moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-03-11 07:39:50 -04:00
Code Issues Releases Wiki Activity

- Pascal Terjan filed bug #2154627

Browse Source 
(http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl
  uses strcasecmp() in multiple places where it causes failures when the
  Turkish locale is used. This is because 'i' and 'I' isn't the same letter so
  strcasecmp() on those letters are different in Turkish than in English (or
  just about all other languages). I thus introduced a totally new internal
  function in libcurl (called Curl_ascii_equal) for doing case insentive
  comparisons for english-(ascii?) style strings that thus will make "file"
  and "FILE" match even if the Turkish locale is selected.
This commit is contained in:
Daniel Stenberg 2008-10-15 21:43:48 +00:00
parent be760bed7e
commit a579d67064
18 changed files with 118 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
CHANGES
View File

@ -6,6 +6,17 @@
Changelog Changelog
Daniel Stenberg (15 Oct 2008)
- Pascal Terjan filed bug #2154627
(http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl
uses strcasecmp() in multiple places where it causes failures when the
Turkish locale is used. This is because 'i' and 'I' isn't the same letter so
strcasecmp() on those letters are different in Turkish than in English (or
just about all other languages). I thus introduced a totally new internal
function in libcurl (called Curl_ascii_equal) for doing case insentive
comparisons for english-(ascii?) style strings that thus will make "file"
and "FILE" match even if the Turkish locale is selected.
Daniel Fandrich (15 Oct 2008) Daniel Fandrich (15 Oct 2008)
- A <precheck> command is considered to have failed if it returns a non-zero - A <precheck> command is considered to have failed if it returns a non-zero
return code. This way, if the precheck command can't be run at all for return code. This way, if the precheck command can't be run at all for

3
RELEASE-NOTES
View File

@ -37,6 +37,7 @@ This release includes the following bugfixes:
o CURLINFO_PRIMARY_IP fixed for persistent connection re-use cases o CURLINFO_PRIMARY_IP fixed for persistent connection re-use cases
o remove_handle/add_handle multi interface timer callback flaw o remove_handle/add_handle multi interface timer callback flaw
o CURLINFO_REDIRECT_URL memory leak and wrong-doing o CURLINFO_REDIRECT_URL memory leak and wrong-doing
o case insensitive matching works in Turkish too
This release includes the following known bugs: This release includes the following known bugs:
@ -53,6 +54,6 @@ advice from friends like these:
Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin, Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin,
Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller, Rob Crittenden, Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller, Rob Crittenden,
Jamie Lokier, Emanuele Bovisio, Maxim Ivanov, Ian Lynagh, Daniel Egger, Jamie Lokier, Emanuele Bovisio, Maxim Ivanov, Ian Lynagh, Daniel Egger,
Igor Novoseltsev, John Wilkinson Igor Novoseltsev, John Wilkinson, Pascal Terjan
Thanks! (and sorry if I forgot to mention someone) Thanks! (and sorry if I forgot to mention someone)

2
TODO-RELEASE
View File

@ -25,7 +25,5 @@ Patches pending commit:
185 - CURLOPT_PROXYUSER etc 185 - CURLOPT_PROXYUSER etc
186 - strcasecmp in Turkish
188 - 188 -

