/***************************************************************************

 *                                  _   _ ____  _

 *  Project                     ___| | | |  _ \| |

 *                             / __| | | | |_) | |

 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *

 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms

 * are also available at https://curl.se/docs/copyright.html.

 *

 * You may opt to use, copy, modify, merge, publish, distribute and/or sell

 * copies of the Software, and permit persons to whom the Software is

 * furnished to do so, under the terms of the COPYING file.

 *

 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY

 * KIND, either express or implied.

 *

 * SPDX-License-Identifier: curl

 *

 ***************************************************************************/

#include "curl_setup.h"

#include <limits.h>

#ifdef HAVE_NETINET_IN_H

#include <netinet/in.h>

#endif

#ifdef HAVE_LINUX_TCP_H

#include <linux/tcp.h>

#elif defined(HAVE_NETINET_TCP_H)

#include <netinet/tcp.h>

#endif

#include "urldata.h"

#include "url.h"

#include "progress.h"

#include "content_encoding.h"

#include "strcase.h"

#include "share.h"

#include "vtls/vtls.h"

#include "curlx/warnless.h"

#include "sendf.h"

#include "hostip.h"

#include "http2.h"

#include "setopt.h"

#include "multiif.h"

#include "altsvc.h"

#include "hsts.h"

#include "tftp.h"

#include "strdup.h"

#include "escape.h"

/* The last 3 #include files should be in this order */

#include "curl_printf.h"

#include "curl_memory.h"

#include "memdebug.h"

static CURLcode setopt_set_timeout_sec(timediff_t *ptimeout_ms, long secs)

{

  if(secs < 0)

    return CURLE_BAD_FUNCTION_ARGUMENT;

#if LONG_MAX > (TIMEDIFF_T_MAX/1000)

  if(secs > (TIMEDIFF_T_MAX/1000)) {

    *ptimeout_ms = TIMEDIFF_T_MAX;

    return CURLE_OK;

  }

#endif

  *ptimeout_ms = (timediff_t)secs * 1000;

  return CURLE_OK;

}

static CURLcode setopt_set_timeout_ms(timediff_t *ptimeout_ms, long ms)

{

  if(ms < 0)

    return CURLE_BAD_FUNCTION_ARGUMENT;

#if LONG_MAX > TIMEDIFF_T_MAX

  if(ms > TIMEDIFF_T_MAX) {

    *ptimeout_ms = TIMEDIFF_T_MAX;

    return CURLE_OK;

  }

#endif

  *ptimeout_ms = (timediff_t)ms;

  return CURLE_OK;

}

CURLcode Curl_setstropt(char **charp, const char *s)

{

  /* Release the previous storage at `charp' and replace by a dynamic storage

     copy of `s'. Return CURLE_OK or CURLE_OUT_OF_MEMORY. */

  Curl_safefree(*charp);

  if(s) {

    if(strlen(s) > CURL_MAX_INPUT_LENGTH)

      return CURLE_BAD_FUNCTION_ARGUMENT;

    *charp = strdup(s);

    if(!*charp)

      return CURLE_OUT_OF_MEMORY;

  }

  return CURLE_OK;

}

CURLcode Curl_setblobopt(struct curl_blob **blobp,

                         const struct curl_blob *blob)

{

  /* free the previous storage at `blobp' and replace by a dynamic storage

     copy of blob. If CURL_BLOB_COPY is set, the data is copied. */

  Curl_safefree(*blobp);

  if(blob) {

    struct curl_blob *nblob;

    if(blob->len > CURL_MAX_INPUT_LENGTH)

      return CURLE_BAD_FUNCTION_ARGUMENT;

    nblob = (struct curl_blob *)

      malloc(sizeof(struct curl_blob) +

             ((blob->flags & CURL_BLOB_COPY) ? blob->len : 0));

    if(!nblob)

      return CURLE_OUT_OF_MEMORY;

    *nblob = *blob;

    if(blob->flags & CURL_BLOB_COPY) {

      /* put the data after the blob struct in memory */

      nblob->data = (char *)nblob + sizeof(struct curl_blob);

      memcpy(nblob->data, blob->data, blob->len);

    }

    *blobp = nblob;

    return CURLE_OK;

  }

  return CURLE_OK;

