1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 09:38:54 -05:00
Commit Graph

23305 Commits

Author SHA1 Message Date
Marcel Raad
7bc1180437
test1143: disable MSYS2's POSIX path conversion
By default, the MSYS2 bash interprets http:/%HOSTIP:%HTTPPORT/want/1143
as a POSIX file list and converts it to a Windows file list.
Disable this with MSYS2_ARG_CONV_EXCL for the test to pass.

Ref https://github.com/msys2/msys2/wiki/Porting#filesystem-namespaces
Closes https://github.com/curl/curl/pull/2765
2018-07-20 16:08:58 +02:00
Daniel Stenberg
db2ac90eaf
RELEASE-NOTES: sync
... and work toward 7.61.1
2018-07-18 01:21:07 +02:00
Ruslan Baratov
d1207c07d0
CMake: Update scripts to use consistent style
Closes #2727
Reviewed-by: Sergei Nikulov
2018-07-17 11:54:07 +02:00
Daniel Stenberg
a82372e0fb
header output: switch off all styles, not just unbold
... the "unbold" sequence doesn't work on the mac Terminal.

Reported-by: Zero King
Fixes #2736
Closes #2738
2018-07-17 00:31:39 +02:00
Rodger Combs
092f6815c8 darwinssl: add support for ALPN negotiation 2018-07-14 18:32:47 -05:00
Marcel Raad
8c00412428
test1422: add required file feature
curl configured with --enable-debug --disable-file currently complains
on test1422:
Info: Protocol "file" not supported or disabled in libcurl

Make test1422 dependend on enabled FILE protocol to fix this.

Fixes https://github.com/curl/curl/issues/2741
Closes https://github.com/curl/curl/pull/2742
2018-07-14 12:56:43 +02:00
Patrick Monnerat
f8be737d8f content_encoding: accept up to 4 unknown trailer bytes after raw deflate data
Some servers issue raw deflate data that may be followed by an undocumented
trailer. This commit makes curl tolerate such a trailer of up to 4 bytes
before considering the data is in error.

Reported-by: clbr on github
Fixes #2719
2018-07-12 22:46:15 +02:00
Daniel Stenberg
5b511b0958
smb: fix memory-leak in URL parse error path
Detected by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9369
Closes #2740
2018-07-12 14:47:11 +02:00
Marcel Raad
2c33105dbf
schannel: enable CALG_TLS1PRF for w32api >= 5.1
The definition of CALG_TLS1PRF has been fixed in the 5.1 branch:
73aedcc0f2
2018-07-12 14:38:55 +02:00
Daniel Stenberg
29b78a537f
docs/SECURITY-PROCESS: mention bounty, drop pre-notify
+ The hackerone bounty and its process

- We don't and can't handle pre-notification
2018-07-12 12:32:54 +02:00
Daniel Stenberg
acefdd0cd1
multi: always do the COMPLETED procedure/state
It was previously erroneously skipped in some situations.

libtest/libntlmconnect.c wrongly depended on wrong behavior (that it
would get a zero timeout) when no handles are "running" in a multi
handle. That behavior is no longer present with this fix. Now libcurl
will always return a -1 timeout when all handles are completed.

Closes #2733
2018-07-11 23:41:24 +02:00
Daniel Stenberg
151d3c56dc
Curl_getoff_all_pipelines: improved for multiplexed
On multiplexed connections, transfers can be removed from anywhere not
just at the head as for pipelines.
2018-07-11 23:41:24 +02:00
Daniel Stenberg
c8373e3dfc
ares: check for NULL in completed-callback 2018-07-11 23:41:24 +02:00
Daniel Stenberg
1b76c38904
conn: remove the boolean 'inuse' field
... as the usage needs to be counted.
2018-07-11 23:41:24 +02:00
Paul Howarth
d6417f6c2d
openssl: assume engine support in 1.0.0 or later
Commit 38203f1585 changed engine detection to be version-based,
with a baseline of openssl 1.0.1. This does in fact break builds
with openssl 1.0.0, which has engine support - the configure script
detects that ENGINE_cleanup() is available - but <openssl/engine.h>
doesn't get included to declare it.

