1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-11 03:55:03 -05:00
Commit Graph

25345 Commits

Author SHA1 Message Date
Santino Keupp
272282a054 libssh2: add support for forcing a hostkey type
- Allow forcing the host's key type found in the known_hosts file.

Currently, curl (with libssh2) does not take keys from your known_hosts
file into account when talking to a server. With this patch the
known_hosts file will be searched for an entry matching the hostname
and, if found, libssh2 will be told to claim this key type from the
server.

Closes https://github.com/curl/curl/pull/4747
2020-01-11 19:17:33 -05:00
nicoguillier
8792a59223 cmake: Improve libssh2 check on Windows
- Add "libssh2" name to FindLibSSH2 library search.

On Windows systems, libSSH2 CMake installation may name the library
"LibSSH2".

Prior to this change cmake only checked for name "ssh2". On Linux that
works fine because it will prepend the "lib", but it doesn't do that on
Windows.

Closes https://github.com/curl/curl/pull/4804
2020-01-11 18:53:32 -05:00
Faizur Rahman
29e40a6d8a schannel: Make CURLOPT_CAINFO work better on Windows 7
- Support hostname verification via alternative names (SAN) in the
  peer certificate when CURLOPT_CAINFO is used in Windows 7 and earlier.

CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a
result CertGetNameString doesn't quite work on those versions of
Windows. This change provides an alternative solution for
CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier
versions of Windows.

Prior to this change many certificates failed the hostname validation
when CURLOPT_CAINFO was used in Windows 7 and earlier. Most certificates
now represent multiple hostnames and rely on the alternative names field
exclusively to represent their hostnames.

Reported-by: Jeroen Ooms

Fixes https://github.com/curl/curl/issues/3711
Closes https://github.com/curl/curl/pull/4761
2020-01-11 18:23:46 -05:00
Emil Engler
cbb5429001 ngtcp2: Add an error code for QUIC connection errors
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection
  errors.

Prior to this change CURLE_FAILED_INIT was used, but that was not
correct.

Closes https://github.com/curl/curl/pull/4754
2020-01-11 18:19:32 -05:00
Jay Satiro
b700662b1c multi: Change curl_multi_wait/poll to error on negative timeout
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when
  curl_multi_wait/poll is passed timeout param < 0.

Prior to this change passing a negative value to curl_multi_wait/poll
such as -1 could cause the function to wait forever.

Reported-by: hamstergene@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4763

Closes https://github.com/curl/curl/pull/4765
2020-01-11 18:16:28 -05:00
Marc Aldorasi
ea6d6205d9 cmake: Enable SMB for Windows builds
- Define USE_WIN32_CRYPTO by default. This enables SMB.

- Show whether SMB is enabled in the "Enabled features" output.

- Fix mingw compiler warning for call to CryptHashData by casting away
  const param. mingw CryptHashData prototype is wrong.

Closes https://github.com/curl/curl/pull/4717
2020-01-11 18:10:47 -05:00
Jay Satiro
c9c551f1f9 vtls: Refactor Curl_multissl_version to make the code clearer
Reported-by: Johannes Schindelin

Ref: https://github.com/curl/curl/pull/3863#pullrequestreview-241395121

Closes https://github.com/curl/curl/pull/4803
2020-01-11 17:50:33 -05:00
Daniel Stenberg
8bd14c871f
fix: Copyright year out of date, should be 2020
Follow-up to 875314ed0b
2020-01-10 22:39:04 +01:00
Marcel Raad
875314ed0b
hostip: move code to resolve IP address literals to Curl_resolv
The code was duplicated in the various resolver backends.

Also, it was called after the call to `Curl_ipvalid`, which matters in
case of `CURLRES_IPV4` when called from `connect.c:bindlocal`. This
caused test 1048 to fail on classic MinGW.

The code ignores `conn->ip_version` as done previously in the
individual resolver backends.

Move the call to the `resolver_start` callback up to appease test 655,
which wants it to be called also for literal addresses.