26
lib/cookie.c
View File

@ -243,14 +243,14 @@ Curl_cookie_add(struct SessionHandle *data,
whatptr++; whatptr++;
} }
if(strequal("path", name)) { if(Curl_ascii_equal("path", name)) {
co->path=strdup(whatptr); co->path=strdup(whatptr);
if(!co->path) { if(!co->path) {
badcookie = TRUE; /* out of memory bad */ badcookie = TRUE; /* out of memory bad */
break; break;
} }
} }
else if(strequal("domain", name)) { else if(Curl_ascii_equal("domain", name)) {
/* note that this name may or may not have a preceeding dot, but /* note that this name may or may not have a preceeding dot, but
we don't care about that, we treat the names the same anyway */ we don't care about that, we treat the names the same anyway */
@ -315,14 +315,14 @@ Curl_cookie_add(struct SessionHandle *data,
} }
} }
} }
else if(strequal("version", name)) { else if(Curl_ascii_equal("version", name)) {
co->version=strdup(whatptr); co->version=strdup(whatptr);
if(!co->version) { if(!co->version) {
badcookie = TRUE; badcookie = TRUE;
break; break;
} }
} }
else if(strequal("max-age", name)) { else if(Curl_ascii_equal("max-age", name)) {
/* Defined in RFC2109: /* Defined in RFC2109:
Optional. The Max-Age attribute defines the lifetime of the Optional. The Max-Age attribute defines the lifetime of the
@ -341,7 +341,7 @@ Curl_cookie_add(struct SessionHandle *data,
atoi((*co->maxage=='\"')?&co->maxage[1]:&co->maxage[0]) + atoi((*co->maxage=='\"')?&co->maxage[1]:&co->maxage[0]) +
(long)now; (long)now;
} }
else if(strequal("expires", name)) { else if(Curl_ascii_equal("expires", name)) {
co->expirestr=strdup(whatptr); co->expirestr=strdup(whatptr);
if(!co->expirestr) { if(!co->expirestr) {
badcookie = TRUE; badcookie = TRUE;
@ -371,10 +371,10 @@ Curl_cookie_add(struct SessionHandle *data,
else { else {
if(sscanf(ptr, "%" MAX_COOKIE_LINE_TXT "[^;\r\n]", if(sscanf(ptr, "%" MAX_COOKIE_LINE_TXT "[^;\r\n]",
what)) { what)) {
if(strequal("secure", what)) { if(Curl_ascii_equal("secure", what)) {
co->secure = TRUE; co->secure = TRUE;
} }
else if (strequal("httponly", what)) { else if (Curl_ascii_equal("httponly", what)) {
co->httponly = TRUE; co->httponly = TRUE;
} }
/* else, /* else,
@ -498,7 +498,7 @@ Curl_cookie_add(struct SessionHandle *data,
As far as I can see, it is set to true when the cookie says As far as I can see, it is set to true when the cookie says
.domain.com and to false when the domain is complete www.domain.com .domain.com and to false when the domain is complete www.domain.com
*/ */
co->tailmatch=(bool)strequal(ptr, "TRUE"); /* store information */ co->tailmatch=(bool)Curl_ascii_equal(ptr, "TRUE"); /* store information */
break; break;
case 2: case 2:
/* It turns out, that sometimes the file format allows the path /* It turns out, that sometimes the file format allows the path
@ -518,7 +518,7 @@ Curl_cookie_add(struct SessionHandle *data,
fields++; /* add a field and fall down to secure */ fields++; /* add a field and fall down to secure */
/* FALLTHROUGH */ /* FALLTHROUGH */
case 3: case 3:
co->secure = (bool)strequal(ptr, "TRUE"); co->secure = (bool)Curl_ascii_equal(ptr, "TRUE");
break; break;
case 4: case 4:
co->expires = curlx_strtoofft(ptr, NULL, 10); co->expires = curlx_strtoofft(ptr, NULL, 10);
@ -571,11 +571,11 @@ Curl_cookie_add(struct SessionHandle *data,
clist = c->cookies; clist = c->cookies;
replace_old = FALSE; replace_old = FALSE;
while(clist) { while(clist) {
if(strequal(clist->name, co->name)) { if(Curl_ascii_equal(clist->name, co->name)) {
/* the names are identical */ /* the names are identical */
if(clist->domain && co->domain) { if(clist->domain && co->domain) {
if(strequal(clist->domain, co->domain)) if(Curl_ascii_equal(clist->domain, co->domain))
/* The domains are identical */ /* The domains are identical */
replace_old=TRUE; replace_old=TRUE;
} }
@ -586,7 +586,7 @@ Curl_cookie_add(struct SessionHandle *data,
/* the domains were identical */ /* the domains were identical */
if(clist->path && co->path) { if(clist->path && co->path) {
if(strequal(clist->path, co->path)) { if(Curl_ascii_equal(clist->path, co->path)) {
replace_old = TRUE; replace_old = TRUE;
} }
else else
@ -778,7 +778,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
/* now check if the domain is correct */ /* now check if the domain is correct */
if(!co->domain || if(!co->domain ||
(co->tailmatch && tailmatch(co->domain, host)) || (co->tailmatch && tailmatch(co->domain, host)) ||
(!co->tailmatch && strequal(host, co->domain)) ) { (!co->tailmatch && Curl_ascii_equal(host, co->domain)) ) {
/* the right part of the host matches the domain stuff in the /* the right part of the host matches the domain stuff in the
cookie data */ cookie data */

3
lib/curlx.h
View File

@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -65,6 +65,7 @@
#define curlx_getenv curl_getenv #define curlx_getenv curl_getenv
#define curlx_strequal curl_strequal #define curlx_strequal curl_strequal
#define curlx_strnequal curl_strnequal #define curlx_strnequal curl_strnequal
#define curlx_ascii_equal Curl_ascii_equal
#define curlx_mvsnprintf curl_mvsnprintf #define curlx_mvsnprintf curl_mvsnprintf
#define curlx_msnprintf curl_msnprintf #define curlx_msnprintf curl_msnprintf
#define curlx_maprintf curl_maprintf #define curlx_maprintf curl_maprintf

