Commit Graph

24037 Commits

Author SHA1 Message Date
Daniel Stenberg
4fac2899d0
GOVERNANCE.md: minor spelling fixes 2019-02-28 09:09:31 +01:00
Daniel Stenberg
76a9c3c4be
Secure Transport: no more "darwinssl"
Everyone calls it Secure Transport, now we do too.

Reviewed-by: Nick Zitzmann

Closes #3619
2019-02-28 08:42:59 +01:00
Marcel Raad
267fae336b
AppVeyor: add classic MinGW build
But use the MSYS2 shell rather than the default MSYS shell because of
POSIX path conversion issues. Classic MinGW is only available on the
Visual Studio 2015 image.

Closes https://github.com/curl/curl/pull/3623
2019-02-27 22:44:23 +01:00
Marcel Raad
225698d072
AppVeyor: add MinGW-w64 build
Add a MinGW-w64 build using CMake's MSYS Makefiles generator.
Use the Visual Studio 2015 image as it has GCC 8, while the
Visual Studio 2017 image only has GCC 7.2.

Closes https://github.com/curl/curl/pull/3623
2019-02-27 22:44:08 +01:00
Daniel Stenberg
eb43338941
cookies: only save the cookie file if the engine is enabled
Follow-up to 8eddb8f425.

If the cookieinfo pointer is NULL there really is nothing to save.

Without this fix, we got a problem when a handle was using shared object
with cookies and is told to "FLUSH" it to file (which worked) and then
the share object was removed and when the easy handle was closed just
afterwards it has no cookieinfo and no cookies so it decided to save an
empty jar (overwriting the file just flushed).

Test 1905 now verifies that this works.

Assisted-by: Michael Wallner
Assisted-by: Marcel Raad

Closes #3621
2019-02-27 21:59:40 +01:00
DaVieS
0f6c6efd81
cacertinmem.c: use multiple certificates for loading CA-chain
Closes #3421
2019-02-27 09:33:03 +01:00
Daniel Stenberg
62a2534e4c
urldata: convert bools to bitfields and move to end
This allows the compiler to pack and align the structs better in
memory. For a rather feature-complete build on x86_64 Linux, gcc 8.1.2
makes the Curl_easy struct 4.9% smaller. From 6312 bytes to 6000.

Removed an unused struct field.

No functionality changes.

Closes #3610
2019-02-27 08:37:56 +01:00
Don J Olmstead
50482b8c0a
curl.h: use __has_declspec_attribute for shared builds
Closes #3616
2019-02-27 08:35:43 +01:00
Daniel Stenberg
6cc6a447e6
curl: display --version features sorted alphabetically
Closes #3611
2019-02-27 08:14:07 +01:00
Daniel Stenberg
15ef24985c
runtests: detect "schannel" as an alias for "winssl"
Follow-up to 180501cb02

Reported-by: Marcel Raad
Fixes #3609
Closes #3620
2019-02-26 22:18:35 +01:00
Marcel Raad
cb8bd77ada
AppVeyor: update to Visual Studio 2017
Switch all Visual Studio 2015 builds to Visual Studio 2017. It's not a
moving target anymore as the last update, Update 9, has been released.

Closes https://github.com/curl/curl/pull/3606
2019-02-26 16:51:26 +01:00
Marcel Raad
9593e2a92b
AppVeyor: switch VS 2015 builds to VS 2017 image
The Visual Studio 2017 image has Visual Studio 2015 and 2017 installed.

Closes https://github.com/curl/curl/pull/3606
2019-02-26 16:51:25 +01:00
Marcel Raad
fd9ce998e0
AppVeyor: explicitly select worker image
Currently, we're using the default Visual Studio 2015 image for
everything.

Closes https://github.com/curl/curl/pull/3606
2019-02-26 16:51:24 +01:00
Daniel Stenberg
880cd5dd20
strerror: make the strerror function use local buffers
Instead of using a fixed 256 byte buffer in the connectdata struct.

In my build, this reduces the size of the connectdata struct by 11.8%,
from 2160 to 1904 bytes with no functionality or performance loss.

This also fixes a bug in schannel's Curl_verify_certificate where it
called Curl_sspi_strerror when it should have called Curl_strerror for
string from GetLastError. the only effect would have been no text or the
wrong text being shown for the error.

Co-authored-by: Jay Satiro

Closes #3612
2019-02-26 10:20:21 +01:00
Michael Wallner
8eddb8f425
cookies: fix NULL dereference if flushing cookies with no CookieInfo set
Regression brought by a52e46f390 (shipped in 7.63.0)

Closes #3613
2019-02-26 10:07:58 +01:00
Marcel Raad
8a1948283a
AppVeyor: re-enable test 500
It's passing now.

Closes https://github.com/curl/curl/pull/3615
2019-02-26 08:49:58 +01:00
Marcel Raad
5b79664177
AppVeyor: remove redundant builds
Remove the Visual Studio 2012 and 2013 builds as they add little value.

