1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 16:48:49 -05:00
Commit Graph

20977 Commits

Author SHA1 Message Date
Daniel Stenberg
a409b4b466 CURLMOPT_PIPELINING.3: extended and clarified
Especially in regards to the multiplexing part.
2016-09-01 14:08:01 +02:00
Steve Holme
ef5d3facd5 curl_sspi.c: Updated function description comments
* Added description to Curl_sspi_free_identity()
* Added parameter and return explanations to Curl_sspi_global_init()
* Added parameter explaination to Curl_sspi_global_cleanup()
2016-08-31 11:57:28 +01:00
Steve Holme
dafef391f7 README: Corrected the supported Visual Studio versions
Missed from commit 8356022d17.
2016-08-31 11:34:50 +01:00
Steve Holme
7c6c2194b8 KNOWN_BUGS: Move the Visual Studio project shortcomings from local README 2016-08-31 11:33:22 +01:00
Steve Holme
088ffcba3e KNOWN_BUGS: Expand 6.4 to include Kerberos V5
...and discuss a possible solution.
2016-08-31 11:22:12 +01:00
Daniel Stenberg
c69cafe7e2 connect: fix #ifdefs for debug versions of conn/streamclose() macros
CURLDEBUG is for the memory debugging

DEBUGBUILD is for the extra debug stuff

Pointed-out-by: Steve Holme
2016-08-30 23:38:06 +02:00
Daniel Stenberg
b73b423ba0 KNOWN_BUGS: mention some cmake "support gaps" 2016-08-29 23:02:14 +02:00
Nick Zitzmann
e171968ba3 darwinssl: add documentation stating that the --cainfo option is intended for backward compatibility only
In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead.
2016-08-28 16:46:59 -05:00
Daniel Stenberg
0d729d9e01 http2: return CURLE_HTTP2_STREAM for unexpected stream close
Follow-up to c3e906e9cd, seems like a more appropriate error code

Suggested-by: Jay Satiro
2016-08-28 23:29:38 +02:00
Tatsuhiro Tsujikawa
c3e906e9cd http2: handle closed streams when uploading
Fixes #986
2016-08-28 17:59:34 +02:00
Daniel Stenberg
3533def3d5 http2: make sure stream errors don't needlessly close the connection
With HTTP/2 each transfer is made in an indivial logical stream over the
connection, making most previous errors that caused the connection to get
forced-closed now instead just kill the stream and not the connection.

Fixes #941
2016-08-28 16:44:49 +02:00
Daniel Stenberg
a6ddd6555e Curl_verify_windows_version: minor edit to avoid compiler warnings
... instead of if() before the switch(), add a default to the switch so
that the compilers don't warn on "warning: enumeration value
'PLATFORM_DONT_CARE' not handled in switch" anymore.
2016-08-27 18:08:16 +02:00
Steve Holme
8a529ef01d RELEASE-NOTES: Added missing fix from commit 15592143f 2016-08-27 11:10:17 +01:00
Jay Satiro
895168bfd3 schannel: Disable ALPN for Wine since it is causing problems
- Disable ALPN on Wine.

- Don't pass input secbuffer when ALPN is disabled.

When ALPN support was added a change was made to pass an input secbuffer
to initialize the context. When ALPN is enabled the buffer contains the
ALPN information, and when it's disabled the buffer is empty. In either
case this input buffer caused problems with Wine and connections would
not complete.

Bug: https://github.com/curl/curl/issues/983
Reported-by: Christian Fillion
2016-08-26 15:35:16 -04:00
Peter Wang
3a5d5de9ef nss: work around race condition in PK11_FindSlotByName()
Serialise the call to PK11_FindSlotByName() to avoid spurious errors in
a multi-threaded environment. The underlying cause is a race condition
in nssSlot_IsTokenPresent().

