1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 01:28:51 -05:00
Commit Graph

10933 Commits

Author SHA1 Message Date
Daniel Stenberg
0c76795caf
cleanup: comment typos
Spotted by 'codespell'

Closes #4957
2020-02-21 08:38:00 +01:00
Steve Holme
150f45e8d1
win32: USE_WIN32_CRYPTO to enable Win32 based MD4, MD5 and SHA256 functions
Whilst lib\md4.c used this pre-processor, lib\md5.c and
src\tool_metalink.c did not and simply relied on the WIN32
pre-processor directive.

Reviewed-by: Marcel Raad
Closes #4955
2020-02-20 15:27:32 +00:00
Daniel Stenberg
1b6cfb9d24
connect: remove some spurious infof() calls
As they were added primarily for debugging, they provide little use for
users.

Closes #4951
2020-02-19 22:32:45 +01:00
Daniel Stenberg
05b1b35085
nit: Copyright year out of date
Follow-up to 1fc0617dcc
2020-02-19 08:04:35 +01:00
Jay Satiro
1fc0617dcc tool_util: Improve Windows version of tvnow()
- Change tool_util.c tvnow() for Windows to match more closely to
  timeval.c Curl_now().

- Create a win32 init function for the tool, since some initialization
  is required for the tvnow() changes.

Prior to this change the monotonic time function used by curl in Windows
was determined at build-time and not runtime. That was a problem because
when curl was built targeted for compatibility with old versions of
Windows (eg _WIN32_WINNT < 0x0600) it would use GetTickCount which wraps
every 49.7 days that Windows has been running.

This change makes curl behave similar to libcurl's tvnow function, which
determines at runtime whether the OS is Vista+ and if so calls
QueryPerformanceCounter instead. (Note QueryPerformanceCounter is used
because it has higher resolution than the more obvious candidate
GetTickCount64). The changes to tvnow are basically a copy and paste but
the types in some cases are different.

Ref: https://github.com/curl/curl/issues/3309

Closes https://github.com/curl/curl/pull/4847
2020-02-18 15:52:13 -05:00
Daniel Stenberg
3735107d62
SOCKS: fix typo in printf formatting
Follow-up to 4a4b63daa

Reported-by: Peter Piekarski
Bug: 4a4b63daaa (r37351330)
2020-02-18 12:54:44 +01:00
Daniel Stenberg
14916a82e2
altsvc: make saving the cache an atomic operation
... by writing the file to temp name then rename to the final when done.

Assisted-by: Jay Satiro
Fixes #4936
Closes #4942
2020-02-18 07:49:21 +01:00
Daniel Stenberg
330f133224
rename: a new file for Curl_rename()
And make the cookie save function use it.
2020-02-18 07:49:15 +01:00
Daniel Stenberg
b834890a3f
cookies: make saving atomic with a rename
Saves the file as "[filename].[8 random hex digits].tmp" and renames
away the extension when done.

Co-authored-by: Jay Satiro
Reported-by: Mike Frysinger
Fixes #4914
Closes #4926
2020-02-17 22:45:42 +01:00
Daniel Stenberg
4a4b63daaa
socks: make the connect phase non-blocking
Removes two entries from KNOWN_BUGS.

Closes #4907
2020-02-17 00:08:48 +01:00
Daniel Stenberg
d60b1b37a1
multi: if Curl_readwrite sets 'comeback' use expire, not loop
Otherwise, a very fast single transfer ricks starving out other
concurrent transfers.

Closes #4927
2020-02-16 22:52:41 +01:00
Daniel Stenberg
c188391a9f
ftp: convert 'sock_accepted' to a plain boolean
This was an array indexed with sockindex but it was only ever used for
the secondary socket.

Closes #4929
2020-02-16 22:23:17 +01:00
Steve Holme
46af41dafc
tool_home: Fix the copyright year being out of date
Follow up to 9dc350b6.
2020-02-13 00:40:08 +00:00
Jay Satiro
9dc350b60c tool_homedir: Change GetEnv() to use libcurl's curl_getenv()
- Deduplicate GetEnv() code.

- On Windows change ultimate call to use Windows API
  GetEnvironmentVariable() instead of C runtime getenv().

Prior to this change both libcurl and the tool had their own GetEnv
which over time diverged. Now the tool's GetEnv is a wrapper around
curl_getenv (libcurl API function which is itself a wrapper around
libcurl's GetEnv).

