Commit Graph

27929 Commits

Author SHA1 Message Date
Patrick Monnerat
ac89965f99
openldap: handle connect phase with a state machine
Closes #8054
2021-11-26 14:32:12 +01:00
Daniel Stenberg
76d6e719d9
docs: address proselint nits
- avoid exclamation marks
- use consistent number of spaces after periods: one
- avoid clichés
- avoid using 'very'

Closes #8060
2021-11-26 14:27:07 +01:00
Bruno Baguette
0d380a853f
FAQ: typo fix : "yout" ➤ "your"
Closes #8059
2021-11-26 14:24:59 +01:00
Bruno Baguette
2361d11d4c
docs/INSTALL.md: typo fix : added missing "get" verb
Closes #8058
2021-11-26 08:13:10 +01:00
Daniel Stenberg
c50edee022
insecure.d: detail its use for SFTP and SCP as well
Closes #8056
2021-11-25 22:31:15 +01:00
Viktor Szakats
8c0336cf5d
Makefile.m32: rename -winssl option to -schannel and tidy up
- accept `-schannel` as an alternative to `CFG` option `-winssl`
  (latter still accepted, but deprecated)
- rename internal variable `WINSSL` to `SCHANNEL`
- make the `CFG` option evaluation shorter, without repeating the option
  name

Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes #8053
2021-11-25 17:36:38 +00:00
Daniel Stenberg
ba83800638
KNOWN_BUGS: 5.6 make distclean loops forever
Reported-by: David Bohman
Closes #7716
2021-11-25 14:44:59 +01:00
Daniel Stenberg
a6d2ca37bb
KNOWN_BUGS: add one, remove one
- 5.10 SMB tests fail with Python 2

Just use python 3.

+ 5.10 curl hangs on SMB upload over stdin

Closes #7896
2021-11-25 14:08:52 +01:00
Daniel Stenberg
4183b8fe9a
urlapi: provide more detailed return codes
Previously, the return code CURLUE_MALFORMED_INPUT was used for almost
30 different URL format violations. This made it hard for users to
understand why a particular URL was not acceptable. Since the API cannot
point out a specific position within the URL for the problem, this now
instead introduces a number of additional and more fine-grained error
codes to allow the API to return more exactly in what "part" or section
of the URL a problem was detected.

Also bug-fixes curl_url_get() with CURLUPART_ZONEID, which previously
returned CURLUE_OK even if no zoneid existed.

Test cases in 1560 have been adjusted and extended. Tests 1538 and 1559
have been updated.

Updated libcurl-errors.3 and curl_url_strerror() accordingly.

Closes #8049
2021-11-25 08:36:04 +01:00
Daniel Stenberg
a5f5687368
urlapi: make Curl_is_absolute_url always use MAX_SCHEME_LEN
Instad of having all callers pass in the maximum length, always use
it. The passed in length is instead used only as the length of the
target buffer for to storing the scheme name in, if used.

Added the scheme max length restriction to the curl_url_set.3 man page.

Follow-up to 45bcb2eaa7

Closes #8047
2021-11-25 08:33:48 +01:00
Jay Satiro
0969805e20
cmake: warn on use of the now deprecated symbols
Follow-up to 9108da2c26

Closes #8052
2021-11-25 08:29:30 +01:00
Kevin Burke
cc2870e275
tests/CI.md: add more information on CI environments
Fixes #8012
Closes #8022
2021-11-23 09:38:44 +01:00
Daniel Stenberg
9108da2c26
cmake: private identifiers use CURL_ instead of CMAKE_ prefix
Since the 'CMAKE_' prefix is reserved for cmake's own private use.
Ref: https://cmake.org/cmake/help/latest/manual/cmake-variables.7.html

Reported-by: Boris Rasin
Fixes #7988
Closes #8044
2021-11-23 08:46:41 +01:00
Daniel Stenberg
3e6eb18fce
urlapi: reject short file URLs
file URLs that are 6 bytes or shorter are not complete. Return
CURLUE_MALFORMED_INPUT for those. Extended test 1560 to verify.

Triggered by #8041
Closes #8042
2021-11-23 08:45:21 +01:00
Daniel Stenberg
ffb6a9e8a6
curl: improve error message for --head with -J
... it now focuses on the "output of headers" combined with the
--remote-header-name option, as that is actually the problem. Both
--head and --include can output headers.

Reported-by: nimaje on github
Fixes #7987
Closes #8045
2021-11-23 08:43:44 +01:00
Daniel Stenberg
b011656804
RELEASE-NOTES: synced 2021-11-22 23:11:40 +01:00
Stefan Eissing
45bcb2eaa7
urlapi: cleanup scheme parsing
Makea Curl_is_absolute_url() always leave a defined 'buf' and avoids
copying on urls that do not start with a scheme.

