1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 17:48:48 -05:00
Commit Graph

25325 Commits

Author SHA1 Message Date
Daniel Stenberg
3ecdfb1958
openssl: make CURLINFO_CERTINFO not truncate x509v3 fields
Avoid "reparsing" the content and instead deliver more exactly what is
provided in the certificate and avoid truncating the data after 512
bytes as done previously. This no longer removes embedded newlines.

Fixes #4837
Reported-by: bnfp on github
Closes #4841
2020-01-23 09:25:52 +01:00
Jay Satiro
5e2ad2d015 CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3
- Copy CURLOPT_SSL_OPTIONS.3 description to CURLOPT_PROXY_SSL_OPTIONS.3.

Prior to this change CURLSSLOPT_NO_PARTIALCHAIN was missing from the
CURLOPT_PROXY_SSL_OPTIONS description.
2020-01-23 02:51:52 -05:00
Daniel Stenberg
1ebc53df25
mk-ca-bundle: add support for CKA_NSS_SERVER_DISTRUST_AFTER
For now, no cert in the bundle actually sets a date there...

Co-Authored-by: Jay Satiro
Reported-by: Christian Heimes
Fixes #4834
Closes #4836
2020-01-22 10:41:31 +01:00
Daniel Stenberg
599d92e7d0
RELEASE-NOTES: synced 2020-01-21 15:17:15 +01:00
Pavel Volgarev
4a4609bf3c
smtp: Allow RCPT TO command to fail for some recipients
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.

Verified with the new tests 3002-3007

Closes #4816
2020-01-21 10:40:19 +01:00
Daniel Stenberg
23a17e039d
copyright: fix year ranges
follow-up from dea17b519d (one of these days I'll learn to check before
I push)
2020-01-21 10:34:44 +01:00
nao
dea17b519d
http: move "oauth_bearer" from connectdata to Curl_easy
Fixes the bug where oauth_bearer gets deallocated when we re-use a
connection.

Closes #4824
2020-01-21 10:32:43 +01:00
Emil Engler
1774dbd74c
curl: Let -D merge headers in one file again
Closes #4762
Fixes #4753
2020-01-21 09:23:30 +01:00
Daniel Stenberg
81e1b1ec23
data.d: remove "Multiple files can also be specified"
It is superfluous and could even be misleading.

Bug: https://curl.haxx.se/mail/archive-2020-01/0016.html
Reported-by: Mike Norton
Closes #4832
2020-01-21 08:39:48 +01:00
Marcel Raad
295ea5f641
CMake: support specifying the target Windows version
Previously, it was only possible to set it to Windows Vista or XP by
setting the option `ENABLE_INET_PTON` to `ON` resp. `OFF`.
Use a new cache variable `CURL_TARGET_WINDOWS_VERSION` to be able to
explicitly set the target Windows version. `ENABLE_INET_PTON` is
ignored in this case.

Ref: https://github.com/curl/curl/pull/1639#issuecomment-313039352
Ref: https://github.com/curl/curl/pull/4607#issuecomment-557541456
Closes https://github.com/curl/curl/pull/4815
2020-01-20 09:44:19 +01:00
Daniel Stenberg
ff807c16d2
http.h: Copyright year out of date, should be 2020
Follow-up to 7ff9222ced
2020-01-20 08:37:40 +01:00
加藤郁之
7ff9222ced
HTTP: increase EXPECT_100_THRESHOLD to 1Mb
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html

Closes #4814
2020-01-20 08:33:44 +01:00
Daniel Stenberg
c275aa9903
ROADMAP: thread-safe curl_global_init()
I'd like to see this happen.
2020-01-17 12:58:35 +01:00
Daniel Stenberg
a7ded055ad
RELEASE-NOTES: synced 2020-01-17 08:08:36 +01:00
Daniel Stenberg
59c1caf7f6
wolfssl: use the wc-prefixed symbol alternatives
The symbols without wc_ prefix are not always provided.

