1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-14 21:45:13 -05:00
Commit Graph

11059 Commits

Author SHA1 Message Date
Daniel Stenberg
2a81439553
ntlm_sspi: fix bad use of CURLE_NOT_BUILT_IN
That return code is reserved for build-time conditional code not being
present while this was a regular run-time error from a Windows API.

Reported-by: wangp on github
Fixes #5349
Closes #5350
2020-05-07 12:58:57 +02:00
Daniel Stenberg
54a2b63c70
http2: simplify and clean up trailer handling
Triggered by a crash detected by OSS-Fuzz after the dynbuf introduction in
ed35d6590e. This should make the trailer handling more straight forward and
hopefully less error-prone.

Deliver the trailer header to the callback already at receive-time. No
longer caches the trailers to get delivered at end of stream.

Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22030
Closes #5348
2020-05-07 09:49:51 +02:00
Daniel Stenberg
44645ca8b0
libssh2: convert over to use dynbuf
In my very basic test that lists sftp://127.0.0.1/tmp/, this patched
code makes 161 allocations compared to 194 in git master. A 17%
reduction.

Closes #5336
2020-05-05 14:54:07 +02:00
Daniel Stenberg
80b9db1283
quiche: enable qlog output
quiche has the potential to log qlog files. To enable this, you must
build quiche with the qlog feature enabled `cargo build --features
qlog`. curl then passes a file descriptor to quiche, which takes
ownership of the file. The FD transfer only works on UNIX.

The convention is to enable logging when the QLOGDIR environment is
set. This should be a path to a folder where files are written with the
naming template <SCID>.qlog.

Co-authored-by: Lucas Pardue
Replaces #5337
Closes #5341
2020-05-05 14:50:33 +02:00
Daniel Stenberg
e0af243b61
urldata.h: remove #define HEADERSIZE, not used anymore
Follow-up to ed35d6590e
2020-05-04 16:53:05 +02:00
Daniel Stenberg
18815aa670
ngtcp2: convert to dynbuf
Closes #5335
2020-05-04 14:57:57 +02:00
Daniel Stenberg
7a86a25f5b
connect: make happy eyeballs work for QUIC (again)
Follow-up from dbd16c3e25 (regression in 7.70.0)

Closes #5334
2020-05-04 14:56:26 +02:00
Daniel Stenberg
d2dfa3e689
connect: add two asserts to clue code analyzers in a little 2020-05-04 11:03:29 +02:00
Daniel Stenberg
dae126ff12
http_proxy: ported to use dynbuf instead of a static size buffer
Removes a 16K static buffer from the easy handle. Simplifies the code.
2020-05-04 10:41:06 +02:00
Daniel Stenberg
ed35d6590e
dynbuf: introduce internal generic dynamic buffer functions
A common set of functions instead of many separate implementations for
creating buffers that can grow when appending data to them. Existing
functionality has been ported over.

In my early basic testing, the total number of allocations seem at
roughly the same amount as before, possibly a few less.

See docs/DYNBUF.md for a description of the API.

Closes #5300
2020-05-04 10:40:39 +02:00
Daniel Stenberg
59e351a572
asyn-*: remove support for never-used NULL entry pointers
... and instead convert those to asserts to make sure they are truly
never NULL.

Closes #5324
2020-05-03 22:48:04 +02:00
Jay Satiro
153d581b7f asyn-thread: fix cppcheck warning
- Check for NULL entry parameter before attempting to deref entry in
  Curl_resolver_is_resolved, like is already done in asyn-ares.

This is to silence cppcheck which does not seem to understand that
asyn-ares and asyn-thread have separate Curl_resolver_is_resolved
and those units are mutually exclusive. Prior to this change it warned
of a scenario where asyn-thread's Curl_resolver_is_resolved is called
with a NULL entry from asyn-ares, but that couldn't happen.

