luna - curl/lib/setopt.c

   1/***************************************************************************
   2 *                                  _   _ ____  _
   3 *  Project                     ___| | | |  _ \| |
   4 *                             / __| | | | |_) | |
   5 *                            | (__| |_| |  _ <| |___
   6 *                             \___|\___/|_| \_\_____|
   7 *
   8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
   9 *
  10 * This software is licensed as described in the file COPYING, which
  11 * you should have received as part of this distribution. The terms
  12 * are also available at https://curl.se/docs/copyright.html.
  13 *
  14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15 * copies of the Software, and permit persons to whom the Software is
  16 * furnished to do so, under the terms of the COPYING file.
  17 *
  18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19 * KIND, either express or implied.
  20 *
  21 * SPDX-License-Identifier: curl
  22 *
  23 ***************************************************************************/
  24#include "curl_setup.h"
  25
  26#ifdef HAVE_NETINET_IN_H
  27#include <netinet/in.h>
  28#endif
  29
  30#ifdef HAVE_LINUX_TCP_H
  31#include <linux/tcp.h>
  32#elif defined(HAVE_NETINET_TCP_H)
  33#include <netinet/tcp.h>
  34#endif
  35
  36#include "urldata.h"
  37#include "url.h"
  38#include "progress.h"
  39#include "content_encoding.h"
  40#include "strcase.h"
  41#include "curl_share.h"
  42#include "vtls/vtls.h"
  43#include "curl_trc.h"
  44#include "hostip.h"
  45#include "setopt.h"
  46#include "altsvc.h"
  47#include "hsts.h"
  48#include "tftp.h"
  49#include "curlx/strdup.h"
  50#include "escape.h"
  51#include "bufref.h"
  52#include "vauth/vauth.h"
  53
  54static CURLcode setopt_set_timeout_sec(timediff_t *ptimeout_ms, long secs)
  55{
  56  if(secs < 0)
  57    return CURLE_BAD_FUNCTION_ARGUMENT;
  58#if LONG_MAX > (TIMEDIFF_T_MAX / 1000)
  59  if(secs > (TIMEDIFF_T_MAX / 1000)) {
  60    *ptimeout_ms = TIMEDIFF_T_MAX;
  61    return CURLE_OK;
  62  }
  63#endif
  64  *ptimeout_ms = (timediff_t)secs * 1000;
  65  return CURLE_OK;
  66}
  67
  68static CURLcode setopt_set_timeout_ms(timediff_t *ptimeout_ms, long ms)
  69{
  70  if(ms < 0)
  71    return CURLE_BAD_FUNCTION_ARGUMENT;
  72#if LONG_MAX > TIMEDIFF_T_MAX
  73  if(ms > TIMEDIFF_T_MAX) {
  74    *ptimeout_ms = TIMEDIFF_T_MAX;
  75    return CURLE_OK;
  76  }
  77#endif
  78  *ptimeout_ms = (timediff_t)ms;
  79  return CURLE_OK;
  80}
  81
  82CURLcode Curl_setstropt(char **charp, const char *s)
  83{
  84  /* Release the previous storage at `charp' and replace by a dynamic storage
  85     copy of `s'. Return CURLE_OK or CURLE_OUT_OF_MEMORY. */
  86
  87  curlx_safefree(*charp);
  88
  89  if(s) {
  90    if(strlen(s) > CURL_MAX_INPUT_LENGTH)
  91      return CURLE_BAD_FUNCTION_ARGUMENT;
  92
  93    *charp = curlx_strdup(s);
  94    if(!*charp)
  95      return CURLE_OUT_OF_MEMORY;
  96  }
  97
  98  return CURLE_OK;
  99}
 100
 101CURLcode Curl_setblobopt(struct curl_blob **blobp,
 102                         const struct curl_blob *blob)
 103{
 104  /* free the previous storage at `blobp' and replace by a dynamic storage
 105     copy of blob. If CURL_BLOB_COPY is set, the data is copied. */
 106
 107  curlx_safefree(*blobp);
 108
 109  if(blob) {
 110    struct curl_blob *nblob;
 111    if(!blob->len || (blob->len > CURL_MAX_INPUT_LENGTH))
 112      return CURLE_BAD_FUNCTION_ARGUMENT;
 113    nblob = (struct curl_blob *)
 114      curlx_malloc(sizeof(struct curl_blob) +
 115                   ((blob->flags & CURL_BLOB_COPY) ? blob->len : 0));
 116    if(!nblob)
 117      return CURLE_OUT_OF_MEMORY;
 118    *nblob = *blob;
 119    if(blob->flags & CURL_BLOB_COPY) {
 120      /* put the data after the blob struct in memory */
 121      nblob->data = (char *)nblob + sizeof(struct curl_blob);
 122      memcpy(nblob->data, blob->data, blob->len);
 123    }
 124
 125    *blobp = nblob;
 126    return CURLE_OK;
 127  }
 128
 129  return CURLE_OK;
 130}
 131
 132static CURLcode setstropt_userpwd(const char *option, char **userp,
 133                                  char **passwdp)
 134{
 135  char *user = NULL;
 136  char *passwd = NULL;
 137
 138  DEBUGASSERT(userp);
 139  DEBUGASSERT(passwdp);
 140
 141  /* Parse the login details if specified. If not, then we treat NULL as a
 142     hint to clear the existing data */
 143  if(option) {
 144    size_t len = strlen(option);
 145    CURLcode result;
 146    if(len > CURL_MAX_INPUT_LENGTH)
 147      return CURLE_BAD_FUNCTION_ARGUMENT;
 148
 149    result = Curl_parse_login_details(option, len, &user, &passwd, NULL);
 150    if(result)
 151      return result;
 152  }
 153
 154  curlx_free(*userp);
 155  *userp = user;
 156
 157  curlx_free(*passwdp);
 158  *passwdp = passwd;
 159
 160  return CURLE_OK;
 161}
 162
 163static CURLcode setstropt_interface(char *option, char **devp,
 164                                    char **ifacep, char **hostp)
 165{
 166  char *dev = NULL;
 167  char *iface = NULL;
 168  char *host = NULL;
 169  CURLcode result;
 170
 171  DEBUGASSERT(devp);
 172  DEBUGASSERT(ifacep);
 173  DEBUGASSERT(hostp);
 174
 175  if(option) {
 176    /* Parse the interface details if set, otherwise clear them all */
 177    result = Curl_parse_interface(option, &dev, &iface, &host);
 178    if(result)
 179      return result;
 180  }
 181  curlx_free(*devp);
 182  *devp = dev;
 183
 184  curlx_free(*ifacep);
 185  *ifacep = iface;
 186
 187  curlx_free(*hostp);
 188  *hostp = host;
 189
 190  return CURLE_OK;
 191}
 192
 193#ifdef USE_SSL
 194#define C_SSLVERSION_VALUE(x)     ((x) & 0xffff)
 195#define C_SSLVERSION_MAX_VALUE(x) ((unsigned long)(x) & 0xffff0000)
 196#endif
 197
 198static CURLcode protocol2num(const char *str, curl_prot_t *val)
 199{
 200  /*
 201   * We are asked to cherry-pick protocols, so play it safe and disallow all
 202   * protocols to start with, and re-add the wanted ones back in.
 203   */
 204  *val = 0;
 205
 206  if(!str)
 207    return CURLE_BAD_FUNCTION_ARGUMENT;
 208
 209  if(curl_strequal(str, "all")) {
 210    *val = ~(curl_prot_t)0;
 211    return CURLE_OK;
 212  }
 213
 214  do {
 215    const char *token = str;
 216    size_t tlen;
 217
 218    str = strchr(str, ',');
 219    tlen = str ? (size_t)(str - token) : strlen(token);
 220    if(tlen) {
 221      const struct Curl_scheme *h = Curl_getn_scheme(token, tlen);
 222
 223      if(!h || !h->run)
 224        return CURLE_UNSUPPORTED_PROTOCOL;
 225
 226      *val |= h->protocol;
 227    }
 228  } while(str && str++);
 229
 230  if(!*val)
 231    /* no protocol listed */
 232    return CURLE_BAD_FUNCTION_ARGUMENT;
 233  return CURLE_OK;
 234}
 235
 236#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_PROXY)
 237static CURLcode httpauth(struct Curl_easy *data, bool proxy,
 238                         unsigned long auth)
 239{
 240  if(auth != CURLAUTH_NONE) {
 241    int bitcheck = 0;
 242    bool authbits = FALSE;
 243    if(auth & CURLAUTH_DIGEST_IE) {
 244      auth |= CURLAUTH_DIGEST; /* set standard digest bit */
 245      auth &= ~CURLAUTH_DIGEST_IE; /* drop the legacy bit */
 246    }
 247
 248    /* switch off bits we cannot support */
 249#ifndef USE_NTLM
 250    auth &= ~CURLAUTH_NTLM; /* no NTLM support */
 251#endif
 252#ifndef USE_SPNEGO
 253    auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without GSS-API
 254                                    or SSPI */
 255#endif
 256
 257    /* check if any auth bit lower than CURLAUTH_ONLY is still set */
 258    while(bitcheck < 31) {
 259      if(auth & (1UL << bitcheck++)) {
 260        authbits = TRUE;
 261        break;
 262      }
 263    }
 264    if(!authbits)
 265      return CURLE_NOT_BUILT_IN; /* no supported types left! */
 266  }
 267  if(proxy)
 268    data->set.proxyauth = (uint32_t)auth;
 269  else
 270    data->set.httpauth = (uint32_t)auth;
 271  return CURLE_OK;
 272}
 273#endif /* !CURL_DISABLE_HTTP || !CURL_DISABLE_PROXY */
 274
 275#ifndef CURL_DISABLE_HTTP
 276static CURLcode setopt_HTTP_VERSION(struct Curl_easy *data, long arg)
 277{
 278  /*
 279   * This sets a requested HTTP version to be used. The value is one of
 280   * the listed enums in curl/curl.h.
 281   */
 282  switch(arg) {
 283  case CURL_HTTP_VERSION_NONE:
 284    /* accepted */
 285    break;
 286  case CURL_HTTP_VERSION_1_0:
 287  case CURL_HTTP_VERSION_1_1:
 288    /* accepted */
 289    break;
 290#ifdef USE_HTTP2
 291  case CURL_HTTP_VERSION_2_0:
 292  case CURL_HTTP_VERSION_2TLS:
 293  case CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE:
 294    /* accepted */
 295    break;
 296#endif
 297#ifdef USE_HTTP3
 298  case CURL_HTTP_VERSION_3:
 299  case CURL_HTTP_VERSION_3ONLY:
 300    /* accepted */
 301    break;
 302#endif
 303  default:
 304    /* not accepted */
 305    if(arg < CURL_HTTP_VERSION_NONE)
 306      return CURLE_BAD_FUNCTION_ARGUMENT;
 307    return CURLE_UNSUPPORTED_PROTOCOL;
 308  }
 309  data->set.httpwant = (unsigned char)arg;
 310  return CURLE_OK;
 311}
 312#endif /* !CURL_DISABLE_HTTP */
 313
 314#ifdef USE_SSL
 315CURLcode Curl_setopt_SSLVERSION(struct Curl_easy *data, CURLoption option,
 316                                long arg)
 317{
 318  /*
 319   * Set explicit SSL version to try to connect with, as some SSL
 320   * implementations are lame.
 321   */
 322  {
 323    long version, version_max;
 324    struct ssl_primary_config *primary = &data->set.ssl.primary;
 325#ifndef CURL_DISABLE_PROXY
 326    if(option != CURLOPT_SSLVERSION)
 327      primary = &data->set.proxy_ssl.primary;
 328#else
 329    if(option) {}
 330#endif
 331    version = C_SSLVERSION_VALUE(arg);
 332    version_max = (long)C_SSLVERSION_MAX_VALUE(arg);
 333
 334    if(version < CURL_SSLVERSION_DEFAULT ||
 335       version == CURL_SSLVERSION_SSLv2 ||
 336       version == CURL_SSLVERSION_SSLv3 ||
 337       version >= CURL_SSLVERSION_LAST ||
 338       version_max < CURL_SSLVERSION_MAX_NONE ||
 339       version_max >= CURL_SSLVERSION_MAX_LAST)
 340      return CURLE_BAD_FUNCTION_ARGUMENT;
 341    if(version == CURL_SSLVERSION_DEFAULT)
 342      version = CURL_SSLVERSION_TLSv1_2;
 343
 344    primary->version = (unsigned char)version;
 345    primary->version_max = (unsigned int)version_max;
 346  }
 347  return CURLE_OK;
 348}
 349#endif /* !USE_SSL */
 350
 351#ifndef CURL_DISABLE_RTSP
 352static CURLcode setopt_RTSP_REQUEST(struct Curl_easy *data, long arg)
 353{
 354  /*
 355   * Set the RTSP request method (OPTIONS, SETUP, PLAY, etc...) Would this be
 356   * better if the RTSPREQ_* were moved into here?
 357   */
 358  Curl_RtspReq rtspreq = RTSPREQ_NONE;
 359  switch(arg) {
 360  case CURL_RTSPREQ_OPTIONS:
 361    rtspreq = RTSPREQ_OPTIONS;
 362    break;
 363  case CURL_RTSPREQ_DESCRIBE:
 364    rtspreq = RTSPREQ_DESCRIBE;
 365    break;
 366  case CURL_RTSPREQ_ANNOUNCE:
 367    rtspreq = RTSPREQ_ANNOUNCE;
 368    break;
 369  case CURL_RTSPREQ_SETUP:
 370    rtspreq = RTSPREQ_SETUP;
 371    break;
 372  case CURL_RTSPREQ_PLAY:
 373    rtspreq = RTSPREQ_PLAY;
 374    break;
 375  case CURL_RTSPREQ_PAUSE:
 376    rtspreq = RTSPREQ_PAUSE;
 377    break;
 378  case CURL_RTSPREQ_TEARDOWN:
 379    rtspreq = RTSPREQ_TEARDOWN;
 380    break;
 381  case CURL_RTSPREQ_GET_PARAMETER:
 382    rtspreq = RTSPREQ_GET_PARAMETER;
 383    break;
 384  case CURL_RTSPREQ_SET_PARAMETER:
 385    rtspreq = RTSPREQ_SET_PARAMETER;
 386    break;
 387  case CURL_RTSPREQ_RECORD:
 388    rtspreq = RTSPREQ_RECORD;
 389    break;
 390  case CURL_RTSPREQ_RECEIVE:
 391    rtspreq = RTSPREQ_RECEIVE;
 392    break;
 393  default:
 394    return CURLE_BAD_FUNCTION_ARGUMENT;
 395  }
 396
 397  data->set.rtspreq = rtspreq;
 398  return CURLE_OK;
 399}
 400#endif /* !CURL_DISABLE_RTSP */
 401
 402#ifdef USE_SSL
 403static void set_ssl_options(struct ssl_config_data *ssl,
 404                            struct ssl_primary_config *config,
 405                            long arg)
 406{
 407  config->ssl_options = (unsigned char)(arg & 0xff);
 408  ssl->enable_beast = !!(arg & CURLSSLOPT_ALLOW_BEAST);
 409  ssl->no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
 410  ssl->no_partialchain = !!(arg & CURLSSLOPT_NO_PARTIALCHAIN);
 411  ssl->revoke_best_effort = !!(arg & CURLSSLOPT_REVOKE_BEST_EFFORT);
 412  ssl->native_ca_store = !!(arg & CURLSSLOPT_NATIVE_CA);
 413  ssl->auto_client_cert = !!(arg & CURLSSLOPT_AUTO_CLIENT_CERT);
 414  ssl->earlydata = !!(arg & CURLSSLOPT_EARLYDATA);
 415}
 416#endif
 417
 418static CURLcode setopt_long_bool(struct Curl_easy *data, CURLoption option,
 419                                 long arg)
 420{
 421  bool enabled = !!arg;
 422  int ok = 1;
 423  struct UserDefined *s = &data->set;
 424  switch(option) {
 425  case CURLOPT_FORBID_REUSE:
 426    /*
 427     * When this transfer is done, it must not be left to be reused by a
 428     * subsequent transfer but shall be closed immediately.
