1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 06:25:03 -05:00
Commit Graph

828 Commits

Author SHA1 Message Date
Daniel Stenberg
302d125b42
axtls: removed
As has been outlined in the DEPRECATE.md document, the axTLS code has
been disabled for 6 months and is hereby removed.

Use a better supported TLS library!

Assisted-by: Daniel Gustafsson
Closes #3194
2018-11-01 10:29:53 +01:00
Daniel Stenberg
25d287d1e5
configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T
Follow-up to #3166 which did the cmake part of this. This type/define is
not used.

Closes #3168
2018-10-25 13:18:23 +02:00
Viktor Szakats
efc696a2e0 docs/examples: URL updates
- also update two URLs outside of docs/examples
- fix spelling of filename persistant.c
- fix three long lines that started failing checksrc.pl

Closes https://github.com/curl/curl/pull/3036
2018-09-23 09:23:29 +00:00
Viktor Szakats
f078361c0e URL and mailmap updates, remove an obsolete directory [ci skip]
Closes https://github.com/curl/curl/pull/3031
2018-09-22 07:58:32 +00:00
Daniel Stenberg
6f0afb842c
configure: force-use -lpthreads on HPUX
When trying to detect pthreads use on HPUX the checks will succeed
without the correct -l option but then end up failing at run-time.

Reported-by: Eason-Yu on github
Fixes #2697
Closes #3025
2018-09-21 22:55:32 +02:00
Yiming Jing
31ba404a9c
configure.ac: add a MesaLink vtls backend 2018-09-13 08:26:23 +02:00
Philipp Waehnert
6684653b68
configure: add option to disable automatic OpenSSL config loading
Sometimes it may be considered a security risk to load an external
OpenSSL configuration automatically inside curl_global_init(). The
configuration option --disable-ssl-auto-load-config disables this
automatism. The Windows build scripts winbuild/Makefile.vs provide a
corresponding option ENABLE_SSL_AUTO_LOAD_CONFIG accepting a boolean
value.

Setting neither of these options corresponds to the previous behavior
loading the external OpenSSL configuration automatically.

Fixes #2724
Closes #2791
2018-09-07 09:38:33 +02:00
Marcel Raad
d5c0351055
configure: conditionally enable pedantic-errors
Enable pedantic-errors for GCC >= 5 with --enable-werror. Before GCC 5,
pedantic-errors was synonymous to -Werror=pedantic [0], which is still
the case for clang [1]. With GCC 5, it became complementary [2].

Also fix a resulting error in acinclude.m4 as main's return type was
missing, which is illegal in C99.

[0] https://gcc.gnu.org/onlinedocs/gcc-4.9.0/gcc/Warning-Options.html
[1] https://clang.llvm.org/docs/UsersManual.html#options-to-control-error-and-warning-messages
[2] https://gcc.gnu.org/onlinedocs/gcc-5.1.0/gcc/Warning-Options.html

Closes https://github.com/curl/curl/pull/2747
2018-08-21 18:53:44 +02:00
Daniel Stenberg
3668d9d762
configure: fix for -lpthread detection with OpenSSL and pkg-config
... by making sure it uses the -I provided by pkg-config!

Reported-by: pszemus on github
Fixes #2848
Closes #2850
2018-08-09 12:06:28 +02:00
Daniel Stenberg
a10c974e1a
configure: remove CURL_CHECK_NI_WITHSCOPEID too
Since it isn't used either and requires the getnameinfo check

Follow-up to 0aeca41702
2018-06-27 13:53:26 +02:00
Daniel Stenberg
0aeca41702
getnameinfo: not used
Closes #2687
2018-06-27 13:49:18 +02:00
Max Dymond
b0a365f8a0
configure: Add dependent libraries after crypto
The linker is pretty dumb and processes things left to right, keeping a
tally of symbols it hasn't resolved yet. So, we need -ldl to appear
after -lcrypto otherwise the linker won't find the dl functions.

