aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-09-08rtsp: do not call fwrite() with NULL pointer FILE *Daniel Stenberg
If the default write callback is used and no destination has been set, a NULL pointer would be passed to fwrite()'s 4th argument. OSS-fuzz bug https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3327 (not publicly open yet) Detected by OSS-fuzz Closes #1874
2017-09-08configure: use -Wno-varargs on clang 3.9[.X] debug buildsDaniel Stenberg
... to avoid a clang bug
2017-09-08ossfuzz: add some more handled CURL optionsMax Dymond
Add support for HEADER, COOKIE, RANGE, CUSTOMREQUEST, MAIL_RECIPIENT, MAIL_FROM and uploading data.
2017-09-07configure: check for C++ compiler after C, to make it non-fatalDaniel Stenberg
The tests for object file/executable file extensions are presumably only done for the first of these macros in the configure file. Bug: https://github.com/curl/curl/pull/1851#issuecomment-327597515 Reported-by: Marcel Raad Closes #1873
2017-09-07form API: add new test 650.Patrick Monnerat
Now that the form API is deprecated and not used anymore in curl tool, a lot of its features left untested. Test 650 attempts to check all these features not tested elsewhere.
2017-09-07configure: fix curl_off_t check's include orderJay Satiro
- Prepend srcdir include path instead of append. Prior to this change it was possible that during the check for the size of curl_off_t the include path of a user's already installed curl could come before the include path of the to-be-built curl, resulting in the system.h of the former being incorrectly included for that check. Closes https://github.com/curl/curl/pull/1870
2017-09-07KNOWN_BUGS: Remove CMake symbol hiding issueJakub Zakrzewski
It has already been fixed in 6140dfc
2017-09-07http-proxy: when not doing CONNECT, that phase is done immediatelyDaniel Stenberg
`conn->connect_state` is NULL when doing a regular non-CONNECT request over the proxy and should therefor be considered complete at once. Fixes #1853 Closes #1862 Reported-by: Lawrence Wagerfield
2017-09-07OpenSSL: fix yet another mistake while encapsulating SSL backend dataJohannes Schindelin
Another mistake in my manual fixups of the largely mechanical search-and-replace ("connssl->" -> "BACKEND->"), just like the previous commit concerning HTTPS proxies (and hence not caught during my earlier testing). Fixes #1855 Closes #1871 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07OpenSSL: fix erroneous SSL backend encapsulationJohannes Schindelin
In d65e6cc4f (vtls: prepare the SSL backends for encapsulated private data, 2017-06-21), this developer prepared for a separation of the private data of the SSL backends from the general connection data. This conversion was partially automated (search-and-replace) and partially manual (e.g. proxy_ssl's backend data). Sadly, there was a crucial error in the manual part, where the wrong handle was used: rather than connecting ssl[sockindex]' BIO to the proxy_ssl[sockindex]', we reconnected proxy_ssl[sockindex]. The reason was an incorrect location to paste "BACKEND->"... d'oh. Reported by Jay Satiro in https://github.com/curl/curl/issues/1855. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07vtls: fix memory corruptionJay Satiro
Ever since 70f1db321 (vtls: encapsulate SSL backend-specific data, 2017-07-28), the code handling HTTPS proxies was broken because the pointer to the SSL backend data was not swapped between conn->ssl[sockindex] and conn->proxy_ssl[sockindex] as intended, but instead set to NULL (causing segmentation faults). [jes: provided the commit message, tested and verified the patch] Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07vtls: switch to CURL_SHA256_DIGEST_LENGTH defineDaniel Stenberg
... instead of the prefix-less version since WolfSSL 3.12 now uses an enum with that name that causes build failures for us. Fixes #1865 Closes #1867 Reported-by: Gisle Vanem
2017-09-07travis: add c-ares enabled builds linux + osxDaniel Stenberg
Closes #1868
2017-09-07HISTORY: added some recent itemsDaniel Stenberg
2017-09-06SSL: fix unused parameter warningsJay Satiro
2017-09-06mime: drop internal FILE * support.Patrick Monnerat
- The part kind MIMEKIND_FILE and associated code are suppressed. - Seek data origin offset not used anymore: suppressed. - MIMEKIND_NAMEDFILE renamed MIMEKIND_FILE; associated fields/functions renamed accordingly. - Curl_getformdata() processes stdin via a callback.
2017-09-06configure: remove --enable-soname-bump and SONAME_BUMPDaniel Stenberg
Back in 2008, (and commit 3f3d6ebe665f3) we changed the logic in how we determine the native type for `curl_off_t`. To really make sure we didn't break ABI without bumping SONAME, we introduced logic that attempted to detect that it would use a different size and thus not be compatible. We also provided a manual switch that allowed users to tell configure to bump SONAME by force. Today, we know of no one who ever got a SONAME bump auto-detected and we don't know of anyone who's using the manual bump feature. The auto- detection is also no longer working since we introduced defining curl_off_t in system.h (7.55.0). Finally, this bumping logic is not present in the cmake build. Closes #1861
2017-09-06vtls: select ssl backend case-insensitive (follow-up)Gisle Vanem
- Do a case-insensitive comparison of CURL_SSL_BACKEND env as well. - Change Curl_strcasecompare calls to strcasecompare (maps to the former but shorter). Follow-up to c290b8f. Bug: https://github.com/curl/curl/commit/c290b8f#commitcomment-24094313 Co-authored-by: Jay Satiro
2017-09-05openssl: Integrate Peter Wu's SSLKEYLOGFILE implementationJay Satiro
This is an adaptation of 2 of Peter Wu's SSLKEYLOGFILE implementations. The first one, written for old OpenSSL versions: https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c The second one, written for BoringSSL and new OpenSSL versions: https://github.com/curl/curl/pull/1346 Note the first one is GPL licensed but the author gave permission to waive that license for libcurl. As of right now this feature is disabled by default, and does not have a configure option to enable it. To enable this feature define ENABLE_SSLKEYLOGFILE when building libcurl and set environment variable SSLKEYLOGFILE to a pathname that will receive the keys. And in Wireshark change your preferences to point to that key file: Edit > Preferences > Protocols > SSL > Master-Secret Co-authored-by: Peter Wu Ref: https://github.com/curl/curl/pull/1030 Ref: https://github.com/curl/curl/pull/1346 Closes https://github.com/curl/curl/pull/1866
2017-09-05mime: fix a trivial warning.Patrick Monnerat
2017-09-05mime: replace 'struct Curl_mimepart' by 'curl_mimepart' in encoder code.Patrick Monnerat
mime_state is now a typedef.
