diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2008-10-15 21:43:48 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2008-10-15 21:43:48 +0000 |
| commit | a579d6706436615845f57692921e0891fb6e3719 (patch) | |
| tree | 936f3c7c41195e63bfd13c2f2b0151e1db1db397 /lib | |
| parent | be760bed7e544136eaa175f0fe58251da1ff6e41 (diff) | |
| download | gnurl-a579d6706436615845f57692921e0891fb6e3719.tar.gz gnurl-a579d6706436615845f57692921e0891fb6e3719.tar.bz2 gnurl-a579d6706436615845f57692921e0891fb6e3719.zip | |
- Pascal Terjan filed bug #2154627
(http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl
uses strcasecmp() in multiple places where it causes failures when the
Turkish locale is used. This is because 'i' and 'I' isn't the same letter so
strcasecmp() on those letters are different in Turkish than in English (or
just about all other languages). I thus introduced a totally new internal
function in libcurl (called Curl_ascii_equal) for doing case insentive
comparisons for english-(ascii?) style strings that thus will make "file"
and "FILE" match even if the Turkish locale is selected.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/cookie.c | 26 | ||||
| -rw-r--r-- | lib/curlx.h | 3 | ||||
| -rw-r--r-- | lib/gtls.c | 4 | ||||
| -rw-r--r-- | lib/http.c | 4 | ||||
| -rw-r--r-- | lib/http_digest.c | 26 | ||||
| -rw-r--r-- | lib/ldap.c | 6 | ||||
| -rw-r--r-- | lib/netrc.c | 14 | ||||
| -rw-r--r-- | lib/nss.c | 3 | ||||
| -rw-r--r-- | lib/parsedate.c | 7 | ||||
| -rw-r--r-- | lib/ssluse.c | 10 | ||||
| -rw-r--r-- | lib/strequal.c | 24 | ||||
| -rw-r--r-- | lib/strequal.h | 6 | ||||
| -rw-r--r-- | lib/telnet.c | 8 | ||||
| -rw-r--r-- | lib/url.c | 24 |
14 files changed, 98 insertions, 67 deletions
diff --git a/lib/cookie.c b/lib/cookie.c index 982bed063..2886c18a2 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -243,14 +243,14 @@ Curl_cookie_add(struct SessionHandle *data, whatptr++; } - if(strequal("path", name)) { + if(Curl_ascii_equal("path", name)) { co->path=strdup(whatptr); if(!co->path) { badcookie = TRUE; /* out of memory bad */ break; } } - else if(strequal("domain", name)) { + else if(Curl_ascii_equal("domain", name)) { /* note that this name may or may not have a preceeding dot, but we don't care about that, we treat the names the same anyway */ @@ -315,14 +315,14 @@ Curl_cookie_add(struct SessionHandle *data, } } } - else if(strequal("version", name)) { + else if(Curl_ascii_equal("version", name)) { co->version=strdup(whatptr); if(!co->version) { badcookie = TRUE; break; } } - else if(strequal("max-age", name)) { + else if(Curl_ascii_equal("max-age", name)) { /* Defined in RFC2109: Optional. The Max-Age attribute defines the lifetime of the @@ -341,7 +341,7 @@ Curl_cookie_add(struct SessionHandle *data, atoi((*co->maxage=='\"')?&co->maxage[1]:&co->maxage[0]) + (long)now; } - else if(strequal("expires", name)) { + else if(Curl_ascii_equal("expires", name)) { co->expirestr=strdup(whatptr); if(!co->expirestr) { badcookie = TRUE; @@ -371,10 +371,10 @@ Curl_cookie_add(struct SessionHandle *data, else { if(sscanf(ptr, "%" MAX_COOKIE_LINE_TXT "[^;\r\n]", what)) { - if(strequal("secure", what)) { + if(Curl_ascii_equal("secure", what)) { co->secure = TRUE; } - else if (strequal("httponly", what)) { + else if (Curl_ascii_equal("httponly", what)) { co->httponly = TRUE; } /* else, @@ -498,7 +498,7 @@ Curl_cookie_add(struct SessionHandle *data, As far as I can see, it is set to true when the cookie says .domain.com and to false when the domain is