1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 09:38:54 -05:00
Commit Graph

9866 Commits

Author SHA1 Message Date
Christian Schmitz
78611c745c
ssh: show libSSH2 error code when closing fails
Closes #2500
2018-04-16 16:46:08 +02:00
Daniel Gustafsson
36f0f47887 vauth: Fix typo
Address various spellings of "credentials".

Closes https://github.com/curl/curl/pull/2496
2018-04-15 03:25:48 -04:00
Daniel Gustafsson
9b96e0bb44 checksrc: Fix typo
Fix typo in "semicolon" spelling and remove stray tab character.

Closes https://github.com/curl/curl/pull/2498
2018-04-15 03:05:45 -04:00
Daniel Gustafsson
94400f32e9 all: Refactor malloc+memset to use calloc
When a zeroed out allocation is required, use calloc() rather than
malloc() followed by an explicit memset(). The result will be the
same, but using calloc() everywhere increases consistency in the
codebase and avoids the risk of subtle bugs when code is injected
between malloc and memset by accident.

Closes https://github.com/curl/curl/pull/2497
2018-04-15 03:00:37 -04:00
Daniel Stenberg
2b126cd708
duphandle: make sure CURLOPT_RESOLVE is duplicated fine too
Verified in test 1502 now

Fixes #2485
Closes #2486
Reported-by: Ernst Sjöstrand
2018-04-12 16:21:24 +02:00
Daniel Stenberg
85eea2fb38
proxy: show getenv proxy use in verbose output
... to aid debugging etc as it sometimes isn't immediately obvious why
curl uses or doesn't use a proxy.

Inspired by #2477

Closes #2480
2018-04-11 10:56:03 +02:00
Marcel Raad
0f31647cf7
lib: silence null-dereference warnings
In debug mode, MingGW-w64's GCC 7.3 issues null-dereference warnings
when dereferencing pointers after DEBUGASSERT-ing that they are not
NULL.
Fix this by removing the DEBUGASSERTs.

Suggested-by: Daniel Stenberg
Ref: https://github.com/curl/curl/pull/2463
2018-04-09 15:54:52 +02:00
Daniel Stenberg
dc1b6c5a00
build: cleanup to fix clang warnings/errors
unit1309 and vtls/gtls: error: arithmetic on a null pointer treated as a
cast from integer to pointer is a GNU extension

Reported-by: Rikard Falkeborn

Fixes #2466
Closes #2468
2018-04-08 13:59:30 +02:00
Daniel Stenberg
8020a0c62f
curl_setup: provide a CURL_SA_FAMILY_T type if none exists
... and use this type instead of 'sa_family_t' in the code since several
platforms don't have it.

Closes #2463
2018-04-07 11:19:46 +02:00
Eric Gallager
a19fefb070
build: add picky compiler warning flags for gcc 6 and 7 2018-04-07 11:18:58 +02:00
Daniel Stenberg
dd03e8c281
hash: calculate sizes with size_t instead of longs
... since they return size_t anyway!

closes #2462
2018-04-06 23:42:25 +02:00
Laurie Clark-Michalek
5f3938bc4a
FTP: allow PASV on IPv6 connections when a proxy is being used
In the situation of a client connecting to an FTP server using an IPv6
tunnel proxy, the connection info will indicate that the connection is
IPv6. However, because the server behing the proxy is IPv4, it is
permissable to attempt PSV mode. In the case of the FTP server being
IPv4 only, EPSV will always fail, and with the current logic curl will
be unable to connect to the server, as the IPv6 fwdproxy causes curl to
think that EPSV is impossible.

Closes #2432
2018-04-06 14:30:59 +02:00
Jon DeVree
695e96b3d5
file: restore old behavior for file:////foo/bar URLs
curl 7.57.0 and up interpret this according to Appendix E.3.2 of RFC
8089 but then returns an error saying this is unimplemented. This is
actually a regression in behavior on both Windows and Unix.

Before curl 7.57.0 this URL was treated as a path of "//foo/bar" and
then passed to the relevant OS API. This means that the behavior of this
case is actually OS dependent.