Closes https://github.com/curl/curl/pull/4798
2020-01-10 17:57:16 +01:00
Daniel Stenberg
062eaa63b5
scripts/delta: adapt to new public header layout 2020-01-09 22:57:33 +01:00
Daniel Stenberg
fb723fd9d1
test1167: verify global symbols in public headers are curl prefixed
... using the new badsymbols.pl perl script

Fixes #4793
Closes #4794
2020-01-09 22:57:33 +01:00
Daniel Stenberg
5ebe5044ab
libtest/mk-lib1521: adapt to new public header layout 2020-01-09 22:57:33 +01:00
Daniel Stenberg
920deff861
include: remove non-curl prefixed defines
...requires some rearranging of the setup of CURLOPT_ and CURLMOPT_
enums.
2020-01-09 22:57:33 +01:00
Daniel Stenberg
1adebe7886
curl.h: remove WIN32 define
It isn't our job to define this in a public header - and it defines a
name outside of our naming scope.
2020-01-09 22:57:32 +01:00
Daniel Stenberg
f4d60b6f8f
tool_dirhie.c: fix the copyright year range
Follow-up to: 4027bd72d9
2020-01-09 22:49:29 +01:00
Daniel Stenberg
e858ae9428
bump: work towards 7.69.0 is started 2020-01-09 22:42:18 +01:00
Jay Satiro
4027bd72d9 tool_dirhie: Allow directory traversal during creation
- When creating a directory hierarchy do not error when mkdir fails due
  to error EACCESS (13) "access denied".

Some file systems allow for directory traversal; in this case that it
should be possible to create child directories when permission to the
parent directory is restricted.

This is a regression caused by me in f16bed0 (precedes curl-7_61_1).
Basically I had assumed that if a directory already existed it would
fail only with error EEXIST, and not error EACCES. The latter may
happen if the directory exists but has certain restricted permissions.

Reported-by: mbeifuss@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4796
Closes https://github.com/curl/curl/pull/4797
2020-01-09 14:24:53 -05:00
Daniel Stenberg
446665606c
KNOWN_BUGS: AUTH PLAIN for SMTP is not working on all servers
Closes #4080
2020-01-09 16:19:34 +01:00
Daniel Stenberg
3b75084ce6
docs/RELEASE-PROCEDURE.md: pushed some release dates
Ref: https://curl.haxx.se/mail/lib-2020-01/0031.html
2020-01-09 09:31:52 +01:00
Daniel Stenberg
a7d4693a48
runtests: make random seed fixed for a month
When using randomized features of runtests (-R and --shallow) it is
useful to have a fixed random seed to make sure for example extra
commits in a branch or a rebase won't change the seed that would make
repeated runs work differently.

As it is also useful to change seed sometimes, the default seed is now
determined based on the current month (and first line curl -V
output). When the month changes, so will the random seed.

The specific seed is also shown in the standard test suite top header
and it can be set explictly with the new --seed=[num] option so that the
exact order of a previous run can be achieved.

Closes #4734
2020-01-09 09:12:05 +01:00
Daniel Stenberg
5059f5552f
RELEASE-PROCEDURE.md: fix next release date (Feb 26)
[skip ci]
2020-01-08 09:47:37 +01:00
Daniel Stenberg
2cfac302fb
RELEASE-NOTES: 7.68.0 2020-01-08 07:31:10 +01:00
Daniel Stenberg
72e304c779
THANKS: updated with names from the 7.68.0 release 2020-01-07 15:17:33 +01:00
Daniel Stenberg
f147c69472
RELEASE-PROCEDURE: add four future release dates
and remove four past release dates

[skip ci]
2020-01-07 15:17:17 +01:00
Marcel Raad
8cf875ed3b
TrackMemory tests: always remove CR before LF
It was removed for output containing ' =' via `s/ =.*//`. With classic
MinGW, this made lines with `free()` end with CRLF, but lines with e.g.
`malloc()` end with only LF. The tests expect LF only.

Closes https://github.com/curl/curl/pull/4788
2020-01-06 20:56:27 +01:00
Daniel Stenberg
9275c2be8c
multi.h: move INITIAL_MAX_CONCURRENT_STREAMS from public header
... to the private multihhandle.h. It is not for public use and it
wasn't prefixed correctly anyway!