Closes #2684
2018-06-27 08:56:23 +01:00
Daniel Stenberg
351dabbf3d
configure: enhance ability to detect/build with static openssl
Fix the -ldl and -ldl + -lpthread checks for OpenSSL, necessary for
building with static libs without pkg-config.

Reported-by: Marcel Raad
Fixes #2199
Closes #2659
2018-06-14 23:08:04 +02:00
Daniel Stenberg
38203f1585
openssl: assume engine support in 1.0.1 or later
Previously it was checked for in configure/cmake, but that would then
leave other build systems built without engine support.

While engine support probably existed prior to 1.0.1, I decided to play
safe. If someone experience a problem with this, we can widen the
version check.

Fixes #2641
Closes #2644
2018-06-11 10:20:18 +02:00
Daniel Stenberg
a115c6bbe7
fnmatch: use the system one if available
If configure detects fnmatch to be available, use that instead of our
custom one for FTP wildcard pattern matching. For standard compliance,
to reduce our footprint and to use already well tested and well
exercised code.

A POSIX fnmatch behaves slightly different than the internal function
for a few test patterns currently and the macOS one yet slightly
different. Test case 1307 is adjusted for these differences.

Closes #2626
2018-06-01 12:29:21 +02:00
Bernhard Walle
9c33813d83
configure: check for declaration of getpwuid_r
On our x86 Android toolchain, getpwuid_r is implemented but the header
is missing:

 netrc.c:81:7: error: implicit declaration of function 'getpwuid_r' [-Werror=implicit-function-declaration]

Unfortunately, the function is used in curl_ntlm_wb.c, too, so I moved
the prototype to curl_setup.h.

Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
Closes #2609
2018-05-31 12:51:15 +02:00
Daniel Stenberg
5005ade2ce
configure: override AR_FLAGS to silence warning
The automake default ar flags are 'cru', but the 'u' flag in there
causes warnings on many modern Linux distros. Removing 'u' may have a
minor performance impact on older distros but should not cause harm.

Explained on the automake mailing list already back in April 2015:

https://www.mail-archive.com/automake-patches@gnu.org/msg07705.html

Reported-by: elephoenix on github
Fixes #2617
Closes #2619
2018-05-29 15:41:14 +02:00
Fabrice Fontaine
536e9f8289
configure: fix ssh2 linking when built with a static mbedtls
The ssh2 pkg-config file could contain the following lines when build
with a static version of mbedtls:
   Libs: -L${libdir} -lssh2 /xxx/libmbedcrypto.a
   Libs.private: /xxx/libmbedcrypto.a

This static mbedtls library must be used to correctly detect ssh2
support and this library must be copied in libcurl.pc otherwise
compilation of any application (such as upmpdcli) with libcurl will fail
when trying to found mbedtls functions included in libssh2.  So, replace
pkg-config --libs-only-l by pkg-config --libs.

Fixes:
 - http://autobuild.buildroot.net/results/43e24b22a77f616d6198c10435dcc23cc3b9088a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Closes #2613
2018-05-28 20:31:20 +02:00
Daniel Stenberg
d353af0014
configure: add basic test of --with-ssl prefix
When given a prefix, the $PREFIX_OPENSSL/lib/openssl.pc or
$PREFIX_OPENSSL/include/openssl/ssl.h files must be present or cause an
error. Helps users detect when giving configure the wrong path.

Reported-by: Oleg Pudeyev
Assisted-by: Per Malmberg
Fixes #2580
2018-05-23 23:51:52 +02:00
Daniel Stenberg
6876ccf90b
configure: compile-time SIZEOF checks
... instead of exeucting code to get the size. Removes the use of
LD_LIBRARY_PATH for this.

Fixes #2586
Closes #2589
Reported-by: Bernhard Walle
2018-05-21 19:57:27 +02:00
Daniel Stenberg
082bb41311
configure: only check for CA bundle for file-using SSL backends
When only building with SSL backends that don't use the CA bundle file
(by default), skip the check.