 429     */
 430    s->reuse_forbid = enabled;
 431    break;
 432  case CURLOPT_FRESH_CONNECT:
 433    /*
 434     * This transfer shall not use a previously cached connection but
 435     * should be made with a fresh new connect!
 436     */
 437    s->reuse_fresh = enabled;
 438    break;
 439  case CURLOPT_VERBOSE:
 440    /*
 441     * Verbose means infof() calls that give a lot of information about
 442     * the connection and transfer procedures as well as internal choices.
 443     */
 444    s->verbose = enabled;
 445    break;
 446  case CURLOPT_HEADER:
 447    /*
 448     * Set to include the header in the general data output stream.
 449     */
 450    s->include_header = enabled;
 451    break;
 452  case CURLOPT_NOPROGRESS:
 453    /*
 454     * Shut off the internal supported progress meter
 455     */
 456    data->progress.hide = enabled;
 457    break;
 458  case CURLOPT_NOBODY:
 459    /*
 460     * Do not include the body part in the output data stream.
 461     */
 462    s->opt_no_body = enabled;
 463#ifndef CURL_DISABLE_HTTP
 464    if(s->opt_no_body)
 465      /* in HTTP lingo, no body means using the HEAD request... */
 466      s->method = HTTPREQ_HEAD;
 467    else if(s->method == HTTPREQ_HEAD)
 468      s->method = HTTPREQ_GET;
 469#endif
 470    break;
 471  case CURLOPT_FAILONERROR:
 472    /*
 473     * Do not output the >=400 error code HTML-page, but instead only
 474     * return error.
 475     */
 476    s->http_fail_on_error = enabled;
 477    break;
 478  case CURLOPT_KEEP_SENDING_ON_ERROR:
 479    s->http_keep_sending_on_error = enabled;
 480    break;
 481  case CURLOPT_UPLOAD:
 482  case CURLOPT_PUT:
 483    /*
 484     * We want to send data to the remote host. If this is HTTP, that equals
 485     * using the PUT request.
 486     */
 487    if(enabled) {
 488      /* If this is HTTP, PUT is what's needed to "upload" */
 489      s->method = HTTPREQ_PUT;
 490      s->opt_no_body = FALSE; /* this is implied */
 491    }
 492    else
 493      /* In HTTP, the opposite of upload is GET (unless NOBODY is true as
 494         then this can be changed to HEAD later on) */
 495      s->method = HTTPREQ_GET;
 496    break;
 497  case CURLOPT_FILETIME:
 498    /*
 499     * Try to get the file time of the remote document. The time will
 500     * later (possibly) become available using curl_easy_getinfo().
 501     */
 502    s->get_filetime = enabled;
 503    break;
 504#ifndef CURL_DISABLE_HTTP
 505  case CURLOPT_HTTP09_ALLOWED:
 506    s->http09_allowed = enabled;
 507    break;
 508#ifndef CURL_DISABLE_COOKIES
 509  case CURLOPT_COOKIESESSION:
 510    /*
 511     * Set this option to TRUE to start a new "cookie session". It will
 512     * prevent the forthcoming read-cookies-from-file actions to accept
 513     * cookies that are marked as being session cookies, as they belong to a
 514     * previous session.
 515     */
 516    s->cookiesession = enabled;
 517    break;
 518#endif
 519  case CURLOPT_AUTOREFERER:
 520    /*
 521     * Switch on automatic referer that gets set if curl follows locations.
 522     */
 523    s->http_auto_referer = enabled;
 524    break;
 525  case CURLOPT_TRANSFER_ENCODING:
 526    s->http_transfer_encoding = enabled;
 527    break;
 528  case CURLOPT_UNRESTRICTED_AUTH:
 529    /*
 530     * Send authentication (user+password) when following locations, even when
 531     * hostname changed.
 532     */
 533    s->allow_auth_to_other_hosts = enabled;
 534    break;
 535  case CURLOPT_HTTP_TRANSFER_DECODING:
 536    /*
 537     * disable libcurl transfer encoding is used
 538     */
 539    s->http_te_skip = !enabled; /* reversed */
 540    break;
 541  case CURLOPT_HTTP_CONTENT_DECODING:
 542    /*
 543     * raw data passed to the application when content encoding is used
 544     */
 545    s->http_ce_skip = !enabled; /* reversed */
 546    break;
 547  case CURLOPT_HTTPGET:
 548    /*
 549     * Set to force us do HTTP GET
 550     */
 551    if(enabled) {
 552      s->method = HTTPREQ_GET;
 553      s->opt_no_body = FALSE; /* this is implied */
 554    }
 555    break;
 556  case CURLOPT_POST:
 557    /* Does this option serve a purpose anymore? Yes it does, when
 558       CURLOPT_POSTFIELDS is not used and the POST data is read off the
 559       callback! */
 560    if(enabled) {
 561      s->method = HTTPREQ_POST;
 562      s->opt_no_body = FALSE; /* this is implied */
 563    }
 564    else
 565      s->method = HTTPREQ_GET;
 566    break;
 567#endif /* !CURL_DISABLE_HTTP */
 568#ifndef CURL_DISABLE_PROXY
 569  case CURLOPT_HTTPPROXYTUNNEL:
 570    /*
 571     * Tunnel operations through the proxy instead of normal proxy use
 572     */
 573    s->tunnel_thru_httpproxy = enabled;
 574    break;
 575  case CURLOPT_HAPROXYPROTOCOL:
 576    /*
 577     * Set to send the HAProxy Proxy Protocol header
 578     */
 579    s->haproxyprotocol = enabled;
 580    break;
 581  case CURLOPT_PROXY_SSL_VERIFYPEER:
 582    /*
 583     * Enable peer SSL verifying for proxy.
 584     */
 585    s->proxy_ssl.primary.verifypeer = enabled;
 586
 587    /* Update the current connection proxy_ssl_config. */
 588    Curl_ssl_conn_config_update(data, TRUE);
 589    break;
 590  case CURLOPT_PROXY_SSL_VERIFYHOST:
 591    /*
 592     * Enable verification of the hostname in the peer certificate for proxy
 593     */
 594    s->proxy_ssl.primary.verifyhost = enabled;
 595    ok = 2;
 596    /* Update the current connection proxy_ssl_config. */
 597    Curl_ssl_conn_config_update(data, TRUE);
 598    break;
 599  case CURLOPT_PROXY_TRANSFER_MODE:
 600    /*
 601     * set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy
 602     */
 603    s->proxy_transfer_mode = enabled;
 604    break;
 605#endif /* !CURL_DISABLE_PROXY */
 606#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
 607  case CURLOPT_SOCKS5_GSSAPI_NEC:
 608    /*
 609     * Set flag for NEC SOCKS5 support
 610     */
 611    s->socks5_gssapi_nec = enabled;
 612    break;
 613#endif
 614#ifdef CURL_LIST_ONLY_PROTOCOL
 615  case CURLOPT_DIRLISTONLY:
 616    /*
 617     * An option that changes the command to one that asks for a list only, no
 618     * file info details. Used for FTP, POP3 and SFTP.
 619     */
 620    s->list_only = enabled;
 621    break;
 622#endif
 623  case CURLOPT_APPEND:
 624    /*
 625     * We want to upload and append to an existing file. Used for FTP and
 626     * SFTP.
 627     */
 628    s->remote_append = enabled;
 629    break;
 630#ifndef CURL_DISABLE_FTP
 631  case CURLOPT_FTP_USE_EPRT:
 632    s->ftp_use_eprt = enabled;
 633    break;
 634  case CURLOPT_FTP_USE_EPSV:
 635    s->ftp_use_epsv = enabled;
 636    break;
 637  case CURLOPT_FTP_USE_PRET:
 638    s->ftp_use_pret = enabled;
 639    break;
 640  case CURLOPT_FTP_SKIP_PASV_IP:
 641    /*
 642     * Enable or disable FTP_SKIP_PASV_IP, which will disable/enable the
 643     * bypass of the IP address in PASV responses.
 644     */
 645    s->ftp_skip_ip = enabled;
 646    break;
 647  case CURLOPT_WILDCARDMATCH:
 648    s->wildcard_enabled = enabled;
 649    break;
 650#endif
 651  case CURLOPT_CRLF:
 652    /*
 653     * Kludgy option to enable CRLF conversions. Subject for removal.
 654     */
 655    s->crlf = enabled;
 656    break;
 657#ifndef CURL_DISABLE_TFTP
 658  case CURLOPT_TFTP_NO_OPTIONS:
 659    /*
 660     * Option that prevents libcurl from sending TFTP option requests to the
 661     * server.
 662     */
 663    s->tftp_no_options = enabled;
 664    break;
 665#endif /* !CURL_DISABLE_TFTP */
 666  case CURLOPT_TRANSFERTEXT:
 667    /*
 668     * This option was previously named 'FTPASCII'. Renamed to work with
 669     * more protocols than merely FTP.
 670     *
 671     * Transfer using ASCII (instead of BINARY).
 672     */
 673    s->prefer_ascii = enabled;
 674    break;
 675  case CURLOPT_SSL_VERIFYPEER:
 676    /*
 677     * Enable peer SSL verifying.
 678     */
 679    s->ssl.primary.verifypeer = enabled;
 680
 681    /* Update the current connection ssl_config. */
 682    Curl_ssl_conn_config_update(data, FALSE);
 683    break;
 684#ifndef CURL_DISABLE_DOH
 685  case CURLOPT_DOH_SSL_VERIFYPEER:
 686    /*
 687     * Enable peer SSL verifying for DoH.
 688     */
 689    s->doh_verifypeer = enabled;
 690    break;
 691  case CURLOPT_DOH_SSL_VERIFYHOST:
 692    /*
 693     * Enable verification of the hostname in the peer certificate for DoH
 694     */
 695    s->doh_verifyhost = enabled;
 696    ok = 2;
 697    break;
 698  case CURLOPT_DOH_SSL_VERIFYSTATUS:
 699    /*
 700     * Enable certificate status verifying for DoH.
 701     */
 702    if(!Curl_ssl_cert_status_request())
 703      return CURLE_NOT_BUILT_IN;
 704
 705    s->doh_verifystatus = enabled;
 706    ok = 2;
 707    break;
 708#endif /* !CURL_DISABLE_DOH */
 709  case CURLOPT_SSL_VERIFYHOST:
 710    /*
 711     * Enable verification of the hostname in the peer certificate
 712     */
 713
 714    /* Obviously people are not reading documentation and too many thought
 715       this argument took a boolean when it was not and misused it.
 716       Treat 1 and 2 the same */
 717    s->ssl.primary.verifyhost = enabled;
 718    ok = 2;
 719
 720    /* Update the current connection ssl_config. */
 721    Curl_ssl_conn_config_update(data, FALSE);
 722    break;
 723  case CURLOPT_SSL_VERIFYSTATUS:
 724    /*
 725     * Enable certificate status verifying.
 726     */
 727    if(!Curl_ssl_cert_status_request())
 728      return CURLE_NOT_BUILT_IN;
 729
 730    s->ssl.primary.verifystatus = enabled;
 731
 732    /* Update the current connection ssl_config. */
 733    Curl_ssl_conn_config_update(data, FALSE);
 734    break;
 735  case CURLOPT_CERTINFO:
 736#ifdef USE_SSL
 737    if(Curl_ssl_supports(data, SSLSUPP_CERTINFO))
 738      s->ssl.certinfo = enabled;
 739    else
 740#endif
 741      return CURLE_NOT_BUILT_IN;
 742    break;
 743  case CURLOPT_NOSIGNAL:
 744    /*
 745     * The application asks not to set any signal() or alarm() handlers,
 746     * even when using a timeout.
