1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 08:38:49 -05:00
Commit Graph

22854 Commits

Author SHA1 Message Date
Michael Kaufmann
914f4ed279
test1264: verify URL with space in host name being rejected 2017-11-22 11:14:44 +01:00
Daniel Stenberg
fa939220df
url: reject ASCII control characters and space in host names
Host names like "127.0.0.1 moo" would otherwise be accepted by some
getaddrinfo() implementations.

Updated test 1034 and 1035 accordingly.

Fixes #2073
Closes #2092
2017-11-22 11:14:06 +01:00
Daniel Stenberg
9554c3c6e5
Curl_open: fix OOM return error correctly
Closes #2098
2017-11-21 09:02:50 +01:00
Daniel Stenberg
9474a5fe11
http2: fix "Value stored to 'end' is never read" scan-build error 2017-11-21 09:02:41 +01:00
Daniel Stenberg
786992c801
http2: fix "Value stored to 'hdbuf' is never read" scan-build error 2017-11-21 09:02:41 +01:00
Daniel Stenberg
3d97e37441
openssl: fix "Value stored to 'rc' is never read" scan-build error 2017-11-21 09:02:40 +01:00
Daniel Stenberg
cd79b53191
mime: fix "Value stored to 'sz' is never read" scan-build error 2017-11-21 09:02:40 +01:00
Daniel Stenberg
cec0734b4c
Curl_llist_remove: fix potential NULL pointer deref
Fixes a scan-build warning.
2017-11-21 09:02:40 +01:00
Daniel Stenberg
46e852ce26
ntlm: remove unnecessary NULL-check to please scan-build 2017-11-21 09:02:40 +01:00
Daniel Stenberg
2f81e48c00
BUGS: spellchecked 2017-11-20 23:57:57 +01:00
fmmedeiros
297516e12c examples/curlx: Fix code style
- Add braces around multi-line if statement.

Closes https://github.com/curl/curl/pull/2096
2017-11-18 14:04:33 -05:00
Daniel Stenberg
715f1f53e0
resolve: allow IP address within [] brackets
... so that IPv6 addresses can be passed like they can for connect-to
and how they're used in URLs.

Added test 1324 to verify
Reported-by: Alex Malinovich

Fixes #2087
Closes #2091
2017-11-17 15:26:08 +01:00
Pavol Markovic
6ce9845677
macOS: Fix missing connectx function with Xcode version older than 9.0
The previous fix https://github.com/curl/curl/pull/1788 worked just for
Xcode 9. This commit extends the fix to older Xcode versions effectively
by not using connectx function.

Fixes https://github.com/curl/curl/issues/1330
Fixes https://github.com/curl/curl/issues/2080
Closes https://github.com/curl/curl/pull/1336
Closes #2082
2017-11-15 11:10:51 +01:00
Dirk Feytons
d3ab7c5a21
openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEY
Fixes #2079
Closes #2081
2017-11-15 11:09:21 +01:00
Daniel Stenberg
a9f669896f
TODO: ignore private IP addresses in PASV response
Closes #1455
2017-11-14 23:49:06 +01:00
Daniel Stenberg
964d47e7f0
RELEASE-NOTES: synced with ae7369b6d 2017-11-14 20:40:37 +01:00
Michael Kaufmann
ae7369b6d0 URL: return error on malformed URLs with junk after IPv6 bracket
Follow-up to aadb7c7. Verified by new test 1263.

Closes #2072
2017-11-14 18:20:56 +01:00
Daniel Stenberg
de67c259d3
INTERNALS: we may use libidn2 now, not libidn 2017-11-14 12:47:04 +01:00
Patrick Monnerat
def2ca2628 zlib/brotli: only include header files in modules needing them
There is a conflict on symbol 'free_func' between openssl/crypto.h and
zlib.h on AIX. This is an attempt to resolve it.

