1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 08:38:49 -05:00
Commit Graph

19575 Commits

Author SHA1 Message Date
Daniel Stenberg
1514977bcd security: simplify choose_mech
Coverity CID 1299424 identified dead code because of checks that could
never equal true (if the mechanism's name was NULL).

Simplified the function by removing a level of pointers and removing the
loop and array that weren't used.
2015-05-22 16:46:01 +02:00
Daniel Stenberg
fda0e74c22 RTSP: catch attempted unsupported requests better
Replace use of assert with code that properly catches bad input at
run-time even in non-debug builds.

This flaw was sort of detected by Coverity CID 1299425 which claimed the
"case RTSPREQ_NONE" was dead code.
2015-05-22 16:32:42 +02:00
Daniel Stenberg
03e2a9b023 share_init: fix OOM crash
A failed calloc() would lead to NULL pointer use.

Coverity CID 1299427.
2015-05-22 16:26:14 +02:00
Daniel Stenberg
817323ed82 parse_proxy: switch off tunneling if non-HTTP proxy
non-HTTP proxy implies not using CURLOPT_HTTPPROXYTUNNEL

Bug: http://curl.haxx.se/mail/lib-2015-05/0056.html
Reported-by: Sean Boudreau
2015-05-22 16:19:53 +02:00
Daniel Stenberg
42ed88e70a curl: fix potential NULL dereference
Coverity CID 1299428: Dereference after null check (FORWARD_NULL)
2015-05-22 16:19:30 +02:00
Daniel Stenberg
84d811f6af http2: on_frame_recv: return early on stream 0
Coverity CID 1299426 warned about possible NULL dereference otherwise,
but that would only ever happen if we get invalid HTTP/2 data with
frames for stream 0. Avoid this risk by returning early when stream 0 is
used.
2015-05-22 15:17:16 +02:00
Daniel Stenberg
d04bab8873 http: removed self assignment
Follow-up fix from b0143a2a33

Detected by coverity. CID 1299429
2015-05-22 09:57:16 +02:00
Tatsuhiro Tsujikawa
640f283bbb http2: Make HTTP Upgrade work
This commit just add implicitly opened stream 1 to streams hash.
2015-05-22 09:31:19 +02:00
Jay Satiro
995c6006fe strerror: Change SEC_E_ILLEGAL_MESSAGE description
Prior to this change the description for SEC_E_ILLEGAL_MESSAGE was OS
and language specific, and invariably translated to something not very
helpful like: "The message received was unexpected or badly formatted."

Bug: https://github.com/bagder/curl/issues/267
Reported-by: Michael Osipov
2015-05-22 02:30:38 -04:00
Jay Satiro
78ac944dc2 telnet: Fix read-callback change for Windows builds
Refer to b0143a2 for more information on the read-callback change.
2015-05-21 23:26:32 -04:00
Daniel Stenberg
ee04c20b74 CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy! 2015-05-21 14:17:17 +02:00
Dan Fandrich
126e7f7253 testcurl.pl: allow source to be in an arbitrary directory
This way, the build directory can be located on an entirely different
filesystem from the source code (e.g. a tmpfs).
2015-05-21 09:14:40 +02:00
Daniel Stenberg
b0143a2a33 read_callback: move to SessionHandle from connectdata
With many easy handles using the same connection for multiplexing, it is
important we store and keep the transfer-oriented stuff in the
SessionHandle so that callbacks and callback data work fine even when
many easy handles share the same physical connection.
2015-05-20 23:06:45 +02:00
Daniel Stenberg
6a688976f0 http2: show stream IDs in decimal
It makes them easier to match output from the nghttpd test server.
2015-05-20 23:06:29 +02:00
Tatsuhiro Tsujikawa
c175d184a2 http2: Faster http2 upload
Previously, when we send all given buffer in data_source_callback, we
return NGHTTP2_ERR_DEFERRED, and nghttp2 library removes this stream
temporarily for writing.  This itself is good.  If this is the sole
stream in the session, nghttp2_session_want_write() returns zero,
which means that libcurl does not check writeability of the underlying
socket.  This leads to very slow upload, because it seems curl only
upload 16k something per 1 second.  To fix this, if we still have data
to send, call nghttp2_session_resume_data after nghttp2_session_send.
This makes nghttp2_session_want_write() returns nonzero (if connection
window still opens), and as a result, socket writeability is checked,
and upload speed becomes normal.
2015-05-20 22:43:37 +02:00
Dmitry Eremin-Solenikov
d5aab55b33 gtls: don't fail on non-fatal alerts during handshake
Stop curl from failing when non-fatal alert is received during
handshake.  This e.g. fixes lots of problems when working with https
sites through proxies.
2015-05-20 22:41:30 +02:00
Daniel Stenberg
0f6f7c100a curl_easy_unescape.3: update RFC reference
Reported-by: bsammon
Bug: https://github.com/bagder/curl/issues/282
2015-05-20 08:21:27 +02:00
Jay Satiro
db979fea73 CURLOPT_POSTFIELDS.3: Mention curl_easy_escape
.. also correct some variable naming in curl_easy_escape.3

