1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 23:15:08 -05:00
Commit Graph

25510 Commits

Author SHA1 Message Date
Steve Holme
f0ec0e902a
md4: Use non-deprecated functions in mbedTLS >= 2.7.0
Closes #4983
2020-02-29 20:53:03 +00:00
Marc Hoersken
ada581f2cc
ci/tests: Send test results to Azure DevOps for reporting 2020-02-29 21:01:28 +01:00
Daniel Stenberg
fa0216b294
pause: force-drain the transfer on unpause
... since the socket might not actually be readable anymore when for
example the data is already buffered in the TLS layer.

Fixes #4966
Reported-by: Anders Berg
Closes #5000
2020-02-29 10:53:09 +01:00
Daniel Stenberg
0e06c1637b
TODO: curl --proxycommand
Suggested-by: Kristian Mide
Closes #4941
2020-02-29 00:11:03 +01:00
Daniel Stenberg
aeb292301a
smtp: overwriting 'from' leaks memory
Detected by Coverity. CID 1418139.

Also, make sure to return error if the new 'from' allocation fails.

Closes #4997
2020-02-28 16:52:33 +01:00
Daniel Stenberg
ea1b2eb976
CIfuzz: switch off 'dry_run' mode
Follow-up from #4960: now make it fail if it detects problems.

Closes #4998
2020-02-28 16:50:43 +01:00
Marc Hoersken
513b5387ab
ci/tests: Increase timeouts of Windows builds due to new tests
Recently added tests increased their runtime above the limit of 60min.
2020-02-28 16:34:51 +01:00
Marc Hoersken
1f114be626 ci/tests: align Azure Pipeline job names with each other 2020-02-27 18:09:11 +01:00
Marc Hoersken
f093dcc390 ci/tests: Add Windows builds via Azure Pipelines using Docker 2020-02-27 18:08:22 +01:00
Marc Hoersken
8c7c4a6276 tests: fix Python 3 compatibility of smbserver.py 2020-02-27 18:05:43 +01:00
Daniel Stenberg
02988b70cd
runtests: restore the command log
The log file with all command lines for the invoked command lines is now
called logs/commands.log

Fixes #4911
Closes #4989
2020-02-27 17:09:49 +01:00
Daniel Stenberg
81ade13c37
smtp: fix memory leak on exit path
Detected by Coverity. CID 1418139. "leaked_storage: Variable 'from'
going out of scope leaks the storage it points to"

Closes #4990
2020-02-27 17:08:30 +01:00
Steve Holme
9d5893105d
gtls: Fixed compilation when using GnuTLS < 3.5.0
Reverts the functionality from 41fcb4f when compiling with GnuTLS older
than 3.5.0.

Reviewed-by: Daniel Stenberg
Closes #4984
2020-02-27 15:17:57 +00:00
Steve Holme
7c3c5492c8
RELEASE-NOTES: Corrected the link to issue #4892 2020-02-27 14:24:08 +00:00
Daniel Stenberg
1d1e9e8ad7
Curl_is_ASCII_name: handle a NULL argument
Make the function tolerate a NULL pointer input to avoid dereferencing
that pointer.

Follow-up to efce3ea5a8
Detected by OSS-Fuzz
Reviewed-By: Steve Holme
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20907
Fixes #4985
Closes #4986
2020-02-27 13:55:29 +01:00
Daniel Stenberg
9faa0d2b4c
RELEASE-NOTES: synced 2020-02-27 10:49:27 +01:00
Daniel Stenberg
15f51474c8
http2: make pausing/unpausing set/clear local stream window
This reduces the HTTP/2 window size to 32 MB since libcurl might have to
buffer up to this amount of data in memory and yet we don't want it set
lower to potentially impact tranfer performance on high speed networks.

Requires nghttp2 commit b3f85e2daa629
(https://github.com/nghttp2/nghttp2/pull/1444) to work properly, to end
up in the next release after 1.40.0.

