aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-12-01openssl: retrieve reported LibreSSL version at runtimeJay Satiro
- Retrieve LibreSSL runtime version when supported (>= 2.7.1). For earlier versions we continue to use the compile-time version. Ref: https://man.openbsd.org/OPENSSL_VERSION_NUMBER.3 Closes https://github.com/curl/curl/pull/2425
2019-12-01strerror: Add Curl_winapi_strerror for Win API specific errorsJay Satiro
- In all code call Curl_winapi_strerror instead of Curl_strerror when the error code is known to be from Windows GetLastError. Curl_strerror prefers CRT error codes (errno) over Windows API error codes (GetLastError) when the two overlap. When we know the error code is from GetLastError it is more accurate to prefer the Windows API error messages. Reported-by: Richard Alcock Fixes https://github.com/curl/curl/issues/4550 Closes https://github.com/curl/curl/pull/4581
2019-12-02global_init: undo the "intialized" bump in case of failureDaniel Stenberg
... so that failures in the global init function don't count as a working init and it can then be called again. Reported-by: Paul Groke Fixes #4636 Closes #4653
2019-11-29parsedate: offer a getdate_capped() alternativeDaniel Stenberg
... and use internally. This function will return TIME_T_MAX instead of failure if the parsed data is found to be larger than what can be represented. TIME_T_MAX being the largest value curl can represent. Reviewed-by: Daniel Gustafsson Reported-by: JanB on github Fixes #4152 Closes #4651
2019-11-28docs: add more references to curl_multi_pollDaniel Stenberg
Fixes #4643 Closes #4652
2019-11-28sha256: bump the copyright year rangeDaniel Stenberg
Follow-up from 66e21520f
2019-11-28curl_setup_once: consistently use WHILE_FALSE in macrosDaniel Gustafsson
The WHILE_FALSE construction is used to avoid compiler warnings in macro constructions. This fixes a few instances where it was not used in order to keep the code consistent. Closes #4649 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-11-28http_ntlm: Remove duplicate NSS initialisationSteve Holme
Given that this is performed by the NTLM code there is no need to perform the initialisation in the HTTP layer. This also keeps the initialisation the same as the SASL based protocols and also fixes a possible compilation issue if both NSS and SSPI were to be used as multiple SSL backends. Reviewed-by: Kamil Dudka Closes #3935
2019-11-28checksrc: fix regexp for ASSIGNWITHINCONDITIONDaniel Gustafsson
The regexp looking for assignments within conditions was too greedy and matched a too long string in the case of multiple conditionals on the same line. This is basically only a problem in single line macros, and the code which exemplified this was essentially: do { if((x) != NULL) { x = NULL; } } while(0) ..where the final parenthesis of while(0) matched the regexp, and the legal assignment in the block triggered the warning. Fix by making the regexp less greedy by matching for the tell-tale signs of the if statement ending. Also remove the one occurrence where the warning was disabled due to a construction like the above, where the warning didn't apply when fixed. Closes #4647 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-11-28RELEASE-NOTES: syncedDaniel Stenberg
2019-11-28curl: two new command line options for etagsMaros Priputen
--etag-compare and --etag-save Suggested-by: Paul Hoffman Fixes #4277 Closes #4543
2019-11-28docs: fix typosDaniel Gustafsson
2019-11-28mailmap: Niall O'Reilly's nameDaniel Stenberg
2019-11-28doh: use dedicated probe slotsNiall
... to easier allow additional DNS transactions. Closes #4629
2019-11-28travis: build ngtcp2 with --enable-lib-onlyDaniel Stenberg
... makes it skip the examples and other stuff we don't neeed. Closes #4646
2019-11-28ngtcp2: fix thread-safety bug in error-handlingDavid Benjamin
ERR_error_string(NULL) should never be called. It places the error in a global buffer, which is not thread-safe. Use ERR_error_string_n with a local buffer instead. Closes #4645
2019-11-27travis: export the CC/CXX variables when setDaniel Stenberg
Suggested-by: Peter Wu Fixes #4637 Closes #4640
