aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-01-17ROADMAP: thread-safe `curl_global_init()`Daniel Stenberg
I'd like to see this happen.
2020-01-17RELEASE-NOTES: syncedDaniel Stenberg
2020-01-16wolfssl: use the wc-prefixed symbol alternativesDaniel Stenberg
The symbols without wc_ prefix are not always provided. Ref: https://github.com/wolfSSL/wolfssl/issues/2744 Closes #4827
2020-01-16polarssl: removedDaniel Stenberg
As detailed in DEPRECATE.md, the polarssl support is now removed after having been disabled for 6 months and nobody has missed it. The threadlock files used by mbedtls are renamed to an 'mbedtls' prefix instead of the former 'polarssl' and the common functions that previously were shared between mbedtls and polarssl and contained the name 'polarssl' have now all been renamed to instead say 'mbedtls'. Closes #4825
2020-01-16libssh2: fix variable typeMarcel Raad
This led to a conversion warning on 64-bit MinGW, which has 32-bit `long` but 64-bit `size_t`. Closes https://github.com/curl/curl/pull/4823
2020-01-16curl:progressbarinit: ignore column width from terminals < 20Daniel Stenberg
To avoid division by zero - or other issues. Reported-by: Daniel Marjamäki Closes #4818
2020-01-15wolfssh: set the password correctly for PASSWORD authDaniel Stenberg
2020-01-15wolfssh: remove fprintf() calls (and uses of __func__)Daniel Stenberg
2020-01-14CMake: use check_symbol_exists also for inet_ptonMarcel Raad
It doesn't make much sense to only check if the function can be linked when it's not declared in any header and that is treated as an error. With the correct target Windows version set, the function is declared in ws2tcpip.h and the comment above the modified block is invalid. Also, move the definition of `_WIN32_WINNT` up to before all symbol availability checks so that we don't have to care which ones must be done after it. Tested with Visual Studio 2019 and current MinGW-w64. Closes https://github.com/curl/curl/pull/4808
2020-01-13schannel_verify: Fix alt names manual verify for UNICODE buildsJay Satiro
Follow-up to 29e40a6 from two days ago, which added that feature for Windows 7 and earlier. The bug only occurred in same. Ref: https://github.com/curl/curl/pull/4761
2020-01-13HTTP-COOKIES.md: describe the cookie file formatDaniel Stenberg
... and refer to that file from from CURLOPT_COOKIEFILE.3 and CURLOPT_COOKIELIST.3 Assisted-by: Jay Satiro Reported-by: bsammon on github Fixes #4805 Closes #4806
2020-01-13CMake: Add support for CMAKE_LTO option.Tobias Hieta
This enables Link Time Optimization. LTO is a proven technique for optimizing across compilation units. Closes #4799
2020-01-13RELEASE-NOTES: syncedDaniel Stenberg
2020-01-13ConnectionExists: respect the max_concurrent_streams limitsDaniel Stenberg
A regression made the code use 'multiplexed' as a boolean instead of the counter it is intended to be. This made curl try to "over-populate" connections with new streams. This regression came with 41fcdf71a1, shipped in curl 7.65.0. Also, respect the CURLMOPT_MAX_CONCURRENT_STREAMS value in the same check. Reported-by: Kunal Ekawde Fixes #4779 Closes #4784
2020-01-13curl: make #0 not output the full URLDaniel Stenberg
It was not intended nor documented! Added test 1176 to verify. Reported-by: vshmuk on hackerone Closes #4812
2020-01-12wolfSSH: new SSH backendDaniel Stenberg
Adds support for SFTP (not SCP) using WolfSSH. Closes #4231
2020-01-12curl: remove 'config' field from OutStructDaniel Stenberg
As it was just unnecessary duplicated information already stored in the 'per_transfer' struct and that's around mostly anyway. The duplicated pointer caused problems when the code flow was aborted before the dupe was filled in and could cause a NULL pointer access. Reported-by: Brian Carpenter Fixes #4807 Closes #4810
2020-01-12misc: Copyright year out of date, should be 2020Daniel Stenberg
Follow-up to recent commits [skip ci]
2020-01-11libssh2: add support for forcing a hostkey typeSantino Keupp
