1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-11 03:55:03 -05:00
Commit Graph

22583 Commits

Author SHA1 Message Date
Florin
2b5b37cb91
auth: add support for RFC7616 - HTTP Digest access authentication
Signed-off-by: Florin <petriuc.florin@gmail.com>
2017-10-28 16:32:43 +02:00
Daniel Bankhead
1d0c8dea95
TODO: support multiple Content-Encodings
Closes #2002
2017-10-28 11:01:32 +02:00
Daniel Stenberg
516d3b9ff9
ROADMAP: cleanup
Removed done stuff. Removed entries no longer considered for the near
term.
2017-10-28 10:54:20 +02:00
Magicansk
cb361b4a5e
ROADMAP.md: spelling fixes
Closes #2028
2017-10-28 10:49:56 +02:00
Daniel Stenberg
0d85eed3df
Curl_timeleft: change return type to timediff_t
returning 'time_t' is problematic when that type is unsigned and we
return values less than zero to signal "already expired", used in
several places in the code.

Closes #2021
2017-10-28 10:40:51 +02:00
Daniel Stenberg
9dfc541dd7
appveyor: add a win32 build 2017-10-27 23:40:04 +02:00
Daniel Stenberg
961c8667d2
setopt: fix CURLOPT_SSH_AUTH_TYPES option read
Regression since f121575c0b

Reported-by: Rob Cotrone
2017-10-27 22:57:51 +02:00
Marcel Raad
733190413f
resolvers: only include anything if needed
This avoids warnings about unused stuff.

Closes https://github.com/curl/curl/pull/2023
2017-10-27 13:20:13 +02:00
Daniel Stenberg
36bbbeb7c2
HELP-US: rename the subtitle too since the label is changed
"PR-welcome" was the former name.
2017-10-27 11:19:44 +02:00
Daniel Stenberg
fe03485e93
curl_setup.h: oops, shorten the too long line 2017-10-27 11:12:45 +02:00
Martin Storsjo
9e76dbe054
curl_setup: Improve detection of CURL_WINDOWS_APP
If WINAPI_FAMILY is defined, it should be safe to try to include
winapifamily.h to check what the define evaluates to.

This should fix detection of CURL_WINDOWS_APP if building with
_WIN32_WINNT set to 0x0600.

Closes #2025
2017-10-27 11:02:42 +02:00
Jay Satiro
979d2877be transfer: Fix chunked-encoding upload bug
- When uploading via chunked-encoding don't compare file size to bytes
  sent to determine whether the upload has finished.

Chunked-encoding adds its own overhead which why the bytes sent is not
equal to the file size. Prior to this change if a file was uploaded in
chunked-encoding and its size was known it was possible that the upload
could end prematurely without sending the final few chunks. That would
result in a server hang waiting for the remaining data, likely followed
by a disconnect.

The scope of this bug is limited to some arbitrary file sizes which have
not been determined. One size that triggers the bug is 475020.

Bug: https://github.com/curl/curl/issues/2001
Reported-by: moohoorama@users.noreply.github.com

Closes https://github.com/curl/curl/pull/2010
2017-10-26 14:34:46 -04:00
Daniel Stenberg
788d333573
timeval: make timediff_t also work on 32bit windows
... by using curl_off_t for the typedef if time_t is larger than 4
bytes.

Reported-by: Gisle Vanem
Bug: b9d25f9a6b (co)
mmitcomment-25205058
Closes #2019
2017-10-26 20:22:55 +02:00
Daniel Stenberg
f0364f7e31
curl_fnmatch: return error on illegal wildcard pattern
... instead of doing an infinite loop!

Added test 1162 to verify.

Reported-by: Max Dymond
Fixes #2015
Closes #2017
2017-10-26 13:37:45 +02:00
Max Dymond
7b11c5dbe6
wildcards: don't use with non-supported protocols
Fixes timeouts in the fuzzing tests for non-FTP protocols.

