aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-06-12schannel: avoid incompatible pointer warningViktor Szakats
with clang-6.0: ``` vtls/schannel_verify.c: In function 'add_certs_to_store': vtls/schannel_verify.c:212:30: warning: passing argument 11 of 'CryptQueryObject' from incompatible pointer type [-Wincompatible-pointer-types] &cert_context)) { ^ In file included from /usr/share/mingw-w64/include/schannel.h:10:0, from /usr/share/mingw-w64/include/schnlsp.h:9, from vtls/schannel.h:29, from vtls/schannel_verify.c:40: /usr/share/mingw-w64/include/wincrypt.h:4437:26: note: expected 'const void **' but argument is of type 'CERT_CONTEXT ** {aka struct _CERT_CONTEXT **}' WINIMPM WINBOOL WINAPI CryptQueryObject (DWORD dwObjectType, const void *pvObject, DWORD dwExpectedContentTypeFlags, DWORD dwExpectedFormatTypeFlags, DWORD dwFlags, ^~~~~~~~~~~~~~~~ ``` Ref: https://msdn.microsoft.com/library/windows/desktop/aa380264 Closes https://github.com/curl/curl/pull/2648
2018-06-12schannel: support selecting ciphersRobert Prag
Given the contstraints of SChannel, I'm exposing these as the algorithms themselves instead; while replicating the ciphersuite as specified by OpenSSL would have been preferable, I found no way in the SChannel API to do so. To use this from the commandline, you need to pass the names of contants defining the desired algorithms. For example, curl --ciphers "CALG_SHA1:CALG_RSA_SIGN:CALG_RSA_KEYX:CALG_AES_128:CALG_DH_EPHEM" https://github.com The specific names come from wincrypt.h Closes #2630
2018-06-12test 46: make test pass after 2025Bernhard M. Wiedemann
shifting the expiry date to 2037 for now to be before the possibly problematic year 2038 similar in spirit to commit e6293cf8764e9eecb Closes #2646
2018-06-11cppcheck: fix warningsMarian Klymov
- Get rid of variable that was generating false positive warning (unitialized) - Fix issues in tests - Reduce scope of several variables all over etc Closes #2631
2018-06-11openssl: assume engine support in 1.0.1 or laterDaniel Stenberg
Previously it was checked for in configure/cmake, but that would then leave other build systems built without engine support. While engine support probably existed prior to 1.0.1, I decided to play safe. If someone experience a problem with this, we can widen the version check. Fixes #2641 Closes #2644
2018-06-11RELEASE-NOTES: syncedDaniel Stenberg
2018-06-11RELEASE-PROCEDURE: update the release calendar for 2019Daniel Stenberg
2018-06-08boringssl + schannel: undef X509_NAME in lib/schannel.hGisle Vanem
Fixes the build problem when both boringssl and schannel are enabled. Fixes #2634 Closes #2643
2018-06-08mk-ca-bundle.pl: leave certificate name untouched in decode()Vladimir Kotal
Closes #2640
2018-06-06tests/libtests/Makefile.am: Add lib1521.c to CLEANFILESRikard Falkeborn
This removes the generated lib1521.c when running make clean. Closes #2633
2018-06-06tests/libtest: Add lib1521 to nodist_SOURCESRikard Falkeborn
Since 467da3af0, lib1521.c is generated instead of checked in. According to the commit message, the intention was to remove it from the tarball as well. However, it is still present when running make dist. To remove it, add it to nodist_lib1521_SOURCES. This also means there is no need for the manually added dist-rule in the Makefile. Also update CMakelists.txt to handle the fact that we now may have nodist_SOURCES.
2018-06-06system.h: add support for IBM xlc C compilerStephan Mühlstrasser
Added a section to system.h guarded with __xlc__ for the IBM xml C compiler. Before this change the section titled 'generic "safe guess" on old 32 bit style' was used, which resulted in a wrong definition of CURL_TYPEOF_CURL_SOCKLEN_T, and for 64-bit also CURL_TYPEOF_CURL_OFF_T was wrong. Compilation warnings fixed with this change: CC libcurl_la-ftp.lo "ftp.c", line 290.55: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. "ftp.c", line 293.48: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. "ftp.c", line 1070.49: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. "ftp.c", line 1154.53: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. "ftp.c", line 1187.51: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. CC libcurl_la-connect.lo "connect.c", line 448.56: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. "connect.c", line 516.66: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. "connect.c", line 687.55: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. "connect.c", line 696.55: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. CC libcurl_la-tftp.lo "tftp.c", line 1115.33: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. Closes #2637
2018-06-05cmdline-opts/cert-type.d: mention "p12" as a recognized type as wellDaniel Stenberg
2018-06-03spelling fixesViktor Szakats
Detected using the `codespell` tool (version 1.13.0). Also secure and fix an URL.
