Commit Graph

11829 Commits

Author SHA1 Message Date
Jay Satiro 1ba0d4bdb3 doh: Inherit CURLOPT_STDERR from user's easy handle
Prior to this change if the user set their easy handle's error stream
to something other than stderr it was not inherited by the doh handles,
which meant that they would still write to the default standard error
stream (stderr) for verbose output.

Bug: https://github.com/curl/curl/issues/6605
Reported-by: arvids-kokins-bidstack@users.noreply.github.com

Closes https://github.com/curl/curl/pull/6661
2021-03-02 16:59:28 -05:00
Daniel Gustafsson 24f850f4a4 ldap: use correct memory free function
unescaped is coming from Curl_urldecode and not a unicode conversion
function, so reclaiming its memory should be performed with a normal
call to free rather than curlx_unicodefree.  In reality, this is the
same thing as curlx_unicodefree is implemented as a call to free but
that's not guaranteed to always hold.  Using the curlx macro present
issues with memory debugging as well.

Closes #6671
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2021-03-01 09:31:33 +01:00
Daniel Gustafsson 313faa1bcb url: fix typo in comment
Correct a small typo which snuck in with a304051620.
2021-02-28 21:13:26 +01:00
Jean-Philippe Menil 8779bfe77b openssl: remove get_ssl_version_txt in favor of SSL_get_version
openssl: use SSL_get_version to get connection protocol

Replace our bespoke get_ssl_version_txt in favor of SSL_get_version.
We can get rid of few lines of code, since SSL_get_version achieve
the exact same thing

Closes #6665
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Signed-off-by: Jean-Philippe Menil <jpmenil@gmail.com>
2021-02-26 04:15:04 +01:00
Daniel Gustafsson 09a5bff1c9 gnutls: Fix nettle discovery
Commit e06fa7462a removed support for libgcrypt leaving only
support for nettle which has been the default crypto library in
GnuTLS for a long time. There were however a few conditionals on
USE_GNUTLS_NETTLE which cause compilation errors in the metalink
code (as it used the gcrypt fallback instead as a result). See the
below autobuild for an example of the error:

  https://curl.se/dev/log.cgi?id=20210225123226-30704#prob1

This removes all uses of USE_GNUTLS_NETTLE and also removes the
gcrypt support from the metalink code while at it.

Closes #6656
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2021-02-25 18:20:33 +01:00
Daniel Stenberg 1b2098c3c9
build: remove all traces of USE_BLOCKING_SOCKETS
libcurl doesn't behave properly with the define set

Closes #6655
2021-02-25 16:41:35 +01:00
Daniel Gustafsson 4e76905b04 cookies: Use named parameters in header prototypes
Align header with project style of using named parameters in the
function prototypes to aid readability and self-documentation.

Closes #6653
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2021-02-23 22:00:02 +01:00
Daniel Stenberg 0c7d111f4e
urldata: make 'actions[]' use unsigned char instead of int
... as it only needs a few bits per index anyway.

Reviewed-by: Daniel Gustafsson
Closes #6648
2021-02-24 14:16:11 +01:00
Gregor Jasny 811acd1a08
cmake: use CMAKE_INSTALL_INCLUDEDIR indirection
Reviewed-by: Sergei Nikulov
Closes #6440
2021-02-24 08:17:53 +01:00
Viktor Szakats fb98a436a7
mingw: enable using strcasecmp()
This makes the 'Features:' list sorted case-insensitively,
bringing output in-line with *nix builds.

Reviewed-by: Jay Satiro
Closes #6644
2021-02-23 12:06:55 +00:00
Viktor Szakats 95014b0a4d
build: delete unused feature guards
- `HAVE_STRNCASECMP`
- `HAVE_TCGETATTR`
- `HAVE_TCSETATTR`

Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Closes #6645
2021-02-23 12:04:29 +00:00
Daniel Stenberg bf601472a0
multi: do once-per-transfer inits in before_perform in DID state
... since the state machine might go to RATELIMITING and then back to
PERFORMING doing once-per-transfer inits in that function is wrong and
it caused problems with receiving chunked HTTP and it set the
PRETRANSFER time much too often...

Regression from b68dc34af3 (shipped in 7.75.0)

Reported-by: Amaury Denoyelle
Fixes #6640
Closes #6641
2021-02-22 15:54:46 +01:00
Viktor Szakats 6b0f217c65
time: enable 64-bit time_t in supported mingw environments
(Unless 32-bit `time_t` is selected manually via the `_USE_32BIT_TIME_T`
mingw macro.)

Previously, 64-bit `time_t` was enabled on VS2005 and newer only, and
32-bit `time_t` was used on all other Windows builds.

Assisted-by: Jay Satiro
Closes #6636
2021-02-21 02:00:36 +00:00
Jay Satiro eb36c03e83 memdebug: close debug logfile explicitly on exit
- Use atexit to register a dbg cleanup function that closes the logfile.

LeakSantizier (LSAN) calls _exit() instead of exit() when a leak is
detected on exit so the logfile must be closed explicitly or data could
be lost. Though _exit() does not call atexit handlers such as this,
LSAN's call to _exit() comes after the atexit handlers are called.

Prior to this change the logfile was not explicitly closed so it was
possible that if LSAN detected a leak and called _exit (which does
not flush or close files like exit) then the logfile could be missing
data. That could then cause curl's memanalyze to report false leaks
(eg a malloc was recorded to the logfile but the corresponding free was
discarded from the buffer instead of written to the logfile, then
memanalyze reports that as a leak).

Ref: https://github.com/google/sanitizers/issues/1374

Bug: https://github.com/curl/curl/pull/6591#issuecomment-780396541

Closes https://github.com/curl/curl/pull/6620
2021-02-20 14:40:24 -05:00
Jay Satiro 09363500b9 curl_multibyte: always return a heap-allocated copy of string
- Change the Windows char <-> UTF-8 conversion functions to return an
  allocated copy of the passed in string instead of the original.

Prior to this change the curlx_convert_ functions would, as what I
assume was an optimization, not make a copy of the passed in string if
no conversion was required. No conversion is required in non-UNICODE
Windows builds since our tchar strings are type char and remain in
whatever the passed in encoding is, which is assumed to be UTF-8 but may
be other encoding.

In contrast the UNICODE Windows builds require conversion
(wchar <-> char) and do return a copy. That inconsistency could lead to
programming errors where the developer expects a copy, and does not
realize that won't happen in all cases.

Closes https://github.com/curl/curl/pull/6602
2021-02-20 14:39:39 -05:00
Viktor Szakats 44872aefc2
http: add support to read and store the referrer header
- add CURLINFO_REFERER libcurl option
- add --write-out '%{referer}' command-line option
- extend --xattr command-line option to fill user.xdg.referrer.url extended
  attribute with the referrer (if there was any)

Closes #6591
2021-02-19 13:57:19 +00:00
Daniel Stenberg 70472a44de
urldata: remove the _ORIG suffix from string names
It doesn't provide any useful info but only makes the names longer.

Closes #6624
2021-02-19 08:07:19 +01:00
Daniel Stenberg d25c479e84
url: fix memory leak if OOM in the HSTS handling
Reported-by: Viktor Szakats
Bug: https://github.com/curl/curl/pull/6627#issuecomment-781626205

Closes #6628
2021-02-19 08:05:40 +01:00
Daniel Stenberg e06fa7462a
gnutls: assume nettle crypto support
nettle has been the default crypto library with GnuTLS since 2010. By
dropping support for the previous libcrypto, we simplify code.

Closes #6625
2021-02-18 23:06:47 +01:00
Daniel Stenberg 692faeab9f
asyn-ares: use consistent resolve error message
... with the help of Curl_resolver_error() which now is moved from
asyn-thead.c and is provided globally for this purpose.

Follow-up to 35ca04ce1b

Makes test 1188 work for c-ares builds

Closes #6626
2021-02-18 15:02:17 +01:00
Daniel Stenberg 6174fc993a
url.c: use consistent error message for failed resolve 2021-02-18 11:10:36 +01:00
Daniel Stenberg bc928be02c
wolfssl: don't store a NULL sessionid
This caused a memory leak as the session id cache entry was still
erroneously stored with a NULL sessionid and that would later be treated
as not needed to get freed.

Reported-by: Gisle Vanem
Fixes #6616
Closes #6617
2021-02-17 22:55:45 +01:00
Daniel Stenberg f248a13065
parse_proxy: fix a memory leak in the OOM path
Reported-by: Jay Satiro
Reviewed-by: Jay Satiro
Reviewed-by: Emil Engler

Closes #6614
Bug: https://github.com/curl/curl/pull/6591#issuecomment-780396541
2021-02-17 22:54:42 +01:00
Jay Satiro 568190f493 url: fix possible use-after-free in default protocol
Prior to this change if the user specified a default protocol and a
separately allocated non-absolute URL was used then it was freed
prematurely, before it was then used to make the replacement URL.

Bug: https://github.com/curl/curl/issues/6604#issuecomment-780138219
Reported-by: arvids-kokins-bidstack@users.noreply.github.com

Closes https://github.com/curl/curl/pull/6613
2021-02-17 16:15:11 -05:00
Daniel Stenberg 94719e7285
multi: rename the multi transfer states
While working on documenting the states it dawned on me that step one is
to use more descriptive names on the states. This also changes prefix on
the states to make them shorter in the source.

State names NOT ending with *ing are transitional ones.

Closes #6612
2021-02-16 16:42:46 +01:00
Daniel Stenberg cfff12a0b3
lib: remove 'conn->data' completely
The Curl_easy pointer struct entry in connectdata is now gone. Just
before commit 215db086e0 landed on January 8, 2021 there were 919
references to conn->data.

Closes #6608
2021-02-16 10:48:57 +01:00
Daniel Stenberg a59c33ceff
openldap: pass 'data' to the callbacks instead of 'conn' 2021-02-16 10:47:55 +01:00
Jay Satiro e68ee39f3d doh: Fix sharing user's resolve list with DOH handles
- Share the shared object from the user's easy handle with the DOH
  handles.

Prior to this change if the user had set a shared object with shared
cached DNS (CURL_LOCK_DATA_DNS) for their easy handle then that wasn't
used by any associated DOH handles, since they used the multi's default
hostcache.

This change means all the handles now use the same hostcache, which is
either the shared hostcache from the user created shared object if it
exists or if not then the multi's default hostcache.

Reported-by: Manuj Bhatia

Fixes https://github.com/curl/curl/issues/6589
Closes https://github.com/curl/curl/pull/6607
2021-02-15 16:14:34 -05:00
Daniel Stenberg 723c0e75fa
http2: remove conn->data use
... but instead use a private alternative that points to the "driving
transfer" from the connection. We set the "user data" associated with
the connection to be the connectdata struct, but when we drive transfers
the code still needs to know the pointer to the transfer. We can change
the user data to become the Curl_easy handle, but with older nghttp2
version we cannot dynamically update that pointer properly when
different transfers are used over the same connection.