Fixes #2543
Fixes #2180
Closes #2545
2018-05-03 22:51:38 +02:00
Daniel Stenberg
521dbfc6e6
configure: provide --with-wolfssl as an alias for --with-cyassl 2018-04-26 07:57:19 +02:00
Daniel Stenberg
2d4c2152c9
configure: keep LD_LIBRARY_PATH changes local
... only set it when we actually have to run tests to reduce its impact
on for example build commands etc.

Fixes #2490
Closes #2492

Reported-by: Dmitry Mikhirev
2018-04-16 20:32:17 +02:00
Daniel Stenberg
4e884615d1
configure: detect sa_family_t 2018-04-07 11:18:57 +02:00
Kamil Dudka
1605d93a7b nss: use PK11_CreateManagedGenericObject() if available
... so that the memory allocated by applications using libcurl does not
grow per each TLS connection.

Bug: https://bugzilla.redhat.com/1510247

Closes #2297
2018-02-15 10:18:34 +01:00
Daniel Stenberg
9a230ba419
configure: fix the check for unsigned time_t
Assign the time_t variable negative value and then check if it is
greater than zero, which will evaluate true for unsigned time_t but
false for signed time_t.
2018-01-25 22:32:57 +01:00
Daniel Stenberg
1c39128d97
parsedate: fix date parsing for systems with 32 bit long
Make curl_getdate() handle dates before 1970 as well (returning negative
values).

Make test 517 test dates for 64 bit time_t.

This fixes bug (3) mentioned in #2238

Closes #2250
2018-01-25 22:20:52 +01:00
Dan Johnson
0616dfa1e0
configure.ac: append extra linker flags instead of prepending them.
Link order should list libraries after the libraries that use them,
so when we're guessing that we might also need to add -ldl in order
to use -lssl, we should add -ldl after -lssl.

Closes https://github.com/curl/curl/pull/2234
2018-01-13 10:46:57 +01:00
Jay Satiro
908a9a6742 build: remove HAVE_LIMITS_H check
.. because limits.h presence isn't optional, it's required by C89.

Ref: http://port70.net/~nsz/c/c89/c89-draft.html#2.2.4.2

Closes https://github.com/curl/curl/pull/2215
2018-01-05 23:34:30 -05:00
Michael Kaufmann
188a43a8fd libssh: fix a syntax error in configure.ac
Follow-up to c92d2e1

Closes #2172
2017-12-12 17:46:24 +01:00
Michael Felt
ebaab4d17d
configure: add AX_CODE_COVERAGE only if using gcc
Fixes #2076
Closes #2125
2017-12-08 15:26:44 +01:00
Randall S. Becker
76ebd54175
configure: check for netinet/in6.h
Needed by HPE NonStop NSE and NSX systems

Fixes #2146
Closes #2155
2017-12-06 00:19:09 +01:00
Daniel Stenberg
0c65678e71
curl-config: add --ssl-backends
Lists all SSL backends that were enabled at build-time.

Suggested-by: Oleg Pudeyev
Fixes #2128
2017-12-06 00:12:48 +01:00
Nikos Mavrogiannopoulos
a2f3966800
libssh: added SFTP support
The SFTP back-end supports asynchronous reading only, limited
to 32-bit file length. Writing is synchronous with no other
limitations.

This also brings keyboard-interactive authentication.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-12-01 17:38:37 +01:00
Nikos Mavrogiannopoulos
c92d2e14cf
Added support for libssh SSH SCP back-end
libssh is an alternative library to libssh2.
https://www.libssh.org/

That patch set also introduces support for ECDSA
ed25519 keys, as well as gssapi authentication.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2017-12-01 17:35:14 +01:00
Alessandro Ghedini
979b012eeb
connect: add support for new TCP Fast Open API on Linux
The new API added in Linux 4.11 only requires setting a socket option
before connecting, without the whole sento() machinery.

Notably, this makes it possible to use TFO with SSL connections on Linux
as well, without the need to mess around with OpenSSL (or whatever other
SSL library) internals.

