Commit Graph

21753 Commits

Author SHA1 Message Date
Jay Satiro
21512a015f CURLOPT_SSL_CTX_FUNCTION.3: Fix EXAMPLE formatting errors
.. also document that CURLE_NOT_BUILT_IN is a RETURN VALUE.

Ref: https://github.com/curl/curl/pull/1290
2017-03-04 16:07:28 -05:00
Andrew Krieger
7b1430c0b4 fix potential use of uninitialized variables
MSVC with LTCG detects this at warning level 4.

Closes #1304
2017-03-04 21:37:03 +01:00
Sylvestre Ledru
658b9a200a fix some typos in the doc (#1306) 2017-03-04 15:50:33 +01:00
Dan Fandrich
97a04145ef tests: fixed a typo in some comments 2017-03-04 12:50:30 +01:00
Jay Satiro
9f20333443 url: split off proxy init and parsing from create_conn
Move the proxy parse/init into helper create_conn_helper_init_proxy to
mitigate the chances some non-proxy code will be mistakenly added to it.

Ref: https://github.com/curl/curl/issues/1274#issuecomment-281556510
Ref: https://github.com/curl/curl/pull/1293

Closes https://github.com/curl/curl/pull/1298
2017-03-03 03:14:25 -05:00
Alexis La Goutte
cbff751e95 build: fix gcc7 implicit fallthrough warnings
Mark intended fallthroughs with /* FALLTHROUGH */ so that gcc will know
it's expected and won't warn on [-Wimplicit-fallthrough=].

Closes https://github.com/curl/curl/pull/1297
2017-03-03 03:09:46 -05:00
Greg Rowe
6fc91f6d3a configure: fix --with-zlib when a path is specified
Prior to this change if you attempted to configure curl using
--wtih-zlib and specified a path the path would be ignored if you also
had pkg-config installed on your system.  This situation can easily
arise when you are cross compiling.  This change moves the test for
detecting zlib settings via pkg-config only if OPT_ZLIB is not set.

Closes https://github.com/curl/curl/pull/1292
2017-03-03 02:53:35 -05:00
c4rlo
e952402404 no-keepalive.d: fix typo
Closes https://github.com/curl/curl/pull/1301
2017-03-03 02:37:43 -05:00
Jay Satiro
14cd405d27 checksrc.bat: Ignore curl_config.h.in, curl_config.h 2017-03-02 02:51:13 -05:00
Jay Satiro
5f139d6b6f configure: fix for --enable-pthreads
Better handle options conflicts that can occur if --enable-pthreads.

Bug: https://github.com/curl/curl/pull/1295
Reported-by: Marc-Antoine Perennou
2017-03-02 02:43:10 -05:00
JDepooter
0966ab5bd4 darwinssl: Warn that disabling host verify also disables SNI
In DarwinSSL the SSLSetPeerDomainName function is used to enable both
sending SNI and verifying the host. When host verification is disabled
the function cannot be called, therefore SNI is disabled as well.

Closes https://github.com/curl/curl/pull/1240
2017-03-02 02:42:15 -05:00
Marcel Raad
a162d8b21b
warnless: suppress compiler warning
If size_t is 32 bits, MSVC warns:
warning C4310: cast truncates constant value
The warning is harmless as CURL_MASK_SCOFFT gets
truncated to the maximum value of size_t.
2017-02-28 09:10:18 +01:00
Dan Fandrich
41388b9ba3 tests: enable HTTP/2 tests to run with non-default port numbers 2017-02-27 22:32:37 +01:00
Marcel Raad
727917555d
digest_sspi: fix compilation warning
MSVC complains:
warning C4701: potentially uninitialized local variable 'output_token_len' used
2017-02-27 13:05:22 +01:00
Jay Satiro
a21cae5f97 cyassl: get library version string at runtime
wolfSSL >= 3.6.0 supports getting its library version string at runtime.
2017-02-26 18:49:39 -05:00
Dan Fandrich
4fa2de3698 test1139: allow for the possibility that the man page is not rebuilt
This is likely to be the case when building from a tar ball release
package which includes a prebuilt man page. In that case, test the
packaged man page instead. This only makes a difference when building
out-of-tree (in-tree, the location in both cases is identical).
2017-02-26 21:30:31 +01:00
Isaac Boukris
1f8023ceb5 url: fix unix-socket support for proxy-disabled builds
Prior to this change if curl was built with Unix Socket support
(--enable-unix-sockets) and without Proxy support (--disable-proxy) then
unix socket options would erroneously be ignored.

