1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 09:38:54 -05:00
Commit Graph

11812 Commits

Author SHA1 Message Date
Daniel Stenberg
80e1054fe5
hyper: propagate errors back up from read callbacks
Makes test 513 work with hyper

Closes #7266
2021-06-17 08:19:31 +02:00
Viktor Szakats
2026124691
idn: fix libidn2 with windows unicode builds
Unicode Windows builds use UTF-8 strings internally in libcurl,
so make sure to call the UTF-8 flavour of the libidn2 API. Also
document that Windows builds with libidn2 and UNICODE do expect
CURLOPT_URL as an UTF-8 string.

Reported-by: dEajL3kA on github
Assisted-by: Jay Satiro
Reviewed-by: Marcel Raad
Closes #7246
Fixes #7228
2021-06-15 12:10:48 +00:00
Daniel Stenberg
b67d3ba73e
curl_url_set: reject spaces in URLs w/o CURLU_ALLOW_SPACE
They were never officially allowed and slipped in only due to sloppy
parsing. Spaces (ascii 32) should be correctly encoded (to %20) before
being part of a URL.

The new flag bit CURLU_ALLOW_SPACE when a full URL is set, makes libcurl
allow spaces.

Updated test 1560 to verify.

Closes #7073
2021-06-15 10:49:49 +02:00
Jay Satiro
c6cac5a96c http2: Clarify 'Using HTTP2' verbose message
- Change phrasing from multi-use to multiplexing since the former may
  not be as well understood.

Before: * Using HTTP2, server supports multi-use

After: * Using HTTP2, server supports multiplexing

Bug: https://github.com/curl/curl/discussions/7255
Reported-by: David Hu

Closes https://github.com/curl/curl/pull/7258
2021-06-15 03:18:45 -04:00
Jacob Hoffman-Andrews
8fa0a298c6
rustls: remove native_roots fallback
For the commandline tool, we expect to be passed
SSL_CONN_CONFIG(CAfile); for library use, the use should pass a set of
trusted roots (like in other TLS backends).

This also removes a dependency on Security.framework when building on
macOS.

Closes #7250
2021-06-14 11:01:41 +02:00
Daniel Stenberg
bbbc5de93f
netrc: skip 'macdef' definitions
Add test 494 to verify

Reported-by: Harry Sintonen
Fixes #7238
Closes #7244
2021-06-13 23:44:41 +02:00
Daniel Stenberg
77bc35901f
multi: add scan-build-6 work-around in curl_multi_fdset
scan-build-6 otherwise warns, saying: warning: The left operand of '>='
is a garbage value otherwise, which is false.

Later scan-builds don't claim this on the same code.

Closes #7248
2021-06-13 23:43:01 +02:00
Daniel Stenberg
c4b8ec495d
asyn-ares: remove check for 'data' in Curl_resolver_cancel
It implied it would survive a NULL in there which it won't. Instead do
an assert.

Pointed out by scan-build.

Closes #7248
2021-06-13 23:42:57 +02:00
Daniel Stenberg
73f52ad763
url.c: remove two variable assigns that are never read
Pointed out by scan-build

Closes #7248
2021-06-13 23:42:46 +02:00
Gealber Morales
791937b881
mqtt: add support for username and password
Minor-edits-by: Daniel Stenberg
Added test 2200 to 2205

Closes #7243
2021-06-12 23:50:13 +02:00
Daniel Stenberg
a5adf8cb14
openssl: don't remove session id entry in disassociate
When a connection is disassociated from a transfer, the Session ID entry
should remain.

Regression since 7f4a9a9 (shipped in libcurl 7.77.0)
Reported-by: Gergely Nagy
Reported-by: Paul Groke

Fixes #7222
Closes #7230
2021-06-11 12:52:55 +02:00
Daniel Stenberg
14a2ca85ec
conn_shutdown: if closed during CONNECT cleanup properly
Reported-by: Alex Xu
Reported-by: Phil E. Taylor

Fixes #7236
Closes #7237
2021-06-11 12:43:53 +02:00
Mark Swaanenburg
d293bf4a78
lib: don't compare fd to FD_SETSIZE when using poll
FD_SETSIZE is irrelevant when using poll. So ensuring that the file
descriptor is smaller than FD_SETSIZE in VALID_SOCK, can cause
multi_wait to ignore perfectly valid file descriptors and simply wait
for 1s to avoid hammering the CPU in a busy loop.

Fixes #7240
Closes #7241
2021-06-11 10:33:32 +02:00
zhangxiuhua
23eef2394c
doh: fix wrong DEBUGASSERT for doh private_data
Closes #7227
2021-06-10 16:13:13 +02:00
Daniel Stenberg
71da3f8307
configure: disable RTSP when hyper is selected
Makes test 1013 work

Closes #7209
2021-06-10 08:42:46 +02:00
Daniel Stenberg
c214a6a17b
c-hyper: abort CONNECT response reading early on non 2xx responses
Fixes test 493

Closes #7209
2021-06-10 08:42:27 +02:00
Daniel Stenberg
372361f6ca
c-hyper: fix the uploaded field in progress callbacks
Makes test 578 work

Closes #7209
2021-06-10 08:42:15 +02:00
Jun-ya Kato
a3a298da5e
ngtcp2: disable TLSv1.3 compatible mode when using GnuTLS
The latest GnuTLS-3.7.2 implements disable switch for TLSv1.3 compatible
mode for middle box but it is enabled by default, which is unnecessary
for QUIC.