Fixes #4939
Closes #4940
2020-02-27 10:35:51 +01:00
Anderson Toshiyuki Sasaki
507cf6a13d
libssh: improve known hosts handling
Previously, it was not possible to get a known hosts file entry due to
the lack of an API.  ssh_session_get_known_hosts_entry(), introduced in
libssh-0.9.0, allows libcurl to obtain such information and behave the
same as when compiled with libssh2.

This also tries to avoid the usage of deprecated functions when the
replacements are available.  The behaviour will not change if versions
older than libssh-0.8.0 are used.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Fixes #4953
Closes #4962
2020-02-27 10:03:07 +01:00
Steve Holme
0922f76240
tests: Automatically deduce the tool name from the test case for unit tests
It is still possible to override the executable to run during the test,
using the <tool> tag, but this patch removes the requirement that the
tag must be present for unit tests.

It also removes the possibility of human error when existing test cases
are used as the basis for new tests, as recently witnessed in 81c37124.

Reviewed-by: Daniel Stenberg
Closes #4976
2020-02-27 00:51:49 +00:00
Steve Holme
d9e40f57de
test1323: Added the missing 'unit test' feature requirement in the test case 2020-02-27 00:51:49 +00:00
Daniel Stenberg
7730d11578
cookie: remove unnecessary check for 'out != 0'
... as it will always be non-NULL at this point.

Detected by Coverity: CID 1459009
2020-02-26 23:50:03 +01:00
Daniel Stenberg
6375b205a9
http: added 417 response treatment
When doing a request with a body + Expect: 100-continue and the server
responds with a 417, the same request will be retried immediately
without the Expect: header.

Added test 357 to verify.

Also added a control instruction to tell the sws test server to not read
the request body if Expect: is present, which the new test 357 uses.

Reported-by: bramus on github
Fixes #4949
Closes #4964
2020-02-26 22:48:14 +01:00
Steve Holme
8220ec8219
smtp: Tidy up, following recent changes, to maintain the coding style
Closes #4892
2020-02-26 14:54:51 +00:00
Steve Holme
34a1ffb05f
smtp: Support the SMTPUTF8 extension for the EXPN command
Simply notify the server we support the SMTPUTF8 extension if it does.
2020-02-26 14:54:51 +00:00
Steve Holme
efce3ea5a8
smtp: Support the SMTPUTF8 extension in the VRFY command 2020-02-26 14:54:51 +00:00
Steve Holme
483edeb8dd
smtp: Support the SMTPUTF8 extension in the RCPT TO command
Note: The RCPT TO command isn't required to advertise to the server that
it contains UTF-8 characters, instead the server is told that a mail may
contain UTF-8 in any envelope command via the MAIL command.
2020-02-26 14:54:51 +00:00
Steve Holme
aba1bf630f
smtp: Support the SMTPUTF8 extension in the MAIL command
Support the SMTPUTF8 extension when sending mailbox information in the
MAIL command (FROM and AUTH parameters). Non-ASCII domain names will
be ACE encoded, if IDN is supported, whilst non-ASCII characters in
the local address part are passed to the server.

Reported-by: ygthien on github
Fixes #4828
2020-02-26 14:49:40 +00:00
Steve Holme
4754c55cd7
smtp: Detect server support for the UTF-8 extension as defined in RFC-6531 2020-02-26 14:04:37 +00:00
Steve Holme
2aa6c1735a
smtp: Support UTF-8 based host names in the VRFY command 2020-02-26 11:02:38 +00:00
Steve Holme
e7959c280c
smtp: Support UTF-8 based host names in the RCPT TO command 2020-02-26 11:02:38 +00:00
Steve Holme
68fb25fa3f
smtp: Support UTF-8 based host names in the MAIL command
Non-ASCII host names will be ACE encoded if IDN is supported.
2020-02-26 11:02:38 +00:00
Steve Holme
9352a40779
url: Make the IDN conversion functions available to others 2020-02-26 11:01:47 +00:00
Steve Holme
4c140a5628
smtp: Added UTF-8 mailbox tests to verify existing behaviour 2020-02-25 04:15:26 +00:00
Steve Holme
6995b77a52
ftpserver: Updated VRFY_smtp() so the response isn't necessary in the test case 2020-02-24 23:01:05 +00:00
Steve Holme
80ccc26415
ftpserver: Corrected the e-mail address regex in MAIL_smtp() and RCTP_smtp()
The dot character between the host and the tld was not being escaped,
which meant it specified a match of 'any' character rather than an
explicit dot separator.

