1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 16:48:49 -05:00
Commit Graph

11282 Commits

Author SHA1 Message Date
Daniel Stenberg
2e645e21de
parsedate: tune the date to epoch conversion
By avoiding an unnecessary error check and the temp use of the tm
struct, the time2epoch conversion function gets a little bit faster.
When repeating test 517, the updated version is perhaps 1% faster (on
one particular build on one particular architecture).

Closes #5985
2020-09-21 16:46:41 +02:00
Daniel Stenberg
3d8731c8f5
ftp: avoid risk of reading uninitialized integers
If the received PASV response doesn't match the expected pattern, we
could end up reading uninitialized integers for IP address and port
number.

Issue pointed out by muse.dev
Closes #5972
2020-09-18 08:26:49 +02:00
Quentin Balland
7921b41ce1
easy_reset: clear retry counter
Closes #5975
Fixes #5974
2020-09-18 07:59:24 +02:00
Daniel Stenberg
cc372af1e9
ftp: get rid of the PPSENDF macro
The use of such a macro hides some of what's actually going on to the
reader and is generally disapproved of in the project.

Closes #5971
2020-09-18 07:56:16 +02:00
Emil Engler
c0f0e400e0
urlapi: use more Curl_safefree
Closes #5968
2020-09-17 09:44:36 +02:00
Marc Hoersken
1060955a61
multi: align WinSock mask variables in Curl_multi_wait
Also skip pre-checking sockets to set timeout_ms to 0
after the first socket has been detected to be ready.

Reviewed-by: rcombs on github
Reviewed-by: Daniel Stenberg

Follow up to #5886
2020-09-17 07:41:14 +02:00
Marc Hoersken
40d67da7ca
multi: reuse WinSock events variable in Curl_multi_wait
Since the struct is quite large (1 long and 10 ints) we
declare it once at the beginning of the function instead
of multiple times inside loops to avoid stack movements.

Reviewed-by: Viktor Szakats
Reviewed-by: Daniel Stenberg

Closes #5886
2020-09-17 07:40:49 +02:00
Gergely Nagy
182ff2d63c
vtls: deduplicate client certificates in ssl_config_data
Closes #5629
2020-09-14 12:56:47 +02:00
Daniel Stenberg
7ea2e1d0c5
ftp: a 550 response to SIZE returns CURLE_REMOTE_FILE_NOT_FOUND
This is primarily interesting for cases where CURLOPT_NOBODY is set as
previously curl would not return an error for this case.

MDTM getting 550 now also returns this error (it returned
CURLE_FTP_COULDNT_RETR_FILE before) in order to unify return codes for
missing files across protocols and specific FTP commands.

libcurl already returns error on a 550 as a MDTM response (when
CURLOPT_FILETIME is set). If CURLOPT_NOBODY is not set, an error would
happen subsequently anyway since the RETR command would fail.

Add test 1913 and 1914 to verify. Updated several tests accordingly due
to the updated SIZE behavior.

Reported-by: Tomas Berger
Fixes #5953
Closes #5957
2020-09-14 12:53:12 +02:00
Antarpreet Singh
da5ae38db0
imap: set cselect_bits to CURL_CSELECT_IN initially
... when continuing a transfer from a FETCH response.

When the size of the file was small enough that the entirety of the
transfer happens in a single go and schannel buffers holds the entire
data. However, it wasn't completely read in Curl_pp_readresp since a
line break was found before that could happen. So, by the time we are in
imap_state_fetch_resp - there's data in buffers that needs to be read
via Curl_read but nothing to read from the socket. After we setup a
transfer (Curl_setup_transfer), curl just waits on the socket state to
change - which doesn't happen since no new data ever comes.

