1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 17:48:48 -05:00
Commit Graph

25909 Commits

Author SHA1 Message Date
Daniel Stenberg
ff1c37cbe3
url: make sure pushed streams get an allocated download buffer
Follow-up to c4e6968127

When a new transfer is created, as a resuly of an acknowledged push,
that transfer needs a download buffer allocated.

Closes #5590
2020-06-23 15:13:27 +02:00
Jay Satiro
abbc5d6044 openssl: Don't ignore CA paths when using Windows CA store
This commit changes the behavior of CURLSSLOPT_NATIVE_CA so that it does
not override CURLOPT_CAINFO / CURLOPT_CAPATH, or the hardcoded default
locations. Instead the CA store can now be used at the same time.

The change is due to the impending release. The issue is still being
discussed. The behavior of CURLSSLOPT_NATIVE_CA is subject to change and
is now documented as experimental.

Ref: bc052cc (parent commit)
Ref: https://github.com/curl/curl/issues/5585
2020-06-22 15:31:38 -04:00
Jay Satiro
bc052cc878 tool_operate: Don't use Windows CA store as a fallback
Background:

148534d added CURLSSLOPT_NATIVE_CA to use the Windows OS certificate
store in libcurl w/ OpenSSL on Windows. CURLSSLOPT_NATIVE_CA overrides
CURLOPT_CAINFO if both are set. The curl tool will fall back to
CURLSSLOPT_NATIVE_CA if it could not find a certificate bundle to set
via CURLOPT_CAINFO.

Problem:

libcurl may be built with hardcoded paths to a certificate bundle or
directory, and if CURLSSLOPT_NATIVE_CA is used then those paths are
ignored.

Solution:

A solution is still being discussed but since there's an impending
release this commit removes using CURLSSLOPT_NATIVE_CA in the curl tool.

Ref: https://github.com/curl/curl/issues/5585
2020-06-22 15:26:07 -04:00
Jay Satiro
c9c31b9245 openssl: Fix CA fallback logic for OpenSSL 3.0 build
Prior to this change I assume a build error would occur when
CURL_CA_FALLBACK was used.

Closes https://github.com/curl/curl/pull/5587
2020-06-22 12:24:57 -04:00
Daniel Stenberg
0f55269aff
copyright: update mismatched copyright years 2020-06-22 11:55:34 +02:00
Daniel Stenberg
5bf653464f
test1460: verify that -Ji is not ok 2020-06-22 00:50:08 +02:00
Daniel Stenberg
8236aba585
tool_getparam: -i is not OK if -J is used
Reported-by: sn on hackerone
Bug: https://curl.haxx.se/docs/CVE-2020-8177.html
2020-06-22 00:49:58 +02:00
Peter Wu
26d2755d7c
CMake: ignore INTERFACE_LIBRARY targets for pkg-config file
Reviewed-by: Marcel Raad
Fixes #5512
Closes #5517
2020-06-21 19:37:28 +02:00
Valentyn Korniienko
e39a6e2cea
multibyte: Fixed access-> waccess to file for Windows Plarform
Reviewed-by: Marcel Raad
Closes #5580
2020-06-21 19:31:39 +02:00
Daniel Stenberg
3f84b3e39a
altsvc: bump to h3-29
Closes #5584
2020-06-19 23:29:26 +02:00
Daniel Stenberg
fa4fbc533f
urlglob: treat literal IPv6 addresses with zone IDs as a host name
... and not as a "glob". Now done by passing the supposed host to the
URL parser which supposedly will do a better job at identifying "real"
numerical IPv6 addresses.

Reported-by: puckipedia on github
Fixes #5576
Closes #5579
2020-06-18 16:43:06 +02:00
Daniel Stenberg
c888e3f6ce
test1179: verify error message for non-existing cmdline option 2020-06-18 13:59:49 +02:00
Daniel Stenberg
ada7bd1191
tool_getparam: repair the error message for unknown flag
Follow-up to 9e5669f388
Detected by Coverity CID 1464582 ("Logically dead code")

Closes #5577
2020-06-18 13:59:42 +02:00
Daniel Stenberg
185890d5d7
FILEFORMAT: describe verify/stderr 2020-06-18 09:50:43 +02:00
Daniel Stenberg
dc90f51065
connect: improve happy eyeballs handling
For QUIC but also for regular TCP when the second family runs out of IPs
with a failure while the first family is still trying to connect.

