1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 06:25:03 -05:00
Commit Graph

25141 Commits

Author SHA1 Message Date
Marcel Raad
367e4b3c4d
openssl: fix compiler warning with LibreSSL
It was already fixed for BoringSSL in commit a0f8fccb1e.
LibreSSL has had the second argument to SSL_CTX_set_min_proto_version
as uint16_t ever since the function was added in [0].

[0] 56f107201b

Closes https://github.com/curl/curl/pull/4397
2019-09-22 20:55:54 +02:00
Daniel Stenberg
f8a2058533
curl: exit the create_transfers loop on errors
When looping around the ranges and given URLs to create transfers, all
errors should exit the loop and return. Previously it would keep
looping.

Reported-by: SumatraPeter on github
Bug: #4393
Closes #4396
2019-09-22 12:27:58 +02:00
Jay Satiro
5ee88eee68 socks: Fix destination host shown on SOCKS5 error
Prior to this change when a server returned a socks5 connect error then
curl would parse the destination address:port from that data and show it
to the user as the destination:

curld -v --socks5 10.0.3.1:1080 http://google.com:99
* SOCKS5 communication to google.com:99
* SOCKS5 connect to IPv4 172.217.12.206 (locally resolved)
* Can't complete SOCKS5 connection to 253.127.0.0:26673. (1)
curl: (7) Can't complete SOCKS5 connection to 253.127.0.0:26673. (1)

That's incorrect because the address:port included in the connect error
is actually a bind address:port (typically unused) and not the
destination address:port. This fix changes curl to show the destination
information that curl sent to the server instead:

curld -v --socks5 10.0.3.1:1080 http://google.com:99
* SOCKS5 communication to google.com:99
* SOCKS5 connect to IPv4 172.217.7.14:99 (locally resolved)
* Can't complete SOCKS5 connection to 172.217.7.14:99. (1)
curl: (7) Can't complete SOCKS5 connection to 172.217.7.14:99. (1)

curld -v --socks5-hostname 10.0.3.1:1080 http://google.com:99
* SOCKS5 communication to google.com:99
* SOCKS5 connect to google.com:99 (remotely resolved)
* Can't complete SOCKS5 connection to google.com:99. (1)
curl: (7) Can't complete SOCKS5 connection to google.com:99. (1)

Ref: https://tools.ietf.org/html/rfc1928#section-6

Closes https://github.com/curl/curl/pull/4394
2019-09-21 23:45:02 -04:00
Daniel Stenberg
e09749dd43
travis: enable ngtcp2 h3-23 builds 2019-09-21 23:11:35 +02:00
Daniel Stenberg
d176a2c7e5
altsvc: both backends run h3-23 now
Closes #4395
2019-09-21 23:11:29 +02:00
Daniel Stenberg
fe514ad9ae
http: fix warning on conversion from int to bit
Follow-up from 03ebe66d70
2019-09-21 23:09:59 +02:00
Daniel Stenberg
03ebe66d70
urldata: use 'bool' for the bit type on MSVC compilers
Closes #4387
Fixes #4379
2019-09-21 23:05:41 +02:00
Daniel Stenberg
0b7d7abe20
appveyor: upgrade VS2017 to VS2019
Closes #4383
2019-09-21 23:04:48 +02:00
Zenju
36ff5e37b9
FTP: FTPFILE_NOCWD: avoid redundant CWDs
Closes #4382
2019-09-21 16:23:03 +02:00
Daniel Stenberg
0801343e27
cookie: pass in the correct cookie amount to qsort()
As the loop discards cookies without domain set. This bug would lead to
qsort() trying to sort uninitialized pointers. We have however not found
it a security problem.

Reported-by: Paul Dreik
Closes #4386
2019-09-21 16:07:52 +02:00
Paul Dreik
47066036a0
urlapi: avoid index underflow for short ipv6 hostnames
If the input hostname is "[", hlen will underflow to max of size_t when
it is subtracted with 2.

hostname[hlen] will then cause a warning by ubsanitizer:

runtime error: addition of unsigned offset to 0x<snip> overflowed to
0x<snip>

I think that in practice, the generated code will work, and the output
of hostname[hlen] will be the first character "[".

This can be demonstrated by the following program (tested in both clang
and gcc, with -O3)

int main() {
  char* hostname=strdup("[");
  size_t hlen = strlen(hostname);

  hlen-=2;
  hostname++;
  printf("character is %d\n",+hostname[hlen]);
  free(hostname-1);
}

I found this through fuzzing, and even if it seems harmless, the proper
thing is to return early with an error.

Closes #4389
2019-09-21 15:57:17 +02:00
Tatsuhiro Tsujikawa
63a8d2b172
ngtcp2: compile with latest ngtcp2 + nghttp3 draft-23
Closes #4392
2019-09-21 15:44:17 +02:00
Daniel Stenberg
698149e42c
THANKS-filter: deal with my typos 'Jat' => 'Jay' 2019-09-20 13:53:23 +02:00
Daniel Stenberg
52db0b89d0
travis: use go master
... as the boringssl builds needs a very recent version