Closes #5961
2020-09-14 12:29:44 +02:00
Daniel Stenberg
c4ea71ae32
dynbuf: provide curlx_ names for reuse by the curl tool
Closes #5946
2020-09-14 08:32:35 +02:00
Daniel Stenberg
9fffe925d2
dynbuf: make sure Curl_dyn_tail() zero terminates
Closes #5959
2020-09-14 08:29:46 +02:00
Laramie Leavitt
25a25f45ae
http: consolidate nghttp2_session_mem_recv() call paths
Previously there were several locations that called
nghttp2_session_mem_recv and handled responses slightly differently.
Those have been converted to call the existing
h2_process_pending_input() function.

Moved the end-of-session check to h2_process_pending_input() since the
only place the end-of-session state can change is after nghttp2
processes additional input frames.

This will likely fix the fuzzing error. While I don't have a root cause
the out-of-bounds read seems like a use after free, so moving the
nghttp2_session_check_request_allowed() call to a location with a
guaranteed nghttp2 session seems reasonable.

Also updated a few nghttp2 callsites to include error messages and added
a few additional error checks.

Closes #5648
2020-09-10 17:43:47 +02:00
Daniel Stenberg
11ab0ad60f
base64: also build for pop3 and imap
Follow-up to the fix in 20417a13fb

Reported-by: Michael Olbrich
Fixes #5937
Closes #5948
2020-09-10 08:50:04 +02:00
Daniel Stenberg
20417a13fb
base64: enable in build with SMTP
The oauth2 support is used with SMTP and it uses base64 functions.

Reported-by: Michael Olbrich
Fixes #5937
Closes #5938
2020-09-09 09:23:06 +02:00
Daniel Stenberg
17fcdf6a31
lib: fix -Wassign-enum warnings
configure --enable-debug now enables -Wassign-enum with clang,
identifying several enum "abuses" also fixed.

Reported-by: Gisle Vanem
Bug: 879007f811 (commitcomment-42087553)

Closes #5929
2020-09-08 13:53:02 +02:00
Diven Qi
3532262edd
url: use blank credentials when using proxy w/o username and password
Fixes proxy regression brought in commit ad829b21ae (7.71.0)

Fixed #5911
Closes #5914
2020-09-08 00:48:09 +02:00
Daniel Stenberg
6d946ad9fe
openssl: consider ALERT_CERTIFICATE_EXPIRED a failed verification
If the error reason from the lib is
SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED, libcurl will return
CURLE_PEER_FAILED_VERIFICATION and not CURLE_SSL_CONNECT_ERROR.

This unifies the libcurl return code and makes libressl run test 313
(CRL testing) fine.

Closes #5934
2020-09-07 17:26:27 +02:00
Daniel Stenberg
f93455eb04
altsvc: clone setting in curl_easy_duphandle
The cache content is not duplicated, like other caches, but the setting
and specified file name are.

Test 1908 is extended to verify this somewhat. Since the duplicated
handle gets the same file name, the test unfortunately overwrites the
same file twice (with different contents) which makes it hard to check
automatically.

Closes #5923
2020-09-06 09:54:54 +02:00
Daniel Stenberg
bbf8cae44d
build: drop support for building with Watcom
These files are not maintained, they seem to have no users, Watcom
compilers look like not having users nor releases anymore.

Closes #5918
2020-09-05 21:51:37 +02:00
Daniel Stenberg
879007f811
easygetopt: pass a valid enum to avoid compiler warning
"integer constant not in range of enumerated type 'CURLoption'"

Reported-by: Gisle Vanem
Bug: 6ebe63fac2 (commitcomment-42042843)

Closes #5915
2020-09-05 14:44:11 +02:00
ihsinme
d1d3105317
connect.c: remove superfluous 'else' in Curl_getconnectinfo
Closes #5912
2020-09-04 13:31:51 +02:00
cbe
a27af8b510
libssh2: pass on the error from ssh_force_knownhost_key_type
Closes #5909
2020-09-03 18:02:27 +02:00
Martin Bašti
3eff1c5092
http_proxy: do not crash with HTTPS_PROXY and NO_PROXY set
... in case NO_PROXY takes an effect

Without this patch, the following command crashes:

    $ GIT_CURL_VERBOSE=1 NO_PROXY=github.com HTTPS_PROXY=https://example.com \
        git clone https://github.com/curl/curl.git

