1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00
Commit Graph

27190 Commits

Author SHA1 Message Date
Harry Sintonen
7f4a9a9b2a
openssl: associate/detach the transfer from connection
CVE-2021-22901

Bug: https://curl.se/docs/CVE-2021-22901.html
2021-05-24 13:15:10 +02:00
Harry Sintonen
39ce47f219
telnet: check sscanf() for correct number of matches
CVE-2021-22898

Bug: https://curl.se/docs/CVE-2021-22898.html
2021-05-24 07:56:05 +02:00
Daniel Stenberg
bbb71507b7
schannel: don't use static to store selected ciphers
CVE-2021-22897

Bug: https://curl.se/docs/CVE-2021-22897.html
2021-05-24 07:56:05 +02:00
Daniel Stenberg
b03b82a85f
docs/tests: remove freenode references 2021-05-24 00:21:00 +02:00
Daniel Stenberg
9df4053f5d
RELEASE-NOTES: synced 2021-05-23 00:15:53 +02:00
Sergey Markelov
96adbf5cdb
NSS: make colons, commas and spaces valid separators in cipher list
Fixes #7110
Closes #7115
2021-05-23 00:11:30 +02:00
Daniel Stenberg
e61d8e36d2
curl: include libmetalink version in --version output
Closes #7112
2021-05-22 11:29:41 +02:00
Matias N. Goldberg
b4bed24459 cmake: Use multithreaded compilation on VS 2008+
Multithreaded compilation has been supported since at least VS 2005 and
been robustly stable since at least VS 2008

Closes https://github.com/curl/curl/pull/7109
2021-05-21 03:37:37 -04:00
Matias N. Goldberg
458a2d85f3
cmake: fix two invokes result in different curl_config.h
Fixes #7100
Closes #7101

Reviewed-by: Jakub Zakrzewski
Signed-off-by: Matias N. Goldberg <dark_sylinc@yahoo.com.ar>
2021-05-21 08:59:58 +02:00
Peng-Yu Chen
07d20f5dfa
cmake: detect CURL_SA_FAMILY_T
Fixes #7049
Closes #7065
2021-05-21 08:39:39 +02:00
Lucas Clemente Vella
84d2839740
CURLOPT_IPRESOLVE: preventing wrong IP version from being used
In some situations, it was possible that a transfer was setup to
use an specific IP version, but due do DNS caching or connection
reuse, it ended up using a different IP version from requested.

This commit changes the effect of CURLOPT_IPRESOLVE from simply
restricting address resolution to preventing the wrong connection
type being used, when choosing a connection from the pool, and
to restricting what addresses could be used when establishing
a new connection.

It is important that all addresses versions are resolved, even if
not used in that transfer in particular, because the result is
cached, and could be useful for a different transfer with a
different CURLOPT_IPRESOLVE setting.

Closes #6853
2021-05-20 16:58:31 +02:00
Oliver Urbann
ac54b10933
AmigaOS: add functions definitions for SHA256
AmiSSL replaces many functions with macros. Curl requires pointer
to some of these functions. Thus, we have to encapsulate these macros:
SHA256_Init, SHA256_Update, SHA256_Final, X509_INFO_free.

Bug: https://github.com/jens-maus/amissl/issues/15
Co-authored-by: Daniel Stenberg <daniel@haxx.se>

Closes #7099
2021-05-20 16:47:42 +02:00
Daniel Stenberg
d9eb3e316f
test2100: make it run with and require IPv6
Closes #7083
2021-05-20 08:32:43 +02:00
Daniel Stenberg
1f90d08371
tests/getpart: generate output URL encoded for better diffs
Closes #7083
2021-05-20 08:32:38 +02:00
Ryan Beck-Buysse
d845d392b5
docs/TheArtOfHttpScripting: fix markdown links
extra parens cause the links to be incorrectly formatted
and inconsistent with the rest of the document.

Signed-off-by: Ryan Beck-Buysse <rbuysse@gmail.com>
Closes #7097
2021-05-19 09:10:11 +02:00
Daniel Stenberg
3b3459eed8
RELEASE-NOTES: synced 2021-05-19 00:50:14 +02:00
Emil Engler
3d3f4efbc8
docs: replace dots with dashes in markdown enums
We use dashes instead of dots nearly everywhere except for those few
cases. This commit addresses this issues and brings more coherency into
it.