Ref: https://github.com/wolfSSL/wolfssl/issues/2744

Closes #4827
2020-01-16 16:02:17 +01:00
Daniel Stenberg
6357a19ff2
polarssl: removed
As detailed in DEPRECATE.md, the polarssl support is now removed after
having been disabled for 6 months and nobody has missed it.

The threadlock files used by mbedtls are renamed to an 'mbedtls' prefix
instead of the former 'polarssl' and the common functions that
previously were shared between mbedtls and polarssl and contained the
name 'polarssl' have now all been renamed to instead say 'mbedtls'.

Closes #4825
2020-01-16 11:55:56 +01:00
Marcel Raad
6f69edf962
libssh2: fix variable type
This led to a conversion warning on 64-bit MinGW, which has 32-bit
`long` but 64-bit `size_t`.

Closes https://github.com/curl/curl/pull/4823
2020-01-16 10:03:59 +01:00
Daniel Stenberg
c2feed05bc
curl:progressbarinit: ignore column width from terminals < 20
To avoid division by zero - or other issues.

Reported-by: Daniel Marjamäki
Closes #4818
2020-01-16 08:45:25 +01:00
Daniel Stenberg
68403cdbc6
wolfssh: set the password correctly for PASSWORD auth 2020-01-15 22:10:39 +01:00
Daniel Stenberg
820775a29a
wolfssh: remove fprintf() calls (and uses of __func__) 2020-01-15 22:10:39 +01:00
Marcel Raad
be578eea7e
CMake: use check_symbol_exists also for inet_pton
It doesn't make much sense to only check if the function can be linked
when it's not declared in any header and that is treated as an error.
With the correct target Windows version set, the function is declared
in ws2tcpip.h and the comment above the modified block is invalid.

Also, move the definition of `_WIN32_WINNT` up to before all symbol
availability checks so that we don't have to care which ones must be
done after it.

Tested with Visual Studio 2019 and current MinGW-w64.

Closes https://github.com/curl/curl/pull/4808
2020-01-14 19:43:00 +01:00
Jay Satiro
16da8bcd71 schannel_verify: Fix alt names manual verify for UNICODE builds
Follow-up to 29e40a6 from two days ago, which added that feature for
Windows 7 and earlier. The bug only occurred in same.

Ref: https://github.com/curl/curl/pull/4761
2020-01-13 18:25:12 -05:00
Daniel Stenberg
9d1a0922b7
HTTP-COOKIES.md: describe the cookie file format
... and refer to that file from from CURLOPT_COOKIEFILE.3 and
CURLOPT_COOKIELIST.3

Assisted-by: Jay Satiro
Reported-by: bsammon on github
Fixes #4805
Closes #4806
2020-01-13 23:18:32 +01:00
Tobias Hieta
4ccf7622db
CMake: Add support for CMAKE_LTO option.
This enables Link Time Optimization. LTO is a proven technique for
optimizing across compilation units.

Closes #4799
2020-01-13 23:14:49 +01:00
Daniel Stenberg
f128c00a99
RELEASE-NOTES: synced 2020-01-13 16:02:01 +01:00
Daniel Stenberg
9607532873
ConnectionExists: respect the max_concurrent_streams limits
A regression made the code use 'multiplexed' as a boolean instead of the
counter it is intended to be. This made curl try to "over-populate"
connections with new streams.

This regression came with 41fcdf71a1, shipped in curl 7.65.0.

Also, respect the CURLMOPT_MAX_CONCURRENT_STREAMS value in the same
check.

Reported-by: Kunal Ekawde
Fixes #4779
Closes #4784
2020-01-13 15:44:58 +01:00
Daniel Stenberg
4431ed2484
curl: make #0 not output the full URL
It was not intended nor documented!

Added test 1176 to verify.