Closes #6520
2021-02-15 16:33:53 +01:00
Daniel Stenberg f2f91ac709
openssl: remove conn->data use
We still make the trace callback function get the connectdata struct
passed to it, since the callback is anchored on the connection.

Repeatedly updating the callback pointer to set 'data' with
SSL_CTX_set_msg_callback_arg() doesn't seem to work, probably because
there might already be messages in the queue with the old pointer.

This code therefore makes sure to set the "logger" handle before using
OpenSSL calls so that the right easy handle gets used for tracing.

Closes #6522
2021-02-15 09:08:59 +01:00
Jay Satiro 53022e1893 doh: add options to disable ssl verification
- New libcurl options CURLOPT_DOH_SSL_VERIFYHOST,
  CURLOPT_DOH_SSL_VERIFYPEER and CURLOPT_DOH_SSL_VERIFYSTATUS do the
  same as their respective counterparts.

- New curl tool options --doh-insecure and --doh-cert-status do the same
  as their respective counterparts.

Prior to this change DOH SSL certificate verification settings for
verifyhost and verifypeer were supposed to be inherited respectively
from CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER, but due to a bug
were not. As a result DOH verification remained at the default, ie
enabled, and it was not possible to disable. This commit changes
behavior so that the DOH verification settings are independent and not
inherited.

Ref: https://github.com/curl/curl/pull/4579#issuecomment-554723676

Fixes https://github.com/curl/curl/issues/4578
Closes https://github.com/curl/curl/pull/6597
2021-02-14 18:20:48 -05:00
Jay Satiro b68026f7f4 hostip: fix crash in sync resolver builds that use DOH
- Guard some Curl_async accesses with USE_CURL_ASYNC instead of
  !CURLRES_SYNCH.

This is another follow-up to 8335c64 which moved the async struct from
the connectdata struct into the Curl_easy struct. A previous follow-up
6cd167a fixed building for sync resolver by guarding some async struct
accesses with !CURLRES_SYNCH. The problem is since DOH (DNS-over-HTTPS)
is available as an asynchronous secondary resolver the async struct may
be used even when libcurl is built for the sync resolver. That means
that CURLRES_SYNCH and USE_CURL_ASYNC may be defined at the same time.

Closes https://github.com/curl/curl/pull/6603
2021-02-13 23:03:58 -05:00
Daniel Stenberg 46620b9743
http: use credentials from transfer, not connection
HTTP auth "accidentally" worked before this cleanup since the code would
always overwrite the connection credentials with the credentials from
the most recent transfer and since HTTP auth is typically done first
thing, this has not been an issue. It was still wrong and subject to
possible race conditions or future breakage if the sequence of functions
would change.

The data.set.str[] strings MUST remain unmodified exactly as set by the
user, and the credentials to use internally are instead set/updated in
state.aptr.*

Added test 675 to verify different credentials used in two requests done
over a reused HTTP connection, which previously behaved wrongly.

Fixes #6542
Closes #6545
2021-02-13 22:36:15 +01:00
Daniel Stenberg 88dd1a8a11
urldata: don't touch data->set.httpversion at run-time
Rename it to 'httpwant' and make a cloned field in the state struct as
well for run-time updates.

Also: refuse non-supported HTTP versions. Verified with test 129.

Closes #6585
2021-02-12 08:13:37 +01:00
Daniel Stenberg 1560cd1f9f
curl: provide libgsasl version and feature info in -V output
Closes #6592
2021-02-11 16:16:45 +01:00
Viktor Szakats 62c4f2f10f
gsasl: fix errors/warnings building against libgsasl
- also fix an indentation
- make Curl_auth_gsasl_token() use CURLcode (by Daniel Stenberg)

Ref: https://github.com/curl/curl/pull/6372#issuecomment-776118711
Ref: https://github.com/curl/curl/pull/6588

Reviewed-by: Jay Satiro
Assisted-by: Daniel Stenberg
Reviewed-by: Simon Josefsson
Closes #6587
2021-02-10 18:55:58 +00:00
Viktor Szakats 2dfe3d7093
Makefile.m32: add support for libgsasl dependency
Reviewed-by: Marcel Raad
Closes #6586
2021-02-10 18:48:29 +00:00
Marcel Raad 89193ed518
ngtcp2: clarify calculation precedence
As suggested by Codacy/cppcheck.

Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:49 +01:00
Marcel Raad 1cd823ed5a
lib: remove redundant code
Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:27 +01:00
Marcel Raad a774b3f304
lib: reduce variable scopes
Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:03 +01:00
Marcel Raad a3f93a62a2
ftp: fix Codacy/cppcheck warning about null pointer arithmetic
Increment `bytes` only if it is non-null.

Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:46:52 +01:00
Daniel Stenberg ec5d9b44a2
ngtcp2: adapt to the new recv_datagram callback 2021-02-09 23:25:20 +01:00
Daniel Stenberg 69a396f593
quiche: fix build error: use 'int' for port number
Follow-up to cb2dc1ba8
2021-02-09 23:21:39 +01:00
Daniel Stenberg 528f71c2ec
ftp: add 'list_only' to the transfer state struct
and rename it from 'ftp_list_only' since it is also used for SSH and
POP3. The state is updated internally for 'type=D' FTP URLs.

Added test case 1570 to verify.

Closes #6578
2021-02-09 14:06:28 +01:00
Daniel Stenberg 115c9e27f5
ftp: add 'prefer_ascii' to the transfer state struct
... and make sure the code never updates 'set.prefer_ascii' as it breaks
handle reuse which should use the setting as the user specified it.

Added test 1569 to verify: it first makes an FTP transfer with ';type=A'
and then another without type on the same handle and the second should
then use binary. Previously, curl failed this.

Closes #6578
2021-02-09 14:06:28 +01:00
Jacob Hoffman-Andrews 246399a874
vtls: initial implementation of rustls backend
This adds a new TLS backend, rustls. It uses the C-to-rustls bindings
from https://github.com/abetterinternet/crustls.

Rustls is at https://github.com/ctz/rustls/.

There is still a fair bit to be done, like sending CloseNotify on
connection shutdown, respecting CAPATH, and properly indicating features
like "supports TLS 1.3 ciphersuites." But it works well enough to make
requests and receive responses.

Blog post for context:
https://www.abetterinternet.org/post/memory-safe-curl/

Closes #6350
2021-02-09 11:06:18 +01:00
Simon Josefsson 3eebbfe8f3
sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl
Closes #6372
2021-02-09 10:53:25 +01:00
Jay Satiro cb2dc1ba89 lib: use int type for more port variables
This is a follow-up to 764c6bd. Prior to that change port variables
were usually type long.

Closes https://github.com/curl/curl/pull/6553
2021-02-09 02:53:31 -05:00
Jay Satiro b9f11ae875 lib: drop USE_SOCKETPAIR in favor of CURL_DISABLE_SOCKETPAIR
.. since the former is undocumented and they both do the same thing.

Closes https://github.com/curl/curl/pull/6517
2021-02-09 02:47:51 -05:00
Jay Satiro b48db908e0 curl_multibyte: fall back to local code page stat/access on Windows
If libcurl is built with Unicode support for Windows then it is assumed
the filename string is Unicode in UTF-8 encoding and it is converted to
UTF-16 to be passed to the wide character version of the respective
function (eg wstat). However the filename string may actually be in the
local encoding so, even if it successfully converted to UTF-16, if it
could not be stat/accessed then try again using the local code page
version of the function (eg wstat fails try stat).

We already do this with fopen (ie wfopen fails try fopen), so I think it
makes sense to extend it to stat and access functions.

Closes https://github.com/curl/curl/pull/6514
2021-02-09 02:47:05 -05:00
Stephan Szabo 1269c80af1 file: Support unicode urls on windows
Closes https://github.com/curl/curl/pull/6501
2021-02-09 02:45:51 -05:00
Vincent Torri d4a3b87c13 cmake: fix import library name for non-MS compiler on Windows
- Use _imp.lib suffix only for Microsoft's compiler (MSVC).

Prior to this change library suffix _imp.lib was used for the import
library on Windows regardless of compiler.

With this change the other compilers should now use their default
suffix which should be .dll.a.

This change is motivated by the usage of pkg-config on MSYS2.
Indeed, when 'pkg-config --libs libcurl' is used, -lcurl is
passed to ld. The documentation of ld on Windows :

https://sourceware.org/binutils/docs/ld/WIN32.html

lists, in the 'direct linking to a dll' section, the pattern
of the searched import library, and libcurl_imp.lib is not there.

Closes https://github.com/curl/curl/pull/6225
2021-02-09 02:43:04 -05:00
Daniel Stenberg f1e5e49879
urldata: move 'followlocation' to UrlState
As this is a state variable it does not belong in UserDefined which is
used to store values set by the user.

Closes #6582
2021-02-09 08:22:45 +01:00
Ikko Ashimine 13d8a56408
http_proxy: fix typo in http_proxy.c
settting -> setting

Closes #6583
2021-02-09 08:21:56 +01:00
Daniel Stenberg 0c51036eb6
ftp: never set data->set.ftp_append outside setopt
Since the set value then risks getting used like that when the easy
handle is reused by the application.

Also: renamed the struct field from 'ftp_append' to 'remote_append'
since it is also used for SSH protocols.

Closes #6579
2021-02-08 22:44:37 +01:00
Daniel Stenberg d836d362ec
urldata: remove the 'rtspversion' field
from struct connectdata and the corresponding code in http.c that set
it. It was never used for anything!

Closes #6581
2021-02-08 22:39:34 +01:00
Jacob Hoffman-Andrews c30bf22f1c
vtls: factor out Curl_ssl_getsock to field of Curl_ssl
Closes #6558
2021-02-08 14:10:55 +01:00
Daniel Stenberg 6cd167a0dc
hostip: fix build with sync resolver
Reported-by: David Goerger
Follow-up from 8335c6417
Fixes #6566
Closes #6568
2021-02-05 08:49:22 +01:00
Jon Rumsey 4a6a5f0b4a
gskit: correct the gskit_send() prototype
gskit_send() first paramater is a pointer to Curl_easy not connectdata
struct.

Closes #6570
Fixes #6569
2021-02-05 08:43:32 +01:00
Daniel Stenberg 457e864f5e
urldata: fix build without HTTP and MQTT
Reported-by: Joseph Chen
Fixes #6562
Closes #6563
2021-02-04 23:08:07 +01:00
Daniel Stenberg e32601e13a
ftp: avoid SIZE when asking for a TYPE A file
... as we ignore it anyway because servers don't report the correct size
and proftpd even blatantly returns a 550.

Updates a set of tests accordingly.