}

static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp)

{

  char *user = NULL;

  char *passwd = NULL;

  DEBUGASSERT(userp);

  DEBUGASSERT(passwdp);

  /* Parse the login details if specified. It not then we treat NULL as a hint

     to clear the existing data */

  if(option) {

    size_t len = strlen(option);

    CURLcode result;

    if(len > CURL_MAX_INPUT_LENGTH)

      return CURLE_BAD_FUNCTION_ARGUMENT;

    result = Curl_parse_login_details(option, len, &user, &passwd, NULL);

    if(result)

      return result;

  }

  free(*userp);

  *userp = user;

  free(*passwdp);

  *passwdp = passwd;

  return CURLE_OK;

}

static CURLcode setstropt_interface(char *option, char **devp,

                                    char **ifacep, char **hostp)

{

  char *dev = NULL;

  char *iface = NULL;

  char *host = NULL;

  CURLcode result;

  DEBUGASSERT(devp);

  DEBUGASSERT(ifacep);

  DEBUGASSERT(hostp);

  if(option) {

    /* Parse the interface details if set, otherwise clear them all */

    result = Curl_parse_interface(option, &dev, &iface, &host);

    if(result)

      return result;

  }

  free(*devp);

  *devp = dev;

  free(*ifacep);

  *ifacep = iface;

  free(*hostp);

  *hostp = host;

  return CURLE_OK;

}

#define C_SSLVERSION_VALUE(x) (x & 0xffff)

#define C_SSLVERSION_MAX_VALUE(x) ((unsigned long)x & 0xffff0000)

static CURLcode protocol2num(const char *str, curl_prot_t *val)

{

  /*

   * We are asked to cherry-pick protocols, so play it safe and disallow all

   * protocols to start with, and re-add the wanted ones back in.

   */

  *val = 0;

  if(!str)

    return CURLE_BAD_FUNCTION_ARGUMENT;

  if(curl_strequal(str, "all")) {

    *val = ~(curl_prot_t) 0;

    return CURLE_OK;

  }

  do {

    const char *token = str;

    size_t tlen;

    str = strchr(str, ',');

    tlen = str ? (size_t) (str - token) : strlen(token);

    if(tlen) {

      const struct Curl_handler *h = Curl_getn_scheme_handler(token, tlen);

      if(!h)

        return CURLE_UNSUPPORTED_PROTOCOL;

      *val |= h->protocol;

    }

  } while(str && str++);

  if(!*val)

    /* no protocol listed */

    return CURLE_BAD_FUNCTION_ARGUMENT;

  return CURLE_OK;

}

#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_PROXY)

static CURLcode httpauth(struct Curl_easy *data, bool proxy,

                         unsigned long auth)

{

  if(auth != CURLAUTH_NONE) {

    int bitcheck = 0;

    bool authbits = FALSE;

    /* the DIGEST_IE bit is only used to set a special marker, for all the

       rest we need to handle it as normal DIGEST */

    bool iestyle = !!(auth & CURLAUTH_DIGEST_IE);

    if(proxy)

      data->state.authproxy.iestyle = iestyle;

    else

      data->state.authhost.iestyle = iestyle;

    if(auth & CURLAUTH_DIGEST_IE) {

      auth |= CURLAUTH_DIGEST; /* set standard digest bit */

      auth &= ~CURLAUTH_DIGEST_IE; /* unset ie digest bit */

    }

    /* switch off bits we cannot support */

#ifndef USE_NTLM

    auth &= ~CURLAUTH_NTLM;    /* no NTLM support */

#endif

#ifndef USE_SPNEGO

    auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without GSS-API

                                    or SSPI */

#endif

    /* check if any auth bit lower than CURLAUTH_ONLY is still set */

    while(bitcheck < 31) {

      if(auth & (1UL << bitcheck++)) {

        authbits = TRUE;

        break;

      }

    }

    if(!authbits)

      return CURLE_NOT_BUILT_IN; /* no supported types left! */

  }

  if(proxy)

    data->set.proxyauth = auth;

  else

    data->set.httpauth = auth;

  return CURLE_OK;

}

#endif /* !CURL_DISABLE_HTTP || !CURL_DISABLE_PROXY */

#ifndef CURL_DISABLE_HTTP

static CURLcode setopt_HTTP_VERSION(struct Curl_easy *data, long arg)

{

  /*

   * This sets a requested HTTP version to be used. The value is one of

   * the listed enums in curl/curl.h.