4
lib/gtls.c
View File

@ -223,9 +223,9 @@ static gnutls_x509_crt_fmt do_file_type(const char *type)
{ {
if(!type || !type[0]) if(!type || !type[0])
return GNUTLS_X509_FMT_PEM; return GNUTLS_X509_FMT_PEM;
if(curl_strequal(type, "PEM")) if(Curl_ascii_equal(type, "PEM"))
return GNUTLS_X509_FMT_PEM; return GNUTLS_X509_FMT_PEM;
if(curl_strequal(type, "DER")) if(Curl_ascii_equal(type, "DER"))
return GNUTLS_X509_FMT_DER; return GNUTLS_X509_FMT_DER;
return -1; return -1;
} }

4
lib/http.c
View File

@ -613,7 +613,7 @@ http_output_auth(struct connectdata *conn,
if(!data->state.this_is_a_follow || if(!data->state.this_is_a_follow ||
conn->bits.netrc || conn->bits.netrc ||
!data->state.first_host || !data->state.first_host ||
curl_strequal(data->state.first_host, conn->host.name) || Curl_ascii_equal(data->state.first_host, conn->host.name) ||
data->set.http_disable_hostname_check_before_authentication) { data->set.http_disable_hostname_check_before_authentication) {
/* Send web authentication header if needed */ /* Send web authentication header if needed */
@ -2185,7 +2185,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
ptr = checkheaders(data, "Host:"); ptr = checkheaders(data, "Host:");
if(ptr && (!data->state.this_is_a_follow || if(ptr && (!data->state.this_is_a_follow ||
curl_strequal(data->state.first_host, conn->host.name))) { Curl_ascii_equal(data->state.first_host, conn->host.name))) {
#if !defined(CURL_DISABLE_COOKIES) #if !defined(CURL_DISABLE_COOKIES)
/* If we have a given custom Host: header, we extract the host name in /* If we have a given custom Host: header, we extract the host name in
order to possibly use it for cookie reasons later on. We only allow the order to possibly use it for cookie reasons later on. We only allow the

26
lib/http_digest.c
View File

@ -110,28 +110,28 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
*/ */
content[0]=0; content[0]=0;
} }
if(strequal(value, "nonce")) { if(Curl_ascii_equal(value, "nonce")) {
d->nonce = strdup(content); d->nonce = strdup(content);
if(!d->nonce) if(!d->nonce)
return CURLDIGEST_NOMEM; return CURLDIGEST_NOMEM;
} }
else if(strequal(value, "stale")) { else if(Curl_ascii_equal(value, "stale")) {
if(strequal(content, "true")) { if(Curl_ascii_equal(content, "true")) {
d->stale = TRUE; d->stale = TRUE;
d->nc = 1; /* we make a new nonce now */ d->nc = 1; /* we make a new nonce now */
} }
} }
else if(strequal(value, "realm")) { else if(Curl_ascii_equal(value, "realm")) {
d->realm = strdup(content); d->realm = strdup(content);
if(!d->realm) if(!d->realm)
return CURLDIGEST_NOMEM; return CURLDIGEST_NOMEM;
} }
else if(strequal(value, "opaque")) { else if(Curl_ascii_equal(value, "opaque")) {
d->opaque = strdup(content); d->opaque = strdup(content);
if(!d->opaque) if(!d->opaque)
return CURLDIGEST_NOMEM; return CURLDIGEST_NOMEM;
} }
else if(strequal(value, "qop")) { else if(Curl_ascii_equal(value, "qop")) {
char *tok_buf; char *tok_buf;
/* tokenize the list and choose auth if possible, use a temporary /* tokenize the list and choose auth if possible, use a temporary
clone of the buffer since strtok_r() ruins it */ clone of the buffer since strtok_r() ruins it */
@ -140,10 +140,10 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
return CURLDIGEST_NOMEM; return CURLDIGEST_NOMEM;
token = strtok_r(tmp, ",", &tok_buf); token = strtok_r(tmp, ",", &tok_buf);
while(token != NULL) { while(token != NULL) {
if(strequal(token, "auth")) { if(Curl_ascii_equal(token, "auth")) {
foundAuth = TRUE; foundAuth = TRUE;
} }
else if(strequal(token, "auth-int")) { else if(Curl_ascii_equal(token, "auth-int")) {
foundAuthInt = TRUE; foundAuthInt = TRUE;
} }
token = strtok_r(NULL, ",", &tok_buf); token = strtok_r(NULL, ",", &tok_buf);
@ -161,13 +161,13 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
return CURLDIGEST_NOMEM; return CURLDIGEST_NOMEM;
} }
} }
else if(strequal(value, "algorithm")) { else if(Curl_ascii_equal(value, "algorithm")) {
d->algorithm = strdup(content); d->algorithm = strdup(content);
if(!d->algorithm) if(!d->algorithm)
return CURLDIGEST_NOMEM; return CURLDIGEST_NOMEM;
if(strequal(content, "MD5-sess")) if(Curl_ascii_equal(content, "MD5-sess"))
d->algo = CURLDIGESTALGO_MD5SESS; d->algo = CURLDIGESTALGO_MD5SESS;
else if(strequal(content, "MD5")) else if(Curl_ascii_equal(content, "MD5"))
d->algo = CURLDIGESTALGO_MD5; d->algo = CURLDIGESTALGO_MD5;
else else
return CURLDIGEST_BADALGO; return CURLDIGEST_BADALGO;
@ -362,7 +362,7 @@ CURLcode Curl_output_digest(struct connectdata *conn,
return CURLE_OUT_OF_MEMORY; return CURLE_OUT_OF_MEMORY;
} }
if(d->qop && strequal(d->qop, "auth-int")) { if(d->qop && Curl_ascii_equal(d->qop, "auth-int")) {
/* We don't support auth-int at the moment. I can't see a easy way to get /* We don't support auth-int at the moment. I can't see a easy way to get
entity-body here */ entity-body here */
/* TODO: Append H(entity-body)*/ /* TODO: Append H(entity-body)*/
@ -423,7 +423,7 @@ CURLcode Curl_output_digest(struct connectdata *conn,
d->qop, d->qop,
request_digest); request_digest);
if(strequal(d->qop, "auth")) if(Curl_ascii_equal(d->qop, "auth"))
d->nc++; /* The nc (from RFC) has to be a 8 hex digit number 0 padded d->nc++; /* The nc (from RFC) has to be a 8 hex digit number 0 padded
which tells to the server how many times you are using the which tells to the server how many times you are using the
same nonce in the qop=auth mode. */ same nonce in the qop=auth mode. */

