1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 14:35:03 -05:00
Commit Graph

2351 Commits

Author SHA1 Message Date
Daniel Stenberg
361d4f3fdc
docs/make: generate curl.1 from listed files only
Previously it rendered the page from files matching "*.d" in the correct
directory, which worked fine in git builds when the files were added but
made it easy to forget adding the files to the dist.

Now, only man page sections listed in DPAGES in Makefile.inc will be
used, thus "forcing" us to update this to get the man page right and get
it included in the dist at the same time.

Ref: #5146
Closes #5149
2020-03-26 13:25:59 +01:00
Daniel Stenberg
9a8b3b3e13
copyright: fix out-of-date copyright ranges and missing headers
Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.

Removed three (mostly usesless) README files from docs/

Closes #5141
2020-03-24 15:05:59 +01:00
Rici Lake
4e0b4fee4a
cmdline: fix handling of OperationConfig linked list (--next)
Ensures that -K/--config inserts new items at the end of the list
instead of overwriting the second item, and that after a -K/--config
option has been parsed, the option parser's view of the current config
is update.

Fixes #5120
Closes #5123
2020-03-20 11:14:12 +01:00
Daniel Stenberg
8d9802b0ae
writeout_json: use curl_off_t printf() option for the time output
Follow-up to: 04c03416e6

Closes #5115
2020-03-18 23:31:37 +01:00
Daniel Stenberg
0ae463ffd4
tool_setopt: correct the copyright year range
Follow-up to 5450428491
2020-03-18 08:33:28 +01:00
Johannes Schindelin
5450428491 schannel: add "best effort" revocation check option
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
  --ssl-revoke-best-effort to allow a "best effort" revocation check.

A best effort revocation check ignores errors that the revocation check
was unable to take place. The reasoning is described in detail below and
discussed further in the PR.

---

When running e.g. with Fiddler, the schannel backend fails with an
unhelpful error message:

	Unknown error (0x80092012) - The revocation function was unable
	to check revocation for the certificate.

Sadly, many enterprise users who are stuck behind MITM proxies suffer
the very same problem.

This has been discussed in plenty of issues:
https://github.com/curl/curl/issues/3727,
https://github.com/curl/curl/issues/264, for example.

In the latter, a Microsoft Edge developer even made the case that the
common behavior is to ignore issues when a certificate has no recorded
distribution point for revocation lists, or when the server is offline.
This is also known as "best effort" strategy and addresses the Fiddler
issue.

Unfortunately, this strategy was not chosen as the default for schannel
(and is therefore a backend-specific behavior: OpenSSL seems to happily
ignore the offline servers and missing distribution points).

To maintain backward-compatibility, we therefore add a new flag
(`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
(`--ssl-revoke-best-effort`) to select the new behavior.

Due to the many related issues Git for Windows and GitHub Desktop, the
plan is to make this behavior the default in these software packages.

The test 2070 was added to verify this behavior, adapted from 310.

Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Closes https://github.com/curl/curl/pull/4981
2020-03-18 03:23:39 -04:00
Viktor Szakats
7284061361 windows: suppress UI in all CryptAcquireContext() calls
Ref: https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontexta#parameters
Reviewed-by: Marc Hörsken
Closes https://github.com/curl/curl/pull/5088
2020-03-17 23:08:02 +00:00
Daniel Stenberg
ab9dc5ae2a
writeout_json: add missing comma to fix the HTTP version
Follow-up to 04c03416e6
2020-03-17 16:05:05 +01:00
Mathias Gumz
04c03416e6
writeout: support to generate JSON output
This commit adds support to generate JSON via the writeout feature:

    -w "%{json}"

It leverages the existing infrastructure as much as possible. Thus,
generating the JSON on STDERR is possible by:

    -w "%{stderr}%{json}"

This implements a variant of
https://github.com/curl/curl/wiki/JSON#--write-out-json.

