From a4ebf5b507490ceac7d741c4462ad162629a4bae Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 8 Aug 2006 21:12:49 +0000 Subject: [PATCH] Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs on a persistent connection and allowed the first to use that header, you could not disable it for the second request. --- CHANGES | 11 +++++++++++ RELEASE-NOTES | 20 +++----------------- lib/http.c | 4 +++- lib/transfer.c | 4 ++-- lib/urldata.h | 3 ++- 5 files changed, 21 insertions(+), 21 deletions(-) diff --git a/CHANGES b/CHANGES index a6cf4b612..7c26de63c 100644 --- a/CHANGES +++ b/CHANGES @@ -6,6 +6,17 @@ Changelog +Daniel (8 August 2006) +- Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs + on a persistent connection and allowed the first to use that header, you + could not disable it for the second request. + +Daniel (7 August 2006) +- Domenico Andreolfound a quick build error which happened because + src/config.h.in was not a proper duplcate of lib/config.h.in which it + should've been and this was due to the maketgz script not doing the cp + properly. + Version 7.15.5 (7 August 2006) Daniel (2 August 2006) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 32d3f46a7..69cd3fb38 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -9,28 +9,14 @@ Curl and libcurl 7.15.6 Number of known libcurl bindings: 32 Number of contributors: 515 -This release includes the following changes: - - o - This release includes the following bugfixes: - o - -Other curl-related news: - - o - -New curl mirrors: - - o + o "Expect: 100-continue" disable on second POST on re-used connection + o src/config.h.in is fixed This release would not have looked like this without help, code, reports and advice from friends like these: - Dan Fandrich, Peter Silva, Arve Knudsen, Michael Wallner, Toshiyuki Maezawa, - Ingmar Runge, Ates Goral, David McCreedy, Jari Sundell, Georg Horn, - Gisle Vanem, Yang Tse, Michael Jerris, Dan Nelson, Yves Lejeune, - Maciej Karpiuk, Mark Lentczner + Domenico Andreoli Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/http.c b/lib/http.c index 512b17312..310c0a617 100644 --- a/lib/http.c +++ b/lib/http.c @@ -1516,6 +1516,8 @@ static CURLcode expect100(struct SessionHandle *data, send_buffer *req_buffer) { CURLcode result = CURLE_OK; + data->state.expect100header = FALSE; /* default to false unless it is set + to TRUE below */ if((data->set.httpversion != CURL_HTTP_VERSION_1_0) && !checkheaders(data, "Expect:")) { /* if not doing HTTP 1.0 or disabled explicitly, we add a Expect: @@ -1525,7 +1527,7 @@ static CURLcode expect100(struct SessionHandle *data, result = add_bufferf(req_buffer, "Expect: 100-continue\r\n"); if(result == CURLE_OK) - data->set.expect100header = TRUE; + data->state.expect100header = TRUE; } return result; } diff --git a/lib/transfer.c b/lib/transfer.c index abcba2fcd..814940f8f 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -1532,14 +1532,14 @@ CURLcode Curl_readwrite_init(struct connectdata *conn) Thus, we must check if the request has been sent before we set the state info where we wait for the 100-return code */ - if (data->set.expect100header && + if (data->state.expect100header && (conn->proto.http->sending == HTTPSEND_BODY)) { /* wait with write until we either got 100-continue or a timeout */ k->write_after_100_header = TRUE; k->start100 = k->start; } else { - if(data->set.expect100header) + if(data->state.expect100header) /* when we've sent off the rest of the headers, we must await a 100-continue */ k->wait100_after_headers = TRUE; diff --git a/lib/urldata.h b/lib/urldata.h index c804105b6..f1d14a6c0 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -940,6 +940,8 @@ struct UrlState { /* set after initial USER failure, to prevent an authentication loop */ bool ftp_trying_alternative; + bool expect100header; /* TRUE if we added Expect: 100-continue */ + #ifndef WIN32 /* do FTP line-end conversions on most platforms */ #define CURL_DO_LINEEND_CONV @@ -1135,7 +1137,6 @@ struct UserDefined { bool krb4; /* kerberos4 connection requested */ bool reuse_forbid; /* forbidden to be reused, close after use */ bool reuse_fresh; /* do not re-use an existing connection */ - bool expect100header; /* TRUE if we added Expect: 100-continue */ bool ftp_use_epsv; /* if EPSV is to be attempted or not */ bool ftp_use_eprt; /* if EPRT is to be attempted or not */ curl_ftpssl ftp_ssl; /* if AUTH TLS is to be attempted etc */