1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-18 07:25:14 -05:00
Commit Graph

11179 Commits

Author SHA1 Message Date
Daniel Stenberg
3c4c4ec2ee
strdup: remove the odd strlen check
It confuses code analyzers with its use of -1 for unsigned value. Also,
a check that's not normally used in strdup() code - and not necessary.

Closes #5697
2020-07-18 12:37:25 +02:00
Daniel Stenberg
da3e0f406a
ngtcp2: adjust to recent sockaddr updates
Closes #5690
2020-07-16 23:56:42 +02:00
Daniel Stenberg
954cd3eb48
CURL_PUSH_ERROROUT: allow the push callback to fail the parent stream
... by adding support for a new dedicated return code.

Suggested-by: Jonathan Cardoso
Assisted-by: Erik Johansson
URL: https://curl.haxx.se/mail/lib-2020-06/0099.html
Closes #5636
2020-07-16 00:24:29 +02:00
Baruch Siach
2f5d0e497e
nss: fix build with disabled proxy support
Avoid reference to fields that do not exist when CURL_DISABLE_PROXY is
defined.

Closes #5667
2020-07-14 23:42:20 +02:00
Daniel Stenberg
d75e3ab74c
CURLINFO_EFFECTIVE_METHOD: added
Provide the HTTP method that was used on the latest request, which might
be relevant for users when there was one or more redirects involved.

Closes #5511
2020-07-14 17:53:45 +02:00
Viktor Szakats
8fa3f7809a
windows: add unicode to feature list
Reviewed-by: Marcel Raad
Reviewed-by: Marc Hörsken

Closes #5491
2020-07-14 08:30:17 +00:00
Daniel Stenberg
61a08508f6
multi: remove two checks always true
Detected by Codacy
Closes #5676
2020-07-14 00:12:08 +02:00
ihsinme
60aa961288
socks: use size_t for size variable
Use the unsigned type (size_t) in the arithmetic of pointers. In this
context, the signed type (ssize_t) is used unnecessarily.

Authored-by: ihsinme on github
Closes #5654
2020-07-12 22:52:19 +02:00
Gilles Vollant
e13357b14b
content_encoding: add zstd decoding support
include zstd curl patch for Makefile.m32 from vszakats
and include Add CMake support for zstd from Peter Wu

Helped-by: Viktor Szakats
Helped-by: Peter Wu
Closes #5453
2020-07-12 18:11:37 +02:00
Daniel Stenberg
c4026a9897
asyn.h: remove the Curl_resolver_getsock define
- not used
 - used the wrong number of arguments
 - confused the Codeacy code analyzer

Closes #5647
2020-07-12 18:06:50 +02:00
Daniel Stenberg
0d4c3618e9
ngtcp2: update to modified qlog callback prototype
Closes #5675
2020-07-12 17:53:08 +02:00
Daniel Stenberg
9466034561
transfer: fix memory-leak with CURLOPT_CURLU in a duped handle
Added test case 674 to reproduce and verify the bug report.

Fixes #5665
Reported-by: NobodyXu on github
Closes #5673
2020-07-12 16:36:02 +02:00
Baruch Siach
81bf2713ae
bearssl: fix build with disabled proxy support
Avoid reference to fields that do not exist when CURL_DISABLE_PROXY is
defined.

Reviewed-by: Nicolas Sterchele
Closes #5666
2020-07-12 16:22:38 +02:00
Daniel Stenberg
69bfde4515
http2: only do the *done() cleanups for HTTP
Follow-up to ef86daf4d3