Reported-by: rl1987@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/5326
2020-05-02 15:03:39 -04:00
Jay Satiro
85eda4e87a select: fix overflow protection in Curl_socket_check
Follow-up to a96c752 which changed the timeout_ms type from time_t to
timediff_t.

Ref: https://github.com/curl/curl/pull/5240

Closes https://github.com/curl/curl/pull/5286
2020-05-02 15:02:20 -04:00
Daniel Stenberg
df2093d293
libssh2: set the expected total size in SCP upload init
... as otherwise the progress callback gets called without that
information, making the progress meter have less info.

Reported-by: Murugan Balraj
Bug: https://curl.haxx.se/mail/archive-2020-05/0000.html
Closes #5317
2020-05-02 16:38:48 +02:00
Emil Engler
42d8d9a7e8
GnuTLS: Backend support for CURLINFO_SSL_VERIFYRESULT
Closes #5287
2020-04-30 14:40:54 +02:00
Daniel Stenberg
c069027139
conncache: various concept cleanups
More connection cache accesses are protected by locks.

CONNCACHE_* is a beter prefix for the connection cache lock macros.

Curl_attach_connnection: now called as soon as there's a connection
struct available and before the connection is added to the connection
cache.

Curl_disconnect: now assumes that the connection is already removed from
the connection cache.

Ref: #4915
Closes #5009
2020-04-30 14:27:54 +02:00
Daniel Stenberg
d39b4128d5
schannel: source code reindent
White space edits only. Conform better to standard curl source code
indenting style.

Closes #5305
2020-04-29 14:43:59 +02:00
Daniel Stenberg
6370e43153
headers: copyright range fix 2020-04-28 18:10:46 +02:00
Rikard Falkeborn
fc0e29dd57
doh: Constify some input pointers
Closes #5306
2020-04-28 07:56:34 +02:00
Daniel Stenberg
cad15b9f92
nss: check for PK11_CreateDigestContext() returning NULL
... to avoid crashes!

Reported-by: Hao Wu
Fixes #5302
Closes #5303
2020-04-27 16:25:59 +02:00
Daniel Stenberg
b7135f58f5
copyright updates: adjust year ranges 2020-04-26 23:59:22 +02:00
Daniel Stenberg
446fb0518b
smtp: set auth correctly
Regression since 7.69.0 and 68fb25fa3f.

The code wrongly assigned 'from' instead of 'auth' which probably was a
copy and paste mistake from other code, leading to that auth could
remain NULL and later cause an error to be returned.

Assisted-by: Eric Sauvageau
Fixes #5294
Closes #5295
2020-04-25 14:14:43 +02:00
Marcel Raad
6ad062ae71
lib: clean up whitespace
This fixes CodeFactor warnings.
2020-04-25 11:15:49 +02:00
Anderson Toshiyuki Sasaki
7bc709f670
libssh: avoid options override by configuration files
Previously, options set explicitly through command line options could be
overridden by the configuration files parsed automatically when
ssh_connect() was called.

By calling ssh_options_parse_config() explicitly, the configuration
files are parsed before setting the options, avoiding the options
override.  Once the configuration files are parsed, the automatic
configuration parsing is not executed.

Fixes #4972
Closes #5283
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2020-04-25 00:53:11 +02:00
Daniel Stenberg
a96c7529eb
select: make Curl_socket_check take timediff_t timeout
Coverity found CID 1461718:

Integer handling issues (CONSTANT_EXPRESSION_RESULT) "timeout_ms >
9223372036854775807L" is always false regardless of the values of its
operands. This occurs as the logical second operand of "||".

Closes #5240
2020-04-23 15:57:23 +02:00
Jay Satiro
c0e139a60d transfer: Switch PUT to GET/HEAD on 303 redirect
Prior to this change if there was a 303 reply to a PUT request then
the subsequent request to respond to that redirect would also be a PUT.
It was determined that was most likely incorrect based on the language
of the RFCs. Basically 303 means "see other" resource, which implies it
is most likely not the same resource, therefore we should not try to PUT
to that different resource.