Reported-by: awesomenode on github
Fixes #6564
Closes #6565
2021-02-04 23:06:03 +01:00
Daniel Stenberg 5f08a5acd5
pingpong: rename the curl_pp_transfer enum to use PP prefix
Using an FTP prefix for PP provided functionality was misleading.
2021-02-04 23:06:03 +01:00
Jay Satiro 98577e4029 build: fix --disable-http-auth
Broken since 215db08 (precedes 7.75.0).

Reported-by: Benbuck Nason

Fixes https://github.com/curl/curl/issues/6567
2021-02-04 14:49:56 -05:00
Jay Satiro 145848e2d1 build: fix --disable-dateparse
Broken since 215db08 (precedes 7.75.0).

Bug: https://curl.se/mail/lib-2021-02/0008.html
Reported-by: Firefox OS
2021-02-04 14:13:00 -05:00
Daniel Stenberg 2605a6fabb
copyright: fix year ranges in need of updates 2021-02-03 08:02:36 +01:00
Jay Satiro fc9d3444d1
ngtcp2: Fix build error due to change in ngtcp2_settings
- Separate ngtcp2_transport_params.

ngtcp2/ngtcp2@05d7adc made ngtcp2_transport_params separate from
ngtcp2_settings.

ngtcp2 master is required to build curl with http3 support.

Closes #6554
2021-02-02 08:19:12 +01:00
Daniel Stenberg 2c4b338f7e
vtls: remove md5sum
As it is not used anymore.

Reported-by: Jacob Hoffman-Andrews
Bug: https://curl.se/mail/lib-2021-02/0000.html

Closes #6557
2021-02-02 08:13:09 +01:00
Alessandro Ghedini a0c5781cb6
quiche: don't use primary_ip / primary_port
Closes #6555
2021-02-01 16:12:45 +01:00
Dmitry Wagin 796ce293de
http: improve AWS HTTP v4 Signature auth
- Add support services without region and service prefixes in
the URL endpoint (ex. Min.IO, GCP, Yandex Cloud, Mail.Ru Cloud Solutions, etc)
by providing region and service parameters via aws-sigv4 option.
- Add [:region[:service]] suffix to aws-sigv4 option;
- Fix memory allocation errors.
- Refactor memory management.
- Use Curl_http_method instead() STRING_CUSTOMREQUEST.
- Refactor canonical headers generating.
- Remove repeated sha256_to_hex() usage.
- Add some docs fixes.
- Add some codestyle fixes.
- Add overloaded strndup() for debug - curl_dbg_strndup().
- Update tests.

Closes #6524
2021-01-30 23:48:22 +01:00
Daniel Stenberg 3c2210713e
hyper: fix CONNECT to set 'data' as userdata
Follow-up to 14e075d1a7
2021-01-30 17:51:47 +01:00
Layla 4fc5e7eda5
connect: fix compile errors in `Curl_conninfo_local`
.. for the `#else` (`!HAVE_GETSOCKNAME`) case

Fixes https://github.com/curl/curl/issues/6548
Closes #6549

Signed-off-by: Layla <layla@insightfulvr.com>
2021-01-29 23:30:50 +01:00
Michał Antoniak 1c1158a9dd
transfer: fix GCC 10 warning with flag '-Wint-in-bool-context'
... and return the error code from the Curl_mime_rewind call.

Closes #6537
2021-01-29 14:47:28 +01:00
Michał Antoniak 0cf5670c54
avoid warning: enum constant in boolean context 2021-01-29 14:47:26 +01:00
Daniel Stenberg f6d13090d4
copyright: fix missing year (range) updates 2021-01-29 14:35:13 +01:00
Daniel Stenberg 60de76e2ad
openssl: lowercase the hostname before using it for SNI
... because it turns out several servers out there don't actually behave
correctly otherwise in spite of the fact that the SNI field is
specifically said to be case insensitive in RFC 6066 section 3.

Reported-by: David Earl
Fixes #6540
Closes #6543
2021-01-29 10:40:01 +01:00
Gisle Vanem 3611f6a41e build: fix djgpp builds
- Update build instructions in packages/DOS/README

- Extend 'VPATH' with 'vquic' and 'vssh'.

- Allow 'Makefile.dist' to build both 'lib' and 'src'.

- Allow using the Windows hosted djgpp cross compiler to build for MSDOS
  under Windows.

- 'USE_SSL' -> 'USE_OPENSSL'

- Added a 'link_EXE' macro. Etc, etc.

- Linking 'curl.exe' needs '$(CURLX_CFILES)' too.

- Do not pick-up '../lib/djgpp/*.o' files. Recompile locally.

- Generate a gzipped 'tool_hugehelp.c' if 'USE_ZLIB=1'.

- Remove 'djgpp-clean'

- Adapt to new C-ares directory structure

- Use conditional variable assignments

Clarify the 'conditional variable assignment' in 'common.dj'.

Closes https://github.com/curl/curl/pull/6382
2021-01-27 22:08:57 -05:00
Ikko Ashimine 73d743cfad
hyper: fix typo in c-hyper.c
settting -> setting

Closes #6538
2021-01-27 16:27:34 +01:00
Daniel Stenberg 9571802190
libssh2: fix CURL_LIBSSH2_DEBUG-enabled build
Follow-up to 2dcc940959

Reported-by: Gisle Vanem
Bug: 2dcc940959 (commitcomment-46420088)
2021-01-27 11:43:21 +01:00
Jay Satiro 44c9e18e5f asyn-thread: fix build for when getaddrinfo missing
This is a follow-up to 8315343 which several days ago moved the resolver
pointer into the async struct but did not update the code that uses it
when getaddrinfo is not present.

Closes https://github.com/curl/curl/pull/6536
2021-01-27 03:26:55 -05:00
Daniel Stenberg 62e0fe2156
urldata: move 'ints' to the end of 'connectdata'
To optimize storage slightly.

Closes #6534
2021-01-27 09:19:15 +01:00
Daniel Stenberg e76b058f3c
urldata: store ip version in a single byte
Closes #6534
2021-01-27 09:19:12 +01:00
Daniel Stenberg 1c3def53c7
urldata: remove duplicate 'upkeep_interval_ms' from connectdata
... and rely only on the value already set in Curl_easy.

Closes #6534
2021-01-27 09:19:08 +01:00
Daniel Stenberg d6a37c23a3
urldata: remove 'local_ip' from the connectdata struct
As the info is already stored in the transfer handle anyway, there's no
need to carry around a duplicate buffer for the life-time of the handle.

Closes #6534
2021-01-27 09:19:05 +01:00
Daniel Stenberg 764c6bd3bf
urldata: remove duplicate port number storage
... and use 'int' for ports. We don't use 'unsigned short' since -1 is
still often used internally to signify "unknown value" and 0 - 65535 are
all valid port numbers.

Closes #6534
2021-01-27 09:19:01 +01:00
Daniel Stenberg 642d78026f
urldata: remove the duplicate 'ip_addr_str' field
... as the numerical IP address is already stored and kept in 'primary_ip'.

Closes #6534
2021-01-27 09:18:51 +01:00
Daniel Stenberg 32766cb4db
select: convert Curl_select() to private static function
The old function should not be used anywhere anymore (the only remaining
gskit use has to be fixed to instead use Curl_poll or none at all).

The static function version is now called our_select() and is only built
if necessary.

Closes #6531
2021-01-27 09:05:31 +01:00
Daniel Stenberg 5ad377718d
Curl_chunker: shrink the struct
... by removing a field, converting the hex index into a byte and
rearranging the order. Cuts it down from 48 bytes to 32 on x86_64.

Closes #6527
2021-01-27 08:48:08 +01:00
Tatsuhiro Tsujikawa d3ca0771d2
ngtcp2: Fix http3 upload stall
Closes #6521
2021-01-26 17:13:04 +01:00
Tatsuhiro Tsujikawa a1338d4297
ngtcp2: Fix stack buffer overflow
Closes #6521
2021-01-26 17:12:47 +01:00
Daniel Stenberg ad1c7154b3
warnless.h: remove the prototype for curlx_ultosi
Follow-up to 217552503f
2021-01-26 16:32:27 +01:00
Daniel Stenberg 217552503f
warnless: remove curlx_ultosi
... not used anywhere

Closes #6530
2021-01-26 16:30:29 +01:00
Patrick Monnerat 234638ea63
lib: remove conn->data uses
Closes #6515
2021-01-26 15:19:41 +01:00
Daniel Stenberg 7173fe98ba
pingpong: remove the 'conn' struct member
... as it's superfluous now when Curl_easy is passed in and we can
derive the connection from that instead and avoid the duplicate copy.

Closes #6525
2021-01-26 10:12:59 +01:00
Daniel Stenberg 1dc8aa870e
hostip/proxy: remove conn->data use
Closes #6513
2021-01-26 10:04:47 +01:00
Daniel Stenberg 560fc170ec
url: reduce conn->data references
... there are a few left but let's keep them to last

Closes #6512
2021-01-26 10:00:59 +01:00
Daniel Stenberg 2dcc940959
libssh2: move data from connection object to transfer object
Readdir data, filenames and attributes are strictly related to the
transfer and not the connection. This also reduces the total size of the
fixed connectdata struct.

Closes #6519
2021-01-25 17:07:57 +01:00
Patrick Monnerat ecb13416e3
lib: remove conn->data uses
Closes #6499
2021-01-24 18:15:03 +01:00
Daniel Stenberg 14e075d1a7
hyper: remove the conn->data references
Closes #6508
2021-01-22 16:07:17 +01:00
Daniel Stenberg 8335c6417e
hostip: remove conn->data from resolver functions
This also moves the 'async' struct from the connectdata struct into the
Curl_easy struct, which seems like a better home for it.

Closes #6497
2021-01-22 08:25:09 +01:00
Jay Satiro d3a3bdb5ef strerror: skip errnum >= 0 assertion on windows
On Windows an error number may be greater than INT_MAX and negative once
cast to int.

The assertion is checked only in debug builds.

Closes https://github.com/curl/curl/pull/6504
2021-01-22 01:47:04 -05:00
Daniel Stenberg b97a60f5f4
doh: make Curl_doh_is_resolved survive a NULL pointer
... if Curl_doh() returned a NULL, this function gets called anyway as
in a asynch procedure. Then the doh struct pointer is NULL and signifies
an OOM situation.

Follow-up to 6246a1d8c6
2021-01-21 23:31:19 +01:00
Daniel Stenberg 5a19cb5a3c
wolfssh: remove conn->data references
... and repair recent build breakage

Closes #6507
2021-01-21 16:43:51 +01:00
Daniel Stenberg e8710633ed
http: empty reply connection are not left intact
... so mark the connection as closed in this condition to prevent that
verbose message to wrongly appear.

Reported-by: Matt Holt
Bug: https://twitter.com/mholt6/status/1352130240265375744
Closes #6503
2021-01-21 16:39:35 +01:00
Daniel Stenberg c977a6d0dc
chunk/encoding: remove conn->data references
... by anchoring more functions on Curl_easy instead of connectdata

Closes #6498
2021-01-21 13:19:58 +01:00
Erik Olsson 0a5827571f lib: save a bit of space with some structure packing
- Reorder some internal struct members so that less padding is used.

