1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 08:38:49 -05:00
Commit Graph

24143 Commits

Author SHA1 Message Date
Steve Holme
1969958e6b build-openssl.bat: Move the installation into a separate function 2019-04-08 22:36:22 +01:00
Steve Holme
ac690c4285 build-openssl.bat: Move the build step into a separate function 2019-04-08 22:36:22 +01:00
Steve Holme
1f6ec5baba build-openssl.bat: Move the OpenSSL configuration into a separate function 2019-04-08 22:36:22 +01:00
Steve Holme
d891702fcf build-openssl.bat: Fixed the BUILD_CONFIG variable not being initialised
Should the parent environment set this variable then the build might
not be performed as the user intended.
2019-04-08 22:36:22 +01:00
Daniel Stenberg
8ebc42be04
socks: fix error message 2019-04-08 23:30:53 +02:00
Daniel Stenberg
ebb2ebe18b
config.d: clarify that initial : and = might need quoting [skip ci]
Fixes #3738
Closes #3749
2019-04-08 21:57:22 +02:00
Daniel Stenberg
c150438eee
RELEASE-NOTES: synced
bumped to 7.65.0 for next release
2019-04-08 21:42:05 +02:00
Daniel Stenberg
f4b6901230
socks5: user name and passwords must be shorter than 256
bytes... since the protocol needs to store the length in a single byte field.

Reported-by: XmiliaH on github
Fixes #3737
Closes #3740
2019-04-07 23:27:11 +02:00
Jakub Zakrzewski
89bb5a836c
test: urlapi: urlencode characters above 0x7f correctly 2019-04-07 22:57:42 +02:00
Jakub Zakrzewski
0dd47c2a3d
urlapi: urlencode characters above 0x7f correctly
fixes #3741
Closes #3742
2019-04-07 22:57:42 +02:00
Even Rouault
64cbae3107
multi_runsingle(): fix use-after-free
Fixes #3745
Closes #3746

The following snippet
```

int main()
{
    CURL* hCurlHandle = curl_easy_init();
    curl_easy_setopt(hCurlHandle, CURLOPT_URL, "http://example.com");
    curl_easy_setopt(hCurlHandle, CURLOPT_PROXY, "1");
    curl_easy_perform(hCurlHandle);
    curl_easy_cleanup(hCurlHandle);
    return 0;
}
```
triggers the following Valgrind warning

```
==4125== Invalid read of size 8
==4125==    at 0x4E7D1EE: Curl_llist_remove (llist.c:97)
==4125==    by 0x4E7EF5C: detach_connnection (multi.c:798)
==4125==    by 0x4E80545: multi_runsingle (multi.c:1451)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
==4125==  Address 0x9b3d1d0 is 1,120 bytes inside a block of size 1,600 free'd
==4125==    at 0x4C2ECF0: free (vg_replace_malloc.c:530)
==4125==    by 0x4E62C36: conn_free (url.c:756)
==4125==    by 0x4E62D34: Curl_disconnect (url.c:818)
==4125==    by 0x4E48DF9: Curl_once_resolved (hostip.c:1097)
==4125==    by 0x4E8052D: multi_runsingle (multi.c:1446)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
==4125==  Block was alloc'd at
==4125==    at 0x4C2F988: calloc (vg_replace_malloc.c:711)
==4125==    by 0x4E6438E: allocate_conn (url.c:1654)
==4125==    by 0x4E685B4: create_conn (url.c:3496)
==4125==    by 0x4E6968F: Curl_connect (url.c:4023)
==4125==    by 0x4E802E7: multi_runsingle (multi.c:1368)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
```

This has been bisected to commit 2f44e94

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14109
Credit to OSS Fuzz
2019-04-07 22:55:38 +02:00
Daniel Stenberg
2f44e94efb
pipelining: removed
As previously planned and documented in DEPRECATE.md, all pipelining
code is removed.

Closes #3651
2019-04-06 22:49:50 +02:00
cclauss
aba1c51553
tests: make Impacket (SMB server) Python 3 compatible
Closes #3731
Fixes #3289
2019-04-06 22:29:57 +02:00
Simon Warta
cd3edb0827
cmake: set SSL_BACKENDS
This groups all SSL backends into the feature "SSL" and sets the
SSL_BACKENDS analogue to configure.ac

Closes https://github.com/curl/curl/pull/3736
2019-04-06 17:54:41 +02:00
Simon Warta
1a3aa5c321
cmake: don't run SORT on empty list
In case of an empty list, SORTing leads to the cmake error "list
sub-command SORT requires list to be present."