Closes #4870
2020-03-17 15:01:28 +01:00
Daniel Stenberg
95c36fff75
tool_operate: fix add_parallel_transfers when more are in queue
Trying to return early from the function if no new transfers were added
would break the "morep" argument and cause issues. This could lead to
zero content "transfers" (within quotes since they would never be
started) when parallel-max was reduced.

Reported-by: Gavin Wong
Analyzed-by: Jay Satiro
Fixes #4937
Closes #5112
2020-03-16 09:51:34 +01:00
Jay Satiro
67f3f6cff1 Makefile.m32: Improve windres parameter compatibility
- s/COFF/coff/

Some versions of windres do not recognize uppercase COFF as a valid
way to specify the COFF output format.

Reported-by: Steven Penny

Fixes https://github.com/curl/curl/issues/5099
Closes https://github.com/curl/curl/pull/5101
2020-03-14 19:08:17 -04:00
Daniel Stenberg
c0780e4a92
tool_cb_see: set correct copyright year range
Follow-up to a39e5bfb9
2020-03-07 11:00:48 +01:00
Marc Hoersken
a39e5bfb96
seek: fix fallback for missing ftruncate on Windows
This fixes test 198 on versions of MinGW-w64 without ftruncate

Reviewed-By: Daniel Stenberg
Reviewed-By: Marcel Raad
Closes #5055
2020-03-07 10:59:27 +01:00
Steve Holme
a2ad278756
polarssl: Additional removal
Follow up to 6357a19f.

Reviewed-by: Daniel Stenberg
Closes #5004
2020-03-01 00:28:46 +00:00
Daniel Stenberg
0c76795caf
cleanup: comment typos
Spotted by 'codespell'

Closes #4957
2020-02-21 08:38:00 +01:00
Steve Holme
150f45e8d1
win32: USE_WIN32_CRYPTO to enable Win32 based MD4, MD5 and SHA256 functions
Whilst lib\md4.c used this pre-processor, lib\md5.c and
src\tool_metalink.c did not and simply relied on the WIN32
pre-processor directive.

Reviewed-by: Marcel Raad
Closes #4955
2020-02-20 15:27:32 +00:00
Daniel Stenberg
05b1b35085
nit: Copyright year out of date
Follow-up to 1fc0617dcc
2020-02-19 08:04:35 +01:00
Jay Satiro
1fc0617dcc tool_util: Improve Windows version of tvnow()
- Change tool_util.c tvnow() for Windows to match more closely to
  timeval.c Curl_now().

- Create a win32 init function for the tool, since some initialization
  is required for the tvnow() changes.

Prior to this change the monotonic time function used by curl in Windows
was determined at build-time and not runtime. That was a problem because
when curl was built targeted for compatibility with old versions of
Windows (eg _WIN32_WINNT < 0x0600) it would use GetTickCount which wraps
every 49.7 days that Windows has been running.

This change makes curl behave similar to libcurl's tvnow function, which
determines at runtime whether the OS is Vista+ and if so calls
QueryPerformanceCounter instead. (Note QueryPerformanceCounter is used
because it has higher resolution than the more obvious candidate
GetTickCount64). The changes to tvnow are basically a copy and paste but
the types in some cases are different.

Ref: https://github.com/curl/curl/issues/3309

Closes https://github.com/curl/curl/pull/4847
2020-02-18 15:52:13 -05:00
Steve Holme
46af41dafc
tool_home: Fix the copyright year being out of date
Follow up to 9dc350b6.
2020-02-13 00:40:08 +00:00
Jay Satiro
9dc350b60c tool_homedir: Change GetEnv() to use libcurl's curl_getenv()
- Deduplicate GetEnv() code.

- On Windows change ultimate call to use Windows API
  GetEnvironmentVariable() instead of C runtime getenv().

Prior to this change both libcurl and the tool had their own GetEnv
which over time diverged. Now the tool's GetEnv is a wrapper around
curl_getenv (libcurl API function which is itself a wrapper around
libcurl's GetEnv).

Furthermore this change fixes a bug in that Windows API
GetEnvironmentVariable() is called instead of C runtime getenv() to get
the environment variable since some changes aren't always visible to the
latter.