This is an attempt at saving a bit of space by packing some structs
(using pahole to find the holes) where it might make sense to do
so without losing readability.

I.e., I tried to avoid separating fields that seem grouped
together (like the cwd... fields in struct ftp_conn for instance).
Also abstained from touching fields behind conditional macros as
that quickly can get complicated.

Closes https://github.com/curl/curl/pull/6483
2021-01-20 22:52:34 -05:00
Fabian Keil 0015e06151
http: get CURLOPT_REQUEST_TARGET working with a HTTP proxy
Added test 1613 to verify.

Closes #6490
2021-01-20 15:21:13 +01:00
Daniel Stenberg ba4808d53c
ftp: remove conn->data leftover 2021-01-20 14:59:17 +01:00
Daniel Stenberg 56d1891db6
curl_range: remove conn->data
Closes #6496
2021-01-20 14:59:11 +01:00
Daniel Stenberg fb4c5d55b5
quiche: fix unused parameter ‘conn’
Follow-up to 2bdec0b3
2021-01-20 09:17:19 +01:00
Daniel Stenberg 4907431903
transfer: fix ‘conn’ undeclared mistake for iconv build
Follow-up to 219d9f8620
2021-01-20 09:13:14 +01:00
Daniel Stenberg 6246a1d8c6
doh: allocate state struct on demand
... instead of having it static within the Curl_easy struct. This takes
away 1176 bytes (18%) from the Curl_easy struct that aren't used very
often and instead makes the code allocate it when needed.

Closes #6492
2021-01-20 09:02:24 +01:00
Daniel Stenberg d0688dcbdf
socks: use the download buffer instead
The SOCKS code now uses the generic download buffer for temporary
storage during the connection procedure, instead of having its own
private 600 byte buffer that adds to the connectdata struct size. This
works fine because this point the buffer is allocated but is not use for
download yet since the connection hasn't completed.

This reduces the connection struct size by 22% on a 64bit arch!

The SOCKS buffer needs to be at least 600 bytes, and the download buffer
is guaranteed to never be smaller than 1000 bytes.

Closes #6491
2021-01-20 08:54:19 +01:00
Daniel Stenberg 942cf12c2f
urldata: make magic be the first struct field
By making the `magic` identifier the same size and at the same place
within the structs (easy, multi, share), libcurl will be able to more
reliably detect and safely error out if an application passes in the
wrong handle to APIs. Easier to detect and less likely to cause crashes
if done.

Such mixups can't be detected at compile-time due to them being
typedefed void pointers - unless `CURL_STRICTER` is defined.

Closes #6484
2021-01-20 08:51:01 +01:00
Daniel Stenberg 13bc1ea9bc
http_chunks: correct and clarify a comment on hexnumber length
... and also rename the define for max length.

Closes #6489
2021-01-19 23:43:10 +01:00
Daniel Stenberg e71542a9d9
curl_path: remove conn->data use
Closes #6487
2021-01-19 17:08:49 +01:00
Daniel Stenberg 219d9f8620
transfer: remove conn->data use
Closes #6486
2021-01-19 17:07:02 +01:00
Daniel Stenberg 2bdec0b363
quic: remove conn->data use
Closes #6485
2021-01-19 16:56:35 +01:00
Daniel Stenberg 3acf6fe539
c-hyper: avoid duplicated Proxy-Connection headers 2021-01-19 11:41:23 +01:00
Daniel Stenberg ea6ce0afad
http: make providing Proxy-Connection header not cause duplicated headers
Fixes test 1180

Bug: https://curl.se/mail/lib-2021-01/0095.html
Reported-by: Fabian Keil
Closes #6472
2021-01-19 11:40:15 +01:00
Daniel Stenberg 7542ec5b32
lib/Makefile.inc: convert to listing each file on its own line
... to make it diff friendlier and easier to read.

Closes #6448
2021-01-19 10:03:07 +01:00
Daniel Stenberg f86fcd0080
ftplistparser: remove use of conn->data
Closes #6482
2021-01-19 09:22:38 +01:00
Daniel Stenberg a304051620
lib: more conn->data cleanups
Closes #6479
2021-01-19 09:14:51 +01:00
Patrick Monnerat bbe3aa9f88
vtls: reduce conn->data use
Closes #6474
2021-01-19 09:14:40 +01:00
Daniel Stenberg 8399d89360
hyper: deliver data to application with Curl_client_write
... just as the native code path does. Avoids sending too large data
chunks in the callback and more.

Reported-by: Gisle Vanem
Fixes #6462
Closes #6473
2021-01-18 23:06:03 +01:00
Daniel Stenberg f98f219c35
gopher: remove accidental conn->data leftover 2021-01-18 22:57:56 +01:00
Daniel Stenberg a3efced012
libssh: avoid plain free() of libssh-memory
Since curl's own memory debugging system redefines free() calls to track
and fiddle with memory, it cannot be used on memory allocated by 3rd
party libraries.

Third party libraries SHOULD NOT require free() to release allocated
resources for this reason - and libs can use separate healp allocators
on some systems (like Windows) so free() doesn't necessarily work
anyway.

Filed as an issue with libssh: https://bugs.libssh.org/T268

Closes #6481
2021-01-18 22:50:56 +01:00
Daniel Stenberg 2bf77b3cba
send: assert that Curl_write_plain() has a ->conn when called
To help catch bad invokes.

Closes #6476
2021-01-18 16:12:20 +01:00
Daniel Stenberg 215db086e0
lib: pass in 'struct Curl_easy *' to most functions
... in most cases instead of 'struct connectdata *' but in some cases in
addition to.

- We mostly operate on transfers and not connections.

- We need the transfer handle to log, store data and more. Everything in
  libcurl is driven by a transfer (the CURL * in the public API).

- This work clarifies and separates the transfers from the connections
  better.

- We should avoid "conn->data". Since individual connections can be used
  by many transfers when multiplexing, making sure that conn->data
  points to the current and correct transfer at all times is difficult
  and has been notoriously error-prone over the years. The goal is to
  ultimately remove the conn->data pointer for this reason.

Closes #6425
2021-01-17 23:56:09 +01:00
Razvan Cojocaru 13fe0b6ade cmake: expose CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
This does for cmake builds what --disable-openssl-auto-load-config
does for autoconf builds.

Closes https://github.com/curl/curl/pull/6435
2021-01-16 02:18:12 -05:00
Gisle Vanem cbf0446973
easyoptions: add the missing AWS_SIGV4
Follow-up from AWS_SIGV4
2021-01-15 13:13:32 +01:00
Daniel Stenberg 3d0b62fdbe
schannel_verify: fix safefree call typo
Follow-up from e87ad71d1b

Closes #6459
2021-01-15 10:16:17 +01:00
Daniel Stenberg 1123a0eb24
mime: make sure setting MIMEPOST to NULL resets properly
... so that a function can first use MIMEPOST and then set it to NULL to
reset it back to a blank POST.

Added test 584 to verify the fix.

Reported-by: Christoph M. Becker

Fixes #6455
Closes #6456
2021-01-15 08:33:27 +01:00
Daniel Stenberg b68dc34af3
multi: set the PRETRANSFER time-stamp when we switch to PERFORM
... instead of at end of the DO state. This makes the timer more
accurate for the protocols that use the DOING state (such as FTP), and
simplifies how the function (now called init_perform) is called.

The timer will then include the entire procedure up to PERFORM -
including all instructions for getting the transfer started.

Closes #6454
2021-01-14 23:16:39 +01:00
Gisle Vanem e87ad71d1b
schannel: plug a memory-leak
... when built without -DUNICODE.

Closes #6457
2021-01-14 22:59:56 +01:00
Daniel Stenberg ab6eb2ec07
http_chunks: remove Curl_ prefix from static functions 2021-01-14 08:09:09 +01:00
Daniel Stenberg e38f4b7e80
transfer: remove Curl_ prefix from static functions 2021-01-14 08:09:09 +01:00
Daniel Stenberg 8072a882b3
tftp: remove Curl_ prefix from static functions 2021-01-14 08:09:09 +01:00
Daniel Stenberg 78af707caf
multi: remove Curl_ prefix from static functions 2021-01-14 08:09:09 +01:00
Daniel Stenberg a7591fbb73
ldap: remove Curl_ prefix from static functions 2021-01-14 08:09:09 +01:00
Daniel Stenberg 476e1339ef
doh: remove Curl_ prefix from static functions 2021-01-14 08:09:09 +01:00
Daniel Stenberg afb150499f
asyn-ares: remove Curl_ prefix from static functions 2021-01-14 08:09:09 +01:00
Daniel Stenberg c2c9e44a4d
vtls: remove Curl_ prefix from static functions 2021-01-14 08:09:09 +01:00
Daniel Stenberg 7e72b9b547
bearssl: remove Curl_ prefix from static functions 2021-01-14 08:09:08 +01:00
Daniel Stenberg 4b55d0468a
mbedtls: remove Curl_ prefix from static functions 2021-01-14 08:09:08 +01:00
Daniel Stenberg 5beed3e742
wolfssl: remove Curl_ prefix from static functions 2021-01-14 08:09:08 +01:00
Daniel Stenberg 39df93a875
nss: remove Curl_ prefix from static functions 2021-01-14 08:09:08 +01:00
Daniel Stenberg a3e1e6b3b4
gnutls: remove Curl_ prefix from static functions 2021-01-14 08:09:08 +01:00
Daniel Stenberg 3112ede57c
openssl: remove Curl_ prefix from static functions
... as we reserve this prefix to library-wide functions.

Closes #6443
2021-01-14 08:08:54 +01:00
Daniel Stenberg a79555291e
nss: get the run-time version instead of build-time
Closes #6445
2021-01-13 23:22:07 +01:00
Fabian Keil 4f61fd87b2
misc: fix typos
Bug: https://curl.se/mail/lib-2021-01/0063.html
Closes #6434
2021-01-11 15:12:25 +01:00
Daniel Stenberg 06f1db57ca
multi_runsingle: bail out early on data->conn == NULL
As that's a significant error condition and scan-build warns for NULL
pointer dereferences if we don't.

Closes #6433
2021-01-11 12:33:23 +01:00
Daniel Stenberg 48220f7e3d
multi: skip DONE state if there's no connection left for ftp wildcard
... to avoid running in that state with data->conn being NULL.
2021-01-11 12:33:11 +01:00
Daniel Stenberg 057cb05b4b
libssh2: fix "Value stored to 'readdir_len' is never read"
Detected by scan-build
2021-01-11 12:32:58 +01:00
Daniel Stenberg 6cb803ecb1
connect: mark intentional ignores of setsockopt return values
Pointed out by Coverity

Closes #6431
2021-01-11 10:21:51 +01:00
Jay Satiro 70af179118 http_proxy: Fix CONNECT chunked encoding race condition
- During the end-of-headers response phase do not mark the tunnel
  complete unless the response body was completely parsed/ignored.