Minimal libcurl-based reproducer:

    #include <curl/curl.h>

    int main() {
      CURL *curl = curl_easy_init();
      if(curl) {
        CURLcode ret;
        curl_easy_setopt(curl, CURLOPT_URL, "https://github.com/");
        curl_easy_setopt(curl, CURLOPT_PROXY, "example.com");
        /* set the proxy type */
        curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTPS);
        curl_easy_setopt(curl, CURLOPT_NOPROXY, "github.com");
        curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
        ret = curl_easy_perform(curl);
        curl_easy_cleanup(curl);
        return ret;
      }
      return -1;
    }

Assisted-by: Kamil Dudka
Bug: https://bugzilla.redhat.com/1873327
Closes #5902
2020-09-03 08:01:56 +02:00
Daniel Stenberg
b3fbb2fb9d
openssl: avoid error conditions when importing native CA
The code section that is OpenSSL 3+ specific now uses the same logic as
is used in the version < 3 section. It caused a compiler error without
it.

Closes #5907
2020-09-02 22:47:52 +02:00
Daniel Stenberg
dd51f04b11
setopt: avoid curl_ on local variable
Closes #5906
2020-09-02 22:41:59 +02:00
Daniel Stenberg
5507a6ae41
mqtt.c: avoid curl_ prefix on local variable
Closes #5906
2020-09-02 22:41:59 +02:00
Daniel Stenberg
c26446ff5e
wildcard: strip "curl_" prefix from private symbols
Closes #5906
2020-09-02 22:41:59 +02:00
Daniel Stenberg
3acb2abdf5
vtls: make it 'struct Curl_ssl_session'
Use uppercase C for internal symbols.

Closes #5906
2020-09-02 22:41:59 +02:00
Daniel Stenberg
221a584df9
curl_threads: make it 'struct Curl_actual_call'
Internal names should not be prefixed "curl_"

Closes #5906
2020-09-02 22:41:59 +02:00
Daniel Stenberg
add7022666
schannel: make it 'struct Curl_schannel*'
As internal global names should use captical C.

Closes #5906
2020-09-02 22:41:59 +02:00
Daniel Stenberg
9e90ff0839
hash: make it 'struct Curl_hash'
As internal global names should use captical C.

Closes #5906
2020-09-02 22:41:58 +02:00
Daniel Stenberg
9b3f888a00
llist: make it "struct Curl_llist"
As internal global names should use captical C.

Closes #5906
2020-09-02 22:41:58 +02:00
Marc Hoersken
8bdc4f8aee
telnet.c: depend on static requirement of WinSock version 2
Drop dynamic loading of ws2_32.dll and instead rely on the
imported version which is now required to be at least 2.2.

Reviewed-by: Marcel Raad
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Reviewed-by: Viktor Szakats

Closes #5854
2020-09-02 16:33:03 +02:00
Marc Hoersken
3e4b32a3e1
win32: drop support for WinSock version 1, require version 2
IPv6, telnet and now also the multi API require WinSock
version 2 which is available starting with Windows 95.

Therefore we think it is time to drop support for version 1.

Reviewed-by: Marcel Raad
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Reviewed-by: Viktor Szakats

Follow up to #5634
Closes #5854
2020-09-02 16:30:39 +02:00
Marc Hoersken
20d74b7393
select: align poll emulation to return all relevant events
The poll emulation via select already consumes POLLRDNORM,
POLLWRNORM and POLLRDBAND as input events. Therefore it
should also return them as output events if signaled.

Also fix indentation in input event handling block.

Assisted-by: Jay Satiro
Reviewed-by: Daniel Stenberg

Replaces #5852
Closes #5883
2020-09-02 16:26:20 +02:00
Daniel Stenberg
64586af926
lib/Makefile.am: bump VERSIONINFO due to new functions
... we're generally bad at this, but we are adding new functions for
this release.