   */

  switch(arg) {

  case CURL_HTTP_VERSION_NONE:

    /* accepted */

    break;

  case CURL_HTTP_VERSION_1_0:

  case CURL_HTTP_VERSION_1_1:

    /* accepted */

    break;

#ifdef USE_HTTP2

  case CURL_HTTP_VERSION_2_0:

  case CURL_HTTP_VERSION_2TLS:

  case CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE:

    /* accepted */

    break;

#endif

#ifdef USE_HTTP3

  case CURL_HTTP_VERSION_3:

  case CURL_HTTP_VERSION_3ONLY:

    /* accepted */

    break;

#endif

  default:

    /* not accepted */

    if(arg < CURL_HTTP_VERSION_NONE)

      return CURLE_BAD_FUNCTION_ARGUMENT;

    return CURLE_UNSUPPORTED_PROTOCOL;

  }

  data->set.httpwant = (unsigned char)arg;

  return CURLE_OK;

}

#endif /* ! CURL_DISABLE_HTTP */

#ifdef USE_SSL

CURLcode Curl_setopt_SSLVERSION(struct Curl_easy *data, CURLoption option,

                                long arg)

{

  /*

   * Set explicit SSL version to try to connect with, as some SSL

   * implementations are lame.

   */

  {

    long version, version_max;

    struct ssl_primary_config *primary = &data->set.ssl.primary;

#ifndef CURL_DISABLE_PROXY

    if(option != CURLOPT_SSLVERSION)

      primary = &data->set.proxy_ssl.primary;

#else

    if(option) {}

#endif

    version = C_SSLVERSION_VALUE(arg);

    version_max = (long)C_SSLVERSION_MAX_VALUE(arg);

    if(version < CURL_SSLVERSION_DEFAULT ||

       version == CURL_SSLVERSION_SSLv2 ||

       version == CURL_SSLVERSION_SSLv3 ||

       version >= CURL_SSLVERSION_LAST ||

       version_max < CURL_SSLVERSION_MAX_NONE ||

       version_max >= CURL_SSLVERSION_MAX_LAST)

      return CURLE_BAD_FUNCTION_ARGUMENT;

    if(version == CURL_SSLVERSION_DEFAULT)

      version = CURL_SSLVERSION_TLSv1_2;

    primary->version = (unsigned char)version;

    primary->version_max = (unsigned int)version_max;

  }

  return CURLE_OK;

}

#endif /* ! USE_SSL */

#ifndef CURL_DISABLE_RTSP

static CURLcode setopt_RTSP_REQUEST(struct Curl_easy *data, long arg)

{

  /*

   * Set the RTSP request method (OPTIONS, SETUP, PLAY, etc...)

   * Would this be better if the RTSPREQ_* were just moved into here?

   */

  Curl_RtspReq rtspreq = RTSPREQ_NONE;

  switch(arg) {

  case CURL_RTSPREQ_OPTIONS:

    rtspreq = RTSPREQ_OPTIONS;

    break;

  case CURL_RTSPREQ_DESCRIBE:

    rtspreq = RTSPREQ_DESCRIBE;

    break;

  case CURL_RTSPREQ_ANNOUNCE:

    rtspreq = RTSPREQ_ANNOUNCE;

    break;

  case CURL_RTSPREQ_SETUP:

    rtspreq = RTSPREQ_SETUP;

    break;

  case CURL_RTSPREQ_PLAY:

    rtspreq = RTSPREQ_PLAY;

    break;

  case CURL_RTSPREQ_PAUSE:

    rtspreq = RTSPREQ_PAUSE;

    break;

  case CURL_RTSPREQ_TEARDOWN:

    rtspreq = RTSPREQ_TEARDOWN;

    break;

  case CURL_RTSPREQ_GET_PARAMETER:

    rtspreq = RTSPREQ_GET_PARAMETER;

    break;

  case CURL_RTSPREQ_SET_PARAMETER:

    rtspreq = RTSPREQ_SET_PARAMETER;

    break;

  case CURL_RTSPREQ_RECORD:

    rtspreq = RTSPREQ_RECORD;

    break;

  case CURL_RTSPREQ_RECEIVE:

    rtspreq = RTSPREQ_RECEIVE;

    break;

  default:

    return CURLE_BAD_FUNCTION_ARGUMENT;