According to upstream documentation, engine support was added to
mainstream openssl builds as of version 0.9.7:
https://github.com/openssl/openssl/blob/master/README.ENGINE

This commit drops the version test down to 1.0.0 as version 1.0.0d
is the oldest version I have to test with.

Closes #2732
2018-07-11 23:40:10 +02:00
Marcel Raad
48cf45c5aa
schannel: fix MinGW compile break
Original MinGW's w32api has a sytax error in its definition of
CALG_TLS1PRF [0]. Don't use original MinGW w32api's CALG_TLS1PRF
until this bug [1] is fixed.

[0] d1d4a17e51/w32api/include/wincrypt.h
[1] https://osdn.net/projects/mingw/ticket/38391

Fixes https://github.com/curl/curl/pull/2721#issuecomment-403636043
Closes https://github.com/curl/curl/pull/2728
2018-07-11 13:04:15 +02:00
Daniel Stenberg
1f6e38e6af
examples/crawler.c: move #ifdef to column 0
Apparently the C => HTML converter on the web site doesn't quite like it
otherwise.

Reported-by: Jeroen Ooms
2018-07-11 11:47:21 +02:00
Daniel Stenberg
eb8138405a
release: 7.61.0 2018-07-11 07:57:42 +02:00
Daniel Stenberg
d3bd7cb388
TODO: Configurable loading of OpenSSL configuration file
Closes #2724
2018-07-10 10:57:20 +02:00
Daniel Stenberg
522236f55e
post303.d: clarify that this is an RFC violation
... and not the other way around, which this previously said.

Reported-by: Vasiliy Faronov
Fixes #2723
Closes #2726
2018-07-10 10:08:07 +02:00
Ruslan Baratov
e0a4bba730
CMake: remove redundant and old end-of-block syntax
Reviewed-by: Jakub Zakrzewski
Closes #2715
2018-07-09 23:32:57 +02:00
Jay Satiro
685dc3c082 lib/curl_setup.h: remove unicode character
Follow-up to 82ce416.

Ref: https://github.com/curl/curl/commit/8272ec5#commitcomment-29646818
2018-07-09 16:04:50 -04:00
Daniel Stenberg
82ce416227
lib/curl_setup.h: remove unicode bom from 8272ec50f0 2018-07-09 21:26:32 +02:00
Marcel Raad
424f1cfefb
schannel: fix -Wsign-compare warning
MinGW warns:
/lib/vtls/schannel.c:219:64: warning: signed and unsigned type in
conditional expression [-Wsign-compare]

Fix this by casting the ptrdiff_t to size_t as we know it's positive.

Closes https://github.com/curl/curl/pull/2721
2018-07-09 18:09:05 +02:00
Marcel Raad
07f7c93f92
schannel: workaround for wrong function signature in w32api
Original MinGW's w32api has CryptHashData's second parameter as BYTE *
instead of const BYTE *.

Closes https://github.com/curl/curl/pull/2721
2018-07-09 18:08:56 +02:00
Marcel Raad
a189ab91fe
schannel: make more cipher options conditional
They are not defined in the original MinGW's <wincrypt.h>.

Closes https://github.com/curl/curl/pull/2721
2018-07-09 18:08:46 +02:00
Marcel Raad
8272ec50f0
curl_setup: include <winerror.h> before <windows.h>
Otherwise, only part of it gets pulled in through <windows.h> on
original MinGW.

Fixes https://github.com/curl/curl/issues/2361
Closes https://github.com/curl/curl/pull/2721
2018-07-09 18:08:40 +02:00
Marcel Raad
5bd8c389a3
examples: fix -Wformat warnings
When size_t is not a typedef for unsigned long (as usually the case on
Windows), GCC emits -Wformat warnings when using lu and lx format
specifiers with size_t. Silence them with explicit casts to
unsigned long.

