1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 01:28:51 -05:00
Commit Graph

24310 Commits

Author SHA1 Message Date
Daniel Stenberg
c07fc5e292
Revert "ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set"
This reverts commit 9130ead9fc.

Fixes #3708
2019-03-27 00:19:15 +01:00
Christian Schmitz
9130ead9fc
ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set
Closes #3704
2019-03-26 16:32:14 +01:00
Jay Satiro
f5bc578f4c tool_cb_wrt: fix writing to Windows null device NUL
- Improve console detection.

Prior to this change WriteConsole could be called to write to a handle
that may not be a console, which would cause an error. This issue is
limited to character devices that are not also consoles such as the null
device NUL.

Bug: https://github.com/curl/curl/issues/3175#issuecomment-439068724
Reported-by: Gisle Vanem
2019-03-26 03:31:30 -04:00
Jay Satiro
2bcdf722b8 CURLMOPT_PIPELINING.3: fix typo 2019-03-25 17:12:19 -04:00
Daniel Stenberg
401810434c
TODO: config file parsing
Closes #3698
2019-03-25 22:03:00 +01:00
Jay Satiro
a375ab3be4 os400: Disable Alt-Svc by default since it's experimental
Follow-up to 520f0b4 which added Alt-Svc support and enabled it by
default for OS400. Since the feature is experimental, it should be
disabled by default.

Ref: https://github.com/curl/curl/commit/520f0b4#commitcomment-32792332
Ref: https://curl.haxx.se/mail/lib-2019-02/0008.html

Closes https://github.com/curl/curl/pull/3688
2019-03-24 16:43:43 -04:00
Dan Fandrich
27fb521df5 tests: Fixed XML validation errors in some test files. 2019-03-24 18:35:02 +01:00
Dan Fandrich
48287c9c96 tests: Fix some incorrect precheck error messages.
[ci skip]
2019-03-24 13:02:05 +01:00
Daniel Stenberg
7c46691178
curl_url.3: this is not experimental anymore 2019-03-22 18:33:06 +01:00
Daniel Stenberg
28a55a5309
travis: bump the used wolfSSL version to 4.0.0
Test 311 is now fine, leaving only 313 (CRL) disabled.

Test 313 details can be found here:
https://github.com/wolfSSL/wolfssl/issues/1546

Closes #3697
2019-03-22 12:32:02 +01:00
Daniel Gustafsson
d0c1268f99 lib: Fix typos in comments 2019-03-22 11:39:03 +01:00
David Woodhouse
efd9fba681 openssl: if cert type is ENG and no key specified, key is ENG too
Fixes #3692
Closes #3692
2019-03-20 13:10:44 -07:00
Daniel Stenberg
7550f62d07
sectransp: tvOS 11 is required for ALPN support
Reported-by: nianxuejie on github
Assisted-by: Nick Zitzmann
Assisted-by: Jay Satiro
Fixes #3689
Closes #3690
2019-03-20 08:14:21 +01:00
Daniel Stenberg
dc5edf9124
test1541: threaded connection sharing
The threaded-shared-conn.c example turned into test case. Only works if
pthread was detected.

An attempt to detect future regressions such as e3a53e3efb

Closes #3687
2019-03-18 13:58:46 +01:00
Patrick Monnerat
520f0b47ad os400: alt-svc support.
Although experimental, enable it in the platform config file.
Upgrade ILE/RPG binding.
2019-03-17 18:54:36 +01:00
Daniel Stenberg
e3a53e3efb
conncache: use conn->data to know if a transfer owns it
- make sure an already "owned" connection isn't returned unless
  multiplexed.

- clear ->data when returning the connection to the cache again

Regression since 7.62.0 (probably in commit 1b76c38904)

Bug: https://curl.haxx.se/mail/lib-2019-03/0064.html

Closes #3686
2019-03-17 18:07:20 +01:00
Daniel Stenberg
76cc14ba43
RELEASE-NOTES: synced 2019-03-15 11:00:24 +01:00
Chris Young
1e853653d2
configure: add --with-amissl
AmiSSL is an Amiga native library which provides a wrapper over OpenSSL.
It also requires all programs using it to use bsdsocket.library
directly, rather than accessing socket functions through clib, which
libcurl was not necessarily doing previously. Configure will now check
for the headers and ensure they are included if found.

Closes #3677
2019-03-15 10:22:42 +01:00
Chris Young
76a9d8df0e
vtls: rename some of the SSL functions
... in the SSL structure as AmiSSL is using macros for the socket API
functions.
2019-03-15 10:22:42 +01:00
Chris Young
fe802fd6a6
tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr 2019-03-15 10:22:42 +01:00
Chris Young
5c215bdbdf
tool_operate: build on AmigaOS 2019-03-15 10:16:33 +01:00
Daniel Stenberg
5cf5d57ab9
makefile: make checksrc and hugefile commands "silent"
... to match the style already used for compiling, linking
etc. Acknowledges 'make V=1' to enable verbose.

