1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-14 13:35:03 -05:00
Commit Graph

23462 Commits

Author SHA1 Message Date
Ihor Karpenko
6b6c2b8d57
schannel: client certificate store opening fix
1) Using CERT_STORE_OPEN_EXISTING_FLAG ( or CERT_STORE_READONLY_FLAG )
while opening certificate store would be sufficient in this scenario and
less-demanding in sense of required user credentials ( for example,
IIS_IUSRS will get "Access Denied" 0x05 error for existing CertOpenStore
call without any of flags mentioned above ),

2) as 'cert_store_name' is a DWORD, attempt to format its value like a
string ( in "Failed to open cert store" error message ) will throw null
pointer exception

3) adding GetLastError(), in my opinion, will make error message more
useful.

Bug: https://curl.haxx.se/mail/lib-2018-08/0198.html

Closes #2909
2018-08-24 09:03:28 +02:00
Leonardo Taccari
8f3c3cd08a
gopher: Do not translate ?' to %09'
Since GOPHER support was added in curl `?' character was automatically
translated to `%09' (`\t').

However, this behaviour does not seems documented in RFC 4266 and for
search selectors it is documented to directly use `%09' in the URL.
Apart that several gopher servers in the current gopherspace have CGI
support where `?' is used as part of the selector and translating it to
`%09' often leads to surprising results.

Closes #2910
2018-08-24 08:57:49 +02:00
Marcel Raad
387e85efd0
cookie tests: treat files as text
Fixes test failures because of wrong line endings on Windows.
2018-08-23 13:11:20 +02:00
Daniel Stenberg
1b8ed4ad23
libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation
Multi-threaded applictions basically MUST set CURLOPT_NO_SIGNAL to 1L to
avoid the risk of getting a SIGPIPE.

Either way, a multi-threaded application that uses libcurl/openssl needs
to have a signhandler for or ignore SIGPIPE on its own.

Based on discussions in #2800
Closes #2904
2018-08-23 08:29:55 +02:00
Daniel Stenberg
3c7511b92e
RELEASE-NOTES: synced 2018-08-22 14:11:22 +02:00
Marcel Raad
86b1e94ae7
Tests: fixes for Windows
- test 1268 requires unix sockets
- test 2072 must be disabled also for MSYS/MinGW
2018-08-22 12:26:21 +02:00
Daniel Stenberg
78d5302b5c
http2: abort the send_callback if not setup yet
When Curl_http2_done() gets called before the http2 data is setup all
the way, we cannot send anything and this should just return an error.

Detected by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10012
2018-08-22 09:47:22 +02:00
Daniel Stenberg
396fc0843e
http2: remove four unused nghttp2 callbacks
Closes #2903
2018-08-21 23:24:30 +02:00
Daniel Stenberg
205f5b5972
x509asn1: use FALLTHROUGH
... as no other comments are accepted since 014ed7c22f
2018-08-21 22:26:36 +02:00
Marcel Raad
93b34981fa
test1148: disable if decimal separator is not point
Modifying the locale with environment variables doesn't work for native
Windows applications. Just disable the test in this case if the decimal
separator is something different than a point. Use a precheck with a
small C program to achieve that.

Closes https://github.com/curl/curl/pull/2786
2018-08-21 19:00:48 +02:00
Marcel Raad
014ed7c22f
Enable more GCC warnings
This enables the following additional warnings:
-Wold-style-definition
-Warray-bounds=2 instead of the default 1
-Wformat=2, but only for GCC 4.8+ as Wno-format-nonliteral is not
 respected for older versions
-Wunused-const-variable, which enables level 2 instead of the default 1
-Warray-bounds also in debug mode through -ftree-vrp
-Wnull-dereference also in debug mode through
 -fdelete-null-pointer-checks

Closes https://github.com/curl/curl/pull/2747
2018-08-21 18:53:46 +02:00
Marcel Raad
15ed9f87e3
curl-compilers: enable -Wimplicit-fallthrough=4 for GCC
This enables level 4 instead of the default level 3, which of the
currently used comments only allows /* FALLTHROUGH */ to silence the
warning.

Closes https://github.com/curl/curl/pull/2747
2018-08-21 18:53:45 +02:00
Marcel Raad
60776a0515
curl-compilers: enable -Wbad-function-cast on GCC
This warning used to be enabled only for clang as it's a bit stricter
on GCC. Silence the remaining occurrences and enable it on GCC too.

Closes https://github.com/curl/curl/pull/2747
2018-08-21 18:53:45 +02:00
Marcel Raad
d5c0351055
configure: conditionally enable pedantic-errors
Enable pedantic-errors for GCC >= 5 with --enable-werror. Before GCC 5,
pedantic-errors was synonymous to -Werror=pedantic [0], which is still
the case for clang [1]. With GCC 5, it became complementary [2].

Also fix a resulting error in acinclude.m4 as main's return type was
missing, which is illegal in C99.