Closes #2016
2017-10-26 13:34:45 +02:00
Max Dymond
3340b456a5 multi: allow table handle sizes to be overridden
Allow users to specify their own hash define for
CURL_CONNECTION_HASH_SIZE so that both values can be overridden.

Closes #1982
2017-10-25 18:50:02 +02:00
Daniel Stenberg
5d543fe906 time: rename Curl_tvnow to Curl_now
... since the 'tv' stood for timeval and this function does not return a
timeval struct anymore.

Also, cleaned up the Curl_timediff*() functions to avoid typecasts and
clean up the descriptive comments.

Closes #2011
2017-10-25 18:48:05 +02:00
Daniel Stenberg
1d72b5b891 ftplistparser: follow-up cleanup to remove PL_ERROR() 2017-10-25 18:45:14 +02:00
Max Dymond
f786d1f143 ftplistparser: free off temporary memory always
When using the FTP list parser, ensure that the memory that's
allocated is always freed.

Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3682
Closes #2013
2017-10-25 18:44:47 +02:00
Daniel Stenberg
b9d25f9a6b timediff: return timediff_t from the time diff functions
... to cater for systems with unsigned time_t variables.

- Renamed the functions to curlx_timediff and Curl_timediff_us.

- Added overflow protection for both of them in either direction for
  both 32 bit and 64 bit time_ts

- Reprefixed the curlx_time functions to use Curl_*

Reported-by: Peter Piekarski
Fixes #2004
Closes #2005
2017-10-25 09:54:37 +02:00
Paul Howarth
016c6a6abb libtest: Add required test libraries for lib1552 and lib1553
They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too.

This fixes build failures on Fedora 13.

Closes #2006
2017-10-24 13:29:31 +02:00
Alessandro Ghedini
7408570bf0 libcurl-tutorial.3: fix typo
closes #2008
2017-10-24 13:27:41 +02:00
Alessandro Ghedini
f6535791fa curl_mime_filedata.3: fix typos 2017-10-23 23:23:23 +01:00
Daniel Stenberg
6746f8aa97
RELEASE-NOTES: clean slate towards 7.57.0 2017-10-23 13:33:04 +02:00
Max Dymond
2de63ab179
travis: exit if any steps fail
We don't expect any steps to fail in travis. Exit the script if they do.

Closes #1966
2017-10-23 08:59:38 +02:00
Daniel Stenberg
c514af5a4f
RELEASE-NOTES: 7.56.1 2017-10-23 07:51:20 +02:00
Daniel Stenberg
adbfb42889
THANKS: update at 7.56.1 release time 2017-10-23 07:51:20 +02:00
Jon DeVree
fdd879d549
mk-ca-bundle: Remove URL for aurora
Aurora is no longer used by Mozilla
https://hacks.mozilla.org/2017/04/simplifying-firefox-release-channels/
2017-10-22 23:38:31 +02:00
Jon DeVree
f571651a0d
mk-ca-bundle: Fix URL for NSS
The 'tip' is the most recent branch committed to, this should be
'default' like the URLs for the browser are.

Closes #1998
2017-10-22 23:38:23 +02:00
Daniel Stenberg
13c9a9ded3
imap: if a FETCH response has no size, don't call write callback
CVE-2017-1000257

Reported-by: Brian Carpenter and 0xd34db347
Also detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3586
2017-10-22 16:02:43 +02:00
Daniel Stenberg
769647e714
ftp: reject illegal IP/port in PASV 227 response
... by using range checks. Among other things, this avoids an undefined
behavior for a left shift that could happen on negative or very large
values.

Closes #1997

Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
2017-10-20 15:06:25 +02:00
Patrick Monnerat
8351ab4510 test653: check reuse of easy handle after mime data change
See issue #1999
2017-10-20 14:01:14 +01:00
Patrick Monnerat
cea27d3454 mime: do not reuse previously computed multipart size
The contents might have changed: size must be recomputed.

