Commit Graph

41 Commits

Author SHA1 Message Date
Viktor Szakats
8c0336cf5d
Makefile.m32: rename -winssl option to -schannel and tidy up
- accept `-schannel` as an alternative to `CFG` option `-winssl`
  (latter still accepted, but deprecated)
- rename internal variable `WINSSL` to `SCHANNEL`
- make the `CFG` option evaluation shorter, without repeating the option
  name

Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes #8053
2021-11-25 17:36:38 +00:00
Viktor Szakats
13bbf81c59
Makefile.m32: fix to not require OpenSSL with -libssh2 or -rtmp options
Previously, -libssh2/-rtmp options assumed that OpenSSL is also enabled
(and then failed with an error when not finding expected OpenSSL headers),
but this isn't necessarly true, e.g. when building both libssh2 and curl
against Schannel. This patch makes sure to only enable the OpenSSL backend
with -libssh2/-rtmp, when there was no SSL option explicitly selected.

- Re-implement the logic as a single block of script.
- Also fix an indentation while there.

Assisted-by: Jay Satiro

Closes #7895
2021-10-25 19:10:55 +00:00
Daniel Stenberg
265b14d6b3
metalink: remove
Warning: this will make existing curl command lines that use metalink to
stop working.

Reasons for removal:

1. We've found several security problems and issues involving the
   metalink support in curl. The issues are not detailed here. When
   working on those, it become apparent to the team that several of the
   problems are due to the system design, metalink library API and what
   the metalink RFC says. They are very hard to fix on the curl side
   only.

2. The metalink usage with curl was only very briefly documented and was
   not following the "normal" curl usage pattern in several ways, making
   it surprising and non-intuitive which could lead to further security
   issues.

3. The metalink library was last updated 6 years ago and wasn't so
   active the years before that either. An unmaintained library means
   there's a security problem waiting to happen. This is probably reason
   enough.

4. Metalink requires an XML parsing library, which is complex code (even
   the smaller alternatives) and to this day often gets security
   updates.

5. Metalink is not a widely used curl feature. In the 2020 curl user
   survey, only 1.4% of the responders said that they'd are using it. In
   2021 that number was 1.2%. Searching the web also show very few
   traces of it being used, even with other tools.

6. The torrent format and associated technology clearly won for
   downloading large files from multiple sources in parallel.

Cloes #7176
2021-06-07 08:14:25 +02:00
Daniel Stenberg
85e6975643
copyright: update copyright year ranges to 2021
Reviewed-by: Emil Engler
Closes #6802
2021-03-27 23:00:14 +01:00
Viktor Szakats
2dfe3d7093
Makefile.m32: add support for libgsasl dependency
Reviewed-by: Marcel Raad
Closes #6586
2021-02-10 18:48:29 +00:00
Daniel Stenberg
4d2f800677
curl.se: new home
Closes #6172
2020-11-04 23:59:47 +01:00
Viktor Szakats
769c9a4eec
Makefile.m32: add support for HTTP/3 via ngtcp2+nghttp3
Approved-by: Daniel Stenberg
Closes #6092
2020-10-16 07:15:19 +00:00
Viktor Szakats
38039da764
Makefile.m32: add ability to override zstd libs [ci skip]
Similarly to brotli, where this was already possible.
E.g. it allows to link zstd statically to libcurl.dll.

Ref: https://github.com/curl/curl-for-win/issues/12
Ref: d9b266afd2

Closes https://github.com/curl/curl/pull/5840
2020-08-22 21:08:28 +00:00
Gilles Vollant
e13357b14b
content_encoding: add zstd decoding support
include zstd curl patch for Makefile.m32 from vszakats
and include Add CMake support for zstd from Peter Wu

Helped-by: Viktor Szakats
Helped-by: Peter Wu
Closes #5453
2020-07-12 18:11:37 +02:00
Daniel Stenberg
9a8b3b3e13
copyright: fix out-of-date copyright ranges and missing headers
Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.

Removed three (mostly usesless) README files from docs/

Closes #5141
2020-03-24 15:05:59 +01:00
Jay Satiro
67f3f6cff1 Makefile.m32: Improve windres parameter compatibility
- s/COFF/coff/

Some versions of windres do not recognize uppercase COFF as a valid
way to specify the COFF output format.

Reported-by: Steven Penny

Fixes https://github.com/curl/curl/issues/5099
Closes https://github.com/curl/curl/pull/5101
2020-03-14 19:08:17 -04:00
Viktor Szakats
c42849bb48 examples/Makefile.m32: sync with core [ci skip]
also:
- fix two warnings in synctime.c (one of them Windows-specific)
- upgrade URLs in synctime.c and remove a broken one

Closes https://github.com/curl/curl/pull/3033
2018-09-22 21:44:36 +00:00
Marcel Raad
ce2cc568f8
Makefile.m32: enable -W for MinGW32 build
The configure-based build also has this in addition to -Wall.