Closes #2056
2017-11-24 10:49:59 +01:00
Patrick Monnerat
11bf1796cd HTTP: implement Brotli content encoding
This uses the brotli external library (https://github.com/google/brotli).
Brotli becomes a feature: additional curl_version_info() bit and
structure fields are provided for it and CURLVERSION_NOW bumped.

Tests 314 and 315 check Brotli content unencoding with correct and
erroneous data.

Some tests are updated to accomodate with the now configuration dependent
parameters of the Accept-Encoding header.
2017-11-05 15:28:16 +01:00
Dmitri Tikhonov
d531f33ba2 timeval: use mach time on MacOS
If clock_gettime() is not supported, use mach_absolute_time() on MacOS.

closes #2033
2017-10-30 15:27:46 +01:00
Daniel Stenberg
4af3c777a9
configure: remove the C++ compiler check
... we used it only for the fuzzer, which we now have in a separate git
repo.

Closes #1990
2017-10-14 17:30:42 +02:00
Daniel Stenberg
62a721ea47
openssl: enable PKCS12 support for !BoringSSL
Enable PKCS12 for all non-boringssl builds without relying on configure
or cmake checks.

Bug: https://curl.haxx.se/mail/lib-2017-10/0007.html
Reported-by: Christian Schmitz
Closes #1948
2017-10-09 11:29:53 +02:00
Max Dymond
4f38db1d28
fuzzer: move to using external curl-fuzzer
Use the external curl-fuzzer repository for fuzzing.

Closes #1923
2017-10-04 15:33:36 +02:00
Isaac Boukris
56d949d31a
tests: add initial gssapi test using stub implementation
The stub implementation is pre-loaded using LD_PRELOAD
and emulates common gssapi uses (only builds if curl is
initially built with gssapi support).

The initial tests are currently disabled for debug builds
as LD_PRELOAD is not used then.

Ref: https://github.com/curl/curl/pull/1687
2017-09-15 14:09:08 +02:00
Daniel Stenberg
1ae2704d6e
configure: check for C++ compiler after C, to make it non-fatal
The tests for object file/executable file extensions are presumably only
done for the first of these macros in the configure file.

Bug: https://github.com/curl/curl/pull/1851#issuecomment-327597515
Reported-by: Marcel Raad
Closes #1873
2017-09-07 20:36:56 +02:00
Jay Satiro
3dab9f6c71 configure: fix curl_off_t check's include order
- Prepend srcdir include path instead of append.

Prior to this change it was possible that during the check for the size
of curl_off_t the include path of a user's already installed curl could
come before the include path of the to-be-built curl, resulting in the
system.h of the former being incorrectly included for that check.

Closes https://github.com/curl/curl/pull/1870
2017-09-07 13:36:35 -04:00
Daniel Stenberg
d1da545a68
configure: remove --enable-soname-bump and SONAME_BUMP
Back in 2008, (and commit 3f3d6ebe66) we changed the logic in how we
determine the native type for `curl_off_t`. To really make sure we
didn't break ABI without bumping SONAME, we introduced logic that
attempted to detect that it would use a different size and thus not be
compatible. We also provided a manual switch that allowed users to tell
configure to bump SONAME by force.

Today, we know of no one who ever got a SONAME bump auto-detected and we
don't know of anyone who's using the manual bump feature. The auto-
detection is also no longer working since we introduced defining
curl_off_t in system.h (7.55.0).

Finally, this bumping logic is not present in the cmake build.

