aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-05-25RELEASE-NOTES: syncedDaniel Stenberg
2020-05-24copyright: updated year ranges out of syncDaniel Stenberg
... and whitelisted a few more files in the the copyright.pl script.
2020-05-23setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherencyGilles Vollant
Closes #5431
2020-05-23curl: remove -J "informational" written on stdoutDaniel Stenberg
curl would previously show "curl: Saved to filename 'name from header'" if -J was used and a name was picked from the Content-Disposition header. That output could interfer with other stdout output, such as -w. This commit removes that output line. Bug: https://curl.haxx.se/mail/archive-2020-05/0044.html Reported-by: Коваленко Анатолий Викторович Closes #5435
2020-05-22travis: simplify quiche build instructions wrt boringsslPeter Wu
quiche builds boringssl as static library, reuse that instead of building another shared library. Closes #5438
2020-05-22configure: fix pthread check with static boringsslPeter Wu
A shared boringssl/OpenSSL library requires -lcrypto only for linking. A static build additionally requires `-ldl -lpthread`. In the latter case `-lpthread` is added to LIBS which prevented `-pthread` from being added to CFLAGS. Clear LIBS to fix linking failures for libtest tests.
2020-05-22Revert "sendf: make failf() use the mvsnprintf() return code"Daniel Stenberg
This reverts commit 74623551f306990e70c7c5515b88972005604a74. Instead mark the function call with (void). Getting the return code and using it instead triggered Coverity warning CID 1463596 because snprintf() can return a negative value... Closes #5441
2020-05-21typecheck-gcc.h: CURLINFO_PRIVATE does not need a 'char *'Daniel Stenberg
Reported-by: Billyzou0741326 on github Fixes #5432 Closes #5436
2020-05-20tests/server/util.h: add extern to silence compiler warningDaniel Stenberg
Follow-up from a3b0699d5c1
2020-05-20typecheck-gcc.h: fix the OFF_T checkDaniel Stenberg
The option number also needs to be less than CURLOPTTYPE_BLOB. Follow-up to cac5374298 Reported-by: Jeroen Ooms Bug: https://github.com/curl/curl/pull/5365#issuecomment-631084114
2020-05-19TODO: --dry-runDaniel Stenberg
Closes #5426
2020-05-19TODO: Ratelimit or wait between serial requestsDaniel Stenberg
Closes #5406
2020-05-19tool_paramhlp: fixup C89 mistakeDaniel Stenberg
Follow-up to c5f0a9db22.
2020-05-19tool_paramhlp: fixed potentially uninitialized strtol() variableSiva Sivaraman
Seems highly unlikely to actually be possible, but better safe than sorry. Closes #5417
2020-05-19tool_operate: fixed potentially uninitialized variablesSiva Sivaraman
... in curl_easy_getinfo() calls. They're harmless but clearing the variables makes the code safer and comforts the reader. Closes #5416
2020-05-19sha256: move assign to the declaration lineDaniel Stenberg
Follow-up to fae30656. Should've been squashed with that commit...
2020-05-19sha256: fixed potentially uninitialized variableSiva Sivaraman
Closes #5414
2020-05-19sendf: make failf() use the mvsnprintf() return codeDaniel Stenberg
... and avoid a strlen() call. Fixes a MonocleAI warning. Reported-by: MonocleAI Fixes #5413 Closes #5420
2020-05-19hostip: make Curl_printable_address not return anythingDaniel Stenberg
It was not used much anyway and instead we let it store a blank buffer in case of failure. Reported-by: MonocleAI Fixes #5411 Closes #5418
2020-05-19ftp: mark return-ignoring calls to Curl_GetFTPResponse with (void)Daniel Stenberg
They're done on purpose, make that visible in the code. Reported-by: MonocleAI Fixes #5412 Closes #549
2020-05-18TODO: forbid TLS post-handshake auth and do TLS record paddingDaniel Stenberg
Closes #5396 Closes #5398
2020-05-18RELEASE-NOTES: syncedDaniel Stenberg
2020-05-17dynbuf: return NULL when there's no buffer lengthDaniel Stenberg
... as returning a "" is not a good idea as the string is supposed to be allocated and returning a const string will cause issues. Reported-by: Brian Carpenter Follow-up to ed35d6590e72c Closes #5405
2020-05-16travis: upgrade to bionic, clang-9, improve readabilityPeter Wu
Changes, partially to reduce build failures from external dependencies: - Upgrade Ubuntu and drop unnecessary third-party repos. - Properly clone apt config to ensure retries. - Upgrade to clang-9 from the standard repos. - Use Ubuntu 20.04 focal for the libssh build, use of ssh_get_publickey fails on -Werror=deprecated-declarations in Ubuntu 18.04. Do not use focal everywhere yet since Travis CI has not documented this option. In focal, python-impacket (Py2.7) has been removed, leaving only python3-impacket. Since it is only needed for SMB tests and not SSH, skip it for the libssh job since it might need more work. - apt: Remove gcc-8 and libstdc++-8-dev, already installed via g++-8. Non-functional cleanups: - Simplify test matrix, drop redundant os and compiler keys. - Deprecation fixes: remove sudo, rename matrix -> jobs. - Every job has an 'env' key, put this key first in a list item. Closes #5370
2020-05-16travis: whitespace-only changes for consistencyPeter Wu
Automatically apply a consistent indentation with: python3 -c 'from ruamel.yaml import YAML;y=YAML();d=y.load(open(".travis.yml"));y.width=500;y.dump(d,open(".travis.yml.new","w"))' followed by manually re-indenting three comments. Closes #5370
2020-05-15CMake: add libssh build supportPeter Wu
Closes #5372
2020-05-15KNOWN_BUGS: wolfssh: publickey auth doesn't workDaniel Stenberg
Closes #4820
2020-05-15KNOWN_BUGS: OS400 port requires deprecated IBM libraryDaniel Stenberg
Closes #5176
2020-05-15http2: keep trying to send pending frames after req.upload_doneVyron Tsingaras
Fixes #1410 Closes #5401
2020-05-15setopt: support certificate options in memory with struct curl_blobGilles Vollant
This change introduces a generic way to provide binary data in setopt options, called BLOBs. This change introduces these new setopts: CURLOPT_ISSUERCERT_BLOB, CURLOPT_PROXY_SSLCERT_BLOB, CURLOPT_PROXY_SSLKEY_BLOB, CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB. Reviewed-by: Daniel Stenberg Closes #5357
2020-05-15source cleanup: remove all custom typedef structsDaniel Stenberg
- Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338
2020-05-15travis: remove the .checksrc fiddlingDaniel Stenberg
2020-05-15ftp: make domore_getsock() return the secondary socket properlyDaniel Stenberg
Previously, after PASV and immediately after the data connection has connected, the function would only return the control socket to wait for which then made the data connection simply timeout and not get polled correctly. This become obvious when running test 1631 and 1632 event- based.