Reported-by: vshmuk on hackerone

Closes #4812
2020-01-13 15:37:46 +01:00
Daniel Stenberg
6773c7ca65
wolfSSH: new SSH backend
Adds support for SFTP (not SCP) using WolfSSH.

Closes #4231
2020-01-12 17:19:12 +01:00
Daniel Stenberg
ad0aa27a9d
curl: remove 'config' field from OutStruct
As it was just unnecessary duplicated information already stored in the
'per_transfer' struct and that's around mostly anyway.

The duplicated pointer caused problems when the code flow was aborted
before the dupe was filled in and could cause a NULL pointer access.

Reported-by: Brian Carpenter
Fixes #4807
Closes #4810
2020-01-12 17:17:44 +01:00
Daniel Stenberg
29babeafec
misc: Copyright year out of date, should be 2020
Follow-up to recent commits

[skip ci]
2020-01-12 16:55:50 +01:00
Santino Keupp
272282a054 libssh2: add support for forcing a hostkey type
- Allow forcing the host's key type found in the known_hosts file.

Currently, curl (with libssh2) does not take keys from your known_hosts
file into account when talking to a server. With this patch the
known_hosts file will be searched for an entry matching the hostname
and, if found, libssh2 will be told to claim this key type from the
server.

Closes https://github.com/curl/curl/pull/4747
2020-01-11 19:17:33 -05:00
nicoguillier
8792a59223 cmake: Improve libssh2 check on Windows
- Add "libssh2" name to FindLibSSH2 library search.

On Windows systems, libSSH2 CMake installation may name the library
"LibSSH2".

Prior to this change cmake only checked for name "ssh2". On Linux that
works fine because it will prepend the "lib", but it doesn't do that on
Windows.

Closes https://github.com/curl/curl/pull/4804
2020-01-11 18:53:32 -05:00
Faizur Rahman
29e40a6d8a schannel: Make CURLOPT_CAINFO work better on Windows 7
- Support hostname verification via alternative names (SAN) in the
  peer certificate when CURLOPT_CAINFO is used in Windows 7 and earlier.

CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a
result CertGetNameString doesn't quite work on those versions of
Windows. This change provides an alternative solution for
CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier
versions of Windows.

Prior to this change many certificates failed the hostname validation
when CURLOPT_CAINFO was used in Windows 7 and earlier. Most certificates
now represent multiple hostnames and rely on the alternative names field
exclusively to represent their hostnames.

Reported-by: Jeroen Ooms

Fixes https://github.com/curl/curl/issues/3711
Closes https://github.com/curl/curl/pull/4761
2020-01-11 18:23:46 -05:00
Emil Engler
cbb5429001 ngtcp2: Add an error code for QUIC connection errors
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection
  errors.

Prior to this change CURLE_FAILED_INIT was used, but that was not
correct.

Closes https://github.com/curl/curl/pull/4754
2020-01-11 18:19:32 -05:00
Jay Satiro
b700662b1c multi: Change curl_multi_wait/poll to error on negative timeout
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when
  curl_multi_wait/poll is passed timeout param < 0.

Prior to this change passing a negative value to curl_multi_wait/poll
such as -1 could cause the function to wait forever.

Reported-by: hamstergene@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4763

Closes https://github.com/curl/curl/pull/4765
2020-01-11 18:16:28 -05:00
Marc Aldorasi
ea6d6205d9 cmake: Enable SMB for Windows builds
- Define USE_WIN32_CRYPTO by default. This enables SMB.

- Show whether SMB is enabled in the "Enabled features" output.

- Fix mingw compiler warning for call to CryptHashData by casting away
  const param. mingw CryptHashData prototype is wrong.