Closes #3681
2019-03-14 20:11:24 +01:00
Daniel Stenberg
2af732f364
curl.1: --user and --proxy-user are hidden from ps output
Suggested-by: Eric Curtin
Improved-by: Dan Fandrich
Ref: #3680

Closes #3683
2019-03-14 20:09:41 +01:00
Daniel Stenberg
05a131eb77
curl.1: mark the argument to --cookie as <data|filename>
From a discussion in #3676

Suggested-by: Tim Rühsen

Closes #3682
2019-03-14 17:25:40 +01:00
Dan Fandrich
6971478963 fuzzer: Only clone the latest fuzzer code, for speed. 2019-03-14 14:03:16 +01:00
Dominik Hölzl
6c60355323
Negotiate: fix for HTTP POST with Negotiate
* Adjusted unit tests 2056, 2057
* do not generally close connections with CURLAUTH_NEGOTIATE after every request
* moved negotiatedata from UrlState to connectdata
* Added stream rewind logic for CURLAUTH_NEGOTIATE
* introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC
* Consider authproblem state for CURLAUTH_NEGOTIATE
* Consider reuse_forbid for CURLAUTH_NEGOTIATE
* moved and adjusted negotiate authentication state handling from
  output_auth_headers into Curl_output_negotiate
* Curl_output_negotiate: ensure auth done is always set
* Curl_output_negotiate: Set auth done also if result code is
  GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may
  also indicate the last challenge request (only works with disabled
  Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1)
* Consider "Persistent-Auth" header, detect if not present;
  Reset/Cleanup negotiate after authentication if no persistent
  authentication
* apply changes introduced with #2546 for negotiate rewind logic

Fixes #1261
Closes #1975
2019-03-14 09:26:03 +01:00
Marc Schlatter
dd8a19f8a0
http: send payload when (proxy) authentication is done
The check that prevents payload from sending in case of authentication
doesn't check properly if the authentication is done or not.

They're cases where the proxy respond "200 OK" before sending
authentication challenge. This change takes care of that.

Fixes #2431
Closes #3669
2019-03-13 10:58:52 +01:00
Daniel Stenberg
5add3514e6
file: fix "Checking if unsigned variable 'readcount' is less than zero."
Pointed out by codacy

Closes #3672
2019-03-12 21:46:11 +01:00
Daniel Stenberg
401cb92954
memdebug: log pointer before freeing its data
Coverity warned for two potentional "Use after free" cases. Both are false
positives because the memory wasn't used, it was only the actual pointer
value that was logged.

The fix still changes the order of execution to avoid the warnings.

Coverity CID 1443033 and 1443034

Closes #3671
2019-03-12 21:45:03 +01:00
Daniel Stenberg
7e68fed88b
RELEASE-NOTES: synced 2019-03-12 09:05:11 +01:00
Marcel Raad
8bd397de1d
travis: actually use updated compiler versions
For the Linux builds, GCC 8 and 7 and clang 7 were installed, but the
new GCC versions were only used for the coverage build and for building
nghttp2, while the new clang version was not used at all.

BoringSSL needs to use the default GCC as it respects CC, but not CXX,
so it would otherwise pass gcc 8 options to g++ 4.8 and fail.

Also remove GCC 7, it's not needed anymore.

Ref: https://docs.travis-ci.com/user/languages/c/#c11c11-and-beyond-and-toolchain-versioning

Closes https://github.com/curl/curl/pull/3670
2019-03-12 08:36:20 +01:00
Marcel Raad
3ee07e3e72
travis: update clang to version 7
Closes https://github.com/curl/curl/pull/3670
2019-03-12 08:35:51 +01:00
Andre Guibert de Bruet
57c7076793 examples/externalsocket: add missing close socket calls
.. and for Windows also call WSACleanup since we call WSAStartup.

The example is to demonstrate handling the socket independently of
libcurl. In this case libcurl is not responsible for creating, opening
or closing the socket, it is handled by the application (our example).

Fixes https://github.com/curl/curl/pull/3663
2019-03-11 23:02:54 -04:00
Daniel Stenberg
0bb56392d4
multi: removed unused code for request retries
This code was once used for the non multi-interface using code path, but
ever since easy_perform was turned into a wrapper around the multi
interface, this code path never runs.