complete www.domain.com */ - co->tailmatch=(bool)strequal(ptr, "TRUE"); /* store information */ + co->tailmatch=(bool)Curl_ascii_equal(ptr, "TRUE"); /* store information */ break; case 2: /* It turns out, that sometimes the file format allows the path @@ -518,7 +518,7 @@ Curl_cookie_add(struct SessionHandle *data, fields++; /* add a field and fall down to secure */ /* FALLTHROUGH */ case 3: - co->secure = (bool)strequal(ptr, "TRUE"); + co->secure = (bool)Curl_ascii_equal(ptr, "TRUE"); break; case 4: co->expires = curlx_strtoofft(ptr, NULL, 10); @@ -571,11 +571,11 @@ Curl_cookie_add(struct SessionHandle *data, clist = c->cookies; replace_old = FALSE; while(clist) { - if(strequal(clist->name, co->name)) { + if(Curl_ascii_equal(clist->name, co->name)) { /* the names are identical */ if(clist->domain && co->domain) { - if(strequal(clist->domain, co->domain)) + if(Curl_ascii_equal(clist->domain, co->domain)) /* The domains are identical */ replace_old=TRUE; } @@ -586,7 +586,7 @@ Curl_cookie_add(struct SessionHandle *data, /* the domains were identical */ if(clist->path && co->path) { - if(strequal(clist->path, co->path)) { + if(Curl_ascii_equal(clist->path, co->path)) { replace_old = TRUE; } else @@ -778,7 +778,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c, /* now check if the domain is correct */ if(!co->domain || (co->tailmatch && tailmatch(co->domain, host)) || - (!co->tailmatch && strequal(host, co->domain)) ) { + (!co->tailmatch && Curl_ascii_equal(host, co->domain)) ) { /* the right part of the host matches the domain stuff in the cookie data */ diff --git a/lib/curlx.h b/lib/curlx.h index 26948d305..94f277f10 100644 --- a/lib/curlx.h +++ b/lib/curlx.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -65,6 +65,7 @@ #define curlx_getenv curl_getenv #define curlx_strequal curl_strequal #define curlx_strnequal curl_strnequal +#define curlx_ascii_equal Curl_ascii_equal #define curlx_mvsnprintf curl_mvsnprintf #define curlx_msnprintf curl_msnprintf #define curlx_maprintf curl_maprintf diff --git a/lib/gtls.c b/lib/gtls.c index 89a8079bf..17e3947c9 100644 --- a/lib/gtls.c +++ b/lib/gtls.c @@ -223,9 +223,9 @@ static gnutls_x509_crt_fmt do_file_type(const char *type) { if(!type || !type[0]) return GNUTLS_X509_FMT_PEM; - if(curl_strequal(type, "PEM")) + if(Curl_ascii_equal(type, "PEM")) return GNUTLS_X509_FMT_PEM; - if(curl_strequal(type, "DER")) + if(Curl_ascii_equal(type, "DER")) return GNUTLS_X509_FMT_DER; return -1; } diff --git a/lib/http.c b/lib/http.c index 9535c7633..da7972459 100644 --- a/lib/http.c +++ b/lib/http.c @@ -613,7 +613,7 @@ http_output_auth(struct connectdata *conn, if(!data->state.this_is_a_follow || conn->bits.netrc || !data->state.first_host || - curl_strequal(data->state.first_host, conn->host.name) || + Curl_ascii_equal(data->state.first_host, conn->host.name) || data->set.http_disable_hostname_check_before_authentication) { /* Send web authentication header if needed */ @@ -2185,7 +2185,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) ptr = checkheaders(data, "Host:"); if(ptr && (!data->state.this_is_a_follow || - curl_strequal(data->state.first_host, conn->host.name))) { + Curl_ascii_equal(data->state.first_host, conn->host.name))) { #if !defined(CURL_DISABLE_COOKIES) /* If we have a given custom Host: header, we extract the host name in order to possibly use it for cookie reasons later on. We only allow the diff --git a/lib/http_digest.c b/lib/http_digest.c index 0d92652a0..2e774f3d4 100644 --- a/lib/http_digest.c +++ b/lib/http_digest.c @@ -110,28 +110,28 @@ CURLdigest Curl_input_digest(struct connectdata *conn, */ content[0]=0; } - if(strequal(value, "nonce")) { + if(Curl_ascii_equal(value, "nonce")) { d->nonce = strdup(content); if(!d->nonce) return CURLDIGEST_NOMEM; } - else if(strequal(value, "stale")) { - if(strequal(content, "true")) { + else if(Curl_ascii_equal(value, "stale")) { + if(Curl_ascii_equal(content, "true")) { d->stale = TRUE; d->nc = 1; /* we make a new nonce now */ } } - else if(strequal(value, "realm")) { + else if(Curl_ascii_equal(value, "realm")) { d->realm = strdup(content); if(!d->realm) return CURLDIGEST_NOMEM; } - else if(strequal(value, "opaque")) { + else if(Curl_ascii_equal(value, "opaque")) { d->opaque = strdup(content); if(!d->opaque) return CURLDIGEST_NOMEM; } - else if(strequal(value, "qop")) { + else if(Curl_ascii_equal(value, "qop")) { char *tok_buf; /* tokenize the list and choose auth if possible, use a temporary clone of the buffer since strtok_r() ruins it */ @@ -140,10 +140,10 @@ CURLdigest Curl_input_digest(struct connectdata *conn, return CURLDIGEST_NOMEM; token = strtok_r(tmp, ",", &tok_buf); while(token != NULL) { - if(strequal(token, "auth")) { + if(Curl_ascii_equal(token, "auth")) { foundAuth = TRUE; } - else if(strequal(token, "auth-int")) { + else if(Curl_ascii_equal(token, "auth-int")) { foundAuthInt = TRUE; } token = strtok_r(NULL, ",", &tok_buf); @@ -161,13 +161,13 @@ CURLdigest Curl_input_digest(struct connectdata *conn, return CURLDIGEST_NOMEM; } } - else if(strequal(value, "algorithm")) { + else if(Curl_ascii_equal(value, "algorithm")) { d->algorithm = strdup(content); if(!d->algorithm) return CURLDIGEST_NOMEM; - if(strequal(content, "MD5-sess")) + if(Curl_ascii_equal(content, "MD5-sess")) d->algo = CURLDIGESTALGO_MD5SESS; - else if(strequal(content, "MD5")) + else if(Curl_ascii_equal(content, "MD5")) d->algo = CURLDIGESTALGO_MD5; else return CURLDIGEST_BADALGO; @@ -362,7 +362,7 @@ CURLcode Curl_output_digest(struct connectdata *conn, return CURLE_OUT_OF_MEMORY; } - if(d->qop && strequal(d->qop, "auth-int")) { + if(d->qop && Curl_ascii_equal(d->qop, "auth-int")) { /* We don't support auth-int at the moment. I can't see a easy way to get entity-body here */ /* TODO: Append H(entity-body)*/ @@ -423,7 +423,7 @@ CURLcode Curl_output_digest(struct connectdata *conn, d->qop, request_digest); - if(strequal(d->qop, "auth")) + if(Curl_ascii_equal(d->qop, "auth")) d->nc++; /* The nc (from RFC) has to be a 8 hex digit number 0 padded which tells to the server how many times you are using the same nonce in the qop=auth mode. */ diff --git a/lib/ldap.c b/lib/ldap.c index 816b46faf..917269171 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -198,7 +198,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) } /* Get the URL scheme ( either ldap or ldaps ) */ - if(strequal(conn->protostr, "LDAPS")) + if(Curl_ascii_equal(conn->protostr, "LDAPS")) ldap_ssl = 1; infof(data, "LDAP local: trying to establish %s connection\n", ldap_ssl ? "encrypted" : "cleartext"); @@ -228,7 +228,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) /* Novell SDK supports DER or BASE64 files. */ int cert_type = LDAPSSL_CERT_FILETYPE_B64; if((data->set.str[STRING_CERT_TYPE]) && - (strequal(data->set.str[STRING_CERT_TYPE], "DER"))) + (Curl_ascii_equal(data->set.str[STRING_CERT_TYPE], "DER"))) cert_type = LDAPSSL_CERT_FILETYPE_DER; if(!ldap_ca) { failf(data, "LDAP local: ERROR %s CA cert not set!", @@ -269,7 +269,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) if(data->set.ssl.verifypeer) { /* OpenLDAP SDK supports BASE64 files. */ if((data->set.str[STRING_CERT_TYPE]) && - (!strequal(data->set.str[STRING_CERT_TYPE], "PEM"))) { + (!Curl_ascii_equal(data->set.str[STRING_CERT_TYPE], "PEM"))) { failf(data, "LDAP local: ERROR OpenLDAP does only support PEM cert-type!"); status = CURLE_SSL_CERTPROBLEM; goto quit; diff --git a/lib/netrc.c b/lib/netrc.c index d7c7fd108..2f049e929 100644 --- a/lib/netrc.c +++ b/lib/netrc.