Reported-by: Christoph M. Becker

Fixes https://github.com/curl/curl/issues/4774
Closes https://github.com/curl/curl/pull/4863
2020-02-12 18:37:31 -05:00
Daniel Stenberg
1cc97ba6e4
curl: error on --alt-svc use w/o support
Make the tool check for alt-svc support at run-time and return error
accordingly if not present when the option is used.

Reported-by: Harry Sintonen
Closes #4878
2020-02-05 07:57:38 +01:00
Daniel Stenberg
643b9e4daf
tool_operhlp: Copyright year out of date, should be 2020
Follow-up from 2bc373740a
2020-02-04 08:30:05 +01:00
Orgad Shaneh
2bc373740a
curl: avoid using strlen for testing if a string is empty
Closes #4873
2020-02-04 08:27:09 +01:00
Daniel Stenberg
9870b80f81
curl: make the -# spaceship bar not wrap the line
The fixed-point math made us lose precision and thus a too high index
value could be used for outputting the hashtags which could overwrite
the newline.

The fix increases the precision in the sine table (*100) and the
associated position math.

Reported-by: Andrew Potter
Fixes #4849
Closes #4850
2020-01-26 18:31:00 +01:00
Pavel Volgarev
4a4609bf3c
smtp: Allow RCPT TO command to fail for some recipients
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.

Verified with the new tests 3002-3007

Closes #4816
2020-01-21 10:40:19 +01:00
Emil Engler
1774dbd74c
curl: Let -D merge headers in one file again
Closes #4762
Fixes #4753
2020-01-21 09:23:30 +01:00
Daniel Stenberg
c2feed05bc
curl:progressbarinit: ignore column width from terminals < 20
To avoid division by zero - or other issues.

Reported-by: Daniel Marjamäki
Closes #4818
2020-01-16 08:45:25 +01:00
Tobias Hieta
4ccf7622db
CMake: Add support for CMAKE_LTO option.
This enables Link Time Optimization. LTO is a proven technique for
optimizing across compilation units.

Closes #4799
2020-01-13 23:14:49 +01:00
Daniel Stenberg
4431ed2484
curl: make #0 not output the full URL
It was not intended nor documented!

Added test 1176 to verify.

Reported-by: vshmuk on hackerone

Closes #4812
2020-01-13 15:37:46 +01:00
Daniel Stenberg
ad0aa27a9d
curl: remove 'config' field from OutStruct
As it was just unnecessary duplicated information already stored in the
'per_transfer' struct and that's around mostly anyway.

The duplicated pointer caused problems when the code flow was aborted
before the dupe was filled in and could cause a NULL pointer access.

Reported-by: Brian Carpenter
Fixes #4807
Closes #4810
2020-01-12 17:17:44 +01:00
Daniel Stenberg
f4d60b6f8f
tool_dirhie.c: fix the copyright year range
Follow-up to: 4027bd72d9
2020-01-09 22:49:29 +01:00
Jay Satiro
4027bd72d9 tool_dirhie: Allow directory traversal during creation
- When creating a directory hierarchy do not error when mkdir fails due
  to error EACCESS (13) "access denied".

Some file systems allow for directory traversal; in this case that it
should be possible to create child directories when permission to the
parent directory is restricted.

This is a regression caused by me in f16bed0 (precedes curl-7_61_1).
Basically I had assumed that if a directory already existed it would
fail only with error EEXIST, and not error EACCES. The latter may
happen if the directory exists but has certain restricted permissions.

Reported-by: mbeifuss@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4796
Closes https://github.com/curl/curl/pull/4797
2020-01-09 14:24:53 -05:00
Daniel Stenberg
4c34af4c99
curl -w: handle a blank input file correctly
Previously it would end up with an uninitialized memory buffer that
would lead to a crash or junk getting output.

Added test 1271 to verify.

