1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-15 22:15:13 -05:00
Commit Graph

1784 Commits

Author SHA1 Message Date
Daniel Stenberg
0b1f37e77c help: add --cert-status to --help output 2015-01-16 23:23:29 +01:00
Daniel Stenberg
a4065ebf1c copyright years: after OCSP stapling changes 2015-01-16 23:23:29 +01:00
Alessandro Ghedini
bd0c3b3c66 curl: add --cert-status option
This enables the CURLOPT_SSL_VERIFYSTATUS functionality.
2015-01-16 23:23:29 +01:00
Viktor Szakats
acc8089bc2 add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS 2015-01-08 18:19:03 +01:00
Steve Holme
1abe65d928 code/docs: Use Unix rather than UNIX to avoid use of the trademark
Use Unix when generically writing about Unix based systems as UNIX is
the trademark and should only be used in a particular product's name.
2014-12-26 21:42:44 +00:00
Steve Holme
6dd9c3909c tool_help: Use camel case for UNIX sockets feature output
In line with the other features listed in the --version output,
capitalise the UNIX socket feature.
2014-12-25 17:35:03 +00:00
Steve Holme
4ff5d32a6b tool_xattr: Use 'CURLcode result' for curl result codes 2014-12-25 13:01:34 +00:00
Daniel Stenberg
d9166028e5 curl: show size of inhibited data when using -v
To offer some more info and yet it doesn't use more lines.
2014-12-22 14:21:17 +01:00
John E. Malmberg
f9cf3de70b VMS: Updates for 0740-0D1220
lib/setup-vms.h : VAX HP OpenSSL port is ancient, needs help.
                  More defines to set symbols to uppercase.

src/tool_main.c : Fix parameter to vms_special_exit() call.

packages/vms/ :
  backup_gnv_curl_src.com : Fix the error message to have the correct package.

  build_curl-config_script.com : Rewrite to be more accurate.

  build_libcurl_pc.com : Use tool_version.h now.

  build_vms.com : Fix to handle lib/vtls directory.

  curl_gnv_build_steps.txt : Updated build procedure documentation.

  generate_config_vms_h_curl.com :
       * VAX does not support 64 bit ints, so no NTLM support for now.
       * VAX HP SSL port is ancient, needs some help.
       * Disable NGHTTP2 for now, not ported to VMS.
       * Disable UNIX_SOCKETS, not available on VMS yet.
       * HP GSSAPI port does not have gss_nt_service_name.

  gnv_link_curl.com : Update for new curl structure.

  pcsi_product_gnv_curl.com : Set up to optionally do a complete build.
2014-12-21 16:55:28 +01:00
Daniel Stenberg
ae56df82c1 glob_next_url: make the loop count upwards
As the former contruct apparently caused a compiler warning, mentioned
in d8efde07e5.
2014-12-16 09:01:56 +01:00
Daniel Stenberg
088b9b2a97 tool_operate: we prefer 'CURLcode result' 2014-12-16 08:35:47 +01:00
Daniel Stenberg
b0670ff12b tool_urlglob: unify return codes to use CURLcode
There was a mix of GlobCode, CURLcode and ints and they were mostly
passing around CURLcode errors. This change makes the functions use only
CURLcode and removes the GlobCode type completely.
2014-12-16 01:00:23 +01:00
Daniel Stenberg
9b61060ffc tool_urlglob.c: partly reverse dc19789444
The loop in glob_next_url() needs to be done backwards to maintain the
logic. dc19789444 caused test 1235 to fail.
2014-12-16 00:51:39 +01:00
Steve Holme
cedf996073 copyright: Updated the copyright year following recent updates 2014-12-14 22:39:27 +00:00
Daniel Stenberg
dc19789444 tool_urlglob.c: reverse two loops
By counting from 0 and up instead of backwards like before, we remove
the need for the "funny" check of the unsigned variable when decreased
passed zero. Easier to read and less risk for compiler warnings.
2014-12-14 23:34:07 +01:00
Marc Hoersken
64854c0364 tool_urlglob.c: Added braces to clarify the conditions 2014-12-14 22:50:01 +01:00
Marc Hoersken
d8efde07e5 tool_urlglob.c: Silence warning C6293: Ill-defined for-loop
The >= 0 is actually not required, since i underflows and
the for-loop is stopped using the < condition, but this
makes the VS2012 compiler and code analysis happy.
2014-12-14 22:45:06 +01:00
Marc Hoersken
2ffbd7afac tool_binmode.c: Explicitly ignore the return code of setmode
Fixes code analysis warning C6031:
return value ignored: <function> could return unexpected value
2014-12-14 22:31:10 +01:00
Marc Hoersken
7fc1cbb640 tool_util.c: Use GetTickCount64 if it is available 2014-12-14 18:35:17 +01:00
Dan Fandrich
e05de4f46d get_url_file_name: Fixed crash on OOM on debug build
This caused a null-pointer dereference which caused a few dozen
torture tests to fail.
2014-12-07 11:09:14 +01:00
Guenter Knauf
ccfa139c71 build: updated dependencies in makefiles. 2014-12-05 14:54:25 +01:00
Peter Wu
2e557de094 tool: fix CURLOPT_UNIX_SOCKET_PATH in --libcurl output
Mark CURLOPT_UNIX_SOCKET_PATH as string to ensure that it ends up as
option in the file generated by --libcurl.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-12-04 06:52:09 -08:00
Peter Wu
c8644d1f63 tool: add --unix-socket option
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-12-04 02:52:19 +01:00
Peter Wu
970c22f970 libcurl: add UNIX domain sockets support
The ability to do HTTP requests over a UNIX domain socket has been
requested before, in Apr 2008 [0][1] and Sep 2010 [2]. While a
discussion happened, no patch seems to get through. I decided to give it
a go since I need to test a nginx HTTP server which listens on a UNIX
domain socket.