The Unix path resolution rules say that the OS must handle swallowing
the extra "/" and so this path is the same as "/foo/bar"

The Windows path resolution rules say that this is a UNC path and
automatically handles the SMB access for the program. So curl on Windows
was already doing Appendix E.3.2 without any special code in curl.

Regression

Closes #2438
2018-04-06 14:28:42 +02:00
Gaurav Malhotra
2536e2450b
Revert "openssl: Don't add verify locations when verifypeer==0"
This reverts commit dc85437736.

libcurl (with the OpenSSL backend) performs server certificate verification
even if verifypeer == 0 and the verification result is available using
CURLINFO_SSL_VERIFYRESULT. The commit that is being reverted caused the
CURLINFO_SSL_VERIFYRESULT to not have useful information for the
verifypeer == 0 use case (it would always have
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY).

Closes #2451
2018-04-06 14:25:00 +02:00
Wyatt O'Day
336b6a32c0
tls: fix mbedTLS 2.7.0 build + handle sha256 failures
(mbedtls 2.70 compiled with MBEDTLS_DEPRECATED_REMOVED)

Closes #2453
2018-04-06 14:21:50 +02:00
Lauri Kasanen
746479adcb
cookie: case-insensitive hashing for the domains
closes #2458
2018-04-06 14:13:08 +02:00
Patrick Monnerat
82dfdac5f7 cookie: fix and optimize 2nd top level domain name extraction
This fixes a segfault occurring when a name of the (invalid) form "domain..tld"
is processed.

test46 updated to cover this case.

Follow-up to commit c990ead.

Ref: https://github.com/curl/curl/pull/2440
2018-04-04 15:28:28 +02:00
Daniel Stenberg
256b80fe81
openssl: provide defines for argument typecasts to build warning-free
... as OpenSSL >= 1.1.0 and libressl >= 2.7.0 use different argument types.
2018-04-04 13:24:36 +02:00
Bernard Spil
7c90c93c0b
openssl: fix build with LibreSSL 2.7
- LibreSSL 2.7 implements (most of) OpenSSL 1.1 API

Fixes #2319
Closes #2447
Closes #2448

Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
2018-04-04 11:24:51 +02:00
Lauri Kasanen
c990eadd12
cookie: store cookies per top-level-domain-specific hash table
This makes libcurl handle thousands of cookies much better and speedier.

Closes #2440
2018-04-02 10:48:53 +02:00
Lauri Kasanen
4073cd83b2
cookies: when reading from a file, only remove_expired once
This drops the cookie load time for 8k cookies from 178ms to 15ms.

Closes #2441
2018-04-02 10:40:32 +02:00
Daniel Stenberg
67636222f4
threaded resolver: track resolver time and set suitable timeout values
In order to make curl_multi_timeout() return suitable "sleep" times even
when there's no socket to wait for while the name is being resolved in a
helper thread.

It will increases the timeouts as time passes.

Closes #2419
2018-03-24 00:02:25 +01:00
Howard Chu
b6e484dc36
openldap: fix for NULL return from ldap_get_attribute_ber()
Closes #2399
2018-03-23 23:58:25 +01:00
Sergei Nikulov
6231a89aa3
timeval: remove compilation warning by casting (#2417)
This is fixes #2358
2018-03-22 16:34:11 +03:00
Daniel Stenberg
db1b2c7fe9
http2: read pending frames (including GOAWAY) in connection-check
If a connection has received a GOAWAY frame while not being used, the
function now reads frames off the connection before trying to reuse it
to avoid reusing connections the server has told us not to use.

Reported-by: Alex Baines
Fixes #1967
Closes #2402
2018-03-22 00:09:15 +01:00
Daniel Stenberg
c1366571b6
vauth/cleartext: fix integer overflow check
Make the integer overflow check not rely on the undefined behavior that
a size_t wraps around on overflow.

Detected by lgtm.com
Closes #2408
2018-03-20 19:25:50 +01:00
Daniel Stenberg
f623ad65e8
lib/curl_path.h: add #ifdef header guard
Detected by lgtm.com
2018-03-20 15:00:09 +01:00
Daniel Stenberg
d7f0d2b823
vauth/ntlm.h: fix the #ifdef header guard
Detected by lgtm.com
2018-03-20 15:00:09 +01:00
Nikos Tsipinakis
ea233e5b4b
parsedate: support UT timezone
RFC822 section 5.2 mentions Universal Time, 'UT', to be synonymous with
GMT.