Separated the timeout handling for IPv4 and IPv6 connections when they
both have a number of addresses to iterate over.
2020-06-18 00:20:42 +02:00
Daniel Stenberg
325866fd6f
ngtcp2: never call fprintf() in lib code in release version 2020-06-18 00:20:42 +02:00
Daniel Stenberg
b6af4c2336
ngtcp2: fix happy eyeballs quic connect crash
Reported-by: Peter Wu
Fixes #5565
Closes #5568
2020-06-18 00:20:42 +02:00
Daniel Stenberg
3bf18cdadd
select: remove the unused ELAPSED_MS() macro
Closes #5573
2020-06-18 00:11:25 +02:00
rcombs
8bc25c590e
multi: implement wait using winsock events
This avoids using a pair of TCP ports to provide wakeup functionality
for every multi instance on Windows, where socketpair() is emulated
using a TCP socket on loopback which could in turn lead to socket
resource exhaustion.

Reviewed-by: Gergely Nagy
Reviewed-by: Marc Hörsken

Closes #5397
2020-06-17 07:18:08 +02:00
Daniel Stenberg
477a4e31d7
manpage: add three missing environment variables
CURL_SSL_BACKEND, QLOGDIR and SSLKEYLOGFILE

Closes #5571
2020-06-17 00:03:07 +02:00
Daniel Stenberg
83503c7240
RELEASE-NOTES: synced 2020-06-16 09:30:35 +02:00
Daniel Stenberg
774eff9fcd
configure: for wolfSSL, check for the DES func needed for NTLM
Also adds pkg-config support for the wolfSSL detection.
2020-06-16 09:06:53 +02:00
Ruurd Beerstra
d80d419d3e
ntlm: enable NTLM support with wolfSSL
When wolfSSL is built with its OpenSSL API layer, it fetures the same DES*
functions that OpenSSL has. This change take advantage of that.

Co-authored-by: Daniel Stenberg
Closes #5556
Fixes #5548
2020-06-16 09:06:19 +02:00
Daniel Stenberg
e15e51384a
http: move header storage to Curl_easy from connectdata
Since the connection can be used by many independent requests (using
HTTP/2 or HTTP/3), things like user-agent and other transfer-specific
data MUST NOT be kept connection oriented as it could lead to requests
getting the wrong string for their requests. This struct data was
lingering like this due to old HTTP1 legacy thinking where it didn't
mattered..

Fixes #5566
Closes #5567
2020-06-15 22:56:25 +02:00
Daniel Stenberg
350a99b21f
CODE_REVIEW.md: how to do code reviews in curl
Assisted-by: Daniel Gustafsson
Assisted-by: Rich Salz
Assisted-by: Hugo van Kemenade
Assisted-by: James Fuller
Assisted-by: Marc Hörsken
Assisted-by: Jay Satiro

Closes #5555
2020-06-13 22:16:58 +02:00
Daniel Stenberg
b88bdedf9c
altsvc: remove the num field from the altsvc struct
It was superfluous since we have the list.size alredy

Reported-by: Jay Satiro
Fixes #5553
Closes #5563
2020-06-12 23:24:11 +02:00
Daniel Stenberg
17f2dcf6b2
version.d: expanded and alpha-sorted
Added a few missing features not previously mentioned. Ordered them
alphabetically.

Closes #5558
2020-06-12 17:08:27 +02:00
Daniel Stenberg
2a0269589a
ABI.md: rename to .md and polish the markdown
Closes #5562
2020-06-12 17:05:21 +02:00
Daniel Stenberg
bc392074d2
HELP-US: add a section for "smaller tasks"
The point of this section is to meet the CII Best Practices gold level
critera:

 "The project MUST clearly identify small tasks that can be performed by
  new or casual contributors"

Closes #5560
2020-06-12 15:22:58 +02:00
Daniel Stenberg
95f2732e75
TODO: retry on the redirected-to URL
Closes #5462
2020-06-12 14:43:27 +02:00
Daniel Stenberg
ac91b0dd71
mailmap: Nicolas Sterchele 2020-06-12 13:41:52 +02:00
Sterchele Nicolas
d5bf9f94e2
TODO: remove 19.3 section title
Follow-up to ad64169867, which caused wrong formatting on
curl documentation website

Closes #5561
2020-06-12 13:36:15 +02:00
Martin V
b71628b633
test1560: avoid possibly negative association in wording
Closes #5549
2020-06-12 10:01:57 +02:00
Daniel Stenberg
8b4e796775
share: don't set the share flag it something fails
When asking for a specific feature to be shared in the share object,
that bit was previously set unconditionally even if the shared feature
failed or otherwise wouldn't work.