Closes #5650
Fixes #5646
2020-07-04 01:13:50 +02:00
Alex Kiernan
0fda8db95c
gnutls: repair the build with CURL_DISABLE_PROXY
`http_proxy`/`proxy_ssl`/`tunnel_proxy` will not be available in `conn`
if `CURL_DISABLE_PROXY` is enabled.  Repair the build with that
configuration.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Closes #5645
2020-07-04 00:18:43 +02:00
Alex Kiernan
691df98d51 gnutls: Fetch backend when using proxy
Fixes: 89865c149 ("gnutls: remove the BACKEND define kludge")
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
2020-07-03 14:11:37 +01:00
Laramie Leavitt
ef86daf4d3
http2: close the http2 connection when no more requests may be sent
Well-behaving HTTP2 servers send two GOAWAY messages. The first
message is a warning that indicates that the server is going to
stop accepting streams. The second one actually closes the stream.

nghttp2 reports this state (and the other state of no more stream
identifiers) via the call nghttp2_session_check_request_allowed().
In this state the client should not create more streams on the
session (tcp connection), and in curl this means that the server
has requested that the connection is closed.

It would be also be possible to put the connclose() call into the
on_http2_frame_recv() function that triggers on the GOAWAY message.

This fixes a bug seen when the client sees the following sequence of
frames:

// advisory GOAWAY
HTTP2 GOAWAY [stream-id = 0, promised-stream-id = -1]
... some additional frames

// final GOAWAY
HTTP2 GOAWAY [stream-id = 0, promised-stream-id = N ]

Before this change, curl will attempt to reuse the connection even
after the last stream, will encounter this error:

* Found bundle for host localhost: 0x5595f0a694e0 [can multiplex]
* Re-using existing connection! (#0) with host localhost
* Connected to localhost (::1) port 10443 (#0)
* Using Stream ID: 9 (easy handle 0x5595f0a72e30)
> GET /index.html?5 HTTP/2
> Host: localhost:10443
> user-agent: curl/7.68.0
> accept: */*
>
* stopped the pause stream!
* Connection #0 to host localhost left intact
curl: (16) Error in the HTTP2 framing layer

This error may posion the connection cache, causing future requests
which resolve to the same curl connection to go through the same error
path.

Closes #5643
2020-07-03 11:16:48 +02:00
Jeremy Maitin-Shepard
31f0e864c7
http2: fix nghttp2_strerror -> nghttp2_http2_strerror in debug messages
Confusingly, nghttp2 has two different error code enums:

- nghttp2_error, to be used with nghttp2_strerror
- nghttp2_error_code, to be used with nghttp2_http2_strerror

Closes #5641
2020-07-02 23:37:28 +02:00
Marcel Raad
19b96ba385
url: silence MSVC warning
Since commit f3d501dc67, if proxy support is disabled, MSVC warns:
url.c : warning C4701: potentially uninitialized local variable
'hostaddr' used
url.c : error C4703: potentially uninitialized local pointer variable
'hostaddr' used

That could actually only happen if both `conn->bits.proxy` and
`CURL_DISABLE_PROXY` were enabled.
Initialize it to NULL to silence the warning.

Closes https://github.com/curl/curl/pull/5638
2020-07-02 13:31:22 +02:00
Daniel Stenberg
25222b14ef
Revert "multi: implement wait using winsock events"
This reverts commit 8bc25c590e.

That commit (from #5397) introduced a regression in 7.71.0.

Reported-by: tmkk on github
Fixes #5631
Closes #5632
2020-06-30 12:27:23 +02:00
Daniel Stenberg
c891e681bf
ngtcp2: sync with current master
ngtcp2 added two new callbacks

Reported-by: Lucien Zürcher
Fixes #5624
Closes #5627
2020-06-29 17:09:59 +02:00
Daniel Stenberg
9bfe665913
vtls: compare cert blob when finding a connection to reuse
Reported-by: Gergely Nagy
Fixes #5617
Closes #5619
2020-06-29 09:01:55 +02:00
Daniel Stenberg
032e838b73
terminology: call them null-terminated strings
Updated terminology in docs, comments and phrases to refer to C strings
as "null-terminated". Done to unify with how most other C oriented docs
refer of them and what users in general seem to prefer (based on a
single highly unscientific poll on twitter).