Reported-by: Brian Carpenter
Closes #4786
2020-01-06 10:10:48 +01:00
Daniel Stenberg
459d0db45b
curl:getparameter return error for --http3 if libcurl doesn't support
Closes #4785
2020-01-05 21:24:17 +01:00
Daniel Stenberg
392bff4abf
curl: properly free mimepost data
... as it could otherwise leak memory when a transfer failed.

Added test 1293 to verify.

Reported-by: Brian Carpenter
Fixes #4781
Closes #4782
2020-01-04 23:06:44 +01:00
Daniel Stenberg
271ec6b9b6
curl: cleanup multi handle on failure
... to fix memory leak in error path.

Fixes #4772
Closes #4780
Reported-by: Brian Carpenter
2020-01-04 23:05:21 +01:00
Marcel Raad
a8d13336b5
tool: make a few char pointers point to const char instead
These are read-only.

Closes https://github.com/curl/curl/pull/4771
2019-12-31 22:18:56 +01:00
Jay Satiro
249f7b37e6 tool_operate: fix mem leak when failed config parse
Found by fuzzing the config file.

Reported-by: Geeknik Labs

Fixes https://github.com/curl/curl/issues/4767
2019-12-29 14:18:48 -05:00
Daniel Stenberg
23e4d98e7e
curl/parseconfig: use curl_free() to free memory allocated by libcurl
Reported-by: bxac on github
Fixes #4730
Closes #4731
2019-12-18 14:48:41 +01:00
Daniel Stenberg
f098c9e6f6
curl/parseconfig: fix mem-leak
When looping, first trying '.curlrc' and then '_curlrc', the function
would not free the first string.

Closes #4731
2019-12-18 14:48:32 +01:00
Daniel Stenberg
70a6541515
curl: fix memory leak in OOM in etags logic
Detected by torture tests

Closes #4706
2019-12-12 11:03:55 +01:00
Daniel Stenberg
dc4900eea7
curl: improved cleanup in upload error path
Memory leak found by torture test 58

Closes #4705
2019-12-12 09:23:45 +01:00
Daniel Stenberg
c6deecd7e9
curl: use errorf() better
Change series of error outputs to use errorf().

Only errors that are due to mistakes in command line option usage should
use helpf(), other types of errors in the tool should rather use
errorf().

Closes #4691
2019-12-10 10:03:33 +01:00
Daniel Stenberg
147fa06891
curl: make the etag load logic work without fseek
The fseek()s were unnecessary and caused Coverity warning CID 1456554

Closes #4681
2019-12-06 23:02:24 +01:00
Jay Satiro
689443bf42 lib: fix some loose ends for recently added CURLSSLOPT_NO_PARTIALCHAIN
Add support for CURLSSLOPT_NO_PARTIALCHAIN in CURLOPT_PROXY_SSL_OPTIONS
and OS400 package spec.

Also I added the option to the NameValue list in the tool even though it
isn't exposed as a command-line option (...yet?). (NameValue stringizes
the option name for the curl cmd -> libcurl source generator)

Follow-up to 564d88a which added CURLSSLOPT_NO_PARTIALCHAIN.

Ref: https://github.com/curl/curl/pull/4655
2019-12-05 19:17:31 -05:00
Daniel Stenberg
9ea769e15f
etag: allow both --etag-compare and --etag-save in same cmdline
Fixes #4669
Closes #4678
2019-12-05 22:57:24 +01:00
Daniel Stenberg
7dffc2b46f
curl: show better error message when no homedir is found
Reported-by: Vlastimil Ovčáčík
Fixes #4644
Closes #4665
2019-12-03 16:26:02 +01:00
Daniel Stenberg
d9118e8d71
copyright: fix the year ranges for two files
Follow-up to 9c1806ae
2019-12-02 08:02:39 +01:00
Jay Satiro
9c1806ae46 build: Disable Visual Studio warning "conditional expression is constant"
- Disable warning C4127 "conditional expression is constant" globally
  in curl_setup.h for when building with Microsoft's compiler.

This mainly affects building with the Visual Studio project files found
in the projects dir.

