1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-10 19:45:04 -05:00
Commit Graph

20920 Commits

Author SHA1 Message Date
Daniel Stenberg
a96319ebb9 proxy: reject attempts to use unsupported proxy schemes
I discovered some people have been using "https://example.com" style
strings as proxy and it "works" (curl doesn't complain) because curl
ignores unknown schemes and then assumes plain HTTP instead.

I think this misleads users into believing curl uses HTTPS to proxies
when it doesn't. Now curl rejects proxy strings using unsupported
schemes instead of just ignoring and defaulting to HTTP.
2016-08-15 10:46:27 +02:00
Daniel Stenberg
a5174b022b RELEASE-NOTES: synced with b7ee5316c2 2016-08-15 08:47:21 +02:00
Marc Hoersken
b7ee5316c2 socks.c: Correctly calculate position of port in response packet
Third commit to fix issue #944 regarding SOCKS5 error handling.

Reported-by: David Kalnischkies
2016-08-14 17:07:11 +02:00
Marc Hoersken
cc3384a254 socks.c: Do not modify and invalidate calculated response length
Second commit to fix issue #944 regarding SOCKS5 error handling.

Reported-by: David Kalnischkies
2016-08-14 17:05:32 +02:00
Marc Hoersken
59580e12ba socks.c: Move error output after reading the whole response packet
First commit to fix issue #944 regarding SOCKS5 error handling.

Reported-by: David Kalnischkies
2016-08-14 17:01:13 +02:00
Ronnie Mose
cdaed77206 MANUAL: Remove invalid link to LDAP documentation (#962)
The server developer.netscape.com does not resolve into any
ip address and can be removed.
2016-08-13 14:38:09 +02:00
Jay Satiro
b6fcdc32eb openssl: accept subjectAltName iPAddress if no dNSName match
Undo change introduced in d4643d6 which caused iPAddress match to be
ignored if dNSName was present but did not match.

Also, if iPAddress is present but does not match, and dNSName is not
present, fail as no-match. Prior to this change in such a case the CN
would be checked for a match.

Bug: https://github.com/curl/curl/issues/959
Reported-by: wmsch@users.noreply.github.com
2016-08-13 02:14:46 -04:00
Dambaev Alexander
c2f9b78afe configure.ac: add zlib search with pkg-config
Closes #956
2016-08-12 08:22:58 +02:00
Daniel Stenberg
2c8ccdac14 rtsp: ignore whitespace in session id
Follow-up to e577c43bb to fix test case 569 brekage: stop the parser at
whitespace as well.

Help-by: Erik Janssen
2016-08-11 14:02:12 +02:00
Daniel Stenberg
31e33a9a46 HTTP: retry failed HEAD requests too
Mark's new document about HTTP Retries
(https://mnot.github.io/I-D/httpbis-retry/) made me check our code and I
spotted that we don't retry failed HEAD requests which seems totally
inconsistent and I can't see any reason for that separate treatment.

So, no separate treatment for HEAD starting now. A HTTP request sent
over a reused connection that gets cut off before a single byte is
received will be retried on a fresh connection.

Made-aware-by: Mark Nottingham
2016-08-11 08:33:36 +02:00
Daniel Stenberg
04f84edd5b mk-ca-bundle.1: document -m, added in 1.26 2016-08-11 08:21:33 +02:00
Daniel Stenberg
6301692fae RELEASE-NOTES: synced with e577c43bb5 2016-08-10 09:12:34 +02:00
Erik Janssen
e577c43bb5 rtsp: accept any RTSP session id
Makes libcurl work in communication with gstreamer-based RTSP
servers. The original code validates the session id to be in accordance
with the RFC. I think it is better not to do that:

- For curl the actual content is a don't care.

- The clarity of the RFC is debatable, is $ allowed or only as \$, that
  is imho not clear

- Gstreamer seems to url-encode the session id but % is not allowed by
the RFC

- less code

With this patch curl will correctly handle real-life lines like:
Session: biTN4Kc.8%2B1w-AF.; timeout=60

Bug: https://curl.haxx.se/mail/lib-2016-08/0076.html
2016-08-10 08:58:10 +02:00
Daniel Stenberg
85e63bcfc7 symbols-in-versions: add CURL_STRICTER
Added in 5fce88aa8c
2016-08-09 21:34:47 +02:00
Simon Warta
dec9346460 winbuild: Allow changing C compiler via environment variable CC (#952)
This makes it possible to use specific compilers or a cache.

