Commit Graph

24182 Commits

Author SHA1 Message Date
Daniel Stenberg
54c784556e
test: make tests and test scripts use socksd for SOCKS
Make all SOCKS tests use socksd instead of ssh.
2019-04-13 11:21:53 +02:00
Daniel Stenberg
04fd67555c
socksd: new SOCKS 4+5 server for tests
Closes #3752
2019-04-13 11:21:35 +02:00
Daniel Stenberg
4f463da6b5
singleipconnect: show port in the verbose "Trying ..." message
To aid debugging better.
2019-04-13 11:21:25 +02:00
tmilburn
c3e38a4250
CURLOPT_ADDRESS_SCOPE: fix range check and more
Commit 9081014 fixed most of the confusing issues between scope id and
scope however 844896d added bad limits checking assuming that the scope
is being set and not the scope id.

I have fixed the documentation so it all refers to scope ids.

In addition Curl_if2ip refered to the scope id as remote_scope_id which
is incorrect, so I renamed it to local_scope_id.

Adjusted-by: Daniel Stenberg

Closes #3655
Closes #3765
Fixes #3713
2019-04-13 11:18:55 +02:00
Daniel Stenberg
d715d2ac89
urlapi: stricter CURLUPART_PORT parsing
Only allow well formed decimal numbers in the input.

Document that the number MUST be between 1 and 65535.

Add tests to test 1560 to verify the above.

Ref: https://github.com/curl/curl/issues/3753
Closes #3762
2019-04-13 11:17:30 +02:00
Jan-E
79c4864a56 winbuild: Support MultiSSL builds
- Remove the lines in winbuild/Makefile.vc that generate an error with
  multiple SSL backends.

- Add /DCURL_WITH_MULTI_SSL in winbuild/MakefileBuild.vc if multiple SSL
  backends are set.

Closes https://github.com/curl/curl/pull/3772
2019-04-13 02:49:14 -04:00
Daniel Stenberg
6003422825
travis: remove mesalink builds (temporarily?)
Since the mesalink build started to fail on travis, even though we build
a fixed release version, we disable it to prevent it from blocking
progress.

Closes #3767
2019-04-12 13:29:31 +02:00
Daniel Stenberg
3f5da4e59a
openssl: mark connection for close on TLS close_notify
Without this, detecting and avoid reusing a closed TLS connection
(without a previous GOAWAY) when doing HTTP/2 is tricky.

Reported-by: Tom van der Woerdt
Fixes #3750
Closes #3763
2019-04-12 12:17:52 +02:00
Daniel Stenberg
687cdeb970
RELEASE-NOTES: synced 2019-04-12 10:55:50 +02:00
Steve Holme
762a292f87 vauth/cleartext: Update the PLAIN login function signature to match RFC 4616
Functionally this doesn't change anything as we still use the username
for both the authorisation identity and the authentication identity.

Closes #3757
2019-04-11 22:43:30 +01:00
Daniel Stenberg
1489d1db85
test1906: verify CURLOPT_CURLU + CURLOPT_PORT usage
Based-on-code-by: Poul T Lomholt
2019-04-11 22:45:13 +02:00
Daniel Stenberg
9a4ad1b056
url: always clone the CUROPT_CURLU handle
Since a few code paths actually update that data.

Fixes #3753
Closes #3761

Reported-by: Poul T Lomholt
2019-04-11 22:45:01 +02:00
Daniel Stenberg
f73de32d46
CURLOPT_DNS_USE_GLOBAL_CACHE: remove
Remove the code too. The functionality has been disabled in code since
7.62.0. Setting this option will from now on simply be ignored and have
no function.

Closes #3654
2019-04-11 22:22:39 +02:00
Marcel Raad
ebc0550110
travis: install libgnutls28-dev only for --with-gnutls build
Reduces the time needed for the other jobs a little.

Closes https://github.com/curl/curl/pull/3721
2019-04-11 21:14:12 +02:00
Marcel Raad
a05eb8f16c
travis: install libnss3-dev only for --with-nss build
Reduces the time needed for the other jobs a little.

Closes https://github.com/curl/curl/pull/3721
2019-04-11 21:14:11 +02:00
Marcel Raad
b568511b91
travis: install libssh2-dev only for --with-libssh2 build
Reduces the time needed for the other jobs a little.

Closes https://github.com/curl/curl/pull/3721
2019-04-11 21:14:10 +02:00
Marcel Raad
157147f0b0
travis: install libssh-dev only for --with-libssh build
Reduces the time needed for the other jobs a little.

Closes https://github.com/curl/curl/pull/3721
2019-04-11 21:14:09 +02:00
Marcel Raad
c3d5f400a4
travis: install krb5-user only for --with-gssapi build
Reduces the time needed for the other jobs a little.

