aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-12-10openssl: Disable file buffering for Win32 SSLKEYLOGFILEJay Satiro
Prior to this change SSLKEYLOGFILE used line buffering on WIN32 just like it does for other platforms. However, the Windows CRT does not actually support line buffering (_IOLBF) and will use full buffering (_IOFBF) instead. We can't use full buffering because multiple processes may be writing to the file and that could lead to corruption, and since full buffering is the only buffering available this commit disables buffering for Windows SSLKEYLOGFILE entirely (_IONBF). Ref: https://github.com/curl/curl/pull/1346#issuecomment-350530901
2017-12-10RESOLVE: output verbose text when trying to set a duplicate nameDaniel Stenberg
... to help users understand what is or isn't done!
2017-12-09CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVEDaniel Stenberg
2017-12-09sftp: allow quoted commands to use relative pathsJohn DeHelian
Closes #1900
2017-12-08CURLOPT_PRIVATE.3: fix grammarrichardthe3rd
- Change "never does nothing" double-negative to "never does anything". Closes https://github.com/curl/curl/pull/2168
2017-12-08curl: remove __EMX__ #ifdefsDaniel Stenberg
These are OS/2-specific things added to the code in the year 2000. They were always ugly. If there's any user left, they still don't need it done this way. Closes #2166
2017-12-08openssl: improve data-pending check for https proxyJay Satiro
- Allow proxy_ssl to be checked for pending data even when connssl does not yet have an SSL handle. This change is for posterity. Currently there doesn't seem to be a code path that will cause a pending data check when proxyssl could have pending data and the connssl handle doesn't yet exist [1]. [1]: Recall that an https proxy connection starts out in connssl but if the destination is also https then the proxy SSL backend data is moved from connssl to proxyssl, which means connssl handle is temporarily empty until an SSL handle for the destination can be created. Ref: https://github.com/curl/curl/commit/f4a6238#commitcomment-24396542 Closes https://github.com/curl/curl/pull/1916
2017-12-08curl: don't set CURLOPT_INTERLEAVEDATADaniel Stenberg
That data is only ever used by the CURLOPT_INTERLEAVEFUNCTION callback and that option isn't set or used by the curl tool! Updates the 9 tests that verify --libcurl Closes #2167
2017-12-08curl.h: remove incorrect comment about ERRORBUFFERDaniel Stenberg
... error messages are _not_ sent to stderr if this is not set.
2017-12-08configure: add AX_CODE_COVERAGE only if using gccMichael Felt
Fixes #2076 Closes #2125
2017-12-07curl: limit -# update frequency for unknown total sizeDaniel Stenberg
Make it use a max 10Hz update frequency for this case as well. Return early if the "point" hasn't moved since last invoke. Reported-by: Elliot Saba Fixes #2158 Closes #2163
2017-12-07BINDINGS: another PostgreSQL clientDaniel Stenberg
...the former link is dead. Reported-by: Frank Gevaerts
2017-12-07CONNECT: keep close connection flag in http_connect_state structZachary Seguin
Fixes #2088 Closes #2157
2017-12-07include: get netinet/in.h before linux/tcp.hPer Malmberg
... to allow build on older Linux dists (specifically CentOS 4.8 on gcc 4.8.5) Closes #2160
2017-12-06openldap: fix checksrc nitsDaniel Stenberg
2017-12-06openldap: add commented out debug possibilitiesStepan Broz
... to aid debugging openldap library using its built-in debug messages. Closes #2159
2017-12-06examples: move threaded-shared-conn.c to the "complicated" onesDaniel Stenberg
... due it relying on pthreads to link.
2017-12-06RELEASE-NOTES: synced with b261c44e8Daniel Stenberg
... and bump next release version to 7.58.0
2017-12-06URL: tolerate backslash after drive letter for FILE:Jan-E
... as in "file://c:\some\path\curl.out" Reviewed-by: Matthew Kerwin Closes #2154
2017-12-06tests: added netinet/in6.h includes in test serversRandall S. Becker
2017-12-06configure: check for netinet/in6.hRandall S. Becker
Needed by HPE NonStop NSE and NSX systems Fixes #2146 Closes #2155
2017-12-06curl-config: add --ssl-backendsDaniel Stenberg
Lists all SSL backends that were enabled at build-time. Suggested-by: Oleg Pudeyev Fixes #2128
2017-12-05conncache: only allow multiplexing within same multi handleDaniel Stenberg
Connections that are used for HTTP/1.1 Pipelining or HTTP/2 multiplexing only get additional transfers added to them if the existing connection is held by the same multi or easy handle. libcurl does not support doing HTTP/2 streams in different threads using a shared connection. Closes #2152
2017-12-05threaded-shared-conn.c: fixed typo in commentaDaniel Stenberg
2017-12-05threaded-shared-conn.c: new exampleDaniel Stenberg
2017-12-05conncache: fix several lock issuesDaniel Stenberg
If the lock is released before the dealings with the bundle is over, it may have changed by another thread in the mean time. Fixes #2132 Fixes #2151 Closes #2139
2017-12-05libssh: remove dead code in sftp_qouteDaniel Stenberg
... by removing a superfluous NULL pointer check that also confuses Coverity. Fixes #2143 Closes #2153
2017-12-05sasl_getmesssage: make sure we have a long enough string to passDaniel Stenberg
For pop3/imap/smtp, added test 891 to somewhat verify the pop3 case. For this, I enhanced the pingpong test server to be able to send back responses with LF-only instead of always using CRLF. Closes #2150
