1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-15 22:15:13 -05:00
Commit Graph

19552 Commits

Author SHA1 Message Date
Daniel Stenberg
41db5aed7a http2-download: check for CURLPIPE_MULTIPLEX properly
Bug: http://curl.haxx.se/mail/lib-2015-06/0001.html
Reported-by: Rafayel Mkrtchyan
2015-06-01 08:45:30 +02:00
Isaac Boukris
4bb815a32e HTTP-NTLM: fail auth on connection close instead of looping
Bug: https://github.com/bagder/curl/issues/256
2015-05-31 23:21:15 +02:00
Daniel Stenberg
4e7c3c12d3 5.6 Refuse "downgrade" redirects 2015-05-31 00:39:19 +02:00
Daniel Stenberg
9a0a16a61c README.pingpong: removed 2015-05-31 00:20:22 +02:00
Daniel Stenberg
2f1eae0f27 ROADMAP: remove HTTP/2 multiplexing - its here now 2015-05-30 12:09:22 +02:00
Daniel Stenberg
3628a90852 HTTP2.md: formatted properly 2015-05-30 12:07:39 +02:00
Daniel Stenberg
a8904b39f3 HTTP2: moved docs into docs/ and make it markdown 2015-05-30 11:55:33 +02:00
Daniel Stenberg
8a7c1c76b3 README.http2: refreshed and added multiplexing info 2015-05-30 11:53:24 +02:00
Daniel Stenberg
f348a6b4ab dist: add the http2 examples 2015-05-28 16:04:13 +02:00
Daniel Stenberg
d1b1d782f5 http2 examples: clean up some comments 2015-05-28 16:04:00 +02:00
Daniel Stenberg
e57f08863a examples: added two programs doing multiplexed HTTP/2 2015-05-28 15:58:34 +02:00
Daniel Stenberg
44fe4b9029 scripts: moved contributors.sh and contrithanks.sh into subdir 2015-05-27 16:10:08 +02:00
Daniel Stenberg
9972666b47 RELEASE-NOTES: synced with c005790ff1 2015-05-27 14:48:59 +02:00
Daniel Melani
c005790ff1 openssl: typo in comment 2015-05-27 11:31:48 +02:00
Jay Satiro
49a6642f01 openssl: Use TLS_client_method for OpenSSL 1.1.0+
SSLv23_client_method is deprecated starting in OpenSSL 1.1.0. The
equivalent is TLS_client_method.

https://github.com/openssl/openssl/commit/13c9bb3#diff-708d3ae0f2c2973b272b811315381557
2015-05-27 01:30:30 -04:00
Daniel Stenberg
f81d356c21 FAQ: How do I port libcurl to my OS? 2015-05-26 19:13:40 +02:00
Jay Satiro
b18a1654c1 CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
Document that if Set-Cookie is used without a domain then the cookie is
sent for any domain and will not be modified.

Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html
Reported-by: Alexander Dyagilev
2015-05-25 17:27:53 -04:00
Tatsuhiro Tsujikawa
02dfc930b5 http2: Copy data passed in Curl_http2_switched into HTTP/2 connection buffer
Previously, after seeing upgrade to HTTP/2, we feed data followed by
upgrade response headers directly to nghttp2_session_mem_recv() in
Curl_http2_switched().  But it turns out that passed buffer, mem, is
part of stream->mem, and callbacks called by
nghttp2_session_mem_recv() will write stream specific data into
stream->mem, overwriting input data.  This will corrupt input, and
most likely frame length error is detected by nghttp2 library.  The
fix is first copy the passed data to HTTP/2 connection buffer,
httpc->inbuf, and call nghttp2_session_mem_recv().
2015-05-25 23:07:49 +02:00
Jay Satiro
96c0164b88 CURLOPT_COOKIE.3: Explain that the cookies won't be modified
The CURLOPT_COOKIE doc says it "sets the cookie header explicitly in the
outgoing request(s)." However there seems to be some user confusion
about cookie modification. Document that the cookies set by this option
are not modified by the cookie engine.

