1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-14 05:25:06 -05:00
Commit Graph

26103 Commits

Author SHA1 Message Date
Daniel Stenberg
69bfde4515
http2: only do the *done() cleanups for HTTP
Follow-up to ef86daf4d3

Closes #5650
Fixes #5646
2020-07-04 01:13:50 +02:00
Alex Kiernan
0fda8db95c
gnutls: repair the build with CURL_DISABLE_PROXY
`http_proxy`/`proxy_ssl`/`tunnel_proxy` will not be available in `conn`
if `CURL_DISABLE_PROXY` is enabled.  Repair the build with that
configuration.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Closes #5645
2020-07-04 00:18:43 +02:00
Alex Kiernan
691df98d51 gnutls: Fetch backend when using proxy
Fixes: 89865c149 ("gnutls: remove the BACKEND define kludge")
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
2020-07-03 14:11:37 +01:00
Laramie Leavitt
ef86daf4d3
http2: close the http2 connection when no more requests may be sent
Well-behaving HTTP2 servers send two GOAWAY messages. The first
message is a warning that indicates that the server is going to
stop accepting streams. The second one actually closes the stream.

nghttp2 reports this state (and the other state of no more stream
identifiers) via the call nghttp2_session_check_request_allowed().
In this state the client should not create more streams on the
session (tcp connection), and in curl this means that the server
has requested that the connection is closed.

It would be also be possible to put the connclose() call into the
on_http2_frame_recv() function that triggers on the GOAWAY message.

This fixes a bug seen when the client sees the following sequence of
frames:

// advisory GOAWAY
HTTP2 GOAWAY [stream-id = 0, promised-stream-id = -1]
... some additional frames

// final GOAWAY
HTTP2 GOAWAY [stream-id = 0, promised-stream-id = N ]

Before this change, curl will attempt to reuse the connection even
after the last stream, will encounter this error:

* Found bundle for host localhost: 0x5595f0a694e0 [can multiplex]
* Re-using existing connection! (#0) with host localhost
* Connected to localhost (::1) port 10443 (#0)
* Using Stream ID: 9 (easy handle 0x5595f0a72e30)
> GET /index.html?5 HTTP/2
> Host: localhost:10443
> user-agent: curl/7.68.0
> accept: */*
>
* stopped the pause stream!
* Connection #0 to host localhost left intact
curl: (16) Error in the HTTP2 framing layer

This error may posion the connection cache, causing future requests
which resolve to the same curl connection to go through the same error
path.

Closes #5643
2020-07-03 11:16:48 +02:00
Daniel Stenberg
1535363e72
ftpserver: don't verify SMTP MAIL FROM names
Rely on tests asking the names to get refused instead - test servers
should be as dumb as possible. Edited test 914, 955 and 959 accordingly.

Closes #5639
2020-07-03 10:10:30 +02:00
Daniel Stenberg
54f21be2e3
curl_version_info.3: CURL_VERSION_KERBEROS4 is deprecated
This came up in #5640. It make sense to clarify this in the docs!

Reminded-by: Kamil Dudka
Closes #5642
2020-07-03 00:15:51 +02:00
Kamil Dudka
d2fd845c35 tool_getparam: make --krb option work again
It was disabled by mistake in commit curl-7_37_1-23-ge38ba4301.

Bug: https://bugzilla.redhat.com/1833193
Closes #5640
2020-07-03 00:04:47 +02:00
Jeremy Maitin-Shepard
31f0e864c7
http2: fix nghttp2_strerror -> nghttp2_http2_strerror in debug messages
Confusingly, nghttp2 has two different error code enums:

- nghttp2_error, to be used with nghttp2_strerror
- nghttp2_error_code, to be used with nghttp2_http2_strerror

Closes #5641
2020-07-02 23:37:28 +02:00
Marcel Raad
19b96ba385
url: silence MSVC warning
Since commit f3d501dc67, if proxy support is disabled, MSVC warns:
url.c : warning C4701: potentially uninitialized local variable
'hostaddr' used
url.c : error C4703: potentially uninitialized local pointer variable
'hostaddr' used

That could actually only happen if both `conn->bits.proxy` and
`CURL_DISABLE_PROXY` were enabled.
Initialize it to NULL to silence the warning.

Closes https://github.com/curl/curl/pull/5638
2020-07-02 13:31:22 +02:00
Daniel Stenberg
01afe4e1af
RELEASE-NOTES: synced 2020-07-01 10:37:20 +02:00
Daniel Stenberg
5a1fc8d338
RELEASE-NOTES: curl 7.71.1 2020-06-30 15:30:38 +02:00
Daniel Stenberg
a6f45c3b75
THANKS: add contributors to 7.71.1 2020-06-30 15:30:38 +02:00
Daniel Stenberg
1313d7a356
scripts/copyright.pl: skip .dcignore 2020-06-30 15:30:20 +02:00
Daniel Stenberg
25222b14ef
Revert "multi: implement wait using winsock events"
This reverts commit 8bc25c590e.