 747     */
 748    s->no_signal = enabled;
 749    break;
 750  case CURLOPT_TCP_NODELAY:
 751    /*
 752     * Enable or disable TCP_NODELAY, which will disable/enable the Nagle
 753     * algorithm
 754     */
 755    s->tcp_nodelay = enabled;
 756    break;
 757  case CURLOPT_IGNORE_CONTENT_LENGTH:
 758    s->ignorecl = enabled;
 759    break;
 760  case CURLOPT_SSL_SESSIONID_CACHE:
 761    s->ssl.primary.cache_session = enabled;
 762#ifndef CURL_DISABLE_PROXY
 763    s->proxy_ssl.primary.cache_session = s->ssl.primary.cache_session;
 764#endif
 765    break;
 766#ifdef USE_SSH
 767  case CURLOPT_SSH_COMPRESSION:
 768    s->ssh_compression = enabled;
 769    break;
 770#endif /* !USE_SSH */
 771#ifndef CURL_DISABLE_SMTP
 772  case CURLOPT_MAIL_RCPT_ALLOWFAILS:
 773    /* allow RCPT TO command to fail for some recipients */
 774    s->mail_rcpt_allowfails = enabled;
 775    break;
 776#endif /* !CURL_DISABLE_SMTP */
 777  case CURLOPT_SASL_IR:
 778    /* Enable/disable SASL initial response */
 779    s->sasl_ir = enabled;
 780    break;
 781  case CURLOPT_TCP_KEEPALIVE:
 782    s->tcp_keepalive = enabled;
 783    break;
 784  case CURLOPT_TCP_FASTOPEN:
 785#if defined(CONNECT_DATA_IDEMPOTENT) || defined(MSG_FASTOPEN) || \
 786  defined(TCP_FASTOPEN_CONNECT)
 787    s->tcp_fastopen = enabled;
 788    break;
 789#else
 790    return CURLE_NOT_BUILT_IN;
 791#endif
 792  case CURLOPT_SSL_ENABLE_ALPN:
 793    s->ssl_enable_alpn = enabled;
 794    break;
 795  case CURLOPT_PATH_AS_IS:
 796    s->path_as_is = enabled;
 797    break;
 798  case CURLOPT_PIPEWAIT:
 799    s->pipewait = enabled;
 800    break;
 801  case CURLOPT_SUPPRESS_CONNECT_HEADERS:
 802    s->suppress_connect_headers = enabled;
 803    break;
 804#ifndef CURL_DISABLE_SHUFFLE_DNS
 805  case CURLOPT_DNS_SHUFFLE_ADDRESSES:
 806    s->dns_shuffle_addresses = enabled;
 807    break;
 808#endif
 809  case CURLOPT_DISALLOW_USERNAME_IN_URL:
 810    s->disallow_username_in_url = enabled;
 811    break;
 812  case CURLOPT_QUICK_EXIT:
 813    s->quick_exit = enabled;
 814    break;
 815  default:
 816    return CURLE_UNKNOWN_OPTION;
 817  }
 818  if((arg > ok) || (arg < 0))
 819    /* reserve other values for future use */
 820    infof(data, "boolean setopt(%d) got unsupported argument %ld,"
 821          " treated as %d", option, arg, enabled);
 822
 823  return CURLE_OK;
 824}
 825
 826static CURLcode value_range(long *value, long below_error, long min, long max)
 827{
 828  if(*value < below_error)
 829    return CURLE_BAD_FUNCTION_ARGUMENT;
 830  else if(*value < min)
 831    *value = min;
 832  else if(*value > max)
 833    *value = max;
 834  return CURLE_OK;
 835}
 836
 837static CURLcode setopt_long_net(struct Curl_easy *data, CURLoption option,
 838                                long arg)
 839{
 840  CURLcode result = CURLE_OK;
 841  struct UserDefined *s = &data->set;
 842
 843  switch(option) {
 844  case CURLOPT_DNS_CACHE_TIMEOUT:
 845    if(arg != -1)
 846      return setopt_set_timeout_sec(&s->dns_cache_timeout_ms, arg);
 847    s->dns_cache_timeout_ms = -1;
 848    break;
 849  case CURLOPT_MAXCONNECTS:
 850    result = value_range(&arg, 1, 1, INT_MAX);
 851    if(!result)
 852      s->maxconnects = (uint32_t)arg;
 853    break;
 854  case CURLOPT_SERVER_RESPONSE_TIMEOUT:
 855    return setopt_set_timeout_sec(&s->server_response_timeout, arg);
 856  case CURLOPT_SERVER_RESPONSE_TIMEOUT_MS:
 857    return setopt_set_timeout_ms(&s->server_response_timeout, arg);
 858  case CURLOPT_LOW_SPEED_LIMIT:
 859    if(arg < 0)
 860      result = CURLE_BAD_FUNCTION_ARGUMENT;
 861    else
 862      s->low_speed_limit = arg;
 863    break;
 864  case CURLOPT_LOW_SPEED_TIME:
 865    result = value_range(&arg, 0, 0, USHRT_MAX);
 866    if(!result)
 867      s->low_speed_time = (uint16_t)arg;
 868    break;
 869  case CURLOPT_PORT:
 870    if((arg < 0) || (arg > 65535))
 871      return CURLE_BAD_FUNCTION_ARGUMENT;
 872    s->use_port = (unsigned short)arg;
 873    break;
 874  case CURLOPT_TIMEOUT:
 875    return setopt_set_timeout_sec(&s->timeout, arg);
 876  case CURLOPT_TIMEOUT_MS:
 877    return setopt_set_timeout_ms(&s->timeout, arg);
 878  case CURLOPT_CONNECTTIMEOUT:
 879    return setopt_set_timeout_sec(&s->connecttimeout, arg);
 880  case CURLOPT_CONNECTTIMEOUT_MS:
 881    return setopt_set_timeout_ms(&s->connecttimeout, arg);
 882#ifndef CURL_DISABLE_BINDLOCAL
 883  case CURLOPT_LOCALPORT:
 884    if((arg < 0) || (arg > 65535))
 885      return CURLE_BAD_FUNCTION_ARGUMENT;
 886    s->localport = curlx_sltous(arg);
 887    break;
 888  case CURLOPT_LOCALPORTRANGE:
 889    if((arg < 0) || (arg > 65535))
 890      return CURLE_BAD_FUNCTION_ARGUMENT;
 891    s->localportrange = curlx_sltous(arg);
 892    break;
 893#endif
 894  case CURLOPT_BUFFERSIZE:
 895    result = value_range(&arg, 0, READBUFFER_MIN, READBUFFER_MAX);
 896    if(!result)
 897      s->buffer_size = (unsigned int)arg;
 898    break;
 899  case CURLOPT_UPLOAD_BUFFERSIZE:
 900    result = value_range(&arg, 0, UPLOADBUFFER_MIN, UPLOADBUFFER_MAX);
 901    if(!result)
 902      s->upload_buffer_size = (unsigned int)arg;
 903    break;
 904  case CURLOPT_MAXFILESIZE:
 905    if(arg < 0)
 906      result = CURLE_BAD_FUNCTION_ARGUMENT;
 907    else
 908      s->max_filesize = arg;
 909    break;
 910  case CURLOPT_IPRESOLVE:
 911    if((arg < CURL_IPRESOLVE_WHATEVER) || (arg > CURL_IPRESOLVE_V6))
 912      result = CURLE_BAD_FUNCTION_ARGUMENT;
 913    else
 914      s->ipver = (unsigned char)arg;
 915    break;
 916  case CURLOPT_CONNECT_ONLY:
 917    if(arg < 0 || arg > 2)
 918      result = CURLE_BAD_FUNCTION_ARGUMENT;
 919    else {
 920      s->connect_only = !!arg;
 921      s->connect_only_ws = (arg == 2);
 922    }
 923    break;
 924#ifdef USE_IPV6
 925  case CURLOPT_ADDRESS_SCOPE:
 926#if SIZEOF_LONG > 4
 927    if((unsigned long)arg > UINT_MAX)
 928      result = CURLE_BAD_FUNCTION_ARGUMENT;
 929    else
 930#endif
 931    s->scope_id = (unsigned int)arg;
 932    break;
 933#endif
 934  case CURLOPT_TCP_KEEPIDLE:
 935    result = value_range(&arg, 0, 0, INT_MAX);
 936    if(!result)
 937      s->tcp_keepidle = (int)arg;
 938    break;
 939  case CURLOPT_TCP_KEEPINTVL:
 940    result = value_range(&arg, 0, 0, INT_MAX);
 941    if(!result)
 942      s->tcp_keepintvl = (int)arg;
 943    break;
 944  case CURLOPT_TCP_KEEPCNT:
 945    result = value_range(&arg, 0, 0, INT_MAX);
 946    if(!result)
 947      s->tcp_keepcnt = (int)arg;
 948    break;
 949  case CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS:
 950    return setopt_set_timeout_ms(&s->happy_eyeballs_timeout, arg);
 951  case CURLOPT_UPKEEP_INTERVAL_MS:
 952    return setopt_set_timeout_ms(&s->upkeep_interval_ms, arg);
 953  case CURLOPT_MAXAGE_CONN:
 954    return setopt_set_timeout_sec(&s->conn_max_idle_ms, arg);
 955  case CURLOPT_MAXLIFETIME_CONN:
 956    return setopt_set_timeout_sec(&s->conn_max_age_ms, arg);
 957  case CURLOPT_DNS_USE_GLOBAL_CACHE:
 958    /* deprecated */
 959    break;
 960  default:
 961    return CURLE_UNKNOWN_OPTION;
 962  }
 963  return result;
 964}
 965
 966static CURLcode setopt_long_ssl(struct Curl_easy *data, CURLoption option,
 967                                long arg)
 968{
 969#ifdef USE_SSL
 970  CURLcode result = CURLE_OK;
 971  struct UserDefined *s = &data->set;
 972  switch(option) {
 973  case CURLOPT_CA_CACHE_TIMEOUT:
 974    if(Curl_ssl_supports(data, SSLSUPP_CA_CACHE)) {
 975      result = value_range(&arg, -1, -1, INT_MAX);
 976      if(!result)
 977        s->general_ssl.ca_cache_timeout = (int)arg;
 978    }
 979    else
 980      result = CURLE_NOT_BUILT_IN;
 981    break;
 982  case CURLOPT_SSLVERSION:
 983#ifndef CURL_DISABLE_PROXY
 984  case CURLOPT_PROXY_SSLVERSION:
 985#endif
 986    return Curl_setopt_SSLVERSION(data, option, arg);
 987  case CURLOPT_SSL_FALSESTART:
 988    result = CURLE_NOT_BUILT_IN;
 989    break;
 990  case CURLOPT_USE_SSL:
 991    if((arg < CURLUSESSL_NONE) || (arg >= CURLUSESSL_LAST))
 992      result = CURLE_BAD_FUNCTION_ARGUMENT;
 993    else
 994      s->use_ssl = (unsigned char)arg;
 995    break;
 996  case CURLOPT_SSL_OPTIONS:
 997    set_ssl_options(&s->ssl, &s->ssl.primary, arg);
 998    break;
 999#ifndef CURL_DISABLE_PROXY
1000  case CURLOPT_PROXY_SSL_OPTIONS:
1001    set_ssl_options(&s->proxy_ssl, &s->proxy_ssl.primary, arg);
1002    break;
1003#endif
1004  case CURLOPT_SSL_ENABLE_NPN:
1005    break;
1006  case CURLOPT_SSLENGINE_DEFAULT:
1007    curlx_safefree(s->str[STRING_SSL_ENGINE]);
1008    result = Curl_ssl_set_engine_default(data);
1009    break;
1010  default:
1011    return CURLE_UNKNOWN_OPTION;
1012  }
1013  return result;
1014#else  /* USE_SSL */
1015  (void)data;
1016  (void)option;
1017  (void)arg;
1018  return CURLE_UNKNOWN_OPTION;
1019#endif /* !USE_SSL */
1020}
1021
1022#ifndef CURL_DISABLE_PROXY
1023static void changeproxy(struct Curl_easy *data)
1024{
1025  Curl_auth_digest_cleanup(&data->state.proxydigest);
1026  memset(&data->state.authproxy, 0, sizeof(data->state.authproxy));
1027}
1028
1029static CURLcode setopt_long_proxy(struct Curl_easy *data, CURLoption option,
1030                                  long arg)
1031{
1032  struct UserDefined *s = &data->set;
1033
1034  switch(option) {
1035  case CURLOPT_PROXYPORT:
1036    if((arg < 0) || (arg > UINT16_MAX))
1037      return CURLE_BAD_FUNCTION_ARGUMENT;
1038    if(arg != s->proxyport)
1039      changeproxy(data);
1040    s->proxyport = (uint16_t)arg;
1041    break;
1042  case CURLOPT_PROXYAUTH:
1043    return httpauth(data, TRUE, (unsigned long)arg);
1044  case CURLOPT_PROXYTYPE:
1045    if((arg < CURLPROXY_HTTP) || (arg > CURLPROXY_SOCKS5_HOSTNAME))
1046      return CURLE_BAD_FUNCTION_ARGUMENT;
1047    s->proxytype = (unsigned char)arg;
1048    break;
1049  case CURLOPT_SOCKS5_AUTH:
1050    if(arg & ~(CURLAUTH_BASIC | CURLAUTH_GSSAPI))
1051      return CURLE_NOT_BUILT_IN;
1052    s->socks5auth = (unsigned char)arg;
1053    break;
1054  default:
1055    return CURLE_UNKNOWN_OPTION;
1056  }
1057  return CURLE_OK;
1058}
1059#else
1060static CURLcode setopt_long_proxy(struct Curl_easy *data, CURLoption option,
1061                                  long arg)
1062{
1063  (void)data;
1064  (void)option;
1065  (void)arg;
1066  return CURLE_UNKNOWN_OPTION;
1067}
1068#endif
1069
1070static CURLcode setopt_long_http(struct Curl_easy *data, CURLoption option,
1071                                 long arg)
1072{
1073#ifndef CURL_DISABLE_HTTP
1074  CURLcode result = CURLE_OK;
1075  struct UserDefined *s = &data->set;
1076
1077  switch(option) {
1078  case CURLOPT_FOLLOWLOCATION:
1079    if((unsigned long)arg > 3)
1080      result = CURLE_BAD_FUNCTION_ARGUMENT;
1081    else
1082      s->http_follow_mode = (unsigned char)arg;
1083    break;
1084  case CURLOPT_MAXREDIRS:
1085    result = value_range(&arg, -1, -1, 0x7fff);
1086    if(!result)
1087      s->maxredirs = (short)arg;
1088    break;
1089  case CURLOPT_POSTREDIR:
1090    if(arg < CURL_REDIR_GET_ALL)
1091      result = CURLE_BAD_FUNCTION_ARGUMENT;
1092    else {
1093      s->post301 = !!(arg & CURL_REDIR_POST_301);
1094      s->post302 = !!(arg & CURL_REDIR_POST_302);
1095      s->post303 = !!(arg & CURL_REDIR_POST_303);
1096    }
1097    break;
1098  case CURLOPT_HEADEROPT:
1099    s->sep_headers = !!(arg & CURLHEADER_SEPARATE);
1100    break;
1101  case CURLOPT_HTTPAUTH:
1102    return httpauth(data, FALSE, (unsigned long)arg);
1103  case CURLOPT_HTTP_VERSION:
1104    return setopt_HTTP_VERSION(data, arg);
1105  case CURLOPT_EXPECT_100_TIMEOUT_MS:
1106    result = value_range(&arg, 0, 0, 0xffff);
1107    if(!result)
1108      s->expect_100_timeout = (unsigned short)arg;
1109    break;
1110  case CURLOPT_STREAM_WEIGHT:
1111#if defined(USE_HTTP2) || defined(USE_HTTP3)
1112    if((arg >= 1) && (arg <= 256))
1113      s->priority.weight = (int)arg;
1114    break;
1115#else
1116    result = CURLE_NOT_BUILT_IN;
1117    break;
1118#endif
1119  default:
1120    return CURLE_UNKNOWN_OPTION;
1121  }
1122  return result;
1123#else
1124  (void)data;
1125  (void)option;
1126  (void)arg;
1127  return CURLE_UNKNOWN_OPTION;
1128#endif
1129}
1130
1131static CURLcode setopt_long_proto(struct Curl_easy *data, CURLoption option,
1132                                  long arg)