Furthermore this change fixes a bug in that Windows API
GetEnvironmentVariable() is called instead of C runtime getenv() to get
the environment variable since some changes aren't always visible to the
latter.

Reported-by: Christoph M. Becker

Fixes https://github.com/curl/curl/issues/4774
Closes https://github.com/curl/curl/pull/4863
2020-02-12 18:37:31 -05:00
Daniel Stenberg
39d5621cbd
strerror.h: Copyright year out of date
Follow-up to 1c4fa67e8a
2020-02-12 23:07:21 +01:00
Jay Satiro
1c4fa67e8a strerror: Increase STRERROR_LEN 128 -> 256
STRERROR_LEN is the constant used throughout the library to set the size
of the buffer on the stack that the curl strerror functions write to.

Prior to this change some extended length Windows error messages could
be truncated.

Closes https://github.com/curl/curl/pull/4920
2020-02-12 16:58:56 -05:00
Jay Satiro
4d1aa8d43b multi: fix outdated comment
- Do not say that conn->data is "cleared" by multi_done().

If the connection is in use then multi_done assigns another easy handle
still using the connection to conn->data, therefore in that case it is
not cleared.

Closes https://github.com/curl/curl/pull/4901
2020-02-12 16:55:33 -05:00
Jay Satiro
55bb83c92b easy: remove dead code
multi is already assigned to data->multi by curl_multi_add_handle.

Closes https://github.com/curl/curl/pull/4900
2020-02-12 16:54:51 -05:00
Steve Holme
0b8651d48b
smtp: Simplify the MAIL command and avoid a duplication of send strings
This avoids the duplication of strings when the optional AUTH and SIZE
parameters are required. It also assists with the modifications that
are part of #4892.

Closes #4903
2020-02-09 23:08:47 +00:00
Daniel Stenberg
02f8de6516
altsvc: keep a copy of the file name to survive handle reset
The alt-svc cache survives a call to curl_easy_reset fine, but the file
name to use for saving the cache was cleared. Now the alt-svc cache has
a copy of the file name to survive handle resets.

Added test 1908 to verify.

Reported-by: Craig Andrews
Fixes #4898
Closes #4902
2020-02-09 22:41:49 +01:00
Steve Holme
f8f4a94465
url: Include the failure reason when curl_win32_idn_to_ascii() fails
Provide the failure reason in the failf() info just as we do for the
libidn2 version of code.

Closes #4899
2020-02-09 11:38:54 +00:00
Jay Satiro
05d3312f77 asyn-thread: remove dead code 2020-02-09 02:27:29 -05:00
Pierre-Yves Bigourdan
feba3f0549
digest: Do not quote algorithm in HTTP authorisation
RFC 7616 section 3.4 (The Authorization Header Field) states that "For
historical reasons, a sender MUST NOT generate the quoted string syntax
for the following parameters: algorithm, qop, and nc". This removes the
quoting for the algorithm parameter.

Reviewed-by: Steve Holme
Closes #4890
2020-02-07 22:46:21 +01:00
Daniel Stenberg
5ce7102cea
ftp: remove the duplicated user/password struct fields
Closes #4887
2020-02-07 08:18:36 +01:00
Daniel Stenberg
950b53da0d
ftp: remove superfluous checking for crlf in user or pwd
... as this is already done much earlier in the URL parser.

Also add test case 894 that verifies that pop3 with an encodedd CR in
the user name is rejected.

Closes #4887
2020-02-07 08:18:23 +01:00
Steve Holme
c87730daeb
ntlm_wb: Use Curl_socketpair() for greater portability
Reported-by: Daniel Stenberg
Closes #4886
2020-02-06 14:39:50 +00:00
Daniel Stenberg
671c48eb1a
ftp: shrink temp buffers used for PORT
These two stack based buffers only need to be 46 + 66 bytes instead of
256 + 1024.

Closes #4880
2020-02-05 10:09:43 +01:00
Daniel Stenberg
d913c1e99e
altsvc: set h3 version at a common single spot
... and move the #ifdefs out of the functions. Addresses the fact they
were different before this change.

Reported-by: Harry Sintonen
Closes #4876
2020-02-04 22:28:21 +01:00
Harry Sintonen
9e1f720758
altsvc: improved header parser
- Fixed the flag parsing to apply to specific alternative entry only, as
per RFC. The earlier code would also get totally confused by
multiprotocol header, parsing flags from the wrong part of the header.

