Commit Graph

26891 Commits

Author SHA1 Message Date
Daniel Stenberg
e06fa7462a
gnutls: assume nettle crypto support
nettle has been the default crypto library with GnuTLS since 2010. By
dropping support for the previous libcrypto, we simplify code.

Closes #6625
2021-02-18 23:06:47 +01:00
Daniel Stenberg
692faeab9f
asyn-ares: use consistent resolve error message
... with the help of Curl_resolver_error() which now is moved from
asyn-thead.c and is provided globally for this purpose.

Follow-up to 35ca04ce1b

Makes test 1188 work for c-ares builds

Closes #6626
2021-02-18 15:02:17 +01:00
Viktor Szakats
7db6bc5eca
ci: stop building on freebsd-12-1
An updated freebsd-12-2 image was added a few months ago, and this
older one is consistently failing to go past `pkginstall`:
```
Newer FreeBSD version for package py37-mlt:
To ignore this error set IGNORE_OSVERSION=yes
- package: 1202000
- running kernel: 1201000
Ignore the mismatch and continue? [Y/n]: pkg: repository FreeBSD contains packages for wrong OS version: FreeBSD:12:amd64
```

FreeBSD thread suggests that 12.1 is EOL, and best to avoid.

Ref: https://forums.freebsd.org/threads/78856/

Reviewed-by: Daniel Stenberg
Closes #6622
2021-02-18 11:21:04 +00:00
Daniel Stenberg
35ca04ce1b
test1188: change error from connect to resolve error
Using the %NOLISTENPORT to trigger a connection failure is somewhat
"risky" (since it isn't guaranteed to not be listened to) and caused
occasional CI problems. This fix changes the infused error to be a more
reliable one but still verifies the --write-out functionality properly -
which is the purpose of this test.

Reported-by: Jay Satiro
Fixes #6621
Closes #6623
2021-02-18 11:10:47 +01:00
Daniel Stenberg
6174fc993a
url.c: use consistent error message for failed resolve 2021-02-18 11:10:36 +01:00
Daniel Stenberg
e72270236c
BUGS: language polish 2021-02-18 08:47:27 +01:00
Daniel Stenberg
bc928be02c
wolfssl: don't store a NULL sessionid
This caused a memory leak as the session id cache entry was still
erroneously stored with a NULL sessionid and that would later be treated
as not needed to get freed.

Reported-by: Gisle Vanem
Fixes #6616
Closes #6617
2021-02-17 22:55:45 +01:00
Daniel Stenberg
f248a13065
parse_proxy: fix a memory leak in the OOM path
Reported-by: Jay Satiro
Reviewed-by: Jay Satiro
Reviewed-by: Emil Engler

Closes #6614
Bug: https://github.com/curl/curl/pull/6591#issuecomment-780396541
2021-02-17 22:54:42 +01:00
Jay Satiro
568190f493 url: fix possible use-after-free in default protocol
Prior to this change if the user specified a default protocol and a
separately allocated non-absolute URL was used then it was freed
prematurely, before it was then used to make the replacement URL.

Bug: https://github.com/curl/curl/issues/6604#issuecomment-780138219
Reported-by: arvids-kokins-bidstack@users.noreply.github.com

Closes https://github.com/curl/curl/pull/6613
2021-02-17 16:15:11 -05:00
Daniel Stenberg
94719e7285
multi: rename the multi transfer states
While working on documenting the states it dawned on me that step one is
to use more descriptive names on the states. This also changes prefix on
the states to make them shorter in the source.

State names NOT ending with *ing are transitional ones.

Closes #6612
2021-02-16 16:42:46 +01:00
Viktor Szakats
cdb630655d
http: do not add a referrer header with empty value
Previously an empty 'Referer:' header was added to the HTTP request when
passing `--referer ';auto'` or `--referer ''` on the command-line. This
patch makes `--referer` work like `--header 'Referer:'` and will only add
the header if it has a non-zero length value.

Reviewed-by: Jay Satiro
Closes #6610
2021-02-16 10:19:37 +00:00
Daniel Stenberg
cfff12a0b3
lib: remove 'conn->data' completely
The Curl_easy pointer struct entry in connectdata is now gone. Just
before commit 215db086e0 landed on January 8, 2021 there were 919
references to conn->data.

Closes #6608
2021-02-16 10:48:57 +01:00
Daniel Stenberg
a59c33ceff
openldap: pass 'data' to the callbacks instead of 'conn' 2021-02-16 10:47:55 +01:00
Jay Satiro
e68ee39f3d doh: Fix sharing user's resolve list with DOH handles
- Share the shared object from the user's easy handle with the DOH
  handles.

Prior to this change if the user had set a shared object with shared
cached DNS (CURL_LOCK_DATA_DNS) for their easy handle then that wasn't
used by any associated DOH handles, since they used the multi's default
hostcache.

This change means all the handles now use the same hostcache, which is
either the shared hostcache from the user created shared object if it
exists or if not then the multi's default hostcache.