Bug: https://curl.haxx.se/mail/lib-2017-11/0032.html
Reported-By: Michael Felt
2017-11-13 14:20:41 +01:00
Daniel Stenberg
fa1512b2a0
SMB: fix uninitialized local variable
Reported-by: Brian Carpenter
2017-11-13 08:27:36 +01:00
Orgad Shaneh
9f78b05443
connect.c: remove executable bit on file
Closes #2071
2017-11-12 10:51:46 +01:00
hsiao yi
dab7debe2a
README.md: fixed layout
Closes #2069
2017-11-12 00:07:38 +01:00
Daniel Stenberg
aa7668b948
setopt: split out curl_easy_setopt() to its own file
... to make url.c smaller.

Closes #1944
2017-11-10 23:08:20 +01:00
John Starks
2e850dafa5 cmake: Add missing setmode check
Ensure HAVE_SETMODE is set to 1 on OSes that have setmode. Without this,
curl will corrupt binary files when writing them to stdout on Windows.

Closes https://github.com/curl/curl/pull/2067
2017-11-10 15:38:23 -05:00
Daniel Stenberg
3619ee5feb
curl_share_setopt: va_end was not called if conncache errors
CID 984459, detected by Coverity
2017-11-10 15:02:11 +01:00
John Starks
2671f5f7cf cmake: Correctly include curl.rc in Windows builds (#2064)
Update CMakeLists.txt to add curl.rc to the correct list.
2017-11-10 13:58:10 +03:00
Daniel Stenberg
f405133ad5
RELEASE-NOTES: synced with 32828cc4f 2017-11-09 23:19:45 +01:00
Luca Boccassi
32828cc4fb
--interface: add support for Linux VRF
The --interface command (CURLOPT_INTERFACE option) already uses
SO_BINDTODEVICE on Linux, but it tries to parse it as an interface or IP
address first, which fails in case the user passes a VRF.

Try to use the socket option immediately and parse it as a fallback
instead.  Update the documentation to mention this feature, and that it
requires the binary to be ran by root or with CAP_NET_RAW capabilities
for this to work.

Closes #2024
2017-11-09 13:20:11 +01:00
Daniel Stenberg
b78dce2526
curl_share_setopt.3: document CURL_LOCK_DATA_CONNECT
Closes #2043
2017-11-09 11:08:18 +01:00
Daniel Stenberg
3d1280866a
examples: add shared-connection-cache 2017-11-09 11:07:44 +01:00
Daniel Stenberg
edd1f45c9f
test1554: verify connection cache sharing 2017-11-09 11:07:44 +01:00
Daniel Stenberg
67c55a26d5
share: add support for sharing the connection cache 2017-11-09 11:07:44 +01:00
Daniel Stenberg
e871ab56ed
imap: deal with commands case insensitively
As documented in RFC 3501 section 9:
https://tools.ietf.org/html/rfc3501#section-9

Closes #2061
2017-11-09 10:36:47 +01:00
Daniel Stenberg
6b12beb25a
connect: store IPv6 connection status after valid connection
... previously it would store it already in the happy eyeballs stage
which could lead to the IPv6 bit being set for an IPv4 connection,
leading to curl not wanting to do EPSV=>PASV for FTP transfers.

Closes #2053
2017-11-09 07:59:04 +01:00
Daniel Stenberg
63b8fbbbc0
curl_multi_fdset.3: emphasize curl_multi_timeout
... even when there's no socket to wait for, the timeout can still be
very short.
2017-11-09 07:52:19 +01:00
Jay Satiro
fa64b0fc4b content_encoding: fix inflate_stream for no bytes available
- Don't call zlib's inflate() when avail_in stream bytes is 0.

This is a follow up to the parent commit 19e66e5. Prior to that change
libcurl's inflate_stream could call zlib's inflate even when no bytes
were available, causing inflate to return Z_BUF_ERROR, and then
inflate_stream would treat that as a hard error and return
CURLE_BAD_CONTENT_ENCODING.

According to the zlib FAQ, Z_BUF_ERROR is not fatal.

This bug would happen randomly since packet sizes are arbitrary. A test
of 10,000 transfers had 55 fail (ie 0.55%).