Closes #1861
2017-09-06 08:43:36 +02:00
Daniel Stenberg
889723b004
configure: add MultiSSL to FEATURES when enabled
...for curl-config and its corresponding test 1014
2017-09-05 10:45:09 +02:00
Max Dymond
57001ce3bb ossfuzz: Move to C++ for curl_fuzzer.
Automake gets confused if you want to use C++ static libraries with C
code - basically we need to involve the clang++ linker. The easiest way
of achieving this is to rename the C code as C++ code. This gets us a
bit further along the path and ought to be compatible with Google's
version of clang.
2017-09-02 11:07:55 +02:00
Max Dymond
efeb4a3176
ossfuzz: moving towards the ideal integration
- Start with the basic code from the ossfuzz project.
- Rewrite fuzz corpora to be binary files full of Type-Length-Value
  data, and write a glue layer in the fuzzing function to convert
  corpora into CURL options.
- Have supporting functions to generate corpora from existing tests
- Integrate with Makefile.am
2017-09-01 11:22:51 +02:00
Daniel Stenberg
5fbb494292
configure: remove the leading comma from the backends list
... when darwinssl is used.

Reported-by: Viktor Szakats
Bug: b0989cd3ab (commitcomment-23943493)

Closes #1845
2017-08-31 00:51:11 +02:00
Johannes Schindelin
a330bab353
configure: Handle "MultiSSL" specially When versioning symbols
There is a mode in which libcurl is compiled with versioned symbols,
depending on the active SSL backend.

When multiple SSL backends are active, it does not make sense to favor
one over the others, so let's not: introduce a new prefix for the case
where multiple SSL backends are compiled into cURL.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28 23:01:17 +02:00
Johannes Schindelin
c7170e20d0
configure: allow setting the default SSL backend
Previously, we used as default SSL backend whatever was first in the
`available_backends` array.

However, some users may want to override that default without patching
the source code.

Now they can: with the --with-default-ssl-backend=<backend> option of
the ./configure script.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28 22:56:50 +02:00
Johannes Schindelin
9d96a5f0b5
version: add the CURL_VERSION_MULTI_SSL feature flag
This new feature flag reports When cURL was built with multiple SSL
backends.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28 22:56:49 +02:00
Johannes Schindelin
b0989cd3ab
vtls: allow selecting which SSL backend to use at runtime
When building software for the masses, it is sometimes not possible to
decide for all users which SSL backend is appropriate.

Git for Windows, for example,  uses cURL to perform clones, fetches and
pushes via HTTPS, and some users strongly prefer OpenSSL, while other
users really need to use Secure Channel because it offers
enterprise-ready tools to manage credentials via Windows' Credential
Store.

The current Git for Windows versions use the ugly work-around of
building libcurl once with OpenSSL support and once with Secure Channel
support, and switching out the binaries in the installer depending on
the user's choice.

Needless to say, this is a super ugly workaround that actually only
works in some cases: Git for Windows also comes in a portable form, and
in a form intended for third-party applications requiring Git
functionality, in which cases this "swap out libcurl-4.dll" simply is
not an option.

Therefore, the Git for Windows project has a vested interest in teaching
cURL to make the SSL backend a *runtime* option.

This patch makes that possible.

By running ./configure with multiple --with-<backend> options, cURL will
be built with multiple backends.

For the moment, the backend can be configured using the environment
variable CURL_SSL_BACKEND (valid values are e.g. "openssl" and
"schannel").

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28 14:56:58 +02:00
Daniel Stenberg
6b9bc5a4fe
CURL_SIZEOF_LONG: removed, use only SIZEOF_LONG 2017-08-17 10:27:00 +02:00
Daniel Stenberg
80d9e35598
system.h: remove all CURL_SIZEOF_* defines
... as they're not used externally and internally we check for the sizes
already in configure etc.

Closes #1767
2017-08-17 10:26:53 +02:00
Nick Zitzmann
870d849d48 configure: check for __builtin_available() availability (#1788)
This change does two things:
1. It un-breaks the build in Xcode 9.0. (Xcode 9.0 is currently
   failing trying to compile connectx() in lib/connect.c.)
2. It finally weak-links the connectx() function, and falls back on
   connect() when run on older operating systems.
2017-08-16 12:24:39 -05:00
Daniel Stenberg
d86e9182e4
configure: use the threaded resolver backend by default if possible
Closes #1647
2017-08-10 15:07:43 +02:00
Jeremy Tan
f262b3586c configure: fix the check for IdnToUnicode
Fixes #1669
Closes #1713
2017-08-01 01:04:45 +02:00
Daniel Stenberg
909a5bee81 configure: remove checks for 5 functions never used
fork, getprotobyname, inet_addr, perror, uname