Closes https://github.com/curl/curl/pull/3721
2019-04-11 21:14:07 +02:00
Marcel Raad
22c28284f6
travis: install lcov only for the coverage job
Reduces the time needed for the other jobs a little.

Closes https://github.com/curl/curl/pull/3721
2019-04-11 21:13:58 +02:00
Marcel Raad
c6acd33370
travis: install clang only when needed
This reduces the GCC job runtimes a little and it's needed to
selectively update clang builds to xenial.

Closes https://github.com/curl/curl/pull/3721
2019-04-11 21:13:57 +02:00
Marcel Raad
f1aad7162a
AppVeyor: enable testing for WinSSL build
Closes https://github.com/curl/curl/pull/3725
2019-04-11 21:11:35 +02:00
Marcel Raad
d1b5cf830b
build: fix Codacy/CppCheck warnings
- remove unused variables
- declare conditionally used variables conditionally
- suppress unused variable warnings in the CMake tests
- remove dead variable stores
- consistently use WIN32 macro to detect Windows

Closes https://github.com/curl/curl/pull/3739
2019-04-11 21:08:44 +02:00
Marcel Raad
bb0b10135c
polarssl_threadlock: remove conditionally unused code
Make functions no-ops if neither both USE_THREADS_POSIX and
HAVE_PTHREAD_H nor both USE_THREADS_WIN32 and HAVE_PROCESS_H are
defined. Previously, if only one of them was defined, there was either
code compiled that did nothing useful or the wrong header included for
the functions used.

Also, move POLARSSL_MUTEX_T define to implementation file as it's not
used externally.

Closes https://github.com/curl/curl/pull/3739
2019-04-11 21:08:42 +02:00
Marcel Raad
d250ed4753
lib557: initialize variables
These variables are only conditionally initialized.

Closes https://github.com/curl/curl/pull/3739
2019-04-11 21:08:41 +02:00
Marcel Raad
9eac2d92cf
lib509: add missing include for strdup
Closes https://github.com/curl/curl/pull/3739
2019-04-11 21:08:39 +02:00
Marcel Raad
86603d3995
README.md: fix no-consecutive-blank-lines Codacy warning
Consistently use one blank line between blocks.

Closes https://github.com/curl/curl/pull/3739
2019-04-11 21:08:38 +02:00
Marcel Raad
dc0712eea3
tests/server/util: fix Windows Unicode build
Always use the ANSI version of FormatMessage as we don't have the
curl_multibyte gear available here.

Closes https://github.com/curl/curl/pull/3758
2019-04-11 21:03:20 +02:00
Daniel Stenberg
20b8df1096
curl_easy_getinfo.3: fix minor formatting mistake 2019-04-11 16:06:40 +02:00
Daniel Gustafsson
06ace0ba98 xattr: skip unittest on unsupported platforms
The stripcredentials unittest fails to compile on platforms without
xattr support, for example the Solaris member in the buildfarm which
fails with the following:

  CC unit1621-unit1621.o
  CC ../libtest/unit1621-first.o
  CCLD unit1621
  Undefined first referenced
  symbol in file
  stripcredentials unit1621-unit1621.o
  goto problem 2
  ld: fatal: symbol referencing errors. No output written to .libs/unit1621
  collect2: error: ld returned 1 exit status
  gmake[2]: *** [Makefile:996: unit1621] Error 1

Fix by excluding the test on such platforms by using the reverse
logic from where stripcredentials() is defined.

Closes #3759
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-04-11 09:22:22 +02:00
Steve Holme
166ace8be0 emailL Added reference to RFC8314 for implicit TLS 2019-04-11 01:19:15 +01:00
Steve Holme
37c43bf70c README: Schannel, stop calling it "winssl"
Stick to "Schannel" everywhere - follow up to 180501cb.
2019-04-10 22:05:38 +01:00
Jakub Zakrzewski
ff1cb97517 cmake: clear CMAKE_REQUIRED_LIBRARIES after each use
This fixes GSSAPI builds with the libraries in a non-standard location.
The testing for recv() were failing because it failed to link
the Kerberos libraries, which are not needed for this or subsequent
tests.

fixes #3743
closes #3744
2019-04-10 19:12:28 +02:00
Jakub Zakrzewski
be17f298ff cmake: avoid linking executable for some tests with cmake 3.6+
With CMAKE_TRY_COMPILE_TARGET_TYPE set to STATIC_LIBRARY, the try_compile()
(which is used by check_c_source_compiles()) will build static library
instead of executable. This avoids linking additional libraries in and thus
speeds up those checks a little.

This commit also avoids #3743 (GSSAPI build errors) on itself with cmake
3.6 or above. That issue was fixed separately for all versions.