Closes #3666
2019-03-11 17:29:51 +01:00
Jay Satiro
9e6af114ea doh: inherit some SSL options from user's easy handle
- Inherit SSL options for the doh handle but not SSL client certs,
  SSL ALPN/NPN, SSL engine, SSL version, SSL issuer cert,
  SSL pinned public key, SSL ciphers, SSL id cache setting,
  SSL kerberos or SSL gss-api settings.

- Fix inheritance of verbose setting.

- Inherit NOSIGNAL.

There is no way for the user to set options for the doh (DNS-over-HTTPS)
handles and instead we inherit some options from the user's easy handle.

My thinking for the SSL options not inherited is they are most likely
not intended by the user for the DOH transfer. I did inherit insecure
because I think that should still be in control of the user.

Prior to this change doh did not work for me because CAINFO was not
inherited. Also verbose was set always which AFAICT was a bug (#3660).

Fixes https://github.com/curl/curl/issues/3660
Closes https://github.com/curl/curl/pull/3661
2019-03-11 01:50:12 -04:00
Daniel Stenberg
ff7e5a29c7
test331: verify set-cookie for dotless host name
Reproduced bug #3649
Closes #3659
2019-03-09 12:59:20 +01:00
Daniel Stenberg
299d9660f8
Revert "cookies: extend domain checks to non psl builds"
This reverts commit 3773de378d.

Regression shipped in 7.64.0
Fixes #3649
2019-03-09 12:59:20 +01:00
Daniel Stenberg
76b6348949
memdebug: make debug-specific functions use curl_dbg_ prefix
To not "collide" or use up the regular curl_ name space. Also makes them
easier to detect in helper scripts.

Closes #3656
2019-03-08 23:21:21 +01:00
Daniel Stenberg
50afa478e1
cmdline-opts/proxytunnel.d: the option tunnnels all protocols
Clarify the language and simplify.

Reported-by: Daniel Lublin
Closes #3658
2019-03-08 23:19:11 +01:00
Daniel Stenberg
5114f82331
KNOWN_BUGS: Client cert (MTLS) issues with Schannel
Closes #3145
2019-03-07 13:14:51 +01:00
Daniel Stenberg
af219e4492
ROADMAP: updated to some more current things to work on 2019-03-07 00:00:30 +01:00
Daniel Stenberg
a4cc978906
tests: fix multiple may be used uninitialized warnings 2019-03-05 14:38:25 +01:00
Daniel Stenberg
1ed9e74702
RELEASE-NOTES: synced 2019-03-05 13:24:54 +01:00
Daniel Stenberg
4ed62bc0dc
source: fix two 'nread' may be used uninitialized warnings
Both seem to be false positives but we don't like warnings.

Closes #3646
2019-03-05 13:03:43 +01:00
Daniel Stenberg
39c29626cb
gopher: remove check for path == NULL
Since it can't be NULL and it makes Coverity believe we lack proper NULL
checks. Verified by test 659, landed in commit 15401fa886.

Pointed out by Coverity CID 1442746.

Assisted-by: Dan Fandrich
Fixes #3617
Closes #3642
2019-03-05 08:01:50 +01:00
Daniel Stenberg
dd7d7107c7
examples: only include <curl/curl.h>
That's the only public curl header we should encourage use of.

Reviewed-by: Marcel Raad
Closes #3645
2019-03-05 07:58:29 +01:00
Daniel Stenberg
d6f73af730
ssh: loop the state machine if not done and not blocking
If the state machine isn't complete, didn't fail and it didn't return
due to blocking it can just as well loop again.

This addresses the problem with SFTP directory listings where we would
otherwise return back to the parent and as the multi state machine
doesn't have any code for using CURLM_CALL_MULTI_PERFORM for as long the
doing phase isn't complete, it would return out when in reality there
was more data to deal with.

Fixes #3506
Closes #3644
2019-03-05 07:57:11 +01:00
Jay Satiro
b0972bc8e1 multi: support verbose conncache closure handle
- Change closure handle to receive verbose setting from the easy handle
  most recently added via curl_multi_add_handle.

The closure handle is a special easy handle used for closing cached
connections. It receives limited settings from the easy handle most
recently added to the multi handle. Prior to this change that did not
include verbose which was a problem because on connection shutdown
verbose mode was not acknowledged.

Ref: https://github.com/curl/curl/pull/3598

Co-authored-by: Daniel Stenberg

Closes https://github.com/curl/curl/pull/3618
2019-03-05 00:00:01 -05:00
Daniel Stenberg
15401fa886
CURLU: fix NULL dereference when used over proxy
Test 659 verifies

Also fixed the test 658 name

Closes #3641
2019-03-04 16:24:08 +01:00
Daniel Stenberg
2591a491aa
altsvc_out: check the return code from Curl_gmtime
Pointed out by Coverity, CID 1442956.

Closes #3640
2019-03-03 21:30:31 +01:00