Closes #2401
2018-03-19 19:22:42 +01:00
Don
d22e5e02a2
cmake: add support for brotli
Currently CMake cannot detect Brotli support. This adds detection of the
libraries and associated header files. It also adds this to the
generated config.

Closes #2392
2018-03-19 08:28:32 +01:00
Chris Araman
b7b2809a21 darwinssl: fix iOS build 2018-03-18 10:57:04 +01:00
Rick Deist
d95f3dc0b1
resolve: add CURLOPT_DNS_SHUFFLE_ADDRESSES
This patch adds CURLOPT_DNS_SHUFFLE_ADDRESSES to explicitly request
shuffling of IP addresses returned for a hostname when there is more
than one. This is useful when the application knows that a round robin
approach is appropriate and is willing to accept the consequences of
potentially discarding some preference order returned by the system's
implementation.

Closes #1694
2018-03-17 20:44:14 +01:00
Daniel Stenberg
fb4f568b1e
add_handle/easy_perform: clear errorbuffer on start if set
To offer applications a more defined behavior, we clear the buffer as
early as possible.

Assisted-by: Jay Satiro

Fixes #2190
Closes #2377
2018-03-17 12:07:37 +01:00
Lawrence Matthews
6baeb6df35
CURLOPT_HAPROXYPROTOCOL: support the HAProxy PROXY protocol
Add --haproxy-protocol for the command line tool

Closes #2162
2018-03-17 11:50:06 +01:00
Daniel Stenberg
7f9ce0851a
multi: improved pending transfers handling => improved performance
When a transfer is requested to get done and it is put in the pending
queue when limited by number of connections, total or per-host, libcurl
would previously very aggressively retry *ALL* pending transfers to get
them transferring. That was very time consuming.

By reducing the aggressiveness in how pending are being retried, we
waste MUCH less time on putting transfers back into pending again.

Some test cases got a factor 30(!) speed improvement with this change.

Reported-by: Cyril B
Fixes #2369
Closes #2383
2018-03-16 23:45:59 +01:00
Daniel Stenberg
2404aa080e
pause: when changing pause state, update socket state
Especially unpausing a transfer might have to move the socket back to the
"currently used sockets" hash to get monitored. Otherwise it would never get
any more data and get stuck. Easily triggered with pausing using the
multi_socket API.

Reported-by: Philip Prindeville
Bug: https://curl.haxx.se/mail/lib-2018-03/0048.html
Fixes #2393
Closes #2391
2018-03-16 23:41:55 +01:00
Daniel Stenberg
f5700ea88b
rate-limit: use three second window to better handle high speeds
Due to very frequent updates of the rate limit "window", it could
attempt to rate limit within the same milliseconds and that then made
the calculations wrong, leading to it not behaving correctly on very
fast transfers.

This new logic updates the rate limit "window" to be no shorter than the
last three seconds and only updating the timestamps for this when
switching between the states TOOFAST/PERFORM.

Reported-by: 刘佩东
Fixes #2386
Closes #2388
2018-03-16 11:10:06 +01:00
luz.paz
236402fc2d
cleanup: misc typos in strings and comments
Found via `codespell`

Closes #2389
2018-03-16 11:08:31 +01:00
Kobi Gurkan
7750b14be1
http2: fixes typo
Closes #2387
2018-03-15 23:57:02 +01:00
Daniel Stenberg
a9a7b606c2
transfer: make HTTP without headers count correct body size
This is what "HTTP/0.9" basically looks like.

Reported on IRC

Closes #2382
2018-03-15 10:56:27 +01:00
dasimx
920f73a690
FTP: fix typo in recursive callback detection for seeking
Fixes #2380
2018-03-14 11:42:19 +01:00
Daniel Stenberg
98eee3396d
Revert "hostip: fix compiler warning: 'variable set but not used'"
This reverts commit a577059f92.