- Allow forcing the host's key type found in the known_hosts file. Currently, curl (with libssh2) does not take keys from your known_hosts file into account when talking to a server. With this patch the known_hosts file will be searched for an entry matching the hostname and, if found, libssh2 will be told to claim this key type from the server. Closes https://github.com/curl/curl/pull/4747
2020-01-11cmake: Improve libssh2 check on Windowsnicoguillier
- Add "libssh2" name to FindLibSSH2 library search. On Windows systems, libSSH2 CMake installation may name the library "LibSSH2". Prior to this change cmake only checked for name "ssh2". On Linux that works fine because it will prepend the "lib", but it doesn't do that on Windows. Closes https://github.com/curl/curl/pull/4804
2020-01-11schannel: Make CURLOPT_CAINFO work better on Windows 7Faizur Rahman
- Support hostname verification via alternative names (SAN) in the peer certificate when CURLOPT_CAINFO is used in Windows 7 and earlier. CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a result CertGetNameString doesn't quite work on those versions of Windows. This change provides an alternative solution for CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier versions of Windows. Prior to this change many certificates failed the hostname validation when CURLOPT_CAINFO was used in Windows 7 and earlier. Most certificates now represent multiple hostnames and rely on the alternative names field exclusively to represent their hostnames. Reported-by: Jeroen Ooms Fixes https://github.com/curl/curl/issues/3711 Closes https://github.com/curl/curl/pull/4761
2020-01-11ngtcp2: Add an error code for QUIC connection errorsEmil Engler
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection errors. Prior to this change CURLE_FAILED_INIT was used, but that was not correct. Closes https://github.com/curl/curl/pull/4754
2020-01-11multi: Change curl_multi_wait/poll to error on negative timeoutJay Satiro
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when curl_multi_wait/poll is passed timeout param < 0. Prior to this change passing a negative value to curl_multi_wait/poll such as -1 could cause the function to wait forever. Reported-by: hamstergene@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4763 Closes https://github.com/curl/curl/pull/4765
2020-01-11cmake: Enable SMB for Windows buildsMarc Aldorasi
- Define USE_WIN32_CRYPTO by default. This enables SMB. - Show whether SMB is enabled in the "Enabled features" output. - Fix mingw compiler warning for call to CryptHashData by casting away const param. mingw CryptHashData prototype is wrong. Closes https://github.com/curl/curl/pull/4717
2020-01-11vtls: Refactor Curl_multissl_version to make the code clearerJay Satiro
Reported-by: Johannes Schindelin Ref: https://github.com/curl/curl/pull/3863#pullrequestreview-241395121 Closes https://github.com/curl/curl/pull/4803
2020-01-10fix: Copyright year out of date, should be 2020Daniel Stenberg
Follow-up to 875314ed0bf3b
2020-01-10hostip: move code to resolve IP address literals to `Curl_resolv`Marcel Raad
The code was duplicated in the various resolver backends. Also, it was called after the call to `Curl_ipvalid`, which matters in case of `CURLRES_IPV4` when called from `connect.c:bindlocal`. This caused test 1048 to fail on classic MinGW. The code ignores `conn->ip_version` as done previously in the individual resolver backends. Move the call to the `resolver_start` callback up to appease test 655, which wants it to be called also for literal addresses. Closes https://github.com/curl/curl/pull/4798
2020-01-09scripts/delta: adapt to new public header layoutDaniel Stenberg
2020-01-09test1167: verify global symbols in public headers are curl prefixedDaniel Stenberg
... using the new badsymbols.pl perl script Fixes #4793 Closes #4794
2020-01-09libtest/mk-lib1521: adapt to new public header layoutDaniel Stenberg
2020-01-09include: remove non-curl prefixed definesDaniel Stenberg
...requires some rearranging of the setup of CURLOPT_ and CURLMOPT_ enums.
