Commit Graph

22784 Commits

Author SHA1 Message Date
Florin f20cbac970
auth: Added test cases for RFC7616
Updated docs to include support for RFC7616

Signed-off-by: Florin <>

Closes #1934
2017-10-28 16:33:09 +02:00
Florin 2b5b37cb91
auth: add support for RFC7616 - HTTP Digest access authentication
Signed-off-by: Florin <>
2017-10-28 16:32:43 +02:00
Daniel Bankhead 1d0c8dea95
TODO: support multiple Content-Encodings
Closes #2002
2017-10-28 11:01:32 +02:00
Daniel Stenberg 516d3b9ff9
ROADMAP: cleanup
Removed done stuff. Removed entries no longer considered for the near
2017-10-28 10:54:20 +02:00
Magicansk cb361b4a5e spelling fixes
Closes #2028
2017-10-28 10:49:56 +02:00
Daniel Stenberg 0d85eed3df
Curl_timeleft: change return type to timediff_t
returning 'time_t' is problematic when that type is unsigned and we
return values less than zero to signal "already expired", used in
several places in the code.

Closes #2021
2017-10-28 10:40:51 +02:00
Daniel Stenberg 9dfc541dd7
appveyor: add a win32 build 2017-10-27 23:40:04 +02:00
Daniel Stenberg 961c8667d2
setopt: fix CURLOPT_SSH_AUTH_TYPES option read
Regression since f121575c0b

Reported-by: Rob Cotrone
2017-10-27 22:57:51 +02:00
Marcel Raad 733190413f
resolvers: only include anything if needed
This avoids warnings about unused stuff.

2017-10-27 13:20:13 +02:00
Daniel Stenberg 36bbbeb7c2
HELP-US: rename the subtitle too since the label is changed
"PR-welcome" was the former name.
2017-10-27 11:19:44 +02:00
Daniel Stenberg fe03485e93
curl_setup.h: oops, shorten the too long line 2017-10-27 11:12:45 +02:00
Martin Storsjo 9e76dbe054
curl_setup: Improve detection of CURL_WINDOWS_APP
If WINAPI_FAMILY is defined, it should be safe to try to include
winapifamily.h to check what the define evaluates to.

This should fix detection of CURL_WINDOWS_APP if building with
_WIN32_WINNT set to 0x0600.

Closes #2025
2017-10-27 11:02:42 +02:00
Jay Satiro 979d2877be transfer: Fix chunked-encoding upload bug
- When uploading via chunked-encoding don't compare file size to bytes
  sent to determine whether the upload has finished.

Chunked-encoding adds its own overhead which why the bytes sent is not
equal to the file size. Prior to this change if a file was uploaded in
chunked-encoding and its size was known it was possible that the upload
could end prematurely without sending the final few chunks. That would
result in a server hang waiting for the remaining data, likely followed
by a disconnect.

The scope of this bug is limited to some arbitrary file sizes which have
not been determined. One size that triggers the bug is 475020.


2017-10-26 14:34:46 -04:00
Daniel Stenberg 788d333573
timeval: make timediff_t also work on 32bit windows
... by using curl_off_t for the typedef if time_t is larger than 4

Reported-by: Gisle Vanem
Bug: b9d25f9a6b (co)
Closes #2019
2017-10-26 20:22:55 +02:00
Daniel Stenberg f0364f7e31
curl_fnmatch: return error on illegal wildcard pattern
... instead of doing an infinite loop!

Added test 1162 to verify.

Reported-by: Max Dymond
Fixes #2015
Closes #2017
2017-10-26 13:37:45 +02:00
Max Dymond 7b11c5dbe6
wildcards: don't use with non-supported protocols
Fixes timeouts in the fuzzing tests for non-FTP protocols.

Closes #2016
2017-10-26 13:34:45 +02:00
Max Dymond 3340b456a5 multi: allow table handle sizes to be overridden
Allow users to specify their own hash define for
CURL_CONNECTION_HASH_SIZE so that both values can be overridden.

Closes #1982
2017-10-25 18:50:02 +02:00
Daniel Stenberg 5d543fe906 time: rename Curl_tvnow to Curl_now
... since the 'tv' stood for timeval and this function does not return a
timeval struct anymore.

Also, cleaned up the Curl_timediff*() functions to avoid typecasts and
clean up the descriptive comments.

Closes #2011
2017-10-25 18:48:05 +02:00
Daniel Stenberg 1d72b5b891 ftplistparser: follow-up cleanup to remove PL_ERROR() 2017-10-25 18:45:14 +02:00
Max Dymond f786d1f143 ftplistparser: free off temporary memory always
When using the FTP list parser, ensure that the memory that's
allocated is always freed.

Detected by OSS-fuzz:
Closes #2013
2017-10-25 18:44:47 +02:00
Daniel Stenberg b9d25f9a6b timediff: return timediff_t from the time diff functions
... to cater for systems with unsigned time_t variables.

- Renamed the functions to curlx_timediff and Curl_timediff_us.

- Added overflow protection for both of them in either direction for
  both 32 bit and 64 bit time_ts

- Reprefixed the curlx_time functions to use Curl_*

Reported-by: Peter Piekarski
Fixes #2004
Closes #2005
2017-10-25 09:54:37 +02:00
Paul Howarth 016c6a6abb libtest: Add required test libraries for lib1552 and lib1553
They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too.

This fixes build failures on Fedora 13.

