1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 09:38:54 -05:00
Commit Graph

10543 Commits

Author SHA1 Message Date
Daniel Stenberg
07828b1c9d
quiche: improved error handling and memory cleanups 2019-08-07 08:39:39 +02:00
Daniel Stenberg
470551b7fc
quiche: flush egress in h3_stream_recv() too 2019-08-07 07:48:37 +02:00
Steve Holme
7c469fa537 sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixes #3653
Closes #3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186
2019-08-06 11:38:20 -04:00
Yiming Jing
9b5f2ad329
mesalink: implement client authentication
Closes #4184
2019-08-06 10:19:17 +02:00
Daniel Stenberg
02346abc32
curl_multi_poll: a sister to curl_multi_wait() that waits more
Repeatedly we see problems where using curl_multi_wait() is difficult or
just awkward because if it has no file descriptor to wait for
internally, it returns immediately and leaves it to the caller to wait
for a small amount of time in order to avoid occasional busy-looping.

This is often missed or misunderstood, leading to underperforming
applications.

This change introduces curl_multi_poll() as a replacement drop-in
function that accepts the exact same set of arguments. This function
works identically to curl_multi_wait() - EXCEPT - for the case when
there's nothing to wait for internally, as then this function will by
itself wait for a "suitable" short time before it returns. This
effectiely avoids all risks of busy-looping and should also make it less
likely that apps "over-wait".

This also changes the curl tool to use this funtion internally when
doing parallel transfers and changes curl_easy_perform() to use it
internally.

Closes #4163
2019-08-06 09:33:29 +02:00
Daniel Stenberg
cee7639b79
quiche:h3_stream_recv return 0 at end of stream
... and remove some verbose messages we don't need. Made transfers from
facebook.com work better.
2019-08-06 08:06:58 +02:00
Daniel Stenberg
92dc514c5b
altsvc: make quiche use h3-22 now 2019-08-06 07:39:27 +02:00
Daniel Stenberg
e9bbc81299
quiche: show the actual version number 2019-08-06 07:39:27 +02:00
Daniel Stenberg
dc35631ef7
quiche: first working HTTP/3 request
- enable debug log
 - fix use of quiche API
 - use download buffer
 - separate header/body

Closes #4193
2019-08-06 07:39:21 +02:00
Daniel Stenberg
a42b0957ab
http09: disable HTTP/0.9 by default in both tool and library
As the plan has been laid out in DEPRECATED. Update docs accordingly and
verify in test 1174. Now requires the option to be set to allow HTTP/0.9
responses.

Closes #4191
2019-08-06 00:08:14 +02:00
Daniel Stenberg
4173868f66
quiche: initial h3 request send/receive 2019-08-05 14:20:56 +02:00
Daniel Stenberg
47645f45da
lib/Makefile.am: make checksrc run in vquic too 2019-08-05 14:20:51 +02:00
Daniel Stenberg
182c272133
altsvc: fix removal of expired cache entry
Closes #4192
2019-08-05 14:18:46 +02:00
Steve Holme
850a295b41
md4: Use our own MD4 implementation when no crypto libraries are available
Closes #3780
2019-08-04 18:01:29 +01:00
Steve Holme
72e5fd83b2
md4: No need to include Curl_md4.h for each TLS library 2019-08-04 18:01:29 +01:00
Steve Holme
3d9685ee55
md4: No need for the NTLM code to call Curl_md4it() for each TLS library
As the NTLM code no longer calls any of TLS libraries' specific MD4
functions, there is no need to call this function for each #ifdef.
2019-08-04 18:01:28 +01:00
Steve Holme
2ff216f1b0
md4: Move the mbed TLS MD4 implementation out of the NTLM code 2019-08-04 18:01:28 +01:00
Steve Holme
c5eb2fd618
md4: Move the WinCrypt implementation out of the NTLM code 2019-08-04 18:01:27 +01:00
Steve Holme
11c50f7655
md4: Move the SecureTransport implementation out of the NTLM code 2019-08-04 18:01:27 +01:00
Steve Holme
24c298fb4d
md4: Use the Curl_md4it() function for OpenSSL based NTLM 2019-08-04 18:01:26 +01:00
Steve Holme
c89365929b
md4: Move the GNU TLS gcrypt MD4 implementation out of the NTLM code 2019-08-04 18:01:26 +01:00
Steve Holme
78e263676b
md4: Move the GNU TLS Nettle MD4 implementation out of the NTLM code 2019-08-04 18:01:25 +01:00
Jay Satiro
9a24f97711 OS400: Add CURLOPT_H3 symbols
Follow-up to 3af0e76 which added experimental H3 support.