2020-01-09curl.h: remove WIN32 defineDaniel Stenberg
It isn't our job to define this in a public header - and it defines a name outside of our naming scope.
2020-01-09tool_dirhie.c: fix the copyright year rangeDaniel Stenberg
Follow-up to: 4027bd72d9
2020-01-09bump: work towards 7.69.0 is startedDaniel Stenberg
2020-01-09tool_dirhie: Allow directory traversal during creationJay Satiro
- When creating a directory hierarchy do not error when mkdir fails due to error EACCESS (13) "access denied". Some file systems allow for directory traversal; in this case that it should be possible to create child directories when permission to the parent directory is restricted. This is a regression caused by me in f16bed0 (precedes curl-7_61_1). Basically I had assumed that if a directory already existed it would fail only with error EEXIST, and not error EACCES. The latter may happen if the directory exists but has certain restricted permissions. Reported-by: mbeifuss@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4796 Closes https://github.com/curl/curl/pull/4797
2020-01-09KNOWN_BUGS: AUTH PLAIN for SMTP is not working on all serversDaniel Stenberg
Closes #4080
2020-01-09docs/RELEASE-PROCEDURE.md: pushed some release datesDaniel Stenberg
Ref: https://curl.haxx.se/mail/lib-2020-01/0031.html
2020-01-09runtests: make random seed fixed for a monthDaniel Stenberg
When using randomized features of runtests (-R and --shallow) it is useful to have a fixed random seed to make sure for example extra commits in a branch or a rebase won't change the seed that would make repeated runs work differently. As it is also useful to change seed sometimes, the default seed is now determined based on the current month (and first line curl -V output). When the month changes, so will the random seed. The specific seed is also shown in the standard test suite top header and it can be set explictly with the new --seed=[num] option so that the exact order of a previous run can be achieved. Closes #4734
2020-01-08RELEASE-PROCEDURE.md: fix next release date (Feb 26)Daniel Stenberg
[skip ci]
2020-01-08RELEASE-NOTES: 7.68.0Daniel Stenberg
2020-01-07THANKS: updated with names from the 7.68.0 releaseDaniel Stenberg
2020-01-07RELEASE-PROCEDURE: add four future release datesDaniel Stenberg
and remove four past release dates [skip ci]
2020-01-06TrackMemory tests: always remove CR before LFMarcel Raad
It was removed for output containing ' =' via `s/ =.*//`. With classic MinGW, this made lines with `free()` end with CRLF, but lines with e.g. `malloc()` end with only LF. The tests expect LF only. Closes https://github.com/curl/curl/pull/4788
2020-01-06multi.h: move INITIAL_MAX_CONCURRENT_STREAMS from public headerDaniel Stenberg
... to the private multihhandle.h. It is not for public use and it wasn't prefixed correctly anyway! Closes #4790
2020-01-06file: fix copyright year rangeDaniel Stenberg
Follow-up to 1b71bc532bd
2020-01-06curl -w: handle a blank input file correctlyDaniel Stenberg
Previously it would end up with an uninitialized memory buffer that would lead to a crash or junk getting output. Added test 1271 to verify. Reported-by: Brian Carpenter Closes #4786
2020-01-06file: on Windows, refuse paths that start with \\Daniel Stenberg
... as that might cause an unexpected SMB connection to a given host name. Reported-by: Fernando Muñoz CVE-2019-15601 Bug: https://curl.haxx.se/docs/CVE-2019-15601.html
2020-01-06CURLOPT_READFUNCTION.3: fix fopen params in exampleJay Satiro
2020-01-06CURLOPT_READFUNCTION.3: fix variable name in exampleJay Satiro
Reported-by: Paul Joyce Fixes https://github.com/curl/curl/issues/4787
2020-01-05curl:getparameter return error for --http3 if libcurl doesn't supportDaniel Stenberg
Closes #4785