Bug: http://curl.haxx.se/mail/lib-2015-05/0115.html
Reported-by: Alexander Dyagilev
2015-05-24 19:01:13 -04:00
Jay Satiro
4bef1c7bf4 CURLOPT_COOKIELIST.3: Add example 2015-05-24 15:39:49 -04:00
Dan Fandrich
4a79475b13 testcurl.pl: use rel2abs to make the source directory absolute
This function makes a platform-specific absolute path which uses
backslashes on Windows. This form works when passing it on the
command-line, as well as if the source is on another drive.
2015-05-24 12:09:34 +02:00
Dan Fandrich
b6e3da5f08 conncache: fixed memory leak on OOM (torture tests) 2015-05-24 11:19:07 +02:00
Daniel Stenberg
28cdc0d82c perl: remove subdir, not touched in 9 years 2015-05-24 00:54:55 +02:00
Daniel Stenberg
3a973517a9 log2changes.pl: moved to scripts/ 2015-05-24 00:09:23 +02:00
Alessandro Ghedini
f9f22b0d63 scripts: add zsh.pl for generating zsh completion 2015-05-24 00:03:14 +02:00
Dan Fandrich
ef02da3156 test1510: another flaky test 2015-05-23 16:28:09 +02:00
Daniel Stenberg
e582cd16ff security: fix "Unchecked return value" from sscanf()
By (void) prefixing it and adding a comment. Did some minor related
cleanups.

Coverity CID 1299423.
2015-05-22 16:52:41 +02:00
Daniel Stenberg
1514977bcd security: simplify choose_mech
Coverity CID 1299424 identified dead code because of checks that could
never equal true (if the mechanism's name was NULL).

Simplified the function by removing a level of pointers and removing the
loop and array that weren't used.
2015-05-22 16:46:01 +02:00
Daniel Stenberg
fda0e74c22 RTSP: catch attempted unsupported requests better
Replace use of assert with code that properly catches bad input at
run-time even in non-debug builds.

This flaw was sort of detected by Coverity CID 1299425 which claimed the
"case RTSPREQ_NONE" was dead code.
2015-05-22 16:32:42 +02:00
Daniel Stenberg
03e2a9b023 share_init: fix OOM crash
A failed calloc() would lead to NULL pointer use.

Coverity CID 1299427.
2015-05-22 16:26:14 +02:00
Daniel Stenberg
817323ed82 parse_proxy: switch off tunneling if non-HTTP proxy
non-HTTP proxy implies not using CURLOPT_HTTPPROXYTUNNEL

Bug: http://curl.haxx.se/mail/lib-2015-05/0056.html
Reported-by: Sean Boudreau
2015-05-22 16:19:53 +02:00
Daniel Stenberg
42ed88e70a curl: fix potential NULL dereference
Coverity CID 1299428: Dereference after null check (FORWARD_NULL)
2015-05-22 16:19:30 +02:00
Daniel Stenberg
84d811f6af http2: on_frame_recv: return early on stream 0
Coverity CID 1299426 warned about possible NULL dereference otherwise,
but that would only ever happen if we get invalid HTTP/2 data with
frames for stream 0. Avoid this risk by returning early when stream 0 is
used.
2015-05-22 15:17:16 +02:00
Daniel Stenberg
d04bab8873 http: removed self assignment
Follow-up fix from b0143a2a33

Detected by coverity. CID 1299429
2015-05-22 09:57:16 +02:00
Tatsuhiro Tsujikawa
640f283bbb http2: Make HTTP Upgrade work
This commit just add implicitly opened stream 1 to streams hash.
2015-05-22 09:31:19 +02:00
Jay Satiro
995c6006fe strerror: Change SEC_E_ILLEGAL_MESSAGE description
Prior to this change the description for SEC_E_ILLEGAL_MESSAGE was OS
and language specific, and invariably translated to something not very
helpful like: "The message received was unexpected or badly formatted."

