1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-11 03:55:03 -05:00
Commit Graph

24203 Commits

Author SHA1 Message Date
Steve Holme
166ace8be0 emailL Added reference to RFC8314 for implicit TLS 2019-04-11 01:19:15 +01:00
Steve Holme
37c43bf70c README: Schannel, stop calling it "winssl"
Stick to "Schannel" everywhere - follow up to 180501cb.
2019-04-10 22:05:38 +01:00
Jakub Zakrzewski
ff1cb97517 cmake: clear CMAKE_REQUIRED_LIBRARIES after each use
This fixes GSSAPI builds with the libraries in a non-standard location.
The testing for recv() were failing because it failed to link
the Kerberos libraries, which are not needed for this or subsequent
tests.

fixes #3743
closes #3744
2019-04-10 19:12:28 +02:00
Jakub Zakrzewski
be17f298ff cmake: avoid linking executable for some tests with cmake 3.6+
With CMAKE_TRY_COMPILE_TARGET_TYPE set to STATIC_LIBRARY, the try_compile()
(which is used by check_c_source_compiles()) will build static library
instead of executable. This avoids linking additional libraries in and thus
speeds up those checks a little.

This commit also avoids #3743 (GSSAPI build errors) on itself with cmake
3.6 or above. That issue was fixed separately for all versions.

Ref: #3744
2019-04-10 19:12:28 +02:00
Jakub Zakrzewski
639cfeb0f8 cmake: minor cleanup
- Remove nneeded include_regular_expression.
  It was setting what is already a default.

- Remove duplicated include.

- Don't check for pre-3.0.0 CMake version.
  We already require at least 3.0.0, so it's just clutter.

Ref: #3744
2019-04-10 19:12:28 +02:00
Steve Holme
c4e0be4408 build-openssl.bat: Fixed support for OpenSSL v1.1.0+ 2019-04-08 22:36:23 +01:00
Steve Holme
b1923b90f5 build-openssl.bat: Perfer the use of if statements rather than goto (where possible) 2019-04-08 22:36:23 +01:00
Steve Holme
a4df34294f build-openssl.bat: Perform the install for each build type directly after the build 2019-04-08 22:36:23 +01:00
Steve Holme
089e2d9de0 build-openssl.bat: Split the install of static and shared build types 2019-04-08 22:36:22 +01:00
Steve Holme
89efe0e396 build-openssl.bat: Split the building of static and shared build types 2019-04-08 22:36:22 +01:00
Steve Holme
1969958e6b build-openssl.bat: Move the installation into a separate function 2019-04-08 22:36:22 +01:00
Steve Holme
ac690c4285 build-openssl.bat: Move the build step into a separate function 2019-04-08 22:36:22 +01:00
Steve Holme
1f6ec5baba build-openssl.bat: Move the OpenSSL configuration into a separate function 2019-04-08 22:36:22 +01:00
Steve Holme
d891702fcf build-openssl.bat: Fixed the BUILD_CONFIG variable not being initialised
Should the parent environment set this variable then the build might
not be performed as the user intended.
2019-04-08 22:36:22 +01:00
Daniel Stenberg
8ebc42be04
socks: fix error message 2019-04-08 23:30:53 +02:00
Daniel Stenberg
ebb2ebe18b
config.d: clarify that initial : and = might need quoting [skip ci]
Fixes #3738
Closes #3749
2019-04-08 21:57:22 +02:00
Daniel Stenberg
c150438eee
RELEASE-NOTES: synced
bumped to 7.65.0 for next release
2019-04-08 21:42:05 +02:00
Daniel Stenberg
f4b6901230
socks5: user name and passwords must be shorter than 256
bytes... since the protocol needs to store the length in a single byte field.

Reported-by: XmiliaH on github
Fixes #3737
Closes #3740
2019-04-07 23:27:11 +02:00
Jakub Zakrzewski
89bb5a836c
test: urlapi: urlencode characters above 0x7f correctly 2019-04-07 22:57:42 +02:00
Jakub Zakrzewski
0dd47c2a3d
urlapi: urlencode characters above 0x7f correctly
fixes #3741
Closes #3742
2019-04-07 22:57:42 +02:00
Even Rouault
64cbae3107
multi_runsingle(): fix use-after-free
Fixes #3745
Closes #3746

