1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-19 16:05:06 -05:00
Commit Graph

20864 Commits

Author SHA1 Message Date
Tobias Stoeckmann
851c29269b hostip: Fix signal race in Curl_resolv_timeout.
A signal handler for SIGALRM is installed in Curl_resolv_timeout. It is
configured to interrupt system calls and uses siglongjmp to return into
the function if alarm() goes off.

The signal handler is installed before curl_jmpenv is initialized.
This means that an already installed alarm timer could trigger the
newly installed signal handler, leading to undefined behavior when it
accesses the uninitialized curl_jmpenv.

Even if there is no previously installed alarm available, the code in
Curl_resolv_timeout itself installs an alarm before the environment is
fully set up. If the process is sent into suspend right after that, the
signal handler could be called too early as in previous scenario.

To fix this, the signal handler should only be installed and the alarm
timer only be set after sigsetjmp has been called.
2015-03-14 18:24:11 +01:00
Daniel Stenberg
0cf649d9cc http2: detect prematures close without data transfered
... by using the regular Curl_http_done() method which checks for
that. This makes test 1801 fail consistently with error 56 (which seems
fine) to that test is also updated here.

Reported-by: Ben Darnell
Bug: https://github.com/bagder/curl/issues/166
2015-03-14 18:19:51 +01:00
Dan Fandrich
0911b96399 test320: Expect the Host header to be the first header
Required for the test to work after a5d994941c.
2015-03-13 22:37:23 +01:00
Daniel Stenberg
983ccdcead RELEASE-NOTES: synced with 186e46d88d 2015-03-12 23:40:38 +01:00
Daniel Stenberg
186e46d88d openssl: use colons properly in the ciphers list
While the previous string worked, this is the documented format.

Reported-by: Richard Moore
2015-03-12 23:29:46 +01:00
Daniel Stenberg
0d1060f21e openssl: sort the ciphers on strength
This makes curl pick better (stronger) ciphers by default. The strongest
available ciphers are fine according to the HTTP/2 spec so an OpenSSL
built curl is no longer rejected by string HTTP/2 servers.

Bug: http://curl.haxx.se/bug/view.cgi?id=1487
2015-03-12 23:16:28 +01:00
Fabian Keil
6d3260af64 test203[0-3]: Expect the Host header to be the first header
Required for the tests to work after a5d994941c.
2015-03-12 16:06:11 +01:00
Daniel Stenberg
1d3f1a80d0 openssl: show the cipher selection to use 2015-03-12 15:53:45 +01:00
Daniel Stenberg
a5d994941c http: always send Host: header as first header
...after the method line:

 "Since the Host field-value is critical information for handling a
 request, a user agent SHOULD generate Host as the first header field
 following the request-line." / RFC 7230 section 5.4

Additionally, this will also make libcurl ignore multiple specified
custom Host: headers and only use the first one. Test 1121 has been
updated accordingly

Bug: http://curl.haxx.se/bug/view.cgi?id=1491
Reported-by: Rainer Canavan
2015-03-12 12:15:24 +01:00
Alexander Pepper
143acd6222 mk-ca-bundle bugfix: Don't report SHA1 numbers with "-q".
Also unified printing to STDERR by creating the helper method "report".
2015-03-11 14:47:41 +01:00
Daniel Stenberg
852d35b6ea proxy: re-use proxy connections (regression)
When checking for a connection to re-use, a proxy-using request must
check for and use a proxy connection and not one based on the host
name!

Added test 1421 to verify

Bug: http://curl.haxx.se/bug/view.cgi?id=1492
2015-03-11 11:54:22 +01:00
Jay Satiro
f39b1c0801 memanalyze.pl: handle free(NULL) 2015-03-10 22:05:46 +01:00
Jay Satiro
e424a1b3e7 .travis.yml: Change CI make test to make test-full
- Change the continuous integration script to use 'make test-full'
instead of just 'make test' so that the diagnostic log output is
printed to stdout when a test fails.

- Change the continuous integration script to use
'./configure --enable-debug' instead of just './configure' so that the
memory analyzer will work during testing.

Prior to this change Travis used its default C test script:
./configure && make && make test
2015-03-10 20:37:17 +01:00
Alessandro Ghedini
fa895f2aa2 gtls: correctly align certificate status verification messages 2015-03-10 15:48:34 +01:00
Alessandro Ghedini
a6a264ef2c gtls: don't print double newline after certificate dates 2015-03-10 15:20:03 +01:00
Alessandro Ghedini
3a757fddbb gtls: print negotiated TLS version and full cipher suite name
Instead of priting cipher and MAC algorithms names separately, print the
whole cipher suite string which also includes the key exchange algorithm,
along with the negotiated TLS version.
2015-03-10 15:18:14 +01:00
Daniel Stenberg
d9973eaeb8 gtls: fix compiler warnings 2015-03-10 15:16:59 +01:00
Alessandro Ghedini
5a1614cecd gtls: add support for CURLOPT_CAPATH 2015-03-10 15:03:54 +01:00
stopiccot
0f24df6e54 MacOSX-Framework: use @rpath instead of @executable_path
Bug: https://github.com/bagder/curl/pull/157
2015-03-09 23:39:27 +01:00
Daniel Stenberg
e662ddff49 RELEASE-NOTES: synced with c19349951 2015-03-09 11:12:54 +01:00
Daniel Stenberg
c19349951d multi: fix *getsock() with CONNECT
The code used some happy eyeballs logic even _after_ CONNECT has been
sent to a proxy, while the happy eyeball phase is already (should be)
over by then.

This is solved by splitting the multi state into two separate states
introducing the new SENDPROTOCONNECT state.