  }

  data->set.rtspreq = rtspreq;

  return CURLE_OK;

}

#endif /* ! CURL_DISABLE_RTSP */

#ifdef USE_SSL

static void set_ssl_options(struct ssl_config_data *ssl,

                            struct ssl_primary_config *config,

                            long arg)

{

  config->ssl_options = (unsigned char)(arg & 0xff);

  ssl->enable_beast = !!(arg & CURLSSLOPT_ALLOW_BEAST);

  ssl->no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);

  ssl->no_partialchain = !!(arg & CURLSSLOPT_NO_PARTIALCHAIN);

  ssl->revoke_best_effort = !!(arg & CURLSSLOPT_REVOKE_BEST_EFFORT);

  ssl->native_ca_store = !!(arg & CURLSSLOPT_NATIVE_CA);

  ssl->auto_client_cert = !!(arg & CURLSSLOPT_AUTO_CLIENT_CERT);

  ssl->earlydata = !!(arg & CURLSSLOPT_EARLYDATA);

}

#endif

static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option,

                            long arg, bool *set)

{

  bool enabled = !!arg;

  struct UserDefined *s = &data->set;

  switch(option) {

  case CURLOPT_FORBID_REUSE:

    /*

     * When this transfer is done, it must not be left to be reused by a

     * subsequent transfer but shall be closed immediately.

     */

    s->reuse_forbid = enabled;

    break;

  case CURLOPT_FRESH_CONNECT:

    /*

     * This transfer shall not use a previously cached connection but

     * should be made with a fresh new connect!

     */

    s->reuse_fresh = enabled;

    break;

  case CURLOPT_VERBOSE:

    /*

     * Verbose means infof() calls that give a lot of information about

     * the connection and transfer procedures as well as internal choices.

     */

    s->verbose = enabled;

    break;

  case CURLOPT_HEADER:

    /*

     * Set to include the header in the general data output stream.

     */

    s->include_header = enabled;

    break;

  case CURLOPT_NOPROGRESS:

    /*

     * Shut off the internal supported progress meter

     */

    data->progress.hide = enabled;

    break;

  case CURLOPT_NOBODY:

    /*

     * Do not include the body part in the output data stream.

     */

    s->opt_no_body = enabled;

#ifndef CURL_DISABLE_HTTP

    if(s->opt_no_body)

      /* in HTTP lingo, no body means using the HEAD request... */

      s->method = HTTPREQ_HEAD;

    else if(s->method == HTTPREQ_HEAD)

      s->method = HTTPREQ_GET;

#endif

    break;

  case CURLOPT_FAILONERROR:

    /*

     * Do not output the >=400 error code HTML-page, but instead only

     * return error.

     */

    s->http_fail_on_error = enabled;

    break;

  case CURLOPT_KEEP_SENDING_ON_ERROR:

    s->http_keep_sending_on_error = enabled;

    break;

  case CURLOPT_UPLOAD:

  case CURLOPT_PUT:

    /*

     * We want to sent data to the remote host. If this is HTTP, that equals

     * using the PUT request.

     */

    if(enabled) {

      /* If this is HTTP, PUT is what's needed to "upload" */

      s->method = HTTPREQ_PUT;

      s->opt_no_body = FALSE; /* this is implied */

    }

    else

      /* In HTTP, the opposite of upload is GET (unless NOBODY is true as

         then this can be changed to HEAD later on) */

      s->method = HTTPREQ_GET;

    break;

  case CURLOPT_FILETIME:

    /*

     * Try to get the file time of the remote document. The time will

     * later (possibly) become available using curl_easy_getinfo().

     */

    s->get_filetime = enabled;

    break;

#ifndef CURL_DISABLE_HTTP

  case CURLOPT_HTTP09_ALLOWED:

    s->http09_allowed = enabled;

    break;

#if !defined(CURL_DISABLE_COOKIES)

  case CURLOPT_COOKIESESSION:

    /*

     * Set this option to TRUE to start a new "cookie session". It will

     * prevent the forthcoming read-cookies-from-file actions to accept

     * cookies that are marked as being session cookies, as they belong to a

     * previous session.

