Commit Graph

28134 Commits

Author SHA1 Message Date
Harry Sarson
6c82e3f42d
CI: test building wolfssl with --enable-opensslextra
Closes #8315
2022-01-21 23:04:15 +01:00
Harry Sarson
392fdb0438
misc: allow curl to build with wolfssl --enable-opensslextra
put all #include of openssl files behind wolfssl ifdefs so that we can
use the wolfssl/ prefixed include paths. Without these curl only builds
when wolfssl is built with enable-all.

Fixes #8292
Closes #8315
2022-01-21 23:04:02 +01:00
Lucas Pardue
8a3e67e732
quiche: change qlog file extension to .sqlog
quiche has just switched it's qlog serialization format to JSON-SEQ by
default . The spec says this SHOULD use `.sqlog` extension.

I believe ngtcp2 also supports JSON-SEQ by default as of
9baf06fc3f

Let's update curl so that tools know what format we are using!

Closes #8316
2022-01-21 22:34:57 +01:00
Jay Satiro
f74b6d8551 projects: Fix Visual Studio wolfSSL configurations
- Change build-wolfssl.bat to disable SSLv3, enable TLSv1.3, enable
  wolfSSL_DES_ecb_encrypt (needed by NTLM) and enable alt cert chains.

- Disable warning C4214 'bit field types other than int'.

- Add include directory wolfssl\wolfssl.

wolfSSL offers OpenSSL API compatibility that libcurl uses, and some
recent change in libcurl included an include file for wolfSSL like
openssl/foo.h, which has a path like wolfssl\wolfssl\openssl\foo.h.

The include directory issue was reported in #8292 but it's currently
unclear whether this type of change is needed for other build systems.

Bug: https://github.com/curl/curl/issues/8292
Reported-by: Harry Sarson

Closes https://github.com/curl/curl/pull/8298
2022-01-21 03:22:06 -05:00
Daniel Stenberg
d03cb7c14a
openssl: return error if TLS 1.3 is requested when not supported
Previously curl would just silently ignore it if the necessary defines
are not present at build-time.

Reported-by: Stefan Eissing
Fixes #8309
Closes #8310
2022-01-21 08:44:17 +01:00
Daniel Stenberg
e29665c775
TODO: Passing NOTIFY option to CURLOPT_MAIL_RCPT
Closes #8232
2022-01-20 11:29:43 +01:00
pheiduck on githuh
f558534e22
workflows/wolfssl: install impacket
needed Python Package for SMB tests

Closes #8307
2022-01-20 11:22:52 +01:00
Daniel Stenberg
e74a6b7b72
url: make Curl_disconnect return void
1. The function would only ever return CURLE_OK anyway
 2. Only one caller actually used the return code
 3. Most callers did (void)Curl_disconnect()

Closes #8303
2022-01-20 09:07:30 +01:00
Daniel Stenberg
cdb495f743
docs: document HTTP/2 not insisting on TLS 1.2
Both for --http2 and CURLOPT_HTTP_VERSION.

Reported-by: jhoyla on github
Fixes #8235
Closes #8300
2022-01-19 23:30:07 +01:00
Daniel Stenberg
fde0925214
cmdline-opts/gen.pl: fix option matching to improve references
Previously it could mistakenly match partial names when there are
options that start with the same prefix, leading to the wrong references
used.

Closes #8299
2022-01-19 13:29:28 +01:00
Daniel Stenberg
0c2694f22f
TODO: Less memory massaging with Schannel 2022-01-19 11:59:53 +01:00
Patrick Monnerat
52826d3b79
runtests.pl: disable debuginfod
Valgrind and gdb implement this feature: as this highly slows down tests,
disable it.

Closes #8291
2022-01-17 22:26:52 +01:00
Daniel Stenberg
39b24a1183
RELEASE-NOTES: synced 2022-01-17 16:49:00 +01:00
Daniel Stenberg
c24764ef59
CURLMOPT_TIMERFUNCTION/DATA.3: fix the examples
... to not call libcurl recursively back.

Closes #8286
2022-01-17 16:45:28 +01:00
Daniel Stenberg
340bb1905f
multi: set in_callback for multi interface callbacks
This makes most libcurl functions return error if called from within a
callback using the same multi handle. For example timer or socket
callbacks calling curl_multi_socket_action.

Reported-by: updatede on github
Fixes #8282
Closes #8286
2022-01-17 16:44:45 +01:00
Daniel Stenberg
a3d2eeab01
docs/HISTORY.md: mention alt-svc and HSTS 2022-01-17 15:56:41 +01:00
Daniel Stenberg
f6088822ce
misc: remove the final watcom references
Follow-up to bbf8cae44d

We removed support for the watcom builds files back in September
2020. This removes all remaining watcom references and ifdefs.

