this has been set, before that, it is initialized from parameters.
317
   */
318
  dest->family = ai->ai_family;
319
  switch(transport) {
320
  case TRNSPRT_TCP:
321
    dest->socktype = SOCK_STREAM;
322
    dest->protocol = IPPROTO_TCP;
323
    break;
324
  case TRNSPRT_UNIX:
325
    dest->socktype = SOCK_STREAM;
326
    dest->protocol = IPPROTO_IP;
327
    break;
328
  default: /* UDP and QUIC */
329
    dest->socktype = SOCK_DGRAM;
330
    dest->protocol = IPPROTO_UDP;
331
    break;
332
  }
333
  dest->addrlen = (unsigned int)ai->ai_addrlen;
334

335
  DEBUGASSERT(dest->addrlen <= sizeof(dest->curl_sa_addrbuf));
336
  if(dest->addrlen > sizeof(dest->curl_sa_addrbuf))
337
    return CURLE_TOO_LARGE;
338

339
  memcpy(&dest->curl_sa_addrbuf, ai->ai_addr, dest->addrlen);
340
  return CURLE_OK;
341
}
342

343
static CURLcode socket_open(struct Curl_easy *data,
344
                            struct Curl_sockaddr_ex *addr,
345
                            curl_socket_t *sockfd)
346
{
347
  char errbuf[STRERROR_LEN];
348

349
  DEBUGASSERT(data);
350
  DEBUGASSERT(data->conn);
351
  if(data->set.fopensocket) {
352
   /*
353
    * If the opensocket callback is set, all the destination address
354
    * information is passed to the callback. Depending on this information the
355
    * callback may opt to abort the connection, this is indicated returning
356
    * CURL_SOCKET_BAD; otherwise it will return a not-connected socket. When
357
    * the callback returns a valid socket the destination address information
358
    * might have been changed and this 'new' address will actually be used
359
    * here to connect.
360
    */
361
    Curl_set_in_callback(data, TRUE);
362
    *sockfd = data->set.fopensocket(data->set.opensocket_client,
363
                                    CURLSOCKTYPE_IPCXN,
364
                                    (struct curl_sockaddr *)addr);
365
    Curl_set_in_callback(data, FALSE);
366
  }
367
  else {
368
    /* opensocket callback not set, so simply create the socket now */
369
    *sockfd = CURL_SOCKET(addr->family, addr->socktype, addr->protocol);
370
  }
371

372
  if(*sockfd == CURL_SOCKET_BAD) {
373
    /* no socket, no connection */
374
    failf(data, "failed to open socket: %s",
375
          curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf)));
376
    return CURLE_COULDNT_CONNECT;
377
  }
378

379
#ifdef HAVE_FCNTL
380
  if(fcntl(*sockfd, F_SETFD, FD_CLOEXEC) < 0) {
381
    failf(data, "fcntl set CLOEXEC: %s",
382
          curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf)));
383
    close(*sockfd);
384
    *sockfd = CURL_SOCKET_BAD;
385
    return CURLE_COULDNT_CONNECT;
386
  }
387
#endif
388

389
#if defined(USE_IPV6) && defined(HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID)
390
  if(data->conn->scope_id && (addr->family == AF_INET6)) {
391
    struct sockaddr_in6 * const sa6 = (void *)&addr->curl_sa_addr;
392
    sa6->sin6_scope_id = data->conn->scope_id;
393
  }
394
#endif
395
  return CURLE_OK;
396
}
397

398
/*
399
 * Create a socket based on info from 'conn' and 'ai'.
400
 *
401
 * 'addr' should be a pointer to the correct struct to get data back, or NULL.
402
 * 'sockfd' must be a pointer to a socket descriptor.
403
 *
404
 * If the open socket callback is set, used that!
405
 *
406
 */
407
CURLcode Curl_socket_open(struct Curl_easy *data,
408
                          const struct Curl_addrinfo *ai,
409
                          struct Curl_sockaddr_ex *addr,
410
                          int transport,
411
                          curl_socket_t *sockfd)
412
{
413
  struct Curl_sockaddr_ex dummy;
414
  CURLcode result;
415

416
  if(!addr)
417
    /* if the caller does not want info back, use a local temp copy */
418
    addr = &dummy;
419

420
  result = sock_assign_addr(addr, ai, transport);
421
  if(result)
422
    return result;
423

424
  return socket_open(data, addr, sockfd);
425
}
426

427
static int socket_close(struct Curl_easy *data, struct connectdata *conn,
428
                        int use_callback, curl_socket_t sock)
429
{
430
  if(CURL_SOCKET_BAD == sock)
431
    return 0;
432

433
  if(use_callback && conn && conn->fclosesocket) {
434
    int rc;
435
    Curl_multi_will_close(data, sock);
436
    Curl_set_in_callback(data, TRUE);
437
    rc = conn->fclosesocket(conn->closesocket_client, sock);
438
    Curl_set_in_callback(data, FALSE);
439
    return rc;
440
  }
441

442
  if(conn)
443
    /* tell the multi-socket code about this */
444
    Curl_multi_will_close(data, sock);
445

446
  sclose(sock);
447

448
  return 0;
449
}
450

451
/*
452
 * Close a socket.
453
 *
454
 * 'conn' can be NULL, beware!
455
 */
456
int Curl_socket_close(struct Curl_easy *data, struct connectdata *conn,
457
                      curl_socket_t sock)
458
{
459
  return socket_close(data, conn, FALSE, sock);
460
}
461

462
#ifdef USE_WINSOCK
463
/* When you run a program that uses the Windows Sockets API, you may
464
   experience slow performance when you copy data to a TCP server.
465

466
   https://learn.microsoft.com/troubleshoot/windows-server/networking/slow-performance-copy-data-tcp-server-sockets-api
467

468
   Work-around: Make the Socket Send Buffer Size Larger Than the Program Send
469
   Buffer Size
470

471
   The problem described in this knowledge-base is applied only to pre-Vista
472
   Windows. Following function trying to detect OS version and skips
473
   SO_SNDBUF adjustment for Windows Vista and above.
474
*/
475

476
void Curl_sndbuf_init(curl_socket_t sockfd)
477
{
478
  int val = CURL_MAX_WRITE_SIZE + 32;
479
  int curval = 0;
480
  int curlen = sizeof(curval);
481

482
  if(Curl_isVistaOrGreater)
483
    return;
484

485
  if(getsockopt(sockfd, SOL_SOCKET, SO_SNDBUF, (char *)&curval, &curlen) == 0)
486
    if(curval > val)
487
      return;
488

489
  setsockopt(sockfd, SOL_SOCKET, SO_SNDBUF, (const char *)&val, sizeof(val));
490
}
491
#endif /* USE_WINSOCK */
492

493
/*
494
 * Curl_parse_interface()
495
 *
496
 * This is used to parse interface argument in the following formats.
497
 * In all the examples, `host` can be an IP address or a hostname.
498
 *
499
 *   <iface_or_host> - can be either an interface name or a host.
500
 *   if!<iface> - interface name.
501
 *   host!<host> - hostname.
502
 *   ifhost!<iface>!<host> - interface name and hostname.
503
 *
504
 * Parameters:
505
 *
506
 * input  [in]     - input string.
507
 * len    [in]     - length of the input string.
508
 * dev    [in/out] - address where a pointer to newly allocated memory
509
 *                   holding the interface-or-host will be stored upon
510
 *                   completion.
511
 * iface  [in/out] - address where a pointer to newly allocated memory
512
 *                   holding the interface will be stored upon completion.
513
 * host   [in/out] - address where a pointer to newly allocated memory
514
 *                   holding the host will be stored upon completion.
515
 *
516
 * Returns CURLE_OK on success.
517
 */
518
CURLcode Curl_parse_interface(const char *input,
519
                              char **dev, char **iface, char **host)
520
{
521
  static const char if_prefix[] = "if!";
522
  static const char host_prefix[] = "host!";
523
  static const char if_host_prefix[] = "ifhost!";
524
  size_t len;
525

526
  DEBUGASSERT(dev);
527
  DEBUGASSERT(iface);
528
  DEBUGASSERT(host);
529

530
  len = strlen(input);
531
  if(len > 512)
532
    return CURLE_BAD_FUNCTION_ARGUMENT;
533

534
  if(!strncmp(if_prefix, input, strlen(if_prefix))) {
535
    input += strlen(if_prefix);
536
    if(!*input)
537
      return CURLE_BAD_FUNCTION_ARGUMENT;
538
    *iface = Curl_memdup0(input, len - strlen(if_prefix));
539
    return *iface ? CURLE_OK : CURLE_OUT_OF_MEMORY;
540
  }
541
  else if(!strncmp(host_prefix, input, strlen(host_prefix))) {
542
    input += strlen(host_prefix);
543
    if(!*input)
544
      return CURLE_BAD_FUNCTION_ARGUMENT;
545
    *host = Curl_memdup0(input, len - strlen(host_prefix));
546
    return *host ? CURLE_OK : CURLE_OUT_OF_MEMORY;
547
  }
548
  else if(!strncmp(if_host_prefix, input, strlen(if_host_prefix))) {
549
    const char *host_part;
550
    input += strlen(if_host_prefix);
551
    len -= strlen(if_host_prefix);
552
    host_part = memchr(input, '!', len);
553
    if(!host_part || !*(host_part + 1))
554
      return CURLE_BAD_FUNCTION_ARGUMENT;
555
    *iface = Curl_memdup0(input, host_part - input);
556
    if(!*iface)
557
      return CURLE_OUT_OF_MEMORY;
558
    ++host_part;
559
    *host = Curl_memdup0(host_part, len - (host_part - input));
560
    if(!*host) {
561
      free(*iface);
562
      *iface = NULL;
563
      return CURLE_OUT_OF_MEMORY;
564
    }
565
    return CURLE_OK;
566
  }
567

568
  if(!*input)
569
    return CURLE_BAD_FUNCTION_ARGUMENT;
570
  *dev = Curl_memdup0(input, len);
571
  return *dev ? CURLE_OK : CURLE_OUT_OF_MEMORY;
572
}
573