Closes https://github.com/curl/curl/pull/2721
2018-07-09 18:08:27 +02:00
Daniel Stenberg
ba1dbd78e5
smtp: use the upload buffer size for scratch buffer malloc
... not the read buffer size, as that can be set smaller and thus cause
a buffer overflow! CVE-2018-0500

Reported-by: Peter Wu
Bug: https://curl.haxx.se/docs/adv_2018-70a2.html
2018-07-09 08:15:48 +02:00
Dave Reisner
0b4ccc97f2
scripts: include _curl as part of CLEANFILES
Closes #2718
2018-07-08 23:20:11 +02:00
Nick Zitzmann
b78d1a3d45
darwinssl: allow High Sierra users to build the code using GCC
...but GCC users lose out on TLS 1.3 support, since we can't weak-link
enumeration constants.

Fixes #2656
Closes #2703
2018-07-06 11:13:50 +02:00
Ruslan Baratov
b4db3a8a07
CMake: Remove unused 'output_var' from 'collect_true'
Variable 'output_var' is not used and can be removed.
Function 'collect_true' renamed to 'count_true'.
2018-07-06 09:35:28 +02:00
Ruslan Baratov
fac400da03
CMake: Remove unused functions
Closes #2711
2018-07-06 09:35:21 +02:00
Daniel Stenberg
6e61668b9c
KNOWN_BUGS: Stick to same family over SOCKS proxy 2018-07-06 09:31:52 +02:00
Daniel Stenberg
03d884b7d8
libssh: goto DISCONNECT state on error, not SSH_SESSION_FREE
... because otherwise not everything get closed down correctly.

Fixes #2708
Closes #2712
2018-07-06 09:11:35 +02:00
Daniel Stenberg
0d3eeaadb4
libssh: include line number in state change debug messages
Closes #2713
2018-07-06 09:11:20 +02:00
Daniel Stenberg
75105480dc
KNOWN_BUGS: Borland support is dropped, AIX problem is too old 2018-07-05 23:11:22 +02:00
Jeroen Ooms
74e0bde773
example/crawler.c: simple crawler based on libxml2
Closes #2706
2018-07-05 15:52:31 +02:00
Daniel Stenberg
b0e4598ff7
RELEASE-NOTES: synced 2018-07-05 09:43:35 +02:00
Daniel Stenberg
91d03fce96
DEPRECATE: include year when specifying date 2018-07-02 23:41:06 +02:00
Daniel Stenberg
9aabe91c8d
DEPRECATE: linkified 2018-07-02 13:16:09 +02:00
Daniel Stenberg
d56feb610d
DEPRECATE: mention the PR that disabled axTLS 2018-07-02 09:41:07 +02:00
Daniel Stenberg
6b919801d0
docs/DEPRECATE.md: spelling and minor formatting 2018-07-02 08:14:53 +02:00
Daniel Stenberg
f5ba9cea0c
DEPRECATE: new doc describing planned item removals
Closes #2704
2018-07-02 07:46:38 +02:00
Gisle Vanem
ab4cf99694
telnet: fix clang warnings
telnet.c(1401,28): warning: cast from function call of type 'int' to
non-matching type 'HANDLE' (aka 'void *') [-Wbad-function-cast]

Fixes #2696
Closes #2700
2018-07-01 12:45:27 +02:00
Daniel Stenberg
9679790b23 docs: fix missed option name markups 2018-06-30 18:33:07 +02:00
Gaurav Malhotra
09a72f5dd5
openssl: Remove some dead code
Closes #2698
2018-06-29 22:54:53 +02:00
Daniel Stenberg
6015cefb1b
openssl: make the requested TLS version the *minimum* wanted
The code treated the set version as the *exact* version to require in
the TLS handshake, which is not what other TLS backends do and probably
not what most people expect either.

Reported-by: Andreas Olsson
Assisted-by: Gaurav Malhotra
Fixes #2691
Closes #2694
2018-06-29 22:53:02 +02:00
Daniel Stenberg
b83e3e603f
RELEASE-NOTES: synced 2018-06-29 10:31:27 +02:00
Daniel Stenberg
08c845cfdb
openssl: allow TLS 1.3 by default
Reported-by: Andreas Olsson
Fixes #2692
Closes #2693
2018-06-29 09:15:34 +02:00