Closes #8287
2022-01-17 08:49:25 +01:00
Daniel Stenberg
90dd1fc664
misc: remove BeOS code and references
There has not been a mention of this OS in any commit since December
2004 (58f4af7973). The OS is also long gone.

Closes #8288
2022-01-17 08:47:23 +01:00
Daniel Stenberg
0041fe7ef5
tool_getparam: DNS options that need c-ares now fail without it
Just silently accepting the options and then not having any effect is
not good.

Ref: #8283
Closes #8285
2022-01-17 08:44:41 +01:00
Daniel Stenberg
f974bee623
curl: remove "separators" (when using globbed URLs)
Unless muted (with -s) When doing globbing, curl would output mime-like
separators between the separate transfers. This is not documented
anywhere, surprises users and clobbers the output. Gone now.

Updated test 18 and 1235

Reported-by: jonny112 on github
Bug: https://github.com/curl/curl/discussions/8257
Closes #8278
2022-01-15 23:41:28 +01:00
Niels Martignène
6c084fd47c mbedtls: fix CURLOPT_SSLCERT_BLOB (again)
- Increase the buffer length passed to mbedtls_x509_crt_parse to account
  for the null byte appended to the temporary blob.

Follow-up to 867ad1c which uses a null terminated copy of the
certificate blob, because mbedtls_x509_crt_parse requires PEM data
to be null terminated.

Ref: https://github.com/curl/curl/commit/867ad1c#r63439893
Ref: https://github.com/curl/curl/pull/8146

Closes https://github.com/curl/curl/pull/8260
2022-01-15 16:57:36 -05:00
Alessandro Ghedini
3aee3612b4
quiche: verify the server cert on connect
Similarly to c148f0f551, make quiche correctly acknowledge
`CURLOPT_SSL_VERIFYPEER` and `CURLOPT_SSL_VERIFYHOST`.

Fixes #8173
Closes #8275
2022-01-15 17:47:00 +01:00
Ikko Ashimine
7053c9138f
checksrc: fix typo in comment
enfore -> enforce

Closes #8281
2022-01-15 17:23:46 +01:00
Daniel Stenberg
66250c4d51
curl-openssl: remove the OpenSSL headers and library versions check
It is more work to maintain that check than the (any?) benefit it
brings.

Fixes #8279
Reported-by: Satadru Pramanik
Closes #8280
2022-01-15 16:02:23 +01:00
Daniel Stenberg
84853d94f2
mqtt: free any leftover when done
Oss-fuzz found an issue when the "sendleftovers" pointer could leak memory.
Fix this by always freeing it (if still assigned) in the done function.

Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43515
Closes #8274
2022-01-13 23:09:14 +01:00
Daniel Stenberg
8188ca91eb
formdata: avoid size_t => long typecast overflows
Typically a problem for platforms with 32 bit long and 64 bit size_t

Reported-by: Fabian Yamaguchi
Bug: https://hackerone.com/reports/1444539
Closes #8272
2022-01-13 23:07:52 +01:00
Daniel Stenberg
7422110b48
RELEASE-NOTES: synced
bump next release to become 7.82.0
2022-01-13 22:21:16 +01:00
Marcel Raad
7740600015 build: enable -Warith-conversion
This makes the behavior consistent between GCC 10 and earlier versions.

Closes https://github.com/curl/curl/pull/8271
2022-01-13 16:23:07 +01:00
Marcel Raad
813c984962 build: fix -Wenum-conversion handling
Don't enable that warning when warnings are disabled.
Also add it to CMake.

Closes https://github.com/curl/curl/pull/8271
2022-01-13 16:23:03 +01:00
Marcel Raad
c07a71e74f appveyor: use VS 2017 image for the autotools builds
The newer images don't have all required MSYS2 packages.

Fixes https://github.com/curl/curl/issues/8248
Closes https://github.com/curl/curl/pull/8265
2022-01-12 11:10:22 +01:00
Marcel Raad
51df1c8e3e appveyor: update images from VS 2019 to 2022
Closes https://github.com/curl/curl/pull/8265
2022-01-12 11:10:22 +01:00
MAntoniak
44dfd6bdd8
mbedtls: return CURLcode result instead of a mbedtls error code
... when a certificate fails to be loaded from a blob

Closes #8266
2022-01-12 09:34:09 +01:00
Daniel Stenberg
cb0c7970f0
curl_multi_socket.3: remove callback and typical usage descriptions
1. The callback is better described in the option for setting it. Having
it in a single place reduces the risk that one of them is wrong.

2. The "typical usage" is wrong since the functions described in this
man page are both deprecated so they cannot be used in any "typical" way
anymore.