- Fixed the parser terminating on unknown protocols, instead of skipping
them.

- Fixed a busyloop when protocol-id was present without an equal sign.

Closes #4875
2020-02-04 16:09:45 +01:00
Harry Sintonen
defe4c08f0
ngtcp2: fixed to only use AF_INET6 when ENABLE_IPV6 2020-02-04 16:09:39 +01:00
Steve Holme
b765cb3c81
ntlm: Pass the Curl_easy structure to the private winbind functions
...rather than the full conndata structure.
2020-02-04 11:36:47 +00:00
Steve Holme
f41deddde8
ntlm: Ensure the HTTP header data is not stored in the challenge/response 2020-02-03 21:29:11 +00:00
Marcel Raad
5cd0f5cc7f
openssl: remove redundant assignment
Fixes a scan-build failure on Bionic.

Closes https://github.com/curl/curl/pull/4872
2020-02-03 14:20:51 +01:00
Pedro Monreal
4b6fd29f1a cleanup: fix typos and wording in docs and comments
Closes #4869
Reviewed-by: Emil Engler and Daniel Gustafsson
2020-02-02 18:43:01 +01:00
Steve Holme
6ef123522a ntlm: Move the winbind data into the NTLM data structure
To assist with adding winbind support to the SASL NTLM authentication,
move the winbind specific data out of conndata into ntlmdata.
2020-02-02 12:23:48 +01:00
Daniel Stenberg
28b5b1c20a
quiche: Copyright year out of date
Follow-up to 7fc63d7233
2020-01-30 19:13:18 +01:00
Daniel Stenberg
33a77cb528
altsvc: use h3-25
Closes #4868
2020-01-30 19:09:08 +01:00
Alessandro Ghedini
7fc63d7233
quiche: update to draft-25
Closes #4867
2020-01-30 19:07:57 +01:00
Daniel Stenberg
da9e8ec723
ngtcp2: update to git master and its draft-25 support
Closes #4865
2020-01-29 22:21:19 +01:00
Daniel Stenberg
5af0165562
cookie: check __Secure- and __Host- case sensitively
While most keywords in cookies are case insensitive, these prefixes are
specified explicitly to get checked "with a case-sensitive match".

(From the 6265bis document in progress)

Ref: https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-04
Closes #4864
2020-01-29 16:01:23 +01:00
Daniel Stenberg
db9af34634
multi_done: if multiplexed, make conn->data point to another transfer
... since the current transfer is being killed. Setting to NULL is
wrong, leaving it pointing to 'data' is wrong since that handle might be
about to get freed.

Fixes #4845
Closes #4858
Reported-by: dmitrmax on github
2020-01-28 13:00:41 +01:00
Daniel Stenberg
d3dc0a07e9
urlapi: guess scheme correct even with credentials given
In the "scheme-less" parsing case, we need to strip off credentials
first before we guess scheme based on the host name!

Assisted-by: Jay Satiro
Fixes #4856
Closes #4857
2020-01-28 08:40:16 +01:00
Daniel Stenberg
0b030a5b23
global_init: move the IPv6 works status bool to multi handle
Previously it was stored in a global state which contributed to
curl_global_init's thread unsafety. This boolean is now instead figured
out in curl_multi_init() and stored in the multi handle. Less effective,
but thread safe.

Closes #4851
2020-01-28 08:03:22 +01:00
Jon Rumsey
4228700461
urldata: do string enums without #ifdefs for build scripts
... and check for inconsistencies for OS400 at build time with the new
chkstrings tool.

Closes #4822
2020-01-27 09:26:58 +01:00
Daniel Stenberg
1ad49feb71
global_init: assume the EINTR bit by default
- Removed from global_init since it isn't thread-safe. The symbol will
  still remain to not break compiles, it just won't have any effect going
  forward.

- make the internals NOT loop on EINTR (the opposite from previously).
  It only risks returning from the select/poll/wait functions early, and that
  should be risk-free.