2018-06-02axtls: follow-up spell fix of commentDaniel Stenberg
2018-06-02axTLS: not considered fit for useDaniel Stenberg
URL: https://curl.haxx.se/mail/lib-2018-06/0000.html This is step one. It adds #error statements that require source edits to make curl build again if asked to use axTLS. At a later stage we might remove the axTLS specific code completely. Closes #2628
2018-06-02build: remove the Borland specific makefilesDaniel Stenberg
According to the user survey 2018, not even one out of 670 users use them. Nobody on the mailing list spoke up for them either. Closes #2629
2018-06-01curl_addrinfo: use same #ifdef conditions in source as headerDaniel Stenberg
... for curl_dofreeaddrinfo
2018-06-01multi: remove a DEBUGF()Daniel Stenberg
... it might call infof() with a NULL first argument that isn't harmful but makes it not do anything. The infof() line is not very useful anymore, it has served it purpose. Good riddance! Fixes #2627
2018-06-01CURLOPT_RESOLVE: always purge old entry firstAlibek.Jorajev
If there's an existing entry using the selected name. Closes #2622
2018-06-01fnmatch: use the system one if availableDaniel Stenberg
If configure detects fnmatch to be available, use that instead of our custom one for FTP wildcard pattern matching. For standard compliance, to reduce our footprint and to use already well tested and well exercised code. A POSIX fnmatch behaves slightly different than the internal function for a few test patterns currently and the macOS one yet slightly different. Test case 1307 is adjusted for these differences. Closes #2626
2018-05-31os400: add new option in ILE/RPG bindingPatrick Monnerat
Follow-up to commit 946ce5b
2018-05-31tests/libtest/.gitignore: follow-up fix to ignore lib5* tooDaniel Stenberg
2018-05-31KNOWN_BUGS: CURL_GLOBAL_SSLDaniel Stenberg
Closes #2276
2018-05-31configure: check for declaration of getpwuid_rBernhard Walle
On our x86 Android toolchain, getpwuid_r is implemented but the header is missing: netrc.c:81:7: error: implicit declaration of function 'getpwuid_r' [-Werror=implicit-function-declaration] Unfortunately, the function is used in curl_ntlm_wb.c, too, so I moved the prototype to curl_setup.h. Signed-off-by: Bernhard Walle <bernhard@bwalle.de> Closes #2609
2018-05-31tests: update .gitignore for libtestsRikard Falkeborn
Closes #2624
2018-05-31strictness: correct {infof, failf} format specifiersRikard Falkeborn
Closes #2623
2018-05-31option: disallow username in URLBjörn Stenberg
Adds CURLOPT_DISALLOW_USERNAME_IN_URL and --disallow-username-in-url. Makes libcurl reject URLs with a username in them. Closes #2340
2018-05-31libcurl-security.3: improved layout for two rememdy listsDaniel Stenberg
2018-05-31libcurl-security.3: refer to URL instead of in-source markdown fileDaniel Stenberg
2018-05-30curl.rc: embed manifest for correct Windows version detectionViktor Szakats
* enable it in `src/Makefile.m32` * enable it in `winbuild/MakefileBuild.vc` if a custom manifest is _not_ enabled via the existing `EMBED_MANIFEST` option * enable it for all Windows CMake builds (also disable the built-in minimal manifest, added by CMake by default.) For other build systems, add the `-DCURL_EMBED_MANIFEST` option to the list of RC (Resource Compiler) flags to enable the manifest included in `src/curl.rc`. This may require to disable whatever automatic or other means in which way another manifest is added to `curl.exe`. Notice that Borland C doesn't support this method due to a long-pending resource compiler bug. Watcom C may also not handle it correctly when the `-zm` `wrc` option is used (this option may be unnecessary though) and regardless of options in certain earlier revisions of the 2.0 beta version. Closes https://github.com/curl/curl/pull/1221 Fixes https://github.com/curl/curl/issues/2591
2018-05-30os400: sync EBCDIC wrappers and ILE/RPG binding with latest optionsPatrick Monnerat
2018-05-30os400: implement mime api EBCDIC wrappersPatrick Monnerat
Also sync ILE/RPG binding to define the new functions.