The assignment really needs to be there or we risk working with an
uninitialized pointer.
2018-03-12 23:52:59 +01:00
Michael Kaufmann
981e8f9b88 limit-rate: fix compiler warning
follow-up to 72a0f62
2018-03-12 21:26:33 +01:00
Viktor Szakats
cd3903127f checksrc.pl: add -i and -m options
To sync it with changes made for the libssh2 project.
Also cleanup some whitespace.
2018-03-12 18:20:29 +00:00
Daniel Stenberg
8b498a875c
http2: mark the connection for close on GOAWAY
... don't consider it an error!

Assisted-by: Jay Satiro
Reported-by: Łukasz Domeradzki
Fixes #2365
Closes #2375
2018-03-12 08:07:42 +01:00
Daniel Stenberg
1f8e813919
openldap: white space changes, fixed up the copyright years 2018-03-12 07:47:07 +01:00
Daniel Stenberg
9889db0433
openldap: check ldap_get_attribute_ber() results for NULL before using
CVE-2018-1000121
Reported-by: Dario Weisser
Bug: https://curl.haxx.se/docs/adv_2018-97a2.html
2018-03-12 07:47:07 +01:00
Daniel Stenberg
535432c0ad
FTP: reject path components with control codes
Refuse to operate when given path components featuring byte values lower
than 32.

Previously, inserting a %00 sequence early in the directory part when
using the 'singlecwd' ftp method could make curl write a zero byte
outside of the allocated buffer.

Test case 340 verifies.

CVE-2018-1000120
Reported-by: Duy Phan Thanh
Bug: https://curl.haxx.se/docs/adv_2018-9cd6.html
2018-03-12 07:47:07 +01:00
Daniel Stenberg
d52dc4760f
readwrite: make sure excess reads don't go beyond buffer end
CVE-2018-1000122
Bug: https://curl.haxx.se/docs/adv_2018-b047.html

Detected by OSS-fuzz
2018-03-12 07:47:07 +01:00
Daniel Stenberg
72a0f6251a
limit-rate: kick in even before "limit" data has been received
... and make sure to avoid integer overflows with really large values.

Reported-by: 刘佩东
Fixes #2371
Closes #2373
2018-03-11 23:54:25 +01:00
Michael Kaufmann
7294e70480 Curl_range: fix FTP-only and FILE-only builds
follow-up to e04417d
2018-03-11 20:33:04 +01:00
Michael Kaufmann
a577059f92 hostip: fix compiler warning: 'variable set but not used' 2018-03-11 20:27:38 +01:00
Daniel Stenberg
8123560d44
HTTP: allow "header;" to replace an internal header with a blank one
Reported-by: Michael Kaufmann
Fixes #2357
Closes #2362
2018-03-11 11:46:10 +01:00
Daniel Stenberg
019aa722aa
http2: verbose output new MAX_CONCURRENT_STREAMS values
... as it is interesting for many users.
2018-03-10 23:56:21 +01:00
sergii.kavunenko
613ccbf26c
WolfSSL: adding TLSv1.3
Closes #2349
2018-03-05 00:02:34 +01:00
Marcel Raad
612bc926f7
krb5: use nondeprecated functions
gss_seal/gss_unseal have been deprecated in favor of
gss_wrap/gss_unwrap with GSS-API v2 from January 1997 [1]. The first
version of "The Kerberos Version 5 GSS-API Mechanism" [2] from June
1996 already says "GSS_Wrap() (formerly GSS_Seal())" and
"GSS_Unwrap() (formerly GSS_Unseal())".

Use the nondeprecated functions to avoid deprecation warnings.

[1] https://tools.ietf.org/html/rfc2078
[2] https://tools.ietf.org/html/rfc1964

Closes https://github.com/curl/curl/pull/2356
2018-03-04 22:21:46 +01:00
Daniel Stenberg
b7f90470be
NO_PROXY: fix for IPv6 numericals in the URL
Added test 1265 that verifies.

Reported-by: steelman on github
Fixes #2353
Closes #2355
2018-03-04 19:50:48 +01:00
Marcel Raad
68d84cfe98
curl_ctype: fix macro redefinition warnings
On MinGW and Cygwin, GCC and clang have been complaining about macro
redefinitions since 4272a0b0fc. Fix this
by undefining the macros before redefining them as suggested in
https://github.com/curl/curl/pull/2269.