Closes #4840
2020-01-26 18:27:18 +01:00
Peter Piekarski
34e6bc42b0
conn: do not reuse connection if SOCKS proxy credentials differ
Closes #4835
2020-01-24 17:00:58 +01:00
Daniel Stenberg
c0d7b05c41
llist: removed unused Curl_llist_move()
(and the corresponding unit test)

Closes #4842
2020-01-24 10:29:18 +01:00
Daniel Stenberg
7745000338
conncache: removed unused Curl_conncache_bundle_size() 2020-01-24 10:29:06 +01:00
Daniel Stenberg
ea284778f5
strcase: turn Curl_raw_tolower into static
Only ever used from within this file.
2020-01-24 10:29:06 +01:00
Daniel Stenberg
920af1a664
wolfssh: make it init properly via Curl_ssh_init()
Closes #4846
2020-01-24 10:27:31 +01:00
Daniel Stenberg
3ecdfb1958
openssl: make CURLINFO_CERTINFO not truncate x509v3 fields
Avoid "reparsing" the content and instead deliver more exactly what is
provided in the certificate and avoid truncating the data after 512
bytes as done previously. This no longer removes embedded newlines.

Fixes #4837
Reported-by: bnfp on github
Closes #4841
2020-01-23 09:25:52 +01:00
Daniel Stenberg
1ebc53df25
mk-ca-bundle: add support for CKA_NSS_SERVER_DISTRUST_AFTER
For now, no cert in the bundle actually sets a date there...

Co-Authored-by: Jay Satiro
Reported-by: Christian Heimes
Fixes #4834
Closes #4836
2020-01-22 10:41:31 +01:00
Pavel Volgarev
4a4609bf3c
smtp: Allow RCPT TO command to fail for some recipients
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.

Verified with the new tests 3002-3007

Closes #4816
2020-01-21 10:40:19 +01:00
Daniel Stenberg
23a17e039d
copyright: fix year ranges
follow-up from dea17b519d (one of these days I'll learn to check before
I push)
2020-01-21 10:34:44 +01:00
nao
dea17b519d
http: move "oauth_bearer" from connectdata to Curl_easy
Fixes the bug where oauth_bearer gets deallocated when we re-use a
connection.

Closes #4824
2020-01-21 10:32:43 +01:00
Daniel Stenberg
ff807c16d2
http.h: Copyright year out of date, should be 2020
Follow-up to 7ff9222ced
2020-01-20 08:37:40 +01:00
加藤郁之
7ff9222ced
HTTP: increase EXPECT_100_THRESHOLD to 1Mb
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html

Closes #4814
2020-01-20 08:33:44 +01:00
Daniel Stenberg
59c1caf7f6
wolfssl: use the wc-prefixed symbol alternatives
The symbols without wc_ prefix are not always provided.

Ref: https://github.com/wolfSSL/wolfssl/issues/2744

Closes #4827
2020-01-16 16:02:17 +01:00
Daniel Stenberg
6357a19ff2
polarssl: removed
As detailed in DEPRECATE.md, the polarssl support is now removed after
having been disabled for 6 months and nobody has missed it.

The threadlock files used by mbedtls are renamed to an 'mbedtls' prefix
instead of the former 'polarssl' and the common functions that
previously were shared between mbedtls and polarssl and contained the
name 'polarssl' have now all been renamed to instead say 'mbedtls'.

Closes #4825
2020-01-16 11:55:56 +01:00
Marcel Raad
6f69edf962
libssh2: fix variable type
This led to a conversion warning on 64-bit MinGW, which has 32-bit
`long` but 64-bit `size_t`.

Closes https://github.com/curl/curl/pull/4823
2020-01-16 10:03:59 +01:00
Daniel Stenberg
68403cdbc6
wolfssh: set the password correctly for PASSWORD auth 2020-01-15 22:10:39 +01:00
Daniel Stenberg
820775a29a
wolfssh: remove fprintf() calls (and uses of __func__) 2020-01-15 22:10:39 +01:00
Jay Satiro
16da8bcd71 schannel_verify: Fix alt names manual verify for UNICODE builds
Follow-up to 29e40a6 from two days ago, which added that feature for
Windows 7 and earlier. The bug only occurred in same.

Ref: https://github.com/curl/curl/pull/4761
2020-01-13 18:25:12 -05:00
Tobias Hieta
4ccf7622db
CMake: Add support for CMAKE_LTO option.
This enables Link Time Optimization. LTO is a proven technique for
optimizing across compilation units.

Closes #4799
2020-01-13 23:14:49 +01:00
Daniel Stenberg
9607532873
ConnectionExists: respect the max_concurrent_streams limits
A regression made the code use 'multiplexed' as a boolean instead of the
counter it is intended to be. This made curl try to "over-populate"
connections with new streams.

This regression came with 41fcdf71a1, shipped in curl 7.65.0.