Sample use for clcache:
set CC=clcache.bat
nmake /f Makefile.vc DEBUG=no MODE=static VC=14 GEN_PDB=no
2016-08-09 21:27:36 +02:00
Daniel Stenberg
50cb384fd9 LICENSE-MIXING.md: switched to markdown 2016-08-09 15:04:50 +02:00
Daniel Stenberg
dcdc5f416d docs-make: have markdown files use .md 2016-08-09 14:47:20 +02:00
Daniel Stenberg
5fce88aa8c curl.h: make CURL_NO_OLDIES define CURL_STRICTER 2016-08-09 14:46:51 +02:00
Daniel Stenberg
6152b5916e HISTORY.md: use markdown extension 2016-08-09 12:05:43 +02:00
Daniel Stenberg
615a12cbad SSLCERTS.md: renamed to markdown extension 2016-08-09 12:03:46 +02:00
Daniel Stenberg
d263e83079 INTERNALS.md: use markdown extension for markdown content 2016-08-09 12:01:47 +02:00
Daniel Stenberg
e24597dc83 CONTRIBUTE.md: markdown extension 2016-08-09 11:40:39 +02:00
Daniel Stenberg
08fd82f370 CONTRIBUTE: changed to markdown 2016-08-09 11:39:58 +02:00
Daniel Stenberg
1af5958978 CONTRIBUTE: refreshed 2016-08-09 10:53:42 +02:00
Daniel Stenberg
296c180bb7 TODO: added an SSH section and two SFTP things to do 2016-08-09 10:05:26 +02:00
Daniel Stenberg
63cc406389 TODO: remove the 1.22 duplicated item 2016-08-09 09:55:16 +02:00
Daniel Stenberg
4e1ebe63cf TODO: move "CURLOPT_MAIL_CLIENT" to SMTP section 2016-08-09 09:53:06 +02:00
Daniel Stenberg
546d4a3505 TODO: API for URL parsing/splitting 2016-08-09 09:51:43 +02:00
Daniel Stenberg
ca3e8268c5 TODO: move QUIC to the HTTP section 2016-08-09 09:43:52 +02:00
Simon Warta
b2ac016510 winbuild: Free name $(CC) in Makefile (#950)
In the old line number 290, CC and CURL_CC had the same value. After
that, /DCURL_STATICLIB was added to CC but not CURL_CC (intended?).

This gets rid of the CC variable entirely. It is a first step to make it
possible to manualyl set a CC variable in order to be able to change the
compiler.
2016-08-09 08:29:59 +02:00
Daniel Stenberg
36ee0ea57c TODO: Use huge HTTP/2 windows 2016-08-08 23:46:11 +02:00
Simon Warta
26424ba07f winbuild: Avoid setting redundant CFLAGS to compile commands (#949)
$(CURL_CC) is always used with $(CURL_CFLAGS) appended, so before this,
all arguments in CURL_CFLAGS have been added twice.
2016-08-08 21:26:57 +02:00
Jay Satiro
82617e7499 cmake: Enable win32 threaded resolver by default
- Turn on USE_THREADS_WIN32 in Windows if ares isn't on

This change is similar to what we already do in the autotools build.
2016-08-08 02:37:29 -04:00
Jay Satiro
11049e007a cmake: Enable win32 large file support by default
All compilers used by cmake in Windows should support large files.

- Add test SIZEOF_OFF_T
- Remove outdated test SIZEOF_CURL_OFF_T
- Turn on USE_WIN32_LARGE_FILES in Windows
- Check for 'Largefile' during the features output
2016-08-08 00:25:03 -04:00
Daniel Stenberg
5a86fddfba TODO: added several ideas, removed SPDY 2016-08-07 23:52:06 +02:00
Daniel Stenberg
ea45b4334f http2: always wait for readable socket
Since the server can at any time send a HTTP/2 frame to us, we need to
wait for the socket to be readable during all transfers so that we can
act on incoming frames even when uploading etc.