Closes #4790
2020-01-06 19:53:38 +01:00
Daniel Stenberg
50e35ccfbb
file: fix copyright year range
Follow-up to 1b71bc532b
2020-01-06 10:12:02 +01:00
Daniel Stenberg
4c34af4c99
curl -w: handle a blank input file correctly
Previously it would end up with an uninitialized memory buffer that
would lead to a crash or junk getting output.

Added test 1271 to verify.

Reported-by: Brian Carpenter
Closes #4786
2020-01-06 10:10:48 +01:00
Daniel Stenberg
1b71bc532b
file: on Windows, refuse paths that start with \\
... as that might cause an unexpected SMB connection to a given host
name.

Reported-by: Fernando Muñoz
CVE-2019-15601
Bug: https://curl.haxx.se/docs/CVE-2019-15601.html
2020-01-06 10:05:37 +01:00
Jay Satiro
aeb32d059b CURLOPT_READFUNCTION.3: fix fopen params in example 2020-01-06 03:09:53 -05:00
Jay Satiro
e9dd17b754 CURLOPT_READFUNCTION.3: fix variable name in example
Reported-by: Paul Joyce

Fixes https://github.com/curl/curl/issues/4787
2020-01-06 03:01:33 -05:00
Daniel Stenberg
459d0db45b
curl:getparameter return error for --http3 if libcurl doesn't support
Closes #4785
2020-01-05 21:24:17 +01:00
Daniel Stenberg
2150c4b5d3
docs: mention CURL_MAX_INPUT_LENGTH restrictions
... for curl_easy_setopt() and curl_url_set().

[skip ci]

Closes #4783
2020-01-05 17:06:47 +01:00
Daniel Stenberg
392bff4abf
curl: properly free mimepost data
... as it could otherwise leak memory when a transfer failed.

Added test 1293 to verify.

Reported-by: Brian Carpenter
Fixes #4781
Closes #4782
2020-01-04 23:06:44 +01:00
Daniel Stenberg
271ec6b9b6
curl: cleanup multi handle on failure
... to fix memory leak in error path.

Fixes #4772
Closes #4780
Reported-by: Brian Carpenter
2020-01-04 23:05:21 +01:00
Marcel Raad
291ed52122
lib: fix compiler warnings with CURL_DISABLE_VERBOSE_STRINGS
Closes https://github.com/curl/curl/pull/4775
2020-01-03 17:02:30 +01:00
Daniel Stenberg
e24ea706fb
COPYING: it's 2020!
[skip ci]
2020-01-03 15:12:46 +01:00
Marc Aldorasi
be83fe11bf tests: Fix bounce requests with truncated writes
Prior to this change the swsbounce check in service_connection could
fail because prevtestno and prevpartno were not set, which would cause
the wrong response data to be sent to some tests and cause them to fail.

Ref: https://github.com/curl/curl/pull/4717#issuecomment-570240785
2020-01-03 01:45:04 -05:00
Marcel Raad
a8d13336b5
tool: make a few char pointers point to const char instead
These are read-only.

Closes https://github.com/curl/curl/pull/4771
2019-12-31 22:18:56 +01:00
Jay Satiro
9603c8299f tests: Change NTLM tests to require SSL
Prior to this change tests that required NTLM feature did not require
SSL feature.

There are pending changes to cmake builds that will allow enabling NTLM
in non-SSL builds in Windows. In that case the NTLM auth strings created
are different from what is expected by the NTLM tests and they fail:

"The issue with NTLM is that previous non-SSL builds would not enable
NTLM and so the NTLM tests would be skipped."

Assisted-by: marc-groundctl@users.noreply.github.com

Ref: https://github.com/curl/curl/pull/4717#issuecomment-566218729

Closes https://github.com/curl/curl/pull/4768
2019-12-31 02:47:53 -05:00
Michael Forney
9024b01387 bearssl: Improve I/O handling
Factor out common I/O loop as bearssl_run_until, which reads/writes TLS
records until the desired engine state is reached. This is now used for
the handshake, read, write, and close.