2017-09-05mime: implement encoders.Patrick Monnerat
curl_mime_encoder() is operational and documented. curl tool -F option is extended with ";encoder=". curl tool --libcurl option generates calls to curl_mime_encoder(). New encoder tests 648 & 649. Test 1404 extended with an encoder specification.
2017-09-05runtests.pl: support attribute "nonewline" in part verify/upload.Patrick Monnerat
2017-09-05fixup data/test1135Daniel Stenberg
2017-09-05mime: unified to use the typedef'd mime structs everywhereDaniel Stenberg
... and slightly edited to follow our code style better.
2017-09-05curl.h: use lower case curl_mime* as for all public symbolsDaniel Stenberg
2017-09-05docs/curl_mime_*.3: use correct variable types in examplesDaniel Stenberg
2017-09-05openssl: use OpenSSL's default ciphers by defaultKamil Dudka
Up2date versions of OpenSSL maintain the default reasonably secure without breaking compatibility, so it is better not to override the default by curl. Suggested at https://bugzilla.redhat.com/1483972 Closes #1846
2017-09-05examples/mime: minor example code fixesViktor Szakats
2017-09-05docs/curl_mime_*.3: added examplesDaniel Stenberg
2017-09-05configure: add MultiSSL to FEATURES when enabledDaniel Stenberg
...for curl-config and its corresponding test 1014
2017-09-05http-proxy: treat all 2xx as CONNECT successDaniel Stenberg
Added test 1904 to verify. Reported-by: Lawrence Wagerfield Fixes #1859 Closes #1860
2017-09-05MAIL-ETIQUETTE: added "1.9 Your emails are public"Daniel Stenberg
2017-09-04curl.h: fix "unused checksrc ignore", remove dangling referenceDaniel Stenberg
... to a README file that doesn't exist anymore
2017-09-04docs: Update to secure URL versionsViktor Szakats
2017-09-04mime: use CURL_ZERO_TERMINATED in examplesViktor Szakats
and some minor whitespace fixes
2017-09-04schannel: return CURLE_SSL_CACERT on failed verificationDaniel Stenberg
... not *CACERT_BADFILE as it isn't really because of a bad file. Bug: https://curl.haxx.se/mail/lib-2017-09/0002.html Closes #1858
2017-09-04test1135: fixed after bd8070085f9Daniel Stenberg
2017-09-04examples/post-callback: stop returning one byte at a timeDaniel Stenberg
... since people copy and paste code from this example and thus they get an inefficient POST operation without a good reason and sometimes without understanding why. Instead this now returns as much data as possible.
2017-09-04RELEASE-NOTES: fixed the function counter scriptDaniel Stenberg
2017-09-04curl.h: make the curl_strequal() protos use the same styleDaniel Stenberg
... as the other functions. Makes it easier to machine-parse!
2017-09-04docs: curl_mime_*.3 man page formatting editsDaniel Stenberg
2017-09-04RELEASE-NOTES: synced with 1ab9e9b50Daniel Stenberg
2017-09-04lib: bump version info (soname). Adapt and reenable test 1135.Patrick Monnerat
2017-09-03headers: move the global_sslset() proto from multi.h to curl.hDaniel Stenberg
As it was added to multi.h simply to not break test 1135, which now has been disabled due to the mime API addition anyway and su we can now move the sslset stuff to where the other curl_global_* prototypes are.
2017-09-03mime: fix signed/unsigned conversions.Patrick Monnerat
Use and generate CURL_ZERO_TERMINATED in curl tool and tests.
2017-09-03tool_formparse: fix some trivial warningsJay Satiro
2017-09-03mime: use size_t instead of ssize_t in public API interface.Patrick Monnerat
To support telling a string is nul-terminated, symbol CURL_ZERO_TERMINATED has been introduced. Documentation updated accordingly. symbols in versions updated. Added form API symbols deprecation info.
2017-09-03mime: remove support "-" stdin pseudo-file name in curl_mime_filedata().Patrick Monnerat
This feature is badly supported in Windows: as a replacement, a caller has to use curl_mime_data_cb() with fread, fseek and possibly fclose callbacks to process opened files. The cli tool and documentation are updated accordingly. The feature is however kept internally for form API compatibility, with the known caveats it always had. As a side effect, stdin size is not determined by the cli tool even if possible and this results in a chunked transfer encoding. Test 173 is updated accordingly.
2017-09-03mime: fix some implicit curl_off_t --> size_t conversion warnings.Patrick Monnerat