Regression introduced in:
0b8d682f81

Bug: https://github.com/curl/curl/issues/1274
Reported-by: mccormickt12@users.noreply.github.com

Closes https://github.com/curl/curl/pull/1289
2017-02-25 18:21:15 -05:00
Dan Fandrich
f7285cc02b gopher: fixed detection of an error condition from Curl_urldecode 2017-02-26 00:10:30 +01:00
Dan Fandrich
516e60aa8e ftp: fixed a NULL pointer dereference on OOM 2017-02-25 22:55:46 +01:00
Peter Wu
eac0dc6a3f docs: de-duplicate file lists in the Makefiles
Make use of macro substitution of suffix patterns to remove duplication
of manual names. This approach is portable according to
http://pubs.opengroup.org/onlinepubs/009695399/utilities/make.html

Closes https://github.com/curl/curl/pull/1287
2017-02-25 16:26:22 -05:00
Dan Fandrich
79221d8d50 ftp: removed an erroneous free in an OOM path 2017-02-25 21:47:27 +01:00
Dan Fandrich
ce9ba3ba10 proxy: fixed a memory leak on OOM 2017-02-25 21:36:39 +01:00
Dan Fandrich
c6ddb606d8 tests: use consistent environment variables for setting charset
The character set in POSIX is set by the locale defined by (in
decreasing order of precedence) the LC_ALL, LC_CTYPE and LANG
environment variables (CHARSET was used by libidn but not libidn2).
LC_ALL is cleared to ensure that LC_CTYPE takes effect, but LC_ALL is
not used to set the locale to ensure that other parts of the locale
aren't overridden.  Since there doesn't seem to be a cross-platform way
of specifying a UTF-8 locale, and not all systems may support UTF-8, a
<precheck> is used to skip the test if UTF-8 can't be verified to be
available.  Test 1035 was also converted to UTF-8 for consistency, as
the actual character set used there is irrelevant to the test.

This patch uses a different UTF-8 locale than the last attempt, namely
en_US.UTF-8. This one has been verified on 7 different Linux and BSD
distributions and is more complete and usable than the locale UTF-8 (on
at least some systems).
2017-02-25 15:33:29 +01:00
Dan Fandrich
832b0105f2 test557: explicitly use the C locale so the numeric output is as expected 2017-02-25 12:05:28 +01:00
Simon Warta
bbc81c46e8 cmake: Replace invalid UTF-8 byte sequence
- Change the encoding of the regex temp placeholder token to UTF-8.

Prior to this change the file contained special chars in a different
encoding than ASCII or UTF-8 making text editors and Python complain
when reading the file.

Closes https://github.com/curl/curl/pull/1271
Closes https://github.com/curl/curl/pull/1275
2017-02-25 02:31:05 -05:00
Daniel Stenberg
03bd26852b bump: work on the next release 2017-02-24 23:48:05 +01:00
Daniel Stenberg
25df50aa33 release: 7.53.1 2017-02-24 08:47:45 +01:00
Daniel Stenberg
13314ffd65 Revert "tests: use consistent environment variables for setting charset"
This reverts commit ecd1d020ab.

That commit caused test failures on my Debian Linux machine for all
changed test cases. We need to reconsider how that should get done.
2017-02-24 08:41:36 +01:00
Dan Fandrich
ecd1d020ab tests: use consistent environment variables for setting charset
Character set in POSIX is set by the locale defined (in decreasing order
of precedence) by the LC_ALL, LC_CTYPE and LANG environment variables (I
believe CHARSET is only historic). LC_ALL is cleared to ensure that
LC_CTYPE takes effect, but LC_ALL is not used to set the locale to
ensure that other parts of the locale aren't overriden, if set.  Since
there doesn't seem to be a cross-platform way of specifying a UTF-8
locale, and not all systems may support UTF-8, a <precheck> is used
(where relevant) to skip the test if UTF-8 isn't in use.  Test 1035 was
also converted to UTF-8 for consistency, as the actual character set
used there is irrelevant to the test.
2017-02-23 23:14:00 +01:00
Jay Satiro
93cce2489d url: Default the CA proxy bundle location to CURL_CA_BUNDLE
If the compile-time CURL_CA_BUNDLE location is defined use it as the
default value for the proxy CA bundle location, which is the same as
what we already do for the regular CA bundle location.