Prior to this change the cmake and winbuild build systems already
disabled 4127 globally for when building with Microsoft's compiler.
Also, 4127 was already disabled for all build systems in the limited
circumstance of the WHILE_FALSE macro which disabled the warning
specifically for while(0). This commit removes the WHILE_FALSE macro and
all other cruft in favor of disabling globally in curl_setup.

Background:

We have various macros that cause 0 or 1 to be evaluated, which would
cause warning C4127 in Visual Studio. For example this causes it:

    #define Curl_resolver_asynch() 1

Full behavior is not clearly defined and inconsistent across versions.
However it is documented that since VS 2015 Update 3 Microsoft has
addressed this somewhat but not entirely, not warning on while(true) for
example.

Prior to this change some C4127 warnings occurred when I built with
Visual Studio using the generated projects in the projects dir.

Closes https://github.com/curl/curl/pull/4658
2019-12-01 19:01:02 -05:00
Maros Priputen
18e5cb77e9
curl: two new command line options for etags
--etag-compare and --etag-save

Suggested-by: Paul Hoffman
Fixes #4277
Closes #4543
2019-11-28 13:05:20 +01:00
John Schroeder
9a2cbf30b8
curl: fix --upload-file . hangs if delay in STDIN
Attempt to unpause a busy read in the CURLOPT_XFERINFOFUNCTION.

When uploading from stdin in non-blocking mode, a delay in reading
the stream (EAGAIN) causes curl to pause sending data
(CURL_READFUNC_PAUSE).  Prior to this change, a busy read was
detected and unpaused only in the CURLOPT_WRITEFUNCTION handler.
This change performs the same busy read handling in a
CURLOPT_XFERINFOFUNCTION handler.

Fixes #2051
Closes #4599
Reported-by: bdry on github
2019-11-26 09:17:52 +01:00
Daniel Stenberg
215baa74f7
curl: add --parallel-immediate
Starting with this change when doing parallel transfers, without this
option set, curl will prefer to create new transfers multiplexed on an
existing connection rather than creating a brand new one.

--parallel-immediate can be set to tell curl to prefer to use new
connections rather than to wait and try to multiplex.

libcurl-wise, this means that curl will set CURLOPT_PIPEWAIT by default
on parallel transfers.

Suggested-by: Tom van der Woerdt
Closes #4500
2019-11-21 16:36:10 +01:00
Daniel Stenberg
7a46aeb0be
curl: fix -T globbing
Regression from e59371a493 (7.67.0)

Added test 490, 491 and 492 to verify the functionality.

Reported-by: Kamil Dudka
Reported-by: Anderson Sasaki

Fixes #4588
Closes #4591
2019-11-14 13:44:50 +01:00
Daniel Stenberg
0bc60d91de
copyrights: fix copyright year range
.. because checksrc's copyright year check stopped working.

Ref: https://github.com/curl/curl/pull/4547

Closes https://github.com/curl/curl/pull/4549
2019-11-08 14:51:42 +01:00
Stian Soiland-Reyes
fe5c2464db tool_operate: Fix retry sleep time shown to user when Retry-After
- If server header Retry-After is being used for retry sleep time then
  show that value to the user instead of the normal retry sleep time.

This is a follow-up to 640b973 (7.66.0) which changed curl tool so that
the value from Retry-After header overrides other retry timing options.

Closes https://github.com/curl/curl/pull/4498
2019-10-16 13:56:38 -04:00
Daniel Stenberg
9e03faccc3
docs: document it as --no-progress-meter instead of the reverse
Follow-up to 93373a960c

Reported-by: infinnovation-dev on github
Fixes #4474
Closes #4475
2019-10-09 10:07:02 +02:00
Daniel Stenberg
93373a960c
curl: --no-progress-meter
New option that allows a user to ONLY switch off curl's progress meter
and leave everything else in "talkative" mode.

Reported-by: Piotr Komborski
Fixes #4422
Closes #4470
2019-10-08 20:56:17 +02:00
Stian Soiland-Reyes
f7f0b0012d
curl: ensure HTTP 429 triggers --retry
This completes #3794.