Closes #5554
2020-06-12 09:42:52 +02:00
Daniel Stenberg
38d4abf510
buildconf: remove -print from the find command that removes files
It's just too annoying and unnecessary to get a long list of files shown
2020-06-10 23:40:00 +02:00
Daniel Stenberg
b304ba4c52
RELEASE-NOTES: synced 2020-06-10 09:38:54 +02:00
Daniel Stenberg
eab2f95c0d
wording: avoid blacklist/whitelist stereotypes
Instead of discussing if there's value or meaning (implied or not) in
the colors, let's use words without the same possibly negative
associations.

Closes #5546
2020-06-10 08:49:17 +02:00
Jay Satiro
f54b6c4bc2 tool_getparam: fix memory leak in parse_args
Prior to this change in Windows Unicode builds most parsed options would
not be freed.

Found using _CrtDumpMemoryLeaks().

Ref: https://github.com/curl/curl/issues/5545
2020-06-09 11:49:44 -04:00
Daniel Stenberg
2a41e23671
socks: detect connection close during handshake
The SOCKS4/5 state machines weren't properly terminated when the proxy
connection got closed, leading to a busy-loop.

Reported-By: zloi-user on github
Fixes #5532
Closes #5542
2020-06-08 23:19:36 +02:00
xquery
0a35580e21
multi: add defensive check on data->multi->num_alive
Closes #5540
2020-06-08 16:14:07 +02:00
Daniel Stenberg
54d3769761
Curl_addrinfo: use one malloc instead of three
To reduce the amount of allocations needed for creating a Curl_addrinfo
struct, make a single larger malloc instead of three separate smaller
ones.

Closes #5533
2020-06-08 16:10:53 +02:00
Alessandro Ghedini
5277775462
quiche: update SSLKEYLOGFILE support
quiche now requires the application to explicitly set the keylog path
for each connection, rather than reading the environment variable
itself.

Closes #5541
2020-06-08 16:09:49 +02:00
Daniel Stenberg
876e66412a
tests: add two simple tests for --login-options
Test 895 and 896 - as a follow-up to a3e972313b

Closes #5539
2020-06-08 12:55:31 +02:00
Daniel Stenberg
99e09d9046
ngtcp2: update with recent API changes
Syncs with ngtcp2 commit 7e9a917d386d98 merged June 7 2020.

Assisted-by: Tatsuhiro Tsujikawa
Closes #5538
2020-06-08 11:11:00 +02:00
xquery
b950120b2d
socks: remove unreachable breaks in socks.c and mime.c
Closes #5537
2020-06-08 11:04:44 +02:00
Daniel Stenberg
a3e972313b
tool_cfgable: free login_options at exit
Memory leak
Reported-by: Geeknik Labs
Fixes #5535
Closes #5536
2020-06-08 08:41:11 +02:00
Daniel Stenberg
7370b4e39f
libssh2: keep sftp errors as 'unsigned long'
Remove weird work-around for storing the SFTP errors as int instead of
the "unsigned long" that libssh2 actually returns for SFTP errors.

Closes #5534
2020-06-08 08:38:48 +02:00
Marc Hoersken
3186f50054
timeouts: move ms timeouts to timediff_t from int and long
Now that all functions in select.[ch] take timediff_t instead
of the limited int or long, we can remove type conversions
and related preprocessor checks to silence compiler warnings.

Avoiding conversions from time_t was already done in 842f73de.

Based upon #5262
Supersedes #5214, #5220 and #5221
Follow up to #5343 and #5479
Closes #5490
2020-06-06 20:05:58 +02:00
François Rigault
e2de2d5397
openssl: set FLAG_TRUSTED_FIRST unconditionally
On some systems, openssl 1.0.x is still the default, but it has been
patched to contain all the recent security fixes. As a result of this
patching, it is possible for macro X509_V_FLAG_NO_ALT_CHAINS to be
defined, while the previous behavior of openssl to not look at trusted
chains first, remains.

Fix it: ensure X509_V_FLAG_TRUSTED_FIRST is always set, do not try to
probe for the behavior of openssl based on the existence ofmacros.

Closes #5530
2020-06-06 18:01:24 +02:00
Daniel Stenberg
2705830f2f
server/util: fix logmsg format using curl_off_t argument
... this caused segfaults on armv7.

Regression added in dd0365d560 (7.70.0)

Reviewed-by: Jay Satiro
Closes #5529
2020-06-06 13:25:56 +02:00