1133{
1134  CURLcode result = CURLE_OK;
1135  struct UserDefined *s = &data->set;
1136
1137  switch(option) {
1138#ifndef CURL_DISABLE_TFTP
1139  case CURLOPT_TFTP_BLKSIZE:
1140    result = value_range(&arg, 0, TFTP_BLKSIZE_MIN, TFTP_BLKSIZE_MAX);
1141    if(!result)
1142      s->tftp_blksize = (unsigned short)arg;
1143    break;
1144#endif
1145#ifndef CURL_DISABLE_NETRC
1146  case CURLOPT_NETRC:
1147    if((arg < CURL_NETRC_IGNORED) || (arg >= CURL_NETRC_LAST))
1148      result = CURLE_BAD_FUNCTION_ARGUMENT;
1149    else
1150      s->use_netrc = (unsigned char)arg;
1151    break;
1152#endif
1153#ifndef CURL_DISABLE_FTP
1154  case CURLOPT_FTP_FILEMETHOD:
1155    if((arg < CURLFTPMETHOD_DEFAULT) || (arg >= CURLFTPMETHOD_LAST))
1156      result = CURLE_BAD_FUNCTION_ARGUMENT;
1157    else
1158      s->ftp_filemethod = (unsigned char)arg;
1159    break;
1160  case CURLOPT_FTP_SSL_CCC:
1161    if((arg < CURLFTPSSL_CCC_NONE) || (arg >= CURLFTPSSL_CCC_LAST))
1162      result = CURLE_BAD_FUNCTION_ARGUMENT;
1163    else
1164      s->ftp_ccc = (unsigned char)arg;
1165    break;
1166  case CURLOPT_FTPSSLAUTH:
1167    if((arg < CURLFTPAUTH_DEFAULT) || (arg >= CURLFTPAUTH_LAST))
1168      result = CURLE_BAD_FUNCTION_ARGUMENT;
1169    else
1170      s->ftpsslauth = (unsigned char)arg;
1171    break;
1172  case CURLOPT_ACCEPTTIMEOUT_MS:
1173    return setopt_set_timeout_ms(&s->accepttimeout, arg);
1174#endif
1175#if !defined(CURL_DISABLE_FTP) || defined(USE_SSH)
1176  case CURLOPT_FTP_CREATE_MISSING_DIRS:
1177    if((arg < CURLFTP_CREATE_DIR_NONE) || (arg > CURLFTP_CREATE_DIR_RETRY))
1178      result = CURLE_BAD_FUNCTION_ARGUMENT;
1179    else
1180      s->ftp_create_missing_dirs = (unsigned char)arg;
1181    break;
1182  case CURLOPT_NEW_FILE_PERMS:
1183    if((arg < 0) || (arg > 0777))
1184      result = CURLE_BAD_FUNCTION_ARGUMENT;
1185    else
1186      s->new_file_perms = (unsigned int)arg;
1187    break;
1188#endif
1189#ifndef CURL_DISABLE_RTSP
1190  case CURLOPT_RTSP_REQUEST:
1191    return setopt_RTSP_REQUEST(data, arg);
1192  case CURLOPT_RTSP_CLIENT_CSEQ:
1193    result = value_range(&arg, 0, 0, INT_MAX);
1194    if(!result)
1195      data->state.rtsp_next_client_CSeq = (uint32_t)arg;
1196    break;
1197  case CURLOPT_RTSP_SERVER_CSEQ:
1198    result = value_range(&arg, 0, 0, INT_MAX);
1199    if(!result)
1200      data->state.rtsp_next_server_CSeq = (uint32_t)arg;
1201    break;
1202#endif
1203#ifdef USE_SSH
1204  case CURLOPT_SSH_AUTH_TYPES:
1205    s->ssh_auth_types = (uint32_t)arg;
1206    break;
1207  case CURLOPT_NEW_DIRECTORY_PERMS:
1208    if((arg < 0) || (arg > 0777))
1209      result = CURLE_BAD_FUNCTION_ARGUMENT;
1210    else
1211      s->new_directory_perms = (unsigned int)arg;
1212    break;
1213#endif
1214  case CURLOPT_PROTOCOLS:
1215    s->allowed_protocols = (curl_prot_t)arg;
1216    break;
1217  case CURLOPT_REDIR_PROTOCOLS:
1218    s->redir_protocols = (curl_prot_t)arg;
1219    break;
1220#ifndef CURL_DISABLE_WEBSOCKETS
1221  case CURLOPT_WS_OPTIONS:
1222    s->ws_raw_mode = (bool)(arg & CURLWS_RAW_MODE);
1223    s->ws_no_auto_pong = (bool)(arg & CURLWS_NOAUTOPONG);
1224    break;
1225#endif
1226  default:
1227    return CURLE_UNKNOWN_OPTION;
1228  }
1229  return result;
1230}
1231
1232static CURLcode setopt_long_misc(struct Curl_easy *data, CURLoption option,
1233                                 long arg)
1234{
1235  struct UserDefined *s = &data->set;
1236
1237  switch(option) {
1238  case CURLOPT_TIMECONDITION:
1239    if((arg < CURL_TIMECOND_NONE) || (arg >= CURL_TIMECOND_LAST))
1240      return CURLE_BAD_FUNCTION_ARGUMENT;
1241    s->timecondition = (unsigned char)arg;
1242    break;
1243  case CURLOPT_TIMEVALUE:
1244    s->timevalue = (time_t)arg;
1245    break;
1246  case CURLOPT_POSTFIELDSIZE:
1247    if(arg < -1)
1248      return CURLE_BAD_FUNCTION_ARGUMENT;
1249    if(s->postfieldsize < arg &&
1250       s->postfields == s->str[STRING_COPYPOSTFIELDS]) {
1251      curlx_safefree(s->str[STRING_COPYPOSTFIELDS]);
1252      s->postfields = NULL;
1253    }
1254    s->postfieldsize = arg;
1255    break;
1256  case CURLOPT_INFILESIZE:
1257    if(arg < -1)
1258      return CURLE_BAD_FUNCTION_ARGUMENT;
1259    s->filesize = arg;
1260    break;
1261  case CURLOPT_RESUME_FROM:
1262    if(arg < -1)
1263      return CURLE_BAD_FUNCTION_ARGUMENT;
1264    s->set_resume_from = arg;
1265    break;
1266  case CURLOPT_UPLOAD_FLAGS:
1267    s->upload_flags = (unsigned char)arg;
1268    break;
1269#ifndef CURL_DISABLE_MIME
1270  case CURLOPT_MIME_OPTIONS:
1271    s->mime_formescape = !!(arg & CURLMIMEOPT_FORMESCAPE);
1272    break;
1273#endif
1274#ifndef CURL_DISABLE_HSTS
1275  case CURLOPT_HSTS_CTRL:
1276    if(arg & CURLHSTS_ENABLE) {
1277      if(!data->hsts) {
1278        data->hsts = Curl_hsts_init();
1279        if(!data->hsts)
1280          return CURLE_OUT_OF_MEMORY;
1281      }
1282    }
1283    else if(!data->share || !data->share->hsts) {
1284      /* throw away the HSTS cache unless shared */
1285      Curl_hsts_cleanup(&data->hsts);
1286      /* flush all the entries */
1287      curl_slist_free_all(data->state.hstslist);
1288      data->state.hstslist = NULL;
1289    }
1290    else
1291      /* detach from shared HSTS cache without freeing it */
1292      data->hsts = NULL;
1293    break;
1294#endif
1295#ifndef CURL_DISABLE_ALTSVC
1296  case CURLOPT_ALTSVC_CTRL:
1297    return Curl_altsvc_ctrl(data, arg);
1298#endif
1299#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
1300  case CURLOPT_GSSAPI_DELEGATION:
1301    s->gssapi_delegation = (unsigned char)arg &
1302      (CURLGSSAPI_DELEGATION_POLICY_FLAG | CURLGSSAPI_DELEGATION_FLAG);
1303    break;
1304#endif
1305  default:
1306    return CURLE_UNKNOWN_OPTION;
1307  }
1308  return CURLE_OK;
1309}
1310
1311static CURLcode setopt_long(struct Curl_easy *data, CURLoption option,
1312                            long arg)
1313{
1314  typedef CURLcode (*setoptfunc)(struct Curl_easy *data,
1315                                 CURLoption option, long arg);
1316  static const setoptfunc setopt_call[] = {
1317    setopt_long_bool,
1318    setopt_long_net,
1319    setopt_long_http,
1320    setopt_long_proxy,
1321    setopt_long_ssl,
1322    setopt_long_proto,
1323    setopt_long_misc
1324  };
1325  size_t i;
1326
1327  for(i = 0; i < CURL_ARRAYSIZE(setopt_call); i++) {
1328    CURLcode result = setopt_call[i](data, option, arg);
1329    if(result != CURLE_UNKNOWN_OPTION)
1330      return result;
1331  }
1332  return CURLE_UNKNOWN_OPTION;
1333}
1334
1335static CURLcode setopt_slist(struct Curl_easy *data, CURLoption option,
1336                             struct curl_slist *slist)
1337{
1338  CURLcode result = CURLE_OK;
1339  struct UserDefined *s = &data->set;
1340  switch(option) {
1341#ifndef CURL_DISABLE_PROXY
1342  case CURLOPT_PROXYHEADER:
1343    /*
1344     * Set a list with proxy headers to use (or replace internals with)
1345     *
1346     * Since CURLOPT_HTTPHEADER was the only way to set HTTP headers for a
1347     * long time we remain doing it this way until CURLOPT_PROXYHEADER is
1348     * used. As soon as this option has been used, if set to anything but
1349     * NULL, custom headers for proxies are only picked from this list.
1350     *
1351     * Set this option to NULL to restore the previous behavior.
1352     */
1353    s->proxyheaders = slist;
1354    break;
1355#endif
1356#ifndef CURL_DISABLE_HTTP
1357  case CURLOPT_HTTP200ALIASES:
1358    /*
1359     * Set a list of aliases for HTTP 200 in response header
1360     */
1361    s->http200aliases = slist;
1362    break;
1363#endif
1364#if !defined(CURL_DISABLE_FTP) || defined(USE_SSH)
1365  case CURLOPT_POSTQUOTE:
1366    /*
1367     * List of RAW FTP commands to use after a transfer
1368     */
1369    s->postquote = slist;
1370    break;
1371  case CURLOPT_PREQUOTE:
1372    /*
1373     * List of RAW FTP commands to use prior to RETR (Wesley Laxton)
1374     */
1375    s->prequote = slist;
1376    break;
1377  case CURLOPT_QUOTE:
1378    /*
1379     * List of RAW FTP commands to use before a transfer
1380     */
1381    s->quote = slist;
1382    break;
1383#endif
1384  case CURLOPT_RESOLVE:
1385    /*
1386     * List of HOST:PORT:[addresses] strings to populate the DNS cache with
1387     * Entries added this way will remain in the cache until explicitly
1388     * removed or the handle is cleaned up.
1389     *
1390     * Prefix the HOST with plus sign (+) to have the entry expire like
1391     * automatically added entries.
1392     *
1393     * Prefix the HOST with dash (-) to _remove_ the entry from the cache.
1394     *
1395     * This API can remove any entry from the DNS cache, but only entries
1396     * that are not actually in use right now will be pruned immediately.
1397     */
1398    s->resolve = slist;
1399    data->state.resolve = s->resolve;
1400    break;
1401#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_MIME)
1402  case CURLOPT_HTTPHEADER:
1403    /*
1404     * Set a list with HTTP headers to use (or replace internals with)
1405     */
1406    s->headers = slist;
1407    break;
1408#endif
1409#ifndef CURL_DISABLE_TELNET
1410  case CURLOPT_TELNETOPTIONS:
1411    /*
1412     * Set a linked list of telnet options
1413     */
1414    s->telnet_options = slist;
1415    break;
1416#endif
1417#ifndef CURL_DISABLE_SMTP
1418  case CURLOPT_MAIL_RCPT:
1419    /* Set the list of mail recipients */
1420    s->mail_rcpt = slist;
1421    break;
1422#endif
1423  case CURLOPT_CONNECT_TO:
1424    s->connect_to = slist;
1425    break;
1426  default:
1427    return CURLE_UNKNOWN_OPTION;
1428  }
1429  return result;
1430}
1431
1432#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_SMTP) ||       \
1433  !defined(CURL_DISABLE_IMAP)
1434#ifndef CURL_DISABLE_MIME
1435static CURLcode setopt_mimepost(struct Curl_easy *data, curl_mime *mimep)
1436{
1437  /*
1438   * Set to make us do MIME POST
1439   */
1440  CURLcode result;
1441  struct UserDefined *s = &data->set;
1442  if(!s->mimepostp) {
1443    s->mimepostp = curlx_malloc(sizeof(*s->mimepostp));
1444    if(!s->mimepostp)
1445      return CURLE_OUT_OF_MEMORY;
1446    Curl_mime_initpart(s->mimepostp);
1447  }
1448
1449  result = Curl_mime_set_subparts(s->mimepostp, mimep, FALSE);
1450  if(!result) {
1451    s->method = HTTPREQ_POST_MIME;
1452    s->opt_no_body = FALSE; /* this is implied */
1453#ifndef CURL_DISABLE_FORM_API
1454    Curl_mime_cleanpart(data->state.formp);
1455    curlx_safefree(data->state.formp);
1456    data->state.mimepost = NULL;
1457#endif
1458  }
1459  return result;
1460}
1461#endif /* !CURL_DISABLE_MIME */
1462#endif /* !CURL_DISABLE_HTTP || !CURL_DISABLE_SMTP || !CURL_DISABLE_IMAP */
1463
1464/* assorted pointer type arguments */
1465static CURLcode setopt_pointers(struct Curl_easy *data, CURLoption option,
1466                                va_list param)
1467{
1468  CURLcode result = CURLE_OK;
1469  struct UserDefined *s = &data->set;
1470  switch(option) {
1471  case CURLOPT_CURLU:
1472    /*
1473     * pass CURLU to set URL
1474     */
1475    Curl_bufref_free(&data->state.url);
1476    curlx_safefree(s->str[STRING_SET_URL]);
1477    s->uh = va_arg(param, CURLU *);
1478    break;
1479#ifndef CURL_DISABLE_HTTP
1480#ifndef CURL_DISABLE_FORM_API
1481  case CURLOPT_HTTPPOST:
1482    /*
1483     * Set to make us do HTTP POST. Legacy API-style.
1484     */
1485    s->httppost = va_arg(param, struct curl_httppost *);
1486    s->method = HTTPREQ_POST_FORM;
1487    s->opt_no_body = FALSE; /* this is implied */
1488    Curl_mime_cleanpart(data->state.formp);
1489    curlx_safefree(data->state.formp);
1490    data->state.mimepost = NULL;
1491    break;
1492#endif /* !CURL_DISABLE_FORM_API */
1493#endif /* !CURL_DISABLE_HTTP */
1494#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_SMTP) ||       \
1495  !defined(CURL_DISABLE_IMAP)
1496#ifndef CURL_DISABLE_MIME
1497  case CURLOPT_MIMEPOST:
1498    result = setopt_mimepost(data, va_arg(param, curl_mime *));
1499    break;
1500#endif /* !CURL_DISABLE_MIME */
1501#endif /* !CURL_DISABLE_HTTP || !CURL_DISABLE_SMTP || !CURL_DISABLE_IMAP */
1502  case CURLOPT_STDERR:
1503    /*
1504     * Set to a FILE * that should receive all error writes. This
1505     * defaults to stderr for normal operations.
