1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-11 03:55:03 -05:00
Commit Graph

26349 Commits

Author SHA1 Message Date
Daniel Stenberg
e5803089a9
http_proxy: do not count proxy headers in the header bytecount
... as that counter is subsequently used to detect if nothing was
returned from the peer. This made curl return CURLE_OK when it should
have returned CURLE_GOT_NOTHING.

Fixes #5992
Reported-by: Tom van der Woerdt
Closes #5994
2020-09-22 10:54:34 +02:00
Daniel Stenberg
a8e08a87df
setopt: return CURLE_BAD_FUNCTION_ARGUMENT on bad argument
Fixed two return code mixups. CURLE_UNKNOWN_OPTION is saved for when the
option is, yeah, not known. Clarified this in the setopt man page too.

Closes #5993
2020-09-22 09:04:13 +02:00
Daniel Stenberg
f4873ebd0b
krb5: merged security.c and krb specific FTP functions in here
These two files were always tightly connected and it was hard to
understand what went into which. This also allows us to make the
ftpsend() function static (moved from ftp.c).

Removed security.c
Renamed curl_sec.h to krb5.h

Closes #5987
2020-09-21 23:31:39 +02:00
Daniel Stenberg
6434a73984
Curl_handler: add 'family' to each protocol
Makes get_protocol_family() faster and it moves the knowledge about the
"families" to each protocol handler, where it belongs.

Closes #5986
2020-09-21 23:30:16 +02:00
Daniel Stenberg
2e645e21de
parsedate: tune the date to epoch conversion
By avoiding an unnecessary error check and the temp use of the tm
struct, the time2epoch conversion function gets a little bit faster.
When repeating test 517, the updated version is perhaps 1% faster (on
one particular build on one particular architecture).

Closes #5985
2020-09-21 16:46:41 +02:00
Daniel Stenberg
be23839477
cmake: remove scary warning
Remove the text saying

"the curl cmake build system is poorly maintained. Be aware"

... not because anything changed just now, but to encourage users to use
it and subsequently improve it.

Closes #5984
2020-09-21 16:08:35 +02:00
Daniel Stenberg
553588897a
docs/MQTT: remove outdated paaragraphs 2020-09-21 11:02:32 +02:00
Daniel Stenberg
e1485bd069
docs/MQTT: not experimental anymore
Follow-up to e37e446868
2020-09-21 10:59:26 +02:00
Daniel Stenberg
559ed3ca25
docs/RESOURCES: remove
This document is not maintained and rather than trying to refresh it,
let's kill it. A more up-to-date document with relevant RFCs is this
page on the curl website: https://curl.haxx.se/rfc/

Closes #5980
2020-09-18 16:08:16 +02:00
Daniel Stenberg
d3d8773b14
docs/TheArtOfHttpScripting: convert to markdown
Makes it easier to browse on github etc. Offers (better) links.

It should be noted that this document is already mostly outdated and
"Everything curl" at https://ec.haxx.se/ is a better resource and
tutorial.

Closes #5981
2020-09-18 16:06:29 +02:00
Daniel Stenberg
6f82ebd8ae
BUGS: convert document to markdown
Closes #5979
2020-09-18 16:05:47 +02:00
Daniel Stenberg
5bd63e0619
--help: strdup the category
... since it is converted and the original pointer is freed on Windows
unicode handling.

Follow-up to aa8777f63f
Fixes #5977
Closes #5978
Reported-by: xwxbug on github
2020-09-18 14:47:23 +02:00
Daniel Stenberg
2df7414a73
CHECKSRC: document two missing warnings 2020-09-18 13:54:27 +02:00
Daniel Stenberg
2cf5f93680
RELEASE-NOTES: synced 2020-09-18 08:34:46 +02:00
Daniel Stenberg
3d8731c8f5
ftp: avoid risk of reading uninitialized integers
If the received PASV response doesn't match the expected pattern, we
could end up reading uninitialized integers for IP address and port
number.

Issue pointed out by muse.dev
Closes #5972
2020-09-18 08:26:49 +02:00
Quentin Balland
7921b41ce1
easy_reset: clear retry counter
Closes #5975
Fixes #5974
2020-09-18 07:59:24 +02:00
Daniel Stenberg
cc372af1e9
ftp: get rid of the PPSENDF macro
The use of such a macro hides some of what's actually going on to the
reader and is generally disapproved of in the project.