Closes https://github.com/curl/curl/pull/3736
2019-04-06 17:53:03 +02:00
Eli Schwartz
55734f3a27 configure: fix default location for fish completions
Fish defines a vendor completions directory for completions that are not
installed as part of the fish project itself, and the vendor completions
are preferred if they exist. This prevents trying to overwrite the
builtin curl.fish completion (or creating file conflicts in distro
packaging).

Prefer the pkg-config defined location exported by fish, if it can be
found, and fall back to the correct directory defined by most systems.

Closes #3723
Reviewed-by: Daniel Gustafsson
2019-04-05 13:26:46 +02:00
Marcel Raad
ab5a6cf603
ftplistparser: fix LGTM alert "Empty block without comment"
Removing the block is consistent with line 954/957.

Closes https://github.com/curl/curl/pull/3732
2019-04-05 12:56:18 +02:00
Marcel Raad
1369b74299
transfer: fix LGTM alert "Comparison is always true"
Just remove the redundant condition, which also makes it clear that
k->buf is always 0-terminated if this break is not hit.

Closes https://github.com/curl/curl/pull/3732
2019-04-05 12:56:10 +02:00
Rikard Falkeborn
f5a77473c5 smtp: fix compiler warning
- Fix clang string-plus-int warning.

Clang 8 warns about adding a string to an int does not append to the
string. Indeed it doesn't, but that was not the intention either. Use
array indexing as suggested to silence the warning. There should be no
functional changes.

(In other words clang warns about "foo"+2 but not &"foo"[2] so use the
latter.)

smtp.c:1221:29: warning: adding 'int' to a string does not append to the
string [-Wstring-plus-int]
      eob = strdup(SMTP_EOB + 2);
            ~~~~~~~~~~~~~~~~^~~~

Closes https://github.com/curl/curl/pull/3729
2019-04-04 21:11:42 -04:00
Marcel Raad
16c1e444f3
VS projects: use Unicode for VC10+
All Windows APIs have been natively UTF-16 since Windows 2000 and the
non-Unicode variants are just wrappers around them. Only Windows 9x
doesn't understand Unicode without the UnicoWS DLL. As later Visual
Studio versions cannot target Windows 9x anyway, using the ANSI API
doesn't really have any benefit there.

This avoids issues like KNOWN_BUGS 6.5.

Ref: https://github.com/curl/curl/issues/2120
Closes https://github.com/curl/curl/pull/3720
2019-04-04 11:19:19 +02:00
Daniel Gustafsson
938c17d07a RELEASE-NOTES: synced
Bump the version in progress to 7.64.2, if we merge any "change"
before the cut-off date we can update the version.
2019-04-03 22:32:12 +02:00
Tim Rühsen
7b758e9835 documentation: Fix several typos
Closes #3724
Reviewed-by: Jakub Zakrzewski
Reviewed-by: Daniel Gustafsson
2019-04-03 22:06:06 +02:00
Mert Yazıcıoğlu
6227e2bd07 vauth/oauth2: Fix OAUTHBEARER token generation
OAUTHBEARER tokens were incorrectly generated in a format similar to
XOAUTH2 tokens. These changes make OAUTHBEARER tokens conform to the
RFC7628.

Fixes: #2487
Reported-by: Paolo Mossino

Closes https://github.com/curl/curl/pull/3377
2019-04-02 15:52:12 -04:00
Marcel Raad
d110d96b98
tool_cb_wrt: fix bad-function-cast warning
Commit f5bc578f4c reintroduced the
warning fixed in commit 2f5f31bb57.
Extend fhnd's scope and reuse that variable instead of calling
_get_osfhandle a second time to fix the warning again.

Closes https://github.com/curl/curl/pull/3718
2019-04-02 13:14:57 +02:00
Marcel Raad
e102ba7a19
VC15 project: remove MinimalRebuild
Already done in commit d5cfefd0ea for the
library project, but I forgot the tool project template. Now also
removed for that.
2019-04-01 19:18:08 +02:00
Dan Fandrich
18d1161429 cirrus: Customize the disabled tests per FreeBSD version
Try to run as many test cases as possible on each OS version.
12.0 passes 13 more tests than the older versions, so we might as well
run them.
2019-04-01 10:16:10 +02:00
Daniel Stenberg
fabd61f238 tool_help: include <strings.h> for strcasecmp
Reported-by: Wyatt O'Day
Fixes #3715
Closes #3716
2019-04-01 00:19:10 +02:00
Daniel Gustafsson
a92e9f578f scripts: fix typos 2019-03-31 22:55:09 +02:00
Dan Fandrich
e413baffdc travis: allow builds on branches named "ci"
This allows a way to test changes other than through PRs.
2019-03-28 01:33:04 +01:00
Brad Spencer
80208d68dc
resolve: apply Happy Eyeballs philosophy to parallel c-ares queries
Closes #3699
2019-03-27 23:31:59 +01:00
Daniel Stenberg
dbce1bd86f
multi: improved HTTP_1_1_REQUIRED handling
Make sure to downgrade to 1.1 even when we get this HTTP/2 stream error
on first flight.