Closes https://github.com/curl/curl/pull/4185
2019-08-04 11:04:51 -04:00
Daniel Stenberg
cc28a502bc
url: make use of new HTTP version if alt-svc has one 2019-08-03 21:55:51 +02:00
Daniel Stenberg
a9a2b26830
url: set conn->transport to default TCP at init time 2019-08-03 21:55:51 +02:00
Daniel Stenberg
0711153b46
altsvc: with quiche, use the quiche h3 alpn string
Closes #4183
2019-08-03 21:55:41 +02:00
Daniel Stenberg
1132f43012
alt-svc: more liberal ALPN name parsing
Allow pretty much anything to be part of the ALPN identifier. In
particular minus, which is used for "h3-20" (in-progress HTTP/3
versions) etc.

Updated test 356.
Closes #4182
2019-08-03 21:54:00 +02:00
Daniel Stenberg
decefd5778
quiche: use the proper HTTP/3 ALPN 2019-08-02 13:52:14 +02:00
Daniel Stenberg
fc5b61baf0
quiche: add failf() calls for two error cases
To aid debugging

Closes #4181
2019-08-02 13:52:07 +02:00
Kamil Dudka
4c187043c5 http_negotiate: improve handling of gss_init_sec_context() failures
If HTTPAUTH_GSSNEGOTIATE was used for a POST request and
gss_init_sec_context() failed, the POST request was sent
with empty body.  This commit also restores the original
behavior of `curl --fail --negotiate`, which was changed
by commit 6c60355323.

Add regression tests 2077 and 2078 to cover this.

Fixes #3992
Closes #4171
2019-08-01 16:21:41 +02:00
Daniel Stenberg
b1616dad8f
timediff: make it 64 bit (if possible) even with 32 bit time_t
... to make it hold microseconds too.

Fixes #4165
Closes #4168
2019-08-01 07:43:24 +02:00
Daniel Stenberg
b7d1264647
getenv: support up to 4K environment variable contents on windows
Reported-by: Michal Čaplygin
Fixes #4174
Closes #4175
2019-07-31 08:20:59 +02:00
lufia
84aba180e2
plan9: add support for running on Plan 9
Closes #3701
2019-07-31 00:23:25 +02:00
lufia
6cd5c35509
ntlm: explicit type casting 2019-07-31 00:22:16 +02:00
Daniel Stenberg
a55faf33d4
cleanup: remove the 'numsocks' argument used in many places
It was used (intended) to pass in the size of the 'socks' array that is
also passed to these functions, but was rarely actually checked/used and
the array is defined to a fixed size of MAX_SOCKSPEREASYHANDLE entries
that should be used instead.

Closes #4169
2019-07-30 23:16:44 +02:00
Daniel Stenberg
cb542ac4d0
readwrite_data: repair setting the TIMER_STARTTRANSFER stamp
Regression, broken in commit 65eb65fde6 (curl 7.64.1)

Reported-by: Jonathan Cardoso Machado
Assisted-by: Jay Satiro

Fixes #4136
Closes #4162
2019-07-30 23:07:56 +02:00
Daniel Stenberg
041690aadb
asyn-thread: removed unused variable
Follow-up to eb9a604f. Mistake caused by me when I edited the commit
before push...
2019-07-30 10:29:54 +02:00
amkatyal
eb9a604f8d
asyn-thread: create a socketpair to wait on
Closes #4157
2019-07-30 08:27:30 +02:00
Daniel Stenberg
d23e87d551
progress: reset download/uploaded counter
... to make CURLOPT_MAX_RECV_SPEED_LARGE and
CURLOPT_MAX_SEND_SPEED_LARGE work correctly on subsequent transfers that
reuse the same handle.