     */

    s->cookiesession = enabled;

    break;

#endif

  case CURLOPT_AUTOREFERER:

    /*

     * Switch on automatic referer that gets set if curl follows locations.

     */

    s->http_auto_referer = enabled;

    break;

  case CURLOPT_TRANSFER_ENCODING:

    s->http_transfer_encoding = enabled;

    break;

  case CURLOPT_UNRESTRICTED_AUTH:

    /*

     * Send authentication (user+password) when following locations, even when

     * hostname changed.

     */

    s->allow_auth_to_other_hosts = enabled;

    break;

  case CURLOPT_HTTP_TRANSFER_DECODING:

    /*

     * disable libcurl transfer encoding is used

     */

    s->http_te_skip = !enabled; /* reversed */

    break;

  case CURLOPT_HTTP_CONTENT_DECODING:

    /*

     * raw data passed to the application when content encoding is used

     */

    s->http_ce_skip = !enabled; /* reversed */

    break;

  case CURLOPT_HTTPGET:

    /*

     * Set to force us do HTTP GET

     */

    if(enabled) {

      s->method = HTTPREQ_GET;

      s->opt_no_body = FALSE; /* this is implied */

    }

    break;

  case CURLOPT_POST:

    /* Does this option serve a purpose anymore? Yes it does, when

       CURLOPT_POSTFIELDS is not used and the POST data is read off the

       callback! */

    if(enabled) {

      s->method = HTTPREQ_POST;

      s->opt_no_body = FALSE; /* this is implied */

    }

    else

      s->method = HTTPREQ_GET;

    break;

#endif /* ! CURL_DISABLE_HTTP */

#ifndef CURL_DISABLE_PROXY

  case CURLOPT_HTTPPROXYTUNNEL:

    /*

     * Tunnel operations through the proxy instead of normal proxy use

     */

    s->tunnel_thru_httpproxy = enabled;

    break;

  case CURLOPT_HAPROXYPROTOCOL:

    /*

     * Set to send the HAProxy Proxy Protocol header

     */

    s->haproxyprotocol = enabled;

    break;

  case CURLOPT_PROXY_SSL_VERIFYPEER:

    /*

     * Enable peer SSL verifying for proxy.

     */

    s->proxy_ssl.primary.verifypeer = enabled;

    /* Update the current connection proxy_ssl_config. */

    Curl_ssl_conn_config_update(data, TRUE);

    break;

  case CURLOPT_PROXY_SSL_VERIFYHOST:

    /*

     * Enable verification of the hostname in the peer certificate for proxy

     */

    s->proxy_ssl.primary.verifyhost = enabled;

    /* Update the current connection proxy_ssl_config. */

    Curl_ssl_conn_config_update(data, TRUE);

    break;

  case CURLOPT_PROXY_TRANSFER_MODE:

    /*

     * set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy

     */

    s->proxy_transfer_mode = enabled;

    break;

#endif /* ! CURL_DISABLE_PROXY */

#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)

  case CURLOPT_SOCKS5_GSSAPI_NEC:

    /*

     * Set flag for NEC SOCK5 support

     */

    s->socks5_gssapi_nec = enabled;

    break;

#endif

#ifdef CURL_LIST_ONLY_PROTOCOL

  case CURLOPT_DIRLISTONLY:

    /*

     * An option that changes the command to one that asks for a list only, no

     * file info details. Used for FTP, POP3 and SFTP.

     */

    s->list_only = enabled;

    break;

#endif

  case CURLOPT_APPEND:

    /*

     * We want to upload and append to an existing file. Used for FTP and

     * SFTP.

     */

    s->remote_append = enabled;

    break;

#ifndef CURL_DISABLE_FTP

  case CURLOPT_FTP_USE_EPRT:

    s->ftp_use_eprt = enabled;

    break;

  case CURLOPT_FTP_USE_EPSV:

    s->ftp_use_epsv = enabled;

    break;

  case CURLOPT_FTP_USE_PRET:

    s->ftp_use_pret = enabled;

    break;

  case CURLOPT_FTP_SKIP_PASV_IP:

    /*

     * Enable or disable FTP_SKIP_PASV_IP, which will disable/enable the

     * bypass of the IP address in PASV responses.