Also, respect the CURLMOPT_MAX_CONCURRENT_STREAMS value in the same
check.

Reported-by: Kunal Ekawde
Fixes #4779
Closes #4784
2020-01-13 15:44:58 +01:00
Daniel Stenberg
6773c7ca65
wolfSSH: new SSH backend
Adds support for SFTP (not SCP) using WolfSSH.

Closes #4231
2020-01-12 17:19:12 +01:00
Daniel Stenberg
29babeafec
misc: Copyright year out of date, should be 2020
Follow-up to recent commits

[skip ci]
2020-01-12 16:55:50 +01:00
Santino Keupp
272282a054 libssh2: add support for forcing a hostkey type
- Allow forcing the host's key type found in the known_hosts file.

Currently, curl (with libssh2) does not take keys from your known_hosts
file into account when talking to a server. With this patch the
known_hosts file will be searched for an entry matching the hostname
and, if found, libssh2 will be told to claim this key type from the
server.

Closes https://github.com/curl/curl/pull/4747
2020-01-11 19:17:33 -05:00
Faizur Rahman
29e40a6d8a schannel: Make CURLOPT_CAINFO work better on Windows 7
- Support hostname verification via alternative names (SAN) in the
  peer certificate when CURLOPT_CAINFO is used in Windows 7 and earlier.

CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a
result CertGetNameString doesn't quite work on those versions of
Windows. This change provides an alternative solution for
CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier
versions of Windows.

Prior to this change many certificates failed the hostname validation
when CURLOPT_CAINFO was used in Windows 7 and earlier. Most certificates
now represent multiple hostnames and rely on the alternative names field
exclusively to represent their hostnames.

Reported-by: Jeroen Ooms

Fixes https://github.com/curl/curl/issues/3711
Closes https://github.com/curl/curl/pull/4761
2020-01-11 18:23:46 -05:00
Emil Engler
cbb5429001 ngtcp2: Add an error code for QUIC connection errors
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection
  errors.

Prior to this change CURLE_FAILED_INIT was used, but that was not
correct.

Closes https://github.com/curl/curl/pull/4754
2020-01-11 18:19:32 -05:00
Jay Satiro
b700662b1c multi: Change curl_multi_wait/poll to error on negative timeout
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when
  curl_multi_wait/poll is passed timeout param < 0.

Prior to this change passing a negative value to curl_multi_wait/poll
such as -1 could cause the function to wait forever.

Reported-by: hamstergene@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4763

Closes https://github.com/curl/curl/pull/4765
2020-01-11 18:16:28 -05:00
Marc Aldorasi
ea6d6205d9 cmake: Enable SMB for Windows builds
- Define USE_WIN32_CRYPTO by default. This enables SMB.

- Show whether SMB is enabled in the "Enabled features" output.

- Fix mingw compiler warning for call to CryptHashData by casting away
  const param. mingw CryptHashData prototype is wrong.

Closes https://github.com/curl/curl/pull/4717
2020-01-11 18:10:47 -05:00
Jay Satiro
c9c551f1f9 vtls: Refactor Curl_multissl_version to make the code clearer
Reported-by: Johannes Schindelin

Ref: https://github.com/curl/curl/pull/3863#pullrequestreview-241395121

Closes https://github.com/curl/curl/pull/4803
2020-01-11 17:50:33 -05:00
Daniel Stenberg
8bd14c871f
fix: Copyright year out of date, should be 2020
Follow-up to 875314ed0b
2020-01-10 22:39:04 +01:00
Marcel Raad
875314ed0b
hostip: move code to resolve IP address literals to Curl_resolv
The code was duplicated in the various resolver backends.

Also, it was called after the call to `Curl_ipvalid`, which matters in
case of `CURLRES_IPV4` when called from `connect.c:bindlocal`. This
caused test 1048 to fail on classic MinGW.

The code ignores `conn->ip_version` as done previously in the
individual resolver backends.

Move the call to the `resolver_start` callback up to appease test 655,
which wants it to be called also for literal addresses.

Closes https://github.com/curl/curl/pull/4798
2020-01-10 17:57:16 +01:00
Daniel Stenberg
9275c2be8c
multi.h: move INITIAL_MAX_CONCURRENT_STREAMS from public header
... to the private multihhandle.h. It is not for public use and it
wasn't prefixed correctly anyway!

