cURL / Mailing Lists / curl-library / Single Mail

curl-library

small logic error with CURLOPT_NOPROXY, and a patch...

From: Alexander Beedie <ayembee_at_gmail.com>
Date: Fri, 19 Jun 2009 01:52:54 +0900

If I have set CURLOPT_NOPROXY to "*", or to a host that should not use a
proxy, I actually can still end up using a proxy; in the source file
"lib\url.c" we have this code sequence (around line 4380):

if(!proxy)
  proxy = detect_proxy(conn);
else if(data->set.str[STRING_NOPROXY]) {
  if(check_noproxy(conn->host.name, data->set.str[STRING_NOPROXY])) {
    free(proxy); /* proxy is in exception list */
   proxy = NULL;
  }
}

Let's illustrate the problem:

* I explicitly set CURLOPT_NOPROXY to "*"
* Consequently I don't bother to set CURLOPT_PROXY.
* BUT my environment variables have a value for HTTP_proxy.

So, coming into the block of code above we now have the following: proxy is
NULL (I never set it because I have indicated I want to ignore all proxies),
so !proxy sends me into the 'detect_proxy' sub, finds my environment
variable, and returns me a proxy. Gah! I now have a proxy I don't want, and
'check_noproxy' won't run as I'm in the other half of the IF/ELSE.

The following patch should address the problem.
First check if STRING_NOPROXY is set and if we need to honour it; if so,
ensure proxy is set to NULL.
Only if we are not explicitly ignoring the proxy, and proxy has not yet been
set, will we need to call 'detect_proxy'.

Looks reasonable?

--- C:/...url.c Thu Jun 18 13:48:41 2009
+++ C:/...url.c.new Thu Jun 18 13:43:15 2009
@@ -4376,14 +4376,18 @@
}
}

- if(!proxy)
- proxy = detect_proxy(conn);
- else if(data->set.str[STRING_NOPROXY]) {
- if(check_noproxy(conn->host.name, data->set.str[STRING_NOPROXY])) {
- free(proxy); /* proxy is in exception list */
- proxy = NULL;
- }
+ if(data->set.str[STRING_NOPROXY] &&
+ check_noproxy(conn->host.name, data->set.str[STRING_NOPROXY])) {
+ if(proxy){
+ free(proxy); /* proxy is in exception list */
+ proxy = NULL;
+ }
  }
+ else{
+ if(!proxy)
+ proxy = detect_proxy(conn);
+ }
+
  if(proxy && !*proxy) {
    free(proxy); /* Don't bother with an empty proxy string */
    proxy = NULL;

You could also just take out the 'else' from the original code, but that
looks a little less efficient as you would needlessly call detect_proxy in a
few cases, only to then set it right back to NULL... ;-)

Cheers,

-Alex
Received on 2009-06-18

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: A sample to login and maintain session"
Previous message: A. Craig West: "Re: Maximum offset value supported by CURLOPT_RESUME_FROM(_LARGE) ?"
Next in thread: A. Craig West: "Re: small logic error with CURLOPT_NOPROXY, and a patch..."
Reply: A. Craig West: "Re: small logic error with CURLOPT_NOPROXY, and a patch..."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]