1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 14:35:03 -05:00
Commit Graph

22622 Commits

Author SHA1 Message Date
Daniel Stenberg
22708eae40
URL: on connection re-use, still pick the new remote port
... as when a proxy connection is being re-used, it can still get a
different remote port.

Fixes #1887
Reported-by: Oli Kingshott
2017-09-14 16:49:40 +02:00
Daniel Stenberg
7e4634cfe8
RELEASE-NOTES: synced with 87501e57f 2017-09-12 14:20:04 +02:00
Daniel Stenberg
87501e57f1
code style: remove wrong uses of multiple spaces
Closes #1878
2017-09-12 13:54:54 +02:00
Daniel Stenberg
59813726d1
checksrc: detect and warn for multiple spaces 2017-09-12 09:50:24 +02:00
Daniel Stenberg
20acb58a38
code style: use space after semicolon 2017-09-12 09:50:24 +02:00
Daniel Stenberg
67ade28571
checksrc: verify space after semicolons 2017-09-12 09:50:24 +02:00
Daniel Stenberg
e5743f08e7
code style: use spaces around pluses 2017-09-11 09:29:50 +02:00
Daniel Stenberg
ca86006deb
checksrc: detect and warn for lack of spaces next to plus signs 2017-09-11 09:29:50 +02:00
Daniel Stenberg
6b84438d9a
code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
Daniel Stenberg
e155f38d1e
checksrc: verify spaces around equals signs
... as the code style mandates.
2017-09-11 09:27:28 +02:00
Daniel Stenberg
02eb6184ad
Curl_checkheaders: make it available for IMAP and SMTP too
... not only HTTP uses this now.

Closes #1875
2017-09-11 00:26:17 +02:00
Daniel Stenberg
7207aaa696
travis: add build without HTTP/SMTP/IMAP 2017-09-11 00:26:14 +02:00
Jay Satiro
64bb7ae6ae mbedtls: enable CA path processing
CA path processing was implemented when mbedtls.c was added to libcurl
in fe7590f, but it was never enabled.

Bug: https://github.com/curl/curl/issues/1877
Reported-by: SBKarr@users.noreply.github.com
2017-09-10 03:22:05 -04:00
Daniel Stenberg
a14f7152ce
rtsp: do not call fwrite() with NULL pointer FILE *
If the default write callback is used and no destination has been set, a
NULL pointer would be passed to fwrite()'s 4th argument.

OSS-fuzz bug https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3327
(not publicly open yet)

Detected by OSS-fuzz
Closes #1874
2017-09-08 23:56:02 +02:00
Daniel Stenberg
f8548e84ad
configure: use -Wno-varargs on clang 3.9[.X] debug builds
... to avoid a clang bug
2017-09-08 23:16:16 +02:00
Max Dymond
261da2a668 ossfuzz: add some more handled CURL options
Add support for HEADER, COOKIE, RANGE, CUSTOMREQUEST, MAIL_RECIPIENT,
MAIL_FROM and uploading data.
2017-09-08 15:00:55 +02:00
Daniel Stenberg
1ae2704d6e
configure: check for C++ compiler after C, to make it non-fatal
The tests for object file/executable file extensions are presumably only
done for the first of these macros in the configure file.

Bug: https://github.com/curl/curl/pull/1851#issuecomment-327597515
Reported-by: Marcel Raad
Closes #1873
2017-09-07 20:36:56 +02:00
Patrick Monnerat
3620e569b3 form API: add new test 650.
Now that the form API is deprecated and not used anymore in curl tool,
a lot of its features left untested. Test 650 attempts to check all these
features not tested elsewhere.
2017-09-07 19:11:02 +01:00
Jay Satiro
3dab9f6c71 configure: fix curl_off_t check's include order
- Prepend srcdir include path instead of append.

Prior to this change it was possible that during the check for the size
of curl_off_t the include path of a user's already installed curl could
come before the include path of the to-be-built curl, resulting in the
system.h of the former being incorrectly included for that check.

Closes https://github.com/curl/curl/pull/1870
2017-09-07 13:36:35 -04:00
Jakub Zakrzewski
08aeae0e37 KNOWN_BUGS: Remove CMake symbol hiding issue
It has already been fixed in 6140dfc
2017-09-07 17:33:49 +02:00
Daniel Stenberg
9ef50ee0a4
http-proxy: when not doing CONNECT, that phase is done immediately
`conn->connect_state` is NULL when doing a regular non-CONNECT request
over the proxy and should therefor be considered complete at once.