Bug: https://bugzilla.mozilla.org/1297397

Closes #985
2016-08-26 14:42:22 +02:00
Kamil Dudka
7700fcba64 nss: refuse previously loaded certificate from file
... when we are not asked to use a certificate from file
2016-08-26 13:30:27 +02:00
Daniel Stenberg
822082d832 ftp_done: remove dead code 2016-08-26 12:26:21 +02:00
Daniel Stenberg
39ba8dd09b TLS: random file/egd doesn't have to match for conn reuse 2016-08-26 10:01:19 +02:00
Daniel Stenberg
152e5c2105 test161: add comment for the exit code 2016-08-26 09:12:01 +02:00
Dan Fandrich
b5286189b5 test219: Add http as a required feature 2016-08-26 08:32:01 +02:00
Michael Kaufmann
7bda07b046 HTTP: stop parsing headers when switching to unknown protocols
- unknown protocols probably won't send more headers (e.g. WebSocket)
- improved comments and moved them to the correct case statements

Closes #899
2016-08-25 14:49:39 +02:00
Daniel Stenberg
9cb851e371 openssl: make build with 1.1.0 again
synced with OpenSSL git master commit cc06906707
2016-08-25 12:27:31 +02:00
Daniel Stenberg
a032a6f2bb INTERNALS: fix title 2016-08-25 11:00:28 +02:00
Daniel Stenberg
a71c9d4c40 configure: detect zlib with our pkg-config macros
... instead of relying on the pkg-config autoconf macros to be present.

Fixes #972 (again...)
2016-08-25 08:47:43 +02:00
Jay Satiro
2c36cb1cbb http2: Remove incorrect comments
.. also remove same from scp
2016-08-25 02:43:19 -04:00
Ales Novak
7ad50a61f2 ftp: fix wrong poll on the secondary socket
When we're uploading using FTP and the server issues a tiny pause
between opening the connection to the client's secondary socket, the
client's initial poll() times out, which leads to second poll() which
does not wait for POLLIN on the secondary socket. So that poll() also
has to time out, creating a long (200ms) pause.

This patch adds the correct flag to the secondary socket, making the
second poll() correctly wait for the connection there too.

Signed-off-by: Ales Novak <alnovak@suse.cz>

Closes #978
2016-08-23 15:31:07 +02:00
Daniel Stenberg
15592143f3 RELEASE-NOTES: synced with 95ded2c56 2016-08-22 14:48:13 +02:00
Daniel Stenberg
95ded2c569 configure: make it work without PKG_CHECK_MODULES
With commit c2f9b78 we added a new dependency on pkg-config for
developers which may be unwanted. This change make the configure script
still work as before if pkg-config isn't installed, it'll just use the
old zlib detection logic without pkg-config.

Reported-by: Marc Hörsken

Fixes #972
2016-08-21 23:34:48 +02:00
Marc Hoersken
fba9dec5c5 Revert "KNOWN_BUGS: SOCKS proxy not working via IPv6"
This reverts commit 9cb1059f92.

As discussed in #835 SOCKS5 supports IPv6 proxies and destinations.
2016-08-21 17:57:29 +02:00
Marco Deckel
7f3df80408 win: Basic support for Universal Windows Platform apps
Closes #820
2016-08-21 13:56:22 +02:00
Steve Holme
a78c61a4bf sasl: Don't use GSSAPI authentication when domain name not specified
Only choose the GSSAPI authentication mechanism when the user name
contains a Windows domain name or the user is a valid UPN.

Fixes #718
2016-08-21 11:56:23 +01:00
Steve Holme
43dbd76616 vauth: Added check for supported SSPI based authentication mechanisms
Completing commit 00417fd66c and 2708d4259b.
2016-08-21 10:27:09 +01:00
Steve Holme
317795d1bf http.c: Remove duplicate (authp->avail & CURLAUTH_DIGEST) check
From commit 2708d4259b.
2016-08-21 10:25:45 +01:00
Marc Hoersken
b820e40f34 socks.c: display the hostname returned by the SOCKS5 proxy server
Instead of displaying the requested hostname the one returned
by the SOCKS5 proxy server is used in case of connection error.
The requested hostname is displayed earlier in the connection sequence.

The upper-value of the port is moved to a temporary variable and
replaced with a 0-byte to make sure the hostname is 0-terminated.
2016-08-20 21:38:43 +02:00
Steve Holme
670802bd0b urldata.h: Corrected comment for httpcode which is also populated by SMTP
As of 7.25.0 and commit 5430007222.
2016-08-20 20:20:32 +01:00
Marc Hoersken
d6bf400e9f socks.c: use Curl_printable_address in SOCKS5 connection sequence
Replace custom string formatting with Curl_printable_address.
Add additional debug and error output in case of failures.
2016-08-20 21:15:00 +02:00
Marc Hoersken
213c27e487 socks.c: align SOCKS4 connection sequence with SOCKS5
Calling sscanf is not required since the raw IPv4 address is
available and the protocol can be detected using ai_family.
2016-08-20 21:15:00 +02:00
Steve Holme
c6b869ec79 http.c: Corrected indentation change from commit 2708d4259b
Made by Visual Studio's auto-correct feature and missed by me in my own
code reviews!
2016-08-20 19:34:54 +01:00
Steve Holme
2708d4259b http: Added calls to Curl_auth_is_<mechansism>_supported()
Hooked up the HTTP authentication layer to query the new 'is mechanism
supported' functions when deciding what mechanism to use.