Prior to this change if the entirety of a CONNECT response with chunked
encoding was not received by the time the final header was parsed then
the connection would be marked done prematurely, before all the chunked
data could be read in and ignored (since this is what we do with any
CONNECT response body) and the connection could not be used.

Bug: https://curl.se/mail/lib-2021-01/0033.html
Reported-by: Fabian Keil

Closes https://github.com/curl/curl/pull/6432
2021-01-11 03:28:01 -05:00
Daniel Stenberg 229930762f
url: if IDNA conversion fails, fallback to Transitional
This improves IDNA2003 compatiblity.

Reported-by: Bubu on github
Fixes #6423
Closes #6428
2021-01-11 00:21:28 +01:00
Daniel Stenberg 8b2dec6ab7
http: make 'authneg' also work for Hyper
When doing a request with a request body expecting a 401/407 back, that
initial request is sent with a zero content-length. Test 177 and more.

Closes #6424
2021-01-10 14:51:33 +01:00
Daniel Stenberg 1e5cec3297
file: don't provide content-length for directories
... as it is misleading.

Ref #6379
Closes #6421
2021-01-07 23:31:28 +01:00
Daniel Stenberg f52c6981c5
curl.h: add CURLPROTO_GOPHERS as own protocol identifier
Follow-up to a1f06f32b8, to make sure it can be handled separately
from plain gopher.

Closes #6418
2021-01-06 15:23:41 +01:00
Daniel Stenberg ab525c059e
http: have CURLOPT_FAILONERROR fail after all headers
... so that Retry-After and other meta-content can still be used.

Added 1634 to verify. Adjusted test 194 and 281 since --fail now also
includes the header-terminating CRLF in the output before it exits.

Fixes #6408
Closes #6409
2021-01-06 15:14:40 +01:00
Daniel Stenberg 9d7281ff17
global_init: debug builds allocates a byte in init
... to make build tools/valgrind warn if no curl_global_cleanup is
called.

This is conditionally only done for debug builds with the env variable
CURL_GLOBAL_INIT set.

Closes #6410
2021-01-06 15:13:45 +01:00
Daniel Stenberg 0936ecd0ee
pretransfer: setup the User-Agent header here
... and not in the connection setup, as for multiplexed transfers the
connection setup might be skipped and then the transfer would end up
without the set user-agent!

Reported-by: Flameborn on github
Assisted-by: Andrey Gursky
Assisted-by: Jay Satiro
Assisted-by: Mike Gelfand
Fixes #6312
Closes #6417
2021-01-05 23:46:32 +01:00
Daniel Stenberg 25c1d5e6a8
c-hyper: poll the tasks until end correctly
... makes test 36 work.

Closes #6412
2021-01-05 15:33:47 +01:00
Gergely Nagy 56b32b5d75
mk-ca-bundle.pl: deterministic output when using -t
Printing trust purposes are now sorted, making the output deterministic
when running on the same input certdata.txt.

Closes #6413
2021-01-05 13:03:41 +01:00
Himanshu Gupta f927f38f1e
wolfssl: add SECURE_RENEGOTIATION support
Closes #6411
2021-01-05 10:05:46 +01:00
Daniel Stenberg 4eb908cd87
wolfssl: update copyright year range
Follow-up to 7de2e96535
2021-01-05 09:40:27 +01:00
Daniel Stenberg 4f95ce8dfe
c-hyper: make CURLE_GOT_NOTHING work
Test 30

Closes #6407
2021-01-05 09:38:25 +01:00
Daniel Stenberg bcce220367
http_proxy: make CONNECT work with the Hyper backend
Makes test 80 run

Closes #6406
2021-01-05 09:37:08 +01:00
Jay Satiro 7de2e96535 wolfssl: Support wolfSSL builds missing TLS 1.1
The wolfSSL TLS library defines NO_OLD_TLS in some of their build
configurations and that causes the library to be built without TLS 1.1.
For example if MD5 is explicitly disabled when building wolfSSL then
that defines NO_OLD_TLS and the library is built without TLS 1.1 [1].

Prior to this change attempting to build curl with a wolfSSL that was
built with NO_OLD_TLS would cause a build link error undefined reference
to wolfTLSv1_client_method.

[1]: https://github.com/wolfSSL/wolfssl/blob/v4.5.0-stable/configure.ac#L2366

Bug: https://curl.se/mail/lib-2020-12/0121.html
Reported-by: Julian Montes

Closes https://github.com/curl/curl/pull/6388
2021-01-04 18:00:37 -05:00
Daniel Stenberg 648712eec1
httpauth: make multi-request auth work with custom port
When doing HTTP authentication and a port number set with CURLOPT_PORT,
the code would previously have the URL's port number override as if it
had been a redirect to an absolute URL.

Added test 1568 to verify.

Reported-by: UrsusArctos on github
Fixes #6397
Closes #6400
2021-01-02 23:40:47 +01:00
Emil Engler 725ec470e2
language: s/behaviour/behavior/g
We currently use both spellings the british "behaviour" and the american
"behavior". However "behavior" is more used in the project so I think
it's worth dropping the british name.

Closes #6395
2021-01-02 23:35:59 +01:00
Daniel Stenberg fce912139a
c-hyper: add timecondition to the request
Test 77-78

Closes #6391
2021-01-01 00:49:37 +01:00
Daniel Stenberg 3c7483efb4
c-hyper: make Digest and NTLM work
Test 64, 65, 67, 68, 69, 70, 72

Closes #6390
2020-12-30 22:40:29 +01:00
Daniel Stenberg a6d20b89db
cleanup: fix two empty expression statement has no effect
Follow-up to 26e46617b9
2020-12-30 16:58:19 +01:00
Paul Groke 8324dc8b1a
dns: extend CURLOPT_RESOLVE syntax for adding non-permanent entries
Extend the syntax of CURLOPT_RESOLVE strings: allow using a '+' prefix
(similar to the existing '-' prefix for removing entries) to add
DNS cache entries that will time out just like entries that are added
by libcurl itself.

Append " (non-permanent)" to info log message in case a non-permanent
entry is added.

Adjust relevant comments to reflect the new behavior.

Adjust documentation.

Extend unit1607 to test the new functionality.

Closes #6294
2020-12-29 17:49:36 +01:00
Daniel Stenberg 68dde8e330
schannel: fix "empty expression statement has no effect"
Bug: 8ab78f720a (commitcomment-45445950)
Reported-by: Gisle Vanem
Closes #6381
2020-12-29 17:10:47 +01:00
XhmikosR aadc75626b
misc: assorted typo fixes
Closes #6375
2020-12-26 23:54:25 +01:00
Daniel Stenberg 8ab78f720a
misc: fix "warning: empty expression statement has no effect"
Turned several macros into do-while(0) style to allow their use to work
find with semicolon.

Bug: 08e8455ddd (commitcomment-45433279)
Follow-up to 08e8455ddd
Reported-by: Gisle Vanem
Closes #6376
2020-12-26 23:44:17 +01:00
Daniel Stenberg aba01da639
failf: remove newline from formatting strings
... as failf adds one itself.

Also: add an assert() to failf() that triggers on a newline in the
format string!

Closes #6365
2020-12-25 23:42:16 +01:00
Daniel Stenberg ac9a7245fc
speedcheck: exclude paused transfers
Paused transfers should not be stopped due to slow speed even when
CURLOPT_LOW_SPEED_LIMIT is set. Additionally, the slow speed timer is
now reset when the transfer is unpaused - as otherwise it would easily
just trigger immediately after unpausing.

Reported-by: Harry Sintonen
Fixes #6358
Closes #6359
2020-12-22 13:51:07 +01:00
Daniel Stenberg c7f95fa0cc
h2: do not wait for RECV on paused transfers
... as the socket might be readable all the time when paused and thus
causing a busy-loop.

Reported-by: Harry Sintonen
Reviewed-by: Jay Satiro
Fixes #6356
Closes #6357
2020-12-22 12:44:18 +01:00
Matthias Gatto eb69797766
http: Make the call to v4 signature
This patch allow to call the v4 signature introduce in previous commit

Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
2020-12-21 16:28:03 +01:00
Matthias Gatto 08e8455ddd
http: introduce AWS HTTP v4 Signature
It is a security process for HTTP.

It doesn't seems to be standard, but it is used by some cloud providers.

Aws:
https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
Outscale:
https://wiki.outscale.net/display/EN/Creating+a+Canonical+Request
GCP (I didn't test that this code work with GCP though):
https://cloud.google.com/storage/docs/access-control/signing-urls-manually

most of the code is in lib/http_v4_signature.c

Information require by the algorithm:
- The URL
- Current time
-  some prefix that are append to some of the signature parameters.

The data extracted from the URL are: the URI, the region,
the host and the API type

example:
https://api.eu-west-2.outscale.com/api/latest/ReadNets
        ~~~ ~~~~~~~~               ~~~~~~~~~~~~~~~~~~~
        ^       ^                          ^
       /         \                        URI
   API type     region

Small description of the algorithm:
- make canonical header using content type, the host, and the date
- hash the post data
- make canonical_request using custom request, the URI,
  the get data, the canonical header, the signed header
  and post data hash
- hash canonical_request
- make str_to_sign using one of the prefix pass in parameter,
  the date, the credential scope and the canonical_request hash
- compute hmac from date, using secret key as key.
- compute hmac from region, using above hmac as key
- compute hmac from api_type, using above hmac as key
- compute hmac from request_type, using above hmac as key
- compute hmac from str_to_sign using above hmac as key
- create Authorization header using above hmac, prefix pass in parameter,
  the date, and above hash

Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>

Closes #5703
2020-12-21 16:27:50 +01:00
Matthias Gatto d52564bacb
http: add hmac support for sha256
It seems current hmac implementation use md5 for the hash,
V4 signature require sha256, so I've added the needed struct in
this commit.

I've added the functions that do the hmac in v4 signature file
as a static function ,in the next patch of the serie,
because it's used only by this file.

Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
2020-12-21 15:26:41 +01:00
Cristian Rodríguez d13179db3e
connect: on linux, enable reporting of all ICMP errors on UDP sockets
The linux kernel does not report all ICMP errors back to userspace due
to historical reasons.

IP*_RECVERR sockopt must be turned on to have the correct behaviour
which is to pass all ICMP errors to userspace.

See https://bugzilla.kernel.org/show_bug.cgi?id=202355

Closes #6341
2020-12-21 15:24:08 +01:00
Daniel Stenberg e1a4647a42
c-hyper: fix compiler warnings
Identified by clang on windows.

Reported-by: Gisle Vanem
Bug: 58974d25d8

Closes #6351
2020-12-20 23:06:46 +01:00
Daniel Stenberg abb68c192a
build: repair http disabled but mqtt enabled build
... as the mqtt code reuses the "method" originally used for HTTP.