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -155,7 +155,7 @@ int Curl_parsenetrc(const char *host, switch(state) { case NOTHING: - if(strequal("machine", tok)) { + if(Curl_ascii_equal("machine", tok)) { /* the next tok is the machine name, this is in itself the delimiter that starts the stuff entered for this machine, after this we need to search for 'login' and @@ -164,7 +164,7 @@ int Curl_parsenetrc(const char *host, } break; case HOSTFOUND: - if(strequal(host, tok)) { + if(Curl_ascii_equal(host, tok)) { /* and yes, this is our host! */ state=HOSTVALID; #ifdef _NETRC_DEBUG @@ -180,7 +180,7 @@ int Curl_parsenetrc(const char *host, /* we are now parsing sub-keywords concerning "our" host */ if(state_login) { if(specific_login) { - state_our_login = strequal(login, tok); + state_our_login = Curl_ascii_equal(login, tok); } else { strncpy(login, tok, LOGINSIZE-1); @@ -199,11 +199,11 @@ int Curl_parsenetrc(const char *host, } state_password=0; } - else if(strequal("login", tok)) + else if(Curl_ascii_equal("login", tok)) state_login=1; - else if(strequal("password", tok)) + else if(Curl_ascii_equal("password", tok)) state_password=1; - else if(strequal("machine", tok)) { + else if(Curl_ascii_equal("machine", tok)) { /* ok, there's machine here go => */ state = HOSTFOUND; state_our_login = FALSE; @@ -43,7 +43,6 @@ #include "strequal.h" #include "select.h" #include "sslgen.h" -#include "strequal.h" #define _MPRINTF_REPLACE /* use the internal *printf() functions */ #include <curl/mprintf.h> @@ -202,7 +201,7 @@ static SECStatus set_ciphers(struct SessionHandle *data, PRFileDesc * model, found = PR_FALSE; for(i=0; i<NUM_OF_CIPHERS; i++) { - if(strequal(cipher, cipherlist[i].name)) { + if(Curl_ascii_equal(cipher, cipherlist[i].name)) { cipher_state[i] = PR_TRUE; found = PR_TRUE; break; diff --git a/lib/parsedate.c b/lib/parsedate.c index fc6f9216f..11dc55e64 100644 --- a/lib/parsedate.c +++ b/lib/parsedate.c @@ -83,6 +83,7 @@ #endif #include <curl/curl.h> +#include "strequal.h" #include "parsedate.h" const char * const Curl_wkday[] = @@ -163,7 +164,7 @@ static int checkday(const char *check, size_t len) else what = &Curl_wkday[0]; for(i=0; i<7; i++) { - if(curl_strequal(check, what[0])) { + if(Curl_ascii_equal(check, what[0])) { found=TRUE; break; } @@ -180,7 +181,7 @@ static int checkmonth(const char *check) what = &Curl_month[0]; for(i=0; i<12; i++) { - if(curl_strequal(check, what[0])) { + if(Curl_ascii_equal(check, what[0])) { found=TRUE; break; } @@ -200,7 +201,7 @@ static int checktz(const char *check) what = tz; for(i=0; i< sizeof(tz)/sizeof(tz[0]); i++) { - if(curl_strequal(check, what->name)) { + if(Curl_ascii_equal(check, what->name)) { found=TRUE; break; } diff --git a/lib/ssluse.c b/lib/ssluse.c index d0f5501fe..1c47508ef 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -284,13 +284,13 @@ static int do_file_type(const char *type) { if(!type || !type[0]) return SSL_FILETYPE_PEM; - if(curl_strequal(type, "PEM")) + if(Curl_ascii_equal(type, "PEM")) return SSL_FILETYPE_PEM; - if(curl_strequal(type, "DER")) + if(Curl_ascii_equal(type, "DER")) return SSL_FILETYPE_ASN1; - if(curl_strequal(type, "ENG")) + if(Curl_ascii_equal(type, "ENG")) return SSL_FILETYPE_ENGINE; - if(curl_strequal(type, "P12")) + if(Curl_ascii_equal(type, "P12")) return SSL_FILETYPE_PKCS12; return -1; } @@ -1010,7 +1010,7 @@ cert_hostcheck(const char *match_pattern, const char *hostname) !hostname || !