1506     */
1507    s->err = va_arg(param, FILE *);
1508    if(!s->err)
1509      s->err = stderr;
1510    break;
1511  case CURLOPT_SHARE: {
1512    struct Curl_share *set = va_arg(param, struct Curl_share *);
1513
1514    /* disconnect from old share, if any and possible */
1515    result = Curl_share_easy_unlink(data);
1516    if(result)
1517      return result;
1518
1519    /* use new share if it set */
1520    if(GOOD_SHARE_HANDLE(set)) {
1521      result = Curl_share_easy_link(data, set);
1522      if(result)
1523        return result;
1524    }
1525    break;
1526  }
1527
1528#ifdef USE_HTTP2
1529  case CURLOPT_STREAM_DEPENDS:
1530  case CURLOPT_STREAM_DEPENDS_E: {
1531    struct Curl_easy *dep = va_arg(param, struct Curl_easy *);
1532    if(!dep || GOOD_EASY_HANDLE(dep))
1533      return Curl_data_priority_add_child(dep, data,
1534                                          option == CURLOPT_STREAM_DEPENDS_E);
1535    break;
1536  }
1537#endif
1538
1539  default:
1540    return CURLE_UNKNOWN_OPTION;
1541  }
1542  return result;
1543}
1544
1545#ifndef CURL_DISABLE_COOKIES
1546static CURLcode cookielist(struct Curl_easy *data, const char *ptr)
1547{
1548  CURLcode result = CURLE_OK;
1549  if(!ptr)
1550    return CURLE_OK;
1551
1552  if(curl_strequal(ptr, "ALL")) {
1553    /* clear all cookies */
1554    Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
1555    Curl_cookie_clearall(data->cookies);
1556    Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
1557  }
1558  else if(curl_strequal(ptr, "SESS")) {
1559    /* clear session cookies */
1560    Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
1561    Curl_cookie_clearsess(data->cookies);
1562    Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
1563  }
1564  else if(curl_strequal(ptr, "FLUSH")) {
1565    /* flush cookies to file, takes care of the locking */
1566    Curl_flush_cookies(data, FALSE);
1567  }
1568  else if(curl_strequal(ptr, "RELOAD")) {
1569    /* reload cookies from file */
1570    return Curl_cookie_loadfiles(data);
1571  }
1572  else {
1573    if(!data->cookies) {
1574      /* if cookie engine was not running, activate it */
1575      data->cookies = Curl_cookie_init();
1576      if(!data->cookies)
1577        return CURLE_OUT_OF_MEMORY;
1578      data->state.cookie_engine = TRUE;
1579    }
1580
1581    /* general protection against mistakes and abuse */
1582    if(strlen(ptr) > CURL_MAX_INPUT_LENGTH)
1583      return CURLE_BAD_FUNCTION_ARGUMENT;
1584
1585    Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
1586    if(checkprefix("Set-Cookie:", ptr))
1587      /* HTTP Header format line */
1588      result = Curl_cookie_add(data, data->cookies, TRUE, FALSE, ptr + 11,
1589                               NULL, NULL, TRUE);
1590    else
1591      /* Netscape format line */
1592      result = Curl_cookie_add(data, data->cookies, FALSE, FALSE, ptr, NULL,
1593                               NULL, TRUE);
1594    Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
1595  }
1596  return result;
1597}
1598
1599static CURLcode cookiefile(struct Curl_easy *data, const char *ptr)
1600{
1601  /*
1602   * Set cookie file to read and parse. Can be used multiple times.
1603   */
1604  if(ptr) {
1605    struct curl_slist *cl;
1606    /* general protection against mistakes and abuse */
1607    if(strlen(ptr) > CURL_MAX_INPUT_LENGTH)
1608      return CURLE_BAD_FUNCTION_ARGUMENT;
1609    /* append the cookie filename to the list of filenames, and deal with
1610       them later */
1611    cl = curl_slist_append(data->state.cookielist, ptr);
1612    if(!cl) {
1613      curl_slist_free_all(data->state.cookielist);
1614      data->state.cookielist = NULL;
1615      return CURLE_OUT_OF_MEMORY;
1616    }
1617    data->state.cookielist = cl; /* store the list for later use */
1618  }
1619  else {
1620    /* clear the list of cookie files */
1621    curl_slist_free_all(data->state.cookielist);
1622    data->state.cookielist = NULL;
1623
1624    if(!data->share || !data->share->cookies) {
1625      /* throw away all existing cookies if this is not a shared cookie
1626         container */
1627      Curl_cookie_clearall(data->cookies);
1628      Curl_cookie_cleanup(data->cookies);
1629    }
1630    /* disable the cookie engine */
1631    data->cookies = NULL;
1632  }
1633  return CURLE_OK;
1634}
1635#endif
1636
1637#ifndef CURL_DISABLE_PROXY
1638static CURLcode setproxy(struct Curl_easy *data, const char *proxy)
1639{
1640  if((data->set.str[STRING_PROXY] && proxy) &&
1641     /* there was one set, is this a new one? */
1642     !strcmp(data->set.str[STRING_PROXY], proxy))
1643    return CURLE_OK; /* same one as before */
1644
1645  changeproxy(data);
1646  return Curl_setstropt(&data->set.str[STRING_PROXY], proxy);
1647}
1648
1649static CURLcode setopt_cptr_proxy(struct Curl_easy *data, CURLoption option,
1650                                  const char *ptr)
1651{
1652  CURLcode result = CURLE_OK;
1653  struct UserDefined *s = &data->set;
1654  switch(option) {
1655  case CURLOPT_PROXYUSERPWD: {
1656    /*
1657     * user:password needed to use the proxy
1658     */
1659    char *u = NULL;
1660    char *p = NULL;
1661    result = setstropt_userpwd(ptr, &u, &p);
1662
1663    /* URL decode the components */
1664    if(!result && u) {
1665      curlx_safefree(s->str[STRING_PROXYUSERNAME]);
1666      result = Curl_urldecode(u, 0, &s->str[STRING_PROXYUSERNAME], NULL,
1667                              REJECT_ZERO);
1668    }
1669    if(!result && p) {
1670      curlx_safefree(s->str[STRING_PROXYPASSWORD]);
1671      result = Curl_urldecode(p, 0, &s->str[STRING_PROXYPASSWORD], NULL,
1672                              REJECT_ZERO);
1673    }
1674    curlx_free(u);
1675    curlx_free(p);
1676    break;
1677  }
1678  case CURLOPT_PROXYUSERNAME:
1679    /*
1680     * authentication username to use in the operation
1681     */
1682    return Curl_setstropt(&s->str[STRING_PROXYUSERNAME], ptr);
1683
1684  case CURLOPT_PROXYPASSWORD:
1685    /*
1686     * authentication password to use in the operation
1687     */
1688    return Curl_setstropt(&s->str[STRING_PROXYPASSWORD], ptr);
1689
1690  case CURLOPT_NOPROXY:
1691    /*
1692     * proxy exception list
1693     */
1694    return Curl_setstropt(&s->str[STRING_NOPROXY], ptr);
1695  case CURLOPT_PROXY_SSLCERT:
1696    /*
1697     * String that holds filename of the SSL certificate to use for proxy
1698     */
1699    return Curl_setstropt(&s->str[STRING_CERT_PROXY], ptr);
1700  case CURLOPT_PROXY_SSLCERTTYPE:
1701    /*
1702     * String that holds file type of the SSL certificate to use for proxy
1703     */
1704    return Curl_setstropt(&s->str[STRING_CERT_TYPE_PROXY], ptr);
1705  case CURLOPT_PROXY_SSLKEY:
1706    /*
1707     * String that holds filename of the SSL key to use for proxy
1708     */
1709    return Curl_setstropt(&s->str[STRING_KEY_PROXY], ptr);
1710  case CURLOPT_PROXY_KEYPASSWD:
1711    /*
1712     * String that holds the SSL private key password for proxy.
1713     */
1714    return Curl_setstropt(&s->str[STRING_KEY_PASSWD_PROXY], ptr);
1715  case CURLOPT_PROXY_SSLKEYTYPE:
1716    /*
1717     * String that holds file type of the SSL key to use for proxy
1718     */
1719    return Curl_setstropt(&s->str[STRING_KEY_TYPE_PROXY], ptr);
1720  case CURLOPT_PROXY_SSL_CIPHER_LIST:
1721    if(Curl_ssl_supports(data, SSLSUPP_CIPHER_LIST)) {
1722      /* set a list of cipher we want to use in the SSL connection for proxy */
1723      return Curl_setstropt(&s->str[STRING_SSL_CIPHER_LIST_PROXY], ptr);
1724    }
1725    else
1726      return CURLE_NOT_BUILT_IN;
1727  case CURLOPT_PROXY_TLS13_CIPHERS:
1728    if(Curl_ssl_supports(data, SSLSUPP_TLS13_CIPHERSUITES))
1729      /* set preferred list of TLS 1.3 cipher suites for proxy */
1730      return Curl_setstropt(&s->str[STRING_SSL_CIPHER13_LIST_PROXY], ptr);
1731    else
1732      return CURLE_NOT_BUILT_IN;
1733  case CURLOPT_PROXY:
1734    /*
1735     * Set proxy server:port to use as proxy.
1736     *
1737     * If the proxy is set to "" (and CURLOPT_PRE_PROXY is set to "" or NULL)
1738     * we explicitly say that we do not want to use a proxy (even though there
1739     * might be environment variables saying so).
1740     *
1741     * Setting it to NULL, means no proxy but allows the environment variables
1742     * to decide for us (if CURLOPT_PRE_PROXY setting it to NULL).
1743     */
1744    return setproxy(data, ptr);
1745  case CURLOPT_PRE_PROXY:
1746    /*
1747     * Set proxy server:port to use as SOCKS proxy.
1748     *
1749     * If the proxy is set to "" or NULL we explicitly say that we do not want
1750     * to use the socks proxy.
1751     */
1752    return Curl_setstropt(&s->str[STRING_PRE_PROXY], ptr);
1753  case CURLOPT_SOCKS5_GSSAPI_SERVICE:
1754  case CURLOPT_PROXY_SERVICE_NAME:
1755    /*
1756     * Set proxy authentication service name for Kerberos 5 and SPNEGO
1757     */
1758    return Curl_setstropt(&s->str[STRING_PROXY_SERVICE_NAME], ptr);
1759  case CURLOPT_PROXY_PINNEDPUBLICKEY:
1760    /*
1761     * Set pinned public key for SSL connection.
1762     * Specify filename of the public key in DER format.
1763     */
1764#ifdef USE_SSL
1765    if(Curl_ssl_supports(data, SSLSUPP_PINNEDPUBKEY))
1766      return Curl_setstropt(&s->str[STRING_SSL_PINNEDPUBLICKEY_PROXY], ptr);
1767#endif
1768    return CURLE_NOT_BUILT_IN;
1769
1770  case CURLOPT_HAPROXY_CLIENT_IP:
1771    /*
1772     * Set the client IP to send through HAProxy PROXY protocol
1773     */
1774    result = Curl_setstropt(&s->str[STRING_HAPROXY_CLIENT_IP], ptr);
1775
1776    /* enable the HAProxy protocol if an IP is provided */
1777    s->haproxyprotocol = !!s->str[STRING_HAPROXY_CLIENT_IP];
1778    break;
1779  case CURLOPT_PROXY_CAINFO:
1780    /*
1781     * Set CA info SSL connection for proxy. Specify filename of the
1782     * CA certificate
1783     */
1784    s->proxy_ssl.custom_cafile = TRUE;
1785    return Curl_setstropt(&s->str[STRING_SSL_CAFILE_PROXY], ptr);
1786  case CURLOPT_PROXY_CRLFILE:
1787    /*
1788     * Set CRL file info for SSL connection for proxy. Specify filename of the
1789     * CRL to check certificates revocation
1790     */
1791    if(Curl_ssl_supports(data, SSLSUPP_CRLFILE))
1792      return Curl_setstropt(&s->str[STRING_SSL_CRLFILE_PROXY], ptr);
1793    return CURLE_NOT_BUILT_IN;
1794  case CURLOPT_PROXY_ISSUERCERT:
1795    /*
1796     * Set Issuer certificate file to check certificates issuer
1797     */
1798    if(Curl_ssl_supports(data, SSLSUPP_ISSUERCERT))
1799      return Curl_setstropt(&s->str[STRING_SSL_ISSUERCERT_PROXY], ptr);
1800    return CURLE_NOT_BUILT_IN;
1801  case CURLOPT_PROXY_CAPATH:
1802    /*
1803     * Set CA path info for SSL connection proxy. Specify directory name of the
1804     * CA certificates which have been prepared using openssl c_rehash utility.
1805     */
1806#ifdef USE_SSL
1807    if(Curl_ssl_supports(data, SSLSUPP_CA_PATH)) {
1808      /* This does not work on Windows. */
1809      s->proxy_ssl.custom_capath = TRUE;
1810      return Curl_setstropt(&s->str[STRING_SSL_CAPATH_PROXY], ptr);
1811    }
1812#endif
1813    return CURLE_NOT_BUILT_IN;
1814  default:
1815    return CURLE_UNKNOWN_OPTION;
1816  }
1817  return result;
1818}
1819#endif
1820
1821#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_MQTT)
1822/*
1823 * A string with POST data. Makes curl HTTP POST. Even if it is NULL. If
1824 * needed, CURLOPT_POSTFIELDSIZE must have been set prior to
1825 * CURLOPT_COPYPOSTFIELDS and not altered later.
1826 */
1827static CURLcode setopt_copypostfields(const char *ptr, struct UserDefined *s)
1828{
1829  CURLcode result = CURLE_OK;
1830  if(!ptr || s->postfieldsize == -1)
1831    result = Curl_setstropt(&s->str[STRING_COPYPOSTFIELDS], ptr);
1832  else {
1833    size_t pflen;
1834
1835    if(s->postfieldsize < 0)
1836      return CURLE_BAD_FUNCTION_ARGUMENT;
1837    pflen = curlx_sotouz_range(s->postfieldsize, 0, SIZE_MAX);
1838    if(pflen == SIZE_MAX)
1839      return CURLE_OUT_OF_MEMORY;
1840    else {
1841      /* Allocate even when size == 0. This satisfies the need of possible
1842         later address compare to detect the COPYPOSTFIELDS mode, and to mark
1843         that postfields is used rather than read function or form data.