2017-12-04libssh2: remove dead code from SSH_SFTP_QUOTEDaniel Stenberg
Figured out while reviewing code in the libssh backend. The pointer was checked for NULL after having been dereferenced, so we know it would always equal true or it would've crashed. Pointed-out-by: Nikos Mavrogiannopoulos Bug #2143 Closes #2148
2017-12-04ssh-libssh.c: please checksrcDaniel Stenberg
2017-12-04libssh: fixed dereference in statvfs accessNikos Mavrogiannopoulos
The behavior is now equivalent to ssh.c when SSH_SFTP_QUOTE_STATVFS handling fails. Fixes #2142
2017-12-04RESOURCES: update spec namesGuitared
Closes #2145
2017-12-03libssh: corrected use of sftp_statvfs() in SSH_SFTP_QUOTE_STATVFSNikos Mavrogiannopoulos
The previous code was incorrectly following the libssh2 error detection for libssh2_sftp_statvfs, which is not correct for libssh's sftp_statvfs. Fixes #2142 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-12-03libssh: no need to call sftp_get_error as ssh_get_error is sufficientNikos Mavrogiannopoulos
Fixes #2141 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-12-02libssh: fix minor static code analyzer nitsDaniel Stenberg
- remove superfluous NULL check which otherwise tricks the static code analyzers to assume NULL pointer dereferences. - fix fallthrough in switch() - indent mistake
2017-12-02openssl: pkcs12 is supported by boringsslDaniel Stenberg
Removes another #ifdef for BoringSSL Pointed-out-by: David Benjamin Closes #2134
2017-12-02travis: use pip2 instead of pipJay Satiro
.. since now mac osx image expects pip2 or pip3, and doesn't know pip: 0.01s$ pip install --user cpp-coveralls /Users/travis/.travis/job_stages: line 57: pip: command not found Ref: https://github.com/travis-ci/travis-ci/issues/8829 Closes https://github.com/curl/curl/pull/2133
2017-12-01lib582: do not verify host for SFTPNikos Mavrogiannopoulos
This SFTP test fails with libssh back-end due to failure to verify the peer. Disable peer verification in the test as there seems to be the intention of the test. Note that the libssh back-end automatically verifies the peer's host using the default known_hosts file. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-12-01libssh: added SFTP supportNikos Mavrogiannopoulos
The SFTP back-end supports asynchronous reading only, limited to 32-bit file length. Writing is synchronous with no other limitations. This also brings keyboard-interactive authentication. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-12-01symbols-in-versions: added new symbols with 7.56.3 versionNikos Mavrogiannopoulos
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-12-01.travis.yml: added build --with-libsshNikos Mavrogiannopoulos
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2017-12-01libssh2: return CURLE_UPLOAD_FAILED on failure to uploadNikos Mavrogiannopoulos
This brings its in sync with the error code returned by the libssh backend. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-12-01libssh2: send the correct CURLE error code on scp file not foundNikos Mavrogiannopoulos
That also updates tests to expect the right error code libssh2 back-end returns CURLE_SSH error if the remote file is not found. Expect instead CURLE_REMOTE_FILE_NOT_FOUND which is sent by the libssh backend. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2017-12-01Added support for libssh SSH SCP back-endNikos Mavrogiannopoulos
libssh is an alternative library to libssh2. https://www.libssh.org/ That patch set also introduces support for ECDSA ed25519 keys, as well as gssapi authentication. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2017-12-01RELEASE-NOTES: synced with af8cc7a69Daniel Stenberg
2017-12-01curlver: towards 7.57.1Daniel Stenberg
2017-12-01lib: don't export all symbols, just everything curl_*W. Mark Kubacki
Absent any 'symbol map' or script to limit what gets exported, static linking of libraries previously resulted in a libcurl with curl's and those other symbols being (re-)exported. This did not happen if 'versioned symbols' were enabled (which is not the default) because then a version script is employed. This limits exports to everything starting in 'curl_*'., which is what "libcurl.vers" exports. This avoids strange side-effects such as with mixing methods from system libraries and those erroneously offered by libcurl. Closes #2127
2017-12-01SSL: Avoid magic allocation of SSL backend specific dataJohannes Schindelin
Originally, my idea was to allocate the two structures (or more precisely, the connectdata structure and the four SSL backend-specific strucutres required for ssl[0..1] and proxy_ssl[0..1]) in one go, so that they all could be free()d together. However, getting the alignment right is tricky. Too tricky. So let's just bite the bullet and allocate the SSL backend-specific data separately. As a consequence, we now have to be very careful to release the memory allocated for the SSL backend-specific data whenever we release any connectdata. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Closes #2119
2017-12-01examples/xmlstream.c: don't switch off CURL_GLOBAL_SSLDaniel Stenberg
Reported-by: Dima Tisnek
2017-11-30travis: add boringssl buildDaniel Stenberg
Uses a separate build without --enable-debug and no valgrind. The debug option causes far too many warnings in boringssl's headers (C++ comments, trailing commas etc). Valgrind triggers some false positive errors in thread-local data used by boringssl. Closes #2118