1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00
Commit Graph

9458 Commits

Author SHA1 Message Date
Johannes Schindelin
c0cdc68c7e gtls: fix build when sizeof(long) < sizeof(void *)
- Change gnutls pointer/int macros to pointer/curl_socket_t.
  Prior to this change they used long type as well.

The size of the `long` data type can be shorter than that of pointer
types. This is the case most notably on Windows.

If C99 were acceptable, we could simply use `intptr_t` here. But we
want to retain C89 compatibility.

Simply use the trick of performing pointer arithmetic with the NULL
pointer: to convert an integer `i` to a pointer, simply take the
address of the `i`th element of a hypothetical character array
starting at address NULL. To convert back, simply cast the pointer
difference.

Thanks to Jay Satiro for the initial modification to use curl_socket_t
instead of int/long.

Closes #1617

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-07-03 15:45:25 +02:00
Max Dymond
c98e97e9c3 http2: handle PING frames
Add a connection check function to HTTP2 based off RTSP. This causes
PINGs to be handled the next time the connection is reused.

Closes #1521
2017-06-30 10:27:41 +02:00
Max Dymond
c75f63d7c4 handler: refactor connection checking
Add a new type of callback to Curl_handler which performs checks on
the connection. Alter RTSP so that it uses this callback to do its
own check on connection health.
2017-06-30 10:17:27 +02:00
dmitrykos
192877058e openssl: improve fallback seed of PRNG with a time based hash
Fixes #1620
2017-06-30 09:21:03 +02:00
Ryan Winograd
f8f040e659 progress: prevent resetting t_starttransfer
Prevent `Curl_pgrsTime` from modifying `t_starttransfer` when invoked
with `TIMER_STARTTRANSFER` more than once during a single request.

When a redirect occurs, this is considered a new request and
`t_starttransfer` can be updated to reflect the `t_starttransfer` time
of the redirect request.

Closes #1616

Bug: https://github.com/curl/curl/pull/1602#issuecomment-310267370
2017-06-30 09:05:53 +02:00
Kamil Dudka
8924f58c37 CURLOPT_SOCKS5_AUTH: allowed methods for SOCKS5 proxy auth
If libcurl was built with GSS-API support, it unconditionally advertised
GSS-API authentication while connecting to a SOCKS5 proxy.  This caused
problems in environments with improperly configured Kerberos: a stock
libcurl failed to connect, despite libcurl built without GSS-API
connected fine using username and password.

This commit introduces the CURLOPT_SOCKS5_AUTH option to control the
allowed methods for SOCKS5 authentication at run time.

Note that a new option was preferred over reusing CURLOPT_PROXYAUTH
for compatibility reasons because the set of authentication methods
allowed by default was different for HTTP and SOCKS5 proxies.

Bug: https://curl.haxx.se/mail/lib-2017-01/0005.html
Closes https://github.com/curl/curl/pull/1454
2017-06-28 08:02:58 +02:00
Kamil Dudka
cd1c9f0807 socks: deduplicate the code for auth request 2017-06-28 07:48:34 +02:00
Kamil Dudka
641072b919 socks: use proxy_user instead of proxy_name
... to make it obvious what the data is used for
2017-06-28 07:48:34 +02:00
Daniel Stenberg
cfe3c08f69 progress: progress.timespent needs to be us
follow-up to 64ed44a815 to fix test 500 failures
2017-06-24 21:14:50 +02:00
Daniel Stenberg
64ed44a815 progress: fix "time spent", broke in adef394ac 2017-06-24 01:18:21 +02:00
Daniel Stenberg
9b167fd090 --request-target: instead of --strip-path-slash
... and CURLOPT_REQUEST_TARGET instead of CURLOPT_STRIP_PATH_SLASH.

This option instead provides the full "alternative" target to use in the
request, instead of extracting the path from the URL.

Test 1298 and 1299 updated accordingly.

Idea-by: Evert Pot
Suggestion: https://daniel.haxx.se/blog/2017/06/19/options-with-curl/comment-page-1/#comment-18373

Closes #1593
2017-06-21 23:39:10 +02:00
Gisle Vanem
60c655ac07 lib: fix the djgpp build
Bug: 73a2fcea0b (commitcomment-22655993)
2017-06-21 07:46:21 +02:00
Marcel Raad
651e04c4c8
if2ip: fix compiler warning in ISO C90 mode
remote_scope_id is only used when both HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
and ENABLE_IPV6 are defined instead of only one of them.
2017-06-20 22:33:56 +02:00
Daniel Stenberg
b778ae4c5e http: add --strip-path-slash and CURLOPT_STRIP_PATH_SLASH
... to enable sending "OPTIONS *" which wasn't possible previously.

This option currently only works for HTTP.

Added test cases 1298 + 1299 to verify

Fixes #1280
Closes #1462
2017-06-19 16:39:22 +02:00
Daniel Stenberg
3b80d3ca46 getinfo: return sizes as curl_off_t
This change introduces new alternatives for the existing six
curl_easy_getinfo() options that return sizes or speeds as doubles. The
new versions are named like the old ones but with an appended '_T':

CURLINFO_CONTENT_LENGTH_DOWNLOAD_T
CURLINFO_CONTENT_LENGTH_UPLOAD_T
CURLINFO_SIZE_DOWNLOAD_T
CURLINFO_SIZE_UPLOAD_T
CURLINFO_SPEED_DOWNLOAD_T
CURLINFO_SPEED_UPLOAD_T

Closes #1511
2017-06-19 09:27:42 +02:00
Daniel Stenberg
6208547002 PIPELINING_SERVER_BL: cleanup the internal list use
The list was freed incorrectly since the llist refactor of
cbae73e1dd. Added test 1550 to verify that it works and avoid future
regressions.