2020-05-15test1632: verify FTP through HTTPS-proxy with connection re-useDaniel Stenberg
2020-05-15test1631: verify FTP download through HTTPS-proxyDaniel Stenberg
2020-05-15sws: as last resort, get test number from server cmd fileDaniel Stenberg
If it can't be found in the request. Also support --cmdfile to set it to a custom file name. runtests.pl always writes this file with the test number in it since a while back.
2020-05-15ftp: shut down the secondary connection properly when SSL is usedDaniel Stenberg
Reported-by: Neal Poole Fixes #5340 Closes #5385
2020-05-14KNOWN_BUGS: adapt 5.5 to recent changesMarcel Raad
It only applies to non-Unicode builds now. Also merge 5.10 into it as it's effectively a duplicate. Closes https://github.com/curl/curl/pull/3784
2020-05-14curl_setup: support Unicode functions to open files on WindowsMarcel Raad
Use them only if `_UNICODE` is defined, in which case command-line arguments have been converted to UTF-8. Closes https://github.com/curl/curl/pull/3784
2020-05-14tool: support UTF-16 command line on WindowsMarcel Raad
- use `wmain` instead of `main` when `_UNICODE` is defined [0] - define `argv_item_t` as `wchar_t *` in this case - use the curl_multibyte gear to convert the command-line arguments to UTF-8 This makes it possible to pass parameters with characters outside of the current locale on Windows, which is required for some tests, e.g. the IDN tests. Out of the box, this currently only works with the Visual Studio project files, which default to Unicode, and winbuild with the `ENABLE_UNICODE` option. [0] https://devblogs.microsoft.com/oldnewthing/?p=40643 Ref: https://github.com/curl/curl/issues/3747 Closes https://github.com/curl/curl/pull/3784
2020-05-14curl_multibyte: add to curlxMarcel Raad
This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
2020-05-14url: make the updated credentials URL-encoded in the URLDaniel Stenberg
Found-by: Gregory Jefferis Reported-by: Jeroen Ooms Added test 1168 to verify. Bug spotted when doing a redirect. Bug: https://github.com/jeroen/curl/issues/224 Closes #5400
2020-05-14tests: add https-proxy support to the test suiteDaniel Stenberg
Initial test 1630 added with basic HTTPS-proxy use. HTTPS-proxy is like HTTP proxy but with a full TLS connection to the proxy. Closes #5399
2020-05-14mailmap: James FullerDaniel Stenberg
2020-05-14vauth/cleartext: fix theoretical integer overflowMajor_Tom
Fix theoretical integer overflow in Curl_auth_create_plain_message. The security impact of the overflow was discussed on hackerone. We agreed this is more of a theoretical vulnerability, as the integer overflow would only be triggerable on systems using 32-bits size_t with over 4GB of available memory space for the process. Closes #5391
2020-05-13curl.1: Quote globbed URLsJay Satiro
- Quote the globbing example URLs that contain characters [] {} since otherwise they may be interpreted as shell metacharacters. Bug: https://github.com/curl/curl/issues/5388 Reported-by: John Simpson Closes https://github.com/curl/curl/pull/5394
2020-05-14checksrc: enhance the ASTERISKSPACE and update code accordinglyDaniel Stenberg
Fine: "struct hello *world" Not fine: "struct hello* world" (and variations) Closes #5386
2020-05-13docs/options-in-versions: which version added each cmdline optionDaniel Stenberg
Added test 971 to verify that the list is in sync with the files in cmdline-opts. The check also verifies that .d-files that uses Added: specify the same version number as the options-in-versions file does. Closes #5381
2020-05-13docs: unify protocol listsDaniel Stenberg
We boast support for 25 transfer protocols. Make sure the lists are consistent Closes #5384
2020-05-13OpenSSL: have CURLOPT_CRLFILE imply CURLSSLOPT_NO_PARTIALCHAINDaniel Stenberg
... to avoid an OpenSSL bug that otherwise makes the CRL check to fail. Reported-by: Michael Kaufmann Fixes #5374 Closes #5376