Ref: https://zlib.net/zlib_faq.html#faq05

Closes https://github.com/curl/curl/pull/2060
2017-11-09 01:36:50 -05:00
Patrick Monnerat
19e66e5362 content_encoding: do not write 0 length data 2017-11-07 02:38:34 +01:00
Daniel Stenberg
6e6bf60357
fnmatch: remove dead code
There was a duplicate check for backslashes in the setcharset()
function.

Coverity CID 1420611
2017-11-06 09:01:53 +01:00
Daniel Stenberg
cbb22cb76d
url: remove unncessary NULL-check
Since 'conn' won't be NULL in there and we also access the pointer in
there without the check.

Coverity CID 1420610
2017-11-06 08:23:11 +01:00
Viktor Szakats
3962a3cfcb src/Makefile.m32: fix typo in brotli lib customization
Ref cc1f443609
2017-11-06 01:05:52 +00:00
Viktor Szakats
cc1f443609 Makefile.m32: allow to customize brotli libs
It adds the ability to link against static brotli libs.

Also fix brotli include path.
2017-11-05 23:02:05 +00:00
Patrick Monnerat
c675c40295 travis: add a job with brotli enabled 2017-11-05 15:38:17 +01:00
Viktor Szakats
609aa62f53 Makefile.m32: add brotli support 2017-11-05 15:32:43 +01:00
Patrick Monnerat
11bf1796cd HTTP: implement Brotli content encoding
This uses the brotli external library (https://github.com/google/brotli).
Brotli becomes a feature: additional curl_version_info() bit and
structure fields are provided for it and CURLVERSION_NOW bumped.

Tests 314 and 315 check Brotli content unencoding with correct and
erroneous data.

Some tests are updated to accomodate with the now configuration dependent
parameters of the Accept-Encoding header.
2017-11-05 15:28:16 +01:00
Patrick Monnerat
dbcced8e32 HTTP: support multiple Content-Encodings
This is implemented as an output streaming stack of unencoders, the last
calling the client write procedure.

New test 230 checks this feature.

Bug: https://github.com/curl/curl/pull/2002
Reported-By: Daniel Bankhead
2017-11-05 15:09:48 +01:00
Jay Satiro
462f3cac34 url: remove arg value check from CURLOPT_SSH_AUTH_TYPES
Since CURLSSH_AUTH_ANY (aka CURLSSH_AUTH_DEFAULT) is ~0 an arg value
check on this option is incorrect; we have to accept any value.

Prior to this change since f121575 (7.56.1+) CURLOPT_SSH_AUTH_TYPES
erroneously rejected CURLSSH_AUTH_ANY with CURLE_BAD_FUNCTION_ARGUMENT.

Bug: https://github.com/curl/curl/commit/f121575#commitcomment-25347120
2017-11-04 18:36:07 -04:00
Daniel Stenberg
685ef13057 ntlm: avoid malloc(0) for zero length passwords
It triggers an assert() when built with memdebug since malloc(0) may
return NULL *or* a valid pointer.

Detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4054

Assisted-by: Max Dymond
Closes #2054
2017-11-04 22:22:49 +01:00
Daniel Stenberg
d2146c598a RELEASE-NOTES: synced with ee8016b3d 2017-11-04 22:03:18 +01:00
Daniel Stenberg
ee8016b3de curl: speed up handling of many URLs
By properly keeping track of the last entry in the list of URLs/uploads
to handle, curl now avoids many meaningless traverses of the list which
speeds up many-URL handling *MASSIVELY* (several magnitudes on 100K
URLs).

Added test 1291, to verify that it doesn't take ages - but we don't have
any detection of "too slow" command in the test suite.

Reported-by: arainchik on github
Fixes #1959
Closes #2052
2017-11-04 20:56:26 +01:00
Daniel Stenberg
90abb74ff0 curl: pass through [] in URLs instead of calling globbing error
Assisted-by: Per Lundberg
Fixes #2044
Closes #2046
Closes #2048
2017-11-04 10:23:27 +01:00