Co-authored-by: Jat Satiro
Closes #4361
2019-09-20 13:50:35 +02:00
Daniel Stenberg
a89aeb5451
tool_operate: removed unused variable 'done'
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:08:02 +02:00
Daniel Stenberg
2d5f76f22f
tool_operate: Expression 'config->resume_from' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:58 +02:00
Daniel Stenberg
b5a69b7a35
tool_getparam: remove duplicate switch case
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:55 +02:00
Daniel Stenberg
7d5524500d
libssh2: part of conditional expression is always true: !result
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:52 +02:00
Daniel Stenberg
36fbb10071
urlapi: Expression 'storep' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:48 +02:00
Daniel Stenberg
a6451487d4
urlapi: 'scheme' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:46 +02:00
Daniel Stenberg
b10464399b
urlapi: part of conditional expression is always true: (relurl[0] == '/')
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:42 +02:00
Daniel Stenberg
8f593f6d3b
setopt: store CURLOPT_RTSP_SERVER_CSEQ correctly
Fixes bug detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:35 +02:00
Daniel Stenberg
2ba62322a7
mime: make Curl_mime_duppart() assert if called without valid dst
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:31 +02:00
Daniel Stenberg
cc95dbd64f
http_proxy: part of conditional expression is always true: !error
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:28 +02:00
Daniel Stenberg
d0390a538a
imap: merged two case-branches performing the same action
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:25 +02:00
Daniel Stenberg
07c1af9226
multi: value '2L' is assigned to a boolean
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:21 +02:00
Daniel Stenberg
2e68e5a023
easy: part of conditional expression is always true: !result
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:20 +02:00
Daniel Stenberg
0b90ec9bbf
netrc: part of conditional expression is always true: !done
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:18 +02:00
Daniel Stenberg
317c97bd81
version: Expression 'left > 1' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:17 +02:00
Daniel Stenberg
389426e3d0
url: remove dead code
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:13 +02:00
Daniel Stenberg
3ab45650e2
url: part of expression is always true: (bundle->multiuse == 0)
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:11 +02:00
Daniel Stenberg
e3c41ebd7c
ftp: the conditional expression is always true
... both !result and (ftp->transfer != FTPTRANSFER_BODY)!

Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:06 +02:00
Daniel Stenberg
49f3117a23
ftp: Expression 'ftpc->wait_data_conn' is always false
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:03 +02:00
Daniel Stenberg
a50c3d7fa0
ftp: Expression 'ftpc->wait_data_conn' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:00 +02:00
Daniel Stenberg
97c17e9fcb
ftp: part of conditional expression is always true: !result
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:06:58 +02:00
Daniel Stenberg
69ea985d4c
http: fix Expression 'http->postdata' is always false
Fixes warning detected by PVS-Studio
Fixes #4374
Reported-by: Valerii Zapodovnikov
2019-09-20 08:06:47 +02:00
Niall O'Reilly
0d59addff6
doh: avoid truncating DNS QTYPE to lower octet
Closes #4381
2019-09-19 22:50:38 +02:00
Jens Finkhaeuser
0a4ecbdf1c
urlapi: CURLU_NO_AUTHORITY allows empty authority/host part
CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not
"file:///") to override cURL's default demand that an authority exists.

Closes #4349
2019-09-19 15:57:28 +02:00
Daniel Stenberg
346188f6e4
version: next release will be 7.67.0 2019-09-19 15:57:28 +02:00
Daniel Stenberg
2d55460ec5
RELEASE-NOTES: synced 2019-09-19 15:30:16 +02:00
Daniel Stenberg
3c5f9ba899
url: only reuse TLS connections with matching pinning
If the requests have different CURLOPT_PINNEDPUBLICKEY strings set, the
connection should not be reused.

Bug: https://curl.haxx.se/mail/lib-2019-09/0061.html
Reported-by: Sebastian Haglund

Closes #4347
2019-09-19 14:58:24 +02:00
Daniel Stenberg
fafad1496b
README: add OSS-Fuzz badge [skip ci]
Closes #4380
2019-09-19 14:02:10 +02:00
Michael Kaufmann
2a2404153b http: merge two "case" statements 2019-09-18 13:45:41 +02:00
Zenju
1c02a4e874
FTP: remove trailing slash from path for LIST/MLSD
Closes #4348
2019-09-18 09:27:21 +02:00
Daniel Stenberg
ac58c51b29
mime: when disabled, avoid C99 macro
Closes #4368
2019-09-18 08:08:41 +02:00
Daniel Stenberg
beb4350917
url: cleanup dangling DOH request headers too
Follow-up to 9bc44ff64d

Credit to OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/17269

Closes #4372
2019-09-18 07:48:49 +02:00
Christoph M. Becker
7c596f5dea
http2: relax verification of :authority in push promise requests
If the :authority pseudo header field doesn't contain an explicit port,
we assume it is valid for the default port, instead of rejecting the
request for all ports.

Ref: https://curl.haxx.se/mail/lib-2019-09/0041.html

Closes #4365
2019-09-16 23:36:22 +02:00
Daniel Stenberg
9bc44ff64d
doh: clean up dangling DOH handles and memory on easy close
If you set the same URL for target as for DoH (and it isn't a DoH
server), like "https://example.com" in both, the easy handles used for
the DoH requests could be left "dangling" and end up not getting freed.

Reported-by: Paul Dreik
Closes #4366
2019-09-16 17:31:56 +02:00
Daniel Stenberg
3ad883aeda
unit1655: make it C90 compliant
Unclear why this was not detected in the CI.

Follow-up to b766602729
2019-09-16 14:30:44 +02:00
Daniel Stenberg
6de1053692
smb: check for full size message before reading message details
To avoid reading of uninitialized data.

Assisted-by: Max Dymond
Bug: https://crbug.com/oss-fuzz/16907
Closes #4363
2019-09-16 14:16:06 +02:00