Closes #2006
2017-10-24 13:29:31 +02:00
Alessandro Ghedini 7408570bf0 libcurl-tutorial.3: fix typo
closes #2008
2017-10-24 13:27:41 +02:00
Alessandro Ghedini f6535791fa curl_mime_filedata.3: fix typos 2017-10-23 23:23:23 +01:00
Daniel Stenberg 6746f8aa97
RELEASE-NOTES: clean slate towards 7.57.0 2017-10-23 13:33:04 +02:00
Max Dymond 2de63ab179
travis: exit if any steps fail
We don't expect any steps to fail in travis. Exit the script if they do.

Closes #1966
2017-10-23 08:59:38 +02:00
Daniel Stenberg c514af5a4f
RELEASE-NOTES: 7.56.1 2017-10-23 07:51:20 +02:00
Daniel Stenberg adbfb42889
THANKS: update at 7.56.1 release time 2017-10-23 07:51:20 +02:00
Jon DeVree fdd879d549
mk-ca-bundle: Remove URL for aurora
Aurora is no longer used by Mozilla
2017-10-22 23:38:31 +02:00
Jon DeVree f571651a0d
mk-ca-bundle: Fix URL for NSS
The 'tip' is the most recent branch committed to, this should be
'default' like the URLs for the browser are.

Closes #1998
2017-10-22 23:38:23 +02:00
Daniel Stenberg 13c9a9ded3
imap: if a FETCH response has no size, don't call write callback

Reported-by: Brian Carpenter and 0xd34db347
Also detected by OSS-Fuzz:
2017-10-22 16:02:43 +02:00
Daniel Stenberg 769647e714
ftp: reject illegal IP/port in PASV 227 response
... by using range checks. Among other things, this avoids an undefined
behavior for a left shift that could happen on negative or very large

Closes #1997

Detected by OSS-fuzz:
2017-10-20 15:06:25 +02:00
Patrick Monnerat 8351ab4510 test653: check reuse of easy handle after mime data change
See issue #1999
2017-10-20 14:01:14 +01:00
Patrick Monnerat cea27d3454 mime: do not reuse previously computed multipart size
The contents might have changed: size must be recomputed.

Reported-by: moteus on github
Fixes #1999
2017-10-20 13:57:12 +01:00
Patrick Monnerat aeaa22de8e test308: disable if MultiSSL feature enabled
Even if OpenSSL is enabled, it might not be the default backend when
multi-ssl is enabled, causing the test to fail.
2017-10-19 20:16:05 +01:00
Patrick Monnerat 7363d5a928 runtests: support MultiSSL client feature 2017-10-19 20:15:21 +01:00
Patrick Monnerat 8aee8a6a2d vtls: change struct Curl_ssl `close' field name to `close_one'.
On OS/400, `close' is an ASCII system macro that corrupts the code if
not used in a context not targetting the close() system API.
2017-10-19 19:55:17 +01:00
Patrick Monnerat a4fc19eb4d os400: add missing symbols in config file.
Also adjust makefile to renamed files and warn about installation dirs mix-up.
2017-10-19 18:48:21 +01:00
Patrick Monnerat 34def509ef test652: curl_mime_data + base64 encoder with large contents 2017-10-19 18:37:19 +01:00
Patrick Monnerat a8742efe42 mime: limit bas64-encoded lines length to 76 characters 2017-10-19 18:33:27 +01:00
Daniel Stenberg 2509395ecf
RELEASE-NOTES: synced with f121575c0 2017-10-16 11:07:30 +02:00
Daniel Stenberg f121575c0b
setopt: range check most long options
... filter early instead of risking "funny values" having to be dealt
with elsewhere.
2017-10-16 09:23:33 +02:00
Daniel Stenberg 172ce9cc19
setopt: avoid integer overflows when setting millsecond values
... that are multiplied by 1000 when stored.

For 32 bit long systems, the max value accepted (2147483 seconds) is >
596 hours which is unlikely to ever be set by a legitimate application -
and previously it didn't work either, it just caused undefined behavior.

Also updated the man pages for these timeout options to mention the
return code.

Closes #1938
2017-10-16 09:23:19 +02:00
Viktor Szakats 4440b6ad57 makefile.m32: allow to override gcc, ar and ranlib
Allow to ovverride certain build tools, making it possible to
use LLVM/Clang to build curl. The default behavior is unchanged.
To build with clang (as offered by MSYS2), these settings can
be used:


2017-10-15 19:42:32 +00:00
Viktor Szakats 748f5301c0 ldap: silence clang warning
Use memset() to initialize a structure to avoid LLVM/Clang warning:
ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers]

2017-10-15 15:59:43 +00:00
Daniel Stenberg ed0b6b18f6
runtests: use valgrind for torture as well
NOTE: it makes them terribly slow. I recommend only using valgrind for
specific torture tests or using lots of patience.
2017-10-14 17:40:21 +02:00
Daniel Stenberg ad164eceb3
memdebug: trace send, recv and socket
... to allow them to be included in torture tests too.

closes #1980
2017-10-14 17:40:12 +02:00
Daniel Stenberg 4af3c777a9
configure: remove the C++ compiler check
... we used it only for the fuzzer, which we now have in a separate git

Closes #1990
2017-10-14 17:30:42 +02:00
Patrick Monnerat d7e4230538 mime: do not call failf() if easy handle is NULL. 2017-10-13 17:16:57 +01:00
Daniel Stenberg 10a659dbf6
test651: curl_formadd with huge COPYCONTENTS 2017-10-13 07:55:47 +02:00