Fixes #1853
Closes #1862
Reported-by: Lawrence Wagerfield
2017-09-07 16:11:38 +02:00
Johannes Schindelin
f4a623825b
OpenSSL: fix yet another mistake while encapsulating SSL backend data
Another mistake in my manual fixups of the largely mechanical
search-and-replace ("connssl->" -> "BACKEND->"), just like the previous
commit concerning HTTPS proxies (and hence not caught during my
earlier testing).

Fixes #1855
Closes #1871

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07 16:08:24 +02:00
Johannes Schindelin
dde4f5c81a
OpenSSL: fix erroneous SSL backend encapsulation
In d65e6cc4f (vtls: prepare the SSL backends for encapsulated private
data, 2017-06-21), this developer prepared for a separation of the
private data of the SSL backends from the general connection data.

This conversion was partially automated (search-and-replace) and
partially manual (e.g. proxy_ssl's backend data).

Sadly, there was a crucial error in the manual part, where the wrong
handle was used: rather than connecting ssl[sockindex]' BIO to the
proxy_ssl[sockindex]', we reconnected proxy_ssl[sockindex]. The reason
was an incorrect location to paste "BACKEND->"... d'oh.

Reported by Jay Satiro in https://github.com/curl/curl/issues/1855.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07 16:06:50 +02:00
Jay Satiro
955c21939e
vtls: fix memory corruption
Ever since 70f1db321 (vtls: encapsulate SSL backend-specific data,
2017-07-28), the code handling HTTPS proxies was broken because the
pointer to the SSL backend data was not swapped between
conn->ssl[sockindex] and conn->proxy_ssl[sockindex] as intended, but
instead set to NULL (causing segmentation faults).

[jes: provided the commit message, tested and verified the patch]

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07 16:06:50 +02:00
Daniel Stenberg
4bb80d532e
vtls: switch to CURL_SHA256_DIGEST_LENGTH define
... instead of the prefix-less version since WolfSSL 3.12 now uses an
enum with that name that causes build failures for us.

Fixes #1865
Closes #1867
Reported-by: Gisle Vanem
2017-09-07 15:59:42 +02:00
Daniel Stenberg
6b585b1183
travis: add c-ares enabled builds linux + osx
Closes #1868
2017-09-07 10:38:16 +02:00
Daniel Stenberg
cd8d9bb930
HISTORY: added some recent items 2017-09-07 09:51:25 +02:00
Jay Satiro
70a69f3718 SSL: fix unused parameter warnings 2017-09-06 15:11:55 -04:00
Patrick Monnerat
c96d96bc5f mime: drop internal FILE * support.
- The part kind MIMEKIND_FILE and associated code are suppressed.
- Seek data origin offset not used anymore: suppressed.
- MIMEKIND_NAMEDFILE renamed MIMEKIND_FILE; associated fields/functions
  renamed accordingly.
- Curl_getformdata() processes stdin via a callback.
2017-09-06 13:42:03 +01:00
Daniel Stenberg
d1da545a68
configure: remove --enable-soname-bump and SONAME_BUMP
Back in 2008, (and commit 3f3d6ebe66) we changed the logic in how we
determine the native type for `curl_off_t`. To really make sure we
didn't break ABI without bumping SONAME, we introduced logic that
attempted to detect that it would use a different size and thus not be
compatible. We also provided a manual switch that allowed users to tell
configure to bump SONAME by force.

Today, we know of no one who ever got a SONAME bump auto-detected and we
don't know of anyone who's using the manual bump feature. The auto-
detection is also no longer working since we introduced defining
curl_off_t in system.h (7.55.0).

Finally, this bumping logic is not present in the cmake build.

Closes #1861
2017-09-06 08:43:36 +02:00
Gisle Vanem
61825be02b vtls: select ssl backend case-insensitive (follow-up)
- Do a case-insensitive comparison of CURL_SSL_BACKEND env as well.

- Change Curl_strcasecompare calls to strcasecompare
  (maps to the former but shorter).

Follow-up to c290b8f.

Bug: https://github.com/curl/curl/commit/c290b8f#commitcomment-24094313

Co-authored-by: Jay Satiro
2017-09-06 02:27:33 -04:00
Jay Satiro
6cdba64e13 openssl: Integrate Peter Wu's SSLKEYLOGFILE implementation
This is an adaptation of 2 of Peter Wu's SSLKEYLOGFILE implementations.