*hostname) /* sanity check */ return 0; - if(curl_strequal(hostname,match_pattern)) /* trivial case */ + if(Curl_ascii_equal(hostname, match_pattern)) /* trivial case */ return 1; if(hostmatch(hostname,match_pattern) == HOST_MATCH) diff --git a/lib/strequal.c b/lib/strequal.c index e8c667497..c1a82f789 100644 --- a/lib/strequal.c +++ b/lib/strequal.c @@ -76,6 +76,30 @@ int curl_strnequal(const char *first, const char *second, size_t max) #endif } +/* + * Curl_ascii_equal() is for doing "ascii" case insensitive strings. This is + * meant to be locale independent and only compare strings we know are safe + * for this. + * See http://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/ for some + * further explanation to why this function is necessary. + */ +#define TOASCIIUPPER(x) ((((x) >= 'a') && ((x) <= 'z'))?((x) - 0x20):(x)) + +int Curl_ascii_equal(const char *first, const char *second) +{ + while(*first && *second) { + if(! (TOASCIIUPPER(*first) == TOASCIIUPPER(*second))) + /* get out of the loop as soon as they don't match */ + break; + first++; + second++; + } + /* we do the comparison here (possibly again), just to make sure that if the + loop above is skipped because one of the strings reached zero, we must not + return this as a successful match */ + return (TOASCIIUPPER(*first) == TOASCIIUPPER(*second)); +} + #ifndef HAVE_STRLCAT /* * The strlcat() function appends the NUL-terminated string src to the end diff --git a/lib/strequal.h b/lib/strequal.h index 70066559f..d1bc86ef5 100644 --- a/lib/strequal.h +++ b/lib/strequal.h @@ -32,6 +32,12 @@ argument is zero-byte terminated */ #define checkprefix(a,b) strnequal(a,b,strlen(a)) +/* + * Curl_ascii_equal() is for doing "ascii" case insensitive strings. This is + * meant to be locale independent and only compare strings we know are safe + * for this. + */ +int Curl_ascii_equal(const char *first, const char *second); #ifndef HAVE_STRLCAT #define strlcat(x,y,z) Curl_strlcat(x,y,z) diff --git a/lib/telnet.c b/lib/telnet.c index 77f51b523..3b5e1d761 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -833,7 +833,7 @@ static CURLcode check_telnet_options(struct connectdata *conn) option_keyword, option_arg) == 2) { /* Terminal type */ - if(curl_strequal(option_keyword, "TTYPE")) { + if(Curl_ascii_equal(option_keyword, "TTYPE")) { strncpy(tn->subopt_ttype, option_arg, 31); tn->subopt_ttype[31] = 0; /* String termination */ tn->us_preferred[CURL_TELOPT_TTYPE] = CURL_YES; @@ -841,7 +841,7 @@ static CURLcode check_telnet_options(struct connectdata *conn) } /* Display variable */ - if(curl_strequal(option_keyword, "XDISPLOC")) { + if(Curl_ascii_equal(option_keyword, "XDISPLOC")) { strncpy(tn->subopt_xdisploc, option_arg, 127); tn->subopt_xdisploc[127] = 0; /* String termination */ tn->us_preferred[CURL_TELOPT_XDISPLOC] = CURL_YES; @@ -849,7 +849,7 @@ static CURLcode check_telnet_options(struct connectdata *conn) } /* Environment variable */ - if(curl_strequal(option_keyword, "NEW_ENV")) { + if(Curl_ascii_equal(option_keyword, "NEW_ENV")) { buf = strdup(option_arg); if(!buf) return CURLE_OUT_OF_MEMORY; @@ -1216,17 +1216,17 