Reported-by: Manuj Bhatia

Fixes https://github.com/curl/curl/issues/6589
Closes https://github.com/curl/curl/pull/6607
2021-02-15 16:14:34 -05:00
Daniel Stenberg
723c0e75fa
http2: remove conn->data use
... but instead use a private alternative that points to the "driving
transfer" from the connection. We set the "user data" associated with
the connection to be the connectdata struct, but when we drive transfers
the code still needs to know the pointer to the transfer. We can change
the user data to become the Curl_easy handle, but with older nghttp2
version we cannot dynamically update that pointer properly when
different transfers are used over the same connection.

Closes #6520
2021-02-15 16:33:53 +01:00
Daniel Stenberg
f2f91ac709
openssl: remove conn->data use
We still make the trace callback function get the connectdata struct
passed to it, since the callback is anchored on the connection.

Repeatedly updating the callback pointer to set 'data' with
SSL_CTX_set_msg_callback_arg() doesn't seem to work, probably because
there might already be messages in the queue with the old pointer.

This code therefore makes sure to set the "logger" handle before using
OpenSSL calls so that the right easy handle gets used for tracing.

Closes #6522
2021-02-15 09:08:59 +01:00
Daniel Stenberg
fa959e697b
RELEASE-NOTES: synced 2021-02-15 08:31:34 +01:00
Jay Satiro
53022e1893 doh: add options to disable ssl verification
- New libcurl options CURLOPT_DOH_SSL_VERIFYHOST,
  CURLOPT_DOH_SSL_VERIFYPEER and CURLOPT_DOH_SSL_VERIFYSTATUS do the
  same as their respective counterparts.

- New curl tool options --doh-insecure and --doh-cert-status do the same
  as their respective counterparts.

Prior to this change DOH SSL certificate verification settings for
verifyhost and verifypeer were supposed to be inherited respectively
from CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER, but due to a bug
were not. As a result DOH verification remained at the default, ie
enabled, and it was not possible to disable. This commit changes
behavior so that the DOH verification settings are independent and not
inherited.

Ref: https://github.com/curl/curl/pull/4579#issuecomment-554723676

Fixes https://github.com/curl/curl/issues/4578
Closes https://github.com/curl/curl/pull/6597
2021-02-14 18:20:48 -05:00
Jay Satiro
b68026f7f4 hostip: fix crash in sync resolver builds that use DOH
- Guard some Curl_async accesses with USE_CURL_ASYNC instead of
  !CURLRES_SYNCH.

This is another follow-up to 8335c64 which moved the async struct from
the connectdata struct into the Curl_easy struct. A previous follow-up
6cd167a fixed building for sync resolver by guarding some async struct
accesses with !CURLRES_SYNCH. The problem is since DOH (DNS-over-HTTPS)
is available as an asynchronous secondary resolver the async struct may
be used even when libcurl is built for the sync resolver. That means
that CURLRES_SYNCH and USE_CURL_ASYNC may be defined at the same time.

Closes https://github.com/curl/curl/pull/6603
2021-02-13 23:03:58 -05:00
Daniel Stenberg
835c263421
KNOWN_BUGS: cannot enable LDAPS on Windows with cmake
Reported-by: Jack Boos Yu
Closes #6284
2021-02-13 22:49:16 +01:00
Daniel Stenberg
ab02bf4f0c
KNOWN_BUGS: Excessive HTTP/2 packets with TCP_NODELAY
Reported-by: Alex Xu
Closes #6363
2021-02-13 22:42:58 +01:00
Daniel Stenberg
46620b9743
http: use credentials from transfer, not connection
HTTP auth "accidentally" worked before this cleanup since the code would
always overwrite the connection credentials with the credentials from
the most recent transfer and since HTTP auth is typically done first
thing, this has not been an issue. It was still wrong and subject to
possible race conditions or future breakage if the sequence of functions
would change.

The data.set.str[] strings MUST remain unmodified exactly as set by the
user, and the credentials to use internally are instead set/updated in
state.aptr.*

Added test 675 to verify different credentials used in two requests done
over a reused HTTP connection, which previously behaved wrongly.

Fixes #6542
Closes #6545
2021-02-13 22:36:15 +01:00
Daniel Stenberg
e992770e8d
test433: clear some home dir env variables
Follow-up to bd6b54ba1f

... so that XDG_CONFIG_HOME is the only home dir variable set and thus
used correctly in the test!

Fixes #6599
Closes #6600
2021-02-12 14:02:07 +01:00
Daniel Stenberg
9e95105617
RELEASE-NOTES: synced
bumped the version to 7.76.0
2021-02-12 09:55:04 +01:00
Daniel Stenberg
150545de82
travis: install libgsasl-dev to add that to the builds
Closes #6588
2021-02-12 09:45:34 +01:00
Daniel Stenberg
88dd1a8a11
urldata: don't touch data->set.httpversion at run-time
Rename it to 'httpwant' and make a cloned field in the state struct as
well for run-time updates.

Also: refuse non-supported HTTP versions. Verified with test 129.

Closes #6585
2021-02-12 08:13:37 +01:00
Viktor Szakats
bd6b54ba1f
tests: disable .curlrc in more environments
by also setting CURL_HOME and XDG_CONFIG_HOME envvars to the local
directory.