Closes #5899
2020-09-01 16:27:43 +02:00
Daniel Stenberg
e250b568b8
optiontable: use DEBUGBUILD
Follow-up to commit 6e18568ba3 (#5877)
2020-09-01 16:02:27 +02:00
Daniel Stenberg
e37e446868
mqtt: enable by default
No longer considered experimental.

Closes #5858
2020-08-31 09:45:09 +02:00
Michael Baentsch
ede125b7b7
tls: add CURLOPT_SSL_EC_CURVES and --curves
Closes #5892
2020-08-30 17:24:04 +02:00
Daniel Stenberg
a337355487
url: remove funny embedded comments in Curl_disonnect calls 2020-08-30 17:03:48 +02:00
Chris Paulson-Ellis
728f8d3bdc
conn: check for connection being dead before reuse
Prevents incorrect reuse of an HTTP connection that has been prematurely
shutdown() by the server.

Partial revert of 755083d00d

Fixes #5884
Closes #5893
2020-08-30 16:59:16 +02:00
Marcel Raad
f504f18641 ntlm: fix condition for curl_ntlm_core usage
`USE_WINDOWS_SSPI` without `USE_WIN32_CRYPTO` but with any other DES
backend is fine, but was excluded before.

This also fixes test 1013 as the condition for SMB support in
configure.ac didn't match the condition in the source code. Now it
does.

Fixes https://github.com/curl/curl/issues/1262
Closes https://github.com/curl/curl/pull/5771
2020-08-29 10:08:32 +02:00
Marc Hoersken
05729b66c5
select: simplify return code handling for poll and select
poll and select already return -1 on error according to POSIX,
so there is no need to perform a <0 to -1 conversion in code.

Also we can just use one check with <= 0 on the return code.

Assisted-by: Daniel Stenberg
Reviewed-by: Jay Satiro

Replaces #5852
Closes #5880
2020-08-29 09:48:59 +02:00
Daniel Stenberg
6e18568ba3
easyoptions: provide debug function when DEBUGBUILD
... not CURLDEBUG as they're not always set in conjunction.

Follow-up to 6ebe63fac2

Fixes #5877
Closes #5878
2020-08-28 23:35:12 +02:00
Marc Hoersken
003e81e2a3
multi: handle connection state winsock events
Learn from the way Cygwin handles and maps the WinSock events
to simulate correct and complete poll and select behaviour
according to Richard W. Stevens Network Programming book.

Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad

Follow up to #5634
Closes #5867
2020-08-28 17:57:52 +02:00
Daniel Stenberg
a2c85bb8e4
Curl_pgrsTime - return new time to avoid timeout integer overflow
Setting a timeout to INT_MAX could cause an immediate error to get
returned as timeout because of an overflow when different values of
'now' were used.

This is primarily fixed by having Curl_pgrsTime() return the "now" when
TIMER_STARTSINGLE is set so that the parent function will continue using
that time.

Reported-by: Ionuț-Francisc Oancea
Fixes #5583
Closes #5847
2020-08-28 14:16:41 +02:00
Daniel Stenberg
68a5132474
TLS: fix SRP detection by using the proper #ifdefs
USE_TLS_SRP will be true if *any* selected TLS backend can use SRP

HAVE_OPENSSL_SRP is defined when OpenSSL can use it

HAVE_GNUTLS_SRP is defined when GnuTLS can use it

Clarify in the curl_verison_info docs that CURL_VERSION_TLSAUTH_SRP is
set if at least one of the supported backends offers SRP.

Reported-by: Stefan Strogin
Fixes #5865
Closes #5870
2020-08-28 14:13:05 +02:00
Emil Engler
616c30ad67
lib: make Curl_gethostname accept a const pointer
The address of that variable never gets changed, only the data in it so
why not make it a "char * const"?

Closes #5866
2020-08-27 22:52:22 +02:00
Daniel Stenberg
ad691b191a
configure: added --disable-get-easy-options
To allow disabling of the curl_easy_option APIs in a build.

Closes #5365
2020-08-27 14:17:42 +02:00