1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 23:58:49 -05:00
Commit Graph

9250 Commits

Author SHA1 Message Date
Martin Kepplinger
fb67c977b9 url: declare get_protocol_family() static
get_protocol_family() is not defined static even though there is a
static local forward declaration. Let's simply make the definition match
it's declaration.

Bug: https://curl.haxx.se/mail/lib-2017-04/0127.html
2017-04-26 00:02:51 +02:00
Kamil Dudka
e3e8d0204b nss: load libnssckbi.so if no other trust is specified
The module contains a more comprehensive set of trust information than
supported by nss-pem, because libnssckbi.so also includes information
about distrusted certificates.

Reviewed-by: Kai Engert
Closes #1414
2017-04-25 13:24:24 +02:00
Kamil Dudka
fab3d1ec65 nss: factorize out nss_{un,}load_module to separate fncs
No change of behavior is intended by this commit.
2017-04-25 13:22:37 +02:00
Kamil Dudka
c8ea86f377 nss: do not leak PKCS #11 slot while loading a key
It could prevent nss-pem from being unloaded later on.

Bug: https://bugzilla.redhat.com/1444860
2017-04-25 13:22:33 +02:00
Daniel Stenberg
e698b82287 transfer: remove 'uploadbuf' pointer and cleanup readwrite_upload()
The data->req.uploadbuf struct member served no good purpose, instead we
use ->state.uploadbuffer directly. It makes it clearer in the code which
buffer that's being used.

Removed the 'SingleRequest *' argument from the readwrite_upload() proto
as it can be derived from the Curl_easy struct. Also made the code in
the readwrite_upload() function use the 'k->' shortcut to all references
to struct fields in 'data->req', which previously was made with a mix of
both.
2017-04-25 10:55:35 +02:00
Marcel Raad
93567071b7
if2ip: fix -Wcast-align warning
Follow-up to 119037325d, which fixed the
warning in the HAVE_GETIFADDRS block, but not in the
HAVE_IOCTL_SIOCGIFADDR block.
2017-04-25 09:19:59 +02:00
Kamil Dudka
c8ac0b6a7f nss: adapt to the new Curl_llist API
This commit fixes compilation failure caused by
cbae73e1dd.
2017-04-24 17:50:27 +02:00
Daniel Stenberg
d87bd46cbf llist: fix a comment after cbae73e1dd
Pointed-it-by: Kevin Ji
URL: cbae73e1dd (commitcomment-21872622)
2017-04-24 00:54:04 +02:00
Jay Satiro
6b39f9c87e schannel: Don't treat encrypted partial record as pending data
- Track when the cached encrypted data contains only a partial record
  that can't be decrypted without more data (SEC_E_INCOMPLETE_MESSAGE).

- Change Curl_schannel_data_pending to return false in such a case.

Other SSL libraries have pending data functions that behave similarly.

Ref: https://github.com/curl/curl/pull/1387

Closes https://github.com/curl/curl/pull/1392
2017-04-22 22:39:40 -04:00
Alan Jenkins
be299a4dba multi: clarify condition in curl_multi_wait
`if(nfds || extra_nfds) {` is followed by `malloc(nfds * ...)`.

If `extra_fs` could be non-zero when `nfds` was zero, then we have
`malloc(0)` which is allowed to return `NULL`. But, malloc returning
NULL can be confusing. In this code, the next line would treat the NULL
as an allocation failure.

It turns out, if `nfds` is zero then `extra_nfds` must also be zero.
The final value of `nfds` includes `extra_nfds`.  So the test for
`extra_nfds` is redundant.  It can only confuse the reader.

Closes #1439
2017-04-22 22:35:46 +02:00
Marcel Raad
4a8cf6c404
lib: fix maybe-uninitialized warnings
With -Og, GCC complains:

easy.c:628:7: error: ‘mcode’ may be used uninitialized in this function [-Werror=maybe-uninitialized]

../lib/strcase.h:35:29: error: ‘tok_buf’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
vauth/digest.c:208:9: note: ‘tok_buf’ was declared here

../lib/strcase.h:35:29: error: ‘tok_buf’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
vauth/digest.c:566:15: note: ‘tok_buf’ was declared here

Fix this by initializing the variables.
2017-04-22 22:12:37 +02:00
Dan Fandrich
f761da76f6 gnutls: removed some code when --disable-verbose is configured
This reduces the binary size and fixes a compile warning.
2017-04-22 12:20:25 +02:00
Daniel Stenberg
cbae73e1dd llist: no longer uses malloc
The 'list element' struct now has to be within the data that is being
added to the list. Removes 16.6% (tiny) mallocs from a simple HTTP
transfer. (96 => 80)

Also removed return codes since the llist functions can't fail now.