574
#ifndef CURL_DISABLE_BINDLOCAL
575
static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn,
576
                          curl_socket_t sockfd, int af, unsigned int scope)
577
{
578
  struct Curl_sockaddr_storage sa;
579
  struct sockaddr *sock = (struct sockaddr *)&sa;  /* bind to this address */
580
  curl_socklen_t sizeof_sa = 0; /* size of the data sock points to */
581
  struct sockaddr_in *si4 = (struct sockaddr_in *)&sa;
582
#ifdef USE_IPV6
583
  struct sockaddr_in6 *si6 = (struct sockaddr_in6 *)&sa;
584
#endif
585

586
  struct Curl_dns_entry *h = NULL;
587
  unsigned short port = data->set.localport; /* use this port number, 0 for
588
                                                "random" */
589
  /* how many port numbers to try to bind to, increasing one at a time */
590
  int portnum = data->set.localportrange;
591
  const char *dev = data->set.str[STRING_DEVICE];
592
  const char *iface_input = data->set.str[STRING_INTERFACE];
593
  const char *host_input = data->set.str[STRING_BINDHOST];
594
  const char *iface = iface_input ? iface_input : dev;
595
  const char *host = host_input ? host_input : dev;
596
  int error;
597
#ifdef IP_BIND_ADDRESS_NO_PORT
598
  int on = 1;
599
#endif
600
#ifndef USE_IPV6
601
  (void)scope;
602
#endif
603

604
  /*************************************************************
605
   * Select device to bind socket to
606
   *************************************************************/
607
  if(!iface && !host && !port)
608
    /* no local kind of binding was requested */
609
    return CURLE_OK;
610
  else if(iface && (strlen(iface) >= 255) )
611
    return CURLE_BAD_FUNCTION_ARGUMENT;
612

613
  memset(&sa, 0, sizeof(struct Curl_sockaddr_storage));
614

615
  if(iface || host) {
616
    char myhost[256] = "";
617
    int done = 0; /* -1 for error, 1 for address found */
618
    if2ip_result_t if2ip_result = IF2IP_NOT_FOUND;
619

620
#ifdef SO_BINDTODEVICE
621
    if(iface) {
622
      /*
623
       * This binds the local socket to a particular interface. This will
624
       * force even requests to other local interfaces to go out the external
625
       * interface. Only bind to the interface when specified as interface,
626
       * not just as a hostname or ip address.
627
       *
628
       * The interface might be a VRF, eg: vrf-blue, which means it cannot be
629
       * converted to an IP address and would fail Curl_if2ip. Simply try to
630
       * use it straight away.
631
       */
632
      if(setsockopt(sockfd, SOL_SOCKET, SO_BINDTODEVICE,
633
                    iface, (curl_socklen_t)strlen(iface) + 1) == 0) {
634
        /* This is often "errno 1, error: Operation not permitted" if you are
635
         * not running as root or another suitable privileged user. If it
636
         * succeeds it means the parameter was a valid interface and not an IP
637
         * address. Return immediately.
638
         */
639
        if(!host_input) {
640
          infof(data, "socket successfully bound to interface '%s'", iface);
641
          return CURLE_OK;
642
        }
643
      }
644
    }
645
#endif
646
    if(!host_input) {
647
      /* Discover IP from input device, then bind to it */
648
      if2ip_result = Curl_if2ip(af,
649
#ifdef USE_IPV6
650
                      scope, conn->scope_id,
651
#endif
652
                      iface, myhost, sizeof(myhost));
653
    }
654
    switch(if2ip_result) {
655
      case IF2IP_NOT_FOUND:
656
        if(iface_input && !host_input) {
657
          /* Do not fall back to treating it as a hostname */
658
          char buffer[STRERROR_LEN];
659
          data->state.os_errno = error = SOCKERRNO;
660
          failf(data, "Couldn't bind to interface '%s' with errno %d: %s",
661
                iface, error, curlx_strerror(error, buffer, sizeof(buffer)));
662
          return CURLE_INTERFACE_FAILED;
663
        }
664
        break;
665
      case IF2IP_AF_NOT_SUPPORTED:
666
        /* Signal the caller to try another address family if available */
667
        return CURLE_UNSUPPORTED_PROTOCOL;
668
      case IF2IP_FOUND:
669
        /*
670
          * We now have the numerical IP address in the 'myhost' buffer
671
          */
672
        host = myhost;
673
        infof(data, "Local Interface %s is ip %s using address family %i",
674
              iface, host, af);
675
        done = 1;
676
        break;
677
    }
678
    if(!iface_input || host_input) {
679
      /*
680
       * This was not an interface, resolve the name as a hostname
681
       * or IP number
682
       *
683
       * Temporarily force name resolution to use only the address type
684
       * of the connection. The resolve functions should really be changed
685
       * to take a type parameter instead.
686
       */
687
      int ip_version = (af == AF_INET) ?
688
                       CURL_IPRESOLVE_V4 : CURL_IPRESOLVE_WHATEVER;
689
#ifdef USE_IPV6
690
      if(af == AF_INET6)
691
        ip_version = CURL_IPRESOLVE_V6;
692
#endif
693

694
      (void)Curl_resolv_blocking(data, host, 80, ip_version, &h);
695
      if(h) {
696
        int h_af = h->addr->ai_family;
697
        /* convert the resolved address, sizeof myhost >= INET_ADDRSTRLEN */
698
        Curl_printable_address(h->addr, myhost, sizeof(myhost));
699
        infof(data, "Name '%s' family %i resolved to '%s' family %i",
700
              host, af, myhost, h_af);
701
        Curl_resolv_unlink(data, &h); /* this will NULL, potential free h */
702
        if(af != h_af) {
703
          /* bad IP version combo, signal the caller to try another address
704
             family if available */
705
          return CURLE_UNSUPPORTED_PROTOCOL;
706
        }
707
        done = 1;
708
      }
709
      else {
710
        /*
711
         * provided dev was no interface (or interfaces are not supported
712
         * e.g. Solaris) no ip address and no domain we fail here
713
         */
714
        done = -1;
715
      }
716
    }
717

718
    if(done > 0) {
719
#ifdef USE_IPV6
720
      /* IPv6 address */
721
      if(af == AF_INET6) {
722
#ifdef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
723
        char *scope_ptr = strchr(myhost, '%');
724
        if(scope_ptr)
725
          *(scope_ptr++) = '\0';
726
#endif
727
        if(curlx_inet_pton(AF_INET6, myhost, &si6->sin6_addr) > 0) {
728
          si6->sin6_family = AF_INET6;
729
          si6->sin6_port = htons(port);
730
#ifdef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
731
          if(scope_ptr) {
732
            /* The "myhost" string either comes from Curl_if2ip or from
733
               Curl_printable_address. The latter returns only numeric scope
734
               IDs and the former returns none at all. So the scope ID, if
735
               present, is known to be numeric */
736
            curl_off_t scope_id;
737
            if(curlx_str_number((const char **)CURL_UNCONST(&scope_ptr),
738
                               &scope_id, UINT_MAX))
739
              return CURLE_UNSUPPORTED_PROTOCOL;
740
            si6->sin6_scope_id = (unsigned int)scope_id;
741
          }
742
#endif
743
        }
744
        sizeof_sa = sizeof(struct sockaddr_in6);
745
      }
746
      else
747
#endif
748
      /* IPv4 address */
749
      if((af == AF_INET) &&
750
         (curlx_inet_pton(AF_INET, myhost, &si4->sin_addr) > 0)) {
751
        si4->sin_family = AF_INET;
752
        si4->sin_port = htons(port);
753
        sizeof_sa = sizeof(struct sockaddr_in);
754
      }
755
    }
756

757
    if(done < 1) {
758
      /* errorbuf is set false so failf will overwrite any message already in
759
         the error buffer, so the user receives this error message instead of a
760
         generic resolve error. */
761
      char buffer[STRERROR_LEN];
762
      data->state.errorbuf = FALSE;
763
      data->state.os_errno = error = SOCKERRNO;
764
      failf(data, "Couldn't bind to '%s' with errno %d: %s", host,
765
            error, curlx_strerror(error, buffer, sizeof(buffer)));
766
      return CURLE_INTERFACE_FAILED;
767
    }
768
  }
769
  else {
770
    /* no device was given, prepare sa to match af's needs */
771
#ifdef USE_IPV6
772
    if(af == AF_INET6) {
773
      si6->sin6_family = AF_INET6;
774
      si6->sin6_port = htons(port);
775
      sizeof_sa = sizeof(struct sockaddr_in6);
776
    }
777
    else
778
#endif
779
    if(af == AF_INET) {
780
      si4->sin_family = AF_INET;
781
      si4->sin_port = htons(port);
782
      sizeof_sa = sizeof(struct sockaddr_in);
783
    }
784
  }
785
#ifdef IP_BIND_ADDRESS_NO_PORT
786
  (void)setsockopt(sockfd, SOL_IP, IP_BIND_ADDRESS_NO_PORT, &on, sizeof(on));
787
#endif
788
  for(;;) {
789
    if(bind(sockfd, sock, sizeof_sa) >= 0) {
790
      /* we succeeded to bind */
791
      infof(data, "Local port: %hu", port);
792
      conn->bits.bound = TRUE;
793
      return CURLE_OK;
794
    }
795

796
    if(--portnum > 0) {
797
      port++; /* try next port */
798
      if(port == 0)
799
        break;
800
      infof(data, "Bind to local port %d failed, trying next", port - 1);
801
      /* We reuse/clobber the port variable here below */
802
      if(sock->sa_family == AF_INET)
803
        si4->sin_port = htons(port);
804
#ifdef USE_IPV6
805
      else
806
        si6->sin6_port = htons(port);
807
#endif
808
    }
809
    else
810
      break;
811
  }
812
  {
813
    char buffer[STRERROR_LEN];
814
    data->state.os_errno = error = SOCKERRNO;
815
    failf(data, "bind failed with errno %d: %s",
816
          error, curlx_strerror(error, buffer, sizeof(buffer)));
817
  }
818

819
  return CURLE_INTERFACE_FAILED;
820
}
821
#endif
822

823
/*
824
 * verifyconnect() returns TRUE if the connect really has happened.
825
 */
826
static bool verifyconnect(curl_socket_t sockfd, int *error)
827
{
828
  bool rc = TRUE;
829
#ifdef SO_ERROR
830
  int err = 0;
831
  curl_socklen_t errSize = sizeof(err);
832