The first one, written for old OpenSSL versions:
https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c

The second one, written for BoringSSL and new OpenSSL versions:
https://github.com/curl/curl/pull/1346

Note the first one is GPL licensed but the author gave permission to
waive that license for libcurl.

As of right now this feature is disabled by default, and does not have
a configure option to enable it. To enable this feature define
ENABLE_SSLKEYLOGFILE when building libcurl and set environment
variable SSLKEYLOGFILE to a pathname that will receive the keys.

And in Wireshark change your preferences to point to that key file:
Edit > Preferences > Protocols > SSL > Master-Secret

Co-authored-by: Peter Wu

Ref: https://github.com/curl/curl/pull/1030
Ref: https://github.com/curl/curl/pull/1346

Closes https://github.com/curl/curl/pull/1866
2017-09-05 23:56:54 -04:00
Patrick Monnerat
ee5725fb5e mime: fix a trivial warning. 2017-09-05 18:38:31 +01:00
Patrick Monnerat
c1d0b6f98e mime: replace 'struct Curl_mimepart' by 'curl_mimepart' in encoder code.
mime_state is now a typedef.
2017-09-05 18:20:06 +01:00
Patrick Monnerat
63ef436ea1 mime: implement encoders.
curl_mime_encoder() is operational and documented.
curl tool -F option is extended with ";encoder=".
curl tool --libcurl option generates calls to curl_mime_encoder().
New encoder tests 648 & 649.
Test 1404 extended with an encoder specification.
2017-09-05 17:55:51 +01:00
Patrick Monnerat
3bbe894fd2 runtests.pl: support attribute "nonewline" in part verify/upload. 2017-09-05 17:33:16 +01:00
Daniel Stenberg
328ce03d53 fixup data/test1135 2017-09-05 17:33:16 +01:00
Daniel Stenberg
9926357b42 mime: unified to use the typedef'd mime structs everywhere
... and slightly edited to follow our code style better.
2017-09-05 17:33:16 +01:00
Daniel Stenberg
295ce716a2 curl.h: use lower case curl_mime* as for all public symbols 2017-09-05 17:33:16 +01:00
Daniel Stenberg
8b902ef0af docs/curl_mime_*.3: use correct variable types in examples 2017-09-05 17:33:16 +01:00
Kamil Dudka
ea142a837e openssl: use OpenSSL's default ciphers by default
Up2date versions of OpenSSL maintain the default reasonably secure
without breaking compatibility, so it is better not to override the
default by curl.  Suggested at https://bugzilla.redhat.com/1483972

Closes #1846
2017-09-05 12:13:38 +02:00
Viktor Szakats
25fc694a41 examples/mime: minor example code fixes 2017-09-05 10:05:27 +00:00
Daniel Stenberg
eae21db920
docs/curl_mime_*.3: added examples 2017-09-05 11:15:02 +02:00
Daniel Stenberg
889723b004
configure: add MultiSSL to FEATURES when enabled
...for curl-config and its corresponding test 1014
2017-09-05 10:45:09 +02:00
Daniel Stenberg
3130414ce7
http-proxy: treat all 2xx as CONNECT success
Added test 1904 to verify.

Reported-by: Lawrence Wagerfield
Fixes #1859
Closes #1860
2017-09-05 09:47:46 +02:00
Daniel Stenberg
d491a9c3a8
MAIL-ETIQUETTE: added "1.9 Your emails are public" 2017-09-05 09:29:11 +02:00
Daniel Stenberg
7b81623660
curl.h: fix "unused checksrc ignore", remove dangling reference
... to a README file that doesn't exist anymore
2017-09-04 19:59:11 +02:00
Viktor Szakats
1c8725e639 docs: Update to secure URL versions 2017-09-04 14:08:54 +00:00
Viktor Szakats
841a09ea19 mime: use CURL_ZERO_TERMINATED in examples
and some minor whitespace fixes
2017-09-04 13:58:10 +00:00
Daniel Stenberg
202c1cc22f
schannel: return CURLE_SSL_CACERT on failed verification
... not *CACERT_BADFILE as it isn't really because of a bad file.

Bug: https://curl.haxx.se/mail/lib-2017-09/0002.html
Closes #1858
2017-09-04 11:48:38 +02:00