Suggested-by: Daniel Stenberg
2018-03-03 19:52:43 +01:00
Marcel Raad
24753bcd48
unit1309: fix warning on Windows x64
When targeting x64, MinGW-w64 complains about conversions between
32-bit long and 64-bit pointers. Fix this by reusing the
GNUTLS_POINTER_TO_SOCKET_CAST / GNUTLS_SOCKET_TO_POINTER_CAST logic
from gtls.c, moving it to warnless.h as CURLX_POINTER_TO_INTEGER_CAST /
CURLX_INTEGER_TO_POINTER_CAST.

Closes https://github.com/curl/curl/pull/2341
2018-02-28 20:04:48 +01:00
Viktor Szakats
7e35eb7729 spelling fixes
Detected using the `codespell` tool.

Also contains one URL protocol upgrade.

Closes https://github.com/curl/curl/pull/2334
2018-02-23 23:29:01 +00:00
Francisco Sedano
23713645d4 url: Add option CURLOPT_RESOLVER_START_FUNCTION
- Add new option CURLOPT_RESOLVER_START_FUNCTION to set a callback that
  will be called every time before a new resolve request is started
  (ie before a host is resolved) with a pointer to backend-specific
  resolver data. Currently this is only useful for ares.

- Add new option CURLOPT_RESOLVER_START_DATA to set a user pointer to
  pass to the resolver start callback.

Closes https://github.com/curl/curl/pull/2311
2018-02-21 21:29:10 -05:00
Jay Satiro
dd027c80fe lib: CURLOPT_HAPPY_EYEBALLS_TIMEOUT => CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS
- In keeping with the naming of our other connect timeout options rename
  CURLOPT_HAPPY_EYEBALLS_TIMEOUT to CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.

This change adds the _MS suffix since the option expects milliseconds.
This is more intuitive for our users since other connect timeout options
that expect milliseconds use _MS such as CURLOPT_TIMEOUT_MS,
CURLOPT_CONNECTTIMEOUT_MS, CURLOPT_ACCEPTTIMEOUT_MS.

The tool option already uses an -ms suffix, --happy-eyeballs-timeout-ms.

Follow-up to 2427d94 which added the lib and tool option yesterday.

Ref: https://github.com/curl/curl/pull/2260
2018-02-21 15:16:50 -05:00
Patrick Monnerat
de97b5fcef sasl: prefer PLAIN mechanism over LOGIN
SASL PLAIN is a standard, LOGIN only a draft. The LOGIN draft says
PLAIN should be used instead if available.
2018-02-21 17:42:25 +01:00
Anders Bakken
2427d94c6d url: Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT
- Add new option CURLOPT_HAPPY_EYEBALLS_TIMEOUT to set libcurl's happy
  eyeball timeout value.

- Add new optval macro CURL_HET_DEFAULT to represent the default happy
  eyeballs timeout value (currently 200 ms).

- Add new tool option --happy-eyeballs-timeout-ms to expose
  CURLOPT_HAPPY_EYEBALLS_TIMEOUT. The -ms suffix is used because the
  other -timeout options in the tool expect seconds not milliseconds.

Closes https://github.com/curl/curl/pull/2260
2018-02-20 17:51:43 -05:00
Jay Satiro
73050fb6ae hostip: fix 'potentially uninitialized variable' warning
Follow-up to 50d1b33.

Caught by AppVeyor.
2018-02-20 14:30:47 -05:00
Anders Bakken
50d1b3379a CURLOPT_RESOLVE: Add support for multiple IP addresses per entry
This enables users to preresolve but still take advantage of happy
eyeballs and trying multiple addresses if some are not connecting.

Ref: https://github.com/curl/curl/pull/2260
2018-02-20 04:24:28 -05:00
Daniel Stenberg
367689d8c9
header callback: don't chop headers into smaller pieces
Reported-by: Guido Berhoerster
Fixes #2314
Closes #2316
2018-02-16 22:54:08 +01:00
Daniel Stenberg
03370fa5a0
http: fix the max header length detection logic
Previously, it would only check for max length if the existing alloc
buffer was to small to fit it, which often would make the header still
get used.