Closes #6344
2020-12-18 16:09:13 +01:00
Jon Wilkes e2075f2337
cookie: avoid the C1001 internal compiler error with MSVC 14
Fixes #6112
Closes #6135
2020-12-18 14:02:27 +01:00
Daniel Stenberg debf23eead
mqtt: handle POST/PUBLISH without a set POSTFIELDSIZE
Detected by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28735

Added test 1916 and 1917 to verify.

Closes #6338
2020-12-18 12:54:05 +01:00
Daniel Stenberg 58974d25d8
lib: introduce c-hyper for using Hyper
... as an alternative HTTP backend within libcurl.
2020-12-18 09:58:04 +01:00
Daniel Stenberg edc89839be
setopt: adjust to Hyper and disabled HTTP builds 2020-12-18 09:58:04 +01:00
Daniel Stenberg 4daba06762
rtsp: disable if Hyper is used 2020-12-18 09:58:04 +01:00
Daniel Stenberg 34021b804d
getinfo: build with disabled HTTP support 2020-12-18 09:58:03 +01:00
Daniel Stenberg 9211cb2034
version: include hyper version 2020-12-18 09:58:03 +01:00
Daniel Stenberg a5bc272223
http: show the request as headers even when split-sending
When the initial request isn't possible to send in its entirety, the
remainder of request would be delivered to the debug callback as data
and would wrongly be counted internally as body-bytes sent.

Extended test 1295 to verify.

Closes #6328
2020-12-17 14:00:27 +01:00
Daniel Stenberg 3e17c8ab72
multi: when erroring in TOOFAST state, act as for PERFORM
When failing in TOOFAST, the multi_done() wasn't called so the same
cleanup and handling wasn't done like when it fails in PERFORM, which in
the case of FTP could mean that the control connection wouldn't be
marked as "dead" for the CURLE_ABORTED_BY_CALLBACK case. Which caused
ftp_disconnect() to use it to send "QUIT", which could end up waiting
for a response a long time before giving up!

Reported-by: Tomas Berger
Fixes #6333
Closes #6337
2020-12-17 13:57:27 +01:00
parazyd a1f06f32b8
gopher: Implement secure gopher protocol.
This commit introduces a "gophers" handler inside the gopher protocol if
USE_SSL is defined. This protocol is no different than the usual gopher
prococol, with the added TLS encapsulation upon connecting. The protocol
has been adopted in the gopher community, and many people have enabled
TLS in their gopher daemons like geomyidae(8), and clients, like clic(1)
and hurl(1).

I have not implemented test units for this protocol because my knowledge
of Perl is sub-par. However, for someone more knowledgeable it might be
fairly trivial, because the same test that tests the plain gopher
protocol can be used for "gophers" just by adding a TLS listener.

Signed-off-by: parazyd <parazyd@dyne.org>

Closes #6208
2020-12-15 12:58:12 +01:00
Daniel Stenberg a259eee99f
mqtt: deal with 0 byte reads correctly
OSS-Fuzz found it
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28676

Closes #6327
2020-12-15 11:38:29 +01:00
Daniel Stenberg 796c068895
quiche: remove fprintf() leftover 2020-12-14 11:19:48 +01:00
Jay Satiro c54565915f digest_sspi: Show InitializeSecurityContext errors in verbose mode
The error is shown with infof rather than failf so that the user will
see the extended error message information only in verbose mode, and
will still see the standard CURLE_AUTH_ERROR message. For example:

---

* schannel: InitializeSecurityContext failed: SEC_E_QOP_NOT_SUPPORTED
(0x8009030A) - The per-message Quality of Protection is not supported by
the security package
* multi_done
* Connection #1 to host 127.0.0.1 left intact
curl: (94) An authentication function returned an error

---

Ref: https://github.com/curl/curl/issues/6302

Closes https://github.com/curl/curl/pull/6315
2020-12-14 00:25:10 -05:00
Daniel Stenberg 769a4687df
tests/server/disabled: add "wakeup"
To allow the test suite to know if wakeup support is disabled in the
build.
2020-12-11 17:42:17 +01:00
Daniel Stenberg 32793b2c4f
ngtcp2: make it build it current master again
Closes #6296
2020-12-10 08:57:07 +01:00
Cristian Rodríguez 25b4e158e9
connect: defer port selection until connect() time
If supported, defer port selection until connect() time
if --interface is given and source port is 0.

Reproducer:

* start fast webserver on port 80
* starve system of ephemeral ports
$  sysctl net.ipv4.ip_local_port_range="60990 60999"

* start a curl/libcurl "crawler"
$curl --keepalive --parallel --parallel-immediate --head --interface
127.0.0.2 "http://127.0.0.[1-254]/file[001-002].txt"

current result:
(possible some successful data)
curl: (45) bind failed with errno 98: Address already in use

result after patch:
(complete success or few connections failing, higlhy depending on load)

Fail only when all the possible 4-tuple combinations are exhausted,
which is impossible to do when port is selected at bind() time becuse
the kernel does not know if socket will be listen()'ed on or connect'ed
yet.

Closes #6295
2020-12-10 08:55:42 +01:00
Hans-Christian Noren Egtvedt 8a10abaf85
connect: zero variable on stack to silence valgrind complaint
Valgrind will complain that ssrem buffer usage if not explicit
initialized, hence initialize it to zero.

This completes the change intially started in commit 2c0d721215 ('ftp:
retry getpeername for FTP with TCP_FASTOPEN') where the ssloc buffer has
a similar memset to zero.

Signed-off-by: Hans-Christian Noren Egtvedt <hegtvedt@cisco.com>
Closes #6289
2020-12-09 23:36:15 +01:00
Jacob Hoffman-Andrews 6d338a87d6 urldata: restore comment on ssl_connect_data.use
This comment was originally on the `use` field, but was separated from
its field in 62a2534.

Closes https://github.com/curl/curl/pull/6287
2020-12-07 18:45:47 -05:00
Daniel Stenberg d9d0167278
openssl: make the OCSP verification verify the certificate id
CVE-2020-8286

Reported by anonymous

Bug: https://curl.se/docs/CVE-2020-8286.html
2020-12-07 09:27:10 +01:00
Daniel Stenberg 69a358f218
ftp: make wc_statemach loop instead of recurse
CVE-2020-8285

Fixes #6255
Bug: https://curl.se/docs/CVE-2020-8285.html
Reported-by: xnynx on github
2020-12-07 09:25:48 +01:00
Daniel Stenberg ec9cc725d5
ftp: CURLOPT_FTP_SKIP_PASV_IP by default
The command line tool also independently sets --ftp-skip-pasv-ip by
default.

Ten test cases updated to adapt the modified --libcurl output.

Bug: https://curl.se/docs/CVE-2020-8284.html
CVE-2020-8284

Reported-by: Varnavas Papaioannou
2020-12-07 08:38:05 +01:00
Daniel Stenberg abd846c374
urlapi: don't accept blank port number field without scheme
... as it makes the URL parser accept "very-long-hostname://" as a valid
host name and we don't want that. The parser now only accepts a blank
(no digits) after the colon if the URL starts with a scheme.

Reported-by: d4d on hackerone

Closes #6283
2020-12-07 00:50:49 +01:00
Daniel Stenberg 2260e0ebe6
Revert "multi: implement wait using winsock events"
This reverts commit d2a7d7c185.

This commit also reverts the subsequent follow-ups to that commit, which
were all done within windows #ifdefs that are removed in this
change. Marc helped me verify this.

Fixes #6146
Closes #6281
2020-12-06 22:40:38 +01:00
Klaus Crusius 2c0d721215
ftp: retry getpeername for FTP with TCP_FASTOPEN
In the case of TFO, the remote host name is not resolved at the
connetion time.

For FTP that has lead to missing hostname for the secondary connection.
Therefore the name resolution is done at the time, when FTP requires it.

Fixes #6252
Closes #6265
Closes #6282
2020-12-06 11:18:28 +01:00
Daniel Stenberg 1835cb916e
openssl: use OPENSSL_init_ssl() with >= 1.1.0
Reported-by: Kovalkov Dmitrii and Per Nilsson
Fixes #6254
Fixes #6256
Closes #6260
2020-12-03 22:30:38 +01:00
Daniel Stenberg 26f682bcc4
quiche: close the connection
Reported-by: Junho Choi
Fixes #6213
Closes #6217
2020-12-02 22:50:39 +01:00
Jay Satiro 2d1df660bc ngtcp2: Fix build error due to symbol name change
- NGTCP2_CRYPTO_LEVEL_APP -> NGTCP2_CRYPTO_LEVEL_APPLICATION

ngtcp2/ngtcp2@76232e9 changed the name.

ngtcp2 master is required to build curl with http3 support.

Closes https://github.com/curl/curl/pull/6271
2020-12-02 16:06:57 -05:00
Klaus Crusius d6bfbfadd3
cmake: check for linux/tcp.h
The HAVE_LINUX_TCP_H define was not set by cmake.

Closes #6252
2020-12-01 12:32:55 +01:00
Daniel Stenberg b6b535994e
splay: rename Curl_splayremovebyaddr to Curl_splayremove
... and remove the old unused proto for the old Curl_splayremove
version.

Closes #6269
2020-12-01 08:09:51 +01:00
Daniel Stenberg 2d4d012a49
openssl: free mem_buf in error path
To fix a memory-leak.

Closes #6267
2020-12-01 08:03:47 +01:00
Daniel Stenberg 0d75bf9ae9
openssl: remove #if 0 leftover
Follow-up to 4c9768565e (from Sep 2008)

Closes #6268
2020-11-30 19:59:12 +01:00
Daniel Stenberg 65d2f563fd
ntlm: avoid malloc(0) on zero length user and domain
... and simplify the too-long checks somewhat.

Detected by OSS-Fuzz

Closes #6264
2020-11-29 11:24:54 +01:00
Daiki Ueno c7b02c5d68
ngtcp2: use the minimal version of QUIC supported by ngtcp2
Closes #6250
2020-11-26 23:31:56 +01:00
Daiki Ueno ddd3eb99f8
ngtcp2: advertise h3 ALPN unconditionally
Closes #6250
2020-11-26 23:31:53 +01:00
Daiki Ueno 0cbd5d5c4f
vquic/ngtcp2.h: define local_addr as sockaddr_storage
This field needs to be wide enough to hold sockaddr_in6 when
connecting via IPv6.  Otherwise, ngtcp2_conn_read_pkt will drop the
packets because of the address mismatch:
  I00000022 [...] con ignore packet from unknown path

We can safely assume that struct sockaddr_storage is available, as it
is used in the public interface of ngtcp2.

Closes #6250
2020-11-26 23:31:42 +01:00
Daniel Stenberg 0b60d3685e
socks: check for DNS entries with the right port number
The resolve call is done with the right port number, but the subsequent
check used the wrong one, which then could find a previous resolve which
would return and leave the fresh resolve "incomplete" and leaking
memory.