closes #1638
2017-07-04 11:32:25 +02:00
Daniel Stenberg
3a283968f4 configure: disable nghttp2 too if HTTP has been disabled 2017-06-16 00:03:03 +02:00
Frederik B
fd3aa8da0a fuzz: corpora file structure, initial commit 2017-06-15 22:11:40 +02:00
Daniel Stenberg
73a2fcea0b includes: remove curl/curlbuild.h and curl/curlrules.h
Rely entirely on curl/system.h now.

Introduced in Aug 2008 with commit 14240e9e10. Now gone.

Fixes #1456
2017-06-14 11:07:33 +02:00
Daniel Stenberg
f6dff827d3 configure: update the copyright year in the output 2017-06-12 08:42:30 +02:00
Chris Carlmar
165b7f5099 configure: fix link with librtmp when specifying path
Bug: https://curl.haxx.se/mail/lib-2017-06/0017.html
2017-06-07 23:34:24 +02:00
Daniel Stenberg
f6e0f4556e build: provide easy code coverage measuring
Closes #1528
2017-06-02 13:15:06 +02:00
Dan Fandrich
4da846a41e tool_operate: use utimes instead of obsolescent utime when available 2017-04-27 22:34:12 +02:00
Jay Satiro
338f427a24 configure: stop prepending to LDFLAGS, CPPFLAGS
- Change prepends to appends because user's LDFLAGS and CPPFLAGS should
  always come first so they're searched before ours.

Bug: https://github.com/curl/curl/issues/1420
Reported-by: Helmut K. C. Tessarek
2017-04-25 03:25:41 -04:00
Daniel Stenberg
c68fed8751 configure: fix the -ldl check for openssl, add -lpthread check
The check for if -ldl is needed to build with (a statically built)
openssl was broken. This repairs the check, and adds a check for
-lpthread as well since OpenSSL 1.1.0+ does in fact require -lpthread so
only adding -ldl for a static openssl build is no longer enough.

Reported-by: Jay Satiro
Ref: #1426
Closes #1427
2017-04-24 09:06:12 +02:00
Marcel Raad
5cefe201e9
configure.ac: ignore CR after version numbers
Ignore everything after the version numbers in LIBCURL_VERSION and
LIBCURL_VERSION_NUM to ged rid of the extra CR character.
This makes tests 1022 and 1023 pass on Linux with a CRLF checkout.

Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
Closes https://github.com/curl/curl/pull/1422
2017-04-17 08:32:45 +02:00
Greg Rowe
6fc91f6d3a configure: fix --with-zlib when a path is specified
Prior to this change if you attempted to configure curl using
--wtih-zlib and specified a path the path would be ignored if you also
had pkg-config installed on your system.  This situation can easily
arise when you are cross compiling.  This change moves the test for
detecting zlib settings via pkg-config only if OPT_ZLIB is not set.

Closes https://github.com/curl/curl/pull/1292
2017-03-03 02:53:35 -05:00
Jay Satiro
5f139d6b6f configure: fix for --enable-pthreads
Better handle options conflicts that can occur if --enable-pthreads.

Bug: https://github.com/curl/curl/pull/1295
Reported-by: Marc-Antoine Perennou
2017-03-02 02:43:10 -05:00
Jay Satiro
c1071283e8 configure: Allow disabling pthreads, fall back on Win32 threads
When the threaded resolver option is specified for configure the default
thread library is pthreads. This change makes it possible to
--disable-pthreads and then configure can fall back on Win32 threads for
native Windows builds.

Closes https://github.com/curl/curl/pull/1260
2017-02-14 02:36:20 -05:00
Marcus Hoffmann
7ba8020c46 gnutls: check for alpn and ocsp in configure
Check for presence of gnutls_alpn_* and gnutls_ocsp_* functions during
configure instead of relying on the version number.  GnuTLS has options
to turn these features off and we ca just work with with such builds
like we work with older versions.

Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com>

Closes #1204
2017-01-13 09:54:55 +01:00
Daniel Stenberg
0bc24d6f9d configure: accept --with-libidn2 instead
... which the help text already implied since we switched to libidn2
from libidn in commit 9c91ec7781 back in October 2016.

Reported-by: Christian Weisgerber
Bug: https://curl.haxx.se/mail/lib-2016-12/0110.html
2016-12-25 01:14:55 +01:00
Daniel Stenberg
a8ab99766f cmdline-opts: include the man page split up files in the dist 2016-12-17 00:23:04 +01:00
Okhin Vasilij
a4b2f7aafd curl_version_info: add CURL_VERSION_HTTPS_PROXY
Closes #1142
2016-11-26 17:28:53 +01:00
Daniel Stenberg
f9de7c405f openssl: RAND_status always exists in OpenSSL >= 0.9.7
and remove RAND_screen from configure since nothing is using that
function
2016-11-11 13:44:09 +01:00
Daniel Stenberg
9c91ec7781 idn: switch to libidn2 use and IDNA2008 support
CVE-2016-8625

Bug: https://curl.haxx.se/docs/adv_20161102K.html
Reported-by: Christian Heimes
2016-10-31 08:46:35 +01:00
Daniel Stenberg
4f8d0b6f02 configure: set min version flags for builds on mac
This helps building binaries that can work on multiple macOS versions.

Help-by: Martin Storsjö

Fixes #1069
2016-10-20 10:17:04 +02:00
Daniel Stenberg
0f1996321f s/cURL/curl
The tool was never called cURL, only the project. But even so, we have
more and more over time switched to just use lower case.
2016-10-18 13:59:54 +02:00
Dan Fandrich
1e7b79731b configure: Fixed builds with libssh2 in a custom location
A libssh2 library in the standard system location was being used in
preference to the desired one while linking.
2016-09-24 08:52:01 +02:00
Daniel Stenberg
de71e68000 openssl: don’t call CRYTPO_cleanup_all_ex_data
The OpenSSL function CRYTPO_cleanup_all_ex_data() cannot be called
multiple times without crashing - and other libs might call it! We
basically cannot call it without risking a crash. The function is a
no-op since OpenSSL 1.1.0.

Not calling this function only risks a small memory leak with OpenSSL <
1.1.0.

Bug: https://curl.haxx.se/mail/lib-2016-09/0045.html
Reported-by: Todd Short
2016-09-19 11:33:14 +02:00
Nick Zitzmann
d086b2394c configure: change "iOS/Mac OS X native" to "Apple OS native"
Since I first wrote that text, Apple introduced tvOS and watchOS, and renamed "Mac OS X" to "macOS." Let's make the text a little more inclusive, since curl can be built for all four operating systems.
2016-09-18 14:50:17 -05:00
Daniel Stenberg
a71c9d4c40 configure: detect zlib with our pkg-config macros
... instead of relying on the pkg-config autoconf macros to be present.

Fixes #972 (again...)
2016-08-25 08:47:43 +02:00
Daniel Stenberg
95ded2c569 configure: make it work without PKG_CHECK_MODULES
With commit c2f9b78 we added a new dependency on pkg-config for
developers which may be unwanted. This change make the configure script
still work as before if pkg-config isn't installed, it'll just use the
old zlib detection logic without pkg-config.