Closes #7093
2021-05-19 00:40:12 +02:00
Emil Engler
d79f8492c5
docs: improve INTERNALS.md regarding getsock cb
This adds the I/O prefix to indicate that those "actions" are kind-of
related to those found in select(2) or poll(2) (reading/writing).

It also adds a note where the prototypes of those functions can be found
in the source code.

Closes #7092
2021-05-19 00:39:06 +02:00
Emil Engler
158d26e4fc
docs: document attach in INTERNALS.md
The new field in the Curl_handler struct still lacks documentation. This
adds it it from the information extracted from lib/urldata.h:797

Closes #7091
2021-05-19 00:38:10 +02:00
Marc Aldorasi
f6b325a509
config: remove now-unused macros
Closes #7094
2021-05-19 00:36:01 +02:00
Marc Aldorasi
6c347d4f36
hostip.h: remove declaration of unimplemented function
Closes #7094
2021-05-19 00:35:55 +02:00
Daniel Stenberg
b1dded68e3
h3: add 'attach' callback to protocol handlers
Follow-up to 0c55fbab45

Reviewed-by: Emil Engler
Closes #7090
2021-05-19 00:29:09 +02:00
Daniel Stenberg
7b6d771a19
wolfssl: remove SSLv3 support leftovers
Closes #7088
2021-05-18 16:23:17 +02:00
Daniel Stenberg
93b3970ad4
curl-wolfssl.m4: without custom include path, assume /usr/include
... so that we can point out the root of the OpenSSL emulation headers.
Previously this used the '$includedir' variable which is wrong since
that defaults to the dir where the current configure invoke will install
the built libcurl headers: /usr/local by default.

Fixes #7085
Reported-by: Joel Jakobsson
Closes #7087
2021-05-18 16:22:12 +02:00
Joel Depooter
77444b84f3
data_pending: check only SECONDARY socket for FTP(S) transfers
Check the FIRST for all other protocols.

This fixes a timeout in an ftps download. The server sends a TLS
close_notify message in the same packet as the file data. The
close_notify seems to not be handled in the schannel_recv function, so
libcurl is not aware that the server has closed the connection. Thus
libcurl ends up waiting for action on the socket until a timeout is
reached. With the secondary socket check added to the data_pending
function, the close_notify is properly handled, and the ftps transfer
terminates as expected.

Fixes #7068
Closes #7069
2021-05-18 13:20:52 +02:00
Daniel Stenberg
e53a0f6833
github: inhibit deprecated declarations for clang on macOS
... as they otherwise cause ldap build errors in the CI.

Fixes #7081
Closes #7082
2021-05-17 22:45:46 +02:00
Daniel Stenberg
0c55fbab45
conn: add 'attach' to protocol handler, make libssh2 use it
The libssh2 backend has SSH session associated with the connection but
the callback context is the easy handle, so when a connection gets
attached to a transfer, the protocol handler now allows for a custom
function to get used to set things up correctly.

Reported-by: Michael O'Farrell
Fixes #6898
Closes #7078
2021-05-17 17:57:50 +02:00
Daniel Stenberg
904b27d18d
http2: make sure pause is done on HTTP
Since the function is called for any protocol, we can't assume that the
HTTP struct is there without first making sure it is HTTP.

Reported-by: Denis Goleshchikhin
Fixes #7079
Closes #7080
2021-05-17 14:44:13 +02:00
Daniel Stenberg
5dfa4c08bb
docs: cookies from HTTP headers need domain set
... or the cookies won't get sent. Push users to using the "Netscape"
format instead, which curl uses when saving a cookie "jar".

Reported-by: Martin Dorey
Reviewed-by: Daniel Gustafsson
Fixes #6723
Closes #7077
2021-05-17 10:57:03 +02:00
Daniel Stenberg
e38a826572
RELEASE-NOTES: synced 2021-05-16 23:25:45 +02:00
Daniel Stenberg
40ea52a241
github: add a workflow with libssh2 on macOS using cmake
Closes #7047
2021-05-16 23:21:12 +02:00
Daniel Stenberg
030d539164
sws: allow HTTP requests up to 2MB in size
To allow tests with slightly larger payloads. Like #7071 ...

Closes #7075
2021-05-16 12:56:34 +02:00
Marc Hoersken
8d13ab4c61 CI/azure: increase verbosity and fix outdated task names
Closes #7063
2021-05-16 11:23:59 +02:00
Marc Hoersken
af97a8f232 CI/cirrus: add shared and static Windows release builds
Azure Pipelines is currently being used for debug builds,
let's also run some non-debug (release) Windows builds and
make use of previously underutilized Cirrus CI for that.