Closes #4790
2020-01-06 19:53:38 +01:00
Daniel Stenberg
50e35ccfbb
file: fix copyright year range
Follow-up to 1b71bc532b
2020-01-06 10:12:02 +01:00
Daniel Stenberg
1b71bc532b
file: on Windows, refuse paths that start with \\
... as that might cause an unexpected SMB connection to a given host
name.

Reported-by: Fernando Muñoz
CVE-2019-15601
Bug: https://curl.haxx.se/docs/CVE-2019-15601.html
2020-01-06 10:05:37 +01:00
Marcel Raad
291ed52122
lib: fix compiler warnings with CURL_DISABLE_VERBOSE_STRINGS
Closes https://github.com/curl/curl/pull/4775
2020-01-03 17:02:30 +01:00
Michael Forney
9024b01387 bearssl: Improve I/O handling
Factor out common I/O loop as bearssl_run_until, which reads/writes TLS
records until the desired engine state is reached. This is now used for
the handshake, read, write, and close.

Match OpenSSL SSL_write behavior, and don't return the number of bytes
written until the corresponding records have been completely flushed
across the socket. This involves keeping track of the length of data
buffered into the TLS engine, and assumes that when CURLE_AGAIN is
returned, the write function will be called again with the same data
and length arguments. This is the same requirement of SSL_write.

Handle TLS close notify as EOF when reading by returning 0.

Closes https://github.com/curl/curl/pull/4748
2019-12-31 02:43:47 -05:00
Xiang Xiao
060fb84a5a lib: remove erroneous +x file permission on some c files
Modified by commit eb9a604 accidentally.

Closes https://github.com/curl/curl/pull/4756
2019-12-27 22:55:52 -05:00
Xiang Xiao
4b463992e5 lib: fix warnings found when porting to NuttX
- Undefine DEBUGASSERT in curl_setup_once.h in case it was already
  defined as a system macro.

- Don't compile write32_le in curl_endian unless
  CURL_SIZEOF_CURL_OFF_T > 4, since it's only used by Curl_write64_le.

- Include <arpa/inet.h> in socketpair.c.

Closes https://github.com/curl/curl/pull/4756
2019-12-27 22:52:31 -05:00
Jay Satiro
10121a417d ngtcp2: Support the latest update key callback type
- Remove our cb_update_key in favor of ngtcp2's new
  ngtcp2_crypto_update_key_cb which does the same thing.

Several days ago the ngtcp2_update_key callback function prototype was
changed in ngtcp2/ngtcp2@42ce09c. Though it would be possible to
fix up our cb_update_key for that change they also added
ngtcp2_crypto_update_key_cb which does the same thing so we'll use that
instead.

Ref: https://github.com/ngtcp2/ngtcp2/commit/42ce09c

Closes https://github.com/curl/curl/pull/4735
2019-12-20 00:34:58 -05:00
Daniel Stenberg
8c0807aa16
create_conn: prefer multiplexing to using new connections
... as it would previously prefer new connections rather than
multiplexing in most conditions! The (now removed) code was a leftover
from the Pipelining code that was translated wrongly into a
multiplex-only world.

Reported-by: Kunal Ekawde
Bug: https://curl.haxx.se/mail/lib-2019-12/0060.html
Closes #4732
2019-12-19 09:00:56 +01:00
Gisle Vanem
ac7b1fb10c strerror: Fix compiler warning "empty expression"
- Remove the final semi-colon in the SEC2TXT() macro definition.

Before:  #define SEC2TXT(sec) case sec: txt = #sec; break;

After:   #define SEC2TXT(sec) case sec: txt = #sec; break

Prior to this change SEC2TXT(foo); would generate break;; which caused
the empty expression warning.

Ref: https://github.com/curl/curl/commit/5b22e1a#r36458547
2019-12-18 14:10:23 -05:00
Daniel Stenberg
0caf1423e5
define: remove HAVE_ENGINE_LOAD_BUILTIN_ENGINES, not used anymore
It is covered by USE_OPENSSL_ENGINE now.

Reported-by: Gisle Vanem
Bug: 87b9337c8f (commitcomment-36447951)

Closes #4725
2019-12-17 07:58:46 +01:00
Daniel Stenberg
bdb5b6dd5b
lib: remove ASSIGNWITHINCONDITION exceptions, use our code style
... even for macros

Reviewed-by: Daniel Gustafsson
Reviewed-by: Jay Satiro
Reported-by: Jay Satiro
Fixes #4683
Closes #4722
2019-12-17 07:36:11 +01:00
Daniel Stenberg
31e637d224
Revert "checksrc: fix regexp for ASSIGNWITHINCONDITION"
This reverts commit ba82673dac.