One patch [3] seems to make it possible to use the
CURLOPT_OPENSOCKETFUNCTION function to gain a UNIX domain socket.
Another person wrote a Go program which can do HTTP over a UNIX socket
for Docker[4] which uses a special URL scheme (though the name contains
cURL, it has no relation to the cURL library).

This patch considers support for UNIX domain sockets at the same level
as HTTP proxies / IPv6, it acts as an intermediate socket provider and
not as a separate protocol. Since this feature affects network
operations, a new feature flag was added ("unix-sockets") with a
corresponding CURL_VERSION_UNIX_SOCKETS macro.

A new CURLOPT_UNIX_SOCKET_PATH option is added and documented. This
option enables UNIX domain sockets support for all requests on the
handle (replacing IP sockets and skipping proxies).

A new configure option (--enable-unix-sockets) and CMake option
(ENABLE_UNIX_SOCKETS) can disable this optional feature. Note that I
deliberately did not mark this feature as advanced, this is a
feature/component that should easily be available.

 [0]: http://curl.haxx.se/mail/lib-2008-04/0279.html
 [1]: http://daniel.haxx.se/blog/2008/04/14/http-over-unix-domain-sockets/
 [2]: http://sourceforge.net/p/curl/feature-requests/53/
 [3]: http://curl.haxx.se/mail/lib-2008-04/0361.html
 [4]: https://github.com/Soulou/curl-unix-socket

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-12-04 02:52:19 +01:00
Guenter Knauf
228f1ee9f2 build: in Makefile.m32 simplified autodetection. 2014-12-01 16:39:56 +01:00
Steve Holme
c8996bab1c curl tool: Exclude SMB from the protocol redirect
As local files could be accessed through \\localhost\c$.
2014-11-30 21:39:04 +00:00
Bill Nagel
b359badd49 curl tool: Enable support for the SMB protocol
This patch enables SMB/CIFS support in the curl command-line tool.
2014-11-30 21:32:44 +00:00
be1a505189 SSL: Add PEM format support for public key pinning 2014-11-24 19:30:09 +01:00
Guenter Knauf
cf510ad781 build: in Makefile.m32 moved target autodetection.
Moved target autodetection block after defining CC macro.
2014-11-19 12:39:20 +01:00
Guenter Knauf
140ca2dcc2 build: in Makefile.m32 simplify platform flags. 2014-11-19 11:46:02 +01:00
Guenter Knauf
a08decdfed build: in Makefile.m32 try to detect 64bit target. 2014-11-19 11:40:04 +01:00
Guenter Knauf
4bc47bec57 build: in Makefile.m32 add -m32 flag for 32bit. 2014-11-18 14:25:41 +01:00
Guenter Knauf
46ae340f24 build: in Makefile.m32 pass -F flag to windres. 2014-11-18 13:44:03 +01:00
Steve Holme
532efa9ce9 tool: Removed krb4 from the supported features
Although libcurl would never return CURL_VERSION_KERBEROS4 after 7.33,
so would not be output with --version, removed krb4 from the supported
features output.
2014-11-15 15:27:53 +00:00
Michael Osipov
a4b7f716d3 tool: Use Kerberos for supported features 2014-11-15 14:43:35 +00:00
Steve Holme
dc867bbf3a Makefile.vc6: Added support for WinIDN 2014-11-08 18:31:29 +00:00
Steve Holme
e7bcfb368c curl_tool: Added krb5 to the supported features 2014-11-07 10:57:23 +00:00
Daniel Stenberg
8a2dda312c tool_strdup.c: include the tool strdup.h
... not the lib/ one that the tool no longer uses!
2014-11-05 23:33:22 +01:00
Daniel Stenberg
b387560692 curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds
When duplicating a handle, the data to post was duplicated using
strdup() when it could be binary and contain zeroes and it was not even
zero terminated! This caused read out of bounds crashes/segfaults.