Additionally removed the dot character from the host name as it allowed
the following to be specified as a valid address in our test cases:

<bad@example......com>

Both are typos from 98f7ca7 and 8880f84 :(

I can't remember whether my intention was to allow sub-domains to be
specified in the host or not with these additional dots, but by placing
it outside of the host means it can only be specified once per domain
and by placing a + after the new grouping support for sub-domains is
kept.

Closes #4912
2020-02-24 22:59:08 +00:00
Steve Holme
3f74e5e604
hmac: Added a unit test for the HMAC hash generation
Closes #4973
2020-02-24 06:57:03 +00:00
Steve Holme
7def168a4f
ntlm: Moved the HMAC MD5 function into the HMAC module as a generic function 2020-02-24 06:56:35 +00:00
Steve Holme
fa009cc798
tests: Added a unit test for MD4 digest generation
Closes #4970
2020-02-23 18:47:32 +00:00
Steve Holme
baf0b680f9
md4: Use const for the length input parameter
This keeps the interface the same as md5 and sha256.
2020-02-23 18:47:32 +00:00
Steve Holme
1f4911bc26
test1610: Fixed the link to the unit test
Typo from 81c37124.
2020-02-23 08:13:09 +00:00
Steve Holme
2d432f7e49
ntlm: Removed the dependency on the TLS libaries when using MD5
As we have our own MD5 implementation use the MD5 wrapper to remove the
TLS dependency.

Closes #4967
2020-02-23 07:52:19 +00:00
Steve Holme
37dc4df270
md5/sha256: Updated the functions to allow non-string data to be hashed 2020-02-23 07:50:33 +00:00
Steve Holme
4959be810b
digest: Corrected the name of the local HTTP digest function
Follow up to 2b5b37cb. Local static functions do not require the Curl
prefix.
2020-02-23 07:50:18 +00:00
Steve Holme
81c3712434 tests: Added a unit test for SHA256 digest generation
Follow up to 2b5b37c.

Closes #4968
2020-02-22 22:12:27 +00:00
Steve Holme
84762ff815 md4: Fixed compilation issues when using GNU TLS gcrypt
* Don't include 'struct' in the gcrypt MD4_CTX typedef
* The call to gcry_md_read() should use a dereferenced ctx
* The call to gcry_md_close() should use a dereferenced ctx

Additional minor whitespace issue in the USE_WIN32_CRYPTO code.

Closes #4959
2020-02-22 15:54:43 +00:00
Daniel Stenberg
45160a8129
RELEASE-NOTES: synced 2020-02-21 17:07:34 +01:00
Daniel Stenberg
5808a0d0f5
http2: now require nghttp2 >= 1.12.0
To simplify our code and since earlier versions lack important function
calls libcurl needs to function correctly.

nghttp2 1.12.0 was relased on June 26, 2016.

Closes #4961
2020-02-21 16:54:47 +01:00
Daniel Stenberg
3a34b930aa
gtls: fix the copyright year
Follow-up from 41fcb4f609
2020-02-21 15:43:45 +01:00
jethrogb
41fcb4f609
GnuTLS: Always send client cert
TLS servers may request a certificate from the client. This request
includes a list of 0 or more acceptable issuer DNs. The client may use
this list to determine which certificate to send. GnuTLS's default
behavior is to not send a client certificate if there is no
match. However, OpenSSL's default behavior is to send the configured
certificate. The `GNUTLS_FORCE_CLIENT_CERT` flag mimics OpenSSL
behavior.

Authored-by: jethrogb on github
Fixes #1411
Closes #4958
2020-02-21 15:33:36 +01:00
Leo Neat
7224e70f40
github action: add CIFuzz
Closes #4960
2020-02-21 08:56:44 +01:00