833
#ifdef _WIN32
834
  /*
835
   * In October 2003 we effectively nullified this function on Windows due to
836
   * problems with it using all CPU in multi-threaded cases.
837
   *
838
   * In May 2004, we brought it back to offer more info back on connect
839
   * failures. We could reproduce the former problems with this function, but
840
   * could avoid them by adding this SleepEx() call below:
841
   *
842
   *    "I do not have Rational Quantify, but the hint from his post was
843
   *    ntdll::NtRemoveIoCompletion(). I would assume the SleepEx (or maybe
844
   *    just Sleep(0) would be enough?) would release whatever
845
   *    mutex/critical-section the ntdll call is waiting on.
846
   *
847
   *    Someone got to verify this on Win-NT 4.0, 2000."
848
   */
849

850
#ifdef UNDER_CE
851
  Sleep(0);
852
#else
853
  SleepEx(0, FALSE);
854
#endif
855

856
#endif
857

858
  if(getsockopt(sockfd, SOL_SOCKET, SO_ERROR, (void *)&err, &errSize))
859
    err = SOCKERRNO;
860
#ifdef UNDER_CE
861
  /* Old Windows CE versions do not support SO_ERROR */
862
  if(WSAENOPROTOOPT == err) {
863
    SET_SOCKERRNO(0);
864
    err = 0;
865
  }
866
#endif
867
#if defined(EBADIOCTL) && defined(__minix)
868
  /* Minix 3.1.x does not support getsockopt on UDP sockets */
869
  if(EBADIOCTL == err) {
870
    SET_SOCKERRNO(0);
871
    err = 0;
872
  }
873
#endif
874
  if((err == 0) || (SOCKEISCONN == err))
875
    /* we are connected, awesome! */
876
    rc = TRUE;
877
  else
878
    /* This was not a successful connect */
879
    rc = FALSE;
880
  if(error)
881
    *error = err;
882
#else
883
  (void)sockfd;
884
  if(error)
885
    *error = SOCKERRNO;
886
#endif
887
  return rc;
888
}
889

890
/**
891
 * Determine the curl code for a socket connect() == -1 with errno.
892
 */
893
static CURLcode socket_connect_result(struct Curl_easy *data,
894
                                      const char *ipaddress, int error)
895
{
896
  switch(error) {
897
  case SOCKEINPROGRESS:
898
  case SOCKEWOULDBLOCK:
899
#ifdef EAGAIN
900
#if (EAGAIN) != (SOCKEWOULDBLOCK)
901
    /* On some platforms EAGAIN and EWOULDBLOCK are the
902
     * same value, and on others they are different, hence
903
     * the odd #if
904
     */
905
  case EAGAIN:
906
#endif
907
#endif
908
    return CURLE_OK;
909

910
  default:
911
    /* unknown error, fallthrough and try another address! */
912
#ifdef CURL_DISABLE_VERBOSE_STRINGS
913
    (void)ipaddress;
914
#else
915
    {
916
      char buffer[STRERROR_LEN];
917
      infof(data, "Immediate connect fail for %s: %s", ipaddress,
918
            curlx_strerror(error, buffer, sizeof(buffer)));
919
    }
920
#endif
921
    data->state.os_errno = error;
922
    /* connect failed */
923
    return CURLE_COULDNT_CONNECT;
924
  }
925
}
926

927
struct cf_socket_ctx {
928
  int transport;
929
  struct Curl_sockaddr_ex addr;      /* address to connect to */
930
  curl_socket_t sock;                /* current attempt socket */
931
  struct ip_quadruple ip;            /* The IP quadruple 2x(addr+port) */
932
  struct curltime started_at;        /* when socket was created */
933
  struct curltime connected_at;      /* when socket connected/got first byte */
934
  struct curltime first_byte_at;     /* when first byte was recvd */
935
#ifdef USE_WINSOCK
936
  struct curltime last_sndbuf_query_at;  /* when SO_SNDBUF last queried */
937
  ULONG sndbuf_size;                     /* the last set SO_SNDBUF size */
938
#endif
939
  int error;                         /* errno of last failure or 0 */
940
#ifdef DEBUGBUILD
941
  int wblock_percent;                /* percent of writes doing EAGAIN */
942
  int wpartial_percent;              /* percent of bytes written in send */
943
  int rblock_percent;                /* percent of reads doing EAGAIN */
944
  size_t recv_max;                  /* max enforced read size */
945
#endif
946
  BIT(got_first_byte);               /* if first byte was received */
947
  BIT(listening);                    /* socket is listening */
948
  BIT(accepted);                     /* socket was accepted, not connected */
949
  BIT(sock_connected);               /* socket is "connected", e.g. in UDP */
950
  BIT(active);
951
};
952

953
static CURLcode cf_socket_ctx_init(struct cf_socket_ctx *ctx,
954
                                   const struct Curl_addrinfo *ai,
955
                                   int transport)
956
{
957
  CURLcode result;
958

959
  memset(ctx, 0, sizeof(*ctx));
960
  ctx->sock = CURL_SOCKET_BAD;
961
  ctx->transport = transport;
962

963
  result = sock_assign_addr(&ctx->addr, ai, transport);
964
  if(result)
965
    return result;
966

967
#ifdef DEBUGBUILD
968
  {
969
    const char *p = getenv("CURL_DBG_SOCK_WBLOCK");
970
    if(p) {
971
      curl_off_t l;
972
      if(!curlx_str_number(&p, &l, 100))
973
        ctx->wblock_percent = (int)l;
974
    }
975
    p = getenv("CURL_DBG_SOCK_WPARTIAL");
976
    if(p) {
977
      curl_off_t l;
978
      if(!curlx_str_number(&p, &l, 100))
979
        ctx->wpartial_percent = (int)l;
980
    }
981
    p = getenv("CURL_DBG_SOCK_RBLOCK");
982
    if(p) {
983
      curl_off_t l;
984
      if(!curlx_str_number(&p, &l, 100))
985
        ctx->rblock_percent = (int)l;
986
    }
987
    p = getenv("CURL_DBG_SOCK_RMAX");
988
    if(p) {
989
      curl_off_t l;
990
      if(!curlx_str_number(&p, &l, CURL_OFF_T_MAX))
991
        ctx->recv_max = (size_t)l;
992
    }
993
  }
994
#endif
995

996
  return result;
997
}
998

999
static void cf_socket_close(struct Curl_cfilter *cf, struct Curl_easy *data)
1000
{
1001
  struct cf_socket_ctx *ctx = cf->ctx;
1002

1003
  if(ctx && CURL_SOCKET_BAD != ctx->sock) {
1004
    CURL_TRC_CF(data, cf, "cf_socket_close, fd=%" FMT_SOCKET_T, ctx->sock);
1005
    if(ctx->sock == cf->conn->sock[cf->sockindex])
1006
      cf->conn->sock[cf->sockindex] = CURL_SOCKET_BAD;
1007
    socket_close(data, cf->conn, !ctx->accepted, ctx->sock);
1008
    ctx->sock = CURL_SOCKET_BAD;
1009
    ctx->active = FALSE;
1010
    memset(&ctx->started_at, 0, sizeof(ctx->started_at));
1011
    memset(&ctx->connected_at, 0, sizeof(ctx->connected_at));
1012
  }
1013

1014
  cf->connected = FALSE;
1015
}
1016

1017
static CURLcode cf_socket_shutdown(struct Curl_cfilter *cf,
1018
                                   struct Curl_easy *data,
1019
                                   bool *done)
1020
{
1021
  if(cf->connected) {
1022
    struct cf_socket_ctx *ctx = cf->ctx;
1023

1024
    CURL_TRC_CF(data, cf, "cf_socket_shutdown, fd=%" FMT_SOCKET_T, ctx->sock);
1025
    /* On TCP, and when the socket looks well and non-blocking mode
1026
     * can be enabled, receive dangling bytes before close to avoid
1027
     * entering RST states unnecessarily. */
1028
    if(ctx->sock != CURL_SOCKET_BAD &&
1029
       ctx->transport == TRNSPRT_TCP &&
1030
       (curlx_nonblock(ctx->sock, TRUE) >= 0)) {
1031
      unsigned char buf[1024];
1032
      (void)sread(ctx->sock, buf, sizeof(buf));
1033
    }
1034
  }
1035
  *done = TRUE;
1036
  return CURLE_OK;
1037
}
1038

1039
static void cf_socket_destroy(struct Curl_cfilter *cf, struct Curl_easy *data)
1040
{
1041
  struct cf_socket_ctx *ctx = cf->ctx;
1042

1043
  cf_socket_close(cf, data);
1044
  CURL_TRC_CF(data, cf, "destroy");
1045
  free(ctx);
1046
  cf->ctx = NULL;
1047
}
1048

1049
static void set_local_ip(struct Curl_cfilter *cf,
1050
                         struct Curl_easy *data)
1051
{
1052
  struct cf_socket_ctx *ctx = cf->ctx;
1053
  ctx->ip.local_ip[0] = 0;
1054
  ctx->ip.local_port = -1;
1055

1056
#ifdef HAVE_GETSOCKNAME
1057
  if((ctx->sock != CURL_SOCKET_BAD) &&
1058
     !(data->conn->handler->protocol & CURLPROTO_TFTP)) {
1059
    /* TFTP does not connect, so it cannot get the IP like this */
1060

1061
    char buffer[STRERROR_LEN];
1062
    struct Curl_sockaddr_storage ssloc;
1063
    curl_socklen_t slen = sizeof(struct Curl_sockaddr_storage);
1064

1065
    memset(&ssloc, 0, sizeof(ssloc));
1066
    if(getsockname(ctx->sock, (struct sockaddr*) &ssloc, &slen)) {
1067
      int error = SOCKERRNO;
1068
      infof(data, "getsockname() failed with errno %d: %s",
1069
            error, curlx_strerror(error, buffer, sizeof(buffer)));
1070
    }
1071
    else if(!Curl_addr2string((struct sockaddr*)&ssloc, slen,
1072
                              ctx->ip.local_ip, &ctx->ip.local_port)) {
1073
      infof(data, "ssloc inet_ntop() failed with errno %d: %s",
1074
            errno, curlx_strerror(errno, buffer, sizeof(buffer)));
1075
    }
1076
  }
1077
#else
1078
  (void)data;
1079
#endif
1080
}
1081

1082
static CURLcode set_remote_ip(struct Curl_cfilter *cf,
1083
                              struct Curl_easy *data)
1084
{
1085
  struct cf_socket_ctx *ctx = cf->ctx;
1086