2019-11-26dist: add error-codes.plMarcel Raad
Follow-up to commit 74f441c6d31. This should fix test 1175 when run via the daily source tarballs. Closes https://github.com/curl/curl/pull/4638
2019-11-26curl: fix --upload-file . hangs if delay in STDINJohn Schroeder
Attempt to unpause a busy read in the CURLOPT_XFERINFOFUNCTION. When uploading from stdin in non-blocking mode, a delay in reading the stream (EAGAIN) causes curl to pause sending data (CURL_READFUNC_PAUSE). Prior to this change, a busy read was detected and unpaused only in the CURLOPT_WRITEFUNCTION handler. This change performs the same busy read handling in a CURLOPT_XFERINFOFUNCTION handler. Fixes #2051 Closes #4599 Reported-by: bdry on github
2019-11-26XFERINFOFUNCTION: support CURL_PROGRESSFUNC_CONTINUEJohn Schroeder
(also for PROGRESSFUNCTION) By returning this value from the callback, the internal progress function call is still called afterward. Closes #4599
2019-11-26TLS: add BearSSL vtls implementationMichael Forney
Closes #4597
2019-11-26curl_multi_wakeup.3: add example and AVAILABILITYDaniel Stenberg
Reviewed-by: Gergely Nagy Closes #4635
2019-11-25multi: add curl_multi_wakeup()Gergely Nagy
This commit adds curl_multi_wakeup() which was previously in the TODO list under the curl_multi_unblock name. On some platforms and with some configurations this feature might not be available or can fail, in these cases a new error code (CURLM_WAKEUP_FAILURE) is returned from curl_multi_wakeup(). Fixes #4418 Closes #4608
2019-11-24schannel: fix --tls-max for when min is --tlsv1 or defaultXiaoyin Liu
Prior to this change schannel ignored --tls-max (CURL_SSLVERSION_MAX_ macros) when --tlsv1 (CURL_SSLVERSION_TLSv1) or default TLS (CURL_SSLVERSION_DEFAULT), using a max of TLS 1.2 always. Closes https://github.com/curl/curl/pull/4633
2019-11-24checksrc.bat: Add a check for vquic and vssh directoriesJay Satiro
Ref: https://github.com/curl/curl/pull/4607
2019-11-24projects: Fix Visual Studio projects SSH buildsJay Satiro
- Generate VQUIC and VSSH filenames in Visual Studio project files. Prior to this change generated Visual Studio project configurations that enabled SSH did not build properly. Broken since SSH files were moved to lib/vssh 3 months ago in 5b2d703. Fixes https://github.com/curl/curl/issues/4492 Fixes https://github.com/curl/curl/issues/4630 Closes https://github.com/curl/curl/pull/4607
2019-11-23RELEASE-NOTES: syncedDaniel Stenberg
2019-11-22openssl: Revert to less sensitivity for SYSCALL errorsJay Satiro
- Disable the extra sensitivity except in debug builds (--enable-debug). - Improve SYSCALL error message logic in ossl_send and ossl_recv so that "No error" / "Success" socket error text isn't shown on SYSCALL error. Prior to this change 0ab38f5 (precedes 7.67.0) increased the sensitivity of OpenSSL's SSL_ERROR_SYSCALL error so that abrupt server closures were also considered errors. For example, a server that does not send a known protocol termination point (eg HTTP content length or chunked encoding) _and_ does not send a TLS termination point (close_notify alert) would cause an error if it closed the connection. To be clear that behavior made it into release build 7.67.0 unintentionally. Several users have reported it as an issue. Ultimately the idea is a good one, since it can help prevent against a truncation attack. Other SSL backends may already behave similarly (such as Windows native OS SSL Schannel). However much more of our user base is using OpenSSL and there is a mass of legacy users in that space, so I think that behavior should be partially reverted and then rolled out slowly. This commit changes the behavior so that the increased sensitivity is disabled in all curl builds except curl debug builds (DEBUGBUILD). If after a period of time there are no major issues then it can be enabled in dev and release builds with the newest OpenSSL (1.1.1+), since users using the newest OpenSSL are the least likely to have legacy problems. Bug: https://github.com/curl/curl/issues/4409#issuecomment-555955794 Reported-by: Bjoern Franke Fixes https://github.com/curl/curl/issues/4624 Closes https://github.com/curl/curl/pull/4623