Match OpenSSL SSL_write behavior, and don't return the number of bytes
written until the corresponding records have been completely flushed
across the socket. This involves keeping track of the length of data
buffered into the TLS engine, and assumes that when CURLE_AGAIN is
returned, the write function will be called again with the same data
and length arguments. This is the same requirement of SSL_write.

Handle TLS close notify as EOF when reading by returning 0.

Closes https://github.com/curl/curl/pull/4748
2019-12-31 02:43:47 -05:00
Jay Satiro
9434864770 travis: Fix error detection
- Stop using inline shell scripts for before_script and script sections.

Prior to this change Travis could ignore errors from commands in inline
scripts. I don't understand how or why it happens. This is a workaround.

Assisted-by: Simon Warta

Ref: https://github.com/travis-ci/travis-ci/issues/1066

Fixes https://github.com/curl/curl/issues/3730
Closes https://github.com/curl/curl/pull/3755
2019-12-31 02:38:18 -05:00
Jay Satiro
249f7b37e6 tool_operate: fix mem leak when failed config parse
Found by fuzzing the config file.

Reported-by: Geeknik Labs

Fixes https://github.com/curl/curl/issues/4767
2019-12-29 14:18:48 -05:00
Xiang Xiao
060fb84a5a lib: remove erroneous +x file permission on some c files
Modified by commit eb9a604 accidentally.

Closes https://github.com/curl/curl/pull/4756
2019-12-27 22:55:52 -05:00
Xiang Xiao
4b463992e5 lib: fix warnings found when porting to NuttX
- Undefine DEBUGASSERT in curl_setup_once.h in case it was already
  defined as a system macro.

- Don't compile write32_le in curl_endian unless
  CURL_SIZEOF_CURL_OFF_T > 4, since it's only used by Curl_write64_le.

- Include <arpa/inet.h> in socketpair.c.

Closes https://github.com/curl/curl/pull/4756
2019-12-27 22:52:31 -05:00
Jay Satiro
779b415a2a os400: Add missing CURLE error constants
Bug: https://github.com/curl/curl/pull/4754#issuecomment-569126922
Reported-by: Emil Engler
2019-12-26 16:20:11 -05:00
Jay Satiro
97934a2f71 CURLOPT_HEADERFUNCTION.3: Document that size is always 1
For compatibility with `fwrite`, the `CURLOPT_HEADERFUNCTION` callback
is passed two `size_t` parameters which, when multiplied, designate the
number of bytes of data passed in. In practice, CURL always sets the
first parameter (`size`) to 1.

This practice is also enshrined in documentation and cannot be changed
in future. The documentation states that the default callback is
`fwrite`, which means `fwrite` must be a suitable function for this
purpose. However, the documentation also states that the callback must
return the number of *bytes* it successfully handled, whereas ISO C
`fwrite` returns the number of items (each of size `size`) which it
wrote. The only way these numbers can be equal is if `size` is 1.

Since `size` is 1 and can never be changed in future anyway, document
that fact explicitly and let users rely on it.

Reported-by: Frank Gevaerts
Commit-message-by: Christopher Head

Ref: https://github.com/curl/curl/pull/2787

Fixes https://github.com/curl/curl/issues/4758
2019-12-26 02:26:08 -05:00
Jay Satiro
68da0b8b86 examples/postinmemory.c: Call curl_global_cleanup always
Prior to this change curl_global_cleanup was not called if
curl_easy_init failed.

Reported-by: kouzhudong@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4751
2019-12-24 01:06:47 -05:00
Daniel Stenberg
4c2f5d52ba
url2file.c: fix copyright year
Follow-up to 5257872695
2019-12-21 18:18:12 +01:00
Rickard Hallerbäck
5257872695
examples/url2file.c: corrected a comment
The comment was confusing and suggested that setting CURLOPT_NOPROGRESS
to 0L would both enable and disable debug output at the same time, like
a Schrödinger's cat of CURLOPTs.

Closes #4745
2019-12-20 11:05:38 +01:00