6
lib/ldap.c
View File

@ -198,7 +198,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done)
} }
/* Get the URL scheme ( either ldap or ldaps ) */ /* Get the URL scheme ( either ldap or ldaps ) */
if(strequal(conn->protostr, "LDAPS")) if(Curl_ascii_equal(conn->protostr, "LDAPS"))
ldap_ssl = 1; ldap_ssl = 1;
infof(data, "LDAP local: trying to establish %s connection\n", infof(data, "LDAP local: trying to establish %s connection\n",
ldap_ssl ? "encrypted" : "cleartext"); ldap_ssl ? "encrypted" : "cleartext");
@ -228,7 +228,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done)
/* Novell SDK supports DER or BASE64 files. */ /* Novell SDK supports DER or BASE64 files. */
int cert_type = LDAPSSL_CERT_FILETYPE_B64; int cert_type = LDAPSSL_CERT_FILETYPE_B64;
if((data->set.str[STRING_CERT_TYPE]) && if((data->set.str[STRING_CERT_TYPE]) &&
(strequal(data->set.str[STRING_CERT_TYPE], "DER"))) (Curl_ascii_equal(data->set.str[STRING_CERT_TYPE], "DER")))
cert_type = LDAPSSL_CERT_FILETYPE_DER; cert_type = LDAPSSL_CERT_FILETYPE_DER;
if(!ldap_ca) { if(!ldap_ca) {
failf(data, "LDAP local: ERROR %s CA cert not set!", failf(data, "LDAP local: ERROR %s CA cert not set!",
@ -269,7 +269,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done)
if(data->set.ssl.verifypeer) { if(data->set.ssl.verifypeer) {
/* OpenLDAP SDK supports BASE64 files. */ /* OpenLDAP SDK supports BASE64 files. */
if((data->set.str[STRING_CERT_TYPE]) && if((data->set.str[STRING_CERT_TYPE]) &&
(!strequal(data->set.str[STRING_CERT_TYPE], "PEM"))) { (!Curl_ascii_equal(data->set.str[STRING_CERT_TYPE], "PEM"))) {
failf(data, "LDAP local: ERROR OpenLDAP does only support PEM cert-type!"); failf(data, "LDAP local: ERROR OpenLDAP does only support PEM cert-type!");
status = CURLE_SSL_CERTPROBLEM; status = CURLE_SSL_CERTPROBLEM;
goto quit; goto quit;