1087
  /* store remote address and port used in this connection attempt */
1088
  if(!Curl_addr2string(&ctx->addr.curl_sa_addr,
1089
                       (curl_socklen_t)ctx->addr.addrlen,
1090
                       ctx->ip.remote_ip, &ctx->ip.remote_port)) {
1091
    char buffer[STRERROR_LEN];
1092

1093
    ctx->error = errno;
1094
    /* malformed address or bug in inet_ntop, try next address */
1095
    failf(data, "curl_sa_addr inet_ntop() failed with errno %d: %s",
1096
          errno, curlx_strerror(errno, buffer, sizeof(buffer)));
1097
    return CURLE_FAILED_INIT;
1098
  }
1099
  return CURLE_OK;
1100
}
1101

1102
static CURLcode cf_socket_open(struct Curl_cfilter *cf,
1103
                               struct Curl_easy *data)
1104
{
1105
  struct cf_socket_ctx *ctx = cf->ctx;
1106
  int error = 0;
1107
  bool isconnected = FALSE;
1108
  CURLcode result = CURLE_COULDNT_CONNECT;
1109
  bool is_tcp;
1110

1111
  (void)data;
1112
  DEBUGASSERT(ctx->sock == CURL_SOCKET_BAD);
1113
  ctx->started_at = curlx_now();
1114
#ifdef SOCK_NONBLOCK
1115
  /* Do not tuck SOCK_NONBLOCK into socktype when opensocket callback is set
1116
   * because we would not know how socketype is about to be used in the
1117
   * callback, SOCK_NONBLOCK might get factored out before calling socket().
1118
   */
1119
  if(!data->set.fopensocket)
1120
    ctx->addr.socktype |= SOCK_NONBLOCK;
1121
#endif
1122
  result = socket_open(data, &ctx->addr, &ctx->sock);
1123
#ifdef SOCK_NONBLOCK
1124
  /* Restore the socktype after the socket is created. */
1125
  if(!data->set.fopensocket)
1126
    ctx->addr.socktype &= ~SOCK_NONBLOCK;
1127
#endif
1128
  if(result)
1129
    goto out;
1130

1131
  result = set_remote_ip(cf, data);
1132
  if(result)
1133
    goto out;
1134

1135
#ifdef USE_IPV6
1136
  if(ctx->addr.family == AF_INET6) {
1137
    set_ipv6_v6only(ctx->sock, 0);
1138
    infof(data, "  Trying [%s]:%d...", ctx->ip.remote_ip, ctx->ip.remote_port);
1139
  }
1140
  else
1141
#endif
1142
    infof(data, "  Trying %s:%d...", ctx->ip.remote_ip, ctx->ip.remote_port);
1143

1144
#ifdef USE_IPV6
1145
  is_tcp = (ctx->addr.family == AF_INET
1146
            || ctx->addr.family == AF_INET6) &&
1147
           ctx->addr.socktype == SOCK_STREAM;
1148
#else
1149
  is_tcp = (ctx->addr.family == AF_INET) &&
1150
           ctx->addr.socktype == SOCK_STREAM;
1151
#endif
1152
  if(is_tcp && data->set.tcp_nodelay)
1153
    tcpnodelay(data, ctx->sock);
1154

1155
  nosigpipe(data, ctx->sock);
1156

1157
  Curl_sndbuf_init(ctx->sock);
1158

1159
  if(is_tcp && data->set.tcp_keepalive)
1160
    tcpkeepalive(data, ctx->sock);
1161

1162
  if(data->set.fsockopt) {
1163
    /* activate callback for setting socket options */
1164
    Curl_set_in_callback(data, TRUE);
1165
    error = data->set.fsockopt(data->set.sockopt_client,
1166
                               ctx->sock,
1167
                               CURLSOCKTYPE_IPCXN);
1168
    Curl_set_in_callback(data, FALSE);
1169

1170
    if(error == CURL_SOCKOPT_ALREADY_CONNECTED)
1171
      isconnected = TRUE;
1172
    else if(error) {
1173
      result = CURLE_ABORTED_BY_CALLBACK;
1174
      goto out;
1175
    }
1176
  }
1177

1178
#ifndef CURL_DISABLE_BINDLOCAL
1179
  /* possibly bind the local end to an IP, interface or port */
1180
  if(ctx->addr.family == AF_INET
1181
#ifdef USE_IPV6
1182
     || ctx->addr.family == AF_INET6
1183
#endif
1184
    ) {
1185
    result = bindlocal(data, cf->conn, ctx->sock, ctx->addr.family,
1186
                       Curl_ipv6_scope(&ctx->addr.curl_sa_addr));
1187
    if(result) {
1188
      if(result == CURLE_UNSUPPORTED_PROTOCOL) {
1189
        /* The address family is not supported on this interface.
1190
           We can continue trying addresses */
1191
        result = CURLE_COULDNT_CONNECT;
1192
      }
1193
      goto out;
1194
    }
1195
  }
1196
#endif
1197

1198
#ifndef SOCK_NONBLOCK
1199
  /* Set socket non-blocking, must be a non-blocking socket for
1200
   * a non-blocking connect. */
1201
  error = curlx_nonblock(ctx->sock, TRUE);
1202
  if(error < 0) {
1203
    result = CURLE_UNSUPPORTED_PROTOCOL;
1204
    ctx->error = SOCKERRNO;
1205
    goto out;
1206
  }
1207
#else
1208
  if(data->set.fopensocket) {
1209
    /* Set socket non-blocking, must be a non-blocking socket for
1210
     * a non-blocking connect. */
1211
    error = curlx_nonblock(ctx->sock, TRUE);
1212
    if(error < 0) {
1213
      result = CURLE_UNSUPPORTED_PROTOCOL;
1214
      ctx->error = SOCKERRNO;
1215
      goto out;
1216
    }
1217
  }
1218
#endif
1219
  ctx->sock_connected = (ctx->addr.socktype != SOCK_DGRAM);
1220
out:
1221
  if(result) {
1222
    if(ctx->sock != CURL_SOCKET_BAD) {
1223
      socket_close(data, cf->conn, TRUE, ctx->sock);
1224
      ctx->sock = CURL_SOCKET_BAD;
1225
    }
1226
  }
1227
  else if(isconnected) {
1228
    set_local_ip(cf, data);
1229
    ctx->connected_at = curlx_now();
1230
    cf->connected = TRUE;
1231
  }
1232
  CURL_TRC_CF(data, cf, "cf_socket_open() -> %d, fd=%" FMT_SOCKET_T,
1233
              result, ctx->sock);
1234
  return result;
1235
}
1236

1237
static int do_connect(struct Curl_cfilter *cf, struct Curl_easy *data,
1238
                      bool is_tcp_fastopen)
1239
{
1240
  struct cf_socket_ctx *ctx = cf->ctx;
1241
#ifdef TCP_FASTOPEN_CONNECT
1242
  int optval = 1;
1243
#endif
1244
  int rc = -1;
1245

1246
  (void)data;
1247
  if(is_tcp_fastopen) {
1248
#ifdef CONNECT_DATA_IDEMPOTENT /* Darwin */
1249
#  ifdef HAVE_BUILTIN_AVAILABLE
1250
    /* while connectx function is available since macOS 10.11 / iOS 9,
1251
       it did not have the interface declared correctly until
1252
       Xcode 9 / macOS SDK 10.13 */
1253
    if(__builtin_available(macOS 10.11, iOS 9.0, tvOS 9.0, watchOS 2.0, *)) {
1254
      sa_endpoints_t endpoints;
1255
      endpoints.sae_srcif = 0;
1256
      endpoints.sae_srcaddr = NULL;
1257
      endpoints.sae_srcaddrlen = 0;
1258
      endpoints.sae_dstaddr = &ctx->addr.curl_sa_addr;
1259
      endpoints.sae_dstaddrlen = ctx->addr.addrlen;
1260

1261
      rc = connectx(ctx->sock, &endpoints, SAE_ASSOCID_ANY,
1262
                    CONNECT_RESUME_ON_READ_WRITE | CONNECT_DATA_IDEMPOTENT,
1263
                    NULL, 0, NULL, NULL);
1264
    }
1265
    else {
1266
      rc = connect(ctx->sock, &ctx->addr.curl_sa_addr, ctx->addr.addrlen);
1267
    }
1268
#  else
1269
    rc = connect(ctx->sock, &ctx->addr.curl_sa_addr, ctx->addr.addrlen);
1270
#  endif /* HAVE_BUILTIN_AVAILABLE */
1271
#elif defined(TCP_FASTOPEN_CONNECT) /* Linux >= 4.11 */
1272
    if(setsockopt(ctx->sock, IPPROTO_TCP, TCP_FASTOPEN_CONNECT,
1273
                  (void *)&optval, sizeof(optval)) < 0)
1274
      infof(data, "Failed to enable TCP Fast Open on fd %" FMT_SOCKET_T,
1275
            ctx->sock);
1276

1277
    rc = connect(ctx->sock, &ctx->addr.curl_sa_addr, ctx->addr.addrlen);
1278
#elif defined(MSG_FASTOPEN) /* old Linux */
1279
    if(Curl_conn_is_ssl(cf->conn, cf->sockindex))
1280
      rc = connect(ctx->sock, &ctx->addr.curl_sa_addr, ctx->addr.addrlen);
1281
    else
1282
      rc = 0; /* Do nothing */
1283
#endif
1284
  }
1285
  else {
1286
    rc = connect(ctx->sock, &ctx->addr.curl_sa_addr,
1287
                 (curl_socklen_t)ctx->addr.addrlen);
1288
  }
1289
  return rc;
1290
}
1291

1292
static CURLcode cf_tcp_connect(struct Curl_cfilter *cf,
1293
                               struct Curl_easy *data,
1294
                               bool *done)
1295
{
1296
  struct cf_socket_ctx *ctx = cf->ctx;
1297
  CURLcode result = CURLE_COULDNT_CONNECT;
1298
  int rc = 0;
1299

1300
  (void)data;
1301
  if(cf->connected) {
1302
    *done = TRUE;
1303
    return CURLE_OK;
1304
  }
1305

1306
  *done = FALSE; /* a negative world view is best */
1307
  if(ctx->sock == CURL_SOCKET_BAD) {
1308
    int error;
1309