As per commit 00417fd66c existing functionality is maintained for now.
2016-08-20 19:15:13 +01:00
Marc Hoersken
d1bfb1cf54 socks.c: improve verbose output of SOCKS5 connection sequence 2016-08-20 20:07:10 +02:00
Marc Hoersken
8f7f5a8b06 configure.ac: add missing quotes to PKG_CHECK_MODULES 2016-08-20 19:49:51 +02:00
Steve Holme
00417fd66c sasl: Added calls to Curl_auth_is_<mechansism>_supported()
Hooked up the SASL authentication layer to query the new 'is mechanism
supported' functions when deciding what mechanism to use.

For now existing functionality is maintained.
2016-08-20 14:02:44 +01:00
Miroslav Franc
0796a99317 spnego_sspi: fix memory leak in case *outlen is zero (#970) 2016-08-19 14:46:07 +02:00
Daniel Stenberg
2497c42172 CURLMOPT_MAX_TOTAL_CONNECTIONS.3: mention it can also multiplex 2016-08-19 09:40:40 +02:00
Steve Holme
a0f212946b vauth: Introduced Curl_auth_is_<mechansism>_supported() functions
As Windows SSPI authentication calls fail when a particular mechanism
isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5
and Negotiate to allow both HTTP and SASL authentication the opportunity
to query support for a supported mechanism before selecting it.

For now each function returns TRUE to maintain compatability with the
existing code when called.
2016-08-18 20:31:20 +01:00
Daniel Stenberg
cdd61dc35f test1144: verify HEAD with body-only response 2016-08-18 11:45:15 +02:00
Steve Holme
cf582d7bc0 RELEASE-PROCEDURE: Added some more future release dates
...and removed some old ones
2016-08-17 23:25:04 +01:00
David Woodhouse
01f69232b0 curl: allow "pkcs11:" prefix for client certificates
RFC7512 provides a standard method to reference certificates in PKCS#11
tokens, by means of a URI starting 'pkcs11:'.

We're working on fixing various applications so that whenever they would
have been able to use certificates from a file, users can simply insert
a PKCS#11 URI instead and expect it to work. This expectation is now a
part of the Fedora packaging guidelines, for example.

This doesn't work with cURL because of the way that the colon is used
to separate the certificate argument from the passphrase. So instead of

   curl -E 'pkcs11:manufacturer=piv_II;id=%01' …

I instead need to invoke cURL with the colon escaped, like this:

   curl -E 'pkcs11\:manufacturer=piv_II;id=%01' …

This is suboptimal because we want *consistency* — the URI should be
usable in place of a filename anywhere, without having strange
differences for different applications.

This patch therefore disables the processing in parse_cert_parameter()
when the string starts with 'pkcs11:'. It means you can't pass a
passphrase with an unescaped PKCS#11 URI, but there's no need to do so
because RFC7512 allows a PIN to be given as a 'pin-value' attribute in
the URI itself.

Also, if users are already using RFC7512 URIs with the colon escaped as
in the above example — even providing a passphrase for cURL to handling
instead of using a pin-value attribute, that will continue to work
because their string will start 'pkcs11\:' and won't match the check.

What *does* break with this patch is the extremely unlikely case that a
user has a file which is in the local directory and literally named
just "pkcs11", and they have a passphrase on it. If that ever happened,
the user would need to refer to it as './pkcs11:<passphrase>' instead.
2016-08-17 11:35:16 +02:00
Daniel Stenberg
667fcb04a6 nss: make the global variables static 2016-08-17 10:50:06 +02:00
Daniel Stenberg
f975f06033 openssl: use regular malloc instead of OPENSSL_malloc
This allows for better memmory debugging and torture tests.
2016-08-16 10:58:33 +02:00