14
lib/netrc.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -155,7 +155,7 @@ int Curl_parsenetrc(const char *host,
switch(state) { switch(state) {
case NOTHING: case NOTHING:
if(strequal("machine", tok)) { if(Curl_ascii_equal("machine", tok)) {
/* the next tok is the machine name, this is in itself the /* the next tok is the machine name, this is in itself the
delimiter that starts the stuff entered for this machine, delimiter that starts the stuff entered for this machine,
after this we need to search for 'login' and after this we need to search for 'login' and
@ -164,7 +164,7 @@ int Curl_parsenetrc(const char *host,
} }
break; break;
case HOSTFOUND: case HOSTFOUND:
if(strequal(host, tok)) { if(Curl_ascii_equal(host, tok)) {
/* and yes, this is our host! */ /* and yes, this is our host! */
state=HOSTVALID; state=HOSTVALID;
#ifdef _NETRC_DEBUG #ifdef _NETRC_DEBUG
@ -180,7 +180,7 @@ int Curl_parsenetrc(const char *host,
/* we are now parsing sub-keywords concerning "our" host */ /* we are now parsing sub-keywords concerning "our" host */
if(state_login) { if(state_login) {
if(specific_login) { if(specific_login) {
state_our_login = strequal(login, tok); state_our_login = Curl_ascii_equal(login, tok);
} }
else { else {
strncpy(login, tok, LOGINSIZE-1); strncpy(login, tok, LOGINSIZE-1);
@ -199,11 +199,11 @@ int Curl_parsenetrc(const char *host,
} }
state_password=0; state_password=0;
} }
else if(strequal("login", tok)) else if(Curl_ascii_equal("login", tok))
state_login=1; state_login=1;
else if(strequal("password", tok)) else if(Curl_ascii_equal("password", tok))
state_password=1; state_password=1;
else if(strequal("machine", tok)) { else if(Curl_ascii_equal("machine", tok)) {
/* ok, there's machine here go => */ /* ok, there's machine here go => */
state = HOSTFOUND; state = HOSTFOUND;
state_our_login = FALSE; state_our_login = FALSE;

3
lib/nss.c
View File

@ -43,7 +43,6 @@
#include "strequal.h" #include "strequal.h"
#include "select.h" #include "select.h"
#include "sslgen.h" #include "sslgen.h"
#include "strequal.h"
#define _MPRINTF_REPLACE /* use the internal *printf() functions */ #define _MPRINTF_REPLACE /* use the internal *printf() functions */
#include <curl/mprintf.h> #include <curl/mprintf.h>
@ -202,7 +201,7 @@ static SECStatus set_ciphers(struct SessionHandle *data, PRFileDesc * model,
found = PR_FALSE; found = PR_FALSE;
for(i=0; i<NUM_OF_CIPHERS; i++) { for(i=0; i<NUM_OF_CIPHERS; i++) {
if(strequal(cipher, cipherlist[i].name)) { if(Curl_ascii_equal(cipher, cipherlist[i].name)) {
cipher_state[i] = PR_TRUE; cipher_state[i] = PR_TRUE;
found = PR_TRUE; found = PR_TRUE;
break; break;

7
lib/parsedate.c
View File

@ -83,6 +83,7 @@
#endif #endif
#include <curl/curl.h> #include <curl/curl.h>
#include "strequal.h"
#include "parsedate.h" #include "parsedate.h"
const char * const Curl_wkday[] = const char * const Curl_wkday[] =
@ -163,7 +164,7 @@ static int checkday(const char *check, size_t len)
else else
what = &Curl_wkday[0]; what = &Curl_wkday[0];
for(i=0; i<7; i++) { for(i=0; i<7; i++) {
if(curl_strequal(check, what[0])) { if(Curl_ascii_equal(check, what[0])) {
found=TRUE; found=TRUE;
break; break;
} }
@ -180,7 +181,7 @@ static int checkmonth(const char *check)
what = &Curl_month[0]; what = &Curl_month[0];
for(i=0; i<12; i++) { for(i=0; i<12; i++) {
if(curl_strequal(check, what[0])) { if(Curl_ascii_equal(check, what[0])) {
found=TRUE; found=TRUE;
break; break;
} }
@ -200,7 +201,7 @@ static int checktz(const char *check)
what = tz; what = tz;
for(i=0; i< sizeof(tz)/sizeof(tz[0]); i++) { for(i=0; i< sizeof(tz)/sizeof(tz[0]); i++) {
if(curl_strequal(check, what->name)) { if(Curl_ascii_equal(check, what->name)) {
found=TRUE; found=TRUE;
break; break;
} }