Since the lib/strdup.c file no longer is easily shared with the curl
tool with this change, it now uses its own version instead.

Bug: http://curl.haxx.se/docs/adv_20141105.html
CVE: CVE-2014-3707
Reported-By: Symeon Paraschoudis
2014-11-05 08:05:14 +01:00
Guenter Knauf
b5ed5843a4 Added NetWare support to build with nghttp2. 2014-10-29 03:31:34 +01:00
Daniel Stenberg
ad88a4bbba src/: remove version.h.dist from gitignore
It has not been used since commit f7bfdbab in 2011
2014-10-26 23:17:47 +01:00
Guenter Knauf
ede9884c59 Added MinGW support to build with nghttp2. 2014-10-24 04:22:04 +02:00
Peter Wu
b55502cdae cmake: build tool_hugehelp (ENABLE_MANUAL)
Rather than always outputting an empty manual page for the '-M' option,
generate a full manual page as done by autotools. For simplicity in
CMake, always generate the gzipped page as it will not be used anyway
when zlib is not available.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-10-12 14:11:42 +02:00
Daniel Stenberg
b546c7c926 get_url_file_name: make no slash equal empty string 2014-10-09 16:42:17 +02:00
Daniel Stenberg
199b3e46f9 get_url_file_name: never return a NULL string *and* OK
Change 987a4a73 assumes that as it simplifies life in the calling
function.

Reported-by: Fabian Keil
2014-10-09 16:37:11 +02:00
Jakub Zakrzewski
a3154295c5 Cmake: Got rid of setup_curl_dependencies
There is no need for such function. Include_directories propagate by
themselves and having a function with one simple link statement makes
little sense.
2014-10-09 13:48:30 +02:00
Daniel Stenberg
eb1e3a3985 operate: avoid NULL dereference
Coverity CID 1241948. dumpeasysrc() would get called with
config->current set to NULL which could be dereferenced by a warnf()
call.
2014-10-08 13:18:55 +02:00
Daniel Stenberg
987a4a7367 operate_do: skip superfluous check for NULL pointer
Coverity CID 1243583. get_url_file_name() cannot fail and return a NULL
file name pointer so skip the check for that - it tricks coverity into
believing it can happen and it then warns later on when we use 'outfile'
without checking for NULL.
2014-10-08 12:21:39 +02:00
93e450793c SSL: implement public key pinning
Option --pinnedpubkey takes a path to a public key in DER format and
only connect if it matches (currently only implemented with OpenSSL).

Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt().

Extract a public RSA key from a website like so:
openssl s_client -connect google.com:443 2>&1 < /dev/null | \
sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \
| openssl rsa -pubin -outform DER > google.com.der
2014-10-07 14:44:19 +02:00
Daniel Stenberg
dddb2aab8d parseconfig: skip a NULL check
Coverity CID 1154198. This NULL check implies that the pointer _can_ be
NULL at this point, which it can't. Thus it is dead code. It tricks
static analyzers to warn about dereferencing the pointer since the code
seems to imply it can be NULL.
2014-10-07 10:29:06 +02:00