     */

    s->ftp_skip_ip = enabled;

    break;

  case CURLOPT_WILDCARDMATCH:

    s->wildcard_enabled = enabled;

    break;

#endif

  case CURLOPT_CRLF:

    /*

     * Kludgy option to enable CRLF conversions. Subject for removal.

     */

    s->crlf = enabled;

    break;

#ifndef CURL_DISABLE_TFTP

  case CURLOPT_TFTP_NO_OPTIONS:

    /*

     * Option that prevents libcurl from sending TFTP option requests to the

     * server.

     */

    s->tftp_no_options = enabled;

    break;

#endif /* ! CURL_DISABLE_TFTP */

  case CURLOPT_TRANSFERTEXT:

    /*

     * This option was previously named 'FTPASCII'. Renamed to work with

     * more protocols than merely FTP.

     *

     * Transfer using ASCII (instead of BINARY).

     */

    s->prefer_ascii = enabled;

    break;

  case CURLOPT_SSL_VERIFYPEER:

    /*

     * Enable peer SSL verifying.

     */

    s->ssl.primary.verifypeer = enabled;

    /* Update the current connection ssl_config. */

    Curl_ssl_conn_config_update(data, FALSE);

    break;

#ifndef CURL_DISABLE_DOH

  case CURLOPT_DOH_SSL_VERIFYPEER:

    /*

     * Enable peer SSL verifying for DoH.

     */

    s->doh_verifypeer = enabled;

    break;

  case CURLOPT_DOH_SSL_VERIFYHOST:

    /*

     * Enable verification of the hostname in the peer certificate for DoH

     */

    s->doh_verifyhost = enabled;

    break;

  case CURLOPT_DOH_SSL_VERIFYSTATUS:

    /*

     * Enable certificate status verifying for DoH.

     */

    if(!Curl_ssl_cert_status_request())

      return CURLE_NOT_BUILT_IN;

    s->doh_verifystatus = enabled;

    break;

#endif /* ! CURL_DISABLE_DOH */

  case CURLOPT_SSL_VERIFYHOST:

    /*

     * Enable verification of the hostname in the peer certificate

     */

    /* Obviously people are not reading documentation and too many thought

       this argument took a boolean when it was not and misused it.

       Treat 1 and 2 the same */

    s->ssl.primary.verifyhost = enabled;

    /* Update the current connection ssl_config. */

    Curl_ssl_conn_config_update(data, FALSE);

    break;

  case CURLOPT_SSL_VERIFYSTATUS:

    /*

     * Enable certificate status verifying.

     */

    if(!Curl_ssl_cert_status_request())

      return CURLE_NOT_BUILT_IN;

    s->ssl.primary.verifystatus = enabled;

    /* Update the current connection ssl_config. */

    Curl_ssl_conn_config_update(data, FALSE);

    break;

  case CURLOPT_CERTINFO:

#ifdef USE_SSL

    if(Curl_ssl_supports(data, SSLSUPP_CERTINFO))

      s->ssl.certinfo = enabled;

    else

#endif

      return CURLE_NOT_BUILT_IN;

    break;

  case CURLOPT_NOSIGNAL:

    /*

     * The application asks not to set any signal() or alarm() handlers,

     * even when using a timeout.

     */

    s->no_signal = enabled;

    break;

  case CURLOPT_TCP_NODELAY:

    /*

     * Enable or disable TCP_NODELAY, which will disable/enable the Nagle

     * algorithm

     */

    s->tcp_nodelay = enabled;

    break;

  case CURLOPT_IGNORE_CONTENT_LENGTH:

    s->ignorecl = enabled;

    break;

  case CURLOPT_SSL_SESSIONID_CACHE:

    s->ssl.primary.cache_session = enabled;

#ifndef CURL_DISABLE_PROXY

    s->proxy_ssl.primary.cache_session =

      s->ssl.primary.cache_session;

#endif

    break;

#ifdef USE_SSH

  case CURLOPT_SSH_COMPRESSION:

    s->ssh_compression = enabled;

    break;