The following snippet
```

int main()
{
    CURL* hCurlHandle = curl_easy_init();
    curl_easy_setopt(hCurlHandle, CURLOPT_URL, "http://example.com");
    curl_easy_setopt(hCurlHandle, CURLOPT_PROXY, "1");
    curl_easy_perform(hCurlHandle);
    curl_easy_cleanup(hCurlHandle);
    return 0;
}
```
triggers the following Valgrind warning

```
==4125== Invalid read of size 8
==4125==    at 0x4E7D1EE: Curl_llist_remove (llist.c:97)
==4125==    by 0x4E7EF5C: detach_connnection (multi.c:798)
==4125==    by 0x4E80545: multi_runsingle (multi.c:1451)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
==4125==  Address 0x9b3d1d0 is 1,120 bytes inside a block of size 1,600 free'd
==4125==    at 0x4C2ECF0: free (vg_replace_malloc.c:530)
==4125==    by 0x4E62C36: conn_free (url.c:756)
==4125==    by 0x4E62D34: Curl_disconnect (url.c:818)
==4125==    by 0x4E48DF9: Curl_once_resolved (hostip.c:1097)
==4125==    by 0x4E8052D: multi_runsingle (multi.c:1446)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
==4125==  Block was alloc'd at
==4125==    at 0x4C2F988: calloc (vg_replace_malloc.c:711)
==4125==    by 0x4E6438E: allocate_conn (url.c:1654)
==4125==    by 0x4E685B4: create_conn (url.c:3496)
==4125==    by 0x4E6968F: Curl_connect (url.c:4023)
==4125==    by 0x4E802E7: multi_runsingle (multi.c:1368)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
```

This has been bisected to commit 2f44e94

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14109
Credit to OSS Fuzz
2019-04-07 22:55:38 +02:00
Daniel Stenberg
2f44e94efb
pipelining: removed
As previously planned and documented in DEPRECATE.md, all pipelining
code is removed.

Closes #3651
2019-04-06 22:49:50 +02:00
cclauss
aba1c51553
tests: make Impacket (SMB server) Python 3 compatible
Closes #3731
Fixes #3289
2019-04-06 22:29:57 +02:00
Simon Warta
cd3edb0827
cmake: set SSL_BACKENDS
This groups all SSL backends into the feature "SSL" and sets the
SSL_BACKENDS analogue to configure.ac

Closes https://github.com/curl/curl/pull/3736
2019-04-06 17:54:41 +02:00
Simon Warta
1a3aa5c321
cmake: don't run SORT on empty list
In case of an empty list, SORTing leads to the cmake error "list
sub-command SORT requires list to be present."

Closes https://github.com/curl/curl/pull/3736
2019-04-06 17:53:03 +02:00
Eli Schwartz
55734f3a27 configure: fix default location for fish completions
Fish defines a vendor completions directory for completions that are not
installed as part of the fish project itself, and the vendor completions
are preferred if they exist. This prevents trying to overwrite the
builtin curl.fish completion (or creating file conflicts in distro
packaging).

Prefer the pkg-config defined location exported by fish, if it can be
found, and fall back to the correct directory defined by most systems.

Closes #3723
Reviewed-by: Daniel Gustafsson
2019-04-05 13:26:46 +02:00
Marcel Raad
ab5a6cf603
ftplistparser: fix LGTM alert "Empty block without comment"
Removing the block is consistent with line 954/957.

Closes https://github.com/curl/curl/pull/3732
2019-04-05 12:56:18 +02:00
Marcel Raad
1369b74299
transfer: fix LGTM alert "Comparison is always true"
Just remove the redundant condition, which also makes it clear that
k->buf is always 0-terminated if this break is not hit.

Closes https://github.com/curl/curl/pull/3732
2019-04-05 12:56:10 +02:00
Rikard Falkeborn
f5a77473c5 smtp: fix compiler warning
- Fix clang string-plus-int warning.

Clang 8 warns about adding a string to an int does not append to the
string. Indeed it doesn't, but that was not the intention either. Use
array indexing as suggested to silence the warning. There should be no
functional changes.

(In other words clang warns about "foo"+2 but not &"foo"[2] so use the
latter.)

smtp.c:1221:29: warning: adding 'int' to a string does not append to the
string [-Wstring-plus-int]
      eob = strdup(SMTP_EOB + 2);
            ~~~~~~~~~~~~~~~~^~~~

Closes https://github.com/curl/curl/pull/3729
2019-04-04 21:11:42 -04:00
Marcel Raad
16c1e444f3
VS projects: use Unicode for VC10+
All Windows APIs have been natively UTF-16 since Windows 2000 and the
non-Unicode variants are just wrappers around them. Only Windows 9x
doesn't understand Unicode without the UnicoWS DLL. As later Visual
Studio versions cannot target Windows 9x anyway, using the ANSI API
doesn't really have any benefit there.

This avoids issues like KNOWN_BUGS 6.5.