Fixes #6896
Closes #7202
2021-06-08 16:10:39 +02:00
Daniel Gustafsson
1bd4b3f4e2 cookies: track expiration in jar to optimize removals
Removing expired cookies needs to be a fast operation since we want to
be able to perform it often and speculatively. By tracking the timestamp
of the next known expiration we can exit early in case the timestamp is
in the future.

Closes: #7172
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2021-06-08 09:31:19 +02:00
Daniel Stenberg
32311d2d15
c-hyper: support CURLINFO_STARTTRANSFER_TIME
Closes #7204
2021-06-07 23:54:48 +02:00
Daniel Stenberg
7de85d271a
c-hyper: support CURLOPT_HEADER
When enabled, the headers are passed to the body write callback as well.

Like in test 500

Closes #7204
2021-06-07 23:54:42 +02:00
Shikha Sharma
a0709f9951
http2_connisdead: handle trailing GOAWAY better
When checking the connection the input processing returns error
immediately, we now consider that a dead connnection.

Bug: https://curl.se/mail/lib-2021-06/0001.html
Closes #7192
2021-06-05 23:45:31 +02:00
Dmitry Karpov
4bd20889fc
ares: always store IPv6 addresses first
Trying dual-stack on some embedded platform, I noticed that quite
frequently (20%) libCurl starts from IPv4 regardless the Happy Eyeballs
timeout value.  After debugging this issue, I noticed that this happens
if c-ares resolver response for IPv6 family comes before IPv4 (which was
randomly happening in my tests).

In such cases, because libCurl puts the last resolver response on top of
the address list, when IPv4 resolver response comes after IPv6 one - the
IPv4 family starts the connection phase instead of IPv6 family.

The solution for this issue is to always put IPv6 addresses on top of
the address list, regardless the order of resolver responses.

Bug: https://curl.se/mail/lib-2021-06/0003.html

Closes #7188
2021-06-05 23:41:21 +02:00
Daniel Stenberg
0a51355556
Revert "Revert "socketpair: fix potential hangs""
This reverts commit 3e70c3430a.

Thus brings back the change from #7144 as was originally landed in
c769d1eab4

Closes #7144 (again)
2021-06-05 12:58:13 +02:00
Ebe Janchivdorj
68d388061c
schannel: move code out of SChannel_connect_step1
Reviewed-by: Marc Hoersken
Closes #7168
2021-06-04 23:16:55 +02:00
dmitrykos
e4662ad7dd
warnless: simplify type size handling
By using sizeof(T), existing defines and relying on the compiler to
define the required signed/unsigned mask.

Closes #7181
2021-06-04 15:08:10 +02:00
Gisle Vanem
1838925aac [Win32] Fix for USE_WATT32
My Watt-32 tcp/ip stack works on Windows but it does not have `WSAIoctl()`
2021-06-04 14:31:11 +02:00
Alexis Vachette
d8dcb399b8
url: bad CURLOPT_CONNECT_TO syntax now returns error
Added test 3020 to verify

Closes #7183
2021-06-04 14:08:30 +02:00
Daniel Stenberg
628ebd82b9
test269: disable for hyper
--ignore-content-length / CURLOPT_IGNORE_CONTENT_LENGTH doesn't work
with hyper.

Closes #7184
2021-06-03 23:11:11 +02:00
Alexis Vachette
cb39b4b7c4
hostip: bad CURLOPT_RESOLVE syntax now returns error
Added test 3019
Fixes #7170
Closes #7174
2021-06-03 13:53:18 +02:00
Daniel Gustafsson
002f976cdc cookies: fix typo and expand comment
Fix a typo in the sorting comment, and while in there elaborate slightly
on why creationtime can be used as a tiebreaker.
2021-06-03 13:02:09 +02:00
Daniel Gustafsson
9750bc97d8 cookies: remove unused header
Commit 1c1d9f1aff removed the last use
for the inet_pton.h headerfile, this removes the inclusion of the
header.

Closes: #7182
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2021-06-03 13:02:07 +02:00
Daniel Stenberg
3e70c3430a
Revert "socketpair: fix potential hangs"
This reverts commit c769d1eab4.

See #7144 for details
2021-06-03 12:12:16 +02:00
Paul Groke
c769d1eab4
socketpair: fix potential hangs
Fixes potential hang in accept by using select + non-blocking accept.

Fixes potential hang in peer check by replacing the send/recv check with
a getsockname/getpeername check.

Adds length check for returned sockaddr data.