Closes https://github.com/curl/curl/pull/4717
2020-01-11 18:10:47 -05:00
Jay Satiro
c9c551f1f9 vtls: Refactor Curl_multissl_version to make the code clearer
Reported-by: Johannes Schindelin

Ref: https://github.com/curl/curl/pull/3863#pullrequestreview-241395121

Closes https://github.com/curl/curl/pull/4803
2020-01-11 17:50:33 -05:00
Daniel Stenberg
8bd14c871f
fix: Copyright year out of date, should be 2020
Follow-up to 875314ed0b
2020-01-10 22:39:04 +01:00
Marcel Raad
875314ed0b
hostip: move code to resolve IP address literals to Curl_resolv
The code was duplicated in the various resolver backends.

Also, it was called after the call to `Curl_ipvalid`, which matters in
case of `CURLRES_IPV4` when called from `connect.c:bindlocal`. This
caused test 1048 to fail on classic MinGW.

The code ignores `conn->ip_version` as done previously in the
individual resolver backends.

Move the call to the `resolver_start` callback up to appease test 655,
which wants it to be called also for literal addresses.

Closes https://github.com/curl/curl/pull/4798
2020-01-10 17:57:16 +01:00
Daniel Stenberg
062eaa63b5
scripts/delta: adapt to new public header layout 2020-01-09 22:57:33 +01:00
Daniel Stenberg
fb723fd9d1
test1167: verify global symbols in public headers are curl prefixed
... using the new badsymbols.pl perl script

Fixes #4793
Closes #4794
2020-01-09 22:57:33 +01:00
Daniel Stenberg
5ebe5044ab
libtest/mk-lib1521: adapt to new public header layout 2020-01-09 22:57:33 +01:00
Daniel Stenberg
920deff861
include: remove non-curl prefixed defines
...requires some rearranging of the setup of CURLOPT_ and CURLMOPT_
enums.
2020-01-09 22:57:33 +01:00
Daniel Stenberg
1adebe7886
curl.h: remove WIN32 define
It isn't our job to define this in a public header - and it defines a
name outside of our naming scope.
2020-01-09 22:57:32 +01:00
Daniel Stenberg
f4d60b6f8f
tool_dirhie.c: fix the copyright year range
Follow-up to: 4027bd72d9
2020-01-09 22:49:29 +01:00
Daniel Stenberg
e858ae9428
bump: work towards 7.69.0 is started 2020-01-09 22:42:18 +01:00
Jay Satiro
4027bd72d9 tool_dirhie: Allow directory traversal during creation
- When creating a directory hierarchy do not error when mkdir fails due
  to error EACCESS (13) "access denied".

Some file systems allow for directory traversal; in this case that it
should be possible to create child directories when permission to the
parent directory is restricted.

This is a regression caused by me in f16bed0 (precedes curl-7_61_1).
Basically I had assumed that if a directory already existed it would
fail only with error EEXIST, and not error EACCES. The latter may
happen if the directory exists but has certain restricted permissions.

Reported-by: mbeifuss@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4796
Closes https://github.com/curl/curl/pull/4797
2020-01-09 14:24:53 -05:00
Daniel Stenberg
446665606c
KNOWN_BUGS: AUTH PLAIN for SMTP is not working on all servers
Closes #4080
2020-01-09 16:19:34 +01:00
Daniel Stenberg
3b75084ce6
docs/RELEASE-PROCEDURE.md: pushed some release dates
Ref: https://curl.haxx.se/mail/lib-2020-01/0031.html
2020-01-09 09:31:52 +01:00
Daniel Stenberg
a7d4693a48
runtests: make random seed fixed for a month
When using randomized features of runtests (-R and --shallow) it is
useful to have a fixed random seed to make sure for example extra
commits in a branch or a rebase won't change the seed that would make
repeated runs work differently.

As it is also useful to change seed sometimes, the default seed is now
determined based on the current month (and first line curl -V
output). When the month changes, so will the random seed.

The specific seed is also shown in the standard test suite top header
and it can be set explictly with the new --seed=[num] option so that the
exact order of a previous run can be achieved.

Closes #4734
2020-01-09 09:12:05 +01:00