Reported-by: Pascal Terjan

Fixes #1584
Closes #1585
2017-06-19 09:14:49 +02:00
Daniel Stenberg
65ca030513 http2: fix OOM crash
torture mode with test 1021 found it
2017-06-18 23:57:45 +02:00
Marcel Raad
edafd52be1
http_proxy: fix build with http and proxy
After deff7de0eb, the build without
CURL_DISABLE_PROXY and CURL_DISABLE_HTTP was failing because of missing
includes.
2017-06-18 15:18:15 +02:00
Marcel Raad
deff7de0eb
http_proxy: fix compiler warning
With CURL_DISABLE_PROXY or CURL_DISABLE_HTTP, GCC complained about a
missing prototype for Curl_connect_free.
2017-06-18 12:53:54 +02:00
Marcel Raad
ce2cc568f8
Makefile.m32: enable -W for MinGW32 build
The configure-based build also has this in addition to -Wall.

Closes https://github.com/curl/curl/pull/1578
2017-06-16 22:32:22 +02:00
Daniel Stenberg
01811b6740 http-proxy: fix chunked-encoded CONNECT responses
Regression since 5113ad0424.

... and remove 'flaky' from test 1061 again

Closes #1579
2017-06-16 21:56:56 +02:00
Daniel Stenberg
12ccaed2a5 http-proxy: deal with EAGAIN
... the previous code would reset the header length wrongly (since
5113ad0424). This makes test 1060 reliable again.

Also: make sws send even smaller chunks of data to increase the
likeliness of this happening.
2017-06-16 17:22:32 +02:00
Jay Satiro
17c5d05285 HTTPS-Proxy: don't offer h2 for https proxy connections
Bug: https://github.com/curl/curl/issues/1254

Closes #1546
2017-06-16 12:16:41 +02:00
Jay Satiro
2a733d6418 url: refactor the check for Windows drive letter in path
- Move the logic to detect a Windows drive letter prefix
  (eg c: in c:foo) into a function-like macro.

Closes https://github.com/curl/curl/pull/1571
2017-06-16 03:03:25 -04:00
Jay Satiro
ec92afc3f4 mk-ca-bundle.pl: Check curl's exit code after certdata download
- No longer allow partial downloads of certdata.

Prior to this change partial downloads were (erroneously?) allowed since
only the server code was checked to be 200.

Bug: https://github.com/curl/curl/pull/1577
Reported-by: Matteo B.
2017-06-16 01:58:23 -04:00
Daniel Stenberg
0d39e5cc95 http-proxy: fix build with --disable-proxy or --disable-http
Reported-by: Dan Fandrich
2017-06-16 00:02:57 +02:00
Daniel Stenberg
efc83d6d54 http-proxy: only attempt FTP over HTTP proxy
... all other non-HTTP protocol schemes are now defaulting to "tunnel
trough" mode if a HTTP proxy is specified. In reality there are no HTTP
proxies out there that allow those other schemes.

Assisted-by: Ray Satiro, Michael Kaufmann

Closes #1505
2017-06-15 13:46:48 +02:00
Daniel Stenberg
7d7346519d curl_setup.h: error out on CURL_WANTS_CA_BUNDLE_ENV use
... to make it really apparent if there's any user using this on purpose.

Suggested-by: Jay Satiro

Closes #1542
2017-06-15 11:11:39 +02:00
Daniel Stenberg
c2aeb1b3ba lib/curl_setup.h: remove CURL_WANTS_CA_BUNDLE_ENV
When this define was set, libcurl would check the environment variable
named CURL_CA_BUNDLE at run-time and use that CA cert bundle. This
feature was only defined by the watcom and m32 makefiles and caused
inconsistent behaviours among libcurls built on different platforms.

The curl tool does already feature its own similar logic and the library
does not really need it, and it isn't documented libcurl behavior. So
this change removes it.

Ref: #1538
2017-06-15 11:11:15 +02:00
Daniel Stenberg
5113ad0424 http-proxy: do the HTTP CONNECT process entirely non-blocking
Mentioned as a problem since 2007 (8f87c15bda) and of course it
existed even before that.

Closes #1547
2017-06-14 23:43:52 +02:00
Daniel Stenberg
1213baba27 progress: let "current speed" be UL + DL speeds combined
Bug #1556
Reported-by: Paul Harris
Closes #1559
2017-06-14 23:30:54 +02:00
Daniel Stenberg
adef394ac5 timers: store internal time stamps as time_t instead of doubles
This gives us accurate precision and it allows us to avoid storing "no
time" for systems with too low timer resolution as we then bump the time
up to 1 microsecond. Should fix test 573 on windows.

Remove the now unused curlx_tvdiff_secs() function.

Maintains the external getinfo() API with using doubles.

Fixes #1531
2017-06-14 15:46:39 +01:00
Daniel Stenberg
73a2fcea0b includes: remove curl/curlbuild.h and curl/curlrules.h
Rely entirely on curl/system.h now.

Introduced in Aug 2008 with commit 14240e9e10. Now gone.