Closes https://github.com/curl/curl/pull/1578
2017-06-16 22:32:22 +02:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Viktor Szakats
9ee40ce2ab build: refer to fixed libidn versions
closes #371
2015-08-10 23:20:18 +02:00
Viktor Szakats
3d38a38012 build: bump version in default nghttp2 paths 2015-05-19 07:42:16 +02:00
Viktor Szakats
6a61285909 build: update depedency versions, urls, example makefiles
- update default versions of dependencies (except for rare/old platforms)
- update urls
- sync examples makefiles with main ones
- remove line ending space
2015-04-30 08:29:00 +02:00
Guenter Knauf
ccfa139c71 build: updated dependencies in makefiles. 2014-12-05 14:54:25 +01:00
David Woodhouse
9ad282b1ae Remove all traces of FBOpenSSL SPNEGO support
This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which
allows client and server to negotiate the underlying mechanism which will
actually be used to authenticate. This is *often* Kerberos, and can also
be NTLM and other things. And to complicate matters, there are various
different OIDs which can be used to specify the Kerberos mechanism too.

A SPNEGO exchange will identify *which* GSSAPI mechanism is being used,
and will exchange GSSAPI tokens which are appropriate for that mechanism.

But this SPNEGO implementation just strips the incoming SPNEGO packet
and extracts the token, if any. And completely discards the information
about *which* mechanism is being used. Then we *assume* it was Kerberos,
and feed the token into gss_init_sec_context() with the default
mechanism (GSS_S_NO_OID for the mech_type argument).

Furthermore... broken as this code is, it was never even *used* for input
tokens anyway, because higher layers of curl would just bail out if the
server actually said anything *back* to us in the negotiation. We assume
that we send a single token to the server, and it accepts it. If the server
wants to continue the exchange (as is required for NTLM and for SPNEGO
to do anything useful), then curl was broken anyway.

So the only bit which actually did anything was the bit in
Curl_output_negotiate(), which always generates an *initial* SPNEGO
token saying "Hey, I support only the Kerberos mechanism and this is its
token".

You could have done that by manually just prefixing the Kerberos token
with the appropriate bytes, if you weren't going to do any proper SPNEGO
handling. There's no need for the FBOpenSSL library at all.

The sane way to do SPNEGO is just to *ask* the GSSAPI library to do
SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context()
is for. And then it should all Just Work™.

That 'sane way' will be added in a subsequent patch, as will bug fixes
for our failure to handle any exchange other than a single outbound
token to the server which results in immediate success.
2014-07-16 17:26:08 +02:00
Guenter Knauf
ae26ee3489 Updated zlib version in build files. 2013-05-11 17:08:00 +02:00
Guenter Knauf
5be2499e16 Updated dependency libs. 2013-02-09 01:35:11 +01:00
Guenter Knauf
0494da830b Updated dependency libs. 2013-01-28 01:25:39 +01:00
Guenter Knauf
1ba5712f88 MinGW makefile tweaks for running from sh.
Added function macros to make path converting easier.
Added CROSSPREFIX to all compile tools.
2012-07-03 12:56:41 +02:00
Guenter Knauf
f95f19e854 Enabled OpenSSL static linkage. 2012-05-27 07:26:48 +02:00
Guenter Knauf
1c58f291cc Updated dependency libary versions. 2012-05-22 04:15:37 +02:00
Guenter Knauf
1beda0cbb7 Updated dependency lib versions. 2012-04-26 14:40:50 +02:00
Guenter Knauf
0f54880277 Updated dependency lib versions. 2012-04-20 13:33:54 +02:00
Yang Tse
ed0364343d removed trailing whitespace 2011-12-30 03:36:18 +01:00
Guenter Knauf
bb94b92894 Fixed MinGW examples makefile. 2011-09-25 16:31:31 +02:00
Guenter Knauf
ef3f1f3146 Added Win32-only samples. 2011-09-23 03:00:32 +02:00
Guenter Knauf
62b0fdca9e Another MinGW example makefile tweak. 2011-09-21 18:21:05 +02:00
Guenter Knauf
e4172d934d Changed suffix rules to pattern rules.
Suffix rules cannot have any prerequisites of their own.
2011-09-21 03:25:19 +02:00
Guenter Knauf
a6b69b64ad Some more MinGW build tweaks.
Added envvars to specify OpenSSL include, libpath and lib.
Added rule to create curlbuild.h from curlbuild.h.dist.
2011-09-21 02:06:05 +02:00
Guenter Knauf
a6c168b893 A bunch of MinGW build tweaks.
All paths to dependencies now quoted; synced examples makefile.
2011-09-20 15:05:28 +02:00
Daniel Stenberg
029136da60 source header: added to more files 2011-03-12 00:14:32 +01:00
Daniel Stenberg
2309b4e330 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Gunter Knauf
cf910f3097 updated MingW32 makefile for recent external libs. 2009-09-03 17:53:21 +00:00
Yang Tse
19479ea021 Internal time differences now use monotonic time source if available.
This also implies the removal of the winmm.lib dependency for WIN32.
2008-05-09 16:31:51 +00:00
Gunter Knauf
16a9c5e02b removed unused var. 2008-04-02 03:11:34 +00:00
Dan Fandrich
1e482fe6a8 Changed the makefile so the doc/examples/ programs are never built in a
normal build/install (only with the 'make check' target), so that a
build failure in the examples isn't fatal.
2008-03-31 03:01:13 +00:00
Gunter Knauf
1093287494 added makefile for MingW32 to build most of the samples. 2008-02-18 15:43:23 +00:00