Test 1300 updated accordingly.

Closes #1435
2017-04-22 11:25:27 +02:00
Dan Fandrich
5f830eaba0 mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable
In that case, use libcurl's internal MD4 routine. This fixes tests 1013
and 1014 which were failing due to configure assuming NTLM and SMB were
always available whenever mbed TLS was in use (which is now true).
2017-04-21 22:42:14 +02:00
Daniel Stenberg
da2af5c04d openssl: fix memory leak in servercert
... when failing to get the server certificate.
2017-04-20 15:46:03 +02:00
Marcel Raad
a4ff8a1a0e
nss: fix MinGW compiler warnings
This fixes 3 warnings issued by MinGW:
1. PR_ImportTCPSocket actually has a paramter of type PROsfd instead of
PRInt32, which is 64 bits on Windows. Fixed this by including the
corresponding header file instead of redeclaring the function, which is
supported even though it is in the private include folder. [1]
2. In 64-bit mode, size_t is 64 bits while CK_ULONG is 32 bits, so an explicit
narrowing cast is needed.
3. Curl_timeleft returns time_t instead of long since commit
21aa32d30d.

[1] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR/Reference/PR_ImportTCPSocket

Closes https://github.com/curl/curl/pull/1393
2017-04-18 16:38:04 +02:00
Jay Satiro
33cfcfd9f0 TLS: Fix switching off SSL session id when client cert is used
Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl
will each have their own sessionid flag.

Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that
this issue had been fixed in 247d890, CVE-2016-5419.

Bug: https://github.com/curl/curl/issues/1341
Reported-by: lijian996@users.noreply.github.com

The new incarnation of this bug is called CVE-2017-7468 and is documented
here: https://curl.haxx.se/docs/adv_20170419.html
2017-04-18 07:56:34 +02:00
David Benjamin
997504ea50 openssl: don't try to print nonexistant peer private keys
X.509 certificates carry public keys, not private keys. Fields
corresponding to the private half of the key will always be NULL.

Closes #1425
2017-04-17 23:22:51 +02:00
David Benjamin
1c92b5b609 openssl: fix thread-safety bugs in error-handling
ERR_error_string with NULL parameter is not thread-safe. The library
writes the string into some static buffer. Two threads doing this at
once may clobber each other and run into problems. Switch to
ERR_error_string_n which avoids this problem and is explicitly
bounds-checked.

Also clean up some remnants of OpenSSL 0.9.5 around here. A number of
comments (fixed buffer size, explaining that ERR_error_string_n was
added in a particular version) date to when ossl_strerror tried to
support pre-ERR_error_string_n OpenSSLs.

Closes #1424
2017-04-17 23:20:30 +02:00
David Benjamin
47b2f89d7c openssl: make SSL_ERROR_to_str more future-proof
Rather than making assumptions about the values, use a switch-case.

Closes #1424
2017-04-17 23:20:22 +02:00
Daniel Gustafsson
aaa7e05c78 code: fix typos and style in comments
A few random typos, and minor whitespace cleanups, found in comments
while reading code.

Closes #1423
2017-04-17 23:17:50 +02:00
Marcel Raad
a0576e2f36
.gitattributes: force shell scripts to LF
Bash on Linux errors out on CR characters.
This makes tests 1221 and 1222 pass on Linux with a CRLF checkout.

Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
Closes https://github.com/curl/curl/pull/1422
2017-04-17 08:32:13 +02:00
Larry Stefani
1451271e08 http2: fix handle leak in error path
Add missing newhandle free call in push_promise().

Closes #1416
2017-04-15 23:37:30 +02:00
Larry Stefani
fc347820a2 mbedtls: fix memory leak in error path
Add missing our_ssl_sessionid free call in mbed_connect_step3().

