aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-05-13url: reject too long input when parsing credentialsDaniel Stenberg
Since input passed to libcurl with CURLOPT_USERPWD and CURLOPT_PROXYUSERPWD circumvents the regular string length check we have in Curl_setstropt(), the input length limit is enforced in Curl_parse_login_details too, separately. Reported-by: Thomas Bouzerar Closes #5383
2020-05-12list-only.d: this option existed already in 4.0Daniel Stenberg
2020-05-12retry-all-errors.d: Shorten the summary lineJay Satiro
Follow-up to b995bb5 from a few moments ago. Reported-by: Daniel Stenberg Ref: https://github.com/curl/curl/commit/b995bb5#r39108929
2020-05-12easy: fix dangling pointer on easy_perform faildenzor
Closes https://github.com/curl/curl/pull/5363
2020-05-12tool: Add option --retry-all-errors to retry on any errorJay Satiro
The "sledgehammer" of retrying. Closes https://github.com/curl/curl/pull/5185
2020-05-12libcurl.pc: Merge Libs.private into Libs for static-only buildsJames Le Cuirot
A project being built entirely statically will call pkg-config with --static, which utilises the Libs.private field. Conversely it will not use --static when not being built entirely statically, even if there is only a static build of libcurl available. This will most likely cause the build to fail due to underlinking unless we merge the Libs fields. Consider that this is what the Meson build system does when it generates pkg-config files. I have also reflected this in the --libs argument of curl-config even though REQUIRE_LIB_DEPS always seems to be "yes" anyway. Closes #5373
2020-05-12CMake: fix runtests.pl with CMake, add new test targetsPeter Wu
* runtests.pl: - Fix out-of-tree build under CMake when srcdir is not set. Default srcdir to the location of runtests.pl. - Add a hack to allow CMake to use the TFLAGS option as documented in tests/README and used in scripts/travis/script.sh. * Bump CMake version to 3.2 for USES_TERMINAL, dropping Debian Jessie support (no one should care, it is already EOL.). * Remove CTest since it defines its own 'test' target with no tests since all unittests are already broken and not built by default. * Add new test targets based on the options from Makefile.am. Since new test targets are rarely added, I opted for duplicating the runtests.pl options as opposed to creating a new Makefile.inc file. Use top-level target names (test-x) instead of x-test since that is used by CI and others. Closes #5358
2020-05-12CMake: do not build test programs by defaultPeter Wu
The default target should only build libcurl and curl. Add a dedicated 'testdeps' target which will be used later when running tests. Note that unittests are currently broken in CMake and already excluded. Closes #5368
2020-05-12FILEFORMAT: moved up the variables section and further polishedDaniel Stenberg
2020-05-12runtests: remove ftp2 support, not usedDaniel Stenberg
We once supported two separate ftp instances in the test suite. Has not been used the last decade. Closes #5375
2020-05-12url: sort the protocol schemes in rough popularity orderDaniel Stenberg
When looking for a protocol match among supported schemes, check the most "popular" schemes first. It has zero functionality difference and for all practical purposes a speed difference will not be measureable but it still think it makes sense to put the least likely matches last. "Popularity" based on the 2019 user survey. Closes #5377
2020-05-11test1238: avoid tftpd being busy for tests shortly followingMarc Hoersken
The tftpd server may still be busy if the total timeout of 25 seconds has not been reached or no sread error was received during or after the execution of the timeout test 1238. Once the next TFTP test comes around (eg. 1242 or 1243), those will fail because the tftpd server is still waiting on data from curl due to the UDP protocol being stateless and having no connection close. On Linux this error may not happen, because ICMP errors generated due to a swrite error can also be returned async on the next sread call instead. Therefore we will now just kill the tftpd server after test 1238 to make sure that the following tests are not affected. This enables us to no longer ignore tests 1242, 1243, 2002 and 2003 on the CI platforms CirrusCI and AppVeyor. Assisted-by: Peter Wu Closes #5364
2020-05-11write-out.d: added "response_code"Daniel Stenberg
2020-05-11KNOWN_BUGS: Build with staticly built dependencyDaniel Stenberg
I rewrote the item 5.4 to be more generic about static dependencies.
