Age | Commit message (Collapse) | Author |
|
... in the SSL structure as AmiSSL is using macros for the socket API
functions.
|
|
|
|
|
|
... to match the style already used for compiling, linking
etc. Acknowledges 'make V=1' to enable verbose.
Closes #3681
|
|
Suggested-by: Eric Curtin
Improved-by: Dan Fandrich
Ref: #3680
Closes #3683
|
|
From a discussion in #3676
Suggested-by: Tim Rühsen
Closes #3682
|
|
|
|
* Adjusted unit tests 2056, 2057
* do not generally close connections with CURLAUTH_NEGOTIATE after every request
* moved negotiatedata from UrlState to connectdata
* Added stream rewind logic for CURLAUTH_NEGOTIATE
* introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC
* Consider authproblem state for CURLAUTH_NEGOTIATE
* Consider reuse_forbid for CURLAUTH_NEGOTIATE
* moved and adjusted negotiate authentication state handling from
output_auth_headers into Curl_output_negotiate
* Curl_output_negotiate: ensure auth done is always set
* Curl_output_negotiate: Set auth done also if result code is
GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may
also indicate the last challenge request (only works with disabled
Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1)
* Consider "Persistent-Auth" header, detect if not present;
Reset/Cleanup negotiate after authentication if no persistent
authentication
* apply changes introduced with #2546 for negotiate rewind logic
Fixes #1261
Closes #1975
|
|
The check that prevents payload from sending in case of authentication
doesn't check properly if the authentication is done or not.
They're cases where the proxy respond "200 OK" before sending
authentication challenge. This change takes care of that.
Fixes #2431
Closes #3669
|
|
Pointed out by codacy
Closes #3672
|
|
Coverity warned for two potentional "Use after free" cases. Both are false
positives because the memory wasn't used, it was only the actual pointer
value that was logged.
The fix still changes the order of execution to avoid the warnings.
Coverity CID 1443033 and 1443034
Closes #3671
|
|
|
|
For the Linux builds, GCC 8 and 7 and clang 7 were installed, but the
new GCC versions were only used for the coverage build and for building
nghttp2, while the new clang version was not used at all.
BoringSSL needs to use the default GCC as it respects CC, but not CXX,
so it would otherwise pass gcc 8 options to g++ 4.8 and fail.
Also remove GCC 7, it's not needed anymore.
Ref: https://docs.travis-ci.com/user/languages/c/#c11c11-and-beyond-and-toolchain-versioning
Closes https://github.com/curl/curl/pull/3670
|
|
Closes https://github.com/curl/curl/pull/3670
|
|
.. and for Windows also call WSACleanup since we call WSAStartup.
The example is to demonstrate handling the socket independently of
libcurl. In this case libcurl is not responsible for creating, opening
or closing the socket, it is handled by the application (our example).
Fixes https://github.com/curl/curl/pull/3663
|
|
This code was once used for the non multi-interface using code path, but
ever since easy_perform was turned into a wrapper around the multi
interface, this code path never runs.
Closes #3666
|
|
- Inherit SSL options for the doh handle but not SSL client certs,
SSL ALPN/NPN, SSL engine, SSL version, SSL issuer cert,
SSL pinned public key, SSL ciphers, SSL id cache setting,
SSL kerberos or SSL gss-api settings.
- Fix inheritance of verbose setting.
- Inherit NOSIGNAL.
There is no way for the user to set options for the doh (DNS-over-HTTPS)
handles and instead we inherit some options from the user's easy handle.
My thinking for the SSL options not inherited is they are most likely
not intended by the user for the DOH transfer. I did inherit insecure
because I think that should still be in control of the user.
Prior to this change doh did not work for me because CAINFO was not
inherited. Also verbose was set always which AFAICT was a bug (#3660).
Fixes https://github.com/curl/curl/issues/3660
Closes https://github.com/curl/curl/pull/3661
|
|
Reproduced bug #3649
Closes #3659
|
|
This reverts commit 3773de378d48b06c09931e44dca4d274d0bfdce0.
