Commit Graph

19734 Commits

Author SHA1 Message Date
Daniel Stenberg
8204844f47 1.11 minimize dependencies with dynamicly loaded modules
Closes #349 for now
2015-07-26 00:45:22 +02:00
Jay Satiro
b46a7744bc tool_operate: Fix CURLOPT_SSL_OPTIONS for builds without HTTPS
- Set CURLOPT_SSL_OPTIONS only if the tool enabled an SSL option.

Broken by me several days ago in 172b2be.
https://github.com/bagder/curl/commit/172b2be#diff-70b44ee478e58d4e1ddcf9c9a73d257b

Bug: http://curl.haxx.se/mail/lib-2015-07/0119.html
Reported-by: Dan Fandrich
2015-07-25 16:32:15 -04:00
Daniel Stenberg
a284b0ebc4 configure: check if OpenSSL linking wants -ldl
To make it easier to link with static versions of OpenSSL, the configure
script now checks if -ldl is needed for linking.

Help-by: TJ Saunders
2015-07-25 10:52:49 +02:00
Michael Kaufmann
c5d060cab4 HTTP: ignore "Content-Encoding: compress"
Currently, libcurl rejects responses with "Content-Encoding: compress"
when CURLOPT_ACCEPT_ENCODING is set to "". I think that libcurl should
treat the Content-Encoding "compress" the same as other
Content-Encodings that it does not support, e.g. "bzip2". That means
just ignoring it.
2015-07-25 00:46:01 +02:00
Marcel Raad
98835eed29 openssl: work around MSVC warning
MSVC 12 complains:

lib\vtls\openssl.c(1554): warning C4701: potentially uninitialized local
variable 'verstr' used It's a false positive, but as it's normally not,
I have enabled warning-as-error for that warning.
2015-07-24 00:12:31 +02:00
Michał Fita
cee21eb6a7 configure: add --disable-rt option
This option disables any attempts in configure to create dependency on
stuff requiring linking to librt.so and libpthread.so, in this case this
means clock_gettime(CLOCK_MONOTONIC, &mt).

We were in need to build curl which doesn't link libpthread.so to avoid
the following bug:
https://sourceware.org/bugzilla/show_bug.cgi?id=16628.
2015-07-24 00:09:29 +02:00
Kamil Dudka
da650c1e54 http2: verify success of strchr() in http2_send()
Detected by Coverity.

Error: NULL_RETURNS:
lib/http2.c:1301: returned_null: "strchr" returns null (checked 103 out of 109 times).
lib/http2.c:1301: var_assigned: Assigning: "hdbuf" = null return value from "strchr".
lib/http2.c:1302: dereference: Incrementing a pointer which might be null: "hdbuf".
1300|
1301|     hdbuf = strchr(hdbuf, 0x0a);
1302|->   ++hdbuf;
1303|
1304|     authority_idx = 0;
2015-07-23 11:51:53 +02:00
Jay Satiro
40c921f8b8 Windows: Fix VerifyVersionInfo calls
- Fix the VerifyVersionInfo calls, which we use to test for the OS major
version, to also test for the minor version as well as the service pack
major and minor versions.

MSDN: "If you are testing the major version, you must also test the
minor version and the service pack major and minor versions."