Bug: https://github.com/bagder/curl/issues/281
Reported-by: bsammon@users.noreply.github.com
2015-05-20 01:48:31 -04:00
Brian Prodoehl
a393d64456 openssl: Use SSL_CTX_set_msg_callback and SSL_CTX_set_msg_callback_arg
BoringSSL removed support for direct callers of SSL_CTX_callback_ctrl
and SSL_CTX_ctrl, so move to a way that should work on BoringSSL and
OpenSSL.

re #275
2015-05-19 22:54:42 +02:00
Jay Satiro
265f83a9f0 curl.1: fix missing space in section --data 2015-05-19 15:43:40 -04:00
Daniel Stenberg
301ba7772c transfer: remove erroneous and misleading comment 2015-05-19 14:00:19 +02:00
Kamil Dudka
00a770b3f5 http: silence compile-time warnings without USE_NGHTTP2
Error: CLANG_WARNING:
lib/http.c:173:16: warning: Value stored to 'http' during its initialization is never read

Error: COMPILER_WARNING:
lib/http.c: scope_hint: In function ‘http_disconnect’
lib/http.c:173:16: warning: unused variable ‘http’ [-Wunused-variable]
2015-05-19 12:53:30 +02:00
Jay Satiro
dd23c49546 transfer: Replace __func__ instances with function name
.. also make __func__ replacement in multi.

Prior to this change debug builds would fail to build if the compiler
was building pre-c99 and didn't support __func__.
2015-05-19 02:23:55 -04:00
Viktor Szakats
3d38a38012 build: bump version in default nghttp2 paths 2015-05-19 07:42:16 +02:00
Daniel Stenberg
d4313b1f01 INTERNALS: we require nghttp2 1.0.0+ now 2015-05-19 07:42:16 +02:00
Jay Satiro
7da064fdd2 http: Add some include guards for the new HTTP/2 stuff 2015-05-18 20:53:58 -04:00
Daniel Stenberg
897a7b3a13 http2: store upload state per stream
Use a curl_off_t for upload left
2015-05-18 15:41:43 +02:00
Daniel Stenberg
155b1f5df9 http2: fix build when NOT h2-enabled 2015-05-18 14:09:32 +02:00
Daniel Stenberg
979670988a http2: switch to use Curl_hash_destroy()
as after 4883f7019d, the *_clean() function only flushes the hash.
2015-05-18 11:41:16 +02:00
Daniel Stenberg
0b26b94bdc curlver: restore LIBCURL_VERSION_NUM defined as a full number
As it breaks configure, curl-config and test 1023 if not.
2015-05-18 11:29:06 +02:00
Anthony Avina
4883f7019d hostip: fix unintended destruction of hash table
.. and added unit1602 for hash.c
2015-05-18 11:15:43 +02:00
Daniel Stenberg
39b9bf60d1 curlver: introducing new version number (checking) macros 2015-05-18 11:09:13 +02:00
Daniel Stenberg
d69eee0964 runtests.pl: use 'h2c' now, no -14 anymore 2015-05-18 10:10:55 +02:00
Tatsuhiro Tsujikawa
7ff7e45405 http2: Ignore if we have stream ID not in hash in on_stream_close
We could get stream ID not in the hash in on_stream_close.  For
example, if we decided to reject stream (e.g., PUSH_PROMISE), then we
don't create stream and store it in hash with its stream ID.
2015-05-18 09:33:48 +02:00
Tatsuhiro Tsujikawa
4ac6cc3ebd Require nghttp2 v1.0.0
This commit requires nghttp2 v1.0.0 to compile, and migrate to v1.0.0,
and utilize recent version of nghttp2 to simplify the code,