Closes #5971
2020-09-18 07:56:16 +02:00
Daniel Stenberg
83cc966708
man pages: switch to https://example.com URLs
Since HTTPS is "the new normal", this update changes a lot of man page
examples to use https://example.com instead of the previous "http://..."

Closes #5969
2020-09-17 16:28:18 +02:00
Daniel Stenberg
cd048aaa28
github: remove the duplicate "Security vulnerability" entry
... since github adds an entry automatically by itself.

Closes #5970
2020-09-17 15:22:11 +02:00
Emil Engler
48fb543d7f
github: use new issue template feature
This helps us to avoid getting feature requests as well as security
bugs reported into the issue tracker.

Closes #5936
2020-09-17 13:58:18 +02:00
Emil Engler
c0f0e400e0
urlapi: use more Curl_safefree
Closes #5968
2020-09-17 09:44:36 +02:00
Marc Hoersken
1060955a61
multi: align WinSock mask variables in Curl_multi_wait
Also skip pre-checking sockets to set timeout_ms to 0
after the first socket has been detected to be ready.

Reviewed-by: rcombs on github
Reviewed-by: Daniel Stenberg

Follow up to #5886
2020-09-17 07:41:14 +02:00
Marc Hoersken
40d67da7ca
multi: reuse WinSock events variable in Curl_multi_wait
Since the struct is quite large (1 long and 10 ints) we
declare it once at the beginning of the function instead
of multiple times inside loops to avoid stack movements.

Reviewed-by: Viktor Szakats
Reviewed-by: Daniel Stenberg

Closes #5886
2020-09-17 07:40:49 +02:00
Daniel Stenberg
af09599958
TODO: dynamically decide to use socketpair
Suggested-by: Anders Bakken

Closes #4829
2020-09-16 23:35:39 +02:00
Daniel Stenberg
15f5d59891
TODO: add PR reference for native IDN support on macOS
As there was work started on this that never got completed.

Closes #5371
2020-09-16 23:27:07 +02:00
Daniel Stenberg
ec6363be18
tool_help.h: update copyright year range
Follow-up from aa8777f63f
2020-09-16 23:08:20 +02:00
Daniel Stenberg
1556b99f1a
CI/azure: disable test 571 in the msys2 builds
It's just too flaky there

Reviewed-by: Marc Hoersken
Closes #5954
2020-09-16 10:07:24 +02:00
Daniel Stenberg
0b4c4145aa
tool_writeout: protect fputs() from NULL
When the code was changed to do fputs() instead of fprintf() it got
sensitive for NULL pointers; add checks for that.

Follow-up from 0c1e767e83

Closes #5963
2020-09-15 22:52:51 +02:00
Daniel Stenberg
2cc6857247
test3015: verify stdout "as text"
Follow-up from 0c1e767e83 to please win32 tests

Closes #5962
2020-09-15 22:51:08 +02:00
Daniel Stenberg
9fe7b66203
travis: use libressl v3.1.4 instead of master
... as their git master seems too fragile to use (and 3.2.1 which is the
latest has a build failure).

Closes #5964
2020-09-15 22:49:37 +02:00
Daniel Stenberg
304aeace1b
tests/FILEFORMAT: document type=shell for <command> 2020-09-15 15:42:56 +02:00
Daniel Stenberg
8854b9284b
tests/FILEFORMAT: document nonewline support for <file>
The one in <client>, that creates files.

Follow-up from b83947c8df
2020-09-15 14:45:08 +02:00
anio
0c1e767e83
tool_writeout: add new writeout variable, %{num_headers}
This variable gives the number of headers.

Closes #5947
2020-09-15 00:37:08 +02:00
Daniel Stenberg
4e66207c58
tool_urlglob: fix compiler warning "unreachable code"
(On Windows builds.)

Follow-up to 70a3b003d9
2020-09-15 00:31:18 +02:00
Gergely Nagy
182ff2d63c
vtls: deduplicate client certificates in ssl_config_data
Closes #5629
2020-09-14 12:56:47 +02:00
Daniel Stenberg
7ea2e1d0c5
ftp: a 550 response to SIZE returns CURLE_REMOTE_FILE_NOT_FOUND
This is primarily interesting for cases where CURLOPT_NOBODY is set as
previously curl would not return an error for this case.