Fixes #1456
2017-06-14 11:07:33 +02:00
Stuart Henderson
9f54ad8f15 libressl: OCSP and intermediate certs workaround no longer needed
lib/vtls/openssl.c has a workaround for a bug with OCSP responses signed
by intermediate certs, this was fixed in LibreSSL in
912c64f68f

Bug: https://curl.haxx.se/mail/lib-2017-06/0038.html
2017-06-13 12:28:22 +02:00
Daniel Stenberg
5d7952f52e url: fix buffer overwrite with file protocol (CVE-2017-9502)
Bug: https://github.com/curl/curl/issues/1540
Advisory: https://curl.haxx.se/docs/adv_20170614.html

Assisted-by: Ray Satiro
Reported-by: Marcel Raad
2017-06-13 09:34:20 +02:00
Daniel Stenberg
844896d064 setopt: check CURLOPT_ADDRESS_SCOPE option range
... and return error instead of triggering an assert() when being way
out of range.
2017-06-09 01:01:55 +02:00
Daniel Stenberg
6c59074528 asyn-ares: s/Curl_expire_latest/Curl_expire 2017-06-08 11:06:19 +02:00
Daniel Stenberg
7fffe97b78 expire: remove Curl_expire_latest()
With the introduction of expire IDs and the fact that existing timers
can be removed now and thus never expire, the concept with adding a
"latest" timer is not working anymore as it risks to not expire at all.

So, to be certain the timers actually are in line and will expire, the
plain Curl_expire() needs to be used. The _latest() function was added
as a sort of shortcut in the past that's quite simply not necessary
anymore.

Follow-up to 31b39c40cf

Reported-by: Paul Harris

Closes #1555
2017-06-08 10:50:47 +02:00
Daniel Stenberg
68c6dcb2cb file: make speedcheck use current time for checks
... as it would previously just get the "now" timestamp before the
transfer starts and then not update it again.

Closes #1550
2017-06-07 23:01:09 +02:00
Daniel Stenberg
cccac4fb2b test1521: test *all* curl_easy_setopt options
mk-lib1521.pl generates a test program (lib1521.c) that calls
curl_easy_setopt() for every known option with a few typical values to
make sure they work (ignoring the return codes).

Some small changes were necessary to avoid asserts and NULL accesses
when doing this.

The perl script needs to be manually rerun when we add new options.

Closes #1543
2017-06-05 14:25:18 +02:00
Marcel Raad
7960442730
curl_ntlm_core: use Curl_raw_toupper instead of toupper
This was the only remaining use of toupper in the entire source code.

Suggested-by: Daniel Stenberg
2017-06-05 00:27:29 +02:00
Marcel Raad
892c5e4cb3
curl_ntlm_core: pass unsigned char to toupper
Otherwise, clang on Cygwin64 warns:
curl_ntlm_core.c:525:35: error: array subscript is of type 'char'
[-Werror,-Wchar-subscripts]
    dest[2 * i] = (unsigned char)(toupper(src[i]));
                                  ^~~~~~~~~~~~~~~
/usr/include/ctype.h:152:25: note: expanded from macro 'toupper'
      (void) __CTYPE_PTR[__x]; (toupper) (__x);})
                        ^~~~
2017-06-04 16:46:03 +02:00
Marcel Raad
15136a5268
x509asn1: fix implicit-fallthrough warning with GCC 7 2017-06-03 20:10:52 +02:00
Marcel Raad
f8518059ce
curl_sasl: fix unused-variable warning
This fixes the following warning with CURL_DISABLE_CRYPTO_AUTH,
as seen in the autobuilds:

curl_sasl.c:417:9: warning: unused variable 'serverdata'
[-Wunused-variable]
2017-06-03 11:59:38 +02:00
Marcel Raad
7207affe28
cyassl: define build macros before including ssl.h
cyassl/ssl.h needs the macros from cyassl/options.h, so define them
before including cyassl/ssl.h the first time, which happens in
urldata.h.
This broke the build on Ubuntu Xenial, which comes with WolfSSL 3.4.8
and therefore redefines the symbols from cyassl/options.h instead of
including the header.

Closes https://github.com/curl/curl/pull/1536
2017-06-03 00:39:46 +02:00
Daniel Stenberg
cfd3e8f399 dedotdot: fixed output for ".." and "." only input
Found when updating test 1395, which I did to increase test coverage of
this source file...

Closes #1535
2017-06-03 00:11:51 +02:00
Marcel Raad
10e02bc36a
mbedtls: make TU-local variable static
mbedtls_x509_crt_profile_fr is only used locally.
This fixes a missing-variable-declarations warning with clang.
2017-06-02 22:05:01 +02:00
Marcel Raad
769890c7e2
MD(4|5): silence cast-align clang warning
Unaligned access is on purpose here and the warning is harmless on
affected architectures. GCC knows that, while clang warns on all
architectures.
2017-06-02 21:58:48 +02:00
Daniel Stenberg
4ba20a5119 curl_endian: remove unused functions
Closes #1529
2017-06-02 13:30:41 +02:00
Daniel Stenberg
f6e0f4556e build: provide easy code coverage measuring
Closes #1528
2017-06-02 13:15:06 +02:00
Daniel Stenberg
e54db1b053 transfer: init the infilesize from the postfields...
... with a strlen() if no size was set, and do this in the pretransfer
function so that the info is set early. Otherwise, the default strlen()
done on the POSTFIELDS data never sets state.infilesize.

Reported-by: Vincas Razma
Bug: #1294
2017-05-30 11:39:42 +02:00
Jay Satiro
35e9281ef8 mbedtls: fix variable shadow warning
vtls/mbedtls.c:804:69: warning: declaration of 'entropy' shadows a global declaration [-Wshadow]
 CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
                                                                     ^~~~~~~
2017-05-29 17:38:33 -04:00
Daniel Stenberg
59cc0234e5 ssh: fix 'left' may be used uninitialized
follow-up to f31760e63b

Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/pull/1495#issuecomment-303982793
2017-05-25 13:02:29 +02:00
Michael Kaufmann
8ab22a7453 time: fix type conversions and compiler warnings
Fix bugs and compiler warnings on systems with 32-bit long and
64-bit time_t.