1310
    result = cf_socket_open(cf, data);
1311
    if(result)
1312
      goto out;
1313

1314
    if(cf->connected) {
1315
      *done = TRUE;
1316
      return CURLE_OK;
1317
    }
1318

1319
    /* Connect TCP socket */
1320
    rc = do_connect(cf, data, cf->conn->bits.tcp_fastopen);
1321
    error = SOCKERRNO;
1322
    set_local_ip(cf, data);
1323
    CURL_TRC_CF(data, cf, "local address %s port %d...",
1324
                ctx->ip.local_ip, ctx->ip.local_port);
1325
    if(-1 == rc) {
1326
      result = socket_connect_result(data, ctx->ip.remote_ip, error);
1327
      goto out;
1328
    }
1329
  }
1330

1331
#ifdef mpeix
1332
  /* Call this function once now, and ignore the results. We do this to
1333
     "clear" the error state on the socket so that we can later read it
1334
     reliably. This is reported necessary on the MPE/iX operating
1335
     system. */
1336
  (void)verifyconnect(ctx->sock, NULL);
1337
#endif
1338
  /* check socket for connect */
1339
  rc = SOCKET_WRITABLE(ctx->sock, 0);
1340

1341
  if(rc == 0) { /* no connection yet */
1342
    CURL_TRC_CF(data, cf, "not connected yet on fd=%" FMT_SOCKET_T,
1343
                ctx->sock);
1344
    return CURLE_OK;
1345
  }
1346
  else if(rc == CURL_CSELECT_OUT || cf->conn->bits.tcp_fastopen) {
1347
    if(verifyconnect(ctx->sock, &ctx->error)) {
1348
      /* we are connected with TCP, awesome! */
1349
      ctx->connected_at = curlx_now();
1350
      set_local_ip(cf, data);
1351
      *done = TRUE;
1352
      cf->connected = TRUE;
1353
      CURL_TRC_CF(data, cf, "connected on fd=%" FMT_SOCKET_T, ctx->sock);
1354
      return CURLE_OK;
1355
    }
1356
  }
1357
  else if(rc & CURL_CSELECT_ERR) {
1358
    (void)verifyconnect(ctx->sock, &ctx->error);
1359
    result = CURLE_COULDNT_CONNECT;
1360
  }
1361

1362
out:
1363
  if(result) {
1364
    if(ctx->error) {
1365
      set_local_ip(cf, data);
1366
      data->state.os_errno = ctx->error;
1367
      SET_SOCKERRNO(ctx->error);
1368
#ifndef CURL_DISABLE_VERBOSE_STRINGS
1369
      {
1370
        char buffer[STRERROR_LEN];
1371
        infof(data, "connect to %s port %u from %s port %d failed: %s",
1372
              ctx->ip.remote_ip, ctx->ip.remote_port,
1373
              ctx->ip.local_ip, ctx->ip.local_port,
1374
              curlx_strerror(ctx->error, buffer, sizeof(buffer)));
1375
      }
1376
#endif
1377
    }
1378
    if(ctx->sock != CURL_SOCKET_BAD) {
1379
      socket_close(data, cf->conn, TRUE, ctx->sock);
1380
      ctx->sock = CURL_SOCKET_BAD;
1381
    }
1382
    *done = FALSE;
1383
  }
1384
  return result;
1385
}
1386

1387
static CURLcode cf_socket_adjust_pollset(struct Curl_cfilter *cf,
1388
                                         struct Curl_easy *data,
1389
                                         struct easy_pollset *ps)
1390
{
1391
  struct cf_socket_ctx *ctx = cf->ctx;
1392
  CURLcode result = CURLE_OK;
1393

1394
  if(ctx->sock != CURL_SOCKET_BAD) {
1395
    /* A listening socket filter needs to be connected before the accept
1396
     * for some weird FTP interaction. This should be rewritten, so that
1397
     * FTP no longer does the socket checks and accept calls and delegates
1398
     * all that to the filter. */
1399
    if(ctx->listening) {
1400
      result = Curl_pollset_set_in_only(data, ps, ctx->sock);
1401
      CURL_TRC_CF(data, cf, "adjust_pollset, listening, POLLIN fd=%"
1402
                  FMT_SOCKET_T, ctx->sock);
1403
    }
1404
    else if(!cf->connected) {
1405
      result = Curl_pollset_set_out_only(data, ps, ctx->sock);
1406
      CURL_TRC_CF(data, cf, "adjust_pollset, !connected, POLLOUT fd=%"
1407
                  FMT_SOCKET_T, ctx->sock);
1408
    }
1409
    else if(!ctx->active) {
1410
      result = Curl_pollset_add_in(data, ps, ctx->sock);
1411
      CURL_TRC_CF(data, cf, "adjust_pollset, !active, POLLIN fd=%"
1412
                  FMT_SOCKET_T, ctx->sock);
1413
    }
1414
  }
1415
  return result;
1416
}
1417

1418
#ifdef USE_WINSOCK
1419

1420
/* Offered by mingw-w64 v13+. MS SDK 7.0A+. */
1421
#ifndef SIO_IDEAL_SEND_BACKLOG_QUERY
1422
#define SIO_IDEAL_SEND_BACKLOG_QUERY 0x4004747B
1423
#endif
1424

1425
static void win_update_sndbuf_size(struct cf_socket_ctx *ctx)
1426
{
1427
  ULONG ideal;
1428
  DWORD ideallen;
1429
  struct curltime n = curlx_now();
1430

1431
  if(curlx_timediff(n, ctx->last_sndbuf_query_at) > 1000) {
1432
    if(!WSAIoctl(ctx->sock, SIO_IDEAL_SEND_BACKLOG_QUERY, 0, 0,
1433
                  &ideal, sizeof(ideal), &ideallen, 0, 0) &&
1434
       ideal != ctx->sndbuf_size &&
1435
       !setsockopt(ctx->sock, SOL_SOCKET, SO_SNDBUF,
1436
                   (const char *)&ideal, sizeof(ideal))) {
1437
      ctx->sndbuf_size = ideal;
1438
    }
1439
    ctx->last_sndbuf_query_at = n;
1440
  }
1441
}
1442

1443
#endif /* USE_WINSOCK */
1444

1445
static CURLcode cf_socket_send(struct Curl_cfilter *cf, struct Curl_easy *data,
1446
                               const void *buf, size_t len, bool eos,
1447
                               size_t *pnwritten)
1448
{
1449
  struct cf_socket_ctx *ctx = cf->ctx;
1450
  curl_socket_t fdsave;
1451
  ssize_t nwritten;
1452
  size_t orig_len = len;
1453
  CURLcode result = CURLE_OK;
1454

1455
  (void)eos;
1456
  *pnwritten = 0;
1457
  fdsave = cf->conn->sock[cf->sockindex];
1458
  cf->conn->sock[cf->sockindex] = ctx->sock;
1459

1460
#ifdef DEBUGBUILD
1461
  /* simulate network blocking/partial writes */
1462
  if(ctx->wblock_percent > 0) {
1463
    unsigned char c = 0;
1464
    Curl_rand_bytes(data, FALSE, &c, 1);
1465
    if(c >= ((100-ctx->wblock_percent)*256/100)) {
1466
      CURL_TRC_CF(data, cf, "send(len=%zu) SIMULATE EWOULDBLOCK", orig_len);
1467
      cf->conn->sock[cf->sockindex] = fdsave;
1468
      return CURLE_AGAIN;
1469
    }
1470
  }
1471
  if(cf->cft != &Curl_cft_udp && ctx->wpartial_percent > 0 && len > 8) {
1472
    len = len * ctx->wpartial_percent / 100;
1473
    if(!len)
1474
      len = 1;
1475
    CURL_TRC_CF(data, cf, "send(len=%zu) SIMULATE partial write of %zu bytes",
1476
                orig_len, len);
1477
  }
1478
#endif
1479

1480
#if defined(MSG_FASTOPEN) && !defined(TCP_FASTOPEN_CONNECT) /* Linux */
1481
  if(cf->conn->bits.tcp_fastopen) {
1482
    nwritten = sendto(ctx->sock, buf, len, MSG_FASTOPEN,
1483
                      &ctx->addr.curl_sa_addr, ctx->addr.addrlen);
1484
    cf->conn->bits.tcp_fastopen = FALSE;
1485
  }
1486
  else
1487
#endif
1488
    nwritten = swrite(ctx->sock, buf, len);
1489

1490
  if(nwritten < 0) {
1491
    int sockerr = SOCKERRNO;
1492

1493
    if(
1494
#ifdef USE_WINSOCK
1495
      /* This is how Windows does it */
1496
      (SOCKEWOULDBLOCK == sockerr)
1497
#else
1498
      /* errno may be EWOULDBLOCK or on some systems EAGAIN when it returned
1499
         due to its inability to send off data without blocking. We therefore
1500
         treat both error codes the same here */
1501
      (SOCKEWOULDBLOCK == sockerr) ||
1502
      (EAGAIN == sockerr) || (SOCKEINTR == sockerr) ||
1503
      (SOCKEINPROGRESS == sockerr)
1504
#endif
1505
      ) {
1506
      /* this is just a case of EWOULDBLOCK */
1507
      result = CURLE_AGAIN;
1508
    }
1509
    else {
1510
      char buffer[STRERROR_LEN];
1511
      failf(data, "Send failure: %s",
1512
            curlx_strerror(sockerr, buffer, sizeof(buffer)));
1513
      data->state.os_errno = sockerr;
1514
      result = CURLE_SEND_ERROR;
1515
    }
1516
  }
1517
  else
1518
    *pnwritten = (size_t)nwritten;
1519

1520
#ifdef USE_WINSOCK
1521
  if(!result)
1522
    win_update_sndbuf_size(ctx);
1523
#endif
1524

1525
  CURL_TRC_CF(data, cf, "send(len=%zu) -> %d, %zu",
1526
              orig_len, result, *pnwritten);
1527
  cf->conn->sock[cf->sockindex] = fdsave;
1528
  return result;
1529
}
1530

1531
static CURLcode cf_socket_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
1532
                               char *buf, size_t len, size_t *pnread)
1533
{
1534
  struct cf_socket_ctx *ctx = cf->ctx;
1535
  CURLcode result = CURLE_OK;
1536
  ssize_t nread;
1537