Also make sure the new tests from #4195 are enabled

Closes #4465
2019-10-05 11:41:06 +02:00
Niall
0f48055c40
ESNI: initial build/setup
Closes #4011
2019-10-02 12:33:08 +02:00
Daniel Stenberg
54c622aa8e
tool_operate: rename functions to make more sense 2019-10-02 07:50:38 +02:00
Daniel Stenberg
e59371a493
curl: create easy handles on-demand and not ahead of time
This should again enable crazy-large download ranges of the style
[1-10000000] that otherwise easily ran out of memory starting in 7.66.0
when this new handle allocating scheme was introduced.

Reported-by: Peter Sumatra
Fixes #4393
Closes #4438
2019-10-02 07:50:32 +02:00
Daniel Stenberg
f8a2058533
curl: exit the create_transfers loop on errors
When looping around the ranges and given URLs to create transfers, all
errors should exit the loop and return. Previously it would keep
looping.

Reported-by: SumatraPeter on github
Bug: #4393
Closes #4396
2019-09-22 12:27:58 +02:00
Daniel Stenberg
a89aeb5451
tool_operate: removed unused variable 'done'
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:08:02 +02:00
Daniel Stenberg
2d5f76f22f
tool_operate: Expression 'config->resume_from' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:58 +02:00
Daniel Stenberg
b5a69b7a35
tool_getparam: remove duplicate switch case
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:55 +02:00
Kamil Dudka
1ca91bcdb5 curl: fix memory leaked by parse_metalink()
This commit fixes a regression introduced by curl-7_65_3-5-gb88940850.
Detected by tests 2005, 2008, 2009, 2010, 2011, and 2012 with valgrind
and libmetalink enabled.

Closes #4326
2019-09-13 10:09:48 +02:00
Gilles Vollant
b543f1fadb
curl:file2string: load large files much faster
... by using a more efficient realloc scheme.

Bug: https://curl.haxx.se/mail/lib-2019-09/0045.html
Closes #4336
2019-09-13 08:22:58 +02:00
Daniel Stenberg
bbde0407d1
curl: make sure the parallel transfers do them all
The logic could erroneously break the loop too early before all
transfers had been transferred.

Reported-by: Tom van der Woerdt
Fixes #4316
Closes #4317
2019-09-10 19:45:19 +02:00
Daniel Stenberg
74e152f119
tool_setopt: handle a libcurl build without netrc support
Reported-by: codesniffer13 on github
Fixes #4302
Closes #4305
2019-09-09 08:18:58 +02:00
lufia
4a90c5b82e
curl: fix include conditions 2019-08-29 19:25:09 +02:00
Daniel Stenberg
e59540139a
cleanup: remove DOT_CHAR completely
Follow-up to f9c7ba9096

The use of DOT_CHAR for ".ssh" was probably a mistake and is removed
now.

Pointed-out-by: Gisle Vanem
Bug: https://github.com/curl/curl/pull/4230#issuecomment-522960638

Closes #4247
2019-08-20 23:07:59 +02:00
Daniel Stenberg
84c2793be4
curl: make --libcurl use CURL_HTTP_VERSION_3
Closes #4243
2019-08-20 16:55:47 +02:00
Daniel Stenberg
862393243d
curl: use .curlrc (with a dot) on Windows as well
Fall-back to _curlrc if the dot-version is missing.

Co-Authored-By: Steve Holme

Closes #4230
2019-08-20 11:48:49 +02:00
Daniel Stenberg
6ee9e4bd47
cleanup: s/curl_debug/curl_dbg_debug in comments and docs
Leftovers from the function rename back in 76b6348949

Reported-by: Gisle Vanem
Bug: f3e0f071b1 (com)
mitcomment-34601751

Closes #4203
2019-08-08 16:01:00 +02:00
Daniel Stenberg
026840e35c
CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
Even though it cannot fall-back to a lower HTTP version automatically. The
safer way to upgrade remains via CURLOPT_ALTSVC.