Closes #8043
2021-11-22 22:41:11 +01:00
Daniel Stenberg
18270893ab
tool_operate: only set SSH related libcurl options for SSH URLs
For example, this avoids trying to find and set the known_hosts file (or
warn for its absence) if SFTP or SCP are not used.

Closes #8040
2021-11-21 23:12:48 +01:00
Jacob Hoffman-Andrews
3f8fde366f
rustls: remove comment about checking handshaking
The comment is incorrect in two ways:
 - It says the check needs to be last, but the check is actually first.
 - is_handshaking actually starts out true.

Closes #8038
2021-11-20 22:57:13 +01:00
Marcel Raad
9b9485e7ac openssl: use non-deprecated API to read key parameters
With OpenSSL 3.0, the parameters are read directly from the `EVP_PKEY`
using `EVP_PKEY_get_bn_param`.

Closes https://github.com/curl/curl/pull/7893
2021-11-20 12:04:57 +01:00
Marcel Raad
9b923eaf3e openssl: reduce code duplication
`BN_print`'s `BIGNUM` parameter has been `const` since OpenSSL 0.9.4.

Closes https://github.com/curl/curl/pull/7893
2021-11-20 12:04:56 +01:00
Marcel Raad
6147dfab93 openssl: remove RSA_METHOD_FLAG_NO_CHECK handling if unavailable
The flag has been deprecated without replacement in OpenSSL 3.0.

Closes https://github.com/curl/curl/pull/7893
2021-11-20 12:04:56 +01:00
Marcel Raad
1e80f56d0b openssl: remove usage of deprecated SSL_get_peer_certificate
The function name was changed to `SSL_get1_peer_certificate` in OpenSSL
3.0.

Closes https://github.com/curl/curl/pull/7893
2021-11-20 12:04:56 +01:00
Daniel Stenberg
0164bb8507
page-footer: fix typo
Closes #8036
2021-11-19 18:11:13 +01:00
Daniel Stenberg
6e061ae63a
http: enable haproxy support for hyper backend
This is done by having native code do the haproxy header output before
hyper issues its request. The little downside with this approach is that
we need the entire Curl_buffer_send() function built, which is otherwise
not used for hyper builds.

If hyper ends up getting native support for the haproxy protocols we can
backpedal on this.

Enables test 1455 and 1456

Closes #8034
2021-11-19 14:06:42 +01:00
Bernhard Walle
ba0657c343
configure: fix runtime-lib detection on macOS
With a non-standard installation of openssl we get this error:

    checking run-time libs availability... failed
    configure: error: one or more libs available at link-time are not available run-time. Libs used at link-time: -lnghttp2 -lssl -lcrypto -lssl -lcrypto -lz

There's already code to set LD_LIBRARY_PATH on Linux, so set
DYLD_LIBRARY_PATH equivalent on macOS.

Closes #8028
2021-11-18 11:27:48 +01:00
Don
f99a4c759f
cmake: don't set _USRDLL on a static Windows build
Closes #8030
2021-11-18 11:26:30 +01:00
Daniel Stenberg
fa5c311904
page-footer: document more environment variables
... that curl might use.

Closes #8027
2021-11-17 11:05:07 +01:00
Daniel Stenberg
73412465a0
netrc.d: edit the .netrc example to look nicer
Works nicely thanks to d1828b470f

Closes #8025
2021-11-17 08:33:05 +01:00
Daniel Stenberg
4d97fe5473
tftp: mark protocol as not possible to do over CONNECT
... and make connect_init() refusing trying to tunnel protocols marked
as not working. Avoids a double-free.

Reported-by: Even Rouault
Fixes #8018
Closes #8020
2021-11-15 23:13:09 +01:00
Daniel Stenberg
2511a41bf9
docs/cmdline-opts: do not say "protocols: all"
Remove the lines saying "protocols: all". It makes the output in the
manpage look funny, and the expectation is probably by default that if
not anything is mentioned about protocols the option apply to them all.

Closes #8021
2021-11-15 23:11:55 +01:00
Daniel Stenberg
ddaa85893d
curl.1: require "see also" for every documented option
gen.pl now generates a warning if the "See Also" field is not filled in for a
command line option

All command line options now provide one or more related options. 167
"See alsos" added!

Closes #8019
2021-11-15 23:06:41 +01:00
Daniel Stenberg
f5f12331e5
insecure.d: expand and clarify
Closes #8017
2021-11-15 23:01:06 +01:00
Daniel Stenberg
d1828b470f
gen.pl: improve example output format
Treat consecutive lines that start with a space to be "examples". They
are output enclosed by .nf and .fi

Updated form.d to use this new fanciness

Closes #8016
2021-11-15 22:59:49 +01:00
Daniel Stenberg
3bf54f90f3
Revert "form-escape.d: double the back-slashes for proper man page output"
This reverts commit a2d8eac04a.

silly me, it was intended to be one backslash!
2021-11-15 11:37:37 +01:00
Daniel Stenberg
a2d8eac04a
form-escape.d: double the back-slashes for proper man page output 2021-11-15 11:36:58 +01:00
Daniel Stenberg
59617143cc
page-footer: add a mention of how to report bugs to the man page 2021-11-15 11:28:16 +01:00
Daniel Stenberg
808d839402
RELEASE-NOTES: synced
and bump to 7.81.0-DEV
2021-11-15 10:44:29 +01:00
Patrick Monnerat
b20b364764
mime: use percent-escaping for multipart form field and file names
Until now, form field and file names where escaped using the
backslash-escaping algorithm defined for multipart mails. This commit
replaces this with the percent-escaping method for URLs.