Reported-by: Guido Berhoerster
Bug: https://curl.haxx.se/mail/lib-2018-02/0056.html

Closes #2315
2018-02-16 22:51:07 +01:00
Daniel Stenberg
797b21068e
ssh: add two missing state names
The list of state names (used in debug builds) was out of sync in
relation to the list of states (used in all builds).

I now added an assert to make sure the sizes of the two lists match, to
aid in detecting this mistake better in the future.

Regression since c92d2e14cf, shipped in 7.58.0.

Reported-by: Somnath Kundu

Fixes #2312
Closes #2313
2018-02-16 09:12:42 +01:00
Jay Satiro
c78675a430 non-ascii: fix implicit declaration warning
Follow-up to b46cfbc.

Caught by Travis CI.
2018-02-15 15:52:41 -05:00
Kamil Dudka
1605d93a7b nss: use PK11_CreateManagedGenericObject() if available
... so that the memory allocated by applications using libcurl does not
grow per each TLS connection.

Bug: https://bugzilla.redhat.com/1510247

Closes #2297
2018-02-15 10:18:34 +01:00
Björn Stenberg
b46cfbc068
TODO fixed: Detect when called from within callbacks
Closes #2302
2018-02-15 09:36:03 +01:00
Daniel Stenberg
40e22e5c0b
curl_gssapi: make sure this file too uses our *printf() 2018-02-13 22:55:29 +01:00
Patrick Monnerat
62cf2d180e smtp: fix processing of initial dot in data
RFC 5321 4.1.1.4 specifies the CRLF terminating the DATA command
should be taken into account when chasing the <CRLF>.<CRLF> end marker.
Thus a leading dot character in data is also subject to escaping.

Tests 911 and test server are adapted to this situation.
New tests 951 and 952 check proper handling of initial dot in data.

Closes #2304
2018-02-12 16:43:15 +01:00
Daniel Stenberg
3f6051f4ed
sha256: avoid redefine 2018-02-12 14:18:30 +01:00
Douglas Mencken
50c0033a6c
sha256: build with OpenSSL < 0.9.8 too
support for SHA-2 was introduced in OpenSSL 0.9.8

Closes #2305
2018-02-12 14:16:37 +01:00
Patrick Monnerat
155ea88184 http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING on
Bug: #2303
Reported-By: Henry Roeland
2018-02-12 03:47:36 +01:00
Daniel Stenberg
23722c515f
get_posix_time: only check for overflows if they can happen! 2018-02-09 22:13:41 +01:00
Michael Kaufmann
1c680e35ab schannel: fix "no previous prototype" compiler warning 2018-02-09 20:10:25 +01:00
Mohammad AlSaleh
f886cbfe9c content_encoding: Add "none" alias to "identity"
Some servers return a "content-encoding" header with a non-standard
"none" value.

Add "none" as an alias to "identity" as a work-around, to avoid
unrecognised content encoding type errors.

Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com>

Closes https://github.com/curl/curl/pull/2298
2018-02-09 03:11:18 -05:00
Michael Kaufmann
a64b002e3a schannel: fix compiler warnings
Closes #2296
2018-02-08 22:31:45 +01:00
Steve Holme
0fd6221f8c curl_addrinfo.c: Allow Unix Domain Sockets to compile under Windows
Windows 10.0.17061 SDK introduces support for Unix Domain Sockets.
Added the necessary include file to curl_addrinfo.c.

Note: The SDK (which is considered beta) has to be installed, VS 2017
project file has to be re-targeted for Windows 10.0.17061 and #define
enabled in config-win32.h.
2018-02-07 21:33:57 +00:00
Patrick Monnerat
a0984eae14 fnmatch: optimize processing of consecutive *s and ?s pattern characters
Reported-By: Daniel Stenberg
Fixes #2291
Closes #2293
2018-02-07 15:01:51 +01:00
Patrick Schlangen
dc85437736
openssl: Don't add verify locations when verifypeer==0
When peer verification is disabled, calling
SSL_CTX_load_verify_locations is not necessary. Only call it when
verification is enabled to save resources and increase performance.