Fixes #6247
Closes #6253
2020-11-26 22:29:34 +01:00
Daniel Stenberg d6ced230fe curl_setup: USE_RESOLVE_ON_IPS is for Apple native resolver use
... so don't define it when instructed to use c-ares!
2020-11-26 17:26:59 +01:00
Emil Engler 12cb7a1fe0
file: avoid duplicated code sequence
file_disconnect() is identical with file_do() except the function header
but as the arguments are unused anyway so why not just return file_do()
directly!

Reviewed-by: Daniel Stenberg
Closes #6249
2020-11-25 23:39:28 +01:00
Rikard Falkeborn 920f49a20b
infof/failf calls: fix format specifiers
Update a few format specifiers to match what is being printed.

Closes #6241
2020-11-24 13:18:41 +01:00
Daniel Stenberg 020aa0131b
docs/INTERNALS: remove reference to Curl_sendf()
The function has been removed from common usage. Also removed comment in
gopher.c that still referenced it.

Reported-by: Rikard Falkeborn
Fixes #6242
Closes #6243
2020-11-24 13:17:25 +01:00
Daniel Stenberg 37cdc2a05c
asyn: use 'struct thread_data *' instead of 'void *'
To reduce use of types that can't be checked at compile time. Also
removes several typecasts.

... and rename the struct field from 'os_specific' to 'tdata'.

Closes #6239
Reviewed-by: Jay Satiro
2020-11-23 22:54:18 +01:00
Viktor Szakats 3e092adf67
Makefile.m32: add support for UNICODE builds
It requires the linker to support the `-municode` option.
This is available in more recent mingw-w64 releases.

Ref: https://gcc.gnu.org/onlinedocs/gcc/x86-Windows-Options.html
Ref: https://stackoverflow.com/questions/3571250/wwinmain-unicode-and-mingw/11706847#11706847

Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad

Closes #6228
2020-11-23 16:56:27 +00:00
Daniel Stenberg a95a6ce6b8
urldata: remove 'void *protop' and create the union 'p'
... to avoid the use of 'void *' for the protocol specific structs done
per transfer.

Closes #6238
2020-11-23 16:16:16 +01:00
Oliver Urbann 0d16a49c16
curl: add compatibility for Amiga and GCC 6.5
Changes are mainly reordering and adding of includes required
to compile with a more recent version of GCC.

Closes #6220
2020-11-20 23:36:51 +01:00
Daniel Gustafsson 3a8cdc82dc openssl: guard against OOM on context creation
EVP_MD_CTX_create will allocate memory for the context and returns
NULL in case the allocation fails. Make sure to catch any allocation
failures and exit early if so.

In passing, also move to EVP_DigestInit rather than EVP_DigestInit_ex
as the latter is intended for ENGINE selection which we don't do.

Closes #6224
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Emil Engler <me@emilengler.com>
2020-11-19 01:40:24 +01:00
Vincent Torri ee38a725b9
cmake: use libcurl.rc in all Windows builds
Reviewed-by: Marcel Raad
Closes #6215
2020-11-19 14:43:31 +01:00
Daniel Stenberg 73b63876b1
quiche: remove 'static' from local buffer
For thread-safety

Closes #6223
2020-11-19 13:34:44 +01:00
Tobias Hieta 760e854348
cmake: correctly handle linker flags for static libs
curl CMake was setting the the EXE flags for static libraries which made
the /manifest:no flag ended up when linking the static library, which is
not a valid flag for lib.exe or llvm-lib.exe and caused llvm-lib to exit
with an error.

The better way to handle this is to make sure that we pass the correct
linker flags to CMAKE_STATIC_LINKER_FLAGS instead.

Reviewed-by: Jakub Zakrzewski
Closes #6195
2020-11-10 23:41:29 +01:00
Daniel Stenberg c49d205ae0
http_proxy: use enum with state names for 'keepon'
To make the code clearer, change the 'keepon' from an int to an enum
with better state names.

Reported-by: Niranjan Hasabnis
Bug: https://curl.se/mail/lib-2020-11/0026.html
Closes #6193
2020-11-10 01:01:56 +01:00
Daniel Stenberg 7ae59838f0
curl_easy_escape: limit output string length to 3 * max input
... instead of the limiting it to just the max input size. As every
input byte can be expanded to 3 output bytes, this could limit the input
string to 2.66 MB instead of the intended 8 MB.

Reported-by: Marc Schlatter
Closes #6192
2020-11-09 23:01:06 +01:00
Daniel Stenberg a570f7cd09
Curl_pgrsStartNow: init speed limit time stamps at start
By setting the speed limit time stamps unconditionally at transfer
start, we can start off a transfer without speed limits and yet allow
them to get set during transfer and have an effect.

Reported-by: Kael1117 on github
Fixes #6162
Closes #6184
2020-11-09 08:19:09 +01:00
Daniel Stenberg 5d57a79929
ngtcp2: adapt to recent nghttp3 updates
'reset_stream' was added to the nghttp3_conn_callbacks struct

Closes #6185
2020-11-09 08:17:38 +01:00
Daniel Stenberg 5d903ce3a3
altsvc: minimize variable scope and avoid "DEAD_STORE"
Closes #6182
2020-11-07 18:10:21 +01:00
Daniel Stenberg 20558ff269
url: make sure an HSTS upgrade updates URL and scheme correctly
Closes #6175
2020-11-06 08:22:31 +01:00
Daniel Stenberg 6ee57c8bdd
hsts: remove debug code leftovers
Closes #6175
2020-11-06 08:22:14 +01:00
Daniel Gustafsson 085f91036c hsts: Remove pointless call to free in errorpath
The line variable will always be NULL in the error path, so remove
the free call since it's pointless.

Closes #6170
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2020-11-05 09:42:38 +01:00
Daniel Stenberg ac0a88fd25
copyright: fix year ranges
Follow-up from 4d2f800677
2020-11-05 08:22:10 +01:00
Daniel Stenberg 4d2f800677
curl.se: new home
Closes #6172
2020-11-04 23:59:47 +01:00
Harry Sintonen 8bdee98187
rtsp: error out on empty Session ID, unified the code 2020-11-04 08:14:36 +01:00
Harry Sintonen adb0fcfab2
rtsp: fixed Session ID comparison to refuse prefix
Closes #6161
2020-11-04 08:14:01 +01:00
Daniel Stenberg 2cfc4ed983
hsts: add read/write callbacks
- read/write callback options
- man pages for the 4 new setopts
- test 1915 verifies the callbacks

Closes #5896
2020-11-03 16:08:48 +01:00
Daniel Stenberg 7385610d0c
hsts: add support for Strict-Transport-Security
- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION_HSTS bit
- curl_version_info support
- curl -V output
- curl-config --features
- CURLOPT_HSTS_CTRL
- man page for CURLOPT_HSTS_CTRL
- curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl)
- man page for --hsts
- save cache to disk
- load cache from disk
- CURLOPT_HSTS
- man page for CURLOPT_HSTS
- added docs/HSTS.md
- fixed --version docs
- adjusted curl_easy_duphandle

Closes #5896
2020-11-03 16:08:42 +01:00
Daniel Stenberg d70a5b5a0f
sendf: move the verbose-check into Curl_debug
Saves us from having the same check done everywhere.

Closes #6159
2020-11-02 22:49:36 +01:00
Harry Sintonen 8bcb23593e
gnutls: fix memory leaks (certfields memory wasn't released)
Closes #6153
2020-11-02 09:59:48 +01:00
Daniel Stenberg 584ccb5ef2
http: pass correct header size to debug callback for chunked post
... when the chunked framing was added, the size of the "body part" of
the data was calculated wrongly so the debug callback would get told a
header chunk a few bytes too big that would also contain the first few
bytes of the request body.

Reported-by: Dirk Wetter
Ref: #6144
Closes #6147
2020-10-31 23:46:27 +01:00
Daniel Stenberg 9a844625c4
libssh2: fix transport over HTTPS proxy
The fix in #6021 was not enough. This fix makes sure SCP/SFTP content
can also be transfered over a HTTPS proxy.

Fixes #6113
Closes #6128
2020-10-29 09:31:31 +01:00
Baruch Siach ddcc110bfc
libssh2: fix build with disabled proxy support
Build breaks because the http_proxy field is missing:

vssh/libssh2.c:3119:10: error: 'struct connectdata' has no member named 'http_proxy'

Regression from #6021, shipped in curl 7.73.0

Closes #6125
2020-10-26 09:18:35 +01:00
Daniel Stenberg 96450a1a33
alt-svc: enable by default
Remove CURLALTSVC_IMMEDIATELY, which was never implemented/supported.

alt-svc support in curl is no longer considered experimental

Closes #5868
2020-10-25 23:08:54 +01:00
Daniel Stenberg 4bfca0a807
libssh2: require version 1.0 or later
... and simplify the code accordingly. libssh2 version 1.0 was released
in April 2009.

Closes #6116
2020-10-22 16:45:40 +02:00
Daniel Stenberg 6dc563cdaa
CMake: store IDN2 information in curl_config.h
This allows the build to enable IDN properly and it makes test 1014
happier.

Ref: #6074
Closes #6108
2020-10-20 14:51:33 +02:00
Daniel Stenberg a3d5b199f9
openssl: acknowledge SRP disabling in configure properly
Follow-up to 68a5132474

Use a new separate define that is the combination of both
HAVE_OPENSSL_SRP and USE_TLS_SRP: USE_OPENSSL_SRP

Bug: https://curl.haxx.se/mail/lib-2020-10/0037.html

Closes #6094
2020-10-16 14:29:02 +02:00
Viktor Szakats e34959c0b9
http3: fix two build errors, silence warnings
* fix two build errors due to mismatch between function
  declarations and their definitions
* silence two mismatched signs warnings via casts

Approved-by: Daniel Stenberg
Closes #6093
2020-10-16 07:15:48 +00:00
Viktor Szakats 769c9a4eec
Makefile.m32: add support for HTTP/3 via ngtcp2+nghttp3
Approved-by: Daniel Stenberg
Closes #6092
2020-10-16 07:15:19 +00:00
Daniel Stenberg 475c1aba68
checksrc: warn on empty line before open brace
... and fix a few occurances

Closes #6088
2020-10-15 23:32:26 +02:00
Daniel Stenberg b7ea3d2c22
urlapi: URL encode a '+' in the query part
... when asked to with CURLU_URLENCODE.

Extended test 1560 to verify.
Reported-by: Dietmar Hauser
Fixes #6086
Closes #6087
2020-10-15 23:21:53 +02:00
Philipp Klaus Krause 5168e5ad1d
strerror: use 'const' as the string should never be modified
Closes #6068
2020-10-15 15:43:32 +02:00
Jay Satiro 8b1a10cdf7
connect: repair build without ipv6 availability
Assisted-by: Daniel Stenberg
Reported-by: Tom G. Christensen

Fixes https://github.com/curl/curl/issues/6069
Closes https://github.com/curl/curl/pull/6071
2020-10-15 12:56:57 +02:00
Daniel Stenberg 15997f6db5
test122[12]: remove these two tests
... and remove the objnames scripts they tested. They're not used for
anything anymore so testing them serves no purpose!