Closes #1417
2017-04-15 23:29:25 +02:00
Daniel Stenberg
ab6d23278e Curl_expire_latest: ignore already expired timers
If the existing timer is still in there but has expired, the new timer
should be added.

Reported-by: Rainer Canavan
Bug: https://curl.haxx.se/mail/lib-2017-04/0030.html
Closes #1407
2017-04-11 16:53:33 +02:00
Marcel Raad
580da62d84
polarssl: unbreak build with versions < 1.3.8
ssl_session_init was only introduced in version 1.3.8, the penultimate
version. The function only contains a memset, so replace it with that.

Suggested-by: Jay Satiro
Fixes https://github.com/curl/curl/issues/1401
2017-04-11 12:56:57 +02:00
Marcel Raad
aa573c3c55
poll: prefer <poll.h> over <sys/poll.h>
The POSIX standard location is <poll.h>. Using <sys/poll.h> results in
warning spam when using the musl standard library.

Closes https://github.com/curl/curl/pull/1406
2017-04-11 08:31:38 +02:00
Alexis La Goutte
5ed16e6a7a openssl: fix this statement may fall through [-Wimplicit-fallthrough=]
Closes #1402
2017-04-10 14:21:49 +02:00
Kamil Dudka
d29e9de146 nss: load CA certificates even with --insecure
... because they may include an intermediate certificate for a client
certificate and the intermediate certificate needs to be presented to
the server, no matter if we verify the peer or not.

Reported-by: thraidh
Closes #851
2017-04-10 13:44:52 +02:00
Marcel Raad
45c78ad5b4
vtls: fix unreferenced variable warnings
... by moving the variables into the correct #ifdef block.
2017-04-08 13:40:41 +02:00
Marcel Raad
33ca733ee2
schannel: fix compiler warnings
When UNICODE is not defined, the Curl_convert_UTF8_to_tchar macro maps
directly to its argument. As it is declared as a pointer to const and
InitializeSecurityContext expects a pointer to non-const, both MSVC and MinGW
issue a warning about implicitly casting away the const. Fix this by declaring
the variables as pointers to non-const.

Closes https://github.com/curl/curl/pull/1394
2017-04-07 08:57:52 +02:00
Isaac Boukris
1f152a42ae
sspi: print out InitializeSecurityContext() error message
Reported-by: Carsten (talksinmath)

Fixes #1384
Closes #1395
2017-04-07 08:49:20 +02:00
Marcel Raad
aa2e9e9017
gtls: fix compiler warning
Curl_timeleft returns time_t instead of long since commit
21aa32d30d.
2017-04-06 19:34:44 +02:00
Daniel Stenberg
2d5711dc11 low_speed_limit: improved function for longer time periods
Previously, periods of fast speed between periods of slow speed would
not count and could still erroneously trigger a timeout.

Reported-by: Paul Harris
Fixes #1345
Closes #1390
2017-04-06 17:38:23 +02:00
Marcel Raad
c59fcdac90
nss: fix build after e60fe20fdf
Curl_llist_alloc is now Curl_llist_init.

Closes https://github.com/curl/curl/pull/1391
2017-04-06 12:52:13 +02:00
Dániel Bakai
de05bcb706 multi: fix queueing of pending easy handles
Multi handles repeatedly invert the queue of pending easy handles when
used with CURLMOPT_MAX_TOTAL_CONNECTIONS. This is caused by a multistep
process involving Curl_splaygetbest and violates the FIFO property of
the multi handle.
This patch fixes this issue by redefining the "best" node in the
context of timeouts as the "smallest not larger than now", and
implementing the necessary data structure modifications to do this
effectively, namely:
 - splay nodes with the same key are now stored in a doubly-linked
   circular list instead of a non-circular one to enable O(1)
   insertion to the tail of the list
 - Curl_splayinsert inserts nodes with the same key to the tail of
   the same list
 - in case of multiple nodes with the same key, the one on the head of
   the list gets selected
2017-04-04 23:37:18 +02:00
Martin Kepplinger
2d4413fefd curl_sasl: declare mechtable static
struct mechtable is only used locally here. It can be declared static.
2017-04-04 22:59:34 +02:00
Antti Hätälä
36e604fc78 url: don't free postponed data on connection reuse
- Don't free postponed data on a connection that will be reused since
  doing so can cause data loss when pipelining.