Ref: https://github.com/curl/curl/pull/3606
Closes https://github.com/curl/curl/pull/3614
2019-02-26 08:47:53 +01:00
Daniel Stenberg
509a0d975f
RELEASE-NOTES: synced 2019-02-25 23:19:32 +01:00
Bernd Mueller
90236edee4
OpenSSL: add support for TLS ASYNC state
Closes #3591
2019-02-25 13:53:47 +01:00
Michael Felt
66637b4d8f acinclude: add additional libraries to check for LDAP support
- Add an additional check for LDAP that also checks for OpenSSL since
  on AIX those libraries may be required to link LDAP properly.

Fixes https://github.com/curl/curl/issues/3595
Closes https://github.com/curl/curl/pull/3596
2019-02-25 01:48:00 -05:00
georgeok
531b7ad43a schannel: support CALG_ECDH_EPHEM algorithm
Add support for Ephemeral elliptic curve Diffie-Hellman key exchange
algorithm option when selecting ciphers. This became available on the
Win10 SDK.

Closes https://github.com/curl/curl/pull/3608
2019-02-25 01:38:35 -05:00
Daniel Stenberg
aa7b813ad1
multi: call multi_done on connect timeouts
Failing to do so would make the CURLINFO_TOTAL_TIME timeout to not get
updated correctly and could end up getting reported to the application
completely wrong (way too small).

Reported-by: accountantM on github
Fixes #3602
Closes #3605
2019-02-24 22:56:46 +01:00
Daniel Stenberg
47e540df8f
examples: remove recursive calls to curl_multi_socket_action
From within the timer callbacks. Recursive is problematic for several
reasons. They should still work, but this way the examples and the
documentation becomes simpler. I don't think we need to encourage
recursive calls.

Discussed in #3537
Closes #3601
2019-02-23 23:08:38 +01:00
Marcel Raad
42b30ee8f2 configure: remove CURL_CHECK_FUNC_FDOPEN call
The macro itself has been removed in commit
11974ac859.

Closes https://github.com/curl/curl/pull/3604
2019-02-23 21:43:56 +01:00
Daniel Stenberg
300def7d40
wolfssl: stop custom-adding curves
since wolfSSL PR https://github.com/wolfSSL/wolfssl/pull/717 (shipped in
wolfSSL 3.10.2 and later) it sends these curves by default already.

Pointed-out-by: David Garske

Closes #3599
2019-02-23 11:47:24 +01:00
Daniel Stenberg
11974ac859
configure: remove the unused fdopen macro
and the two remaining #ifdefs for it

Closes #3600
2019-02-22 22:38:33 +01:00
Jay Satiro
7466d1a308 url: change conn shutdown order to unlink data as last step
- Split off connection shutdown procedure from Curl_disconnect into new
  function conn_shutdown.

- Change the shutdown procedure to close the sockets before
  disassociating the transfer.

Prior to this change the sockets were closed after disassociating the
transfer so SOCKETFUNCTION wasn't called since the transfer was already
disassociated. That likely came about from recent work started in
Jan 2019 (#3442) to separate transfers from connections.

Bug: https://curl.haxx.se/mail/lib-2019-02/0101.html
Reported-by: Pavel Löbl

Closes https://github.com/curl/curl/issues/3597
Closes https://github.com/curl/curl/pull/3598
2019-02-22 15:19:42 -05:00
Marcel Raad
50f1bb2632 Fix strict-prototypes GCC warning
As seen in the MinGW autobuilds. Caused by commit
f26bc29cfe.
2019-02-22 19:12:30 +01:00
Dan Fandrich
87ba80a6df tests: Fixed XML validation errors in some test files. 2019-02-21 22:10:48 +01:00
Daniel Stenberg
8bc5ceb204
TODO: Allow SAN names in HTTP/2 server push
Suggested-by: Nicolas Grekas
2019-02-20 08:44:21 +01:00
Daniel Stenberg
86cd0cfb90
RELEASE-NOTES: synced 2019-02-20 08:29:48 +01:00
Daniel Stenberg
c543da9a50
curl: remove MANUAL from -M output
... and remove it from the dist tarball. It has served its time, it
barely gets updated anymore and "everything curl" is now convering all
this document once tried to include, and does it more and better.

In the compressed scenario, this removes ~15K data from the binary,
which is 25% of the -M output.

It remains in the git repo for now for as long as the web site builds a
page using that as source. It renders poorly on the site (especially for
mobile users) so its not even good there.

Closes #3587
2019-02-20 08:20:27 +01:00
Daniel Stenberg
aa5a28bd69
http2: verify :athority in push promise requests
RFC 7540 says we should verify that the push is for an "authoritative"
server. We make sure of this by only allowing push with an :athority
header that matches the host that was asked for in the URL.

Fixes #3577
Reported-by: Nicolas Grekas
Bug: https://curl.haxx.se/mail/lib-2019-02/0057.html
Closes #3581
2019-02-20 08:18:02 +01:00
Daniel Stenberg
afc00e047c
singlesocket: fix the 'sincebefore' placement
The variable wasn't properly reset within the loop and thus could remain
set for sockets that hadn't been set before and miss notifying the app.

