Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: '--socks5-hostname' and 'CURL_DISABLE_PROXY'
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Timothe Litt <litt_at_acm.org>
Date: Tue, 8 Mar 2022 12:54:37 -0500
On 08-Mar-22 08:59, Gisle Vanem via curl-users wrote:
> Timothe Litt wrote:
>
>>> So what in 'curl -V' is there to tell it's safe to use with
>>> Tor in this way? Some additional 'Features: SOCKS5' would make
>>> it a bit clearer IMHO.
>>>
>> Seems to me that specifying --socks5-hostname should produce a hard
>> error if CURL_DISABLE_PROXY is set. As should anything else that
>> implies using a proxy - including API calls that specify
>> proxy-related items.
>
> I totally agree. I did this patch to warn & exit:
>
> --- a/src/tool_operate.c 2022-03-04 06:19:28
> +++ b/src/tool_operate.c 2022-03-08 14:25:22
> _at__at_ -1296,6 +1296,16 _at__at_
>
> my_setopt(curl, CURLOPT_SUPPRESS_CONNECT_HEADERS,
> config->suppress_connect_headers?1L:0L);
> +
> +#if defined(CURL_DISABLE_PROXY)
> + if (config->proxy_tls_username ||
> config->proxy_tls_password ||
> + config->proxy_tls_authtype || config->proxyuserpwd ||
> config->proxy ||
> + config->proxyver)
> + {
> + fputs ("WARNING: a 'proxy' option was used when
> 'CURL_DISABLE_PROXY' is set.\n",
> + global->errors);
> + exit(1);
> + }
> +#endif
> }
>
> my_setopt(curl, CURLOPT_FAILONERROR, config->failonerror?1L:0L);
>
> ------
>
> Not sure how it really should be done.
>
I think it probably belongs in the library - not just the command line
"tool". E.g. setting the corresponding CURLOPTs should fail with a "not
implemented" error; the tool can check for that error under "#ifdef
CURL_DISABLE_PROXY" and produce your helpful message. This will produce
hard errors for other users of the cURL library, which are many.
Also, in your message, WARNING should be ERROR since the result is that
the program exits. Warnings are recoverable, used where the operation
proceeds. This is a fatal error.
Received on 2022-03-09
Date: Tue, 8 Mar 2022 12:54:37 -0500
On 08-Mar-22 08:59, Gisle Vanem via curl-users wrote:
> Timothe Litt wrote:
>
>>> So what in 'curl -V' is there to tell it's safe to use with
>>> Tor in this way? Some additional 'Features: SOCKS5' would make
>>> it a bit clearer IMHO.
>>>
>> Seems to me that specifying --socks5-hostname should produce a hard
>> error if CURL_DISABLE_PROXY is set. As should anything else that
>> implies using a proxy - including API calls that specify
>> proxy-related items.
>
> I totally agree. I did this patch to warn & exit:
>
> --- a/src/tool_operate.c 2022-03-04 06:19:28
> +++ b/src/tool_operate.c 2022-03-08 14:25:22
> _at__at_ -1296,6 +1296,16 _at__at_
>
> my_setopt(curl, CURLOPT_SUPPRESS_CONNECT_HEADERS,
> config->suppress_connect_headers?1L:0L);
> +
> +#if defined(CURL_DISABLE_PROXY)
> + if (config->proxy_tls_username ||
> config->proxy_tls_password ||
> + config->proxy_tls_authtype || config->proxyuserpwd ||
> config->proxy ||
> + config->proxyver)
> + {
> + fputs ("WARNING: a 'proxy' option was used when
> 'CURL_DISABLE_PROXY' is set.\n",
> + global->errors);
> + exit(1);
> + }
> +#endif
> }
>
> my_setopt(curl, CURLOPT_FAILONERROR, config->failonerror?1L:0L);
>
> ------
>
> Not sure how it really should be done.
>
I think it probably belongs in the library - not just the command line
"tool". E.g. setting the corresponding CURLOPTs should fail with a "not
implemented" error; the tool can check for that error under "#ifdef
CURL_DISABLE_PROXY" and produce your helpful message. This will produce
hard errors for other users of the cURL library, which are many.
Also, in your message, WARNING should be ERROR since the result is that
the program exits. Warnings are recoverable, used where the operation
proceeds. This is a fatal error.
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-users Etiquette: https://curl.haxx.se/mail/etiquette.html
- application/pgp-signature attachment: OpenPGP digital signature