#endif /* ! USE_SSH */

#ifndef CURL_DISABLE_SMTP

  case CURLOPT_MAIL_RCPT_ALLOWFAILS:

    /* allow RCPT TO command to fail for some recipients */

    s->mail_rcpt_allowfails = enabled;

    break;

#endif /* !CURL_DISABLE_SMTP */

  case CURLOPT_SASL_IR:

    /* Enable/disable SASL initial response */

    s->sasl_ir = enabled;

    break;

  case CURLOPT_TCP_KEEPALIVE:

    s->tcp_keepalive = enabled;

    break;

  case CURLOPT_TCP_FASTOPEN:

#if defined(CONNECT_DATA_IDEMPOTENT) || defined(MSG_FASTOPEN) ||        \

  defined(TCP_FASTOPEN_CONNECT)

    s->tcp_fastopen = enabled;

#else

    return CURLE_NOT_BUILT_IN;

#endif

    break;

  case CURLOPT_SSL_ENABLE_ALPN:

    s->ssl_enable_alpn = enabled;

    break;

  case CURLOPT_PATH_AS_IS:

    s->path_as_is = enabled;

    break;

  case CURLOPT_PIPEWAIT:

    s->pipewait = enabled;

    break;

  case CURLOPT_SUPPRESS_CONNECT_HEADERS:

    s->suppress_connect_headers = enabled;

    break;

#ifndef CURL_DISABLE_SHUFFLE_DNS

  case CURLOPT_DNS_SHUFFLE_ADDRESSES:

    s->dns_shuffle_addresses = enabled;

    break;

#endif

  case CURLOPT_DISALLOW_USERNAME_IN_URL:

    s->disallow_username_in_url = enabled;

    break;

  case CURLOPT_QUICK_EXIT:

    s->quick_exit = enabled;

    break;

  default:

    return CURLE_OK;

  }

  if((arg > 1) || (arg < 0))

    /* reserve other values for future use */

    infof(data, "boolean setopt(%d) got unsupported argument %ld,"

          " treated as %d", option, arg, enabled);

  *set = TRUE;

  return CURLE_OK;

}

static CURLcode value_range(long *value, long below_error, long min, long max)

{

  if(*value < below_error)

    return CURLE_BAD_FUNCTION_ARGUMENT;

  else if(*value < min)

    *value = min;

  else if(*value > max)

    *value = max;

  return CURLE_OK;

}

static CURLcode setopt_long(struct Curl_easy *data, CURLoption option,

                            long arg)

{

  unsigned long uarg = (unsigned long)arg;

  bool set = FALSE;

  CURLcode result = setopt_bool(data, option, arg, &set);

  struct UserDefined *s = &data->set;

  if(set || result)

    return result;

  switch(option) {

  case CURLOPT_DNS_CACHE_TIMEOUT:

    return setopt_set_timeout_sec(&s->dns_cache_timeout_ms, arg);

  case CURLOPT_CA_CACHE_TIMEOUT:

    if(Curl_ssl_supports(data, SSLSUPP_CA_CACHE)) {

      result = value_range(&arg, -1, -1, INT_MAX);

      if(result)

        return result;

      s->general_ssl.ca_cache_timeout = (int)arg;

    }

    else

      return CURLE_NOT_BUILT_IN;

    break;

  case CURLOPT_MAXCONNECTS:

    result = value_range(&arg, 1, 1, UINT_MAX);

    if(result)

      return result;

    s->maxconnects = (unsigned int)arg;

    break;

  case CURLOPT_SERVER_RESPONSE_TIMEOUT:

    return setopt_set_timeout_sec(&s->server_response_timeout, arg);

  case CURLOPT_SERVER_RESPONSE_TIMEOUT_MS:

    return setopt_set_timeout_ms(&s->server_response_timeout, arg);

#ifndef CURL_DISABLE_TFTP

  case CURLOPT_TFTP_BLKSIZE:

    result = value_range(&arg, 0, TFTP_BLKSIZE_MIN, TFTP_BLKSIZE_MAX);

    if(result)

      return result;

    s->tftp_blksize = (unsigned short)arg;

    break;

#endif

#ifndef CURL_DISABLE_NETRC

  case CURLOPT_NETRC:

    if((arg < CURL_NETRC_IGNORED) || (arg >= CURL_NETRC_LAST))