2018-05-29setopt: add TLS 1.3 ciphersuitesDaniel Stenberg
Adds CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS. curl: added --tls13-ciphers and --proxy-tls13-ciphers Fixes #2435 Reported-by: zzq1015 on github Closes #2607
2018-05-29configure: override AR_FLAGS to silence warningDaniel Stenberg
The automake default ar flags are 'cru', but the 'u' flag in there causes warnings on many modern Linux distros. Removing 'u' may have a minor performance impact on older distros but should not cause harm. Explained on the automake mailing list already back in April 2015: https://www.mail-archive.com/automake-patches@gnu.org/msg07705.html Reported-by: elephoenix on github Fixes #2617 Closes #2619
2018-05-29cmake: fixed comments in compile checks codeSergei Nikulov
2018-05-29INSTALL: LDFLAGS=-Wl,-R/usr/local/ssl/libDaniel Stenberg
... the older description doesn't work Reported-by: Peter Varga Fixes #2615 Closes #2616
2018-05-29KNOWN_BUGS: restore text regarding #2101.Will Dietz
This was added earlier but appears to have been removed accidentally. AFAICT this is very much still an issue. ----- I say "accidentally" because the text seems to have harmlessly snuck into [1] (which makes no mention of it). [1] was later reverted for unspecified reasons in [2], presumably because the mentioned issue was fixed or invalid. [1] de9fac00c40db321d44fa6fbab6eb62ec4c83998 [2] 16d1f369403cbb04bd7b085eabbeebf159473fc2 Closes #2618
2018-05-28fnmatch: insist on escaped bracket to matchDaniel Stenberg
A non-escaped bracket ([) is for a character group - as documented. It will *not* match an individual bracket anymore. Test case 1307 updated accordingly to match. Problem detected by OSS-Fuzz, although this fix is probably not a final fix for the notorious timeout issues. Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8525 Closes #2614
2018-05-28psl: use latest psl and refresh it periodicallyPatrick Monnerat
The latest psl is cached in the multi or share handle. It is refreshed before use after 72 hours. New share lock CURL_LOCK_DATA_PSL controls the psl cache sharing. If the latest psl is not available, the builtin psl is used. Reported-by: Yaakov Selkowitz Fixes #2553 Closes #2601
2018-05-28configure: fix ssh2 linking when built with a static mbedtlsFabrice Fontaine
The ssh2 pkg-config file could contain the following lines when build with a static version of mbedtls: Libs: -L${libdir} -lssh2 /xxx/libmbedcrypto.a Libs.private: /xxx/libmbedcrypto.a This static mbedtls library must be used to correctly detect ssh2 support and this library must be copied in libcurl.pc otherwise compilation of any application (such as upmpdcli) with libcurl will fail when trying to found mbedtls functions included in libssh2. So, replace pkg-config --libs-only-l by pkg-config --libs. Fixes: - http://autobuild.buildroot.net/results/43e24b22a77f616d6198c10435dcc23cc3b9088a Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Closes #2613
2018-05-28RELEASE-NOTES: syncedDaniel Stenberg
2018-05-28cmake: check for getpwuid_rBernhard Walle
The autotools-based build system does it, so we do it also in CMake. Bug: #2609 Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
2018-05-28cmdline-opts/gen.pl: warn if mutexes: or see-also: list non-existing optionsDaniel Stenberg
2018-05-28curl.1: Fix cmdline-opts reference errors.Frank Gevaerts
--data, --form, and --ntlm were declared to be mutually exclusive with non-existing options. --data and --form referred to --upload (which is short for --upload-file and therefore did work, so this one was merely a bit confusing), --ntlm referred to --negotiated instead of --negotiate. Closes #2612
2018-05-28docs: fix cmdline-opts metadata headers case consistency.Frank Gevaerts
Almost all headers start with an uppercase letter, but some didn't.
2018-05-28mailmap: Max SavenkovDaniel Stenberg
2018-05-28Fix the test for fsetxattr and strerror_r tests in CMake to work without ↵maxed
compiling
2018-05-27mailmap: a Richard Alcock fixupDaniel Stenberg
2018-05-27schannel: add failf calls for client certificate failuresralcock
Closes #2604