2020-05-11ROADMAP: remove old entriesDaniel Stenberg
MQTT - the start has already landed tiny-curl - also mostly landed and is a continuous work make menuconfig - basically no interest from users, not pushing there
2020-05-10travis: Add ngtcp2 and quiche tests for CMakePeter Wu
To avoid an explosion of jobs, extend the existing CMake tests with ngtcp2 and quiche support. macOS was previously moved to GitHub actions, so the non-Linux case can be dropped.
2020-05-10CMake: add ENABLE_ALT_SVC optionPeter Wu
Tested alt-svc with quiche. While at it, add missing MultiSSL reporting (not tested).
2020-05-10CMake: add HTTP/3 support (ngtcp2+nghttp3, quiche)Peter Wu
Add three new CMake Find modules (using the curl license, but I grant others the right to apply the CMake BSD license instead). This CMake config is simpler than the autotools one because it assumes ngtcp2 and nghttp3 to be used together. Another difference is that this CMake config checks whether QUIC is actually supported by the TLS library (patched OpenSSL or boringssl) since this can be a common configuration mistake that could result in build errors later. Unlike autotools, CMake does not warn you that the features are experimental. The user is supposed to already know that and read the documentation. It requires a very special build environment anyway. Tested with ngtcp2+OpenSSL+nghttp3 and quiche+boringssl, both built from current git master. Use `LD_DEBUG=files src/curl |& grep need` to figure out which features (libldap-2.4, libssh2) to disable due to conflicts with boringssl. Closes #5359
2020-05-10tests/server/tftpd.c: fix include and enhance debug loggingMarc Hoersken
setjmp.h should only be included if HAVE_SETJMP_H is defined. Add additional log statements to see wether reads and writes are blocking or finishing before an alarm signal is received. Assisted-by: Peter Wu Part of #5364
2020-05-10tool_operate: only set CURLOPT_SSL_OPTIONS if SSL support is presentDaniel Stenberg
Reported-by: Marcel Raad Follow-up to 148534db5 Fixes #5367 Closes #5369
2020-05-09appveyor: update comments to be clear about toolchainMarc Hoersken
- CMake-based MSYS builds use mingw-w64 to cross-compile. - autotools-based builds are compiled using msys2-devel. The difference is that the later ones are not cross-compiled to Windows and instead require the msys2 runtime to be present. At the moment only the Azure Pipelines CI builds actually run autotools-based cross-compilation builds for Windows.
2020-05-09TODO: update regarding missing Schannel featuresMarc Hoersken
Some aspects have already been implemented over the years. 15.1 Client certificates are now supported: - System stores via e35b0256eb34f1fe562e3e2a2615beb50a391c52 - PKCS#12 files via 0fdf96512613574591f501d63fe49495ba40e1d5 15.2 Ciphers can now be specified through: - Algorithms via 9aefbff30d280c60fc9d8cc3e0b2f19fc70a2f28 Reviewed-by: Daniel Stenberg and Marcel Raad Closes #5358
2020-05-08checksrc: close the .checksrc file handle when done readingDaniel Stenberg
2020-05-08RELEASE-NOTES: syncedDaniel Stenberg
And bumped next version to 7.71.0
2020-05-08CURLOPT_SSL_OPTIONS: add *_NATIVE_CA to use Windows CA store (with openssl)Gilles Vollant
Closes #4346
2020-05-08TODO: native IDN support on macOSDaniel Stenberg
2020-05-08urlapi: accept :: as a valid IPv6 addressDaniel Stenberg
Text 1560 is extended to verify. Reported-by: Pavel Volgarev Fixes #5344 Closes #5351
2020-05-08THANKS-filter: Peter WangDaniel Stenberg
2020-05-08*_sspi: fix bad uses of CURLE_NOT_BUILT_INPeter Wang
Return CURLE_AUTH_ERROR instead of CURLE_NOT_BUILT_IN for other instances of QuerySecurityPackageInfo failing, as in commit 2a81439553286f12cd04a4bdcdf66d8e026d8201. Closes #5355
2020-05-07docs/HTTP3: add qlog to the quiche build instructionDaniel Stenberg
2020-05-07ngtcp2: introduce qlog supportDaniel Stenberg
If the QLOGDIR environment variable is set, enable qlogging. ... and create Curl_qlogdir() in the new generic vquic/vquic.c file for QUIC functions that are backend independent. Closes #5353
2020-05-07ntlm_sspi: fix bad use of CURLE_NOT_BUILT_INDaniel Stenberg
That return code is reserved for build-time conditional code not being present while this was a regular run-time error from a Windows API. Reported-by: wangp on github Fixes #5349 Closes #5350
2020-05-07runtests: show elapsed test time with higher precision (ms)Daniel Stenberg
2020-05-07RELEASE-NOTES: syncedDaniel Stenberg
2020-05-07http2: simplify and clean up trailer handlingDaniel Stenberg
Triggered by a crash detected by OSS-Fuzz after the dynbuf introduction in ed35d6590e72. This should make the trailer handling more straight forward and hopefully less error-prone. Deliver the trailer header to the callback already at receive-time. No longer caches the trailers to get delivered at end of stream. Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22030 Closes #5348
2020-05-07appveyor: disable test 1139 instead of ignoring itMarc Hoersken
Spending time on manpage checking makes no sense for these builds due to lacking manpage support.