Refer to the discussions in #5237 and #5248 for more information.

Fixes https://github.com/curl/curl/issues/5237
Closes https://github.com/curl/curl/pull/5248
2020-04-22 17:56:17 -04:00
Daniel Stenberg
bffa116535
lib/mk-ca-bundle: skip empty certs
Reviewed-by: Emil Engler
Reported-by: Ashwin Metpalli
Fixes #5278
Closes #5280
2020-04-22 22:55:08 +02:00
Daniel Stenberg
3fdc4bdb5b
version: skip idn2_check_version() check and add precaution
A gcc-10's -fanalyze complaint made me spot and do these improvements.

Closes #5281
2020-04-22 22:52:32 +02:00
Emil Engler
2d137dedb3
GnuTLS: Don't skip really long certificate fields
Closes #5271
2020-04-21 08:10:55 +02:00
Daniel Stenberg
0891fe7ade
gnutls: bump lowest supported version to 3.1.10
GnuTLS 3.1.10 added new functions we want to use. That version was
released on Mar 22, 2013. Removing support for older versions also
greatly simplifies the code.

Ref: #5271
Closes #5276
2020-04-21 08:09:41 +02:00
Daniel Stenberg
10fece336f
mqtt: make NOSTATE get within the debug name array 2020-04-20 23:27:04 +02:00
Daniel Stenberg
093a9e0014
mqtt: remove code with no purpose
Detected by Coverity. CID 1462319.

"The same code is executed when the condition result is true or false,
because the code in the if-then branch and after the if statement is
identical."

Closes #5275
2020-04-20 22:35:48 +02:00
Daniel Stenberg
96c149685b
mqtt: fix Curl_read() error handling while reading remaining length
Detected by Coverity. CID 1462320.

Closes #5274
2020-04-20 22:34:44 +02:00
Daniel Stenberg
df28ed6116
http: free memory when Alt-Used header creation fails due to OOM
Reported-by: James Fuller
Fixes #5268
Closes #5269
2020-04-20 14:24:56 +02:00
Daniel Gustafsson
10822c652c lib: fix typos in comments and errormessages
This fixes a few randomly spotted typos in recently merged code, most
notably one in a userfacing errormessage the schannel code.
2020-04-20 10:12:22 +02:00
Johannes Schindelin
ff7a3107ed
multi-ssl: reset the SSL backend on Curl_global_cleanup()
When cURL is compiled with support for multiple SSL backends, it is
possible to configure an SSL backend via `curl_global_sslset()`, but
only *before* `curl_global_init()` was called.

If another SSL backend should be used after that, a user might be
tempted to call `curl_global_cleanup()` to start over. However, we did
not foresee that use case and forgot to reset the SSL backend in that
cleanup.

Let's allow that use case.

Fixes #5255
Closes #5257
Reported-by: davidedec on github
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2020-04-20 09:15:47 +02:00
Daniel Stenberg
5811beba39
mqtt: improve the state machine
To handle PUBLISH before SUBACK and more.

Updated the existing tests and added three new ones.

Reported-by: Christoph Krey
Bug: https://curl.haxx.se/mail/lib-2020-04/0021.html
Closes #5246
2020-04-20 08:09:33 +02:00
Patrick Monnerat
d7471c1369
mime: properly check Content-Type even if it has parameters
New test 669 checks this fix is effective.