1844      */
1845      char *p = curlx_memdup0(ptr, pflen);
1846      if(!p)
1847        return CURLE_OUT_OF_MEMORY;
1848      else {
1849        curlx_free(s->str[STRING_COPYPOSTFIELDS]);
1850        s->str[STRING_COPYPOSTFIELDS] = p;
1851      }
1852    }
1853  }
1854
1855  s->postfields = s->str[STRING_COPYPOSTFIELDS];
1856  s->method = HTTPREQ_POST;
1857  return result;
1858}
1859#endif
1860
1861#ifdef USE_ECH
1862static CURLcode setopt_ech(struct Curl_easy *data, const char *ptr)
1863{
1864  struct UserDefined *s = &data->set;
1865  CURLcode result = CURLE_OK;
1866
1867  if(!ptr || !strcmp(ptr, "false"))
1868    s->tls_ech = CURLECH_DISABLE;
1869  else {
1870    size_t plen = strlen(ptr);
1871    if(plen > CURL_MAX_INPUT_LENGTH)
1872      result = CURLE_BAD_FUNCTION_ARGUMENT;
1873    else {
1874      if(!strcmp(ptr, "grease"))
1875        s->tls_ech = CURLECH_GREASE;
1876      else if(!strcmp(ptr, "true"))
1877        s->tls_ech = CURLECH_ENABLE;
1878      else if(!strcmp(ptr, "hard"))
1879        s->tls_ech = CURLECH_HARD;
1880      else if(plen > 4 && !strncmp(ptr, "ecl:", 4)) {
1881        if(!s->tls_ech)
1882          s->tls_ech = CURLECH_HARD;
1883        result = Curl_setstropt(&s->str[STRING_ECH_CONFIG], ptr + 4);
1884      }
1885      else if(plen > 3 && !strncmp(ptr, "pn:", 3)) {
1886        if(!s->tls_ech)
1887          s->tls_ech = CURLECH_HARD;
1888        result = Curl_setstropt(&s->str[STRING_ECH_PUBLIC], ptr + 3);
1889      }
1890      else
1891        result = CURLE_BAD_FUNCTION_ARGUMENT;
1892    }
1893  }
1894  return result;
1895}
1896#else
1897#define setopt_ech(x,y) CURLE_NOT_BUILT_IN
1898#endif
1899
1900static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
1901                            char *ptr)
1902{
1903  CURLcode result;
1904  struct UserDefined *s = &data->set;
1905#ifndef CURL_DISABLE_PROXY
1906  result = setopt_cptr_proxy(data, option, ptr);
1907  if(result != CURLE_UNKNOWN_OPTION)
1908    return result;
1909#endif
1910  result = CURLE_OK;
1911
1912  switch(option) {
1913  case CURLOPT_CAINFO:
1914    /*
1915     * Set CA info for SSL connection. Specify filename of the CA certificate
1916     */
1917    s->ssl.custom_cafile = TRUE;
1918    return Curl_setstropt(&s->str[STRING_SSL_CAFILE], ptr);
1919  case CURLOPT_CAPATH:
1920    /*
1921     * Set CA path info for SSL connection. Specify directory name of the CA
1922     * certificates which have been prepared using openssl c_rehash utility.
1923     */
1924#ifdef USE_SSL
1925    if(Curl_ssl_supports(data, SSLSUPP_CA_PATH)) {
1926      /* This does not work on Windows. */
1927      s->ssl.custom_capath = TRUE;
1928      return Curl_setstropt(&s->str[STRING_SSL_CAPATH], ptr);
1929    }
1930#endif
1931    return CURLE_NOT_BUILT_IN;
1932  case CURLOPT_CRLFILE:
1933    /*
1934     * Set CRL file info for SSL connection. Specify filename of the CRL
1935     * to check certificates revocation
1936     */
1937    if(Curl_ssl_supports(data, SSLSUPP_CRLFILE))
1938      return Curl_setstropt(&s->str[STRING_SSL_CRLFILE], ptr);
1939    return CURLE_NOT_BUILT_IN;
1940  case CURLOPT_SSL_CIPHER_LIST:
1941    if(Curl_ssl_supports(data, SSLSUPP_CIPHER_LIST))
1942      /* set a list of cipher we want to use in the SSL connection */
1943      return Curl_setstropt(&s->str[STRING_SSL_CIPHER_LIST], ptr);
1944    else
1945      return CURLE_NOT_BUILT_IN;
1946  case CURLOPT_TLS13_CIPHERS:
1947    if(Curl_ssl_supports(data, SSLSUPP_TLS13_CIPHERSUITES)) {
1948      /* set preferred list of TLS 1.3 cipher suites */
1949      return Curl_setstropt(&s->str[STRING_SSL_CIPHER13_LIST], ptr);
1950    }
1951    else
1952      return CURLE_NOT_BUILT_IN;
1953  case CURLOPT_RANDOM_FILE:
1954    break;
1955  case CURLOPT_EGDSOCKET:
1956    break;
1957  case CURLOPT_REQUEST_TARGET:
1958    return Curl_setstropt(&s->str[STRING_TARGET], ptr);
1959#ifndef CURL_DISABLE_NETRC
1960  case CURLOPT_NETRC_FILE:
1961    /*
1962     * Use this file instead of the $HOME/.netrc file
1963     */
1964    return Curl_setstropt(&s->str[STRING_NETRC_FILE], ptr);
1965#endif
1966
1967#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_MQTT)
1968  case CURLOPT_COPYPOSTFIELDS:
1969    return setopt_copypostfields(ptr, s);
1970
1971  case CURLOPT_POSTFIELDS:
1972    /*
1973     * Like above, but use static data instead of copying it.
1974     */
1975    s->postfields = ptr;
1976    /* Release old copied data. */
1977    curlx_safefree(s->str[STRING_COPYPOSTFIELDS]);
1978    s->method = HTTPREQ_POST;
1979    break;
1980#endif /* !CURL_DISABLE_HTTP || !CURL_DISABLE_MQTT */
1981
1982#ifndef CURL_DISABLE_HTTP
1983  case CURLOPT_TRAILERDATA:
1984    s->trailer_data = ptr;
1985    break;
1986  case CURLOPT_ACCEPT_ENCODING:
1987    /*
1988     * String to use at the value of Accept-Encoding header.
1989     *
1990     * If the encoding is set to "" we use an Accept-Encoding header that
1991     * encompasses all the encodings we support.
1992     * If the encoding is set to NULL we do not send an Accept-Encoding header
1993     * and ignore an received Content-Encoding header.
1994     *
1995     */
1996    if(ptr && !*ptr) {
1997      ptr = Curl_get_content_encodings();
1998      if(ptr) {
1999        curlx_free(s->str[STRING_ENCODING]);
2000        s->str[STRING_ENCODING] = ptr;
2001      }
2002      else
2003        result = CURLE_OUT_OF_MEMORY;
2004      return result;
2005    }
2006    return Curl_setstropt(&s->str[STRING_ENCODING], ptr);
2007
2008#ifndef CURL_DISABLE_AWS
2009  case CURLOPT_AWS_SIGV4:
2010    /*
2011     * String that is merged to some authentication
2012     * parameters are used by the algorithm.
2013     */
2014    result = Curl_setstropt(&s->str[STRING_AWS_SIGV4], ptr);
2015    /*
2016     * Basic been set by default it need to be unset here
2017     */
2018    if(s->str[STRING_AWS_SIGV4])
2019      s->httpauth = CURLAUTH_AWS_SIGV4;
2020    break;
2021#endif
2022  case CURLOPT_REFERER:
2023    /*
2024     * String to set in the HTTP Referer: field.
2025     */
2026    result = Curl_setstropt(&s->str[STRING_SET_REFERER], ptr);
2027    break;
2028
2029  case CURLOPT_USERAGENT:
2030    /*
2031     * String to use in the HTTP User-Agent field
2032     */
2033    return Curl_setstropt(&s->str[STRING_USERAGENT], ptr);
2034
2035#ifndef CURL_DISABLE_COOKIES
2036  case CURLOPT_COOKIE:
2037    /*
2038     * Cookie string to send to the remote server in the request.
2039     */
2040    return Curl_setstropt(&s->str[STRING_COOKIE], ptr);
2041
2042  case CURLOPT_COOKIEFILE:
2043    return cookiefile(data, ptr);
2044
2045  case CURLOPT_COOKIEJAR:
2046    /*
2047     * Set cookie filename to dump all cookies to when we are done.
2048     */
2049    result = Curl_setstropt(&s->str[STRING_COOKIEJAR], ptr);
2050    if(!result) {
2051      /*
2052       * Activate the cookie parser. This may or may not already
2053       * have been made.
2054       */
2055      if(!data->cookies)
2056        data->cookies = Curl_cookie_init();
2057      if(!data->cookies)
2058        result = CURLE_OUT_OF_MEMORY;
2059      else
2060        data->state.cookie_engine = TRUE;
2061    }
2062    break;
2063
2064  case CURLOPT_COOKIELIST:
2065    return cookielist(data, ptr);
2066#endif /* !CURL_DISABLE_COOKIES */
2067
2068#endif /* !CURL_DISABLE_HTTP */
2069
2070  case CURLOPT_CUSTOMREQUEST:
2071    /*
2072     * Set a custom string to use as request
2073     */
2074    return Curl_setstropt(&s->str[STRING_CUSTOMREQUEST], ptr);
2075
2076    /* we do not set s->method = HTTPREQ_CUSTOM; here, we continue as if we
2077       were using the already set type and this changes the actual request
2078       keyword */
2079  case CURLOPT_SERVICE_NAME:
2080    /*
2081     * Set authentication service name for DIGEST-MD5, Kerberos 5 and SPNEGO
2082     */
2083    return Curl_setstropt(&s->str[STRING_SERVICE_NAME], ptr);
2084
2085  case CURLOPT_HEADERDATA:
2086    /*
2087     * Custom pointer to pass the header write callback function
2088     */
2089    s->writeheader = ptr;
2090    break;
2091  case CURLOPT_READDATA:
2092    /*
2093     * FILE pointer to read the file to be uploaded from. Or possibly used as
2094     * argument to the read callback.
2095     */
2096    s->in_set = ptr;
2097    break;
2098  case CURLOPT_WRITEDATA:
2099    /*
2100     * FILE pointer to write to. Or possibly used as argument to the write
2101     * callback.
2102     */
2103    s->out = ptr;
2104    break;
2105  case CURLOPT_DEBUGDATA:
2106    /*
2107     * Set to a void * that should receive all error writes. This
2108     * defaults to CURLOPT_STDERR for normal operations.
2109     */
2110    s->debugdata = ptr;
2111    break;
2112  case CURLOPT_PROGRESSDATA:
2113    /*
2114     * Custom client data to pass to the progress callback
2115     */
2116    s->progress_client = ptr;
2117    break;
2118  case CURLOPT_SEEKDATA:
2119    /*
2120     * Seek control callback. Might be NULL.
2121     */
2122    s->seek_client = ptr;
2123    break;
2124  case CURLOPT_IOCTLDATA:
2125    /*
2126     * I/O control data pointer. Might be NULL.
2127     */
2128    s->ioctl_client = ptr;
2129    break;
2130  case CURLOPT_SSL_CTX_DATA:
2131    /*
2132     * Set an SSL_CTX callback parameter pointer
2133     */
2134#ifdef USE_SSL
2135    if(Curl_ssl_supports(data, SSLSUPP_SSL_CTX)) {
2136      s->ssl.fsslctxp = ptr;
2137      break;
2138    }
2139    else
2140#endif
2141      return CURLE_NOT_BUILT_IN;
2142  case CURLOPT_SOCKOPTDATA:
2143    /*
2144     * socket callback data pointer. Might be NULL.
2145     */
2146    s->sockopt_client = ptr;
2147    break;
2148  case CURLOPT_OPENSOCKETDATA:
2149    /*
2150     * socket callback data pointer. Might be NULL.
2151     */
2152    s->opensocket_client = ptr;
2153    break;
2154  case CURLOPT_RESOLVER_START_DATA:
2155    /*
2156     * resolver start callback data pointer. Might be NULL.
2157     */
2158    s->resolver_start_client = ptr;
2159    break;
2160  case CURLOPT_CLOSESOCKETDATA:
2161    /*
2162     * socket callback data pointer. Might be NULL.
2163     */
2164    s->closesocket_client = ptr;
2165    break;
2166  case CURLOPT_PREREQDATA:
2167    s->prereq_userp = ptr;
2168    break;
2169  case CURLOPT_ERRORBUFFER:
2170    /*
2171     * Error buffer provided by the caller to get the human readable error
2172     * string in.
2173     */
2174    s->errorbuffer = ptr;
2175    break;
2176
2177#ifndef CURL_DISABLE_FTP
2178  case CURLOPT_FTPPORT:
2179    /*
2180     * Use FTP PORT, this also specifies which IP address to use
2181     */
2182    result = Curl_setstropt(&s->str[STRING_FTPPORT], ptr);
2183    s->ftp_use_port = !!(s->str[STRING_FTPPORT]);
2184    break;
2185
2186  case CURLOPT_FTP_ACCOUNT:
2187    return Curl_setstropt(&s->str[STRING_FTP_ACCOUNT], ptr);
2188
2189  case CURLOPT_FTP_ALTERNATIVE_TO_USER:
2190    return Curl_setstropt(&s->str[STRING_FTP_ALTERNATIVE_TO_USER], ptr);
2191
2192  case CURLOPT_KRBLEVEL:
2193    return CURLE_NOT_BUILT_IN; /* removed in 8.17.0 */
2194  case CURLOPT_CHUNK_DATA:
2195    s->wildcardptr = ptr;
2196    break;
2197  case CURLOPT_FNMATCH_DATA:
2198    s->fnmatch_data = ptr;
2199    break;
2200#endif
2201  case CURLOPT_URL:
2202    /*
2203     * The URL to fetch.
2204     */
2205    result = Curl_setstropt(&s->str[STRING_SET_URL], ptr);
2206    Curl_bufref_set(&data->state.url, s->str[STRING_SET_URL], 0, NULL);
2207    break;
2208
2209  case CURLOPT_USERPWD:
2210    /*
2211     * user:password to use in the operation
2212     */
2213    return setstropt_userpwd(ptr, &s->str[STRING_USERNAME],
2214                             &s->str[STRING_PASSWORD]);
2215
2216  case CURLOPT_USERNAME:
2217    /*
2218     * authentication username to use in the operation
2219     */
2220    return Curl_setstropt(&s->str[STRING_USERNAME], ptr);
2221
2222  case CURLOPT_PASSWORD:
2223    /*
2224     * authentication password to use in the operation
2225     */
2226    return Curl_setstropt(&s->str[STRING_PASSWORD], ptr);
2227
2228  case CURLOPT_LOGIN_OPTIONS:
2229    /*
2230     * authentication options to use in the operation
2231     */
2232    return Curl_setstropt(&s->str[STRING_OPTIONS], ptr);
2233
2234  case CURLOPT_XOAUTH2_BEARER:
2235    /*
2236     * OAuth 2.0 bearer token to use in the operation
2237     */
2238    return Curl_setstropt(&s->str[STRING_BEARER], ptr);
2239  case CURLOPT_RANGE:
2240    /*
2241     * What range of the file you want to transfer
2242     */
2243    return Curl_setstropt(&s->str[STRING_SET_RANGE], ptr);
2244  case CURLOPT_SSLCERT:
2245    /*
2246     * String that holds filename of the SSL certificate to use
2247     */
2248    return Curl_setstropt(&s->str[STRING_CERT], ptr);
2249  case CURLOPT_SSLCERTTYPE:
2250    /*
2251     * String that holds file type of the SSL certificate to use
2252     */
2253    return Curl_setstropt(&s->str[STRING_CERT_TYPE], ptr);
2254  case CURLOPT_SSLKEY:
2255    /*
2256     * String that holds filename of the SSL key to use
2257     */
2258    return Curl_setstropt(&s->str[STRING_KEY], ptr);
2259  case CURLOPT_SSLKEYTYPE:
2260    /*
2261     * String that holds file type of the SSL key to use
2262     */
2263    return Curl_setstropt(&s->str[STRING_KEY_TYPE], ptr);
2264  case CURLOPT_KEYPASSWD:
2265    /*
2266     * String that holds the SSL or SSH private key password.