As this may introduce incompatibilities with server-side applications, a
new libcurl option CURLOPT_MIME_OPTIONS with bitmask
CURLMIMEOPT_FORMESCAPE is introduced to revert to legacy use of
backslash-escaping. This is controlled by new cli tool option
--form-escape.

New tests and documentation are provided for this feature.

Reported by: Ryan Sleevi
Fixes #7789
Closes #7805
2021-11-15 10:40:03 +01:00
Kevin Burke
6ec28eb687
zuul.d: update rustls-ffi to version 0.8.2
This version fixes errors with ALPN negotiation in rustls, which is
necessary for HTTP/2 support. For more information see the rustls-ffi
changelog.

Closes #8013
2021-11-15 09:50:08 +01:00
Daniel Stenberg
9492d3382b
configure: better diagnostics if hyper is built wrong
If hyper is indeed present in the specified directory but couldn't be
used to find the correct symbol, then offer a different error message to
better help the user understand the issue.

Suggested-by: Jacob Hoffman-Andrews
Fixes #8001
Closes #8005
2021-11-14 22:42:59 +01:00
Daniel Stenberg
b7e1443a1d
test1939: require proxy support to run
Follow-up to f0b7099a10

Closes #8011
2021-11-14 16:14:52 +01:00
Daniel Stenberg
4825d0cd3a
test302[12]: run only with the libssh2 backend
... as the others don't support --hostpubsha256

Reported-by: Paul Howarth
Fixes #8009
Closes #8010
2021-11-14 16:13:50 +01:00
Daniel Stenberg
f4cafa4f0d
runtests: make the SSH library a testable feature
libssh2, libssh and wolfssh
2021-11-14 16:13:44 +01:00
Jacob Hoffman-Andrews
00f4ed2aad
rustls: read of zero bytes might be okay
When we're reading out plaintext from rustls' internal buffers, we might
get a read of zero bytes (meaning a clean TCP close, including
close_notify). However, we shouldn't return immediately when that
happens, since we may have already copied out some plaintext bytes.
Break out of the loop when we get a read of zero bytes, and figure out
which path we're dealing with.

Acked-by: Kevin Burke

Closes #8003
2021-11-13 22:57:51 +01:00
Jacob Hoffman-Andrews
be8d77b146
rustls: remove incorrect EOF check
The update to rustls-ffi 0.8.0 changed handling of EOF and close_notify.
From the CHANGELOG:

> Handling of unclean close and the close_notify TLS alert. Mirroring
> upstream changes, a rustls_connection now tracks TCP closed state like
> so: rustls_connection_read_tls considers a 0-length read from its
> callback to mean "TCP stream was closed by peer."  If that happens
> before the peer sent close_notify, rustls_connection_read will return
> RUSTLS_RESULT_UNEXPECTED_EOF once the available plaintext bytes are
> exhausted. This is useful to protect against truncation attacks. Note:
> some TLS implementations don't send close_notify. If you are already
> getting length information from your protocol (e.g. Content-Length in
> HTTP) you may choose to ignore UNEXPECTED_EOF so long as the number of
> plaintext bytes was as expected.

That means we don't need to check for unclean EOF in `cr_recv()`,
because `process_new_packets()` will give us an error if appropriate.

Closes #8003
2021-11-13 22:57:20 +01:00
Daniel Stenberg
26247a0d7e
lib1939: make it endure torture tests
Follow-up to f0b7099a10

Closes #8007
2021-11-13 22:44:34 +01:00
Daniel Stenberg
ca847ba5cf
azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper
The configure line would previously depend on a configure mistake using
--without-openssl that is fixed and now this configure line needs
adjusting to use --without-ssl.

Follow-up to b589696f03

Closes #8006
2021-11-13 14:16:48 +01:00
Jacob Hoffman-Andrews
72a63aa466
configure: add -lm to configure for rustls build.
Note: The list of libraries that rustc tells us we need to include is
longer, but also includes some more platform-specific libraries that I
am not sure how to effectively incorporate. Adding just -lm seems to
solve an immediate problem, so I'm adding just that.

Closes #8002
2021-11-13 11:14:00 +01:00
Daniel Stenberg
541adbe2d8
curl_share_setopt.3: refer to CURLSHOPT_USERDATA(3) properly 2021-11-12 15:27:04 +01:00