1538
  *pnread = 0;
1539
#ifdef DEBUGBUILD
1540
  /* simulate network blocking/partial reads */
1541
  if(cf->cft != &Curl_cft_udp && ctx->rblock_percent > 0) {
1542
    unsigned char c = 0;
1543
    Curl_rand(data, &c, 1);
1544
    if(c >= ((100-ctx->rblock_percent)*256/100)) {
1545
      CURL_TRC_CF(data, cf, "recv(len=%zu) SIMULATE EWOULDBLOCK", len);
1546
      return CURLE_AGAIN;
1547
    }
1548
  }
1549
  if(cf->cft != &Curl_cft_udp && ctx->recv_max && ctx->recv_max < len) {
1550
    size_t orig_len = len;
1551
    len = ctx->recv_max;
1552
    CURL_TRC_CF(data, cf, "recv(len=%zu) SIMULATE max read of %zu bytes",
1553
                orig_len, len);
1554
  }
1555
#endif
1556

1557
  nread = sread(ctx->sock, buf, len);
1558

1559
  if(nread < 0) {
1560
    int sockerr = SOCKERRNO;
1561

1562
    if(
1563
#ifdef USE_WINSOCK
1564
      /* This is how Windows does it */
1565
      (SOCKEWOULDBLOCK == sockerr)
1566
#else
1567
      /* errno may be EWOULDBLOCK or on some systems EAGAIN when it returned
1568
         due to its inability to send off data without blocking. We therefore
1569
         treat both error codes the same here */
1570
      (SOCKEWOULDBLOCK == sockerr) ||
1571
      (EAGAIN == sockerr) || (SOCKEINTR == sockerr)
1572
#endif
1573
      ) {
1574
      /* this is just a case of EWOULDBLOCK */
1575
      result = CURLE_AGAIN;
1576
    }
1577
    else {
1578
      char buffer[STRERROR_LEN];
1579
      failf(data, "Recv failure: %s",
1580
            curlx_strerror(sockerr, buffer, sizeof(buffer)));
1581
      data->state.os_errno = sockerr;
1582
      result = CURLE_RECV_ERROR;
1583
    }
1584
  }
1585
  else
1586
    *pnread = (size_t)nread;
1587

1588
  CURL_TRC_CF(data, cf, "recv(len=%zu) -> %d, %zu", len, result, *pnread);
1589
  if(!result && !ctx->got_first_byte) {
1590
    ctx->first_byte_at = curlx_now();
1591
    ctx->got_first_byte = TRUE;
1592
  }
1593
  return result;
1594
}
1595

1596
static void cf_socket_update_data(struct Curl_cfilter *cf,
1597
                                  struct Curl_easy *data)
1598
{
1599
  /* Update the IP info held in the transfer, if we have that. */
1600
  if(cf->connected && (cf->sockindex == FIRSTSOCKET)) {
1601
    struct cf_socket_ctx *ctx = cf->ctx;
1602
    data->info.primary = ctx->ip;
1603
    /* not sure if this is redundant... */
1604
    data->info.conn_remote_port = cf->conn->remote_port;
1605
  }
1606
}
1607

1608
static void cf_socket_active(struct Curl_cfilter *cf, struct Curl_easy *data)
1609
{
1610
  struct cf_socket_ctx *ctx = cf->ctx;
1611

1612
  /* use this socket from now on */
1613
  cf->conn->sock[cf->sockindex] = ctx->sock;
1614
  set_local_ip(cf, data);
1615
#ifdef USE_IPV6
1616
  if(cf->sockindex == FIRSTSOCKET)
1617
    cf->conn->bits.ipv6 = (ctx->addr.family == AF_INET6);
1618
#endif
1619
  ctx->active = TRUE;
1620
}
1621

1622
static CURLcode cf_socket_cntrl(struct Curl_cfilter *cf,
1623
                                struct Curl_easy *data,
1624
                                int event, int arg1, void *arg2)
1625
{
1626
  struct cf_socket_ctx *ctx = cf->ctx;
1627

1628
  (void)arg1;
1629
  (void)arg2;
1630
  switch(event) {
1631
  case CF_CTRL_CONN_INFO_UPDATE:
1632
    cf_socket_active(cf, data);
1633
    cf_socket_update_data(cf, data);
1634
    break;
1635
  case CF_CTRL_DATA_SETUP:
1636
    cf_socket_update_data(cf, data);
1637
    break;
1638
  case CF_CTRL_FORGET_SOCKET:
1639
    ctx->sock = CURL_SOCKET_BAD;
1640
    break;
1641
  }
1642
  return CURLE_OK;
1643
}
1644

1645
static bool cf_socket_conn_is_alive(struct Curl_cfilter *cf,
1646
                                    struct Curl_easy *data,
1647
                                    bool *input_pending)
1648
{
1649
  struct cf_socket_ctx *ctx = cf->ctx;
1650
  struct pollfd pfd[1];
1651
  int r;
1652

1653
  *input_pending = FALSE;
1654
  (void)data;
1655
  if(!ctx || ctx->sock == CURL_SOCKET_BAD)
1656
    return FALSE;
1657

1658
  /* Check with 0 timeout if there are any events pending on the socket */
1659
  pfd[0].fd = ctx->sock;
1660
  pfd[0].events = POLLRDNORM|POLLIN|POLLRDBAND|POLLPRI;
1661
  pfd[0].revents = 0;
1662

1663
  r = Curl_poll(pfd, 1, 0);
1664
  if(r < 0) {
1665
    CURL_TRC_CF(data, cf, "is_alive: poll error, assume dead");
1666
    return FALSE;
1667
  }
1668
  else if(r == 0) {
1669
    CURL_TRC_CF(data, cf, "is_alive: poll timeout, assume alive");
1670
    return TRUE;
1671
  }
1672
  else if(pfd[0].revents & (POLLERR|POLLHUP|POLLPRI|POLLNVAL)) {
1673
    CURL_TRC_CF(data, cf, "is_alive: err/hup/etc events, assume dead");
1674
    return FALSE;
1675
  }
1676

1677
  CURL_TRC_CF(data, cf, "is_alive: valid events, looks alive");
1678
  *input_pending = TRUE;
1679
  return TRUE;
1680
}
1681

1682
static CURLcode cf_socket_query(struct Curl_cfilter *cf,
1683
                                struct Curl_easy *data,
1684
                                int query, int *pres1, void *pres2)
1685
{
1686
  struct cf_socket_ctx *ctx = cf->ctx;
1687

1688
  switch(query) {
1689
  case CF_QUERY_SOCKET:
1690
    DEBUGASSERT(pres2);
1691
    *((curl_socket_t *)pres2) = ctx->sock;
1692
    return CURLE_OK;
1693
  case CF_QUERY_TRANSPORT:
1694
    DEBUGASSERT(pres1);
1695
    *pres1 = ctx->transport;
1696
    return CURLE_OK;
1697
  case CF_QUERY_REMOTE_ADDR:
1698
    DEBUGASSERT(pres2);
1699
    *((const struct Curl_sockaddr_ex **)pres2) = cf->connected ?
1700
                                                 &ctx->addr : NULL;
1701
    return CURLE_OK;
1702
  case CF_QUERY_CONNECT_REPLY_MS:
1703
    if(ctx->got_first_byte) {
1704
      timediff_t ms = curlx_timediff(ctx->first_byte_at, ctx->started_at);
1705
      *pres1 = (ms < INT_MAX) ? (int)ms : INT_MAX;
1706
    }
1707
    else
1708
      *pres1 = -1;
1709
    return CURLE_OK;
1710
  case CF_QUERY_TIMER_CONNECT: {
1711
    struct curltime *when = pres2;
1712
    switch(ctx->transport) {
1713
    case TRNSPRT_UDP:
1714
    case TRNSPRT_QUIC:
1715
      /* Since UDP connected sockets work different from TCP, we use the
1716
       * time of the first byte from the peer as the "connect" time. */
1717
      if(ctx->got_first_byte) {
1718
        *when = ctx->first_byte_at;
1719
        break;
1720
      }
1721
      FALLTHROUGH();
1722
    default:
1723
      *when = ctx->connected_at;
1724
      break;
1725
    }
1726
    return CURLE_OK;
1727
  }
1728
  case CF_QUERY_IP_INFO:
1729
#ifdef USE_IPV6
1730
    *pres1 = (ctx->addr.family == AF_INET6);
1731
#else
1732
    *pres1 = FALSE;
1733
#endif
1734
    *(struct ip_quadruple *)pres2 = ctx->ip;
1735
    return CURLE_OK;
1736
  default:
1737
    break;
1738
  }
1739
  return cf->next ?
1740
    cf->next->cft->query(cf->next, data, query, pres1, pres2) :
1741
    CURLE_UNKNOWN_OPTION;
1742
}
1743

1744
struct Curl_cftype Curl_cft_tcp = {
1745
  "TCP",
1746
  CF_TYPE_IP_CONNECT,
1747
  CURL_LOG_LVL_NONE,
1748
  cf_socket_destroy,
1749
  cf_tcp_connect,
1750
  cf_socket_close,
1751
  cf_socket_shutdown,
1752
  cf_socket_adjust_pollset,
1753
  Curl_cf_def_data_pending,
1754
  cf_socket_send,
1755
  cf_socket_recv,
1756
  cf_socket_cntrl,
1757
  cf_socket_conn_is_alive,
1758
  Curl_cf_def_conn_keep_alive,
1759
  cf_socket_query,
1760
};
1761

1762
CURLcode Curl_cf_tcp_create(struct Curl_cfilter **pcf,
1763
                            struct Curl_easy *data,
1764
                            struct connectdata *conn,
1765
                            const struct Curl_addrinfo *ai,
1766
                            int transport)
1767
{
1768
  struct cf_socket_ctx *ctx = NULL;
1769
  struct Curl_cfilter *cf = NULL;
1770
  CURLcode result;
1771

1772
  (void)data;
1773
  (void)conn;
1774
  DEBUGASSERT(transport == TRNSPRT_TCP);
1775
  if(!ai) {
1776
    result = CURLE_BAD_FUNCTION_ARGUMENT;
1777
    goto out;
1778
  }
1779

1780
  ctx = calloc(1, sizeof(*ctx));
1781
  if(!ctx) {
1782
    result = CURLE_OUT_OF_MEMORY;
1783
    goto out;
1784
  }
1785

1786
  result = cf_socket_ctx_init(ctx, ai, transport);
1787
  if(result)
1788
    goto out;
1789