Reminded-by: Tatsuhiro Tsujikawa
2016-08-05 00:44:01 +02:00
Daniel Stenberg
9803e832d9 RELEASE-NOTES: synced with 7b4bf37a44 2016-08-05 00:37:03 +02:00
Thomas Glanzmann
7b4bf37a44 mbedtls: set debug threshold to 4 (verbose) when MBEDTLS_DEBUG is defined
In order to make MBEDTLS_DEBUG work, the debug threshold must be unequal
to 0.  This patch also adds a comment how mbedtls must be compiled in
order to make debugging work, and explains the possible debug levels.
2016-08-05 00:23:17 +02:00
Daniel Stenberg
4732ca5724 CURLOPT_TCP_NODELAY: now enabled by default
After a few wasted hours hunting down the reason for slowness during a
TLS handshake that turned out to be because of TCP_NODELAY not being
set, I think we have enough motivation to toggle the default for this
option. We now enable TCP_NODELAY by default and allow applications to
switch it off.

This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be
used to disable it.

Thanks-to: Tim Rühsen
Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html
2016-08-05 00:12:57 +02:00
Serj Kalichev
edeabf741f TFTP: Fix upload problem with piped input
When input stream for curl is stdin and input stream is not a file but
generated by a script then curl can truncate data transfer to arbitrary
size since a partial packet is treated as end of transfer by TFTP.

Fixes #857
2016-08-04 00:30:31 +02:00
Daniel Stenberg
600bb4e852 mk-ca-bundle.pl: -m keeps ca cert meta data in output
Makes the script pass on comments holding meta data to the output
file. Like fingerprinters, issuer, date ranges etc.

Closes #937
2016-08-04 00:28:28 +02:00
Daniel Stenberg
bde2f09d5e multi: make Curl_expire() work with 0 ms timeouts
Previously, passing a timeout of zero to Curl_expire() was a magic code
for clearing all timeouts for the handle. That is now instead made with
the new Curl_expire_clear() function and thus a 0 timeout is fine to set
and will trigger a timeout ASAP.

This will help removing short delays, in particular notable when doing
HTTP/2.
2016-08-04 00:26:01 +02:00
Daniel Stenberg
6eb60c2dc5 transfer: return without select when the read loop reached maxcount
Regression added in 790d6de485. The was then added to avoid one
particular transfer to starve out others. But when aborting due to
reading the maxcount, the connection must be marked to be read from
again without first doing a select as for some protocols (like SFTP/SCP)
the data may already have been read off the socket.

Reported-by: Dan Donahue
Bug: https://curl.haxx.se/mail/lib-2016-07/0057.html
2016-08-04 00:23:27 +02:00
Bill Nagel
497e7c9d34 mbedtls: Added support for NTLM 2016-08-03 19:33:59 +01:00
Sergei Nikulov
db3887632c travis: removed option to rebuild autotool from source
Fixes #943
2016-08-03 13:25:32 +02:00
Daniel Stenberg
73878278d8 bump: start working toward 7.50.2 2016-08-03 09:36:27 +02:00
Daniel Stenberg
f2cb3a0119 THANKS: 7 new contributors from the 7.50.1 release 2016-08-03 08:37:16 +02:00
Daniel Stenberg
95addfe828 RELEASE-NOTES: 7.50.1 2016-08-03 00:34:27 +02:00
Daniel Stenberg
11ec5ad435 TLS: only reuse connections with the same client cert
CVE-2016-5420
Bug: https://curl.haxx.se/docs/adv_20160803B.html
2016-08-03 00:34:27 +02:00
Daniel Stenberg
247d890da8 TLS: switch off SSL session id when client cert is used
CVE-2016-5419
Bug: https://curl.haxx.se/docs/adv_20160803A.html
Reported-by: Bru Rom
Contributions-by: Eric Rescorla and Ray Satiro
2016-08-03 00:34:27 +02:00