Reported-by: niner on github
Fixes #3696
Closes #3707
2019-03-27 23:28:14 +01:00
Leonardo Taccari
8759e335ab
configure: avoid unportable `==' test(1) operator
Closes #3709
2019-03-27 23:25:46 +01:00
Daniel Stenberg
521bbbe299
RELEASE: 7.64.1 2019-03-27 07:53:33 +01:00
Daniel Stenberg
c07fc5e292
Revert "ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set"
This reverts commit 9130ead9fc.

Fixes #3708
2019-03-27 00:19:15 +01:00
Christian Schmitz
9130ead9fc
ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set
Closes #3704
2019-03-26 16:32:14 +01:00
Jay Satiro
f5bc578f4c tool_cb_wrt: fix writing to Windows null device NUL
- Improve console detection.

Prior to this change WriteConsole could be called to write to a handle
that may not be a console, which would cause an error. This issue is
limited to character devices that are not also consoles such as the null
device NUL.

Bug: https://github.com/curl/curl/issues/3175#issuecomment-439068724
Reported-by: Gisle Vanem
2019-03-26 03:31:30 -04:00
Jay Satiro
2bcdf722b8 CURLMOPT_PIPELINING.3: fix typo 2019-03-25 17:12:19 -04:00
Daniel Stenberg
401810434c
TODO: config file parsing
Closes #3698
2019-03-25 22:03:00 +01:00
Jay Satiro
a375ab3be4 os400: Disable Alt-Svc by default since it's experimental
Follow-up to 520f0b4 which added Alt-Svc support and enabled it by
default for OS400. Since the feature is experimental, it should be
disabled by default.

Ref: https://github.com/curl/curl/commit/520f0b4#commitcomment-32792332
Ref: https://curl.haxx.se/mail/lib-2019-02/0008.html

Closes https://github.com/curl/curl/pull/3688
2019-03-24 16:43:43 -04:00
Dan Fandrich
27fb521df5 tests: Fixed XML validation errors in some test files. 2019-03-24 18:35:02 +01:00
Dan Fandrich
48287c9c96 tests: Fix some incorrect precheck error messages.
[ci skip]
2019-03-24 13:02:05 +01:00
Daniel Stenberg
7c46691178
curl_url.3: this is not experimental anymore 2019-03-22 18:33:06 +01:00
Daniel Stenberg
28a55a5309
travis: bump the used wolfSSL version to 4.0.0
Test 311 is now fine, leaving only 313 (CRL) disabled.

Test 313 details can be found here:
https://github.com/wolfSSL/wolfssl/issues/1546

Closes #3697
2019-03-22 12:32:02 +01:00
Daniel Gustafsson
d0c1268f99 lib: Fix typos in comments 2019-03-22 11:39:03 +01:00
David Woodhouse
efd9fba681 openssl: if cert type is ENG and no key specified, key is ENG too
Fixes #3692
Closes #3692
2019-03-20 13:10:44 -07:00
Daniel Stenberg
7550f62d07
sectransp: tvOS 11 is required for ALPN support
Reported-by: nianxuejie on github
Assisted-by: Nick Zitzmann
Assisted-by: Jay Satiro
Fixes #3689
Closes #3690
2019-03-20 08:14:21 +01:00
Daniel Stenberg
dc5edf9124
test1541: threaded connection sharing
The threaded-shared-conn.c example turned into test case. Only works if
pthread was detected.

An attempt to detect future regressions such as e3a53e3efb

Closes #3687
2019-03-18 13:58:46 +01:00
Patrick Monnerat
520f0b47ad os400: alt-svc support.
Although experimental, enable it in the platform config file.
Upgrade ILE/RPG binding.
2019-03-17 18:54:36 +01:00
Daniel Stenberg
e3a53e3efb
conncache: use conn->data to know if a transfer owns it
- make sure an already "owned" connection isn't returned unless
  multiplexed.

- clear ->data when returning the connection to the cache again

Regression since 7.62.0 (probably in commit 1b76c38904)

Bug: https://curl.haxx.se/mail/lib-2019-03/0064.html

Closes #3686
2019-03-17 18:07:20 +01:00
Daniel Stenberg
76cc14ba43
RELEASE-NOTES: synced 2019-03-15 11:00:24 +01:00