https://msdn.microsoft.com/en-us/library/windows/desktop/ms725492.aspx

Bug: https://github.com/bagder/curl/pull/353#issuecomment-123493098
Reported-by: Marcel Raad <MarcelRaad@users.noreply.github.com>
2015-07-22 01:55:43 -04:00
Marcel Raad
7a8e861a56 schannel: Replace deprecated GetVersion with VerifyVersionInfo 2015-07-22 01:55:42 -04:00
Steve Holme
ad32457623 makefile: Added support for VC14 2015-07-21 18:52:43 +01:00
Patrick Monnerat
32d4260c2d os400: ebcdic wrappers for new functions. Upgrade ILE/RPG bindings. 2015-07-21 16:36:34 +02:00
Patrick Monnerat
1df8d28381 libcurl: VERSIONINFO update
Addition of new procedures curl_pushheader_bynum and curl_pushheader_byname
requires VERSIONINFO updating.
2015-07-21 14:01:19 +02:00
Patrick Monnerat
fa0eeedf35 http2: satisfy external references even if http2 is not compiled in. 2015-07-21 13:55:39 +02:00
Daniel Stenberg
68d17643f5 http2: add stream != NULL checks for reliability
They should not trigger, but in case of internal problems we at least
avoid crashes this way.
2015-07-20 21:35:15 +02:00
Jay Satiro
aab76af1fa symbols-in-versions: Add new CURLSSLOPT_NO_REVOKE symbol 2015-07-18 15:27:48 -04:00
Jay Satiro
172b2beba6 SSL: Add an option to disable certificate revocation checks
New tool option --ssl-no-revoke.
New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS.

Currently this option applies only to WinSSL where we have automatic
certificate revocation checking by default. According to the
ssl-compared chart there are other backends that have automatic checking
(NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at
some later point.

Bug: https://github.com/bagder/curl/issues/264
Reported-by: zenden2k <zenden2k@gmail.com>
2015-07-17 02:40:16 -04:00
Jay Satiro
606b29fe0d runtests: Allow for spaces in curl custom path
.. also fix some typos in test's FILEFORMAT spec.
2015-07-16 22:21:07 -04:00
David Woodhouse
60b19630b0 ntlm_wb: Fix theoretical memory leak
Static analysis indicated that my commit 9008f3d564 ("ntlm_wb: Fix
hard-coded limit on NTLM auth packet size") introduced a potential
memory leak on an error path, because we forget to free the buffer
before returning an error.

Fix this.

Although actually, it never happens in practice because we never *get*
here with state == NTLMSTATE_TYPE1. The state is always zero. That
might want cleaning up in a separate patch.

Reported-by: Terri Oda
2015-07-16 14:22:45 -04:00
Jay Satiro
de74e856e6 strerror: Add CRYPT_E_REVOKED to SSPI error strings 2015-07-15 22:19:20 -04:00
Kamil Dudka
cd20e81e89 libtest: call PR_Cleanup() on exit if NSPR is used
This prevents valgrind from reporting possibly lost memory that NSPR
uses for file descriptor cache and other globally allocated internal
data structures.

Reported-by: Štefan Kremeň
2015-07-14 21:52:33 +02:00
John Malmberg
79416fb2d6 openssl: VMS support for SHA256
setup-vms.h: More symbols for SHA256, hacks for older VAX

openssl.h: Use OpenSSL OPENSSL_NO_SHA256 macro to allow building on VAX.

openssl.c: Use OpenSSL version checks and OPENSSL_NO_SHA256 macro to
allow building on VAX and 64 bit VMS.
2015-07-14 01:25:36 -04:00
Jay Satiro
8f0178a56b examples: Fix typo in multi-single.c 2015-07-11 02:32:53 -04:00
Tatsuhiro Tsujikawa
845b011614 http2: Fix memory leak in push header array 2015-07-07 12:33:41 +02:00
Dan Fandrich
ce1bf87a04 test2041: fixed line endings in protocol part 2015-07-02 08:32:18 +02:00
Dan Fandrich
5602ad721b cyassl: fixed mismatched sha256sum function prototype 2015-07-02 08:29:22 +02:00
moparisthebest
55b78c5ae9 SSL: Pinned public key hash support 2015-07-01 19:43:47 +02:00
Daniel Stenberg
c00b18d540 examples: provide <DESC> sections 2015-07-01 11:43:12 +02:00
John Malmberg
4ed8537be6 OpenVMS: VMS Software, Inc now the supplier.
setup-vms.h: Symbol case fixups submitted by Michael Steve

build_gnv_curl_pcsi_desc.com: VSI aka as VMS Software, is now the
supplier of new versions of VMS.  The install kit needs to accept
VSI as a producer.
2015-07-01 11:15:47 +02:00
Jay Satiro
66a5f76583 multi: Move http2 push function declarations to header end
This change necessary for binary compatibility.