10
lib/ssluse.c
View File

@ -284,13 +284,13 @@ static int do_file_type(const char *type)
{ {
if(!type || !type[0]) if(!type || !type[0])
return SSL_FILETYPE_PEM; return SSL_FILETYPE_PEM;
if(curl_strequal(type, "PEM")) if(Curl_ascii_equal(type, "PEM"))
return SSL_FILETYPE_PEM; return SSL_FILETYPE_PEM;
if(curl_strequal(type, "DER")) if(Curl_ascii_equal(type, "DER"))
return SSL_FILETYPE_ASN1; return SSL_FILETYPE_ASN1;
if(curl_strequal(type, "ENG")) if(Curl_ascii_equal(type, "ENG"))
return SSL_FILETYPE_ENGINE; return SSL_FILETYPE_ENGINE;
if(curl_strequal(type, "P12")) if(Curl_ascii_equal(type, "P12"))
return SSL_FILETYPE_PKCS12; return SSL_FILETYPE_PKCS12;
return -1; return -1;
} }
@ -1010,7 +1010,7 @@ cert_hostcheck(const char *match_pattern, const char *hostname)
!hostname || !*hostname) /* sanity check */ !hostname || !*hostname) /* sanity check */
return 0; return 0;
if(curl_strequal(hostname,match_pattern)) /* trivial case */ if(Curl_ascii_equal(hostname, match_pattern)) /* trivial case */
return 1; return 1;
if(hostmatch(hostname,match_pattern) == HOST_MATCH) if(hostmatch(hostname,match_pattern) == HOST_MATCH)

24
lib/strequal.c
View File

@ -76,6 +76,30 @@ int curl_strnequal(const char *first, const char *second, size_t max)
#endif #endif
} }
/*
* Curl_ascii_equal() is for doing "ascii" case insensitive strings. This is
* meant to be locale independent and only compare strings we know are safe
* for this.
* See http://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/ for some
* further explanation to why this function is necessary.
*/
#define TOASCIIUPPER(x) ((((x) >= 'a') && ((x) <= 'z'))?((x) - 0x20):(x))
int Curl_ascii_equal(const char *first, const char *second)
{
while(*first && *second) {
if(! (TOASCIIUPPER(*first) == TOASCIIUPPER(*second)))
/* get out of the loop as soon as they don't match */
break;
first++;
second++;
}
/* we do the comparison here (possibly again), just to make sure that if the
loop above is skipped because one of the strings reached zero, we must not
return this as a successful match */
return (TOASCIIUPPER(*first) == TOASCIIUPPER(*second));
}
#ifndef HAVE_STRLCAT #ifndef HAVE_STRLCAT
/* /*
* The strlcat() function appends the NUL-terminated string src to the end * The strlcat() function appends the NUL-terminated string src to the end

6
lib/strequal.h
View File

@ -32,6 +32,12 @@
argument is zero-byte terminated */ argument is zero-byte terminated */
#define checkprefix(a,b) strnequal(a,b,strlen(a)) #define checkprefix(a,b) strnequal(a,b,strlen(a))
/*
* Curl_ascii_equal() is for doing "ascii" case insensitive strings. This is
* meant to be locale independent and only compare strings we know are safe
* for this.
*/
int Curl_ascii_equal(const char *first, const char *second);
#ifndef HAVE_STRLCAT #ifndef HAVE_STRLCAT
#define strlcat(x,y,z) Curl_strlcat(x,y,z) #define strlcat(x,y,z) Curl_strlcat(x,y,z)

8
lib/telnet.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -833,7 +833,7 @@ static CURLcode check_telnet_options(struct connectdata *conn)
option_keyword, option_arg) == 2) { option_keyword, option_arg) == 2) {
/* Terminal type */ /* Terminal type */
if(curl_strequal(option_keyword, "TTYPE")) { if(Curl_ascii_equal(option_keyword, "TTYPE")) {
strncpy(tn->subopt_ttype, option_arg, 31); strncpy(tn->subopt_ttype, option_arg, 31);
tn->subopt_ttype[31] = 0; /* String termination */ tn->subopt_ttype[31] = 0; /* String termination */
tn->us_preferred[CURL_TELOPT_TTYPE] = CURL_YES; tn->us_preferred[CURL_TELOPT_TTYPE] = CURL_YES;
@ -841,7 +841,7 @@ static CURLcode check_telnet_options(struct connectdata *conn)
} }
/* Display variable */ /* Display variable */
if(curl_strequal(option_keyword, "XDISPLOC")) { if(Curl_ascii_equal(option_keyword, "XDISPLOC")) {
strncpy(tn->subopt_xdisploc, option_arg, 127); strncpy(tn->subopt_xdisploc, option_arg, 127);
tn->subopt_xdisploc[127] = 0; /* String termination */ tn->subopt_xdisploc[127] = 0; /* String termination */
tn->us_preferred[CURL_TELOPT_XDISPLOC] = CURL_YES; tn->us_preferred[CURL_TELOPT_XDISPLOC] = CURL_YES;
@ -849,7 +849,7 @@ static CURLcode check_telnet_options(struct connectdata *conn)
} }
/* Environment variable */ /* Environment variable */
if(curl_strequal(option_keyword, "NEW_ENV")) { if(Curl_ascii_equal(option_keyword, "NEW_ENV")) {
buf = strdup(option_arg); buf = strdup(option_arg);
if(!buf) if(!buf)
return CURLE_OUT_OF_MEMORY; return CURLE_OUT_OF_MEMORY;