Bug: https://github.com/bagder/curl/issues/267
Reported-by: Michael Osipov
2015-05-22 02:30:38 -04:00
Jay Satiro
78ac944dc2 telnet: Fix read-callback change for Windows builds
Refer to b0143a2 for more information on the read-callback change.
2015-05-21 23:26:32 -04:00
Daniel Stenberg
ee04c20b74 CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy! 2015-05-21 14:17:17 +02:00
Dan Fandrich
126e7f7253 testcurl.pl: allow source to be in an arbitrary directory
This way, the build directory can be located on an entirely different
filesystem from the source code (e.g. a tmpfs).
2015-05-21 09:14:40 +02:00
Daniel Stenberg
b0143a2a33 read_callback: move to SessionHandle from connectdata
With many easy handles using the same connection for multiplexing, it is
important we store and keep the transfer-oriented stuff in the
SessionHandle so that callbacks and callback data work fine even when
many easy handles share the same physical connection.
2015-05-20 23:06:45 +02:00
Daniel Stenberg
6a688976f0 http2: show stream IDs in decimal
It makes them easier to match output from the nghttpd test server.
2015-05-20 23:06:29 +02:00
Tatsuhiro Tsujikawa
c175d184a2 http2: Faster http2 upload
Previously, when we send all given buffer in data_source_callback, we
return NGHTTP2_ERR_DEFERRED, and nghttp2 library removes this stream
temporarily for writing.  This itself is good.  If this is the sole
stream in the session, nghttp2_session_want_write() returns zero,
which means that libcurl does not check writeability of the underlying
socket.  This leads to very slow upload, because it seems curl only
upload 16k something per 1 second.  To fix this, if we still have data
to send, call nghttp2_session_resume_data after nghttp2_session_send.
This makes nghttp2_session_want_write() returns nonzero (if connection
window still opens), and as a result, socket writeability is checked,
and upload speed becomes normal.
2015-05-20 22:43:37 +02:00
Dmitry Eremin-Solenikov
d5aab55b33 gtls: don't fail on non-fatal alerts during handshake
Stop curl from failing when non-fatal alert is received during
handshake.  This e.g. fixes lots of problems when working with https
sites through proxies.
2015-05-20 22:41:30 +02:00
Daniel Stenberg
0f6f7c100a curl_easy_unescape.3: update RFC reference
Reported-by: bsammon
Bug: https://github.com/bagder/curl/issues/282
2015-05-20 08:21:27 +02:00
Jay Satiro
db979fea73 CURLOPT_POSTFIELDS.3: Mention curl_easy_escape
.. also correct some variable naming in curl_easy_escape.3

Bug: https://github.com/bagder/curl/issues/281
Reported-by: bsammon@users.noreply.github.com
2015-05-20 01:48:31 -04:00
Brian Prodoehl
a393d64456 openssl: Use SSL_CTX_set_msg_callback and SSL_CTX_set_msg_callback_arg
BoringSSL removed support for direct callers of SSL_CTX_callback_ctrl
and SSL_CTX_ctrl, so move to a way that should work on BoringSSL and
OpenSSL.

re #275
2015-05-19 22:54:42 +02:00
Jay Satiro
265f83a9f0 curl.1: fix missing space in section --data 2015-05-19 15:43:40 -04:00
Daniel Stenberg
301ba7772c transfer: remove erroneous and misleading comment 2015-05-19 14:00:19 +02:00
Kamil Dudka
00a770b3f5 http: silence compile-time warnings without USE_NGHTTP2
Error: CLANG_WARNING:
lib/http.c:173:16: warning: Value stored to 'http' during its initialization is never read

Error: COMPILER_WARNING:
lib/http.c: scope_hint: In function ‘http_disconnect’
lib/http.c:173:16: warning: unused variable ‘http’ [-Wunused-variable]
2015-05-19 12:53:30 +02:00
Jay Satiro
dd23c49546 transfer: Replace __func__ instances with function name
.. also make __func__ replacement in multi.

Prior to this change debug builds would fail to build if the compiler
was building pre-c99 and didn't support __func__.
2015-05-19 02:23:55 -04:00