Reported-by: Marc Hörsken

Fixes #972
2016-08-21 23:34:48 +02:00
Marc Hoersken
8f7f5a8b06 configure.ac: add missing quotes to PKG_CHECK_MODULES 2016-08-20 19:49:51 +02:00
Dambaev Alexander
c2f9b78afe configure.ac: add zlib search with pkg-config
Closes #956
2016-08-12 08:22:58 +02:00
Bill Nagel
497e7c9d34 mbedtls: Added support for NTLM 2016-08-03 19:33:59 +01:00
Daniel Stenberg
91697d22a8 configure: don't specify .lib for libs on windows
Another follow up for crypt32.lib linking with winssl
2016-06-22 14:23:46 +02:00
Daniel Stenberg
5c24fc7768 configure: fix winssl LIBS change typo
follow-up from 120bf29e
2016-06-22 13:50:56 +02:00
Daniel Stenberg
120bf29ef2 configure: add crypt32.lib for winssl builds
Necessary since 6cabd78531
2016-06-22 11:57:25 +02:00
Irfan Adilovic
4b639dbc74 configure: ac_cv_ -> curl_cv_ for r/w vars
These configure vars are modified in a curl-specific way and modified by
the configure process, but are never loaded from cache, even though they
are designated as _cv_. We should implement proper AC_CACHE_CHECKs for
them eventually.
2016-04-21 23:08:28 +02:00
Irfan Adilovic
14c8b45528 configure: ac_cv_ -> curl_cv_ for all cached vars
This was automated by:

sed -b -i -f <(ack -A1 AC_CACHE_CHECK | \
               ack -o 'ac_cv_.*?\b' | \
               sort -u | xargs -n1 bash -c \
                    'echo "s/$0/curl_cv_${0#ac_cv_}/g"') \
    $(git ls-files)

This only changed the prefix for 16 variables actually checked with
AC_CACHE_CHECK.
2016-04-21 23:08:28 +02:00
Daniel Stenberg
fb823d24f1 configure: remove check for libresolve
'strncasecmp' was once provided by libresolv (no trailing e) for SunOS,
but this check is broken and most likely adds nothing useful. Removing
now.

Reported-by: Irfan Adilovic

Discussed in #770
2016-04-18 15:53:24 +02:00
Jay Satiro
7921628714 wolfssl: Use ECC supported curves extension
https://github.com/wolfSSL/wolfssl/issues/366
2016-03-29 19:06:55 -04:00
Jay Satiro
a43b22e05b wolfssl: Add ALPN support 2016-03-28 18:18:09 -04:00
Jay Satiro
3ae77f079a configure: warn on invalid ca bundle or path
- Warn if --with-ca-bundle file does not exist.

- Warn if --with-ca-path directory does not contain certificates.

- Improve help messages for both.

Example configure output:

  ca cert bundle:   /some/file   (warning: certs not found)
  ca cert path:     /some/dir   (warning: certs not found)

Bug: https://github.com/curl/curl/issues/404
Reported-by: Jeffrey Walton
2016-02-25 01:55:38 -05:00
Daniel Stenberg
6b64d735cd configure: state "BoringSSL" in summary when that was detected 2016-02-09 08:46:36 +01:00
David Benjamin
39c803cba2 openssl: remove most BoringSSL #ifdefs.
As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of
BoringSSL #ifdefs in cURL should be unnecessary:

- BoringSSL provides no-op stubs for compatibility which replaces most
  #ifdefs.

- DES_set_odd_parity has been in BoringSSL for nearly a year now. Remove
  the compatibility codepath.

- With a small tweak to an extend_key_56_to_64 call, the NTLM code
  builds fine.

- Switch OCSP-related #ifdefs to the more generally useful
  OPENSSL_NO_OCSP.

The only #ifdefs which remain are Curl_ossl_version and the #undefs to
work around OpenSSL and wincrypt.h name conflicts. (BoringSSL leaves
that to the consumer. The in-header workaround makes things sensitive to
include order.)

This change errs on the side of removing conditionals despite many of
the restored codepaths being no-ops. (BoringSSL generally adds no-op
compatibility stubs when possible. OPENSSL_VERSION_NUMBER #ifdefs are
bad enough!)

Closes #640
2016-02-09 08:46:36 +01:00
Ludwig Nussel
7b55279d1d configure: --with-ca-fallback: use built-in TLS CA fallback
When trying to verify a peer without having any root CA certificates
set, this makes libcurl use the TLS library's built in default as
fallback.

Closes #569
2016-02-08 14:45:58 +01:00