24
lib/url.c
View File

@ -1216,17 +1216,17 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
if(argptr == NULL) if(argptr == NULL)
break; break;
if(strequal(argptr, "ALL")) { if(Curl_ascii_equal(argptr, "ALL")) {
/* clear all cookies */ /* clear all cookies */
Curl_cookie_clearall(data->cookies); Curl_cookie_clearall(data->cookies);
break; break;
} }
else if(strequal(argptr, "SESS")) { else if(Curl_ascii_equal(argptr, "SESS")) {
/* clear session cookies */ /* clear session cookies */
Curl_cookie_clearsess(data->cookies); Curl_cookie_clearsess(data->cookies);
break; break;
} }
else if(strequal(argptr, "FLUSH")) { else if(Curl_ascii_equal(argptr, "FLUSH")) {
/* flush cookies to file */ /* flush cookies to file */
flush_cookies(data, 0); flush_cookies(data, 0);
break; break;
@ -2496,14 +2496,14 @@ ConnectionExists(struct SessionHandle *data,
if(!needle->bits.httpproxy || needle->protocol&PROT_SSL || if(!needle->bits.httpproxy || needle->protocol&PROT_SSL ||
(needle->bits.httpproxy && check->bits.httpproxy && (needle->bits.httpproxy && check->bits.httpproxy &&
needle->bits.tunnel_proxy && check->bits.tunnel_proxy && needle->bits.tunnel_proxy && check->bits.tunnel_proxy &&
strequal(needle->proxy.name, check->proxy.name) && Curl_ascii_equal(needle->proxy.name, check->proxy.name) &&
(needle->port == check->port))) { (needle->port == check->port))) {
/* The requested connection does not use a HTTP proxy or it uses SSL or /* The requested connection does not use a HTTP proxy or it uses SSL or
it is a non-SSL protocol tunneled over the same http proxy name and it is a non-SSL protocol tunneled over the same http proxy name and
port number */ port number */
if(strequal(needle->protostr, check->protostr) && if(Curl_ascii_equal(needle->protostr, check->protostr) &&
strequal(needle->host.name, check->host.name) && Curl_ascii_equal(needle->host.name, check->host.name) &&
(needle->remote_port == check->remote_port) ) { (needle->remote_port == check->remote_port) ) {
if(needle->protocol & PROT_SSL) { if(needle->protocol & PROT_SSL) {
/* This is SSL, verify that we're using the same /* This is SSL, verify that we're using the same
@ -2542,7 +2542,7 @@ ConnectionExists(struct SessionHandle *data,
is the checked one using the same host, port and type? */ is the checked one using the same host, port and type? */
if(check->bits.proxy && if(check->bits.proxy &&
(needle->proxytype == check->proxytype) && (needle->proxytype == check->proxytype) &&
strequal(needle->proxy.name, check->proxy.name) && Curl_ascii_equal(needle->proxy.name, check->proxy.name) &&
needle->port == check->port) { needle->port == check->port) {
/* This is the same proxy connection, use it! */ /* This is the same proxy connection, use it! */
match = TRUE; match = TRUE;
@ -3021,7 +3021,7 @@ static CURLcode ParseURLAndFillConnection(struct SessionHandle *data,
************************************************************/ ************************************************************/
if((2 == sscanf(data->change.url, "%15[^:]:%[^\n]", if((2 == sscanf(data->change.url, "%15[^:]:%[^\n]",
conn->protostr, conn->protostr,
path)) && strequal(conn->protostr, "file")) { path)) && Curl_ascii_equal(conn->protostr, "file")) {
if(path[0] == '/' && path[1] == '/') { if(path[0] == '/' && path[1] == '/') {
/* Allow omitted hostname (e.g. file:/<path>). This is not strictly /* Allow omitted hostname (e.g. file:/<path>). This is not strictly
* speaking a valid file: URL by RFC 1738, but treating file:/<path> as * speaking a valid file: URL by RFC 1738, but treating file:/<path> as
@ -3256,7 +3256,7 @@ static CURLcode setup_connection_internals(struct SessionHandle *data,
/* Scan protocol handler table. */ /* Scan protocol handler table. */
for (pp = protocols; (p = *pp) != NULL; pp++) for (pp = protocols; (p = *pp) != NULL; pp++)
if(strequal(p->scheme, conn->protostr)) { if(Curl_ascii_equal(p->scheme, conn->protostr)) {
/* Protocol found in table. Perform setup complement if some. */ /* Protocol found in table. Perform setup complement if some. */
conn->handler = p; conn->handler = p;
@ -3370,7 +3370,7 @@ static char *detect_proxy(struct connectdata *conn)
* This can cause 'internal' http/ftp requests to be * This can cause 'internal' http/ftp requests to be
* arbitrarily redirected by any external attacker. * arbitrarily redirected by any external attacker.
*/ */
if(!prox && !strequal("http_proxy", proxy_env)) { if(!prox && !Curl_ascii_equal("http_proxy", proxy_env)) {
/* There was no lowercase variable, try the uppercase version: */ /* There was no lowercase variable, try the uppercase version: */
for(envp = proxy_env; *envp; envp++) for(envp = proxy_env; *envp; envp++)
*envp = (char)toupper((int)*envp); *envp = (char)toupper((int)*envp);
@ -3691,8 +3691,8 @@ static CURLcode parse_remote_port(struct SessionHandle *data,
if(conn->bits.httpproxy) { if(conn->bits.httpproxy) {
/* we need to create new URL with the new port number */ /* we need to create new URL with the new port number */
char *url; char *url;
bool isftp = (bool)(strequal("ftp", conn->protostr) || bool isftp = (bool)(Curl_ascii_equal("ftp", conn->protostr) ||
strequal("ftps", conn->protostr)); Curl_ascii_equal("ftps", conn->protostr));
/* /*
* This synthesized URL isn't always right--suffixes like ;type=A * This synthesized URL isn't always right--suffixes like ;type=A

