curl/packages/OS400, branch master cURL mirror with patches applied doc: Rename VERSIONS to VERSIONS.md as it already has Markdown syntax 2020-05-02T21:45:09+00:00 Emil Engler me@emilengler.com 2020-05-02T15:30:33+00:00 f7ab488570ce67ab8cf6c0acf022fb8e1f55ad9b Closes #5325 
Closes #5325
copyright: fix out-of-date copyright ranges and missing headers 2020-03-24T14:05:59+00:00 Daniel Stenberg daniel@haxx.se 2020-03-23T13:44:29+00:00 9a8b3b3e131359aea1cac650fb6ac331fbe2047c Reported by the new script 'scripts/copyright.pl'. The script has a regex whitelist for the files that don't need copyright headers. Removed three (mostly usesless) README files from docs/ Closes #5141 
Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.

Removed three (mostly usesless) README files from docs/

Closes #5141
OS400: Update strings for ccsid-ifier 2020-03-23T09:37:59+00:00 Calvin Buckley calvin@cmpct.info 2020-03-21T18:54:16+00:00 a08425444b079f148ae2a4d2ae70dd3cd58b44db Fixes build. Closes #5132 
Fixes build.

Closes #5132
schannel: add "best effort" revocation check option 2020-03-18T07:23:39+00:00 Johannes Schindelin johannes.schindelin@gmx.de 2020-02-26T10:24:26+00:00 54504284918a4ba19bc7b1efb486a64629d376aa - Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and --ssl-revoke-best-effort to allow a "best effort" revocation check. A best effort revocation check ignores errors that the revocation check was unable to take place. The reasoning is described in detail below and discussed further in the PR. --- When running e.g. with Fiddler, the schannel backend fails with an unhelpful error message: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate. Sadly, many enterprise users who are stuck behind MITM proxies suffer the very same problem. This has been discussed in plenty of issues: https://github.com/curl/curl/issues/3727, https://github.com/curl/curl/issues/264, for example. In the latter, a Microsoft Edge developer even made the case that the common behavior is to ignore issues when a certificate has no recorded distribution point for revocation lists, or when the server is offline. This is also known as "best effort" strategy and addresses the Fiddler issue. Unfortunately, this strategy was not chosen as the default for schannel (and is therefore a backend-specific behavior: OpenSSL seems to happily ignore the offline servers and missing distribution points). To maintain backward-compatibility, we therefore add a new flag (`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option (`--ssl-revoke-best-effort`) to select the new behavior. Due to the many related issues Git for Windows and GitHub Desktop, the plan is to make this behavior the default in these software packages. The test 2070 was added to verify this behavior, adapted from 310. Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com> Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Closes https://github.com/curl/curl/pull/4981 
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
  --ssl-revoke-best-effort to allow a "best effort" revocation check.

A best effort revocation check ignores errors that the revocation check
was unable to take place. The reasoning is described in detail below and
discussed further in the PR.

---

When running e.g. with Fiddler, the schannel backend fails with an
unhelpful error message:

	Unknown error (0x80092012) - The revocation function was unable
	to check revocation for the certificate.

Sadly, many enterprise users who are stuck behind MITM proxies suffer
the very same problem.

This has been discussed in plenty of issues:
https://github.com/curl/curl/issues/3727,
https://github.com/curl/curl/issues/264, for example.

In the latter, a Microsoft Edge developer even made the case that the
common behavior is to ignore issues when a certificate has no recorded
distribution point for revocation lists, or when the server is offline.
This is also known as "best effort" strategy and addresses the Fiddler
issue.

Unfortunately, this strategy was not chosen as the default for schannel
(and is therefore a backend-specific behavior: OpenSSL seems to happily
ignore the offline servers and missing distribution points).

To maintain backward-compatibility, we therefore add a new flag
(`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
(`--ssl-revoke-best-effort`) to select the new behavior.

Due to the many related issues Git for Windows and GitHub Desktop, the
plan is to make this behavior the default in these software packages.

The test 2070 was added to verify this behavior, adapted from 310.

Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Closes https://github.com/curl/curl/pull/4981
urldata: do string enums without #ifdefs for build scripts 2020-01-27T08:26:58+00:00 Jon Rumsey jrumsey@uk.ibm.com 2020-01-27T08:23:43+00:00 42287004610f0d3386b1c08a0fff8ed149f76c4e ... and check for inconsistencies for OS400 at build time with the new chkstrings tool. Closes #4822 
... and check for inconsistencies for OS400 at build time with the new
chkstrings tool.

Closes #4822
ngtcp2: Add an error code for QUIC connection errors 2020-01-11T23:19:32+00:00 Emil Engler me@emilengler.com 2019-12-24T10:17:16+00:00 cbb5429001084df4e71ebd95dbf748c3c302c9f7 - Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection errors. Prior to this change CURLE_FAILED_INIT was used, but that was not correct. Closes https://github.com/curl/curl/pull/4754 
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection
  errors.

Prior to this change CURLE_FAILED_INIT was used, but that was not
correct.

Closes https://github.com/curl/curl/pull/4754
multi: Change curl_multi_wait/poll to error on negative timeout 2020-01-11T23:16:28+00:00 Jay Satiro raysatiro@yahoo.com 2019-12-28T04:39:24+00:00 b700662b1c77c8af7e290538f748b71d75a79ae7 - Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when curl_multi_wait/poll is passed timeout param < 0. Prior to this change passing a negative value to curl_multi_wait/poll such as -1 could cause the function to wait forever. Reported-by: hamstergene@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4763 Closes https://github.com/curl/curl/pull/4765 
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when
  curl_multi_wait/poll is passed timeout param < 0.

Prior to this change passing a negative value to curl_multi_wait/poll
such as -1 could cause the function to wait forever.

Reported-by: hamstergene@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4763

Closes https://github.com/curl/curl/pull/4765
os400: Add missing CURLE error constants 2019-12-26T21:20:11+00:00 Jay Satiro raysatiro@yahoo.com 2019-12-26T21:20:11+00:00 779b415a2a7801b5702de4f6241bf2c3206ca8db Bug: https://github.com/curl/curl/pull/4754#issuecomment-569126922 Reported-by: Emil Engler 
Bug: https://github.com/curl/curl/pull/4754#issuecomment-569126922
Reported-by: Emil Engler
lib: fix some loose ends for recently added CURLSSLOPT_NO_PARTIALCHAIN 2019-12-06T00:17:31+00:00 Jay Satiro raysatiro@yahoo.com 2019-12-06T00:17:31+00:00 689443bf426d3601e3facdbf1c1ee8a027775755 Add support for CURLSSLOPT_NO_PARTIALCHAIN in CURLOPT_PROXY_SSL_OPTIONS and OS400 package spec. Also I added the option to the NameValue list in the tool even though it isn't exposed as a command-line option (...yet?). (NameValue stringizes the option name for the curl cmd -> libcurl source generator) Follow-up to 564d88a which added CURLSSLOPT_NO_PARTIALCHAIN. Ref: https://github.com/curl/curl/pull/4655 
Add support for CURLSSLOPT_NO_PARTIALCHAIN in CURLOPT_PROXY_SSL_OPTIONS
and OS400 package spec.

Also I added the option to the NameValue list in the tool even though it
isn't exposed as a command-line option (...yet?). (NameValue stringizes
the option name for the curl cmd -> libcurl source generator)

Follow-up to 564d88a which added CURLSSLOPT_NO_PARTIALCHAIN.

Ref: https://github.com/curl/curl/pull/4655
multi: add curl_multi_wakeup() 2019-11-25T14:45:56+00:00 Gergely Nagy ngg@tresorit.com 2019-11-17T14:12:15+00:00 f3c35e371cc70f1b6bc33f7faa904d37d1567eb3 This commit adds curl_multi_wakeup() which was previously in the TODO list under the curl_multi_unblock name. On some platforms and with some configurations this feature might not be available or can fail, in these cases a new error code (CURLM_WAKEUP_FAILURE) is returned from curl_multi_wakeup(). Fixes #4418 Closes #4608 
This commit adds curl_multi_wakeup() which was previously in the TODO
list under the curl_multi_unblock name.

On some platforms and with some configurations this feature might not be
available or can fail, in these cases a new error code
(CURLM_WAKEUP_FAILURE) is returned from curl_multi_wakeup().

Fixes #4418
Closes #4608