This is a follow-up to 4c35574 (shipped in curl 7.64.0)

Reported-by: buzo-ffm on github
Detected-by: Jan Alexander Steffens
Fixes #3585
Closes #3589
2019-02-20 08:15:32 +01:00
Daniel Stenberg
b08898fb29
connection: never reuse CONNECT_ONLY conections
and make CONNECT_ONLY conections never reuse any existing ones either.

Reported-by: Pavel Löbl
Bug: https://curl.haxx.se/mail/lib-2019-02/0064.html
Closes #3586
2019-02-19 22:50:02 +01:00
Patrick Monnerat
e49e5eaa10 cli tool: fix mime post with --disable-libcurl-option configure option
Reported-by: Marcel Raad
Fixes #3576
Closes #3583
2019-02-19 17:08:58 +01:00
Daniel Stenberg
d8b0318ad6
x509asn1: cleanup and unify code layout
- rename 'n' to buflen in functions, and use size_t for them. Don't pass
  in negative buffer lengths.

- move most function comments to above the function starts like we use
  to

- remove several unnecessary typecasts (especially of NULL)

Reviewed-by: Patrick Monnerat
Closes #3582
2019-02-19 16:03:19 +01:00
Daniel Stenberg
5e1b5e6936
curl_multi_remove_handle.3: use at any time, just not from within callbacks
[ci skip]
2019-02-19 11:22:29 +01:00
Daniel Stenberg
942eb09e8a
http: make adding a blank header thread-safe
Previously the function would edit the provided header in-place when a
semicolon is used to signify an empty header. This made it impossible to
use the same set of custom headers in multiple threads simultaneously.

This approach now makes a local copy when it needs to edit the string.

Reported-by: d912e3 on github
Fixes #3578
Closes #3579
2019-02-19 10:18:47 +01:00
Daniel Stenberg
5908e900be
unit1651: survive curl_easy_init() fails 2019-02-19 09:08:28 +01:00
Frank Gevaerts
21b33b9a0b
rand: Fix a mismatch between comments in source and header.
Reported-by: Björn Stenberg <bjorn@haxx.se>
Closes #3584
2019-02-18 23:13:30 +01:00
Patrick Monnerat
fa86d32d59 x509asn1: replace single char with an array
Although safe in this context, using a single char as an array may
cause invalid accesses to adjacent memory locations.

Detected by Coverity.
2019-02-18 15:40:34 +01:00
Daniel Stenberg
af143ef45e
examples/http2-serverpush: add some sensible error checks
To avoid NULL pointer dereferences etc in the case of problems.

Closes #3580
2019-02-18 14:57:38 +01:00
Jay Satiro
f26bc29cfe easy: fix win32 init to work without CURL_GLOBAL_WIN32
- Change the behavior of win32_init so that the required initialization
  procedures are not affected by CURL_GLOBAL_WIN32 flag.

libcurl via curl_global_init supports initializing for win32 with an
optional flag CURL_GLOBAL_WIN32, which if omitted was meant to stop
Winsock initialization. It did so internally by skipping win32_init()
when that flag was set. Since then win32_init() has been expanded to
include required initialization routines that are separate from
Winsock and therefore must be called in all cases. This commit fixes
it so that CURL_GLOBAL_WIN32 only controls the optional win32
initialization (which is Winsock initialization, according to our doc).

The only users affected by this change are those that don't pass
CURL_GLOBAL_WIN32 to curl_global_init. For them this commit removes the
risk of a potential crash.

Ref: https://github.com/curl/curl/pull/3573

Fixes https://github.com/curl/curl/issues/3313
Closes https://github.com/curl/curl/pull/3575
2019-02-18 02:12:12 -05:00
Daniel Gustafsson
e6522522f9 cookie: Add support for cookie prefixes
The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes
and how they should affect cookie initialization, which has been
adopted by the major browsers. This adds support for the two prefixes
defined, __Host- and __Secure, and updates the testcase with the
supplied examples from the draft.

Closes #3554
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-02-17 00:09:30 +01:00
Daniel Gustafsson
0299b262cd mbedtls: release sessionid resources on error
If mbedtls_ssl_get_session() fails, it may still have allocated
memory that needs to be freed to avoid leaking. Call the library
API function to release session resources on this errorpath as
well as on Curl_ssl_addsessionid() errors.

Closes: #3574
Reported-by: Michał Antoniak <M.Antoniak@posnet.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-02-16 22:30:31 +01:00
Patrick Monnerat
188036ca58 cli tool: refactor encoding conversion sequence for switch case fallthrough. 2019-02-16 02:04:24 +01:00
Patrick Monnerat
c52620c249 version.c: silent scan-build even when librtmp is not enabled 2019-02-16 01:04:22 +01:00
Daniel Stenberg
5d58a7fb7c
RELEASE-NOTES: synced 2019-02-15 23:33:47 +01:00
Daniel Stenberg
ca597ad34a
Curl_now: figure out windows version in win32_init
... and avoid use of static variables that aren't thread safe.

Fixes regression from e9ababd4f5 (present in the 7.64.0 release)

Reported-by: Paul Groke
Fixes #3572
Closes #3573
2019-02-15 23:23:14 +01:00