That commit (from #5397) introduced a regression in 7.71.0.

Reported-by: tmkk on github
Fixes #5631
Closes #5632
2020-06-30 12:27:23 +02:00
Daniel Stenberg
ea6b812b73
TODO: Add flag to specify download directory 2020-06-29 23:53:27 +02:00
Daniel Stenberg
42320a7120
TODO: return code to CURLMOPT_PUSHFUNCTION to fail connection 2020-06-29 23:50:44 +02:00
Daniel Stenberg
c585bad8e2
cirrus-ci: disable FreeBSD 13 (again)
It has been failing for a good while again. This time we better leave it
disabled until we have more reason to believe it behaves.

Closes #5628
2020-06-29 17:46:48 +02:00
Daniel Stenberg
c891e681bf
ngtcp2: sync with current master
ngtcp2 added two new callbacks

Reported-by: Lucien Zürcher
Fixes #5624
Closes #5627
2020-06-29 17:09:59 +02:00
Daniel Stenberg
600db1e706
examples/multithread.c: call curl_global_cleanup()
Reported-by: qiandu2006 on github
Fixes #5622
Closes #5623
2020-06-29 14:52:56 +02:00
Daniel Stenberg
9bfe665913
vtls: compare cert blob when finding a connection to reuse
Reported-by: Gergely Nagy
Fixes #5617
Closes #5619
2020-06-29 09:01:55 +02:00
Daniel Stenberg
40b4fdb88f
RELEASE-NOTES: synced 2020-06-28 00:35:52 +02:00
Daniel Stenberg
032e838b73
terminology: call them null-terminated strings
Updated terminology in docs, comments and phrases to refer to C strings
as "null-terminated". Done to unify with how most other C oriented docs
refer of them and what users in general seem to prefer (based on a
single highly unscientific poll on twitter).

Reported-by: coinhubs on github
Fixes #5598
Closes #5608
2020-06-28 00:31:24 +02:00
Daniel Stenberg
ff43fb6dec
http: fix proxy auth with blank password
Regression in 7.71.0

Added test case 346 to verify.

Reported-by: Kristoffer Gleditsch
Fixes #5613
Closes #5616
2020-06-28 00:29:59 +02:00
Daniel Stenberg
fc3cba22c7
.dcignore: ignore tests and docs directories
This is a config file for deepcode.ai, a static code analyzer.
2020-06-27 00:07:37 +02:00
Jay Satiro
cb85275377 tool_cb_hdr: Fix etag warning output and return code
- Return 'failure' on failure, to follow the existing style.

- Put Warning: and the warning message on the same line.

Ref: https://github.com/curl/curl/issues/5610

Closes https://github.com/curl/curl/pull/5612
2020-06-26 09:48:58 -04:00
Daniel Stenberg
43f7ffb6c4
CURLOPT_READFUNCTION.3: provide the upload data size up front
Assisted-by: Jay Satiro
Closes #5607
2020-06-26 15:12:21 +02:00
Daniel Stenberg
1529838a14
test1539: do a HTTP 1.0 POST without a set size (fails)
Attempt to reproduce #5593. Test case 1514 is very similar but uses
HTTP/1.1 and thus switches to chunked.

Closes #5595
2020-06-26 15:11:04 +02:00
Baruch Siach
989e6dffc5
mbedtls: fix build with disabled proxy support
Don't reference fields that do not exist. Fixes build failure:

vtls/mbedtls.c: In function 'mbed_connect_step1':
vtls/mbedtls.c:249:54: error: 'struct connectdata' has no member named 'http_proxy'

Closes #5615
2020-06-26 14:20:20 +02:00
Daniel Stenberg
7de2a4ce35
codeql-analysis.yml: fix the 'languages' setting
It needs a 'with:' in front of it.
2020-06-26 08:49:47 +02:00
Daniel Stenberg
7183f5acc3
gtihub: codeql-analysis.yml
enables code security scanning with github actions
2020-06-26 01:06:05 +02:00
Daniel Stenberg
8acfb932ef
tests: verify newline in username and password for HTTP
test 1296 is a simply command line test

test 1910 is a libcurl test including a redirect
2020-06-25 09:57:19 +02:00
Daniel Stenberg
d5ed571948
url: allow user + password to contain "control codes" for HTTP(S)
Reported-by: Jon Johnson Jr
Fixes #5582
Closes #5592
2020-06-25 09:57:19 +02:00
Daniel Stenberg
31e53584db
escape: make the URL decode able to reject only %00 bytes
... or all "control codes" or nothing.

