aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-02-28smtp: overwriting 'from' leaks memoryDaniel Stenberg
Detected by Coverity. CID 1418139. Also, make sure to return error if the new 'from' allocation fails. Closes #4997
2020-02-28CIfuzz: switch off 'dry_run' modeDaniel Stenberg
Follow-up from #4960: now make it fail if it detects problems. Closes #4998
2020-02-28ci/tests: Increase timeouts of Windows builds due to new testsMarc Hoersken
Recently added tests increased their runtime above the limit of 60min.
2020-02-27ci/tests: align Azure Pipeline job names with each otherMarc Hoersken
2020-02-27ci/tests: Add Windows builds via Azure Pipelines using DockerMarc Hoersken
2020-02-27tests: fix Python 3 compatibility of smbserver.pyMarc Hoersken
2020-02-27runtests: restore the command logDaniel Stenberg
The log file with all command lines for the invoked command lines is now called logs/commands.log Fixes #4911 Closes #4989
2020-02-27smtp: fix memory leak on exit pathDaniel Stenberg
Detected by Coverity. CID 1418139. "leaked_storage: Variable 'from' going out of scope leaks the storage it points to" Closes #4990
2020-02-27gtls: Fixed compilation when using GnuTLS < 3.5.0Steve Holme
Reverts the functionality from 41fcb4f when compiling with GnuTLS older than 3.5.0. Reviewed-by: Daniel Stenberg Closes #4984
2020-02-27RELEASE-NOTES: Corrected the link to issue #4892Steve Holme
2020-02-27Curl_is_ASCII_name: handle a NULL argumentDaniel Stenberg
Make the function tolerate a NULL pointer input to avoid dereferencing that pointer. Follow-up to efce3ea5a85126d Detected by OSS-Fuzz Reviewed-By: Steve Holme Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20907 Fixes #4985 Closes #4986
2020-02-27RELEASE-NOTES: syncedDaniel Stenberg
2020-02-27http2: make pausing/unpausing set/clear local stream windowDaniel Stenberg
This reduces the HTTP/2 window size to 32 MB since libcurl might have to buffer up to this amount of data in memory and yet we don't want it set lower to potentially impact tranfer performance on high speed networks. Requires nghttp2 commit b3f85e2daa629 (https://github.com/nghttp2/nghttp2/pull/1444) to work properly, to end up in the next release after 1.40.0. Fixes #4939 Closes #4940
2020-02-27libssh: improve known hosts handlingAnderson Toshiyuki Sasaki
Previously, it was not possible to get a known hosts file entry due to the lack of an API. ssh_session_get_known_hosts_entry(), introduced in libssh-0.9.0, allows libcurl to obtain such information and behave the same as when compiled with libssh2. This also tries to avoid the usage of deprecated functions when the replacements are available. The behaviour will not change if versions older than libssh-0.8.0 are used. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Fixes #4953 Closes #4962
2020-02-27tests: Automatically deduce the tool name from the test case for unit testsSteve Holme
It is still possible to override the executable to run during the test, using the <tool> tag, but this patch removes the requirement that the tag must be present for unit tests. It also removes the possibility of human error when existing test cases are used as the basis for new tests, as recently witnessed in 81c37124. Reviewed-by: Daniel Stenberg Closes #4976
2020-02-27test1323: Added the missing 'unit test' feature requirement in the test caseSteve Holme
2020-02-26cookie: remove unnecessary check for 'out != 0'Daniel Stenberg
... as it will always be non-NULL at this point. Detected by Coverity: CID 1459009
2020-02-26http: added 417 response treatmentDaniel Stenberg
When doing a request with a body + Expect: 100-continue and the server responds with a 417, the same request will be retried immediately without the Expect: header. Added test 357 to verify. Also added a control instruction to tell the sws test server to not read the request body if Expect: is present, which the new test 357 uses. Reported-by: bramus on github Fixes #4949 Closes #4964
2020-02-26smtp: Tidy up, following recent changes, to maintain the coding styleSteve Holme
Closes #4892
2020-02-26smtp: Support the SMTPUTF8 extension for the EXPN commandSteve Holme
Simply notify the server we support the SMTPUTF8 extension if it does.
2020-02-26smtp: Support the SMTPUTF8 extension in the VRFY commandSteve Holme
2020-02-26smtp: Support the SMTPUTF8 extension in the RCPT TO commandSteve Holme
Note: The RCPT TO command isn't required to advertise to the server that it contains UTF-8 characters, instead the server is told that a mail may contain UTF-8 in any envelope command via the MAIL command.