Reported-by: Marc Hörsken
Fixes #6080
Closes #6081
2020-10-15 07:56:19 +02:00
Jay Satiro a326877981
strerror: Revert to local codepage for Windows error string
- Change get_winapi_error() to return the error string in the local
  codepage instead of UTF-8 encoding.

Two weeks ago bed5f84 fixed get_winapi_error() to work on xbox, but it
also changed the error string's encoding from local codepage to UTF-8.

We return the local codepage version of the error string because if it
is output to the user's terminal it will likely be with functions which
expect the local codepage (eg fprintf, failf, infof).

This is essentially a partial revert of bed5f84. The support for xbox
remains but the error string is reverted back to local codepage.

Ref: https://github.com/curl/curl/pull/6005

Reviewed-by: Marcel Raad
Closes #6065
2020-10-13 14:17:27 +02:00
Viktor Szakats d707a9fa64
windows: fix comparison of mismatched types warning
clang 10, mingw-w64:
```
vtls/openssl.c:2917:33: warning: comparison of integers of different signs: 'DWORD' (aka 'unsigned long') and 'HRESULT' (aka 'long')
      [-Wsign-compare]
              if(GetLastError() != CRYPT_E_NOT_FOUND)
                 ~~~~~~~~~~~~~~ ^  ~~~~~~~~~~~~~~~~~
```

Approved-by: Daniel Stenberg
Closes #6062
2020-10-12 10:18:53 +00:00
Daniel Stenberg 7d8c89d47b
checksrc: detect // comments on column 0
Spotted while working on #6045

Closes #6048
2020-10-07 10:14:50 +02:00
Frederik Wedel-Heinen bc5455fa74
mbedtls: add missing header when defining MBEDTLS_DEBUG
Closes #6045
2020-10-07 09:15:39 +02:00
Daniel Stenberg 6497ed45bd
ldap: reduce the amount of #ifdefs needed
Closes #6035
2020-10-03 22:49:39 +02:00
Daniel Stenberg 26a7d51c21
checksrc: warn on space after exclamation mark
Closes #6034
2020-10-02 16:35:53 +02:00
Jay Satiro 9a13f7c2a7 strerror: fix null deref on winapi out-of-memory
Follow-up to bed5f84 from several days ago.

Ref: https://github.com/curl/curl/pull/6005
2020-10-01 13:34:59 -04:00
Kamil Dudka 7920be9473
vtls: deduplicate some DISABLE_PROXY ifdefs
... in the code of gtls, nss, and openssl

Closes #5735
2020-10-01 16:36:24 +02:00
Daniel Stenberg c8204ed6a2
configure: don't say HTTPS-proxy is enabled when disabled!
Reported-by: Kamil Dudka
Reviewed-by: Kamil Dudka
Bug: https://github.com/curl/curl/pull/5735#issuecomment-701376388
Closes #6029
2020-09-30 22:43:43 +02:00
Daniel Gustafsson 2aac895fb6 src: Consistently spell whitespace without whitespace
Whitespace is spelled without a space between white and space, so
make sure to consistently spell it that way across the codebase.

Closes #6023
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Emil Engler <me@emilengler.com>
2020-09-30 21:10:14 +02:00
Daniel Stenberg b312e3238f
sectransp: make it build with --disable-proxy
Follow-up from #5466 and f3d501dc67
Reported-by: Javier Navarro
Fixes #6025
Closes #6026
2020-09-30 10:32:17 +02:00
Daniel Stenberg edfb6168e9
libssh2: handle the SSH protocols done over HTTPS proxy
Reported-by: Robin Douine
Fixes #4295
Closes #6021
2020-09-29 07:50:07 +02:00
Emil Engler 82d66f1582
memdebug: remove 9 year old unused debug function
There used to be a way to have memdebug fill allocated memory. 9 years
later this has no value there (valgrind and ASAN etc are way better). If
people need to know about it they can have a look at VCS logs.

Closes #5973
2020-09-28 22:15:21 +02:00
Daniel Stenberg a87cca7b1c
sendf: move Curl_sendf to dict.c and make it static
... as the only remaining user of that function. Also fix gopher.c to
instead use Curl_write()

Closes #6020
2020-09-28 17:05:53 +02:00
Daniel Stenberg abeeffb11c
schannel: return CURLE_PEER_FAILED_VERIFICATION for untrusted root
This matches what is returned in other TLS backends in the same
situation.

Reviewed-by: Jay Satiro
Reviewed-by: Emil Engler
Follow-up to 5a3efb1
Reported-by: iammrtau on github
Fixes #6003
Closes #6018
2020-09-28 10:41:51 +02:00
Daniel Stenberg 4a4c724599
ftp: make a 552 response return CURLE_REMOTE_DISK_FULL
Added test 348 to verify. Added a 'STOR' command to the test FTP
server to enable test 348. Documented the command in FILEFORMAT.md

Reported-by: Duncan Wilcox
Fixes #6016
Closes #6017
2020-09-26 13:37:15 +02:00
Daniel Stenberg 7772344e17
pause: only trigger a reread if the unpause sticks
As an unpause might itself get paused again and then triggering another
reread doesn't help.

Follow-up from e040146f22 (shipped since 7.69.1)

Bug: https://curl.haxx.se/mail/lib-2020-09/0081.html
Patch-by: Kunal Chandarana
Fixes #5988
Closes #6013
2020-09-25 15:18:10 +02:00
Daniel Stenberg 3d60a22390
ngtcp2: adapt to new NGTCP2_PROTO_VER_MAX define
Closes #6012
2020-09-25 08:59:43 +02:00
Javier Blazquez bed5f8454a
strerror: honor Unicode API choice on Windows
Closes #6005
2020-09-25 08:55:35 +02:00
Daniel Stenberg c4693adc62
imap: make imap_send use dynbuf for the send buffer management
Reuses the buffer and thereby reduces number of mallocs over a transfer.

Closes #6010
2020-09-25 08:35:01 +02:00
Daniel Stenberg 92a9b88ebf
Curl_send: return error when pre_receive_plain can't malloc
... will probably trigger some false DEAD CODE positives on non-windows
code analyzers for the conditional code.

Closes #6011
2020-09-25 08:31:52 +02:00
Daniel Stenberg 1397a7de6e
ftp: separate FTPS from FTP over "HTTPS proxy"
When using HTTPS proxy, SSL is used but not in the view of the FTP
protocol handler itself so separate the connection's use of SSL from the
FTP control connection's sue.

Reported-by: Mingtao Yang
Fixes #5523
Closes #6006
2020-09-24 14:09:20 +02:00
Daniel Stenberg 675eeb1c94
pingpong: use a dynbuf for the *_pp_sendf() function
... reuses the same dynamic buffer instead of doing repeated malloc/free
cycles.

Test case 100 (FTP dir list PASV) does 7 fewer memory allocation calls
after this change in my test setup (132 => 125), curl 7.72.0 needed 140
calls for this.

Test case 103 makes 9 less allocations now (130). Down from 149 in
7.72.0.

Closes #6004
2020-09-23 15:14:09 +02:00
Daniel Stenberg f74afa40f8
dynbuf: add Curl_dyn_vaddf
Closes #6004
2020-09-23 15:13:46 +02:00
Daniel Stenberg 7e8561e030
dynbuf: make *addf() not require extra mallocs
... by introducing a printf() function that appends directly into a
dynbuf: Curl_dyn_vprintf(). This avoids the mandatory extra malloc so if
the buffer is already big enough it can just printf directly into it.

Since this less-malloc version requires tthe use of a library internal
printf function, we only provide this version when building libcurl and
not for the dynbuf code that is used when building the curl tool.

Closes #5998
2020-09-23 08:54:42 +02:00
Daniel Stenberg 0548ecaf6a
pingpong: remove a malloc per Curl_pp_vsendf call
This typically makes 7-9 fewer mallocs per FTP transfer.

Closes #5997
2020-09-22 23:13:26 +02:00
Daniel Stenberg 3d64031fa7
symbian: drop support
The OS is deprecated. I see no traces of anyone having actually built
curl for Symbian after 2012.

The public headers are unmodified.

Closes #5989
2020-09-22 15:14:12 +02:00
Daniel Stenberg 1ee289f7b5
curl_krb5.h: rename from krb5.h
Follow-up from f4873ebd0b

Turns out some older openssl installations go bananas otherwise.
Reported-by: Tom van der Woerdt
Fixes #5995
Closes #5996
2020-09-22 13:46:22 +02:00
Daniel Stenberg e5803089a9
http_proxy: do not count proxy headers in the header bytecount
... as that counter is subsequently used to detect if nothing was
returned from the peer. This made curl return CURLE_OK when it should
have returned CURLE_GOT_NOTHING.

Fixes #5992
Reported-by: Tom van der Woerdt
Closes #5994
2020-09-22 10:54:34 +02:00
Daniel Stenberg a8e08a87df
setopt: return CURLE_BAD_FUNCTION_ARGUMENT on bad argument
Fixed two return code mixups. CURLE_UNKNOWN_OPTION is saved for when the
option is, yeah, not known. Clarified this in the setopt man page too.

Closes #5993
2020-09-22 09:04:13 +02:00
Daniel Stenberg f4873ebd0b
krb5: merged security.c and krb specific FTP functions in here
These two files were always tightly connected and it was hard to
understand what went into which. This also allows us to make the
ftpsend() function static (moved from ftp.c).

Removed security.c
Renamed curl_sec.h to krb5.h

Closes #5987
2020-09-21 23:31:39 +02:00
Daniel Stenberg 6434a73984
Curl_handler: add 'family' to each protocol
Makes get_protocol_family() faster and it moves the knowledge about the
"families" to each protocol handler, where it belongs.

Closes #5986
2020-09-21 23:30:16 +02:00
Daniel Stenberg 2e645e21de
parsedate: tune the date to epoch conversion
By avoiding an unnecessary error check and the temp use of the tm
struct, the time2epoch conversion function gets a little bit faster.
When repeating test 517, the updated version is perhaps 1% faster (on
one particular build on one particular architecture).

Closes #5985
2020-09-21 16:46:41 +02:00
Daniel Stenberg 3d8731c8f5
ftp: avoid risk of reading uninitialized integers
If the received PASV response doesn't match the expected pattern, we
could end up reading uninitialized integers for IP address and port
number.

Issue pointed out by muse.dev
Closes #5972
2020-09-18 08:26:49 +02:00
Quentin Balland 7921b41ce1
easy_reset: clear retry counter
Closes #5975
Fixes #5974
2020-09-18 07:59:24 +02:00