2019-11-22openssl: improve error message for SYSCALL during connectDaniel Stenberg
Reported-by: Paulo Roberto Tomasi Bug: https://curl.haxx.se/mail/archive-2019-11/0005.html Closes https://github.com/curl/curl/pull/4593
2019-11-22test1175: verify symbols-in-versions and libcurl-errors.3 in syncDaniel Stenberg
Closes #4628
2019-11-21include: make CURLE_HTTP3 use a new error codeDaniel Stenberg
To avoid potential issues with error code reuse. Reported-by: Christoph M. Becker Assisted-by: Dan Fandrich Fixes #4601 Closes #4627
2019-11-21bump: next release will be 7.68.0Daniel Stenberg
2019-11-21curl: add --parallel-immediateDaniel Stenberg
Starting with this change when doing parallel transfers, without this option set, curl will prefer to create new transfers multiplexed on an existing connection rather than creating a brand new one. --parallel-immediate can be set to tell curl to prefer to use new connections rather than to wait and try to multiplex. libcurl-wise, this means that curl will set CURLOPT_PIPEWAIT by default on parallel transfers. Suggested-by: Tom van der Woerdt Closes #4500
2019-11-20docs: fix typosVictor Magierski
Change 'experiemental' to 'experimental'. Closes #4618 Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
2019-11-18projects: Fix Visual Studio wolfSSL configurationsJay Satiro
- s/USE_CYASSL/USE_WOLFSSL/ - Remove old compatibility macros. Follow-up to 1c6c59a from several months ago when CyaSSL named symbols were renamed to wolfSSL. The wolfSSL library was formerly named CyaSSL and we kept using their old name for compatibility reasons, until earlier this year.
2019-11-18RELEASE-NOTES: syncedDaniel Stenberg
2019-11-18ngtcp2: use overflow buffer for extra HTTP/3 dataJavier Blazquez
Fixes #4525 Closes #4603
2019-11-18altsvc: bump to h3-24Daniel Stenberg
... as both ngtcp2 and quiche now support that in their master branches Closes #4604
2019-11-18ngtcp2: free used resources on disconnectDaniel Stenberg
Fixes #4614 Closes #4615
2019-11-18ngtcp2: handle key updates as ngtcp2 master branch tells usDaniel Stenberg
Reviewed-by: Tatsuhiro Tsujikawa Fixes #4612 Closes #4613
2019-11-17multi: Fix curl_multi_poll wait when extra_fds && !extra_nfdsGergely Nagy
Prior to this change: The check if an extra wait is necessary was based not on the number of extra fds but on the pointer. If a non-null pointer was given in extra_fds, but extra_nfds was zero, then the wait was skipped even though poll was not called. Closes https://github.com/curl/curl/pull/4610
2019-11-17lib: Move lib/ssh.h -> lib/vssh/ssh.hJay Satiro
Follow-up to 5b2d703 which moved ssh source files to vssh. Closes https://github.com/curl/curl/pull/4609
2019-11-16INSTALL.md: provide Android build instructionsAndreas Falkenhahn
Closes #4606
2019-11-16doh: improced both encoding and decodingNiall
Improved estimation of expected_len and updated related comments; increased strictness of QNAME-encoding, adding error detection for empty labels and names longer than the overall limit; avoided treating DNAME as unexpected; updated unit test 1655 with more thorough set of proofs and tests Closes #4598
2019-11-16ngtcp2: increase QUIC window size when data is consumedDaniel Stenberg
Assisted-by: Javier Blazquez Ref #4525 (partial fix) Closes #4600
2019-11-14config-win32: cpu-machine-OS for Windows on ARMMelissa Mears
Define the OS macro properly for Windows on ARM builds. Also, we might as well add the GCC-style IA-64 macro. Closes #4590
2019-11-14examples: add multi-poll.cDaniel Stenberg
Show how curl_multi_poll() makes it even easier to use the multi interface. Closes #4596
2019-11-14multi_poll: avoid busy-loop when called without easy handles attachedDaniel Stenberg
Fixes #4594 Closes #4595 Reported-by: 3dyd on github
2019-11-14curl: fix -T globbingDaniel Stenberg
Regression from e59371a4936f8 (7.67.0) Added test 490, 491 and 492 to verify the functionality. Reported-by: Kamil Dudka Reported-by: Anderson Sasaki Fixes #4588 Closes #4591
2019-11-13HISTORY: added cmake, HTTP/3 and parallel downloads with curlDaniel Stenberg