First we use nghttp2_option_set_no_recv_client_magic function to
detect nghttp2 v1.0.0.  That function only exists since v1.0.0.

Since nghttp2 v0.7.5, nghttp2 ensures header field ordering, and
validates received header field.  If it found error, RST_STREAM with
PROTOCOL_ERROR is issued.  Since we require v1.0.0, we can utilize
this feature to simplify libcurl code.  This commit does this.

Migration from 0.7 series are done based on nghttp2 migration
document.  For libcurl, we removed the code sending first 24 bytes
client magic.  It is now done by nghttp2 library.
on_invalid_frame_recv callback signature changed, and is updated
accordingly.
2015-05-18 09:33:48 +02:00
Daniel Stenberg
077f12b0ae http2: infof length in on_frame_send() 2015-05-18 09:33:48 +02:00
Daniel Stenberg
d6f1c74330 pipeline: switch some code over to functions
... to "compartmentalize" a bit and make it easier to change behavior
when multiplexing is used instead of good old pipelining.
2015-05-18 09:33:47 +02:00
Daniel Stenberg
7d0df07e48 symbols-in-versions: add CURLOPT_PIPEWAIT 2015-05-18 09:33:47 +02:00
Daniel Stenberg
811443754a CURLOPT_PIPEWAIT: added
By setting this option to 1 libcurl will wait for a connection to reveal
if it is possible to pipeline/multiplex on before it continues.
2015-05-18 09:33:47 +02:00
Daniel Stenberg
df3a970cb4 Curl_http_readwrite_headers: minor code simplification 2015-05-18 09:33:47 +02:00
Daniel Stenberg
193251794a IsPipeliningPossible: fixed for http2 2015-05-18 09:33:47 +02:00
Daniel Stenberg
8b38fcf2f6 http2: bump the h2 buffer size to 32K for speed 2015-05-18 09:33:47 +02:00
Daniel Stenberg
5871affc7a http2: remove the stream from the hash in stream_close callback
... and suddenly things work much better!
2015-05-18 09:33:47 +02:00
Daniel Stenberg
3e8a5d88a5 http2: if there is paused data, do not clear the drain field 2015-05-18 09:33:47 +02:00
Daniel Stenberg
522ca8c035 http2: rename s/data/pausedata 2015-05-18 09:33:47 +02:00
Daniel Stenberg
a66ed407d2 http2: "stream %x" in all outputs to make it easier to search for 2015-05-18 09:33:47 +02:00
Daniel Stenberg
61a94d6f77 http2: Curl_expire() all handles with incoming traffic
... so that they'll get handled next in the multi loop.
2015-05-18 09:33:47 +02:00
Daniel Stenberg
56c362b1a7 http2: don't signal settings change for same values 2015-05-18 09:33:47 +02:00
Daniel Stenberg
72105ebf05 http2: set default concurrency, fix ConnectionExists for multiplex 2015-05-18 09:33:47 +02:00
Daniel Stenberg
38bd6bf0bb bundles: store no/default/pipeline/multiplex
to allow code to act differently on the situation.

Also added some more info message for the connection re-use function to
make it clearer when connections are not re-used.
2015-05-18 09:33:36 +02:00