Only Windows builds are affected by this.

Closes https://github.com/curl/curl/issues/1380
2017-04-04 16:03:26 -04:00
Daniel Stenberg
4f2e348f9b hash: move key into hash struct to reduce mallocs
This removes one tiny malloc for each hash struct allocated. In a simple
case like "curl localhost", this save three mallocs.

Closes #1376
2017-04-04 15:37:37 +02:00
Daniel Stenberg
e60fe20fdf llist: replace Curl_llist_alloc with Curl_llist_init
No longer allocate the curl_llist head struct for lists separately.

Removes 17 (15%) tiny allocations in a normal "curl localhost" invoke.

closes #1381
2017-04-04 15:27:45 +02:00
Jay Satiro
a68ca63d73 easy: silence compiler warning
Safe to silence warning adding time delta of poll, which can trigger on
Windows since sizeof time_t > sizeof long.

warning C4244: '+=' : conversion from 'time_t' to 'long', possible loss
of data
2017-04-04 02:43:21 -04:00
Daniel Stenberg
9506d01ee5 include: curl/system.h is a run-time version of curlbuild.h
system.h is aimed to replace curlbuild.h at a later point in time when
we feel confident system.h works sufficiently well.

curl/system.h is currently used in parallel with curl/curlbuild.h

curl/system.h determines a data sizes, data types and include file
status based on available preprocessor defines instead of getting
generated at build-time. This, in order to avoid relying on a build-time
generated file that makes it complicated to do 32 and 64 bit bields from
the same installed set of headers.

Test 1541 verifies that system.h comes to the same conclusion that
curlbuild.h offers.

Closes #1373
2017-04-03 23:24:39 +02:00
Daniel Stenberg
5f1163517e multi: make curl_multi_wait avoid malloc in the typical case
When only a few additional file descriptors are used, avoid the malloc.

Closes #1377
2017-04-03 23:20:02 +02:00
Daniel Stenberg
76c21ed3fd telnet: (win32) fix read callback return variable
telnet.c(1427,21): warning: comparison of constant 268435456 with
expression of type 'CURLcode' is always false

telnet.c(1433,21): warning: comparison of constant 268435457 with
expression of type 'CURLcode' is always false

Reviewed-by: Jay Satiro
Reported-by: Gisle Vanem
Bug: https://github.com/curl/curl/issues/1225#issuecomment-290340890

Closes #1374
2017-04-01 00:14:05 +02:00
Daniel Stenberg
9bd7f004d0 libcurl.def: removed, unused 2017-03-31 00:09:11 +02:00
Marcel Raad
e358a626f8
ssh: fix narrowing conversion warning
'left' is used as time_t but declared as long.
MinGW complains:
error: conversion to 'long int' from 'time_t {aka long long int}' may alter
its value [-Werror=conversion]
Changed the declaration to time_t.
2017-03-30 18:45:28 +02:00
Marcel Raad
4a5b900cb1
http2: silence unused parameter warnings
In release mode, MinGW complains:
error: unused parameter 'lib_error_code' [-Werror=unused-parameter]
2017-03-30 18:13:20 +02:00
Marcel Raad
f104f7d914
schannel: fix unused variable warning
If CURL_DISABLE_VERBOSE_STRINGS is defined, hostname is not used in
schannel_connect_step3.
2017-03-30 10:35:46 +02:00
Marcel Raad
a8e523f086
connect: fix unreferenced parameter warning
When CURL_DISABLE_VERBOSE_STRINGS is defined, the reason parameter in
Curl_conncontrol is not used as the infof macro expands to nothing.
2017-03-30 10:14:34 +02:00
Marcel Raad
1b4b2c1a59
select: use correct SIZEOF_ constant
At least under Windows, there is no SIZEOF_LONG, so it evaluates to 0 even
though sizeof(int) == sizeof(long). This should probably have been
CURL_SIZEOF_LONG, but the type of timeout_ms changed from long to time_t
anyway.
This triggered MSVC warning C4668 about implicitly replacing undefined
macros with '0'.

Closes https://github.com/curl/curl/pull/1362
2017-03-30 08:49:30 +02:00