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, if(argptr == NULL) break; - if(strequal(argptr, "ALL")) { + if(Curl_ascii_equal(argptr, "ALL")) { /* clear all cookies */ Curl_cookie_clearall(data->cookies); break; } - else if(strequal(argptr, "SESS")) { + else if(Curl_ascii_equal(argptr, "SESS")) { /* clear session cookies */ Curl_cookie_clearsess(data->cookies); break; } - else if(strequal(argptr, "FLUSH")) { + else if(Curl_ascii_equal(argptr, "FLUSH")) { /* flush cookies to file */ flush_cookies(data, 0); break; @@ -2496,14 +2496,14 @@ ConnectionExists(struct SessionHandle *data, if(!needle->bits.httpproxy || needle->protocol&PROT_SSL || (needle->bits.httpproxy && check->bits.httpproxy && needle->bits.tunnel_proxy && check->bits.tunnel_proxy && - strequal(needle->proxy.name, check->proxy.name) && + Curl_ascii_equal(needle->proxy.name, check->proxy.name) && (needle->port == check->port))) { /* The requested connection does not use a HTTP proxy or it uses SSL or it is a non-SSL protocol tunneled over the same http proxy name and port number */ - if(strequal(needle->protostr, check->protostr) && - strequal(needle->host.name, check->host.name) && + if(Curl_ascii_equal(needle->protostr, check->protostr) && + Curl_ascii_equal(needle->host.name, check->host.name) && (needle->remote_port == check->remote_port) ) { if(needle->protocol & PROT_SSL) { /* This is SSL, verify that we're using the same @@ -2542,7 +2542,7 @@ ConnectionExists(struct SessionHandle *data, is the checked one using the same host, port and type? */ if(check->bits.proxy && (needle->proxytype == check->proxytype) && - strequal(needle->proxy.name, check->proxy.name) && + Curl_ascii_equal(needle->proxy.name, check->proxy.name) && needle->port == check->port) { /* This is the same proxy connection, use it! */ match = TRUE; @@ -3021,7 +3021,7 @@ static CURLcode ParseURLAndFillConnection(struct SessionHandle *data, ************************************************************/ if((2 == sscanf(data->change.url, "%15[^:]:%[^\n]", conn->protostr, - path)) && strequal(conn->protostr, "file")) { + path)) && Curl_ascii_equal(conn->protostr, "file")) { if(path[0] == '/' && path[1] == '/') { /* Allow omitted hostname (e.g. file:/<path>). This is not strictly * speaking a valid file: URL by RFC 1738, but treating file:/<path> as @@ -3256,7 +3256,7 @@ static CURLcode setup_connection_internals(struct SessionHandle *data, /* Scan protocol handler table. */ for (pp = protocols; (p = *pp) != NULL; pp++) - if(strequal(p->scheme, conn->protostr)) { + if(Curl_ascii_equal(p->scheme, conn->protostr)) { /* Protocol found in table. Perform setup complement if some. */ conn->handler = p; @@ -3370,7 +3370,7 @@ static char *detect_proxy(struct connectdata *conn) * This can cause 'internal' http/ftp requests to be * arbitrarily redirected by any external attacker. */ - if(!prox && !strequal("http_proxy", proxy_env)) { + if(!prox && !Curl_ascii_equal("http_proxy", proxy_env)) { /* There was no lowercase variable, try the uppercase version: */ for(envp = proxy_env; *envp; envp++) *envp = (char)toupper((int)*envp); @@ -3691,8 +3691,8 @@ static CURLcode parse_remote_port(struct SessionHandle *data, if(conn->bits.httpproxy) { /* we need to create new URL with the new port number */ char *url; - bool isftp = (bool)(strequal("ftp", conn->protostr) || - strequal("ftps", conn->protostr)); + bool isftp = (bool)(Curl_ascii_equal("ftp", conn->protostr) || + Curl_ascii_equal("ftps", conn->protostr)); /* * This synthesized URL isn't always right--suffixes like ;type=A |