MDTM getting 550 now also returns this error (it returned
CURLE_FTP_COULDNT_RETR_FILE before) in order to unify return codes for
missing files across protocols and specific FTP commands.

libcurl already returns error on a 550 as a MDTM response (when
CURLOPT_FILETIME is set). If CURLOPT_NOBODY is not set, an error would
happen subsequently anyway since the RETR command would fail.

Add test 1913 and 1914 to verify. Updated several tests accordingly due
to the updated SIZE behavior.

Reported-by: Tomas Berger
Fixes #5953
Closes #5957
2020-09-14 12:53:12 +02:00
Daniel Stenberg
a167949848
curl: make checkpasswd use dynbuf
Closes #5952
2020-09-14 12:33:53 +02:00
Daniel Stenberg
70a3b003d9
curl: make glob_match_url use dynbuf
Closes #5952
2020-09-14 12:33:52 +02:00
Daniel Stenberg
893bbd7458
curl: make file2memory use dynbuf
Closes #5952
2020-09-14 12:33:51 +02:00
Daniel Stenberg
0938f828bf
curl: make file2string use dynbuf
Closes #5952
2020-09-14 12:33:48 +02:00
Antarpreet Singh
da5ae38db0
imap: set cselect_bits to CURL_CSELECT_IN initially
... when continuing a transfer from a FETCH response.

When the size of the file was small enough that the entirety of the
transfer happens in a single go and schannel buffers holds the entire
data. However, it wasn't completely read in Curl_pp_readresp since a
line break was found before that could happen. So, by the time we are in
imap_state_fetch_resp - there's data in buffers that needs to be read
via Curl_read but nothing to read from the socket. After we setup a
transfer (Curl_setup_transfer), curl just waits on the socket state to
change - which doesn't happen since no new data ever comes.

Closes #5961
2020-09-14 12:29:44 +02:00
Daniel Stenberg
51e8f2938b
RELEASE-NOTES: synced 2020-09-14 09:47:20 +02:00
Daniel Stenberg
5c2d2d2ace
test434: test -K use in a single line without newline
Closes #5946
2020-09-14 08:32:49 +02:00
Daniel Stenberg
b83947c8df
runtests: allow creating files without newlines
Closes #5946
2020-09-14 08:32:45 +02:00
Daniel Stenberg
47dd957daf
curl: use curlx_dynbuf for realloc when loading config files
... fixes an integer overflow at the same time.

Reported-by: ihsinme on github
Assisted-by: Jay Satiro

Closes #5946
2020-09-14 08:32:45 +02:00
Daniel Stenberg
c4ea71ae32
dynbuf: provide curlx_ names for reuse by the curl tool
Closes #5946
2020-09-14 08:32:35 +02:00
Daniel Stenberg
9fffe925d2
dynbuf: make sure Curl_dyn_tail() zero terminates
Closes #5959
2020-09-14 08:29:46 +02:00
Daniel Stenberg
5fbc3ee520
tests: add test1912 to the dist
Follow-up to 70984ce1be
2020-09-12 18:09:49 +02:00
Daniel Stenberg
33bca7c9f6
docs/LICENSE-MIXING: remove
This document is not maintained and I feel that it doesn't provide much
value to users anymore (if it ever did).

Closes #5955
2020-09-11 23:36:27 +02:00
Laramie Leavitt
25a25f45ae
http: consolidate nghttp2_session_mem_recv() call paths
Previously there were several locations that called
nghttp2_session_mem_recv and handled responses slightly differently.
Those have been converted to call the existing
h2_process_pending_input() function.

Moved the end-of-session check to h2_process_pending_input() since the
only place the end-of-session state can change is after nghttp2
processes additional input frames.

This will likely fix the fuzzing error. While I don't have a root cause
the out-of-bounds read seems like a use after free, so moving the
nghttp2_session_check_request_allowed() call to a location with a
guaranteed nghttp2 session seems reasonable.

Also updated a few nghttp2 callsites to include error messages and added
a few additional error checks.

Closes #5648
2020-09-10 17:43:47 +02:00