Closes #2290
2018-02-06 10:48:03 +01:00
Daniel Stenberg
84ad1fd304
formdata: use the mime-content type function
Reduce code duplication by making Curl_mime_contenttype available and
used by the formdata function. This also makes the formdata function
recognize a set of more file extensions by default.

PR #2280 brought this to my attention.

Closes #2282
2018-02-05 13:50:30 +01:00
Daniel Stenberg
a19afaccfe
getdate: return -1 for out of range
...as that's how the function is documented to work.

Reported-by: Michael Kaufmann
Bug found in an autobuild with 32 bit time_t

Closes #2278
2018-02-02 09:40:54 +01:00
Daniel Stenberg
ddd31dc5dd
time_t-fixes: remove typecasts to 'long' for info.filetime
They're now wrong.

Reported-by: Michael Kaufmann

Closes #2277
2018-02-01 07:50:59 +01:00
Daniel Stenberg
9409d0c26c
curl_setup: move the precautionary define of SIZEOF_TIME_T
... up to before it may be used for the TIME_T_MAX/MIN logic.

Reported-by: Michael Kaufmann
2018-01-31 23:01:01 +01:00
Daniel Stenberg
fcb9b63ee5
parsedate: s/#if/#ifdef
Reported-by: Michael Kaufmann
Bug: 1c39128d97 (commitcomment-27246479)
2018-01-31 22:56:36 +01:00
Patrick Monnerat
da5f4b1d84 fnmatch: pattern syntax can no longer fail
Whenever an expected pattern syntax rule cannot be matched, the
character starting the rule loses its special meaning and the parsing
is resumed:
- backslash at the end of pattern string matches itself.
- Error in [:keyword:] results in set containing :\[dekorwy.

Unit test 1307 updated for this new situation.

Closes #2273
2018-01-31 01:17:35 +01:00
Patrick Monnerat
fcaa1826bd fnmatch: accept an alphanum to be followed by a non-alphanum in char set
Also be more tolerant about set pattern syntax.
Update unit test 1307 accordingly.

Bug: https://curl.haxx.se/mail/lib-2018-01/0114.html
2018-01-31 01:17:35 +01:00
Patrick Monnerat
19abad095c fnmatch: do not match the empty string with a character set 2018-01-31 01:17:35 +01:00
Daniel Stenberg
0630bb21be
http2: set DEBUG_HTTP2 to enable more HTTP/2 logging
... instead of doing it unconditionally in debug builds. It cluttered up
the output a little too much.
2018-01-30 23:19:53 +01:00
Max Dymond
811d96e9e2
file: Check the return code from Curl_range and bail out on error 2018-01-30 17:23:35 +01:00
Max Dymond
3f8a727611
Curl_range: add check to ensure "from <= to" 2018-01-30 17:23:34 +01:00
Max Dymond
e04417d98f
Curl_range: commonize FTP and FILE range handling
Closes #2205
2018-01-30 17:23:26 +01:00
Daniel Stenberg
8f69a9f28a
time: support > year 2038 time stamps for system with 32bit long
... with the introduction of CURLOPT_TIMEVALUE_LARGE and
CURLINFO_FILETIME_T.

Fixes #2238
Closes #2264
2018-01-30 08:29:59 +01:00
Daniel Stenberg
9caa3e248d
curl_easy_reset: clear digest auth state
Bug: https://curl.haxx.se/mail/lib-2018-01/0074.html
Reported-by: Ruurd Beerstra
Fixes #2255
Closes #2272
2018-01-30 08:17:59 +01:00
Daniel Stenberg
4272a0b0fc
curl_ctype: private is*() type macros and functions
... since the libc provided one are locale dependent in a way we don't
want. Also, the "native" isalnum() (for example) works differently on
different platforms which caused test 1307 failures on macos only.

Closes #2269
2018-01-29 22:56:43 +01:00
5c497343d9
GSKit: restore pinnedpubkey functionality
inadvertently removed in 283babfaf8

Closes #2263
2018-01-25 23:16:14 +01:00