Reviewed-by: Daniel Stenberg

Closes #1499
2017-05-24 22:56:22 +02:00
Daniel Stenberg
bba59073c5 redirect: store the "would redirect to" URL when max redirs is reached
Test 1261 added to verify.

Reported-by: Lloyd Fournier

Fixes #1489
Closes #1497
2017-05-23 23:27:58 +02:00
Sergei Nikulov
48f2a96a60 LDAP: fixed checksrc issue 2017-05-24 00:14:13 +03:00
Sergei Nikulov
f0fe66f13c LDAP: using ldap_bind_s on Windows with methods (#878)
* LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG)

* ldap: updated per build options handling

* ldap: fixed logic for auth selection
2017-05-23 22:45:39 +03:00
Akhil Kedia
b4d6b99445 cmake: fix build on Ubuntu 14.04
Fixed a syntax error with setting cache variables (The type and
docstring were missing), resulting in build errors.  Quoted the
CURL_CA_PATH and CURL_CA_BUNDLE otherwise the path was written without
quotes in C code, resulting in build errors.

Closes #1503

Signed-off-by: Akhil <akhil.kedia@samsung.com>
2017-05-23 10:07:08 +02:00
Daniel Stenberg
a1b3a95c96 url: fix declaration of 'pipe' shadows a global declaration
follow-up to 4cdb1be824
2017-05-23 07:41:52 +02:00
Kamil Dudka
945919db5b memdebug: fix compilation failure
.... caused by a typo in the last commit (fixing issue #1504):

memdebug.c: In function ‘curl_fclose’:
memdebug.c:444:3: error: implicit declaration of function
‘DEBUGDEBUGASSERT’ [-Werror=implicit-function-declaration]
2017-05-22 19:03:16 +02:00
Daniel Stenberg
8589e1fe30 assert: avoid, use DEBUGASSERT instead!
... as it does extra checks to actually work.

Reported-by: jonrumsey at github
Fixes #1504
2017-05-22 13:59:29 +02:00
Simon Warta
5606fcc657 cmake: Add CURL_CA_FALLBACK to curl_config.h.cmake
This is for symmetry with the autoconf generated curl_config.h.in
2017-05-21 23:19:05 +02:00
Daniel Stenberg
f31760e63b ssh: ignore timeouts during disconnect
... as otherwise it risks not cleaning up the libssh2 handle properly
which leads to memory leak!

Assisted-by: Joel Depooter

Closes #1495
Closes #1479

Bug: https://curl.haxx.se/mail/lib-2017-04/0024.html
2017-05-20 11:22:20 +02:00
Nick Zitzmann
c58063b4f8 darwinssl: Fix exception when processing a client-side certificate file
if no error was raised by the API but the SecIdentityRef was null

Fixes #1450
2017-05-16 19:21:12 -05:00
Daniel Stenberg
32c27f9e98 curl_sasl: fix build error with CURL_DISABLE_CRYPTO_AUTH + USE_NTLM
Reported-by: wyattoday at github
Fixes #1487
2017-05-16 16:13:03 +02:00
eb16305e6a SecureTransport/DarwinSSL: Implement public key pinning
Closes #1400
2017-05-15 22:54:33 +02:00
Dan Fandrich
d836c9fee4 url.c: add a compile-time check that CURL_MAX_WRITE_SIZE is large enough
Some code (e.g. Curl_fillreadbuffer) assumes that this buffer is not
exceedingly tiny and will break if it is. This same check is already
done at run time in the CURLOPT_BUFFERSIZE option.
2017-05-13 23:21:27 +02:00
Daniel Stenberg
d6c74ff663 multi: remove leftover debug infof() calls from e9fd794a6 2017-05-12 17:19:30 +02:00
Daniel Stenberg
4cdb1be824 pipeline: fix mistakenly trying to pipeline POSTs
The function IsPipeliningPossible() would return TRUE if either
pipelining OR HTTP/2 were possible on a connection, which would lead to
it returning TRUE even for POSTs on HTTP/1 connections.

It now returns a bitmask so that the caller can differentiate which kind
the connection allows.

Fixes #1481
Closes #1483
Reported-by: stootill at github
2017-05-12 17:01:02 +02:00
Ron Eldor
bc3866e3eb mbedtls: Support server renegotiation request
Tested with servers: IIS 7.5; OpenSSL 1.0.2.

Closes https://github.com/curl/curl/pull/1475
2017-05-12 01:39:10 -04:00
Marcel Raad
b875250e32
formdata: fix -Wcomma warning
clang 5.0 complains:
possible misuse of comma operator here [-Wcomma]

Change the comma to a semicolon to fix that.
2017-05-11 10:04:01 +02:00
Daniel Stenberg
31b39c40cf multi: use a fixed array of timers instead of malloc
... since the total amount is low this is faster, easier and reduces
memory overhead.

Also, Curl_expire_done() can now mark an expire timeout as done so that
it never times out.

Closes #1472
2017-05-10 12:55:36 +02:00
Daniel Stenberg
e9fd794a61 multi: assign IDs to all timers and make each timer singleton
A) reduces the timeout lists drastically

 B) prevents a lot of superfluous loops for timers that expires "in vain"
    when it has actually already been extended to fire later on
2017-05-10 11:02:47 +02:00
Daniel Stenberg
158d701641 formboundary: convert assert into run-time check
... to really make sure the boundary fits in the target buffer.