Reported-by: coinhubs on github
Fixes #5598
Closes #5608
2020-06-28 00:31:24 +02:00
Daniel Stenberg
ff43fb6dec
http: fix proxy auth with blank password
Regression in 7.71.0

Added test case 346 to verify.

Reported-by: Kristoffer Gleditsch
Fixes #5613
Closes #5616
2020-06-28 00:29:59 +02:00
Baruch Siach
989e6dffc5
mbedtls: fix build with disabled proxy support
Don't reference fields that do not exist. Fixes build failure:

vtls/mbedtls.c: In function 'mbed_connect_step1':
vtls/mbedtls.c:249:54: error: 'struct connectdata' has no member named 'http_proxy'

Closes #5615
2020-06-26 14:20:20 +02:00
Daniel Stenberg
d5ed571948
url: allow user + password to contain "control codes" for HTTP(S)
Reported-by: Jon Johnson Jr
Fixes #5582
Closes #5592
2020-06-25 09:57:19 +02:00
Daniel Stenberg
31e53584db
escape: make the URL decode able to reject only %00 bytes
... or all "control codes" or nothing.

Assisted-by: Nicolas Sterchele
2020-06-25 09:57:18 +02:00
Daniel Stenberg
646cc574f0
http2: set the correct URL in pushed transfers
...previously CURLINFO_EFFECTIVE_URL would report the URL of the
original "mother transfer", not the actually pushed resource.

Reported-by: Jonathan Cardoso Machado
Fixes #5589
Closes #5591
2020-06-25 09:31:21 +02:00
Javier Blazquez
ae3d1e04f6 openssl: Fix compilation on Windows when ngtcp2 is enabled
- Include wincrypt before OpenSSL includes so that the latter can
  properly handle any conflicts between the two.

Closes https://github.com/curl/curl/pull/5606
2020-06-25 03:11:46 -04:00
Daniel Stenberg
32defc3197
escape: zero length input should return a zero length output
Regression added in 7.71.0.

Fixes #5601
Reported-by: Kristoffer Gleditsch
Closes #5602
2020-06-25 00:00:28 +02:00
Daniel Stenberg
d2baa502fc
Curl_inet_ntop: always check the return code
Reported-by: Siva Sivaraman
Fixes #5412
Closes #5597
2020-06-24 16:04:54 +02:00
Daniel Stenberg
550bcdd442
sendf: improve the message on client write errors
Replace "Failed writing body (X != Y)" with
"Failure writing output to destination". Possibly slightly less cryptic.

Reported-by: coinhubs on github
Fixes #5594
Closes #5596
2020-06-24 16:03:40 +02:00
Daniel Stenberg
ff1c37cbe3
url: make sure pushed streams get an allocated download buffer
Follow-up to c4e6968127

When a new transfer is created, as a resuly of an acknowledged push,
that transfer needs a download buffer allocated.

Closes #5590
2020-06-23 15:13:27 +02:00
Jay Satiro
abbc5d6044 openssl: Don't ignore CA paths when using Windows CA store
This commit changes the behavior of CURLSSLOPT_NATIVE_CA so that it does
not override CURLOPT_CAINFO / CURLOPT_CAPATH, or the hardcoded default
locations. Instead the CA store can now be used at the same time.

The change is due to the impending release. The issue is still being
discussed. The behavior of CURLSSLOPT_NATIVE_CA is subject to change and
is now documented as experimental.

Ref: bc052cc (parent commit)
Ref: https://github.com/curl/curl/issues/5585
2020-06-22 15:31:38 -04:00
Jay Satiro
c9c31b9245 openssl: Fix CA fallback logic for OpenSSL 3.0 build
Prior to this change I assume a build error would occur when
CURL_CA_FALLBACK was used.