Fixed-by: Ironbars13 on github
Fixes #4084
Closes #4161
2019-07-29 22:31:30 +02:00
Daniel Stenberg
fc6045f5d1
http2_recv: trigger another read when the last data is returned
... so that end-of-stream is detected properly.

Reported-by: Tom van der Woerdt
Fixes #4043
Closes #4160
2019-07-29 22:16:27 +02:00
Balazs Kovacsics
802aa5ae27
HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
If using the read callback for HTTP_POST, and POSTFIELDSIZE is not set,
automatically add a Transfer-Encoding: chunked header, same as it is
already done for HTTP_PUT, HTTP_POST_FORM and HTTP_POST_MIME.  Update
test 1514 according to the new behaviour.

Closes #4138
2019-07-29 13:18:53 +02:00
Jay Satiro
78ed3abe11 easy: resize receive buffer on easy handle reset
- In curl_easy_reset attempt to resize the receive buffer to its default
  size. If realloc fails then continue using the previous size.

Prior to this change curl_easy_reset did not properly handle resetting
the receive buffer (data->state.buffer). It reset the variable holding
its size (data->set.buffer_size) to the default size (READBUFFER_SIZE)
but then did not actually resize the buffer. If a user resized the
buffer by using CURLOPT_BUFFERSIZE to set the size smaller than the
default, later called curl_easy_reset and attempted to reuse the handle
then a heap overflow would very likely occur during that handle's next
transfer.

Reported-by: Felix Hädicke

Fixes https://github.com/curl/curl/issues/4143
Closes https://github.com/curl/curl/pull/4145
2019-07-25 22:24:06 -04:00
Felix Hädicke
6261749510
ssh-libssh: do not specify O_APPEND when not in append mode
Specifying O_APPEND in conjunction with O_TRUNC and O_CREAT does not
make much sense. And this combination of flags is not accepted by all
SFTP servers (at least not Apache SSHD).

Fixes #4147
Closes #4148
2019-07-25 23:29:21 +02:00
Gergely Nagy
a55edcea65
multi: call detach_connection before Curl_disconnect
Curl_disconnect bails out if conn->easyq is not empty, detach_connection
needs to be called first to remove the current easy from the queue.

Fixes #4144
Closes #4151
2019-07-25 18:06:42 +02:00
Daniel Stenberg
3af0e76d1e
HTTP3: initial (experimental) support
USe configure --with-ngtcp2 or --with-quiche

Using either option will enable a HTTP3 build.
Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me>

Closes #3500
2019-07-21 23:49:03 +02:00
Daniel Stenberg
828392ae10
curl_version_info: provide nghttp2 details
Introducing CURLVERSION_SIXTH with nghttp2 info.

Closes #4121
2019-07-20 00:06:42 +02:00
Daniel Stenberg
ec3f6f1c36
source: remove names from source comments
Several reasons:

- we can't add everyone who's helping out so its unfair to just a few
selected ones.
- we already list all helpers in THANKS and in RELEASE-NOTES for each
release
- we don't want to give the impression that some parts of the code is
"owned" or "controlled" by specific persons

Assisted-by: Daniel Gustafsson
Closes #4129
2019-07-19 23:50:22 +02:00
Daniel Stenberg
27e14efe5f
progress: make the progress meter appear again
Fix regression caused by 21080e1

Reported-by: Chih-Hsuan Yen
Fixes #4122
Closes #4124
2019-07-19 11:29:27 +02:00
Daniel Gustafsson
e5b371dc51 nss: inspect returnvalue of token check
PK11_IsPresent() checks for the token for the given slot is available,
and sets needlogin flags for the PK11_Authenticate() call.  Should it
return false, we should however treat it as an error and bail out.

Closes https://github.com/curl/curl/pull/4110
2019-07-17 00:52:24 -04:00
Jay Satiro
e8442e4ffc libcurl: Restrict redirect schemes (follow-up)
- Allow FTPS on redirect.

- Update default allowed redirect protocols in documentation.

Follow-up to 6080ea0.

Ref: https://github.com/curl/curl/pull/4094

Closes https://github.com/curl/curl/pull/4115
2019-07-17 00:48:40 -04:00