1790
  result = Curl_cf_create(&cf, &Curl_cft_tcp, ctx);
1791

1792
out:
1793
  *pcf = (!result) ? cf : NULL;
1794
  if(result) {
1795
    Curl_safefree(cf);
1796
    Curl_safefree(ctx);
1797
  }
1798

1799
  return result;
1800
}
1801

1802
static CURLcode cf_udp_setup_quic(struct Curl_cfilter *cf,
1803
                                  struct Curl_easy *data)
1804
{
1805
  struct cf_socket_ctx *ctx = cf->ctx;
1806
  int rc;
1807
  int one = 1;
1808

1809
  (void)one;
1810

1811
  /* QUIC needs a connected socket, nonblocking */
1812
  DEBUGASSERT(ctx->sock != CURL_SOCKET_BAD);
1813

1814
  /* error: The 1st argument to 'connect' is -1 but should be >= 0
1815
     NOLINTNEXTLINE(clang-analyzer-unix.StdCLibraryFunctions) */
1816
  rc = connect(ctx->sock, &ctx->addr.curl_sa_addr,
1817
               (curl_socklen_t)ctx->addr.addrlen);
1818
  if(-1 == rc) {
1819
    return socket_connect_result(data, ctx->ip.remote_ip, SOCKERRNO);
1820
  }
1821
  ctx->sock_connected = TRUE;
1822
  set_local_ip(cf, data);
1823
  CURL_TRC_CF(data, cf, "%s socket %" FMT_SOCKET_T
1824
              " connected: [%s:%d] -> [%s:%d]",
1825
              (ctx->transport == TRNSPRT_QUIC) ? "QUIC" : "UDP",
1826
              ctx->sock, ctx->ip.local_ip, ctx->ip.local_port,
1827
              ctx->ip.remote_ip, ctx->ip.remote_port);
1828

1829
  /* Currently, cf->ctx->sock is always non-blocking because the only
1830
   * caller to cf_udp_setup_quic() is cf_udp_connect() that passes the
1831
   * non-blocking socket created by cf_socket_open() to it. Thus, we
1832
   * do not need to call curlx_nonblock() in cf_udp_setup_quic() anymore.
1833
   */
1834
#ifdef __linux__
1835
  switch(ctx->addr.family) {
1836
#ifdef IP_MTU_DISCOVER
1837
  case AF_INET: {
1838
    int val = IP_PMTUDISC_DO;
1839
    (void)setsockopt(ctx->sock, IPPROTO_IP, IP_MTU_DISCOVER, &val,
1840
                     sizeof(val));
1841
    break;
1842
  }
1843
#endif
1844
#ifdef IPV6_MTU_DISCOVER
1845
  case AF_INET6: {
1846
    int val = IPV6_PMTUDISC_DO;
1847
    (void)setsockopt(ctx->sock, IPPROTO_IPV6, IPV6_MTU_DISCOVER, &val,
1848
                     sizeof(val));
1849
    break;
1850
  }
1851
#endif
1852
  }
1853

1854
#if defined(UDP_GRO) &&                                                       \
1855
  (defined(HAVE_SENDMMSG) || defined(HAVE_SENDMSG)) &&                        \
1856
  ((defined(USE_NGTCP2) && defined(USE_NGHTTP3)) || defined(USE_QUICHE))
1857
  (void)setsockopt(ctx->sock, IPPROTO_UDP, UDP_GRO, &one,
1858
                   (socklen_t)sizeof(one));
1859
#endif
1860
#endif
1861

1862
  return CURLE_OK;
1863
}
1864

1865
static CURLcode cf_udp_connect(struct Curl_cfilter *cf,
1866
                               struct Curl_easy *data,
1867
                               bool *done)
1868
{
1869
  struct cf_socket_ctx *ctx = cf->ctx;
1870
  CURLcode result = CURLE_COULDNT_CONNECT;
1871

1872
  if(cf->connected) {
1873
    *done = TRUE;
1874
    return CURLE_OK;
1875
  }
1876

1877
  *done = FALSE;
1878
  if(ctx->sock == CURL_SOCKET_BAD) {
1879
    result = cf_socket_open(cf, data);
1880
    if(result) {
1881
      CURL_TRC_CF(data, cf, "cf_udp_connect(), open failed -> %d", result);
1882
      goto out;
1883
    }
1884

1885
    if(ctx->transport == TRNSPRT_QUIC) {
1886
      result = cf_udp_setup_quic(cf, data);
1887
      if(result)
1888
        goto out;
1889
      CURL_TRC_CF(data, cf, "cf_udp_connect(), opened socket=%"
1890
                  FMT_SOCKET_T " (%s:%d)",
1891
                  ctx->sock, ctx->ip.local_ip, ctx->ip.local_port);
1892
    }
1893
    *done = TRUE;
1894
    cf->connected = TRUE;
1895
  }
1896
out:
1897
  return result;
1898
}
1899

1900
struct Curl_cftype Curl_cft_udp = {
1901
  "UDP",
1902
  CF_TYPE_IP_CONNECT,
1903
  CURL_LOG_LVL_NONE,
1904
  cf_socket_destroy,
1905
  cf_udp_connect,
1906
  cf_socket_close,
1907
  cf_socket_shutdown,
1908
  cf_socket_adjust_pollset,
1909
  Curl_cf_def_data_pending,
1910
  cf_socket_send,
1911
  cf_socket_recv,
1912
  cf_socket_cntrl,
1913
  cf_socket_conn_is_alive,
1914
  Curl_cf_def_conn_keep_alive,
1915
  cf_socket_query,
1916
};
1917

1918
CURLcode Curl_cf_udp_create(struct Curl_cfilter **pcf,
1919
                            struct Curl_easy *data,
1920
                            struct connectdata *conn,
1921
                            const struct Curl_addrinfo *ai,
1922
                            int transport)
1923
{
1924
  struct cf_socket_ctx *ctx = NULL;
1925
  struct Curl_cfilter *cf = NULL;
1926
  CURLcode result;
1927

1928
  (void)data;
1929
  (void)conn;
1930
  DEBUGASSERT(transport == TRNSPRT_UDP || transport == TRNSPRT_QUIC);
1931
  ctx = calloc(1, sizeof(*ctx));
1932
  if(!ctx) {
1933
    result = CURLE_OUT_OF_MEMORY;
1934
    goto out;
1935
  }
1936

1937
  result = cf_socket_ctx_init(ctx, ai, transport);
1938
  if(result)
1939
    goto out;
1940

1941
  result = Curl_cf_create(&cf, &Curl_cft_udp, ctx);
1942

1943
out:
1944
  *pcf = (!result) ? cf : NULL;
1945
  if(result) {
1946
    Curl_safefree(cf);
1947
    Curl_safefree(ctx);
1948
  }
1949

1950
  return result;
1951
}
1952

1953
/* this is the TCP filter which can also handle this case */
1954
struct Curl_cftype Curl_cft_unix = {
1955
  "UNIX",
1956
  CF_TYPE_IP_CONNECT,
1957
  CURL_LOG_LVL_NONE,
1958
  cf_socket_destroy,
1959
  cf_tcp_connect,
1960
  cf_socket_close,
1961
  cf_socket_shutdown,
1962
  cf_socket_adjust_pollset,
1963
  Curl_cf_def_data_pending,
1964
  cf_socket_send,
1965
  cf_socket_recv,
1966
  cf_socket_cntrl,
1967
  cf_socket_conn_is_alive,
1968
  Curl_cf_def_conn_keep_alive,
1969
  cf_socket_query,
1970
};
1971

1972
CURLcode Curl_cf_unix_create(struct Curl_cfilter **pcf,
1973
                             struct Curl_easy *data,
1974
                             struct connectdata *conn,
1975
                             const struct Curl_addrinfo *ai,
1976
                             int transport)
1977
{
1978
  struct cf_socket_ctx *ctx = NULL;
1979
  struct Curl_cfilter *cf = NULL;
1980
  CURLcode result;
1981

1982
  (void)data;
1983
  (void)conn;
1984
  DEBUGASSERT(transport == TRNSPRT_UNIX);
1985
  ctx = calloc(1, sizeof(*ctx));
1986
  if(!ctx) {
1987
    result = CURLE_OUT_OF_MEMORY;
1988
    goto out;
1989
  }
1990

1991
  result = cf_socket_ctx_init(ctx, ai, transport);
1992
  if(result)
1993
    goto out;
1994

1995
  result = Curl_cf_create(&cf, &Curl_cft_unix, ctx);
1996

1997
out:
1998
  *pcf = (!result) ? cf : NULL;
1999
  if(result) {
2000
    Curl_safefree(cf);
2001
    Curl_safefree(ctx);
2002
  }
2003

2004
  return result;
2005
}
2006

2007
static timediff_t cf_tcp_accept_timeleft(struct Curl_cfilter *cf,
2008
                                         struct Curl_easy *data)
2009
{
2010
  struct cf_socket_ctx *ctx = cf->ctx;
2011
  timediff_t timeout_ms = DEFAULT_ACCEPT_TIMEOUT;
2012
  timediff_t other;
2013
  struct curltime now;
2014

2015
#ifndef CURL_DISABLE_FTP
2016
  if(data->set.accepttimeout > 0)
2017
    timeout_ms = data->set.accepttimeout;
2018
#endif
2019

2020
  now = curlx_now();
2021
  /* check if the generic timeout possibly is set shorter */
2022
  other = Curl_timeleft(data, &now, FALSE);
2023
  if(other && (other < timeout_ms))
2024
    /* note that this also works fine for when other happens to be negative
2025
       due to it already having elapsed */
2026
    timeout_ms = other;
2027
  else {
2028
    /* subtract elapsed time */
2029
    timeout_ms -= curlx_timediff(now, ctx->started_at);
2030
    if(!timeout_ms)
2031
      /* avoid returning 0 as that means no timeout! */
2032
      timeout_ms = -1;
2033
  }
2034
  return timeout_ms;
2035
}
2036

2037
static void cf_tcp_set_accepted_remote_ip(struct Curl_cfilter *cf,
2038
                                          struct Curl_easy *data)
2039
{
2040
  struct cf_socket_ctx *ctx = cf->ctx;
2041
#ifdef HAVE_GETPEERNAME
2042
  char buffer[STRERROR_LEN];
2043
  struct Curl_sockaddr_storage ssrem;
2044
  curl_socklen_t plen;
2045