2267     */
2268    return Curl_setstropt(&s->str[STRING_KEY_PASSWD], ptr);
2269  case CURLOPT_SSLENGINE:
2270    /*
2271     * String that holds the SSL crypto engine.
2272     */
2273    if(ptr && ptr[0]) {
2274      result = Curl_setstropt(&s->str[STRING_SSL_ENGINE], ptr);
2275      if(!result) {
2276        result = Curl_ssl_set_engine(data, ptr);
2277      }
2278    }
2279    break;
2280  case CURLOPT_INTERFACE:
2281    /*
2282     * Set what interface or address/hostname to bind the socket to when
2283     * performing an operation and thus what from-IP your connection will use.
2284     */
2285    return setstropt_interface(ptr,
2286                               &s->str[STRING_DEVICE],
2287                               &s->str[STRING_INTERFACE],
2288                               &s->str[STRING_BINDHOST]);
2289  case CURLOPT_ISSUERCERT:
2290    /*
2291     * Set Issuer certificate file
2292     * to check certificates issuer
2293     */
2294    if(Curl_ssl_supports(data, SSLSUPP_ISSUERCERT))
2295      return Curl_setstropt(&s->str[STRING_SSL_ISSUERCERT], ptr);
2296    return CURLE_NOT_BUILT_IN;
2297  case CURLOPT_PRIVATE:
2298    /*
2299     * Set private data pointer.
2300     */
2301    s->private_data = ptr;
2302    break;
2303#ifdef USE_SSL
2304  case CURLOPT_SSL_EC_CURVES:
2305    /*
2306     * Set accepted curves in SSL connection setup.
2307     * Specify colon-delimited list of curve algorithm names.
2308     */
2309    if(Curl_ssl_supports(data, SSLSUPP_SSL_EC_CURVES))
2310      return Curl_setstropt(&s->str[STRING_SSL_EC_CURVES], ptr);
2311    return CURLE_NOT_BUILT_IN;
2312  case CURLOPT_SSL_SIGNATURE_ALGORITHMS:
2313    /*
2314     * Set accepted signature algorithms.
2315     * Specify colon-delimited list of signature scheme names.
2316     */
2317    if(Curl_ssl_supports(data, SSLSUPP_SIGNATURE_ALGORITHMS))
2318      return Curl_setstropt(&s->str[STRING_SSL_SIGNATURE_ALGORITHMS], ptr);
2319    return CURLE_NOT_BUILT_IN;
2320  case CURLOPT_PINNEDPUBLICKEY:
2321    /*
2322     * Set pinned public key for SSL connection.
2323     * Specify filename of the public key in DER format.
2324     */
2325    if(Curl_ssl_supports(data, SSLSUPP_PINNEDPUBKEY))
2326      return Curl_setstropt(&s->str[STRING_SSL_PINNEDPUBLICKEY], ptr);
2327    return CURLE_NOT_BUILT_IN;
2328#endif
2329#ifdef USE_SSH
2330  case CURLOPT_SSH_PUBLIC_KEYFILE:
2331    /*
2332     * Use this file instead of the $HOME/.ssh/id_dsa.pub file
2333     */
2334    return Curl_setstropt(&s->str[STRING_SSH_PUBLIC_KEY], ptr);
2335  case CURLOPT_SSH_PRIVATE_KEYFILE:
2336    /*
2337     * Use this file instead of the $HOME/.ssh/id_dsa file
2338     */
2339    return Curl_setstropt(&s->str[STRING_SSH_PRIVATE_KEY], ptr);
2340  case CURLOPT_SSH_KEYDATA:
2341    /*
2342     * Custom client data to pass to the SSH keyfunc callback
2343     */
2344    s->ssh_keyfunc_userp = ptr;
2345    break;
2346#if defined(USE_LIBSSH2) || defined(USE_LIBSSH)
2347  case CURLOPT_SSH_HOST_PUBLIC_KEY_MD5:
2348    /*
2349     * Option to allow for the MD5 of the host public key to be checked
2350     * for validation purposes.
2351     */
2352    return Curl_setstropt(&s->str[STRING_SSH_HOST_PUBLIC_KEY_MD5], ptr);
2353  case CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256:
2354    /*
2355     * Option to allow for the SHA256 of the host public key to be checked
2356     * for validation purposes.
2357     */
2358    return Curl_setstropt(&s->str[STRING_SSH_HOST_PUBLIC_KEY_SHA256], ptr);
2359  case CURLOPT_SSH_KNOWNHOSTS:
2360    /*
2361     * Store the filename to read known hosts from.
2362     */
2363    return Curl_setstropt(&s->str[STRING_SSH_KNOWNHOSTS], ptr);
2364#endif
2365#ifdef USE_LIBSSH2
2366  case CURLOPT_SSH_HOSTKEYDATA:
2367    /*
2368     * Custom client data to pass to the SSH keyfunc callback
2369     */
2370    s->ssh_hostkeyfunc_userp = ptr;
2371    break;
2372#endif /* USE_LIBSSH2 */
2373#endif /* USE_SSH */
2374  case CURLOPT_PROTOCOLS_STR:
2375    if(ptr) {
2376      curl_prot_t protos;
2377      result = protocol2num(ptr, &protos);
2378      if(!result)
2379        s->allowed_protocols = protos;
2380    }
2381    else
2382      /* make a NULL argument reset to default */
2383      s->allowed_protocols = (curl_prot_t)CURLPROTO_64ALL;
2384    break;
2385  case CURLOPT_REDIR_PROTOCOLS_STR:
2386    if(ptr) {
2387      curl_prot_t protos;
2388      result = protocol2num(ptr, &protos);
2389      if(!result)
2390        s->redir_protocols = protos;
2391    }
2392    else
2393      /* make a NULL argument reset to default */
2394      s->redir_protocols = (curl_prot_t)CURLPROTO_REDIR;
2395    break;
2396  case CURLOPT_DEFAULT_PROTOCOL:
2397    /* Set the protocol to use when the URL does not include any protocol */
2398    return Curl_setstropt(&s->str[STRING_DEFAULT_PROTOCOL], ptr);
2399#ifndef CURL_DISABLE_SMTP
2400  case CURLOPT_MAIL_FROM:
2401    /* Set the SMTP mail originator */
2402    return Curl_setstropt(&s->str[STRING_MAIL_FROM], ptr);
2403  case CURLOPT_MAIL_AUTH:
2404    /* Set the SMTP auth originator */
2405    return Curl_setstropt(&s->str[STRING_MAIL_AUTH], ptr);
2406#endif
2407  case CURLOPT_SASL_AUTHZID:
2408    /* Authorization identity (identity to act as) */
2409    return Curl_setstropt(&s->str[STRING_SASL_AUTHZID], ptr);
2410#ifndef CURL_DISABLE_RTSP
2411  case CURLOPT_RTSP_SESSION_ID:
2412    /*
2413     * Set the RTSP Session ID manually. Useful if the application is
2414     * resuming a previously established RTSP session
2415     */
2416    return Curl_setstropt(&s->str[STRING_RTSP_SESSION_ID], ptr);
2417  case CURLOPT_RTSP_STREAM_URI:
2418    /*
2419     * Set the Stream URI for the RTSP request. Unless the request is
2420     * for generic server options, the application will need to set this.
2421     */
2422    return Curl_setstropt(&s->str[STRING_RTSP_STREAM_URI], ptr);
2423  case CURLOPT_RTSP_TRANSPORT:
2424    /*
2425     * The content of the Transport: header for the RTSP request
2426     */
2427    return Curl_setstropt(&s->str[STRING_RTSP_TRANSPORT], ptr);
2428  case CURLOPT_INTERLEAVEDATA:
2429    s->rtp_out = ptr;
2430    break;
2431#endif /* !CURL_DISABLE_RTSP */
2432#ifdef USE_TLS_SRP
2433  case CURLOPT_TLSAUTH_USERNAME:
2434    return Curl_setstropt(&s->str[STRING_TLSAUTH_USERNAME], ptr);
2435  case CURLOPT_TLSAUTH_PASSWORD:
2436    return Curl_setstropt(&s->str[STRING_TLSAUTH_PASSWORD], ptr);
2437  case CURLOPT_TLSAUTH_TYPE:
2438    if(ptr && !curl_strequal(ptr, "SRP"))
2439      result = CURLE_BAD_FUNCTION_ARGUMENT;
2440    break;
2441#ifndef CURL_DISABLE_PROXY
2442  case CURLOPT_PROXY_TLSAUTH_USERNAME:
2443    return Curl_setstropt(&s->str[STRING_TLSAUTH_USERNAME_PROXY], ptr);
2444  case CURLOPT_PROXY_TLSAUTH_PASSWORD:
2445    return Curl_setstropt(&s->str[STRING_TLSAUTH_PASSWORD_PROXY], ptr);
2446  case CURLOPT_PROXY_TLSAUTH_TYPE:
2447    if(ptr && !curl_strequal(ptr, "SRP"))
2448      result = CURLE_BAD_FUNCTION_ARGUMENT;
2449    break;
2450#endif
2451#endif
2452#ifdef USE_RESOLV_ARES
2453  case CURLOPT_DNS_SERVERS:
2454    return Curl_setstropt(&s->str[STRING_DNS_SERVERS], ptr);
2455
2456  case CURLOPT_DNS_INTERFACE:
2457    return Curl_setstropt(&s->str[STRING_DNS_INTERFACE], ptr);
2458
2459  case CURLOPT_DNS_LOCAL_IP4:
2460    return Curl_setstropt(&s->str[STRING_DNS_LOCAL_IP4], ptr);
2461
2462  case CURLOPT_DNS_LOCAL_IP6:
2463    return Curl_setstropt(&s->str[STRING_DNS_LOCAL_IP6], ptr);
2464
2465#endif
2466#ifdef USE_UNIX_SOCKETS
2467  case CURLOPT_UNIX_SOCKET_PATH:
2468    s->abstract_unix_socket = FALSE;
2469    return Curl_setstropt(&s->str[STRING_UNIX_SOCKET_PATH], ptr);
2470
2471  case CURLOPT_ABSTRACT_UNIX_SOCKET:
2472    s->abstract_unix_socket = TRUE;
2473    return Curl_setstropt(&s->str[STRING_UNIX_SOCKET_PATH], ptr);
2474
2475#endif
2476
2477#ifndef CURL_DISABLE_DOH
2478  case CURLOPT_DOH_URL:
2479    result = Curl_setstropt(&s->str[STRING_DOH], ptr);
2480    s->doh = !!(s->str[STRING_DOH]);
2481    break;
2482#endif
2483#ifndef CURL_DISABLE_HSTS
2484  case CURLOPT_HSTSREADDATA:
2485    s->hsts_read_userp = ptr;
2486    break;
2487  case CURLOPT_HSTSWRITEDATA:
2488    s->hsts_write_userp = ptr;
2489    break;
2490  case CURLOPT_HSTS: {
2491    struct curl_slist *h;
2492    if(!data->hsts) {
2493      data->hsts = Curl_hsts_init();
2494      if(!data->hsts)
2495        return CURLE_OUT_OF_MEMORY;
2496    }
2497    if(ptr) {
2498      result = Curl_setstropt(&s->str[STRING_HSTS], ptr);
2499      if(result)
2500        return result;
2501      /* this needs to build a list of filenames to read from, so that it can
2502         read them later, as we might get a shared HSTS handle to load them
2503         into */
2504      h = curl_slist_append(data->state.hstslist, ptr);
2505      if(!h) {
2506        curl_slist_free_all(data->state.hstslist);
2507        data->state.hstslist = NULL;
2508        return CURLE_OUT_OF_MEMORY;
2509      }
2510      data->state.hstslist = h; /* store the list for later use */
2511    }
2512    else {
2513      /* clear the list of HSTS files */
2514      curl_slist_free_all(data->state.hstslist);
2515      data->state.hstslist = NULL;
2516      if(!data->share || !data->share->hsts)
2517        /* throw away the HSTS cache unless shared */
2518        Curl_hsts_cleanup(&data->hsts);
2519    }
2520    break;
2521  }
2522#endif /* !CURL_DISABLE_HSTS */
2523#ifndef CURL_DISABLE_ALTSVC
2524  case CURLOPT_ALTSVC:
2525    if(!data->asi) {
2526      data->asi = Curl_altsvc_init();
2527      if(!data->asi)
2528        return CURLE_OUT_OF_MEMORY;
2529    }
2530    result = Curl_setstropt(&s->str[STRING_ALTSVC], ptr);
2531    if(result)
2532      break;
2533    if(ptr)
2534      return Curl_altsvc_load(data->asi, ptr);
2535    break;
2536#endif /* !CURL_DISABLE_ALTSVC */
2537  case CURLOPT_ECH:
2538    return setopt_ech(data, ptr);
2539  default:
2540    return CURLE_UNKNOWN_OPTION;
2541  }
2542  return result;
2543}
2544
2545static CURLcode setopt_func(struct Curl_easy *data, CURLoption option,
2546                            va_list param)
2547{
2548  struct UserDefined *s = &data->set;
2549  switch(option) {
2550  case CURLOPT_PROGRESSFUNCTION:
2551    /*
2552     * Progress callback function
2553     */
2554    s->fprogress = va_arg(param, curl_progress_callback);
2555    if(s->fprogress)
2556      data->progress.callback = TRUE; /* no longer internal */
2557    else
2558      data->progress.callback = FALSE; /* NULL enforces internal */
2559    break;
2560
2561  case CURLOPT_XFERINFOFUNCTION:
2562    /*
2563     * Transfer info callback function
2564     */
2565    s->fxferinfo = va_arg(param, curl_xferinfo_callback);
2566    if(s->fxferinfo)
2567      data->progress.callback = TRUE; /* no longer internal */
2568    else
2569      data->progress.callback = FALSE; /* NULL enforces internal */
2570
2571    break;
2572  case CURLOPT_DEBUGFUNCTION:
2573    /*
2574     * stderr write callback.