CURLOPT_H3 no longer has any bits that do anything and might be removed
before we remove the experimental label.

Updated the curl tool accordingly to use "--http3".

Closes #4197
2019-08-08 08:17:24 +02:00
Daniel Stenberg
640b9733de
curl: make use of CURLINFO_RETRY_AFTER when retrying
If a Retry-After: header was used in the response, that value overrides
other retry timing options.

Fixes #3794
Closes #4195
2019-08-07 14:45:44 +02:00
Daniel Stenberg
d39ae9d493
curl: use CURLINFO_PROTOCOL to check for HTTP(s)
... instead of CURLINFO_EFFECTIVE_URL to avoid string operations.
2019-08-07 14:45:39 +02:00
Daniel Stenberg
eb63b27b6b
curl: have -w's 'http_version' show '3' for HTTP/3
Closes #4196
2019-08-07 12:51:52 +02:00
Steve Holme
1e08a79258 curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool
Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186
2019-08-06 11:38:41 -04:00
Daniel Stenberg
02346abc32
curl_multi_poll: a sister to curl_multi_wait() that waits more
Repeatedly we see problems where using curl_multi_wait() is difficult or
just awkward because if it has no file descriptor to wait for
internally, it returns immediately and leaves it to the caller to wait
for a small amount of time in order to avoid occasional busy-looping.

This is often missed or misunderstood, leading to underperforming
applications.

This change introduces curl_multi_poll() as a replacement drop-in
function that accepts the exact same set of arguments. This function
works identically to curl_multi_wait() - EXCEPT - for the case when
there's nothing to wait for internally, as then this function will by
itself wait for a "suitable" short time before it returns. This
effectiely avoids all risks of busy-looping and should also make it less
likely that apps "over-wait".

This also changes the curl tool to use this funtion internally when
doing parallel transfers and changes curl_easy_perform() to use it
internally.

Closes #4163
2019-08-06 09:33:29 +02:00
Daniel Stenberg
a42b0957ab
http09: disable HTTP/0.9 by default in both tool and library
As the plan has been laid out in DEPRECATED. Update docs accordingly and
verify in test 1174. Now requires the option to be set to allow HTTP/0.9
responses.

Closes #4191
2019-08-06 00:08:14 +02:00
Daniel Stenberg
cf5aa92043
src/makefile: fix uncompressed hugehelp.c generation
Regression from 5cf5d57ab9 (7.64.1)

Fixed-by: Lance Ware
Fixes #4176
Closes #4177
2019-08-01 07:46:09 +02:00
Daniel Stenberg
62aa0ba91a
curl: remove outdated comment
Turned bad with commit b889408500

Reported-by: niallor on github
Fixes #4172
Closes #4173
2019-07-30 23:19:03 +02:00
Daniel Stenberg
db0a0dfb0e
curl: cap the maximum allowed values for retry time arguments
... to avoid integer overflows later when multiplying with 1000 to
convert seconds to milliseconds.

Added test 1269 to verify.

Reported-by: Jason Lee
Closes #4166
2019-07-30 08:17:01 +02:00
Daniel Stenberg
a2ab576768
curl: avoid uncessary libcurl timeouts (in parallel mode)
When curl_multi_wait() returns OK without file descriptors to wait for,
it might already have done a long timeout.

Closes #4159
2019-07-29 14:57:57 +02:00
Jay Satiro
cdf7d13bcb tool_operate: fix implicit call to easysrc_cleanup
easysrc_cleanup is only defined when CURL_DISABLE_LIBCURL_OPTION is not
defined, and prior to this change would be called regardless.