Ref: #3744
2019-04-10 19:12:28 +02:00
Jakub Zakrzewski
639cfeb0f8 cmake: minor cleanup
- Remove nneeded include_regular_expression.
  It was setting what is already a default.

- Remove duplicated include.

- Don't check for pre-3.0.0 CMake version.
  We already require at least 3.0.0, so it's just clutter.

Ref: #3744
2019-04-10 19:12:28 +02:00
Steve Holme
c4e0be4408 build-openssl.bat: Fixed support for OpenSSL v1.1.0+ 2019-04-08 22:36:23 +01:00
Steve Holme
b1923b90f5 build-openssl.bat: Perfer the use of if statements rather than goto (where possible) 2019-04-08 22:36:23 +01:00
Steve Holme
a4df34294f build-openssl.bat: Perform the install for each build type directly after the build 2019-04-08 22:36:23 +01:00
Steve Holme
089e2d9de0 build-openssl.bat: Split the install of static and shared build types 2019-04-08 22:36:22 +01:00
Steve Holme
89efe0e396 build-openssl.bat: Split the building of static and shared build types 2019-04-08 22:36:22 +01:00
Steve Holme
1969958e6b build-openssl.bat: Move the installation into a separate function 2019-04-08 22:36:22 +01:00
Steve Holme
ac690c4285 build-openssl.bat: Move the build step into a separate function 2019-04-08 22:36:22 +01:00
Steve Holme
1f6ec5baba build-openssl.bat: Move the OpenSSL configuration into a separate function 2019-04-08 22:36:22 +01:00
Steve Holme
d891702fcf build-openssl.bat: Fixed the BUILD_CONFIG variable not being initialised
Should the parent environment set this variable then the build might
not be performed as the user intended.
2019-04-08 22:36:22 +01:00
Daniel Stenberg
8ebc42be04
socks: fix error message 2019-04-08 23:30:53 +02:00
Daniel Stenberg
ebb2ebe18b
config.d: clarify that initial : and = might need quoting [skip ci]
Fixes #3738
Closes #3749
2019-04-08 21:57:22 +02:00
Daniel Stenberg
c150438eee
RELEASE-NOTES: synced
bumped to 7.65.0 for next release
2019-04-08 21:42:05 +02:00
Daniel Stenberg
f4b6901230
socks5: user name and passwords must be shorter than 256
bytes... since the protocol needs to store the length in a single byte field.

Reported-by: XmiliaH on github
Fixes #3737
Closes #3740
2019-04-07 23:27:11 +02:00
Jakub Zakrzewski
89bb5a836c
test: urlapi: urlencode characters above 0x7f correctly 2019-04-07 22:57:42 +02:00
Jakub Zakrzewski
0dd47c2a3d
urlapi: urlencode characters above 0x7f correctly
fixes #3741
Closes #3742
2019-04-07 22:57:42 +02:00
Even Rouault
64cbae3107
multi_runsingle(): fix use-after-free
Fixes #3745
Closes #3746

The following snippet
```

int main()
{
    CURL* hCurlHandle = curl_easy_init();
    curl_easy_setopt(hCurlHandle, CURLOPT_URL, "http://example.com");
    curl_easy_setopt(hCurlHandle, CURLOPT_PROXY, "1");
    curl_easy_perform(hCurlHandle);
    curl_easy_cleanup(hCurlHandle);
    return 0;
}
```
triggers the following Valgrind warning

```
==4125== Invalid read of size 8
==4125==    at 0x4E7D1EE: Curl_llist_remove (llist.c:97)
==4125==    by 0x4E7EF5C: detach_connnection (multi.c:798)
==4125==    by 0x4E80545: multi_runsingle (multi.c:1451)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
==4125==  Address 0x9b3d1d0 is 1,120 bytes inside a block of size 1,600 free'd
==4125==    at 0x4C2ECF0: free (vg_replace_malloc.c:530)
==4125==    by 0x4E62C36: conn_free (url.c:756)
==4125==    by 0x4E62D34: Curl_disconnect (url.c:818)
==4125==    by 0x4E48DF9: Curl_once_resolved (hostip.c:1097)
==4125==    by 0x4E8052D: multi_runsingle (multi.c:1446)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
==4125==  Block was alloc'd at
==4125==    at 0x4C2F988: calloc (vg_replace_malloc.c:711)
==4125==    by 0x4E6438E: allocate_conn (url.c:1654)
==4125==    by 0x4E685B4: create_conn (url.c:3496)
==4125==    by 0x4E6968F: Curl_connect (url.c:4023)
==4125==    by 0x4E802E7: multi_runsingle (multi.c:1368)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
```

This has been bisected to commit 2f44e94

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14109
Credit to OSS Fuzz
2019-04-07 22:55:38 +02:00