2020-05-07appveyor: disable flaky test 1501 and ignore broken 1056Marc Hoersken
Test 1501 is flaky on Windows CI due to being time sensitive and the testsuite relying on taskkill.exe to check for the existance of processes which can take to much time itself. Test 1056 is broken in autotools-based Windows builds due to scope ID support missing in these builds at the moment.
2020-05-06test613.pl: make tests 613 and 614 work with OpenSSH for WindowsMarc Hoersken
OpenSSH for Windows shows group and other/world permissions as *, because those concepts do not exist on Windows. It also does not show the current or parent directory, so we just ignore those. Reviewed-by: Daniel Stenberg Closes #5328
2020-05-06runtests: set +x mode againDaniel Stenberg
2020-05-05libssh2: convert over to use dynbufDaniel Stenberg
In my very basic test that lists sftp://127.0.0.1/tmp/, this patched code makes 161 allocations compared to 194 in git master. A 17% reduction. Closes #5336
2020-05-05travis: add "qlog" as feature in the quiche buildDaniel Stenberg
2020-05-05quiche: enable qlog outputDaniel Stenberg
quiche has the potential to log qlog files. To enable this, you must build quiche with the qlog feature enabled `cargo build --features qlog`. curl then passes a file descriptor to quiche, which takes ownership of the file. The FD transfer only works on UNIX. The convention is to enable logging when the QLOGDIR environment is set. This should be a path to a folder where files are written with the naming template <SCID>.qlog. Co-authored-by: Lucas Pardue Replaces #5337 Closes #5341
2020-05-04urldata.h: remove #define HEADERSIZE, not used anymoreDaniel Stenberg
Follow-up to ed35d6590e72c
2020-05-04ngtcp2: convert to dynbufDaniel Stenberg
Closes #5335
2020-05-04connect: make happy eyeballs work for QUIC (again)Daniel Stenberg
Follow-up from dbd16c3e256c6c (regression in 7.70.0) Closes #5334
2020-05-04connect: add two asserts to clue code analyzers in a littleDaniel Stenberg
2020-05-04http_proxy: ported to use dynbuf instead of a static size bufferDaniel Stenberg
Removes a 16K static buffer from the easy handle. Simplifies the code.
2020-05-04dynbuf: introduce internal generic dynamic buffer functionsDaniel Stenberg
A common set of functions instead of many separate implementations for creating buffers that can grow when appending data to them. Existing functionality has been ported over. In my early basic testing, the total number of allocations seem at roughly the same amount as before, possibly a few less. See docs/DYNBUF.md for a description of the API. Closes #5300
2020-05-03runtests: remove sleep callsDaniel Stenberg
Remove many one second sleeps that were done *after* each newly started test server already has been verified. They should not have any purpose there. Closes #5323
2020-05-03asyn-*: remove support for never-used NULL entry pointersDaniel Stenberg
... and instead convert those to asserts to make sure they are truly never NULL. Closes #5324