Reviewed-by: Marcel Raad

Closes #6991
2021-05-16 11:23:47 +02:00
Daniel Stenberg
fe5a61c007
CURLOPT_CAPATH.3: defaults to a path, not NULL
Reported-by: Andrew Barnert

Closes #7062
2021-05-16 00:50:27 +02:00
Jacob Hoffman-Andrews
c3eefa95c3
c-hyper: handle body on HYPER_TASK_EMPTY
Some of the time, we get a HYPER_TASK_EMPTY response before the status
line, headers, and body have been read. Previously, that would cause us
to poll again, leading to a 1 second timeout.

The HYPER_TASK_EMPTY docs say:

   The value of this task is null (does not imply an error).

So, if we receive a HYPER_TASK_EMPTY, continue on with processing the
response.

Reported-by: Kevin Burke
Fixes #7064
Closes #7070
2021-05-16 00:48:14 +02:00
Ikko Ashimine
b09944b3ae
tool_getparam: fix comment typo in tool_getparam.c
enfore -> enforce

Closes #7074
2021-05-15 23:33:30 +02:00
Daniel Stenberg
e35d7c0492
mem-include-scan.pl: require a non-word letter before memory funcs
... so that ldap_memfree() for example doesn't match the scan for free.

Closes #7061
2021-05-15 17:47:37 +02:00
Daniel Stenberg
acf91ff75e
version: free the openldap info correctly
... to avoid memory leaks.

Follow-up to: bf0feae776
Closes #7061
2021-05-15 17:47:35 +02:00
Daniel Stenberg
19291f7fb4
dupset: remove totally off comment
Closes #7067
2021-05-15 17:07:06 +02:00
Daniel Stenberg
dae382a1a1
configure: if asked for, fail if ldap is not found
Reported-by: Jakub Zakrzewski
Fixes #7053
Closes #7055
2021-05-13 11:52:17 +02:00
Daniel Stenberg
bf0feae776
version: add OpenLDAP version in the output
Assisted-by: Howard Chu
Closes #7054
2021-05-13 11:51:02 +02:00
Joel Depooter
ba3452cafc schannel: Ensure the security context request flags are always set
As of commit 54e7475, these flags would only be set when using a new
credential handle. When re-using an existing credential handle, the
flags would not be set.

Closes https://github.com/curl/curl/pull/7051
2021-05-13 03:07:21 -04:00
Dan Fandrich
56cf2de5ac tests: Fix some tag matching issues in a number of tests 2021-05-12 01:17:16 -07:00
Daniel Stenberg
a9bc819c89
sasl: use 'unsigned short' to store mechanism
... saves a few bytes of struct size in memory and it only uses
10 bits anyway.

Closes #7045
2021-05-12 00:16:52 +02:00
Daniel Stenberg
fa050ffd27
hostip: remove the debug code for LocalHost
The Curl_resolv() had special code (when built in debug mode) for when
resolving the host name "LocalHost" (using that exact casing). It would
then get the host name from the --interface option instead.

This development-only feature was not used by anything (anymore) and we
have the --resolve feature if we want to play similar tricks properly
going forward.

Closes #7044
2021-05-11 16:33:20 +02:00
Daniel Stenberg
1a20689a56
progress: reset limit_size variables at transfer start
Otherwise the old value would linger from a previous use and would mess
up the network speed cap logic.

Reported-by: Ymir1711 on github

Fixes #7042
Closes #7043
2021-05-11 16:32:11 +02:00
Daniel Stenberg
3b6b1afab9
RELEASE-NOTES: synced 2021-05-11 09:00:57 +02:00
Daniel Gustafsson
24c71d62ee
cookies: use CURLcode for cookie_output reporting
Writing the cookie file has multiple error conditions, and was using an
int with magic numbers to report the different error (which in turn were
disregarded anyways). This moves reporting to use a CURLcode value.

Lightly-touched-by: Daniel Stenberg

Closes #7037
Closes #6749
2021-05-11 08:49:00 +02:00
Daniel Gustafsson
98888e6070
cookies: make use of string duplication function
strstore() is defined as a strdup which ensures to free the target
pointer before duping the source char * into it. Make use of it in
two more cases where it can simplify the code.
2021-05-11 08:45:17 +02:00