[0] https://gcc.gnu.org/onlinedocs/gcc-4.9.0/gcc/Warning-Options.html
[1] https://clang.llvm.org/docs/UsersManual.html#options-to-control-error-and-warning-messages
[2] https://gcc.gnu.org/onlinedocs/gcc-5.1.0/gcc/Warning-Options.html

Closes https://github.com/curl/curl/pull/2747
2018-08-21 18:53:44 +02:00
Marcel Raad
a829c4b25e
Remove unused definitions
Closes https://github.com/curl/curl/pull/2747
2018-08-21 18:53:43 +02:00
Daniel Stenberg
d26717584c
x509asn1: make several functions static
and remove the private SIZE_T_MAX define and use the generic one.

Closes #2902
2018-08-21 15:03:50 +02:00
Daniel Stenberg
362e9cc89b
INTERNALS: require GnuTLS >= 2.11.3
Since the public pinning support was brought in e644866caf. GnuTLS
2.11.3 was released in October 2010.

Figured out in #2890
2018-08-21 10:45:20 +02:00
Daniel Stenberg
e29ff2be2f
http2: avoid set_stream_user_data() before stream is assigned
... before the stream is started, we have it set to -1.

Fixes #2894
Closes #2898
2018-08-21 08:04:38 +02:00
Daniel Stenberg
9dad3bd665
SSLCERTS: improve the openssl command line
... for extracting certs from a live HTTPS server to make a cacerts.pem
from them.
2018-08-20 14:05:28 +02:00
Daniel Stenberg
a040ff88e4
docs/SECURITY-PROCESS: now we name the files after the CVE id 2018-08-20 11:49:58 +02:00
Daniel Stenberg
4c20b20482
RELEASE-NOTES: synced 2018-08-19 00:06:44 +02:00
Daniel Stenberg
8c80a9d1e2
upload: change default UPLOAD_BUFSIZE to 64KB
To make uploads significantly faster in some circumstances.

Part 2 of #2888
Closes #2892
2018-08-18 15:48:52 +02:00
Daniel Stenberg
e6e9b006f7
upload: allocate upload buffer on-demand
Saves 16KB on the easy handle for operations that don't need that
buffer.

Part 1 of #2888
2018-08-18 15:48:08 +02:00
Laurent Bonnans
4939f36524
vtls: reinstantiate engine on duplicated handles
Handles created with curl_easy_duphandle do not use the SSL engine set
up in the original handle. This fixes the issue by storing the engine
name in the internal url state and setting the engine from its name
inside curl_easy_duphandle.

Reported-by: Anton Gerasimov
Signed-of-by: Laurent Bonnans
Fixes #2829
Closes #2833
2018-08-18 15:46:23 +02:00
Daniel Stenberg
c7ea4ddd2e
http2: make sure to send after RST_STREAM
If this is the last stream on this connection, the RST_STREAM might not
get pushed to the wire otherwise.

Fixes #2882
Closes #2887
Researched-by: Michael Kaufmann
2018-08-17 23:16:55 +02:00
Daniel Stenberg
ba58ce669c
test1268: check the stderr output as "text"
Follow-up to 099f37e9c5

Pointed-out-by: Marcel Raad
2018-08-16 23:06:04 +02:00
Daniel Stenberg
09da53998e
urldata: remove unused pipe_broke struct field
This struct field is never set TRUE in any existing code path. This
change removes the field completely.

Closes #2871
2018-08-16 09:33:12 +02:00
Daniel Stenberg
099f37e9c5
curl: warn the user if a given file name looks like an option
... simply because this is usually a sign of the user having omitted the
file name and the next option is instead "eaten" by the parser as a file
name.

Add test1268 to verify

Closes #2885
2018-08-15 23:05:14 +02:00
Daniel Stenberg
ac86eabdbe
http2: check nghttp2_session_set_stream_user_data return code
Might help bug #2688 debugging

Closes #2880
2018-08-15 23:03:22 +02:00
Daniel Stenberg
3001304ad1
travis: revert back to gcc-7 for coverage builds
... since the gcc-8 ones seem to fail frequently.

Follow-up from b852071995

Closes #2886
2018-08-15 15:54:09 +02:00
Daniel Stenberg
d6757bbc7d
RELEASE-NOTES: synced
... and now listed in alphabetical order!
2018-08-15 13:59:07 +02:00
Adrien
ab66a80488
CMake: CMake config files are defining CURL_STATICLIB for static builds
This change allows to use the CMake config files generated by Curl's
CMake scripts for static builds of the library.
The symbol CURL_STATIC lib must be defined to compile downstream,
thus the config package is the perfect place to do so.