Reviewed-by: Daniel Stenberg
Fixes #6595
Closes #6596
2021-02-11 22:06:02 +00:00
Viktor Szakats
acd90af51f
docs/Makefile.inc: format to be update-friendly
- one source file per line
- convert tabs to spaces
- do not align line-continuation backslashes
- sort source files alphabetically

Reviewed-by: Daniel Stenberg
Closes #6593
2021-02-11 16:12:12 +00:00
Daniel Stenberg
1560cd1f9f
curl: provide libgsasl version and feature info in -V output
Closes #6592
2021-02-11 16:16:45 +01:00
Daniel Stenberg
8d9346f1a0
gsasl: provide CURL_VERSION_GSASL if built-in
To let applications know the feature is available.

Closes #6592
2021-02-11 16:16:34 +01:00
Daniel Stenberg
8a964cb217
curl: add --fail-with-body
Prevent both --fail and --fail-with-body on the same command line.

Verify with test 349, 360 and 361.

Closes #6449
2021-02-11 08:35:27 +01:00
Daniel Stenberg
c386a0df44
TODO: remove HSTS
Provided now since commit 7385610d0c
2021-02-10 22:54:33 +01:00
Jay Satiro
89e572af82 tests: Fix tests failing due to change in curl --help
Follow-up to parent 3183217 which added add missing <mode> argument to
--create-file-mode <mode>.

Ref: https://github.com/curl/curl/issues/6590
2021-02-10 15:57:26 -05:00
Jay Satiro
3183217246 tool_help: add missing argument for --create-file-mode
Prior to this change the required argument was not shown in curl --help.

before:
     --create-file-mode File mode for created files

after:
     --create-file-mode <mode> File mode (octal) for created files

Reported-by: ZimCodes@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/6590
2021-02-10 14:10:49 -05:00
Jay Satiro
41863a94b5 create-file-mode.d: add missing Arg tag
Prior to this change the required argument was not shown.

curl.1 before: --create-file-mode
curl.1 after: --create-file-mode <mode>

Reported-by: ZimCodes@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/6590
2021-02-10 13:57:40 -05:00
Viktor Szakats
62c4f2f10f
gsasl: fix errors/warnings building against libgsasl
- also fix an indentation
- make Curl_auth_gsasl_token() use CURLcode (by Daniel Stenberg)

Ref: https://github.com/curl/curl/pull/6372#issuecomment-776118711
Ref: https://github.com/curl/curl/pull/6588

Reviewed-by: Jay Satiro
Assisted-by: Daniel Stenberg
Reviewed-by: Simon Josefsson
Closes #6587
2021-02-10 18:55:58 +00:00
Viktor Szakats
2dfe3d7093
Makefile.m32: add support for libgsasl dependency
Reviewed-by: Marcel Raad
Closes #6586
2021-02-10 18:48:29 +00:00
Marcel Raad
89193ed518
ngtcp2: clarify calculation precedence
As suggested by Codacy/cppcheck.

Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:49 +01:00
Marcel Raad
1636076e70
server: remove redundant condition
`end` is always non-null here.

Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:34 +01:00
Marcel Raad
1cd823ed5a
lib: remove redundant code
Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:27 +01:00
Marcel Raad
cc9c4e0f4e
mqttd: remove unused variable
Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:21 +01:00
Marcel Raad
fa624f0baa
tool_paramhlp: reduce variable scope
Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:15 +01:00
Marcel Raad
4c02d003ff
tests: reduce variable scopes
Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:09 +01:00
Marcel Raad
a774b3f304
lib: reduce variable scopes
Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:47:03 +01:00
Marcel Raad
a3f93a62a2
ftp: fix Codacy/cppcheck warning about null pointer arithmetic
Increment `bytes` only if it is non-null.

Closes https://github.com/curl/curl/pull/6576
2021-02-10 16:46:52 +01:00
Daniel Stenberg
ec5d9b44a2
ngtcp2: adapt to the new recv_datagram callback 2021-02-09 23:25:20 +01:00
Daniel Stenberg
69a396f593
quiche: fix build error: use 'int' for port number
Follow-up to cb2dc1ba8
2021-02-09 23:21:39 +01:00
Daniel Stenberg
528f71c2ec
ftp: add 'list_only' to the transfer state struct
and rename it from 'ftp_list_only' since it is also used for SSH and
POP3. The state is updated internally for 'type=D' FTP URLs.

Added test case 1570 to verify.

Closes #6578
2021-02-09 14:06:28 +01:00
Daniel Stenberg
115c9e27f5
ftp: add 'prefer_ascii' to the transfer state struct
... and make sure the code never updates 'set.prefer_ascii' as it breaks
handle reuse which should use the setting as the user specified it.

Added test 1569 to verify: it first makes an FTP transfer with ';type=A'
and then another without type on the same handle and the second should
then use binary. Previously, curl failed this.

Closes #6578
2021-02-09 14:06:28 +01:00
Daniel Stenberg
0829909ebd
RELEASE-NOTES: synced 2021-02-09 11:36:07 +01:00