2020-02-26smtp: Support the SMTPUTF8 extension in the MAIL commandSteve Holme
Support the SMTPUTF8 extension when sending mailbox information in the MAIL command (FROM and AUTH parameters). Non-ASCII domain names will be ACE encoded, if IDN is supported, whilst non-ASCII characters in the local address part are passed to the server. Reported-by: ygthien on github Fixes #4828
2020-02-26smtp: Detect server support for the UTF-8 extension as defined in RFC-6531Steve Holme
2020-02-26smtp: Support UTF-8 based host names in the VRFY commandSteve Holme
2020-02-26smtp: Support UTF-8 based host names in the RCPT TO commandSteve Holme
2020-02-26smtp: Support UTF-8 based host names in the MAIL commandSteve Holme
Non-ASCII host names will be ACE encoded if IDN is supported.
2020-02-26url: Make the IDN conversion functions available to othersSteve Holme
2020-02-25smtp: Added UTF-8 mailbox tests to verify existing behaviourSteve Holme
2020-02-24ftpserver: Updated VRFY_smtp() so the response isn't necessary in the test caseSteve Holme
2020-02-24ftpserver: Corrected the e-mail address regex in MAIL_smtp() and RCTP_smtp()Steve Holme
The dot character between the host and the tld was not being escaped, which meant it specified a match of 'any' character rather than an explicit dot separator. Additionally removed the dot character from the host name as it allowed the following to be specified as a valid address in our test cases: <bad@example......com> Both are typos from 98f7ca7 and 8880f84 :( I can't remember whether my intention was to allow sub-domains to be specified in the host or not with these additional dots, but by placing it outside of the host means it can only be specified once per domain and by placing a + after the new grouping support for sub-domains is kept. Closes #4912
2020-02-24hmac: Added a unit test for the HMAC hash generationSteve Holme
Closes #4973
2020-02-24ntlm: Moved the HMAC MD5 function into the HMAC module as a generic functionSteve Holme
2020-02-23tests: Added a unit test for MD4 digest generationSteve Holme
Closes #4970
2020-02-23md4: Use const for the length input parameterSteve Holme
This keeps the interface the same as md5 and sha256.
2020-02-23test1610: Fixed the link to the unit testSteve Holme
Typo from 81c37124.
2020-02-23ntlm: Removed the dependency on the TLS libaries when using MD5Steve Holme
As we have our own MD5 implementation use the MD5 wrapper to remove the TLS dependency. Closes #4967
2020-02-23md5/sha256: Updated the functions to allow non-string data to be hashedSteve Holme
2020-02-23digest: Corrected the name of the local HTTP digest functionSteve Holme
Follow up to 2b5b37cb. Local static functions do not require the Curl prefix.
2020-02-22tests: Added a unit test for SHA256 digest generationSteve Holme
Follow up to 2b5b37c. Closes #4968
2020-02-22md4: Fixed compilation issues when using GNU TLS gcryptSteve Holme
* Don't include 'struct' in the gcrypt MD4_CTX typedef * The call to gcry_md_read() should use a dereferenced ctx * The call to gcry_md_close() should use a dereferenced ctx Additional minor whitespace issue in the USE_WIN32_CRYPTO code. Closes #4959
2020-02-21RELEASE-NOTES: syncedDaniel Stenberg
2020-02-21http2: now require nghttp2 >= 1.12.0Daniel Stenberg
To simplify our code and since earlier versions lack important function calls libcurl needs to function correctly. nghttp2 1.12.0 was relased on June 26, 2016. Closes #4961
2020-02-21gtls: fix the copyright yearDaniel Stenberg
Follow-up from 41fcb4f609
2020-02-21GnuTLS: Always send client certjethrogb
TLS servers may request a certificate from the client. This request includes a list of 0 or more acceptable issuer DNs. The client may use this list to determine which certificate to send. GnuTLS's default behavior is to not send a client certificate if there is no match. However, OpenSSL's default behavior is to send the configured certificate. The `GNUTLS_FORCE_CLIENT_CERT` flag mimics OpenSSL behavior. Authored-by: jethrogb on github Fixes #1411 Closes #4958
2020-02-21github action: add CIFuzzLeo Neat
Closes #4960
2020-02-21cleanup: comment typosDaniel Stenberg
Spotted by 'codespell' Closes #4957
2020-02-20win32: USE_WIN32_CRYPTO to enable Win32 based MD4, MD5 and SHA256 functionsSteve Holme
Whilst lib\md4.c used this pre-processor, lib\md5.c and src\tool_metalink.c did not and simply relied on the WIN32 pre-processor directive. Reviewed-by: Marcel Raad Closes #4955
2020-02-19connect: remove some spurious infof() callsDaniel Stenberg
As they were added primarily for debugging, they provide little use for users. Closes #4951
2020-02-19HTTP-COOKIES: mention that a trailing newline is requiredDaniel Stenberg
... so that we know we got the whole and not a partial line. Also, changed the formatting of the fields away from a table again since the table format requires a github-markdown tool version that we don't run on the web server atm. Reported-by: Sunny Bean Fixes #4946 Closes #4947