Fixes unused parameter 'buflen' warning.

Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/pull/1468#issuecomment-300078754
2017-05-09 09:08:25 +02:00
Jay Satiro
1cafede9f2 rand: treat fake entropy the same regardless of endianness
When the random seed is purposely made predictable for testing purposes
by using the CURL_ENTROPY environment variable, process that data in an
endian agnostic way so the the initial random seed is the same
regardless of endianness.

- Change Curl_rand to write to a char array instead of int array.

- Add Curl_rand_hex to write random hex characters to a buffer.

Fixes #1315
Closes #1468

Co-authored-by: Daniel Stenberg
Reported-by: Michael Kaufmann
2017-05-08 23:24:29 +02:00
Marcel Raad
ea1b864786
asyn-thread: fix unused macro warnings
Don't do anything in this file if CURLRES_THREADED is not defined.
2017-05-07 19:02:34 +02:00
Marcel Raad
3661c8aeb0
tftp: silence bad-function-cast warning
The cases this warns about are handled elsewhere, so just use an
intermediate variable to silence the warning.
2017-05-07 16:26:19 +02:00
Dan Fandrich
07fd7871b3 schannel: return a more specific error code for SEC_E_UNTRUSTED_ROOT 2017-05-04 18:19:33 +02:00
Marcel Raad
a51ca050fc
curl_setup_once: use SEND_QUAL_ARG2 for swrite
SEND_QUAL_ARG2 had to be set, but was never used. Use it in swrite to
avoid warnings about casting away low-level const.

Closes https://github.com/curl/curl/pull/1464
2017-05-04 09:23:00 +02:00
Marcel Raad
cee39aa3be
lib: fix compiler warnings
Fix the following warnings when building the tests by using the correct
types:
cast from 'const char *' to 'void *' drops const qualifier
[-Wcast-qual]
implicit conversion changes signedness [-Wsign-conversion]
2017-05-03 20:11:13 +02:00
Richard Hsu
862b02f894 Telnet: Write full buffer instead of byte-by-byte
Previous TODO wanting to write in chunks. We should support writing more
at once since some TELNET servers may respond immediately upon first
byte written such as WHOIS servers.

Closes #1389
2017-05-02 23:23:39 +02:00
Dan Fandrich
6943085b50 gtls: fixed a lingering BUFSIZE reference 2017-05-02 09:14:26 +02:00
Daniel Stenberg
eab6732fde ssh: fix compiler warning from e40e9d7f0d 2017-05-02 08:32:04 +02:00
Daniel Stenberg
4858c451ee url: let CURLOPT_BUFFERSIZE realloc to smaller sizes too
Closes #1449
2017-05-02 00:04:52 +02:00
Daniel Stenberg
e3ed5cb380 BUFSIZE: rename to READBUFFER_*, make separate MASTERBUF_SIZE 2017-05-01 22:55:29 +02:00
Daniel Stenberg
799c7048dc openssl: use local stack for temp storage 2017-05-01 22:55:29 +02:00
Daniel Stenberg
7ee52c25f3 sendf: remove use of BUFSIZE from debug data conversions
The buffer can have other sizes.
2017-05-01 22:55:29 +02:00
Daniel Stenberg
e40e9d7f0d buffer: use data->set.buffer_size instead of BUFSIZE
... to properly use the dynamically set buffer size!
2017-05-01 22:55:29 +02:00
Daniel Stenberg
c79f4908d4 krb5: use private buffer for temp string, not receive buffer 2017-05-01 22:55:29 +02:00
Daniel Stenberg
89cf6f38d2 upload: UPLOAD_BUFSIZE is now for the upload buffer 2017-05-01 22:55:29 +02:00
Daniel Stenberg
0cab3a394a http-proxy: use a dedicated CONNECT response buffer
To make it suitably independent of the receive buffer and its flexible
size.
2017-05-01 22:55:29 +02:00
Daniel Stenberg
40a074f255 transfer: fix minor buffer_size mistake 2017-05-01 22:55:29 +02:00
Daniel Stenberg
f2fadf490f failf: use private buffer, don't clobber receive buffer 2017-05-01 22:55:29 +02:00
Daniel Stenberg
b8191e975f pingpong: use the set buffer size 2017-05-01 22:55:29 +02:00
Daniel Stenberg
504eafff86 http2: use the correct set buffer size 2017-05-01 22:55:29 +02:00
Daniel Stenberg
87eb8d5b30 http: don't clobber the receive buffer for timecond 2017-05-01 22:55:29 +02:00
Daniel Stenberg
f535f4f5fc buffer_size: make sure it always has the correct size
Removes the need for CURL_BUFSIZE
2017-05-01 22:55:29 +02:00
Daniel Stenberg
7c312f84ea file: use private buffer for C-L output
... instead of clobbering the download buffer.
2017-05-01 22:55:29 +02:00
Daniel Stenberg
c2ddc12d60 CURLOPT_BUFFERSIZE: 1024 bytes is now the minimum size
The buffer is needed to receive FTP, HTTP CONNECT responses etc so
already at this size things risk breaking and smaller is certainly not
wise.
2017-05-01 22:55:29 +02:00
Daniel Stenberg
349789e645 ftp: use private buffer for temp storage, not receive buffer 2017-05-01 22:55:29 +02:00
Daniel Stenberg
94460878cc http: use private user:password output buffer
Don't clobber the receive buffer.
2017-05-01 22:55:29 +02:00
Jay Satiro
499a7288fe curl_setup: Ensure no more than one IDN lib is enabled
Prior to this change it was possible for libcurl to be built with both
Windows' native IDN lib (normaliz) and libidn2 enabled. It appears that
doesn't offer any benefit --and could cause a bug-- since libcurl's IDN
handling is written to use either one but not both.