Closes #8262
2022-01-12 09:30:48 +01:00
Daniel Stenberg
cefc2e6897
curl-functions.m4: revert DYLD_LIBRARY_PATH tricks in CURL_RUN_IFELSE
Mostly reverts ba0657c343, but now instead just run the plain macro on
darwin. The approach as used on other platforms is simply not necessary
on macOS.

Fixes #8229
Reported-by: Ryan Schmidt
Closes #8247
2022-01-12 09:03:01 +01:00
Patrick Monnerat
eeca818b1e
openldap: implement SASL authentication
As credentials can be quite different depending on the mechanism used,
there are no default mechanisms for LDAP and simple bind with a DN is
then used.

The caller has to provide mechanism(s) using CURLOPT_LOGIN_OPTIONS to
enable SASL authentication and disable simple bind.

Closes #8152
2022-01-11 11:17:27 +01:00
Cameron Will
ce5463e60c CURLOPT_RESOLVE.3: change example port to 443
83cc966 changed documentation from using http to https. However,
CURLOPT_RESOLVE being set to port 80 in the documentation means that it
isn't valid for the new URL. Update to 443.

Closes https://github.com/curl/curl/pull/8258
2022-01-10 22:23:57 -05:00
Fabian Keil
e1e9d5af73
test374: gif data without new line at the end
Closes #8239
2022-01-10 15:54:54 +01:00
Fabian Keil
736847611a
runtests.pl: support the nonewline attribute for the data part
Added to FILEFORMAT

Closes #8239
2022-01-10 15:54:54 +01:00
Patrick Monnerat
b6acbdeb63
curl tool: erase some more sensitive command line arguments
As the ps command may reveal sensitive command line info, obfuscate
options --tlsuser, --tlspasswd, --proxy-tlsuser, --proxy-tlspassword and
--oauth2-bearer arguments.

Reported-by: Stephen Boost <s.booth@epcc.ed.ac.uk>

Closes #7964
2022-01-10 15:49:25 +01:00
Daniel Stenberg
223f26c28a
mesalink: remove support
Mesalink has ceased development. We can no longer encourage use of it.
It seems to be continued under the name TabbySSL, but no attempts have
(yet) been to make curl support it.

Fixes #8188
Closes #8191
2022-01-10 11:27:59 +01:00
Daniel Stenberg
7edb0fcf3f
ldap: return CURLE_URL_MALFORMAT for bad URL
For consistency, use the same return code for URL malformats,
independently of what scheme that is used. Previously this would return
CURLE_LDAP_INVALID_URL, but starting now that error cannot be returned.

Closes #8170
2022-01-10 09:37:47 +01:00
Daniel Stenberg
2a19ad473a
docs/cmdline-opts: add "mutexed" options for more http versions
Update four http version man page sections.

Closes #8254
2022-01-10 09:33:35 +01:00
Stephen M. Coakley
3be94d84fc
rustls: add CURLOPT_CAINFO_BLOB support
Add support for `CURLOPT_CAINFO_BLOB` `CURLOPT_PROXY_CAINFO_BLOB` to the
rustls TLS backend. Multiple certificates in a single PEM string are
supported just like OpenSSL does with this option.

This is compatible at least with rustls-ffi 0.8+ which is our new
minimum version anyway.

I was able to build and run this on Windows, pulling trusted certs from
the system and then add them to rustls by setting
`CURLOPT_CAINFO_BLOB`. Handy!

Closes #8255
2022-01-10 09:30:12 +01:00
Daniel Stenberg
dbde76bdd6
scripts/copyright.pl: ignore missing files 2022-01-09 22:28:04 +01:00
Daniel Stenberg
d8218d45e4
RELEASE-NOTES: synced 2022-01-09 18:13:04 +01:00
Daniel Stenberg
1f7234a290
data/DISABLED: disable test 313 for wolfssl builds
It was previously disabled only in the CI jobs yaml

Closes #8252
2022-01-09 18:08:33 +01:00
Daniel Stenberg
cfb4f8b626
runtests: make 'wolfssl' a testable feature
Closes #8252
2022-01-09 18:08:14 +01:00
Daniel Stenberg
5bf1c4681a
GHA: install stunnel in the medbtls + wolfssl CI jobs
Closes #8252
2022-01-09 18:08:02 +01:00
Daniel Stenberg
70a1101e41
CI: move the rustls CI job to GHA from Zuul
Closes #8251
2022-01-09 16:07:48 +01:00
Daniel Stenberg
4c843fddcf
DISABLE: disable a dozen tests in the rustls build
Disables tests that don't yet work with the rustls backend.

Fixes #8004
Closes #8250
2022-01-09 16:06:19 +01:00