Fixes #2817
Closes #2823
Reported-by: adnn on github
Reviewed-by: Sergei Nikulov
2018-08-15 13:45:27 +02:00
Daniel Stenberg
39cb7130c3
TODO: host name sections in config files 2018-08-15 09:17:03 +02:00
Kamil Dudka
a4c7911a48 ssh-libssh: fix infinite connect loop on invalid private key
Added test 656 (based on test 604) to verify the fix.

Bug: https://bugzilla.redhat.com/1595135

Closes #2879
2018-08-14 22:08:06 +02:00
Kamil Dudka
1e843a31a4 ssh-libssh: reduce excessive verbose output about pubkey auth
The verbose message "Authentication using SSH public key file" was
printed each time the ssh_userauth_publickey_auto() was called, which
meant each time a packet was transferred over network because the API
operates in non-blocking mode.

This patch makes sure that the verbose message is printed just once
(when the authentication state is entered by the SSH state machine).
2018-08-14 15:55:16 +02:00
Daniel Stenberg
9622c350ac
travis: disable h2 torture tests for "coverage"
Since they started to fail almost 100% since a few days.

Closes #2876
2018-08-14 14:02:18 +02:00
Marcel Raad
b852071995
travis: update to GCC 8
Closes https://github.com/curl/curl/pull/2869
2018-08-14 13:56:46 +02:00
Daniel Stenberg
8440616f53
http: fix for tiny "HTTP/0.9" response
Deal with tiny "HTTP/0.9" (header-less) responses by checking the
status-line early, even before a full "HTTP/" is received to allow
detecting 0.9 properly.

Test 1266 and 1267 added to verify.

Fixes #2420
Closes #2872
2018-08-13 23:16:01 +02:00
Kamil Dudka
233908a55a docs: add disallow-username-in-url.d and haproxy-protocol.d on the list
... to make make the files appear in distribution tarballs

Closes #2856
2018-08-13 14:21:57 +02:00
Kamil Dudka
60000eb82f .travis.yml: verify that man pages can be regenerated
... when curl is built from distribution tarball

Closes #2856
2018-08-13 14:02:16 +02:00
Marcel Raad
41dabac761
Split non-portable part off test 1133
Split off testing file names with double quotes into new test 1158.
Disable it for MSYS using a precheck as it doesn't support file names
with double quotes (but Cygwin does, for example).

Fixes https://github.com/curl/curl/issues/2796
Closes https://github.com/curl/curl/pull/2854
2018-08-11 23:32:26 +02:00
Jay Satiro
220cd241cd projects: Improve Windows perl detection in batch scripts
- Determine if perl is in the user's PATH by running perl.exe.

Prior to this change detection was done by checking the PATH for perl/
but that did not work in all cases (eg git install includes perl but
not in perl/ path).

Bug: https://github.com/curl/curl/pull/2865
Reported-by: Daniel Jeliński
2018-08-11 16:33:12 -04:00
Michael Kaufmann
b676b66f4d docs: Improve the manual pages of some callbacks
- CURLOPT_HEADERFUNCTION: add newlines
- CURLOPT_INTERLEAVEFUNCTION: fix the description of 'userdata'
- CURLOPT_READDATA: mention crashes, same as in CURLOPT_WRITEDATA
- CURLOPT_READFUNCTION: rename 'instream' to 'userdata' and explain
  how to set it

Closes https://github.com/curl/curl/pull/2868
2018-08-11 14:33:28 -04:00
Marcel Raad
f31911a800
GCC: silence -Wcast-function-type uniformly
Pointed-out-by: Rikard Falkeborn
Closes https://github.com/curl/curl/pull/2860
2018-08-11 19:19:04 +02:00
Marcel Raad
25d2a1bae7
Silence GCC 8 cast-function-type warnings
On Windows, casting between unrelated function types is fine and
sometimes even necessary, so just use an intermediate cast to
(void (*) (void)) to silence the warning as described in [0].

[0] https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html

Closes https://github.com/curl/curl/pull/2860
2018-08-11 19:19:03 +02:00
Daniel Stenberg
2a278fd735
CURLINFO_SIZE_UPLOAD: fix missing counter update
Adds test 1522 for verification.

Reported-by: cjmsoregan
Fixes #2847
Closes #2864
2018-08-11 14:00:59 +02:00
Daniel Jelinski
53d211bfd1
Documentation: fix CURLOPT_SSH_COMPRESSION copy/paste bug
Closes #2867
2018-08-10 23:45:08 +02:00
Daniel Stenberg
9e2f5eb328
RELEASE-NOTES: synced 2018-08-10 23:27:37 +02:00
Daniel Stenberg
27cc5f1a97
openssl: fix potential NULL pointer deref in is_pkcs11_uri
Follow-up to 298d2565e
Coverity CID 1438387
2018-08-10 17:44:57 +02:00
Marcel Raad
9fe9bd7641
travis: execute "set -eo pipefail" for coverage build
Follow-up to 2de63ab179 and
0b87c96325.

Closes https://github.com/curl/curl/pull/2862
2018-08-10 17:24:17 +02:00