Fixes #5256
Closes #5258
Reported-by: thanhchungbtc on github
2020-04-19 20:52:48 +02:00
Anderson Toshiyuki Sasaki
14bf7eb6e5
libssh: Use new ECDSA key types to check known hosts
From libssh 0.9.0, ssh_key_type() returns different key types for ECDSA
keys depending on the curve.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Fixes #5252
Closes #5253
2020-04-17 23:22:26 +02:00
Daniel Stenberg
4cd239fbf6
copyright: bump the copyright year range 2020-04-15 09:24:49 +02:00
Bjorn Stenberg
2522903b79
mqtt: add new experimental protocol
Closes #5173
2020-04-14 13:03:40 +02:00
Nathaniel R. Lewis
7fa1578471
cmake: add aliases so exported target names are available in tree
Reviewed-by: Brad King
Closes #5206
2020-04-13 23:27:35 +02:00
Daniel Stenberg
f62bd9db90
version: increase buffer space for ssl version output
To avoid it getting truncated, especially when several SSL backends are
built-in.

Reported-by: Gisle Vanem
Fixes #5222
Closes #5226
2020-04-13 22:26:53 +02:00
Andrew Kurushin
c35af29222 schannel: Fix blocking timeout logic
- Fix schannel_send for the case when no timeout was set.

Prior to this change schannel would error if the socket was not ready
to send data and no timeout was set.

This commit is similar to parent commit 89dc6e0 which recently made the
same change for SOCKS, for the same reason. Basically it was not well
understood that when Curl_timeleft returns 0 it is not a timeout of 0 ms
but actually means no timeout.

Fixes https://github.com/curl/curl/issues/5177
Closes https://github.com/curl/curl/pull/5221
2020-04-12 18:32:17 -04:00
Jay Satiro
0510cce8c0 socks: Fix blocking timeout logic
- Document in Curl_timeleft's comment block that returning 0 signals no
  timeout (ie there's infinite time left).

- Fix SOCKS' Curl_blockread_all for the case when no timeout was set.

Prior to this change if the timeout had a value of 0 and that was passed
to SOCKET_READABLE it would return right away instead of blocking. That
was likely because it was not well understood that when Curl_timeleft
returns 0 it is not a timeout of 0 ms but actually means no timeout.

Ref: https://github.com/curl/curl/pull/5214#issuecomment-612512360

Closes https://github.com/curl/curl/pull/5220
2020-04-12 18:32:16 -04:00
Marc Hoersken
be28bc2241 gopher: check remaining time left during write busy loop
Prior to this change gopher's blocking code would block forever,
ignoring any set timeout value.

Assisted-by: Jay Satiro
Reviewed-by: Daniel Stenberg

Similar to #5220 and #5221
Closes #5214
2020-04-12 18:32:14 -04:00
Dirkjan Bussink
d590908318
gnutls: ensure TLS 1.3 when SRP isn't requested
When SRP is requested in the priority string, GnuTLS will disable
support for TLS 1.3. Before this change, curl would always add +SRP to
the priority list, effectively always disabling TLS 1.3 support.

With this change, +SRP is only added to the priority list when SRP
authentication is also requested. This also allows updating the error
handling here to not have to retry without SRP. This is because SRP is
only added when requested and in that case a retry is not needed.

Closes #5223
2020-04-13 00:06:02 +02:00
Daniel Stenberg
5afa07fab5
Revert "file: on Windows, refuse paths that start with \\"
This reverts commit 1b71bc532b.

Reminded-by: Chris Roberts
Bug: https://curl.haxx.se/mail/archive-2020-04/0013.html

Closes #5215
2020-04-11 18:20:38 +02:00
Jay Satiro
53f4070827 lib: fix conversion warnings for SOCKET_WRITABLE/READABLE
- If loss of data may occur converting a timediff_t to time_t and
  the time value is > TIME_T_MAX then treat it as TIME_T_MAX.

This is a follow-up to 8843678 which removed the (time_t) typecast
from the macros so that conversion warnings could be identified.

Closes https://github.com/curl/curl/pull/5199
2020-04-11 02:52:25 -04:00
Daniel Stenberg
d4afa0fc20
url: allow non-HTTPS altsvc-matching for debug builds
This is already partly supported but this part was missing.
Reported-by: James Fuller

Closes #5205
2020-04-09 17:46:24 +02:00