2046
  ctx->ip.remote_ip[0] = 0;
2047
  ctx->ip.remote_port = 0;
2048
  plen = sizeof(ssrem);
2049
  memset(&ssrem, 0, plen);
2050
  if(getpeername(ctx->sock, (struct sockaddr*) &ssrem, &plen)) {
2051
    int error = SOCKERRNO;
2052
    failf(data, "getpeername() failed with errno %d: %s",
2053
          error, curlx_strerror(error, buffer, sizeof(buffer)));
2054
    return;
2055
  }
2056
  if(!Curl_addr2string((struct sockaddr*)&ssrem, plen,
2057
                       ctx->ip.remote_ip, &ctx->ip.remote_port)) {
2058
    failf(data, "ssrem inet_ntop() failed with errno %d: %s",
2059
          errno, curlx_strerror(errno, buffer, sizeof(buffer)));
2060
    return;
2061
  }
2062
#else
2063
  ctx->ip.remote_ip[0] = 0;
2064
  ctx->ip.remote_port = 0;
2065
  (void)data;
2066
#endif
2067
}
2068

2069
static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf,
2070
                                      struct Curl_easy *data,
2071
                                      bool *done)
2072
{
2073
  struct cf_socket_ctx *ctx = cf->ctx;
2074
  char errbuf[STRERROR_LEN];
2075
#ifdef USE_IPV6
2076
  struct Curl_sockaddr_storage add;
2077
#else
2078
  struct sockaddr_in add;
2079
#endif
2080
  curl_socklen_t size = (curl_socklen_t) sizeof(add);
2081
  curl_socket_t s_accepted = CURL_SOCKET_BAD;
2082
  timediff_t timeout_ms;
2083
  int socketstate = 0;
2084
  bool incoming = FALSE;
2085

2086
  /* we start accepted, if we ever close, we cannot go on */
2087
  (void)data;
2088
  if(cf->connected) {
2089
    *done = TRUE;
2090
    return CURLE_OK;
2091
  }
2092

2093
  *done = FALSE;
2094
  timeout_ms = cf_tcp_accept_timeleft(cf, data);
2095
  if(timeout_ms < 0) {
2096
    /* if a timeout was already reached, bail out */
2097
    failf(data, "Accept timeout occurred while waiting server connect");
2098
    return CURLE_FTP_ACCEPT_TIMEOUT;
2099
  }
2100

2101
  CURL_TRC_CF(data, cf, "Checking for incoming on fd=%" FMT_SOCKET_T
2102
              " ip=%s:%d", ctx->sock, ctx->ip.local_ip, ctx->ip.local_port);
2103
  socketstate = Curl_socket_check(ctx->sock, CURL_SOCKET_BAD,
2104
                                  CURL_SOCKET_BAD, 0);
2105
  CURL_TRC_CF(data, cf, "socket_check -> %x", socketstate);
2106
  switch(socketstate) {
2107
  case -1: /* error */
2108
    /* let's die here */
2109
    failf(data, "Error while waiting for server connect");
2110
    return CURLE_FTP_ACCEPT_FAILED;
2111
  default:
2112
    if(socketstate & CURL_CSELECT_IN) {
2113
      infof(data, "Ready to accept data connection from server");
2114
      incoming = TRUE;
2115
    }
2116
    break;
2117
  }
2118

2119
  if(!incoming) {
2120
    CURL_TRC_CF(data, cf, "nothing heard from the server yet");
2121
    return CURLE_OK;
2122
  }
2123

2124
  size = sizeof(add);
2125
#ifdef HAVE_ACCEPT4
2126
  s_accepted = CURL_ACCEPT4(ctx->sock, (struct sockaddr *) &add, &size,
2127
                            SOCK_NONBLOCK | SOCK_CLOEXEC);
2128
#else
2129
  s_accepted = CURL_ACCEPT(ctx->sock, (struct sockaddr *) &add, &size);
2130
#endif
2131

2132
  if(CURL_SOCKET_BAD == s_accepted) {
2133
    failf(data, "Error accept()ing server connect: %s",
2134
          curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf)));
2135
    return CURLE_FTP_ACCEPT_FAILED;
2136
  }
2137
#if !defined(HAVE_ACCEPT4) && defined(HAVE_FCNTL)
2138
  if((fcntl(s_accepted, F_SETFD, FD_CLOEXEC) < 0) ||
2139
     (curlx_nonblock(s_accepted, TRUE) < 0)) {
2140
    failf(data, "fcntl set CLOEXEC/NONBLOCK: %s",
2141
          curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf)));
2142
    Curl_socket_close(data, cf->conn, s_accepted);
2143
    return CURLE_FTP_ACCEPT_FAILED;
2144
  }
2145
#endif
2146
  infof(data, "Connection accepted from server");
2147

2148
  /* Replace any filter on SECONDARY with one listening on this socket */
2149
  ctx->listening = FALSE;
2150
  ctx->accepted = TRUE;
2151
  socket_close(data, cf->conn, TRUE, ctx->sock);
2152
  ctx->sock = s_accepted;
2153

2154
  cf->conn->sock[cf->sockindex] = ctx->sock;
2155
  cf_tcp_set_accepted_remote_ip(cf, data);
2156
  set_local_ip(cf, data);
2157
  ctx->active = TRUE;
2158
  ctx->connected_at = curlx_now();
2159
  cf->connected = TRUE;
2160
  CURL_TRC_CF(data, cf, "accepted_set(sock=%" FMT_SOCKET_T
2161
              ", remote=%s port=%d)",
2162
              ctx->sock, ctx->ip.remote_ip, ctx->ip.remote_port);
2163

2164
  if(data->set.fsockopt) {
2165
    int error = 0;
2166

2167
    /* activate callback for setting socket options */
2168
    Curl_set_in_callback(data, true);
2169
    error = data->set.fsockopt(data->set.sockopt_client,
2170
                               ctx->sock, CURLSOCKTYPE_ACCEPT);
2171
    Curl_set_in_callback(data, false);
2172

2173
    if(error)
2174
      return CURLE_ABORTED_BY_CALLBACK;
2175
  }
2176
  *done = TRUE;
2177
  return CURLE_OK;
2178
}
2179

2180
struct Curl_cftype Curl_cft_tcp_accept = {
2181
  "TCP-ACCEPT",
2182
  CF_TYPE_IP_CONNECT,
2183
  CURL_LOG_LVL_NONE,
2184
  cf_socket_destroy,
2185
  cf_tcp_accept_connect,
2186
  cf_socket_close,
2187
  cf_socket_shutdown,
2188
  cf_socket_adjust_pollset,
2189
  Curl_cf_def_data_pending,
2190
  cf_socket_send,
2191
  cf_socket_recv,
2192
  cf_socket_cntrl,
2193
  cf_socket_conn_is_alive,
2194
  Curl_cf_def_conn_keep_alive,
2195
  cf_socket_query,
2196
};
2197

2198
CURLcode Curl_conn_tcp_listen_set(struct Curl_easy *data,
2199
                                  struct connectdata *conn,
2200
                                  int sockindex, curl_socket_t *s)
2201
{
2202
  CURLcode result;
2203
  struct Curl_cfilter *cf = NULL;
2204
  struct cf_socket_ctx *ctx = NULL;
2205

2206
  /* replace any existing */
2207
  Curl_conn_cf_discard_all(data, conn, sockindex);
2208
  DEBUGASSERT(conn->sock[sockindex] == CURL_SOCKET_BAD);
2209

2210
  ctx = calloc(1, sizeof(*ctx));
2211
  if(!ctx) {
2212
    result = CURLE_OUT_OF_MEMORY;
2213
    goto out;
2214
  }
2215
  ctx->transport = TRNSPRT_TCP;
2216
  ctx->sock = *s;
2217
  ctx->listening = TRUE;
2218
  ctx->accepted = FALSE;
2219
  result = Curl_cf_create(&cf, &Curl_cft_tcp_accept, ctx);
2220
  if(result)
2221
    goto out;
2222
  Curl_conn_cf_add(data, conn, sockindex, cf);
2223

2224
  ctx->started_at = curlx_now();
2225
  conn->sock[sockindex] = ctx->sock;
2226
  set_local_ip(cf, data);
2227
  CURL_TRC_CF(data, cf, "set filter for listen socket fd=%" FMT_SOCKET_T
2228
              " ip=%s:%d", ctx->sock,
2229
              ctx->ip.local_ip, ctx->ip.local_port);
2230

2231
out:
2232
  if(result) {
2233
    Curl_safefree(cf);
2234
    Curl_safefree(ctx);
2235
  }
2236
  return result;
2237
}
2238

2239
bool Curl_conn_is_tcp_listen(struct Curl_easy *data,
2240
                             int sockindex)
2241
{
2242
  struct Curl_cfilter *cf = data->conn->cfilter[sockindex];
2243
  while(cf) {
2244
    if(cf->cft == &Curl_cft_tcp_accept)
2245
      return TRUE;
2246
    cf = cf->next;
2247
  }
2248
  return FALSE;
2249
}
2250

2251
/**
2252
 * Return TRUE iff `cf` is a socket filter.
2253
 */
2254
static bool cf_is_socket(struct Curl_cfilter *cf)
2255
{
2256
  return cf && (cf->cft == &Curl_cft_tcp ||
2257
                cf->cft == &Curl_cft_udp ||
2258
                cf->cft == &Curl_cft_unix ||
2259
                cf->cft == &Curl_cft_tcp_accept);
2260
}
2261

2262
CURLcode Curl_cf_socket_peek(struct Curl_cfilter *cf,
2263
                             struct Curl_easy *data,
2264
                             curl_socket_t *psock,
2265
                             const struct Curl_sockaddr_ex **paddr,
2266
                             struct ip_quadruple *pip)
2267
{
2268
  (void)data;
2269
  if(cf_is_socket(cf) && cf->ctx) {
2270
    struct cf_socket_ctx *ctx = cf->ctx;
2271

2272
    if(psock)
2273
      *psock = ctx->sock;
2274
    if(paddr)
2275
      *paddr = &ctx->addr;
2276
    if(pip)
2277
      *pip = ctx->ip;
2278
    return CURLE_OK;
2279
  }
2280
  return CURLE_FAILED_INIT;
2281
}
2282

2283