Bug: https://github.com/curl/curl/issues/1441#issuecomment-297689856
Reported-by: Gisle Vanem
2017-05-01 14:48:34 -04:00
Marcel Raad
dc9e4859bb
http2: declare TU-local variables static
This fixes the following clang warnings:

http2.c:184:27: error: no previous extern declaration for non-static
variable 'Curl_handler_http2' [-Werror,-Wmissing-variable-declarations]
http2.c:204:27: error: no previous extern declaration for non-static
variable 'Curl_handler_http2_ssl'
[-Werror,-Wmissing-variable-declarations]
2017-04-30 22:33:33 +02:00
Marcel Raad
65c6caacae
curl_rtmp: fix missing-variable-declarations warnings
clang complains:

curl_rtmp.c:61:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmp' [-Werror,-Wmissing-variable-declarations]
curl_rtmp.c:81:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpt' [-Werror,-Wmissing-variable-declarations]
curl_rtmp.c:101:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpe' [-Werror,-Wmissing-variable-declarations]
curl_rtmp.c:121:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpte' [-Werror,-Wmissing-variable-declarations]
curl_rtmp.c:141:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmps' [-Werror,-Wmissing-variable-declarations]
curl_rtmp.c:161:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpts' [-Werror,-Wmissing-variable-declarations]

Fix this by including the header file.
2017-04-29 19:17:51 +02:00
Dan Fandrich
12e7a8c3d6 url: fixed a memory leak on OOM while setting CURLOPT_BUFFERSIZE 2017-04-29 18:52:51 +02:00
Dan Fandrich
63503a969f http-proxy: removed unused argument in CURL_DISABLE_PROXY case
Missed in commit 55c3c02e
2017-04-27 11:42:04 +02:00
Marcel Raad
b851421642
lib: remove unused code
This fixes the following clang warnings:
macro is not used [-Wunused-macros]
will never be executed [-Wunreachable-code]

Closes https://github.com/curl/curl/pull/1448
2017-04-26 10:01:53 +02:00
Daniel Stenberg
55c3c02e59 http-proxy: remove unused argument from Curl_proxyCONNECT() 2017-04-26 00:34:22 +02:00
Martin Kepplinger
fb67c977b9 url: declare get_protocol_family() static
get_protocol_family() is not defined static even though there is a
static local forward declaration. Let's simply make the definition match
it's declaration.

Bug: https://curl.haxx.se/mail/lib-2017-04/0127.html
2017-04-26 00:02:51 +02:00
Kamil Dudka
e3e8d0204b nss: load libnssckbi.so if no other trust is specified
The module contains a more comprehensive set of trust information than
supported by nss-pem, because libnssckbi.so also includes information
about distrusted certificates.

Reviewed-by: Kai Engert
Closes #1414
2017-04-25 13:24:24 +02:00
Kamil Dudka
fab3d1ec65 nss: factorize out nss_{un,}load_module to separate fncs
No change of behavior is intended by this commit.
2017-04-25 13:22:37 +02:00
Kamil Dudka
c8ea86f377 nss: do not leak PKCS #11 slot while loading a key
It could prevent nss-pem from being unloaded later on.

Bug: https://bugzilla.redhat.com/1444860
2017-04-25 13:22:33 +02:00
Daniel Stenberg
e698b82287 transfer: remove 'uploadbuf' pointer and cleanup readwrite_upload()
The data->req.uploadbuf struct member served no good purpose, instead we
use ->state.uploadbuffer directly. It makes it clearer in the code which
buffer that's being used.

Removed the 'SingleRequest *' argument from the readwrite_upload() proto
as it can be derived from the Curl_easy struct. Also made the code in
the readwrite_upload() function use the 'k->' shortcut to all references
to struct fields in 'data->req', which previously was made with a mix of
both.
2017-04-25 10:55:35 +02:00
Marcel Raad
93567071b7
if2ip: fix -Wcast-align warning
Follow-up to 119037325d, which fixed the
warning in the HAVE_GETIFADDRS block, but not in the
HAVE_IOCTL_SIOCGIFADDR block.
2017-04-25 09:19:59 +02:00
Kamil Dudka
c8ac0b6a7f nss: adapt to the new Curl_llist API
This commit fixes compilation failure caused by
cbae73e1dd.
2017-04-24 17:50:27 +02:00
Daniel Stenberg
d87bd46cbf llist: fix a comment after cbae73e1dd
Pointed-it-by: Kevin Ji
URL: cbae73e1dd (commitcomment-21872622)
2017-04-24 00:54:04 +02:00
Jay Satiro
6b39f9c87e schannel: Don't treat encrypted partial record as pending data
- Track when the cached encrypted data contains only a partial record
  that can't be decrypted without more data (SEC_E_INCOMPLETE_MESSAGE).

- Change Curl_schannel_data_pending to return false in such a case.

Other SSL libraries have pending data functions that behave similarly.

Ref: https://github.com/curl/curl/pull/1387

Closes https://github.com/curl/curl/pull/1392
2017-04-22 22:39:40 -04:00
Alan Jenkins
be299a4dba multi: clarify condition in curl_multi_wait
`if(nfds || extra_nfds) {` is followed by `malloc(nfds * ...)`.