Reported-by: moteus on github
Fixes #1999
2017-10-20 13:57:12 +01:00
Patrick Monnerat
aeaa22de8e test308: disable if MultiSSL feature enabled
Even if OpenSSL is enabled, it might not be the default backend when
multi-ssl is enabled, causing the test to fail.
2017-10-19 20:16:05 +01:00
Patrick Monnerat
7363d5a928 runtests: support MultiSSL client feature 2017-10-19 20:15:21 +01:00
Patrick Monnerat
8aee8a6a2d vtls: change struct Curl_ssl close' field name to close_one'.
On OS/400, `close' is an ASCII system macro that corrupts the code if
not used in a context not targetting the close() system API.
2017-10-19 19:55:17 +01:00
Patrick Monnerat
a4fc19eb4d os400: add missing symbols in config file.
Also adjust makefile to renamed files and warn about installation dirs mix-up.
2017-10-19 18:48:21 +01:00
Patrick Monnerat
34def509ef test652: curl_mime_data + base64 encoder with large contents 2017-10-19 18:37:19 +01:00
Patrick Monnerat
a8742efe42 mime: limit bas64-encoded lines length to 76 characters 2017-10-19 18:33:27 +01:00
Daniel Stenberg
2509395ecf
RELEASE-NOTES: synced with f121575c0 2017-10-16 11:07:30 +02:00
Daniel Stenberg
f121575c0b
setopt: range check most long options
... filter early instead of risking "funny values" having to be dealt
with elsewhere.
2017-10-16 09:23:33 +02:00
Daniel Stenberg
172ce9cc19
setopt: avoid integer overflows when setting millsecond values
... that are multiplied by 1000 when stored.

For 32 bit long systems, the max value accepted (2147483 seconds) is >
596 hours which is unlikely to ever be set by a legitimate application -
and previously it didn't work either, it just caused undefined behavior.

Also updated the man pages for these timeout options to mention the
return code.

Closes #1938
2017-10-16 09:23:19 +02:00
Viktor Szakats
4440b6ad57 makefile.m32: allow to override gcc, ar and ranlib
Allow to ovverride certain build tools, making it possible to
use LLVM/Clang to build curl. The default behavior is unchanged.
To build with clang (as offered by MSYS2), these settings can
be used:

CURL_CC=clang
CURL_AR=llvm-ar
CURL_RANLIB=llvm-ranlib

Closes https://github.com/curl/curl/pull/1993
2017-10-15 19:42:32 +00:00
Viktor Szakats
748f5301c0 ldap: silence clang warning
Use memset() to initialize a structure to avoid LLVM/Clang warning:
ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers]

Closes https://github.com/curl/curl/pull/1992
2017-10-15 15:59:43 +00:00
Daniel Stenberg
ed0b6b18f6
runtests: use valgrind for torture as well
NOTE: it makes them terribly slow. I recommend only using valgrind for
specific torture tests or using lots of patience.
2017-10-14 17:40:21 +02:00
Daniel Stenberg
ad164eceb3
memdebug: trace send, recv and socket
... to allow them to be included in torture tests too.

closes #1980
2017-10-14 17:40:12 +02:00
Daniel Stenberg
4af3c777a9
configure: remove the C++ compiler check
... we used it only for the fuzzer, which we now have in a separate git
repo.

Closes #1990
2017-10-14 17:30:42 +02:00
Patrick Monnerat
d7e4230538 mime: do not call failf() if easy handle is NULL. 2017-10-13 17:16:57 +01:00
Daniel Stenberg
10a659dbf6
test651: curl_formadd with huge COPYCONTENTS 2017-10-13 07:55:47 +02:00
Daniel Stenberg
5f9e2ca09b
mime: fix the content reader to handle >16K data properly
Reported-by: Jeroen Ooms
Closes #1988
2017-10-13 07:55:10 +02:00