Bug: #4683
2019-12-16 22:46:35 +01:00
Santino Keupp
1d2d3feb21
libssh2: add support for ECDSA and ed25519 knownhost keys
... if a new enough libssh2 version is present.

Source: https://curl.haxx.se/mail/archive-2019-12/0023.html
Co-Authored-by: Daniel Stenberg
Closes #4714
2019-12-15 23:03:39 +01:00
Daniel Stenberg
29ca9fc596
multi: free sockhash on OOM
This would otherwise leak memory in the error path.

Detected by torture test 1540.

Closes #4713
2019-12-13 22:46:46 +01:00
Marcel Raad
4457e08a7a
hostip: suppress compiler warning
With `--disable-doh --disable-threaded-resolver`, the `dns` parameter
is not used.

Closes https://github.com/curl/curl/pull/4692
2019-12-13 20:55:51 +01:00
Daniel Stenberg
68ffe6c17d
ntlm_wb: fix double-free in OOM
Detected by torture testing test 1310

Closes #4710
2019-12-13 13:01:01 +01:00
Daniel Stenberg
5dc56eb95d
altsvc: make the save function ignore NULL filenames
It might happen in OOM situations. Detected bv torture tests.

Closes #4707
2019-12-12 14:10:09 +01:00
Daniel Stenberg
4940bb8568
doh: make it behave when built without proxy support
Reported-by: Marcel Raad
Bug: https://github.com/curl/curl/pull/4692#issuecomment-564115734

Closes #4704
2019-12-12 09:26:08 +01:00
Daniel Stenberg
1d5c427d7f
conncache: CONNECT_ONLY connections assumed always in-use
This makes them never to be considered "the oldest" to be discarded when
reaching the connection cache limit. The reasoning here is that
CONNECT_ONLY is primarily used in combination with using the
connection's socket post connect and since that is used outside of
curl's knowledge we must assume that it is in use until explicitly
closed.

Reported-by: Pavel Pavlov
Reported-by: Pavel Löbl
Fixes #4426
Fixes #4369
Closes #4696
2019-12-11 09:25:56 +01:00
Gisle Vanem
2c0362ee04
vtls: make BearSSL possible to set with CURL_SSL_BACKEND
Ref: 9b879160df (commitcomment-36355622)

Closes #4698
2019-12-10 15:35:23 +01:00
Daniel Stenberg
c7bc689fc3
conn: always set bits.close with connclose()
Closes #4690
2019-12-09 17:17:42 +01:00
Daniel Stenberg
ee263de7a3
conncache: fix multi-thread use of shared connection cache
It could accidentally let the connection get used by more than one
thread, leading to double-free and more.

Reported-by: Christopher Reid
Fixes #4544
Closes #4557
2019-12-09 15:30:09 +01:00
Jay Satiro
689443bf42 lib: fix some loose ends for recently added CURLSSLOPT_NO_PARTIALCHAIN
Add support for CURLSSLOPT_NO_PARTIALCHAIN in CURLOPT_PROXY_SSL_OPTIONS
and OS400 package spec.

Also I added the option to the NameValue list in the tool even though it
isn't exposed as a command-line option (...yet?). (NameValue stringizes
the option name for the curl cmd -> libcurl source generator)

Follow-up to 564d88a which added CURLSSLOPT_NO_PARTIALCHAIN.

Ref: https://github.com/curl/curl/pull/4655
2019-12-05 19:17:31 -05:00
Jay Satiro
0edf75865a setopt: Fix ALPN / NPN user option when built without HTTP2
- Stop treating lack of HTTP2 as an unknown option error result for
  CURLOPT_SSL_ENABLE_ALPN and CURLOPT_SSL_ENABLE_NPN.

Prior to this change it was impossible to disable ALPN / NPN if libcurl
was built without HTTP2. Setting either option would result in
CURLE_UNKNOWN_OPTION and the respective internal option would not be
set. That was incorrect since ALPN and NPN are used independent of
HTTP2.

Reported-by: Shailesh Kapse

Fixes https://github.com/curl/curl/issues/4668
Closes https://github.com/curl/curl/pull/4672
2019-12-05 18:38:40 -05:00