2575     */
2576    s->fdebug = va_arg(param, curl_debug_callback);
2577    /*
2578     * if the callback provided is NULL, it will use the default callback
2579     */
2580    break;
2581  case CURLOPT_HEADERFUNCTION:
2582    /*
2583     * Set header write callback
2584     */
2585    s->fwrite_header = va_arg(param, curl_write_callback);
2586    break;
2587  case CURLOPT_WRITEFUNCTION:
2588    /*
2589     * Set data write callback
2590     */
2591    s->fwrite_func = va_arg(param, curl_write_callback);
2592    if(!s->fwrite_func)
2593#if defined(__clang__) && __clang_major__ >= 16
2594#pragma clang diagnostic push
2595#pragma clang diagnostic ignored "-Wcast-function-type-strict"
2596#endif
2597      /* When set to NULL, reset to our internal default function */
2598      s->fwrite_func = (curl_write_callback)fwrite;
2599#if defined(__clang__) && __clang_major__ >= 16
2600#pragma clang diagnostic pop
2601#endif
2602    break;
2603  case CURLOPT_READFUNCTION:
2604    /*
2605     * Read data callback
2606     */
2607    s->fread_func_set = va_arg(param, curl_read_callback);
2608    if(!s->fread_func_set) {
2609      s->is_fread_set = 0;
2610#if defined(__clang__) && __clang_major__ >= 16
2611#pragma clang diagnostic push
2612#pragma clang diagnostic ignored "-Wcast-function-type-strict"
2613#endif
2614      /* When set to NULL, reset to our internal default function */
2615      s->fread_func_set = (curl_read_callback)fread;
2616#if defined(__clang__) && __clang_major__ >= 16
2617#pragma clang diagnostic pop
2618#endif
2619    }
2620    else
2621      s->is_fread_set = 1;
2622    break;
2623  case CURLOPT_SEEKFUNCTION:
2624    /*
2625     * Seek callback. Might be NULL.
2626     */
2627    s->seek_func = va_arg(param, curl_seek_callback);
2628    break;
2629  case CURLOPT_IOCTLFUNCTION:
2630    /*
2631     * I/O control callback. Might be NULL.
2632     */
2633    s->ioctl_func = va_arg(param, curl_ioctl_callback);
2634    break;
2635  case CURLOPT_SSL_CTX_FUNCTION:
2636    /*
2637     * Set an SSL_CTX callback
2638     */
2639#ifdef USE_SSL
2640    if(Curl_ssl_supports(data, SSLSUPP_SSL_CTX)) {
2641      s->ssl.fsslctx = va_arg(param, curl_ssl_ctx_callback);
2642      break;
2643    }
2644    else
2645#endif
2646      return CURLE_NOT_BUILT_IN;
2647
2648  case CURLOPT_SOCKOPTFUNCTION:
2649    /*
2650     * socket callback function: called after socket() but before connect()
2651     */
2652    s->fsockopt = va_arg(param, curl_sockopt_callback);
2653    break;
2654
2655  case CURLOPT_OPENSOCKETFUNCTION:
2656    /*
2657     * open/create socket callback function: called instead of socket(),
2658     * before connect()
2659     */
2660    s->fopensocket = va_arg(param, curl_opensocket_callback);
2661    break;
2662
2663  case CURLOPT_CLOSESOCKETFUNCTION:
2664    /*
2665     * close socket callback function: called instead of close()
2666     * when shutting down a connection
2667     */
2668    s->fclosesocket = va_arg(param, curl_closesocket_callback);
2669    break;
2670
2671  case CURLOPT_RESOLVER_START_FUNCTION:
2672    /*
2673     * resolver start callback function: called before a new resolver request
2674     * is started
2675     */
2676    s->resolver_start = va_arg(param, curl_resolver_start_callback);
2677    break;
2678
2679#ifdef USE_SSH
2680#ifdef USE_LIBSSH2
2681  case CURLOPT_SSH_HOSTKEYFUNCTION:
2682    /* the callback to check the hostkey without the knownhost file */
2683    s->ssh_hostkeyfunc = va_arg(param, curl_sshhostkeycallback);
2684    break;
2685#endif
2686
2687  case CURLOPT_SSH_KEYFUNCTION:
2688    /* setting to NULL is fine since the ssh.c functions themselves will
2689       then revert to use the internal default */
2690    s->ssh_keyfunc = va_arg(param, curl_sshkeycallback);
2691    break;
2692
2693#endif /* USE_SSH */
2694
2695#ifndef CURL_DISABLE_RTSP
2696  case CURLOPT_INTERLEAVEFUNCTION:
2697    /* Set the user defined RTP write function */
2698    s->fwrite_rtp = va_arg(param, curl_write_callback);
2699    break;
2700#endif
2701#ifndef CURL_DISABLE_FTP
2702  case CURLOPT_CHUNK_BGN_FUNCTION:
2703    s->chunk_bgn = va_arg(param, curl_chunk_bgn_callback);
2704    break;
2705  case CURLOPT_CHUNK_END_FUNCTION:
2706    s->chunk_end = va_arg(param, curl_chunk_end_callback);
2707    break;
2708  case CURLOPT_FNMATCH_FUNCTION:
2709    s->fnmatch = va_arg(param, curl_fnmatch_callback);
2710    break;
2711#endif
2712#ifndef CURL_DISABLE_HTTP
2713  case CURLOPT_TRAILERFUNCTION:
2714    s->trailer_callback = va_arg(param, curl_trailer_callback);
2715    break;
2716#endif
2717#ifndef CURL_DISABLE_HSTS
2718  case CURLOPT_HSTSREADFUNCTION:
2719    s->hsts_read = va_arg(param, curl_hstsread_callback);
2720    break;
2721  case CURLOPT_HSTSWRITEFUNCTION:
2722    s->hsts_write = va_arg(param, curl_hstswrite_callback);
2723    break;
2724#endif
2725  case CURLOPT_PREREQFUNCTION:
2726    s->fprereq = va_arg(param, curl_prereq_callback);
2727    break;
2728  default:
2729    return CURLE_UNKNOWN_OPTION;
2730  }
2731  return CURLE_OK;
2732}
2733
2734static CURLcode setopt_offt(struct Curl_easy *data, CURLoption option,
2735                            curl_off_t offt)
2736{
2737  struct UserDefined *s = &data->set;
2738  switch(option) {
2739  case CURLOPT_TIMEVALUE_LARGE:
2740    /*
2741     * This is the value to compare with the remote document with the
2742     * method set with CURLOPT_TIMECONDITION
2743     */
2744    s->timevalue = (time_t)offt;
2745    break;
2746
2747    /* MQTT "borrows" some of the HTTP options */
2748  case CURLOPT_POSTFIELDSIZE_LARGE:
2749    /*
2750     * The size of the POSTFIELD data to prevent libcurl to do strlen() to
2751     * figure it out. Enables binary posts.
2752     */
2753    if(offt < -1)
2754      return CURLE_BAD_FUNCTION_ARGUMENT;
2755
2756    if(s->postfieldsize < offt &&
2757       s->postfields == s->str[STRING_COPYPOSTFIELDS]) {
2758      /* Previous CURLOPT_COPYPOSTFIELDS is no longer valid. */
2759      curlx_safefree(s->str[STRING_COPYPOSTFIELDS]);
2760      s->postfields = NULL;
2761    }
2762    s->postfieldsize = offt;
2763    break;
2764  case CURLOPT_INFILESIZE_LARGE:
2765    /*
2766     * If known, this should inform curl about the file size of the
2767     * to-be-uploaded file.
2768     */
2769    if(offt < -1)
2770      return CURLE_BAD_FUNCTION_ARGUMENT;
2771    s->filesize = offt;
2772    break;
2773  case CURLOPT_MAX_SEND_SPEED_LARGE:
2774    /*
2775     * When transfer uploads are faster then CURLOPT_MAX_SEND_SPEED_LARGE
2776     * bytes per second the transfer is throttled..
2777     */
2778    if(offt < 0)
2779      return CURLE_BAD_FUNCTION_ARGUMENT;
2780    s->max_send_speed = offt;
2781    Curl_rlimit_init(&data->progress.ul.rlimit, offt, offt,
2782                     Curl_pgrs_now(data));
2783    break;
2784  case CURLOPT_MAX_RECV_SPEED_LARGE:
2785    /*
2786     * When receiving data faster than CURLOPT_MAX_RECV_SPEED_LARGE bytes per
2787     * second the transfer is throttled..
2788     */
2789    if(offt < 0)
2790      return CURLE_BAD_FUNCTION_ARGUMENT;
2791    s->max_recv_speed = offt;
2792    Curl_rlimit_init(&data->progress.dl.rlimit, offt, offt,
2793                     Curl_pgrs_now(data));
2794    break;
2795  case CURLOPT_RESUME_FROM_LARGE:
2796    /*
2797     * Resume transfer at the given file position
2798     */
2799    if(offt < -1)
2800      return CURLE_BAD_FUNCTION_ARGUMENT;
2801    s->set_resume_from = offt;
2802    break;
2803  case CURLOPT_MAXFILESIZE_LARGE:
2804    /*
2805     * Set the maximum size of a file to download.
2806     */
2807    if(offt < 0)
2808      return CURLE_BAD_FUNCTION_ARGUMENT;
2809    s->max_filesize = offt;
2810    break;
2811
2812  default:
2813    return CURLE_UNKNOWN_OPTION;
2814  }
2815  return CURLE_OK;
2816}
2817
2818static CURLcode setopt_blob(struct Curl_easy *data, CURLoption option,
2819                            struct curl_blob *blob)
2820{
2821  struct UserDefined *s = &data->set;
2822  switch(option) {
2823  case CURLOPT_SSLCERT_BLOB:
2824    /*
2825     * Blob that holds file content of the SSL certificate to use
2826     */
2827    return Curl_setblobopt(&s->blobs[BLOB_CERT], blob);
2828#ifndef CURL_DISABLE_PROXY
2829  case CURLOPT_PROXY_SSLCERT_BLOB:
2830    /*
2831     * Blob that holds file content of the SSL certificate to use for proxy
2832     */
2833    return Curl_setblobopt(&s->blobs[BLOB_CERT_PROXY], blob);
2834  case CURLOPT_PROXY_SSLKEY_BLOB:
2835    /*
2836     * Blob that holds file content of the SSL key to use for proxy
2837     */
2838    return Curl_setblobopt(&s->blobs[BLOB_KEY_PROXY], blob);
2839  case CURLOPT_PROXY_CAINFO_BLOB:
2840    /*
2841     * Blob that holds CA info for SSL connection proxy.
2842     * Specify entire PEM of the CA certificate
2843     */
2844#ifdef USE_SSL
2845    if(Curl_ssl_supports(data, SSLSUPP_CAINFO_BLOB)) {
2846      s->proxy_ssl.custom_cablob = TRUE;
2847      return Curl_setblobopt(&s->blobs[BLOB_CAINFO_PROXY], blob);
2848    }
2849#endif
2850    return CURLE_NOT_BUILT_IN;
2851  case CURLOPT_PROXY_ISSUERCERT_BLOB:
2852    /*
2853     * Blob that holds Issuer certificate to check certificates issuer
2854     */
2855    if(Curl_ssl_supports(data, SSLSUPP_ISSUERCERT_BLOB))
2856      return Curl_setblobopt(&s->blobs[BLOB_SSL_ISSUERCERT_PROXY], blob);
2857    return CURLE_NOT_BUILT_IN;
2858#endif
2859  case CURLOPT_SSLKEY_BLOB:
2860    /*
2861     * Blob that holds file content of the SSL key to use
2862     */
2863    return Curl_setblobopt(&s->blobs[BLOB_KEY], blob);
2864  case CURLOPT_CAINFO_BLOB:
2865    /*
2866     * Blob that holds CA info for SSL connection.
2867     * Specify entire PEM of the CA certificate
2868     */
2869#ifdef USE_SSL
2870    if(Curl_ssl_supports(data, SSLSUPP_CAINFO_BLOB)) {
2871      s->ssl.custom_cablob = TRUE;
2872      return Curl_setblobopt(&s->blobs[BLOB_CAINFO], blob);
2873    }
2874#endif
2875    return CURLE_NOT_BUILT_IN;
2876  case CURLOPT_ISSUERCERT_BLOB:
2877    /*
2878     * Blob that holds Issuer certificate to check certificates issuer
2879     */
2880    if(Curl_ssl_supports(data, SSLSUPP_ISSUERCERT_BLOB))
2881      return Curl_setblobopt(&s->blobs[BLOB_SSL_ISSUERCERT], blob);
2882    return CURLE_NOT_BUILT_IN;
2883
2884  default:
2885    return CURLE_UNKNOWN_OPTION;
2886  }
2887  /* unreachable */
2888}
2889
2890/*
2891 * Do not make Curl_vsetopt() static: it is called from
2892 * projects/OS400/ccsidcurl.c.
2893 */
2894CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
2895{
2896  if(option < CURLOPTTYPE_OBJECTPOINT)
2897    return setopt_long(data, option, va_arg(param, long));
2898  else if(option < CURLOPTTYPE_FUNCTIONPOINT) {
2899    /* unfortunately, different pointer types cannot be identified any other
2900       way than being listed explicitly */
2901    switch(option) {
2902    case CURLOPT_HTTPHEADER:
2903    case CURLOPT_QUOTE:
2904    case CURLOPT_POSTQUOTE:
2905    case CURLOPT_TELNETOPTIONS:
2906    case CURLOPT_PREQUOTE:
2907    case CURLOPT_HTTP200ALIASES:
2908    case CURLOPT_MAIL_RCPT:
2909    case CURLOPT_RESOLVE:
2910    case CURLOPT_PROXYHEADER:
2911    case CURLOPT_CONNECT_TO:
2912      return setopt_slist(data, option, va_arg(param, struct curl_slist *));
2913    case CURLOPT_HTTPPOST:         /* curl_httppost * */
2914    case CURLOPT_MIMEPOST:         /* curl_mime * */
2915    case CURLOPT_STDERR:           /* FILE * */
2916    case CURLOPT_SHARE:            /* CURLSH * */
2917    case CURLOPT_STREAM_DEPENDS:   /* CURL * */
2918    case CURLOPT_STREAM_DEPENDS_E: /* CURL * */
2919    case CURLOPT_CURLU:            /* CURLU * */
2920      return setopt_pointers(data, option, param);
2921    default:
2922      break;
2923    }
2924    /* the char pointer options */
2925    return setopt_cptr(data, option, va_arg(param, char *));
2926  }
2927  else if(option < CURLOPTTYPE_OFF_T)
2928    return setopt_func(data, option, param);
2929  else if(option < CURLOPTTYPE_BLOB)
2930    return setopt_offt(data, option, va_arg(param, curl_off_t));
2931  return setopt_blob(data, option, va_arg(param, struct curl_blob *));
2932}
2933
2934/*
2935 * curl_easy_setopt() is the external interface for setting options on an
2936 * easy handle.
2937 *
2938 * NOTE: This is one of few API functions that are allowed to be called from
2939 * within a callback.
2940 */
2941
2942#undef curl_easy_setopt
2943CURLcode curl_easy_setopt(CURL *curl, CURLoption option, ...)
2944{
2945  va_list arg;
2946  CURLcode result;
2947  struct Curl_easy *data = curl;
2948
2949  if(!data)
2950    return CURLE_BAD_FUNCTION_ARGUMENT;
2951
2952  va_start(arg, option);
2953
2954  result = Curl_vsetopt(data, option, arg);
2955
2956  va_end(arg);
2957  if(result == CURLE_BAD_FUNCTION_ARGUMENT)
2958    failf(data, "setopt 0x%x got bad argument", option);
2959  return result;
2960}