Regression shipped in 7.64.0
Fixes #3649
|
|
To not "collide" or use up the regular curl_ name space. Also makes them
easier to detect in helper scripts.
Closes #3656
|
|
Clarify the language and simplify.
Reported-by: Daniel Lublin
Closes #3658
|
|
Closes #3145
|
|
|
|
|
|
|
|
Both seem to be false positives but we don't like warnings.
Closes #3646
|
|
Since it can't be NULL and it makes Coverity believe we lack proper NULL
checks. Verified by test 659, landed in commit 15401fa886b.
Pointed out by Coverity CID 1442746.
Assisted-by: Dan Fandrich
Fixes #3617
Closes #3642
|
|
That's the only public curl header we should encourage use of.
Reviewed-by: Marcel Raad
Closes #3645
|
|
If the state machine isn't complete, didn't fail and it didn't return
due to blocking it can just as well loop again.
This addresses the problem with SFTP directory listings where we would
otherwise return back to the parent and as the multi state machine
doesn't have any code for using CURLM_CALL_MULTI_PERFORM for as long the
doing phase isn't complete, it would return out when in reality there
was more data to deal with.
Fixes #3506
Closes #3644
|
|
- Change closure handle to receive verbose setting from the easy handle
most recently added via curl_multi_add_handle.
The closure handle is a special easy handle used for closing cached
connections. It receives limited settings from the easy handle most
recently added to the multi handle. Prior to this change that did not
include verbose which was a problem because on connection shutdown
verbose mode was not acknowledged.
Ref: https://github.com/curl/curl/pull/3598
Co-authored-by: Daniel Stenberg
Closes https://github.com/curl/curl/pull/3618
|
|
Test 659 verifies
Also fixed the test 658 name
Closes #3641
|
|
Pointed out by Coverity, CID 1442956.
Closes #3640
|
|
Closes #3498
|
|
|
|
|
|
|
|
|
|
Closes #3637
|
|
|
|
This is the renamed script formerly known as zsh.pl
Closes #3545
|
|
It has been deprecated by GnuTLS since a year ago and now causes build
warnings.
Ref: https://gitlab.com/gnutls/gnutls/commit/b0041897d2846737f5fb0f
Docs: https://www.gnutls.org/manual/html_node/Compatibility-API.html
Closes #3636
|
|
.. since system_win32 is a more appropriate location for the functions
and to extern the globals.
Ref: https://github.com/curl/curl/commit/ca597ad#r32446578
Reported-by: Gisle Vanem
Closes https://github.com/curl/curl/pull/3625
|
|
Reported-by: Sara Golemon
Fixes #3592
Closes #3634
|
|
|
|
The main change here is the timer value that was wrong, it was given in
usecs (ms * 1000), while the itimerspec struct wants nsecs (ms * 1000 *
1000). This resulted in the callback being invoked WAY TOO OFTEN.
As a quick check you can run this command before and after applying this
commit:
# shell 1
./ephiperfifo 2>&1 | tee ephiperfifo.log
# shell 2
echo http://hacking.elboulangero.com > hiper.fifo
Then just compare the size of the logs files.
Closes #3633
Fixes #3632
Signed-off-by: Arnaud Rebillout <arnaud.rebillout@collabora.com>
|
|
- no need to have them protocol specific
- no need to set pointers to them with the Curl_setup_transfer() call
- make Curl_setup_transfer() operate on a transfer pointer, not
connection
- switch some counters from long to the more proper curl_off_t type
Closes #3627
|
|
- use better variable names to explain their purposes
- convert logic to curl_multi_wait()
|
|
When a transfer is done, the resolver thread will be brought down. That
could accidentally generate an error message in the error buffer even
though this is not an error situationand the transfer would still return
OK. An application that still reads the error buffer could find a
"Could not resolve host: [host name]" message there and get confused.
Reported-by: Michael Schmid
Fixes #3629
Closes #3630
|
|
clarify redir - "in absurdum" doesn't seem to make sense in this context
Closes #3631
|
|
in the same sftp_done function in both SSH backends. Simplify them
somewhat.
Pointed out by Codacy.
Closes #3628
|