Closes https://github.com/curl/curl/pull/5587
2020-06-22 12:24:57 -04:00
Daniel Stenberg
0f55269aff
copyright: update mismatched copyright years 2020-06-22 11:55:34 +02:00
Valentyn Korniienko
e39a6e2cea
multibyte: Fixed access-> waccess to file for Windows Plarform
Reviewed-by: Marcel Raad
Closes #5580
2020-06-21 19:31:39 +02:00
Daniel Stenberg
3f84b3e39a
altsvc: bump to h3-29
Closes #5584
2020-06-19 23:29:26 +02:00
Daniel Stenberg
dc90f51065
connect: improve happy eyeballs handling
For QUIC but also for regular TCP when the second family runs out of IPs
with a failure while the first family is still trying to connect.

Separated the timeout handling for IPv4 and IPv6 connections when they
both have a number of addresses to iterate over.
2020-06-18 00:20:42 +02:00
Daniel Stenberg
325866fd6f
ngtcp2: never call fprintf() in lib code in release version 2020-06-18 00:20:42 +02:00
Daniel Stenberg
b6af4c2336
ngtcp2: fix happy eyeballs quic connect crash
Reported-by: Peter Wu
Fixes #5565
Closes #5568
2020-06-18 00:20:42 +02:00
Daniel Stenberg
3bf18cdadd
select: remove the unused ELAPSED_MS() macro
Closes #5573
2020-06-18 00:11:25 +02:00
rcombs
8bc25c590e
multi: implement wait using winsock events
This avoids using a pair of TCP ports to provide wakeup functionality
for every multi instance on Windows, where socketpair() is emulated
using a TCP socket on loopback which could in turn lead to socket
resource exhaustion.

Reviewed-by: Gergely Nagy
Reviewed-by: Marc Hörsken

Closes #5397
2020-06-17 07:18:08 +02:00
Ruurd Beerstra
d80d419d3e
ntlm: enable NTLM support with wolfSSL
When wolfSSL is built with its OpenSSL API layer, it fetures the same DES*
functions that OpenSSL has. This change take advantage of that.

Co-authored-by: Daniel Stenberg
Closes #5556
Fixes #5548
2020-06-16 09:06:19 +02:00
Daniel Stenberg
e15e51384a
http: move header storage to Curl_easy from connectdata
Since the connection can be used by many independent requests (using
HTTP/2 or HTTP/3), things like user-agent and other transfer-specific
data MUST NOT be kept connection oriented as it could lead to requests
getting the wrong string for their requests. This struct data was
lingering like this due to old HTTP1 legacy thinking where it didn't
mattered..

Fixes #5566
Closes #5567
2020-06-15 22:56:25 +02:00
Daniel Stenberg
b88bdedf9c
altsvc: remove the num field from the altsvc struct
It was superfluous since we have the list.size alredy

Reported-by: Jay Satiro
Fixes #5553
Closes #5563
2020-06-12 23:24:11 +02:00
Daniel Stenberg
8b4e796775
share: don't set the share flag it something fails
When asking for a specific feature to be shared in the share object,
that bit was previously set unconditionally even if the shared feature
failed or otherwise wouldn't work.

Closes #5554
2020-06-12 09:42:52 +02:00
Daniel Stenberg
eab2f95c0d
wording: avoid blacklist/whitelist stereotypes
Instead of discussing if there's value or meaning (implied or not) in
the colors, let's use words without the same possibly negative
associations.

Closes #5546
2020-06-10 08:49:17 +02:00
Daniel Stenberg
2a41e23671
socks: detect connection close during handshake
The SOCKS4/5 state machines weren't properly terminated when the proxy
connection got closed, leading to a busy-loop.

Reported-By: zloi-user on github
Fixes #5532
Closes #5542
2020-06-08 23:19:36 +02:00
xquery
0a35580e21
multi: add defensive check on data->multi->num_alive
Closes #5540
2020-06-08 16:14:07 +02:00