Bug: http://curl.haxx.se/mail/lib-2015-01/0170.html
Reported-by: Peter Laser
2015-03-07 19:19:22 +01:00
Daniel Stenberg
9da14a96ab conncontrol: only log changes to the connection bit 2015-03-07 19:18:49 +01:00
Daniel Stenberg
00ea0e7db0 http2: use CURL_HTTP_VERSION_* symbols instead of NPN_*
Since they already exist and will make comparing easier
2015-03-07 11:10:30 +01:00
Daniel Stenberg
df28af8f39 http2: make the info-message about receiving HTTP2 headers debug-only 2015-03-07 10:55:37 +01:00
Alessandro Ghedini
44ffe27056 urldata: remove unused asked_for_h2 field 2015-03-07 10:36:10 +01:00
Alessandro Ghedini
adb4e41a1a polarssl: make it possible to enable ALPN/NPN without HTTP2 2015-03-07 10:36:10 +01:00
Alessandro Ghedini
42bc45be8e nss: make it possible to enable ALPN/NPN without HTTP2 2015-03-07 10:36:10 +01:00
Alessandro Ghedini
870a67e01f gtls: make it possible to enable ALPN/NPN without HTTP2 2015-03-07 10:36:10 +01:00
Alessandro Ghedini
2e9494b15d openssl: make it possible to enable ALPN/NPN without HTTP2 2015-03-07 10:36:10 +01:00
Daniel Stenberg
3ac3331e14 metalink: add some error checks
malloc() and strdup() calls without checking return codes.

Reported-by: Markus Elfring
Bug: https://github.com/bagder/curl/issues/150
2015-03-06 23:14:25 +01:00
Daniel Stenberg
163d29826d curl_easy_setopt.3: added CURLOPT_SSL_VERIFYSTATUS
Reported-by: Jonathan Cardoso
2015-03-06 17:07:28 +01:00
Daniel Stenberg
042526c19f urldata: fix gnutls build 2015-03-06 10:13:40 +01:00
Steve Holme
9fa1abe9fe openssl: Removed use of USE_SSLEAY from the Visual Studio project files
In addition to commit 709cf76f6b, removed the USE_SSLEAY preprocessor
variable from the Visual Studio project files as it isn't required
anymore.
2015-03-05 20:47:14 +00:00
Daniel Stenberg
492dfca65d multi: fix memory-leak on timeout (regression)
Since 1342a96ecf, a timeout detected in the multi state machine didn't
necesarily clear everything up, like formpost data.

Bug: https://github.com/bagder/curl/issues/147
Reported-by: Michel Promonet
Patched-by: Michel Promonet
2015-03-05 15:43:38 +01:00
Daniel Stenberg
64736dd1be configure: follow-up fix from 709cf76f6
OpenSSL handling was a little broken.
2015-03-05 15:43:38 +01:00
Daniel Stenberg
709cf76f6b openssl: remove all uses of USE_SSLEAY
SSLeay was the name of the library that was subsequently turned into
OpenSSL many moons ago (1999). curl does not work with the old SSLeay
library since years. This is now reflected by only using USE_OPENSSL in
code that depends on OpenSSL.
2015-03-05 10:57:52 +01:00
Sergei Nikulov
1a62b6e68c cmake: handle build definitions CURLDEBUG/DEBUGBUILD
Acked-by: Brad King
2015-03-05 09:26:08 +01:00
Daniel Stenberg
ae8235571f FAQ: 4.21 Why is there a HTTP/1.1 in my HTTP/2 request? 2015-03-04 18:24:46 +01:00
Daniel Stenberg
ac4d08b5e2 symbols.pl: handle '-' in the deprecated field
... which otherwise made the script skip the _LAST define for some
symbols.

Reported-by: Jeroen Ooms
Bug: http://curl.haxx.se/mail/lib-2015-03/0052.html
2015-03-04 08:36:38 +01:00
Daniel Stenberg
6bba85d500 curl.1: fix "The the" typo
Reported-by: Jon Seymour
2015-03-04 07:29:06 +01:00
Daniel Stenberg
8aabbf5f8c vtls: use curl_printf.h all over
No need to use _MPRINTF_REPLACE internally.
2015-03-03 23:17:43 +01:00
Daniel Stenberg
dcf23b0cfe tool: use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE 2015-03-03 23:08:02 +01:00
Daniel Stenberg
af838b7d7b tool_writeenv: remove _MPRINTF_REPLACE define, it wasn't used 2015-03-03 23:00:54 +01:00
Sergei Nikulov
43eb8b2874 libtest: fixed linker errors on msvc
Bug: https://github.com/bagder/curl/pull/144
2015-03-03 14:33:11 +01:00
Daniel Stenberg
df5578a7a3 mprintf.h: remove #ifdef CURLDEBUG
... and as a consequence, introduce curl_printf.h with that re-define
magic instead and make all libcurl code use that instead.
2015-03-03 12:36:18 +01:00
Daniel Stenberg
f2108ec34c tool_getpass: remove unused curl/mprintf.h include 2015-03-03 12:09:25 +01:00
Daniel Stenberg
a318e04419 CONTRIBUTING.md: file for advice on github 2015-03-03 00:38:41 +01:00
Viktor Szakáts
1cb227c1f1 BINDINGS: add link to Harbour bindings
And UTF8-fix a few names
2015-03-02 17:43:06 +01:00
Daniel Stenberg
f3f7d37c1d CURLOPT_HEADERFUNCTION.3: typo in error code name
Reported-by: Jonathan Cardoso
2015-03-02 17:25:39 +01:00
Daniel Stenberg
ca04681c3b BINDINGS: tclcurl moved
Reporte-by: Steve Havelka
2015-03-02 08:51:14 +01:00