Ref: https://github.com/curl/curl/pull/1257
2017-02-23 17:06:11 -05:00
Sergii Pylypenko
53ab183c1a rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header
Closes #1285
2017-02-23 22:44:16 +01:00
Daniel Stenberg
ed74c6442d TODO: "OPTIONS *"
Closes #1280
2017-02-23 16:58:21 +01:00
Daniel Stenberg
656441d915 RELEASE-NOTES: synced with 443e5b03a7 2017-02-23 11:21:44 +01:00
Daniel Stenberg
443e5b03a7 THANKS-filter: shachaf 2017-02-23 11:21:19 +01:00
İsmail Dönmez
2bfe55037f tests: Set CHARSET & LANG to UTF-8 in 1035, 2046 and 2047
Closes #1283
Fixes #1277
2017-02-23 11:02:59 +01:00
Daniel Stenberg
d3838dc68e bump: 7.53.1 coming up
synced with df665f4df0f7a352
2017-02-23 10:47:44 +01:00
Daniel Stenberg
86f566078b formdata: check for EOF when reading from stdin
Reported-by: shachaf@users.noreply.github.com

Fixes #1281
2017-02-23 10:47:44 +01:00
Jay Satiro
035c2eceeb docs: gitignore curl.1
curl.1 is generated by the cmdline-opts script since 4c49b83.
2017-02-22 14:08:29 -05:00
Daniel Stenberg
f57eb1f8e3 TODO: HTTP Digest using SHA-256 2017-02-22 14:16:45 +01:00
Daniel Stenberg
b702a4d848 TODO: brotli is deployed widely now 2017-02-22 11:00:18 +01:00
Viktor Szakats
f4739f639f urldata: include curl_sspi.h when Windows SSPI is enabled
f77dabe broke builds in Windows using Windows SSPI but not Windows SSL.

Bug: https://github.com/curl/curl/issues/1276
Reported-by: jveazey@users.noreply.github.com
2017-02-21 23:06:43 -05:00
Jay Satiro
b259646ea1 url: Improve CURLOPT_PROXY_CAPATH error handling
- Change CURLOPT_PROXY_CAPATH to return CURLE_NOT_BUILT_IN if the option
  is not supported, which is the same as what we already do for
  CURLOPT_CAPATH.

- Change the curl tool to handle CURLOPT_PROXY_CAPATH error
  CURLE_NOT_BUILT_IN as a warning instead of as an error, which is the
  same as what we already do for CURLOPT_CAPATH.

- Fix CAPATH docs to show that CURLE_NOT_BUILT_IN is returned when the
  respective CAPATH option is not supported by the SSL library.

Ref: https://github.com/curl/curl/pull/1257
2017-02-21 22:24:40 -05:00
Jay Satiro
0e8d3e838e cyassl: fix typo 2017-02-21 22:24:39 -05:00
Daniel Stenberg
a7135ac3c3 release: 7.53.0 2017-02-22 00:23:38 +01:00
Daniel Stenberg
588960be2c cookie: fix declaration of 'dup' shadows a global declaration 2017-02-21 17:44:02 +01:00
Daniel Stenberg
ca6ea6d9be TLS: make SSL_VERIFYSTATUS work again
The CURLOPT_SSL_VERIFYSTATUS option was not properly handled by libcurl
and thus even if the status couldn't be verified, the connection would
be allowed and the user would not be told about the failed verification.

Regression since cb4e2be7c6

CVE-2017-2629
Bug: https://curl.haxx.se/docs/adv_20170222.html

Reported-by: Marcus Hoffmann
2017-02-21 08:33:18 +01:00
Jay Satiro
af5fbb14bb digest_sspi: Handle 'stale=TRUE' directive in HTTP digest
- If the server has provided another challenge use it as the replacement
  input token if stale=TRUE. Otherwise previous credentials have failed
  so return CURLE_LOGIN_DENIED.

Prior to this change the stale directive was ignored and if another
challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING.

Ref: https://tools.ietf.org/html/rfc2617#page-10

Bug: https://github.com/curl/curl/issues/928
Reported-by: tarek112@users.noreply.github.com
2017-02-21 01:04:59 -05:00
Daniel Stenberg
de1c1a8d85 smb: use getpid replacement for windows UWP builds
Source: 7676b8780d/ports/curl/0002_fix_uwp.patch
2017-02-20 10:27:51 +01:00
Daniel Stenberg
73ef4ed612 TODO: CURLOPT_RESOLVE for any port number
Closes #1264
2017-02-20 09:15:13 +01:00
Daniel Stenberg
563a4b0671 RELEASE-NOTES: synced with af30f1152d 2017-02-20 08:11:17 +01:00