Assisted-by: Nicolas Sterchele
2020-06-25 09:57:18 +02:00
Daniel Stenberg
646cc574f0
http2: set the correct URL in pushed transfers
...previously CURLINFO_EFFECTIVE_URL would report the URL of the
original "mother transfer", not the actually pushed resource.

Reported-by: Jonathan Cardoso Machado
Fixes #5589
Closes #5591
2020-06-25 09:31:21 +02:00
Javier Blazquez
ae3d1e04f6 openssl: Fix compilation on Windows when ngtcp2 is enabled
- Include wincrypt before OpenSSL includes so that the latter can
  properly handle any conflicts between the two.

Closes https://github.com/curl/curl/pull/5606
2020-06-25 03:11:46 -04:00
Daniel Stenberg
79d8099ff0
test543: extended to verify zero length input
As was reported in #5601
2020-06-25 00:00:35 +02:00
Daniel Stenberg
32defc3197
escape: zero length input should return a zero length output
Regression added in 7.71.0.

Fixes #5601
Reported-by: Kristoffer Gleditsch
Closes #5602
2020-06-25 00:00:28 +02:00
Daniel Stenberg
d2baa502fc
Curl_inet_ntop: always check the return code
Reported-by: Siva Sivaraman
Fixes #5412
Closes #5597
2020-06-24 16:04:54 +02:00
Daniel Stenberg
550bcdd442
sendf: improve the message on client write errors
Replace "Failed writing body (X != Y)" with
"Failure writing output to destination". Possibly slightly less cryptic.

Reported-by: coinhubs on github
Fixes #5594
Closes #5596
2020-06-24 16:03:40 +02:00
Daniel Stenberg
7fb33ee871
RELEASE-NOTES: synced 2020-06-24 11:44:22 +02:00
Daniel Stenberg
906bb64ac9
curlver: start working on 7.71.1 2020-06-24 11:44:10 +02:00
Denis Baručić
923296dc1c
DYNBUF.md: fix a typo: trail => tail
Closes #5599
2020-06-24 11:33:02 +02:00
Daniel Stenberg
e9db32a09a
RELEASE-NOTES: curl 7.71.0 release 2020-06-23 23:41:50 +02:00
Daniel Stenberg
cc9144b1f3
THANKS: curl 7.71.0 additions 2020-06-23 23:41:49 +02:00
Daniel Stenberg
ff1c37cbe3
url: make sure pushed streams get an allocated download buffer
Follow-up to c4e6968127

When a new transfer is created, as a resuly of an acknowledged push,
that transfer needs a download buffer allocated.

Closes #5590
2020-06-23 15:13:27 +02:00
Jay Satiro
abbc5d6044 openssl: Don't ignore CA paths when using Windows CA store
This commit changes the behavior of CURLSSLOPT_NATIVE_CA so that it does
not override CURLOPT_CAINFO / CURLOPT_CAPATH, or the hardcoded default
locations. Instead the CA store can now be used at the same time.

The change is due to the impending release. The issue is still being
discussed. The behavior of CURLSSLOPT_NATIVE_CA is subject to change and
is now documented as experimental.

Ref: bc052cc (parent commit)
Ref: https://github.com/curl/curl/issues/5585
2020-06-22 15:31:38 -04:00
Jay Satiro
bc052cc878 tool_operate: Don't use Windows CA store as a fallback
Background:

148534d added CURLSSLOPT_NATIVE_CA to use the Windows OS certificate
store in libcurl w/ OpenSSL on Windows. CURLSSLOPT_NATIVE_CA overrides
CURLOPT_CAINFO if both are set. The curl tool will fall back to
CURLSSLOPT_NATIVE_CA if it could not find a certificate bundle to set
via CURLOPT_CAINFO.

Problem:

libcurl may be built with hardcoded paths to a certificate bundle or
directory, and if CURLSSLOPT_NATIVE_CA is used then those paths are
ignored.

Solution:

A solution is still being discussed but since there's an impending
release this commit removes using CURLSSLOPT_NATIVE_CA in the curl tool.

Ref: https://github.com/curl/curl/issues/5585
2020-06-22 15:26:07 -04:00
Jay Satiro
c9c31b9245 openssl: Fix CA fallback logic for OpenSSL 3.0 build
Prior to this change I assume a build error would occur when
CURL_CA_FALLBACK was used.

Closes https://github.com/curl/curl/pull/5587
2020-06-22 12:24:57 -04:00
Daniel Stenberg
0f55269aff
copyright: update mismatched copyright years 2020-06-22 11:55:34 +02:00
Daniel Stenberg
5bf653464f
test1460: verify that -Ji is not ok 2020-06-22 00:50:08 +02:00