If `extra_fs` could be non-zero when `nfds` was zero, then we have
`malloc(0)` which is allowed to return `NULL`. But, malloc returning
NULL can be confusing. In this code, the next line would treat the NULL
as an allocation failure.

It turns out, if `nfds` is zero then `extra_nfds` must also be zero.
The final value of `nfds` includes `extra_nfds`.  So the test for
`extra_nfds` is redundant.  It can only confuse the reader.

Closes #1439
2017-04-22 22:35:46 +02:00
Marcel Raad
4a8cf6c404
lib: fix maybe-uninitialized warnings
With -Og, GCC complains:

easy.c:628:7: error: ‘mcode’ may be used uninitialized in this function [-Werror=maybe-uninitialized]

../lib/strcase.h:35:29: error: ‘tok_buf’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
vauth/digest.c:208:9: note: ‘tok_buf’ was declared here

../lib/strcase.h:35:29: error: ‘tok_buf’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
vauth/digest.c:566:15: note: ‘tok_buf’ was declared here

Fix this by initializing the variables.
2017-04-22 22:12:37 +02:00
Dan Fandrich
f761da76f6 gnutls: removed some code when --disable-verbose is configured
This reduces the binary size and fixes a compile warning.
2017-04-22 12:20:25 +02:00
Daniel Stenberg
cbae73e1dd llist: no longer uses malloc
The 'list element' struct now has to be within the data that is being
added to the list. Removes 16.6% (tiny) mallocs from a simple HTTP
transfer. (96 => 80)

Also removed return codes since the llist functions can't fail now.

Test 1300 updated accordingly.

Closes #1435
2017-04-22 11:25:27 +02:00
Dan Fandrich
5f830eaba0 mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable
In that case, use libcurl's internal MD4 routine. This fixes tests 1013
and 1014 which were failing due to configure assuming NTLM and SMB were
always available whenever mbed TLS was in use (which is now true).
2017-04-21 22:42:14 +02:00
Daniel Stenberg
da2af5c04d openssl: fix memory leak in servercert
... when failing to get the server certificate.
2017-04-20 15:46:03 +02:00
Marcel Raad
a4ff8a1a0e
nss: fix MinGW compiler warnings
This fixes 3 warnings issued by MinGW:
1. PR_ImportTCPSocket actually has a paramter of type PROsfd instead of
PRInt32, which is 64 bits on Windows. Fixed this by including the
corresponding header file instead of redeclaring the function, which is
supported even though it is in the private include folder. [1]
2. In 64-bit mode, size_t is 64 bits while CK_ULONG is 32 bits, so an explicit
narrowing cast is needed.
3. Curl_timeleft returns time_t instead of long since commit
21aa32d30d.

[1] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR/Reference/PR_ImportTCPSocket

Closes https://github.com/curl/curl/pull/1393
2017-04-18 16:38:04 +02:00
Jay Satiro
33cfcfd9f0 TLS: Fix switching off SSL session id when client cert is used
Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl
will each have their own sessionid flag.

Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that
this issue had been fixed in 247d890, CVE-2016-5419.

Bug: https://github.com/curl/curl/issues/1341
Reported-by: lijian996@users.noreply.github.com

The new incarnation of this bug is called CVE-2017-7468 and is documented
here: https://curl.haxx.se/docs/adv_20170419.html
2017-04-18 07:56:34 +02:00
David Benjamin
997504ea50 openssl: don't try to print nonexistant peer private keys
X.509 certificates carry public keys, not private keys. Fields
corresponding to the private half of the key will always be NULL.

Closes #1425
2017-04-17 23:22:51 +02:00
David Benjamin
1c92b5b609 openssl: fix thread-safety bugs in error-handling
ERR_error_string with NULL parameter is not thread-safe. The library
writes the string into some static buffer. Two threads doing this at
once may clobber each other and run into problems. Switch to
ERR_error_string_n which avoids this problem and is explicitly
bounds-checked.

Also clean up some remnants of OpenSSL 0.9.5 around here. A number of
comments (fixed buffer size, explaining that ERR_error_string_n was
added in a particular version) date to when ossl_strerror tried to
support pre-ERR_error_string_n OpenSSLs.

Closes #1424
2017-04-17 23:20:30 +02:00
David Benjamin
47b2f89d7c openssl: make SSL_ERROR_to_str more future-proof
Rather than making assumptions about the values, use a switch-case.

Closes #1424
2017-04-17 23:20:22 +02:00
Daniel Gustafsson
aaa7e05c78 code: fix typos and style in comments
A few random typos, and minor whitespace cleanups, found in comments
while reading code.

Closes #1423
2017-04-17 23:17:50 +02:00
Marcel Raad
a0576e2f36
.gitattributes: force shell scripts to LF
Bash on Linux errors out on CR characters.
This makes tests 1221 and 1222 pass on Linux with a CRLF checkout.

Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
Closes https://github.com/curl/curl/pull/1422
2017-04-17 08:32:13 +02:00
Larry Stefani
1451271e08 http2: fix handle leak in error path
Add missing newhandle free call in push_promise().

Closes #1416
2017-04-15 23:37:30 +02:00
Larry Stefani
fc347820a2 mbedtls: fix memory leak in error path
Add missing our_ssl_sessionid free call in mbed_connect_step3().

Closes #1417
2017-04-15 23:29:25 +02:00
Daniel Stenberg
ab6d23278e Curl_expire_latest: ignore already expired timers
If the existing timer is still in there but has expired, the new timer
should be added.

Reported-by: Rainer Canavan
Bug: https://curl.haxx.se/mail/lib-2017-04/0030.html
Closes #1407
2017-04-11 16:53:33 +02:00
Marcel Raad
580da62d84
polarssl: unbreak build with versions < 1.3.8
ssl_session_init was only introduced in version 1.3.8, the penultimate
version. The function only contains a memset, so replace it with that.