14
src/main.c
View File

@ -1501,11 +1501,11 @@ static ParameterError add2list(struct curl_slist **list,
static int ftpfilemethod(struct Configurable *config, const char *str) static int ftpfilemethod(struct Configurable *config, const char *str)
{ {
if(curlx_strequal("singlecwd", str)) if(curlx_ascii_equal("singlecwd", str))
return CURLFTPMETHOD_SINGLECWD; return CURLFTPMETHOD_SINGLECWD;
if(curlx_strequal("nocwd", str)) if(curlx_ascii_equal("nocwd", str))
return CURLFTPMETHOD_NOCWD; return CURLFTPMETHOD_NOCWD;
if(curlx_strequal("multicwd", str)) if(curlx_ascii_equal("multicwd", str))
return CURLFTPMETHOD_MULTICWD; return CURLFTPMETHOD_MULTICWD;
warnf(config, "unrecognized ftp file method '%s', using default\n", str); warnf(config, "unrecognized ftp file method '%s', using default\n", str);
return CURLFTPMETHOD_MULTICWD; return CURLFTPMETHOD_MULTICWD;
@ -1513,9 +1513,9 @@ static int ftpfilemethod(struct Configurable *config, const char *str)
static int ftpcccmethod(struct Configurable *config, const char *str) static int ftpcccmethod(struct Configurable *config, const char *str)
{ {
if(curlx_strequal("passive", str)) if(curlx_ascii_equal("passive", str))
return CURLFTPSSL_CCC_PASSIVE; return CURLFTPSSL_CCC_PASSIVE;
if(curlx_strequal("active", str)) if(curlx_ascii_equal("active", str))
return CURLFTPSSL_CCC_ACTIVE; return CURLFTPSSL_CCC_ACTIVE;
warnf(config, "unrecognized ftp CCC method '%s', using default\n", str); warnf(config, "unrecognized ftp CCC method '%s', using default\n", str);
return CURLFTPSSL_CCC_PASSIVE; return CURLFTPSSL_CCC_PASSIVE;
@ -1765,7 +1765,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
if(curlx_strnequal(aliases[j].lname, word, fnam)) { if(curlx_strnequal(aliases[j].lname, word, fnam)) {
longopt = TRUE; longopt = TRUE;
numhits++; numhits++;
if(curlx_strequal(aliases[j].lname, word)) { if(curlx_ascii_equal(aliases[j].lname, word)) {
parse = aliases[j].letter; parse = aliases[j].letter;
hit = j; hit = j;
numhits = 1; /* a single unique hit */ numhits = 1; /* a single unique hit */
@ -2450,7 +2450,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
break; break;
case 'f': /* crypto engine */ case 'f': /* crypto engine */
GetStr(&config->engine, nextarg); GetStr(&config->engine, nextarg);
if (config->engine && curlx_strequal(config->engine,"list")) if (config->engine && curlx_ascii_equal(config->engine,"list"))
config->list_engines = TRUE; config->list_engines = TRUE;
break; break;
case 'g': /* CA info PEM file */ case 'g': /* CA info PEM file */