Prior to this change test 1135 failed due to the order of functions.
2015-06-30 17:19:21 -04:00
Jay Satiro
616cecfdb6 symbols-in-versions: Add new http2 push symbols
Prior to this change test 1119 failed due to the missing symbols.
2015-06-30 17:03:08 -04:00
Daniel Stenberg
b59f296bf6 RELEASE-NOTES: synced with e6749055d6 2015-06-30 00:45:14 +02:00
Daniel Stenberg
e6749055d6 configure: disable libidn by default
For security reasons, until there is a fix.

Bug: http://curl.haxx.se/mail/lib-2015-06/0143.html
Reported-by: Gustavo Grieco, Feist Josselin
2015-06-29 23:17:30 +02:00
Daniel Stenberg
8208dd3b22 SSL-PROBLEMS: mention WinSSL problems in WinXP 2015-06-29 15:03:56 +02:00
Daniel Stenberg
0c46abd79a CODE_OF_CONDUCT.md: added
Just to underscore how we treat each other in this project. Nothing new
really, but could be useful for newcomers and outsiders to see our
values.
2015-06-29 11:35:13 +02:00
Daniel Stenberg
1f70cdef98 tool_header_cb: fflush the header stream
Flush the header stream when -D is used so that they are sent off
earlier.

Bug: https://github.com/bagder/curl/issues/324
Reported-by: Cédric Connes
2015-06-25 11:53:56 -07:00
Roger Leigh
e3e06e1aee tests: Distribute CMakeLists.txt files in subdirectories 2015-06-25 07:48:50 -07:00
Daniel Stenberg
37402b5eb8 CURLOPT_FAILONERROR.3: mention that it closes the connection
Reported-by: bemoody
Bug: https://github.com/bagder/curl/issues/325
2015-06-24 15:26:15 -07:00
Daniel Stenberg
69c77f69a5 curl_multi_setopt.3: alpha sort the options 2015-06-24 14:55:12 -07:00
Daniel Stenberg
dc2cbfda89 curl_multi_setopt.3: add the new push options 2015-06-24 14:52:58 -07:00
Tatsuhiro Tsujikawa
1b5eba8324 http2: Use nghttp2 library error code for error return value 2015-06-24 23:44:42 +02:00
Tatsuhiro Tsujikawa
ddb106d7f6 http2: Harden header validation for curl_pushheader_byname
Since we do prefix match using given header by application code
against header name pair in format "NAME:VALUE", and VALUE part can
contain ":", we have to careful about existence of ":" in header
parameter.  ":" should be allowed to match HTTP/2 pseudo-header field,
and other use of ":" in header must be treated as error, and
curl_pushheader_byname should return NULL.  This commit implements
this behaviour.
2015-06-24 23:44:42 +02:00
Tatsuhiro Tsujikawa
77044b53f7 CURLMOPT_PUSHFUNCTION.3: Remove unused variable 2015-06-24 23:44:42 +02:00
Daniel Stenberg
c712aa0ebe CURLMOPT_PUSHFUNCTION.3: added example 2015-06-24 23:44:42 +02:00
Daniel Stenberg
a384f28ca6 http2: curl_pushheader_byname now takes a const char * 2015-06-24 23:44:42 +02:00
Daniel Stenberg
bf445b6e12 http2-serverpush.c: example code 2015-06-24 23:44:42 +02:00
Daniel Stenberg
a3a55d80ec http2: free all header memory after the push callback 2015-06-24 23:44:42 +02:00
Daniel Stenberg
e9f0dd43bc http2: init the pushed transfer properly 2015-06-24 23:44:42 +02:00
Daniel Stenberg
f65ab8864e http2: fixed the header accessor functions for the push callback 2015-06-24 23:44:42 +02:00
Daniel Stenberg
feea9263e9 http2: setup the new pushed stream properly 2015-06-24 23:44:42 +02:00
Daniel Stenberg
ea7134ac87 http2: initial implementation of the push callback 2015-06-24 23:44:42 +02:00