Bug: https://github.com/curl/curl/pull/3804#issuecomment-513922637
Reported-by: Marcel Raad

Closes https://github.com/curl/curl/pull/4142
2019-07-23 10:44:55 -04:00
Daniel Stenberg
23c99f60ba
curl:create_transfers check return code from curl_easy_setopt
From commit b8894085

Pointed out by Coverity CID 1451703

Closes #4134
2019-07-22 00:28:55 +02:00
Daniel Stenberg
3af0e76d1e
HTTP3: initial (experimental) support
USe configure --with-ngtcp2 or --with-quiche

Using either option will enable a HTTP3 build.
Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me>

Closes #3500
2019-07-21 23:49:03 +02:00
Daniel Stenberg
7644abf8e8
curl: remove dead code
The loop never loops (since b889408500), pointed out by Coverity (CID
1451702)

Closes #4133
2019-07-21 23:42:35 +02:00
Daniel Stenberg
b889408500
curl: support parallel transfers
This is done by making sure each individual transfer is first added to a
linked list as then they can be performed serially, or at will, in
parallel.

Closes #3804
2019-07-20 19:14:16 +02:00
Daniel Stenberg
952998cbdb
curl: only accept COLUMNS less than 10000
... as larger values would rather indicate something silly (and could
potentially cause buffer problems).

Reported-by: pendrek at hackerone
Closes #4114
2019-07-16 11:25:08 +02:00
Koen Dergent
92963d612b
curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds
Closes #4061
2019-06-24 12:45:01 +02:00
Daniel Stenberg
b9e0c6d28c
curl: improved skip-setopt-options when built with disabled features
Reduces #ifdefs in src/tool_operate.c

Follow-up from 4e86f2fc4e
Closes #3936
2019-06-18 22:31:26 +02:00
Daniel Gustafsson
6df5f35e6a tool_cb_prg: Fix integer overflow in progress bar
Commit 61faa0b420 fixed the progress bar
width calculation to avoid integer overflow, but failed to account for
the fact that initial_size is initialized to -1 when the file size is
retrieved from the remote on an upload, causing another signed integer
overflow.  Fix by separately checking for this case before the width
calculation.

Closes #3984
Reported-by: Brian Carpenter (Geeknik Labs)
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-06-10 09:32:30 +02:00
Marcel Raad
e23c52b329
build: fix Codacy warnings
Reduce variable scopes and remove redundant variable stores.

Closes https://github.com/curl/curl/pull/3975
2019-06-05 20:38:06 +02:00
Steve Holme
3538026f6f
tool_parsecfg: Use correct return type for GetModuleFileName()
GetModuleFileName() returns a DWORD which is a typedef of an unsigned
long and not an int.

Closes #3980
2019-06-04 01:30:16 +01:00
Steve Holme
80b42e74da
tool_parsecfg: Fix control flow issue (DEADCODE)
Follow-up to 8144ba38.

Detected by Coverity CID 1445663
Closes #3976
2019-06-02 22:37:05 +01:00
Daniel Stenberg
7e590b3ecd
tls13-docs: mention it is only for OpenSSL >= 1.1.1
Reported-by: Jay Satiro
Co-authored-by: Jay Satiro
Fixes #3938
Closes #3946
2019-06-02 16:15:45 +02:00
Jay Satiro
db8ec1fa38
Revert all SASL authzid (new feature) commits
- Revert all commits related to the SASL authzid feature since the next
  release will be a patch release, 7.65.1.

Prior to this change CURLOPT_SASL_AUTHZID  / --sasl-authzid was destined
for the next release, assuming it would be a feature release 7.66.0.
However instead the next release will be a patch release, 7.65.1 and
will not contain any new features.

After the patch release after the reverted commits can be restored by
using cherry-pick:

git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690

Details for all reverted commits:

Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()."

This reverts commit 0edf6907ae.

Revert "tests: Fix the line endings for the SASL alt-auth tests"

This reverts commit c2a8d52a13.

Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples"

This reverts commit 8c1cc369d0.

Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool"

This reverts commit a9499ff136.

Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID"

This reverts commit a14d72ca2f.
2019-05-25 23:36:11 +02:00
Daniel Stenberg
4e86f2fc4e
tool_setopt: for builds with disabled-proxy, skip all proxy setopts()
Reported-by: Marcel Raad
Fixes #3926
Closes #3929
2019-05-23 23:31:43 +02:00