Ref: https://github.com/curl/curl/issues/2120
Closes https://github.com/curl/curl/pull/3720
2019-04-04 11:19:19 +02:00
Daniel Gustafsson
938c17d07a RELEASE-NOTES: synced
Bump the version in progress to 7.64.2, if we merge any "change"
before the cut-off date we can update the version.
2019-04-03 22:32:12 +02:00
Tim Rühsen
7b758e9835 documentation: Fix several typos
Closes #3724
Reviewed-by: Jakub Zakrzewski
Reviewed-by: Daniel Gustafsson
2019-04-03 22:06:06 +02:00
Mert Yazıcıoğlu
6227e2bd07 vauth/oauth2: Fix OAUTHBEARER token generation
OAUTHBEARER tokens were incorrectly generated in a format similar to
XOAUTH2 tokens. These changes make OAUTHBEARER tokens conform to the
RFC7628.

Fixes: #2487
Reported-by: Paolo Mossino

Closes https://github.com/curl/curl/pull/3377
2019-04-02 15:52:12 -04:00
Marcel Raad
d110d96b98
tool_cb_wrt: fix bad-function-cast warning
Commit f5bc578f4c reintroduced the
warning fixed in commit 2f5f31bb57.
Extend fhnd's scope and reuse that variable instead of calling
_get_osfhandle a second time to fix the warning again.

Closes https://github.com/curl/curl/pull/3718
2019-04-02 13:14:57 +02:00
Marcel Raad
e102ba7a19
VC15 project: remove MinimalRebuild
Already done in commit d5cfefd0ea for the
library project, but I forgot the tool project template. Now also
removed for that.
2019-04-01 19:18:08 +02:00
Dan Fandrich
18d1161429 cirrus: Customize the disabled tests per FreeBSD version
Try to run as many test cases as possible on each OS version.
12.0 passes 13 more tests than the older versions, so we might as well
run them.
2019-04-01 10:16:10 +02:00
Daniel Stenberg
fabd61f238 tool_help: include <strings.h> for strcasecmp
Reported-by: Wyatt O'Day
Fixes #3715
Closes #3716
2019-04-01 00:19:10 +02:00
Daniel Gustafsson
a92e9f578f scripts: fix typos 2019-03-31 22:55:09 +02:00
Dan Fandrich
e413baffdc travis: allow builds on branches named "ci"
This allows a way to test changes other than through PRs.
2019-03-28 01:33:04 +01:00
Brad Spencer
80208d68dc
resolve: apply Happy Eyeballs philosophy to parallel c-ares queries
Closes #3699
2019-03-27 23:31:59 +01:00
Daniel Stenberg
dbce1bd86f
multi: improved HTTP_1_1_REQUIRED handling
Make sure to downgrade to 1.1 even when we get this HTTP/2 stream error
on first flight.

Reported-by: niner on github
Fixes #3696
Closes #3707
2019-03-27 23:28:14 +01:00
Leonardo Taccari
8759e335ab
configure: avoid unportable `==' test(1) operator
Closes #3709
2019-03-27 23:25:46 +01:00
Daniel Stenberg
521bbbe299
RELEASE: 7.64.1 2019-03-27 07:53:33 +01:00
Daniel Stenberg
c07fc5e292
Revert "ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set"
This reverts commit 9130ead9fc.

Fixes #3708
2019-03-27 00:19:15 +01:00
Christian Schmitz
9130ead9fc
ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set
Closes #3704
2019-03-26 16:32:14 +01:00
Jay Satiro
f5bc578f4c tool_cb_wrt: fix writing to Windows null device NUL
- Improve console detection.

Prior to this change WriteConsole could be called to write to a handle
that may not be a console, which would cause an error. This issue is
limited to character devices that are not also consoles such as the null
device NUL.

Bug: https://github.com/curl/curl/issues/3175#issuecomment-439068724
Reported-by: Gisle Vanem
2019-03-26 03:31:30 -04:00
Jay Satiro
2bcdf722b8 CURLMOPT_PIPELINING.3: fix typo 2019-03-25 17:12:19 -04:00
Daniel Stenberg
401810434c
TODO: config file parsing
Closes #3698
2019-03-25 22:03:00 +01:00
Jay Satiro
a375ab3be4 os400: Disable Alt-Svc by default since it's experimental
Follow-up to 520f0b4 which added Alt-Svc support and enabled it by
default for OS400. Since the feature is experimental, it should be
disabled by default.

Ref: https://github.com/curl/curl/commit/520f0b4#commitcomment-32792332
Ref: https://curl.haxx.se/mail/lib-2019-02/0008.html

Closes https://github.com/curl/curl/pull/3688
2019-03-24 16:43:43 -04:00
Dan Fandrich
27fb521df5 tests: Fixed XML validation errors in some test files. 2019-03-24 18:35:02 +01:00