Suggested-by: Jay Satiro
Fixes https://github.com/curl/curl/issues/1401
2017-04-11 12:56:57 +02:00
Marcel Raad
aa573c3c55
poll: prefer <poll.h> over <sys/poll.h>
The POSIX standard location is <poll.h>. Using <sys/poll.h> results in
warning spam when using the musl standard library.

Closes https://github.com/curl/curl/pull/1406
2017-04-11 08:31:38 +02:00
Alexis La Goutte
5ed16e6a7a openssl: fix this statement may fall through [-Wimplicit-fallthrough=]
Closes #1402
2017-04-10 14:21:49 +02:00
Kamil Dudka
d29e9de146 nss: load CA certificates even with --insecure
... because they may include an intermediate certificate for a client
certificate and the intermediate certificate needs to be presented to
the server, no matter if we verify the peer or not.

Reported-by: thraidh
Closes #851
2017-04-10 13:44:52 +02:00
Marcel Raad
45c78ad5b4
vtls: fix unreferenced variable warnings
... by moving the variables into the correct #ifdef block.
2017-04-08 13:40:41 +02:00
Marcel Raad
33ca733ee2
schannel: fix compiler warnings
When UNICODE is not defined, the Curl_convert_UTF8_to_tchar macro maps
directly to its argument. As it is declared as a pointer to const and
InitializeSecurityContext expects a pointer to non-const, both MSVC and MinGW
issue a warning about implicitly casting away the const. Fix this by declaring
the variables as pointers to non-const.

Closes https://github.com/curl/curl/pull/1394
2017-04-07 08:57:52 +02:00
Isaac Boukris
1f152a42ae
sspi: print out InitializeSecurityContext() error message
Reported-by: Carsten (talksinmath)

Fixes #1384
Closes #1395
2017-04-07 08:49:20 +02:00
Marcel Raad
aa2e9e9017
gtls: fix compiler warning
Curl_timeleft returns time_t instead of long since commit
21aa32d30d.
2017-04-06 19:34:44 +02:00
Daniel Stenberg
2d5711dc11 low_speed_limit: improved function for longer time periods
Previously, periods of fast speed between periods of slow speed would
not count and could still erroneously trigger a timeout.

Reported-by: Paul Harris
Fixes #1345
Closes #1390
2017-04-06 17:38:23 +02:00
Marcel Raad
c59fcdac90
nss: fix build after e60fe20fdf
Curl_llist_alloc is now Curl_llist_init.

Closes https://github.com/curl/curl/pull/1391
2017-04-06 12:52:13 +02:00
Dániel Bakai
de05bcb706 multi: fix queueing of pending easy handles
Multi handles repeatedly invert the queue of pending easy handles when
used with CURLMOPT_MAX_TOTAL_CONNECTIONS. This is caused by a multistep
process involving Curl_splaygetbest and violates the FIFO property of
the multi handle.
This patch fixes this issue by redefining the "best" node in the
context of timeouts as the "smallest not larger than now", and
implementing the necessary data structure modifications to do this
effectively, namely:
 - splay nodes with the same key are now stored in a doubly-linked
   circular list instead of a non-circular one to enable O(1)
   insertion to the tail of the list
 - Curl_splayinsert inserts nodes with the same key to the tail of
   the same list
 - in case of multiple nodes with the same key, the one on the head of
   the list gets selected
2017-04-04 23:37:18 +02:00
Martin Kepplinger
2d4413fefd curl_sasl: declare mechtable static
struct mechtable is only used locally here. It can be declared static.
2017-04-04 22:59:34 +02:00
Antti Hätälä
36e604fc78 url: don't free postponed data on connection reuse
- Don't free postponed data on a connection that will be reused since
  doing so can cause data loss when pipelining.

Only Windows builds are affected by this.

Closes https://github.com/curl/curl/issues/1380
2017-04-04 16:03:26 -04:00
Daniel Stenberg
4f2e348f9b hash: move key into hash struct to reduce mallocs
This removes one tiny malloc for each hash struct allocated. In a simple
case like "curl localhost", this save three mallocs.

Closes #1376
2017-04-04 15:37:37 +02:00
Daniel Stenberg
e60fe20fdf llist: replace Curl_llist_alloc with Curl_llist_init
No longer allocate the curl_llist head struct for lists separately.

Removes 17 (15%) tiny allocations in a normal "curl localhost" invoke.

closes #1381
2017-04-04 15:27:45 +02:00
Jay Satiro
a68ca63d73 easy: silence compiler warning
Safe to silence warning adding time delta of poll, which can trigger on
Windows since sizeof time_t > sizeof long.

warning C4244: '+=' : conversion from 'time_t' to 'long', possible loss
of data
2017-04-04 02:43:21 -04:00
Daniel Stenberg
9506d01ee5 include: curl/system.h is a run-time version of curlbuild.h
system.h is aimed to replace curlbuild.h at a later point in time when
we feel confident system.h works sufficiently well.

curl/system.h is currently used in parallel with curl/curlbuild.h

curl/system.h determines a data sizes, data types and include file
status based on available preprocessor defines instead of getting
generated at build-time. This, in order to avoid relying on a build-time
generated file that makes it complicated to do 32 and 64 bit bields from
the same installed set of headers.

Test 1541 verifies that system.h comes to the same conclusion that
curlbuild.h offers.

Closes #1373
2017-04-03 23:24:39 +02:00