Closes #7144
2021-06-03 10:03:31 +02:00
Daniel Stenberg
6793332eba
CURLE_SETOPT_OPTION_SYNTAX: new error name for wrong setopt syntax
For options that pass in lists or strings that are subsequently parsed
and must be correct. This broadens the scope for the option previously
known as CURLE_TELNET_OPTION_SYNTAX but the old name is of course still
provided as a #define for existing applications.

Closes #7175
2021-06-02 23:03:55 +02:00
Harry Sintonen
8ccf75532b
mqtt: detect illegal and too large file size
Add test 3017 and 3018 to verify.
Closes #7166
2021-06-02 13:34:17 +02:00
theawless
ee8c4f766c
define: re-add CURL_DISABLE_NTLM and corresponding ifdefs
This flag will be further exposed by adding build options.

Reverts #6809
Closes #7028
2021-06-02 08:55:00 +02:00
Daniel Stenberg
e1fcaf571f
hostip: fix 3 coverity complaints
Follow-up to 1a0ebf6632

- Check the return code to Curl_inet_pton() in two instances, even
  though we know the input is valid so the functions won't fail.

- Clear the 'struct sockaddr_in' struct before use so that the
  'sin_zero' field isn't left uninitialized.

Detected by Coverity.
Assisted-by: Harry Sintonen
Closes #7163
2021-06-01 23:24:07 +02:00
Daniel Stenberg
83036d86af
c-hyper: fix NTLM on closed connection tested with test159
Closes #7154
2021-06-01 18:03:37 +02:00
Daniel Stenberg
dddad339e8
conncache: lowercase the hash key for better match
As host names are case insensitive, the use of case sensitive hashing
caused unnecesary cache misses and therefore lost performance. This
lowercases the hash key.

Reported-by: Harry Sintonen
Fixes #7159
Closes #7161
2021-06-01 17:55:35 +02:00
Daniel Stenberg
a2b1bbeef0
mbedtls: make mbedtls_strerror always work
If the function doesn't exist, provide a macro that just clears the
error message. Removes #ifdef uses from the code.

Closes #7162
2021-06-01 17:53:44 +02:00
Daniel Stenberg
c7b93a76ea
vtls: exit addsessionid if no cache is inited
Follow-up to b249592d29

Avoids NULL pointer derefs.

Closes #7165
2021-06-01 13:40:30 +02:00
Harry Sintonen
f1cd5004b0
Curl_ntlm_core_mk_nt_hash: fix OOM in error path
Closes #7164
2021-06-01 13:38:01 +02:00
Michael Kaufmann
b249592d29 ssl: read pending close notify alert before closing the connection
This avoids a TCP reset (RST) if the server initiates a connection
shutdown by sending an SSL close notify alert and then closes the TCP
connection.

For SSL connections, usually the server announces that it will close the
connection with an SSL close notify alert. curl should read this alert.
If curl does not read this alert and just closes the connection, some
operating systems close the TCP connection with an RST flag.

See RFC 1122, section 4.2.2.13

If curl reads the close notify alert, the TCP connection is closed
normally with a FIN flag.

The new code is similar to existing code in the "SSL shutdown" function:
try to read an alert (non-blocking), and ignore any read errors.

Closes #7095
2021-06-01 09:40:40 +02:00
Laurent Dufresne
8cc1fee5b9
setopt: fix incorrect comments
Closes #7157
2021-06-01 09:35:34 +02:00
Laurent Dufresne
05e0453050
mbedtls: add support for cert and key blob options
CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB weren't usable with
mbedtls backend, so the support was added.

Closes #7157
2021-06-01 09:35:17 +02:00
Daniel Stenberg
ef1a917a11
http2: init recvbuf struct for pushed streams
Debug builds would warn that these structs were not initialized properly
for pushed streams.

Ref: #7148
Closes #7153
2021-05-31 20:41:51 +02:00
Daniel Stenberg
894c74738f
Curl_ssl_getsessionid: fail if no session cache exists
This function might get called for an easy handle for which the session
cache hasn't been setup. It now just returns a "miss" in that case.

Reported-by: Christoph M. Becker
Fixes #7148
Closes #7153
2021-05-31 20:41:40 +02:00
Daniel Stenberg
1a0ebf6632
hostip: make 'localhost' return fixed values
Resolving the case insensitive host name 'localhost' now returns the
addresses 127.0.0.1 and (if IPv6 is enabled) ::1 without using any
resolver.

This removes the risk that users accidentally resolves 'localhost' to
something else. By making sure 'localhost' is always local, we can
assume a "secure context" for such transfers (for cookies etc).

Closes #7039
2021-05-31 15:37:37 +02:00
Daniel Stenberg
1c1d9f1aff
hsts: ignore numberical IP address hosts
Also, use a single function library-wide for detecting if a given hostname is
a numerical IP address.

Reported-by: Harry Sintonen
Fixes #7146
Closes #7149
2021-05-30 19:49:40 +02:00